Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Merge GH #1129 Split up ffi.cpp | Jack Lloyd | 2017-07-31 | 19 | -2314/+2552 |
|\ | |||||
| * | Split up ffi.cpp into several files | Jack Lloyd | 2017-07-31 | 19 | -2314/+2552 |
|/ | | | | | It was getting pretty big and would get worse over time, eg whenver I get around to adding TLS support. | ||||
* | Merge GH #1128 Improve FFI exception safety | Jack Lloyd | 2017-07-31 | 5 | -703/+368 |
|\ | |||||
| * | Add missing return in ffi_delete_object | Jack Lloyd | 2017-07-25 | 1 | -4/+5 |
| | | | | | | | | | | Somehow this still passed all the tests, downside of 0 as the success return I suppose. | ||||
| * | Merge commit 'e015fd170' into ffi-fixes | Jack Lloyd | 2017-07-25 | 3 | -2/+13 |
| |\ | | | | | | | | | | From PR #1097 | ||||
| | * | Don't crash if openssl can't allocate a new context | Kirill A. Korinsky | 2017-06-29 | 3 | -2/+13 |
| | | | |||||
| * | | In FFI, check the object magic before deleting | Jack Lloyd | 2017-07-25 | 1 | -30/+42 |
| | | | | | | | | | | | | | | | Previously any X_destroy function would just delete its arg regardless of whatever the application passed in. | ||||
| * | | Better exception guarding in FFI | Jack Lloyd | 2017-07-25 | 2 | -671/+312 |
| | | | | | | | | | | | | | | | Based on PR #1097 but I wanted to decrease the verbosity of the resulting code. | ||||
* | | | Merge GH #1135 Add RFC 3394 keywrap to FFI | Jack Lloyd | 2017-07-31 | 2 | -0/+57 |
|\ \ \ | |/ / |/| | | |||||
| * | | Move declarations above TLS block | Krzysztof Kwiatkowski | 2017-07-30 | 1 | -11/+11 |
| | | | |||||
| * | | FFI: Add interface for key wrapping with RFC 3394 | Krzysztof Kwiatkowski | 2017-06-29 | 2 | -0/+57 |
| | | | |||||
* | | | Merge GH #1123 Add OCSP::Response::certificates API | Jack Lloyd | 2017-07-24 | 2 | -0/+36 |
|\ \ \ | |||||
| * | | | add OCSP::Response::certificates() + unit test | René Meusel | 2017-07-21 | 2 | -0/+36 |
| | | | | |||||
* | | | | Change arbitrary privkey size to a smaller arbitrary number. | Jack Lloyd | 2017-07-24 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | | | | | | | GH #1122 [ci skip] | ||||
* | | | | Revert GH #1119 90e8cbbc02 Causes irregular timeouts on Travis | Jack Lloyd | 2017-07-24 | 1 | -1/+1 |
|/ / / | | | | | | | | | | [ci skip] | ||||
* | | | Merge GH #1119 Run full tests on big-endian ppc qemu | Jack Lloyd | 2017-07-17 | 1 | -1/+1 |
|\ \ \ | |||||
| * | | | Enable all tests on ppc32 cross build | Jack Lloyd | 2017-07-16 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | Ensures big-endian gets tested | ||||
* | | | | Appease shellcheck | Jack Lloyd | 2017-07-17 | 1 | -3/+3 |
|/ / / | |||||
* | | | Merge GH #1112 Cleanup in configure | Jack Lloyd | 2017-07-16 | 1 | -5/+6 |
|\ \ \ | |||||
| * | | | configure: explicitly concatenate stdout+stdderr for cc_putput | Simon Warta | 2017-07-05 | 1 | -5/+6 |
| | | | | | | | | | | | | | | | | | | | | | | | | This prevents a lint error in newer pylint versions ("R:2600, 8: Redefinition of cc_output type from tuple to str (redefined-variable-type)") and makes code clearer. | ||||
* | | | | Merge GH #1110 Fix documentation of PKCS11 module | Jack Lloyd | 2017-07-16 | 2 | -12/+12 |
|\ \ \ \ | |||||
| * | | | | Remove "pkcs11" provider paramater for pk ops in handbook and tests | René Korthaus | 2017-07-04 | 2 | -12/+12 |
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We have special key types for PKCS#11 public and private keys. When using the PK ops classes, passing the "pkcs11" provider parameter is not necessary, as the PK ops is internally chosen by the PKCS#11 key class, in contrast to other providers such as openssl, which don't have special key classes. Updates the handbook code examples and the tests. | ||||
* | | | | Merge GH #1116 Fix loading of unencrypted PKCS#8 key via CLI | Jack Lloyd | 2017-07-16 | 1 | -10/+16 |
|\ \ \ \ | |||||
| * | | | | Fix loading of unencrypted PKCS#8 key via CLI | René Korthaus | 2017-07-11 | 1 | -10/+16 |
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | CLI passed an emtpy password to PKCS8::load_key(), even if --pass-in was not given, which caused loading of unencrypted private keys to fail. Fixed by calling the corresponding flavour of load_key(). | ||||
* / / / | Fix failure to fully zero memory before free | Jack Lloyd | 2017-07-16 | 3 | -1/+17 |
|/ / / | | | | | | | | | | | | | | | | Introduced in 455bd2557cbb1343e59eefd97cb449f06a702c28 Found and reported by Roman Pozlevich | ||||
* | | | Increase ABI version | Jack Lloyd | 2017-07-03 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Already we broke ABI in 2.1 but did not bump the soversion (see comments in https://github.com/randombit/botan/commit/7bdffd52a96e08e9452d1985258376a3925a497b) and 2.2 again changes ABI for example by adding HashFunction::copy_state function. [ci skip] | ||||
* | | | Update news | Jack Lloyd | 2017-07-03 | 1 | -0/+7 |
| | | | |||||
* | | | Merge GH #1093 In EC keys, use OID encoding if possible | Jack Lloyd | 2017-07-03 | 1 | -6/+16 |
|\ \ \ | |||||
| * | | | ECC: use OID encoding if possible | Patrick Wildt | 2017-06-30 | 1 | -6/+16 |
| | | | | | | | | | | | | | | | | | | | | | | | | Instead of explicitly encoding the domain, encode them with the OID if the OID is available. This makes the ecdsa_sign test run with OpenSSL, since OpenSSL needs the OID explicitly set. | ||||
| * | | | Revert previous, we should fix it differently. | Patrick Wildt | 2017-06-30 | 1 | -16/+20 |
| | | | | |||||
| * | | | Allow ECDSA tests for OpenSSL by comparing EC Groups | Patrick Wildt | 2017-06-28 | 1 | -20/+16 |
| |/ / | | | | | | | | | | | | | | | | | | | | | | The ecdsa_sign test does not work for OpenSSL since the public key that is derived from the private key does not store the OID of the curve. Thus, the OpenSSL code cannot find the proper NID for the given public key and cannot do a verification operation. We can fix this by comparing the actual groups and not using the OIDs. | ||||
* | | | Merge GH #1107 Improve documentation of x509_path_validate | Jack Lloyd | 2017-07-03 | 1 | -1/+1 |
|\ \ \ | |||||
| * | | | Add position of end entity cert in x509_path_validate() doc [ci skip] | René Korthaus | 2017-07-02 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | | | It's not so obvious to a user at which end of the chain the end entity certificate must be placed. | ||||
* | | | | Merge GH #1106 Fix sign_cert CLI incorrectly handling --ca-key-pass (GH #1104) | Jack Lloyd | 2017-07-03 | 1 | -2/+4 |
|\ \ \ \ | |||||
| * | | | | Fix sign_cert CLI incorrectly handling --ca-key-pass | René Korthaus | 2017-07-01 | 1 | -2/+4 |
| |/ / / | |||||
* | | | | Merge GH #1103 Fix error in Doxygen comment | Jack Lloyd | 2017-07-03 | 1 | -1/+1 |
|\ \ \ \ | |/ / / |/| | | | |||||
| * | | | escape \Z in doxygen comment causing doxygen warning (and in turn error), ↵ | Zoltan Gyarmati | 2017-07-01 | 1 | -1/+1 |
|/ / / | | | | | | | | | | fixes #1102 | ||||
* | | | Update news | Jack Lloyd | 2017-06-30 | 2 | -1/+5 |
| | | | |||||
* | | | Update modern and nist policies with recent additions | Jack Lloyd | 2017-06-30 | 3 | -0/+21 |
| | | | |||||
* | | | Merge GH #1082 Add support for SM2 signature scheme | Jack Lloyd | 2017-06-30 | 16 | -2/+654 |
|\ \ \ | |||||
| * | | | Remove debug prints | Jack Lloyd | 2017-06-30 | 1 | -17/+1 |
| | | | | |||||
| * | | | Add SM2 signature scheme | Jack Lloyd | 2017-06-29 | 16 | -2/+671 |
| | |/ | |/| | | | | | | | | | | | | | From https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02 This is a contribution from Ribose Inc (@riboseinc). | ||||
* | | | Merge GH #1084 Support multiple buffer sizes in speed report | Jack Lloyd | 2017-06-30 | 1 | -86/+446 |
|\ \ \ | |||||
| * | | | use buffer sizes only once in performance tests | 0xdefaced | 2017-06-26 | 1 | -2/+16 |
| | | | | | | | | | | | | | | | | | | | | | | | | Remove duplicates from given buffer sizes in performance tests. Additionally, sort buffer sizes for better grouping in logs and add a colon before printing the measurements. | ||||
| * | | | print a summary for performance tests | 0xdefaced | 2017-06-24 | 1 | -7/+306 |
| | | | | |||||
| * | | | only speed test different msg sizes when tests require a message size | 0xdefaced | 2017-06-24 | 1 | -204/+222 |
| | | | | | | | | | | | | | | | | | | | | Don't perform performance tests for different buffer sizes when the algorithm does not care about the message size. | ||||
| * | | | accept multiple buffer sizes used for speed tests | 0xdefaced | 2017-06-24 | 1 | -141/+170 |
| | |/ | |/| | |||||
* | | | Merge GH #1098 Cleanups in SM3 | Jack Lloyd | 2017-06-30 | 1 | -81/+25 |
|\ \ \ | |||||
| * | | | Cleanups in SM3 code | Jack Lloyd | 2017-06-29 | 1 | -81/+25 |
| |/ / | | | | | | | | | | | | | | | | | | | | | | T[] variable is actually a constant, so precompute it in SM3_TJ W1 expansion is very simple and can just be done inline. Somewhat faster on my machine. | ||||
* | | | Merge GH #1099 Update BSI policy | Jack Lloyd | 2017-06-30 | 1 | -0/+3 |
|\ \ \ | |_|/ |/| | |