aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/prov
Commit message (Collapse)AuthorAgeFilesLines
* RNG changes (GH #593)Jack Lloyd2016-08-241-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Change reseed interval logic to count calls to `randomize` rather than bytes, to match SP 800-90A Changes RNG reseeding API: there is no implicit reference to the global entropy sources within the RNGs anymore. The entropy sources must be supplied with the API call. Adds support for reseding directly from another RNG (such as a system or hardware RNG). Stateful_RNG keeps optional references to both an RNG and a set of entropy sources. During a reseed, both sources are used if set. These can be provided to HMAC_DRBG constructor. For HMAC_DRBG, SP800-90A requires we output no more than 2**16 bytes per DRBG request. We treat requests longer than that as if the caller had instead made several sequential maximum-length requests. This means it is possible for one or more reseeds to trigger even in the course of generating a single (long) output (generate a 256-bit key and use ChaCha or HKDF if this is a problem). Adds RNG::randomize_with_ts_input which takes timestamps and uses them as the additional_data DRBG field. Stateful_RNG overrides this to also include the process ID and the reseed counter. AutoSeeded_RNG's `randomize` uses this. Officially deprecates RNG::make_rng and the Serialized_RNG construtor which creates an AutoSeeded_RNG. With these removed, it would be possible to perform a build with no AutoSeeded_RNG/HMAC_DRBG at all (eg, for applications which only use the system RNG). Tests courtesy @cordney in GH PRs #598 and #600
* Another PKCS #11 amalg fixJack Lloyd2016-08-231-1/+1
|
* Work around some amalgamation issues.Jack Lloyd2016-08-232-6/+4
| | | | | | I think probably what these headers had should work, but end up confusing the generator and breaking the build: https://travis-ci.org/randombit/botan/jobs/154197472
* restore to original pkcs11.hDaniel Neus2016-08-121-4/+4
|
* Headers can be marked as external by using `<header:external>` in info.txt.Daniel Neus2016-08-122-2/+5
| | | | | | | These headers are copied/linked into build_dir/include/external This has the advantage that external includes can be taken as they are, they haven't to be modified. Fixes amalgamation build with enabled pkcs#11 module
* include external PKCS#11 headers into botanDaniel Neus2016-07-265-1/+3208
|
* Make Stream_Cipher::set_iv() pure virtualRené Korthaus2016-07-201-0/+6
| | | | | | | | | | It provided a default implementation that only checked that the length was correct, but ignored the actual data and did not notify the caller, which seemed like a rather odd behaviour. The only implementation that used this default implementation, RC4, now throws an exception.
* Add Stateful_RNGJack Lloyd2016-07-171-2/+3
| | | | | | | | | | | | | | Handles fork checking for HMAC_RNG and HMAC_DRBG AutoSeeded_RNG change - switch to HMAC_DRBG as default. Start removing the io buffer from entropy poller. Update default RNG poll bits to 256. Fix McEliece test, was using wrong RNG API. Update docs.
* Switch to HMAC_DRBG for all RNG generation.Jack Lloyd2016-07-171-14/+7
| | | | | | | | Add support and tests for additional_data param to HMAC_DRBG Add Stateful_RNG class which has fork detection and periodic reseeding. AutoSeeded_RNG passes the current pid and time as additional_data
* remove rfc6979 module dependency for pkcs11Daniel Neus2016-07-051-1/+0
| | | | no longer needed since hash_for_emsa() is now in emsa.h
* Merge GH #507 Add PKCS #11 support. Previous merge 360a3a5 missed later commitsJack Lloyd2016-07-047-37/+12
|\
| * remove unnecessary includeDaniel Neus2016-06-281-1/+0
| |
| * fix some warnings and one compile errorDaniel Neus2016-06-284-6/+7
| |
| * reuse BigInt::encode_1363 instead of self written logicDaniel Neus2016-06-281-6/+1
| |
| * use NULL_RNG to make clear that the RNG is not usedDaniel Neus2016-06-282-24/+4
| |
* | Merge GH #507 Add PKCS #11 supportJack Lloyd2016-07-0425-0/+7297
|\|
| * add PKCS#11 supportDaniel Neus2016-06-1725-0/+7297
| |
* | Adding StreamCipher::seek interface, supporting seek in ChaCha, and also ↵SimCog2016-06-181-0/+5
|/ | | | adding ChaCha8 support
* Clean up PK decryption encoding.Jack Lloyd2016-03-202-4/+11
| | | | | | | Previously RSA and ElGamal stripped off leading zeros which were then assumed by the padding decoders. Instead have them produce ciphertexts with leading zeros. Changes EME_Raw to strip leading zeros to match existing behavior.
* Trivial warning fixesJack Lloyd2016-03-092-17/+23
|
* cppcheck fixes: Class 'X' has a constructor with 1 argument that is not ↵Daniel Neus2016-03-051-1/+1
| | | | explicit.
* add missing include guardsDaniel Neus2016-02-192-0/+10
|
* Add missing overrides and fix -Wpedantic 'extra ;' warningsJack Lloyd2016-01-173-28/+28
| | | | | | | | | | Remove -Wsuggest-attribute=noreturn from maintainer mode flags as it seems like outside of the assertion failure macro any other suggestion would always be a false positive (an unimplemented function or the like). Or at least, if such a function needing noreturn to assist with static analysis is added in the future it will be obvious, by virtue of the static analyzer warnings which occur due to the missing noreturn preventing the analyzer from understanding code flow.
* Mass-prefix member vars with m_René Korthaus2016-01-081-50/+50
|
* Add ECDH via OpenSSLJack Lloyd2016-01-042-15/+113
| | | | | | | | | | Expose provider param in PK_Key_Agreement API Handle multiple providers in key agreement tests Fix some funky formatting of P-521 EC points in ecdh.vec which was being rejected by OpenSSL; for whatever reason the CAVS file had the affine coords with far more leading zeros than necessary.
* Add TPM v1.2 support (RSA keygen/signing, RNG)Jack Lloyd2015-12-194-0/+754
|
* Merge the openssl code together.Jack Lloyd2015-12-197-0/+941
Having the code diffused all over the place was ugly and would not scale well to multiple alternative providers. GH #368