aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Swap workspace and prod vars in botan-config.in, easier to enable workspace uselloyd2008-11-071-5/+5
|
* Reformat for shorter lineslloyd2008-11-072-6/+19
|
* Wrap to 80 columnslloyd2008-11-071-17/+31
|
* Add a check for empty string in CMS_Encoder::can_compress_with (mostly to ↵lloyd2008-11-071-0/+3
| | | | avoid warning)
* Print a message that a makefile was created, so it's clear what to dolloyd2008-11-071-1/+1
|
* Put automatically generated botan-config and pkgconfig files into build/lloyd2008-11-071-2/+6
| | | | instead of in the toplevel directory.
* Fix the --with-build-dir option, so that it is actually possible to dolloyd2008-11-062-9/+9
| | | | | | | | | | | | out of tree builds. Also rename the generated botan-config script so that it is, like the pkg-config settings, namespaced by the major and minor version numbers (eg, botan-17-config). This is useful in particular for distros like Debian which ship both stable and unstable versions. Currently Debian is actually the only distro I know of shipping 1.7 as well as 1.6, but I would certainly like to encourage more in the future by making it easy to do.
* Mention pkg-config change in loglloyd2008-11-061-0/+1
|
* Reset version as 1.7.20-prelloyd2008-11-063-2/+4
|
* Provide pkg-config file as botan-$major$minor.pc, so it can be used like:lloyd2008-11-063-20/+24
| | | | | | | $ pkg-config botan-17 --libs -L/usr/local/lib -lbotan -lm -lpthread -lrt to make it easier to have multiple versions of Botan installed and in use at the same time.
* Fix zlib macro checklloyd2008-11-061-7/+7
|
* Update readme and log for 1.7.19 release 2008-11-061.7.19lloyd2008-11-062-2/+2
|
* Disable final upper bound limit since the min takes care of itlloyd2008-11-061-5/+1
|
* Move Entropy_Estimator to utils/entropy.h (from anon namespace in HMAC_RNGlloyd2008-11-068-101/+157
| | | | | implementation), remove freestanding estimate_entropy function, change Randpool to use entropy estimator.
* In Salsa20, move the state counter increment out of core salsa20() functionlloyd2008-11-061-5/+10
|
* Add a comment about trying non-precomputed LSFR offsets (it was significantlylloyd2008-11-061-9/+16
| | | | | slower on my machine). Some formatting changes. Make OFFSETS table static const.
* Add fast_poll implementationlloyd2008-11-042-3/+12
|
* Use Opteron as default submodel, otherwise bogus GCC flags if only arch ↵lloyd2008-11-041-1/+1
| | | | detected (as on FreeBSD)
* Disable x86-64 SHA-1 asm for FreeBSD. FreeBSD 7.0 at least did not likelloyd2008-11-041-1/+0
| | | | the current version.
* Document Turing optimizationslloyd2008-11-031-0/+1
|
* Formattinglloyd2008-11-031-2/+9
|
* Formattinglloyd2008-11-031-19/+18
|
* Remove unused entries from offsets tablelloyd2008-11-031-22/+26
|
* Remove more indexing problems from Turing::generate. Benchmarks 306 MiB/sec ↵lloyd2008-11-031-21/+17
| | | | on Q6600
* Further simplify indexing in Turing::generate - slightly faster, but not yet ↵lloyd2008-11-031-18/+20
| | | | at 300 MiB/s
* Start simplifying Turing::generatelloyd2008-11-031-5/+9
|
* Remove old commented out codelloyd2008-11-031-9/+0
|
* Inline more of Turing::generatelloyd2008-11-033-70/+68
|
* Avoid using get_byte in Turing::generate. On my Q6600, went fromlloyd2008-11-031-8/+5
| | | | | 255 MiB/s to 289 MiB/s (13% faster), mostly because this allows use of asm bswap and fast word<->byte conversions.
* In HMAC_RNG, force a reseed after 8192 blockslloyd2008-10-281-0/+3
|
* Clear K after new PRK is generated.lloyd2008-10-281-4/+7
|
* Add HMAC_RNG benchmarks. Change X9.31 PRNG to use HMAC_RNG as lower RNGlloyd2008-10-282-11/+35
|
* Set the default XTS (ASCII value of "Botan HMAC_RNG XTS") only once, inlloyd2008-10-281-86/+92
| | | | | | | the constructor. This avoids repeatedly resetting it for each reseed, if HMAC_RNG is used without entropy sources and using only application-provided entropy. Very slightly more efficient and also the code for reseed becomes a bit clearer.
* Mention HMAC_RNG in release noteslloyd2008-10-281-0/+1
|
* Wrap lines to 80 columnslloyd2008-10-2810-30/+54
|
* Modify AutoSeeded_RNG to use HMAC_RNG instead of Randpool, if HMAC_RNG islloyd2008-10-282-5/+20
| | | | | | | | available in the build. If neither is avilable, the constructor will throw an exception. As before, the underlying RNG will be wrapped in an X9.31 PRNG using AES-256 as the block cipher (if X9.31 is enabled in the build).
* Add HMAC_RNG, which is an RNG design based on Hugo Krawczyk's paperlloyd2008-10-283-0/+403
| | | | | | | | "On Extract-then-Expand Key Derivation Functions and an HMAC-based KDF". While it has much smaller state than Randpool (256-512 bits, typically, versus 4096 bits commonly used in Randpool), the more formal design analysis seems attractive (and realistically if the RNG can manage to contain 256 bits of conditional entropy, that is more than sufficient).
* Remove stray textlloyd2008-10-281-1/+0
|
* In ANSI_X931_RNG::reseed, only attempt to reseed the X9.31 state iflloyd2008-10-281-7/+10
| | | | the underlying PRNG's reseed was a success.
* Mention change in Randpool reseeding in release noteslloyd2008-10-281-0/+1
|
* Substantially change Randpool's reseed logic. Now when a reseedlloyd2008-10-2719-34/+107
| | | | | | | | | | | | | | | | | | | | | | | | | | is requested, Randpool will first do a fast poll on each entropy source that has been registered. It will count these poll results towards the collected entropy count, with a maximum of 96 contributed bits of entropy per poll (only /dev/random reaches this, others measure at 50-60 bits typically), and a maximum of 256 for sum contribution of the fast polls. Then it will attempt slow polls of all devices until it thinks enough entropy has been collected (using the rather naive entropy_estimate function). It will count any slow poll for no more than 256 bits (100 or so is typical for every poll but /dev/random), and will attempt to collect at least 512 bits of (estimated/guessed) entropy. This tends to cause Randpool to use significantly more sources. Previously it was common, especially on systems with a /dev/random, for only one or a few sources to be used. This change helps assure that even if /dev/random and company are broken or compromised the RNG output remains secure (assuming at least some amount of entropy unguessable by the attacker can be collected via other sources). Also change AutoSeeded_RNG do an automatic poll/seed when it is created.
* Use a single RNG in check/test codelloyd2008-10-271-10/+5
|
* Document OpenPGP_S2K changelloyd2008-10-261-0/+1
|
* TLS_PRF also depends on MD5 and SHA1, was not so markedlloyd2008-10-261-0/+2
|
* In KDF instead of lookup, instantiate fixed hashes (MD5, SHA-1) directlylloyd2008-10-264-21/+24
|
* Remove lookup.h use from OpenPGP S2Klloyd2008-10-263-23/+14
|
* Make S2K base class non-copyable and non-assignable by default (use clone ↵lloyd2008-10-261-0/+3
| | | | instead)
* Move EntropySource base class to new entropy_src.h (which allows the ↵lloyd2008-10-2616-28/+77
| | | | | | implementations to decouple from knowing about RandomNumberGenerator).
* Remove prohibition against generating DSA parameter set with a 224 bit q,lloyd2008-10-261-4/+0
| | | | since SHA-224 is now implemented.
* Move rng.h from core to rnglloyd2008-10-261-0/+0
|
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-20 22:27:01 +0000