aboutsummaryrefslogtreecommitdiffstats
path: root/doc
Commit message (Collapse)AuthorAgeFilesLines
* Reject s == 0 or r == 0 in a ECC signature.lloyd2011-05-191-11/+17
| | | | | | | | | | | | | | | In ECDSA, this cases should all be caught by the later check that R is not zero, so I don't believe there is any security danger. However the GOST 34.10 implementation did not have either check. Fortunately, the function that extracts the affine X coordinate from the Jacobian coordinates will throw an exception if the point is at infinity, so we would not in fact accept invalid signatures, but this is mostly by luck. And still represents a bit of a DoS potential. I checked the history, it looks like not checking for zeros at the start traces back to the original InSiTo code, and I copied the ECDSA code for GOST without thinking about it too much.
* Fix the very basic operations for encoding and decoding alloyd2011-05-171-1/+1
| | | | | | | | | certificate policies extension, though it's really not supported at all. Remove test code from secmem.h Fix building the examples
* Modify ECC points to do all math in Montgomery form, rather thanlloyd2011-05-171-4/+7
| | | | | | | | | | | | | converting back and forth. This gives a 10 to 20% speedup on a Core i7. In addition, the CurveGFp no longer contains a Barrett reducer, saving 3 BigInts worth of memory. Add a #if'ed out alternative to point multiplication using the Montgomery ladder technique. It runs in (more or less) constant time, but rather significantly slower than the 4 bit window technique currently used. Tweak the window sizes to match the theoretical optimums.
* Fix the problem that prevented the SSE2 IDEA implementation fromlloyd2011-05-121-0/+6
| | | | | | | | | | working correctly under Clang - the technique for emulating unsigned compare relied on signed overflow. The new method does not, and works under GCC, ICC, and Clang. Even better, the compare takes only 2 instructions instead of 4. Prevent using any of the asm implementations under Clang on x86-32. All of them crash under Clang 2.9, unclear why.
* Add base64_decode. Seems to work OK, though incremental decoding islloyd2011-05-121-0/+3
| | | | not well tested.
* Modify soname to match Unix conventions at suggestion of Debianlloyd2011-05-121-7/+20
| | | | | | | | | | maintainer. Namespace the headers in /usr/local/include/botan-1.9/botan, so multiple versions can be installed in parallel. Down version to 1.9.18 since there are a good number of changes in this release already.
* Add back BigInt::to_u32bitlloyd2011-05-101-2/+9
| | | | | | | Fix BigInt::get_substring when length is equal to 32 - an overflow would cause the mask to be equal to 0 thus producing nothing at all. Disable CVC by default, it's not ready for prime time in any sense.
* Make different targets for 32 and 64 bit Atom processors, since mostlloyd2011-05-092-0/+7
| | | | consumer/desktop level Atoms are actually 32 bit.
* Disable CMS by default, since it's pretty untested and likely unusablelloyd2011-05-061-0/+3
| | | | | | | | currently. Include the source directory name in object file names. Add some more DES test vectors.
* Search for the delimiter bytes in OAEP using a loop that doesn't havelloyd2011-05-051-0/+5
| | | | | | | conditionals to help avoid timing anylsis. Unfortunately GCC is too smart for us and compiles it to jumps anyway; probably would need to put the delim search into its own function and pass variables by volatile pointers to force the compiler to do what we want.
* Archive rebuild changed link :(lloyd2011-05-051-1/+1
|
* Basic ref on SSL clientslloyd2011-05-031-1/+29
|
* When building for GCC, always get the version number, and turn off TR1lloyd2011-05-031-0/+3
| | | | | | | | | | | and -fvisibility support if the version is too old. You can also turn them off explicitly with the (hidden) option --without-visibility. We get the version number from the binary specified with --cc-bin, if the user set that, rather than from plain 'g++'. Fix Solaris install - apparently 'install' cmd is broken/dumb. Fix Ekopath flags for submodels.
* Don't justify text, makes tables look terriblelloyd2011-05-021-0/+1
|
* Doc and theming updateslloyd2011-05-0210-49/+86
|
* A few more WinSock fixes for TLS exampleslloyd2011-04-293-9/+12
|
* Calling &str[str.size()] is only valid if str is const; otherwise thelloyd2011-04-294-31/+94
| | | | | | | | | | | | | | results are undefined. This happens to work under GCC and most other compilers, but does not under Visual C++ 2010. This broke hex_encode when encoding an empty input, and this subsequently broke SSL handshaking. 2010 includes a TR1 that works fine for SSL, but it puts the headers in the main header space rather than under tr1/, so account for that. Hack the socket header into working under WinSock Tick version to 1.10.0
* Fix download links.lloyd2011-04-292-29/+15
| | | | Prune the users list and update some dead links
* Tick to 1.9.17 release1.9.17lloyd2011-04-291-1/+3
|
* Default sun4u to sparc32-v9 rather than sparc64lloyd2011-04-291-0/+5
|
* Rename AES_XXX_Intel to AES_XXX_NI, since AMD's Bulldozer will alsolloyd2011-04-251-0/+4
| | | | support AES-NI.
* Use STLport with Sun Studio by default on Linux. It is probably thelloyd2011-04-251-0/+2
| | | | | | | | | right thing for most modern distros, and if someone is using Sun CC on Linux they probably know if they don't want that. Record successful Sun Studio 5.10 build, also note that Clang 2.9 also seems to miscompile SSE2 IDEA. The Clang 2.9 build on FreeBSD did not have this failure, wonder what happened there.
* Document KDF properly.lloyd2011-04-2210-234/+216
| | | | | | | | Split log by release series instead of year. Make dedicated landing page. If SPHINX_OPTS is set, it will be passed to sphinx-build
* Merge last bits from the tutorial.lloyd2011-04-2218-1666/+746
| | | | | | Many other cleanups and changes in the docs. Make the index page a functional standin for the current site so the entire website can be built using Sphinx.
* Rename all references of ia32 to x86-32 and amd64 to x86-64.lloyd2011-04-221-9/+17
| | | | | | Back the reported version from 1.10.0 to 1.9.17 for the time being. Still on the fence if this will be 1.10.0 or another release candidate instead.
* Intel C++ doesn't seem to have an option for setting the soname, so itlloyd2011-04-221-0/+1
| | | | | | | | | | | | will default to the full output file name. That actually worked as expected when the so was always written as libbotan-1.8.2, but doesn't anymore since soname does not match the written file. This probably won't work right on Windows, but I don't have access to Intel C++ on Windows. Note good Intel C++ 11.1 build in build log Note that CPython 2.7 works for configuring the build
* Enable unix_procs for FreeBSD. It was disabled in 2006 to worklloyd2011-04-213-268/+281
| | | | | | | | | | | | | | | | | | | | | | | | around a bug in FreeBSD 6.1, which is long EOL. If we can't figure out the CPU in configure.py, if running verbosely dump the entire list of CPUs we know about. Some doc cleanups. Rename the 'beos' target to 'haiku', since testing shows that botan can't compile under the old BeOS GCC 2.95 anyway. Remove the call to idle_time in the stats entropy source - it causes a crash on Haiku R1-alpha2 somewhere inside a system DLL. I didn't bother debugging it beyond looking at the backtrace. Add a 'bepc' alias for i386 as that is what Haiku reports its processor as. Fix the install dirs to match Haiku R1, though apparently they will change in R2 anyway when they add package management. Enable use of gmtime_r on Haiku.
* More doc updateslloyd2011-04-219-267/+396
|
* Some doc updates, include the DSA examples in pubkey, remove outdatedlloyd2011-04-2010-99/+62
| | | | | and probably useless threads section, also fix compilation of several examples.
* It's likely that other FPE methods will be desirable once they arelloyd2011-04-203-3/+68
| | | | | | | standardized by NIST; the FPE currently included is just a random one that was relatively easy to implement. Move the header to fpe_fe1.h, and rename the function. Update the example and add some documentation for it.
* Document changes to passhash9 and ECDSA keys that I forgot to includelloyd2011-04-192-12/+34
| | | | | | in the 1.9.16 change notes. Update the passhash9 ref to match reality.
* Fix the --without-sphinx and --without-doxygen flags.lloyd2011-04-191-0/+15
| | | | | | | If neither --with-sphinx nor --without-sphinx were used, then test for sphinx-build in the path and turn it on if we find it. Document the --distribution-info option.
* Add a --no-autoload examplelloyd2011-04-191-0/+9
| | | | | | Add missing dependency in the SIMD engine that would cause build failures when using --no-autoload and explicitly requesting a SIMD algorithm like aes_ssse3 using --enable-modules.
* My workaround for gcc pr 44174 caused cpuid support to be silentlylloyd2011-04-181-0/+3
| | | | | | | disabled under gcc. Hide asm labels in the x86-32 code; some did not begin with a .L so they were being exported.
* Rename --use-sphinx and --use-doxygen to --with-sphinx andlloyd2011-04-181-2/+2
| | | | | --with-doxygen, and add no-op --without versions for both. This makes it easier to script the build in Gentoo's ebuild.
* Format fixes in the log file. Some reference fanciness toolloyd2011-04-183-1271/+1284
|
* Integrate building docs using Sphinx and Doxygen into the makefilelloyd2011-04-182-61/+9
| | | | | | | | | | | | | proper. Enabled using --use-sphinx and --use-doxygen options, both of which default to false. If Sphinx isn't enabled, the ReST sources are copied directly (a case where having a very readable source format comes in handy...) The reference manual (either Sphinx processed into HTML, or the raw source) and the Doxygen output (if enabled) are copied into the doc directory upon install on Unix. Currently not done on Windows, the install target is fairly bogus there currently, and hasn't been tested in some time.
* Some more cleanups and reorgs. Drop old InSiTo arch doc; was not atlloyd2011-04-157-348/+367
| | | | all relevant to current state of botan.
* More line wrapping, paragraph reflowlloyd2011-04-153-17/+25
|
* Import the build results log. Wrap some really long lines.lloyd2011-04-154-23/+269
|
* Tick version numbers to 1.10.0lloyd2011-04-144-107/+78
| | | | | | | | | | | | | | More documentation updates. The clean target wasn't removing one of the symlinks. In the self-test application, warn if the version we are linked against does not match the version we were built against. This always indicates a problem. Someone who had an older version installed on their system got very confused when the test app was linked against it at runtime; this warning would have saved a couple hours of puzzling by me. This would also have helped avoid the nasty bug in 1.8.3
* Spelling fixeslloyd2011-04-123-8/+8
|
* Example updates1.9.16lloyd2011-04-113-21/+22
|
* Update docslloyd2011-04-117-37/+318
|
* Two more files from the planelloyd2011-04-112-0/+190
|
* More docslloyd2011-04-085-7/+13
|
* More doc updateslloyd2011-04-0812-276/+84
|
* ECC private keys had two different constructors, one taking a grouplloyd2011-04-0820-425/+160
| | | | | | | | | | | | | | | | and a random number generator, and the other taking a group and a preset private key value. The DL private keys instead have on constructor for this; if the x value is zero, then a new random key is created. For consistency, do this with ECC as well. ECDH actually didn't have one of these constructors, forcing you to either load from PKCS #8 or else use a random key. Rename EC_Domain_Params to EC_Group, with a typedef for compatability. More doc updates. Update mtn ignores for Sphinx output
* Drop the GTK example; it probably makes more sense to use threadslloyd2011-04-085-708/+0
| | | | | for things like this, and the User_Interface class is going to die as soon as I can manage it, anyway.
* More pubkey doc updateslloyd2011-04-0868-71/+6916
|
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-21 12:46:06 +0000