TeaSpeak/tomcrypt
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
1,111 Commits 1 Branch 0 Tags
Commit Graph

183 Commits

Author SHA1 Message Date
Steffen Jaeckel
9d6689fc08 re-factor dh_make_key() and variants 2017-06-27 22:00:13 +02:00
Steffen Jaeckel
fbc54756c1 replace dh_import_radix() by dh_set_{pg,key} 2017-06-27 21:53:02 +02:00
Karel Miko
f60e2902ed dh_make_key_ex dh_export_radix dh_import_radix 2017-06-27 20:11:52 +02:00
Steffen Jaeckel
6b798ca6a6 replace rsa_import_radix() by rsa_set_{key,factors,crt_params}() 2017-06-27 20:05:36 +02:00
Steffen Jaeckel
05e9f0ee79 Revert "use ltc_pk_part in rsa_import_radix()" 
This reverts commit 023e4a2c23641d852cf47000948fa29a53249457.
 2017-06-27 20:05:36 +02:00
Steffen Jaeckel
00a5212d99 use ltc_pk_part in rsa_import_radix() 2017-06-27 20:05:36 +02:00
Steffen Jaeckel
0a6af8d333 rsa_exptmod(): verify that p and q are valid before going the CRT path 2017-06-27 19:01:56 +02:00
Francois Perrad
446fec1bc4 refactor switch with default 2017-06-22 17:13:40 +02:00
Steffen Jaeckel
e9c90e7f63 no need to use XMEM_NEQ() in PK crypto 2017-06-22 14:21:14 +02:00
Steffen Jaeckel
1bf42ea99a update some of the static functions 2017-06-22 14:21:14 +02:00
Steffen Jaeckel
05e28d6cfa fix potential timing attacks in rsa, eax, ocb and ocb3 2017-06-22 14:21:14 +02:00
Karel Miko
243a1dc33e drop _dh_make_key_ex 2017-06-22 13:19:48 +02:00
Karel Miko
5eaff56d90 remove dh_export_radix.c dh_import_radix.c 2017-06-22 13:19:47 +02:00
Karel Miko
771d67e102 DH facelift part1 2017-06-22 13:19:47 +02:00
Steffen Jaeckel
26b57032e7 use correct amount of M-R tests in dsa_make_params() 2017-06-22 11:55:08 +02:00
Karel Miko
b8f22157b3 PK_MAX_RETRIES 2017-06-21 13:38:39 +02:00
Karel Miko
0c115a162d whitespace 2017-06-21 13:26:52 +02:00
Karel Miko
fff832091f ecc_sign_hash max_iterations 2017-06-21 13:25:06 +02:00
Karel Miko
cdf04b6140 fix mp_montgomery_setup 2017-06-21 13:01:22 +02:00
Karel Miko
a937f23821 static functions name fix 2017-06-21 12:49:19 +02:00
Karel Miko
67200b641d ecc_sign+verify_hash_raw > ecc_sign+verify_hash_rfc7518 2017-06-21 12:11:35 +02:00
Steffen Jaeckel
4cd1355b8f more clean-up of headers/footers 2017-06-20 15:16:11 +02:00
Steffen Jaeckel
fe19dad623 replace SVN tags 2017-06-20 15:16:11 +02:00
Steffen Jaeckel
fb35d5be54 more clean-up of headers 2017-06-20 15:16:11 +02:00
Steffen Jaeckel
4dc211e19d clean-up headers 2017-06-20 15:16:11 +02:00
Karel Miko
4f12e41d29 fix trailing ; 2017-06-12 16:35:27 +02:00
Karel Miko
114b694735 trying to fix dh_shared_secret - #119 2017-06-11 23:20:46 +02:00
Karel Miko
bc4236d90f tuning dh_make_key 2017-06-11 21:12:14 +02:00
Karel Miko
361778d2ac another dh_make_key redesign 2017-06-11 19:43:08 +02:00
Karel Miko
71884788e3 fix warning: comparison between signed and unsigned integer 2017-06-11 10:12:18 +02:00
Karel Miko
532c511f52 improved dh_make_key 2017-06-10 23:02:30 +02:00
Steffen Jaeckel
c9f4628693 don't call rng_make_prng() from dh_make_key() 
While testing with multiple threads I had spurious errors where some tests
can't read from the PRNG.
If I tracked it down correctly that's caused by `dh_make_key()`
calling `rng_make_prng()` which re-initializes the selected PRNG.

I like the idea of "refreshing" the PRNG with entropy from a hopefully
secure RNG before generating a new key, but I don't think it's the duty
of a key-generation function to ensure that, but merely the application
that implements key-generation.
 2017-06-09 18:56:04 +02:00
Steffen Jaeckel
f31d8ff864 implement smaller private key sizes 2017-06-09 18:33:51 +02:00
Karel Miko
f46b32ba2e better DH primes 2017-06-09 14:14:07 +02:00
Karel Miko
2a883b44c7 do not expose dsa_make_params as a public API 2017-06-09 13:01:30 +02:00
Steffen Jaeckel
ef450fe14a fix error handling 2017-06-08 23:34:16 +02:00
Karel Miko
52a496e9e1 rsa_import_pkcs8 - passwd is now "const void *" 2017-06-08 23:34:16 +02:00
Karel Miko
d96f4bdcff rsa_import_pkcs8 2017-06-08 23:34:16 +02:00
Karel Miko
43e46a2efc fix clang static analyzer warnings/errors - see #217 2017-05-11 20:37:06 +02:00
Steffen Jaeckel
aa4bae5ae9 add option to do PKCS#1 v1.5 EMSA without ASN.1 around hash 
Somehow someone forgot to add the OID in the signature field
of a SERVER_KEY_EXCHANGE message in early versions of the SSL protocol.
Therefore provide an option to be able to sign/verify a message
in that format.
 2017-05-01 23:15:11 +02:00
Karel Miko
87142382da lint fixes discussed in #199 2017-04-29 19:59:03 +02:00
Steffen Jaeckel
2c52bf75f4 bugfixing 2017-03-31 18:24:42 +02:00
Steffen Jaeckel
1f0daf1eff fix compiler warning 2017-03-31 00:57:22 +02:00
Steffen Jaeckel
83780d4764 add timezone-offset support to GeneralizedTime 
this also fixes a bug in the length generation
 2017-03-30 22:48:42 +02:00
Steffen Jaeckel
2bd517307c add GeneralizedTime DER en-/decode 2017-03-30 22:29:02 +02:00
Steffen Jaeckel
856d542a1c turn around the order when free'ing an rsa_key struct 2017-03-30 18:46:05 +02:00
Steffen Jaeckel
ec327b3d86 move x509 processing to rsa_import_x509() 2017-03-30 18:46:05 +02:00
Steffen Jaeckel
27722734b2 let's use an empty list element to signal an empty sequence 2017-03-30 18:46:04 +02:00
Steffen Jaeckel
f9bce83329 add possibility to rsa_import() the public key of an x.509 certificate 2017-03-30 18:46:04 +02:00
Steffen Jaeckel
2e822a80a8 add der_sequence_shrink() 
in case you want to keep a sequence over a longer time, but you don't
need all the raw constructed, set or sequence data
 2017-03-30 18:46:04 +02:00