aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/ffi
Commit message (Collapse)AuthorAgeFilesLines
* Correct version annotation for botan_rng_init_customJack Lloyd2021-04-151-1/+1
|
* Bump the ffi version to indicate support for custom RNGJack Lloyd2021-02-202-1/+5
|
* Add API to register custom RNG with FFI APIRené Fischer2021-02-182-0/+113
|
* Some math deprecationsJack Lloyd2020-11-051-1/+1
| | | | | | | | | | | | | Mostly things that shouldn't be used (like almost Montgomery inverse, which isn't even constant time) or are very much just for internals (like the word-wise Montgomery inverse computation used for reduction). Make variable time division explicit; leaves plain divide as a call but it forwards to ct_divide now. All callers within the library are now explicitly consttime or vartime. Add a shortcut for modulus by one word - this hits quite often especially in the ECC code
* More header mergingJack Lloyd2020-11-032-2/+2
|
* Remove use of Serialized_RNG in FFI and testsJack Lloyd2020-09-121-7/+1
|
* Make it possible to DER encode signatures through FFI APIJack Lloyd2020-05-152-5/+11
| | | | GH #2356
* Add Processor_RNGJack Lloyd2020-05-081-5/+5
| | | | | | | Replaces RDRAND_RNG, RDRAND entropy source, and DARN entropy source. Provides also DARN-based RNG interface. This also gives an easy path for supporting the ARMv8 RNG instructions.
* Bump the FFI version due to addition of CRL supportJack Lloyd2019-12-142-1/+5
|
* Avoid MSVC warnings about dead code in FFI layerJack Lloyd2019-12-0610-26/+38
| | | | Also fix warning about "insecure" getenv
* Add documentation for CRL API in FFI and Python bindingPavol Žáčik2019-12-031-13/+20
|
* Add basic CRL handling to FFI APIPavol Žáčik2019-12-032-0/+181
|
* fix missing ErrorType::RoughtimeError on switchesNuno Goncalves2019-10-162-0/+3
| | | | Signed-off-by: Nuno Goncalves <[email protected]>
* Deprecate some more redundant ffi functionsJack Lloyd2019-08-191-10/+31
|
* Fix indentationJack Lloyd2019-08-171-2/+2
|
* Document that FFI destroy operations can failJack Lloyd2019-05-291-3/+37
|
* Verify ffi object is not null before dereferencing itJack Lloyd2019-05-281-1/+5
| | | | | This shouldn't even happen if the header is still intact, but seemingly it can: #1983 so be robust as possible.
* Correct documentation for botan_rng_initJack Lloyd2019-05-281-2/+5
| | | | Fixes #1984
* Add a DatabaseError type, set the sqlite return code in exceptionJack Lloyd2019-05-231-0/+2
|
* More Python API enhancements.Jack Lloyd2019-04-272-29/+48
| | | | Deprecate various redundant FFI functions
* Fix C function prototypes.JornVernee2019-04-211-6/+6
|
* Remove unimplemented function declJack Lloyd2019-04-191-3/+0
|
* Use script to generate Python FFI declsJack Lloyd2019-04-191-7/+0
| | | | Remove unimplemented declaration botan_x509_cert_gen_selfsigned
* Avoid C++ style comments in headers that may be parsed as CJack Lloyd2019-04-191-64/+6
| | | | | Also remove the TLS declarations from ffi.h for now since that isn't supported at all.
* Rename Integrity_Failure to Invalid_Authentication_TagJack Lloyd2019-01-182-1/+4
| | | | | | | | | This makes the meaning and usage more clear. Add a specific error type so invalid tags can be distinguished without having to catch that specific type. See also #1813
* Use memcpy instead of strcpy here to shut up MSVC warningJack Lloyd2019-01-031-1/+1
| | | | Here the caller is assumed to have provided a buffer of sufficient size.
* Add OS::read_env_variableJack Lloyd2018-12-291-1/+1
| | | | Combines the priv check and the getenv call on one.
* Make exceptions easier to translate to error codesJack Lloyd2018-11-233-19/+85
| | | | | | | | | | | Avoid throwing base Botan::Exception type, as it is difficult to determine what the error is in that case. Add Exception::error_code and Exception::error_type which allows (for error code) more information about the error and (for error type) allows knowing the error type without requiring a sequence of catches. See GH #1742
* Fix FFI compilation without hotp moduleTobias Brunner2018-10-251-2/+2
|
* Remove support for Visual C++ 2013Jack Lloyd2018-10-0117-65/+65
| | | | Closes GH #1557
* Refactor mode tests, and correct bugs foundJack Lloyd2018-09-291-0/+1
| | | | | | | | | | | | | | | | | | | Several problems in CBC found by adding tests - If you set a key, then set a nonce, then set a new key, you could encrypt without setting a new nonce. - It was possible to call CBC finish without setting a nonce, which would crash. - If you had an CBC decryption object, set a key, set a nonce, then reset message state, it should throw because no nonce is set. Instead it would carry on using an all-zero nonce. Disable CommonCrypto with PKCS7 padding as it seems to have some problem that I cannot figure out from the build logs. This work sponsored by Ribose Inc
* Avoid null pointer write in FFIJack Lloyd2018-09-281-1/+4
| | | | | | | | If a function returning variable length output was called with a null output buffer but a non-zero output buffer length, FFI layer would call memset(nullptr, 0, buffer_len) and crash. Caught by Coverity.
* Add OS::running_in_privileged_stateJack Lloyd2018-09-271-1/+2
| | | | | | | | Avoid any getenv toggles or reading /proc if we are setuid/setgid. It is possible there is or will someday be some file in /proc that is world-readable, but if read by a privileged user causes some side effect.
* Define botan_scrypt in terms of botan_pwdhashJack Lloyd2018-09-131-12/+5
|
* In FFI pwdhash functions, let len == 0 mean "call strlen"Jack Lloyd2018-09-132-2/+18
|
* Merge GH #1670 New password hashing interfaceJack Lloyd2018-09-132-15/+136
|\
| * Fix Doxygen commentsJack Lloyd2018-09-101-2/+4
| |
| * Add FFIJack Lloyd2018-09-102-15/+134
| | | | | | | | This is a contribution of Ribose Inc (@riboseinc)
* | Some document fixesJack Lloyd2018-09-131-8/+13
| | | | | | | | | | Downgrade min Sphinx to 1.2 again - I checked and while Sphinx 1.2 produce many warnings it does generate usable output.
* | Add FFI functions for creating and getting X25519 dataJack Lloyd2018-09-102-0/+98
|/ | | | See GH #1680
* Use a literal date for this API versionJack Lloyd2018-09-021-5/+4
| | | | | It avoids having to rewrite existing logic when a new API version is introduced.
* Fix build without x509 moduleTobias Brunner2018-08-231-1/+22
| | | | | Fixes: dc85761ef02c ("Add path validation to FFI") Signed-off-by: Tobias Brunner <[email protected]>
* Add botan_cipher_reset to FFIJack Lloyd2018-08-172-0/+15
|
* Ignore an empty string ("") for trusted_path argumentJack Lloyd2018-08-161-1/+1
|
* Add args for botan FFI cert verification for hostname and timeJack Lloyd2018-08-162-4/+16
|
* Add botan_x509_cert_dupJack Lloyd2018-08-162-4/+24
|
* Fix bug introduced in 15e149acJack Lloyd2018-08-161-6/+6
| | | | | This caused get_field, when called with a non-existing field, to return success and set the field to a small negative integer.
* Avoid throwing within the FFI layerJack Lloyd2018-08-163-10/+9
| | | | No reason given we know the message is going to be thrown away.
* Add TOTP to FFIJack Lloyd2018-08-163-4/+144
|
* Expose HOTP to FFIJack Lloyd2018-08-152-0/+136
|