| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
precompute only as needed, or will want to access some other expensive
resource or etc.
Change how the secret for generating blinding is done in cases where a
PRNG isn't available. Use the operations public op to hide the secret,
for instance the seed for a DH blinding variable is 2^x mod p.
Make use of being able to mutate internal structures in the RW signer,
since that does have access to a PRNG, so use it to initialize the
blinder on first call to sign().
|
|
|
|
| |
exponentiation that has countermeasures against side-channel attacks.
|
| |
|
|
|
|
|
| |
Drop support for ElGamal and NR from GMP engine, leaving just DH, DSA,
and RSA
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
reinitialized. It would cache an Allocator pointer on first use,
and then never zero it, so after the reinit the pointer would be going
to a now deallocated Allocator object.
Encountered in the SoftHSM test suite, reported by Ondrej Sury.
Use a simple reference counting scheme to zero the pointer, and reset
the GNU MP memory functions. This also fixes a quite obscure and never
reported bug, that if the GMP engine was used, and if the library was
deinitialized but then the program tried to use GNU MP, the allocator
functions would crash. Now after deinit the allocator funcs revert to the
defaults.
The reference count is not updated atomically so this is not thread safe,
but seems a non-issue; the only time this could happen (especially now that
the GMP engine header is internal-only) is if multiple threads were attempting
to initialize / shutdown the library at once - which won't work anyway for
a variety of reasons, including contention on the (unlocked) global_lib_state
pointer.
If at some point thread safety is useful here, the refcnt can be locked by
a mutex, or kept in an atomic<unsigned int>.
|
|
|
|
| |
Move most of the engine headers to internal
|
| |
|
|
|
|
|
| |
Pretty much useless and unused, except for listing the module names in
build.h and the short versions totally suffice for that.
|
|
|
|
|
|
| |
the info.txt files with the right module dependencies.
Apply it across the codebase.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
up during the Fedora submission review, that each source file include some
text about the license. One handy Perl script later and each file now has
the line
Distributed under the terms of the Botan license
after the copyright notices.
While I was in there modifying every file anyway, I also stripped out the
remainder of the block comments (lots of astericks before and after the
text); this is stylistic thing I picked up when I was first learning C++
but in retrospect it is not a good style as the structure makes it harder
to modify comments (with the result that comments become fewer, shorter and
are less likely to be updated, which are not good things).
|
| |
|
|
|
|
|
| |
back to the toplevel since most othe dependencies have been removed now
(except get_cipher which still needs changes)
|
|
|
|
|
|
| |
(messy).
Remove unused libstate.h includes from a few files.
|
| |
|
|
|
|
| |
now be built with any or all public key algorithms disabled.
|
|
|
|
| |
Update dependencies as needed.
|
|
|
|
|
| |
since they assume all algos are available (need to be split up eventually,
so one can use OpenSSL module in a RSA-only or DSA-only Botan)
|
|
|
|
|
| |
them modules now. In any case there is no distinction so info.txt seems
better.
|
|
|