haskell/cryptonite
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,125 Commits 15 Branches 30 Tags 2.5 MiB
15327ecd4f
Commit Graph

138 Commits

Author SHA1 Message Date
Olivier Chéron
15327ecd4f ECDSA with a type class 2019-11-11 17:46:16 +01:00
Olivier Chéron
8f75165f8b Time-constant P256 scalar inversion 2019-11-11 17:46:16 +01:00
Olivier Chéron
977e75f478 Add P256 functions to implement ECDSA 2019-11-11 17:46:16 +01:00
Olivier Chéron
6f2a59e470 Apply hlint suggestions 2019-10-05 08:34:12 +02:00
Olivier Chéron
2e92639679 Add P256.scalarMul 2019-10-05 08:34:12 +02:00
Olivier Chéron
158d8dfd0c Remove unnecessary imports 2019-05-08 10:22:30 +02:00
Olivier Chéron
e3edc100c3 Remove unnecessary import 2019-03-24 07:59:57 +01:00
Olivier Chéron
3253501166 Time-constant P256.scalarAdd and P256.scalarSub 2019-03-21 07:04:01 +01:00
Olivier Chéron
299140f884 Remove unnecessary hash arguments 
We don't need to give the hash algorithm as a separate argument since
it is already available from the digest value itself.
 2019-03-01 06:28:55 +01:00
Olivier Chéron
997cea369b Rename to signDigestWith 2019-03-01 06:28:55 +01:00
Baojun Wang
b55a93dfdc add ECDSA sign/verify digest APIs 
(rebased from commit 045793427e8d46594b0b2afedb314d027ec707ab)
 2019-03-01 06:28:32 +01:00
Crockett
0fb8a73d3b Fixed compiler warnings 2019-02-03 16:06:05 -08:00
Crockett
88596509f0 Changed imports to match style of rest of library 2019-02-03 13:51:01 -08:00
Crockett
109600cec2 Added missing imports and removed duplicate imports. Tests pass. 2019-02-03 13:43:54 -08:00
Crockett
c71a6733dd Unified DSA and ECDSA truncate&hash function. 2019-02-03 13:30:56 -08:00
Crockett
d5003a46a6 Fixed hash truncation bug in DSA; added more KATs from RFC 6979. 2019-01-26 15:15:34 -08:00
Olivier Chéron
1d5947f055 Use any instead of not all 2019-01-15 21:24:31 +01:00
Olivier Chéron
f9ae52327c RSASSA-PSS with key of arbitrary length 
Instead of public_size / private_size which are in bytes only, this
uses function numBits to recover the effective length of the modulus
in bits.  The patch also handles removal of unneeded initial byte when
the length is 1 modulo 8.
 2019-01-12 17:43:49 +01:00
Olivier Chéron
274911c608 Accept hlint suggestions 2019-01-12 17:43:49 +01:00
Olivier Chéron
d964064d80 Use heterogeneous equality 2019-01-12 17:43:49 +01:00
Carlos Rodriguez
ddfdbbd4be Removed unnecessary reference to random. 2018-12-18 20:19:14 +01:00
Carlos Rodriguez
95f0f3d0c9 Fixed typos in name. 2018-11-03 21:17:46 +01:00
Carlos Rodriguez
3165027840
Fixed typo in name. 2018-11-03 21:12:53 +01:00
Carlos Rodriguez
314a9caba7 Merge branch 'master' of https://github.com/haskell-crypto/cryptonite 
# Conflicts:
#	cryptonite.cabal
#	tests/KAT_PubKey.hs
 2018-11-03 20:23:25 +01:00
Olivier Chéron
f4e094aacb Fix PKCS#1 v1.5 padding 
The padding string is at least 8 bytes long + 3 other bytes,
so it should be 11.
 2018-10-29 20:43:02 +01:00
Carlos Rodriguez
c285d7f527 Added OAEP scheme and created test vectors for Rabin cryptosystem. 2018-10-06 16:53:22 +02:00
Carlos Rodriguez
e7b3abebf8 Implemented Rabin cryptosystem and some of its variations (including Rabin-Williams). 2018-09-06 20:27:32 +02:00
Olivier Chéron
d0ac50c1af Additional QA clean-up 2018-04-29 10:43:55 +02:00
Chris Martin
d2da00445d fix spelling of "exponent" 2018-04-05 21:44:40 -04:00
Vincent Hanquez
6346b8289c
Merge pull request #202 from ocheron/ed25519-arith-negate 
Ed25519 arithmetic primitives
 2017-12-17 18:12:50 +00:00
Olivier Chéron
3aaa89d52e Add missing NFData instances 2017-11-27 20:43:08 +01:00
Olivier Chéron
8d7e0d236c Add P256.pointNegate 2017-11-20 19:28:17 +01:00
Olivier Chéron
b8b59be5a5 Normalize result of ECC.pointNegate 2017-11-20 19:28:17 +01:00
Olivier Chéron
4f7d742461 Export and test ECC.pointNegate 2017-11-20 19:28:16 +01:00
Chris Martin
f77994a729 Various documentation copy editing 2017-11-18 14:27:44 -05:00
Olivier Chéron
9b56689885 Check that ECDH and ECIES result is not point-at-infinity 
This guards against invalid public keys when curves have a cofactor.

Fixes #178
 2017-07-05 22:24:22 +02:00
Olivier Chéron
aec6af5de4 Add note about P256 encoding of point-at-infinity 2017-07-05 22:24:22 +02:00
Olivier Chéron
8e274f8e60 Validate output point when calling P256.pointFromBinary 
Function unsafePointFromBinary is added when validation is not needed.
 2017-07-05 22:24:22 +02:00
Fraser Tweedale
f6c1f21e59 clarify padding requirements for PKCS15 encrypt/decrypt 
The types do not say whether it is necessary to apply pad/unpad to
the input/output of the PKCS15 encrypt/decrypt functions.  Add
comments to clarify that it is not necessary to manually pad/unpad
the message.
 2017-06-26 15:30:01 +02:00
Olivier Chéron
a879845434 Add note about the optional all-zero test 
This is actually a lie: the condition is tested in both curve
implementations but not returned by the Haskell API.  Will be a reminder to
add this in the future.  A function 'allocRetAndFreeze' could be useful.
 2017-06-04 19:25:19 +02:00
Olivier Chéron
75e3bd555e Add Show instances for EdDSA secret keys 
Other algorithms define Show instances for their secrets.
Here ScrubbedBytes will obfuscate the content anyway.

Will be useful for X509.PrivKey, which requires a Show instance.
 2017-06-04 19:25:19 +02:00
Olivier Chéron
6805ddd4f7 Add support for Ed448 
This replaces the Diffie-Hellman API that was previously exported.
 2017-06-04 19:25:19 +02:00
Olivier Chéron
6fb412e2af Use decaf_x448_derive_public_key 2017-06-04 19:25:19 +02:00
Olivier Chéron
23b359d842 Switch Haskell APIs to decaf implementation 
Module 'Curve448' now use decaf.
 2017-06-04 19:25:19 +02:00
Olivier Chéron
ac7eaac523 Simplify Ed25519.generateSecretKey 2017-06-02 19:37:25 +02:00
Baojun Wang
a8902fe119 remove redundant condition test on `hashLen /= B.length mHash` 2017-05-18 21:00:14 -07:00
Baojun Wang
4270f00277 Use `Digest hash` to represent message digest 2017-05-16 10:54:31 -07:00
Baojun Wang
f9a0bc3c53 Allow sign/verify digest directly 
currently sign/verify works on message directly, it would be nice if PSS could sign/verify digest directly. This is useful for:

  1) for some signing server it only has a digest (without message)
  2) message could be very large, for cases when client need request a singing server to sign, it may make more sense for the client to compute digest, then ask server to (PSS) sign the digest
  3) openSSL pkeyutl (PSS) sign operation signs with digest only, not the message, it would be nice to work with openSSL more easily 

*openSSL command line:
```shell
openssl pkeyutl -pkeyopt rsa_padding_mode:pss -pkeyopt rsa_pss_saltlen:-1  -pkeyopt digest:sha256 -sign -inkey "pri.key" -in hmac.bin > sig.bin
openssl pkeyutl -pkeyopt rsa_padding_mode:pss -pkeyopt rsa_pss_saltlen:-1  -pkeyopt digest:sha256 -verify -inkey "pri.key" -in hmac.bin -sigfile sig.bin
```
 2017-05-15 19:42:19 -07:00
Parnell Springmeyer
94d67ad86d
ed25519: Adding generateSecretKey and a unit test 2017-05-02 16:18:26 -05:00
Kazu Yamamoto
697fe61f9b using pointSize in withTempPoint to fix #151. 2017-04-11 20:32:57 +09:00