aboutsummaryrefslogtreecommitdiffstats
path: root/checks
Commit message (Collapse)AuthorAgeFilesLines
* Fix the very basic operations for encoding and decoding alloyd2011-05-172-82/+17
| | | | | | | | | certificate policies extension, though it's really not supported at all. Remove test code from secmem.h Fix building the examples
* Modify ECC points to do all math in Montgomery form, rather thanlloyd2011-05-171-1/+2
| | | | | | | | | | | | | converting back and forth. This gives a 10 to 20% speedup on a Core i7. In addition, the CurveGFp no longer contains a Barrett reducer, saving 3 BigInts worth of memory. Add a #if'ed out alternative to point multiplication using the Montgomery ladder technique. It runs in (more or less) constant time, but rather significantly slower than the 4 bit window technique currently used. Tweak the window sizes to match the theoretical optimums.
* Fix building the tests when ECC is turned off.lloyd2011-05-171-2/+13
|
* Fixes for maintainer mode warningslloyd2011-05-162-5/+9
|
* The new method of doing comparisons did not work all of the time: iflloyd2011-05-131-0/+82
| | | | | | | | | | | the low bytes were equal, then the saturating subtraction result in that byte would be 0 with the high byte containing a non-zero value. To deal with this, shift and or together the two values into the low byte. Add some new tests which check out the SIMD implementation more carefully, including values that trigger the problem in the earlier version.
* Disable CMS by default, since it's pretty untested and likely unusablelloyd2011-05-061-0/+55
| | | | | | | | currently. Include the source directory name in object file names. Add some more DES test vectors.
* Tick version numbers to 1.10.0lloyd2011-04-141-0/+14
| | | | | | | | | | | | | | More documentation updates. The clean target wasn't removing one of the symlinks. In the self-test application, warn if the version we are linked against does not match the version we were built against. This always indicates a problem. Someone who had an older version installed on their system got very confused when the test app was linked against it at runtime; this warning would have saved a couple hours of puzzling by me. This would also have helped avoid the nasty bug in 1.8.3
* Make the alg_id param for passhash9 optional. Update callers.lloyd2011-04-111-1/+1
|
* ECC private keys had two different constructors, one taking a grouplloyd2011-04-087-38/+39
| | | | | | | | | | | | | | | | and a random number generator, and the other taking a group and a preset private key value. The DL private keys instead have on constructor for this; if the x value is zero, then a new random key is created. For consistency, do this with ECC as well. ECDH actually didn't have one of these constructors, forcing you to either load from PKCS #8 or else use a random key. Rename EC_Domain_Params to EC_Group, with a typedef for compatability. More doc updates. Update mtn ignores for Sphinx output
* PR 145 was based around an easy misunderstanding of the CTR code.lloyd2011-04-051-0/+515
| | | | | | Add some comments to help explain what is going on. Also add a test using 512 blocks; all the existing ones were shorter, so increment was not being tested at all. :(
* Add support for bcrypt, the Blowfish-based password hashing schemelloyd2011-02-161-0/+52
| | | | | used in OpenBSD. Tested as compatible with a common Java implementation (http://www.mindrot.org/projects/jBCrypt/)
* Add some more ECDSA tests (generated using Crypto++ 5.6)lloyd2011-02-161-0/+55
|
* Add the NIST AES key wrap algorithm, as specified in RFC 3394 andlloyd2011-02-151-0/+86
| | | | http://csrc.nist.gov/groups/ST/toolkit/documents/kms/key-wrap.pdf
* Remove dead codelloyd2011-02-142-127/+0
|
* Make this test easier to understandlloyd2011-02-141-46/+25
|
* Add a set of ECDSA tests using the Brainpool curves. Test caseslloyd2011-02-141-0/+65
| | | | | | generated using Crypto++ 5.6.1. Requested in PR 141.
* Remove inclusions of unused headers.lloyd2011-02-103-10/+12
| | | | Avoid using auto_ptr in the CVC headers.
* Add a new configure.py option --distribution-info which sets a macrolloyd2011-02-071-2/+1
| | | | | | | | | | | | | | | | | | | | | | | in build.h named BOTAN_DISTRIBUTION_INFO. The default value is 'unspecified'. People packaging botan could set this to another value, for instance 'Gentoo 1.9.13-r3' or 'Debian 1.9.13-1', or 'pristine' to indicate a completely unmodified/stock version. This was suggested by Zooko for Crypto++ in http://sourceforge.net/apps/trac/cryptopp/ticket/11 and seemed like an idea worth stealing. Don't default the version datestmap to the current day if unset, instead set to zero. This allows applications to detect unreleased versions. Document that version_datestamp will return zero for unreleased versions. Change the version_string function to return more information about the current version, including the release date and distribution information. It will now return strings like: Botan 1.9.13 (released 20110207, distribution Gentoo 1.9.13-r3) or for an unreleased version: Botan 1.9.13 (unreleased version, distribution unspecified)
* Fix the ordering of the GOST 34.10 signature values. Add a testlloyd2011-02-072-16/+17
| | | | | | | | | derived from a DNSSEC RFC. Bug reported by Bert Hubert to the mailing list. According to Bert, this ordering is compatible with the version included in OpenSSL. Also, benchmark GOST 34.10 using the GOST 34.11 hash since that is always what it is used with.
* Update Keccak to the round 3 variant announced 2011-01-17lloyd2011-01-201-1608/+1608
| | | | | Only change is the padding rule. It 'simplifies' the padding by making it less flexible and harder to implement efficiently. :(
* Allow benchmark buffers up to 64 MiBlloyd2010-12-221-1/+1
|
* More VC warning fixeslloyd2010-12-133-16/+16
|
* Avoid more VC warningslloyd2010-12-131-2/+2
|
* Add a simple but functioning implementation of Keccak. Only thelloyd2010-12-102-6/+9562
| | | | proposed SHA-3 parameter sets are supported.
* Thomas Keller reports that Mac OS X 10.5 still uses gcc 4.0.1 and it haslloyd2010-11-121-0/+12
| | | | the same reverse iterator bug. Use the workaround for gcc 4.0.*
* Update Skein-512 for the new 1.3 specification, just changes the keylloyd2010-11-031-3452/+1560
| | | | schedule constant to prevent rotational attacks.
* Longer CTR testlloyd2010-10-291-0/+50
|
* Compile fixlloyd2010-10-291-1/+1
|
* Simple standalone base64 encoderlloyd2010-10-281-0/+4
|
* In all cases where the block size of the cipher is fixed, the keylloyd2010-10-141-226/+68
| | | | | | | | | | | | | | | | parameters are as well. So make them template paramters. The sole exception was AES, because you could either initialize AES with a fixed key length, in which case it would only be that specific key length, or not, in which case it would support any valid AES key size. This is removed in this checkin; you have to specifically ask for AES-128, AES-192, or AES-256, depending on which one you want. This is probably actually a good thing, because every implementation other than the base one (SSSE3, AES-NI, OpenSSL) did not support "AES", only the versions with specific fixed key sizes. So forcing the user to ask for the one they want ensures they get the ones that are faster and/or safer.
* s/BLOCK_SIZE/block_size()/lloyd2010-10-131-1/+1
|
* Update for RNG changeslloyd2010-10-121-4/+4
|
* Use size_t in filterslloyd2010-10-122-6/+6
| | | | | This breaks API for anyone creating their own Filter types, but it had to happen eventually.
* Fix CRL reason codes and updating of CRLs. Add tests for both cases.lloyd2010-10-073-3/+1
|
* Forward port CRL fixes from rev 7bb2001cd554a1acc3d345914ea710ff0e1d3a6blloyd2010-10-071-0/+16
|
* Add a set of tests devised by Rivest which are designed to detect alloyd2010-09-231-0/+18
| | | | | range of single bit errors in DES (though really this method is more useful for a hardware implementation than table based software).
* Split up src/cert/x509 into a set of modules, though mostly mutuallylloyd2010-09-171-2/+4
| | | | dependent right now.
* Update all uses of MemoryRegion::append to use either push_back or operator+=lloyd2010-09-153-10/+10
|
* Remove more implicit vector to pointer conversionslloyd2010-09-141-3/+3
|
* Remove more uses of vector to pointer implicit conversionslloyd2010-09-135-24/+15
|
* Anywhere where we use MemoryRegion::begin to get access to the raw pointerlloyd2010-09-135-58/+58
| | | | | representation (rather than in an interator context), instead use &buf[0], which works for both MemoryRegion and std::vector
* Add a basic test for cryptoboxlloyd2010-09-071-0/+46
|
* Call test that was defined but not usedlloyd2010-09-071-4/+5
|
* My version of Sun Studio has the same reverse iterator bug as GCC 3lloyd2010-09-071-1/+1
|
* If the numeric_limits tests fail, make the output a little less dramaticlloyd2010-09-031-4/+4
|
* Wrap lineslloyd2010-09-031-7/+23
|
* Use the standalone version of the hex decoder instead of the wrapper thatlloyd2010-09-038-122/+102
| | | | previously existed in misc.cpp that emulated it via a pipe and filter.
* Add 3 more tests of Tiger, test vectors via Crypto++lloyd2010-08-231-0/+20
|
* For passhash9, add another interface that allows the caller to specifylloyd2010-08-221-4/+9
| | | | | | | | | | | which PRF they want to use. The old interface just calls this new version with alg_id set to 0 which is HMAC(SHA-1), which was previously the only supported PRF. Assign new codepoints for HMAC(SHA-256) and CMAC(Blowfish) to allow their use with passhash9. Have the generate+check tests run a test for each supported PRF.
* When creating a PBKDF2, first check if the argument name is a knownlloyd2010-08-211-0/+5
| | | | | | | | | | | | | MAC. If it is, use it as the PRF. Otherwise assume it is a hash function and use it with HMAC. Instead of instantiating the HMAC directly, go through the algorithm factory. Add a test using PBKDF2 with CMAC(Blowfish); Blowfish mainly because it supports arbitrarily large keys, and also the required 4 KiB of sbox tables actually would make it fairly useful in that it would make cracking using hardware or GPUs rather expensive. Have not confirmed this vector against any other implementation because I don't know of any other implementation of PBKDF2 that supports MACs other than HMAC.