aboutsummaryrefslogtreecommitdiffstats
path: root/src/engine
Commit message (Collapse)AuthorAgeFilesLines
* Add GMP PK filelloyd2010-03-051-0/+344
|
* Update GMP engine with new PK operations interface.lloyd2010-03-058-481/+11
| | | | | Drop support for ElGamal and NR from GMP engine, leaving just DH, DSA, and RSA
* Remove IF_Corelloyd2010-03-053-31/+0
|
* Add RSA encrypt/decrypt opslloyd2010-03-051-6/+6
|
* Add ops for ElGamal encryption and decryption.lloyd2010-03-053-31/+48
| | | | | Note: blinding is not currently being used for RSA, RW, DH or ElGamal, which used to have them. This should be added back before release.
* Rename PK_Ops::Signature_Operation to PK_Ops::Signaturelloyd2010-03-053-6/+6
| | | | Rename PK_Ops::KA_Operation to PK_Ops::Key_Agreement
* Remove NR and DSA specific hookslloyd2010-03-053-67/+3
|
* Add verification ops for all signature key typeslloyd2010-03-053-0/+44
|
* Add signature generation operation classes. Remove sign() fromlloyd2010-03-053-2/+77
| | | | | | PK_Signing_Key, though for the moment the class remains because there are a few pieces of code that use it to detect if signatures are supported, or for passing to functions in look_pk
* This checkin represents a pretty major change in how PK operations arelloyd2010-03-044-25/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | | performed. Up until now, each key object (eg DSA_PublicKey or ECDH_PrivateKey) had two jobs: contain the key material, and know how to perform any operations on that key. However because of a desire to support alternative implementations (GNU MP, hardware, whatever), there was a notion of operations, with the key objects containing an op that they got via engine rather than actually implementing the underlying algorithms directly. Now, represent the operation as an abstract interface (typically mapping a byte string to a byte string), and pass a plain Public_Key& or Private_Key& to the engine. The engine does any checks it wants (eg based on name, typeid, key sizes, etc), and either returns nothing (I'll pass) or a pointer to a new operation that represents signatures or encryption or what-have-you using that key. This means that plain key objects no longer contain operations. This is a major break with the traditional interface. On the other hand, using these 'bare' operations without padding, KDFs, etc is 99% of the time a bad idea anyway (and if you really need them, there are options so you get the bare op but via the pubkey.h interfaces). Currently this change is only implemented for DH and ECDH (ie, key agreement algorithms). Additionally the optional engines (gnump and openssl) have not been updated. I'll probably wait to touch those until after I can change them all in one go for all algos.
* Kill ECKAEG_Oplloyd2010-03-023-34/+0
|
* Remove ECDSA_Op and its attendant bitslloyd2010-03-023-34/+0
|
* Prevent a crash in GMP_Engine if the library is shutdown and thenlloyd2010-01-222-12/+17
| | | | | | | | | | | | | | | | | | | | | | | | | reinitialized. It would cache an Allocator pointer on first use, and then never zero it, so after the reinit the pointer would be going to a now deallocated Allocator object. Encountered in the SoftHSM test suite, reported by Ondrej Sury. Use a simple reference counting scheme to zero the pointer, and reset the GNU MP memory functions. This also fixes a quite obscure and never reported bug, that if the GMP engine was used, and if the library was deinitialized but then the program tried to use GNU MP, the allocator functions would crash. Now after deinit the allocator funcs revert to the defaults. The reference count is not updated atomically so this is not thread safe, but seems a non-issue; the only time this could happen (especially now that the GMP engine header is internal-only) is if multiple threads were attempting to initialize / shutdown the library at once - which won't work anyway for a variety of reasons, including contention on the (unlocked) global_lib_state pointer. If at some point thread safety is useful here, the refcnt can be locked by a mutex, or kept in an atomic<unsigned int>.
* Add SIMD version of Noekeon. On a Core2, about 2.7x faster using SIMD_SSE2lloyd2010-01-121-0/+9
| | | | and 1.6x faster using SIMD_Scalar.
* Add block cipher cascadelloyd2010-01-111-0/+15
|
* Remove stubs for VIA Padlock support. I have no plans to implement itlloyd2010-01-051-17/+0
| | | | | | and don't even have access to a VIA with AES so could not test it anyway. If someone else wants to do it, then the implementation for AES-NI should provide a good template.
* Fix compile; aes engine header is internallloyd2010-01-041-1/+2
|
* Add last nights project, an SSE2 implementation of IDEA. Right about 4xlloyd2009-12-231-4/+10
| | | | faster than the scalar version on a Core2.
* Add missing BOTAN_DLL exports.lloyd2009-12-1644-62/+88
| | | | Move most of the engine headers to internal
* Full working amalgamation build, plus internal-only headers concept.lloyd2009-12-167-26/+27
|
* Make sure the SIMD_32 implementation we're using actually works on thelloyd2009-11-241-0/+4
| | | | system before returning a new instance.
* Add AES-192 using AES-NI. Tested OK with Intel's simulator.lloyd2009-11-101-2/+0
| | | | | | | Currently requires SSE4.1 for _mm_extract_epi32 for the key schedule, it would be nice to remove this dependency, though all currently known/scheduled chips with AES-NI (Intel Westmere and Sandy Bridge, and AMD Bulldozer) are supposed to include SSE 4.1 so this is not a huge problem.
* Rename CPUID::has_intel_aes to has_aes_intel, and add CPUID::has_aes_via,lloyd2009-11-101-2/+2
| | | | which is currently just a stub returning false.
* Fix errors in the AES-256 key schedule for the AES-NI version. Now passeslloyd2009-11-101-1/+1
| | | | | | | | | tests under Intel's emulator. Document and enable in the engine. Merge both versions to aes_intel.cpp - some shared code and much similiar structure which might be sharable via macros.
* Add a new need_isa marker for info.txt that lets a module dependlloyd2009-11-061-5/+5
| | | | | | | | | | | | on a particular ISA extension rather than a list of CPUs. Much easier to edit and audit, too. Add markers on the AES-NI code and SHA-1/SSE2. Serpent and XTEA don't need it because they are generic and only depend on simd_32 which will silenty swap out a scalar version if SSE2/AltiVec isn't enabled (since it turns out on supersclar processors just doing 4 blocks in parallel can be a win even in GPRs). Add pentium3 to the list of CPUs with rdtsc, was missing. Odd!
* Add a complete but untested AES-128 using the AES-NI intrinsics.lloyd2009-11-061-10/+8
| | | | | | | | | | | | | | | | | | From looking at how key gen works in particular, it seems easiest to provide only AES-128, AES-192, and AES-256 and not a general AES class that can accept any key length. This also has the bonus of allowing full loop unrolling which may be a win (how much so will depend on the latency/throughput of the AES instructions which is currently unknown). No block interleaving, though of course it works very nicely here, simply due to the desire to keep things simple until what is currently here can actually be tested. (Intel has an emulator that is supposed to work but just crashes on my machine...) I'm not entirely sure if byte swapping is required. Intel has a white paper out that suggests it isn't (and really it would have been stupid of them to not build this into the aes instructions), but who knows. If it turns out to be necessary there is a pretty fast bswap instruction for SSE anyway.
* Stub for AES class using Intel's AES-NI instructions and an engine forlloyd2009-11-063-0/+85
| | | | | providing it. Also stubs in the engine for VIA's AES instructions, but needs CPUID checking also.
* Rename sse2 engine to simdlloyd2009-10-291-1/+1
|
* propagate from branch 'net.randombit.botan' (head ↵lloyd2009-10-295-76/+61
|\ | | | | | | | | | | 8fb69dd1c599ada1008c4cab2a6d502cbcc468e0) to branch 'net.randombit.botan.general-simd' (head c05c9a6d398659891fb8cca170ed514ea7e6476d)
| * Rename SSE2 stuff to be generally SIMD since it supports at least SSE2lloyd2009-10-295-87/+63
| | | | | | | | and Altivec (though Altivec is seemingly slower ATM...)
| * Add a wrapper for a set of SSE2 operations with convenient syntax for 4x32lloyd2009-10-261-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | operations. Also add a pure scalar code version. Convert Serpent to use this new interface, and add an implementation of XTEA in SIMD. The wrappers plus the scalar version allow SIMD-ish code to work on all platforms. This is often a win due to better ILP being visible to the processor (as with the recent XTEA optimizations). Only real danger is register starvation, mostly an issue on x86 these days. So it may (or may not) be a win to consolidate the standard C++ versions and the SIMD versions together. Future work: - Add AltiVec/VMX version - Maybe also for ARM's NEON extension? Less pressing, I would think. - Convert SHA-1 code to use SIMD_32 - Add XTEA SIMD decryption (currently only encrypt) - Change SSE2 engine to SIMD_engine - Modify configure.py to set BOTAN_TARGET_CPU_HAS_[SSE2|ALTIVEC|NEON|XXX] macros
* | Remove the 'realname' attribute on all modules and cc/cpu/os info files.lloyd2009-10-297-14/+0
|/ | | | | Pretty much useless and unused, except for listing the module names in build.h and the short versions totally suffice for that.
* Remove all exception specifications. The way these are designed in C++ islloyd2009-10-223-5/+5
| | | | | | just too fragile and not that useful. Something like Java's checked exceptions might be nice, but simply killing the process entirely if an unexpected exception is thrown is not exactly useful for something trying to be robust.
* Similiar treatment for OFB which is also just a plain stream cipherlloyd2009-10-141-1/+1
|
* Convert CTR_BE from a Filter to a StreamCipher. Must wrap in a ↵lloyd2009-10-141-3/+3
| | | | | | StreamCipher_Filter to pass it directly to a Pipe now.
* Refactor Default_Engine::get_cipher so bits can be called from selftestlloyd2009-10-062-84/+104
|
* merge of '1efb42e84eca9e01edd7b7f1335af7011eab994c'lloyd2009-09-251-0/+7
|\ | | | | | | and 'bb55abb64b64ca63aeb361db40c6bc4692d4ce48'
| * Add runtime cpuid support. Check in the SSE2 engine that SSE2 is actuallylloyd2009-09-251-0/+7
| | | | | | | | existing on the current CPU before returning an object.
* | Enable OpenSSL AES (fixed, I think). And add support for OpenSSL's RC5lloyd2009-09-241-1/+7
|/
* Update OpenSSL engine with encrypt_n interface for block ciphers.lloyd2009-09-172-12/+46
| | | | | | Add support for SHA-2 and SEED. Wrap block cipher usage in checks for OPENSSL_NO_XXX
* Add an implementation of Blue Midnight Wish (512 bit version only)lloyd2009-09-151-0/+9
|
* Enable SSE2 engine under VC++lloyd2009-09-131-0/+1
|
* propagate from branch 'net.randombit.botan.1_8' (head ↵lloyd2009-08-311-0/+10
|\ | | | | | | | | | | c2624292793f396cf940403e0d12073a9b2c7b17) to branch 'net.randombit.botan' (head 07a71effa1ba495b6ea57b2490ad38bf58a23bd0)
| * Thomas Moschny mentioned that OpenSSL 1.0 betas disable MD2 by default.lloyd2009-08-271-0/+10
| | | | | | | | Wrap the EVP_ calls in OPENSSL_NO_XXX checks to handle this.
* | Instead of each SSE2 implementation specifying which compilers + CPUs itlloyd2009-08-271-1/+8
| | | | | | | | | | works on, have sse2_eng rely on a specific compiler/arch; each sse2 impl depends on the engine anyway, so they will only be loaded if OK.
* | Make encrypt_n public for all BlockCipher implementations - unlike thelloyd2009-08-112-4/+24
|/ | | | | | enc/dec functions it replaces, these are public interfaces. Add the first bits of a SSE2 implementation of Serpent. Currently incomplete.
* Move some files around to break up dependencies between directorieslloyd2009-07-162-0/+2
|
* Add a script that reads the output of print_deps.py and rewriteslloyd2009-07-154-0/+23
| | | | | | the info.txt files with the right module dependencies. Apply it across the codebase.
* CPU-specific engines are now only loaded if something depends on them,lloyd2009-07-073-11/+3
| | | | | | | | | | | | and all CPU-specific implementations now depend on the appropriate engine module. The most common problem before with this was that the SSE2 module was built, but the sole SSE2 code (SHA-1) was not (for instance, on an i686). This would cause a compile warning about the unused request object. Preventing unused engines from being built will also (very slightly) speed up the lookup process on most system.
* Small cleanups in the Skein-512 source, and add support for thelloyd2009-06-031-1/+2
| | | | personalization option.
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-19 22:43:44 +0000