aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Rename the option in configure.pl named --disable-shared to --no-sharedlloyd2007-10-201-2/+2
|
* Make the output of --help (perhaps) more helpful by organizing options bylloyd2007-10-201-42/+48
| | | | | | purpose. Relevant information is moved closer to the option description, for instance the help line for the --cc option also includes the list of known compilers.
* Drop using cc-os-cpu as a single argument. Instead the user can specifylloyd2007-10-201-21/+28
| | | | | each individually with --cc, --os, and --cpu. Any that are not specified on the command line are guessed via the old autoconfiguration logic.
* Make mswin32 an alias for Windows so we will detect it by comparing itlloyd2007-10-201-0/+1
| | | | with Perl's $^O
* Compare the value of $^O to names we know about in the hash, rather thanlloyd2007-10-201-18/+16
| | | | hardcoding them into that function.
* Revert the last change since 'cc' was already used as a key for the compilerlloyd2007-10-201-111/+105
| | | | | | | | binary name, which caused the obvious conflicts. Spit guess_triple into three independent functions. Make the guessing of OS depend much more on Perl's $^O variable; only fall back if that is not recognized.
* Use 'cc' instead of 'compiler' as the key for the compiler name in the configlloyd2007-10-201-6/+6
|
* Have the ca example take all filenames as arguments instead of hardcoding.lloyd2007-10-201-10/+18
|
* Print the IPv4 address, DNS name, or URL included in the subject orlloyd2007-10-201-0/+6
| | | | issuer alternative names.
* sha160.cpp needs include of bit_ops.h, problem was masked by the asm versionslloyd2007-10-191-0/+1
| | | | when I was testing on x86 and x86-64 machines.
* Wrap lines in pk_bench and passhash to keep them under 80 columns.lloyd2007-10-192-5/+6
|
* Remove several uses of old style C casts in favor of C++98's static_cast and lloyd2007-10-195-10/+17
| | | | reinterpret_cast
* Fix the alg_ia32 module code WRT the recent changes to loadstor.h not beinglloyd2007-10-194-4/+4
| | | | included by bit_ops.h
* bit_ops.h no longer includes loadstor.hlloyd2007-10-1956-34/+78
| | | | | | | | | Where loadstor.h was needed but only implicitly included via bit_ops.h, include it directly Add endian reversal functions to bit_ops.h Remove some unneeded includes in big_ops2.cpp and a few other files.
* Mark both 32 and 64 bit PowerPC as big endian. Both have little endianlloyd2007-10-192-0/+4
| | | | variants but AFAIK they are quite rare or perhaps completely extinct now.
* Mark x86 and x86-64 as supporting unaligned memory accesseslloyd2007-10-192-0/+2
|
* Add a new build-time macro BOTAN_TARGET_UNALIGNED_LOADSTOR_OK which islloyd2007-10-191-2/+13
| | | | | 0 or 1 depending on if the target CPU can handle an unaligned read or write. This will be true on x86 and x86-64 (are there others?)
* Fold an XOR operation that was happening during SEED encryption/decryption tolloyd2007-10-191-6/+6
| | | | | occur inside the key schedule instead. This should lead to (slightly) better scheduling in the compiled code by reducing the length of a critical path.
* Don't hard code any directories to search for programs into es_unix.lloyd2007-10-192-7/+2
| | | | | | | All are now specified through the config. The new default is just /bin, /sbin, /usr/bin, and /usr/sbin. Formerly /usr/ucb, /usr/etc, and /etc were also searched. If you want this behavior again you have to explicitly set the rng/unix_path configuration setting.
* Add stats of '/', '/tmp', '.', and '..' to the es_unix fast poll.lloyd2007-10-191-1/+12
| | | | Use u32bit instead of uint32_t
* New implementation of fast polling in es_unix. Instead of executinglloyd2007-10-192-41/+44
| | | | | | programs, the fast poll will just call a handful of simple Unix/POSIX functions like getpid, getuid, getrusage, etc. Identifying further useful sources would probably be helpful.
* merge of '7abb64699f9d0ffd4305b8c5686ce581f68c01ed'lloyd2007-10-191-0/+2
|\ | | | | | | and 'dda7bbd71591790326178cc71409a956cf121d6b'
| * The flag that we had run a slow pollwas only set if one was forced fromlloyd2007-10-191-0/+2
| | | | | | | | | | | | a fast poll request, and not if a slow poll was specifically requested. So a sequence of slow and then fast polls would trigger a second slow poll, which was not desired.
* | Add support for IPv4 addresses in the X.509 alternative name extension.lloyd2007-10-166-8/+32
| | | | | | | | Original patch from Yves Jerschow.
* | Add functions that can convert between binary IPv4 addresses and standardlloyd2007-10-162-1/+49
| | | | | | | | decimal-dotted string notation.
* | Truncate the X9.42 PRF output if the counter overflows.lloyd2007-10-151-1/+1
| |
* | Make some formatting between the encryption and decryption code equivalent.lloyd2007-10-151-1/+4
| |
* | Use shorter variable names in the TEA code.lloyd2007-10-151-12/+12
| |
* | Move the self tests from LibraryInitializer::initialize tolloyd2007-10-152-7/+7
|/ | | | | Library_State::initialize: now the LibraryInitializer is just a simple wrapper to create/destroy the state with no other operations.
* The last checkin did not work; the Library_State constructor called code1.7.2lloyd2007-10-133-14/+40
| | | | | | | | that called global_state(), which cased an infinite recursion. Make creating a Library_State a two-phase operation, first an empty constructor (just sets all pointers to NULL), then an initializer that sets up everything needed to start up the library.
* Move most of the initializer code directly into the Library_State constructorlloyd2007-10-133-84/+68
|
* Bump the version numbers in configure.pl and readme.txtlloyd2007-10-082-2/+2
|
* Initial changelog note for 1.7.2. Currently targeting a Oct 13 release.lloyd2007-10-081-0/+9
|
* If the LibraryInitializer is created with just default arguments, don'tlloyd2007-10-0724-104/+56
| | | | | | | bother creating it, just let it be initialized lazily when needed. Reindents in encypt.cpp and hash_fd.cpp (indenting the brace after a try statement).
* Optionally, you can specify an argument that is passed to the LibraryInitializerlloyd2007-10-071-7/+19
| | | | constructor.
* If we attempt to access the global state, and it is null, calllloyd2007-10-071-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | LibraryInitializer::initialize(), which will set it for us (or fail by throwing an exception, which will be propogated to the caller). So any instances of creating a LibraryInitializer where no option arguments are passed can be removed; instead that initialization will run when or if you execute an operation where Botan requires the services provided in the state. Because no options are passed, the library will be using the default (debug and not thread safe) mutex type: so hopefully you'll quickly get an exception when the debug mutex realizes it is being used in a threaded application, but there is risk of operations silently failing before that happens. You can call LibraryInitializer::deinitialize() at the end of your main function (or whenever you think you won't need Botan anymore), to free the global state; if not a number of cleanup destructors will not run (including the final scrub of memory). You can even shut down Botan speculatively; if it turns out you need it again, it just means you'll have to take the cost of another initialization. However in applications that use Botan only in small bursts, or in rarely taken codepaths, you can remove the state entirely and suffer zero memory overhead. This probably only makes sense in memory constrained systems, but it's reasonable to do now. Speculatively deallocating the state is probably not thread safe without extra work. One thread calling deinitialize() would invalidate pointers that would have been visible to other threads. One (untested) idea: have an atomic integer with the number of current threads using Botan. If any thread decrements and hits zero, it could deinitialize Botan safely. This might cause too many repeated startup/shutdowns, which would depend on the app use pattern. In addition, since you can't pass arguments to the new Library_State, you can't specify the use of real mutexes (or anything else): so for right now, this only works in applications that are fine with the standard options. I want to find a way to get that working, though, since it's very inelegant. Currently a Default_Mutex (not at all thread safe but somewhat error checking) will be used. And self test will always be run (more on that below). I wrote a program that just initializes and shuts down in a tight loop. Running on my Gentoo box (Core2 E6400, gcc 4.1.2): thread_safe? selftest? time (ms) ------------ --------- --------- no yes 6.1 no no 3.8 yes yes 6.7 yes no 3.8 If you're actually worried that the library might start up OK but then start failing basic self tests, what you actually want to do is have a thread that runs diagnostics on your entire process state (including calling Botan's self test code) every N seconds. The question is how to get arguments from the outside world to the constructor of the Library_State that is created inside of global_state(): avoiding many self tests to save a bit of time (many applications won't care about the extra cost but sometimes 2 or 3 ms is important), and thread safety (beacuse you can't specify to use a real mutex).
* Add OIDs for SHA-224, SHA-256, SHA-384, SHA-512, and DSA with SHA-224 andlloyd2007-10-031-1/+9
| | | | SHA-256 (from draft-ietf-pkix-sha2-dsa-ecdsa-01)
* merge of '47a5010fef7cfb037831ae7db581e20ad8ec5b03'lloyd2007-10-031-1/+6
|\ | | | | | | and 'fbf3d94a0adf58cf44bd52a391f647b9ea49a5ba'
| * If DL_Group's constructor can't find a group, throw a reasonably informativelloyd2007-09-291-1/+6
| | | | | | | | exception instead of one for a PEM decode error which is not very helpful.
* | Typo fixlloyd2007-09-201-1/+1
| |
* | Add a line mentioning sources of further informationlloyd2007-09-201-0/+3
| |
* | Increase the (arbitrary) upper bound on how long the benchmarks can run tolloyd2007-09-181-1/+1
|/ | | | 5 minutes (300 seconds).
* Add CBC-MAC(AES) tests that use longer inputslloyd2007-09-171-1/+85
|
* Use the OUTPUT_LENGTH constant instead of assuming the block size of the cipherlloyd2007-09-171-6/+7
| | | | is 64 bits.
* Check in an initial implementation of CBC-MAC.lloyd2007-09-164-136/+282
| | | | | | | The test vectors were generated by Crypto++ 5.5 on a Linux/x86-64 machine. Test vectors for CBC-MAC(DES) all pass, for inputs up to 63 bytes. For CBC-MAC(AES-128), all test vectors with inputs over 10 bytes fail to verify against what Crypto++ produces. Unknown at this time where the bug lies.
* Cleanup the public key benchmark code: avoid macros, use PEM/PKCSlloyd2007-09-1311-190/+119
| | | | | | | | | #8 format to store Rabin-Williams keys, inline small functions that are only called once into their caller. Reduces overall length of the file from 458 to 367 lines. Rename all the key files in keys/ to use a .pem suffix since they are all now in PEM format (the RSA keys had been for a long time but were never renamed).
* Add x86-64 to the list of Darwin/OS X platformslloyd2007-09-131-0/+1
|
* Remove code checking the BOTAN_NO_ macros for if particular public keylloyd2007-09-132-69/+9
| | | | | algorithms exist. They haven't been used since the 'minimal' module was removed in Botan 1.3.14
* Update the copyright notice to include 2007lloyd2007-09-132-2/+2
|
* Comment out the CBC-MAC test vectors for now since they cause warningslloyd2007-09-131-136/+136
| | | | about unknown algorithm names.