| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
occur inside the key schedule instead. This should lead to (slightly) better
scheduling in the compiled code by reducing the length of a critical path.
|
|
|
|
|
|
|
| |
All are now specified through the config. The new default is just /bin,
/sbin, /usr/bin, and /usr/sbin. Formerly /usr/ucb, /usr/etc, and /etc were
also searched. If you want this behavior again you have to explicitly set
the rng/unix_path configuration setting.
|
|
|
|
| |
Use u32bit instead of uint32_t
|
|
|
|
|
|
| |
programs, the fast poll will just call a handful of simple Unix/POSIX
functions like getpid, getuid, getrusage, etc. Identifying further useful
sources would probably be helpful.
|
|\
| |
| |
| | |
and 'dda7bbd71591790326178cc71409a956cf121d6b'
|
| |
| |
| |
| |
| |
| | |
a fast poll request, and not if a slow poll was specifically requested.
So a sequence of slow and then fast polls would trigger a second slow
poll, which was not desired.
|
| |
| |
| |
| | |
Original patch from Yves Jerschow.
|
| |
| |
| |
| | |
decimal-dotted string notation.
|
| | |
|
| | |
|
| | |
|
|/
|
|
|
| |
Library_State::initialize: now the LibraryInitializer is just a simple
wrapper to create/destroy the state with no other operations.
|
|
|
|
|
|
|
|
| |
that called global_state(), which cased an infinite recursion.
Make creating a Library_State a two-phase operation, first an empty constructor
(just sets all pointers to NULL), then an initializer that sets up everything
needed to start up the library.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
bother creating it, just let it be initialized lazily when needed.
Reindents in encypt.cpp and hash_fd.cpp (indenting the brace after a try
statement).
|
|
|
|
| |
constructor.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
LibraryInitializer::initialize(), which will set it for us (or fail by
throwing an exception, which will be propogated to the caller). So any
instances of creating a LibraryInitializer where no option arguments
are passed can be removed; instead that initialization will run when
or if you execute an operation where Botan requires the services
provided in the state. Because no options are passed, the library will
be using the default (debug and not thread safe) mutex type: so
hopefully you'll quickly get an exception when the debug mutex
realizes it is being used in a threaded application, but there is risk
of operations silently failing before that happens.
You can call LibraryInitializer::deinitialize() at the end of your
main function (or whenever you think you won't need Botan anymore), to
free the global state; if not a number of cleanup destructors will not
run (including the final scrub of memory).
You can even shut down Botan speculatively; if it turns out you need
it again, it just means you'll have to take the cost of another
initialization. However in applications that use Botan only in small
bursts, or in rarely taken codepaths, you can remove the state
entirely and suffer zero memory overhead. This probably only makes
sense in memory constrained systems, but it's reasonable to do now.
Speculatively deallocating the state is probably not thread safe
without extra work. One thread calling deinitialize() would invalidate
pointers that would have been visible to other threads. One (untested)
idea: have an atomic integer with the number of current threads using
Botan. If any thread decrements and hits zero, it could deinitialize
Botan safely. This might cause too many repeated startup/shutdowns,
which would depend on the app use pattern.
In addition, since you can't pass arguments to the new Library_State,
you can't specify the use of real mutexes (or anything else): so for
right now, this only works in applications that are fine with the
standard options. I want to find a way to get that working, though,
since it's very inelegant. Currently a Default_Mutex (not at all
thread safe but somewhat error checking) will be used. And self test
will always be run (more on that below).
I wrote a program that just initializes and shuts down in a tight
loop. Running on my Gentoo box (Core2 E6400, gcc 4.1.2):
thread_safe? selftest? time (ms)
------------ --------- ---------
no yes 6.1
no no 3.8
yes yes 6.7
yes no 3.8
If you're actually worried that the library might start up OK but then
start failing basic self tests, what you actually want to do is have a
thread that runs diagnostics on your entire process state (including
calling Botan's self test code) every N seconds.
The question is how to get arguments from the outside world to the
constructor of the Library_State that is created inside of
global_state(): avoiding many self tests to save a bit of time (many
applications won't care about the extra cost but sometimes 2 or 3 ms
is important), and thread safety (beacuse you can't specify to use a
real mutex).
|
|
|
|
| |
SHA-256 (from draft-ietf-pkix-sha2-dsa-ecdsa-01)
|
|\
| |
| |
| | |
and 'fbf3d94a0adf58cf44bd52a391f647b9ea49a5ba'
|
| |
| |
| |
| | |
exception instead of one for a PEM decode error which is not very helpful.
|
| | |
|
| | |
|
|/
|
|
| |
5 minutes (300 seconds).
|
| |
|
|
|
|
| |
is 64 bits.
|
|
|
|
|
|
|
| |
The test vectors were generated by Crypto++ 5.5 on a Linux/x86-64 machine.
Test vectors for CBC-MAC(DES) all pass, for inputs up to 63 bytes. For
CBC-MAC(AES-128), all test vectors with inputs over 10 bytes fail to verify
against what Crypto++ produces. Unknown at this time where the bug lies.
|
|
|
|
|
|
|
|
|
| |
#8 format to store Rabin-Williams keys, inline small functions
that are only called once into their caller. Reduces overall
length of the file from 458 to 367 lines. Rename all the key
files in keys/ to use a .pem suffix since they are all now in PEM
format (the RSA keys had been for a long time but were never
renamed).
|
| |
|
|
|
|
|
| |
algorithms exist. They haven't been used since the 'minimal' module was
removed in Botan 1.3.14
|
| |
|
|
|
|
| |
about unknown algorithm names.
|
| |
|
| |
|
|\
| |
| |
| | |
and 'b52ffb84f6e232e32db9f8090937c9def3a276d4'
|
| |\
| | |
| | |
| | |
| | |
| | | |
b8139f65cc60ecf9c4b2e789474f81d97036f43e)
to branch 'net.randombit.botan' (head 257e32039477e27e354f0cebf2f139fcd9f7400a)
|
| | |
| | |
| | |
| | | |
from Christophe Meessen on the development list.
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
through 1b3b93981f425fcc78d0d283136542ff58a8bb07
Cherrypick the change to fix the algorithm cache lookups made on
mainline back to the stable tree.
|
| | | |
|
|/ /
| |
| |
| | |
from Christophe Meessen on the development list.
|
| |
| |
| |
| |
| | |
limits the output to just a bit under 2^32 bytes, which is the maximum
you can request anyway.
|
| | |
|
| | |
|
| |
| |
| |
| | |
static_cast or reinterpret_cast, as needed.
|
| |
| |
| |
| | |
(nominally) more accurate results.
|
| |
| |
| |
| | |
or other non-portable implementations as modules.
|
| |
| |
| |
| |
| | |
just want access to the underlying data representation but don't care if
the return value is NULL terminated or not.
|
| | |
|