yggdrasil/ring
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
5,095 Commits 2 Branches 0 Tags
Commit Graph

5095 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Brian Smith
3ad08688aa Clarify Sync and Send for RSAKeyPair and bigint types. 2016-12-10 13:52:52 -10:00
Brian Smith
98b94f5bd6 0.6.0-alpha1. 2016-12-08 21:03:10 -10:00
Brian Smith
1eff35c65c Further simplify less-than comparisons in ring::rsa::bigint. 2016-12-08 15:22:00 -10:00
Brian Smith
3d6e486403 Simplify less-than comparison code in ring::rsa::bigint. 
We don't need all the features of `PartialCmp`. In particular, we don't
need `PartialEq`.
 2016-12-08 15:11:04 -10:00
Brian Smith
ce23dd12ed Move constants in aes_gcm.rs to near the bottom of the file. 2016-12-06 13:31:59 -10:00
Brian Smith
d1dedb7402 Remove unused AEAD assertion code. 2016-12-06 13:31:58 -10:00
Brian Smith
3c9345312e debug_assert! -> debug_assert_eq! in ring::poly1305. 2016-12-06 13:30:49 -10:00
Brian Smith
5c5c294387 Remove unused utility code in crypto/internal.h. 2016-12-05 09:00:41 -10:00
Brian Smith
1a5964777b Inline align() into with_aligned() in ring::poly1305. 2016-12-04 07:19:20 -10:00
Brian Smith
e6f5cc1fab Fix minor whtespace issue in ring::poly1305. 2016-12-03 15:26:57 -10:00
Brian Smith
9c4859296c Use more typeful style in ring::poly1305. 2016-12-03 15:26:20 -10:00
Brian Smith
761b5422e4 Avoid nested SigningData type in ring::poly1305. 
Although the new code may not be prettier, in general we should
avoid the anti-pattern of creating nested structs just to work around
the need to borrow different parts of a struct differently.
 2016-12-03 15:26:18 -10:00
Brian Smith
91cc2599d2 Rename ring::poly1305::State to Opaque. 
The other parts of `SigningContext` are also (mutable) state, so naming
one part `State` is confusing.
 2016-12-03 15:24:28 -10:00
Brian Smith
74f5a8e12c Clarify key and nonce handling. 2016-12-03 15:24:26 -10:00
Brian Smith
2709d6a305 Remove redundant initialization of func in ring::poly1305. 2016-12-03 15:23:37 -10:00
Peter Reid
986185e521 Port C code supporting poly1305 to Rust. 
I agree to license my contributions to each file under the terms given
at the top of each file I changed.
 2016-12-02 16:02:58 -10:00
Brian Smith
2070f2a2e6 Remove commented-out tests in bn_tests.txt. 
Instead of commenting out removed tests, we now replace them with a
comment.
 2016-12-01 21:00:04 -10:00
Brian Smith
e06c750d8b Remove modular exponentiation test vectors for even moduli. 
*ring* requires the modulus to be odd.
 2016-12-01 20:57:55 -10:00
Brian Smith
cd2f6454d6 Remove dead code for zero exponents in modular exponentiation. 
Although mathematically it isn't complete nonsense, *ring* doesn't have
any need to support exponents with the value zero.
 2016-12-01 20:51:32 -10:00
Brian Smith
8dcca73a6f Remove dead code for checking mod-exp modulus is odd. 
It cannot even because BN_MONT_CTX_set only allows odd moduli.
 2016-12-01 16:36:57 -10:00
Brian Smith
14f2c1648e Move creation of BN_MONT_CTX in RSA verification to Rust. 2016-12-01 16:29:34 -10:00
Brian Smith
5a9498d54f Remove useless new_mont in GFp_BN_mod_exp_mont_consttime. 
`GFp_BN_mod_exp_mont_consttime` had previously been changed to require
the caller to supply a non-NULL `mont`, removing the use of `new_mont`.
 2016-12-01 16:10:45 -10:00
Brian Smith
551bec6f81 Remove declaration of already-removed GFp_RSA_size. 2016-12-01 16:07:34 -10:00
Brian Smith
46f59b46ba Use is_empty() instead of comparing len() to 0. 2016-12-01 15:18:33 -10:00
Brian Smith
465bff9067 Replace outermost steps of GFp_BN_private_transform with Rust code. 2016-12-01 15:18:32 -10:00
Brian Smith
5502beccd8 Manage RSAKeyPair attributes in Rust, not in the C RSA struct. 2016-12-01 15:18:30 -10:00
Brian Smith
f1ad3efb3c Remove rsa.c, including the checks on dmp1 and dmq1. 2016-12-01 15:18:29 -10:00
Brian Smith
2906a4ce62 Calculate q**2 (mod n) in Rust in RSA signing. 2016-12-01 15:18:29 -10:00
Brian Smith
1af1b46123 Convert iqmp to the Montgomery domain in Rust in RSA signing. 2016-12-01 15:18:26 -10:00
Brian Smith
80e6231cbd Check p * q == n in Rust. 2016-12-01 15:00:02 -10:00
Brian Smith
3b188bbebf Return boolean value instead of pointer from GFp_BN_copy. 2016-11-30 17:57:20 -10:00
Brian Smith
cd221a9270 Construct most RSA private key Montgomery contexts in Rust. 2016-11-30 17:56:47 -10:00
Brian Smith
f048caf212 Check RSA private key parameter bounds in Rust. 2016-11-30 17:56:15 -10:00
Brian Smith
ea77b59dc8 Add extra check for minimum minimum RSA public modulus bit length. 2016-11-30 17:53:18 -10:00
Brian Smith
0c2cffe330 Check RSA public key parameters in Rust. 2016-11-30 17:53:17 -10:00
Brian Smith
20b4d49b98 Work around Rust legacy_directory_ownership warning. 2016-11-28 21:54:17 -10:00
Brian Smith
c964791488 Temporarily avoid conditional compilation in ring::rsa::bigint. 
There will be an interim period where most of the code in
`ring::rsa::bigint` is only used during RSA signing, but eventually
a good chunk of it is likely to be used for RSA verification. Let's
deal with the conditional compilation after the dust from that settles,
so that we don't litter this module with dozens of
`#[cfg(feature = "rsa_signing")]`s.
 2016-11-28 09:25:21 -10:00
Brian Smith
9b2b75098b Factor out bignum code into ring::rsa::bignum. 2016-11-28 09:25:20 -10:00
Brian Smith
54440e1ffa Avoid redundant calculation of q mod n in the Montgomery domain. 2016-11-28 09:25:19 -10:00
Brian Smith
f72ca3a422 Remove redundant copy of iqmp in RSA private keys. 2016-11-28 09:15:54 -10:00
Brian Smith
dbdbf8a287 Rename PRIVATE_KEY_PUBLIC_MODULUS_{MAX_BITS, MAX_LIMBS}. 2016-11-28 09:13:00 -10:00
Brian Smith
28f7e26612 Allow construction of BitLengths in constant expressions. 2016-11-28 09:12:58 -10:00
Brian Smith
abb3fdfc08 Fix --no-default-features build. 2016-11-23 15:07:17 -10:00
Brian Smith
5ef36f972f Note that test::rand::FixedSliceSequenceRandom isn't thread-safe. 2016-11-23 14:17:32 -10:00
Brian Smith
2539beac02 Simplify implementations of test::rand::*Random. 2016-11-23 14:11:29 -10:00
Brian Smith
2a180893ae Expose deterministic SecureRandoms in ring::test::rand. 2016-11-23 14:06:12 -10:00
Brian Smith
5a96fa8bb3 Factor out RSA padding message digest computation. 
Instead of every padding verification implementation and every padding
encoding implementation doing the digesting, have `sign()` and
`verify()` to it themselves.
 2016-11-23 11:38:24 -10:00
Brian Smith
a38d9a4ef9 Verify RSA PKCS#1 1.5 signatures by encode-then-check. 
When we first implemented PKCS#1 1.5 signature verification we had not
implemented signature generation, so we implemented verification by
parsing the padding. Now that we have generation we can save some code
and arguably make verification safer. Also, this is the way RFC 3447
recommends to do it.
 2016-11-23 09:01:36 -10:00
Brian Smith
dcba8a845f Fix definition of c::long for 64-bit non-Windows platforms. 2016-11-23 06:14:31 -10:00
David Judd
f014d94af6 RSA blinding param generation refactoring & performance improvements 
Oxidize/restore special-case handling for `0b100...` range bounds,
lost when OpenSSL code was oxidized, and move RSA blinding param
generation out of limb.rs and into its own module.

I agree to license my contributions to each file under the terms
given at the top of each file I changed.

[The code was reordered and slightly tweaked by me before it was
commited. - Brian]
 2016-11-22 17:07:12 -10:00