aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Make PKCS #1 and OAEP decoding constant time to avoid oracle attacksJack Lloyd2015-10-1611-168/+323
| | | | | | | | via timing channels. Add annotations for checking constant-time code using ctgrind to PKCS #1 and OAEP, as well as IDEA and Curve25519 which were already written as constant time code.
* Merge pull request #298 from tiwoc/arm64Simon Warta2015-10-166-14/+39
|\ | | | | Support for 64 bit ARM
| * Adjust gcc.txt to arm32 and arm64 archsDaniel Seither2015-10-151-1/+2
| | | | | | | | See also -march in https://gcc.gnu.org/onlinedocs/gcc/ARM-Options.html
| * Travis CI: Enable 64 bit builds for iOSDaniel Seither2015-10-132-10/+22
| | | | | | | | | | | | | | | | * Update Xcode from 6.4 to 7, which also updates the iOS SDK from 8 to 9 * Remove iOS shared library build, which is not very useful * Add 64 bit iOS static library build * Refactor build script to use xcrun instead of manually specifying a sysroot
| * Initial support for 64 bit ARMDaniel Seither2015-10-133-3/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds support for 64 bit ARM cores as used in many high-end phones such as all iPhones beginning with the 5s. While these newer phones still run 32 bit ARM code, Apple doesn't allow apps to be submitted to the app store if they don't provide a 64 bit build. This commit adds a new arm64 arch and renames arm to arm32 to stay consistent with the other architectures. The name arm can still be used for configuring because it has been added as an alias for arm32. Additionally, the one piece of ARM inline assembly that can be found in Botan doesn't work on 64 bit ARM, so I use the solution that has been proposed in #180: Use __builtin_bswap32 instead of inline assembly.
* | Fix compile of ffi when tls is disabled. GH #300Jack Lloyd2015-10-151-3/+8
| |
* | MSVC build fixJack Lloyd2015-10-152-9/+10
| |
* | Add security notifications/advisory page to website.Jack Lloyd2015-10-153-2/+108
| | | | | | | | Based on GH #272
* | Add prime and dl_group command line tools.Jack Lloyd2015-10-154-14/+177
| | | | | | | | | | | | Some cleanups in random_prime. Increase probability in prime tests from 1/2**64 to 1/2**128. Also break out of the sieve loop early if it has failed.
* | Prohibit creating a DL_Group smaller than 1024 bitsJack Lloyd2015-10-152-3/+5
| |
* | Periodically reinitialize the blinding sequence instead of alwaysJack Lloyd2015-10-154-19/+66
| | | | | | | | deriving it by squaring the previous value.
* | Add System_RNG which is an instantiatable RNG that uses the system RNGJack Lloyd2015-10-153-25/+33
| | | | | | | | | | | | Previously you couldn't have an unique_ptr<RNG> that might point to either a system rng or an autoseed rng depending on availability. That was already needed in ffi and is useful elsewhere.
* | Add support for RSA signing and verification via OpenSSLJack Lloyd2015-10-143-15/+139
| |
* | Expose providers for public key operationsJack Lloyd2015-10-147-67/+97
| | | | | | | | | | | | | | | | For PK_Encryptor and company they are requested via a new provider param to the constructors. The speed command gets a --provider option so you can see benchmark results with the different versions.
* | Build fixJack Lloyd2015-10-143-3/+5
| |
* | Add null pointer check to pbes2_decrypt, fix message in pbes2_encryptJack Lloyd2015-10-141-1/+3
| |
* | Add `--minimized-build` which does the same thing as `--no-autoload`Jack Lloyd2015-10-144-6/+10
| | | | | | | | | | but the meaning of the option is probably easier to understand with this name.
* | Move DataSource to utils and rewrite PEM encoding to avoid filtersJack Lloyd2015-10-1412-58/+46
|/ | | | | Removes filters as as an internal dependency pretty much entirely (outside of some dusty corners in misc).
* Add missing null pointer check to PBES2Jack Lloyd2015-10-111-0/+3
|
* Don't treat missing ciphers, hashes, etc as test failuresJack Lloyd2015-10-116-9/+18
| | | | | Just print an error message and return. Reduces false fails with smaller builds
* Tick version on trunk to 1.11.22Jack Lloyd2015-10-112-1/+5
|
* Update for 1.11.21 release1.11.21Jack Lloyd2015-10-112-4/+4
| | | | [ci skip]
* Doc updatesJack Lloyd2015-10-053-20/+39
| | | | [ci skip]
* Merge pull request #292 from randombit/ffi-certsJack Lloyd2015-10-047-92/+650
|\ | | | | Expose X.509 certificates and McEliece to C89/Python
| * Fix bcrypt testJack Lloyd2015-10-033-3/+5
| |
| * Add McEliece keygen and MCEIES to C89 API. Plus random fiddlingJack Lloyd2015-10-014-56/+272
| |
| * Export X.509 certificates to ffi and pythonJack Lloyd2015-10-015-56/+396
| | | | | | | | Missing path validation, probably other things
* | Merge pull request #293 from webmaster128/codecovSimon Warta2015-10-043-9/+9
|\ \ | | | | | | Integrate codecov
| * | Integrate codecovSimon Warta2015-10-043-9/+9
|/ / | | | | | | Closes #225, #280
* / Show latest master build badge for appveyor CISimon Warta2015-10-021-1/+1
|/ | | | | | The default badge shows all tested branches. [ci skip]
* Update change notes for 1.11.21Jack Lloyd2015-09-301-0/+18
| | | | [ci skip]
* Merge pull request #286 from randombit/mce-cleanupJack Lloyd2015-09-3036-1293/+1410
|\ | | | | Cleanup and document McEliece implementation
| * Fix for minimized buildJack Lloyd2015-09-291-0/+8
| |
| * McEliece cleanupsJack Lloyd2015-09-2936-1293/+1402
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove and consolidate various headers Reduce memory usage of GF2m_Field by sharing the log and exponent tables across all instances of a particular word size. Remove McEliece_Public_Operation and McEliece_Private_Operation which were difficult to use safely. Instead only the KEM operations are exposed. Add McEliece_PublicKey::random_plaintext_element Add command line `mce` tool and some McEliece documentation Convert the speed program to check McEliece keys of the suggested size Add McEliece KATs for both key generation and KEM Fix HMAC_DRBG constructor which derefed a pointer before its time
* | Merge pull request #288 from tiwoc/darwin_secrandomJack Lloyd2015-09-256-3/+99
|\ \ | | | | | | Add the Darwin_SecRandom entropy source
| * | Add the Darwin_SecRandom entropy sourceDaniel Seither2015-09-254-0/+84
| | | | | | | | | | | | | | | | | | | | | It uses the SecRandomCopyBytes function from the Security framework of OS X and iOS. We need this because it is the official way to get cryptographically secure random numbers on iOS, where /dev/random is not accessible due to sandboxing.
| * | build system: Add framework support for OS X and iOSDaniel Seither2015-09-252-3/+15
| | | | | | | | | | | | | | | | | | | | | On Darwin platforms, there are frameworks that can bundle libraries and header files in a standardized directory structure. We need to support linking to them because most of the OS X or iOS-specific APIs are provided as frameworks.
* | | Merge pull request #287 from tiwoc/cleanupSimon Warta2015-09-253-6/+8
|\ \ \ | | | | | | | | Small cleanups done while building on OS X with --maintainer-mode
| * | | Add some missing overridesDaniel Seither2015-09-251-4/+4
| | | |
| * | | Remove dead codeDaniel Seither2015-09-251-1/+0
| | | | | | | | | | | | | | | | `continue` cannot be reached due to `return` in the line above
| * | | Update .gitignoreDaniel Seither2015-09-251-1/+4
|/ / / | | | | | | | | | | | | * ignore Mac-specific files (*.dylib, .DS_Store) * ignore Vim swap files
* | | Merge pull request #273 from webmaster128/avoid-signed-overflow-warningSimon Warta2015-09-251-1/+1
|\ \ \ | |/ / |/| | Remove warning: assuming signed overflow does not occur
| * | Remove warning: assuming signed overflow does not occurSimon Warta2015-09-251-1/+1
|/ / | | | | | | | | | | warning: assuming signed overflow does not occur when reducing constant in comparison [-Wstrict-overflow] cond1 = r0.get_degree() <= break_deg - 1;
* | Merge pull request #285 from webmaster128/avoid-char-concatinationSimon Warta2015-09-237-14/+14
|\ \ | |/ |/| Avoid concatination of chars
| * Avoid concatination of charsSimon Warta2015-09-227-14/+14
|/ | | | | | | Ever tried? auto str = "some long string"; auto str2 = str + '\n'; It's not with the brainfuck finding the bug.
* Add HMAC_DRBG constructor taking a name for the MAC instead of an objJack Lloyd2015-09-222-0/+15
|
* Update todoJack Lloyd2015-09-221-2/+3
| | | | [ci skip]
* Delete Camellia sbox header.Jack Lloyd2015-09-222-550/+1
| | | | Two part commit with bd99a4f to work around git's insane rename system.
* Inline Camellia sbox tables to source fileJack Lloyd2015-09-221-3/+530
|
* Cleanup includesJack Lloyd2015-09-223-2/+3
|