aboutsummaryrefslogtreecommitdiff
path: root/ecdsa.c
AgeCommit message (Collapse)Author
2017-03-01Compute public key if necessary when loading a private key.Rob Austein
libhal and PKCS #11 have slightly different models of private keys: in libhal, a "private key" object is really a keypair, while in PKCS #11 a private key really is a naked private key. This was a deliberate design decision in libhal, both for simplicity and to better support user interfaces other than PKCS #11, so we'd rather not change it. This difference doesn't matter very much for RSA keys in PKCS #11, where the private key components are a superset of the public key components anyway, but the PKCS #11 template for ECDSA private keys doesn't allow setting public key components with C_CreateObject(). Fortunately, computing the public components of an ECDSA key pair from the private key is straightforward, so we just do that when needed.
2016-09-20Clean up the defines around rpc client, software hash cores, etc.Paul Selkirk
2016-03-29Client-side rsa and ecdsa need to call remote get_random.Paul Selkirk
2016-03-12Merge branch 'master' into rpcRob Austein
2016-03-12Disable ECDSA static-test-vectors hack, fix call to hal_get_random()Rob Austein
which was using the old (pre-hal_core_t) calling sequence.
2015-12-22Add ASN.1 support for public keys (X.509 SubjectPublicKeyInfo format).Rob Austein
2015-12-21Fix names of private key DER functions.Rob Austein
2015-12-20Consolidating curve names broke the ASN.1 code.Rob Austein
2015-12-20Drop support for the ASN.1-based ECDSA signature format in favor ofRob Austein
the simpler format which PKCS #11 uses, since we have to support the latter in any case and it's not worth the complexity of supporting both.
2015-12-20RPC server stuff mostly written. Compiles, not yet tested. RPCRob Austein
public key extraction functions on hold pending ASN.1 cleanup.
2015-12-13whack copyrightsPaul Selkirk
2015-11-13Merge branch 'config_core_selector'Paul Selkirk
2015-10-29Remove unused includes.Paul Selkirk
2015-10-04Whack libhal API to use current configure_core_selector mechanism.Rob Austein
Compiles, not yet tested.
2015-10-03Use initializers for automatic variables of type fp_int because it's aRob Austein
bit more obvious when we've forgotten to do this than when we've forgotten to call fp_init() or memset(). Convert rsa.c to use the one-element-array idiom so we can get stop prefixing every bignum reference with "&".
2015-10-02Impressive how much trouble one can get into with one uninitialized bignum.Rob Austein
2015-10-02Testing shows that signature and verification are both faster withRob Austein
mixed Jacobian-affine addition, so go with that. Minor additional clean-up and comments.
2015-10-02Revise point addition and point scalar multiplication routines to useRob Austein
mixed Jacobian-affine coordinates, per a suggestion from Pavel. Old code still present under compile time conditional for easy comparison, but will probably go away soon along with a bit of minor cleanup.
2015-09-14Fencepost error in hal_ecdas_key_from_ecpoint().Rob Austein
2015-09-11Avoid gratuitous assertion failure if caller gives us a larger bufferRob Austein
than necessary when writing private key to DER.
2015-09-06Add ECPoint I/O functions. ASN.1 cleanup.Rob Austein
2015-09-02Add PKCS11 ECDSA signature format.Rob Austein
2015-09-02Clean up excessively complicated handling of opaque types in hash andRob Austein
RSA code; use simpler model (pointer to incomplete structure) used in ECDSA code. Refactor RSA code to use shared ASN.1 routines.
2015-08-27Add point validation check to hal_ecdsa_verify(). Update README.mdRob Austein
and code comments.
2015-08-26Signature works better if we read the entire hash.Rob Austein
2015-08-25More ASN.1 fixes.Rob Austein
2015-08-25Rework RFC 5915 ASN.1.Rob Austein
2015-08-25ASN.1 bugfixes.Rob Austein
2015-08-24First stumblings towards ECDSA test code.Rob Austein
2015-08-22Rework point_scalar_multiply() to avoid a timing leak with small scalars.Rob Austein
2015-08-22Add hal_ecdsa_verify(). Move hashing out of ECDSA routines. Clean upRob Austein
a few bits that didn't pass self-review.
2015-08-21Updated point doubling and addition to use algorithms from theRob Austein
hyperelliptic.org formula database. Compiles, still not tested.
2015-08-21Snapshot along the way to ECDSA. Code mostly written, except forRob Austein
ecdsa_verify(). Untested. Point addition and doubling algorithms are the ones from libtomcrypt, main point of this commit is to save those before replacing them with faster algorithms from hyperelliptic.org.