aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/asn1
Commit message (Collapse)AuthorAgeFilesLines
* Convert to using standard uintN_t integer typesJack Lloyd2016-12-1818-139/+139
| | | | | | Renames a couple of functions for somewhat better name consistency, eg make_u32bit becomes make_uint32. The old typedefs remain for now since probably lots of application code uses them.
* Check for overflow in BER decoder EOC scanningJack Lloyd2016-11-271-1/+4
|
* Add warning to OID script outputJack Lloyd2016-11-211-1/+4
| | | | [ci skip]
* Add key_constraints_to_string, GOST-34.10 cert handlingJack Lloyd2016-11-181-1/+3
| | | | Add some try/catch blocks to the X.509 tests, and use create_private_key API
* Add X509_DN::emptyJack Lloyd2016-11-181-0/+2
|
* Add OIDs for SHA-3 and SHA-3 signature algorithmsJack Lloyd2016-11-171-1/+47
| | | | | Also CCM OIDS, and SHA-384/SHA-512 DSA OIDs. All from NIST: http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html
* Added Extended Hash-Based Signatures (XMSS)Matthias Gierlings2016-11-111-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [1] XMSS: Extended Hash-Based Signatures, draft-itrf-cfrg-xmss-hash-based-signatures-06 Release: July 2016. https://datatracker.ietf.org/doc/ draft-irtf-cfrg-xmss-hash-based-signatures/?include_text=1 Provides XMSS_PublicKey and XMSS_PrivateKey classes as well as implementations for the Botan interfaces PK_Ops::Signature and PK_Ops::Verification. XMSS has been integrated into the Botan test bench, signature generation and verification can be tested independently by invoking "botan-test xmss_sign" and "botan-test xmss_verify" - Some headers that are not required to be exposed to users of the library have to be declared as public in `info.txt`. Declaring those headers private will cause the amalgamation build to fail. The following headers have been declared public inside `info.txt`, even though they are only intended for internal use: * atomic.h * xmss_hash.h * xmss_index_registry.h * xmss_address.h * xmss_common_ops.h * xmss_tools.h * xmss_wots_parameters.h * xmss_wots_privatekey.h * xmss_wots_publickey.h - XMSS_Verification_Operation Requires the "randomness" parameter out of the XMSS signature. "Randomness" is part of the prefix that is hashed *before* the message. Since the signature is unknown till sign() is called, all message content has to be buffered. For large messages this can be inconvenient or impossible. **Possible solution**: Change PK_Ops::Verification interface to take the signature as constructor argument, and provide a setter method to be able to update reuse the instance on multiple signatures. Make sign a parameterless member call. This solution requires interface changes in botan. **Suggested workaround** for signing large messages is to not sign the message itself, but to precompute the message hash manually using Botan::HashFunctio and sign the message hash instead of the message itself. - Some of the available test vectors for the XMSS signature verification have been commented out in order to reduce testbench runtime.
* Assert expected EOF from readJack Lloyd2016-11-091-1/+1
| | | | Found by Coverity.
* If peek fails, force EOF with a readJack Lloyd2016-11-071-0/+3
| | | | | | DataSource_Stream::peek resets EOF bit after a failed peek Fixes #657 cert_info infinite loop
* Change oids.py and regenerate oids.cppRené Korthaus2016-11-031-1/+1
|
* Add an in-house EC curve for TLS at compile-timeRené Korthaus2016-11-031-0/+10
| | | | | | One additional, application-specific curve can be added at compile time, using the new configure.py --house-curve=curve.pem,funky311,1.2.3.4,FEFF.
* Remove ability to add OIDS at runtime. Remove global OID lock.Jack Lloyd2016-11-036-445/+346
| | | | | | | | | | | OID map is now generated from an input file on an as needed basis. Just uses a sequence of ifs - simple, fast, and small code size. Merges oid_lookup sub-module which was already required by asn1 anyway, so completely non-optional. Removes @neusdan's nice OID tests since without any runtime adds the tests are moot.
* Fix mutex in oids.cppJack Lloyd2016-10-121-7/+7
| | | | Remove bogus includes for TLS tests
* Abstract out mutex type. Make threads optional.Jack Lloyd2016-10-121-1/+1
|
* Remove deprecated Nyberg-Rueppel and Rabin-Williams signaturesJack Lloyd2016-09-021-23/+0
|
* Remove deprecated hashes MD2, HAS-160, and RIPEMD-128Jack Lloyd2016-09-021-1/+0
|
* Merge GH #551 Add frp256v1 curveJack Lloyd2016-08-021-0/+2
|\
| * ANSSI elliptic curve cryptography frp256v1Simon Cogliani2016-07-241-0/+2
| | | | | | | | | | | | - Parameters available here: https://www.legifrance.gouv.fr/affichTexte.do?cidTexte=JORFTEXT000024668816 - DER format according to the ANS1 syntax defined in ANSI X9.62 standard available here: http://www.ssi.gouv.fr/agence/publication/publication-dun-parametrage-de-courbe-elliptique-visant-des-applications-de-passeport-electronique-et-de-ladministration-electronique-francaise/
* | add X509_Time::to_std_timepoint()Daniel Neus2016-07-282-0/+8
|/
* Add ECKDSA OIDs for SHA signaturesJack Lloyd2016-06-221-0/+4
| | | | From http://rootca.kisa.or.kr/kcac/down/Guide/Object%20Identifier%20Guideline%20for%20the%20Electronic%20Signature%20Certification%20System.pdf
* Merge GH #504 Add ECKCDSAJack Lloyd2016-06-201-0/+3
|\
| * Add ECKCDSA signature algorithmRené Korthaus2016-06-141-0/+3
| |
* | Merge GH #487 Remove CVC certificates and EMSA1_BSI signature encodingJack Lloyd2016-06-171-7/+0
|\ \ | |/ |/|
| * remove all uses of EMSA1_BSIDaniel Neus2016-05-021-7/+0
| |
* | Add explicit static_cast operations to eliminate implicit cast compiler ↵Dan Brown2016-04-271-1/+1
|/ | | | warnings.
* Add ECGDSARené Korthaus2016-04-191-0/+10
|
* Merge GH #454 X.509 name constraintsJack Lloyd2016-03-163-9/+96
|\
| * X.509 Name ConstraintsKai Michaelis2016-03-103-9/+96
| |
* | Fix ordering of Charset::transcode argumentsJack Lloyd2016-03-061-1/+1
| | | | | | | | GH #438
* | Remaining cppcheck fixes that are not covered by GH #444Daniel Neus2016-03-053-33/+13
| |
* | cppcheck fixes: Class 'X' has a constructor with 1 argument that is not ↵Daniel Neus2016-03-056-10/+10
|/ | | | explicit.
* Fix remaining Wshadow warnings and enable on gcc and clangRené Korthaus2016-02-181-5/+5
|
* Add asserts to help out CoverityJack Lloyd2016-02-092-0/+4
| | | | | | It somehow deduces an input that is both > 0 and for which high_bit never finds a bit set and returns 0. In both cases that would lead to block being 0 and a negative shift.
* V816 It is more efficient to catch exception by reference rather than by ↵Daniel Neus2016-02-081-2/+2
| | | | value. asn1_time.cpp 159
* Merge GH #409 Add Microsoft SmartcardLogon extended key usage OIDJack Lloyd2016-01-121-0/+2
|\
| * Add Microsoft SmartcardLogon extended key usage OIDRené Korthaus2016-01-121-0/+2
| |
* | Add final attribute to many classesJack Lloyd2016-01-107-7/+7
|/ | | | | | | In some cases this can offer better optimization, via devirtualization. And it lets the user know the class is not intended for derivation. Some discussion in GH #402
* Mass-prefix member vars with m_René Korthaus2016-01-0815-149/+158
|
* String comparision fixesDaniel Neus2016-01-044-6/+6
| | | | fix PVS-Studio perfomance warnings
* Reroot the exception hierarchy into a toplevel Exception classJack Lloyd2015-12-111-1/+1
| | | | | | | | As the alternatives are unfortunate for applications trying to catch all library errors, and it seems deriving from std::runtime_error causes problems with MSVC DLLs (GH #340) Effectively reverts 2837e915d82e43
* Remove support for broken 112 and 128 bit SECP ECC groups.Jack Lloyd2015-12-021-4/+2
|
* Move DataSource to utils and rewrite PEM encoding to avoid filtersJack Lloyd2015-10-141-1/+0
| | | | | Removes filters as as an internal dependency pretty much entirely (outside of some dusty corners in misc).
* Avoid concatination of charsSimon Warta2015-09-221-1/+1
| | | | | | | Ever tried? auto str = "some long string"; auto str2 = str + '\n'; It's not with the brainfuck finding the bug.
* Internal header cleanupsJack Lloyd2015-09-192-2/+2
| | | | Only user-visible change is the removal of get_byte.h
* Remove high bit set char from comment as it broke amalgamation generationJack Lloyd2015-08-221-4/+8
| | | | | | under Python3. Ironically there doesn't seem to be any way to portably handle non-ASCII in a way that is compatible with Python 2.7 and 3 at the same time.
* Add stricter time parsing; Add more testsSimon Warta2015-08-111-8/+23
|
* Sometimes we don't know the input format. But it is one of twoSimon Warta2015-08-112-3/+22
|
* Explicitly fwd declase classes BER_Decoder, DER_EncoderSimon Warta2015-08-113-12/+10
|
* Remove string constructor of X509_Time()Simon Warta2015-08-112-195/+143
| | | | | | | | | | | * Break down string representations to to_string() and readable_string() * Add m_ prefix to member variable names * Fix order of methods * Move comments Doxygen friendly to header * Make set_to() private (future subjejt of refectoring); People should use constructor Closes #185
* Fix two crashes in the BER decoder found with afl.Jack Lloyd2015-08-021-2/+10
| | | | | One a read at 0 of an empty vector, the other causing allocation of an arbitrary amount of memory.
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-20 07:00:16 +0000