Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Create a persistent registry for ECC group data | Jack Lloyd | 2018-02-04 | 10 | -403/+572 |
| | | | | Now a single copy is maintained of each EC group info | ||||
* | Move bundledcertdir to x509/misc | Jack Lloyd | 2018-02-02 | 2 | -1/+1 |
| | |||||
* | Merge GH #1436 In Certificate_Store load multiple certs from file | Jack Lloyd | 2018-02-02 | 3 | -2/+81 |
|\ | |||||
| * | Load every certificates of files found - fix test. | Mathieu Souchaud | 2018-02-02 | 1 | -3/+0 |
| | | |||||
| * | Load every certificates of files found - add test. | Mathieu Souchaud | 2018-02-02 | 2 | -0/+69 |
| | | |||||
| * | Load every certificates of files found. | Mathieu Souchaud | 2018-02-01 | 1 | -2/+15 |
| | | |||||
* | | Use -m32 for x86-32 builds with GCC | Jack Lloyd | 2018-02-02 | 1 | -0/+1 |
| | | | | | | | | | | This used to not work but is fine with GCC 4.8 which is the minimum version we support. Fixes #1438 | ||||
* | | Increase default speed --msec to 300 | Jack Lloyd | 2018-02-02 | 1 | -1/+1 |
| | | | | | | | | | | A good balance between being responsive and reasonable accurate. At 100 msec lots of errors wrt dynamic throttling etc. | ||||
* | | Avoid deprecated functions in OpenSSL provider [ci skip] | Jack Lloyd | 2018-02-01 | 1 | -3/+3 |
| | | |||||
* | | Merge GH #1435 Use shared_ptr representation for EC_Group | Jack Lloyd | 2018-02-01 | 21 | -246/+480 |
|\ \ | |||||
| * | | Fix deprecation warnings | Jack Lloyd | 2018-02-01 | 2 | -11/+20 |
| | | | |||||
| * | | Simplify ECC test OID lookup | Jack Lloyd | 2018-01-31 | 1 | -18/+17 |
| | | | |||||
| * | | Avoid CurveGFp in EC_Group interface | Jack Lloyd | 2018-01-31 | 7 | -44/+125 |
| | | | |||||
| * | | Use shared representation of EC_Group | Jack Lloyd | 2018-01-31 | 17 | -202/+347 |
| |/ | | | | | | | Hide CurveGFp with an eye for eventual removal | ||||
* / | Fix crash in x509_unit if any of DH, ECDH, or ElGamal were disabled | Jack Lloyd | 2018-02-01 | 2 | -5/+16 |
|/ | | | | | | | | | | Introduced in bf1548695aea Was missed by CI because the BSI and NIST modules don't require x509, so none of the tests ran in that configuration. Explicitly add x509 for such builds. Fixes #1437 | ||||
* | Optimize SHA_3::expand | Jack Lloyd | 2018-01-31 | 1 | -15/+14 |
| | | | | Noticable speedup for SHAKE esp with longer output lengths | ||||
* | Add a few more tests of the test suite code | Jack Lloyd | 2018-01-30 | 1 | -2/+56 |
| | |||||
* | Fix copy paste error | Jack Lloyd | 2018-01-30 | 2 | -2/+2 |
| | |||||
* | Add function to query if filesystem support is enabled. | Jack Lloyd | 2018-01-30 | 4 | -80/+63 |
| | | | | Makes for much simpler code. | ||||
* | Merge GH #1434 Avoid unnecessary allocations in SHA-3 finalization | Jack Lloyd | 2018-01-30 | 5 | -71/+697 |
|\ | |||||
| * | Whitespace | Jack Lloyd | 2018-01-30 | 1 | -5/+5 |
| | | |||||
| * | Use copy_out_vec_le instead of explicit loop in SHA-3 and Keccak | Jack Lloyd | 2018-01-30 | 2 | -4/+2 |
| | | |||||
| * | Reorganize SHA-3 source file [ci skip] | Jack Lloyd | 2018-01-30 | 1 | -35/+35 |
| | | | | | | | | Put all the statics at beginning followed by member functions. | ||||
| * | Add a set of SHAKE-128 test vectors from NIST CAVS | Jack Lloyd | 2018-01-30 | 1 | -0/+627 |
| | | |||||
| * | Avoid allocating zero bytes for SHA-3 padding | Jack Lloyd | 2018-01-30 | 4 | -27/+28 |
| | | | | | | | | Inspired by #1433 | ||||
* | | For hash/mac speed tests finalize the computation under the timer | Jack Lloyd | 2018-01-30 | 1 | -1/+6 |
| | | | | | | | | | | | | Otherwise this misses the perf difference between SHAKE-128(512) and SHAKE-128(5120000) all the extra computation happens in the final function. | ||||
* | | Have to remove sessions on client side | Jack Lloyd | 2018-01-30 | 1 | -1/+1 |
|/ | | | | | Clearing server side state doesn't help because we resume with a session ticket. | ||||
* | Move FFI tests to sub-functions | Jack Lloyd | 2018-01-30 | 1 | -235/+292 |
| | | | | Add a test for hostname match function | ||||
* | Add botan_x509_cert_hostname_match | Jack Lloyd | 2018-01-30 | 2 | -0/+15 |
| | |||||
* | Add test for non-null pointer | Jack Lloyd | 2018-01-30 | 1 | -0/+9 |
| | |||||
* | Improve X.509 documentation | Jack Lloyd | 2018-01-29 | 2 | -86/+150 |
| | | | | GH #1428 | ||||
* | Catch exceptions from subprocess in build_docs [ci skip] | Jack Lloyd | 2018-01-29 | 1 | -6/+12 |
| | | | | If eg binary file not found, this just crashed with no useful diagnostic. | ||||
* | Update news | Jack Lloyd | 2018-01-28 | 1 | -0/+25 |
| | |||||
* | Merge GH #1285 Use enums for TLS params, add PSS signature support | Jack Lloyd | 2018-01-28 | 29 | -953/+1484 |
|\ | |||||
| * | Move generic TLS tests to test_tls.cpp | Jack Lloyd | 2018-01-28 | 5 | -211/+310 |
| | | | | | | | | | | | | Leaves unit_tls.cpp for the handshake level tests. Add some basic tests of the string<->enum conversions in tls_algos.h | ||||
| * | Reorder signature scheme list | Jack Lloyd | 2018-01-28 | 1 | -12/+20 |
| | | | | | | | | Now PSS shows up first and we negotiate it by default ;) | ||||
| * | Use enums to represent TLS signature and kex algorithms. | Jack Lloyd | 2018-01-28 | 27 | -747/+1171 |
|/ | | | | Adds support for PSS signatures (currently verifying only). | ||||
* | Avoid resuming a session if policy doesn't allow it | Jack Lloyd | 2018-01-28 | 3 | -6/+7 |
| | | | | Previously if the policy changed we'd continue to resume. #1431 | ||||
* | Blind attempt at fixing #1431 | Jack Lloyd | 2018-01-28 | 1 | -3/+2 |
| | |||||
* | Fix a leak in OpenSSL block ciphers | Jack Lloyd | 2018-01-28 | 1 | -0/+3 |
| | | | | Introduced when support for 1.1.0 API was added in #1056 | ||||
* | Fix amalgamation pragma for SSE 4.1 | Jack Lloyd | 2018-01-28 | 1 | -0/+6 |
| | | | | Missed by Travis builds because GCC is too old there. | ||||
* | Merge GH #1395 Add info on server-desired CA names to client cert callback | Jack Lloyd | 2018-01-27 | 5 | -601/+329 |
|\ | |||||
| * | Add tests for server passing CA names for client auth | Jack Lloyd | 2018-01-27 | 1 | -596/+289 |
| | | |||||
| * | For TLS client auth add callback giving list of trusted CA names | Jack Lloyd | 2018-01-27 | 4 | -5/+40 |
| | | | | | | | | Fixes #1261 | ||||
* | | Note release schedule on index page | Jack Lloyd | 2018-01-27 | 1 | -2/+3 |
| | | |||||
* | | In client hello printer, don't require the handshake header | Jack Lloyd | 2018-01-27 | 1 | -11/+8 |
|/ | |||||
* | Merge GH #1394 Add ability to use custom extensions, control which ↵ | Jack Lloyd | 2018-01-27 | 13 | -276/+427 |
|\ | | | | | | | extensions are used | ||||
| * | Fix a few warnings | Jack Lloyd | 2018-01-27 | 2 | -3/+3 |
| | | |||||
| * | Update TLS parser tests | Jack Lloyd | 2018-01-27 | 2 | -6/+6 |
| | | | | | | | | | | Now all extensions are parsed at least to the extent of creating an unknown extension object. | ||||
| * | Make it possible to test custom extensions | Jack Lloyd | 2018-01-27 | 4 | -269/+331 |
| | |