aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Avoid creating a map from a DN when not requiredJack Lloyd2018-03-215-14/+20
|
* Store elements of a DN as a vectorJack Lloyd2018-03-212-59/+59
| | | | | | | This allows retreiving the original ordering which is required for DN string encoding as defined in RFC 4514 Fixes #336
* Avoid Padding= directive in test files prefer headerJack Lloyd2018-03-214-580/+234
| | | | Removes a lot of duplicates and generally easier to read.
* Update newsJack Lloyd2018-03-211-0/+4
|
* Merge GH #1502 Fix (EC)DSA when using hashes longer than group orderJack Lloyd2018-03-219-6/+165
|\
| * Change DSA behavior similarlyJack Lloyd2018-03-213-2/+51
| |
| * Shift ECDSA inputs to match OpenSSL behaviorJack Lloyd2018-03-216-4/+114
| | | | | | | | See also GH #986
* | Merge GH #1499 Add --msvc-runtime optionJack Lloyd2018-03-212-15/+47
|\ \ | |/ |/|
| * Add option to specify the MSVC runtimeJack Lloyd2018-03-212-15/+47
|/ | | | Fixes GH #210
* Remove unused variables [ci skip]Jack Lloyd2018-03-212-4/+0
|
* Simplify a common case BigInt constructorJack Lloyd2018-03-212-1/+13
|
* Add another Ed25519 helper to save a few hundred redundant linesJack Lloyd2018-03-203-301/+106
| | | | No impact on performance.
* Add some helpers for handling carries in Ed25519Jack Lloyd2018-03-204-893/+491
|
* Update side channel docJack Lloyd2018-03-201-29/+34
|
* Update news, todoJack Lloyd2018-03-202-0/+3
|
* Merge GH #1501 Support Ed25519 certificatesJack Lloyd2018-03-204-40/+75
|\
| * Support Ed25519 certificate formatJack Lloyd2018-03-204-40/+75
|/ | | | Able to create certificate chain and verify it with OpenSSL 1.1.1
* Store base point multiplies in a single std::vectorJack Lloyd2018-03-208-30/+175
| | | | | | | | | | | Since the point is public all the values are also, so this reduces pressure on the mlock allocator and may (slightly) help perf through cache read-ahead. Downside is cache based side channels are slightly easier (vs the data being stored in discontigious vectors). But we shouldn't rely on that in any case. And having it be in an array makes a masked table lookup easier to arrange.
* Nudge users to EC_Group::OS2ECPJack Lloyd2018-03-201-4/+10
|
* Support multiple DNS names through the command line interfaceJack Lloyd2018-03-193-3/+10
|
* Remove use of ;; to end linesJack Lloyd2018-03-195-5/+5
|
* Add EC_Group::clear_registered_curve_dataJack Lloyd2018-03-193-0/+23
| | | | | | Needed for OSS-Fuzz (OOMing a lot) and maybe very occasionally useful in some weird application that has to deal with 100s of different curves.
* Cache additional values for PointGFp multi-exponentiationJack Lloyd2018-03-195-64/+103
| | | | Improves ECDSA verification by ~10%
* Avoid needless computation in base point multiplyJack Lloyd2018-03-193-33/+6
| | | | We computed twice as many values as were used.
* Use a better algorithm for base point multipliesJack Lloyd2018-03-193-11/+25
| | | | | | | Nothing very clever, just store P^i,2*P^i,3*P^i in a table so we can do two bits of the scalar at a time. Improves ECDSA sign by 20-30%
* Avoid throwing out of destructorJack Lloyd2018-03-191-1/+5
| | | | This can't really happen but could in Coverity's mind.
* Add back Coverity badge [ci skip]Jack Lloyd2018-03-191-0/+4
|
* Fix --disable-{neon,sse2,altivec} for simd_32 usersJack Lloyd2018-03-181-7/+9
| | | | | Using --disable-neon was not effective because simd_32 users had special logic that would still enable it.
* Avoid code that triggers problems under GCC 8Jack Lloyd2018-03-181-1/+1
| | | | GH #1498
* Fix warning in new pylintJack Lloyd2018-03-171-9/+9
| | | | | It doesn't like slicing using a ctypes integer as index: Slice index is not an int, None, or instance with __index__
* Fix CPUID::has_cpuid_bitJack Lloyd2018-03-171-1/+3
| | | | | | It would return true if any bits were set instead of if all the bits were set. It is only currently called with a single bit but that might change in the future.
* Avoid creating stringstream unless needed in version checkJack Lloyd2018-03-171-3/+3
|
* Avoid unused arg warning in PowerPC CPUID codeJack Lloyd2018-03-171-0/+2
|
* Update newsJack Lloyd2018-03-171-0/+7
|
* Avoid calling run() on SIMD tests if SIMD instructions not available.Jack Lloyd2018-03-171-1/+6
| | | | | | | | | | Problem is the same flag that enables the intrinsics also gives the compiler a free hand to emit same instructions for everything including function preambles. So on systems without SSE2/NEON/etc, even jumping to the test briefly causes a crash because GCC emits SIMD instructions for things other than our intrinsics. GH #1495
* Avoid a problematic construct for AltiVec byteswapJack Lloyd2018-03-161-3/+8
| | | | Seems to cause problems with GCC 8 on ppc64le. GH #1498
* Catch exceptions by reference not valueJack Lloyd2018-03-167-24/+18
| | | | Fixes a new warning in GCC 8
* Add basecase_sqr functionJack Lloyd2018-03-161-3/+29
| | | | | | Just a simple adaption of the n^2 multiply algorithm, so no performance impact. However makes the difference between squaring and multiply easier to see when profiling.
* Fix incorrect return value checkJack Lloyd2018-03-151-1/+1
|
* In Python module support loading via libbotan-2.so.X sonameJack Lloyd2018-03-151-7/+22
| | | | | | Needed for distros that ship the main library symlink in the dev package. GH #1497
* Update newsJack Lloyd2018-03-151-0/+5
|
* Avoid using threads in DSA operationsJack Lloyd2018-03-151-25/+3
| | | | | | | | | For DSA signing using a thread turned out to be purely a pessimization. The single threaded code is faster even on a 4-core machine running Linux (which has very fast thread creation). It would likely be much worse on a single core machine or an OS with slower thread primitives. For DSA verification, use Montgomery multi-exponentiation instead.
* Add multiexponentation interface to DL_GroupJack Lloyd2018-03-152-3/+17
|
* Add Montgomery multiexponentiationJack Lloyd2018-03-154-0/+95
|
* Put ISA enabling flags after CXXFLAGS to override as neededJack Lloyd2018-03-151-4/+4
| | | | See GH #1495
* Merge GH #1494 Use RtlGenRandom instead of CryptoAPI/CryptoNGJack Lloyd2018-03-1411-103/+55
|\
| * Remove PROV_TYPE from build.hJack Lloyd2018-03-141-9/+6
| |
| * Use RtlGenRandom instead of CryptoAPIJack Lloyd2018-03-1410-94/+49
| |
* | Some additional operations on Montgomery_IntJack Lloyd2018-03-142-0/+45
|/ | | | Needed for #1432
* Update newsJack Lloyd2018-03-141-0/+5
|