aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #279 from randombit/fix-static-lib-registrationJack Lloyd2015-09-21188-1018/+1600
|\ | | | | Move the algorithm factory functions to T::create and move object registration to the source file for its base class. These resolve the issues which prevented successful use of a static library that was built with individual object files. Removes the restriction in configure.py which prevented building non-amalgamation static libs.
| * Remove use of lookup.h in favor of new T::create API.Jack Lloyd2015-09-2149-186/+169
| |
| * Address some review comments by Simon. GH #279Jack Lloyd2015-09-2110-22/+22
| |
| * Fix includes for opensslJack Lloyd2015-09-193-0/+4
| |
| * Internal header cleanupsJack Lloyd2015-09-1980-289/+213
| | | | | | | | Only user-visible change is the removal of get_byte.h
| * Handle dependencies re static linking. GH #279Jack Lloyd2015-09-1735-192/+291
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously we were hanging on the type destructors to pull in the relevant objects. However that fails in many simple cases where the object is never deleted. For every type involved in the algo registry add static create and providers functions to access the algo registry. Modify lookup.h to be inline and call those functions, and move a few to sub-headers (eg, get_pbkdf going to pbkdf.h). So accessing the registry involves going through the same file that handles the initialization, so there is no way to end up with missing objs.
| * Fix for minimized buildsJack Lloyd2015-09-111-1/+4
| |
| * Fix pbkdf, pk padding and ECDH registration for static linking.Jack Lloyd2015-09-1127-120/+155
| | | | | | | | | | | | | | | | With this change the tests pass when linked against a static library built in the normal (non-amalgamation) fashion. Remove the restriction in configure.py, and have circleci build the clang static build as a non-amalg.
| * Same treatment for cipher modesJack Lloyd2015-09-1013-51/+118
| |
| * Fix static lib registration for block, hash, mac, stream, kdfJack Lloyd2015-09-1080-218/+685
| | | | | | | | | | | | | | | | | | | | | | The support problems from having static libraries not work in the obvious way will be endless trouble. Instead have each set of registrations tag along in a source file for the basic type, at the cost of some extra ifdefs. On shared libs this is harmless - everything is going into the shared object anyway. With static libs, this means pulling in a single block cipher pulls in the text of all the them. But that's still strictly better than the amalgamation (which is really pulling in everything), and it works (unlike status quo).
* | Add a test for X509_Certificate::fingerprintJack Lloyd2015-09-121-0/+1
| | | | | | | | Value checked against `openssl x509 -fingerprint` of same cert
* | Some docs on source code layoutJack Lloyd2015-09-122-7/+85
| | | | | | | | [ci skip]
* | Merge pull request #278 from webmaster128/fuzzer_testSimon Warta2015-09-101-28/+39
|\ \ | | | | | | Update fuzzer test
| * | Update fuzzer testSimon Warta2015-09-101-28/+39
| |/ | | | | | | | | | | | | * Handle No_Filesystem_Access case properly * Use steady_clock for benchmarking Fixes #276
* | Bump version to 1.11.21(-pre)Jack Lloyd2015-09-102-1/+4
| | | | | | | | [ci skip]
* | Reduce likelyhood of stray pointer writes via ffi layer.Jack Lloyd2015-09-101-0/+8
|/ | | | | In error cases the output value was not intialized, so callers which ignored the error return might blindly use an uninitialized pointer.
* Merge pull request #275 from webmaster128/avoid-static-nonamalgamationSimon Warta2015-09-093-13/+8
|\ | | | | Prevent users from building static non-amalgamations on MinGW and Cygwin
| * Prevent users from building static non-amalgamations on MinGW and CygwinSimon Warta2015-09-093-13/+8
|/ | | | | | | | * Rename variable to avoid confusion of build_shared and options.build_shared_lib * Don't automatically change shared -> static. Force user to do that Fixes #211
* .PHONY must be a rule, not a variableSimon Warta2015-09-091-1/+1
| | | | Found by JOM on MinGW.
* Fix versionJack Lloyd2015-09-071-1/+1
| | | | [ci skip]
* Update download linksJack Lloyd2015-09-071-3/+3
| | | | [ci skip]
* Update for 1.11.20 release1.11.20Jack Lloyd2015-09-071-6/+7
|
* Add release notes from Github tickets for 1.11.20Simon Warta2015-09-061-1/+23
| | | | [ci skip]
* Add missing Botan 1.11.19 release notesSimon Warta2015-09-031-1/+17
| | | | [ci skip]
* Merge pull request #271 from webmaster128/travis-iosSimon Warta2015-09-027-68/+98
|\ | | | | Update travis configuration for iOS build
| * Update travis configuration for iOS buildSimon Warta2015-09-027-68/+98
|/ | | | Closes #188
* Merge pull request #269 from webmaster128/compression-overridesSimon Warta2015-09-013-2/+3
|\ | | | | Add missing compression overrides
| * Add missing compression overridesSimon Warta2015-09-013-2/+3
|/
* Merge pull request #267 from cordney/update-ios-build-instructionsSimon Warta2015-09-011-1/+1
|\ | | | | Build with libc++ C++ standard library on clang for iOS
| * Build with libc++ C++ standard library on clang for iOSRené Korthaus2015-08-291-1/+1
| | | | | | | | | | When building for iOS with clang, the C++ standard library must be set to libc++ instead of libstdc++.
* | Move Credentials_Manager to TLSJack Lloyd2015-08-294-6/+1
| |
* | Remove alloc module; move secmem.h to base and locking_allocator to utilsJack Lloyd2015-08-2915-21/+1
|/
* Fix OpenSSL RSA to better handle no padding mode.Jack Lloyd2015-08-293-10/+45
| | | | | | In raw mode pad out plaintext inputs with zeros as needed as otherwise OpenSSL rejects the input as too small. And when decrypting, strip leading zeros to match the behavior of the base implementation.
* Reverse the algorithm priority orderingJack Lloyd2015-08-2915-25/+57
| | | | | | Previously 0 was the highest priority and 255 was the lowest. But this is really quite confusing, instead treat 0 as lowest and 255 as highest so normal integer intuitions apply.
* Remove unneeded includes and clean up socket feature testJack Lloyd2015-08-294-12/+8
|
* Remove duplicated ABI flags, and treat user-set flags as a single stringJack Lloyd2015-08-291-8/+6
|
* Fix minimized builds and amalgamation buildsJack Lloyd2015-08-294-21/+35
| | | | | | | | No need to include the pk_utils.h header until we know ECDSA is enabled in the build. Move OpenSSL_Error to an internal header, was previously defined twice when all sources were combined.
* Merge pull request #236 from bogiord/add-alloc-constructorJack Lloyd2015-08-291-4/+7
|\ | | | | | | | | Make secure_allocator conforming with C++11 allocator concept. Add a template constructor and make the equality operators standard-compliant. Missing this broke iterator debugging with MSVC 2015.
| * Make the equality operators standard-compliant.bogdan2015-08-291-4/+4
| | | | | | The equality operators need to support different specializations as well; this is also part of the standard allocator requirements.
| * Add template constructor to secure_allocatorbogdan2015-08-051-0/+3
| | | | | | This is required by the Standard for an allocator. As far as I can tell, not having it breaks compilation in MSVC 2015, at least when iterator debugging is enabled. More details here: http://stackoverflow.com/q/31802806/4326278.
* | Avoid a crash in the TLS server if the client sends ALPN but no nextJack Lloyd2015-08-281-1/+1
| | | | | | | | protocol handler was specified to the Server constructor. GH #252
* | Reorganize todoJack Lloyd2015-08-281-43/+39
| |
* | Add ECDSA provider using OpenSSLJack Lloyd2015-08-282-1/+220
| | | | | | | | | | Unfortunately the signer cannot be tested in current framework because OpenSSL does not use RFC 6979 deterministic signatures.
* | Remove unused variableJack Lloyd2015-08-281-3/+0
| |
* | Ignore logs and cachegrind/callgrind outputsJack Lloyd2015-08-281-0/+7
| |
* | Fix pk signature test framework bug.Jack Lloyd2015-08-281-5/+5
| | | | | | | | | | | | | | | | Was attempting to test that the all-zero signature is invalid, then tested some mutated signatures. Unfortunately it zeroed out the signature before doing the mutation tests, so the mutated signatures were all very-low Hamming weight strings instead of being close to the original valid signature.
* | PK speed reporting improvements.Jack Lloyd2015-08-281-4/+9
| | | | | | | | | | | | | | | | | | | | Increment the input message so each value is different rather than repeatedly hashing the same message until we regen a new random one. In ECDSA speed test be explicit about what group is being used. Remove 160 bit groups from ECC benchmarking; 80 bits is not enough anymore so doesn't much matter.
* | Move GF(p) side channel countermeasure toggles to build.hJack Lloyd2015-08-283-28/+59
| | | | | | | | Some tweaks for point multiplication using fixed windows.
* | Use 16 byte alignment for all allocations in the mlock allocatorJack Lloyd2015-08-281-7/+1
| |
* | Add override specifiers to zlib.hJack Lloyd2015-08-281-6/+6
| |