aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorlloyd <[email protected]>2012-04-05 01:18:10 +0000
committerlloyd <[email protected]>2012-04-05 01:18:10 +0000
commitf4ae793a4af5d0c9883a2a1555a539c925982239 (patch)
treee694abb6a5140cebdf2f16a3b493805744aee8cd /src
parentfedd69e75ffe23c6249d49e4d23cc1b4ae2823aa (diff)
parentcdde9a171e3fcb164e7946c198ba4d8f9ef486fb (diff)
propagate from branch 'net.randombit.botan' (head 91305e3daaae9ea8a1786daf058d961991c68251)
to branch 'net.randombit.botan.tls-state-machine' (head 474a00b316f5b21a4e56033d4d990d87d9d3eed6)
Diffstat (limited to 'src')
-rw-r--r--src/block/camellia/camellia.cpp267
-rw-r--r--src/block/camellia/camellia.h4
-rw-r--r--src/constructs/srp6/srp6.cpp47
-rw-r--r--src/constructs/srp6/srp6.h68
-rw-r--r--src/entropy/cryptoapi_rng/es_capi.cpp2
-rw-r--r--src/entropy/dev_random/dev_random.cpp9
-rw-r--r--src/entropy/egd/es_egd.cpp2
-rw-r--r--src/entropy/proc_walk/es_ftw.cpp83
-rw-r--r--src/libstate/global_rng.cpp2
-rw-r--r--src/libstate/policy.cpp98
-rw-r--r--src/math/numbertheory/numthry.cpp2
-rw-r--r--src/pubkey/ec_group/ec_group.h4
-rw-r--r--src/pubkey/ecdh/ecdh.h1
-rw-r--r--src/pubkey/pk_algs.cpp14
-rw-r--r--src/pubkey/workfactor.cpp55
-rw-r--r--src/pubkey/workfactor.h2
-rw-r--r--src/rng/hmac_rng/hmac_rng.cpp20
-rw-r--r--src/selftest/selftest.cpp4
-rw-r--r--src/tls/info.txt2
-rw-r--r--src/wrap/python/filter.cpp5
20 files changed, 400 insertions, 291 deletions
diff --git a/src/block/camellia/camellia.cpp b/src/block/camellia/camellia.cpp
index 30e638451..054558c35 100644
--- a/src/block/camellia/camellia.cpp
+++ b/src/block/camellia/camellia.cpp
@@ -115,52 +115,30 @@ void Camellia::encrypt_n(const byte in[], byte out[], size_t blocks) const
u64bit D1 = load_be<u64bit>(in, 0);
u64bit D2 = load_be<u64bit>(in, 1);
- D1 ^= K[0];
- D2 ^= K[1];
- D2 ^= F(D1, K[2]);
- D1 ^= F(D2, K[3]);
- D2 ^= F(D1, K[4]);
- D1 ^= F(D2, K[5]);
- D2 ^= F(D1, K[6]);
- D1 ^= F(D2, K[7]);
- D1 = FL (D1, K[8]);
- D2 = FLINV(D2, K[9]);
-
- D2 ^= F(D1, K[10]);
- D1 ^= F(D2, K[11]);
- D2 ^= F(D1, K[12]);
- D1 ^= F(D2, K[13]);
- D2 ^= F(D1, K[14]);
- D1 ^= F(D2, K[15]);
- D1 = FL (D1, K[16]);
- D2 = FLINV(D2, K[17]);
-
- D2 ^= F(D1, K[18]);
- D1 ^= F(D2, K[19]);
- D2 ^= F(D1, K[20]);
- D1 ^= F(D2, K[21]);
- D2 ^= F(D1, K[22]);
- D1 ^= F(D2, K[23]);
-
- if(K.size() == 34)
- {
- D1 = FL (D1, K[24]);
- D2 = FLINV(D2, K[25]);
- D2 ^= F(D1, K[26]);
- D1 ^= F(D2, K[27]);
- D2 ^= F(D1, K[28]);
- D1 ^= F(D2, K[29]);
- D2 ^= F(D1, K[30]);
- D1 ^= F(D2, K[31]);
- D2 ^= K[32];
- D1 ^= K[33];
- }
- else
+ const u64bit* K = &SK[0];
+
+ D1 ^= *K++;
+ D2 ^= *K++;
+
+ while(true)
{
- D2 ^= K[24];
- D1 ^= K[25];
+ D2 ^= F(D1, *K++);
+ D1 ^= F(D2, *K++);
+ D2 ^= F(D1, *K++);
+ D1 ^= F(D2, *K++);
+ D2 ^= F(D1, *K++);
+ D1 ^= F(D2, *K++);
+
+ if(K == &SK[SK.size()-2])
+ break;
+
+ D1 = FL (D1, *K++);
+ D2 = FLINV(D2, *K++);
}
+ D2 ^= *K++;
+ D1 ^= *K++;
+
store_be(out, D2, D1);
in += BLOCK_SIZE;
@@ -180,52 +158,29 @@ void Camellia::decrypt_n(const byte in[], byte out[], size_t blocks) const
u64bit D1 = load_be<u64bit>(in, 0);
u64bit D2 = load_be<u64bit>(in, 1);
- if(K.size() == 34)
- {
- D1 ^= K[32];
- D2 ^= K[33];
-
- D2 ^= F(D1, K[31]);
- D1 ^= F(D2, K[30]);
- D2 ^= F(D1, K[29]);
- D1 ^= F(D2, K[28]);
- D2 ^= F(D1, K[27]);
- D1 ^= F(D2, K[26]);
- D1 = FL (D1, K[25]);
- D2 = FLINV(D2, K[24]);
- }
- else
+ const u64bit* K = &SK[SK.size()-1];
+
+ D2 ^= *K--;
+ D1 ^= *K--;
+
+ while(true)
{
- D1 ^= K[24];
- D2 ^= K[25];
+ D2 ^= F(D1, *K--);
+ D1 ^= F(D2, *K--);
+ D2 ^= F(D1, *K--);
+ D1 ^= F(D2, *K--);
+ D2 ^= F(D1, *K--);
+ D1 ^= F(D2, *K--);
+
+ if(K == &SK[1])
+ break;
+
+ D1 = FL (D1, *K--);
+ D2 = FLINV(D2, *K--);
}
- D2 ^= F(D1, K[23]);
- D1 ^= F(D2, K[22]);
- D2 ^= F(D1, K[21]);
- D1 ^= F(D2, K[20]);
- D2 ^= F(D1, K[19]);
- D1 ^= F(D2, K[18]);
- D1 = FL (D1, K[17]);
- D2 = FLINV(D2, K[16]);
-
- D2 ^= F(D1, K[15]);
- D1 ^= F(D2, K[14]);
- D2 ^= F(D1, K[13]);
- D1 ^= F(D2, K[12]);
- D2 ^= F(D1, K[11]);
- D1 ^= F(D2, K[10]);
- D1 = FL (D1, K[ 9]);
- D2 = FLINV(D2, K[ 8]);
-
- D2 ^= F(D1, K[ 7]);
- D1 ^= F(D2, K[ 6]);
- D2 ^= F(D1, K[ 5]);
- D1 ^= F(D2, K[ 4]);
- D2 ^= F(D1, K[ 3]);
- D1 ^= F(D2, K[ 2]);
- D2 ^= K[0];
- D1 ^= K[1];
+ D1 ^= *K--;
+ D2 ^= *K;
store_be(out, D2, D1);
@@ -277,79 +232,79 @@ void Camellia::key_schedule(const byte key[], size_t length)
if(length == 16)
{
- K.resize(26);
-
- K[ 0] = KL_H;
- K[ 1] = KL_L;
- K[ 2] = KA_H;
- K[ 3] = KA_L;
- K[ 4] = left_rot_hi(KL_H, KL_L, 15);
- K[ 5] = left_rot_lo(KL_H, KL_L, 15);
- K[ 6] = left_rot_hi(KA_H, KA_L, 15);
- K[ 7] = left_rot_lo(KA_H, KA_L, 15);
- K[ 8] = left_rot_hi(KA_H, KA_L, 30);
- K[ 9] = left_rot_lo(KA_H, KA_L, 30);
- K[10] = left_rot_hi(KL_H, KL_L, 45);
- K[11] = left_rot_lo(KL_H, KL_L, 45);
- K[12] = left_rot_hi(KA_H, KA_L, 45);
- K[13] = left_rot_lo(KL_H, KL_L, 60);
- K[14] = left_rot_hi(KA_H, KA_L, 60);
- K[15] = left_rot_lo(KA_H, KA_L, 60);
- K[16] = left_rot_lo(KL_H, KL_L, 77-64);
- K[17] = left_rot_hi(KL_H, KL_L, 77-64);
- K[18] = left_rot_lo(KL_H, KL_L, 94-64);
- K[19] = left_rot_hi(KL_H, KL_L, 94-64);
- K[20] = left_rot_lo(KA_H, KA_L, 94-64);
- K[21] = left_rot_hi(KA_H, KA_L, 94-64);
- K[22] = left_rot_lo(KL_H, KL_L, 111-64);
- K[23] = left_rot_hi(KL_H, KL_L, 111-64);
- K[24] = left_rot_lo(KA_H, KA_L, 111-64);
- K[25] = left_rot_hi(KA_H, KA_L, 111-64);
+ SK.resize(26);
+
+ SK[ 0] = KL_H;
+ SK[ 1] = KL_L;
+ SK[ 2] = KA_H;
+ SK[ 3] = KA_L;
+ SK[ 4] = left_rot_hi(KL_H, KL_L, 15);
+ SK[ 5] = left_rot_lo(KL_H, KL_L, 15);
+ SK[ 6] = left_rot_hi(KA_H, KA_L, 15);
+ SK[ 7] = left_rot_lo(KA_H, KA_L, 15);
+ SK[ 8] = left_rot_hi(KA_H, KA_L, 30);
+ SK[ 9] = left_rot_lo(KA_H, KA_L, 30);
+ SK[10] = left_rot_hi(KL_H, KL_L, 45);
+ SK[11] = left_rot_lo(KL_H, KL_L, 45);
+ SK[12] = left_rot_hi(KA_H, KA_L, 45);
+ SK[13] = left_rot_lo(KL_H, KL_L, 60);
+ SK[14] = left_rot_hi(KA_H, KA_L, 60);
+ SK[15] = left_rot_lo(KA_H, KA_L, 60);
+ SK[16] = left_rot_lo(KL_H, KL_L, 77-64);
+ SK[17] = left_rot_hi(KL_H, KL_L, 77-64);
+ SK[18] = left_rot_lo(KL_H, KL_L, 94-64);
+ SK[19] = left_rot_hi(KL_H, KL_L, 94-64);
+ SK[20] = left_rot_lo(KA_H, KA_L, 94-64);
+ SK[21] = left_rot_hi(KA_H, KA_L, 94-64);
+ SK[22] = left_rot_lo(KL_H, KL_L, 111-64);
+ SK[23] = left_rot_hi(KL_H, KL_L, 111-64);
+ SK[24] = left_rot_lo(KA_H, KA_L, 111-64);
+ SK[25] = left_rot_hi(KA_H, KA_L, 111-64);
}
else
{
- K.resize(34);
-
- K[ 0] = KL_H;
- K[ 1] = KL_L;
- K[ 2] = KB_H;
- K[ 3] = KB_L;
-
- K[ 4] = left_rot_hi(KR_H, KR_L, 15);
- K[ 5] = left_rot_lo(KR_H, KR_L, 15);
- K[ 6] = left_rot_hi(KA_H, KA_L, 15);
- K[ 7] = left_rot_lo(KA_H, KA_L, 15);
-
- K[ 8] = left_rot_hi(KR_H, KR_L, 30);
- K[ 9] = left_rot_lo(KR_H, KR_L, 30);
- K[10] = left_rot_hi(KB_H, KB_L, 30);
- K[11] = left_rot_lo(KB_H, KB_L, 30);
-
- K[12] = left_rot_hi(KL_H, KL_L, 45);
- K[13] = left_rot_lo(KL_H, KL_L, 45);
- K[14] = left_rot_hi(KA_H, KA_L, 45);
- K[15] = left_rot_lo(KA_H, KA_L, 45);
-
- K[16] = left_rot_hi(KL_H, KL_L, 60);
- K[17] = left_rot_lo(KL_H, KL_L, 60);
- K[18] = left_rot_hi(KR_H, KR_L, 60);
- K[19] = left_rot_lo(KR_H, KR_L, 60);
- K[20] = left_rot_hi(KB_H, KB_L, 60);
- K[21] = left_rot_lo(KB_H, KB_L, 60);
-
- K[22] = left_rot_lo(KL_H, KL_L, 77-64);
- K[23] = left_rot_hi(KL_H, KL_L, 77-64);
- K[24] = left_rot_lo(KA_H, KA_L, 77-64);
- K[25] = left_rot_hi(KA_H, KA_L, 77-64);
-
- K[26] = left_rot_lo(KR_H, KR_L, 94-64);
- K[27] = left_rot_hi(KR_H, KR_L, 94-64);
- K[28] = left_rot_lo(KA_H, KA_L, 94-64);
- K[29] = left_rot_hi(KA_H, KA_L, 94-64);
- K[30] = left_rot_lo(KL_H, KL_L, 111-64);
- K[31] = left_rot_hi(KL_H, KL_L, 111-64);
- K[32] = left_rot_lo(KB_H, KB_L, 111-64);
- K[33] = left_rot_hi(KB_H, KB_L, 111-64);
+ SK.resize(34);
+
+ SK[ 0] = KL_H;
+ SK[ 1] = KL_L;
+ SK[ 2] = KB_H;
+ SK[ 3] = KB_L;
+
+ SK[ 4] = left_rot_hi(KR_H, KR_L, 15);
+ SK[ 5] = left_rot_lo(KR_H, KR_L, 15);
+ SK[ 6] = left_rot_hi(KA_H, KA_L, 15);
+ SK[ 7] = left_rot_lo(KA_H, KA_L, 15);
+
+ SK[ 8] = left_rot_hi(KR_H, KR_L, 30);
+ SK[ 9] = left_rot_lo(KR_H, KR_L, 30);
+ SK[10] = left_rot_hi(KB_H, KB_L, 30);
+ SK[11] = left_rot_lo(KB_H, KB_L, 30);
+
+ SK[12] = left_rot_hi(KL_H, KL_L, 45);
+ SK[13] = left_rot_lo(KL_H, KL_L, 45);
+ SK[14] = left_rot_hi(KA_H, KA_L, 45);
+ SK[15] = left_rot_lo(KA_H, KA_L, 45);
+
+ SK[16] = left_rot_hi(KL_H, KL_L, 60);
+ SK[17] = left_rot_lo(KL_H, KL_L, 60);
+ SK[18] = left_rot_hi(KR_H, KR_L, 60);
+ SK[19] = left_rot_lo(KR_H, KR_L, 60);
+ SK[20] = left_rot_hi(KB_H, KB_L, 60);
+ SK[21] = left_rot_lo(KB_H, KB_L, 60);
+
+ SK[22] = left_rot_lo(KL_H, KL_L, 77-64);
+ SK[23] = left_rot_hi(KL_H, KL_L, 77-64);
+ SK[24] = left_rot_lo(KA_H, KA_L, 77-64);
+ SK[25] = left_rot_hi(KA_H, KA_L, 77-64);
+
+ SK[26] = left_rot_lo(KR_H, KR_L, 94-64);
+ SK[27] = left_rot_hi(KR_H, KR_L, 94-64);
+ SK[28] = left_rot_lo(KA_H, KA_L, 94-64);
+ SK[29] = left_rot_hi(KA_H, KA_L, 94-64);
+ SK[30] = left_rot_lo(KL_H, KL_L, 111-64);
+ SK[31] = left_rot_hi(KL_H, KL_L, 111-64);
+ SK[32] = left_rot_lo(KB_H, KB_L, 111-64);
+ SK[33] = left_rot_hi(KB_H, KB_L, 111-64);
}
}
diff --git a/src/block/camellia/camellia.h b/src/block/camellia/camellia.h
index 7795f1fcf..aaf3ad9e3 100644
--- a/src/block/camellia/camellia.h
+++ b/src/block/camellia/camellia.h
@@ -21,13 +21,13 @@ class BOTAN_DLL Camellia : public Block_Cipher_Fixed_Params<16, 16, 32, 8>
void encrypt_n(const byte in[], byte out[], size_t blocks) const;
void decrypt_n(const byte in[], byte out[], size_t blocks) const;
- void clear() { K.clear(); }
+ void clear() { SK.clear(); }
std::string name() const { return "Camellia"; }
BlockCipher* clone() const { return new Camellia; }
private:
void key_schedule(const byte key[], size_t length);
- SecureVector<u64bit> K;
+ SecureVector<u64bit> SK;
};
}
diff --git a/src/constructs/srp6/srp6.cpp b/src/constructs/srp6/srp6.cpp
index 287f0bdfb..cb9bf27bc 100644
--- a/src/constructs/srp6/srp6.cpp
+++ b/src/constructs/srp6/srp6.cpp
@@ -69,14 +69,37 @@ BigInt compute_x(const std::string& hash_id,
}
+std::string srp6_group_identifier(const BigInt& N, const BigInt& g)
+ {
+ /*
+ This function assumes that only one 'standard' SRP parameter set has
+ been defined for a particular bitsize. As of this writing that is the case.
+ */
+ try
+ {
+ const std::string group_name = "modp/srp/" + to_string(N.bits());
+
+ DL_Group group(group_name);
+
+ if(group.get_p() == N && group.get_g() == g)
+ return group_name;
+
+ throw std::runtime_error("Unknown SRP params");
+ }
+ catch(...)
+ {
+ throw Invalid_Argument("Bad SRP group parameters");
+ }
+ }
+
std::pair<BigInt, SymmetricKey>
-SRP6_Client_Session:: step1(const std::string& identifier,
- const std::string& password,
- const std::string& group_id,
- const std::string& hash_id,
- const MemoryRegion<byte>& salt,
- const BigInt& B,
- RandomNumberGenerator& rng)
+srp6_client_agree(const std::string& identifier,
+ const std::string& password,
+ const std::string& group_id,
+ const std::string& hash_id,
+ const MemoryRegion<byte>& salt,
+ const BigInt& B,
+ RandomNumberGenerator& rng)
{
DL_Group group(group_id);
const BigInt& g = group.get_g();
@@ -104,11 +127,11 @@ SRP6_Client_Session:: step1(const std::string& identifier,
return std::make_pair(A, Sk);
}
-BigInt SRP6_Client_Session::generate_verifier(const std::string& identifier,
- const std::string& password,
- const MemoryRegion<byte>& salt,
- const std::string& group_id,
- const std::string& hash_id)
+BigInt generate_srp6_verifier(const std::string& identifier,
+ const std::string& password,
+ const MemoryRegion<byte>& salt,
+ const std::string& group_id,
+ const std::string& hash_id)
{
const BigInt x = compute_x(hash_id, identifier, password, salt);
diff --git a/src/constructs/srp6/srp6.h b/src/constructs/srp6/srp6.h
index 01bd2a4c7..bf5cb4863 100644
--- a/src/constructs/srp6/srp6.h
+++ b/src/constructs/srp6/srp6.h
@@ -17,44 +17,42 @@
namespace Botan {
/**
-* Represents a SRP-6a client session
+* SRP6a Client side
+* @param username the username we are attempting login for
+* @param password the password we are attempting to use
+* @param group_id specifies the shared SRP group
+* @param hash_id specifies a secure hash function
+* @param salt is the salt value sent by the server
+* @param B is the server's public value
+* @param rng is a random number generator
+*
+* @return (A,K) the client public key and the shared secret key
*/
-class BOTAN_DLL SRP6_Client_Session
- {
- public:
+std::pair<BigInt,SymmetricKey> srp6_client_agree(const std::string& username,
+ const std::string& password,
+ const std::string& group_id,
+ const std::string& hash_id,
+ const MemoryRegion<byte>& salt,
+ const BigInt& B,
+ RandomNumberGenerator& rng);
- /**
- * Client side step 1
- * @param username the username we are attempting login for
- * @param password the password we are attempting to use
- * @param group_id specifies the shared SRP group
- * @param hash_id specifies a secure hash function
- * @param salt is the salt value sent by the server
- * @param B is the server's public value
- * @param rng is a random number generator
- *
- * @return (A,K) the client public key and the shared secret key
- */
- std::pair<BigInt,SymmetricKey> step1(const std::string& username,
- const std::string& password,
- const std::string& group_id,
- const std::string& hash_id,
- const MemoryRegion<byte>& salt,
- const BigInt& B,
- RandomNumberGenerator& rng);
+/**
+* Generate a new SRP-6 verifier
+* @param identifier a username or other client identifier
+* @param password the secret used to authenticate user
+* @param salt a randomly chosen value, at least 128 bits long
+*/
+BigInt generate_srp6_verifier(const std::string& identifier,
+ const std::string& password,
+ const MemoryRegion<byte>& salt,
+ const std::string& group_id,
+ const std::string& hash_id);
- /**
- * Generate a new SRP-6 verifier
- * @param identifier a username or other client identifier
- * @param password the secret used to authenticate user
- * @param salt a randomly chosen value, at least 128 bits long
- */
- static BigInt generate_verifier(const std::string& identifier,
- const std::string& password,
- const MemoryRegion<byte>& salt,
- const std::string& group_id,
- const std::string& hash_id);
- };
+/**
+* Return the group id for this SRP param set, or else thrown an
+* exception
+*/
+std::string srp6_group_identifier(const BigInt& N, const BigInt& g);
/**
* Represents a SRP-6a server session
diff --git a/src/entropy/cryptoapi_rng/es_capi.cpp b/src/entropy/cryptoapi_rng/es_capi.cpp
index d3d076641..c9069ce65 100644
--- a/src/entropy/cryptoapi_rng/es_capi.cpp
+++ b/src/entropy/cryptoapi_rng/es_capi.cpp
@@ -65,7 +65,7 @@ void Win32_CAPI_EntropySource::poll(Entropy_Accumulator& accum)
if(got)
{
- accum.add(&io_buffer[0], io_buffer.size(), 8);
+ accum.add(&io_buffer[0], io_buffer.size(), 6);
break;
}
}
diff --git a/src/entropy/dev_random/dev_random.cpp b/src/entropy/dev_random/dev_random.cpp
index d14ae43ae..9e4f0b373 100644
--- a/src/entropy/dev_random/dev_random.cpp
+++ b/src/entropy/dev_random/dev_random.cpp
@@ -105,9 +105,12 @@ Device_EntropySource::~Device_EntropySource()
*/
void Device_EntropySource::poll(Entropy_Accumulator& accum)
{
- size_t go_get = std::min<size_t>(accum.desired_remaining_bits() / 8, 48);
+ const size_t ENTROPY_BITS_PER_BYTE = 7;
- size_t read_wait_ms = std::max<size_t>(go_get, 1000);
+ const size_t go_get = std::min<size_t>(
+ accum.desired_remaining_bits() / ENTROPY_BITS_PER_BYTE, 32);
+
+ const size_t read_wait_ms = std::max<size_t>(go_get, 100);
MemoryRegion<byte>& io_buffer = accum.get_io_buffer(go_get);
for(size_t i = 0; i != devices.size(); ++i)
@@ -117,7 +120,7 @@ void Device_EntropySource::poll(Entropy_Accumulator& accum)
if(got)
{
- accum.add(&io_buffer[0], got, 8);
+ accum.add(&io_buffer[0], got, ENTROPY_BITS_PER_BYTE);
break;
}
}
diff --git a/src/entropy/egd/es_egd.cpp b/src/entropy/egd/es_egd.cpp
index b2b629930..e0ebf9509 100644
--- a/src/entropy/egd/es_egd.cpp
+++ b/src/entropy/egd/es_egd.cpp
@@ -147,7 +147,7 @@ void EGD_EntropySource::poll(Entropy_Accumulator& accum)
if(got)
{
- accum.add(&io_buffer[0], got, 8);
+ accum.add(&io_buffer[0], got, 6);
break;
}
}
diff --git a/src/entropy/proc_walk/es_ftw.cpp b/src/entropy/proc_walk/es_ftw.cpp
index 5d58f9869..8b4408aee 100644
--- a/src/entropy/proc_walk/es_ftw.cpp
+++ b/src/entropy/proc_walk/es_ftw.cpp
@@ -1,6 +1,6 @@
/*
* FTW EntropySource
-* (C) 1999-2008 Jack Lloyd
+* (C) 1999-2008,2012 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
@@ -41,60 +41,81 @@ namespace {
class Directory_Walker : public File_Descriptor_Source
{
public:
- Directory_Walker(const std::string& root) { add_directory(root); }
- ~Directory_Walker();
+ Directory_Walker(const std::string& root) :
+ m_cur_dir(std::make_pair<DIR*, std::string>(0, ""))
+ {
+ if(DIR* root_dir = ::opendir(root.c_str()))
+ m_cur_dir = std::make_pair(root_dir, root);
+ }
+
+ ~Directory_Walker()
+ {
+ if(m_cur_dir.first)
+ ::closedir(m_cur_dir.first);
+ }
int next_fd();
private:
- void add_directory(const std::string&);
+ void add_directory(const std::string& dirname)
+ {
+ m_dirlist.push_back(dirname);
+ }
- std::deque<std::pair<DIR*, std::string> > dirs;
- };
+ std::pair<struct dirent*, std::string> get_next_dirent();
-void Directory_Walker::add_directory(const std::string& dirname)
- {
- DIR* dir = ::opendir(dirname.c_str());
- if(dir)
- dirs.push_back(std::make_pair(dir, dirname));
- }
+ std::pair<DIR*, std::string> m_cur_dir;
+ std::deque<std::string> m_dirlist;
+ };
-Directory_Walker::~Directory_Walker()
+std::pair<struct dirent*, std::string> Directory_Walker::get_next_dirent()
{
- while(dirs.size())
+ while(m_cur_dir.first)
{
- ::closedir(dirs[0].first);
- dirs.pop_front();
+ struct dirent* dir = ::readdir(m_cur_dir.first);
+
+ if(dir)
+ return std::make_pair<struct dirent*, std::string>(dir, m_cur_dir.second);
+
+ ::closedir(m_cur_dir.first);
+ m_cur_dir = std::make_pair<DIR*, std::string>(0, "");
+
+ while(!m_dirlist.empty() && m_cur_dir.first == 0)
+ {
+ const std::string next_dir_name = m_dirlist[0];
+ m_dirlist.pop_front();
+
+ if(DIR* next_dir = ::opendir(next_dir_name.c_str()))
+ m_cur_dir = std::make_pair(next_dir, next_dir_name);
+ }
}
+
+ return std::make_pair<struct dirent*, std::string>(0, ""); // nothing left
}
int Directory_Walker::next_fd()
{
- while(dirs.size())
+ while(true)
{
- std::pair<DIR*, std::string> dirinfo = dirs[0];
+ std::pair<struct dirent*, std::string> entry = get_next_dirent();
- struct dirent* entry = ::readdir(dirinfo.first);
+ if(!entry.first)
+ break; // no more dirs
- if(!entry)
- {
- ::closedir(dirinfo.first);
- dirs.pop_front();
- continue;
- }
-
- const std::string filename = entry->d_name;
+ const std::string filename = entry.first->d_name;
if(filename == "." || filename == "..")
continue;
- const std::string full_path = dirinfo.second + '/' + filename;
+ const std::string full_path = entry.second + '/' + filename;
struct stat stat_buf;
if(::lstat(full_path.c_str(), &stat_buf) == -1)
continue;
if(S_ISDIR(stat_buf.st_mode))
+ {
add_directory(full_path);
+ }
else if(S_ISREG(stat_buf.st_mode) && (stat_buf.st_mode & S_IROTH))
{
int fd = ::open(full_path.c_str(), O_RDONLY | O_NOCTTY);
@@ -127,12 +148,12 @@ FTW_EntropySource::~FTW_EntropySource()
void FTW_EntropySource::poll(Entropy_Accumulator& accum)
{
- const size_t MAX_FILES_READ_PER_POLL = 1024;
+ const size_t MAX_FILES_READ_PER_POLL = 2048;
if(!dir)
dir = new Directory_Walker(path);
- MemoryRegion<byte>& io_buffer = accum.get_io_buffer(128);
+ MemoryRegion<byte>& io_buffer = accum.get_io_buffer(4096);
for(size_t i = 0; i != MAX_FILES_READ_PER_POLL; ++i)
{
@@ -150,7 +171,7 @@ void FTW_EntropySource::poll(Entropy_Accumulator& accum)
::close(fd);
if(got > 0)
- accum.add(&io_buffer[0], got, .01);
+ accum.add(&io_buffer[0], got, .001);
if(accum.polling_goal_achieved())
break;
diff --git a/src/libstate/global_rng.cpp b/src/libstate/global_rng.cpp
index a73924213..e9ea530ac 100644
--- a/src/libstate/global_rng.cpp
+++ b/src/libstate/global_rng.cpp
@@ -68,7 +68,7 @@ void add_entropy_sources(RandomNumberGenerator* rng)
#if defined(BOTAN_HAS_ENTROPY_SRC_DEV_RANDOM)
rng->add_entropy_source(
new Device_EntropySource(
- split_on("/dev/urandom:/dev/random:/dev/srandom", ':')
+ split_on("/dev/random:/dev/srandom:/dev/urandom", ':')
)
);
#endif
diff --git a/src/libstate/policy.cpp b/src/libstate/policy.cpp
index f91eed1d8..b1da22ce8 100644
--- a/src/libstate/policy.cpp
+++ b/src/libstate/policy.cpp
@@ -37,7 +37,19 @@ void set_default_oids(Library_State& config)
add_oid(config, "1.3.6.1.4.1.3029.1.2.1", "ElGamal");
add_oid(config, "1.3.6.1.4.1.25258.1.1", "RW");
add_oid(config, "1.3.6.1.4.1.25258.1.2", "NR");
- add_oid(config, "1.2.840.10045.2.1", "ECDSA"); // X9.62
+
+ // X9.62 ecPublicKey, valid for ECDSA and ECDH (RFC 3279 sec 2.3.5)
+ add_oid(config, "1.2.840.10045.2.1", "ECDSA");
+
+ /*
+ * This is an OID defined for ECDH keys though rarely used for such.
+ * In this configuration it is accepted on decoding, but not used for
+ * encoding. You can enable it for encoding by calling
+ * global_state().set("str2oid", "ECDH", "1.3.132.1.12")
+ * from your application code.
+ */
+ config.set("oid2str", "1.3.132.1.12", "ECDH");
+
add_oid(config, "1.2.643.2.2.19", "GOST-34.10"); // RFC 4491
/* Ciphers */
@@ -325,6 +337,15 @@ void set_default_dl_groups(Library_State& config)
"NgRlEbmT//////////8="
"-----END X942 DH PARAMETERS-----");
+ config.set("dl", "modp/srp/1536",
+ "-----BEGIN DH PARAMETERS-----"
+ "MIHHAoHBAJ3vPK+5OSd6sfEqhheke7vbpR30maxMgL7uqWFLGcxNX09fVW4ny95R"
+ "xqlL5GB6KRVYkDug0PhDgLZVu5oi6NzfAop87Gfw0IE0sci5eYkUm2CeC+O6tj1H"
+ "VIOB28Wx/HZOP0tT3Z2hFYv9PiucjPVu3wGVOTSWJ9sv1T0kt8SGZXcuQ31sf4zk"
+ "QnNK98y3roN8Jkrjqb64f4ov6bi1KS5aAh//XpFHnoznoowkQsbzFRgPk0maI03P"
+ "duP+0TX5uwIBAg=="
+ "-----END DH PARAMETERS-----");
+
config.set("dl", "modp/ietf/2048",
"-----BEGIN X942 DH PARAMETERS-----"
"MIICDAKCAQEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb"
@@ -376,6 +397,19 @@ void set_default_dl_groups(Library_State& config)
"JcFokFSdaWV//////////w=="
"-----END X942 DH PARAMETERS-----");
+ config.set("dl", "modp/srp/3072",
+ "-----BEGIN DH PARAMETERS-----"
+ "MIIBiAKCAYEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb"
+ "IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft"
+ "awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT"
+ "mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh"
+ "fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq"
+ "5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM"
+ "fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq"
+ "ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqTrS"
+ "yv//////////AgEF"
+ "-----END DH PARAMETERS-----");
+
config.set("dl", "modp/ietf/4096",
"-----BEGIN X942 DH PARAMETERS-----"
"MIIEDAKCAgEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb"
@@ -402,6 +436,21 @@ void set_default_dl_groups(Library_State& config)
"ydp1TEbH7uDDf9vuSFNgR6b6GuSaAxjM//////////8="
"-----END X942 DH PARAMETERS-----");
+ config.set("dl", "modp/srp/4096",
+ "-----BEGIN DH PARAMETERS-----"
+ "MIICCAKCAgEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb"
+ "IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft"
+ "awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT"
+ "mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh"
+ "fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq"
+ "5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM"
+ "fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq"
+ "ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI"
+ "ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O"
+ "+S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI"
+ "HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0BjGZ//////////8CAQU="
+ "-----END DH PARAMETERS-----");
+
config.set("dl", "modp/ietf/6144",
"-----BEGIN X942 DH PARAMETERS-----"
"MIIGDAKCAwEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb"
@@ -439,6 +488,27 @@ void set_default_dl_groups(Library_State& config)
"jzbmIBJ//////////wIBAg=="
"-----END X942 DH PARAMETERS-----");
+ config.set("dl", "modp/srp/6144",
+ "-----BEGIN DH PARAMETERS-----"
+ "MIIDCAKCAwEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb"
+ "IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft"
+ "awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT"
+ "mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh"
+ "fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq"
+ "5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM"
+ "fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq"
+ "ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI"
+ "ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O"
+ "+S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI"
+ "HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0AoSSNsP6tNJ8cCbB1NyyYCZG"
+ "3sl1HnY9uje9+P+UBq2eUw7l2zgvQTABrrBqU+2QJ9gxF5cnsIZaiRjaPtvrz5sU"
+ "7UTObLrO1Lsb238UR+bMJUszIFFRK9evQm+49AE3jNK/WYPKAcZLkuzwMuoV0XId"
+ "A/SC185udP721V5wL0aYDIK1qEAxkAscnlnnyX++x+jzI6l6fjbMiL4PHUW3/1ha"
+ "xUvUB7IrQVSqzI9tfr9I4dgUzF7SD4A34KeXFe7ym+MoBqHVi7fF2nb1UKo9ih+/"
+ "8OsZzLGjE9Vc2lbJ7C7yljI4f+jXbjwEaAQ+j2Y/SGDuEr8tWwt0dNbmlPkebcxA"
+ "JP//////////AgEF"
+ "-----END DH PARAMETERS-----");
+
config.set("dl", "modp/ietf/8192",
"-----BEGIN X942 DH PARAMETERS-----"
"MIIIDAKCBAEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb"
@@ -486,6 +556,32 @@ void set_default_dl_groups(Library_State& config)
"034BNyPKrHIjqzv01U8YKHE7K0pv5A+rdEBctziwZMBuzHbp7///////////AgEC"
"-----END X942 DH PARAMETERS-----");
+ config.set("dl", "modp/srp/8192",
+ "-----BEGIN DH PARAMETERS-----"
+ "MIIECAKCBAEA///////////JD9qiIWjCNMTGYouA3BzRKQJOCIpnzHQCC76mOxOb"
+ "IlFKCHmONATd75UZs806QxswKwpt8l8UN0/hNW1tUcJF5IW1dmJefsb0TELppjft"
+ "awv/XLb0Brft7jhr+1qJn6WunyQRfEsf5kkoZlHs5Fs9wgB8uKFjvwWY2kg2HFXT"
+ "mmkWP6j9JM9fg2VdI9yjrZYcYvNWIIVSu57VKQdwlpZtZww1Tkq8mATxdGwIyhgh"
+ "fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq"
+ "5RXSJhiY+gUQFXKOWoqqxC2tMxcNBFB6M6hVIavfHLpk7PuFBFjb7wqK6nFXXQYM"
+ "fbOXD4Wm4eTHq/WujNsJM9cejJTgSiVhnc7j0iYa0u5r8S/6BtmKCGTYdgJzPshq"
+ "ZFIfKxgXeyAMu+EXV3phXWx3CYjAutlG4gjiT6B05asxQ9tb/OD9EI5LgtEgqSEI"
+ "ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O"
+ "+S6O/BQfvsqmKHxZR05rwF2ZspZPoJDDoiM7oYZRW+ftH2EpcM7i16+4G912IXBI"
+ "HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0AoSSNsP6tNJ8cCbB1NyyYCZG"
+ "3sl1HnY9uje9+P+UBq2eUw7l2zgvQTABrrBqU+2QJ9gxF5cnsIZaiRjaPtvrz5sU"
+ "7UTObLrO1Lsb238UR+bMJUszIFFRK9evQm+49AE3jNK/WYPKAcZLkuzwMuoV0XId"
+ "A/SC185udP721V5wL0aYDIK1qEAxkAscnlnnyX++x+jzI6l6fjbMiL4PHUW3/1ha"
+ "xUvUB7IrQVSqzI9tfr9I4dgUzF7SD4A34KeXFe7ym+MoBqHVi7fF2nb1UKo9ih+/"
+ "8OsZzLGjE9Vc2lbJ7C7yljI4f+jXbjwEaAQ+j2Y/SGDuEr8tWwt0dNbmlPkebb4R"
+ "WXSjkm8S/uXkOHd8tqky34zYvsTQc7kxujvIMraNndMAdB+nv4r8R+0ldvaTa6Qk"
+ "ZjqrY5xa5PVoNCO0dCvxyXgjjxbL451lLeP9uL78hIrZIiIuBKQDfAcT61eoGiPw"
+ "xzRz/GRs6jBrS8vIhi+Dhd36nUt/osCH6HloMwPtW906Bis89bOieKZtKhP4P0T4"
+ "Ld8xDuB0q2o2RZfomaAlXcFk8xzFCEaFHfmrSBld7X6hsdUQvX7nTXP682vDHs+i"
+ "aDWQRvTrh5+SQAlDi0gcbNeImgAu1e44K8kZDab8Am5HlVjkR1Z36aqeMFDidlaU"
+ "38gfVuiAuW5xYMmA3Zjt09///////////wIBEw=="
+ "-----END DH PARAMETERS-----");
+
config.set("dl", "dsa/jce/512",
"-----BEGIN DSA PARAMETERS-----"
"MIGdAkEA/KaCzo4Syrom78z3EQ5SbbB4sF7ey80etKII864WF64B81uRpH5t9jQT"
diff --git a/src/math/numbertheory/numthry.cpp b/src/math/numbertheory/numthry.cpp
index 16fa8ca0c..c7896c17a 100644
--- a/src/math/numbertheory/numthry.cpp
+++ b/src/math/numbertheory/numthry.cpp
@@ -10,8 +10,6 @@
#include <botan/internal/bit_ops.h>
#include <algorithm>
-#include <stdio.h>
-
namespace Botan {
namespace {
diff --git a/src/pubkey/ec_group/ec_group.h b/src/pubkey/ec_group/ec_group.h
index dadc9fba3..59a1918c0 100644
--- a/src/pubkey/ec_group/ec_group.h
+++ b/src/pubkey/ec_group/ec_group.h
@@ -63,8 +63,8 @@ class BOTAN_DLL EC_Group
EC_Group(const OID& oid);
/**
- * Create an EC domain from PEM encoding (as from PEM_encode), or
- * from an OID name (eg "secp256r1", or "1.2.840.10045.3.1.7")
+ * Create an EC domain from PEM encoding (as from PEM_encode),
+ * or from an OID name (eg "secp160r1", or "1.3.132.0.8")
* @param pem_or_oid PEM-encoded data, or an OID
*/
EC_Group(const std::string& pem_or_oid = "");
diff --git a/src/pubkey/ecdh/ecdh.h b/src/pubkey/ecdh/ecdh.h
index 2edbfe86d..6fe0697bf 100644
--- a/src/pubkey/ecdh/ecdh.h
+++ b/src/pubkey/ecdh/ecdh.h
@@ -22,7 +22,6 @@ class BOTAN_DLL ECDH_PublicKey : public virtual EC_PublicKey
{
public:
-
ECDH_PublicKey(const AlgorithmIdentifier& alg_id,
const MemoryRegion<byte>& key_bits) :
EC_PublicKey(alg_id, key_bits) {}
diff --git a/src/pubkey/pk_algs.cpp b/src/pubkey/pk_algs.cpp
index e500cfc2e..9b3218ac4 100644
--- a/src/pubkey/pk_algs.cpp
+++ b/src/pubkey/pk_algs.cpp
@@ -40,6 +40,10 @@
#include <botan/elgamal.h>
#endif
+#if defined(BOTAN_HAS_ECDH)
+ #include <botan/ecdh.h>
+#endif
+
namespace Botan {
Public_Key* make_public_key(const AlgorithmIdentifier& alg_id,
@@ -89,6 +93,11 @@ Public_Key* make_public_key(const AlgorithmIdentifier& alg_id,
return new GOST_3410_PublicKey(alg_id, key_bits);
#endif
+#if defined(BOTAN_HAS_ECDH)
+ if(alg_name == "ECDH")
+ return new ECDH_PublicKey(alg_id, key_bits);
+#endif
+
return 0;
}
@@ -140,6 +149,11 @@ Private_Key* make_private_key(const AlgorithmIdentifier& alg_id,
return new GOST_3410_PrivateKey(alg_id, key_bits);
#endif
+#if defined(BOTAN_HAS_ECDH)
+ if(alg_name == "ECDH")
+ return new ECDH_PrivateKey(alg_id, key_bits);
+#endif
+
return 0;
}
diff --git a/src/pubkey/workfactor.cpp b/src/pubkey/workfactor.cpp
index f3d5d164a..72ba75cf9 100644
--- a/src/pubkey/workfactor.cpp
+++ b/src/pubkey/workfactor.cpp
@@ -1,6 +1,6 @@
/*
* Public Key Work Factor Functions
-* (C) 1999-2007 Jack Lloyd
+* (C) 1999-2007,2012 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
@@ -11,39 +11,40 @@
namespace Botan {
-/*
-* Choose the exponent size for a DL group
-*/
size_t dl_work_factor(size_t bits)
{
-#if 0
/*
- These values were taken from RFC 3526
+ Based on GNFS work factors. Constant is 1.43 times the asymptotic
+ value; I'm not sure but I believe that came from a paper on 'real
+ world' runtimes, but I don't remember where now.
+
+ Sample return values:
+ |512| -> 64
+ |1024| -> 86
+ |1536| -> 102
+ |2048| -> 116
+ |3072| -> 138
+ |4096| -> 155
+ |8192| -> 206
+
+ For DL algos, we use an exponent of twice the size of the result;
+ the assumption is that an arbitrary discrete log on a group of size
+ bits would take about 2^n effort, and thus using an exponent of
+ size 2^(2*n) implies that all available attacks are about as easy
+ (as e.g Pollard's kangaroo algorithm can compute the DL in sqrt(x)
+ operations) while minimizing the exponent size for performance
+ reasons.
*/
- if(bits <= 1536)
- return 90;
- else if(bits <= 2048)
- return 110;
- else if(bits <= 3072)
- return 130;
- else if(bits <= 4096)
- return 150;
- else if(bits <= 6144)
- return 170;
- else if(bits <= 8192)
- return 190;
- return 256;
-#else
- const double MIN_ESTIMATE = 64;
-
- const double log_x = bits / 1.44;
+
+ const size_t MIN_WORKFACTOR = 64;
+
+ // approximates natural logarithm of p
+ const double log_p = bits / 1.4426;
const double strength =
- 2.76 * std::pow(log_x, 1.0/3.0) * std::pow(std::log(log_x), 2.0/3.0);
+ 2.76 * std::pow(log_p, 1.0/3.0) * std::pow(std::log(log_p), 2.0/3.0);
- return static_cast<size_t>(std::max(strength, MIN_ESTIMATE));
-#endif
+ return std::max(static_cast<size_t>(strength), MIN_WORKFACTOR);
}
-
}
diff --git a/src/pubkey/workfactor.h b/src/pubkey/workfactor.h
index bd1a43298..179b580e7 100644
--- a/src/pubkey/workfactor.h
+++ b/src/pubkey/workfactor.h
@@ -13,7 +13,7 @@
namespace Botan {
/**
-* Estimate work factor
+* Estimate work factor for discrete logarithm
* @param prime_group_size size of the group in bits
* @return estimated security level for this group
*/
diff --git a/src/rng/hmac_rng/hmac_rng.cpp b/src/rng/hmac_rng/hmac_rng.cpp
index 7912e58af..74ba522a4 100644
--- a/src/rng/hmac_rng/hmac_rng.cpp
+++ b/src/rng/hmac_rng/hmac_rng.cpp
@@ -75,7 +75,8 @@ void HMAC_RNG::reseed(size_t poll_bits)
while(!accum.polling_goal_achieved() && poll_attempt < poll_bits)
{
- entropy_sources[poll_attempt % entropy_sources.size()]->poll(accum);
+ const size_t src_idx = poll_attempt % entropy_sources.size();
+ entropy_sources[src_idx]->poll(accum);
++poll_attempt;
}
}
@@ -110,7 +111,11 @@ void HMAC_RNG::reseed(size_t poll_bits)
counter = 0;
user_input_len = 0;
- if(accum.bits_collected() >= 128)
+ /*
+ Consider ourselves seeded once we've collected an estimated 128 bits of
+ entropy in a single poll.
+ */
+ if(seeded == false && accum.bits_collected() >= 128)
seeded = true;
}
@@ -119,15 +124,18 @@ void HMAC_RNG::reseed(size_t poll_bits)
*/
void HMAC_RNG::add_entropy(const byte input[], size_t length)
{
+ const size_t USER_ENTROPY_WATERSHED = 20;
+
extractor->update(input, length);
user_input_len += length;
/*
- * After we've accumulated >= 1024 bytes of user input, reseed.
- * This input will automatically have been included if reseed was
- * called already, as it's just included in the extractor input.
+ * After we've accumulated at least USER_ENTROPY_WATERSHED bytes of
+ * user input, reseed. This input will automatically have been
+ * included if reseed was called already, as it's just included in
+ * the extractor input.
*/
- if(user_input_len >= 1024)
+ if(user_input_len >= USER_ENTROPY_WATERSHED)
reseed(128);
}
diff --git a/src/selftest/selftest.cpp b/src/selftest/selftest.cpp
index 7b87bcb61..0dac31cef 100644
--- a/src/selftest/selftest.cpp
+++ b/src/selftest/selftest.cpp
@@ -10,8 +10,6 @@
#include <botan/internal/core_engine.h>
#include <botan/internal/stl_util.h>
-#include <stdio.h>
-
namespace Botan {
namespace {
@@ -28,8 +26,6 @@ bool test_filter_kat(Filter* filter,
const std::string output = pipe.read_all_as_string();
- //printf("%s %s\n", output.c_str(), expected_output.c_str());
-
return (output == expected_output);
}
diff --git a/src/tls/info.txt b/src/tls/info.txt
index 21d3d54c1..ab329c342 100644
--- a/src/tls/info.txt
+++ b/src/tls/info.txt
@@ -1,5 +1,7 @@
define TLS
+load_on request
+
<comment>
The TLS code is complex, new, and not yet reviewed, there may be
serious bugs or security issues.
diff --git a/src/wrap/python/filter.cpp b/src/wrap/python/filter.cpp
index 437c5239f..e329ed708 100644
--- a/src/wrap/python/filter.cpp
+++ b/src/wrap/python/filter.cpp
@@ -26,7 +26,6 @@ class Py_Filter : public Filter
void send_str(const std::string& str)
{
- printf("Py_Filter::send_str\n");
send((const byte*)str.data(), str.length());
}
};
@@ -36,14 +35,12 @@ class FilterWrapper : public Py_Filter, public wrapper<Py_Filter>
public:
void start_msg()
{
- printf("wrapper start_msg\n");
if(override start_msg = this->get_override("start_msg"))
start_msg();
}
void end_msg()
{
- printf("wrapper end_msg\n");
if(override end_msg = this->get_override("end_msg"))
end_msg();
}
@@ -53,7 +50,6 @@ class FilterWrapper : public Py_Filter, public wrapper<Py_Filter>
virtual void write_str(const std::string& str)
{
- printf("wrapper write\n");
this->get_override("write")(str);
}
};
@@ -125,7 +121,6 @@ void prepend_filter(Pipe& pipe, std::auto_ptr<Filter> filter)
void do_send(std::auto_ptr<FilterWrapper> filter, const std::string& data)
{
- printf("Sending %s to %p\n", data.c_str(), filter.get());
filter->send_str(data);
}