aboutsummaryrefslogtreecommitdiffstats
path: root/doc
Commit message (Collapse)AuthorAgeFilesLines
* Update roadmap, add support and versioning infoJack Lloyd2017-01-033-63/+66
| | | | [ci skip]
* Merge GH #793 Add iOS targetJack Lloyd2017-01-032-27/+33
|\
| * Update docs on building for iosSimon Warta2017-01-031-8/+8
| |
| * Update os.rstSimon Warta2017-01-031-19/+25
| |
* | Minor tweaks to side channel textJack Lloyd2017-01-031-14/+18
|/ | | | [ci skip]
* Tweak AES text a bitJack Lloyd2017-01-021-20/+26
| | | | | | Finish a sentence in GCM [ci skip]
* Remove unhelpful firststep.rstJack Lloyd2017-01-022-39/+0
| | | | | | A general intro/outline doc would be useful, but this isn't it. [ci skip]
* Update RNG doc [ci skip]Jack Lloyd2017-01-021-20/+14
|
* Merge GH #788 Add project goals statementJack Lloyd2017-01-022-0/+130
|\
| * Add a statement of project goals (and non-goals)Jack Lloyd2016-12-302-0/+130
| | | | | | | | [ci skip]
* | Merge GH #787 Add side channel docJack Lloyd2017-01-022-4/+396
|\ \
| * | Address review comments on side channel docJack Lloyd2017-01-022-38/+79
| | | | | | | | | | | | [ci skip]
| * | Add a doc on side channel countermeasures and known issuesJack Lloyd2016-12-281-0/+351
| | | | | | | | | | | | [ci skip]
* | | Small documentation updatesJack Lloyd2016-12-302-3/+14
| | | | | | | | | | | | [ci skip]
* | | Update todo [ci skip]Jack Lloyd2016-12-301-0/+2
| | |
* | | Update ABI doc to reflect new versioning schemeJack Lloyd2016-12-301-13/+10
| |/ |/| | | | | | | | | Also link to ABI report [ci skip]
* | Add note about CECPQ1 in TLS manualJack Lloyd2016-12-281-0/+16
| | | | | | | | [ci skip]
* | Misc doc tweaksJack Lloyd2016-12-284-11/+11
|/ | | | [ci skip]
* Address some review comments by @cordney in TPM docJack Lloyd2016-12-281-4/+4
| | | | [ci skip]
* Detail supported platforms/compilers for Botan 2Jack Lloyd2016-12-263-15/+45
| | | | | | Prior related discussion tickets GH #111 #703 [ci skip]
* Add basic docs for TPM APIJack Lloyd2016-12-242-1/+115
|
* Update OCSP manual, and inline to main X.509 docJack Lloyd2016-12-173-48/+116
| | | | [ci skip]
* Update the X.509 manual and add more informationRené Korthaus2016-12-171-58/+243
|
* Update todo [ci skip]Jack Lloyd2016-12-081-2/+1
|
* Update pubkey docsDaniel Neus2016-12-082-41/+71
|
* resolved invalid links to build with sphinx 1.5Never2016-12-072-2/+2
|
* Merge GH #756 Remove ECB Cipher_Mode classJack Lloyd2016-12-051-2/+0
|\
| * Remove ECB modeJack Lloyd2016-12-041-2/+0
| | | | | | | | | | | | | | Not a good thing to offer at this level. If you know what you are doing for the strange special case where it is necessary, the raw BlockCipher interface is available and probably more convenient.
* | Merge GH #745 Make --via-amalgamation an error. Improve quoting in Travis ↵Jack Lloyd2016-12-041-4/+7
|\ \ | |/ |/| | | build script
| * Adapt docs to --amalgamation changeSimon Warta2016-12-021-4/+7
| |
* | Update tls_verify_cert_chain docs to reflect OCSP stapling changesJack Lloyd2016-12-041-5/+19
|/ | | | | | GH #755 [ci skip]
* Update roadmap with plans for 2017 [ci skip]Jack Lloyd2016-11-281-0/+66
|
* Add note on rfc6979 signatures to manual [ci skip]René Korthaus2016-11-282-2/+14
|
* Note range of versions affected by CVE-2016-9132Jack Lloyd2016-11-281-0/+2
| | | | [ci skip]
* Update newsJack Lloyd2016-11-281-1/+1
|
* Fix BER decoder integer overflowJack Lloyd2016-11-281-1/+10
|\
| * Check for overflow in BER decoder EOC scanningJack Lloyd2016-11-271-1/+10
| |
* | Document TLS::Policy::require_cert_revocation_infoJack Lloyd2016-11-281-0/+20
|/
* Merge GH #739 Update docs and BSI policyJack Lloyd2016-11-261-1/+8
|\
| * Updates docs & module policyMatthias Gierlings2016-11-261-1/+8
| | | | | | | | | | | | - Added GMAC to list of supported MAC algorithms in readme.rst - Updated module policy to prevent CI crash - Added myself to credits.rst
* | Probably easy todo [ci skip]Jack Lloyd2016-11-261-0/+1
| |
* | Shuffle sections of contributing.rst [ci skip]Jack Lloyd2016-11-261-88/+78
|/
* Address review comments from @cordneyJack Lloyd2016-11-251-2/+2
| | | | | | | | | | | | Primarily doc updates but also expose some more logic in PKIX namespace, overall_status and merge_revocation_status. This allows calling more or less all of the logic used by the monolitic x509_path_validate in any way needed by an application. Add Certificate_Store_In_Memory::add_crl variant taking shared_ptr Add optional Certificate_Store_In_Memory* pointer to check_crl_online, valid CRLs are saved there.
* Move TLS cert verification callback from Credentials_Manager to TLS::CallbacksJack Lloyd2016-11-232-27/+37
| | | | | | It is the only function in C_M which is called on to process session-specific (and adversarially provided) inputs, rather than passively returning some credential which is typically not session specific.
* Merge GH #731 Add CLI docsJack Lloyd2016-11-193-12/+165
|\ | | | | | | [ci skip]
| * Minor changes and fixesJuraj Somorovsky2016-11-191-19/+23
| |
| * added CLI sectionNever2016-11-173-12/+161
| |
* | Order default TLS ECC curve preferences by performanceJack Lloyd2016-11-191-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | Moves x25519 to the front for best by-default side channel resistance, and orders remaining NIST/BP curves by performance rather than size. That means putting P-521 before P-384, since P-521 is much faster at least in Botan (due to much simpler modular reduction for P-521 prime), and Brainpools to the end due to being quite slow (no fast reductions). All of the supported curves seem strong enough, and if someone can break P-256 they can probably break P-384 as well so there doesn't seem much advantage in preferring slower curves by default.
* | Add CECPQ1 TLS ciphersuitesJack Lloyd2016-11-171-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | Tested against BoringSSL (as client + server) and google.com (as client). Fix a stupid crashing bug in NewHope's BoringSSL mode. Remove unneeded error return from curve25519_donna - always returned 0. Default policy prefers ChaChaPoly1305 over GCM and CECPQ1 over ECDH/DH, which means the default no-extra-configuration ciphersuite (for Botan client speaking to Botan server) is a ciphersuite which is both implemented in constant time on all platforms and (hopefully) provides post quantum security. Good Things.
* | Merge GH #721 Documentation reorg and expansionJack Lloyd2016-11-166-272/+943
|\|
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-20 09:28:09 +0000