aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Add dependencieslloyd2010-09-247-0/+31
|
* Delete obsolete asm versionslloyd2010-09-247-781/+0
|
* Minor performance tweak, avoid zeroing things we'll immediately writelloyd2010-09-241-2/+1
| | | | to. Helps more than I would have thought.
* Modify bigint_monty_redc to take an additional workspace argument.lloyd2010-09-245-71/+83
| | | | | | | Modify it to avoid a timing condition during the compare at the end; this is done by always doing the subtraction, and then copying to the output either the pre-subtraction or post-subtraction value depending on if the final borrow was set or not.
* s/carry/borrow/ in subtraction routineslloyd2010-09-241-14/+18
|
* s/j/i for loop variableslloyd2010-09-241-36/+36
|
* Cleanuplloyd2010-09-232-16/+24
|
* Make these functions mostly constant-time, and in particular notlloyd2010-09-231-29/+9
| | | | | depending on the value of the final carry out for anything control-flow related.
* In the IDEA key schedule, using the extended Euclidean algorithm tolloyd2010-09-231-17/+14
| | | | | | compute the inverses mod 65537 exposed a timing vulnerability. Avoid this by instead using exponentiation, which takes constant time (up to variability in the multiplication operation, at least).
* Fix OpenSSL engine WRT memory vector changes, append is no morelloyd2010-09-231-1/+3
|
* Add a convenience overload of hex_encode taking a MemoryRegion<byte>&lloyd2010-09-232-0/+17
|
* Add a set of tests devised by Rivest which are designed to detect alloyd2010-09-231-0/+18
| | | | | range of single bit errors in DES (though really this method is more useful for a hardware implementation than table based software).
* In RSA and RW key generation, if we generate a key that isn't exactlylloyd2010-09-222-11/+12
| | | | | | | the requested bitsize, simply repeat instead of failing immediately. The condition could actually occur in practice if a prime that was on the very low end of the specified range was chosen (eg q happened to be chosen as 10000...001).
* Deal with loss of store searchlloyd2010-09-212-2/+3
|
* Add info.txt filelloyd2010-09-211-0/+1
|
* Do the prep/unroll phase 4 rounds before it is needed instead of 3;lloyd2010-09-211-97/+92
| | | | tests on Nehalem indicate a small but measurable win there (about 3%).
* Clean up, hide union accesses with a macro to make it easier to testlloyd2010-09-211-40/+92
| | | | alternative methods of getting pieces of the expanded message.
* Remove searching with an arbitrary predicate from X509_Storelloyd2010-09-204-197/+0
|
* Move certificate store to its own dirlloyd2010-09-203-0/+1
|
* Add missing info fileslloyd2010-09-205-0/+6
|
* Add CRL storage possibilitieslloyd2010-09-203-17/+93
|
* Hide X509_Store::check_siglloyd2010-09-201-2/+2
|
* Add a (clunky) function X509_Object::hash_used_for_signature thatlloyd2010-09-202-0/+26
| | | | | | | returns the hash function that was used to create the signature. Useful for a future X509 path validator that inform the user which hash(es) they are relying on and/or allowing the ability to reject hashes which are undesirable (MD2, MD5, etc)
* Don't use SecureVector to store certificate data; mlock'ed memory inlloyd2010-09-173-8/+8
| | | | | particular is precious. Really these could probably just as easily be std::vectors since even zeroizing the memory isn't relevant here.
* Add strict comparisons for X509_Timelloyd2010-09-172-0/+8
|
* Define a simpler Certificate_Store interface which should be muchlloyd2010-09-173-45/+56
| | | | | easier to implement without requiring in-memory linear searching (eg a flatfile store or SQL database with indexes).
* Hide X509_Object constructorlloyd2010-09-171-11/+11
|
* Remove dependencies on X509_Storelloyd2010-09-174-12/+23
|
* Split up src/cert/x509 into a set of modules, though mostly mutuallylloyd2010-09-1729-51/+6
| | | | dependent right now.
* Require a TLS_Policylloyd2010-09-179-64/+60
|
* I had this older version of algorithm_benchmark included forlloyd2010-09-161-18/+0
| | | | | | | | | | | | compatability with 1.8, but actually the signature is completely different anyway because that version took a Timer object, which doesn't exist at all anymore. I suppose I could add an empty Timer class plus subclasses, let someone instantiate it and pass it in, ignoring it, but I'm not feeling this is worth the effort. It would make more sense to add a version with this signature to 1.8, which creates a Default_Benchmark_Timer and uses it.
* Add a helper function for encoding TLS values with length tagginglloyd2010-09-156-47/+60
|
* Use push_back for the single value += operatorlloyd2010-09-151-3/+1
|
* Update/fix SSL depslloyd2010-09-151-6/+5
|
* Hide a number of the internal SSL headers from the user, you can stilllloyd2010-09-1518-28/+32
| | | | see too much but better than before.
* Document removing appendlloyd2010-09-151-2/+3
|
* Update all uses of MemoryRegion::append to use either push_back or operator+=lloyd2010-09-1534-157/+152
|
* Remove all versions of MemoryRegion::append.lloyd2010-09-151-19/+43
| | | | | | | Add a push_back that takes a single argument ala std::vector For appending, provide some namespace level += operators - we can use this technique with either MemoryRegion or a std::vector.
* Implicit conversionslloyd2010-09-145-21/+25
|
* Remove more implicit vector to pointer conversionslloyd2010-09-1413-51/+52
|
* More changes to avoid vector to pointer implicit conversionslloyd2010-09-1421-54/+55
|
* Handle the case that container size() returns something other than u32bitlloyd2010-09-1415-23/+22
|
* Completely remove the second parameter to SecureVector which specifieslloyd2010-09-1468-272/+313
| | | | | | | | | | | | | | | | | | | | the initial/default length of the array, update all users to instead pass the value to the constructor. This is a old vestigal thing from a class (SecureBuffer) that used this compile-time constant in order to store the values in an array. However this was changed way back in 2002 to use the same allocator hooks as the rest of the containers, so the only advantage to using the length field was that the initial length was set and didn't have to be set in the constructor which was midly convenient. However this directly conflicts with the desire to be able to (eventually) use std::vector with a custom allocator, since of course vector doesn't support this. Fortunately almost all of the uses are in classes which have only a single constructor, so there is little to no duplication by instead initializing the size in the constructor.
* Avoid 3-argument copylloyd2010-09-131-1/+1
|
* Split up definitions so it is easer to remove functions I want to remove.lloyd2010-09-131-19/+21
| | | | | | Avoid using using directives in MemoryVector and SecureVector to bring things into scope; it brings them into public scope even if they are protected which is not desirable. Instead disambiguate using this->func()
* Don't expose init (protected) with a using directivelloyd2010-09-131-8/+6
|
* Remove constructors of MemoryVector and SecureVector that took twolloyd2010-09-134-23/+16
| | | | MemoryRegions and concatenated them.
* Fix examples for destroy being renamed clearlloyd2010-09-132-2/+2
|
* Remove more uses of vector to pointer implicit conversionslloyd2010-09-1335-126/+154
|
* More vector->pointer conversion removals.lloyd2010-09-1318-42/+49
| | | | | | | | | | | Add RandomNumberGenerator::random_vec, which takes an length n and returns a new SecureVector with randomized contents of that size. This nicely covers most of the cases where randomize was being called on a vector, and is a little cleaner in the code as well, instead of vec.resize(length); rng.randomize(&vec[0], vec.size()); we just write vec = rng.random_vec(length);
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-29 04:44:02 +0000