| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
the configuration value default_expire
Remove signing_offset as well - it is only used for setting the
default time of a X509_Cert_Options: not worth the cost of a global
variable.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
- The allow_ca policy value is no longer checked. Callers should check
if the request is for a CA cert and treat it accordingly; this makes
it simpler to to case-by-case decisions (expecially among multiple
threads)
- Instead of a single time value, a u32bit representing the number of
seconds from now the certificate should expire, the start and end times
are passed explicitly as two X509_Time values.
|
|
|
|
|
|
| |
the actual copyright holders. For rationale, see my post to botan-devel
on April 9, subject 'Changing license to directly reflect contributors'
(http://www.randombit.net/pipermail/botan-devel/2008-April/000527.html)
|
|
|
|
| |
terms of Extensions::operator=
|
|
|
|
| |
to access it.
|
|
|
|
|
| |
static function of the Timer base class - since that is the only code which
actually needs to access it.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
instead allocate a reference to a mutex locally and use the more typical
Mutex_Holder RAII object.
Named_Mutex_Holder (and in particular the string->mutex mappings contained
in the global state) have been found to be pretty expensive in at least
some situations (see post by Jack Cummings to monotone-devel 2008-03-12),
and doesn't really buy us that much in terms of ease of use. Also, it
relies on the global state object, which has shown itself to be a rich
source of race conditions and locking bugs. The intent is to incrementally
remove all of the shared / global state and require applications to maintain
that state where necessary.
|
| |
|
|
|
|
| |
to represent the message number in a Pipe
|
|
|
|
|
| |
Previously the only method allowed was with a pathname, which is pretty
inflexible since it prevents you from using devices like std::cin, etc
|
|
|
|
|
|
| |
identification purposes) when passing in a std::ostream, since there
is no portable way to go from a std::ostream to the file or other device
that it names
|
|
|
|
|
| |
updated dates on files that have actually changed this year. This makes
the diff across versions readable again.
|
|
|
|
| |
DEFAULT_BUFFERSIZE (normally 4K); measurably faster on a Core2
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the word read/write functions will be faster through the use of
(slightly unsafe) pointer manipulations. On some CPUs (like SPARC),
these antics can cause crashes (usually visible by SIGBUS) if what you
are attempting to read or write as an integer is not aligned on a word
boundary. However they are safe on x86 and x86-64.
Performance increases across the board on a Core2. In most algorithms
the improvement seems to be about 3%, except a few standouts like RC6
(15%), MD4 (20%), RIPEMD-128 (8%). Will be better with faster xor_buf
and byte swapping.
|
|
|
|
| |
wrong, and didn't work at all. New corrected (and tested) version.
|
|
|
|
|
|
|
| |
with the last one being both one of the input values and the output carry
register, since almost always they were in fact the same variable.
Also update the x86 and x86-64 modules.
|
|
|
|
| |
writing of it in assembly.
|
|
|
|
|
|
|
| |
for 64-bit to not use 64-bit constants - that way GCC won't complain everwhere.
Plan is for a module to replace all of these with asm (bswap, xchg on x86),
at least for x86-64
|
|
|
|
|
|
|
| |
but might as well keep it up to date. And it's easier to do it once with
a 'perl -pi' command than to update each file over time.
Apologies to anyone looking at diffs.
|
| |
|
|
|
|
|
|
| |
by Joel Low on the mailing list, the STL container types have only a
single version of push_back(), along with variations of insert() for
handling range-based appending.
|
|
|
|
| |
Change all callers in the library and self-test code.
|
|
|
|
|
|
|
|
|
|
|
| |
needing this functionality probably already have a preexisting configuration
system that they would rather use.
Also remove the documentation about this feature, and the example
configuration (which was pretty out of date, anyway).
RFC on this change sent to the mailing list on 11-13-2007, no responses
after 24 hours. It seems quite likely this code is not in use anywhere.
|
|
|
|
| |
had no reason/need to be a class method.
|
|
|
|
| |
remained, which caused link errors. Removed.
|
|
|
|
|
|
|
|
|
| |
using the infrastructure in Pooling_Allocator.
Using malloc directly is slightly faster than using Botan's memory pools
(using the glibc implementation). It may also reduce internal fragmentation,
since the current Pooling_Allocator design is rather suboptimal in that
regard.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
Where loadstor.h was needed but only implicitly included via bit_ops.h,
include it directly
Add endian reversal functions to bit_ops.h
Remove some unneeded includes in big_ops2.cpp and a few other files.
|
|
|
|
| |
Original patch from Yves Jerschow.
|
|
|
|
| |
decimal-dotted string notation.
|
|
|
|
|
|
|
|
| |
that called global_state(), which cased an infinite recursion.
Make creating a Library_State a two-phase operation, first an empty constructor
(just sets all pointers to NULL), then an initializer that sets up everything
needed to start up the library.
|
| |
|
|
|
|
|
|
|
| |
The test vectors were generated by Crypto++ 5.5 on a Linux/x86-64 machine.
Test vectors for CBC-MAC(DES) all pass, for inputs up to 63 bytes. For
CBC-MAC(AES-128), all test vectors with inputs over 10 bytes fail to verify
against what Crypto++ produces. Unknown at this time where the bug lies.
|
|
|
|
| |
static_cast or reinterpret_cast, as needed.
|
|
|
|
| |
or other non-portable implementations as modules.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
under the name that the algorithm was originally requested by. This enables
proper caching for algorithm names which deref_alias fails to fully dereference
such as "HMAC(SHA-1)". The previous code had two major problems with names of
that type, firstly that the cache was effectively bypassed due to all prototype
objects in Algorithm_Cache_Impl being indexed by their canonical names rather
than the alias that they were requested under, and that there existed a race
condition where a prototype object might be deleted while in use in multithreaded
code.
The downside of this change is that using multiple names to refer to a single
algorithm causes multiple prototype objects to be created, one for each name
that is in use. However the memory overhead of this should be fairly minimal
and given the severity of the race condition this seems like a worthwhile tradeoff.
A more complete fix would be to fix deref_alias to properly derference all alias
names. That fix would be complimentary with this change in that if deref_alias
handled all names properly there would be a single prototype object and there
would then be no additional memory overhead to the cache.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
into
account endian differences.
The current code does not take advantage of the knowledge of which endianness
we are running on; an optimization suggested by Yves Jerschow is to use (unsafe)
casts to speed up the load/store operations. This turns out to provide large
performance increases (30% or more) in some cases.
Even without the unsafe casts, this version seems to average a few percent
faster, probably because the longer loading loops have been partially or
fully unrolled.
This also makes the code implementing low-level algorithms like ciphers and
hashes a bit more succint.
|
|\
| |
| |
| |
| |
| | |
8a2b79c64a13d3f70b0211d4f985a678951a9663)
to branch 'net.randombit.botan' (head 677686443a5bb53b03d147999947448a9dc2679a)
|
| |
| |
| |
| | |
Studio users.
|
| |
| |
| |
| |
| |
| | |
caller. The resulting code is longer and somewhat harder to read, but it's
giving 25-30% performance increases on my Core2, and something a bit
lower but still measurable on the P4.
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
how big q should be.
Add FIPS 186-3 DSA parameter generation, this allows for generating larger
(2048 and 3072 bit) DSA keys. At this time there do not seem to be official
test vectors for 186-3, and I have not checked against other implementations.
Tests will be constructed using the latest OpenSSL snapshot.
|
| |
| |
| |
| | |
current register size; reads return 0, writes extend the buffer.
|
| | |
|
| |
| |
| |
| | |
and actually reduced the total line count.
|
|/
|
|
|
|
| |
members of DL_Group (the only place they were called within the source, and
outside of some rather esoteric things probably the only place you would
ever need it).
|