| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
GH #656
|
|
|
|
| |
Some fixes for missing system_rng in ECIES and tests.
|
| |
|
|
|
|
|
|
|
| |
Verification is deterministic and public, so really no RNG is ever needed.
Change provider handling - accepts "base", "openssl", or empty, otherwise
throws a Provider_Not_Found exception.
|
|
|
|
|
|
|
|
| |
Instead the key types exposes operations like `create_encryption_op`
which will return the relevant operation if the algorithm supports it.
Changes pubkey.h interface, now RNG is passed at init time.
Blinder previous created its own RNG, now it takes it from app.
|
|
|
|
|
|
| |
Compiling botan with disabled rc4 module fails in case of openssl w/o rc4...
Error:
./src/lib/prov/openssl/openssl_rc4.cpp:15:25: fatal error: openssl/rc4.h: No such file or directory
#include <openssl/rc4.h>
|
| |
|
|
|
|
|
| |
For block ciphers, stream ciphers, hashes, MACs, and cipher modes.
Cipher_Mode already had it, with a slightly different usage.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change reseed interval logic to count calls to `randomize` rather than
bytes, to match SP 800-90A
Changes RNG reseeding API: there is no implicit reference to the
global entropy sources within the RNGs anymore. The entropy sources
must be supplied with the API call. Adds support for reseding directly
from another RNG (such as a system or hardware RNG).
Stateful_RNG keeps optional references to both an RNG and a set of
entropy sources. During a reseed, both sources are used if set.
These can be provided to HMAC_DRBG constructor.
For HMAC_DRBG, SP800-90A requires we output no more than 2**16 bytes
per DRBG request. We treat requests longer than that as if the caller
had instead made several sequential maximum-length requests. This
means it is possible for one or more reseeds to trigger even in the
course of generating a single (long) output (generate a 256-bit key
and use ChaCha or HKDF if this is a problem).
Adds RNG::randomize_with_ts_input which takes timestamps and uses them
as the additional_data DRBG field. Stateful_RNG overrides this to also
include the process ID and the reseed counter. AutoSeeded_RNG's
`randomize` uses this.
Officially deprecates RNG::make_rng and the Serialized_RNG construtor
which creates an AutoSeeded_RNG. With these removed, it would be
possible to perform a build with no AutoSeeded_RNG/HMAC_DRBG at all
(eg, for applications which only use the system RNG).
Tests courtesy @cordney in GH PRs #598 and #600
|
| |
|
|
|
|
|
|
| |
I think probably what these headers had should work, but end up
confusing the generator and breaking the build:
https://travis-ci.org/randombit/botan/jobs/154197472
|
| |
|
|
|
|
|
|
|
| |
These headers are copied/linked into build_dir/include/external
This has the advantage that external includes can be taken as they are, they haven't to be modified.
Fixes amalgamation build with enabled pkcs#11 module
|
| |
|
|
|
|
|
|
|
|
|
|
| |
It provided a default implementation that only checked
that the length was correct, but ignored the actual data
and did not notify the caller, which seemed like a
rather odd behaviour.
The only implementation that used this default implementation,
RC4, now throws an exception.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Handles fork checking for HMAC_RNG and HMAC_DRBG
AutoSeeded_RNG change - switch to HMAC_DRBG as default.
Start removing the io buffer from entropy poller.
Update default RNG poll bits to 256.
Fix McEliece test, was using wrong RNG API.
Update docs.
|
|
|
|
|
|
|
|
| |
Add support and tests for additional_data param to HMAC_DRBG
Add Stateful_RNG class which has fork detection and periodic reseeding.
AutoSeeded_RNG passes the current pid and time as additional_data
|
|
|
|
| |
no longer needed since hash_for_emsa() is now in emsa.h
|
|\ |
|
| | |
|
| | |
|
| | |
|
| | |
|
|\| |
|
| | |
|
|/
|
|
| |
adding ChaCha8 support
|
|
|
|
|
|
|
| |
Previously RSA and ElGamal stripped off leading zeros which were then
assumed by the padding decoders. Instead have them produce ciphertexts
with leading zeros. Changes EME_Raw to strip leading zeros to match
existing behavior.
|
| |
|
|
|
|
| |
explicit.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Remove -Wsuggest-attribute=noreturn from maintainer mode flags as it
seems like outside of the assertion failure macro any other suggestion
would always be a false positive (an unimplemented function or the like).
Or at least, if such a function needing noreturn to assist with static
analysis is added in the future it will be obvious, by virtue of the
static analyzer warnings which occur due to the missing noreturn
preventing the analyzer from understanding code flow.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Expose provider param in PK_Key_Agreement API
Handle multiple providers in key agreement tests
Fix some funky formatting of P-521 EC points in ecdh.vec which was
being rejected by OpenSSL; for whatever reason the CAVS file had
the affine coords with far more leading zeros than necessary.
|
| |
|
|
Having the code diffused all over the place was ugly and would
not scale well to multiple alternative providers.
GH #368
|