| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Hide CurveGFp with an eye for eventual removal
|
| |
|
|
|
|
|
|
| |
This confirms the message is exactly the size of the expected hash,
and also causes RFC 6979 nonces to be generated using the specified
hash. See also https://github.com/riboseinc/rnp/issues/367
|
|
|
|
|
| |
The tests were generated by Botan but I was able to verify the
resulting signatures using Golang's ecdsa module.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
Turns out astyle has some bugs wrt C++11 initialize lists. Rather
than having astyle mangle all of the tests, convert to using a string
which is split once at the start instead of a vector of keys.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
Adds support for probabilistic, aka the standard, DSA and ECDSA.
Can be enabled by disabling the rfc6979 module.
Includes test vectors from NIST CAVP.
Adds rfc6979 to the list of prohibited modules in BSI policy.
|
|
|
|
|
|
|
| |
Understand using '-' on the command line to mean stdin
Fix last few unit tests that wanted to write to the filesystem; removes
outdata directory.
|
|
|
|
|
|
|
|
|
|
|
| |
The tests previously had used 4 to 6 different schemes internally (the vec file
reader framework, Catch, the old InSiTo Boost.Test tests, the PK/BigInt tests
which escaped the rewrite in 1.11.7, plus a number of one-offs). Converge on a
design that works everywhere, and update all the things.
Fix also a few bugs found by the test changes: SHA-512-256 name incorrect,
OpenSSL RC4 name incorrect, signature of FFI function botan_pubkey_destroy
was wrong.
|
| |
|
|
|
|
|
| |
OpenSSL doesn't use RFC 6979 nonces, so if openssl was enabled ECDSA
tests would fail.
|
|
|
|
|
|
|
| |
Ever tried?
auto str = "some long string";
auto str2 = str + '\n';
It's not with the brainfuck finding the bug.
|
|
|
|
|
|
|
|
| |
The plain PointGFp operator* now uses Montgomery ladder exclusively.
Adds a blinded point multiply algorithm which uses exponent and point
randomization, as well as a Montgomery ladder technique that takes a
random walk of the possible addition chains for k.
|
| |
|
|
|
|
| |
Fixes #146.
|
|
|
|
|
|
|
| |
- Remove additional newlines in CHECK_MESSAGE call
- Remove redundant output of algo in aead_test()
Closes #115
|
|
|
|
|
| |
Update license header line to specify the terms and refer to the file,
neither of which it included before.
|
| |
|
| |
|
|
|
|
|
| |
Drop the GNU MP engine. Its implementations were potentially faster in
some scenarios but not well protected against side channels.
|
|
|
|
| |
http://crypto.stackexchange.com/questions/784
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Add `website` target to makefile.
Some progress towards fixing minimized builds.
TLS now hard requires ECDSA and GCM since otherwise a minimized build
has only insecure options.
Remove boost_thread dependency in command line tool
|
| |
|
| |
|
|
|