aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Avoid using std::invalid_argumentJack Lloyd2018-11-073-4/+4
| | | | See #1726
* Merge GH #1733 Add includes for MSVC 2019Jack Lloyd2018-11-072-2/+2
|\
| * Add missing <stdexcept> <string> necessaryLarry-Hu2018-11-072-2/+2
|/
* Simplify BigInt::is_zeroJack Lloyd2018-11-061-6/+1
| | | | | | The definition of return value of sig_words() means the integer is zero iff sig_words() returns zero, so there is no reason to scan over the data twice.
* Update newsJack Lloyd2018-11-061-1/+6
|
* Merge GH #1730 Optimize AVX2 ChaChaJack Lloyd2018-11-062-238/+209
|\
| * Optimize AVX2 ChaChaJack Lloyd2018-11-052-238/+209
| | | | | | | | | | | | Using the same transposition trick used for SSE2 in #1728 On my Skylake desktop about 5-10% faster depending on buffer sizes.
* | Merge GH #1729 Optimize SIMD_4x32 for NEONJack Lloyd2018-11-061-33/+32
|\ \
| * | Fix for 32-bit ARMJack Lloyd2018-11-051-0/+9
| | |
| * | Some optimizations for NEON in SIMD_4x32Jack Lloyd2018-11-051-35/+25
| |/
* / Remove SIMD_32 typedefJack Lloyd2018-11-054-50/+48
|/ | | | | It is confusing since its not clear from the name how many elements it has, and this gives consistency with SIMD_8x32 type.
* Update newsJack Lloyd2018-11-051-1/+1
|
* Merge GH #1728 Fix ChaCha bug, optimize, add AltiVec supportJack Lloyd2018-11-0517-621/+305
|\
| * Add ChaCha using SIMD_4x32Jack Lloyd2018-11-0414-612/+279
| | | | | | | | | | | | | | | | | | | | | | This allows supporting SSE2, NEON and AltiVec in a single codebase, so drop the NEON and SSE2 code. This new impl avoids having to do shuffles with every round and so is about 10% faster on Skylake. Also, fix bugs in both baseline and AVX2 implementations when the low counter overflowed. The SSE2 and NEON code were also buggy here.
| * Use 64-bit integer for seek value in stream cipher testsJack Lloyd2018-11-041-1/+1
| |
| * Add VarMap::get_opt_u64Jack Lloyd2018-11-042-8/+25
|/
* Ensure this works even if par mult param is set to 1Jack Lloyd2018-11-021-1/+1
| | | | As this paramater is technically a user configurable toggle.
* Correct testJack Lloyd2018-11-024-3/+18
| | | | This was trying to test for issue in #1723 but was incorrect.
* Fix issue when CXX was set to 'ccache g++' see ↵Jack Lloyd2018-11-021-1/+1
| | | | https://github.com/randombit/botan-rs/pull/9
* Merge GH #1724 Increase update granularity of GCM to work around FFI problemJack Lloyd2018-11-021-1/+1
|\
| * Fixed an issue where update_granularity is equal to tag_size in GCM mode, ↵chux05192018-11-011-1/+1
| | | | | | | | | | | | | | | | | | | | which will cause incremental decoding to fail in ffi. related code(ffi_cipher.cpp): ```cpp BOTAN_ASSERT(cipher.update_granularity() > cipher.minimum_final_size(), "logic error"); ```
* | Merge GH #1726 Add missing includes caught by VC2019Jack Lloyd2018-11-021-0/+2
|\ \ | |/ |/|
| * Add missing <stdexcept> <string> necessaryCheney-Wang2018-11-021-0/+2
|/
* Minor optimization when primality checkingJack Lloyd2018-10-311-2/+4
| | | | | | | Avoid doing the comparison against the largest hard coded prime, when we know the prime table is 16 bits and we already have to compute the bitsize of n in order to calculate the required number of Miller-Rabin iterations.
* Handle setting AD after a nonce correctly in AEADsJack Lloyd2018-10-314-7/+40
| | | | | | | | | | | In some cases (EAX, GCM, ChaCha20Poly1305) the mode does not handle this. However previously it handled it incorrectly by producing incorrect output. Instead reject it with an exception. Add a test that, if the mode accepts an AD before the nonce, then it must process the message correctly. This is similar to the existing test that if the mode accepts an AD before the key is set it must do the right thing with it.
* Update cipher mode documantationJack Lloyd2018-10-311-9/+55
|
* Fix some ReST format errorsJack Lloyd2018-10-304-17/+17
| | | | Diagnosed by Sphinx 1.8.0
* Update newsJack Lloyd2018-10-301-0/+6
|
* Merge GH #1722 TSS improvements and bug fixJack Lloyd2018-10-3013-66/+612
|\
| * Lint fix [ci skip]Jack Lloyd2018-10-301-4/+4
| |
| * Document TSSJack Lloyd2018-10-304-1/+71
| |
| * Add test for TSS cli utilJack Lloyd2018-10-302-2/+56
| |
| * Add CLI util for threshold secret sharingJack Lloyd2018-10-292-0/+115
| |
| * Fixes and improvments for TSS codeJack Lloyd2018-10-295-62/+341
| | | | | | | | Fix a bug (bad length field), new APIs, etc
| * Add VarMap::get_req_bin_listJack Lloyd2018-10-292-2/+30
|/
* Fix compilation problem when scrypt is disabledJack Lloyd2018-10-291-0/+1
| | | | Fixes GH #1720
* Rename --disable-sha to --disable-sha-niJack Lloyd2018-10-261-1/+1
| | | | | Which should hopefully be less confusing, and optparse will accept the truncated version so no compat problem. GH #1718
* Remove duplicated news item [ci skip]Jack Lloyd2018-10-261-4/+1
|
* Update newsJack Lloyd2018-10-261-0/+14
|
* Merge GH #1719 Add NEON ChaChaJack Lloyd2018-10-267-81/+403
|\
| * Add ChaCha in NEONJack Lloyd2018-10-265-1/+324
| | | | | | | | | | Originally written by Jeffrey Walton for Crypto++, which was in turn based on my SSE2 ChaCha.
| * In ChaCha AVX2/SSE2 code s/input/state/Jack Lloyd2018-10-262-80/+79
|/ | | | | It is confusing as while the stream cipher state is the input to the permutation, the stream cipher has an unrelated input (the text).
* Merge GH #1717 Fix building FFI when HOTP is disabledJack Lloyd2018-10-251-2/+2
|\
| * Fix FFI compilation without hotp moduleTobias Brunner2018-10-251-2/+2
|/
* Merge GH #1715 Add missing string includeJack Lloyd2018-10-241-0/+1
|\
| * Add missing <string> necessary to use std::string in tss.hBilly Robert O'Neal III2018-10-231-0/+1
|/
* Use more informative error message for invalid CBC paddingJack Lloyd2018-10-231-1/+1
| | | | GH #1714
* Add some long Blowfish testsJack Lloyd2018-10-182-0/+14
| | | | | The test suite was not hitting the 4x unrolled Blowfish added in f7a8bd2780c
* Merge GH #1712 Cleanups for configureJack Lloyd2018-10-187-40/+64
|\
| * Canonicalize OS name firstJack Lloyd2018-10-181-11/+13
| | | | | | | | | | | | We need the canonical OS name to be able to look up the relevant data for defaults, but the defaults need to be set before the rest of the canonicalization code runs.