aboutsummaryrefslogtreecommitdiffstats
path: root/doc
Commit message (Collapse)AuthorAgeFilesLines
* Bump build to 1.11.16lloyd2015-03-121-0/+11
|
* Use /usr/bin/env to find python in the install script, Python doc updateslloyd2015-03-101-7/+10
| | | | Both from Uri B to mailing list.
* Update download linklloyd2015-03-081-2/+2
|
* Update for 1.11.15 release1.11.15lloyd2015-03-081-2/+1
|
* Add BOTAN_NOEXCEPT macro to work around missing noexcept in VS 2013.rcdailey2015-03-081-0/+3
| | | | Based on github pull req 23 by Robert Daily.
* Misc doc updatelloyd2015-03-065-260/+6
|
* In Algo_Registry if a maker func fails, try the next most preferred onelloyd2015-03-051-0/+3
| | | | | | | | instead of bailing out immediately. Rename the 'builtin' provider to 'base' since really they are all built in. Fix MARK-4 when OpenSSL was enabled - it did not respect the skip param.
* Hide Algorithm_Factory and use the functions in lookup.h internally.lloyd2015-03-041-0/+2
| | | | | | Fix two memory leaks (in TLS and modes) caused by calling get_foo and then cloning the result before saving it (leaking the original object), a holdover from the conversion between construction techniques in 1.11.14
* When comparing algorithm identifiers consider NULL and emptylloyd2015-03-041-0/+4
| | | | | parameters as equivalent. Based on a patch sent to the mailing list by Uri Blumenthal.
* Fix decrypt in FFI/Python. Github issue 53lloyd2015-03-012-0/+6
|
* Update for 1.11.14 release1.11.14lloyd2015-02-282-24/+58
|
* Doc updateslloyd2015-02-283-7/+47
|
* Split amalagamation into ISA specific objectslloyd2015-02-221-10/+11
|
* Update relnotes and todo, fix python signaturelloyd2015-02-193-38/+62
|
* Reduce the CTR_BE buffer down to just a few blocks.lloyd2015-02-171-0/+2
| | | | No performance impact afaict.
* Python: docs, key agreement, fix bcrypt trailing null byte.lloyd2015-02-162-1/+224
| | | | Initial very incomplete pass at error return value sanity.
* Add new module `ffi` which provides a plain C interface, plus a newlloyd2015-02-164-15/+114
| | | | | | | | | | | | ctypes Python wrapper that uses it. The API is intentionally designed to have a very simple ABI (extern "C", all structs are opaque, no memory ownership passing the FFI boundary, limited set of simple types as args) so the ctypes wrapper is quite simple. Currently ffi provides ciphers, hashes, MACs, RNGs, PBKDF, KDF, bcrypt, and most public key operations. Remove the old boost.python wrapper and all the build code for it.
* Mark modules pulling in external deps (zlib, boost, etc) as such, andlloyd2015-02-062-40/+27
| | | | | | notify the user when they are enabled. Drop botan-config, replaced by `botan config` command added in 1.11.8
* Enable OpenSSL for providing ciphers and hashes again.lloyd2015-02-051-6/+3
|
* Remove algo factory, engines, global RNG, global state, etc.lloyd2015-02-041-8/+4
| | | | | | | | | | | | | | | Convert all uses of Algorithm_Factory and the engines to using Algo_Registry The shared pool of entropy sources remains but is moved to EntropySource. With that and few remaining initializations (default OIDs and aliases) moved elsewhere, the global state is empty and init and shutdown are no-ops. Remove almost all of the headers and code for handling the global state, except LibraryInitializer which remains as a compatability stub. Update seeding for blinding so only one hacky almost-global RNG instance needs to be setup instead of across all pubkey uses (it uses either the system RNG or an AutoSeeded_RNG if the system RNG is not available).
* Add typedefs for function signatures/types used in TLS for easier readinglloyd2015-01-271-31/+37
|
* Handle repeated initializations of the library better and deal withlloyd2015-01-241-0/+8
| | | | initializations across multiple threads safely.
* Allow reducing the size of the allocated mlock pool via env variablelloyd2015-01-241-0/+9
| | | | | | (BOTAN_MLOCK_POOL_SIZE, specified in decimal KB). Currently we read this even when setuid as the worst a user could do is disable mlock, which they can already do via ulimits.
* Fix list formattinglloyd2015-01-241-20/+21
|
* Add Strict_Policy. Disable server initiated renegotiation by default.lloyd2015-01-231-5/+8
|
* Remove memset_s, not implemented on any machine I can test on andlloyd2015-01-231-2/+2
| | | | | | | | problematic for requiring a special define before the first include of string.h. Instead optionally call memset via a volatile function pointer as a faster alternative to byte at a time writes. Github 42, 45
* Update TLS OCB ciphersuites to match draft-zauner-tls-aes-ocb-00lloyd2015-01-213-0/+13
| | | | | and enable them in the default build, though still not enabled in the runtime policy.
* Update for 1.11.13 release1.11.13lloyd2015-01-112-3/+3
|
* Add SipHashlloyd2015-01-113-2/+4
|
* Remove SSLv3 and handling of SSLv2 client hellos.lloyd2015-01-113-27/+21
|
* Create a combined news page for the websitelloyd2015-01-102-2/+2
|
* Convert the asio server from a weird example server to a generic proxy server.lloyd2015-01-102-8/+7
|
* Move license text to a plain text file without ReST marketlloyd2015-01-103-56/+55
|
* Add MCEIES, an integrated encryption system using McEliece and AES-256/OCBlloyd2015-01-081-0/+3
|
* Joel also wrote Threaded_Forklloyd2015-01-081-0/+1
|
* Add a sketch of a support roadmaplloyd2015-01-081-0/+59
|
* Change TLS session encryption to use AES-256/GCM instead of CBC+HMAClloyd2015-01-082-9/+27
|
* Add SHA-512/256lloyd2015-01-081-0/+2
| | | | | Define some new functions for copying out arrays of words and use them across hashes.
* Add todo.rst derived from enhancement tickets in bugzillalloyd2015-01-071-0/+69
|
* Netsieben.com appears to be gone but there is a fork on githublloyd2015-01-061-1/+1
|
* Fix install script under Python3lloyd2015-01-061-2/+5
|
* Fix doc bugslloyd2015-01-052-2/+2
|
* Update relnoteslloyd2015-01-041-0/+8
|
* Add DTLS-SRTP key establishment from RFC 5764 (required for WebRTC).lloyd2015-01-041-4/+5
| | | | | | | | | | | | | | Github issue 27. Refactor server hello handling to make it easier to handle other extensions. The manual specified that 224 bit NIST primes were disabled by default for TLS but they were not. Additionaly disable the 256k1 curve and reorder the remaining curves by size. Rewrite the max fragment length extension code to roughly what an ideal compiler would have turned the original code into, using a switch instead of a lookup into a small constant std::map.
* Tick version to 1.11.13lloyd2015-01-033-1/+6
|
* Update for 1.11.12 release1.11.12lloyd2015-01-024-6/+10
|
* Point to github on index pagelloyd2015-01-021-3/+6
|
* Add ChaCha20Poly1305 TLS ciphersuites compatible with Google's implementationlloyd2014-12-312-9/+13
|
* More info on AEAD decryption handlinglloyd2014-12-311-0/+10
|
* Add AEAD based on ChaCha20 and Poly1305 defined in ↵lloyd2014-12-291-2/+3
| | | | draft-irtf-cfrg-chacha20-poly1305-03