aboutsummaryrefslogtreecommitdiffstats
path: root/src/engine
Commit message (Collapse)AuthorAgeFilesLines
* Prevent a crash in GMP_Engine if the library is shutdown and thenlloyd2010-01-222-12/+17
| | | | | | | | | | | | | | | | | | | | | | | | | reinitialized. It would cache an Allocator pointer on first use, and then never zero it, so after the reinit the pointer would be going to a now deallocated Allocator object. Encountered in the SoftHSM test suite, reported by Ondrej Sury. Use a simple reference counting scheme to zero the pointer, and reset the GNU MP memory functions. This also fixes a quite obscure and never reported bug, that if the GMP engine was used, and if the library was deinitialized but then the program tried to use GNU MP, the allocator functions would crash. Now after deinit the allocator funcs revert to the defaults. The reference count is not updated atomically so this is not thread safe, but seems a non-issue; the only time this could happen (especially now that the GMP engine header is internal-only) is if multiple threads were attempting to initialize / shutdown the library at once - which won't work anyway for a variety of reasons, including contention on the (unlocked) global_lib_state pointer. If at some point thread safety is useful here, the refcnt can be locked by a mutex, or kept in an atomic<unsigned int>.
* Add SIMD version of Noekeon. On a Core2, about 2.7x faster using SIMD_SSE2lloyd2010-01-121-0/+9
| | | | and 1.6x faster using SIMD_Scalar.
* Add block cipher cascadelloyd2010-01-111-0/+15
|
* Remove stubs for VIA Padlock support. I have no plans to implement itlloyd2010-01-051-17/+0
| | | | | | and don't even have access to a VIA with AES so could not test it anyway. If someone else wants to do it, then the implementation for AES-NI should provide a good template.
* Fix compile; aes engine header is internallloyd2010-01-041-1/+2
|
* Add last nights project, an SSE2 implementation of IDEA. Right about 4xlloyd2009-12-231-4/+10
| | | | faster than the scalar version on a Core2.
* Add missing BOTAN_DLL exports.lloyd2009-12-1644-62/+88
| | | | Move most of the engine headers to internal
* Full working amalgamation build, plus internal-only headers concept.lloyd2009-12-167-26/+27
|
* Make sure the SIMD_32 implementation we're using actually works on thelloyd2009-11-241-0/+4
| | | | system before returning a new instance.
* Add AES-192 using AES-NI. Tested OK with Intel's simulator.lloyd2009-11-101-2/+0
| | | | | | | Currently requires SSE4.1 for _mm_extract_epi32 for the key schedule, it would be nice to remove this dependency, though all currently known/scheduled chips with AES-NI (Intel Westmere and Sandy Bridge, and AMD Bulldozer) are supposed to include SSE 4.1 so this is not a huge problem.
* Rename CPUID::has_intel_aes to has_aes_intel, and add CPUID::has_aes_via,lloyd2009-11-101-2/+2
| | | | which is currently just a stub returning false.
* Fix errors in the AES-256 key schedule for the AES-NI version. Now passeslloyd2009-11-101-1/+1
| | | | | | | | | tests under Intel's emulator. Document and enable in the engine. Merge both versions to aes_intel.cpp - some shared code and much similiar structure which might be sharable via macros.
* Add a new need_isa marker for info.txt that lets a module dependlloyd2009-11-061-5/+5
| | | | | | | | | | | | on a particular ISA extension rather than a list of CPUs. Much easier to edit and audit, too. Add markers on the AES-NI code and SHA-1/SSE2. Serpent and XTEA don't need it because they are generic and only depend on simd_32 which will silenty swap out a scalar version if SSE2/AltiVec isn't enabled (since it turns out on supersclar processors just doing 4 blocks in parallel can be a win even in GPRs). Add pentium3 to the list of CPUs with rdtsc, was missing. Odd!
* Add a complete but untested AES-128 using the AES-NI intrinsics.lloyd2009-11-061-10/+8
| | | | | | | | | | | | | | | | | | From looking at how key gen works in particular, it seems easiest to provide only AES-128, AES-192, and AES-256 and not a general AES class that can accept any key length. This also has the bonus of allowing full loop unrolling which may be a win (how much so will depend on the latency/throughput of the AES instructions which is currently unknown). No block interleaving, though of course it works very nicely here, simply due to the desire to keep things simple until what is currently here can actually be tested. (Intel has an emulator that is supposed to work but just crashes on my machine...) I'm not entirely sure if byte swapping is required. Intel has a white paper out that suggests it isn't (and really it would have been stupid of them to not build this into the aes instructions), but who knows. If it turns out to be necessary there is a pretty fast bswap instruction for SSE anyway.
* Stub for AES class using Intel's AES-NI instructions and an engine forlloyd2009-11-063-0/+85
| | | | | providing it. Also stubs in the engine for VIA's AES instructions, but needs CPUID checking also.
* Rename sse2 engine to simdlloyd2009-10-291-1/+1
|
* propagate from branch 'net.randombit.botan' (head ↵lloyd2009-10-295-76/+61
|\ | | | | | | | | | | 8fb69dd1c599ada1008c4cab2a6d502cbcc468e0) to branch 'net.randombit.botan.general-simd' (head c05c9a6d398659891fb8cca170ed514ea7e6476d)
| * Rename SSE2 stuff to be generally SIMD since it supports at least SSE2lloyd2009-10-295-87/+63
| | | | | | | | and Altivec (though Altivec is seemingly slower ATM...)
| * Add a wrapper for a set of SSE2 operations with convenient syntax for 4x32lloyd2009-10-261-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | operations. Also add a pure scalar code version. Convert Serpent to use this new interface, and add an implementation of XTEA in SIMD. The wrappers plus the scalar version allow SIMD-ish code to work on all platforms. This is often a win due to better ILP being visible to the processor (as with the recent XTEA optimizations). Only real danger is register starvation, mostly an issue on x86 these days. So it may (or may not) be a win to consolidate the standard C++ versions and the SIMD versions together. Future work: - Add AltiVec/VMX version - Maybe also for ARM's NEON extension? Less pressing, I would think. - Convert SHA-1 code to use SIMD_32 - Add XTEA SIMD decryption (currently only encrypt) - Change SSE2 engine to SIMD_engine - Modify configure.py to set BOTAN_TARGET_CPU_HAS_[SSE2|ALTIVEC|NEON|XXX] macros
* | Remove the 'realname' attribute on all modules and cc/cpu/os info files.lloyd2009-10-297-14/+0
|/ | | | | Pretty much useless and unused, except for listing the module names in build.h and the short versions totally suffice for that.
* Remove all exception specifications. The way these are designed in C++ islloyd2009-10-223-5/+5
| | | | | | just too fragile and not that useful. Something like Java's checked exceptions might be nice, but simply killing the process entirely if an unexpected exception is thrown is not exactly useful for something trying to be robust.
* Similiar treatment for OFB which is also just a plain stream cipherlloyd2009-10-141-1/+1
|
* Convert CTR_BE from a Filter to a StreamCipher. Must wrap in a ↵lloyd2009-10-141-3/+3
| | | | | | StreamCipher_Filter to pass it directly to a Pipe now.
* Refactor Default_Engine::get_cipher so bits can be called from selftestlloyd2009-10-062-84/+104
|
* merge of '1efb42e84eca9e01edd7b7f1335af7011eab994c'lloyd2009-09-251-0/+7
|\ | | | | | | and 'bb55abb64b64ca63aeb361db40c6bc4692d4ce48'
| * Add runtime cpuid support. Check in the SSE2 engine that SSE2 is actuallylloyd2009-09-251-0/+7
| | | | | | | | existing on the current CPU before returning an object.
* | Enable OpenSSL AES (fixed, I think). And add support for OpenSSL's RC5lloyd2009-09-241-1/+7
|/
* Update OpenSSL engine with encrypt_n interface for block ciphers.lloyd2009-09-172-12/+46
| | | | | | Add support for SHA-2 and SEED. Wrap block cipher usage in checks for OPENSSL_NO_XXX
* Add an implementation of Blue Midnight Wish (512 bit version only)lloyd2009-09-151-0/+9
|
* Enable SSE2 engine under VC++lloyd2009-09-131-0/+1
|
* propagate from branch 'net.randombit.botan.1_8' (head ↵lloyd2009-08-311-0/+10
|\ | | | | | | | | | | c2624292793f396cf940403e0d12073a9b2c7b17) to branch 'net.randombit.botan' (head 07a71effa1ba495b6ea57b2490ad38bf58a23bd0)
| * Thomas Moschny mentioned that OpenSSL 1.0 betas disable MD2 by default.lloyd2009-08-271-0/+10
| | | | | | | | Wrap the EVP_ calls in OPENSSL_NO_XXX checks to handle this.
* | Instead of each SSE2 implementation specifying which compilers + CPUs itlloyd2009-08-271-1/+8
| | | | | | | | | | works on, have sse2_eng rely on a specific compiler/arch; each sse2 impl depends on the engine anyway, so they will only be loaded if OK.
* | Make encrypt_n public for all BlockCipher implementations - unlike thelloyd2009-08-112-4/+24
|/ | | | | | enc/dec functions it replaces, these are public interfaces. Add the first bits of a SSE2 implementation of Serpent. Currently incomplete.
* Move some files around to break up dependencies between directorieslloyd2009-07-162-0/+2
|
* Add a script that reads the output of print_deps.py and rewriteslloyd2009-07-154-0/+23
| | | | | | the info.txt files with the right module dependencies. Apply it across the codebase.
* CPU-specific engines are now only loaded if something depends on them,lloyd2009-07-073-11/+3
| | | | | | | | | | | | and all CPU-specific implementations now depend on the appropriate engine module. The most common problem before with this was that the SSE2 module was built, but the sole SSE2 code (SHA-1) was not (for instance, on an i686). This would cause a compile warning about the unused request object. Preventing unused engines from being built will also (very slightly) speed up the lookup process on most system.
* Small cleanups in the Skein-512 source, and add support for thelloyd2009-06-031-1/+2
| | | | personalization option.
* Add an implementation of Skein-512lloyd2009-06-021-0/+9
|
* engine.h had copies of some declarations from pk_engine.h that had notlloyd2009-05-131-43/+0
| | | | | | been removed when that portion of the code was split off. Remove the duplicated code from engine.h and update some code in pubkey that still relied on the declarations in engine.h instead of pk_engine.h
* Add XTS mode, from IEEE P1619lloyd2009-04-161-0/+14
|
* Add the GOST 34.11 hash function. Pretty slow, but functional.lloyd2009-04-071-0/+9
|
* Support different GOST paramters in the lookup interface.lloyd2009-03-311-1/+1
|
* Thomas Moschny passed along a request from the Fedora packagers which camelloyd2009-03-3037-464/+538
| | | | | | | | | | | | | | | up during the Fedora submission review, that each source file include some text about the license. One handy Perl script later and each file now has the line Distributed under the terms of the Botan license after the copyright notices. While I was in there modifying every file anyway, I also stripped out the remainder of the block comments (lots of astericks before and after the text); this is stylistic thing I picked up when I was first learning C++ but in retrospect it is not a good style as the structure makes it harder to modify comments (with the result that comments become fewer, shorter and are less likely to be updated, which are not good things).
* GOST was using a completely non-standard set of sboxes. Change it to uselloyd2009-03-271-5/+5
| | | | | | | | | | | | | | | GostR3411_94_TestParamSet, this is compatible with the implementations in Crypto++ and OpenSSL. This is not backwards compatible, though once the implementation supports multiple param sets (which is required, unfortunately, for compatability with various standards by CryptoCom, who have defined not one but at least 4 (!!!) different sboxes to use with GOST), I may offer Botan's previous sbox set as an option. Since adding the GOST hash function (34.11) and signing algorithm (34.10) are on the long term agenda (request by Rickard Bondesson, as the Russian authorities want to use their local standards for their DNSSEC use), I renamed the block cipher class (which had been just 'GOST') to GOST_28147_89 to minimize future name clashes.
* Disable using OpenSSL's AES - it is causing crashes for an unknown reason.lloyd2008-11-241-0/+6
| | | | | | Backtrace is deep inside EVP. Valgrind says it is writing after the end of the allocated buffer. Other ciphers (all 64-bit blocks) are fine. I do not know if the problem is 64/128 bit or some other reason.
* Add an Algorithm_Factory& argument to Engine::get_cipher to avoid alloyd2008-11-233-6/+9
| | | | dependency on libstate.h
* Remove openssl/gnump engine dep on libstate, no longer a deplloyd2008-11-232-8/+0
|
* Library_State had two functions that did the same thing,lloyd2008-11-121-1/+1
| | | | | | | | | | | | | | | algo_factory and algorithm_factory. This is confusing so for consistency/simplicity, remove algo_factory, making algorithm_factory the function to call. In 1.7.14, several functions in lookup.h, including retrieve_block_cipher, retrieve_hash, etc were changed to accept a Library_State& reference. However it turns out with the modified design I've settled upon for 1.8 that it is not necessary to change those interfaces; instead they always refer to the global_state algorithm factory which is exactly the semantics one would expect/desire 99% of the time (and is source compatible with code written for 1.6, also a plus)
* Remove support for provider identifiers from SCAN_Name - it turns out thislloyd2008-11-121-1/+1
| | | | | | | | | | | | was not the right place to keep track of this information. Also modify all Algorithm_Factory constructor functions to take instead of a SCAN_Name a pair of std::strings - the SCAN name and an optional provider name. If a provider is specified, either that provider will be used or the request will fail. Otherwise, the library will attempt best effort, based on user-set algorithm implementation settings (combine with benchmark.h for choosing the fastest implementation at runtime) or if not set, a static ordering (preset in static_provider_weight in prov_weight.cpp, though it would be nice to make this easier to toggle).