| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Sonar find
|
|
|
|
|
|
|
|
|
|
|
|
| |
For whatever reason GCC 7 on i386 miscompiles this loop under -O3. I was
not able to reduce the bug to a small testcase - extracting the problem
section of the code to its own file, it behaves correctly.
Also oddly, I was never able to repro this using Arch's gcc-multilib
i386 compiler. But when compiled with the 'native' i386 compiler in
a chroot it immediately fails.
See GH #1148 and GH #882
|
|
|
|
| |
(Missed hunk in previous commit)
|
| |
|
| |
|
|\ |
|
| |
| |
| |
| |
| |
| |
| | |
This commit implements the feedback from @securitykernel on the
PR and also changes the EC Group comparison to use the OID, akin
to OpenSSL. The EC Group comparison was needed before GH #1093
was merged, but now we can go use the OpenSSL variant.
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
BearSSL is an implementation of the SSL/TLS protocol in C aiming
to be correct and secure, small and highly portable. Thus making
it nicer to be included in a rather sparse bootloader. This commit
adds support for BearSSL's hash routines only, with more stuff
coming up in following commits. The goal is to be able to test
BearSSL using Botan's extensive testsuite.
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
While using marketing names like 2013, 2015 etc. is more convenient at
first sight, it requires keeping a table about all supported compiler
versions, as there is no formular to calculate between the
representations.
Keeping a list of compilers leads to the following issue: if one version
of Botan is released in 2017, requiring MSVS 2015 for one module, this
source can be compiled using MSVS 2015 and 2017 but not a future version
like 2019.
Also preview/development versions of MSVC that may use an intermediate
version number cannot be handled with the marketing name table because
they may be unknown to the general public.
|
|
|
|
|
|
|
|
| |
T[] variable is actually a constant, so precompute it in SM3_TJ
W1 expansion is very simple and can just be done inline.
Somewhat faster on my machine.
|
| |
|
|
|
|
|
|
|
| |
function declaration is already hidden, fix some param names in doxygen
comments, fixes #1067
This work was sponsored by Ribose Inc (@riboseinc).
|
|\ |
|
| |
| |
| |
| |
| | |
They don't understand unique_ptr<Derived> to unique_ptr<Base> without help
https://stackoverflow.com/questions/22018115/converting-stdunique-ptrderived-to-stdunique-ptrbase
|
| |
| |
| |
| | |
See GH #1037
|
| |
| |
| |
| |
| |
| |
| | |
Works everywhere but Apple Clang. Could handle this with a hack
to configure but running ARMv8 in 32-bit mode is rare and suboptimal,
and it would be better to deal with this using compile-time feature
detection.
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
Fix for new define syntax, remove old style casts.
Add some randomly generated longer SHA-256 vectors, previously had
precisely zero multiblock tests.
|
| |
| |
| |
| | |
Based on patch from Jeffrey Walton in GH #841
|
|/
|
|
|
|
| |
Based on patch from Jeffrey Walton in GH #840
Only tested in qemu so far.
|
| |
|
|
|
|
| |
Based on GH #807 and #808
|
|\ |
|
| |
| |
| |
| | |
failures for some compilers.
|
| | |
|
| | |
|
| |\ |
|
| | | |
|
| |/
|/|
| |
| |
| |
| |
| |
| |
| | |
* fixes for deprecated constructions in c++11 and later (explicit rule of 3/5 or implicit rule of 0 and other violations)
* `default` specifier instead of `{}` in some places(probably all)
* removal of unreachable code (for example `return` after `throw`)
* removal of compilation unit only visible, but not used functions
* fix for `throw()` specifier - used instead `BOTAN_NOEXCEPT`
* removed not needed semicolons
|
|/ |
|
|
|
|
|
|
| |
Renames a couple of functions for somewhat better name consistency,
eg make_u32bit becomes make_uint32. The old typedefs remain for now
since probably lots of application code uses them.
|
| |
|
|
|
|
|
|
|
| |
- Enables code for shake support
- Creating SHAKE hash function by name now allows to select output size
of 256 Bit for SHAKE128 and 512 Bit for SHAKE256.
- Adds *self-generated*, unverified test vectors for XMSS/SHAKE.
|
| |
|
|
|
|
|
|
|
|
| |
Previously it made sense for them to be in distinct dirs because
they were standalone. However with #580 that is no longer the case,
so move them to subdirs. Configure knows that anything underneath
a directory has a dependency on the parent dir, so update info.txt
files accordingly to remove explicit dependencies where set.
|
| |
|
|
|
|
|
|
| |
This required taking a global lock and doing a map lookup each
time an algorithm was requested (and so many times during a TLS
handshake).
|
|
|
|
|
|
|
| |
I repent my use of global constructors.
I repent my use of global locks.
Hopefully I will never touch this code again.
:)
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Kind of a copy and paste of Keccak, but only a single copy of the
permutation at least. Keccak depends on SHA-3 instead of the reverse,
so that SHA-3 can be enabled without also bringing in an unapproved
hash function.
Updates newhope code and removes API function newhope_hash which was
an unofficial SHA-3-256.
|
| | |
|
|/ |
|
|
|
|
|
|
|
|
| |
Also emit `#pragma GCC target` in the ISA specific amalgamation files.
This allows compiling without any special compiler flags, at least
with GCC 6.2 and Clang 3.8. The ISA annotations are ignored in MSVC,
which just emits whatever instruction the intrinsic requires.
|
| |
|
|
|
|
|
| |
For block ciphers, stream ciphers, hashes, MACs, and cipher modes.
Cipher_Mode already had it, with a slightly different usage.
|
|
|
|
|
|
|
|
|
|
| |
Various algorithms had an optimized implementation (for SSE2, AVX2, etc)
which was offered alongside the 'base' implementation. This is
admittedly very useful for testing, but it breaks user expectations in
bad ways. See GH #477 for background.
Now encrypting with `AES_128` (say) just runs whatever implementation
is best on the current processor/build.
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Provides conjectured 200-bit security against a quantum attacker.
Based on the public domain reference implementation at
https://github.com/tpoeppelmann/newhope and bit-for-bit
compatible with that version.
Test vectors generated by the reference testvector.c
|
|/ |
|