aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* These should be template specializationslloyd2014-11-051-5/+7
|
* Add the script used to generate mp_comba.cpplloyd2014-11-041-0/+116
|
* Let TLS policy disable putting the timestamp in the hello random fieldslloyd2014-11-046-11/+25
|
* Use noexcept on swaplloyd2014-11-041-1/+1
|
* Remove pubkey filters, broken for a long time and not usefullloyd2014-11-043-214/+0
|
* Typolloyd2014-11-041-1/+1
|
* Avoid crashing if user types before handshake completeslloyd2014-11-031-8/+9
|
* Cleanup handling of TLS AEAD nonce sizes, push all knowledge of whatlloyd2014-11-037-189/+197
| | | | the nonce sizes should be down to the ciphersuite generating script.
* Various small fixes and cleanups, new is_prime utillloyd2014-11-0320-38/+116
|
* Windows/VC build fixeslloyd2014-10-312-13/+14
|
* Fix various warnings from VC++ 2014 and add missing includelloyd2014-10-3112-37/+39
|
* No need to pass version by referencelloyd2014-10-313-3/+4
|
* Add TLS fallback signalling (draft-ietf-tls-downgrade-scsv-00)lloyd2014-10-3111-31/+77
|
* Fix error in add_str2oid call, github pull req 28etcimon2014-10-311-1/+1
|
* Use -O2 instead of -O3 with GCC as it seems tree-vectorize in 4.9.0lloyd2014-10-311-2/+2
| | | | causes problems when it converts unaligned loads to aligned SSE loads.
* If the server offers us a SCSV instead of a real ciphersuite send a fatal alertlloyd2014-10-303-0/+17
|
* Correct documentationlloyd2014-10-141-1/+1
|
* Add some secp256k1 KATs and a randomized ECC test suggested inlloyd2014-10-105-3/+148
| | | | http://crypto.stackexchange.com/questions/784
* Some documentation updates WRT DTLS and X.509 cert path processinglloyd2014-10-062-25/+100
|
* Add support for DTLS handshake timeouts and retransmissions.lloyd2014-10-068-65/+224
|
* Specify version number in message when we reject due to policylloyd2014-10-062-2/+4
|
* Handle new source filelloyd2014-10-061-4/+0
|
* Fix decoding indefinite length BER constructs that contain a contextlloyd2014-09-272-1/+4
| | | | sensitive tag of zero. Github pull 26 from Janusz Chorko.
* Don't bother polling std:: clocks if we have clock_gettimelloyd2014-08-091-32/+22
|
* Asserts here are nicelloyd2014-08-091-2/+7
|
* Move mul and square operations on a elliptic curve to CurveGFp so welloyd2014-08-094-213/+279
| | | | | can use different representations/operations depending on the curve (eg, using a specialized version for P-256 reduction)
* Have clear_mem just be a plain memset and only call the (slow)lloyd2014-08-092-2/+2
| | | | | zero_mem just before a deallocation where we are actually at risk of the compiler eliding the writes.
* Fix header guard for amalgamationlloyd2014-07-031-2/+2
|
* Erroring on strict-overflow is a little too strict, GCC 4.9 is smartlloyd2014-05-262-29/+25
|
* Remove unused test. Bugzilla 272lloyd2014-05-171-65/+0
|
* Correct CCM for L != 2. Bugzilla 270lloyd2014-05-163-1/+13
|
* merge of 'ae7e800adaf5627c6033a09814b7e3644e7d92b7'lloyd2014-05-161-3/+2
|\ | | | | | | and 'b0a68aa4287f0ccf387bb9e9196d4aa1a682fe77'
| * Avoid GCC 4.9 strict-overflow warninglloyd2014-05-031-3/+2
| |
* | VC2013 doesn't support __func__. Github #22lloyd2014-05-152-4/+10
| |
* | Visual C++'s iterator debugging gets cranky with &vec[vec.size()].lloyd2014-05-152-2/+2
|/ | | | Github #21
* Add default constructors to work around VC2013 issue. Github #17lloyd2014-05-012-0/+4
|
* Support restricting compiler ISAs to specific architectures. Specificallylloyd2014-05-012-8/+17
| | | | | to work around weird MSVC limitations in 32-bit mode, but maybe useful elsewhere someday. Github #11.
* Avoid initializer lists here, VC2013 doesn't like it. Github #18lloyd2014-05-012-5/+7
|
* Require one plausible entropy source in auto_rng, prevents the commonlloyd2014-04-271-0/+1
| | | | error of generating an amalagamation build with all of them disabled.
* Remove stub for testing applloyd2014-04-272-2/+0
|
* Any fixed MR iterations is probably wrong for somebody. Allow the userlloyd2014-04-2512-37/+91
| | | | | | to specify a probability as well as if n was randomly chosen or not. If the input is random use a better bounds to reduce the number of needed tests.
* Avoid std::chrono::steady_clock, missing in some distro gccslloyd2014-04-251-1/+0
|
* Avoid crash if read returns an error. Canonical case is on the blocking devicelloyd2014-04-241-1/+2
| | | | | with concurrent readers; if someone else got the entropy first we can get -1/errno=EAGAIN
* Doc fixlloyd2014-04-161-1/+1
|
* Use MADV_DONTDUMP on Linux, equiv to MAP_NOCORE on BSDlloyd2014-04-141-1/+5
|
* Use 20 Miller-Rabin iterations regardless of the size of the integer. Thislloyd2014-04-135-186/+47
| | | | | provides a much better worst-case error bound. Also take the nonce from anywhere in the usable range rather than limiting the bit size.
* Deindent to avoid github manglinglloyd2014-04-131-36/+34
|
* Compile fixlloyd2014-04-131-2/+2
|
* Have TLS_Data_Reader decoding errors include the actual msg type namelloyd2014-04-1212-44/+47
|
* Bump versionlloyd2014-04-121-1/+1
|