| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|
|
|
| |
Nothing major but probably good to clean these up.
|
|
|
|
|
|
|
| |
Thanks to @noloader for pointing me at draft-jivsov-openpgp-sha3-01
which has the correct values.
Adds a test so this can't happen again.
|
|
|
|
| |
Sonar
|
|
|
|
|
|
|
| |
Generally speaking reinterpret_cast is sketchy stuff. But the
special case of char*/uint8_t* is both common and safe. By
isolating those, the remaining (likely sketchy) cases are easier
to grep for.
|
| |
|
|
|
|
| |
This conversion is often useful
|
| |
|
|
|
|
| |
Flagged by Sonar and quite reasonable
|
| |
|
| |
|
|
|
|
|
| |
Done by a perl script which converted all classes to final, followed
by selective reversion where it caused compilation failures.
|
|
|
|
| |
Some help from include-what-you-use
|
|
|
|
|
|
| |
ISO C++ reserves names with double underscores in them
Closes #512
|
|
|
|
|
| |
Defined in build.h, all equal to BOTAN_DLL so ties into existing
system for exporting symbols.
|
|
|
|
| |
Based on VC2017 output
|
|
|
|
| |
Found by running the fuzzers over corpus with debug iterators.
|
| |
|
|
|
|
|
|
| |
From https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02
This is a contribution from Ribose Inc (@riboseinc).
|
| |
|
|
|
|
| |
This work was sponsored by Ribose Inc
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
* fixes for deprecated constructions in c++11 and later (explicit rule of 3/5 or implicit rule of 0 and other violations)
* `default` specifier instead of `{}` in some places(probably all)
* removal of unreachable code (for example `return` after `throw`)
* removal of compilation unit only visible, but not used functions
* fix for `throw()` specifier - used instead `BOTAN_NOEXCEPT`
* removed not needed semicolons
|
| |
|
| |
|
|\ |
|
| |
| |
| |
| | |
Signed-off-by: Nuno Goncalves <[email protected]>
|
|/
|
|
|
|
|
|
|
|
|
|
| |
Example:
"200305100350Z" interpreted as "2003/05/10 03:50:00 UTC"
correct is "2020/03/05 10:03:50 UTC"
According to RFC 5280:
UTCTime values ... MUST include seconds (i.e., times are YYMMDDHHMMSSZ) -> length 13
GeneralizedTime values ... MUST include seconds (i.e., times are YYYYMMDDHHMMSSZ) -> length 15
I think we should enforce the RFC5280 rules even if the ASN.1 rules are not that strict.
|
|
|
|
|
|
|
| |
BER_Decoder::end_cons() allready assures the verify_end()
function, so it is redundant.
Signed-off-by: Nuno Goncalves <[email protected]>
|
|
|
|
|
|
| |
Renames a couple of functions for somewhat better name consistency,
eg make_u32bit becomes make_uint32. The old typedefs remain for now
since probably lots of application code uses them.
|
| |
|
|
|
|
| |
[ci skip]
|
|
|
|
| |
Add some try/catch blocks to the X.509 tests, and use create_private_key API
|
| |
|
|
|
|
|
| |
Also CCM OIDS, and SHA-384/SHA-512 DSA OIDs. All from NIST:
http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
[1] XMSS: Extended Hash-Based Signatures,
draft-itrf-cfrg-xmss-hash-based-signatures-06
Release: July 2016.
https://datatracker.ietf.org/doc/
draft-irtf-cfrg-xmss-hash-based-signatures/?include_text=1
Provides XMSS_PublicKey and XMSS_PrivateKey classes as well as implementations
for the Botan interfaces PK_Ops::Signature and PK_Ops::Verification. XMSS has
been integrated into the Botan test bench, signature generation and verification
can be tested independently by invoking "botan-test xmss_sign" and
"botan-test xmss_verify"
- Some headers that are not required to be exposed to users of the library have
to be declared as public in `info.txt`. Declaring those headers private will
cause the amalgamation build to fail. The following headers have been
declared public inside `info.txt`, even though they are only intended for
internal use:
* atomic.h
* xmss_hash.h
* xmss_index_registry.h
* xmss_address.h
* xmss_common_ops.h
* xmss_tools.h
* xmss_wots_parameters.h
* xmss_wots_privatekey.h
* xmss_wots_publickey.h
- XMSS_Verification_Operation Requires the "randomness" parameter out of the
XMSS signature. "Randomness" is part of the prefix that is hashed *before*
the message. Since the signature is unknown till sign() is called, all
message content has to be buffered. For large messages this can be
inconvenient or impossible.
**Possible solution**: Change PK_Ops::Verification interface to take
the signature as constructor argument, and provide a setter method to be able
to update reuse the instance on multiple signatures. Make sign a parameterless
member call. This solution requires interface changes in botan.
**Suggested workaround** for signing large messages is to not sign the message
itself, but to precompute the message hash manually using Botan::HashFunctio
and sign the message hash instead of the message itself.
- Some of the available test vectors for the XMSS signature verification have
been commented out in order to reduce testbench runtime.
|
|
|
|
| |
Found by Coverity.
|
|
|
|
|
|
| |
DataSource_Stream::peek resets EOF bit after a failed peek
Fixes #657 cert_info infinite loop
|
| |
|
|
|
|
|
|
| |
One additional, application-specific curve can be added
at compile time, using the new
configure.py --house-curve=curve.pem,funky311,1.2.3.4,FEFF.
|
|
|
|
|
|
|
|
|
|
|
| |
OID map is now generated from an input file on an as needed basis.
Just uses a sequence of ifs - simple, fast, and small code size.
Merges oid_lookup sub-module which was already required by asn1 anyway,
so completely non-optional.
Removes @neusdan's nice OID tests since without any runtime adds the
tests are moot.
|
|
|
|
| |
Remove bogus includes for TLS tests
|
| |
|
| |
|
| |
|
|\ |
|
| |
| |
| |
| |
| |
| | |
- Parameters available here: https://www.legifrance.gouv.fr/affichTexte.do?cidTexte=JORFTEXT000024668816
- DER format according to the ANS1 syntax defined in ANSI X9.62 standard
available here: http://www.ssi.gouv.fr/agence/publication/publication-dun-parametrage-de-courbe-elliptique-visant-des-applications-de-passeport-electronique-et-de-ladministration-electronique-francaise/
|
|/ |
|