aboutsummaryrefslogtreecommitdiffstats
path: root/src/cli
Commit message (Collapse)AuthorAgeFilesLines
* TLS CBC functionality now exposed to the library developer. Useful for ↵Juraj Somorovsky2016-11-191-20/+31
| | | | | | direct TLS CBC testing. CLI TLS server now catches an exception if an invalid connection is received (Otherwise, the server always stopped working)
* Add CECPQ1 TLS ciphersuitesJack Lloyd2016-11-171-1/+1
| | | | | | | | | | | | | Tested against BoringSSL (as client + server) and google.com (as client). Fix a stupid crashing bug in NewHope's BoringSSL mode. Remove unneeded error return from curve25519_donna - always returned 0. Default policy prefers ChaChaPoly1305 over GCM and CECPQ1 over ECDH/DH, which means the default no-extra-configuration ciphersuite (for Botan client speaking to Botan server) is a ciphersuite which is both implemented in constant time on all platforms and (hopefully) provides post quantum security. Good Things.
* Fix TLS client next protocol handlingJack Lloyd2016-11-161-1/+2
| | | | [ci skip]
* Basic speed test for XMSSJack Lloyd2016-11-121-0/+34
|
* Add SHAKE-128 and SHAKE-256 as hash functionsJack Lloyd2016-11-101-7/+7
|
* Remove remaining old style casts.Jack Lloyd2016-11-092-6/+5
| | | | | | Still not a hard error even in maintainer mode because sometimes system headers pull in C style casts via macros (eg MAP_FAILED). But, it not being a hard error makes it easy to backslide.
* Add ec_group_info cmdletJack Lloyd2016-11-061-0/+35
|
* Merge GH #696 Add ECKCDSA and ECGDSA speed testsJack Lloyd2016-10-301-0/+62
|\
| * Add speedtests for ECKCDSA and ECGDSANever2016-10-301-0/+62
| |
* | Fix crash when default IV is empty. GH #697Jack Lloyd2016-10-301-1/+2
|/
* Remove HMAC_RNG, X9.31-RNG, BeOS stats, EGD reader, Unix process runnerJack Lloyd2016-10-281-17/+0
| | | | | Change AutoSeeded_RNG to use SHA-384, SHA-256, SHA-3(256), or SHA-1, whichever is available (in that order).
* Initialize member variable (Coverity find)Jack Lloyd2016-10-221-1/+1
|
* Add create_private_key, expose key loading functions in pk_algs.hJack Lloyd2016-10-202-84/+11
|
* cli: Add dl_group_info cmdletJack Lloyd2016-10-201-0/+24
|
* Add OS2ECP benchmark.Jack Lloyd2016-10-131-0/+36
| | | | | Turns out decompressing a point is ~50x slower than checking (x,y) is on the curve. Update relnote accordingly.
* Revert PK_Verifier change (don't require RNG there).Jack Lloyd2016-10-072-2/+2
| | | | | | | Verification is deterministic and public, so really no RNG is ever needed. Change provider handling - accepts "base", "openssl", or empty, otherwise throws a Provider_Not_Found exception.
* Remove Algo_Registry usage from public key code.Jack Lloyd2016-10-073-11/+11
| | | | | | | | Instead the key types exposes operations like `create_encryption_op` which will return the relevant operation if the algorithm supports it. Changes pubkey.h interface, now RNG is passed at init time. Blinder previous created its own RNG, now it takes it from app.
* Have cli cert_info parse multiple certs from fileJack Lloyd2016-10-021-3/+25
|
* Remove unused variableJack Lloyd2016-09-281-2/+0
| | | | [ci skip]
* Merge GH #634 Correctly detect self-signed certsJack Lloyd2016-09-241-4/+12
|\
| * Make cli sign_cert key pass param optionalRené Korthaus2016-09-231-4/+12
| |
* | Maintainer mode fixes.Jack Lloyd2016-09-211-1/+1
|/ | | | | | Mostly unused args and missing override notations. Fix DH - load_check calls were commented out for debugging.
* Merge GH #613 NewHope R-LWE key exchangeJack Lloyd2016-09-051-0/+77
|\
| * Newhope is really limited by RNG speed.Jack Lloyd2016-08-301-5/+33
| | | | | | | | 4x-8x overall speedup switching from HMAC_DRBG to ChaCha20
| * Add NEWHOPE KEM schemeJack Lloyd2016-08-301-0/+49
| | | | | | | | | | | | | | | | | | | | Provides conjectured 200-bit security against a quantum attacker. Based on the public domain reference implementation at https://github.com/tpoeppelmann/newhope and bit-for-bit compatible with that version. Test vectors generated by the reference testvector.c
* | Merge GH #616 ChaCha SSE2 optimizationsJack Lloyd2016-09-051-2/+3
|\ \
| * | 4x interleaved SSE2Jack Lloyd2016-09-011-2/+3
| | |
* | | Remove deprecated Nyberg-Rueppel and Rabin-Williams signaturesJack Lloyd2016-09-021-2/+0
|/ /
* | Merge master into this branch, resolving conflicts with #457/#576Jack Lloyd2016-08-316-67/+136
|\ \ | | | | | | | | | which recently landed on master.
| * | Maintainer mode fixesJack Lloyd2016-08-311-2/+2
| | |
| * | Fix another unused variable warningJack Lloyd2016-08-311-1/+1
| | |
| * | Merge GH #567/GH #457 TLS refactoring and Callbacks interfaceJack Lloyd2016-08-312-31/+25
| |\ \
| | * | Changes to TLS::Callbacks for GH PR #457Jack Lloyd2016-08-163-39/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make TLS::Channel::m_callbacks a reference, so deriving from TLS::Callbacks works Split out the compat (std::function) based interface to Compat_Callbacks. This avoids the overhead of empty std::functions when using the virtual interface, and ensures the virtual interface works since there is no callback path that does not involve a vtable lookup. Rename the TLS::Callback functions. Since the idea is that often an owning class will pass *this as the callbacks argument, it is good to namespace the virtual functions so as not to conflict with other names chosen by the class. Specifically, prefixes all cb functions with tls_ Revert changes to use the old style alert callback (with no longer used data/len params) so no API changes are required for old code. The new Callbacks interface continues to just receive the alert code itself. Switch to virtual function interface in CLI tls_client for testing. Inline tls_server_handshake_state.h - only used in tls_server.cpp Fix tests - test looked like it was creating a new client object but it was not actually being used. And when enabled, it failed because the queues were not being emptied in between. So, fix that.
| | * | Removed TLS::Session::PropertiesMatthias Gierlings2016-06-191-4/+3
| | | | | | | | | | | | | | | | | | | | - Removed proposed wrapper class to logically group TLS session properties.
| | * | Compatibility patch for TLS::Callback interfaceMatthias Gierlings2016-06-191-2/+2
| | | | | | | | | | | | | | | | | | | | - Added legacy constructor support for TLS::Channel, TLS::Client, TLS::Server.
| | * | Added virtual Callback InterfaceMatthias Gierlings2016-06-192-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - extracted inner class TLS::Channel::Callbacks to stand-alone class TLS::Callbacks. - provided default implementations for TLS::Callbacks members executing calls to std::function members for backward compatibility. - applied changes to cli, tests and TLS::Channel related classes to be compatible with new interface.
| | * | Implemented Feedback on GH #457Matthias Gierlings2016-06-193-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | - Removed deprecated TLS-Alert-Callback parameters. - Fixed improper naming of accessor for ALPN-Strings in tls_client.h - Fixed erroneous indentation on Ciphersuite Constructor.
| | * | Fix For Travis CI build errors on Mac-Systems.Matthias Gierlings2016-06-191-2/+2
| | | | | | | | | | | | | | | | - Corrected TLS::Server constructor call in CLI TLS-Proxy.
| | * | Reduction of code complexity in TLS classes.Matthias Gierlings2016-06-193-11/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | -reduced number of parameters in various methods -reduced cyclomatic complexity (McCabe-Metric) -removed "TLSEXT_HEARTBEAT_SUPPORT" from tls_extensions.h (leftover from heartbeat extension removal?)
| * | | Fix gen_bcrypt cmdletJack Lloyd2016-08-301-1/+1
| | | |
| * | | Add /etc/ssl/certs to default cert pathJack Lloyd2016-08-301-1/+1
| | |/ | |/| | | | | | | Really this should be configurable via flags...
| * | RNG changes (GH #593)Jack Lloyd2016-08-243-7/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Change reseed interval logic to count calls to `randomize` rather than bytes, to match SP 800-90A Changes RNG reseeding API: there is no implicit reference to the global entropy sources within the RNGs anymore. The entropy sources must be supplied with the API call. Adds support for reseding directly from another RNG (such as a system or hardware RNG). Stateful_RNG keeps optional references to both an RNG and a set of entropy sources. During a reseed, both sources are used if set. These can be provided to HMAC_DRBG constructor. For HMAC_DRBG, SP800-90A requires we output no more than 2**16 bytes per DRBG request. We treat requests longer than that as if the caller had instead made several sequential maximum-length requests. This means it is possible for one or more reseeds to trigger even in the course of generating a single (long) output (generate a 256-bit key and use ChaCha or HKDF if this is a problem). Adds RNG::randomize_with_ts_input which takes timestamps and uses them as the additional_data DRBG field. Stateful_RNG overrides this to also include the process ID and the reseed counter. AutoSeeded_RNG's `randomize` uses this. Officially deprecates RNG::make_rng and the Serialized_RNG construtor which creates an AutoSeeded_RNG. With these removed, it would be possible to perform a build with no AutoSeeded_RNG/HMAC_DRBG at all (eg, for applications which only use the system RNG). Tests courtesy @cordney in GH PRs #598 and #600
| * | Add RDRAND_RNGJack Lloyd2016-07-191-1/+14
| | | | | | | | | | | | | | | | | | | | | | | | For those that are willing to trust uninspectible hardware. :) Changes RDRAND entropy source to call RDRAND_RNG Add --rdrand flag to rng cmdlet
| * | Revamp entropy pollingJack Lloyd2016-07-171-20/+8
| | | | | | | | | | | | | | | Remove Entropy_Accumulator, instead have entropy sources directly add entropy to the RNG.
| * | HMAC_RNG not always in buildJack Lloyd2016-07-171-2/+7
| | |
| * | Update rng cli - can make multiple requestsJack Lloyd2016-07-171-5/+10
| | |
| * | Add Stateful_RNGJack Lloyd2016-07-171-4/+2
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | Handles fork checking for HMAC_RNG and HMAC_DRBG AutoSeeded_RNG change - switch to HMAC_DRBG as default. Start removing the io buffer from entropy poller. Update default RNG poll bits to 256. Fix McEliece test, was using wrong RNG API. Update docs.
| * Add FPE_FE1 runtime metricsJack Lloyd2016-05-231-0/+47
| |
* | Merge branch 'master' into Encrypt-then-MAC-with-policyJuraj Somorovsky2016-05-121-5/+7
|\| | | | | | | Merged recent changes and resolved minor conflicts in tls record classes.
| * Somewhat more helpful helpJack Lloyd2016-04-281-5/+7
| |