aboutsummaryrefslogtreecommitdiffstats
path: root/src/cmd
Commit message (Collapse)AuthorAgeFilesLines
* Add prime and dl_group command line tools.Jack Lloyd2015-10-152-0/+133
| | | | | | Some cleanups in random_prime. Increase probability in prime tests from 1/2**64 to 1/2**128. Also break out of the sieve loop early if it has failed.
* Add support for RSA signing and verification via OpenSSLJack Lloyd2015-10-141-2/+2
|
* Expose providers for public key operationsJack Lloyd2015-10-143-18/+29
| | | | | | | | For PK_Encryptor and company they are requested via a new provider param to the constructors. The speed command gets a --provider option so you can see benchmark results with the different versions.
* McEliece cleanupsJack Lloyd2015-09-292-9/+127
| | | | | | | | | | | | | | | | | | | | Remove and consolidate various headers Reduce memory usage of GF2m_Field by sharing the log and exponent tables across all instances of a particular word size. Remove McEliece_Public_Operation and McEliece_Private_Operation which were difficult to use safely. Instead only the KEM operations are exposed. Add McEliece_PublicKey::random_plaintext_element Add command line `mce` tool and some McEliece documentation Convert the speed program to check McEliece keys of the suggested size Add McEliece KATs for both key generation and KEM Fix HMAC_DRBG constructor which derefed a pointer before its time
* Remove use of lookup.h in favor of new T::create API.Jack Lloyd2015-09-211-1/+0
|
* Remove unneeded includes and clean up socket feature testJack Lloyd2015-08-294-12/+8
|
* PK speed reporting improvements.Jack Lloyd2015-08-281-4/+9
| | | | | | | | | | Increment the input message so each value is different rather than repeatedly hashing the same message until we regen a new random one. In ECDSA speed test be explicit about what group is being used. Remove 160 bit groups from ECC benchmarking; 80 bits is not enough anymore so doesn't much matter.
* Merge pull request #163 from cordney/add-pkcs8-cmdJack Lloyd2015-08-281-0/+77
|\ | | | | Add PKCS#8 private/public key processing tool GH #163
| * Don't register PKCS8 cmdline app when build without pubkey moduleRené Korthaus2015-07-171-0/+4
| |
| * Check minimum arguments and print helpRené Korthaus2015-07-151-1/+7
| |
| * Return !=0 on errorRené Korthaus2015-07-151-0/+1
| |
| * Add PKCS#8 private/public key processing toolRené Korthaus2015-07-011-0/+66
| | | | | | | | | | | | | | | | | | | | | | | | This tool works similar to 'openssl pkey' in that it allows to read a private key from file and output the private or corresponding public key to file. It also allows changing a private key passphrase this way. This tool comes in handy when replacing use of openssl in scripts. The syntax is: botan pkcs8 --in=private.pem --out=key_out.pem [--pubout] [--passin=] [--passout=] [--pbe=]
* | Refactor ./botan speedSimon Warta2015-08-218-92/+226
| | | | | | | | | | | | | | * Add random_prime benchmark * Add is_prime benchmark * Respect runtime in benchmark_transform(). This sets default runtime from 2s to 0.5s per configuration
* | Merge pull request #235 from tiwoc/overridesSimon Warta2015-08-081-1/+1
|\ \ | | | | | | Add two missing overrides and fix bug in fuzzer relating to these
| * | Add override and fix signature of Fuzzer_Creds::psk_identity()Daniel Seither2015-08-031-1/+1
| | |
* | | Remove unused pkcs8 includesSimon Warta2015-08-035-0/+5
|/ / | | | | | | Only botan-cli, botan-tests and the FFI module depend on PKCS8
* | cmd: Add missing overridesDaniel Seither2015-07-302-6/+6
| |
* | Fix fuzzer.cpp to compile even if x509 or tls is disabledJack Lloyd2015-07-111-12/+31
| |
* | Add an application to the command line providing a fuzzer entry point.Jack Lloyd2015-07-111-0/+122
| |
* | Avoid building tls_server on MinGW. GH #39Jack Lloyd2015-07-051-3/+3
| |
* | Make ./configure.py --no-autoload --enable-modules='adler32,dlies' compileSimon Warta2015-07-031-3/+3
| |
* | Make Botan compile when only some modules are enabledSimon Warta2015-07-0318-31/+80
|/ | | | Fixes #146.
* Get rid of unused parmeter warning in credentials.hSimon Warta2015-06-261-1/+3
|
* Merge pull request #112 from cordney/increase-keygen-default-bitsSimon Warta2015-06-251-1/+1
|\ | | | | Increase default keysize to 2048 bit in keygen tool
| * Increase default keysize to 2048 bit in keygen toolRené Korthaus2015-06-171-1/+1
| | | | | | | | | | | | | | The keygen tool would generate a 1024 bit RSA key by default. As 1024 bit RSA is not considered secure from todays standards, default keysize is increased to 2048 bit.
* | Get rid of 3 unused warnings for argcSimon Warta2015-06-233-0/+8
| | | | | | | | | | - 2x use BOTAN_UNUSED when OptionParser is used - 1x argc is checked now
* | Merge pull request #130 from webmaster128/fstreamSimon Warta2015-06-233-6/+6
|\ \ | | | | | | ifstream/ostream take std::string
| * | ifstream/ostream take std::stringSimon Warta2015-06-233-6/+6
| |/
* / Replace \n by std::endl in /src/cmdSimon Warta2015-06-2320-102/+102
|/ | | | to ensure proper flusing
* Fix various bugs found by Coverity scanner.lloyd2015-05-153-2/+11
| | | | | | | Uninitialized variables, missing divide by zero checks, missing virtual destructor, etc. Only thing serious is bug in TLS maximum fragment decoder; missing breaks in switch statement meant receiver would treat any negotiated max frament as 4k limit.
* Disable tls_client on MinGW, missing netdb.h GH#82joerg2015-04-271-1/+1
|
* Move the signature padding schemes to the PK operation classes,lloyd2015-03-231-6/+3
| | | | | | | | | as was previously done with encrypt/decrypt ops. One feature dropped on the floor here is previously PK_Signer by default did verification of signatures before releasing them as an measure against fault attacks. However in addition to being expensive this turned out to be difficult to implement with the new scheme.
* Add ALPN (RFC 7301) and remove NPNlloyd2015-03-202-17/+20
|
* Comile fixes for VC 2013. Based on github pull 56neusdan2015-03-101-3/+2
|
* Cleanupslloyd2015-03-081-0/+4
|
* Fix memory leak in TLS tests. Remove last few remaining uses of auto_ptr.lloyd2015-03-084-4/+4
|
* Hide all uses of boost filesystem in fs.cpp. Use readdir as anlloyd2015-02-212-2/+2
| | | | | alternate implementation for Unix and add some feature checks so a boost-free build of the tests and command line are possible again.
* Mark modules pulling in external deps (zlib, boost, etc) as such, andlloyd2015-02-061-1/+1
| | | | | | notify the user when they are enabled. Drop botan-config, replaced by `botan config` command added in 1.11.8
* Fix build problem with recent LZMA library.lloyd2015-02-051-4/+4
| | | | | | Fix retreival of LZMA and bzip2 compressors from make_compressor. Allow setting compression level from command line.
* Enable OpenSSL for providing ciphers and hashes again.lloyd2015-02-051-10/+13
|
* Remove algo factory, engines, global RNG, global state, etc.lloyd2015-02-044-18/+8
| | | | | | | | | | | | | | | Convert all uses of Algorithm_Factory and the engines to using Algo_Registry The shared pool of entropy sources remains but is moved to EntropySource. With that and few remaining initializations (default OIDs and aliases) moved elsewhere, the global state is empty and init and shutdown are no-ops. Remove almost all of the headers and code for handling the global state, except LibraryInitializer which remains as a compatability stub. Update seeding for blinding so only one hacky almost-global RNG instance needs to be setup instead of across all pubkey uses (it uses either the system RNG or an AutoSeeded_RNG if the system RNG is not available).
* Add a runtime map of string->func() which when called returnlloyd2015-01-282-5/+17
| | | | | | | | | | | | | | | | | Transforms and BlockCiphers. Registration for all types is done at startup but is very cheap as just a std::function and a std::map entry are created, no actual objects are created until needed. This is a huge improvement over Algorithm_Factory which used T::clone() as the function and thus kept a prototype object of each type in memory. Replace existing lookup mechanisms for ciphers, AEADs, and compression to use the transform lookup. The existing Engine framework remains in place for BlockCipher, but the engines now just call to the registry instead of having hardcoded lookups. s/Transformation/Transform/ with typedefs for compatability. Remove lib/selftest code (for runtime selftesting): not the right approach.
* Add typedefs for function signatures/types used in TLS for easier readinglloyd2015-01-271-12/+16
|
* Fix Clang compilelloyd2015-01-231-1/+1
|
* Centralize where string.h/cstring is included to mem_ops.hlloyd2015-01-232-2/+0
| | | | See github 42 for background
* Fixlloyd2015-01-111-2/+1
|
* Better to have a RNG state per connection and avoid lock contentionlloyd2015-01-111-18/+5
|
* Proxy tweakslloyd2015-01-111-3/+16
|
* Have TLS server take certificate and key from command linelloyd2015-01-114-395/+119
|
* Convert the asio server from a weird example server to a generic proxy server.lloyd2015-01-102-326/+592
|