aboutsummaryrefslogtreecommitdiffstats
path: root/src/pubkey/rsa
Commit message (Collapse)AuthorAgeFilesLines
* Use BOTAN_ASSERT in various placeslloyd2010-09-261-2/+3
|
* In RSA and RW key generation, if we generate a key that isn't exactlylloyd2010-09-221-5/+6
| | | | | | | the requested bitsize, simply repeat instead of failing immediately. The condition could actually occur in practice if a prime that was on the very low end of the specified range was chosen (eg q happened to be chosen as 10000...001).
* More Doxygen updates/fixeslloyd2010-06-151-1/+7
|
* Move where pk_ops is included, remove rng.h from dl_algo.hlloyd2010-03-211-0/+1
|
* KeyPair::check_key's behavior of throwing an exception upon failure waslloyd2010-03-211-15/+1
| | | | | | | | | | | | | | not useful; in all cases, we immediately caught it and then returned false. Modify as follows: - Create the pubkey objects inside the checking code, so calling code doesn't need to do it. - Return true/false for pass/fail Also add consistency checking for ECDSA keys
* There are some nasty API problems that are caused by having to pass alloyd2010-03-191-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | PRNG everywhere. The removal of the global PRNG was generated by a desire to remove the global library state entirely. However the real point of this was to remove the use of globally visible _mutable_ state; of the mutable state, the PRNG is probably the least important, and the most useful to share. And it seems unlikely that thread contention would be a major issue in the PRNG. Add back a global PRNG to Library_State. Use lazy initialization, so apps that don't ever use a PRNG don't need a seeding step. Then have AutoSeeded_RNG call that global PRNG. Offer once again RandomNumberGenerator& Library_State::global_rng(); which returns a reference to the global PRNG. This RNG object serializes access to itself with a mutex. Remove the hack known as Blinding::choose_nonce, replace with using the global PRNG to choose a blinding nonce
* Remove decls of removed RSA encrypt/decryptlloyd2010-03-091-5/+0
|
* De-name unused rng arglloyd2010-03-091-1/+1
|
* Deconstify PK_Ops. It's quite reasonable that some op will want tolloyd2010-03-092-7/+12
| | | | | | | | | | | | | precompute only as needed, or will want to access some other expensive resource or etc. Change how the secret for generating blinding is done in cases where a PRNG isn't available. Use the operations public op to hide the secret, for instance the seed for a DH blinding variable is 2^x mod p. Make use of being able to mutate internal structures in the RW signer, since that does have access to a PRNG, so use it to initialize the blinder on first call to sign().
* Add back RSA consistency checking (decrypt only)lloyd2010-03-092-3/+8
|
* Remove decls of unimplemented functionslloyd2010-03-081-3/+0
|
* Add back in blinding to RSA, RW, ElGamal, and DH.lloyd2010-03-082-2/+7
| | | | | | | | | | | | | | | | There are multiple unsatisfactory elements to the current solution, as compared to how blinding was previously done: Firstly, blinding is only used in the baseline implementations; the code using OpenSSL and GMP is not protected by blinding at all. Secondly, at the point we need to set up blinding, there is no access to a PRNG. Currently I am going with a quite nasty solution, of using a private key parameter to seed a simple PRNG constructed as: SHA-512(TS1 || private_key_param || public_key_param || TS2) I really want to fix both of these elements but I'm not sure how to do so easily.
* Modify pubkey classes to take names instead of object pointers.lloyd2010-03-081-8/+4
| | | | | Remove use of look_pk from the source and examples, instead instantiate classes directly.
* Remove the now no-op classes PK_Encrypting_Key,lloyd2010-03-081-5/+1
| | | | | PK_Decrypting_Key, PK_Signing_Key, PK_Verifying_with_MR_Key, and PK_Verifying_wo_MR_Key.
* Remove unused variablelloyd2010-03-051-1/+0
|
* Remove IF_Corelloyd2010-03-052-51/+3
|
* Add RSA encrypt/decrypt opslloyd2010-03-052-21/+60
|
* Constify sign and verify opslloyd2010-03-052-5/+5
|
* Remove sign and verify ops from key typeslloyd2010-03-052-11/+0
|
* Rename PK_Ops::Signature_Operation to PK_Ops::Signaturelloyd2010-03-051-1/+1
| | | | Rename PK_Ops::KA_Operation to PK_Ops::Key_Agreement
* Add verification ops for all signature key typeslloyd2010-03-051-0/+21
|
* Remove the sign() operation from the public key objects, totally replacedlloyd2010-03-052-13/+1
| | | | | | by using the ops. Add real ECDSA test vectors (two found in ANSI X9.62)
* Add signature generation operation classes. Remove sign() fromlloyd2010-03-052-0/+42
| | | | | | PK_Signing_Key, though for the moment the class remains because there are a few pieces of code that use it to detect if signatures are supported, or for passing to functions in look_pk
* Remove IF_Scheme_PrivateKey::PKCS8_load_hooklloyd2010-03-042-7/+11
|
* New IF constructors, simplifies RSA/RWlloyd2010-03-042-38/+15
|
* Remove more load hookslloyd2010-03-042-2/+5
|
* Add similar decoding constructors to the private keyslloyd2010-03-041-5/+7
|
* Add a new constructor to each public key algorithm (only the publiclloyd2010-03-041-1/+4
| | | | | | | keys so far, private keys not changed) that takes an AlgorithmIdentifier and a MemoryRegion<byte>&. This performs the X.509 decoding. It is not possible anymore to create uninitialized PK objects.
* Full working amalgamation build, plus internal-only headers concept.lloyd2009-12-161-7/+0
|
* Remove the 'realname' attribute on all modules and cc/cpu/os info files.lloyd2009-10-291-2/+0
| | | | | Pretty much useless and unused, except for listing the module names in build.h and the short versions totally suffice for that.
* Reasonably functional RSA support; keygen, import/export, encrypt/decrypt, ↵lloyd2009-10-091-1/+7
| | | | sign/verify
* Add a script that reads the output of print_deps.py and rewriteslloyd2009-07-151-7/+6
| | | | | | the info.txt files with the right module dependencies. Apply it across the codebase.
* Move the contents of pubkey/pubkey (which was kind of a catch-all tolloyd2009-07-151-1/+0
| | | | | | | just toplevel pubkey). This was a convention I realized made sense sometime on when I was first doing the modularization changes. Move pkcs8.* and x509_key.* to pk_codecs
* Thomas Moschny passed along a request from the Fedora packagers which camelloyd2009-03-302-38/+42
| | | | | | | | | | | | | | | up during the Fedora submission review, that each source file include some text about the license. One handy Perl script later and each file now has the line Distributed under the terms of the Botan license after the copyright notices. While I was in there modifying every file anyway, I also stripped out the remainder of the block comments (lots of astericks before and after the text); this is stylistic thing I picked up when I was first learning C++ but in retrospect it is not a good style as the structure makes it harder to modify comments (with the result that comments become fewer, shorter and are less likely to be updated, which are not good things).
* Remove pk_lookup - half of it (look_pk.{cpp,h}) depended on libstate directly,lloyd2008-11-111-1/+0
| | | | | the other half was relied upon by pubkey. Move the contents into those two modules. Update deps.
* Add Doxygen comments to RSA key constructors (from InSiTo)lloyd2008-10-131-8/+31
|
* Move look_pk and pk_algs to new module pubkey/pk_lookuplloyd2008-10-011-5/+6
|
* Split Diffie-Hellman off almost completely, such that nearly none oflloyd2008-10-011-1/+2
| | | | | | | | | | it builds if it is disabled. Current deficiency: due to #if defined(BLAH) in the engine code, Botan will not be binary compat across different configurations b/c the vtable will change size. Move some source from core/ to core/libstate where it belonged (engine stuff)
* Rename pk dir to pubkey, avoids tab-completion collision with pk_padlloyd2008-10-013-0/+243