aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Update Fixed_Output_RNG (used for testing) to implement is_seededlloyd2008-04-211-0/+2
|
* Make RandomNumberGenerator::is_seeded pure virtuallloyd2008-04-211-1/+1
|
* Convert date format in log.txt to YYYY-MM-DD for easier grepping and statisticslloyd2008-04-171-100/+100
|
* Add first change notes about the upcoming 1.7.6lloyd2008-04-172-1/+5
|
* Always set the position to the start of the block when generating a newlloyd2008-04-151-3/+2
| | | | | | | | | | | | | | block of data in the X9.31 PRNG (previously, adding entropy would cause a new block to be computed but the read pointer would be the same as it had been in the old block). Nominally this is very slightly faster (we don't throw away bytes we just computed) but the change is more to make the code more obvious/explicit; I was surprised by its old behavior, which seems bad. In theory it could introduce additional weaknesses, if gaining advantage to this partial block that was being thrown away assisted in an attack (I do not know of any attacks against the X9.31 PRNG that work that way, however).
* merge of '0aa1d27dec5a97856953bb1fcffe29a84c68b3ac'lloyd2008-04-151-2/+2
|\ | | | | | | and 'ed4893ff06b11d74a03afdd3d4a99672045ab68e'
| * Optimizations had been disabledlloyd2008-04-141-2/+2
| |
* | Drop eng_aep module (the hardware AEP engine). I still have a card (and driverlloyd2008-04-148-815/+0
|/ | | | | sources, etc), but drivers for x86-64/2.6 are not in evidence these days. To test this I would probably have to get a 32-bit machine running ~RH9/2.4 kernel...
* merge of '34be1e0ad58e29063ea95d33f2cdc090fd63c4b2'lloyd2008-04-1411-26/+29
|\ | | | | | | and 'fcc3affb2faabb6cf819877452cfc88201d4e1a0'
| * Document that shared builds would be nicelloyd2008-04-131-0/+6
| |
| * Put each file in a list in the makefile on a different linelloyd2008-04-131-11/+8
| |
| * Change so_obj_flags to shared_flagslloyd2008-04-131-4/+4
| |
| * Rename so_obj_flags variable to shared_flagslloyd2008-04-139-11/+11
| |
* | Consolidate all logfiles into a single log.txt organized by time. Easierlloyd2008-04-1412-1074/+1074
|/ | | | to grep through.
* Enabled shared objects on windowslloyd2008-04-131-1/+1
|
* Add lines for setting dll_import_flags and dll_export_flags to all thelloyd2008-04-1312-2/+42
| | | | | | | compilers. Currently all are empty except MSVC. This is getting messy... but libtool is not great either. Maybe there should be two totally distinct builds, static and shared?
* Make a BOTAN_DLL macro in build.hlloyd2008-04-131-0/+4
|
* If an unbound variable in a template is found, print the all thelloyd2008-04-131-24/+59
| | | | | | | | | | | | | | | currently existing variables and the first 60 characters of their values. Simplify match_any_of - it just uses it's first two arguments and then matches against the rest, rather than forcing them to be joined into a single string (that it would just split and iterate over anyway). Add support for two new compiler config vars, dll_import_flags and dll_export_flags When autoconfig prints that it has guessed something, provide the name of the variable that can be used to override it.
* Copyrighting a generated file seems kind of silly, though it would belloyd2008-04-121-4/+0
| | | | | good if configure.pl put some more useful information in build.h, such as the time it was run and the arguments it was given.
* Final updates for 1.7.5 release1.7.5lloyd2008-04-122-2/+2
|
* Updates for 1.7.5, now tentatively planned for tomorrow.lloyd2008-04-122-18/+17
|
* Remove setting of unused blinder_size config varlloyd2008-04-121-1/+0
|
* Modify areas that still assumed Pipe::message_id was exactly a u32bit.lloyd2008-04-126-35/+40
| | | | | | | | | | This was done by replacing Pipe::message_id with a completely opaque type and adding only the necessary operations. In this revision Pipe::message_id does remain a u32bit. However it may become an opaque type in the future. Move the Invalid_Message_Number exception to Pipe since that is the only piece of code which throws it.
* Use existing reference to p in Elg_Core constructor for small code cleanuplloyd2008-04-121-2/+2
|
* In decimal string inputs: ignore spaces, and for other bad inputs throwlloyd2008-04-121-0/+7
| | | | an exception saying so.
* Make the size of the random value used to blind the private keylloyd2008-04-122-15/+5
| | | | operations (to prevent timing attacks) a compile time constant.
* Remove Config::option_as_u32bit - the only advantage it had over callinglloyd2008-04-127-42/+3
| | | | | | | | | | | | | to_u32but on the return value from Config::option was that it passed it through parse_expr, which did some simple evaluation tricks so you could say 64*1024. That does not seem worth the cost in code, especially because most of the values so controlled are probably never changed. By making them compile time constants, additional optimizations are possible in the source as well as by the compiler. Remove the pkcs8_tries config option. Hardcode that value to 3 instead. I want to rewrite that code in the relatively near future and all that will (hopefully) go away.
* Make the memory allocator's chunk size a compile time constant, via alloyd2008-04-126-26/+4
| | | | new build.h macro BOTAN_MEM_POOL_CHUNK_SIZE
* Update the changeloglloyd2008-04-121-5/+4
|
* Fix some relatively minor linker namespace pollution issueslloyd2008-04-114-33/+29
|
* Wrap lines to 80 columnslloyd2008-04-102-4/+12
|
* Rename fips140.h to selftest.h, since it doesn't really have much to dolloyd2008-04-103-23/+9
| | | | | | | | | | | with FIPS-140 aside from being a startup self test. Remove the test of X9.19 MAC at startup because it's not that important, and loading it in the startup means a prototypical object will be created and exist in memory for the entire process runtime. This actually raises an interesting idea, that periodically the cache of objects could be cleared and, if one is needed again, it can be created again as if it was the first time.
* Remove unused Config::option_as_listlloyd2008-04-102-9/+0
|
* Remove severa global configuration variables related to entropy gathering,lloyd2008-04-1011-54/+24
| | | | instead passing those values as arguments.
* Remove the config option rng/ms_capi_prov_type - the CryptoAPI entropylloyd2008-04-102-9/+3
| | | | | source will default to using the PROV_RSA_FULL provider if an empty string is passed to the constructor.
* Remove the pem/ config arguments. Replace with arguments to the individuallloyd2008-04-103-24/+13
| | | | functions in pem.h. All have defaults with reasonable values.
* Add a second argument to X509_Cert_Options, which replaceslloyd2008-04-103-12/+7
| | | | | | | | the configuration value default_expire Remove signing_offset as well - it is only used for setting the default time of a X509_Cert_Options: not worth the cost of a global variable.
* Remove the unused function Config::option_as_boollloyd2008-04-102-17/+0
|
* Update ca.cpp with new signature of X509_CA::sign_requestlloyd2008-04-101-1/+5
|
* Change the interface of X509_CA::sign_request as follows:lloyd2008-04-103-21/+15
| | | | | | | | | | | - The allow_ca policy value is no longer checked. Callers should check if the request is for a CA cert and treat it accordingly; this makes it simpler to to case-by-case decisions (expecially among multiple threads) - Instead of a single time value, a u32bit representing the number of seconds from now the certificate should expire, the start and end times are passed explicitly as two X509_Time values.
* Fix some completely bogus code in zlib.cpp that was causing compilation ↵lloyd2008-04-101-8/+8
| | | | | | failures. Seemingly from a bad merge around Christmas?
* Summary of the notable changes since 1.7.4lloyd2008-04-101-0/+9
|
* Change the copyrights in all files in the Botan tree to directly reflectlloyd2008-04-10474-477/+507
| | | | | | the actual copyright holders. For rationale, see my post to botan-devel on April 9, subject 'Changing license to directly reflect contributors' (http://www.randombit.net/pipermail/botan-devel/2008-April/000527.html)
* Remove Extensions::copy_this(). Define the Extensions copy constructor inlloyd2008-04-072-19/+25
| | | | terms of Extensions::operator=
* Timer::combine_timers should be protected, not private, since subclasses needlloyd2008-04-071-1/+1
| | | | to access it.
* Move combine_timers from a free-standing function in util.h to a privatelloyd2008-04-073-3/+3
| | | | | static function of the Timer base class - since that is the only code which actually needs to access it.
* Don't hard-code the user and group when doing an install: instead uselloyd2008-04-0612-48/+10
| | | | | whatever the current user/group is. If you wish to override, edit the makefile or override the INSTALL_CMD_* variables on the command line.
* Remove the Named_Mutex_Holder and associated code. Convert all uses tolloyd2008-04-026-77/+56
| | | | | | | | | | | | | | instead allocate a reference to a mutex locally and use the more typical Mutex_Holder RAII object. Named_Mutex_Holder (and in particular the string->mutex mappings contained in the global state) have been found to be pretty expensive in at least some situations (see post by Jack Cummings to monotone-devel 2008-03-12), and doesn't really buy us that much in terms of ease of use. Also, it relies on the global state object, which has shown itself to be a rich source of race conditions and locking bugs. The intent is to incrementally remove all of the shared / global state and require applications to maintain that state where necessary.
* Bump version in configure.pl to 1.7.5lloyd2008-03-311-1/+1
|
* Startup a changelog entry for 1.7.5 to document notable stuff since 1.7.4lloyd2008-03-141-0/+4
|