aboutsummaryrefslogtreecommitdiffstats
path: root/src/cli
Commit message (Collapse)AuthorAgeFilesLines
* Some math deprecationsJack Lloyd2020-11-051-2/+2
| | | | | | | | | | | | | Mostly things that shouldn't be used (like almost Montgomery inverse, which isn't even constant time) or are very much just for internals (like the word-wise Montgomery inverse computation used for reduction). Make variable time division explicit; leaves plain divide as a call but it forwards to ct_divide now. All callers within the library are now explicitly consttime or vartime. Add a shortcut for modulus by one word - this hits quite often especially in the ECC code
* Merge psk_db_sql.h into psk_db.hJack Lloyd2020-11-041-1/+1
|
* Improve AVX-512 detectionJack Lloyd2020-10-241-2/+0
|
* Fix build problemJack Lloyd2020-10-011-2/+2
| | | | I have no idea why preceeding commit broke this code
* Fix some warnings in the Boost specific code/testsJack Lloyd2020-09-272-2/+2
|
* using smart ptr over raw C workflow.David Carlier2020-07-081-42/+29
| | | | looping over permissions.
* solaris/illumos build update and cli sandbox support proposal.David Carlier2020-07-081-0/+54
|
* Merge GH #2372 Update ECDSA timing_testJack Lloyd2020-06-181-7/+17
|\
| * Update ECDSA timing testsRené Fischer2020-06-171-7/+17
| | | | | | | | | | Tests and implementation have diverged over time, which leads to false timing reports.
* | Fix timing test when system_rng is disabledJack Lloyd2020-06-161-1/+1
|/ | | | cli_make_rng expects the seed arg is a hex string
* Minor cleanups to timing_testJack Lloyd2020-06-061-23/+24
|
* Should be dl_groupRené Fischer2020-06-051-4/+4
|
* Fix cppcheck findingsRené Fischer2020-06-052-24/+24
|
* Add Processor_RNGJack Lloyd2020-05-082-13/+13
| | | | | | | Replaces RDRAND_RNG, RDRAND entropy source, and DARN entropy source. Provides also DARN-based RNG interface. This also gives an easy path for supporting the ARMv8 RNG instructions.
* In the cli, init the mlock allocator before entering sandboxJack Lloyd2020-04-091-1/+3
| | | | | | | | Currently OpenBSD port disables pledge because pledge doesn't have a flag for mlock. By initializing first, we can still use the allocator. Later (during shutdown) the munlock call will fail but will just fail with ENOSYS which is ignored, then we munmap the memory to free it which will unlock as a side-effect.
* FIX: build with --minimized-build --enable-modules=tls --with-boostRené Meusel2020-03-162-0/+2
|
* Add a 'none' OS target for bare metal builds.Jack Lloyd2020-03-142-2/+2
| | | | GH #2303
* Merge GH #2298 Clean up prime generation logicJack Lloyd2020-03-061-6/+18
|\
| * Clean up prime generation logic slightlyJack Lloyd2020-03-061-6/+18
| | | | | | | | | | | | We were trying to generate safe primes using a weak check on q but actually this was rounded up to 128 bit probability check anyway. So just do that from the start then check p=2*q+1
* | Optimize inverse_modJack Lloyd2020-03-061-18/+22
|/ | | | About 25% faster
* Reorder report from TLS HTTP test server cliJack Lloyd2020-03-041-1/+1
|
* Remove use of Binary Extended Euclidean Algorithm for inversionJack Lloyd2020-03-011-10/+27
| | | | | Instead use two specialized algorithms, one for odd modulus and the other for power of 2 modulus, then combine the results using CRT.
* Add more tests for speed utilJack Lloyd2020-02-091-2/+1
|
* Add util to estimate speed of the CPU cycle counterJack Lloyd2020-01-291-0/+76
| | | | Useful when doing performance testing.
* Fix crashes in tls_client_hello printer cliJack Lloyd2020-01-161-2/+20
| | | | | When we encountered a ciphersuite we didn't know about bad things happened.
* Multithread the CLI testsJack Lloyd2019-12-091-1/+1
|
* Fix warnings in CLI socket operationsJack Lloyd2019-12-063-29/+54
| | | | | | | | | Need to disable tls_client and tls_server here, at least temporarily. tls_client clearly never worked, because select on stdin doesn't work in Winsock. tls_server seems like it would work but has warnings that don't make any sense with certain versions of VC.
* Add -Werror mode for CI buildJack Lloyd2019-12-031-1/+1
|
* Fix cli ldflags outputJack Lloyd2019-11-151-1/+1
| | | | GH #2199 #2109
* cli: pubkey: fingerprint: read from stdinNuno Goncalves2019-11-111-2/+5
| | | | Signed-off-by: Nuno Goncalves <[email protected]>
* format codeNuno Goncalves2019-11-101-15/+15
| | | | Signed-off-by: Nuno Goncalves <[email protected]>
* CLI encryption can exist without AES if with AEAD_CHACHA20_POLY1305Nuno Goncalves2019-11-101-1/+1
| | | | Signed-off-by: Nuno Goncalves <[email protected]>
* silence trivial warningsNuno Goncalves2019-10-201-0/+2
| | | | Signed-off-by: Nuno Goncalves <[email protected]>
* Merge GH #2143 Add RoughtimeJack Lloyd2019-10-161-0/+215
|\
| * Add roughtime CLINuno Goncalves2019-10-141-0/+215
| | | | | | | | Signed-off-by: Nuno Goncalves <[email protected]>
* | prefer std::shared_ptr to boost::shared_ptrNuno Goncalves2019-10-152-8/+4
|/
* Tweak block cipher encryption perf testJack Lloyd2019-10-031-2/+3
| | | | | It was computing the block count from the byte length, which turned out to be about 15% of the total runtime when using AES-NI
* Merge GH #2124 Add poly_dbl speed utilJack Lloyd2019-09-281-0/+30
|\
| * Add poly_dbl speed utilJack Lloyd2019-09-281-0/+30
| |
* | OCB optimizationsJack Lloyd2019-09-281-1/+1
|/ | | | | | | Mostly avoiding/caching dynamic allocations. Also in speed, increment the IV from the low end which demonstrates OCB's enhanced handling of that case.
* Fix small bug in is_prime speed testJack Lloyd2019-09-271-2/+2
| | | | | | | We were testing p instead of p + i as intended. Also change the loop induction to work around what appears to be a lgtm false positive.
* Add base32 encoding/decoding util to the cliJack Lloyd2019-09-231-1/+65
|
* tls cli: getting real number of cores as possible.David Carlier2019-09-142-2/+4
|
* Add a variant of RandomNumberGenerator::random_vecJack Lloyd2019-09-131-2/+2
| | | | | This avoids the unlock(rng.random_vec(...)) pattern which is pretty wasteful in terms of heap overhead.
* Deprecate many publically available headersJack Lloyd2019-09-063-3/+2
|
* Don't assume any particular kind of RNG is available in the cliJack Lloyd2019-08-305-71/+52
| | | | Closes #2085
* Don't strictly require auto_rng in tls_proxyJack Lloyd2019-08-281-2/+11
| | | | | | | Follow behavior of tls_http_server and use either system or auto_rng depending on availability. See #2085
* Add a cmdlet which allows sampling/testing raw entropy sourcesJack Lloyd2019-08-271-0/+104
|
* Remove modexp based inversion from speed testJack Lloyd2019-08-231-9/+0
| | | | Not competitive so not interesting
* Merge GH #2051 Have cli sign util update stateful keysJack Lloyd2019-08-201-2/+16
|\