aboutsummaryrefslogtreecommitdiffstats
path: root/src/engine
Commit message (Collapse)AuthorAgeFilesLines
* Avoid unused parameter warninglloyd2010-06-221-1/+1
|
* Doxygenlloyd2010-06-221-0/+7
|
* Compilation fixeslloyd2010-06-161-1/+3
|
* Move the implemention of the functions in the Engine base class into alloyd2010-06-163-33/+101
| | | | | | | source file. Otherwise we ran into a conflict between Doxygen comments, which require us to name the params, and GCC's -Wunused-parameters, which will warn about parameters which aren't being used.
* Doxygen commentslloyd2010-06-161-14/+82
|
* Kill dead/unused functionlloyd2010-06-161-2/+0
|
* Also for Default_Enginelloyd2010-06-161-1/+0
|
* Don't hide funcions in engine subclasses that are public in baselloyd2010-06-165-5/+5
|
* More Doxygen updates/fixeslloyd2010-06-1510-11/+24
|
* Use "/*" instead of "/**" in starting comments at the begining of a file.lloyd2010-06-076-6/+6
| | | | | This caused Doxygen to think this was markup meant for it, which really caused some clutter in the namespace page.
* Remove FORK-256; it's obscure and has been definitively broken.lloyd2010-05-251-9/+0
| | | | | More commentary posted to the list: http://lists.randombit.net/pipermail/botan-devel/2010-May/001123.html
* Add Comb4P hash combiner, as described in Anja Lehmann's thesis.lloyd2010-04-171-0/+15
|
* Remove unneeded includeslloyd2010-03-152-23/+4
|
* Fix GOST, wasn't getting found in enginelloyd2010-03-131-3/+3
|
* Deconstify PK_Ops. It's quite reasonable that some op will want tolloyd2010-03-092-19/+19
| | | | | | | | | | | | | precompute only as needed, or will want to access some other expensive resource or etc. Change how the secret for generating blinding is done in cases where a PRNG isn't available. Use the operations public op to hide the secret, for instance the seed for a DH blinding variable is 2^x mod p. Make use of being able to mutate internal structures in the RW signer, since that does have access to a PRNG, so use it to initialize the blinder on first call to sign().
* On GMP 5.0 and later, use mpz_powm_sec, which is a version of modularlloyd2010-03-051-0/+6
| | | | exponentiation that has countermeasures against side-channel attacks.
* Update OpenSSL engine for new interface. Similiar to GMP engine, droplloyd2010-03-059-503/+356
| | | | support for ElGamal and NR, leaving only RSA, DSA, and DH support.
* Add GMP PK filelloyd2010-03-051-0/+344
|
* Update GMP engine with new PK operations interface.lloyd2010-03-058-481/+11
| | | | | Drop support for ElGamal and NR from GMP engine, leaving just DH, DSA, and RSA
* Remove IF_Corelloyd2010-03-053-31/+0
|
* Add RSA encrypt/decrypt opslloyd2010-03-051-6/+6
|
* Add ops for ElGamal encryption and decryption.lloyd2010-03-053-31/+48
| | | | | Note: blinding is not currently being used for RSA, RW, DH or ElGamal, which used to have them. This should be added back before release.
* Rename PK_Ops::Signature_Operation to PK_Ops::Signaturelloyd2010-03-053-6/+6
| | | | Rename PK_Ops::KA_Operation to PK_Ops::Key_Agreement
* Remove NR and DSA specific hookslloyd2010-03-053-67/+3
|
* Add verification ops for all signature key typeslloyd2010-03-053-0/+44
|
* Add signature generation operation classes. Remove sign() fromlloyd2010-03-053-2/+77
| | | | | | PK_Signing_Key, though for the moment the class remains because there are a few pieces of code that use it to detect if signatures are supported, or for passing to functions in look_pk
* This checkin represents a pretty major change in how PK operations arelloyd2010-03-044-25/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | | performed. Up until now, each key object (eg DSA_PublicKey or ECDH_PrivateKey) had two jobs: contain the key material, and know how to perform any operations on that key. However because of a desire to support alternative implementations (GNU MP, hardware, whatever), there was a notion of operations, with the key objects containing an op that they got via engine rather than actually implementing the underlying algorithms directly. Now, represent the operation as an abstract interface (typically mapping a byte string to a byte string), and pass a plain Public_Key& or Private_Key& to the engine. The engine does any checks it wants (eg based on name, typeid, key sizes, etc), and either returns nothing (I'll pass) or a pointer to a new operation that represents signatures or encryption or what-have-you using that key. This means that plain key objects no longer contain operations. This is a major break with the traditional interface. On the other hand, using these 'bare' operations without padding, KDFs, etc is 99% of the time a bad idea anyway (and if you really need them, there are options so you get the bare op but via the pubkey.h interfaces). Currently this change is only implemented for DH and ECDH (ie, key agreement algorithms). Additionally the optional engines (gnump and openssl) have not been updated. I'll probably wait to touch those until after I can change them all in one go for all algos.
* Kill ECKAEG_Oplloyd2010-03-023-34/+0
|
* Remove ECDSA_Op and its attendant bitslloyd2010-03-023-34/+0
|
* Prevent a crash in GMP_Engine if the library is shutdown and thenlloyd2010-01-222-12/+17
| | | | | | | | | | | | | | | | | | | | | | | | | reinitialized. It would cache an Allocator pointer on first use, and then never zero it, so after the reinit the pointer would be going to a now deallocated Allocator object. Encountered in the SoftHSM test suite, reported by Ondrej Sury. Use a simple reference counting scheme to zero the pointer, and reset the GNU MP memory functions. This also fixes a quite obscure and never reported bug, that if the GMP engine was used, and if the library was deinitialized but then the program tried to use GNU MP, the allocator functions would crash. Now after deinit the allocator funcs revert to the defaults. The reference count is not updated atomically so this is not thread safe, but seems a non-issue; the only time this could happen (especially now that the GMP engine header is internal-only) is if multiple threads were attempting to initialize / shutdown the library at once - which won't work anyway for a variety of reasons, including contention on the (unlocked) global_lib_state pointer. If at some point thread safety is useful here, the refcnt can be locked by a mutex, or kept in an atomic<unsigned int>.
* Add SIMD version of Noekeon. On a Core2, about 2.7x faster using SIMD_SSE2lloyd2010-01-121-0/+9
| | | | and 1.6x faster using SIMD_Scalar.
* Add block cipher cascadelloyd2010-01-111-0/+15
|
* Remove stubs for VIA Padlock support. I have no plans to implement itlloyd2010-01-051-17/+0
| | | | | | and don't even have access to a VIA with AES so could not test it anyway. If someone else wants to do it, then the implementation for AES-NI should provide a good template.
* Fix compile; aes engine header is internallloyd2010-01-041-1/+2
|
* Add last nights project, an SSE2 implementation of IDEA. Right about 4xlloyd2009-12-231-4/+10
| | | | faster than the scalar version on a Core2.
* Add missing BOTAN_DLL exports.lloyd2009-12-1644-62/+88
| | | | Move most of the engine headers to internal
* Full working amalgamation build, plus internal-only headers concept.lloyd2009-12-167-26/+27
|
* Make sure the SIMD_32 implementation we're using actually works on thelloyd2009-11-241-0/+4
| | | | system before returning a new instance.
* Add AES-192 using AES-NI. Tested OK with Intel's simulator.lloyd2009-11-101-2/+0
| | | | | | | Currently requires SSE4.1 for _mm_extract_epi32 for the key schedule, it would be nice to remove this dependency, though all currently known/scheduled chips with AES-NI (Intel Westmere and Sandy Bridge, and AMD Bulldozer) are supposed to include SSE 4.1 so this is not a huge problem.
* Rename CPUID::has_intel_aes to has_aes_intel, and add CPUID::has_aes_via,lloyd2009-11-101-2/+2
| | | | which is currently just a stub returning false.
* Fix errors in the AES-256 key schedule for the AES-NI version. Now passeslloyd2009-11-101-1/+1
| | | | | | | | | tests under Intel's emulator. Document and enable in the engine. Merge both versions to aes_intel.cpp - some shared code and much similiar structure which might be sharable via macros.
* Add a new need_isa marker for info.txt that lets a module dependlloyd2009-11-061-5/+5
| | | | | | | | | | | | on a particular ISA extension rather than a list of CPUs. Much easier to edit and audit, too. Add markers on the AES-NI code and SHA-1/SSE2. Serpent and XTEA don't need it because they are generic and only depend on simd_32 which will silenty swap out a scalar version if SSE2/AltiVec isn't enabled (since it turns out on supersclar processors just doing 4 blocks in parallel can be a win even in GPRs). Add pentium3 to the list of CPUs with rdtsc, was missing. Odd!
* Add a complete but untested AES-128 using the AES-NI intrinsics.lloyd2009-11-061-10/+8
| | | | | | | | | | | | | | | | | | From looking at how key gen works in particular, it seems easiest to provide only AES-128, AES-192, and AES-256 and not a general AES class that can accept any key length. This also has the bonus of allowing full loop unrolling which may be a win (how much so will depend on the latency/throughput of the AES instructions which is currently unknown). No block interleaving, though of course it works very nicely here, simply due to the desire to keep things simple until what is currently here can actually be tested. (Intel has an emulator that is supposed to work but just crashes on my machine...) I'm not entirely sure if byte swapping is required. Intel has a white paper out that suggests it isn't (and really it would have been stupid of them to not build this into the aes instructions), but who knows. If it turns out to be necessary there is a pretty fast bswap instruction for SSE anyway.
* Stub for AES class using Intel's AES-NI instructions and an engine forlloyd2009-11-063-0/+85
| | | | | providing it. Also stubs in the engine for VIA's AES instructions, but needs CPUID checking also.
* Rename sse2 engine to simdlloyd2009-10-291-1/+1
|
* propagate from branch 'net.randombit.botan' (head ↵lloyd2009-10-295-76/+61
|\ | | | | | | | | | | 8fb69dd1c599ada1008c4cab2a6d502cbcc468e0) to branch 'net.randombit.botan.general-simd' (head c05c9a6d398659891fb8cca170ed514ea7e6476d)
| * Rename SSE2 stuff to be generally SIMD since it supports at least SSE2lloyd2009-10-295-87/+63
| | | | | | | | and Altivec (though Altivec is seemingly slower ATM...)
| * Add a wrapper for a set of SSE2 operations with convenient syntax for 4x32lloyd2009-10-261-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | operations. Also add a pure scalar code version. Convert Serpent to use this new interface, and add an implementation of XTEA in SIMD. The wrappers plus the scalar version allow SIMD-ish code to work on all platforms. This is often a win due to better ILP being visible to the processor (as with the recent XTEA optimizations). Only real danger is register starvation, mostly an issue on x86 these days. So it may (or may not) be a win to consolidate the standard C++ versions and the SIMD versions together. Future work: - Add AltiVec/VMX version - Maybe also for ARM's NEON extension? Less pressing, I would think. - Convert SHA-1 code to use SIMD_32 - Add XTEA SIMD decryption (currently only encrypt) - Change SSE2 engine to SIMD_engine - Modify configure.py to set BOTAN_TARGET_CPU_HAS_[SSE2|ALTIVEC|NEON|XXX] macros
* | Remove the 'realname' attribute on all modules and cc/cpu/os info files.lloyd2009-10-297-14/+0
|/ | | | | Pretty much useless and unused, except for listing the module names in build.h and the short versions totally suffice for that.
* Remove all exception specifications. The way these are designed in C++ islloyd2009-10-223-5/+5
| | | | | | just too fragile and not that useful. Something like Java's checked exceptions might be nice, but simply killing the process entirely if an unexpected exception is thrown is not exactly useful for something trying to be robust.
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-29 11:38:07 +0000