aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Realization while thinking about the recently added truncate: in a STLlloyd2010-09-077-52/+39
| | | | | | | | | | | | | | | | | | container like vector, truncate is simply resize, but what MemoryRegion called resize will zap the entire contents, and then what was resize was called grow_to. This is really problematic in terms of the goal of replacing MemoryRegion with a vector with a custom allocator. In this checkin: - Remove MemoryRegion::grow_to and MemoryRegion::truncate - Change the semantics of MemoryRegion::resize to change the size while keeping any current contents intact (up to the new size), zero initializing any new values. Unrelated, just noticed the lack while I was in there, add a version of CryptoBox::decrypt taking a std::string for the input.
* Add a basic test for cryptoboxlloyd2010-09-071-0/+46
|
* Call test that was defined but not usedlloyd2010-09-071-4/+5
|
* Avoid name clashing, Sun Studio doesn't like thislloyd2010-09-071-2/+3
|
* Disable a couple of very noisy warnings which don't provde a hugelloyd2010-09-071-1/+2
| | | | | amount of value. Add a note that -library=stlport4 may be needed on Linux (seems to depend on glibc version).
* Prevent loop variable shadowinglloyd2010-09-071-12/+12
|
* Remove trailing comma from enum decllloyd2010-09-071-1/+1
|
* Prevent shadowing of one loop param with anotherlloyd2010-09-071-1/+1
|
* Update CPU optimization flags for Sun Studio to the previous decade.lloyd2010-09-071-6/+10
| | | | | | | Also use -xO5 instead of -xO2; everything seems to work under -xO5 on x86-32 and x86-64 with my version of Sun Studio. Curiously, several things are miscompiled with -xO2! Definitely doesn't give me positive feelings about this optimizer.
* My version of Sun Studio has the same reverse iterator bug as GCC 3lloyd2010-09-071-1/+1
|
* The SSSE3 intrinsics apparently work under Sun Studio as welllloyd2010-09-071-0/+1
|
* Cast the first argument to msync, munmap, mlock, and munlock to char*lloyd2010-09-072-4/+4
| | | | | to fix compilation on Solaris. Everybody else, including POSIX.1, uses void* here, but as usual Solaris likes to be special.
* If the numeric_limits tests fail, make the output a little less dramaticlloyd2010-09-031-4/+4
|
* Fix comparison functorlloyd2010-09-031-3/+3
|
* According to Thomas Maier-Komor in a post to botan-devel, the rightlloyd2010-09-031-0/+2
| | | | | way to create a static library using Sun Studio is to invoke the compiler with the -xar flag.
* Clean up the unix process running entropy source a little bit. Tweaklloyd2010-09-033-24/+35
| | | | | | priorities slightly, pushing netstat -s and netstat -an higher since they change freqently and don't have a huge amount of output. Use the -n flag with lsof, which inhibits name lookups which we don't need.
* Work around Sun Studio multimap insert buglloyd2010-09-031-0/+5
|
* The modern name for Sun Workshop Pro is Sun Studiolloyd2010-09-031-1/+1
|
* Uglify Data_Store::search_with a little to go through multimap_insertlloyd2010-09-031-1/+7
| | | | to avoid a Sun Studio bug.
* Remove calling getsid, it causes problems with too many differentlloyd2010-09-031-3/+1
| | | | | various compilers/platforms, and likely doesn't contribute much of anything. Also only grab real uid and gid, ignoring effective ids.
* Remove declaration of Hex_Encoder::encode, which was removed in an earlierlloyd2010-09-031-8/+4
| | | | checkin.
* Fix dependency update scriptslloyd2010-09-032-2/+2
|
* Add dependencies for SSL modulelloyd2010-09-031-0/+20
|
* Remove filter/pipe dependency herelloyd2010-09-032-14/+6
|
* Document recent changeslloyd2010-09-031-0/+4
|
* Wrap lineslloyd2010-09-031-7/+23
|
* Update some callers that were using Hex_Encoder or Hex_Decoder butlloyd2010-09-034-35/+26
| | | | | | | | | | | | | | | | | | really didn't need to. The ones in symkey and big_code were actually calling accessor functions to do the encoding themselves without a Pipe (should have definitely recognized that as a code smell). These versions have changed semantically with this checkin - previously they would completely ignore bad inputs, but now invalid inputs are rejected. For instance, you cannot say SymmetricKey key("Only some of this is hex, most of it isn't"); And expect to get a valid key formed by filtering out the non-hex characters and then decoding it. This is almost certainly a good thing. Also fix include in Botan.xs
* Add a simple function to MemoryRegion to truncate to a specified size.lloyd2010-09-031-0/+10
| | | | Required by the hex decoder.
* Use the standalone version of the hex decoder instead of the wrapper thatlloyd2010-09-038-122/+102
| | | | previously existed in misc.cpp that emulated it via a pipe and filter.
* Add a standalone version of hex encoding and decoding, defining the filterslloyd2010-09-038-137/+334
| | | | | | | | in terms of these calls. The header for the hex filter is renamed hex_filt.h. This probably won't affect people because filters.h (included by botan.h) already included hex.h, and now just includes hex_filt.h instead.
* Interesting factoid, turns out that overloading std::swap is notlloyd2010-09-021-1/+5
| | | | | | | allowed by the standard, however specializing it is. Fix this for BigInt; it appears the Flexsecure guys knew this since the CurveGFp and PointGFp classes already uses the template specialization rather than an overload.
* Add 1.8.10 change noteslloyd2010-08-311-0/+9
|
* Rename mp_amd64_msvc to mp_msvc64 since it supports both AMD64 andlloyd2010-08-253-2/+2
| | | | | IA-64 (and, hypothetically, any other 64 bit CPU Visual C++ might target in the future).
* Add support for Windows-style dynamic loading with LoadLibrary. Notlloyd2010-08-253-8/+32
| | | | yet tested.
* Add 3 more tests of Tiger, test vectors via Crypto++lloyd2010-08-231-0/+20
|
* merge of '4c134c636202fe03606cf0825bad22bd5362a224'lloyd2010-08-223-8/+9
|\ | | | | | | and '9e16b5a133480199541647fe245b79b059c9d5ca'
| * Add support for Atom processors.lloyd2010-08-223-8/+9
| | | | | | | | | | | | | | Fix a bug that would cause a harmless but bogus macro to be generated in build.h if you used --enable-sse2 Add --enable-movbe to turn on a macro marking movbe as available
* | For passhash9, add another interface that allows the caller to specifylloyd2010-08-224-18/+45
|/ | | | | | | | | | | which PRF they want to use. The old interface just calls this new version with alg_id set to 0 which is HMAC(SHA-1), which was previously the only supported PRF. Assign new codepoints for HMAC(SHA-256) and CMAC(Blowfish) to allow their use with passhash9. Have the generate+check tests run a test for each supported PRF.
* When creating a PBKDF2, first check if the argument name is a knownlloyd2010-08-212-2/+11
| | | | | | | | | | | | | MAC. If it is, use it as the PRF. Otherwise assume it is a hash function and use it with HMAC. Instead of instantiating the HMAC directly, go through the algorithm factory. Add a test using PBKDF2 with CMAC(Blowfish); Blowfish mainly because it supports arbitrarily large keys, and also the required 4 KiB of sbox tables actually would make it fairly useful in that it would make cracking using hardware or GPUs rather expensive. Have not confirmed this vector against any other implementation because I don't know of any other implementation of PBKDF2 that supports MACs other than HMAC.
* Turns out OpenSSL's implementation of PBKDF2 allows empty passphrases,lloyd2010-08-214-6/+16
| | | | | | | | | | | | | | | | | so for compatability with keys that were encrypted with an empty passphrase we probably want to support it as well. In PBKDF2, don't reject empty passphrases out of hand; simply call set_key and if the underlying MAC cannot use the key, throw an informative exception. This will also be more helpful in the case that someone tries using another MAC (say, CMAC) with a block cipher that only supports keys of specific sizes. In HMAC, allow zero-length keys. This is not really optimal in the sense of allowing the user to do something dumb, but a 1 byte key would be pretty dumb as well and we already allowed that. Add a test vector using an empty passphrase generated by OpenSSL
* Fix paper ref URL, remove unused prefetch includelloyd2010-08-201-5/+9
|
* Also use a smaller table in the first round of AES in the decrypt directionlloyd2010-08-191-9/+19
|
* Use a different idiom for handling the different cases between beinglloyd2010-08-194-45/+48
| | | | | passed a ref and having to allocate a new stream object, a little bit cleaner I think.
* In the first round of AES, use a 256 element table and do thelloyd2010-08-182-9/+29
| | | | | | | | | | | | | rotations in the code. This reduces the number of cache lines potentially accessed in the first round from 64 to 16 (assuming 64 byte cache lines). On average, about 10 cache lines will actually be accessed, assuming a uniform distribution of the inputs, so there definitely is still a timing channel here, just a somewhat smaller one. I experimented with using the 256 element table for all rounds but it reduced performance significantly and I'm not sure if the benefit is worth the cost or not.
* Allow generating larger keys in rsa_kgen example (up to 16K bits)lloyd2010-08-181-1/+1
|
* Correct Doxygen commentlloyd2010-08-171-3/+2
|
* Fix Doxygen comment in PBKDF2 constructorlloyd2010-08-131-2/+2
|
* Tick to 1.9.11-devlloyd2010-08-132-5/+5
|
* The changelog for 1.9.4 claimed that the default PKCS #8 encryptionlloyd2010-08-132-2/+5
| | | | | | | | | | algorithm had changed to AES-256. This was wrong, it actually changed to AES-128. However in retrospect AES-256 is probably a reasonable move (in particular for the 4 extra rounds; the related key attacks possible against AES-256 are probably not viable since we generate the key using PBKDF2), so update the 1.9.4 changelog to correctly indicate the change made in that release, and also modify PKCS #8 to actually use AES-256.
* Update log, readme, configure for 1.9.10 release 2010-08-121.9.10lloyd2010-08-123-4/+4
|