aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Refactor option parsing in cli and test codeJack Lloyd2017-10-2418-947/+1133
| | | | Allows cleaning up header includes, also somewhat smaller binaries.
* Fix typoJack Lloyd2017-10-231-1/+1
| | | | [ci skip]
* Update newsJack Lloyd2017-10-221-3/+27
|
* Merge GH #1263 Support FFDHE negotiation in TLSJack Lloyd2017-10-2215-36/+371
|\
| * Remove check for negotiated DH group in TLS clientRené Korthaus2017-10-201-29/+0
| | | | | | | | | | | | | | The server may not support the supported groups extension and choose an arbitrary group. RFC 7919 permits clients to continue if the group is acceptable under local policy, which we do now.
| * Fall back to default group if client does not send any DH groupsRené Korthaus2017-10-202-2/+19
| |
| * Add allowed values for allowed groupsRené Korthaus2017-10-181-3/+13
| |
| * Add supported groups TLS extension (RFC 7919)René Korthaus2017-10-1716-35/+372
| |
* | Merge GH #1271 Deprecate some exception typesJack Lloyd2017-10-221-3/+3
|\ \
| * | deprecate exceptionsDaniel Neus2017-10-211-3/+3
| | |
* | | Merge GH #1270 Support verification of PSS X.509 objectsJack Lloyd2017-10-22239-11/+9131
|\ \ \ | |/ / |/| |
| * | review changesDaniel Neus2017-10-214-235/+235
| | |
| * | X.509 RSA-PSS verificationDaniel Neus2017-10-20239-10/+9130
| | |
* | | Fix for 32-bit WindowsJack Lloyd2017-10-201-4/+4
| | | | | | | | | | | | The buffer is not aligned :/
* | | Add ability to print fingerprint in cert_info cliJack Lloyd2017-10-201-1/+4
| | | | | | | | | | | | [ci skip]
* | | Allow setting CTR width via stringJack Lloyd2017-10-205-6/+39
| | | | | | | | | | | | | | | | | | | | | | | | | | | Prohibit very small counter widths (under 4 bytes), since they lead to trivial keystream reuse. Add tests. Fix clone which always returned an object with a block-wide counter.
* | | Remove redundant checkJack Lloyd2017-10-201-3/+0
| | | | | | | | | | | | | | | | | | CBC mode already has this same size check. [ci skip]
* | | Add GHASH using SSSE3Jack Lloyd2017-10-205-3/+106
| | | | | | | | | | | | About 30% faster than scalar on Skylake
* | | Update newsJack Lloyd2017-10-201-2/+2
| | |
* | | Update side channel notesJack Lloyd2017-10-201-8/+5
| | |
* | | Merge GH #1269 Use base CBC to implement TLS-CBC ciphersuitesJack Lloyd2017-10-203-49/+36
|\ \ \
| * | | Use base CBC modes to implement TLS CBC ciphersuitesJack Lloyd2017-10-193-49/+36
|/ / / | | | | | | | | | | | | This reduces code and also lets TLS make use of parallel decryption which it was not doing before.
* | | Remove unused variableJack Lloyd2017-10-191-1/+1
| | |
* | | In speed flush the output stream after each resultJack Lloyd2017-10-191-1/+1
| | |
* | | Undeprecate these exceptionsJack Lloyd2017-10-192-5/+7
| | | | | | | | | | | | Cannot figure out how to get MSVC to shut up
* | | Another attempt at silencing MSVC warningJack Lloyd2017-10-192-6/+2
| | |
* | | Appease SonarJack Lloyd2017-10-191-1/+1
| | |
* | | Add a destructor to Policy_ViolationJack Lloyd2017-10-191-3/+4
| | | | | | | | | | | | | | | MSVC produces a deranged warning that the compiler generated destructor is deprecated, try to shut it up.
* | | Ignore BOTAN_DEPRECATED in Doxygen configJack Lloyd2017-10-191-0/+1
|/ / | | | | | | Fixes #1266
* | Merge GH #1262 GCM and CTR optimizationsJack Lloyd2017-10-1913-436/+789
|\ \
| * | PMULL optimizationsJack Lloyd2017-10-183-61/+192
| | |
| * | Further optimizations, and split out GHASH reduction codeJack Lloyd2017-10-183-87/+57
| | |
| * | GCM and CTR optimizationsJack Lloyd2017-10-1811-372/+624
| |/ | | | | | | | | | | | | | | | | | | | | In CTR, special case for counter widths of special interest. In GHASH, uses a 4x reduction technique suggested by Intel. Split out GHASH to its own source file and header. With these changes GCM is over twice as fast on Skylake and about 50% faster on Westmere.
* | Merge GH #1265 Handle conditional includes correctly in amalgamation (see ↵Jack Lloyd2017-10-193-20/+77
|\ \ | | | | | | | | | also #1264)
| * | Use conditional include in demaphore.hSimon Warta2017-10-191-1/+1
| | |
| * | Only skip includes that have been incuded unconditionally beforeSimon Warta2017-10-191-10/+19
| | |
| * | Allow trailing comments for include matchersSimon Warta2017-10-192-3/+14
| | |
| * | Rename method to AmalgamationHelper.is_unconditional_std_include and testSimon Warta2017-10-192-8/+45
| | |
| * | Use __file__ to detect project rootSimon Warta2017-10-191-1/+1
|/ / | | | | | | otherwise the module "configure" cannot be imported by the tests anymore
* / GMAC test fixesJack Lloyd2017-10-182-2/+2
|/ | | | [ci skip]
* Simplify speed cmdlet, make summary optional, add JSON outputJack Lloyd2017-10-161-501/+455
|
* Correct usage of std::aligned_storageJack Lloyd2017-10-151-6/+6
| | | | This ended up allocating 256 KiB!
* Additional final annotationsJack Lloyd2017-10-1527-44/+44
|
* GMAC optimizationJack Lloyd2017-10-153-22/+34
| | | | | Avoid copying inputs needlessly, on Skylake doubles performance (from 1 GB/s -> 2 GB/s)
* Merge GH #1257 Use std::aligned_storage for AES T-tableJack Lloyd2017-10-151-32/+56
|\
| * Use overaligned storage for AES T-TableJack Lloyd2017-10-141-32/+56
| | | | | | | | | | This improves performance by ~ .5 cycle/byte. Also it ensures that our cache reading countermeasure works as expected.
* | Merge GH #1255 Use a single T-table in AESJack Lloyd2017-10-151-127/+78
|\|
| * Reduce AES to using a single T-tableJack Lloyd2017-10-131-127/+78
| | | | | | | | | | | | | | | | | | Should have significantly better cache characteristics, though it would be nice to verify this. It reduces performance somewhat but less than I expected, at least on Skylake. I need to check this across more platforms to make sure t won't hurt too badly.
* | De-inline bodies of exception classesJack Lloyd2017-10-153-67/+133
|/ | | | | | | | | This leads to a rather shocking decrease in binary sizes, especially the static library (~1.5 MB reduction). Saves 60KB in the shared lib. Since throwing or catching an exception is relatively expensive these not being inlined is not a problem in that sense. It had simply not occured to me that it would take up so much extra space in the binary.
* Optimizations for SM4Jack Lloyd2017-10-132-36/+95
| | | | | | | | | Using a larger table helps quite a bit. Using 4 tables (ala AES T-tables) didn't seem to help much at all, it's only slightly faster than a single table with rotations. Continue to use the 8 bit table in the first and last rounds as a countermeasure against cache attacks.
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-28 12:43:13 +0000