| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|\
| |
| |
| |
| |
| | |
c7f7c5092848b9c230d1757c74ed25ee9ea52262)
to branch 'net.randombit.botan' (head a1315b63e5c3a6101df388c70ad69dc039437fe8)
|
| | |
|
|\|
| |
| |
| |
| |
| | |
75371777750b63ef94693602202c5104f217a987)
to branch 'net.randombit.botan' (head 3f53f01c349eeee89288b1922fbde45b283c958c)
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
build (only libstate, utils, plus dependencies), which can be extended with
use of --enable-modules.
To add new modules to the set of always-loaded, use 'load_on always' in info.txt
Also fix a few small build problems that popped up when doing a minimal build.
Requested by a user.
|
|\|
| |
| |
| |
| |
| | |
c2624292793f396cf940403e0d12073a9b2c7b17)
to branch 'net.randombit.botan' (head 07a71effa1ba495b6ea57b2490ad38bf58a23bd0)
|
| | |
|
| | |
|
|/ |
|
| |
|
|
|
|
| |
what is there
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
verify mode is not set, by default the Miller-Rabin bases are chosen
from the small primes. Generally speaking these make good test bases.
However if the prime to be generated is very small, we will choose a base
which is out of range. If the i'th prime is too big to be a base, then
just choose a random integer of the appropriate size instead.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
had been denoted with @{var:NAME}, this has changed to %{NAME}. This is
pretty much a wash for configure.pl but it makes it much easier to process
the templates using Python's string.Template. The logic being the 'var:'
prefix had been to support conditional statements in the templates (using
an 'if:' prefix), but this functionality was not being used and support
for it is removed from configure.pl in this revision.
For a similiar reason, rename a number of template variables with hyphens
in their name to use underscores instead. This is slightly more consistent
anyway (since many variable names had already used _ instead of -) but more
importantly makes them much easier to deal with using aforementioned Python
template code.
This should not result in any user-visible change (unless I messed up).
|
| |
|
|
|
|
| |
bytes. Bug noted by Falko Strenzke, fix by M. Braun. (bug id 31)
|
|
|
|
|
|
| |
I don't know that having same_mem be sensitive to input would actually
allow any form of timing attack in the current codebase, but it seemed
like a prudent thing to do in any case.
|
|
|
|
|
|
|
|
|
|
|
| |
When a reseed is attempted, up to poll_bits attempts will be made, running
in order through the set of available sources. So for instance if poll_bits
is set to the default 256, then up to 256 polls will be performed (some of
which might not provide any entropy, of course) before stopping; of course
if the accumulators goal is achived before that point, then the polling stops.
This should greatly help to resolve the recent rash of PRNG unseeded problems
some people have been having.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
statement (at least as far as the calling code is concerned)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GostR3411_94_TestParamSet, this is compatible with the implementations in
Crypto++ and OpenSSL. This is not backwards compatible, though once the
implementation supports multiple param sets (which is required, unfortunately,
for compatability with various standards by CryptoCom, who have defined not
one but at least 4 (!!!) different sboxes to use with GOST), I may offer
Botan's previous sbox set as an option.
Since adding the GOST hash function (34.11) and signing algorithm (34.10)
are on the long term agenda (request by Rickard Bondesson, as the Russian
authorities want to use their local standards for their DNSSEC use), I
renamed the block cipher class (which had been just 'GOST') to GOST_28147_89
to minimize future name clashes.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
we call stat. Apparently on 32-bit Linux (or at least on Ubuntu
8.04/x86), struct stat has some padding bytes, which are not
written to by the syscall, but valgrind doesn't realize that this
is OK, and warns about uninitialized memory access when we read
the contents of the struct. Since this data is then fed into the
PRNG, the PRNG state and output becomes tainted, which makes
valgrind's output rather useless.
|
|
|
|
|
|
|
|
|
|
|
|
| |
to the regular BSD license Botan is distributed under. Seems silly to have
the one single file under a different (and more restrictive) license than
everything else.
As I am the only copyright holder I believe it is within my rights to do
this. The only other contributor to api.tex I can think of is Ken Perano
of Sandia Labs, who sent me several patches to api.tex that fixed minor
grammatical issues, but which (AFAIK (IANAL)) were too small/trivial
to be copyrightable.
|
|
|
|
|
|
|
|
|
|
| |
occur because PKCS #5 v2.0 doesn't support empty passphrases (though
maybe it should?). In this case pbe->set_key would throw an exception,
causing the stack to be unwound without the (dynamically created) PBE
object being deleted. Use auto_ptr to hold the PBE*, then .release()
it when passing it to the Pipe (since Pipe takes ownership of its Filters).
Noticed when looking at valgrind analysis of monotone's sync command.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
on Solaris 10 with GCC 3.4.3.
First, remove the definition of _XOPEN_SOURCE_EXTENDED=1 in mmap_mem.cpp
and unix_cmd.cpp, because apparently on Solaris defining this macro breaks
C++ compilation entirely with GCC:
http://bugs.opensolaris.org/bugdatabase/view_bug.do?bug_id=6395191
In es_egd.cpp and es_dev.cpp, include <fcntl.h> to get the declaration of
open(), which is apparently where open(2) lives on Solaris - this matches
the include the *BSD man pages for open(2) show, though AFAIK the BSDs
all compiled fine without it (probably due to greater efforts to be
source-compatible with Linux systems by *BSD developers).
I have not been able to test these changes personally on Solaris but
Rickard reports that with these changes everything compiles OK.
Update lib version to 1.8.0-pre. ZOMG. Finally.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
add a digest identifier. This was a feature requested on the mailing list.
Apparently this scheme is called CKM_RSA_PKCS in PKCS #11, and is supported
by a number of libraries, including QCA.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a discrepency between OpenSSL and Botan when generating SHA-512/EMSA3
signatures. In fact it turns out that the EMSA3 identifier for SHA-512
contained a typo and was incorrect.
Unfortunately this means that SHA-512/EMSA3 signatures generated by
Botan up until now will not be accepted by other implementations, and
the signatures by other implementations would not be accepted by Botan.
Currently I am not making any provision for backwards compatability with
the old incorrect hash identifier, since I am assuming/guessing that
SHA-512/EMSA3 is not a very common combination.
|
|
|
|
|
| |
just continue on instead of returning the length of the buffer recv'ed
from EGD.
|
| |
|