aboutsummaryrefslogtreecommitdiffstats
path: root/doc
Commit message (Collapse)AuthorAgeFilesLines
* GOST was using a completely non-standard set of sboxes. Change it to uselloyd2009-03-271-0/+1
| | | | | | | | | | | | | | | GostR3411_94_TestParamSet, this is compatible with the implementations in Crypto++ and OpenSSL. This is not backwards compatible, though once the implementation supports multiple param sets (which is required, unfortunately, for compatability with various standards by CryptoCom, who have defined not one but at least 4 (!!!) different sboxes to use with GOST), I may offer Botan's previous sbox set as an option. Since adding the GOST hash function (34.11) and signing algorithm (34.10) are on the long term agenda (request by Rickard Bondesson, as the Russian authorities want to use their local standards for their DNSSEC use), I renamed the block cipher class (which had been just 'GOST') to GOST_28147_89 to minimize future name clashes.
* Add LibraryInitializers to the examples, instead of relying on lazy init.lloyd2009-03-1739-10/+67
| | | | Patch from David X Callaway.
* Expand some acronyms and various grammatical fixes to the tutorial document,lloyd2009-03-061-23/+24
| | | | submitted by Charles Brockman in bug 41
* merge of '4d21273f3094d6b2c2bc149c76383d54ce0a0006'lloyd2009-02-112-56/+62
|\ | | | | | | and 'b4c266ae827b5a19f0cc07dc9b55a95fd4915a1e'
| * Apply a set of patches by Charles Brockman <[email protected]> fixinglloyd2009-02-112-56/+62
| | | | | | | | | | | | a number of bugs in the documentation, mostly typos, grammatical errors, poorly worded sentences, and idioms likely to be confusing to non-English speakers.
* | Mention merge of n.r.b.entropy-poll-redesignlloyd2009-02-081-0/+1
| |
* | Update examples for changed EntropySource and RandomNumberGenerator interfaceslloyd2009-01-312-11/+14
| |
* | Fix test_es for new Entropy_Accumulator interface. It XORs into a blocklloyd2009-01-271-21/+27
| | | | | | | | | | of 64 bytes. Not ideal but at least gives a sense of what it is putting out.
* | Check in a branch with a major redesign on how entropy polling is performed.lloyd2009-01-272-17/+24
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Combine the fast and slow polls, into a single poll() operation. Instead of being given a buffer to write output into, the EntropySource is passed an Entropy_Accumulator. This handles the RLE encoding that xor_into_buf used to do. It also contains a cached I/O buffer so entropy sources do not individually need to allocate memory for that with each poll. When data is added to the accumulator, the source specifies an estimate of the number of bits of entropy per byte, as a double. This is tracked in the accumulator. Once the estimated entropy hits a target (set by the constructor), the accumulator's member function predicate polling_goal_achieved flips to true. This signals to the PRNG that it can stop performing polling on sources, also polls that take a long time periodically check this flag and return immediately. The Win32 and BeOS entropy sources have been updated, but blindly; testing is needed. The test_es example program has been modified: now it polls twice and outputs the XOR of the two collected results. That helps show if the output is consistent across polls (not a good thing). I have noticed on the Unix entropy source, occasionally there are many 0x00 bytes in the output, which is not optimal. This also needs to be investigated. The RLE is not actually RLE anymore. It works well for non-random inputs (ASCII text, etc), but I noticed that when /dev/random output was fed into it, the output buffer would end up being RR01RR01RR01 where RR is a random byte and 00 is the byte count. The buffer sizing also needs to be examined carefully. It might be useful to choose a prime number for the size to XOR stuff into, to help ensure an even distribution of entropy across the entire buffer space. Or: feed it all into a hash function? This change should (perhaps with further modifications) help WRT the concerns Zack W raised about the RNG on the monotone-dev list.
* Bump to 1.8.2-prelloyd2009-01-211-0/+3
|
* Fix paths in dist script1.8.1lloyd2009-01-201-3/+2
|
* Update readme and release notes for 1.8.1 release 2008-01-20lloyd2009-01-201-1/+2
|
* In the Unix entropy source fast poll, clear the stat buf beforelloyd2009-01-031-0/+1
| | | | | | | | | | we call stat. Apparently on 32-bit Linux (or at least on Ubuntu 8.04/x86), struct stat has some padding bytes, which are not written to by the syscall, but valgrind doesn't realize that this is OK, and warns about uninitialized memory access when we read the contents of the struct. Since this data is then fed into the PRNG, the PRNG state and output becomes tainted, which makes valgrind's output rather useless.
* Relicense api.tex from the Creative Commons Attribution-Share Alike licenselloyd2008-12-142-5/+2
| | | | | | | | | | | | to the regular BSD license Botan is distributed under. Seems silly to have the one single file under a different (and more restrictive) license than everything else. As I am the only copyright holder I believe it is within my rights to do this. The only other contributor to api.tex I can think of is Ken Perano of Sandia Labs, who sent me several patches to api.tex that fixed minor grammatical issues, but which (AFAIK (IANAL)) were too small/trivial to be copyrightable.
* Fix a memory leak in PKCS #8 load_key and encrypt_key that wouldlloyd2008-12-121-0/+3
| | | | | | | | | | occur because PKCS #5 v2.0 doesn't support empty passphrases (though maybe it should?). In this case pbe->set_key would throw an exception, causing the stack to be unwound without the (dynamically created) PBE object being deleted. Use auto_ptr to hold the PBE*, then .release() it when passing it to the Pipe (since Pipe takes ownership of its Filters). Noticed when looking at valgrind analysis of monotone's sync command.
* Update readme and log for 1.8.0 release 2008-12-081.8.0lloyd2008-12-081-1/+1
|
* Rickard Bondesson reported on botan-devel about some problems buildinglloyd2008-12-021-0/+3
| | | | | | | | | | | | | | | | | | | | on Solaris 10 with GCC 3.4.3. First, remove the definition of _XOPEN_SOURCE_EXTENDED=1 in mmap_mem.cpp and unix_cmd.cpp, because apparently on Solaris defining this macro breaks C++ compilation entirely with GCC: http://bugs.opensolaris.org/bugdatabase/view_bug.do?bug_id=6395191 In es_egd.cpp and es_dev.cpp, include <fcntl.h> to get the declaration of open(), which is apparently where open(2) lives on Solaris - this matches the include the *BSD man pages for open(2) show, though AFAIK the BSDs all compiled fine without it (probably due to greater efforts to be source-compatible with Linux systems by *BSD developers). I have not been able to test these changes personally on Solaris but Rickard reports that with these changes everything compiles OK. Update lib version to 1.8.0-pre. ZOMG. Finally.
* Update log file for 1.7.24 release 2008-12-011.7.24lloyd2008-12-011-1/+1
|
* Consolidate the useful stuff from doc/info.txt into readme.txtlloyd2008-11-301-63/+0
|
* s/modinfo.txt/info.txt/glloyd2008-11-301-2/+2
|
* New paths in dist scriptlloyd2008-11-291-4/+6
|
* Add XLC release date. Mention OpenSSL's AES crashes have unknown causelloyd2008-11-281-2/+2
|
* Reorg 1.7.24 release notes. Mention adding test vectors.lloyd2008-11-281-5/+6
|
* Add a variant of EMSA3 called EMSA3_Raw which does not hash the data orlloyd2008-11-281-0/+2
| | | | | | | add a digest identifier. This was a feature requested on the mailing list. Apparently this scheme is called CKM_RSA_PKCS in PKCS #11, and is supported by a number of libraries, including QCA.
* Rickard Bondesson reported on the mailing list that he had noticedlloyd2008-11-282-1/+5
| | | | | | | | | | | | | | a discrepency between OpenSSL and Botan when generating SHA-512/EMSA3 signatures. In fact it turns out that the EMSA3 identifier for SHA-512 contained a typo and was incorrect. Unfortunately this means that SHA-512/EMSA3 signatures generated by Botan up until now will not be accepted by other implementations, and the signatures by other implementations would not be accepted by Botan. Currently I am not making any provision for backwards compatability with the old incorrect hash identifier, since I am assuming/guessing that SHA-512/EMSA3 is not a very common combination.
* Add test_es, a program that polls each enabled entropy source (both fastlloyd2008-11-251-0/+101
| | | | and slow) and prints the data it gets back to the screen for inspection.
* If the read succeceed in EGD_EntropySource::slow_poll, the loop wouldlloyd2008-11-251-0/+1
| | | | | just continue on instead of returning the length of the buffer recv'ed from EGD.
* Drop todo.txt - moved to http://botan.randombit.net/todo.htmllloyd2008-11-251-160/+0
|
* Document disabling OpenSSL AESlloyd2008-11-241-0/+1
|
* Rephrase some log entrieslloyd2008-11-241-5/+5
|
* Update PGP keyslloyd2008-11-241-88/+80
|
* Mention integer overflow being fixedlloyd2008-11-241-0/+1
|
* Add an example taken from the tutoriallloyd2008-11-241-0/+55
|
* Update build instructionslloyd2008-11-241-10/+19
|
* Update readme and info files to reflect that 1.8.0 will be a (theoretically)lloyd2008-11-241-0/+4
| | | | stable release.
* Document changes since 1.7.23. Bump version number to 1.7.24-pre; I'lllloyd2008-11-241-0/+6
| | | | | decide later on if changes warrant another release candiate or not. If not, 1.7.24 will be remarked as 1.8.0 prior to release.
* Update for 1.7.23 release 2008-11-231.7.23lloyd2008-11-231-4/+4
|
* Document new options in release noteslloyd2008-11-231-0/+1
|
* Note Buffered_EntropySource being removedlloyd2008-11-231-0/+1
|
* Add hash optimizations to change loglloyd2008-11-231-0/+1
|
* Switch benchmark example command line arg from ms to secondslloyd2008-11-221-2/+2
|
* Mention improvements in es_ftwlloyd2008-11-221-0/+1
|
* Cache socket descriptors in EGD entropy source, instead of creating each polllloyd2008-11-211-1/+2
|
* Update examples for changed 1.8 APIs, including:lloyd2008-11-216-14/+28
| | | | | | | | | | | | | EAX mode taking a BlockCipher* instead of a name. PK_Signer taking an EMSA* instead of a name. generate_dsa_primes using an Algorithm_Factory Changes to how new algorithms are added (look_add.h is gone entirely, replaced by Algorithm_Factory calls) in xor_ciph. Also update for new stream cipher key schedule function name and new directory for base class decl.
* Log recent changeslloyd2008-11-211-0/+3
|
* Fix examples makefilelloyd2008-11-211-7/+1
|
* Add an example of using the benchmark system to choose the fastest SHA-1lloyd2008-11-211-0/+90
| | | | implementation and then setting it as the default.
* Add an example of benchmark.hlloyd2008-11-211-0/+41
|
* Make it clear in log.txt that TR1==ECDSAlloyd2008-11-191-1/+1
|
* Retroactively log adding SHA-1 SSE2 implementation in 1.7.12. Also mention ↵lloyd2008-11-171-0/+2
| | | | recent doc updates.