Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Pull LexerError out of lex_me_harder() | Simon Warta | 2017-04-02 | 1 | -14/+17 |
| | |||||
* | Make PKG_CONFIG_FILENAME a free constant | Simon Warta | 2017-04-02 | 1 | -4/+4 |
| | |||||
* | Rename to BuildPaths and ignore too-many-instance-attributes | Simon Warta | 2017-04-02 | 1 | -2/+2 |
| | | | | | BuildPaths cannot have less than 15 attributes (currently 21) without spoiling the code | ||||
* | Pull make_build_doc_commands out of BuildConfigurationInformation | Simon Warta | 2017-04-02 | 1 | -26/+20 |
| | |||||
* | Remomve member `obj_dir` from BuildConfigurationInformation | Simon Warta | 2017-04-02 | 1 | -4/+3 |
| | |||||
* | Merge BuildConfigurationInformation.sources/build_sources -> lib_sources | Simon Warta | 2017-04-02 | 1 | -6/+5 |
| | |||||
* | configure: move version information into dedicated class | Simon Warta | 2017-04-02 | 1 | -50/+44 |
| | |||||
* | Remove member `modules` from BuildConfigurationInformation | Simon Warta | 2017-04-01 | 1 | -4/+3 |
| | | | | | in other parts of the code, modules are already passed next to BuildConfigurationInformation, e.g. in create_template_vars() | ||||
* | Remove extra member build_dirs from BuildConfigurationInformation | Simon Warta | 2017-04-01 | 1 | -14/+16 |
| | | | | and reduce constructor length | ||||
* | Fix Doxygen comment errors | Jack Lloyd | 2017-03-31 | 1 | -1/+3 |
| | | | | [ci skip] | ||||
* | Merge GH #956 Add link to API docs in website table of contents | Jack Lloyd | 2017-03-31 | 1 | -1/+3 |
|\ | |||||
| * | Add TOC link to users manual and API ref for website | René Korthaus | 2017-03-31 | 1 | -1/+3 |
| | | |||||
* | | Merge GH #958 Fix index in PDF doc | Jack Lloyd | 2017-03-31 | 1 | -1/+1 |
|\ \ | |/ |/| | |||||
| * | Re-add index to PDF users manual | René Korthaus | 2017-03-31 | 1 | -1/+1 |
|/ | | | | | Run pdflatex twice to have LaTex generate an index for the PDF users manual. This somehow broke in GH #937. | ||||
* | Merge GH #954 Always poll 256 bytes from getentropy syscall | Jack Lloyd | 2017-03-30 | 1 | -3/+4 |
|\ | |||||
| * | Always poll 256 bytes from Getentropy. | Alexander Bluhm | 2017-03-30 | 1 | -3/+4 |
| | | | | | | | | | | | | The OpenBSD system limit for getentropy(2) is 256 bytes. It does not make sense to use the BOTAN_SYSTEM_RNG_POLL_REQUEST define here. As it is only used in one place, another define would be overkill. | ||||
* | | Merge GH #953 Use arc4random for system RNG access on OpenBSD | Jack Lloyd | 2017-03-30 | 2 | -0/+16 |
|\ \ | |/ |/| | |||||
| * | Use arc4random(3) as system rng on OpenBSD. | Alexander Bluhm | 2017-03-30 | 2 | -0/+16 |
|/ | | | | | | | | | OpenBSD provides the arc4random(3) function in libc for user land programs that need good random data. Use this to implement the Botan system random number generator. It has the advantage over /dev/urandom that it works without file descriptors and in chroot(2) environment. Internally libc is currently using a ChaCha20 cipher as PRNG and getentropy(2) to reseed itself automatically. | ||||
* | Merge GH #948 Update release notes for 2.1 | Jack Lloyd | 2017-03-30 | 1 | -0/+14 |
|\ | |||||
| * | Update releases notes for 2.1.0 | Daniel Neus | 2017-03-29 | 1 | -0/+14 |
| | | |||||
* | | Merge GH #952 Disable proc_walk on OpenBSD | Jack Lloyd | 2017-03-30 | 1 | -1/+0 |
|\ \ | |||||
| * | | Disable entropy proc_walk on OpenBSD. | Alexander Bluhm | 2017-03-30 | 1 | -1/+0 |
| | | | | | | | | | | | | | | | The /proc file system was disabled for years. With OpenBSD 5.7 the implementation has been removed from the kernel sources. | ||||
* | | | Merge GH #950 Update authors | Jack Lloyd | 2017-03-30 | 2 | -0/+7 |
|\ \ \ | |/ / |/| | | |||||
| * | | Add myself as contributor. | Alexander Bluhm | 2017-03-29 | 2 | -0/+7 |
|/ / | |||||
* | | Merge GH #949 Add --entropy flag to rng cmd | Jack Lloyd | 2017-03-29 | 1 | -1/+11 |
|\ \ | |||||
| * | | Use entropy source for cli rng. | Alexander Bluhm | 2017-03-29 | 1 | -1/+11 |
| | | | | | | | | | | | | | | | With "botan rng --entropy" the global entropy sources are used to seed the auto seeded random number generator. | ||||
* | | | Build fix | Jack Lloyd | 2017-03-29 | 1 | -1/+1 |
| | | | |||||
* | | | Fix RSA blinding test | Jack Lloyd | 2017-03-29 | 1 | -5/+7 |
|/ / | | | | | | | | | | | Failed if OpenSSL was used since OpenSSL does (whatever it does). GH #879 | ||||
* | | Fix final RSA blinding test | Jack Lloyd | 2017-03-29 | 1 | -4/+5 |
| | | | | | | | | See GH #879 | ||||
* | | Add missing override annotation | Jack Lloyd | 2017-03-29 | 1 | -1/+1 |
| | | |||||
* | | Add --test-runs option to test binary | Jack Lloyd | 2017-03-29 | 1 | -5/+9 |
| | | | | | | | | Just runs the specified test several times, or until first failure. | ||||
* | | Merge GH #879 Fix rsa_blinding tests and add one more test | Jack Lloyd | 2017-03-29 | 1 | -3/+46 |
|\ \ | |||||
| * | | Fix rsa_blinding tests if emsa_raw is missing and add tests for rsa_blinding ↵ | Daniel Neus | 2017-02-16 | 1 | -3/+46 |
| | | | | | | | | | | | | while encrypting/decrypting | ||||
* | | | Document functions added in GH #899 | Jack Lloyd | 2017-03-29 | 1 | -0/+30 |
| | | | |||||
* | | | Merge GH #899 Add ability to specify iterations when encrypting a private key | Jack Lloyd | 2017-03-29 | 7 | -38/+390 |
|\ \ \ | |||||
| * | | | Add ability to specify iterations when encrypting a private key | Jack Lloyd | 2017-02-26 | 7 | -38/+390 |
| | | | | | | | | | | | | | | | | GH #896 | ||||
* | | | | Document new C APIs added in GH #946 | Jack Lloyd | 2017-03-29 | 1 | -5/+186 |
| | | | | |||||
* | | | | Merge GH #946 Expose multiple precision integers in C interface | Jack Lloyd | 2017-03-29 | 5 | -27/+731 |
|\ \ \ \ | |||||
| * | | | | Expose BigInt API subset to C API | Jack Lloyd | 2017-03-28 | 5 | -27/+731 |
| | | | | | | | | | | | | | | | | | | | | Also adds RSA key constructors using BN | ||||
* | | | | | Merge GH #947 Add support for getentropy syscall | Jack Lloyd | 2017-03-29 | 5 | -1/+79 |
|\ \ \ \ \ | |||||
| * | | | | | Use getentropy(2) as random source. | Alexander Bluhm | 2017-03-29 | 5 | -1/+79 |
| | |_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Gather entropy from system call getentropy(2). This is available since in OpenBSD 5.6 and Solaris 11.3. It can provide up to 256 bytes entropy from the kernel without blocking. As a system call it does not need a file descriptor and works in chroot(2) environments without device nodes. | ||||
* | | | | | Merge GH #945 Remove old timing test suite | Jack Lloyd | 2017-03-29 | 19 | -610/+5 |
|\ \ \ \ \ | |/ / / / |/| | | | | |||||
| * | | | | Remove old timing test suite | Jack Lloyd | 2017-03-28 | 19 | -610/+5 |
| |/ / / | | | | | | | | | | | | | Replaced by version in cli added in #894 | ||||
* | | | | Update release notes | Jack Lloyd | 2017-03-28 | 1 | -0/+15 |
| | | | | | | | | | | | | | | | | [ci skip] | ||||
* | | | | Note that bcrypt bug was introduced in 1.11.0 | Jack Lloyd | 2017-03-28 | 1 | -2/+4 |
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | Specifically 9644a3ecebb15. So 1.10 was not affected, as it instead throws an exception for passwords longer than 56 chars, which is incompatible with other bcrypt APIs but does not introduce any security problems. [ci skip] | ||||
* | | | Merge GH #944 Add check_key to C API | Jack Lloyd | 2017-03-28 | 4 | -2/+28 |
|\ \ \ | |||||
| * | | | Expose PK::check_key functions in C interface | Jack Lloyd | 2017-03-27 | 4 | -2/+28 |
| | | | | |||||
* | | | | Merge GH #942 Avoid passing IP as hostname in tls_client command line util | Jack Lloyd | 2017-03-28 | 2 | -1/+15 |
|\ \ \ \ | |||||
| * | | | | Add documentation that SNI must be FQDN. | Alexander Bluhm | 2017-03-27 | 1 | -0/+4 |
| | | | | | | | | | | | | | | | | | | | | server_info parameter of TLS::Client must not be an IP address. | ||||
| * | | | | tls_client must not pass an IP address as server information | Alexander Bluhm | 2017-03-25 | 1 | -1/+11 |
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | RFC 6066 section 3 says: Literal IPv4 and IPv6 addresses are not permitted in "HostName". But if a user passes an IP address to botan tls_client as connect address, this is also used for SNI. Some TLS server like libtls from the LibreSSL project check that a provided hostname is a DNS name. The TLS connection attempt from botan is rejected with a fatal alert. |