| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| | |
Adds support for probabilistic, aka the standard, DSA and ECDSA.
Can be enabled by disabling the rfc6979 module.
Includes test vectors from NIST CAVP.
Adds rfc6979 to the list of prohibited modules in BSI policy.
|
| |/
|
|
| |
The 'clean' target left dangling symlinks because undefined variables were used in Makefile.
|
| |
|
|
|
|
| |
Move disabling C4250 and C4251 to cmd line instead of header pragma.
This means these warnings will show up in application code. But disabling
warnings inside a library header is probably not good form.
|
| | |
|
| | |
|
| |
|
|
| |
Prohibit unix_procs in BSI policy. See discussion in GH #446
|
| | |
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
A module policy is a file specifying three types of modules: ones which
are required, ones which are prohibited, and ones which should be used
if otherwise available (this is mostly for platform specific modules).
Finally there are whatever modules which exist in the library of which
the policy makes no mention. These will be included if an explicit
dependency of some other module pulls them in (so there is no reason
to mention base, utils, ... in the file) but skipped otherwise.
For example policy 'sane' does not mention 'utils' or 'twofish' either
way. Since utils is a dependency of other modules which are included,
but Twofish does not. However unlike an explicitly prohibited module,
not mentioned can still be requested as part of the build (here with
--enable-module=twofish)
Also fixes some test bugs noticed by compiling in different build
configs. DLIES test didn't check that the KDF and MAC existed. Adds a
typedef for MessageAuthenticationCode because typing it twice in a
single line in the DLIES test made me think it's way too long. :) Also
fix some fuzzer build problems. Due to a copy and paste bug the PKCS
certificate (it was not).
Inspired by GH #439
|
| |\ \
| |/
|/|
| | |
The Intel RNG may fail if heavily contended, so retry as needed.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
* no spaces around if(), for() etc
* snake_case for plain functions
* anonymous namespace function instead private and static
* don't propagate failed poll to the calling application
* RdRand retires configurable in build.h
|
| | |
| |
| |
| |
| | |
* Make it configurable how often RdRand and RdSeed is polled
* Make it configurable how many RdSeed retries are executed
|
| |\ \ |
|
| | | | |
|
| |/ / |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Remove -Wsuggest-attribute=noreturn from maintainer mode flags as it
seems like outside of the assertion failure macro any other suggestion
would always be a false positive (an unimplemented function or the like).
Or at least, if such a function needing noreturn to assist with static
analysis is added in the future it will be obvious, by virtue of the
static analyzer warnings which occur due to the missing noreturn
preventing the analyzer from understanding code flow.
|
| | | |
|
| | | |
|
| |\ \
| | |
| | |
| | |
| | | |
# Conflicts:
# src/build-data/cc/gcc.txt
|
| | | |
| | |
| | |
| | | |
to not break compatibility with older gcc versions (available in gcc 5.1)
|
| | | |
| | |
| | |
| | | |
found by gcc with -Wsuggest-override
|
| | | | |
|
| |/ / |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| | |
Has the same effect as using ctgrind, but without requiring a
custom-compiled valgrind binary.
Add ct checking annotations to the SSSE3 AES code.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
It works on x86, but C says it is undefined and it makes UBSan
unhappy. Happily, this memcpy approach probably also works fine under
processors which previously used the byte-at-a-time approach such as
ARM. But for right now using memcpy here is still gated under the
processor alignment flags.
In my tests recent GCC and Clang seemed to produce basically identical
code for either approach when using -O3; I imagine most compilers
these days are very good at analyzing/inlining/unrolling memcpys.
Also remove the manually unrolled versions of xor_buf, which caused
problems with GCC and -O3 due to it vectorizing the loads into
(aligned) SSE2 loads, which would fail when a misaligned pointer was
passed. Which always seemed kind of bogus to me, but I guess that's
what undefined behavior is for. Enable -O3 for GCC.
With this change the test suite is clean under GCC ASan+UBSan and
Clang ASan+UBSan, with the exception of one failure due to a bug in
libstdc++ (GCC bug 60734) when compiled by Clang.
|
| | |
| |
| |
| | |
GH #382
|
| |\ \
| | |
| | | |
Some trivial compiler and PVS-Studio warning fixes
|
| | |/ |
|
| |/ |
|
| |
|
|
| |
GH #370 for background
|
| |\
| |
| | |
Add support for Intel RdSeed instruction
|
| | | |
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The command line tools' origin as a collection of examples and test
programs glued together led to some unfortunate problems; lots of
hardcoded values, missing parameters, and obsolete crypto.
Adds a small library for writing command line programs of the sort
needed here (cli.h), which cuts the length of many of the commands in
half and makes commands more pleasant to write and extend.
Generalizes a lot of the commands also, eg previously only
signing/verification with DSA/SHA-1 was included!
Removes the fuzzer entry point since that's fairly useless outside of
an instrumented build.
Removes the in-library API for benchmarking.
|
| | |
|
| |
|
|
|
|
|
|
| |
Provide abstractions for the locking allocator (allocate and free
locked pages) to decouple it from the platform dependent code. Should
make it easy to write a Windows version using VirtualAlloc+VirtualLock.
Exposes max mlock limit as a build.h toggle
|
| |
|
|
|
|
|
|
| |
Take the value from build.h if we have no way of getting it dynamically.
Fixes an infinite loop in AES on non-x86 introduced in ebf2164a,
as otherwise it does for(size_t i = 0; i != ...; i += 0) {}
while iterating over the TE tables.
|
| |
|
|
| |
Defaults should be fine for everyone but it makes the values more transparent
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Provides an easier way for an application to configure a list of
entropy sources they'd like to use, or add a custom entropy source to
their seeding.
Exposes some toggles for the global/default entropy sources to build.h
Adds basic entropy tests which runs the polls and does sanity checking
on the results, including compression tests if available. These are
less useful for the CSPRNG outputs but a good check for the ones
producing plain ASCII like the /proc reader.
|
| |
|
|
|
|
| |
sanitizers and coverage as all 4 are usefully set independently.
Use GCC 4.9 on CircleCI as it seems to be supported. Add ASan + UBSan test.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously a build had optimizations disabled completely when debug info was
emitted. But there are many reasons to use optimized builds with debug symbols
(running under valgrind, against afl, with Asan/Ubsan, in prod, etc).
And personally I find even debugging at -O2 or -O3 is fine most of the time and
worth it for the speed. Use the (now documented!) --no-optimizations flag if no
optimization is desired while debugging.
This also removes the distinction between library and application compile flags;
there is a single optimization level that is probably good enough for everything.
On Win32 it removes definding _CONSOLE for the application. This seems to be
some mythical value that may have been required at some point, but is not
documented anywhere I can find. Who knows what VC thinks, hoping I don't have to
add this back. It also drops defining `EBUG` which is what happens when you
tell cl.exe to '/DEBUG'. LOL.
|
| |
|
|
|
|
|
|
| |
via timing channels.
Add annotations for checking constant-time code using ctgrind to
PKCS #1 and OAEP, as well as IDEA and Curve25519 which were already
written as constant time code.
|
| |\
| |
| | |
Support for 64 bit ARM
|
| | |
| |
| |
| | |
See also -march in https://gcc.gnu.org/onlinedocs/gcc/ARM-Options.html
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This adds support for 64 bit ARM cores as used in many high-end phones
such as all iPhones beginning with the 5s. While these newer phones
still run 32 bit ARM code, Apple doesn't allow apps to be submitted to
the app store if they don't provide a 64 bit build.
This commit adds a new arm64 arch and renames arm to arm32 to stay
consistent with the other architectures. The name arm can still be used
for configuring because it has been added as an alias for arm32.
Additionally, the one piece of ARM inline assembly that can be found in
Botan doesn't work on 64 bit ARM, so I use the solution that has been
proposed in #180: Use __builtin_bswap32 instead of inline assembly.
|
| |/
|
|
| |
deriving it by squaring the previous value.
|
| |
|
|
|
|
|
| |
On Darwin platforms, there are frameworks that can bundle libraries and
header files in a standardized directory structure. We need to support
linking to them because most of the OS X or iOS-specific APIs are
provided as frameworks.
|
| |
|
|
|
|
|
|
| |
* Rename variable to avoid confusion of build_shared and
options.build_shared_lib
* Don't automatically change shared -> static. Force user to do that
Fixes #211
|
