aboutsummaryrefslogtreecommitdiffstats
path: root/doc
Commit message (Collapse)AuthorAgeFilesLines
* Tick 1.9.6-devlloyd2010-03-301-0/+2
|
* Update for 1.9.5 release 2009-03-291.9.5lloyd2010-03-291-1/+1
|
* Show as creating an engine insteadlloyd2010-03-241-27/+31
|
* Fix factor wrt rename of primality test functionslloyd2010-03-231-1/+1
|
* Document GOST fixlloyd2010-03-131-0/+1
|
* Document allocator changelloyd2010-03-131-0/+1
|
* Clarifylloyd2010-03-131-2/+2
|
* Document changes since 1.9.4lloyd2010-03-131-0/+5
|
* I had listed Olivier de Gaalon in the license, for the SQLite codec,lloyd2010-03-122-1/+5
| | | | | | | but not in credits. Conversely, I had listed Vaclav Ovsik in the credits for the Perl-XS wrapper, but not in the license.
* Tick version to 1.9.5-devlloyd2010-03-101-0/+2
|
* Update version to 1.9.4 release1.9.4lloyd2010-03-091-1/+1
|
* Deconstify PK_Ops. It's quite reasonable that some op will want tolloyd2010-03-091-0/+1
| | | | | | | | | | | | | precompute only as needed, or will want to access some other expensive resource or etc. Change how the secret for generating blinding is done in cases where a PRNG isn't available. Use the operations public op to hide the secret, for instance the seed for a DH blinding variable is 2^x mod p. Make use of being able to mutate internal structures in the RW signer, since that does have access to a PRNG, so use it to initialize the blinder on first call to sign().
* Rename PK_Encryptor_MR_with_EME and PK_Decryptor_MR_with_EME tolloyd2010-03-082-2/+2
| | | | | PK_Encryptor_EME and PK_Decryptor_EME; the message recovery is somewhat implicit in the recovery of the plaintext.
* Modify pubkey classes to take names instead of object pointers.lloyd2010-03-088-30/+26
| | | | | Remove use of look_pk from the source and examples, instead instantiate classes directly.
* Update DH example for PK changeslloyd2010-03-081-14/+29
|
* Clarify that Ajisai is only SSLv3 + TLS 1.0 currentlylloyd2010-03-051-1/+1
|
* Nix PK_Signing_Key use from tutoriallloyd2010-03-041-3/+1
|
* This checkin represents a pretty major change in how PK operations arelloyd2010-03-041-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | performed. Up until now, each key object (eg DSA_PublicKey or ECDH_PrivateKey) had two jobs: contain the key material, and know how to perform any operations on that key. However because of a desire to support alternative implementations (GNU MP, hardware, whatever), there was a notion of operations, with the key objects containing an op that they got via engine rather than actually implementing the underlying algorithms directly. Now, represent the operation as an abstract interface (typically mapping a byte string to a byte string), and pass a plain Public_Key& or Private_Key& to the engine. The engine does any checks it wants (eg based on name, typeid, key sizes, etc), and either returns nothing (I'll pass) or a pointer to a new operation that represents signatures or encryption or what-have-you using that key. This means that plain key objects no longer contain operations. This is a major break with the traditional interface. On the other hand, using these 'bare' operations without padding, KDFs, etc is 99% of the time a bad idea anyway (and if you really need them, there are options so you get the bare op but via the pubkey.h interfaces). Currently this change is only implemented for DH and ECDH (ie, key agreement algorithms). Additionally the optional engines (gnump and openssl) have not been updated. I'll probably wait to touch those until after I can change them all in one go for all algos.
* Document fix for VC static buildslloyd2010-03-031-0/+1
|
* Fix minor errors and warnings in the examples. Remove boost dependency fromlloyd2010-03-0315-120/+78
| | | | rng_test example.
* Add XSalsa20lloyd2010-03-031-0/+1
|
* Drop the old 1.8 configure.pl entirelylloyd2010-03-021-2340/+0
|
* Corrupt signature instead of key in RSA examplelloyd2010-03-021-1/+4
|
* Make output more understandablelloyd2010-03-021-2/+4
|
* Rename ECKAEG to ECDH. As far as I can tell they are the same algorithm,lloyd2010-03-022-1/+2
| | | | | I'm not sure where the old name came from though as literally the only hits for it on Google are botan-related.
* Add a simple cert validation examplelloyd2010-03-011-0/+35
|
* Document adding SSL/TLSlloyd2010-02-241-0/+1
|
* propagate from branch 'net.randombit.botan' (head ↵lloyd2010-02-242-0/+132
|\ | | | | | | | | | | 35d3e3deb02b47f98e4937f8eab77f019a0f4b97) to branch 'net.randombit.botan.ssl' (head f923e7583e760a9a224cc5b1fc40015776d85eb9)
| * propagate from branch 'net.randombit.botan' (head ↵lloyd2010-02-232-0/+132
| |\ | | | | | | | | | | | | | | | 89451dd9349d61bc29507c9c441c090148192286) to branch 'net.randombit.botan.ssl' (head a341d74655f579482102c23e2c378897b738bd06)
| | * TLS_Server example - more printfs, configurable portlloyd2010-02-171-3/+13
| | |
| | * Various minor SSL fixeslloyd2010-02-142-10/+6
| | |
| | * propagate from branch 'net.randombit.botan' (head ↵lloyd2010-02-149-114/+172
| | |\ | | | | | | | | | | | | | | | | | | | | dd33b7150f3f49d795e4eb962d8d41d1ada58d8d) to branch 'net.randombit.botan.ssl' (head 1452205423962b664263fd2a35149122dfc94d37)
| | * | Import latest version of Ajisai into src/ssl; once this hits mainlinelloyd2010-01-112-0/+126
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I'll officially kill off Ajisai (instead of it just lingering as a zombine as it is currently). Apparently I broke something (or multiple things) during the import process; servers crash and clients gets MAC errors on connect.
* | | | Document adding GOST 34.10-2001lloyd2010-02-241-0/+1
| | | |
* | | | Document removal of TR1 dependencylloyd2010-02-241-1/+1
|/ / /
* | / Document removing TR1 dependency for ECClloyd2010-02-231-0/+1
| |/ |/|
* | Further passhash changes before release and things have to belloyd2010-02-053-5/+83
| | | | | | | | | | | | | | | | | | | | | | | | | | | | finalized. Move header to passhash9.h and rename the functions to be passhash9 specific ({generator,check}_passhash9) Add an algorithm identifer field. Currently only id 0 is defined, for HMAC(SHA-1), but this opens up for using HMAC(SHA-512) or HMAC(SHA-3) or CMAC(Blowfish) or whatever in the future if necessary. Increase the salt size to 96 bits and the PRF output size to 192 bits. Document in api.tex
* | MD4's M buffer was set to be 48 words instead of 16. This had beenlloyd2010-02-031-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | extant for a long long time and was never caught because until recently the code did not depend on M.size(). However with the recent loadstore changes that use memcpy to load the entire array in one shot, an extra 128 bytes of memory would be read (but not used) in each iteration. This probably did not cause any problems except for Valgrind warnings, though in some situations it would be possible for the M buffer and MDx_HashFunctions buffer to be close enough that memcpy would be called with overlapping regions, which could cause arbitrarily weird failures since memcpy is allowed to assume they do not overlap.
* | Prefix passhash with "$9$" in a manner similar with otherlloyd2010-02-021-3/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | password hashing schemes. Increase salt size to 80 bits. Research shows that virtually no other PBKDF2 implementations support anything but SHA-1; for ease of implementation elsehwere switch back from SHA-512 to SHA-1. Should be mostly harmless; it limits total entropy of the password to a maximum of 160 bits, but this is unlikely anyway. Use two bytes to specify the work factor for future-proofing. Add a test.
* | Password hashing is a pretty useful service, really. Move the guts oflloyd2010-02-012-58/+8
| | | | | | | | | | | | | | | | the passhash example to the library. Support variable work factors; default work factor of 10 takes about half a second to do one password on my Core2. Switch to using SHA-512 instead of SHA-1 in PBKDF2. To keep the output evenly sized for base64 purposes, reduce PBKDF2 output size by one byte (to 112 bits).
* | Document S2K changelloyd2010-02-011-0/+1
| |
* | Modify the S2K interface. Instead of being stateful in terms of the saltlloyd2010-02-016-72/+99
| | | | | | | | | | | | | | | | | | | | | | and iteration count, force it to be passed to each call to derive_key. So remove current_salt, set_iterations, new_random_salt, and change_salt functions from S2K interface. Update examples and test application to match. While I was in there, change the passhash example to use 64 bit salts and 128 bit PBKDF2 outputs.
* | Prevent a crash in GMP_Engine if the library is shutdown and thenlloyd2010-01-221-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | reinitialized. It would cache an Allocator pointer on first use, and then never zero it, so after the reinit the pointer would be going to a now deallocated Allocator object. Encountered in the SoftHSM test suite, reported by Ondrej Sury. Use a simple reference counting scheme to zero the pointer, and reset the GNU MP memory functions. This also fixes a quite obscure and never reported bug, that if the GMP engine was used, and if the library was deinitialized but then the program tried to use GNU MP, the allocator functions would crash. Now after deinit the allocator funcs revert to the defaults. The reference count is not updated atomically so this is not thread safe, but seems a non-issue; the only time this could happen (especially now that the GMP engine header is internal-only) is if multiple threads were attempting to initialize / shutdown the library at once - which won't work anyway for a variety of reasons, including contention on the (unlocked) global_lib_state pointer. If at some point thread safety is useful here, the refcnt can be locked by a mutex, or kept in an atomic<unsigned int>.
* | Add SQLite3 encryption codec, contributed by Olivier de Gaalon. Useslloyd2010-01-222-0/+2
| | | | | | | | Twofish in XTS mode for encryption by default, but is easily tweakable.
* | Fix cpuid examplelloyd2010-01-191-1/+0
| |
* | Add SIMD version of Noekeon. On a Core2, about 2.7x faster using SIMD_SSE2lloyd2010-01-122-1/+2
|/ | | | and 1.6x faster using SIMD_Scalar.
* Add block cipher cascadelloyd2010-01-111-0/+1
|
* Clean up exceptions. Remove some unused ones like Config_Error. Makelloyd2010-01-051-2/+2
| | | | | | | Invalid_Argument just a typedef for std::invalid_argument. Make Botan::Exception a typedef for std::runtime_error. Make Memory_Exhaustion a public exception, and use it in other places where memory allocations can fail.
* The first bits of a general toolbox program. Currently does hex and base64lloyd2009-12-311-0/+235
| | | | encoding/decoding, bzip2 and zlib compression/decompression, and hashing.
* Drop test_es.cpp, EntropySources no longer directly available outside librarylloyd2009-12-311-121/+0
|