| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\
| |
| |
| |
| |
| | |
ac888e57b614c623590d79ab615353ad7c76ef68)
to branch 'net.randombit.botan.c++0x' (head 9bf78ed7e2521a328f6db7acbc1cd81b07718230)
|
| | |
| |
| |
| |
| |
| | |
AES-256 blocks, plus a handful remaining in a general AES block.
This is necessary for any implementation which only supports a particular
key size, since otherwise no tests at all will run on that implementation.
|
| | |
| |
| |
| |
| |
| |
| | |
the user to specify the hash function to use, instead of always using SHA-1.
This was a sensible default a few years ago, when there wasn't a ~2^60 attack
on SHA-1 and support for SHA-2 was pretty much nil, but using something else
makes a lot more sense these days.
|
| |\ \
| |/
|/|
| |
| |
| | |
2773c2310e8c0a51975987a2dd6c5824c8d43882)
to branch 'net.randombit.botan.c++0x' (head f13cf5d7e89706c882604299b508f356c20aae3a)
|
| | |
| |
| |
| | |
(which will go later) which will live in the new time.h
|
| | | |
|
| | |\
| | |
| | |
| | |
| | |
| | | |
139d6957d20f0b1202e0eacc63cb011588faffde)
to branch 'net.randombit.botan.c++0x' (head c16676fa6c393bc3f46a044755ce525a013380a6)
|
| | | |\
| | | |
| | | |
| | | |
| | | |
| | | | |
8a5eb02c2e451fc983f234f7ba2f023f5a7d294f)
to branch 'net.randombit.botan.c++0x' (head e18cd411269e15638df3298d6a4165446e7ca529)
|
| | | | |\
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
92e05ab242e4b6998d685961c53700534a673bce)
to branch 'net.randombit.botan.c++0x' (head 27ce37b971ec5cb1f80a9a95b13d5a951b96653b)
|
| | | | |\ \
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
32f457161b1ad1afb7a3d0ccebc98ada83fb23d9)
to branch 'net.randombit.botan.c++0x' (head 6e3c13869f27636152cf11c65a7d8197a93641d9)
|
| | | | | |\ \
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
5cadcc57872bef55226579df57349fe09a93d1f5)
to branch 'net.randombit.botan.c++0x' (head d1747f0394aa4442e5b32b9102b830e1a86f0e5a)
|
| | | | | | |\ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
95eb8083f5884531e5ca0667388f8a6fb6d05c41)
to branch 'net.randombit.botan.c++0x' (head 56e105e678540c8bcafa4d0198c19a9489fbf8d1)
|
| | | | | | |\ \ \
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
5438defd358f82e876917a8bd6d735305ecb0a8e)
to branch 'net.randombit.botan.c++0x' (head cbdb2fd418557add29a536f7bdb6e78db16f725c)
|
| | | | | | | |\ \ \
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
d6d32791adfa878b6fc0dd3a5b65a665b7bbb549)
to branch 'net.randombit.botan.c++0x' (head 54deb0e078aab8cd91c8fd8819d1e6668fc762da)
|
| | | | | | | |\ \ \ \
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
6a746ccf1e957dba703e65372050a7bd4d6b117d)
to branch 'net.randombit.botan.c++0x' (head f54bb7b391eb3b71f380a68ddd460debdc31545d)
|
| | | | | | | | | | | | |
|
| | | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
This was mostly a s/auto_ptr/unique_ptr/, except in the CVC code and one
function in ECDSA, which relied on auto_ptr's move semantics (ugh) and had
to be modified in various ways.
|
| | | | | | | | | | | | |
|
| | | | | | | | | | | | |
|
| |/ / / / / / / / / /
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
StreamCipher_Filter
to pass it directly to a Pipe now.
|
| | | | | | | | | | | |
|
| |/ / / / / / / / /
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Remove the Decrypt direction cipher mode tests - now both directions
are always tested for all modes. Also add IVs for Salsa20 (were implicit
all-zeros) since that does not fly anymore in validate.dat
|
| | | | | | | | | | |
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Features dropped: RNG benchmarking, the --bench-type option.
New feature: Anything the library understands can be benchmarked using
--bench-algo.
Use 3DES and Serpent for mode benchmarking along with AES-128.
|
| | | | | | | | | | |
|
| | | | | | | | | | |
|
| | |_|_|_|_|_|_|/
|/| | | | | | |
| | | | | | | |
| | | | | | | | |
version.
|
| |/ / / / / / /
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
- rounding.h (round_up, round_down)
- workfactor.h (dl_work_factor)
- timer.h (system_time)
And update all users of the previous util.h
|
| | | | | | | | |
|
| |\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
ef51dd2869ed38dae3aeb1c3b931ca9d595580e1)
to branch 'net.randombit.botan' (head fc1942640045423f411fd865cbd584090b28d7eb)
|
| | |/ / / / / / |
|
| | | | | | | | |
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
output with a script after the fact to generate such things, especially
as often for HTML I want to do multiple side-by-side results.
|
| | | | | | | | |
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Modify ECB to use parallel encryption/decryption where possible
Add toggles in build.h specifying how many blocks to process in parallel.
Defaults to 8 blocks for all modes, which is sufficient that any likely
parallelism can be extracted (via SIMD or concurrent execution) but not
so much as to seem likely to cause cache problems (8*128 bits = 128 bytes,
or two x86 cache lines)
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
decryption. Currently only used for counter mode. Doesn't offer much
advantage as-is (though might help slightly, in terms of cache effects),
but allows for SIMD implementations to process multiple blocks in parallel
when possible. Particularly thinking here of Serpent; TEA/XTEA also seem
promising in this sense, as is Threefish once that is implemented as a
standalone block cipher.
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
in the Threefish cipher have changed to increase diffusion.
|
| |/ / / / / /
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
build (only libstate, utils, plus dependencies), which can be extended with
use of --enable-modules.
To add new modules to the set of always-loaded, use 'load_on always' in info.txt
Also fix a few small build problems that popped up when doing a minimal build.
Requested by a user.
|
| | |_|_|_|/
|/| | | |
| | | | |
| | | | |
| | | | | |
Serpent seems very nicely suited to a SSE2 SIMD implementation, and CTR
mode can handle multiple blocks in parallel. Input lens 1 to 128 bytes.
|
| |/ / / / |
|
| | | | | |
|
| | |_|/
|/| | |
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add a comment that the limitation of the personalization string
being a maximum of 64 characters is due to the implementation and
not the specification (but it makes it easy to implement, and in
this particular case 64 characters is probably fine).
Add some tests for the personalization option, generated by the
Skein reference implementation.
Disable stripping whitespace in checks/misc.cpp:strip - it strips
the personalization tag, which breaks the test, and isn't needed
otherwise because the test files are well-formed.
|
| | | |
|
| | | |
|
| |/ |
|
| |
|
|
| |
commonly used for the GOST 34.11 hash, generated by OpenSSL's GOST code.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GostR3411_94_TestParamSet, this is compatible with the implementations in
Crypto++ and OpenSSL. This is not backwards compatible, though once the
implementation supports multiple param sets (which is required, unfortunately,
for compatability with various standards by CryptoCom, who have defined not
one but at least 4 (!!!) different sboxes to use with GOST), I may offer
Botan's previous sbox set as an option.
Since adding the GOST hash function (34.11) and signing algorithm (34.10)
are on the long term agenda (request by Rickard Bondesson, as the Russian
authorities want to use their local standards for their DNSSEC use), I
renamed the block cipher class (which had been just 'GOST') to GOST_28147_89
to minimize future name clashes.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Combine the fast and slow polls, into a single poll() operation.
Instead of being given a buffer to write output into, the EntropySource is
passed an Entropy_Accumulator. This handles the RLE encoding that xor_into_buf
used to do. It also contains a cached I/O buffer so entropy sources do not
individually need to allocate memory for that with each poll. When data
is added to the accumulator, the source specifies an estimate of the number
of bits of entropy per byte, as a double. This is tracked in the accumulator.
Once the estimated entropy hits a target (set by the constructor), the
accumulator's member function predicate polling_goal_achieved flips to true.
This signals to the PRNG that it can stop performing polling on sources,
also polls that take a long time periodically check this flag and return
immediately.
The Win32 and BeOS entropy sources have been updated, but blindly; testing
is needed.
The test_es example program has been modified: now it polls twice and outputs
the XOR of the two collected results. That helps show if the output is consistent
across polls (not a good thing). I have noticed on the Unix entropy source,
occasionally there are many 0x00 bytes in the output, which is not optimal.
This also needs to be investigated.
The RLE is not actually RLE anymore. It works well for non-random inputs
(ASCII text, etc), but I noticed that when /dev/random output was fed into
it, the output buffer would end up being RR01RR01RR01 where RR is a random
byte and 00 is the byte count.
The buffer sizing also needs to be examined carefully. It might be useful
to choose a prime number for the size to XOR stuff into, to help ensure an
even distribution of entropy across the entire buffer space. Or: feed it
all into a hash function?
This change should (perhaps with further modifications) help WRT the
concerns Zack W raised about the RNG on the monotone-dev list.
|
