Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Bump build to 1.11.16 | lloyd | 2015-03-12 | 1 | -0/+11 |
| | |||||
* | Use /usr/bin/env to find python in the install script, Python doc updates | lloyd | 2015-03-10 | 1 | -7/+10 |
| | | | | Both from Uri B to mailing list. | ||||
* | Update download link | lloyd | 2015-03-08 | 1 | -2/+2 |
| | |||||
* | Update for 1.11.15 release1.11.15 | lloyd | 2015-03-08 | 1 | -2/+1 |
| | |||||
* | Add BOTAN_NOEXCEPT macro to work around missing noexcept in VS 2013. | rcdailey | 2015-03-08 | 1 | -0/+3 |
| | | | | Based on github pull req 23 by Robert Daily. | ||||
* | Misc doc update | lloyd | 2015-03-06 | 5 | -260/+6 |
| | |||||
* | In Algo_Registry if a maker func fails, try the next most preferred one | lloyd | 2015-03-05 | 1 | -0/+3 |
| | | | | | | | | instead of bailing out immediately. Rename the 'builtin' provider to 'base' since really they are all built in. Fix MARK-4 when OpenSSL was enabled - it did not respect the skip param. | ||||
* | Hide Algorithm_Factory and use the functions in lookup.h internally. | lloyd | 2015-03-04 | 1 | -0/+2 |
| | | | | | | Fix two memory leaks (in TLS and modes) caused by calling get_foo and then cloning the result before saving it (leaking the original object), a holdover from the conversion between construction techniques in 1.11.14 | ||||
* | When comparing algorithm identifiers consider NULL and empty | lloyd | 2015-03-04 | 1 | -0/+4 |
| | | | | | parameters as equivalent. Based on a patch sent to the mailing list by Uri Blumenthal. | ||||
* | Fix decrypt in FFI/Python. Github issue 53 | lloyd | 2015-03-01 | 2 | -0/+6 |
| | |||||
* | Update for 1.11.14 release1.11.14 | lloyd | 2015-02-28 | 2 | -24/+58 |
| | |||||
* | Doc updates | lloyd | 2015-02-28 | 3 | -7/+47 |
| | |||||
* | Split amalagamation into ISA specific objects | lloyd | 2015-02-22 | 1 | -10/+11 |
| | |||||
* | Update relnotes and todo, fix python signature | lloyd | 2015-02-19 | 3 | -38/+62 |
| | |||||
* | Reduce the CTR_BE buffer down to just a few blocks. | lloyd | 2015-02-17 | 1 | -0/+2 |
| | | | | No performance impact afaict. | ||||
* | Python: docs, key agreement, fix bcrypt trailing null byte. | lloyd | 2015-02-16 | 2 | -1/+224 |
| | | | | Initial very incomplete pass at error return value sanity. | ||||
* | Add new module `ffi` which provides a plain C interface, plus a new | lloyd | 2015-02-16 | 4 | -15/+114 |
| | | | | | | | | | | | | ctypes Python wrapper that uses it. The API is intentionally designed to have a very simple ABI (extern "C", all structs are opaque, no memory ownership passing the FFI boundary, limited set of simple types as args) so the ctypes wrapper is quite simple. Currently ffi provides ciphers, hashes, MACs, RNGs, PBKDF, KDF, bcrypt, and most public key operations. Remove the old boost.python wrapper and all the build code for it. | ||||
* | Mark modules pulling in external deps (zlib, boost, etc) as such, and | lloyd | 2015-02-06 | 2 | -40/+27 |
| | | | | | | notify the user when they are enabled. Drop botan-config, replaced by `botan config` command added in 1.11.8 | ||||
* | Enable OpenSSL for providing ciphers and hashes again. | lloyd | 2015-02-05 | 1 | -6/+3 |
| | |||||
* | Remove algo factory, engines, global RNG, global state, etc. | lloyd | 2015-02-04 | 1 | -8/+4 |
| | | | | | | | | | | | | | | | Convert all uses of Algorithm_Factory and the engines to using Algo_Registry The shared pool of entropy sources remains but is moved to EntropySource. With that and few remaining initializations (default OIDs and aliases) moved elsewhere, the global state is empty and init and shutdown are no-ops. Remove almost all of the headers and code for handling the global state, except LibraryInitializer which remains as a compatability stub. Update seeding for blinding so only one hacky almost-global RNG instance needs to be setup instead of across all pubkey uses (it uses either the system RNG or an AutoSeeded_RNG if the system RNG is not available). | ||||
* | Add typedefs for function signatures/types used in TLS for easier reading | lloyd | 2015-01-27 | 1 | -31/+37 |
| | |||||
* | Handle repeated initializations of the library better and deal with | lloyd | 2015-01-24 | 1 | -0/+8 |
| | | | | initializations across multiple threads safely. | ||||
* | Allow reducing the size of the allocated mlock pool via env variable | lloyd | 2015-01-24 | 1 | -0/+9 |
| | | | | | | (BOTAN_MLOCK_POOL_SIZE, specified in decimal KB). Currently we read this even when setuid as the worst a user could do is disable mlock, which they can already do via ulimits. | ||||
* | Fix list formatting | lloyd | 2015-01-24 | 1 | -20/+21 |
| | |||||
* | Add Strict_Policy. Disable server initiated renegotiation by default. | lloyd | 2015-01-23 | 1 | -5/+8 |
| | |||||
* | Remove memset_s, not implemented on any machine I can test on and | lloyd | 2015-01-23 | 1 | -2/+2 |
| | | | | | | | | problematic for requiring a special define before the first include of string.h. Instead optionally call memset via a volatile function pointer as a faster alternative to byte at a time writes. Github 42, 45 | ||||
* | Update TLS OCB ciphersuites to match draft-zauner-tls-aes-ocb-00 | lloyd | 2015-01-21 | 3 | -0/+13 |
| | | | | | and enable them in the default build, though still not enabled in the runtime policy. | ||||
* | Update for 1.11.13 release1.11.13 | lloyd | 2015-01-11 | 2 | -3/+3 |
| | |||||
* | Add SipHash | lloyd | 2015-01-11 | 3 | -2/+4 |
| | |||||
* | Remove SSLv3 and handling of SSLv2 client hellos. | lloyd | 2015-01-11 | 3 | -27/+21 |
| | |||||
* | Create a combined news page for the website | lloyd | 2015-01-10 | 2 | -2/+2 |
| | |||||
* | Convert the asio server from a weird example server to a generic proxy server. | lloyd | 2015-01-10 | 2 | -8/+7 |
| | |||||
* | Move license text to a plain text file without ReST market | lloyd | 2015-01-10 | 3 | -56/+55 |
| | |||||
* | Add MCEIES, an integrated encryption system using McEliece and AES-256/OCB | lloyd | 2015-01-08 | 1 | -0/+3 |
| | |||||
* | Joel also wrote Threaded_Fork | lloyd | 2015-01-08 | 1 | -0/+1 |
| | |||||
* | Add a sketch of a support roadmap | lloyd | 2015-01-08 | 1 | -0/+59 |
| | |||||
* | Change TLS session encryption to use AES-256/GCM instead of CBC+HMAC | lloyd | 2015-01-08 | 2 | -9/+27 |
| | |||||
* | Add SHA-512/256 | lloyd | 2015-01-08 | 1 | -0/+2 |
| | | | | | Define some new functions for copying out arrays of words and use them across hashes. | ||||
* | Add todo.rst derived from enhancement tickets in bugzilla | lloyd | 2015-01-07 | 1 | -0/+69 |
| | |||||
* | Netsieben.com appears to be gone but there is a fork on github | lloyd | 2015-01-06 | 1 | -1/+1 |
| | |||||
* | Fix install script under Python3 | lloyd | 2015-01-06 | 1 | -2/+5 |
| | |||||
* | Fix doc bugs | lloyd | 2015-01-05 | 2 | -2/+2 |
| | |||||
* | Update relnotes | lloyd | 2015-01-04 | 1 | -0/+8 |
| | |||||
* | Add DTLS-SRTP key establishment from RFC 5764 (required for WebRTC). | lloyd | 2015-01-04 | 1 | -4/+5 |
| | | | | | | | | | | | | | | Github issue 27. Refactor server hello handling to make it easier to handle other extensions. The manual specified that 224 bit NIST primes were disabled by default for TLS but they were not. Additionaly disable the 256k1 curve and reorder the remaining curves by size. Rewrite the max fragment length extension code to roughly what an ideal compiler would have turned the original code into, using a switch instead of a lookup into a small constant std::map. | ||||
* | Tick version to 1.11.13 | lloyd | 2015-01-03 | 3 | -1/+6 |
| | |||||
* | Update for 1.11.12 release1.11.12 | lloyd | 2015-01-02 | 4 | -6/+10 |
| | |||||
* | Point to github on index page | lloyd | 2015-01-02 | 1 | -3/+6 |
| | |||||
* | Add ChaCha20Poly1305 TLS ciphersuites compatible with Google's implementation | lloyd | 2014-12-31 | 2 | -9/+13 |
| | |||||
* | More info on AEAD decryption handling | lloyd | 2014-12-31 | 1 | -0/+10 |
| | |||||
* | Add AEAD based on ChaCha20 and Poly1305 defined in ↵ | lloyd | 2014-12-29 | 1 | -2/+3 |
| | | | | draft-irtf-cfrg-chacha20-poly1305-03 |