aboutsummaryrefslogtreecommitdiffstats
path: root/include
Commit message (Collapse)AuthorAgeFilesLines
* Add a second argument to X509_Cert_Options, which replaceslloyd2008-04-101-1/+2
| | | | | | | | the configuration value default_expire Remove signing_offset as well - it is only used for setting the default time of a X509_Cert_Options: not worth the cost of a global variable.
* Remove the unused function Config::option_as_boollloyd2008-04-101-1/+0
|
* Change the interface of X509_CA::sign_request as follows:lloyd2008-04-101-2/+4
| | | | | | | | | | | - The allow_ca policy value is no longer checked. Callers should check if the request is for a CA cert and treat it accordingly; this makes it simpler to to case-by-case decisions (expecially among multiple threads) - Instead of a single time value, a u32bit representing the number of seconds from now the certificate should expire, the start and end times are passed explicitly as two X509_Time values.
* Change the copyrights in all files in the Botan tree to directly reflectlloyd2008-04-10165-165/+169
| | | | | | the actual copyright holders. For rationale, see my post to botan-devel on April 9, subject 'Changing license to directly reflect contributors' (http://www.randombit.net/pipermail/botan-devel/2008-April/000527.html)
* Remove Extensions::copy_this(). Define the Extensions copy constructor inlloyd2008-04-071-4/+2
| | | | terms of Extensions::operator=
* Timer::combine_timers should be protected, not private, since subclasses needlloyd2008-04-071-1/+1
| | | | to access it.
* Move combine_timers from a free-standing function in util.h to a privatelloyd2008-04-072-1/+2
| | | | | static function of the Timer base class - since that is the only code which actually needs to access it.
* Remove the Named_Mutex_Holder and associated code. Convert all uses tolloyd2008-04-023-15/+12
| | | | | | | | | | | | | | instead allocate a reference to a mutex locally and use the more typical Mutex_Holder RAII object. Named_Mutex_Holder (and in particular the string->mutex mappings contained in the global state) have been found to be pretty expensive in at least some situations (see post by Jack Cummings to monotone-devel 2008-03-12), and doesn't really buy us that much in terms of ease of use. Also, it relies on the global state object, which has shown itself to be a rich source of race conditions and locking bugs. The intent is to incrementally remove all of the shared / global state and require applications to maintain that state where necessary.
* Wrap lineslloyd2008-03-141-1/+2
|
* Use a special typedef, Pipe::message_id, rather than a bare u32bit,lloyd2008-03-141-12/+14
| | | | to represent the message number in a Pipe
* Add a new constructor for DataSource_Stream taking in a std::istream.lloyd2008-03-111-1/+4
| | | | | Previously the only method allowed was with a pathname, which is pretty inflexible since it prevents you from using devices like std::cin, etc
* In DataSink_Stream, allow explicitly setting a pathname (forlloyd2008-03-111-3/+5
| | | | | | identification purposes) when passing in a std::ostream, since there is no portable way to go from a std::ostream to the file or other device that it names
* Mostly revert 2f4fd18182d5a75c40cd831e7ee3c314be5c57d6, only keep thelloyd2008-03-10159-159/+159
| | | | | updated dates on files that have actually changed this year. This makes the diff across versions readable again.
* Increase the size of the buffers in ARC4 and WiderWake4+1 from 1K tolloyd2008-03-092-2/+6
| | | | DEFAULT_BUFFERSIZE (normally 4K); measurably faster on a Core2
* If the macro BOTAN_TARGET_UNALIGNED_LOADSTOR_OK (from build.h) is on,lloyd2008-03-091-0/+86
| | | | | | | | | | | | | the word read/write functions will be faster through the use of (slightly unsafe) pointer manipulations. On some CPUs (like SPARC), these antics can cause crashes (usually visible by SIGBUS) if what you are attempting to read or write as an integer is not aligned on a word boundary. However they are safe on x86 and x86-64. Performance increases across the board on a Core2. In most algorithms the improvement seems to be about 3%, except a few standouts like RC6 (15%), MD4 (20%), RIPEMD-128 (8%). Will be better with faster xor_buf and byte swapping.
* Alas, my definition of the new improved reverse_bytes for 64-bit values waslloyd2008-03-091-2/+5
| | | | wrong, and didn't work at all. New corrected (and tested) version.
* Alter bigint_madd2 and bigint_madd3 to take only 3 (4, resp) arguments,lloyd2008-03-092-35/+38
| | | | | | | with the last one being both one of the input values and the output carry register, since almost always they were in fact the same variable. Also update the x86 and x86-64 modules.
* Also inline xor_buf, both for immediate effeciency gains and for futurelloyd2008-03-091-3/+31
| | | | writing of it in assembly.
* Put reverse_bytes into bit_ops.h so they can be inlined. Rewrite the versionlloyd2008-03-081-4/+17
| | | | | | | for 64-bit to not use 64-bit constants - that way GCC won't complain everwhere. Plan is for a module to replace all of these with asm (bswap, xchg on x86), at least for x86-64
* Mass update of the copyright date. Honestly I don't know why I bother,lloyd2008-02-14165-165/+165
| | | | | | | but might as well keep it up to date. And it's easier to do it once with a 'perl -pi' command than to update each file over time. Apologies to anyone looking at diffs.
* Drop es_file: replaced by es_devlloyd2007-11-171-24/+0
|
* Revert the change that renamed append() to push_back(). As pointed outlloyd2007-11-151-6/+5
| | | | | | by Joel Low on the mailing list, the STL container types have only a single version of push_back(), along with variations of insert() for handling range-based appending.
* Rename MemoryRegion::append to push_backlloyd2007-11-141-5/+6
| | | | Change all callers in the library and self-test code.
* Remove the ability to load an external configuration file. Applicationslloyd2007-11-141-2/+0
| | | | | | | | | | | needing this functionality probably already have a preexisting configuration system that they would rather use. Also remove the documentation about this feature, and the example configuration (which was pretty out of date, anyway). RFC on this change sent to the mailing list on 11-13-2007, no responses after 24 hours. It seems quite likely this code is not in use anywhere.
* Make IDEA::mul_inv just a function in an anonymous namespace, since it reallylloyd2007-11-111-1/+0
| | | | had no reason/need to be a class method.
* Malloc_Allocator doesn't have a constructor anymore but the declarationlloyd2007-10-231-2/+0
| | | | remained, which caused link errors. Removed.
* Have Malloc_Allocator directly inherit from the Allocator interface, withoutlloyd2007-10-211-5/+6
| | | | | | | | | using the infrastructure in Pooling_Allocator. Using malloc directly is slightly faster than using Botan's memory pools (using the glibc implementation). It may also reduce internal fragmentation, since the current Pooling_Allocator design is rather suboptimal in that regard.
* Move reverse_bytes from bit_ops.h to bit_ops.cpplloyd2007-10-211-19/+3
|
* Remove useless commentlloyd2007-10-211-5/+1
|
* bit_ops.h no longer includes loadstor.hlloyd2007-10-191-3/+25
| | | | | | | | | Where loadstor.h was needed but only implicitly included via bit_ops.h, include it directly Add endian reversal functions to bit_ops.h Remove some unneeded includes in big_ops2.cpp and a few other files.
* Add support for IPv4 addresses in the X.509 alternative name extension.lloyd2007-10-162-2/+2
| | | | Original patch from Yves Jerschow.
* Add functions that can convert between binary IPv4 addresses and standardlloyd2007-10-161-0/+6
| | | | decimal-dotted string notation.
* The last checkin did not work; the Library_State constructor called code1.7.2lloyd2007-10-131-5/+9
| | | | | | | | that called global_state(), which cased an infinite recursion. Make creating a Library_State a two-phase operation, first an empty constructor (just sets all pointers to NULL), then an initializer that sets up everything needed to start up the library.
* Move most of the initializer code directly into the Library_State constructorlloyd2007-10-131-4/+3
|
* Check in an initial implementation of CBC-MAC.lloyd2007-09-161-0/+36
| | | | | | | The test vectors were generated by Crypto++ 5.5 on a Linux/x86-64 machine. Test vectors for CBC-MAC(DES) all pass, for inputs up to 63 bytes. For CBC-MAC(AES-128), all test vectors with inputs over 10 bytes fail to verify against what Crypto++ produces. Unknown at this time where the bug lies.
* Avoid C-style casts (as detected by GCC's -Wold-style-cast) and instead use lloyd2007-07-234-18/+38
| | | | static_cast or reinterpret_cast, as needed.
* Move the load/store operations to their own header, to allow assemblylloyd2007-07-232-166/+182
| | | | or other non-portable implementations as modules.
* Combine the Blowfish initial sbox contents into a single 1024 element array.lloyd2007-07-171-2/+1
|
* If an algorithm cache lookup fails, index the newly created prototype objectlloyd2007-07-171-6/+10
| | | | | | | | | | | | | | | | | | | | | under the name that the algorithm was originally requested by. This enables proper caching for algorithm names which deref_alias fails to fully dereference such as "HMAC(SHA-1)". The previous code had two major problems with names of that type, firstly that the cache was effectively bypassed due to all prototype objects in Algorithm_Cache_Impl being indexed by their canonical names rather than the alias that they were requested under, and that there existed a race condition where a prototype object might be deleted while in use in multithreaded code. The downside of this change is that using multiple names to refer to a single algorithm causes multiple prototype objects to be created, one for each name that is in use. However the memory overhead of this should be fairly minimal and given the severity of the race condition this seems like a worthwhile tradeoff. A more complete fix would be to fix deref_alias to properly derference all alias names. That fix would be complimentary with this change in that if deref_alias handled all names properly there would be a single prototype object and there would then be no additional memory overhead to the cache.
* We don't need to use locked memory in the X.509 distinguished name.lloyd2007-06-111-3/+3
|
* Remove unused include of blinding.hlloyd2007-06-111-1/+0
|
* Write functions to handle loading and saving words a block at a time, taking ↵lloyd2007-05-315-6/+146
| | | | | | | | | | | | | | | | | | into account endian differences. The current code does not take advantage of the knowledge of which endianness we are running on; an optimization suggested by Yves Jerschow is to use (unsafe) casts to speed up the load/store operations. This turns out to provide large performance increases (30% or more) in some cases. Even without the unsafe casts, this version seems to average a few percent faster, probably because the longer loading loops have been partially or fully unrolled. This also makes the code implementing low-level algorithms like ciphers and hashes a bit more succint.
* propagate from branch 'net.randombit.botan.stable' (head ↵lloyd2007-04-251-2/+5
|\ | | | | | | | | | | 8a2b79c64a13d3f70b0211d4f985a678951a9663) to branch 'net.randombit.botan' (head 677686443a5bb53b03d147999947448a9dc2679a)
| * Check in a working fix for the mem_pool issues encountered by some Visuallloyd2007-04-251-2/+5
| | | | | | | | Studio users.
* | Inline the definition of Tiger::round into Tiger::pass, which was its onlylloyd2007-03-071-1/+2
| | | | | | | | | | | | caller. The resulting code is longer and somewhat harder to read, but it's giving 25-30% performance increases on my Core2, and something a bit lower but still measurable on the P4.
* | Alter one of the constructors of DL_Group to take a parameter specifyinglloyd2007-03-031-4/+5
| | | | | | | | | | | | | | | | | | how big q should be. Add FIPS 186-3 DSA parameter generation, this allows for generating larger (2048 and 3072 bit) DSA keys. At this time there do not seem to be official test vectors for 186-3, and I have not checked against other implementations. Tests will be constructed using the latest OpenSSL snapshot.
* | BigInt::operator[] now guards against accesses that are larger than thelloyd2007-03-031-2/+2
| | | | | | | | current register size; reads return 0, writes extend the buffer.
* | Add a version of BigInt::binary_decode taking a MemoryRegion of byteslloyd2007-03-011-0/+1
| |
* | Inline the round functions of RC2. This is about 15% faster on my machine,lloyd2007-03-011-4/+1
| | | | | | | | and actually reduced the total line count.
* | Split DSA parameter generation into src/dsa_gen.cpp, and make the functionslloyd2007-03-012-6/+5
|/ | | | | | members of DL_Group (the only place they were called within the source, and outside of some rather esoteric things probably the only place you would ever need it).