aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/kdf
Commit message (Collapse)AuthorAgeFilesLines
* Fix clang-tidy readability-named-parameterJack Lloyd2022-02-061-1/+4
|
* Fix some Clang warningsJack Lloyd2022-01-271-1/+1
| | | | See GH #2886
* Remove the OpenSSL providerJack Lloyd2021-10-281-1/+1
| | | | | | | | Starting in OpenSSL 3.0, most of the functionality which we need to implement the OpenSSL provider is deprecated. Rather than reimplement the whole provider in order to allow it to continue to work in the future, just remove it. Efforts would be better spent doing more optimization work rather than chasing OpenSSL's API changes.
* Make get_byte take a compile-time constant indexJack Lloyd2021-04-161-2/+2
| | | | Add get_byte_var for the few cases that need a variable index
* KDF::createJack Lloyd2021-04-052-16/+14
|
* Add KDF::new_objectJack Lloyd2021-04-0315-49/+77
|
* Use make_unique in type factory functionsJack Lloyd2021-04-031-10/+10
|
* Remove the TLS 1.0 PRFJack Lloyd2021-04-014-72/+5
|
* Don't use shouting case for ASN1_{Type,Class} valuesJack Lloyd2021-01-131-2/+2
| | | | | Leftover from it being an old style enum, and now that we have split them there is not any further compatability concern.
* Split ASN1 tags enum class into 2 enum classessledgehammer_9992021-01-111-2/+2
| | | | This should improve type safety even more.
* Convert ASN1_Tag to an enum classJack Lloyd2020-12-201-4/+4
|
* Switch MAC vs HMAC preference in KDF and PBKDF2Jack Lloyd2020-12-011-2/+2
| | | | | | | | Adding BLAKE2b as a MAC caused "PBKDF2(BLAKE2b)" to become interpreted as PBKDF2 with keyed BLAKE, instead of the previous interpretation of PBKDF2 with BLAKE2/HMAC. (And similarly for HKDF, etc) Fixes #2525
* Remove the KDF truncation behaviorJack Lloyd2020-11-2819-158/+212
| | | | Closes GH #2347
* Make scan_name.h, cpuid.h and http_util.h internalJack Lloyd2020-11-282-2/+2
|
* Remove deprecated headers, make more headers internalJack Lloyd2020-11-0619-59/+37
| | | | | | | | | Now modules default to internal headers instead of defaulting to public; making a new public API should be a visible and intentional choice. Brings the public header count from over 300 to around 150. Also removes the deprecated tls_blocking interface
* Merge some of the ASN.1 headersJack Lloyd2020-10-311-1/+1
| | | | | Deprecate asn1_str.h asn1_time.h asn1_oid.h and alg_id.h with all contents moved to existing asn1_obj.h
* Fix LGTM warning about overflow checks in SP800-108 KDFJack Lloyd2020-10-027-12/+29
| | | | | | | | | It turns out some KDFs *do* verify that the output length is not too large, making the KDF truncation bug (#2437) even nastier. Add comments in KDFs where we are truncating so they can be fixed later. Also fix SP800-56C which would return the original key length rather than the possibly truncated key the KDF generated.
* Fix TLS-PRF KDF tests when MD5 is disabledJack Lloyd2019-11-133-3/+13
|
* Fix TLS PRF and module policyJack Lloyd2019-11-131-2/+0
| | | | We can firmly disable MD5 now, but not SHA1 since X.509 needs it
* Deprecate many publically available headersJack Lloyd2019-09-0611-0/+24
|
* Reduce usage of oids.h with the addition of some helpers on OIDJack Lloyd2019-08-042-14/+9
|
* Deprecate and replace OIDS::lookupJack Lloyd2019-08-041-1/+1
|
* s/as_string/to_string/Jack Lloyd2019-03-011-1/+1
| | | | | A few older APIs use as_string where everywhere else uses to_string. Add to_string's where missing, and deprecate X::as_string.
* Fix indent [ci skip]Jack Lloyd2019-01-051-7/+7
|
* DER improvementsJack Lloyd2018-05-221-1/+4
| | | | | | | | | | | Let DER_Encoder write to a user specified vector instead of only to an internal vector. This allows encoding to a std::vector without having to first write to a locked vector and then copying out the result. Add ASN1_Object::BER_encode convenience method. Replaces X509_Object::BER_encode which had the same logic but was restricted to a subtype. This replaces many cases where DER_Encoder was just used to encode a single object (X509_DN, AlgorithmIdentifier, etc).
* Add message to BOTAN_ARG_CHECK and use it more widelyJack Lloyd2018-05-133-10/+6
|
* Catch exceptions by reference not valueJack Lloyd2018-03-161-1/+1
| | | | Fixes a new warning in GCC 8
* Correct dependencies of kdf and pbkdf [ci skip]Jack Lloyd2018-01-172-1/+3
| | | | They assumed base pulled in hash and mac which is no longer true
* Make stream, block, hash and cipher mode base classes optionalJack Lloyd2018-01-123-0/+12
|
* Add wrappers for reinterpret_cast between char* and uint8_t*Jack Lloyd2017-10-032-6/+6
| | | | | | | Generally speaking reinterpret_cast is sketchy stuff. But the special case of char*/uint8_t* is both common and safe. By isolating those, the remaining (likely sketchy) cases are easier to grep for.
* Use explicit on more single-argument constructorsJack Lloyd2017-09-302-4/+4
|
* Address some MSVC warningsJack Lloyd2017-09-302-107/+109
|
* Require HMAC for HKDFJack Lloyd2017-09-281-0/+4
| | | | Not actually strictly required but in practice doesn't make much sense.
* Doxygen commentJack Lloyd2017-09-281-0/+6
| | | | [ci skip]
* Add HKDF-Expand-LabelJack Lloyd2017-09-273-2/+62
| | | | Step 1/n of TLS 1.3
* Cryptobox code modernizationJack Lloyd2017-09-221-2/+2
| | | | Only encrypt so it's easy to verify everything still works.
* Apply final annotations to the library alsoJack Lloyd2017-09-223-5/+5
| | | | | Done by a perl script which converted all classes to final, followed by selective reversion where it caused compilation failures.
* Header file cleanupsJack Lloyd2017-09-216-11/+1
| | | | Some help from include-what-you-use
* Change header guard format to BOTAN_FOO_H_Jack Lloyd2017-09-2010-20/+20
| | | | | | ISO C++ reserves names with double underscores in them Closes #512
* Complete the final annotation changesJack Lloyd2017-09-191-2/+2
|
* Add API stability annotations.Jack Lloyd2017-09-199-15/+15
| | | | | Defined in build.h, all equal to BOTAN_DLL so ties into existing system for exporting symbols.
* Post-merge changes to SP 800-56A KDF (GH #1040)Jack Lloyd2017-05-063-77/+120
| | | | | | | Instead of using a template split the KDF into two different classes that both call a template utility function to actually run the KDF algo. Simplify the "empty salt" logic and avoid having to instantiate a hash object just to get the hash block size.
* Align with comments from code reviewKrzysztof Kwiatkowski2017-05-042-6/+5
|
* Use uint64_t to represent 32-bit number (fixes unittests)Krzysztof Kwiatkowski2017-05-031-1/+1
|
* Update copyright headersKrzysztof Kwiatkowski2017-05-032-2/+6
|
* SP800-56A revision 2 implementationKrzysztof Kwiatkowski2017-05-033-29/+74
|
* Adds KDF based on SP 800-56A. Currently it is revision 1 (alternative 1). It ↵Krzysztof Kwiatkowski2017-05-034-0/+130
| | | | should be extended to revision 2.
* Content:Tomasz Frydrych2017-04-031-1/+1
| | | | | | | | | * fixes for deprecated constructions in c++11 and later (explicit rule of 3/5 or implicit rule of 0 and other violations) * `default` specifier instead of `{}` in some places(probably all) * removal of unreachable code (for example `return` after `throw`) * removal of compilation unit only visible, but not used functions * fix for `throw()` specifier - used instead `BOTAN_NOEXCEPT` * removed not needed semicolons
* Remove "Dirty hack" for multiple defines in lex_me_harder()Simon Warta2017-04-029-10/+28
|
* Add BOTAN_UNUSED in creator functionsJack Lloyd2017-01-271-0/+3
| | | | | | If all (say) stream ciphers are disabled, avoid unused arg warning. [ci skip]
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-02 00:41:24 +0000