aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* IncludeOS has random device files nowJack Lloyd2016-12-181-0/+1
| | | | | | GH #726 [ci skip]
* Add new module sanity check to configure.pyJack Lloyd2016-12-181-0/+14
| | | | [ci skip]
* Disable TLS signature and finished message checks in fuzzer modeJack Lloyd2016-12-174-8/+31
| | | | | Also use a const time comparison for the finished message, though I don't see any real way of exploiting that timing channel.
* Update OCSP manual, and inline to main X.509 docJack Lloyd2016-12-173-48/+116
| | | | [ci skip]
* Merge GH #777 Update X.509 manualJack Lloyd2016-12-171-58/+243
|\
| * Update the X.509 manual and add more informationRené Korthaus2016-12-171-58/+243
| |
* | Merge GH #776 Support brainpool curves in OpenSSL providerJack Lloyd2016-12-171-1/+17
|\ \
| * | Add support for brainpool curves in openssl providerRené Korthaus2016-12-171-1/+17
| |/ | | | | | | | | OpenSSL 1.0.2 added support for brainpool curves, so we can use it provided the version check succeeds.
* / Add OCSP fuzzerJack Lloyd2016-12-173-11/+27
|/ | | | | | | | | Some attempts at reducing overhead in ECC math tests, unclear if really changed anything for my machine but probably can't hurt. Fix LLVM build flags [ci skip]
* Merge GH #775 Update BSI TLS policyJack Lloyd2016-12-161-1/+4
|\ | | | | | | [ci skip]
| * - Adapted key exchange methodsJuraj Somorovsky2016-12-161-1/+4
| | | | | | | | - Adapted (ec)dh group sizes
* | Fix clang-analyzer warning in AES codeJack Lloyd2016-12-161-6/+4
| | | | | | | | | | | | The previous assert had been already put there for the benefit of clang-analyzer, but in Clang 3.9 it does not help. Instead test X value directly, which works.
* | Just expect a byte stream in the TLS fuzzer input, with no length fields.Jack Lloyd2016-12-162-27/+3
| | | | | | | | | | | | | | Matches how OpenSSL/BoringSSL fuzzers work which is useful because fuzzer corpus can be cross-pollinated among implementations. [ci skip]
* | Add fuzzer for power_modJack Lloyd2016-12-162-6/+69
| | | | | | | | [ci skip]
* | Update release notesJack Lloyd2016-12-141-0/+8
| | | | | | | | [ci skip]
* | Merge GH #774 Fix modexp bugsJack Lloyd2016-12-1411-37/+154
|\ \
| * | Remove debug codeJack Lloyd2016-12-141-1/+1
| | |
| * | Add some additional ressol testsJack Lloyd2016-12-141-0/+20
| | |
| * | Fix exponentiation bug, related fixesJack Lloyd2016-12-1410-37/+134
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | GH #754 exposed a bug in the non-Montgomery exponentiation case. It turned out then when the fixed window was picked to any value > 1, the result would be incorrect due to an off by one. This is the one line fix in powm_fw.cpp Also fix a bug in bigint_mul which caused incorrect results, because the output BigInt was not being zeroed out before use. This is only exposed in rare cases, found (somewhat indirectly) in OSS-Fuzz #287. Add more modular exponentiation tests, which would have caught these issues earlier.
* | Update fuzzers with comments from OSS-Fuzz reviewJack Lloyd2016-12-1419-19/+56
| | | | | | | | | | | | | | | | | | | | | | | | Add explicit length limitations, to prevent the fuzzer from just giving us increasingly long inputs until timeout occurs due to non-linear algorithms. Use LLVM fuzzer interface in all cases, and just have AFL driver call that API when a define is set to include a main function. OSS-Fuzz will be using the LLVM API, regardless of the fuzzing engine. [ci skip]
* | Fix Sphinx PDF build. GH #746Jack Lloyd2016-12-141-1/+1
| | | | | | | | [ci skip]
* | Merge GH #769 Simplify license copyright statement, add authors.txtJack Lloyd2016-12-142-35/+42
|\ \ | | | | | | | | | [ci skip]
| * | Simplify the license text by using (C) The Botan AuthorsJack Lloyd2016-12-102-35/+42
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The license text is getting quite long due to including all the contributors, and literally the *only* thing we require for people to use Botan is to distribute the license text. So it should be succinct and save paper. Adds an authors.txt file. [ci skip]
* | | Update test data to reflect change in e8009766ca2Jack Lloyd2016-12-111-24/+0
| | |
* | | In ressol, prohibit a >= pJack Lloyd2016-12-111-3/+5
| | | | | | | | | | | | Technically defined, but should never be seen in practical crypto context.
* | | Update 1.11.35 relnotes [ci skip]Jack Lloyd2016-12-111-2/+6
| | |
* | | Merge GH #770 Public_Key constructors take std::vector for buffersJack Lloyd2016-12-1125-40/+42
|\ \ \
| * | | Public_Key derived class ctors take an std::vector<byte>René Korthaus2016-12-1125-40/+42
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Changes all the Public_Key derived classes ctors to take a std::vector instead of a secure_vector for the DER encoded public key bits. There is no point in transporting a public key in secure storage. (GH #768)
* | | | Simplify logic in configure for listing out filesJack Lloyd2016-12-111-12/+17
| | | | | | | | | | | | | | | | | | | | | | | | Add a check that the same header is not both public and internal. [ci skip]
* | | | Fix fuzzer build flags [ci skip]Jack Lloyd2016-12-111-2/+3
|/ / /
* | | Merge GH #765 Rewrite CBC unpadding operations as const timeJack Lloyd2016-12-103-47/+74
|\ \ \ | |/ / |/| |
| * | forgot to unpoison return valsNever2016-12-091-0/+4
| | |
| * | Rewrote bc unpad functions as const time operations.Never2016-12-093-47/+70
| |/ | | | | | | | | | | The unpad functions return the blocksize as padding position, if the padding is invalid. .
* | Fix PK EME decoding tests when algo is missingJack Lloyd2016-12-101-2/+6
| |
* | Ignore too-large inputs in ressol fuzzerJack Lloyd2016-12-101-1/+6
| | | | | | | | | | | | | | | | | | OSS-Fuzz just gave us a gigantic input and then timed out. In practice ressol is only called with specific primes of various common ECC parameter sets, so limit to 768 bits max. [ci skip]
* | Remove bogus abort from ECC math fuzzerJack Lloyd2016-12-101-3/+0
| | | | | | | | | | | | Chromium oss-fuzz bug 275 [ci skip]
* | Fix fuzzer builds [ci skip]Jack Lloyd2016-12-091-3/+4
| |
* | Avoid use of system RNG in fuzzersJack Lloyd2016-12-086-16/+41
| | | | | | | | | | | | Seemingly /dev/urandom not accessible in ClusterFuzz env [ci skip]
* | Update news [ci skip]Jack Lloyd2016-12-081-1/+7
| |
* | Merge GH #759 Add ISO 9796-2 signature schemesJack Lloyd2016-12-086-12/+470
|\ \
| * | ISO 9796: Change header guard formatNever2016-12-061-2/+2
| | |
| * | Add ISO9796-2 Signature Schemes giving message recovery 2 and 3.Never2016-12-056-12/+470
| | |
* | | Update todo [ci skip]Jack Lloyd2016-12-081-2/+1
| | |
* | | Another rename in the service of filename uniquenessJack Lloyd2016-12-081-0/+0
| | |
* | | Remove <source> block from info.txt filesJack Lloyd2016-12-0817-122/+3
| | | | | | | | | | | | | | | | | | Kind of a vestigial thing from an earlier iteration of the module design, and never useful to specify anymore since taking all the cpp files is what you want exactly 100% of the time.
* | | Inline Twofish::rs_mul into its only callerJack Lloyd2016-12-082-24/+19
| | |
* | | Rename both DL and EC named group files.Jack Lloyd2016-12-082-0/+0
| | | | | | | | | | | | | | | | | | | | | Avoid having any files within src/lib (in any subdirs) with the same name. That seems worth avoiding even just on the basis of avoiding basic confusion (looked in named.cpp - no the other one...) and may allow simplifying the build in various ways.
* | | Rename Serpent SIMD and Twofish SBOX source filesJack Lloyd2016-12-082-0/+0
| | | | | | | | | | | | Some attempt at consistency
* | | Merge GH #744 Allow custom extensions when creating certsJack Lloyd2016-12-088-29/+328
|\ \ \
| * | | Rename some methods, add more tests and docsRené Korthaus2016-12-044-32/+80
| | | |