aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Tick 1.9.6-devlloyd2010-03-303-4/+6
|
* Update for 1.9.5 release 2009-03-291.9.5lloyd2010-03-293-3/+3
|
* Also remove compression bits from record writerlloyd2010-03-251-14/+4
|
* Remove single byte versions of read and write - caused problems with overloadslloyd2010-03-251-3/+0
| | | | for bind/function
* Remove the bits for supporting compression - it was never actuallylloyd2010-03-252-19/+4
| | | | | supported, and compression can come later on when the overall architecture is more solid/stable.
* Use size_t for lengths in Socket interfacelloyd2010-03-253-9/+9
|
* Report TR1 missing as different from incompatible compiler in configure outputlloyd2010-03-251-5/+10
|
* Allow adding engines dynamicallylloyd2010-03-243-17/+20
|
* Show as creating an engine insteadlloyd2010-03-241-27/+31
|
* Remove printfslloyd2010-03-231-17/+0
|
* Make Record_Reader event driven. Callers (eg TLS_Client andlloyd2010-03-236-45/+132
| | | | | TLS_Server) are not; they instead loop blocking on the socket. Will move the event-driven behavior upwards as I go.
* Delete global RNG and the mutex in ~Library_Statelloyd2010-03-231-3/+5
|
* Don't delete the global RNG in AutoSeeded_RNG's destructorlloyd2010-03-231-1/+0
|
* Rename SecureVector::L param to INITIAL_LEN so as to be somewhat obvious as ↵lloyd2010-03-231-2/+3
| | | | to meaning
* Remove SecureBuffer, which is the fixed-size variant of SecureVector.lloyd2010-03-2363-137/+101
| | | | | | | | | | | | | | Add a second template param to SecureVector which specifies the initial length. Change all callers to be SecureVector instead of SecureBuffer. This can go away in C++0x, once compilers implement N2712 ("Non-static data member initializers"), and we can just write code as SecureVector<byte> P{18}; instead
* Fix factor wrt rename of primality test functionslloyd2010-03-231-1/+1
|
* Remove reference to no-longer existing function in docslloyd2010-03-221-6/+2
|
* Fix Doxygen comment for grow_tolloyd2010-03-221-4/+6
|
* Don't bother benchmarking 512 or 768 bit keys; considering an RSAlloyd2010-03-211-7/+4
| | | | | | | | | modulus of 768 bits has already been publicly factored, and discrete logarithm algorithms run in about the same time, these keys aren't safe to use no matter how fast they are. Also remove the 8192 bit RSA/RW keys - it took too long to generate them, and nobody is likely to be using 8K bit keys anytime soon anyway.
* Move class decls togetherlloyd2010-03-211-10/+10
|
* Move where pk_ops is included, remove rng.h from dl_algo.hlloyd2010-03-214-5/+3
|
* KeyPair::check_key's behavior of throwing an exception upon failure waslloyd2010-03-219-112/+75
| | | | | | | | | | | | | | not useful; in all cases, we immediately caught it and then returned false. Modify as follows: - Create the pubkey objects inside the checking code, so calling code doesn't need to do it. - Return true/false for pass/fail Also add consistency checking for ECDSA keys
* In add_entropy(), additionally poll for 64 bits of system entropylloyd2010-03-191-15/+20
| | | | | | | | | | | | | to mix in with the user input. Check that the prf and extractor are compatible. For the initial PRF key, use all zeros of the appropriate size, and for the initial XTS key, use PRF("Botan HMAC_RNG XTS"). This ensures that only the one fixed key size is ever used with either the prf or extractor objects, allowing you to use, say HMAC(SHA-256)+CMAC(AES-256), or even CMAC(AES-128)+CMAC(AES-128) as the PRFs in the RNG.
* Don't require the AES module; if it's there its there, if it's notlloyd2010-03-192-4/+2
| | | | then you can't use the global PRNG but everything else still works.
* Replace PointGFp::check_invaraints, which would either return silentlylloyd2010-03-198-71/+49
| | | | | | | | | | | or throw an exception, with PointGFp::on_the_curve, which returns a bool. Update callers. This showed several cases where check_invaraints was being called multiple times, for instance when decoding a point with OS2ECP, check_invaraints was called; many callers of OS2ECP would then call check_invaraints again on the same object.
* Add a couple of new helper functions to BER_Decoder:lloyd2010-03-196-46/+42
| | | | | | | | | | decode_and_check takes an expected value; if the decoded value does not match, a Decoding_Error with a specified string is thrown. Useful for checking embedded version codes. decode_octet_string_bigint is for decoding INTEGER values that are stored as OCTET STRINGs. Totally obnoxious and useless, but common especially in the ECC standards.
* If check against copy fails, print algo namelloyd2010-03-191-1/+1
|
* More warning flagslloyd2010-03-191-2/+2
|
* A number of changes to primality tests:lloyd2010-03-196-168/+46
| | | | | | | | | | | | | | Use 64 bit nonces in the Miller-Rabin test, instead of 40 bits. Rename check_prime to quick_check_prime and is_prime to check_prime Remove some internal functions which weren't used outside the primality test code, along with the prime products table. For quick checking, instead of doing Miller-Rabin with fixed base 2, do a small number of randomized tests. Always use random bases instead of the first n primes.
* There are some nasty API problems that are caused by having to pass alloyd2010-03-1912-66/+121
| | | | | | | | | | | | | | | | | | | | | | | | PRNG everywhere. The removal of the global PRNG was generated by a desire to remove the global library state entirely. However the real point of this was to remove the use of globally visible _mutable_ state; of the mutable state, the PRNG is probably the least important, and the most useful to share. And it seems unlikely that thread contention would be a major issue in the PRNG. Add back a global PRNG to Library_State. Use lazy initialization, so apps that don't ever use a PRNG don't need a seeding step. Then have AutoSeeded_RNG call that global PRNG. Offer once again RandomNumberGenerator& Library_State::global_rng(); which returns a reference to the global PRNG. This RNG object serializes access to itself with a mutex. Remove the hack known as Blinding::choose_nonce, replace with using the global PRNG to choose a blinding nonce
* Don't call get_eme or get_kdf with name "Raw" (returns NULL); ideallylloyd2010-03-191-3/+3
| | | | | | would like to replace these functions with generic engine code instead of hardcoded lookup, and NULL return value would be impossible to disambiguate.
* Initialize m_pk to null in constructorlloyd2010-03-171-0/+2
|
* The logic PointGFp::operator*= was basically doinglloyd2010-03-162-29/+31
| | | | | | | | | *this = scalar * *this; And operator* was doing a needless copy. Instead make operator* a real multiplication operation, define *= in terms of it.
* Shuffle functions for easier readinglloyd2010-03-162-74/+75
|
* Disable VC++ 4275 entirely; it also causes warnings when building thelloyd2010-03-161-2/+2
| | | | test app...
* Fix include. <botan/mp_core.h> was picking up the system installed version,lloyd2010-03-161-1/+1
| | | | which happened to be compatible enough to work.
* Add a couple of verification tests for GOST 34.10lloyd2010-03-163-3/+65
| | | | | | | | | | | Generating the test vectors found yet another inane (and, of course, undocumented) behavior in the GOST implementation included in OpenSSL; it treats the hash inputs as little endian. Just out of curiousity, I checked RFC 5832, which supposedly specifies this algorithm; not a peep about endian conversions. The more I deal with standards coming out of the CryptoPro people, the less confidence I have in them.
* Fix GOST 34.10 benchmarklloyd2010-03-161-1/+1
|
* Add a special handler for the case of doing a subtraction as in:lloyd2010-03-167-391/+470
| | | | | | | | x -= y; where abs(x) < abs(y). This change alone increases ECDSA performance by 5 to 15%
* Name other params. Remove decls of functions that don't existlloyd2010-03-151-14/+36
|
* Name paramslloyd2010-03-151-16/+25
|
* Various microoptimizations, 5-12% improvementlloyd2010-03-151-8/+15
|
* Use a 4-bit wide window for point multiplicationlloyd2010-03-151-14/+21
|
* Rewrite point mult to make larger windows easierlloyd2010-03-151-7/+14
|
* Disable fault protection for DSA, NR, and GOST 34.10 benchmarkslloyd2010-03-151-2/+2
|
* Strength reduce on multiplies in PointGFplloyd2010-03-151-4/+5
|
* Cache memory used for operations in pointlloyd2010-03-151-16/+18
|
* Modify to allow better memory cachinglloyd2010-03-152-21/+52
|
* Cache p.sig_words() in curve objectlloyd2010-03-153-27/+68
| | | | Avoid using Barett reduction in core operations; seems to help perf.
* Use bigint_{mul,sqr} in PointGFp monty opslloyd2010-03-152-9/+8
|