1. 04 Sep, 2018 1 commit
    • Nick Mathewson's avatar
      Rename crypto_pk_check_key(), use it more reasonably, add tests · 600e046e
      Nick Mathewson authored
      This function was a wrapper around RSA_check_key() in openssl, which
      checks for invalid RSA private keys (like those where p or q are
      composite, or where d is not the inverse of e, or where n != p*q).
      We don't need a function like this in NSS, since unlike OpenSSL, NSS
      won't let you import a bogus private key.
      
      I've renamed the function and changed its return type to make it
      more reasonable, and added a unit test for trying to read a key
      where n != p*q.
      600e046e
  2. 21 Aug, 2018 3 commits
    • Nick Mathewson's avatar
      When enabling NSS, disable OpenSSL. · 6a88d8f6
      Nick Mathewson authored
      We used to link both libraries at once, but now that I'm working on
      TLS, there's nothing left to keep OpenSSL around for when NSS is
      enabled.
      
      Note that this patch causes a couple of places that still assumed
      OpenSSL to be disabled when NSS is enabled
         - tor-gencert
         - pbkdf2
      6a88d8f6
    • Nick Mathewson's avatar
      Refactor crypto_rsa to use pem module. · b94e7de7
      Nick Mathewson authored
      This cleans up a lot of junk from crypto_rsa_openssl, and will
      save us duplicated code in crypto_rsa_nss (when it exists).
      
      (Actually, it already exists, but I am going to use git rebase so
      that this commit precedes the creation of crypto_rsa_nss.)
      b94e7de7
    • Nick Mathewson's avatar
      Rename functions that encode/decode private keys · 0f971d7c
      Nick Mathewson authored
      It is not nice to expose a private key's contents without having the
      function name advertise the fact.  Fortunately, we weren't misusing
      these yet.
      0f971d7c
  3. 31 Jul, 2018 1 commit
  4. 11 Jul, 2018 1 commit
  5. 05 Jul, 2018 2 commits
  6. 03 Jul, 2018 2 commits
  7. 01 Jul, 2018 4 commits
  8. 21 Jun, 2018 1 commit
  9. 20 Jun, 2018 2 commits
  10. 19 Jun, 2018 1 commit
  11. 24 May, 2018 1 commit
  12. 21 May, 2018 1 commit
  13. 06 Apr, 2018 1 commit
  14. 15 Sep, 2017 1 commit
  15. 13 Sep, 2017 2 commits
  16. 24 Aug, 2017 3 commits
  17. 24 Jul, 2017 1 commit
  18. 28 Jun, 2017 1 commit
  19. 27 Jun, 2017 2 commits
  20. 07 Apr, 2017 1 commit
    • Taylor Yu's avatar
      Test odd-sized base64 decodes · 00ffefb4
      Taylor Yu authored
      Test base64_decode() with odd sized decoded lengths, including
      unpadded encodings and padded encodings with "right-sized" output
      buffers.  Convert calls to base64_decode_nopad() to base64_decode()
      because base64_decode_nopad() is redundant.
      00ffefb4
  21. 31 Mar, 2017 2 commits
  22. 15 Mar, 2017 1 commit
  23. 14 Dec, 2016 2 commits
  24. 16 Sep, 2016 2 commits
    • Nick Mathewson's avatar
      Add support for AES256 and AES192 · 6cb9c2cf
      Nick Mathewson authored
      (This will be used by prop224)
      6cb9c2cf
    • Nick Mathewson's avatar
      Simplify the crypto_cipher_t interface and structure · ff116b78
      Nick Mathewson authored
      Previously, the IV and key were stored in the structure, even though
      they mostly weren't needed.  The only purpose they had was to
      support a seldom-used API where you could pass NULL when creating
      a cipher in order to get a random key/IV, and then pull that key/IV
      back out.
      
      This saves 32 bytes per AES instance, and makes it easier to support
      different key lengths.
      ff116b78
  25. 09 Sep, 2016 1 commit