| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
a fast poll request, and not if a slow poll was specifically requested.
So a sequence of slow and then fast polls would trigger a second slow
poll, which was not desired.
|
|
|
|
|
|
|
|
| |
that called global_state(), which cased an infinite recursion.
Make creating a Library_State a two-phase operation, first an empty constructor
(just sets all pointers to NULL), then an initializer that sets up everything
needed to start up the library.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
bother creating it, just let it be initialized lazily when needed.
Reindents in encypt.cpp and hash_fd.cpp (indenting the brace after a try
statement).
|
|
|
|
| |
constructor.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
LibraryInitializer::initialize(), which will set it for us (or fail by
throwing an exception, which will be propogated to the caller). So any
instances of creating a LibraryInitializer where no option arguments
are passed can be removed; instead that initialization will run when
or if you execute an operation where Botan requires the services
provided in the state. Because no options are passed, the library will
be using the default (debug and not thread safe) mutex type: so
hopefully you'll quickly get an exception when the debug mutex
realizes it is being used in a threaded application, but there is risk
of operations silently failing before that happens.
You can call LibraryInitializer::deinitialize() at the end of your
main function (or whenever you think you won't need Botan anymore), to
free the global state; if not a number of cleanup destructors will not
run (including the final scrub of memory).
You can even shut down Botan speculatively; if it turns out you need
it again, it just means you'll have to take the cost of another
initialization. However in applications that use Botan only in small
bursts, or in rarely taken codepaths, you can remove the state
entirely and suffer zero memory overhead. This probably only makes
sense in memory constrained systems, but it's reasonable to do now.
Speculatively deallocating the state is probably not thread safe
without extra work. One thread calling deinitialize() would invalidate
pointers that would have been visible to other threads. One (untested)
idea: have an atomic integer with the number of current threads using
Botan. If any thread decrements and hits zero, it could deinitialize
Botan safely. This might cause too many repeated startup/shutdowns,
which would depend on the app use pattern.
In addition, since you can't pass arguments to the new Library_State,
you can't specify the use of real mutexes (or anything else): so for
right now, this only works in applications that are fine with the
standard options. I want to find a way to get that working, though,
since it's very inelegant. Currently a Default_Mutex (not at all
thread safe but somewhat error checking) will be used. And self test
will always be run (more on that below).
I wrote a program that just initializes and shuts down in a tight
loop. Running on my Gentoo box (Core2 E6400, gcc 4.1.2):
thread_safe? selftest? time (ms)
------------ --------- ---------
no yes 6.1
no no 3.8
yes yes 6.7
yes no 3.8
If you're actually worried that the library might start up OK but then
start failing basic self tests, what you actually want to do is have a
thread that runs diagnostics on your entire process state (including
calling Botan's self test code) every N seconds.
The question is how to get arguments from the outside world to the
constructor of the Library_State that is created inside of
global_state(): avoiding many self tests to save a bit of time (many
applications won't care about the extra cost but sometimes 2 or 3 ms
is important), and thread safety (beacuse you can't specify to use a
real mutex).
|
|
|
|
| |
SHA-256 (from draft-ietf-pkix-sha2-dsa-ecdsa-01)
|
|\
| |
| |
| | |
and 'fbf3d94a0adf58cf44bd52a391f647b9ea49a5ba'
|
| |
| |
| |
| | |
exception instead of one for a PEM decode error which is not very helpful.
|
| | |
|
| | |
|
|/
|
|
| |
5 minutes (300 seconds).
|
| |
|
|
|
|
| |
is 64 bits.
|
|
|
|
|
|
|
| |
The test vectors were generated by Crypto++ 5.5 on a Linux/x86-64 machine.
Test vectors for CBC-MAC(DES) all pass, for inputs up to 63 bytes. For
CBC-MAC(AES-128), all test vectors with inputs over 10 bytes fail to verify
against what Crypto++ produces. Unknown at this time where the bug lies.
|
|
|
|
|
|
|
|
|
| |
#8 format to store Rabin-Williams keys, inline small functions
that are only called once into their caller. Reduces overall
length of the file from 458 to 367 lines. Rename all the key
files in keys/ to use a .pem suffix since they are all now in PEM
format (the RSA keys had been for a long time but were never
renamed).
|
| |
|
|
|
|
|
| |
algorithms exist. They haven't been used since the 'minimal' module was
removed in Botan 1.3.14
|
| |
|
|
|
|
| |
about unknown algorithm names.
|
| |
|
| |
|
|\
| |
| |
| | |
and 'b52ffb84f6e232e32db9f8090937c9def3a276d4'
|
| |\
| | |
| | |
| | |
| | |
| | | |
b8139f65cc60ecf9c4b2e789474f81d97036f43e)
to branch 'net.randombit.botan' (head 257e32039477e27e354f0cebf2f139fcd9f7400a)
|
| | |
| | |
| | |
| | | |
from Christophe Meessen on the development list.
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
through 1b3b93981f425fcc78d0d283136542ff58a8bb07
Cherrypick the change to fix the algorithm cache lookups made on
mainline back to the stable tree.
|
| | | |
|
|/ /
| |
| |
| | |
from Christophe Meessen on the development list.
|
| |
| |
| |
| |
| | |
limits the output to just a bit under 2^32 bytes, which is the maximum
you can request anyway.
|
| | |
|
| | |
|
| |
| |
| |
| | |
static_cast or reinterpret_cast, as needed.
|
| |
| |
| |
| | |
(nominally) more accurate results.
|
| |
| |
| |
| | |
or other non-portable implementations as modules.
|
| |
| |
| |
| |
| | |
just want access to the underlying data representation but don't care if
the return value is NULL terminated or not.
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
under the name that the algorithm was originally requested by. This enables
proper caching for algorithm names which deref_alias fails to fully dereference
such as "HMAC(SHA-1)". The previous code had two major problems with names of
that type, firstly that the cache was effectively bypassed due to all prototype
objects in Algorithm_Cache_Impl being indexed by their canonical names rather
than the alias that they were requested under, and that there existed a race
condition where a prototype object might be deleted while in use in multithreaded
code.
The downside of this change is that using multiple names to refer to a single
algorithm causes multiple prototype objects to be created, one for each name
that is in use. However the memory overhead of this should be fairly minimal
and given the severity of the race condition this seems like a worthwhile tradeoff.
A more complete fix would be to fix deref_alias to properly derference all alias
names. That fix would be complimentary with this change in that if deref_alias
handled all names properly there would be a single prototype object and there
would then be no additional memory overhead to the cache.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| | |
of the line rather than the start.
|
| |
| |
| |
| | |
into mainline rather than stable.
|
|\|
| |
| |
| |
| |
| | |
e92fe807f749c526669303bd1530dd76a4d10a86)
to branch 'net.randombit.botan' (head 04a56f961f413296df6637b77ec45aa444513cfc)
|
| | |
|
| | |
|
| | |
|