aboutsummaryrefslogtreecommitdiffstats
path: root/src/pubkey/elgamal
Commit message (Collapse)AuthorAgeFilesLines
* There are some nasty API problems that are caused by having to pass alloyd2010-03-191-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | PRNG everywhere. The removal of the global PRNG was generated by a desire to remove the global library state entirely. However the real point of this was to remove the use of globally visible _mutable_ state; of the mutable state, the PRNG is probably the least important, and the most useful to share. And it seems unlikely that thread contention would be a major issue in the PRNG. Add back a global PRNG to Library_State. Use lazy initialization, so apps that don't ever use a PRNG don't need a seeding step. Then have AutoSeeded_RNG call that global PRNG. Offer once again RandomNumberGenerator& Library_State::global_rng(); which returns a reference to the global PRNG. This RNG object serializes access to itself with a mutex. Remove the hack known as Blinding::choose_nonce, replace with using the global PRNG to choose a blinding nonce
* Oops. Secret nonce/seed for blinding for DH and ElGamal was 2^x mod p.lloyd2010-03-091-1/+1
| | | | | | | | | However if the group generator is 2, that's precisely the public key, which is hardly secret at all. Instead use y^x mod p, which while a little dubious in terms of mathematical structure is probably OK after being hashed through SHA-512 with some high resolution timestamps.
* Deconstify PK_Ops. It's quite reasonable that some op will want tolloyd2010-03-092-5/+5
| | | | | | | | | | | | | precompute only as needed, or will want to access some other expensive resource or etc. Change how the secret for generating blinding is done in cases where a PRNG isn't available. Use the operations public op to hide the secret, for instance the seed for a DH blinding variable is 2^x mod p. Make use of being able to mutate internal structures in the RW signer, since that does have access to a PRNG, so use it to initialize the blinder on first call to sign().
* Use preexisting powermod precomputations for setting up blinderslloyd2010-03-091-1/+1
|
* Add back in blinding to RSA, RW, ElGamal, and DH.lloyd2010-03-082-1/+10
| | | | | | | | | | | | | | | | There are multiple unsatisfactory elements to the current solution, as compared to how blinding was previously done: Firstly, blinding is only used in the baseline implementations; the code using OpenSSL and GMP is not protected by blinding at all. Secondly, at the point we need to set up blinding, there is no access to a PRNG. Currently I am going with a quite nasty solution, of using a private key parameter to seed a simple PRNG constructed as: SHA-512(TS1 || private_key_param || public_key_param || TS2) I really want to fix both of these elements but I'm not sure how to do so easily.
* Rename PK_Encryptor_MR_with_EME and PK_Decryptor_MR_with_EME tolloyd2010-03-081-2/+2
| | | | | PK_Encryptor_EME and PK_Decryptor_EME; the message recovery is somewhat implicit in the recovery of the plaintext.
* Modify pubkey classes to take names instead of object pointers.lloyd2010-03-081-4/+5
| | | | | Remove use of look_pk from the source and examples, instead instantiate classes directly.
* Remove the now no-op classes PK_Encrypting_Key,lloyd2010-03-081-3/+1
| | | | | PK_Decrypting_Key, PK_Signing_Key, PK_Verifying_with_MR_Key, and PK_Verifying_wo_MR_Key.
* Add ops for ElGamal encryption and decryption.lloyd2010-03-056-277/+90
| | | | | Note: blinding is not currently being used for RSA, RW, DH or ElGamal, which used to have them. This should be added back before release.
* Remove ElGamal load hook functionslloyd2010-03-042-47/+23
|
* Add similar decoding constructors to the private keyslloyd2010-03-041-1/+8
|
* Add a new constructor to each public key algorithm (only the publiclloyd2010-03-041-1/+6
| | | | | | | keys so far, private keys not changed) that takes an AlgorithmIdentifier and a MemoryRegion<byte>&. This performs the X.509 decoding. It is not possible anymore to create uninitialized PK objects.
* Add missing BOTAN_DLL exports.lloyd2009-12-162-2/+2
| | | | Move most of the engine headers to internal
* Full working amalgamation build, plus internal-only headers concept.lloyd2009-12-162-17/+2
|
* Remove the 'realname' attribute on all modules and cc/cpu/os info files.lloyd2009-10-291-2/+0
| | | | | Pretty much useless and unused, except for listing the module names in build.h and the short versions totally suffice for that.
* Split up util.h into 3 fileslloyd2009-09-171-1/+1
| | | | | | | - rounding.h (round_up, round_down) - workfactor.h (dl_work_factor) - timer.h (system_time) And update all users of the previous util.h
* Add a script that reads the output of print_deps.py and rewriteslloyd2009-07-151-9/+8
| | | | | | the info.txt files with the right module dependencies. Apply it across the codebase.
* Move the contents of pubkey/pubkey (which was kind of a catch-all tolloyd2009-07-151-1/+0
| | | | | | | just toplevel pubkey). This was a convention I realized made sense sometime on when I was first doing the modularization changes. Move pkcs8.* and x509_key.* to pk_codecs
* engine.h had copies of some declarations from pk_engine.h that had notlloyd2009-05-131-1/+1
| | | | | | been removed when that portion of the code was split off. Remove the duplicated code from engine.h and update some code in pubkey that still relied on the declarations in engine.h instead of pk_engine.h
* Thomas Moschny passed along a request from the Fedora packagers which camelloyd2009-03-306-90/+102
| | | | | | | | | | | | | | | up during the Fedora submission review, that each source file include some text about the license. One handy Perl script later and each file now has the line Distributed under the terms of the Botan license after the copyright notices. While I was in there modifying every file anyway, I also stripped out the remainder of the block comments (lots of astericks before and after the text); this is stylistic thing I picked up when I was first learning C++ but in retrospect it is not a good style as the structure makes it harder to modify comments (with the result that comments become fewer, shorter and are less likely to be updated, which are not good things).
* Remove pk_lookup - half of it (look_pk.{cpp,h}) depended on libstate directly,lloyd2008-11-111-1/+0
| | | | | the other half was relied upon by pubkey. Move the contents into those two modules. Update deps.
* Remove dependency on Default_Engine from pubkey codelloyd2008-11-081-10/+0
|
* Move look_pk and pk_algs to new module pubkey/pk_lookuplloyd2008-10-011-9/+10
|
* Move last pieces of algorithm-specific code from general 'pubkey' modulelloyd2008-10-014-2/+117
| | | | | into algorithm-specific directories. (Dependencies still remain on these in core/libstate, though).
* Split Diffie-Hellman off almost completely, such that nearly none oflloyd2008-10-011-0/+1
| | | | | | | | | | it builds if it is disabled. Current deficiency: due to #if defined(BLAH) in the engine code, Botan will not be binary compat across different configurations b/c the vtable will change size. Move some source from core/ to core/libstate where it belonged (engine stuff)
* Rename pk dir to pubkey, avoids tab-completion collision with pk_padlloyd2008-10-015-0/+338