yggdrasil/ring
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9,642 Commits 2 Branches 0 Tags
Commit Graph

110 Commits

Author SHA1 Message Date
Brian Smith
c23d537847 Restore the OpeningKey and SealingKey naming. 
Experiments with the `Role` pattern indicate that it might not work as
well as initially hoped. Replace it with the pattern more common in Rust.
 2019-07-13 14:50:42 -10:00
Brian Smith
38462247ac Add LessSafeKey to ring::aead. 2019-07-13 14:50:42 -10:00
Brian Smith
c24f737dfa Refactor AEAD tests in preparation for extending the AEAD API. 2019-07-13 14:50:42 -10:00
Brian Smith
7bc1661fe9 Simplify aead::Key tests. 2019-07-13 14:50:42 -10:00
Brian Smith
6c3805840e Rename RSA_PKCS1_2048_8192_SHA1 => RSA_PKCS1_2048_8192_SHA1_FOR_LEGACY_USE_ONLY. 2019-07-10 10:26:04 -10:00
Brian Smith
7071dda618 Replace use_heap feature with alloc and std features; use alloc crate. 2019-07-09 21:15:18 -10:00
Brian Smith
7d36600ec8 Use alloc instead of std when possible. 2019-07-09 21:15:18 -10:00
Brian Smith
0c962674a1 Fix SHA-1 slow tests. 2019-07-09 17:47:52 -10:00
Brian Smith
d367526a27 Remove 32-bit x86 SHA-2 assembly code. 2019-07-09 17:25:46 -10:00
Brian Smith
7b6e9dd911 Rename SHA1 to SHA1_FOR_LEGACY_USE_ONLY. 2019-07-09 14:16:39 -10:00
Brian Smith
c3d13e8851 Refactor AEAD key management. 2019-07-07 16:47:48 -10:00
Brian Smith
100443eb9c Refactor HKDF key derivation. 2019-07-07 16:47:47 -10:00
Brian Smith
169803f490 Use distinct types for PBKDF2 and HMAC algorithms. 2019-07-07 16:47:46 -10:00
Brian Smith
6f6a150185 Limit HKDF to SHA-{256,384,512} and remove HKDF-SHA-1 tests. 2019-07-07 16:32:46 -10:00
Brian Smith
c53955ea8a Initial wasm32-unknown-unknown support. 2019-07-03 12:20:00 -10:00
Brian Smith
7633902d7c Move ring::rand tests to tests/rand_tests.rs. 2019-06-13 10:01:06 -10:00
Damir Vandic
1097eb9c02 Derive clone for hmac key 
I agree to license my contributions to each file under the terms given
at the top of each file I changed.
 2019-04-15 09:57:18 -10:00
Brian Smith
db45a386a2 Remove pbkdf2_one_iteration test. 
This test was part of the test that we handled zero iterations
correctly. Recently we switched to using `NonZero` which
prevents zero iterations from being requested at build time, so
that test was removed. Remove this leftover fragment too. Note that
there is still a test for one iteration in pkbdf2_tests.txt.
 2019-04-11 09:22:55 -10:00
Brian Smith
f0d4d21e85 Use stable rustfmt. 2019-04-10 09:33:38 -10:00
Brian Smith
9f211157a8 Refactor low-level RSA signature verification API. 
Replace `(n, e)` tuple with a structure with named `n` and `e` fields
to improve safety. Remove the use of `untrusted`.
 2019-04-05 16:53:13 -10:00
Brian Smith
d56ca70fd0 Add negative tests for Ed25519 signature verification. 2019-04-05 16:25:51 -10:00
Brian Smith
2ca83cc4a0 Remove untrusted from io::Positive API. 2019-04-05 16:21:41 -10:00
Brian Smith
888bdd506f Remove untrusted from the ring::agreement API. 2019-04-05 16:21:41 -10:00
Brian Smith
cfe46261e8 Remove untrusted from the ring::signature signing API. 2019-04-05 16:21:41 -10:00
Brian Smith
306d163613 Refactor ring::signature verification API. 
Introduce `UnparsedPublicKey`. Remove public use of `untrusted::Input`.
Replace `signature::verify()` with `UnparsedPublicKey::verify()`.
 2019-04-05 16:21:40 -10:00
Brian Smith
998229f1e9 Rename RsaPublicKey to RsaSubjectPublicKey`. 
We'll probably use the name `RsaPublicKey` for something else.
 2019-04-05 16:01:31 -10:00
Brian Smith
c40df473cb Update to latest untrusted prerelease. 2019-04-05 09:45:53 -10:00
Brian Smith
9f80946c13 Merge hmac::{SigningKey, VerificationKey} as hmac::Key. 2019-04-04 14:40:33 -10:00
Brian Smith
c125b2b4b1 Stop renaming symbols when publicly exporting them. 
Rust tooling (rustdoc, and rustc error reporting) doesn't handle very well
the renaming of a symbol when exporting it.
 2019-04-04 13:20:48 -10:00
Brian Smith
5baeb39aba HKDF: Make API safer. 
Reduce the likelihood that `info` and `out` parameters would get confused.
Eliminate potential to panic in the new API.
 2019-03-29 14:57:48 -10:00
Brian Smith
f1d85e614b HKDF: Avoid an unnecessary loop iteration. 
When `out` is the same length as the digest output an extra iteration
of HMAC was executed and then thrown away. Avoid that extra iteration.

Note that an extra iteration is still done in the degenerate case where
`out` is empty, because it's better to optimize for the case where `out`
isn't empty.

The output is exactly the same as before.
 2019-03-29 14:31:32 -10:00
Brian Smith
6ec8f34c57 HKDF: Make extract and expand methods. 2019-03-29 14:31:11 -10:00
Brian Smith
9addfcebdf Use distinct types for HKDF Salt and Prk. 2019-03-28 18:01:19 -10:00
Brian Smith
d712f6493b Avoid unnecessarily-named explicit lifetime parameters. 2019-03-06 14:04:39 -10:00
Andy Russell
c51221d329 convert doc comment to regular comment 2019-02-20 03:57:05 -10:00
Brian Smith
ab0726d0cd Embed test data into test executables. 
Embed test data files into test executables so that file I/O isn't
necessary during tests. This allows the tests to run on platforms that
don't have file I/O. It also makes it easier to run the tests on a
separate (virtual) machine from the build machine since the test
automation no longer needs to keep track of the test files.
 2019-02-02 13:21:02 -10:00
Brian Smith
abbb616b57 Implement Debug for OpeningKey and SealingKey. 2019-01-23 16:40:16 -10:00
Brian Smith
0e80eeb2aa Loosen lifetime requirements for aead::open_in_place(). 
Tying the lifetime of the `aad` parameter to the lifetime of the
input/output buffer was an accident. Separate them.
 2019-01-22 10:07:42 -10:00
Brian Smith
1445fa4367 Improve and test various key type Clone/Debug implementations. 2019-01-19 19:56:02 -10:00
Alessandro Ghedini
016a5d54f8 Add ChaCha20 support to QUIC header protection 
This requires the addition of a constructor for aead::nonce::Iv from
an aead::block::Block.

I agree to license my contributions to each file under the terms given
at the top of each file I changed.
 2019-01-05 09:07:20 -10:00
Alessandro Ghedini
351ed16251 Implement QUIC header protection API 
This adds a new API to the AEAD module for generating QUIC Header Protection
masks, as described in draft-ietf-quic-tls-17.

Only AES support is currently implemented, but ChaCha20 can be added later.

I agree to license my contributions to each file under the terms given
at the top of each file I changed.
 2019-01-04 17:42:59 -10:00
Brian Smith
5a0b6b5dec Add type-safe Aad wrapper for AEAD operations. 
Reduce the possibility of confusing the AAD parameter with the
ciphertext/plaintext parameter.
 2018-12-29 14:37:21 -10:00
Brian Smith
5997093fb0 Implement signature::KeyPair for RSA. 2018-12-21 15:39:26 -10:00
Brian Smith
d81973cf4c Define a signature::KeyPair trait and implement it for Ed25519. 2018-12-21 15:30:47 -10:00
Brian Smith
faaef278dc Move der under IO. 2018-12-21 15:22:30 -10:00
Brian Smith
6609177e63 Rename RSA* to Rsa*. 2018-12-21 15:21:50 -10:00
Brian Smith
b0f8ca2532 Rename ECDSAKeyPair to EcdsaKeyPair. 2018-12-21 15:21:50 -10:00
Brian Smith
0c407e4c31 Remove failed attempt at a generic public key signing API. 2018-12-21 15:21:50 -10:00
Brian Smith
be3f13aeef Better encapsulate ECC key parts. 2018-12-21 12:22:42 -10:00
Brian Smith
c8b76df6e5 Use Nonce as the type of the nonce input in AEAD. 2018-12-14 11:39:34 -10:00