Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Some math deprecations | Jack Lloyd | 2020-11-05 | 1 | -2/+2 |
| | | | | | | | | | | | | | Mostly things that shouldn't be used (like almost Montgomery inverse, which isn't even constant time) or are very much just for internals (like the word-wise Montgomery inverse computation used for reduction). Make variable time division explicit; leaves plain divide as a call but it forwards to ct_divide now. All callers within the library are now explicitly consttime or vartime. Add a shortcut for modulus by one word - this hits quite often especially in the ECC code | ||||
* | Merge psk_db_sql.h into psk_db.h | Jack Lloyd | 2020-11-04 | 1 | -1/+1 |
| | |||||
* | Improve AVX-512 detection | Jack Lloyd | 2020-10-24 | 1 | -2/+0 |
| | |||||
* | Fix build problem | Jack Lloyd | 2020-10-01 | 1 | -2/+2 |
| | | | | I have no idea why preceeding commit broke this code | ||||
* | Fix some warnings in the Boost specific code/tests | Jack Lloyd | 2020-09-27 | 2 | -2/+2 |
| | |||||
* | using smart ptr over raw C workflow. | David Carlier | 2020-07-08 | 1 | -42/+29 |
| | | | | looping over permissions. | ||||
* | solaris/illumos build update and cli sandbox support proposal. | David Carlier | 2020-07-08 | 1 | -0/+54 |
| | |||||
* | Merge GH #2372 Update ECDSA timing_test | Jack Lloyd | 2020-06-18 | 1 | -7/+17 |
|\ | |||||
| * | Update ECDSA timing tests | René Fischer | 2020-06-17 | 1 | -7/+17 |
| | | | | | | | | | | Tests and implementation have diverged over time, which leads to false timing reports. | ||||
* | | Fix timing test when system_rng is disabled | Jack Lloyd | 2020-06-16 | 1 | -1/+1 |
|/ | | | | cli_make_rng expects the seed arg is a hex string | ||||
* | Minor cleanups to timing_test | Jack Lloyd | 2020-06-06 | 1 | -23/+24 |
| | |||||
* | Should be dl_group | René Fischer | 2020-06-05 | 1 | -4/+4 |
| | |||||
* | Fix cppcheck findings | René Fischer | 2020-06-05 | 2 | -24/+24 |
| | |||||
* | Add Processor_RNG | Jack Lloyd | 2020-05-08 | 2 | -13/+13 |
| | | | | | | | Replaces RDRAND_RNG, RDRAND entropy source, and DARN entropy source. Provides also DARN-based RNG interface. This also gives an easy path for supporting the ARMv8 RNG instructions. | ||||
* | In the cli, init the mlock allocator before entering sandbox | Jack Lloyd | 2020-04-09 | 1 | -1/+3 |
| | | | | | | | | Currently OpenBSD port disables pledge because pledge doesn't have a flag for mlock. By initializing first, we can still use the allocator. Later (during shutdown) the munlock call will fail but will just fail with ENOSYS which is ignored, then we munmap the memory to free it which will unlock as a side-effect. | ||||
* | FIX: build with --minimized-build --enable-modules=tls --with-boost | René Meusel | 2020-03-16 | 2 | -0/+2 |
| | |||||
* | Add a 'none' OS target for bare metal builds. | Jack Lloyd | 2020-03-14 | 2 | -2/+2 |
| | | | | GH #2303 | ||||
* | Merge GH #2298 Clean up prime generation logic | Jack Lloyd | 2020-03-06 | 1 | -6/+18 |
|\ | |||||
| * | Clean up prime generation logic slightly | Jack Lloyd | 2020-03-06 | 1 | -6/+18 |
| | | | | | | | | | | | | We were trying to generate safe primes using a weak check on q but actually this was rounded up to 128 bit probability check anyway. So just do that from the start then check p=2*q+1 | ||||
* | | Optimize inverse_mod | Jack Lloyd | 2020-03-06 | 1 | -18/+22 |
|/ | | | | About 25% faster | ||||
* | Reorder report from TLS HTTP test server cli | Jack Lloyd | 2020-03-04 | 1 | -1/+1 |
| | |||||
* | Remove use of Binary Extended Euclidean Algorithm for inversion | Jack Lloyd | 2020-03-01 | 1 | -10/+27 |
| | | | | | Instead use two specialized algorithms, one for odd modulus and the other for power of 2 modulus, then combine the results using CRT. | ||||
* | Add more tests for speed util | Jack Lloyd | 2020-02-09 | 1 | -2/+1 |
| | |||||
* | Add util to estimate speed of the CPU cycle counter | Jack Lloyd | 2020-01-29 | 1 | -0/+76 |
| | | | | Useful when doing performance testing. | ||||
* | Fix crashes in tls_client_hello printer cli | Jack Lloyd | 2020-01-16 | 1 | -2/+20 |
| | | | | | When we encountered a ciphersuite we didn't know about bad things happened. | ||||
* | Multithread the CLI tests | Jack Lloyd | 2019-12-09 | 1 | -1/+1 |
| | |||||
* | Fix warnings in CLI socket operations | Jack Lloyd | 2019-12-06 | 3 | -29/+54 |
| | | | | | | | | | Need to disable tls_client and tls_server here, at least temporarily. tls_client clearly never worked, because select on stdin doesn't work in Winsock. tls_server seems like it would work but has warnings that don't make any sense with certain versions of VC. | ||||
* | Add -Werror mode for CI build | Jack Lloyd | 2019-12-03 | 1 | -1/+1 |
| | |||||
* | Fix cli ldflags output | Jack Lloyd | 2019-11-15 | 1 | -1/+1 |
| | | | | GH #2199 #2109 | ||||
* | cli: pubkey: fingerprint: read from stdin | Nuno Goncalves | 2019-11-11 | 1 | -2/+5 |
| | | | | Signed-off-by: Nuno Goncalves <[email protected]> | ||||
* | format code | Nuno Goncalves | 2019-11-10 | 1 | -15/+15 |
| | | | | Signed-off-by: Nuno Goncalves <[email protected]> | ||||
* | CLI encryption can exist without AES if with AEAD_CHACHA20_POLY1305 | Nuno Goncalves | 2019-11-10 | 1 | -1/+1 |
| | | | | Signed-off-by: Nuno Goncalves <[email protected]> | ||||
* | silence trivial warnings | Nuno Goncalves | 2019-10-20 | 1 | -0/+2 |
| | | | | Signed-off-by: Nuno Goncalves <[email protected]> | ||||
* | Merge GH #2143 Add Roughtime | Jack Lloyd | 2019-10-16 | 1 | -0/+215 |
|\ | |||||
| * | Add roughtime CLI | Nuno Goncalves | 2019-10-14 | 1 | -0/+215 |
| | | | | | | | | Signed-off-by: Nuno Goncalves <[email protected]> | ||||
* | | prefer std::shared_ptr to boost::shared_ptr | Nuno Goncalves | 2019-10-15 | 2 | -8/+4 |
|/ | |||||
* | Tweak block cipher encryption perf test | Jack Lloyd | 2019-10-03 | 1 | -2/+3 |
| | | | | | It was computing the block count from the byte length, which turned out to be about 15% of the total runtime when using AES-NI | ||||
* | Merge GH #2124 Add poly_dbl speed util | Jack Lloyd | 2019-09-28 | 1 | -0/+30 |
|\ | |||||
| * | Add poly_dbl speed util | Jack Lloyd | 2019-09-28 | 1 | -0/+30 |
| | | |||||
* | | OCB optimizations | Jack Lloyd | 2019-09-28 | 1 | -1/+1 |
|/ | | | | | | | Mostly avoiding/caching dynamic allocations. Also in speed, increment the IV from the low end which demonstrates OCB's enhanced handling of that case. | ||||
* | Fix small bug in is_prime speed test | Jack Lloyd | 2019-09-27 | 1 | -2/+2 |
| | | | | | | | We were testing p instead of p + i as intended. Also change the loop induction to work around what appears to be a lgtm false positive. | ||||
* | Add base32 encoding/decoding util to the cli | Jack Lloyd | 2019-09-23 | 1 | -1/+65 |
| | |||||
* | tls cli: getting real number of cores as possible. | David Carlier | 2019-09-14 | 2 | -2/+4 |
| | |||||
* | Add a variant of RandomNumberGenerator::random_vec | Jack Lloyd | 2019-09-13 | 1 | -2/+2 |
| | | | | | This avoids the unlock(rng.random_vec(...)) pattern which is pretty wasteful in terms of heap overhead. | ||||
* | Deprecate many publically available headers | Jack Lloyd | 2019-09-06 | 3 | -3/+2 |
| | |||||
* | Don't assume any particular kind of RNG is available in the cli | Jack Lloyd | 2019-08-30 | 5 | -71/+52 |
| | | | | Closes #2085 | ||||
* | Don't strictly require auto_rng in tls_proxy | Jack Lloyd | 2019-08-28 | 1 | -2/+11 |
| | | | | | | | Follow behavior of tls_http_server and use either system or auto_rng depending on availability. See #2085 | ||||
* | Add a cmdlet which allows sampling/testing raw entropy sources | Jack Lloyd | 2019-08-27 | 1 | -0/+104 |
| | |||||
* | Remove modexp based inversion from speed test | Jack Lloyd | 2019-08-23 | 1 | -9/+0 |
| | | | | Not competitive so not interesting | ||||
* | Merge GH #2051 Have cli sign util update stateful keys | Jack Lloyd | 2019-08-20 | 1 | -2/+16 |
|\ |