Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Use uint64_t to represent 32-bit number (fixes unittests) | Krzysztof Kwiatkowski | 2017-05-03 | 1 | -1/+1 |
| | |||||
* | Update copyright headers | Krzysztof Kwiatkowski | 2017-05-03 | 2 | -2/+6 |
| | |||||
* | Add vectors for HMAC backed SP800-56A KDF | Krzysztof Kwiatkowski | 2017-05-03 | 1 | -2/+1417 |
| | |||||
* | SP800-56A revision 2 implementation | Krzysztof Kwiatkowski | 2017-05-03 | 3 | -29/+74 |
| | |||||
* | Adds KDF based on SP 800-56A. Currently it is revision 1 (alternative 1). It ↵ | Krzysztof Kwiatkowski | 2017-05-03 | 6 | -1/+1549 |
| | | | | should be extended to revision 2. | ||||
* | Merge GH #1032 Throw exception with OpenSSL error message if OpenSSL API ↵ | Jack Lloyd | 2017-04-29 | 5 | -35/+65 |
|\ | | | | | | | call fails | ||||
| * | Throw OpenSSL exception if any OpenSSL function failed. | Alexander Bluhm | 2017-04-29 | 5 | -35/+65 |
| | | | | | | | | | | Checking for all failures helps to find problems early. The OpenSSL_Error() exception provides the OpenSSL error string. | ||||
* | | Merge GH #1031 Show OpenSSL errors in case of test failure | Jack Lloyd | 2017-04-29 | 2 | -1/+10 |
|\ \ | |||||
| * | | Do not load OpenSSL error messages in library. | Alexander Bluhm | 2017-04-28 | 1 | -1/+0 |
| | | | | | | | | | | | | | | | | | | The function ERR_load_crypto_strings() should be called by the program or during library initializeation. Remove it from get_openssl_enc_pad(), this looks like an accident. | ||||
| * | | Show OpenSSL error messages if test fails. | Alexander Bluhm | 2017-04-28 | 1 | -0/+10 |
| |/ | | | | | | | | | | | Call ERR_load_crypto_strings() during test initialization if the openssl provider is also tested. This gives human readable error messages. | ||||
* | | Merge GH #1030 Mention LibreSSL is also supported | Jack Lloyd | 2017-04-29 | 2 | -1/+2 |
|\ \ | |/ |/| | |||||
| * | Mention LibreSSL in the docs. | Alexander Bluhm | 2017-04-28 | 2 | -1/+2 |
|/ | | | | | The --with-openssl compile option can also used with LibreSSL. Move the feature from the todo list to the documentation. | ||||
* | Merge GH #1000 Support seeking in CTR mode | Jack Lloyd | 2017-04-27 | 4 | -25/+2858 |
|\ | |||||
| * | Refactor: remove big-endian addition code duplication | René Meusel | 2017-04-13 | 2 | -18/+27 |
| | | |||||
| * | add a line to news.rst | René Meusel | 2017-04-13 | 1 | -0/+2 |
| | | |||||
| * | Refactor: use ::seek(0) in CTR_BE::set_iv() | René Meusel | 2017-04-13 | 1 | -18/+1 |
| | | |||||
| * | add test sets for CTR-BE(***) | René Meusel | 2017-04-13 | 1 | -0/+2810 |
| | | |||||
| * | Add implementation of CTR_BE::seek() | René Meusel | 2017-04-13 | 2 | -2/+31 |
| | | |||||
* | | Merge GH #1024 Further configure cleanups, make pylint mandatory | Jack Lloyd | 2017-04-27 | 5 | -177/+216 |
|\ \ | |||||
| * | | Make configure script pylint2 complient | Simon Warta | 2017-04-26 | 2 | -15/+18 |
| | | | |||||
| * | | Put lint travis job into action | Simon Warta | 2017-04-26 | 2 | -4/+2 |
| | | | |||||
| * | | Add .editorconfig to help writing pylint complient .py files | Simon Warta | 2017-04-26 | 1 | -0/+12 |
| | | | |||||
| * | | ignore new pylint rule: no-else-return | Simon Warta | 2017-04-26 | 1 | -1/+2 |
| | | | |||||
| * | | Refactor strip_header_goop | Simon Warta | 2017-04-26 | 1 | -16/+24 |
| | | | |||||
| * | | Simplify list emptyness check | Simon Warta | 2017-04-25 | 1 | -1/+1 |
| | | | |||||
| * | | Let caller of _isa_specific_flags care for string representation | Simon Warta | 2017-04-25 | 1 | -7/+10 |
| | | | |||||
| * | | Remove extra code branch for house_ecc_curve_defines | Simon Warta | 2017-04-25 | 1 | -5/+2 |
| | | | |||||
| * | | Extract prepare_configure_build() | Simon Warta | 2017-04-25 | 1 | -17/+23 |
| | | | |||||
| * | | Split main method into main actions | Simon Warta | 2017-04-25 | 1 | -67/+78 |
| | | | |||||
| * | | Rename info_* variables for consistency | Simon Warta | 2017-04-25 | 1 | -11/+11 |
| | | | |||||
| * | | Group info file loading | Simon Warta | 2017-04-25 | 1 | -12/+11 |
| | | | |||||
| * | | Make argv non-optional in main() | Simon Warta | 2017-04-25 | 1 | -8/+3 |
| | | | |||||
| * | | Run --list-modules after options are checked | Simon Warta | 2017-04-25 | 1 | -5/+5 |
| | | | |||||
| * | | Move Jython check to correct position | Simon Warta | 2017-04-25 | 1 | -3/+5 |
| | | | |||||
| * | | Move os/cpu/cc detection to set_defaults_for_unset_options | Simon Warta | 2017-04-25 | 1 | -38/+38 |
| | | | |||||
| * | | Extract canonicalize_options | Simon Warta | 2017-04-25 | 1 | -19/+22 |
| | | | |||||
| * | | Move os and cc validation into validate_options | Simon Warta | 2017-04-25 | 1 | -14/+12 |
| | | | |||||
| * | | Move windows+gcc check to validate_options | Simon Warta | 2017-04-25 | 1 | -3/+3 |
| | | | |||||
| * | | Move policy option check into validate_options | Simon Warta | 2017-04-25 | 1 | -10/+8 |
| | | | |||||
| * | | Extract set_defaults_for_unset_options | Simon Warta | 2017-04-25 | 1 | -5/+11 |
| | | | |||||
| * | | Extract method validate_options() | Simon Warta | 2017-04-25 | 1 | -8/+15 |
| | | | |||||
| * | | Remove unused with_visibility | Simon Warta | 2017-04-25 | 1 | -12/+2 |
| | | | | | | | | | | | | | | | | | | | | | | | | "Both flags can be removed, I think they were added in 8b2e5f9 because at the time some versions of GCC we supported (<= 3.4) did not support the visibility flags so there needed to be some way to disable it." Closes #1020 | ||||
| * | | Refactor: read_textfile() | Simon Warta | 2017-04-25 | 1 | -7/+9 |
| | | | |||||
* | | | Merge GH #1022 Support CBC ciphers via OpenSSL | Jack Lloyd | 2017-04-27 | 6 | -71/+344 |
|\ \ \ | |||||
| * | | | Implement cipher modes with OpenSSL. | Alexander Bluhm | 2017-04-25 | 6 | -71/+344 |
| |/ / | | | | | | | | | | | | | | | | Use the OpenSSL provider to implement AES CBC mode. Also pass down the provider to the encryption layer if there is no matching OpenSSL mode. Add a test with empty nonce. | ||||
* | | | Merge GH #1017 Complete wildcard handling for X.509 certificates | Jack Lloyd | 2017-04-27 | 3 | -4/+178 |
|\ \ \ | |||||
| * | | | Complete wildcard handling for X.509 certificates | René Korthaus | 2017-04-20 | 3 | -4/+178 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Hostname validation is used to make sure the certificate hostname matches the hostname of the connected host. RFC 6125 allows one wildcard in the left-most label of a hostname. Up to now, we only supported only the wildcard as the left-most label, e.g., www.example.com would match *.example.com, but www.example.com would not match www*.example.com, although it is permitted. Also adds test vectors from RFC 6125 as well as the OpenSSL test suite. | ||||
* | | | | Merge GH #1023 Add missing functions to TLS::Text_Policy | Jack Lloyd | 2017-04-27 | 1 | -1/+13 |
|\ \ \ \ | |||||
| * | | | | Make it easier to customize Text_Policy when inheriting from it | louiz’ | 2017-04-27 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This way, the library user can improve the class by adding missing functions or some other tweak they may find useful. Without any access to m_kv this is impossible. | ||||
| * | | | | Add some missing function overrides in TLS::Text_Policy | louiz’ | 2017-04-25 | 1 | -0/+12 |
| | |/ / | |/| | |