aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* NIST SP800-108 & 56cKai Michaelis2016-04-2011-0/+5991
|
* Specific ideas re PGP supportJack Lloyd2016-04-151-3/+15
|
* Catch the right exception type so errors are reported instead ofJack Lloyd2016-04-151-8/+17
| | | | | | manifesting as broken sockets. Leave the client socket open until the alert has been sent.
* Don't reject TLS packets with zero plaintext bytesJack Lloyd2016-04-153-13/+24
| | | | | | | | OpenSSL sends an empty record before each new data record in TLS v1.0 to randomize the IV, as a countermeasure to the BEAST attack. Most implementations use 1/(n-1) splitting for this instead. Bug introduced with the const time changes in 1.11.23
* Empty the key/tweak containers which is used to signal the key was setJack Lloyd2016-04-151-3/+3
| | | | Fix exception message
* Fix formatting bugs in TLS docJack Lloyd2016-04-131-11/+6
| | | | | | | Fixes GH #460 Closes GH #474 [ci skip]
* Merge GH #468Jack Lloyd2016-04-135-4/+32
|\ | | | | | | | | | | Resolves problems with shared lib on OS X caused by incorrect dylib naming Fixes GH #467
| * Fixed shared library behaviour on Darwin/OS X.Alastair Houghton2016-04-075-4/+32
| |
* | Add support for ChaCha(12)Jack Lloyd2016-04-095-11/+49
| |
* | Fix a couple MSVC warnings.Jack Lloyd2016-04-093-10/+12
| | | | | | | | | | | | | | | | Cast std::streamsize to size_t since MSVC is worried gcount() might return a negative number. The entropy callbacks took the entropy estimate as a size_t instead of a double, which causes some verbose warnings due to the conversion.
* | Merge GH #464 fix Python3 bcrypt, add testJack Lloyd2016-04-091-3/+12
|\ \ | | | | | | | | | Fixes GH #461
| * | Removed empty lineMouse2016-04-061-1/+0
| | |
| * | Fixed bcrypt() argument problem. Fixed buffer overread in bcrypt().Mouse2016-04-051-3/+13
| |/
* | Merge GH #473 - remove needless BOTAN_DLL from AutoSeeded_RNGJack Lloyd2016-04-091-1/+1
|\ \ | |/ |/| | | | | | | | | | | Apparently adding a dllexport annotation causes VC to want to emit some object code somewhere, and since AutoSeeded_RNG is entirely inline this fails with a link error (GH #451). GCC's visibility attribute just changes what symbols are marked as exported, so did not trigger the problem.
| * fix linker error if compiling with `--module-policy bsi` on Windows. Fixes ↵Daniel Neus2016-04-081-1/+1
|/ | | | GH #451
* Update OCB ciphersuites to follow new nonce scheme from -04 draftJack Lloyd2016-04-043-51/+56
|
* Add McEliece timeJack Lloyd2016-04-031-0/+82
|
* More todosJack Lloyd2016-04-031-2/+8
|
* Merge pull request #458 from cordney/add-more-ffi-testsJack Lloyd2016-04-033-5/+300
|\ | | | | Add more tests for ffi
| * Add more tests for ffiRené Korthaus2016-03-253-5/+300
|/
* Add IETF standard ChaCha20Poly1305 ciphersuites to TLSJack Lloyd2016-03-236-59/+109
|
* Fix bug in IETF version of ChaCha20Poly1305Jack Lloyd2016-03-233-18/+65
| | | | | If the input lengths are exact multiples of 16 bytes then no padding should be added. Previously 16 bytes of zero padding were added instead.
* Typo fixJack Lloyd2016-03-221-1/+1
| | | | [ci skip]
* Release 1.11.291.11.29Jack Lloyd2016-03-203-36/+115
|
* Clean up PK decryption encoding.Jack Lloyd2016-03-2017-86/+103
| | | | | | | Previously RSA and ElGamal stripped off leading zeros which were then assumed by the padding decoders. Instead have them produce ciphertexts with leading zeros. Changes EME_Raw to strip leading zeros to match existing behavior.
* Add PK_Decryptor::decrypt_or_randomJack Lloyd2016-03-2017-129/+253
| | | | | Performs content checks on the value (expected length, expected bytes) and in constant time returns either the decrypted value or a random value.
* Remove support for TLS v1.2 MD5 and SHA-224 signatures.Jack Lloyd2016-03-173-60/+7
| | | | | | | | | Remove support for weak ECC curves (anything under P-256) from TLS. This includes secp256k1 since we don't take advantage of the special form for any performance advantage; might as well use P-256. The manual still mentioned that it was possible to use MD5 in Policy::allowed_macs, but all HMAC-MD5 suites are already removed.
* Client must verify that the server sent an ECC curve which policy accepts.Jack Lloyd2016-03-173-0/+13
| | | | | Otherwise a MITM who can in real time break any supported ECC curve can downgrade us.
* Use rejection sampling in BigInt::random_integerJack Lloyd2016-03-163-15/+12
| | | | Avoids the test vector contortions in RSA-KEM
* Deprecate Rabin-WilliamsJack Lloyd2016-03-161-0/+4
|
* Merge GH #454 X.509 name constraintsJack Lloyd2016-03-1625-24/+1016
|\
| * Changes from GH #454 reviewJack Lloyd2016-03-165-69/+73
| |
| * X.509 Name ConstraintsKai Michaelis2016-03-1024-23/+1011
| |
* | TLS client featuresJack Lloyd2016-03-163-12/+63
| | | | | | | | | | | | Add flags --policy, --print-certs, --tls1.0, --tls1.1, --tls1.2 Update todo
* | Fix off by one in ressolJack Lloyd2016-03-152-1/+44
| | | | | | | | | | Could attempt to allocate (size_t)-1 words with predicably bad_alloc results.
* | Merge GH #422 Use system_time instead of high_resolution_clockJack Lloyd2016-03-101-1/+1
|\ \
| * | Use chrono::system_clock instead of chrono::high_resolution_clock in ↵Daniel Neus2016-03-071-1/+1
| | | | | | | | | | | | | | | | | | get_system_timestamp_ns() GH #422
* | | Merge GH #450 Add support for Windows VirtualLockJack Lloyd2016-03-103-2/+53
|\ \ \
| * | | remove redundant returnDaniel Neus2016-03-081-1/+0
| | | |
| * | | add support for VirtualLock/VirtualUnlock on WindowsDaniel Neus2016-03-073-2/+54
| |/ / | | | | | | | | | equivalent to mlock on Unix to prevent swapping out of memory
* | | Merge pull request #452 from cordney/patch-3Jack Lloyd2016-03-091-0/+19
|\ \ \ | | | | | | | | Add section on fork safety to rng manual
| * | | Add section on fork safety to rng manualRené Korthaus2016-03-081-0/+19
| |/ /
* / / Trivial warning fixesJack Lloyd2016-03-096-30/+40
|/ /
* | Add proc_walk, egd, Darwin entropy sources to policy.Jack Lloyd2016-03-062-9/+11
| | | | | | | | Prohibit unix_procs in BSI policy. See discussion in GH #446
* | Merge pull request #448 from shlomif/website-typos-correctionJack Lloyd2016-03-061-1/+1
|\ \ | | | | | | Correct a typo in the README/front-page.
| * | Correct a typo in the README/front-page.Shlomi Fish2016-03-061-1/+1
|/ / | | | | | | See https://github.com/randombit/botan/issues/443 .
* | Allow EMSA1 in BSI policyJack Lloyd2016-03-061-1/+1
| |
* | Merge GH #446 add --module-policy optionJack Lloyd2016-03-067-69/+383
|\ \
| * | Add option --module-policyJack Lloyd2016-03-067-69/+383
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A module policy is a file specifying three types of modules: ones which are required, ones which are prohibited, and ones which should be used if otherwise available (this is mostly for platform specific modules). Finally there are whatever modules which exist in the library of which the policy makes no mention. These will be included if an explicit dependency of some other module pulls them in (so there is no reason to mention base, utils, ... in the file) but skipped otherwise. For example policy 'sane' does not mention 'utils' or 'twofish' either way. Since utils is a dependency of other modules which are included, but Twofish does not. However unlike an explicitly prohibited module, not mentioned can still be requested as part of the build (here with --enable-module=twofish) Also fixes some test bugs noticed by compiling in different build configs. DLIES test didn't check that the KDF and MAC existed. Adds a typedef for MessageAuthenticationCode because typing it twice in a single line in the DLIES test made me think it's way too long. :) Also fix some fuzzer build problems. Due to a copy and paste bug the PKCS certificate (it was not). Inspired by GH #439
* | | Merge GH #373 RDRAND/RDSEED logic changesJack Lloyd2016-03-063-34/+51
|\ \ \ | | | | | | | | | | | | The Intel RNG may fail if heavily contended, so retry as needed.
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-16 08:07:56 +0000