aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Fix dependencieslloyd2010-09-302-2/+2
|
* Split SHA-2 into 32 and 64 bit versions; they are totally independentlloyd2010-09-307-3/+13
| | | | of each other anyway.
* s/x.ptr()/&x[0]/lloyd2010-09-301-5/+5
|
* Tidylloyd2010-09-302-4/+6
|
* Make configure output more sensible wrt incompatible moduleslloyd2010-09-286-2/+22
|
* Cleanup Karatsuba a bitlloyd2010-09-281-103/+107
|
* Use visibility control with Clang, same syntax as GCClloyd2010-09-281-1/+3
|
* Cleanuplloyd2010-09-261-9/+9
|
* Silence warning, cms is really getting pretty broken...lloyd2010-09-261-1/+1
|
* Fix, wasn't returning pointerlloyd2010-09-261-0/+1
|
* Use BOTAN_ASSERT in various placeslloyd2010-09-269-34/+43
|
* If we generate a k such that s or r is 0, don't fail, simply retrylloyd2010-09-261-11/+13
| | | | with a new k.
* Malloc_Allocator isn't a pool, so it needs to fail directly if malloclloyd2010-09-261-1/+3
| | | | | fails, not just return 0 since callers expect that the allocator will either succeed or throw.
* There is a pretty common pattern in the code for testing for internallloyd2010-09-263-0/+86
| | | | | | | | | | errors of the form if(some_expr_indicating_failure) throw Internal_Error("Some mildly informative message"); Make this simpiler with the addition of a BOTAN_ASSERT macro which will throw an exception upon failure.
* At some point I 'simplified' the divide code to always run thelloyd2010-09-261-1/+5
| | | | | | | | | | division algorithm unless x == y, but this could result in n - t + 1 being negative which would cause an attempt to allocate about 4 gigabytes of memory. Fix this, and also add an assertion check in the code to ensure that can't happen in any other way. Never reproduced this with 32 bit digits but it would show up if the build used 8 or 16 bit words.
* Move the core MPI functions to src/math/mp, leaving src/math/bigint justlloyd2010-09-2428-13/+24
| | | | for the implementation of the BigInt class
* Add dependencieslloyd2010-09-247-0/+31
|
* Delete obsolete asm versionslloyd2010-09-247-781/+0
|
* Minor performance tweak, avoid zeroing things we'll immediately writelloyd2010-09-241-2/+1
| | | | to. Helps more than I would have thought.
* Modify bigint_monty_redc to take an additional workspace argument.lloyd2010-09-245-71/+83
| | | | | | | Modify it to avoid a timing condition during the compare at the end; this is done by always doing the subtraction, and then copying to the output either the pre-subtraction or post-subtraction value depending on if the final borrow was set or not.
* s/carry/borrow/ in subtraction routineslloyd2010-09-241-14/+18
|
* s/j/i for loop variableslloyd2010-09-241-36/+36
|
* Cleanuplloyd2010-09-232-16/+24
|
* Make these functions mostly constant-time, and in particular notlloyd2010-09-231-29/+9
| | | | | depending on the value of the final carry out for anything control-flow related.
* In the IDEA key schedule, using the extended Euclidean algorithm tolloyd2010-09-231-17/+14
| | | | | | compute the inverses mod 65537 exposed a timing vulnerability. Avoid this by instead using exponentiation, which takes constant time (up to variability in the multiplication operation, at least).
* Fix OpenSSL engine WRT memory vector changes, append is no morelloyd2010-09-231-1/+3
|
* Add a convenience overload of hex_encode taking a MemoryRegion<byte>&lloyd2010-09-232-0/+17
|
* Add a set of tests devised by Rivest which are designed to detect alloyd2010-09-231-0/+18
| | | | | range of single bit errors in DES (though really this method is more useful for a hardware implementation than table based software).
* In RSA and RW key generation, if we generate a key that isn't exactlylloyd2010-09-222-11/+12
| | | | | | | the requested bitsize, simply repeat instead of failing immediately. The condition could actually occur in practice if a prime that was on the very low end of the specified range was chosen (eg q happened to be chosen as 10000...001).
* Deal with loss of store searchlloyd2010-09-212-2/+3
|
* Add info.txt filelloyd2010-09-211-0/+1
|
* Do the prep/unroll phase 4 rounds before it is needed instead of 3;lloyd2010-09-211-97/+92
| | | | tests on Nehalem indicate a small but measurable win there (about 3%).
* Clean up, hide union accesses with a macro to make it easier to testlloyd2010-09-211-40/+92
| | | | alternative methods of getting pieces of the expanded message.
* Remove searching with an arbitrary predicate from X509_Storelloyd2010-09-204-197/+0
|
* Move certificate store to its own dirlloyd2010-09-203-0/+1
|
* Add missing info fileslloyd2010-09-205-0/+6
|
* Add CRL storage possibilitieslloyd2010-09-203-17/+93
|
* Hide X509_Store::check_siglloyd2010-09-201-2/+2
|
* Add a (clunky) function X509_Object::hash_used_for_signature thatlloyd2010-09-202-0/+26
| | | | | | | returns the hash function that was used to create the signature. Useful for a future X509 path validator that inform the user which hash(es) they are relying on and/or allowing the ability to reject hashes which are undesirable (MD2, MD5, etc)
* Don't use SecureVector to store certificate data; mlock'ed memory inlloyd2010-09-173-8/+8
| | | | | particular is precious. Really these could probably just as easily be std::vectors since even zeroizing the memory isn't relevant here.
* Add strict comparisons for X509_Timelloyd2010-09-172-0/+8
|
* Define a simpler Certificate_Store interface which should be muchlloyd2010-09-173-45/+56
| | | | | easier to implement without requiring in-memory linear searching (eg a flatfile store or SQL database with indexes).
* Hide X509_Object constructorlloyd2010-09-171-11/+11
|
* Remove dependencies on X509_Storelloyd2010-09-174-12/+23
|
* Split up src/cert/x509 into a set of modules, though mostly mutuallylloyd2010-09-1729-51/+6
| | | | dependent right now.
* Require a TLS_Policylloyd2010-09-179-64/+60
|
* I had this older version of algorithm_benchmark included forlloyd2010-09-161-18/+0
| | | | | | | | | | | | compatability with 1.8, but actually the signature is completely different anyway because that version took a Timer object, which doesn't exist at all anymore. I suppose I could add an empty Timer class plus subclasses, let someone instantiate it and pass it in, ignoring it, but I'm not feeling this is worth the effort. It would make more sense to add a version with this signature to 1.8, which creates a Default_Benchmark_Timer and uses it.
* Add a helper function for encoding TLS values with length tagginglloyd2010-09-156-47/+60
|
* Use push_back for the single value += operatorlloyd2010-09-151-3/+1
|
* Update/fix SSL depslloyd2010-09-151-6/+5
|
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-27 15:17:30 +0000