aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/ffi
Commit message (Collapse)AuthorAgeFilesLines
* Fix C function prototypes.JornVernee2019-04-211-6/+6
|
* Remove unimplemented function declJack Lloyd2019-04-191-3/+0
|
* Use script to generate Python FFI declsJack Lloyd2019-04-191-7/+0
| | | | Remove unimplemented declaration botan_x509_cert_gen_selfsigned
* Avoid C++ style comments in headers that may be parsed as CJack Lloyd2019-04-191-64/+6
| | | | | Also remove the TLS declarations from ffi.h for now since that isn't supported at all.
* Rename Integrity_Failure to Invalid_Authentication_TagJack Lloyd2019-01-182-1/+4
| | | | | | | | | This makes the meaning and usage more clear. Add a specific error type so invalid tags can be distinguished without having to catch that specific type. See also #1813
* Use memcpy instead of strcpy here to shut up MSVC warningJack Lloyd2019-01-031-1/+1
| | | | Here the caller is assumed to have provided a buffer of sufficient size.
* Add OS::read_env_variableJack Lloyd2018-12-291-1/+1
| | | | Combines the priv check and the getenv call on one.
* Make exceptions easier to translate to error codesJack Lloyd2018-11-233-19/+85
| | | | | | | | | | | Avoid throwing base Botan::Exception type, as it is difficult to determine what the error is in that case. Add Exception::error_code and Exception::error_type which allows (for error code) more information about the error and (for error type) allows knowing the error type without requiring a sequence of catches. See GH #1742
* Fix FFI compilation without hotp moduleTobias Brunner2018-10-251-2/+2
|
* Remove support for Visual C++ 2013Jack Lloyd2018-10-0117-65/+65
| | | | Closes GH #1557
* Refactor mode tests, and correct bugs foundJack Lloyd2018-09-291-0/+1
| | | | | | | | | | | | | | | | | | | Several problems in CBC found by adding tests - If you set a key, then set a nonce, then set a new key, you could encrypt without setting a new nonce. - It was possible to call CBC finish without setting a nonce, which would crash. - If you had an CBC decryption object, set a key, set a nonce, then reset message state, it should throw because no nonce is set. Instead it would carry on using an all-zero nonce. Disable CommonCrypto with PKCS7 padding as it seems to have some problem that I cannot figure out from the build logs. This work sponsored by Ribose Inc
* Avoid null pointer write in FFIJack Lloyd2018-09-281-1/+4
| | | | | | | | If a function returning variable length output was called with a null output buffer but a non-zero output buffer length, FFI layer would call memset(nullptr, 0, buffer_len) and crash. Caught by Coverity.
* Add OS::running_in_privileged_stateJack Lloyd2018-09-271-1/+2
| | | | | | | | Avoid any getenv toggles or reading /proc if we are setuid/setgid. It is possible there is or will someday be some file in /proc that is world-readable, but if read by a privileged user causes some side effect.
* Define botan_scrypt in terms of botan_pwdhashJack Lloyd2018-09-131-12/+5
|
* In FFI pwdhash functions, let len == 0 mean "call strlen"Jack Lloyd2018-09-132-2/+18
|
* Merge GH #1670 New password hashing interfaceJack Lloyd2018-09-132-15/+136
|\
| * Fix Doxygen commentsJack Lloyd2018-09-101-2/+4
| |
| * Add FFIJack Lloyd2018-09-102-15/+134
| | | | | | | | This is a contribution of Ribose Inc (@riboseinc)
* | Some document fixesJack Lloyd2018-09-131-8/+13
| | | | | | | | | | Downgrade min Sphinx to 1.2 again - I checked and while Sphinx 1.2 produce many warnings it does generate usable output.
* | Add FFI functions for creating and getting X25519 dataJack Lloyd2018-09-102-0/+98
|/ | | | See GH #1680
* Use a literal date for this API versionJack Lloyd2018-09-021-5/+4
| | | | | It avoids having to rewrite existing logic when a new API version is introduced.
* Fix build without x509 moduleTobias Brunner2018-08-231-1/+22
| | | | | Fixes: dc85761ef02c ("Add path validation to FFI") Signed-off-by: Tobias Brunner <[email protected]>
* Add botan_cipher_reset to FFIJack Lloyd2018-08-172-0/+15
|
* Ignore an empty string ("") for trusted_path argumentJack Lloyd2018-08-161-1/+1
|
* Add args for botan FFI cert verification for hostname and timeJack Lloyd2018-08-162-4/+16
|
* Add botan_x509_cert_dupJack Lloyd2018-08-162-4/+24
|
* Fix bug introduced in 15e149acJack Lloyd2018-08-161-6/+6
| | | | | This caused get_field, when called with a non-existing field, to return success and set the field to a small negative integer.
* Avoid throwing within the FFI layerJack Lloyd2018-08-163-10/+9
| | | | No reason given we know the message is going to be thrown away.
* Add TOTP to FFIJack Lloyd2018-08-163-4/+144
|
* Expose HOTP to FFIJack Lloyd2018-08-152-0/+136
|
* Update comments in FFI headerJack Lloyd2018-08-151-43/+138
| | | | | | Add/fix Doxygen comments. Remove warning which is not really true anymore.
* Remove support for 8 or 16 bit BigInt wordsJack Lloyd2018-08-152-3/+41
| | | | | | | | | | It turned out 8 bit was very broken (failed to compile, due to overload problems with functions taking uint8_t vs word). 16 bit words work aside from a test failure, but is really slow. Practically speaking we are not in a position to support 16-bit CPUs very well. And being able to assume sizeof(word) >= sizeof(uint32_t) allows simplifying some code.
* Cleanup of BigInt encoding/decoding functionsJack Lloyd2018-08-141-12/+7
| | | | | | | | | | | | | Instigated by finding a bug where BigInt::encode with decimal output would often have a leading '0' char. Which is papered over in the IO operator, but was exposed by botan_mp_to_str which called BigInt::encode directly. Split BigInt::encode/decode into two versions, one taking the Base argument and the other using the (previously default) binary base. With a view of eventually deprecating the versions taking a base. Add BigInt::to_dec_string() and BigInt::to_hex_string()
* Add some additional null pointer arg checks to FFIJack Lloyd2018-08-143-27/+61
|
* Merge GH #1647 Add X.509 path validation to FFIJack Lloyd2018-08-142-2/+113
|\
| * Add path validation to FFIJack Lloyd2018-08-132-2/+113
| |
* | Expose RDRAND RNG through FFIJack Lloyd2018-08-131-2/+13
|/
* De-inline ffi_guard_thunkJack Lloyd2018-08-133-34/+52
| | | | Saves about 300 Kb of code space in the FFI object files
* Better error reporting for FFIJack Lloyd2018-08-123-6/+18
| | | | | Previously safe_get(x) where x was null would return an error about an exception being thrown, instead of a null pointer error.
* Add function to return the size of a key agreement outputJack Lloyd2018-08-122-0/+9
| | | | Very useful when using "Raw" DH/ECDH via the FFI API.
* Better error checking in Python wrapperJack Lloyd2018-08-111-1/+1
| | | | | | Adopt APIs added in 2.8 Expose botan_error_description which was added in 2.5 but not exported!
* Put bcrypt decls in ffi in same placeJack Lloyd2018-08-111-22/+22
|
* Add botan_cipher_get_keyspecJack Lloyd2018-08-114-13/+34
| | | | | | | botan_cipher_query_keylen doesn't return the modulus. Renames (recently added/unreleased) botan_{block_cipher,mac}_query_keylen to x_get_keyspec so the names are consistent.
* Add some useful FFI functionsJack Lloyd2018-08-104-0/+55
|
* Add a function to query output length of symmetric cipherJack Lloyd2018-08-104-1/+18
|
* Add functions to get size of PK ciphertext,plaintextJack Lloyd2018-08-102-3/+23
| | | | Needed for https://github.com/strongswan/strongswan/pull/109
* Guard use of Serialized_RNG with thread macro checkJack Lloyd2018-08-101-0/+2
|
* Merge GH #1641 Add functions to get expected length of PK signatureJack Lloyd2018-08-102-0/+7
|\
| * Add FFI function to get signature output lengthJack Lloyd2018-08-102-0/+7
| |
* | Add a "user-threadsafe" option to botan_rng_initJack Lloyd2018-08-101-0/+10
| |