| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
Constify arg to botan_pk_op_decrypt, and correct comment on
botan_mp_is_positive, which returns true even for zero.
Considered changing botan_mp_is_positive to match the comment, and
return false for zero, but we already test that botan_mp_is_positive(0) == 1,
so I left it as is and fixed the comment.
|
| |
|
|\ |
|
| |
| |
| |
| | |
Declared in header, but was not defined. :(
|
| |
| |
| |
| |
| |
| | |
If DSA was disabled, caused memory corruption/crashes due to combination of
uninitialized object and the tests not checking return values as carefully
as they should.
|
| |
| |
| |
| | |
Supporting RSA, DSA, and ECC. Add also DSA specific loading functions.
|
|\ \ |
|
| |/ |
|
|/ |
|
|\ |
|
| |
| |
| |
| | |
GH #896
|
| |
| |
| |
| | |
Also adds RSA key constructors using BN
|
| | |
|
|/ |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Based on build output sent by @noloader.
If RLIMIT_MEMLOCK is not defined, assume regular user is not able to
call mlock. This probably also affected Clang/GCC on Solaris.
Work around resolution issue in SIMD_4x32 where it finds ambiguity
between arg taking uint32_t and __m128i. This is probably some
artifact of how SunCC represents vector types, and seems highly bogus
in general but is easy to work around here. Change constructor taking
a single value to instead be `SIMD_4x32::splat` function. The SIMD
class is internal, so no API implications.
Fix various warnings about lambda functions that were missing return
types and which were not a single return statement. AIUI C++11 doesn't
guarantee that lambda return type will be deduced in that situation,
though in practice every compiler including SunCC seems to handle it.
Disable AVX2 usage, since SunCC's intrinsics seem to be broken - its
_mm_loadu_si256 takes non-const pointer.
Rename a few variables in the tests to avoid shadowed var warnings.
|
|
|
|
|
|
|
|
|
|
|
|
| |
This lets us upgrade the FFI version over time and still allow
applications to reliably detect if the current library binary
supports their version.
As an example, it would be useful to be able to add features to FFI
sometime in 2.x. In that case, we would increase the value of the
FFI API version, even though anything calling the old API would still
work perfectly. Applications can verify at runtime the API they want to
use is supported using this new call.
|
|
|
|
|
|
| |
Renames a couple of functions for somewhat better name consistency,
eg make_u32bit becomes make_uint32. The old typedefs remain for now
since probably lots of application code uses them.
|
|
|
|
|
|
|
| |
Adds new Public_Key::subject_public_key() that returns
a X.509 SubjectPublicKey structure. Renames the current
Public_Key::x509_subject_public_key() to public_key_bits().
BER_encode() just invokes subject_public_key().
|
|
|
|
|
| |
No need to strictly require it, and some applications may only want
system RNG or RDRAND.
|
|
|
|
| |
Nothing exciting.
|
| |
|
|\ |
|
| | |
|
|/
|
|
| |
The system rng is already a hard requirement for FFI anyway.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Cipher_Mode::update API is more general than needed to just
support ciphers (this is due to it previously being an API of
Transform which before 8b85b780515 was Cipher_Mode's base class)
Define a less general interface `process` which either processes the
blocks in-place, producing exactly as much output as there was input,
or (SIV/CCM case) saves the entire message for processing in `finish`.
These two uses cover all current or anticipated cipher modes.
Leaves `update` for compatability with existing callers; all that is
needed is an inline function forwarding to `process`.
Removes the return type from `start` - in all cipher implementations,
this always returned an empty vector.
Adds BOTAN_ARG_CHECK macro; right now BOTAN_ASSERT is being used
for argument checking in some places, which is not right at all.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change reseed interval logic to count calls to `randomize` rather than
bytes, to match SP 800-90A
Changes RNG reseeding API: there is no implicit reference to the
global entropy sources within the RNGs anymore. The entropy sources
must be supplied with the API call. Adds support for reseding directly
from another RNG (such as a system or hardware RNG).
Stateful_RNG keeps optional references to both an RNG and a set of
entropy sources. During a reseed, both sources are used if set.
These can be provided to HMAC_DRBG constructor.
For HMAC_DRBG, SP800-90A requires we output no more than 2**16 bytes
per DRBG request. We treat requests longer than that as if the caller
had instead made several sequential maximum-length requests. This
means it is possible for one or more reseeds to trigger even in the
course of generating a single (long) output (generate a 256-bit key
and use ChaCha or HKDF if this is a problem).
Adds RNG::randomize_with_ts_input which takes timestamps and uses them
as the additional_data DRBG field. Stateful_RNG overrides this to also
include the process ID and the reseed counter. AutoSeeded_RNG's
`randomize` uses this.
Officially deprecates RNG::make_rng and the Serialized_RNG construtor
which creates an AutoSeeded_RNG. With these removed, it would be
possible to perform a build with no AutoSeeded_RNG/HMAC_DRBG at all
(eg, for applications which only use the system RNG).
Tests courtesy @cordney in GH PRs #598 and #600
|
|
|
|
|
|
|
|
| |
Add support and tests for additional_data param to HMAC_DRBG
Add Stateful_RNG class which has fork detection and periodic reseeding.
AutoSeeded_RNG passes the current pid and time as additional_data
|
| |
|
|
|
|
| |
explicit.
|
|
|
|
|
|
|
|
| |
Add implementation for ffi botan_x509_cert_get_public_key().
Add subject_dn() function to python x509_cert class.
Have python x509_cert constructor take a buffer alternatively.
Have python x509_cert functions time_starts() and time_expires() return
a python timestamp.
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
As the alternatives are unfortunate for applications trying to catch
all library errors, and it seems deriving from std::runtime_error
causes problems with MSVC DLLs (GH #340)
Effectively reverts 2837e915d82e43
|
|
|
|
|
|
|
|
|
|
|
| |
The tests previously had used 4 to 6 different schemes internally (the vec file
reader framework, Catch, the old InSiTo Boost.Test tests, the PK/BigInt tests
which escaped the rewrite in 1.11.7, plus a number of one-offs). Converge on a
design that works everywhere, and update all the things.
Fix also a few bugs found by the test changes: SHA-512-256 name incorrect,
OpenSSL RC4 name incorrect, signature of FFI function botan_pubkey_destroy
was wrong.
|
|
|
|
|
|
|
|
|
| |
Remove any need for callers to do version checks or encode values
specially to handle Python2 vs Python3 ctypes differences. API users
shouldn't have to care about that - encapsulate the differences in a
few functions for handling the conversions.
Add botan_cipher_query_keylen to ffi
|
| |
|
|
|
|
|
|
| |
Previously you couldn't have an unique_ptr<RNG> that might point to
either a system rng or an autoseed rng depending on availability. That
was already needed in ffi and is useful elsewhere.
|
|
|
|
|
| |
Removes filters as as an internal dependency pretty much entirely
(outside of some dusty corners in misc).
|
| |
|
| |
|
|
|
|
| |
Missing path validation, probably other things
|
|\
| |
| | |
Move the algorithm factory functions to T::create and move object registration to the source file for its base class. These resolve the issues which prevented successful use of a static library that was built with individual object files. Removes the restriction in configure.py which prevented building non-amalgamation static libs.
|
| | |
|
|/
|
|
|
| |
In error cases the output value was not intialized, so callers which
ignored the error return might blindly use an uninitialized pointer.
|
| |
|
|
|
|
|
| |
Add missing returns to botan_kdf, botan_pbkdf, botan_pbkdf_timed;
previously they always returned an error code.
|
| |
|
|\
| |
| | |
Bounds check round 5
|