| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove and consolidate various headers
Reduce memory usage of GF2m_Field by sharing the log and exponent
tables across all instances of a particular word size.
Remove McEliece_Public_Operation and McEliece_Private_Operation which
were difficult to use safely. Instead only the KEM operations are exposed.
Add McEliece_PublicKey::random_plaintext_element
Add command line `mce` tool and some McEliece documentation
Convert the speed program to check McEliece keys of the suggested size
Add McEliece KATs for both key generation and KEM
Fix HMAC_DRBG constructor which derefed a pointer before its time
|
| |
|
|
|
|
|
|
| |
The plain PointGFp operator* now uses Montgomery ladder exclusively.
Adds a blinded point multiply algorithm which uses exponent and point
randomization, as well as a Montgomery ladder technique that takes a
random walk of the possible addition chains for k.
|
| |
|
|
|
| |
One a read at 0 of an empty vector, the other causing allocation of an
arbitrary amount of memory.
|
| |
|
|
| |
... for peaceful development
|
| | |
|
| | |
|
| |
|
|
| |
Fixes #146.
|
| |
|
|
|
|
|
|
| |
Fix zlib decompression which was not ignoring Z_BUF_ERROR which is
harmless in this context as process is already checking avail_in
and avail_out after run returns.
Bump version to 1.11.17
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This lets you amortize quite a few memory allocations (RNG, various
BigInts, etc) over many nonce generations.
Change generate_rfc6979_nonce to just instantiate one of these states,
call the function once, and return. This doesn't have any additional
overhead versus the previous implementation of this function.
Fix HMAC_DRBG to correctly reset its state to its starting position
when you call clear() on it.
|
| | |
|
| |
|
|
|
| |
Update license header line to specify the terms and refer to the file,
neither of which it included before.
|
| | |
|
| |
|
|
|
|
| |
This uses only the c64 version from curve25519-donna; on systems that
don't have a native uint128_t type, a donna128 type stands in for just
enough 128-bit operations to satisfy donna.cpp
|
| |
|
|
|
|
|
| |
(https://www.rocq.inria.fr/secret/CBCrypto/index.php?pg=hymes).
The original version is LGPL but cryptsource GmbH has secured
permission to release it under a BSD license. Also includes the
Overbeck CCA2 message encoding scheme.
|
| |
|
|
| |
http://crypto.stackexchange.com/questions/784
|
| | |
|
| | |
|
| |
|
|
| |
the tests and botan for everything else.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
