| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Only user-visible change is the removal of get_byte.h
|
| | |
|
| |
|
|
| |
Some tweaks for point multiplication using fixed windows.
|
| |
|
|
|
|
|
|
| |
The plain PointGFp operator* now uses Montgomery ladder exclusively.
Adds a blinded point multiply algorithm which uses exponent and point
randomization, as well as a Montgomery ladder technique that takes a
random walk of the possible addition chains for k.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
C functions must not throw but Botan::bigint_divop throws (MSVC: warning
C4297: 'Botan::bigint_divop' : function assumed not to throw an
exception but does)
* Move bigint_mul -> Botan::bigint_sqr
* Move bigint_sqr -> Botan::bigint_sqr
* Variable in unnamed namespace supersedes "static" keyword
|
| |
|
|
|
|
| |
Previously they were hidden away as private functions on the CurveGFp
types. This allows directly testing the reduction functions against
other computational methods.
|
| | |
|
| |
|
|
| |
Thanks to @vlajos https://github.com/vlajos/misspell_fixer
|
| |
|
|
| |
Fixes #108
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. src/lib/codec/base64/base64.cpp: :
(round_up<size_t>(input_length, 3) / 3) * 4;
2. src/lib/codec/base64/base64.cpp: :
(round_up<size_t>(input_length, 4) * 3) / 4;
3. src/lib/filters/transform_filter.cpp: return round_up(target_size,
update_granularity);
4. src/lib/math/bigint/bigint.cpp:
m_reg.resize(round_up<size_t>(size, 8));
5. src/lib/math/bigint/bigint.cpp:
m_reg.resize(round_up<size_t>((length / WORD_BYTES) + 1, 8));
6. src/lib/math/numbertheory/mp_numth.cpp: BigInt z(BigInt::Positive,
round_up<size_t>(2*x_sw, 16));
7. src/lib/modes/cbc/cbc.cpp: return round_up(input_length,
cipher().block_size());
8. src/lib/modes/ecb/ecb.cpp: return round_up(input_length,
cipher().block_size());
9. src/lib/modes/xts/xts.cpp: return round_up(input_length,
cipher().block_size());
10. src/lib/pbkdf/pbkdf2/pbkdf2.cpp: const size_t blocks_needed =
round_up(out_len, prf_sz) / prf_sz;
11. src/lib/tls/tls_record.cpp: const size_t buf_size = round_up(
12. src/lib/utils/rounding.h:inline T round_up(T n, T align_to)
1. Reason for change
2. Reason for change
3. first argument cannot be 0 (`target_size = 1024`)
4. Is a bug in the current implementation iff `size = 0`
5. first argument cannot be 0
6. round_up should return 0 if `x_sw = 0`
7. ?
8. ?
9. ?
10. first argument cannot be 0 (`if(out_len == 0) return 0;`)
11. first argument is unlikely to be 0 (`iv_size + msg_length + mac_size
+ (block_size ? 1 : 0)`)
12. Implementation
|
| |
|
|
| |
Fixes #146.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
Uninitialized variables, missing divide by zero checks, missing
virtual destructor, etc. Only thing serious is bug in TLS maximum
fragment decoder; missing breaks in switch statement meant receiver
would treat any negotiated max frament as 4k limit.
|
| | |
|
| |
|
|
| |
encoding= flags since they are not needed anymore and broke Python2.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
a source file. Without BOTAN_DLL the LibraryInitializer was removed entirely
from the list of symbols which is not desired.
Add some casts to avoid scary sounding but (upon review) harmless warnings from MSVC
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Convert all uses of Algorithm_Factory and the engines to using Algo_Registry
The shared pool of entropy sources remains but is moved to EntropySource.
With that and few remaining initializations (default OIDs and aliases)
moved elsewhere, the global state is empty and init and shutdown are no-ops.
Remove almost all of the headers and code for handling the global
state, except LibraryInitializer which remains as a compatability stub.
Update seeding for blinding so only one hacky almost-global RNG
instance needs to be setup instead of across all pubkey uses (it uses
either the system RNG or an AutoSeeded_RNG if the system RNG is not
available).
|
| |
|
|
| |
Remove global PRNG.
|
| | |
|
| | |
|
| |
|
|
|
| |
Update license header line to specify the terms and refer to the file,
neither of which it included before.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
The test function create_random_point did not actually create a point
on the curve - fix.
|
| |
|
|
|
| |
Roughly 35-50% faster on my laptop (depending on if mlock is enabled,
the overhead in that allocator is becoming much more of a hotspot).
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
can use different representations/operations depending on the curve
(eg, using a specialized version for P-256 reduction)
|
| | |
|
| |
|
|
|
|
| |
to specify a probability as well as if n was randomly chosen or not.
If the input is random use a better bounds to reduce the number of
needed tests.
|
| |
|
|
|
| |
provides a much better worst-case error bound. Also take the nonce from anywhere
in the usable range rather than limiting the bit size.
|
| |
|
|
|
|
|
|
| |
where we chose a single random nonce and tested it repeatedly, rather
than choosing new nonces each time. Reported by Jeff Marrison.
Also remove a pointless comparison (also pointed out by Jeff) and add
an initial test using a witness of 2.
|
| |
|
|
| |
read during swap (in the move constructor)
|
| | |
|
| | |
|
| |
|
