| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
| |
|
|
|
|
|
|
| |
Mostly unused args and missing override notations.
Fix DH - load_check calls were commented out for debugging.
|
| |
|
|
|
|
|
| |
XTEA was also deprecated but has been spared, it does seem to be somewhat
common (eg, included in the Go x/crypto library)
|
|
|
|
|
|
| |
Fix policy files.
GH #614
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Convert Travis build configuration to a single var instead of 4 tuple.
Makes it much easier to review the builds in the Travis web UI.
Adds sanitizer builds for Clang on both Linux and OS X. Clang is a different
compiler from GCC and its sanitizers may catch things GCC does not.
I have no idea if Apple's Clang has some magic sanitizer sauce stock
LLVM does not, so maybe sanitizer build on OS X can be skipped.
Adds Linux cross compile targets for ARM32, ARM64, PPC64, and MinGW x86
using the cross compiler available in Trusty. All of them build and are
set up to run through qemu/wine. All of the tests currently fail and
so are marked as expected fail in the Travis matrix.
The ARM test runs seem to have thread problems; ARM32 thread creation just fails
with an exception, as if pthreads was disabled. All other tests pass ok for ARM32.
On Aarch64, it looks like there is a hard crash the first time the library tries
creating a thread. Both of these might be due to statically linking the binary?
I have been unable to convince Ubuntu's qemu-ppc64 to execute binaries compiled by
Ubuntu's ppc64 cross compiler. I'm downloading an Ubuntu ISO to try this in a VM.
Running under Wine exposes several issues, both in Wine and Botan. Many functions are
stubs and it appears that entropy collection fails as a result. This triggers a bug
in the FFI tests which causes a crash there.
A pox on time zones; _mkgmtime is a MSVC extension and is not available on MinGW GCC.
Add a last resort call that just uses the localzone variant instead.
Adds valgrind target, remove a bogus poison in pubkey.cpp (it was effectively
asserting that all of RSA was const time which is sadly not true at all).
Moves -Wshadow to maintainer mode for GCC - GCC 4.8 has a noisy variant of -Wshadow
which warns if a parameter masks a function name, but this comes up all the time
in constructors. Later GCCs no longer warn about this (even with -Wshadow), so the
warnings are never fixed, but they cause noise in CI output and hide interesting
warnings like
warning: vec_lvsl is deprecated for little endian; use assignment for unaligned loads and stores [-Wdeprecated]
__vector unsigned char perm = vec_lvsl(0, static_cast<u32bit*>(nullptr));
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change reseed interval logic to count calls to `randomize` rather than
bytes, to match SP 800-90A
Changes RNG reseeding API: there is no implicit reference to the
global entropy sources within the RNGs anymore. The entropy sources
must be supplied with the API call. Adds support for reseding directly
from another RNG (such as a system or hardware RNG).
Stateful_RNG keeps optional references to both an RNG and a set of
entropy sources. During a reseed, both sources are used if set.
These can be provided to HMAC_DRBG constructor.
For HMAC_DRBG, SP800-90A requires we output no more than 2**16 bytes
per DRBG request. We treat requests longer than that as if the caller
had instead made several sequential maximum-length requests. This
means it is possible for one or more reseeds to trigger even in the
course of generating a single (long) output (generate a 256-bit key
and use ChaCha or HKDF if this is a problem).
Adds RNG::randomize_with_ts_input which takes timestamps and uses them
as the additional_data DRBG field. Stateful_RNG overrides this to also
include the process ID and the reseed counter. AutoSeeded_RNG's
`randomize` uses this.
Officially deprecates RNG::make_rng and the Serialized_RNG construtor
which creates an AutoSeeded_RNG. With these removed, it would be
possible to perform a build with no AutoSeeded_RNG/HMAC_DRBG at all
(eg, for applications which only use the system RNG).
Tests courtesy @cordney in GH PRs #598 and #600
|
|\ |
|
| |
| |
| |
| | |
instead of no PDB output for CLI and tests
|
| |
| |
| |
| |
| |
| | |
Fixes GH #432 : Previously the Botan CLI PDB file has overwritten the Botan lib PDB file.
Furthermore the output filename of the lib is changed to botand in debug mode.
|
|\ \
| | |
| | |
| | | |
See also GH #587
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Removes user and hostname: as mentioned by a downstream maintainer, the
information should not be included in packages. In our projects, the
information is contained in the amalgamation check-in commit message.
Removes timestamp: this ensures that the header content is equal in two
equal configure runs.
Both changes together make it possible to effectively use compiler
caches for Botan (ccache on Unix, in direct mode; clcache on Windows).
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds a fast fail when trying to build Botan configured for 32 bit
using a 64 bit compiler or vice versa.
Check running
python configure.py --cpu="x86_32" && make
python configure.py --cpu="x86_64" && make
or
python configure.py && nmake
on 64 bit Windows in a 32 bit Command Prompt.
Closes #456.
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
For those that are willing to trust uninspectible hardware. :)
Changes RDRAND entropy source to call RDRAND_RNG
Add --rdrand flag to rng cmdlet
|
|
|
|
|
|
| |
Fix BeOS stat reader - was calling wrong function on the rng.
Remove entropy estimate defines from build.h, no longer used.
|
|
|
|
|
|
|
|
|
| |
Use consistent naming for the max output before reseed
parameter. The constant (default) value is renamed to
BOTAN_RNG_DEFAULT_MAX_OUTPUT_BEFORE_RESEED, since without
the DEFAULT_ it reads like a compile time maximum instead.
Use uint8_t instead of byte.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Handles fork checking for HMAC_RNG and HMAC_DRBG
AutoSeeded_RNG change - switch to HMAC_DRBG as default.
Start removing the io buffer from entropy poller.
Update default RNG poll bits to 256.
Fix McEliece test, was using wrong RNG API.
Update docs.
|
|
|
|
| |
Add some missing overrides
|
|
|
|
|
| |
Add RFC 6979 which became optional along the line. Also add bcrypt and compression,
and add TLS by default. Prohibit EGD.
|
| |
|
| |
|
|
|
|
| |
Soname_patterns and link commands are identical to those used with Linux
|
|
|
|
|
|
|
|
|
| |
Previously avoided since many clients don't have the CACert root,
but now that Let's Encrypt is used instead anyone with a recent
trust root should accept the certs for botan.randombit.net and
lists.randombit.net
[ci skip]
|
|\ |
|
| | |
|
|\ \ |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Adds support for probabilistic, aka the standard, DSA and ECDSA.
Can be enabled by disabling the rfc6979 module.
Includes test vectors from NIST CAVP.
Adds rfc6979 to the list of prohibited modules in BSI policy.
|
|/ /
| |
| |
| | |
The 'clean' target left dangling symlinks because undefined variables were used in Makefile.
|
|/
|
|
|
|
| |
Move disabling C4250 and C4251 to cmd line instead of header pragma.
This means these warnings will show up in application code. But disabling
warnings inside a library header is probably not good form.
|
| |
|
| |
|
|
|
|
| |
Prohibit unix_procs in BSI policy. See discussion in GH #446
|
| |
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
A module policy is a file specifying three types of modules: ones which
are required, ones which are prohibited, and ones which should be used
if otherwise available (this is mostly for platform specific modules).
Finally there are whatever modules which exist in the library of which
the policy makes no mention. These will be included if an explicit
dependency of some other module pulls them in (so there is no reason
to mention base, utils, ... in the file) but skipped otherwise.
For example policy 'sane' does not mention 'utils' or 'twofish' either
way. Since utils is a dependency of other modules which are included,
but Twofish does not. However unlike an explicitly prohibited module,
not mentioned can still be requested as part of the build (here with
--enable-module=twofish)
Also fixes some test bugs noticed by compiling in different build
configs. DLIES test didn't check that the KDF and MAC existed. Adds a
typedef for MessageAuthenticationCode because typing it twice in a
single line in the DLIES test made me think it's way too long. :) Also
fix some fuzzer build problems. Due to a copy and paste bug the PKCS
certificate (it was not).
Inspired by GH #439
|
|\ \
| |/
|/|
| | |
The Intel RNG may fail if heavily contended, so retry as needed.
|
| |
| |
| |
| |
| |
| |
| |
| | |
* no spaces around if(), for() etc
* snake_case for plain functions
* anonymous namespace function instead private and static
* don't propagate failed poll to the calling application
* RdRand retires configurable in build.h
|
| |
| |
| |
| |
| | |
* Make it configurable how often RdRand and RdSeed is polled
* Make it configurable how many RdSeed retries are executed
|
|\ \ |
|
| | | |
|
|/ / |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Remove -Wsuggest-attribute=noreturn from maintainer mode flags as it
seems like outside of the assertion failure macro any other suggestion
would always be a false positive (an unimplemented function or the like).
Or at least, if such a function needing noreturn to assist with static
analysis is added in the future it will be obvious, by virtue of the
static analyzer warnings which occur due to the missing noreturn
preventing the analyzer from understanding code flow.
|
| | |
|