aboutsummaryrefslogtreecommitdiffstats
path: root/src/build-data
Commit message (Collapse)AuthorAgeFilesLines
* Refactor CPUID implementation, add ARM supportJack Lloyd2017-01-172-0/+2
| | | | | | Tested for ARM only under qemu-aarch64, need to check hardware before merging. Changes x86 CPUID bitmasks which does break ABI for 2.1, no API implications.
* Remove minor number from header include dirJack Lloyd2017-01-091-1/+1
| | | | | | Already pkg-config had this, was missed in GH #802 See also GH #830
* Merge GH #831 Avoid module index in LaTeX outputJack Lloyd2017-01-091-1/+1
|\
| * Don't create module index for latex outputRené Korthaus2017-01-091-1/+1
| |
* | Update BSI module policyDaniel Neus2017-01-081-0/+4
|/
* Merge GH #823 Switch to readthedocs Sphinx themeJack Lloyd2017-01-072-45/+11
|\ | | | | | | [ci skip]
| * Switch to readthedocs Sphinx themeJack Lloyd2017-01-072-45/+11
| | | | | | | | | | | | | | Move some text and change some headers to look better with how rtd theme formats the table of contents. GH #822
* | Cygwin has readdir, so uses it.Jack Lloyd2017-01-071-0/+1
|/ | | | | | | | Fixes a test problem on Cygwin. GH #824 [ci skip]
* Update features for AIXJack Lloyd2017-01-061-0/+5
| | | | | | Based on compiling on AIX 7.1 [ci skip]
* Merge GH #802 Update version to 2.0.0, change lib and include dir namesJack Lloyd2017-01-0616-14/+31
|\
| * Update shared object naming for new versioning scheme.Jack Lloyd2017-01-0616-14/+31
| | | | | | | | | | | | | | | | | | | | | | | | Cleans up so object naming since most of the time (across Unix) we follow the exact same naming scheme; just make it the default if only the so suffix is specified in the file. Also updates include header dir to be botan-${major} Changes behavior when shared lib not supported; instead of making the user explicitly try again with --disable-shared, just assume it and continue running.
* | remove "timestamp" and "proc_info" from BOTAN_ENTROPY_DEFAULT_SOURCESDaniel Neus2017-01-061-4/+4
| | | | | | | | these don't exist anymore
* | Merge GH #815 Add NIST build policyJack Lloyd2017-01-061-0/+153
|\ \
| * | Add basic NIST policyJack Lloyd2017-01-051-0/+153
| |/ | | | | | | Just my best reckoning of what is NIST approved, may have errors.
* / Add iso9796 (required) and cecpq1 (prohibited) to BSI policy/bsi.txtDaniel Neus2017-01-061-0/+2
|/
* Add os iosSimon Warta2017-01-032-0/+27
|
* Add libs target to makefilesJack Lloyd2016-12-182-0/+4
| | | | [ci skip]
* Fix Sphinx PDF build. GH #746Jack Lloyd2016-12-141-1/+1
| | | | [ci skip]
* Remove ECB modeJack Lloyd2016-12-042-2/+0
| | | | | | | Not a good thing to offer at this level. If you know what you are doing for the strange special case where it is necessary, the raw BlockCipher interface is available and probably more convenient.
* Updates module policy, fixes test suite errorsMatthias Gierlings2016-12-011-1/+1
| | | | | | | - Moves SHAKE to prohibited algorithms - Catches an error during XMSS private key generation when SHAKE is disabled. This should not be reported as error by the test bench since [SHAKE is optional in XMSS](https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-07#section-5)
* Add note on rfc6979 signatures to manual [ci skip]René Korthaus2016-11-281-3/+3
|
* Fix amalgamationJack Lloyd2016-11-271-2/+2
|
* Add compiler.h macro header extracted from build.hJack Lloyd2016-11-261-176/+40
| | | | | | | | All this is just standard C that the user should not touch, so it doesn't really make sense to have it in the build.h template file. Remove BOTAN_TARGET_CPU_HAS_KNOWN_ENDIANESS - only used twice (in loadstor.h) and that code is clearer without it.
* Add Cilk/OpenMP supportJack Lloyd2016-11-263-0/+51
|
* Updates docs & module policyMatthias Gierlings2016-11-261-0/+1
| | | | | | - Added GMAC to list of supported MAC algorithms in readme.rst - Updated module policy to prevent CI crash - Added myself to credits.rst
* Move Sonar config to build-dataJack Lloyd2016-11-221-0/+21
| | | | | No actual reason for it to be in the root dir, only Sonar needs it, so just copy it to the root dir before starting.
* Add key_constraints_to_string, GOST-34.10 cert handlingJack Lloyd2016-11-181-0/+2
| | | | Add some try/catch blocks to the X.509 tests, and use create_private_key API
* Add OIDs for SHA-3 and SHA-3 signature algorithmsJack Lloyd2016-11-171-1/+30
| | | | | Also CCM OIDS, and SHA-384/SHA-512 DSA OIDs. All from NIST: http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html
* Don't strictly require ffi in modern policyJack Lloyd2016-11-171-3/+2
|
* Added Extended Hash-Based Signatures (XMSS)Matthias Gierlings2016-11-111-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [1] XMSS: Extended Hash-Based Signatures, draft-itrf-cfrg-xmss-hash-based-signatures-06 Release: July 2016. https://datatracker.ietf.org/doc/ draft-irtf-cfrg-xmss-hash-based-signatures/?include_text=1 Provides XMSS_PublicKey and XMSS_PrivateKey classes as well as implementations for the Botan interfaces PK_Ops::Signature and PK_Ops::Verification. XMSS has been integrated into the Botan test bench, signature generation and verification can be tested independently by invoking "botan-test xmss_sign" and "botan-test xmss_verify" - Some headers that are not required to be exposed to users of the library have to be declared as public in `info.txt`. Declaring those headers private will cause the amalgamation build to fail. The following headers have been declared public inside `info.txt`, even though they are only intended for internal use: * atomic.h * xmss_hash.h * xmss_index_registry.h * xmss_address.h * xmss_common_ops.h * xmss_tools.h * xmss_wots_parameters.h * xmss_wots_privatekey.h * xmss_wots_publickey.h - XMSS_Verification_Operation Requires the "randomness" parameter out of the XMSS signature. "Randomness" is part of the prefix that is hashed *before* the message. Since the signature is unknown till sign() is called, all message content has to be buffered. For large messages this can be inconvenient or impossible. **Possible solution**: Change PK_Ops::Verification interface to take the signature as constructor argument, and provide a setter method to be able to update reuse the instance on multiple signatures. Make sign a parameterless member call. This solution requires interface changes in botan. **Suggested workaround** for signing large messages is to not sign the message itself, but to precompute the message hash manually using Botan::HashFunctio and sign the message hash instead of the message itself. - Some of the available test vectors for the XMSS signature verification have been commented out in order to reduce testbench runtime.
* Add BOTAN_WARN_UNUSED_RESULT macroJack Lloyd2016-11-091-0/+6
| | | | Only works for GCC and Clang
* Add OID for XMSSJack Lloyd2016-11-061-0/+3
| | | | [ci skip]
* Add an in-house EC curve for TLS at compile-timeRené Korthaus2016-11-031-0/+5
| | | | | | One additional, application-specific curve can be added at compile time, using the new configure.py --house-curve=curve.pem,funky311,1.2.3.4,FEFF.
* Remove unused values from build.hJack Lloyd2016-11-031-3/+8
| | | | | | | Have the /proc setting in build.h actually control the entropy source configuration (!) GH #708
* Merge GH #706 Remove ability to add OIDs at runtime. Remove OID lockJack Lloyd2016-11-031-0/+211
|\
| * Remove ability to add OIDS at runtime. Remove global OID lock.Jack Lloyd2016-11-031-0/+211
| | | | | | | | | | | | | | | | | | | | | | OID map is now generated from an input file on an as needed basis. Just uses a sequence of ifs - simple, fast, and small code size. Merges oid_lookup sub-module which was already required by asn1 anyway, so completely non-optional. Removes @neusdan's nice OID tests since without any runtime adds the tests are moot.
* | Remove automatic self-testing of public and private keysJack Lloyd2016-11-031-5/+0
|/ | | | | | | | | | | | | Rarely expected and often causes performance problems, especially for private keys. Instead applications should call check_key explicitly to validate keys when necessary. Note this removal doesn't apply to tests like ECDH on-the-curve tests, where a check on the public key is required for security of our own key. Updates most APIs to remove RNG calls, where they are no longer required. Exception is PKCS8 interface, pending further work there (see GH #685) it just ignores the RNG argument now.
* Add new configure argument --optimize-for-sizeJack Lloyd2016-11-034-0/+4
| | | | | | | | | | | Uses -Os for GCC/Clang/ICC, /O1 for MSVC. Might be used in the future to control compile time features also (eg using a large precomputed table, vs not). Does not have any influence on module selection, just informs the build that a smaller binary is preferable. [ci skip]
* Import fuzzer driversJack Lloyd2016-10-301-0/+2
| | | | | | | | | | | Originally from https://github.com/randombit/botan-fuzzers but merging to the main tree (without the corpus files, since I suspect the corpus files in that repo are not useful anymore) Adds --unsafe-fuzzer-mode which can be used to selectively disable cryptographic checks which get in the way of fuzzer testing. This setting is reflected in build.h and in the version string. Right now it doesn't actually disable anything.
* Remove HMAC_RNG, X9.31-RNG, BeOS stats, EGD reader, Unix process runnerJack Lloyd2016-10-283-23/+19
| | | | | Change AutoSeeded_RNG to use SHA-384, SHA-256, SHA-3(256), or SHA-1, whichever is available (in that order).
* Merge GH #691/#488 Add GMAC. Add MessageAuthenticationCode::start_msgJack Lloyd2016-10-281-0/+1
|\
| * Implements GMAC with GHASH.Matthias Gierlings2016-10-281-0/+1
| | | | | | | | | | Adds support for Galois Message Authentication Code calculation based on GHASH, rather than GCM_Mode.
* | Update modern policy: Add NewHope, SQL, ChaCha20 SSE2. Prohibit TLS-CBCJack Lloyd2016-10-281-1/+8
|/
* Build the docs during CIJack Lloyd2016-10-222-1/+2
| | | | Fix various doc building problems/warnings.
* Merge GH #669 Add SHA-3, SHAKE-128, and BoringSSL-mode NewHopeJack Lloyd2016-10-202-1/+3
|\
| * Update policy files for SHA-3Jack Lloyd2016-10-192-1/+3
| | | | | | | | BSI drops Keccak in favor of SHA-3. Modern adds SHA-3 and SHAKE-128.
* | Merge GH #671 Allow eme_raw in BSI modeJack Lloyd2016-10-201-1/+0
|\ \
| * | we do the padding ourself so eme_raw is fineDaniel Neus2016-10-201-1/+0
| |/ | | | | | | So it shouldn't be prohibited in the module policy
* | Predefine some variables for doxygen [ci skip]René Korthaus2016-10-201-1/+8
| |
* | Remove obsolete doxygen tag [ci skip]René Korthaus2016-10-191-1/+0
|/