aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/asn1
Commit message (Collapse)AuthorAgeFilesLines
* X.509 RSA-PSS verificationDaniel Neus2017-10-201-1/+11
|
* Additional final annotationsJack Lloyd2017-10-151-1/+1
|
* Address some bool/int conversion warnings from SonarJack Lloyd2017-10-061-1/+1
| | | | Nothing major but probably good to clean these up.
* Correct the SHA-3 PKCSv1.5 IDsJack Lloyd2017-10-051-1/+3
| | | | | | | Thanks to @noloader for pointing me at draft-jivsov-openpgp-sha3-01 which has the correct values. Adds a test so this can't happen again.
* Avoid empty methods, use =default or add a commentJack Lloyd2017-10-032-8/+1
| | | | Sonar
* Add wrappers for reinterpret_cast between char* and uint8_t*Jack Lloyd2017-10-031-1/+1
| | | | | | | Generally speaking reinterpret_cast is sketchy stuff. But the special case of char*/uint8_t* is both common and safe. By isolating those, the remaining (likely sketchy) cases are easier to grep for.
* Uppercase constantsJack Lloyd2017-10-021-12/+15
|
* Retract explicit on OIDJack Lloyd2017-09-301-1/+1
| | | | This conversion is often useful
* Use explicit on more single-argument constructorsJack Lloyd2017-09-301-1/+1
|
* Use class instead of struct for objects with member functionsJack Lloyd2017-09-301-5/+7
| | | | Flagged by Sonar and quite reasonable
* Further header cleanupsJack Lloyd2017-09-281-0/+1
|
* Refactor to avoid explicit delete in BER_DecoderJack Lloyd2017-09-222-26/+12
|
* Apply final annotations to the library alsoJack Lloyd2017-09-223-4/+4
| | | | | Done by a perl script which converted all classes to final, followed by selective reversion where it caused compilation failures.
* Header file cleanupsJack Lloyd2017-09-214-5/+1
| | | | Some help from include-what-you-use
* Change header guard format to BOTAN_FOO_H_Jack Lloyd2017-09-2011-22/+22
| | | | | | ISO C++ reserves names with double underscores in them Closes #512
* Add API stability annotations.Jack Lloyd2017-09-1911-31/+31
| | | | | Defined in build.h, all equal to BOTAN_DLL so ties into existing system for exporting symbols.
* Fix various MSVC warningsJack Lloyd2017-08-312-2/+6
| | | | Based on VC2017 output
* Add a guard to avoid doing &v[1] when v.size() == 1Jack Lloyd2017-08-251-2/+6
| | | | Found by running the fuzzers over corpus with debug iterators.
* Add Streebog hash (GOST R 34.11-2012).Daniel Wyatt2017-08-041-1/+5
|
* Add SM2 signature schemeJack Lloyd2017-06-291-1/+9
| | | | | | From https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02 This is a contribution from Ribose Inc (@riboseinc).
* Moved to draft-ietf-curdle-pkix assigned OIDsFrancis Dupont2017-06-121-5/+5
|
* Add Ed25519 key type and testsJack Lloyd2017-06-071-1/+3
| | | | This work was sponsored by Ribose Inc
* Add SM3 OIDs and PKCSv1.5 hash prefixJack Lloyd2017-05-191-1/+5
|
* Avoid recursion in BER_Decoder::get_next_objectJack Lloyd2017-04-091-11/+16
|
* Content:Tomasz Frydrych2017-04-034-4/+7
| | | | | | | | | * fixes for deprecated constructions in c++11 and later (explicit rule of 3/5 or implicit rule of 0 and other violations) * `default` specifier instead of `{}` in some places(probably all) * removal of unreachable code (for example `return` after `throw`) * removal of compilation unit only visible, but not used functions * fix for `throw()` specifier - used instead `BOTAN_NOEXCEPT` * removed not needed semicolons
* Remove "Dirty hack" for multiple defines in lex_me_harder()Simon Warta2017-04-021-1/+3
|
* Fix some compiler warnings.Jack Lloyd2017-03-221-1/+1
|
* Merge GH #897 Add generic memory type BER decoderJack Lloyd2017-03-221-0/+32
|\
| * Add generic memory type value BER decoderNuno Goncalves2017-03-071-0/+32
| | | | | | | | Signed-off-by: Nuno Goncalves <[email protected]>
* | Fix: UTCTime interpreted as GeneralizedTimeDaniel Neus2017-03-131-2/+2
|/ | | | | | | | | | | | Example: "200305100350Z" interpreted as "2003/05/10 03:50:00 UTC" correct is "2020/03/05 10:03:50 UTC" According to RFC 5280: UTCTime values ... MUST include seconds (i.e., times are YYMMDDHHMMSSZ) -> length 13 GeneralizedTime values ... MUST include seconds (i.e., times are YYYYMMDDHHMMSSZ) -> length 15 I think we should enforce the RFC5280 rules even if the ASN.1 rules are not that strict.
* Remove verify_end() chained immediatly before end_cons() (close #890)Nuno Goncalves2017-02-251-1/+0
| | | | | | | BER_Decoder::end_cons() allready assures the verify_end() function, so it is redundant. Signed-off-by: Nuno Goncalves <[email protected]>
* Convert to using standard uintN_t integer typesJack Lloyd2016-12-1818-139/+139
| | | | | | Renames a couple of functions for somewhat better name consistency, eg make_u32bit becomes make_uint32. The old typedefs remain for now since probably lots of application code uses them.
* Check for overflow in BER decoder EOC scanningJack Lloyd2016-11-271-1/+4
|
* Add warning to OID script outputJack Lloyd2016-11-211-1/+4
| | | | [ci skip]
* Add key_constraints_to_string, GOST-34.10 cert handlingJack Lloyd2016-11-181-1/+3
| | | | Add some try/catch blocks to the X.509 tests, and use create_private_key API
* Add X509_DN::emptyJack Lloyd2016-11-181-0/+2
|
* Add OIDs for SHA-3 and SHA-3 signature algorithmsJack Lloyd2016-11-171-1/+47
| | | | | Also CCM OIDS, and SHA-384/SHA-512 DSA OIDs. All from NIST: http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html
* Added Extended Hash-Based Signatures (XMSS)Matthias Gierlings2016-11-111-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [1] XMSS: Extended Hash-Based Signatures, draft-itrf-cfrg-xmss-hash-based-signatures-06 Release: July 2016. https://datatracker.ietf.org/doc/ draft-irtf-cfrg-xmss-hash-based-signatures/?include_text=1 Provides XMSS_PublicKey and XMSS_PrivateKey classes as well as implementations for the Botan interfaces PK_Ops::Signature and PK_Ops::Verification. XMSS has been integrated into the Botan test bench, signature generation and verification can be tested independently by invoking "botan-test xmss_sign" and "botan-test xmss_verify" - Some headers that are not required to be exposed to users of the library have to be declared as public in `info.txt`. Declaring those headers private will cause the amalgamation build to fail. The following headers have been declared public inside `info.txt`, even though they are only intended for internal use: * atomic.h * xmss_hash.h * xmss_index_registry.h * xmss_address.h * xmss_common_ops.h * xmss_tools.h * xmss_wots_parameters.h * xmss_wots_privatekey.h * xmss_wots_publickey.h - XMSS_Verification_Operation Requires the "randomness" parameter out of the XMSS signature. "Randomness" is part of the prefix that is hashed *before* the message. Since the signature is unknown till sign() is called, all message content has to be buffered. For large messages this can be inconvenient or impossible. **Possible solution**: Change PK_Ops::Verification interface to take the signature as constructor argument, and provide a setter method to be able to update reuse the instance on multiple signatures. Make sign a parameterless member call. This solution requires interface changes in botan. **Suggested workaround** for signing large messages is to not sign the message itself, but to precompute the message hash manually using Botan::HashFunctio and sign the message hash instead of the message itself. - Some of the available test vectors for the XMSS signature verification have been commented out in order to reduce testbench runtime.
* Assert expected EOF from readJack Lloyd2016-11-091-1/+1
| | | | Found by Coverity.
* If peek fails, force EOF with a readJack Lloyd2016-11-071-0/+3
| | | | | | DataSource_Stream::peek resets EOF bit after a failed peek Fixes #657 cert_info infinite loop
* Change oids.py and regenerate oids.cppRené Korthaus2016-11-031-1/+1
|
* Add an in-house EC curve for TLS at compile-timeRené Korthaus2016-11-031-0/+10
| | | | | | One additional, application-specific curve can be added at compile time, using the new configure.py --house-curve=curve.pem,funky311,1.2.3.4,FEFF.
* Remove ability to add OIDS at runtime. Remove global OID lock.Jack Lloyd2016-11-036-445/+346
| | | | | | | | | | | OID map is now generated from an input file on an as needed basis. Just uses a sequence of ifs - simple, fast, and small code size. Merges oid_lookup sub-module which was already required by asn1 anyway, so completely non-optional. Removes @neusdan's nice OID tests since without any runtime adds the tests are moot.
* Fix mutex in oids.cppJack Lloyd2016-10-121-7/+7
| | | | Remove bogus includes for TLS tests
* Abstract out mutex type. Make threads optional.Jack Lloyd2016-10-121-1/+1
|
* Remove deprecated Nyberg-Rueppel and Rabin-Williams signaturesJack Lloyd2016-09-021-23/+0
|
* Remove deprecated hashes MD2, HAS-160, and RIPEMD-128Jack Lloyd2016-09-021-1/+0
|
* Merge GH #551 Add frp256v1 curveJack Lloyd2016-08-021-0/+2
|\
| * ANSSI elliptic curve cryptography frp256v1Simon Cogliani2016-07-241-0/+2
| | | | | | | | | | | | - Parameters available here: https://www.legifrance.gouv.fr/affichTexte.do?cidTexte=JORFTEXT000024668816 - DER format according to the ANS1 syntax defined in ANSI X9.62 standard available here: http://www.ssi.gouv.fr/agence/publication/publication-dun-parametrage-de-courbe-elliptique-visant-des-applications-de-passeport-electronique-et-de-ladministration-electronique-francaise/
* | add X509_Time::to_std_timepoint()Daniel Neus2016-07-282-0/+8
|/