| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |\
| |
| |
| |
| |
| | |
a4741cd07f50a9e1b29b0dd97c6fb8697c038ade)
to branch 'net.randombit.botan.cxx11' (head 116e5ff139c07000be431e07d3472cc8f3919b91)
|
| | |
| |
| |
| |
| |
| |
| | |
Much faster, especially when using 8192 bit groups as OpenSSL does by
default.
Use BOTAN_DLL symbol visibility macros.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
for this.
Add a new function that identifies a named SRP group from the N/g
params - this is important as we need to verify the SRP groups, the
easiest way to do that is to to force them to be a known/published
value.
Add the 1536, 3072, 4096, 6144, and 8192 bit groups from RFC 5054
|
| |\ \
| |/
|/|
| |
| |
| | |
0ceb9cde62a2b3614901ae85a53546d9fc641326)
to branch 'net.randombit.botan.cxx11' (head 777e65950ef3706a82e5df20dcca7fcc999ca533)
|
| | | |
|
| | |\
| | |
| | |
| | |
| | |
| | | |
39f53266912f33dc48e942b1b865ddcd6af66d8d)
to branch 'net.randombit.botan.cxx11' (head 0bf26cec09f71e75c547b4ec53365748c6d80d86)
|
| | |\ \
| | | |
| | | |
| | | |
| | | |
| | | | |
150bd11dd8090559ee1e83394b8283bf93a018de)
to branch 'net.randombit.botan.c++0x' (head 7480693bb3f1e8a4e039a3e7ba3d9a7007f9730e)
|
| | | | |
| | | |
| | | |
| | | | |
Use std::to_string in bcrypt
|
| | | |\ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
dd068808e5bf87c982765a8bcc314996053a5bdd)
to branch 'net.randombit.botan.c++0x' (head 34696d52a8148d64f7021b3e193fc56f051b9dd2)
|
| | | |\ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
13a0d36dac3709f3cb88e830ed7f8cab9e7433ab)
to branch 'net.randombit.botan.c++0x' (head 2221ad8796466e7e096645de77ba856a9c902d14)
|
| | | | |\ \ \
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
2841fb518e20d2fe0a374e4f6b08bdbb14d5d158)
to branch 'net.randombit.botan.c++0x' (head 0b9275139d6346bd3aa28d63bf8b8a03851d853d)
|
| | | | |\ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
6581b789d58717bc6acee5c6a248e2d44c636e40)
to branch 'net.randombit.botan.c++0x' (head 227a989ae94da8f4379ea4b9b0fc0ee8dbdde0c7)
|
| | | | |\ \ \ \ \
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
2898d79f992f27a328a3e41d34b46eb1052da0de)
to branch 'net.randombit.botan.c++0x' (head 6cba76268fd69a73195760c021b7f881b8a6552c)
|
| | | | | | | | | | |
|
| | | | | |\ \ \ \ \
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
a29c41b4a949207b1544096c3afab668f8b5179e)
to branch 'net.randombit.botan.c++0x' (head a9d0c2f805b3c20a4c648575d7256959db8329fe)
|
| | | | | | |\ \ \ \ \
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
0a3348f52bf558bc2282e1066c2913a72a1aeda5)
to branch 'net.randombit.botan.c++0x' (head 552c20ae8874f12da779fc25ea368e36e71cbfe8)
|
| | | | | | | |\ \ \ \ \
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
161b5c0300b72baa746f101fda1e2b4a7c71818c)
to branch 'net.randombit.botan.c++0x' (head 1fc3875bb8daf4ad0e90ba66db72642203cb9984)
|
| | | | | | | | |\ \ \ \ \
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
647eeb4f4cf8fa4cf487cdc463d48f09fe18658e)
to branch 'net.randombit.botan.c++0x' (head 2539675db91883b11895ddc5244721e93c413321)
|
| | | | | | | | |\ \ \ \ \ \
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
294e2082ce9231d6165276e2f2a4153a0116aca3)
to branch 'net.randombit.botan.c++0x' (head 0b695fad10f924601e07b009fcd781191fafcb28)
|
| | | | | | | | | | | | | | | |
|
| | |_|_|_|_|_|_|_|_|_|_|_|/
|/| | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
by TLS (relies on the finished message check). Add a class for reading
files created by GnuTLS's srptool.
|
| |/ / / / / / / / / / / /
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
interface but it's a plausible start. Will probably have more insights
after adding TLS hooks.
|
| | | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
standardized by NIST; the FPE currently included is just a random one
that was relatively easy to implement. Move the header to fpe_fe1.h,
and rename the function. Update the example and add some documentation
for it.
|
| | |_|_|_|_|_|_|_|_|_|/
|/| | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
added to the flags here.
|
| | | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
Set the upper limit on bcrypt hashing to workfactor 18, which takes
about 25 seconds to run on my desktop machine.
|
| | | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
used in OpenBSD. Tested as compatible with a common Java
implementation (http://www.mindrot.org/projects/jBCrypt/)
|
| | | | | | | | | | | | |
|
| | | | | | | | | | | | |
|
| |/ / / / / / / / / /
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
http://csrc.nist.gov/groups/ST/toolkit/documents/kms/key-wrap.pdf
|
| | |_|_|_|_|_|_|_|/
|/| | | | | | | | |
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
standalone/Pipe-free versions of it
|
| | | | | | | | | | |
|
| | |_|_|_|_|_|_|/
|/| | | | | | | |
|
| |/ / / / / / / |
|
| | | | | | | | |
|
| | | | | | | | |
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
and writes the bytes to the stream in big-endian order. Use it in
KDF2, MGF1, and FPE.
|
| | | | | | | | |
|
| | | | | | | | |
|
| | | | | | | | |
|
| | | | | | | | |
|
| | | | | | | | |
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Add RandomNumberGenerator::random_vec, which takes an length n and
returns a new SecureVector with randomized contents of that size. This
nicely covers most of the cases where randomize was being called on a
vector, and is a little cleaner in the code as well, instead of
vec.resize(length);
rng.randomize(&vec[0], vec.size());
we just write
vec = rng.random_vec(length);
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
representation (rather than in an interator context), instead use &buf[0],
which works for both MemoryRegion and std::vector
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
harmonising MemoryRegion with std::vector:
The MemoryRegion::clear() function would zeroise the buffer, but keep
the memory allocated and the size unchanged. This is very different
from STL's clear(), which is basically the equivalent to what is
called destroy() in MemoryRegion. So to be able to replace MemoryRegion
with a std::vector, we have to rename destroy() to clear() and we have
to expose the current functionality of clear() in some other way, since
vector doesn't support this operation. Do so by adding a global function
named zeroise() which takes a MemoryRegion which is zeroed. Remove clear()
to ensure all callers are updated.
|
| |/ / / / / /
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
container like vector, truncate is simply resize, but what
MemoryRegion called resize will zap the entire contents, and then what
was resize was called grow_to. This is really problematic in terms of
the goal of replacing MemoryRegion with a vector with a custom
allocator.
In this checkin:
- Remove MemoryRegion::grow_to and MemoryRegion::truncate
- Change the semantics of MemoryRegion::resize to change the size
while keeping any current contents intact (up to the new size),
zero initializing any new values.
Unrelated, just noticed the lack while I was in there, add a version
of CryptoBox::decrypt taking a std::string for the input.
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
really didn't need to.
The ones in symkey and big_code were actually calling accessor
functions to do the encoding themselves without a Pipe (should have
definitely recognized that as a code smell). These versions have
changed semantically with this checkin - previously they would completely
ignore bad inputs, but now invalid inputs are rejected. For instance, you
cannot say
SymmetricKey key("Only some of this is hex, most of it isn't");
And expect to get a valid key formed by filtering out the non-hex
characters and then decoding it. This is almost certainly a good thing.
Also fix include in Botan.xs
|
| |/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
which PRF they want to use. The old interface just calls this new
version with alg_id set to 0 which is HMAC(SHA-1), which was
previously the only supported PRF.
Assign new codepoints for HMAC(SHA-256) and CMAC(Blowfish) to allow
their use with passhash9.
Have the generate+check tests run a test for each supported PRF.
|
| |/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
namespace, but this causes backwards compat problems, since cryptobox
is already in 1.8, and also it's likely that other functions along
these lines will be useful at some point (eg using RSA encryption
instead of a passphrase for the key transfer).
|
