aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Various minor SSL fixeslloyd2010-02-1415-52/+48
|
* propagate from branch 'net.randombit.botan' (head ↵lloyd2010-02-1436-1/+4477
|\ | | | | | | | | | | 5bfc3e699003b86615c584f8ae40bd6e761f96c0) to branch 'net.randombit.botan.ssl' (head 6865128cf0c5f6ad1987e22cc1d521fd2e38fd21)
| * propagate from branch 'net.randombit.botan' (head ↵lloyd2010-02-141-11/+8
| |\ | | | | | | | | | | | | | | | f3117d253e37aaf3f094137c1b028bebb8a2575a) to branch 'net.randombit.botan.ssl' (head 9d4861abf3f8b5394134752fa46035cf4b3d6bc7)
| * | Give ssl branch its own sonamelloyd2010-02-141-1/+1
| | |
| * | propagate from branch 'net.randombit.botan' (head ↵lloyd2010-02-148-11/+11
| |\ \ | | | | | | | | | | | | | | | | | | | | 8cb312218bfd603dea11a2858a7a52c98b6e8d51) to branch 'net.randombit.botan.ssl' (head 2d8711e311473c352c68c9633a4069d359a66fcc)
| * \ \ propagate from branch 'net.randombit.botan' (head ↵lloyd2010-02-1485-395/+14831
| |\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | dd33b7150f3f49d795e4eb962d8d41d1ada58d8d) to branch 'net.randombit.botan.ssl' (head 1452205423962b664263fd2a35149122dfc94d37)
| * | | | Import latest version of Ajisai into src/ssl; once this hits mainlinelloyd2010-01-1135-0/+4476
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I'll officially kill off Ajisai (instead of it just lingering as a zombine as it is currently). Apparently I broke something (or multiple things) during the import process; servers crash and clients gets MAC errors on connect.
* | | | | Reset buffer position in end_msglloyd2010-02-141-0/+2
| |_|_|/ |/| | |
* | | | Switch back to stdio.h-based debug funcs, iostreams was broken and sillylloyd2010-02-141-11/+8
| |_|/ |/| |
* | | Make SecureQueue public. Needed, at least for the moment, for SSL handling.lloyd2010-02-147-7/+7
| | |
* | | Call global functions with :: prefixlloyd2010-02-141-4/+4
| |/ |/|
* | In SCAN_Name's constructor, first run the input through deref_alias beforelloyd2010-02-142-3/+5
| | | | | | | | | | breaking it apart. Otherwise it would miss on things like TLS.Digest.0 which expand to Parallel(MD5,SHA-1) which needs further parsing.
* | Correct passhash9 vector for recent format changes (longer salt+PRF output, ↵lloyd2010-02-141-2/+3
| | | | | | | | alg id)
* | Fix passhash9 test for updated API and macro namelloyd2010-02-141-6/+6
| |
* | Minor tweak, save a line and more readable IMOlloyd2010-02-141-2/+1
| |
* | Fix leaks in several of the cipher mode filters. Introduced by thelloyd2010-02-144-2/+12
| | | | | | | | | | removal of the cipher mode base class, which handled deleting the cipher object.
* | Further passhash changes before release and things have to belloyd2010-02-057-110/+219
| | | | | | | | | | | | | | | | | | | | | | | | | | | | finalized. Move header to passhash9.h and rename the functions to be passhash9 specific ({generator,check}_passhash9) Add an algorithm identifer field. Currently only id 0 is defined, for HMAC(SHA-1), but this opens up for using HMAC(SHA-512) or HMAC(SHA-3) or CMAC(Blowfish) or whatever in the future if necessary. Increase the salt size to 96 bits and the PRF output size to 192 bits. Document in api.tex
* | Fix some buffering and off-by-one errors in Buffering_Filter::writelloyd2010-02-031-19/+10
| | | | | | | | Still not totally convinced this code is correct.
* | MD4's M buffer was set to be 48 words instead of 16. This had beenlloyd2010-02-032-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | extant for a long long time and was never caught because until recently the code did not depend on M.size(). However with the recent loadstore changes that use memcpy to load the entire array in one shot, an extra 128 bytes of memory would be read (but not used) in each iteration. This probably did not cause any problems except for Valgrind warnings, though in some situations it would be possible for the M buffer and MDx_HashFunctions buffer to be close enough that memcpy would be called with overlapping regions, which could cause arbitrarily weird failures since memcpy is allowed to assume they do not overlap.
* | Move the get_byte template to its own header, because many fileslloyd2010-02-0220-28/+44
| | | | | | | | including loadstor.h actually just needed get_byte and nothing else.
* | Prefix passhash with "$9$" in a manner similar with otherlloyd2010-02-025-19/+64
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | password hashing schemes. Increase salt size to 80 bits. Research shows that virtually no other PBKDF2 implementations support anything but SHA-1; for ease of implementation elsehwere switch back from SHA-512 to SHA-1. Should be mostly harmless; it limits total entropy of the password to a maximum of 160 bits, but this is unlikely anyway. Use two bytes to specify the work factor for future-proofing. Add a test.
* | Password hashing is a pretty useful service, really. Move the guts oflloyd2010-02-015-58/+133
| | | | | | | | | | | | | | | | the passhash example to the library. Support variable work factors; default work factor of 10 takes about half a second to do one password on my Core2. Switch to using SHA-512 instead of SHA-1 in PBKDF2. To keep the output evenly sized for base64 purposes, reduce PBKDF2 output size by one byte (to 112 bits).
* | Document S2K changelloyd2010-02-011-0/+1
| |
* | Remove include of rng.h in s2k.h since it is no longer used. Add anlloyd2010-02-013-2/+1
| | | | | | | | | | include for the exception types in pbkdf1 since previously it inherited that from the rng.h include.
* | Modify the S2K interface. Instead of being stateful in terms of the saltlloyd2010-02-0118-211/+150
| | | | | | | | | | | | | | | | | | | | | | and iteration count, force it to be passed to each call to derive_key. So remove current_salt, set_iterations, new_random_salt, and change_salt functions from S2K interface. Update examples and test application to match. While I was in there, change the passhash example to use 64 bit salts and 128 bit PBKDF2 outputs.
* | Lowercase DOCDIR to match common conventionslloyd2010-01-293-3/+3
| |
* | Add a set of test vectors for 3DES in counter mode generated bylloyd2010-01-291-0/+2746
| | | | | | | | | | Crypto++ 5.6.0. Includes several largeish (64 and 128 block) tests, as further tests for a future bitslice implementation.
* | Add a set of XTS tests using TripleDES; XTS mode supports either a 64-bitlloyd2010-01-281-0/+1408
| | | | | | | | | | | | | | | | | | | | or 128-bit cipher, but so far only 128-bit ciphers had been tested. I could not find another implementation of XTS supporting 3DES so these may be wrong, but at least this ensures they will be consistently wrong. Mostly in the smaller range (9 to 128 bytes) plus a few with large inputs (64 blocks) because if a bitslice DES implementation is ever added a test that actually does 64 blocks in parallel will be needed.
* | Remove debug checklloyd2010-01-271-7/+10
| |
* | Fix several buffering problems in the XTS implementation that wouldlloyd2010-01-252-9/+7141
| | | | | | | | | | | | | | | | | | | | | | | | | | cause bad results if the input was not an even multiple of the block size. No released version was broken because the changes which caused the problem were related to using Buffered_Filter, which was introduced after 1.9.3 was released. Add more XTS test vectors using AES, Serpent, and Twofish. The AES tests come from Brian Gladman's XTS implementation. The Serpent and Twofish tests were generated by botan.
* | Remove global variablelloyd2010-01-222-4/+2
| |
* | Prevent a crash in GMP_Engine if the library is shutdown and thenlloyd2010-01-223-12/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | reinitialized. It would cache an Allocator pointer on first use, and then never zero it, so after the reinit the pointer would be going to a now deallocated Allocator object. Encountered in the SoftHSM test suite, reported by Ondrej Sury. Use a simple reference counting scheme to zero the pointer, and reset the GNU MP memory functions. This also fixes a quite obscure and never reported bug, that if the GMP engine was used, and if the library was deinitialized but then the program tried to use GNU MP, the allocator functions would crash. Now after deinit the allocator funcs revert to the defaults. The reference count is not updated atomically so this is not thread safe, but seems a non-issue; the only time this could happen (especially now that the GMP engine header is internal-only) is if multiple threads were attempting to initialize / shutdown the library at once - which won't work anyway for a variety of reasons, including contention on the (unlocked) global_lib_state pointer. If at some point thread safety is useful here, the refcnt can be locked by a mutex, or kept in an atomic<unsigned int>.
* | Add SQLite3 encryption codec, contributed by Olivier de Gaalon. Useslloyd2010-01-228-0/+727
| | | | | | | | Twofish in XTS mode for encryption by default, but is easily tweakable.
* | s/j/i/ in looplloyd2010-01-211-2/+2
| |
* | Inline debug funcs to debug.h, make print_vec a template on the base typelloyd2010-01-213-38/+15
| |
* | Ignore example binarieslloyd2010-01-191-0/+1
| |
* | Fix cpuid examplelloyd2010-01-191-1/+0
| |
* | Add OID for Serpent/CBClloyd2010-01-191-0/+1
| |
* | Add SIMD version of Noekeon. On a Core2, about 2.7x faster using SIMD_SSE2lloyd2010-01-128-2/+2230
| | | | | | | | and 1.6x faster using SIMD_Scalar.
* | Kill unneeded includelloyd2010-01-121-1/+0
| |
* | Fix a test broken by the recent exception hierarchy changeslloyd2010-01-121-10/+2
| |
* | Add operator& and non-mutating rotates to SIMD_32lloyd2010-01-124-0/+34
| |
* | Remove a debug printlloyd2010-01-121-3/+0
|/
* Add block cipher cascadelloyd2010-01-117-2/+215
|
* Typo fixlloyd2010-01-111-1/+1
|
* Minor cleanuplloyd2010-01-081-8/+9
|
* Remove catch clauses made redundant by inheritence changes in exception ↵lloyd2010-01-081-5/+0
| | | | hierarchy.
* merge of 'bf0e5684d8ba5fb0a21cdcd11d26995cbb250c4a'lloyd2010-01-0731-153/+97
|\ | | | | | | and 'e30a741f6014987e9683842ede22c44b2db03c56'
| * Clean up exceptions. Remove some unused ones like Config_Error. Makelloyd2010-01-0531-153/+97
| | | | | | | | | | | | | | Invalid_Argument just a typedef for std::invalid_argument. Make Botan::Exception a typedef for std::runtime_error. Make Memory_Exhaustion a public exception, and use it in other places where memory allocations can fail.
* | Doxygen commentslloyd2010-01-071-14/+63
| |
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-17 23:47:36 +0000