diff options
| -rw-r--r-- | checks/check.cpp | 2 | ||||
| -rw-r--r-- | doc/examples/bench.cpp | 2 | ||||
| -rw-r--r-- | doc/examples/benchmark.cpp | 2 | ||||
| -rw-r--r-- | doc/examples/hash_quickly.cpp | 2 | ||||
| -rw-r--r-- | doc/log.txt | 4 | ||||
| -rw-r--r-- | src/block/camellia/camellia.cpp | 267 | ||||
| -rw-r--r-- | src/block/camellia/camellia.h | 4 | ||||
| -rw-r--r-- | src/entropy/cryptoapi_rng/es_capi.cpp | 2 | ||||
| -rw-r--r-- | src/entropy/dev_random/dev_random.cpp | 9 | ||||
| -rw-r--r-- | src/entropy/egd/es_egd.cpp | 2 | ||||
| -rw-r--r-- | src/entropy/proc_walk/es_ftw.cpp | 83 | ||||
| -rw-r--r-- | src/libstate/global_rng.cpp | 2 | ||||
| -rw-r--r-- | src/math/numbertheory/numthry.cpp | 2 | ||||
| -rw-r--r-- | src/pubkey/ecdh/ecdh.h | 1 | ||||
| -rw-r--r-- | src/pubkey/pk_algs.cpp | 14 | ||||
| -rw-r--r-- | src/rng/hmac_rng/hmac_rng.cpp | 20 | ||||
| -rw-r--r-- | src/selftest/selftest.cpp | 4 | ||||
| -rw-r--r-- | src/tls/info.txt | 2 | ||||
| -rw-r--r-- | src/wrap/python/filter.cpp | 5 |
19 files changed, 212 insertions, 217 deletions
diff --git a/checks/check.cpp b/checks/check.cpp index 4fa1160ae..e47cc543b 100644 --- a/checks/check.cpp +++ b/checks/check.cpp @@ -178,7 +178,7 @@ int main(int argc, char* argv[]) if(opts.is_set("buf-size")) { buf_size = std::atoi(opts.value("buf-size").c_str()); - if(buf_size == 0 || buf_size > 64*1024) + if(buf_size == 0 || buf_size > 1024) { std::cout << "Invalid argument to --buf-size\n"; return 2; diff --git a/doc/examples/bench.cpp b/doc/examples/bench.cpp index 87b3a57f7..9a275523c 100644 --- a/doc/examples/bench.cpp +++ b/doc/examples/bench.cpp @@ -75,7 +75,7 @@ void benchmark_algo(const std::string& algo, Algorithm_Factory& af = global_state().algorithm_factory(); std::map<std::string, double> speeds = - algorithm_benchmark(algo, af, rng, milliseconds, 16*1024); + algorithm_benchmark(algo, af, rng, milliseconds, 16); std::cout << algo << ":"; diff --git a/doc/examples/benchmark.cpp b/doc/examples/benchmark.cpp index 7ad1775e2..b5adb3d4f 100644 --- a/doc/examples/benchmark.cpp +++ b/doc/examples/benchmark.cpp @@ -33,7 +33,7 @@ int main(int argc, char* argv[]) std::string algo = argv[i]; std::map<std::string, double> results = - algorithm_benchmark(algo, af, rng, ms, 16*1024); + algorithm_benchmark(algo, af, rng, ms, 16); std::cout << algo << ":\n"; for(std::map<std::string, double>::iterator r = results.begin(); diff --git a/doc/examples/hash_quickly.cpp b/doc/examples/hash_quickly.cpp index 005a6d719..a18ab4fa6 100644 --- a/doc/examples/hash_quickly.cpp +++ b/doc/examples/hash_quickly.cpp @@ -34,7 +34,7 @@ void set_fastest_implementation(const std::string& algo, Botan::Algorithm_Factory& af = Botan::global_state().algorithm_factory(); std::map<std::string, double> results = - Botan::algorithm_benchmark(algo, af, rng, ms, 16*1024); + Botan::algorithm_benchmark(algo, af, rng, ms, 16); std::string fastest_provider = ""; double best_res = 0; diff --git a/doc/log.txt b/doc/log.txt index 38944227b..478b27a94 100644 --- a/doc/log.txt +++ b/doc/log.txt @@ -10,6 +10,10 @@ Series 1.10 Version 1.10.2, Not Yet Released ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +* The SSL/TLS code is disabled by default in this release. A new + version is being developed and the current iteration should not be + used unless needed for existing code. + * Add the Camellia block cipher * An implementation of SRP-6a compatible with the specification in diff --git a/src/block/camellia/camellia.cpp b/src/block/camellia/camellia.cpp index 30e638451..054558c35 100644 --- a/src/block/camellia/camellia.cpp +++ b/src/block/camellia/camellia.cpp @@ -115,52 +115,30 @@ void Camellia::encrypt_n(const byte in[], byte out[], size_t blocks) const u64bit D1 = load_be<u64bit>(in, 0); u64bit D2 = load_be<u64bit>(in, 1); - D1 ^= K[0]; - D2 ^= K[1]; - D2 ^= F(D1, K[2]); - D1 ^= F(D2, K[3]); - D2 ^= F(D1, K[4]); - D1 ^= F(D2, K[5]); - D2 ^= F(D1, K[6]); - D1 ^= F(D2, K[7]); - D1 = FL (D1, K[8]); - D2 = FLINV(D2, K[9]); - - D2 ^= F(D1, K[10]); - D1 ^= F(D2, K[11]); - D2 ^= F(D1, K[12]); - D1 ^= F(D2, K[13]); - D2 ^= F(D1, K[14]); - D1 ^= F(D2, K[15]); - D1 = FL (D1, K[16]); - D2 = FLINV(D2, K[17]); - - D2 ^= F(D1, K[18]); - D1 ^= F(D2, K[19]); - D2 ^= F(D1, K[20]); - D1 ^= F(D2, K[21]); - D2 ^= F(D1, K[22]); - D1 ^= F(D2, K[23]); - - if(K.size() == 34) - { - D1 = FL (D1, K[24]); - D2 = FLINV(D2, K[25]); - D2 ^= F(D1, K[26]); - D1 ^= F(D2, K[27]); - D2 ^= F(D1, K[28]); - D1 ^= F(D2, K[29]); - D2 ^= F(D1, K[30]); - D1 ^= F(D2, K[31]); - D2 ^= K[32]; - D1 ^= K[33]; - } - else + const u64bit* K = &SK[0]; + + D1 ^= *K++; + D2 ^= *K++; + + while(true) { - D2 ^= K[24]; - D1 ^= K[25]; + D2 ^= F(D1, *K++); + D1 ^= F(D2, *K++); + D2 ^= F(D1, *K++); + D1 ^= F(D2, *K++); + D2 ^= F(D1, *K++); + D1 ^= F(D2, *K++); + + if(K == &SK[SK.size()-2]) + break; + + D1 = FL (D1, *K++); + D2 = FLINV(D2, *K++); } + D2 ^= *K++; + D1 ^= *K++; + store_be(out, D2, D1); in += BLOCK_SIZE; @@ -180,52 +158,29 @@ void Camellia::decrypt_n(const byte in[], byte out[], size_t blocks) const u64bit D1 = load_be<u64bit>(in, 0); u64bit D2 = load_be<u64bit>(in, 1); - if(K.size() == 34) - { - D1 ^= K[32]; - D2 ^= K[33]; - - D2 ^= F(D1, K[31]); - D1 ^= F(D2, K[30]); - D2 ^= F(D1, K[29]); - D1 ^= F(D2, K[28]); - D2 ^= F(D1, K[27]); - D1 ^= F(D2, K[26]); - D1 = FL (D1, K[25]); - D2 = FLINV(D2, K[24]); - } - else + const u64bit* K = &SK[SK.size()-1]; + + D2 ^= *K--; + D1 ^= *K--; + + while(true) { - D1 ^= K[24]; - D2 ^= K[25]; + D2 ^= F(D1, *K--); + D1 ^= F(D2, *K--); + D2 ^= F(D1, *K--); + D1 ^= F(D2, *K--); + D2 ^= F(D1, *K--); + D1 ^= F(D2, *K--); + + if(K == &SK[1]) + break; + + D1 = FL (D1, *K--); + D2 = FLINV(D2, *K--); } - D2 ^= F(D1, K[23]); - D1 ^= F(D2, K[22]); - D2 ^= F(D1, K[21]); - D1 ^= F(D2, K[20]); - D2 ^= F(D1, K[19]); - D1 ^= F(D2, K[18]); - D1 = FL (D1, K[17]); - D2 = FLINV(D2, K[16]); - - D2 ^= F(D1, K[15]); - D1 ^= F(D2, K[14]); - D2 ^= F(D1, K[13]); - D1 ^= F(D2, K[12]); - D2 ^= F(D1, K[11]); - D1 ^= F(D2, K[10]); - D1 = FL (D1, K[ 9]); - D2 = FLINV(D2, K[ 8]); - - D2 ^= F(D1, K[ 7]); - D1 ^= F(D2, K[ 6]); - D2 ^= F(D1, K[ 5]); - D1 ^= F(D2, K[ 4]); - D2 ^= F(D1, K[ 3]); - D1 ^= F(D2, K[ 2]); - D2 ^= K[0]; - D1 ^= K[1]; + D1 ^= *K--; + D2 ^= *K; store_be(out, D2, D1); @@ -277,79 +232,79 @@ void Camellia::key_schedule(const byte key[], size_t length) if(length == 16) { - K.resize(26); - - K[ 0] = KL_H; - K[ 1] = KL_L; - K[ 2] = KA_H; - K[ 3] = KA_L; - K[ 4] = left_rot_hi(KL_H, KL_L, 15); - K[ 5] = left_rot_lo(KL_H, KL_L, 15); - K[ 6] = left_rot_hi(KA_H, KA_L, 15); - K[ 7] = left_rot_lo(KA_H, KA_L, 15); - K[ 8] = left_rot_hi(KA_H, KA_L, 30); - K[ 9] = left_rot_lo(KA_H, KA_L, 30); - K[10] = left_rot_hi(KL_H, KL_L, 45); - K[11] = left_rot_lo(KL_H, KL_L, 45); - K[12] = left_rot_hi(KA_H, KA_L, 45); - K[13] = left_rot_lo(KL_H, KL_L, 60); - K[14] = left_rot_hi(KA_H, KA_L, 60); - K[15] = left_rot_lo(KA_H, KA_L, 60); - K[16] = left_rot_lo(KL_H, KL_L, 77-64); - K[17] = left_rot_hi(KL_H, KL_L, 77-64); - K[18] = left_rot_lo(KL_H, KL_L, 94-64); - K[19] = left_rot_hi(KL_H, KL_L, 94-64); - K[20] = left_rot_lo(KA_H, KA_L, 94-64); - K[21] = left_rot_hi(KA_H, KA_L, 94-64); - K[22] = left_rot_lo(KL_H, KL_L, 111-64); - K[23] = left_rot_hi(KL_H, KL_L, 111-64); - K[24] = left_rot_lo(KA_H, KA_L, 111-64); - K[25] = left_rot_hi(KA_H, KA_L, 111-64); + SK.resize(26); + + SK[ 0] = KL_H; + SK[ 1] = KL_L; + SK[ 2] = KA_H; + SK[ 3] = KA_L; + SK[ 4] = left_rot_hi(KL_H, KL_L, 15); + SK[ 5] = left_rot_lo(KL_H, KL_L, 15); + SK[ 6] = left_rot_hi(KA_H, KA_L, 15); + SK[ 7] = left_rot_lo(KA_H, KA_L, 15); + SK[ 8] = left_rot_hi(KA_H, KA_L, 30); + SK[ 9] = left_rot_lo(KA_H, KA_L, 30); + SK[10] = left_rot_hi(KL_H, KL_L, 45); + SK[11] = left_rot_lo(KL_H, KL_L, 45); + SK[12] = left_rot_hi(KA_H, KA_L, 45); + SK[13] = left_rot_lo(KL_H, KL_L, 60); + SK[14] = left_rot_hi(KA_H, KA_L, 60); + SK[15] = left_rot_lo(KA_H, KA_L, 60); + SK[16] = left_rot_lo(KL_H, KL_L, 77-64); + SK[17] = left_rot_hi(KL_H, KL_L, 77-64); + SK[18] = left_rot_lo(KL_H, KL_L, 94-64); + SK[19] = left_rot_hi(KL_H, KL_L, 94-64); + SK[20] = left_rot_lo(KA_H, KA_L, 94-64); + SK[21] = left_rot_hi(KA_H, KA_L, 94-64); + SK[22] = left_rot_lo(KL_H, KL_L, 111-64); + SK[23] = left_rot_hi(KL_H, KL_L, 111-64); + SK[24] = left_rot_lo(KA_H, KA_L, 111-64); + SK[25] = left_rot_hi(KA_H, KA_L, 111-64); } else { - K.resize(34); - - K[ 0] = KL_H; - K[ 1] = KL_L; - K[ 2] = KB_H; - K[ 3] = KB_L; - - K[ 4] = left_rot_hi(KR_H, KR_L, 15); - K[ 5] = left_rot_lo(KR_H, KR_L, 15); - K[ 6] = left_rot_hi(KA_H, KA_L, 15); - K[ 7] = left_rot_lo(KA_H, KA_L, 15); - - K[ 8] = left_rot_hi(KR_H, KR_L, 30); - K[ 9] = left_rot_lo(KR_H, KR_L, 30); - K[10] = left_rot_hi(KB_H, KB_L, 30); - K[11] = left_rot_lo(KB_H, KB_L, 30); - - K[12] = left_rot_hi(KL_H, KL_L, 45); - K[13] = left_rot_lo(KL_H, KL_L, 45); - K[14] = left_rot_hi(KA_H, KA_L, 45); - K[15] = left_rot_lo(KA_H, KA_L, 45); - - K[16] = left_rot_hi(KL_H, KL_L, 60); - K[17] = left_rot_lo(KL_H, KL_L, 60); - K[18] = left_rot_hi(KR_H, KR_L, 60); - K[19] = left_rot_lo(KR_H, KR_L, 60); - K[20] = left_rot_hi(KB_H, KB_L, 60); - K[21] = left_rot_lo(KB_H, KB_L, 60); - - K[22] = left_rot_lo(KL_H, KL_L, 77-64); - K[23] = left_rot_hi(KL_H, KL_L, 77-64); - K[24] = left_rot_lo(KA_H, KA_L, 77-64); - K[25] = left_rot_hi(KA_H, KA_L, 77-64); - - K[26] = left_rot_lo(KR_H, KR_L, 94-64); - K[27] = left_rot_hi(KR_H, KR_L, 94-64); - K[28] = left_rot_lo(KA_H, KA_L, 94-64); - K[29] = left_rot_hi(KA_H, KA_L, 94-64); - K[30] = left_rot_lo(KL_H, KL_L, 111-64); - K[31] = left_rot_hi(KL_H, KL_L, 111-64); - K[32] = left_rot_lo(KB_H, KB_L, 111-64); - K[33] = left_rot_hi(KB_H, KB_L, 111-64); + SK.resize(34); + + SK[ 0] = KL_H; + SK[ 1] = KL_L; + SK[ 2] = KB_H; + SK[ 3] = KB_L; + + SK[ 4] = left_rot_hi(KR_H, KR_L, 15); + SK[ 5] = left_rot_lo(KR_H, KR_L, 15); + SK[ 6] = left_rot_hi(KA_H, KA_L, 15); + SK[ 7] = left_rot_lo(KA_H, KA_L, 15); + + SK[ 8] = left_rot_hi(KR_H, KR_L, 30); + SK[ 9] = left_rot_lo(KR_H, KR_L, 30); + SK[10] = left_rot_hi(KB_H, KB_L, 30); + SK[11] = left_rot_lo(KB_H, KB_L, 30); + + SK[12] = left_rot_hi(KL_H, KL_L, 45); + SK[13] = left_rot_lo(KL_H, KL_L, 45); + SK[14] = left_rot_hi(KA_H, KA_L, 45); + SK[15] = left_rot_lo(KA_H, KA_L, 45); + + SK[16] = left_rot_hi(KL_H, KL_L, 60); + SK[17] = left_rot_lo(KL_H, KL_L, 60); + SK[18] = left_rot_hi(KR_H, KR_L, 60); + SK[19] = left_rot_lo(KR_H, KR_L, 60); + SK[20] = left_rot_hi(KB_H, KB_L, 60); + SK[21] = left_rot_lo(KB_H, KB_L, 60); + + SK[22] = left_rot_lo(KL_H, KL_L, 77-64); + SK[23] = left_rot_hi(KL_H, KL_L, 77-64); + SK[24] = left_rot_lo(KA_H, KA_L, 77-64); + SK[25] = left_rot_hi(KA_H, KA_L, 77-64); + + SK[26] = left_rot_lo(KR_H, KR_L, 94-64); + SK[27] = left_rot_hi(KR_H, KR_L, 94-64); + SK[28] = left_rot_lo(KA_H, KA_L, 94-64); + SK[29] = left_rot_hi(KA_H, KA_L, 94-64); + SK[30] = left_rot_lo(KL_H, KL_L, 111-64); + SK[31] = left_rot_hi(KL_H, KL_L, 111-64); + SK[32] = left_rot_lo(KB_H, KB_L, 111-64); + SK[33] = left_rot_hi(KB_H, KB_L, 111-64); } } diff --git a/src/block/camellia/camellia.h b/src/block/camellia/camellia.h index 7795f1fcf..aaf3ad9e3 100644 --- a/src/block/camellia/camellia.h +++ b/src/block/camellia/camellia.h @@ -21,13 +21,13 @@ class BOTAN_DLL Camellia : public Block_Cipher_Fixed_Params<16, 16, 32, 8> void encrypt_n(const byte in[], byte out[], size_t blocks) const; void decrypt_n(const byte in[], byte out[], size_t blocks) const; - void clear() { K.clear(); } + void clear() { SK.clear(); } std::string name() const { return "Camellia"; } BlockCipher* clone() const { return new Camellia; } private: void key_schedule(const byte key[], size_t length); - SecureVector<u64bit> K; + SecureVector<u64bit> SK; }; } diff --git a/src/entropy/cryptoapi_rng/es_capi.cpp b/src/entropy/cryptoapi_rng/es_capi.cpp index d3d076641..c9069ce65 100644 --- a/src/entropy/cryptoapi_rng/es_capi.cpp +++ b/src/entropy/cryptoapi_rng/es_capi.cpp @@ -65,7 +65,7 @@ void Win32_CAPI_EntropySource::poll(Entropy_Accumulator& accum) if(got) { - accum.add(&io_buffer[0], io_buffer.size(), 8); + accum.add(&io_buffer[0], io_buffer.size(), 6); break; } } diff --git a/src/entropy/dev_random/dev_random.cpp b/src/entropy/dev_random/dev_random.cpp index d14ae43ae..9e4f0b373 100644 --- a/src/entropy/dev_random/dev_random.cpp +++ b/src/entropy/dev_random/dev_random.cpp @@ -105,9 +105,12 @@ Device_EntropySource::~Device_EntropySource() */ void Device_EntropySource::poll(Entropy_Accumulator& accum) { - size_t go_get = std::min<size_t>(accum.desired_remaining_bits() / 8, 48); + const size_t ENTROPY_BITS_PER_BYTE = 7; - size_t read_wait_ms = std::max<size_t>(go_get, 1000); + const size_t go_get = std::min<size_t>( + accum.desired_remaining_bits() / ENTROPY_BITS_PER_BYTE, 32); + + const size_t read_wait_ms = std::max<size_t>(go_get, 100); MemoryRegion<byte>& io_buffer = accum.get_io_buffer(go_get); for(size_t i = 0; i != devices.size(); ++i) @@ -117,7 +120,7 @@ void Device_EntropySource::poll(Entropy_Accumulator& accum) if(got) { - accum.add(&io_buffer[0], got, 8); + accum.add(&io_buffer[0], got, ENTROPY_BITS_PER_BYTE); break; } } diff --git a/src/entropy/egd/es_egd.cpp b/src/entropy/egd/es_egd.cpp index b2b629930..e0ebf9509 100644 --- a/src/entropy/egd/es_egd.cpp +++ b/src/entropy/egd/es_egd.cpp @@ -147,7 +147,7 @@ void EGD_EntropySource::poll(Entropy_Accumulator& accum) if(got) { - accum.add(&io_buffer[0], got, 8); + accum.add(&io_buffer[0], got, 6); break; } } diff --git a/src/entropy/proc_walk/es_ftw.cpp b/src/entropy/proc_walk/es_ftw.cpp index 5d58f9869..8b4408aee 100644 --- a/src/entropy/proc_walk/es_ftw.cpp +++ b/src/entropy/proc_walk/es_ftw.cpp @@ -1,6 +1,6 @@ /* * FTW EntropySource -* (C) 1999-2008 Jack Lloyd +* (C) 1999-2008,2012 Jack Lloyd * * Distributed under the terms of the Botan license */ @@ -41,60 +41,81 @@ namespace { class Directory_Walker : public File_Descriptor_Source { public: - Directory_Walker(const std::string& root) { add_directory(root); } - ~Directory_Walker(); + Directory_Walker(const std::string& root) : + m_cur_dir(std::make_pair<DIR*, std::string>(0, "")) + { + if(DIR* root_dir = ::opendir(root.c_str())) + m_cur_dir = std::make_pair(root_dir, root); + } + + ~Directory_Walker() + { + if(m_cur_dir.first) + ::closedir(m_cur_dir.first); + } int next_fd(); private: - void add_directory(const std::string&); + void add_directory(const std::string& dirname) + { + m_dirlist.push_back(dirname); + } - std::deque<std::pair<DIR*, std::string> > dirs; - }; + std::pair<struct dirent*, std::string> get_next_dirent(); -void Directory_Walker::add_directory(const std::string& dirname) - { - DIR* dir = ::opendir(dirname.c_str()); - if(dir) - dirs.push_back(std::make_pair(dir, dirname)); - } + std::pair<DIR*, std::string> m_cur_dir; + std::deque<std::string> m_dirlist; + }; -Directory_Walker::~Directory_Walker() +std::pair<struct dirent*, std::string> Directory_Walker::get_next_dirent() { - while(dirs.size()) + while(m_cur_dir.first) { - ::closedir(dirs[0].first); - dirs.pop_front(); + struct dirent* dir = ::readdir(m_cur_dir.first); + + if(dir) + return std::make_pair<struct dirent*, std::string>(dir, m_cur_dir.second); + + ::closedir(m_cur_dir.first); + m_cur_dir = std::make_pair<DIR*, std::string>(0, ""); + + while(!m_dirlist.empty() && m_cur_dir.first == 0) + { + const std::string next_dir_name = m_dirlist[0]; + m_dirlist.pop_front(); + + if(DIR* next_dir = ::opendir(next_dir_name.c_str())) + m_cur_dir = std::make_pair(next_dir, next_dir_name); + } } + + return std::make_pair<struct dirent*, std::string>(0, ""); // nothing left } int Directory_Walker::next_fd() { - while(dirs.size()) + while(true) { - std::pair<DIR*, std::string> dirinfo = dirs[0]; + std::pair<struct dirent*, std::string> entry = get_next_dirent(); - struct dirent* entry = ::readdir(dirinfo.first); + if(!entry.first) + break; // no more dirs - if(!entry) - { - ::closedir(dirinfo.first); - dirs.pop_front(); - continue; - } - - const std::string filename = entry->d_name; + const std::string filename = entry.first->d_name; if(filename == "." || filename == "..") continue; - const std::string full_path = dirinfo.second + '/' + filename; + const std::string full_path = entry.second + '/' + filename; struct stat stat_buf; if(::lstat(full_path.c_str(), &stat_buf) == -1) continue; if(S_ISDIR(stat_buf.st_mode)) + { add_directory(full_path); + } else if(S_ISREG(stat_buf.st_mode) && (stat_buf.st_mode & S_IROTH)) { int fd = ::open(full_path.c_str(), O_RDONLY | O_NOCTTY); @@ -127,12 +148,12 @@ FTW_EntropySource::~FTW_EntropySource() void FTW_EntropySource::poll(Entropy_Accumulator& accum) { - const size_t MAX_FILES_READ_PER_POLL = 1024; + const size_t MAX_FILES_READ_PER_POLL = 2048; if(!dir) dir = new Directory_Walker(path); - MemoryRegion<byte>& io_buffer = accum.get_io_buffer(128); + MemoryRegion<byte>& io_buffer = accum.get_io_buffer(4096); for(size_t i = 0; i != MAX_FILES_READ_PER_POLL; ++i) { @@ -150,7 +171,7 @@ void FTW_EntropySource::poll(Entropy_Accumulator& accum) ::close(fd); if(got > 0) - accum.add(&io_buffer[0], got, .01); + accum.add(&io_buffer[0], got, .001); if(accum.polling_goal_achieved()) break; diff --git a/src/libstate/global_rng.cpp b/src/libstate/global_rng.cpp index 7968613c9..066d033a1 100644 --- a/src/libstate/global_rng.cpp +++ b/src/libstate/global_rng.cpp @@ -67,7 +67,7 @@ void add_entropy_sources(RandomNumberGenerator* rng) #if defined(BOTAN_HAS_ENTROPY_SRC_DEV_RANDOM) rng->add_entropy_source( new Device_EntropySource( - split_on("/dev/urandom:/dev/random:/dev/srandom", ':') + split_on("/dev/random:/dev/srandom:/dev/urandom", ':') ) ); #endif diff --git a/src/math/numbertheory/numthry.cpp b/src/math/numbertheory/numthry.cpp index b06dd72af..18f6ce429 100644 --- a/src/math/numbertheory/numthry.cpp +++ b/src/math/numbertheory/numthry.cpp @@ -10,8 +10,6 @@ #include <botan/internal/bit_ops.h> #include <algorithm> -#include <stdio.h> - namespace Botan { namespace { diff --git a/src/pubkey/ecdh/ecdh.h b/src/pubkey/ecdh/ecdh.h index 2edbfe86d..6fe0697bf 100644 --- a/src/pubkey/ecdh/ecdh.h +++ b/src/pubkey/ecdh/ecdh.h @@ -22,7 +22,6 @@ class BOTAN_DLL ECDH_PublicKey : public virtual EC_PublicKey { public: - ECDH_PublicKey(const AlgorithmIdentifier& alg_id, const MemoryRegion<byte>& key_bits) : EC_PublicKey(alg_id, key_bits) {} diff --git a/src/pubkey/pk_algs.cpp b/src/pubkey/pk_algs.cpp index e500cfc2e..9b3218ac4 100644 --- a/src/pubkey/pk_algs.cpp +++ b/src/pubkey/pk_algs.cpp @@ -40,6 +40,10 @@ #include <botan/elgamal.h> #endif +#if defined(BOTAN_HAS_ECDH) + #include <botan/ecdh.h> +#endif + namespace Botan { Public_Key* make_public_key(const AlgorithmIdentifier& alg_id, @@ -89,6 +93,11 @@ Public_Key* make_public_key(const AlgorithmIdentifier& alg_id, return new GOST_3410_PublicKey(alg_id, key_bits); #endif +#if defined(BOTAN_HAS_ECDH) + if(alg_name == "ECDH") + return new ECDH_PublicKey(alg_id, key_bits); +#endif + return 0; } @@ -140,6 +149,11 @@ Private_Key* make_private_key(const AlgorithmIdentifier& alg_id, return new GOST_3410_PrivateKey(alg_id, key_bits); #endif +#if defined(BOTAN_HAS_ECDH) + if(alg_name == "ECDH") + return new ECDH_PrivateKey(alg_id, key_bits); +#endif + return 0; } diff --git a/src/rng/hmac_rng/hmac_rng.cpp b/src/rng/hmac_rng/hmac_rng.cpp index 6911a3af5..44a9e9cba 100644 --- a/src/rng/hmac_rng/hmac_rng.cpp +++ b/src/rng/hmac_rng/hmac_rng.cpp @@ -74,7 +74,8 @@ void HMAC_RNG::reseed(size_t poll_bits) while(!accum.polling_goal_achieved() && poll_attempt < poll_bits) { - entropy_sources[poll_attempt % entropy_sources.size()]->poll(accum); + const size_t src_idx = poll_attempt % entropy_sources.size(); + entropy_sources[src_idx]->poll(accum); ++poll_attempt; } } @@ -109,7 +110,11 @@ void HMAC_RNG::reseed(size_t poll_bits) counter = 0; user_input_len = 0; - if(accum.bits_collected() >= 128) + /* + Consider ourselves seeded once we've collected an estimated 128 bits of + entropy in a single poll. + */ + if(seeded == false && accum.bits_collected() >= 128) seeded = true; } @@ -118,15 +123,18 @@ void HMAC_RNG::reseed(size_t poll_bits) */ void HMAC_RNG::add_entropy(const byte input[], size_t length) { + const size_t USER_ENTROPY_WATERSHED = 20; + extractor->update(input, length); user_input_len += length; /* - * After we've accumulated >= 1024 bytes of user input, reseed. - * This input will automatically have been included if reseed was - * called already, as it's just included in the extractor input. + * After we've accumulated at least USER_ENTROPY_WATERSHED bytes of + * user input, reseed. This input will automatically have been + * included if reseed was called already, as it's just included in + * the extractor input. */ - if(user_input_len >= 1024) + if(user_input_len >= USER_ENTROPY_WATERSHED) reseed(128); } diff --git a/src/selftest/selftest.cpp b/src/selftest/selftest.cpp index 8c8befb7b..8f4dc70d8 100644 --- a/src/selftest/selftest.cpp +++ b/src/selftest/selftest.cpp @@ -10,8 +10,6 @@ #include <botan/internal/core_engine.h> #include <botan/internal/stl_util.h> -#include <stdio.h> - namespace Botan { namespace { @@ -28,8 +26,6 @@ bool test_filter_kat(Filter* filter, const std::string output = pipe.read_all_as_string(); - //printf("%s %s\n", output.c_str(), expected_output.c_str()); - return (output == expected_output); } diff --git a/src/tls/info.txt b/src/tls/info.txt index 68ca026d5..f3c64cd05 100644 --- a/src/tls/info.txt +++ b/src/tls/info.txt @@ -1,5 +1,7 @@ define TLS +load_on request + <comment> The TLS code is complex, new, and not yet reviewed, there may be serious bugs or security issues. diff --git a/src/wrap/python/filter.cpp b/src/wrap/python/filter.cpp index 7c28d8f43..eef8b202c 100644 --- a/src/wrap/python/filter.cpp +++ b/src/wrap/python/filter.cpp @@ -26,7 +26,6 @@ class Py_Filter : public Filter void send_str(const std::string& str) { - printf("Py_Filter::send_str\n"); send((const byte*)str.data(), str.length()); } }; @@ -36,14 +35,12 @@ class FilterWrapper : public Py_Filter, public wrapper<Py_Filter> public: void start_msg() { - printf("wrapper start_msg\n"); if(override start_msg = this->get_override("start_msg")) start_msg(); } void end_msg() { - printf("wrapper end_msg\n"); if(override end_msg = this->get_override("end_msg")) end_msg(); } @@ -53,7 +50,6 @@ class FilterWrapper : public Py_Filter, public wrapper<Py_Filter> virtual void write_str(const std::string& str) { - printf("wrapper write\n"); this->get_override("write")(str); } }; @@ -125,7 +121,6 @@ void prepend_filter(Pipe& pipe, std::unique_ptr<Filter> filter) void do_send(std::unique_ptr<FilterWrapper> filter, const std::string& data) { - printf("Sending %s to %p\n", data.c_str(), filter.get()); filter->send_str(data); } |