aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Disable some problem areas of TLS corruption test pending rewriteJack Lloyd2015-11-241-5/+2
| | | | Should resolve the random CI breaks
* Merge pull request #335 from cordney/patch-1Simon Warta2015-11-241-1/+1
|\ | | | | Fix sanitizer build in travis ci
| * Fix sanitizer build in travis ciRené Korthaus2015-11-241-1/+1
|/ | | The parameter is actually --with-sanitizers.
* Remove bogus code from generic mp_madd header, noticed on PPC build.Jack Lloyd2015-11-232-5/+6
| | | | Also fix a few cast and zero-as-nullptr warnings in the AltiVec header
* Merge pull request #333 from webmaster128/fix-testSimon Warta2015-11-231-10/+15
|\ | | | | Enhance tests main readability
| * Enhance tests main readabilitySimon Warta2015-11-231-10/+15
|/
* Add Simon Warta to license and creditsSimon Warta2015-11-182-0/+7
| | | | [ci skip]
* Remove mul128.h header from public viewJack Lloyd2015-11-163-19/+27
| | | | | | | | | | | | | | | The only reason mul128.h was included in mp_types.h was for the definition of dword. But dword is only needed by the generic version of mp_madd, which is an internal header. So move both the inclusion of the header and the dword definition to there. Previously mul128.h was very public (mp_types.h to bigint.h to rsa.h, for example) and use of __int128 causes problems in pedantic mode. So additionally, prefer using the TI attribute version since GCC does not complain about that. Clang's -Wpedantic does not seem to care about it either way. GH #330
* Add helper for test output files. Remove last uses of hardcoded data dir macrosJack Lloyd2015-11-165-60/+88
|
* Merge pull request #332 from tiwoc/creditsJack Lloyd2015-11-162-0/+5
|\ | | | | Add myself (tiwoc) to credits.rst and license.txt
| * Add myself to credits.rst and license.txtDaniel Seither2015-11-162-0/+5
| |
* | Update hacking.rst with copyright info and other hints. GH #331Jack Lloyd2015-11-161-7/+78
|/ | | | [ci skip]
* Avoid multiplication by zero here as get_affine will reject itJack Lloyd2015-11-131-1/+1
|
* Fix bug causing TLS client to sometimes reject DHE server kexJack Lloyd2015-11-133-35/+20
| | | | | | Re-encoding the server key exchange meant that any leading zeros in the values for DHE (or SRP) would be stripped out. This would cause the signature check to fail.
* Add remove_all to TLS session manager interfaceJack Lloyd2015-11-139-48/+69
| | | | DB::spin now returns the number of rows affected
* Remove call to abort on a zero point in PointGFp::get_affine_{x,y}Jack Lloyd2015-11-131-4/+0
|
* Drop the DH group check to a weaker version of the checksJack Lloyd2015-11-131-2/+3
| | | | since the primality tests are expensive in CPU time.
* Include the version string in the test outputJack Lloyd2015-11-131-0/+2
|
* The TLS test for corrupted data was too strict in requiring thatJack Lloyd2015-11-131-30/+32
| | | | | the first block satisfy the request, since it was possible another record header appeared in some appended corrupted data.
* Add TLS_PSK testsJack Lloyd2015-11-138-89/+220
| | | | | | | | | | | Fix a bug which rejected any short server key exchanges. These can occur with a plain PSK with short or empty identity hints. Disable SHA-224 by default. Remove some vestigal RC4 cruft. Push more on the TLS corruption tests.
* Avoid calling get_files_recursive on a possible non-directory.Jack Lloyd2015-11-112-9/+10
| | | | | | | | | The Boost directory iterator throws an exception in that case. Interestingly the current VC version does not seem to. In the interests of portability just avoid this operation rather than trying to hack around it in the Boost fs version. GH #328
* Test all providers for PK operationsJack Lloyd2015-11-111-24/+103
|
* Add missing overridesJack Lloyd2015-11-112-2/+2
|
* Fix occasional test failsJack Lloyd2015-11-114-7/+70
| | | | | | | | Increase the iterations of the BigInt::random_integer test. Since things get slow quickly, leave the larger range tests to higher soak levels. In TLS, if the corrupted data causes an exception immediately that's ok because it's corrupted data.
* Add missing copyright/license notices.Jack Lloyd2015-11-112-0/+12
| | | | [ci skip]
* Update and consolidate the test framework.Jack Lloyd2015-11-1189-21677/+8730
| | | | | | | | | | | The tests previously had used 4 to 6 different schemes internally (the vec file reader framework, Catch, the old InSiTo Boost.Test tests, the PK/BigInt tests which escaped the rewrite in 1.11.7, plus a number of one-offs). Converge on a design that works everywhere, and update all the things. Fix also a few bugs found by the test changes: SHA-512-256 name incorrect, OpenSSL RC4 name incorrect, signature of FFI function botan_pubkey_destroy was wrong.
* Tick version to 1.11.25Jack Lloyd2015-11-042-1/+6
|
* Correct 1.11.24 release dateJack Lloyd2015-11-041-1/+1
| | | | [ci skip]
* Update for 1.11.24 release1.11.24Jack Lloyd2015-11-042-4/+18
|
* Add check for path validation result in Credentials_Manager. GH #324Jack Lloyd2015-11-044-6/+18
|
* Merge pull request #322 from cordney/fix-gentoo-package-linkSimon Warta2015-11-031-1/+1
|\ | | | | Fix broken Gentoo package hyperlink
| * Fix broken Gentoo package hyperlinkRené Korthaus2015-11-031-1/+1
|/
* Update newsJack Lloyd2015-10-271-0/+6
| | | | [ci skip]
* Merge pull request #317 from randombit/cc-flag-sanityJack Lloyd2015-10-2720-142/+126
|\ | | | | Split up build options
| * Remove --build-mode and add individual toggles for optimization, debug,Jack Lloyd2015-10-2611-49/+63
| | | | | | | | | | | | sanitizers and coverage as all 4 are usefully set independently. Use GCC 4.9 on CircleCI as it seems to be supported. Add ASan + UBSan test.
| * Remove the strange conjoining of debug and optimization flags.Jack Lloyd2015-10-2612-95/+65
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously a build had optimizations disabled completely when debug info was emitted. But there are many reasons to use optimized builds with debug symbols (running under valgrind, against afl, with Asan/Ubsan, in prod, etc). And personally I find even debugging at -O2 or -O3 is fine most of the time and worth it for the speed. Use the (now documented!) --no-optimizations flag if no optimization is desired while debugging. This also removes the distinction between library and application compile flags; there is a single optimization level that is probably good enough for everything. On Win32 it removes definding _CONSOLE for the application. This seems to be some mythical value that may have been required at some point, but is not documented anywhere I can find. Who knows what VC thinks, hoping I don't have to add this back. It also drops defining `EBUG` which is what happens when you tell cl.exe to '/DEBUG'. LOL.
* | Add some tests of basic load/store opsJack Lloyd2015-10-271-2/+109
| |
* | Reduce workfactors in ffi tests to speed things alongJack Lloyd2015-10-271-2/+2
| |
* | Remove unused xor_buf.h (internal header merged into mem_ops.h)Jack Lloyd2015-10-271-144/+0
| |
* | Tick version to 1.11.23Jack Lloyd2015-10-272-1/+8
| | | | | | | | [ci skip]
* | Merge pull request #316 from randombit/mce-keygen-endianJack Lloyd2015-10-273-20/+27
|\ \ | | | | | | Fix McEliece key gen endian dependency.
| * | Fix McEliece key gen endian dependency.Jack Lloyd2015-10-273-20/+27
|/ / | | | | | | | | | | | | | | | | | | | | The tests which generate McEliece keys using a deterministic RNG and fixed seed failed on PowerPC (or other big endian systems) because the vectors assumed we were creating elements little endian, which is what happend with rng.randomize(&u16, 2) on x86 Fix it to always be little endian. No particular reason to prefer one vs the other here (we're just trying for compatability with ourselves) and choosing little endian avoids having to regen the vectors.
* | Fix dist.py to handle signed git tagsJack Lloyd2015-10-261-5/+14
| | | | | | | | [ci skip]
* | Update for 1.11.23 release1.11.23Jack Lloyd2015-10-263-4/+9
| | | | | | | | [ci skip]
* | Compile fixJack Lloyd2015-10-261-1/+1
| |
* | 1.11.22 release1.11.22Jack Lloyd2015-10-263-14/+88
| |
* | Merge pull request #314 from randombit/ct-tls-cbc-paddingJack Lloyd2015-10-2624-332/+884
|\ \ | |/ |/| TLS improvements
| * Missing include dependencyJack Lloyd2015-10-261-1/+1
| |
| * Asan fix - referencing &vec[vec.size()] instead of vec.end()Jack Lloyd2015-10-263-39/+22
| | | | | | | | Convert to a const time algo
| * TLS improvementsJack Lloyd2015-10-2522-292/+861
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Use constant time operations when checking CBC padding in TLS decryption Fix a bug in decoding ClientHellos that prevented DTLS rehandshakes from working: on decode the session id and hello cookie would be swapped, causing confusion between client and server. Various changes in the service of finding the above DTLS bug that should have been done before now anyway - better control of handshake timeouts (via TLS::Policy), better reporting of handshake state in the case of an error, and finally expose the facility for per-message application callbacks.