aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Update my email address and PGP keysJack Lloyd2016-10-253-45/+70
| | | | | | | [email protected] is still a valid email address for me but I am using [email protected] going forward. [ci skip]
* Correct gitter.im webhook URLJack Lloyd2016-10-251-1/+1
|
* Merge GH #682 Improve test name consistencyJack Lloyd2016-10-255-5/+5
|\
| * Pubkey tests should express category [ci skip]René Korthaus2016-10-245-5/+5
| |
* | Merge GH #683 Avoid SHA-1 use in ElGamal+ECKCDSA self testsJack Lloyd2016-10-252-2/+2
|\ \
| * | Fix hardcoded SHA-1 in eckcdsa consistency checkRené Korthaus2016-10-241-1/+1
| | |
| * | Fix hardcoded SHA-1 in elgamal consistency checkRené Korthaus2016-10-241-1/+1
| |/
* | Merge GH #684 Add PKCS11 and TPM to Travis coverage buildJack Lloyd2016-10-253-11/+29
|\ \
| * | Add TPM and PKCS #11 to coverage buildJack Lloyd2016-10-243-11/+29
|/ / | | | | | | | | | | | | SoftHSMv1 included in 14.04 is too old and many tests fail, so grabs prebuilt SoftHSMv2 binaries from www.randombit.net. This can change to use the packaged SoftHSM in 16.04, whenever Travis makes that available.
* | Remote unused macrosJack Lloyd2016-10-242-5/+1
| |
* | Initialize member variable in PKCS11_EC_PrivateKeyJack Lloyd2016-10-242-2/+2
|/ | | | | One of the constructors initialized the member, the others did not. Found by Coverity scanner.
* Add gitter.im hooks+linkJack Lloyd2016-10-242-0/+8
|
* Limit locking_allocator only to OSes that even might support it.Jack Lloyd2016-10-241-0/+8
| | | | | | The pool allocator itself is portable code, but it doesn't do anything useful unless we have the ability to mlock/VirtualLock memory, which is OS specific.
* Remove unneeded includesJack Lloyd2016-10-242-2/+0
|
* Fixes for build without 25519Jack Lloyd2016-10-242-3/+6
|
* Update release notesJack Lloyd2016-10-241-4/+12
| | | | [ci skip]
* Merge GH #673 X25519 TLS key exchangeJack Lloyd2016-10-249-44/+113
|\
| * X25519 key exchange for TLSJack Lloyd2016-10-219-44/+113
| | | | | | | | | | Client interops with google.com, server not tested against an independent client yet.
* | Merge GH #675 Lucky13 countermeasuresJack Lloyd2016-10-242-0/+82
|\ \
| * | Final changes, now using the countermeasure from the Lucky 13 paper again ↵Juraj Somorovsky2016-10-231-36/+32
| | | | | | | | | | | | | | | | | | (or a countermeasure that is very similar to it). Timing differences in the test suite show at most 120 clock cycle difference (SHA-1/256/384).
| * | SHA384 countermeasure (not perfect, but makes the attack harder)Juraj Somorovsky2016-10-221-19/+27
| | |
| * | Lucky 13 patch for SHA-1 and SHA-256Juraj Somorovsky2016-10-162-0/+78
| | |
* | | Merge GH #679 Unify test namingJack Lloyd2016-10-244-5/+5
|\ \ \
| * | | Reunify registered test names [ci skip]René Korthaus2016-10-234-5/+5
| | | |
* | | | Merge GH #668: Remove Algo_Registry and associated global locksJack Lloyd2016-10-2495-1673/+1485
|\ \ \ \ | |/ / / |/| | |
| * | | ECIES ISO tests require SHA-1Jack Lloyd2016-10-211-1/+1
| | | |
| * | | Missing include, noticed by Clang on OS XJack Lloyd2016-10-211-0/+1
| | | |
| * | | Cleanup from rebaseJack Lloyd2016-10-211-5/+0
| | | |
| * | | Fix PSSRJack Lloyd2016-10-211-1/+1
| | | |
| * | | Remove unused functions from SCAN_NameJack Lloyd2016-10-212-39/+0
| | | |
| * | | Small cleanup in OpenSSL ECJack Lloyd2016-10-211-12/+13
| | | |
| * | | Remove alias logic from SCAN_NameJack Lloyd2016-10-2112-182/+168
| | | | | | | | | | | | | | | | | | | | | | | | This required taking a global lock and doing a map lookup each time an algorithm was requested (and so many times during a TLS handshake).
| * | | Remove Algo_RegistryJack Lloyd2016-10-2192-1551/+1419
| | |/ | |/| | | | | | | | | | | | | | | | I repent my use of global constructors. I repent my use of global locks. Hopefully I will never touch this code again. :)
* | | Merge GH #676 Fix invalid UTF-8 [ci skip]Jack Lloyd2016-10-221-1/+1
|\ \ \
| * | | Fix invalid UTF-8 char in API doc [ci skip]René Korthaus2016-10-221-1/+1
|/ / / | | | | | | | | | | | | | | | An invalid UTF-8 character prevented Latex from generating a PDF document from the doxygen-generated Latex API docs via make pdf.
* | | Initialize member variable (Coverity find)Jack Lloyd2016-10-221-1/+1
| | |
* | | Fix handling of file descriptor zeroJack Lloyd2016-10-221-13/+11
| | | | | | | | | | | | | | | If opening /dev/*random resulted in fd 0, we would both not use that RNG and leak the file descriptor. Found with Coverity.
* | | Address some Coverity warningsJack Lloyd2016-10-223-9/+9
| | | | | | | | | | | | Nothing exciting.
* | | GH #674 Check Doxygen and Sphinx builds as part of CIJack Lloyd2016-10-228-19/+46
|\ \ \
| * | | Build the docs during CIJack Lloyd2016-10-228-19/+46
| |/ / | | | | | | | | | Fix various doc building problems/warnings.
* | | Fix Coverity scanJack Lloyd2016-10-221-1/+1
| | | | | | | | | | | | | | | The build interceptor got confused by use of g++-4.8 vs g++ This used to work but broke at some point. Fixes #612
* | | Don't test non-master branches on CircleCI eitherJack Lloyd2016-10-221-0/+5
| | |
* | | Use correct macro for ECC in create_private_keyJack Lloyd2016-10-221-1/+1
|/ /
* | Allow setting the validation time during PKIX path validationJack Lloyd2016-10-213-19/+34
| | | | | | | | | | | | | | Previously validation asked the system clock which is not always the correct thing (for example when using Roughtime protocol). Had been on the todo list forever, forced into it by some of the test certs expiring today.
* | Add create_private_key, expose key loading functions in pk_algs.hJack Lloyd2016-10-209-153/+236
| |
* | Tighten up TLS server handshake logic.Jack Lloyd2016-10-201-20/+15
| | | | | | | | | | | | | | | | | | Previously client was allowed to omit the Certificate message, a leftover from supporting SSLv3. In all versions of TLS, an empty message must be sent if the client does not want to use a cert. No known security impact, but nothing we need to allow anymore. Clean up the handshake switch a bit by using return statements.
* | cli: Add dl_group_info cmdletJack Lloyd2016-10-201-0/+24
| |
* | Update release notesJack Lloyd2016-10-201-0/+29
| |
* | Merge GH #669 Add SHA-3, SHAKE-128, and BoringSSL-mode NewHopeJack Lloyd2016-10-2020-215/+5161
|\ \
| * | Update policy files for SHA-3Jack Lloyd2016-10-192-1/+3
| | | | | | | | | | | | BSI drops Keccak in favor of SHA-3. Modern adds SHA-3 and SHAKE-128.
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-04 22:08:07 +0000