| Age | Commit message (Collapse) | Author |
|---|
|
Private-key validation is fairly expensive for long keys in openssl,
so we need to avoid it sooner.
|
|
|
|
|
|
This function was a wrapper around RSA_check_key() in openssl, which
checks for invalid RSA private keys (like those where p or q are
composite, or where d is not the inverse of e, or where n != p*q).
We don't need a function like this in NSS, since unlike OpenSSL, NSS
won't let you import a bogus private key.
I've renamed the function and changed its return type to make it
more reasonable, and added a unit test for trying to read a key
where n != p*q.
|
|
7 unit tests are failing at this point, but they're all TLS-related.
|
|
|
|
This cleans up a lot of junk from crypto_rsa_openssl, and will
save us duplicated code in crypto_rsa_nss (when it exists).
(Actually, it already exists, but I am going to use git rebase so
that this commit precedes the creation of crypto_rsa_nss.)
|
|
|
|
These functions exist only to expose RSA keys to other places in Tor
that use OpenSSL; let's be specific about their purpose.
|
|
It is not nice to expose a private key's contents without having the
function name advertise the fact. Fortunately, we weren't misusing
these yet.
|
|
|
|
|
|
Fun fact: these files used to be called log.[ch] until we ran into
conflicts with systems having a log.h file. But now that we always
include "lib/log/log.h", we should be fine.
|
|
|
|
|
|
You have no idea how glad I am that this is automated.
|
|
|
|
I am calling the crypto library "crypt_ops", since I want
higher-level crypto things to be separated from lower-level ones.
This library will hold only the low-level ones, once we have it
refactored.
|
