| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a makefile to build it with Sphinx (http://sphinx.pocoo.org/).
Previously credits.txt listed public domain code sources; instead
directly credit the authors in the relevant files and delete that
file.
Drop the draft FIPS 140 security policy; I can't imagine FIPS 140
validation will ever happen, and if it does, I don't want
anything to do with it.
Also drop the internals doc, which was so out of date (and
incomplete) as to be worthless.
Move the tutorials and InSiTo pdfs into old/ for the time being,
until anything relevant from them can be filtered out and
converted into RST.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
finalized.
Move header to passhash9.h and rename the functions to be passhash9
specific ({generator,check}_passhash9)
Add an algorithm identifer field. Currently only id 0 is defined, for
HMAC(SHA-1), but this opens up for using HMAC(SHA-512) or HMAC(SHA-3)
or CMAC(Blowfish) or whatever in the future if necessary. Increase the
salt size to 96 bits and the PRF output size to 192 bits.
Document in api.tex
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
password hashing schemes.
Increase salt size to 80 bits.
Research shows that virtually no other PBKDF2 implementations support
anything but SHA-1; for ease of implementation elsehwere switch back
from SHA-512 to SHA-1. Should be mostly harmless; it limits total
entropy of the password to a maximum of 160 bits, but this is unlikely
anyway.
Use two bytes to specify the work factor for future-proofing.
Add a test.
|
| |
|
|
|
|
|
|
| |
the passhash example to the library. Support variable work factors;
default work factor of 10 takes about half a second to do one password
on my Core2. Switch to using SHA-512 instead of SHA-1 in PBKDF2. To keep
the output evenly sized for base64 purposes, reduce PBKDF2 output size by
one byte (to 112 bits).
|
| |
|
|
|
|
|
|
|
|
|
| |
and iteration count, force it to be passed to each call to derive_key.
So remove current_salt, set_iterations, new_random_salt, and change_salt
functions from S2K interface.
Update examples and test application to match.
While I was in there, change the passhash example to use 64 bit salts
and 128 bit PBKDF2 outputs.
|
| |
|
|
|
|
|
|
| |
including the examples and self-test code.
Most of these files had not copyright/license information at all; since a major
point of the examples is to allow users to copy and paste code that already
does something they want, an ambigious license is not good.
|
| |
|
|
| |
Patch from David X Callaway.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a new class AutoSeeded_RNG that is a RandomNumberGenerator that wraps
up the logic formerly in RandomNumberGenerator::make_rng. make_rng in
fact now just returns a new AutoSeeded_RNG object.
AutoSeeded_RNG is a bit more convenient because
- No need to use auto_ptr
- No need to dereference (same syntax everywhere - it's an underestimated
advantage imo)
Also move the code from timer/timer_base to timer/
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
bother creating it, just let it be initialized lazily when needed.
Reindents in encypt.cpp and hash_fd.cpp (indenting the brace after a try
statement).
|
|
|
a 48-bit seed, and a 96-bit hash. The example can both create new hashes
and confirm existing ones.
|
