aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/prov
Commit message (Collapse)AuthorAgeFilesLines
* Fix seek test with OpenSSL RC4Jack Lloyd2017-11-141-1/+1
|
* Remove duplicated includeJack Lloyd2017-11-131-1/+0
|
* Missing include: #include <cstdlib> is needed for std::free.Yuri2017-11-111-0/+1
|
* Add checks that keyed algorithms are actually keyed before useJack Lloyd2017-10-262-3/+17
| | | | | Previously calling update or encrypt without calling set_key first would result in invalid outputs or else crashing.
* Accept SHA-1, SHA1, or SHA-160 equallyJack Lloyd2017-10-132-2/+2
| | | | | | Fixes #1235 [ci skip]
* Add limits.h header for INT_MAXAlon Bar-Lev2017-10-131-0/+1
| | | | | Gentoo-Bug: https://bugs.gentoo.org/633468 Signed-off-by: Alon Bar-Lev <[email protected]>
* Remove needless mutableJack Lloyd2017-10-121-2/+2
| | | | [ci skip]
* Add limits.h header for INT_MAXJack Lloyd2017-10-041-0/+1
| | | | Gentoo bug https://bugs.gentoo.org/633468
* Avoid empty methods, use =default or add a commentJack Lloyd2017-10-032-5/+0
| | | | Sonar
* Add missing cstdlib include to openssl_rsa.cppilovezfs2017-10-031-0/+1
| | | | Fixes the build with Xcode 8 and earlier.
* Remove protected m_handle data from PKCS11::ObjectJack Lloyd2017-10-023-6/+18
|
* Further build/test fixes for restricted configurationsJack Lloyd2017-09-241-0/+4
|
* More header cleanupsJack Lloyd2017-09-231-1/+0
|
* Refer to free in std::Jack Lloyd2017-09-221-1/+1
|
* Avoid new/delete in BearSSL ECDSA codeJack Lloyd2017-09-221-17/+10
| | | | Especially storing private key that way was bad, wasn't zeroed.
* Apply final annotations to the library alsoJack Lloyd2017-09-2221-36/+37
| | | | | Done by a perl script which converted all classes to final, followed by selective reversion where it caused compilation failures.
* More include header cleanupsJack Lloyd2017-09-211-0/+1
|
* Header file cleanupsJack Lloyd2017-09-212-1/+1
| | | | Some help from include-what-you-use
* Clean up header includesJack Lloyd2017-09-217-12/+6
| | | | | | | Avoid including build.h or assert.h directly, instead always take them though types.h Avoid math.h in favor of cmath
* Change header guard format to BOTAN_FOO_H_Jack Lloyd2017-09-2016-32/+32
| | | | | | ISO C++ reserves names with double underscores in them Closes #512
* More annotationsJack Lloyd2017-09-191-1/+1
|
* Add API stability annotations.Jack Lloyd2017-09-1912-46/+46
| | | | | Defined in build.h, all equal to BOTAN_DLL so ties into existing system for exporting symbols.
* Avoid int vs size_t warning in OpenSSL codeJack Lloyd2017-09-171-1/+1
|
* OpenSSL module requires public key code be enabled in buildJack Lloyd2017-08-291-0/+4
|
* Fix bad iterator deref in OpenSSL RSAJack Lloyd2017-08-251-1/+3
|
* Merge GH #1094 Add initial BearSSL providerJack Lloyd2017-08-024-0/+392
|\
| * BearSSL: replace more NULLs with nullptrPatrick Wildt2017-07-101-4/+4
| | | | | | | | Based on feedback from @securitykernel on the PR.
| * BearSSL: implement PR feedback and compare ECGroup OID namePatrick Wildt2017-07-053-12/+29
| | | | | | | | | | | | | | This commit implements the feedback from @securitykernel on the PR and also changes the EC Group comparison to use the OID, akin to OpenSSL. The EC Group comparison was needed before GH #1093 was merged, but now we can go use the OpenSSL variant.
| * BearSSL: move includes into extern "C"Patrick Wildt2017-07-052-3/+8
| | | | | | | | | | Without the specific extern "C" declaration for the includes the C functions might get C++'d so the linking stage fails.
| * BearSSL: Support for ECDSAPatrick Wildt2017-07-052-0/+206
| | | | | | | | | | | | This commit adds support for ECDSA using BearSSL as a backend. This means we can test BearSSL's ECDSA algorithms using the extensive Botan testsuite.
| * BearSSL: Initial support and hash testsPatrick Wildt2017-07-053-0/+164
| | | | | | | | | | | | | | | | | | BearSSL is an implementation of the SSL/TLS protocol in C aiming to be correct and secure, small and highly portable. Thus making it nicer to be included in a rather sparse bootloader. This commit adds support for BearSSL's hash routines only, with more stuff coming up in following commits. The goal is to be able to test BearSSL using Botan's extensive testsuite.
* | Merge GH #1132 Fix Doxygen errors and add -Wdocumentation flag to clang ↵Jack Lloyd2017-07-312-2/+2
|\ \ | | | | | | | | | maintainer build
| * | Fix warnings from clangs -Wdocumentation flagJack Lloyd2017-07-282-2/+2
| |/
* | Merge GH #1131 Confirm OpenSSL supports curve at runtime before attempting ↵Jack Lloyd2017-07-311-12/+35
|\ \ | | | | | | | | | to use it
| * | Check if curve is built into OpenSSL at runtimeRené Korthaus2017-07-281-12/+35
| |/
* / Don't crash if openssl can't allocate a new contextKirill A. Korinsky2017-06-293-2/+13
|/
* Add basic test for TPM UUID classJack Lloyd2017-06-041-3/+3
| | | | Constify some member functions
* Make Botan compile with LibreSSL again.Alexander Bluhm2017-05-243-6/+6
| | | | | | Add some #ifdef LIBRESSL_VERSION_NUMBER in addition to the OPENSSL_VERSION_NUMBER switch. Narrow down API compatiblity between LibreSSL and OpenSSL version in docs.
* Add copy_state to OpenSSL hash functions, and port to OpenSSL 1.1.0Jack Lloyd2017-05-225-74/+130
|
* Generate private RSA key with OpenSSL.Alexander Bluhm2017-04-302-0/+39
| | | | | Implement RSA private key generation with RSA_generate_key_ex(). Make PK_Key_Generation_Test iterate over all providers.
* Merge GH #1032 Throw exception with OpenSSL error message if OpenSSL API ↵Jack Lloyd2017-04-295-35/+65
|\ | | | | | | call fails
| * Throw OpenSSL exception if any OpenSSL function failed.Alexander Bluhm2017-04-295-35/+65
| | | | | | | | | | Checking for all failures helps to find problems early. The OpenSSL_Error() exception provides the OpenSSL error string.
* | Do not load OpenSSL error messages in library.Alexander Bluhm2017-04-281-1/+0
|/ | | | | | The function ERR_load_crypto_strings() should be called by the program or during library initializeation. Remove it from get_openssl_enc_pad(), this looks like an accident.
* Implement cipher modes with OpenSSL.Alexander Bluhm2017-04-252-0/+207
| | | | | | Use the OpenSSL provider to implement AES CBC mode. Also pass down the provider to the encryption layer if there is no matching OpenSSL mode. Add a test with empty nonce.
* Content:Tomasz Frydrych2017-04-034-6/+4
| | | | | | | | | * fixes for deprecated constructions in c++11 and later (explicit rule of 3/5 or implicit rule of 0 and other violations) * `default` specifier instead of `{}` in some places(probably all) * removal of unreachable code (for example `return` after `throw`) * removal of compilation unit only visible, but not used functions * fix for `throw()` specifier - used instead `BOTAN_NOEXCEPT` * removed not needed semicolons
* Remove "Dirty hack" for multiple defines in lex_me_harder()Simon Warta2017-04-023-3/+9
|
* add "--with-external-libdir" to configure.pyDaniel Neus2017-01-261-1/+2
| | | | | | Fixes #767 and #19 Main purpose is to support external libs like OpenSSL on Windows.
* Enable PKCS11 module by default and remove --with-pkcs11 optionRené Korthaus2017-01-111-2/+0
| | | | | | The pkcs11 module once required the pkcs11 headers as an external dependency, but the headers were included a while ago. Still, the module was set to be load_on vendor. Instead, we can enable the module by default now.
* Add try/catch blocks in noexcept destructors that might throwJack Lloyd2017-01-063-8/+29
| | | | Flagged by Coverity
* Convert to using standard uintN_t integer typesJack Lloyd2016-12-1823-200/+200
| | | | | | Renames a couple of functions for somewhat better name consistency, eg make_u32bit becomes make_uint32. The old typedefs remain for now since probably lots of application code uses them.