aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Release 1.11.261.11.26Jack Lloyd2016-01-042-4/+4
|
* Misc doc updatesJack Lloyd2016-01-049-47/+103
| | | | [ci skip]
* Fix configure.py for CPython 2.6Jack Lloyd2016-01-042-3/+17
| | | | Based on GH #362 by emilymaier
* Fixes for compress cli utilJack Lloyd2016-01-041-5/+4
| | | | Missing . in compression extension, wrong name for buf-size option
* Add ECDH via OpenSSLJack Lloyd2016-01-048-73/+191
| | | | | | | | | | Expose provider param in PK_Key_Agreement API Handle multiple providers in key agreement tests Fix some funky formatting of P-521 EC points in ecdh.vec which was being rejected by OpenSSL; for whatever reason the CAVS file had the affine coords with far more leading zeros than necessary.
* Valgrind is not supposed to be enabled in the default buildJack Lloyd2016-01-031-1/+1
|
* Use valgrind's memcheck API for checking const time annotationsJack Lloyd2016-01-034-23/+74
| | | | | | | Has the same effect as using ctgrind, but without requiring a custom-compiled valgrind binary. Add ct checking annotations to the SSSE3 AES code.
* Add some more secp256k1 point mult testsJack Lloyd2016-01-031-0/+184
|
* Add extended master secret extension (RFC 7627) to TLSJack Lloyd2016-01-0311-12/+125
| | | | Interop tested with mbed TLS
* Add ECDH testsJack Lloyd2016-01-035-7/+592
| | | | Only has vectors for NIST curves (data taken from NIST CAVS file)
* Fix PointGFp multiplication bugJack Lloyd2016-01-034-32/+1076
| | | | | | There was a special case for small scalars which managed to forget that the integer 3 also fits into two bits. Found by adding a new set of ECC point mul tests for the NIST curves.
* Prettify mp_comba a bitJack Lloyd2016-01-012-48/+49
| | | | | | Aligning the calls makes it easier to read the index travel Add a date to the generated output file
* Add cast to a suspcious looking (but actually ok in this case) shift in MARSJack Lloyd2016-01-011-1/+1
| | | | j is never more than 30 in this loop
* Remove RNG::gen_mask, which had undefined behavior when bits >= 32Jack Lloyd2016-01-011-12/+0
| | | | | | | | | | Bug found by Daniel Neus The function wasn't being used anywhere in the library (and was only added in 1.11.20) so it seems easier to remove than fix. And removing it serves to put any user on notice that something bad happened; Daniel tested this as returning just 0 when bits >= 32 with his system's compiler.
* Drop seed_tabJack Lloyd2016-01-011-192/+0
| | | | | (Two part commit with 64caa9a to work around git's insane implied rename system)
* Inline SEED's sbox tablesJack Lloyd2016-01-012-33/+203
| | | | Simpler, and a bit faster also it seems (but not fast)
* Merge pull request #381 from cordney/fix-load-unencryped-key-from-berJack Lloyd2015-12-313-34/+99
|\ | | | | Fix loading of unencrypted, BER encoded private keys via PKCS8 api
| * Fix loading of unencrypted, BER encoded private keys via PKCS8 apiRené Korthaus2015-12-253-34/+99
| |
* | Merge pull request #353 from neusdan/robust_build_setup_windowsJack Lloyd2015-12-311-2/+29
|\ \ | | | | | | make shutil.rmtree and os.makedirs more robust to AV interference
| * | review changesDaniel Neus2015-12-231-7/+9
| | | | | | | | | | | | | | | | | | | | | * fix Python 3 compatibility * add comment explaining purpose of the workarounds * raise exception if directory exists in robust_makedirs * pylint fixes
| * | decrease timeout between attempts to 100msDaniel Neus2015-12-181-4/+4
| | |
| * | make shutil.rmtree and os.makedirs more robust (at least on windows)Daniel Neus2015-12-101-2/+27
| | |
* | | Use memcpy instead of misaligned pointer casts for reading words.Jack Lloyd2015-12-314-82/+59
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It works on x86, but C says it is undefined and it makes UBSan unhappy. Happily, this memcpy approach probably also works fine under processors which previously used the byte-at-a-time approach such as ARM. But for right now using memcpy here is still gated under the processor alignment flags. In my tests recent GCC and Clang seemed to produce basically identical code for either approach when using -O3; I imagine most compilers these days are very good at analyzing/inlining/unrolling memcpys. Also remove the manually unrolled versions of xor_buf, which caused problems with GCC and -O3 due to it vectorizing the loads into (aligned) SSE2 loads, which would fail when a misaligned pointer was passed. Which always seemed kind of bogus to me, but I guess that's what undefined behavior is for. Enable -O3 for GCC. With this change the test suite is clean under GCC ASan+UBSan and Clang ASan+UBSan, with the exception of one failure due to a bug in libstdc++ (GCC bug 60734) when compiled by Clang.
* | | Remove debug printfJack Lloyd2015-12-311-1/+0
| | |
* | | Add missing assignment in DataSource::discard_nextJack Lloyd2015-12-312-0/+5
| | | | | | | | | | | | Reported on the mailing list by Falko
* | | Avoid having Command* objects be created until requested.Jack Lloyd2015-12-3014-61/+94
| | | | | | | | | | | | Avoids various static init and destruction hassles.
* | | Add Command::rng()Jack Lloyd2015-12-279-58/+42
| | | | | | | | | | | | | | | | | | | | | for when a command wants an RNG but doesn't much care what kind. This adds a place where a future --rng-type= option can be consulted to eg use the system RNG or a user seeded DRBG.
* | | Move McEliece KEM operation into the same file as the key type.Jack Lloyd2015-12-262-74/+65
| | | | | | | | | | | | | | | | | | | | | Otherwise we run into the old problem in the static non-amalgamation build of the operation not being loaded even though the key itself was referenced; since now the operation is loaded as a by-product of referencing the key type (as with other impls) everything works out.
* | | Missing addJack Lloyd2015-12-261-1/+0
| | |
* | | Reading listJack Lloyd2015-12-261-0/+69
| | |
* | | Correct copyright info in unit_ecc.cpp fileJack Lloyd2015-12-261-1/+6
| | | | | | | | | | | | | | | | | | | | | | | | At some point during the test changeover the (C) info got lost from this file. Also try randomizing the point repr in the copy test, just to spice things up a bit.
* | | Add -Wnon-virtual-dtor to GCC buildJack Lloyd2015-12-261-1/+1
| | | | | | | | | | | | GH #382
* | | Remove debug printsJack Lloyd2015-12-261-4/+0
| | |
* | | Merge pull request #378 from neusdan/warning_fixesJack Lloyd2015-12-2618-33/+24
|\ \ \ | | | | | | | | Some trivial compiler and PVS-Studio warning fixes
| * | | initialize private members in rc4 headerDaniel Neus2015-12-232-5/+4
| | | |
| * | | some trivial compiler/PVS-Studio warning fixesDaniel Neus2015-12-2217-29/+21
| | | |
* | | | Merge pull request #382 from webmaster128/command-virtual-dtorJack Lloyd2015-12-261-0/+1
|\ \ \ \ | | | | | | | | | | Add virtual destructor to Botan_CLI::Command
| * | | | Add virtual destructor to Botan_CLI::CommandSimon Warta2015-12-261-0/+1
| | | | |
* | | | | Add generalized KEM interfaceJack Lloyd2015-12-2617-116/+494
|/ / / / | | | | | | | | | | | | | | | | | | | | Convert McEliece KEM to use it Add RSA-KEM
* | | | On PythonJack Lloyd2015-12-251-4/+22
| | | |
* | | | Fix Clang warningJack Lloyd2015-12-251-0/+3
| | | |
* | | | Export mgf1_mask GH #380Jack Lloyd2015-12-252-3/+5
| | | |
* | | | Guard all std::mem* ops against any call with zero length.Jack Lloyd2015-12-253-21/+47
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Calling memset, memmove, memcpy with an undefined or null pointer, even with length zero, causes undefined behavior. Prevent that from happening within the functions that call these dangerous things since allowing a caller to pass length == 0 with null or just past the end and not have things explode is nice. Oh C, you so crazy.
* | | | Another Clang warningJack Lloyd2015-12-251-1/+1
| | | |
* | | | Remove mp_mulop.cppJack Lloyd2015-12-257-95/+48
| |_|/ |/| | | | | | | | | | | | | | It had two functions, both only called from one place (mp_karat.cpp). Both multiple and square ops were O(n**2), so drop square and just call mul in mp_karat.cpp for either case
* | | Fix a few clang warnings. Set clang sanitizer flagsJack Lloyd2015-12-246-15/+7
| | |
* | | Add DSA keygen and --der-out flag to keygen and pkcs8 toolsJack Lloyd2015-12-233-48/+77
| | | | | | | | | | | | If no files are given on the command line to `hash`, default to stdin
* | | Improve roundtrip BER/PEM testsJack Lloyd2015-12-231-24/+71
| | |
* | | Update NIST X509 tests to handle --data-dir and read expected results from a ↵Jack Lloyd2015-12-232-223/+148
| | | | | | | | | | | | file
* | | Merge pull request #376 from webmaster128/remove-hyperlink-from-m_Jack Lloyd2015-12-221-53/+52
|\ \ \ | | | | | | | | Fix ReST formatting in hacking.rst