Paul Bakker
530927b163
Update copyright line to 2015
2015-02-13 14:24:10 +01:00
Manuel Pégourié-Gonnard
e12abf90ce
Fix url
2015-01-28 17:13:45 +00:00
Manuel Pégourié-Gonnard
0edee5e386
Update copyright notice
2015-01-26 15:29:40 +00:00
Manuel Pégourié-Gonnard
d730aa517a
Use blinding for RSA even without CRT
2014-11-12 16:29:12 +01:00
Paul Bakker
95a11f8c16
On OpenBSD, use arc4random_buf() instead of rand() to prevent warnings
2014-07-08 18:28:40 +02:00
Paul Bakker
b0af56334c
rsa_check_pubkey() now allows an E up to N
2014-07-08 18:28:36 +02:00
Paul Bakker
7890e62a1f
Added missing MPI_CHK around mpi functions
2014-07-08 18:28:29 +02:00
Manuel Pégourié-Gonnard
c675e4bde5
Fix bug in RSA PKCS#1 v1.5 "reversed" operations
2014-07-07 17:46:29 +02:00
Paul Bakker
7837026b91
Remove a few dead stores
2014-07-07 16:01:34 +02:00
Manuel Pégourié-Gonnard
9975c5d217
Check PKCS 1.5 padding in a more constant-time way
...
(Avoid branches that depend on secret data.)
2014-07-07 14:38:09 +02:00
Manuel Pégourié-Gonnard
d237d261e5
Check OAEP padding in a more constant-time way
2014-07-07 14:37:56 +02:00
Manuel Pégourié-Gonnard
3411464a64
RSA-OAEP decrypt: reorganise code
2014-07-07 14:37:39 +02:00
Paul Bakker
ff6e24710a
RSA blinding: check highly unlikely cases
2014-07-07 13:34:41 +02:00
Paul Bakker
6b06502c4b
Changed RSA blinding to a slower but thread-safe version
2013-10-07 12:06:29 +02:00
Paul Bakker
2f1481ec73
Additional fixed to rsa.c with regards to blinding
2013-10-04 16:46:21 +02:00
Paul Bakker
62087eed22
Fixed memory leak in rsa.c introduced in 43f9799
2013-10-04 10:57:12 +02:00
Paul Bakker
43f9799ce6
RSA blinding on CRT operations to counter timing attacks
2013-09-23 11:23:31 +02:00
Paul Bakker
8804f69d46
Removed timing differences due to bad padding from RSA decrypt for
...
PKCS#1 v1.5 operations
2013-03-06 18:01:03 +01:00
Paul Bakker
a43231c5a5
Added support for custom labels when using rsa_rsaes_oaep_encrypt() or rsa_rsaes_oaep_decrypt()
2013-03-06 18:01:02 +01:00
Paul Bakker
b386913f8b
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions
...
Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and
rsa_rsaes_pkcs1_v15_encrypt()
Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and
rsa_rsaes_pkcs1_v15_decrypt()
Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and
rsa_rsassa_pkcs1_v15_sign()
Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and
rsa_rsassa_pkcs1_v15_verify()
The original functions exist as generic wrappers to these functions.
2013-03-06 18:01:02 +01:00
Paul Bakker
02303e8be4
Moved md_init_ctx() calls around to minimize exit points
2013-01-03 11:08:31 +01:00
Paul Bakker
40628bad98
Memory leak when using RSA_PKCS_V21 operations fixed
2013-01-03 10:50:31 +01:00
Paul Bakker
9a73632fd9
- Merged changesets 1399 up to and including 1415 into 1.2 branch
2012-11-14 12:39:52 +00:00
Paul Bakker
0be82f20a9
- Updated rsa_pkcs1_verify() and rsa_pkcs1_sign() to use appropriate buffer size for max MPIs
2012-10-03 20:36:33 +00:00
Paul Bakker
321df6fb80
- Expanded rsa_check_privkey() to check DP, DQ and QP as well
2012-09-27 13:21:34 +00:00
Paul Bakker
bb51f0cb3d
- Only include md.h if needed by POLARSSL_PKCS1_V21
2012-08-23 07:46:58 +00:00
Paul Bakker
3c16db9a10
- Fixed potential memory zeroization on miscrafted RSA key
2012-07-05 13:58:08 +00:00
Paul Bakker
e6ee41f932
- Added OpenSSL / PolarSSL compatibility script (tests/compat.sh) and example application (programs/ssl/o_p_test) (Requires OpenSSL)
...
- Handle encryption with private key and decryption with public key as per RFC 2313
2012-05-19 08:43:48 +00:00
Paul Bakker
56a7684023
- Added alternative for SHA1 signature structure to check for (without NULL)
2012-03-22 15:31:27 +00:00
Paul Bakker
ed375caa3b
- Fixed signed status of ret
2012-01-14 18:10:38 +00:00
Paul Bakker
a3d195c41f
- Changed the used random function pointer to more flexible format. Renamed havege_rand() to havege_random() to prevent mistakes. Lots of changes as a consequence in library code and programs
2011-11-27 21:07:34 +00:00
Paul Bakker
fe3256e54b
- Introduced POLARSSL_MPI_MAX_SIZE and POLARSSL_MPI_MAX_BITS for MPI size management (Closes ticket #44 )
2011-11-25 12:11:43 +00:00
Paul Bakker
1fe7d9baf9
- Fixed incorrect behaviour in case of RSASSA-PSS with a salt length smaller than the hash length. (Closes ticket #41 )
2011-11-15 15:26:03 +00:00
Paul Bakker
b125ed8fc6
- Fixed typo in doxygen tag
2011-11-10 13:33:51 +00:00
Paul Bakker
684ddce18c
- Minor fixer to remove compiler warnings for ARMCC
2011-07-01 09:25:54 +00:00
Paul Bakker
27fdf46d16
- Removed deprecated casts to int for now unsigned values
2011-06-09 13:55:13 +00:00
Paul Bakker
5690efccc4
- Fixed a whole bunch of dependencies on defines between files, examples and tests
2011-05-26 13:16:06 +00:00
Paul Bakker
9d781407bc
- A error_strerror function() has been added to translate between error codes and their description.
...
- The error codes have been remapped and combining error codes is now done with a PLUS instead of an OR as error codes used are negative.
- Descriptions to all error codes have been added.
- Generation script for error.c has been created to automatically generate error.c from the available error definitions in the headers.
2011-05-09 16:17:09 +00:00
Paul Bakker
6c591fab72
- mpi_init() and mpi_free() only accept a single argument and do not accept variable arguments anymore. This prevents unexpected memory corruption in a number of use cases.
2011-05-05 11:49:20 +00:00
Paul Bakker
23986e5d5d
- Major type rewrite of int to size_t for most variables and arguments used for buffer lengths and loops
2011-04-24 08:57:21 +00:00
Paul Bakker
0216cc1bee
- Added flag to disable Chinese Remainder Theorem when using RSA private operation (POLARSSL_RSA_NO_CRT)
2011-03-26 13:40:23 +00:00
Paul Bakker
53019ae6f7
- RSASSA-PSS verification now properly handles salt lengths other than hlen
2011-03-25 13:58:48 +00:00
Paul Bakker
9dcc32236b
- Added support for PKCS#1 v2.1 encoding and thus support for the RSAES-OAEP and RSASSA-PSS operations (enabled by POLARSSL_PKCS1_V21)
2011-03-08 14:16:06 +00:00
Paul Bakker
21eb2802fe
- Changed origins of random function and pointer in rsa_pkcs1_encrypt, rsa_init, rsa_gen_key.
...
Moved to parameters of function instead of context pointers as within ssl_cli, context pointer cannot be set easily.
2010-08-16 11:10:02 +00:00
Paul Bakker
b96f154e51
- Fixed copyright message
2010-07-18 20:36:00 +00:00
Paul Bakker
84f12b76fc
- Updated Copyright to correct entity
2010-07-18 10:13:04 +00:00
Paul Bakker
545570e208
- Added initialization for RSA where needed
2010-07-18 09:00:25 +00:00
Paul Bakker
b572adf5e6
- Removed dependency on rand() in rsa_pkcs1_encrypt(). Now using random fuction provided to context
...
- Expanded ssl_client2 arguments for more flexibility
- rsa_check_private() now supports PKCS1v2 keys as well
- Fixed deadlock in rsa_pkcs1_encrypt() on failing random generator
2010-07-18 08:29:32 +00:00
Paul Bakker
fc8c4360b8
- Updated copyright line to 2010
2010-03-21 17:37:16 +00:00
Paul Bakker
1f3c39c194
- Removed copyright line for Christophe Devine for clarity
2010-03-21 17:30:05 +00:00