aboutsummaryrefslogtreecommitdiffstats
path: root/src/pubkey/pubkey.h
Commit message (Collapse)AuthorAgeFilesLines
* Fairly huge update that replaces the old secmem types with std::vectorlloyd2012-05-181-23/+31
| | | | | | using a custom allocator. Currently our allocator just does new/delete with a memset before deletion, and the mmap and mlock allocators have been removed.
* Use size_t instead of u32bit in all of pubkeylloyd2010-10-121-23/+23
|
* First set of changes for avoiding use implicit vector->pointer conversionslloyd2010-09-131-1/+2
|
* Replace "@return a blah" and "@return the blah" with just "@return blah"lloyd2010-06-161-8/+8
|
* More Doxygen updates/fixeslloyd2010-06-151-2/+2
|
* Fix a few hundred Doxygen warningslloyd2010-06-151-1/+1
|
* Add typedefs for the named EME encryptor/decryptor classes so codelloyd2010-06-111-0/+6
| | | | using the 1.8 names continues to work.
* Give PK_Signer users the option of disabling fault protectionlloyd2010-03-131-1/+11
|
* Deconstify PK_Ops. It's quite reasonable that some op will want tolloyd2010-03-091-2/+2
| | | | | | | | | | | | | precompute only as needed, or will want to access some other expensive resource or etc. Change how the secret for generating blinding is done in cases where a PRNG isn't available. Use the operations public op to hide the secret, for instance the seed for a DH blinding variable is 2^x mod p. Make use of being able to mutate internal structures in the RW signer, since that does have access to a PRNG, so use it to initialize the blinder on first call to sign().
* Have PK_Signer check the validity of all signatures before releasing.lloyd2010-03-091-1/+5
| | | | Should help against many forms of fault attacks.
* Rename PK_Encryptor_MR_with_EME and PK_Decryptor_MR_with_EME tolloyd2010-03-081-20/+22
| | | | | PK_Encryptor_EME and PK_Decryptor_EME; the message recovery is somewhat implicit in the recovery of the plaintext.
* Have the constructors in pubkey.h take all arguments look_pk does, andlloyd2010-03-081-12/+20
| | | | convert look_pk to simple forwarders.
* Add ops for ElGamal encryption and decryption.lloyd2010-03-051-12/+22
| | | | | Note: blinding is not currently being used for RSA, RW, DH or ElGamal, which used to have them. This should be added back before release.
* Rename PK_Ops::Signature_Operation to PK_Ops::Signaturelloyd2010-03-051-2/+2
| | | | Rename PK_Ops::KA_Operation to PK_Ops::Key_Agreement
* Add verification ops for all signature key typeslloyd2010-03-051-66/+23
|
* Add signature generation operation classes. Remove sign() fromlloyd2010-03-051-8/+9
| | | | | | PK_Signing_Key, though for the moment the class remains because there are a few pieces of code that use it to detect if signatures are supported, or for passing to functions in look_pk
* This checkin represents a pretty major change in how PK operations arelloyd2010-03-041-3/+36
| | | | | | | | | | | | | | | | | | | | | | | | | | | | performed. Up until now, each key object (eg DSA_PublicKey or ECDH_PrivateKey) had two jobs: contain the key material, and know how to perform any operations on that key. However because of a desire to support alternative implementations (GNU MP, hardware, whatever), there was a notion of operations, with the key objects containing an op that they got via engine rather than actually implementing the underlying algorithms directly. Now, represent the operation as an abstract interface (typically mapping a byte string to a byte string), and pass a plain Public_Key& or Private_Key& to the engine. The engine does any checks it wants (eg based on name, typeid, key sizes, etc), and either returns nothing (I'll pass) or a pointer to a new operation that represents signatures or encryption or what-have-you using that key. This means that plain key objects no longer contain operations. This is a major break with the traditional interface. On the other hand, using these 'bare' operations without padding, KDFs, etc is 99% of the time a bad idea anyway (and if you really need them, there are options so you get the bare op but via the pubkey.h interfaces). Currently this change is only implemented for DH and ECDH (ie, key agreement algorithms). Additionally the optional engines (gnump and openssl) have not been updated. I'll probably wait to touch those until after I can change them all in one go for all algos.
* Clean up PK_Key_Agreement slightlylloyd2010-03-041-6/+32
|
* Fix indentlloyd2009-10-131-1/+1
|
* Move the contents of pubkey/pubkey (which was kind of a catch-all tolloyd2009-07-151-0/+392
just toplevel pubkey). This was a convention I realized made sense sometime on when I was first doing the modularization changes. Move pkcs8.* and x509_key.* to pk_codecs