| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
| |
or throw an exception, with PointGFp::on_the_curve, which returns a bool.
Update callers.
This showed several cases where check_invaraints was being called
multiple times, for instance when decoding a point with OS2ECP,
check_invaraints was called; many callers of OS2ECP would then call
check_invaraints again on the same object.
|
| |
|
|
|
|
|
|
|
|
|
| |
Generating the test vectors found yet another inane (and, of course,
undocumented) behavior in the GOST implementation included in OpenSSL;
it treats the hash inputs as little endian. Just out of curiousity, I
checked RFC 5832, which supposedly specifies this algorithm; not a
peep about endian conversions.
The more I deal with standards coming out of the CryptoPro people, the
less confidence I have in them.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
PK_Decrypting_Key, PK_Signing_Key, PK_Verifying_with_MR_Key, and
PK_Verifying_wo_MR_Key.
|
| | |
|
| | |
|
| |
|
|
| |
Rename PK_Ops::KA_Operation to PK_Ops::Key_Agreement
|
| | |
|
| |
|
|
|
|
| |
by using the ops.
Add real ECDSA test vectors (two found in ANSI X9.62)
|
| |
|
|
|
|
| |
PK_Signing_Key, though for the moment the class remains because there
are a few pieces of code that use it to detect if signatures are
supported, or for passing to functions in look_pk
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GOST 34.10 public keys use a funky encoding. There is no standard for
PKCS #8 format private keys, so the obvious choice is to act exactly
the same as ECDSA/ECDH (following the rule of thumb that if you're
going to make up a random non-standard thing, at least try to copy
something that's standard for something else). However the public key
encoding uses a weird scheme for encoding the OID in the algorithm
identifier, which we don't want to use for the PKCS #8 encoding.
Add a new function to Private_Key, pkcs8_algorithm_identifier, which
by default just calls algorithm_identifier(). However
GOST_3410_PrivateKey overrides it, and calls
EC_PublicKey::algorithm_identifier(), basically skipping over the
virtual function hierarchy, so it doesn't pick up the funky format
from the public key's version of algorithm_identifier().
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
keys so far, private keys not changed) that takes an
AlgorithmIdentifier and a MemoryRegion<byte>&. This performs the X.509
decoding. It is not possible anymore to create uninitialized PK
objects.
|
| |
|
|
|
| |
what x509_encoder()->key_bits() used to return. This is much simpler
than using the explicit encoder objects. Remove X509_Encoder entirely.
|
| | |
|
| |
|
|
| |
the various implementations
|
| | |
|
| |
|
|
|
|
|
| |
handling ImplicitCA ECDSA keys in the CVC code. Currently dealt with
in CVC by simply commenting out the calls - CVC is already pretty
broken and I'd much rather have ECC sane and under control and CVC
totally broken than ECC remaining in its current state.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
GFpElements.
Clean up OS2ECP
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
it's ridiculously poorly thought out.
The PKCS #8 format isn't documented anywhere I can find, so I'm declaring
the standard GOST-34.10-2001 to be identical to the ECDSA/ECDH format,
thus defining the problem away. :)
|
|
|
draft-dolmatov-cryptocom-gost34102001-06
Known problem: GOST's X.509 (and PKCS #8?) formats are different from
ECDSA. ECDSA uses compressed points, GOST uses a completely raw pair
of points (with, OF COURSE, no leading uncompressed pair identifier,
because using something that already exists would just be too much).
|
