aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/stream/ctr
Commit message (Collapse)AuthorAgeFilesLines
* Optimize CTR_BE::seekJack Lloyd2019-09-261-1/+20
|
* Merge GH #2061 Add header deprecation warningsJack Lloyd2019-09-081-0/+2
|\
| * Deprecate many publically available headersJack Lloyd2019-09-061-0/+2
| |
* | Optimizations for CTR_BE::add_counterJack Lloyd2019-09-061-14/+9
|/ | | | This is in the hot path for GCM
* Avoid pointless writeJack Lloyd2019-07-051-1/+1
| | | | The last 4 bytes are always overwritten in this loop.
* Silence MSVC warningsJack Lloyd2018-12-041-2/+2
| | | | static_casts for the compiler god
* Optimize computation of CTR input blocksJack Lloyd2018-08-101-8/+13
| | | | | | | | We don't need to read each block since we know what is there Improves CTR perf with AES-NI by 5-6%, also helps GCM GH #969
* Specialize CTR::seek for 4-byte countersJack Lloyd2018-08-101-5/+19
| | | | | When used with AES-128 on Skylake (AES-NI), improves GCM performance by 10% on small messages and 5% on 1K messages.
* De-inline functions from stream cipher headersJack Lloyd2018-08-082-10/+25
|
* Add StreamCipher::default_iv_lengthJack Lloyd2018-08-081-0/+2
|
* Add message to BOTAN_ARG_CHECK and use it more widelyJack Lloyd2018-05-131-2/+3
|
* Make stream, block, hash and cipher mode base classes optionalJack Lloyd2018-01-121-0/+4
|
* FIX: add carry bit to correct half-padRené Meusel2018-01-051-1/+1
|
* Support seeking in Salsa20Jack Lloyd2017-11-141-0/+2
| | | | Add a test that StreamCipher::seek throws if not keyed.
* Add checks that keyed algorithms are actually keyed before useJack Lloyd2017-10-261-3/+4
| | | | | Previously calling update or encrypt without calling set_key first would result in invalid outputs or else crashing.
* Allow setting CTR width via stringJack Lloyd2017-10-202-3/+7
| | | | | | | | | Prohibit very small counter widths (under 4 bytes), since they lead to trivial keystream reuse. Add tests. Fix clone which always returned an object with a block-wide counter.
* Appease SonarJack Lloyd2017-10-191-1/+1
|
* Further optimizations, and split out GHASH reduction codeJack Lloyd2017-10-181-8/+11
|
* GCM and CTR optimizationsJack Lloyd2017-10-182-47/+99
| | | | | | | | | | | In CTR, special case for counter widths of special interest. In GHASH, uses a 4x reduction technique suggested by Intel. Split out GHASH to its own source file and header. With these changes GCM is over twice as fast on Skylake and about 50% faster on Westmere.
* Better tests for SIVJack Lloyd2017-09-242-12/+14
| | | | | | | | | | | | Correct errors in the AEAD tests that assumed process/update always return something - that isn't true for SIV Minor optimizations in CMAC and CTR to cache the block size instead of making a zillion virtual calls for it. Generalize SIV slightly to where it could support a non-128 bit cipher, but don't pull the trigger on it since I can't find any implementations to crosscheck with.
* Change header guard format to BOTAN_FOO_H_Jack Lloyd2017-09-201-2/+2
| | | | | | ISO C++ reserves names with double underscores in them Closes #512
* Add API stability annotations.Jack Lloyd2017-09-191-1/+1
| | | | | Defined in build.h, all equal to BOTAN_DLL so ties into existing system for exporting symbols.
* Refactor: remove big-endian addition code duplicationRené Meusel2017-04-132-18/+27
|
* Refactor: use ::seek(0) in CTR_BE::set_iv()René Meusel2017-04-131-18/+1
|
* Add implementation of CTR_BE::seek()René Meusel2017-04-132-2/+31
|
* Remove "Dirty hack" for multiple defines in lex_me_harder()Simon Warta2017-04-021-1/+3
|
* Convert to using standard uintN_t integer typesJack Lloyd2016-12-182-10/+10
| | | | | | Renames a couple of functions for somewhat better name consistency, eg make_u32bit becomes make_uint32. The old typedefs remain for now since probably lots of application code uses them.
* Remove Algo_RegistryJack Lloyd2016-10-212-12/+0
| | | | | | | I repent my use of global constructors. I repent my use of global locks. Hopefully I will never touch this code again. :)
* Minor doxygen fixes [ci skip]René Korthaus2016-10-191-1/+1
|
* Adding StreamCipher::seek interface, supporting seek in ChaCha, and also ↵SimCog2016-06-182-0/+6
| | | | adding ChaCha8 support
* Fix GCM counter incrementJack Lloyd2016-05-232-2/+18
| | | | | | | | | GCM is defined as having a 32-bit counter, but CTR_BE incremented the counter across the entire block. This caused incorrect results if a very large message (2**39 bits) was processed, or if the GHASH derived nonce ended up having a counter field near to 2**32 Thanks to Juraj Somorovsky for the bug report and repro.
* Add explicit static_cast operations to eliminate implicit cast compiler ↵Dan Brown2016-04-271-1/+1
| | | | warnings.
* cppcheck fixes: Class 'X' has a constructor with 1 argument that is not ↵Daniel Neus2016-03-051-1/+1
| | | | explicit.
* Add final attribute to many classesJack Lloyd2016-01-101-1/+1
| | | | | | | In some cases this can offer better optimization, via devirtualization. And it lets the user know the class is not intended for derivation. Some discussion in GH #402
* Remove use of lookup.h in favor of new T::create API.Jack Lloyd2015-09-211-3/+2
|
* Internal header cleanupsJack Lloyd2015-09-191-1/+0
| | | | Only user-visible change is the removal of get_byte.h
* Handle dependencies re static linking. GH #279Jack Lloyd2015-09-171-0/+1
| | | | | | | | | | | | | | Previously we were hanging on the type destructors to pull in the relevant objects. However that fails in many simple cases where the object is never deleted. For every type involved in the algo registry add static create and providers functions to access the algo registry. Modify lookup.h to be inline and call those functions, and move a few to sub-headers (eg, get_pbkdf going to pbkdf.h). So accessing the registry involves going through the same file that handles the initialization, so there is no way to end up with missing objs.
* Fix static lib registration for block, hash, mac, stream, kdfJack Lloyd2015-09-101-2/+0
| | | | | | | | | | | The support problems from having static libraries not work in the obvious way will be endless trouble. Instead have each set of registrations tag along in a source file for the basic type, at the cost of some extra ifdefs. On shared libs this is harmless - everything is going into the shared object anyway. With static libs, this means pulling in a single block cipher pulls in the text of all the them. But that's still strictly better than the amalgamation (which is really pulling in everything), and it works (unlike status quo).
* stream: Add missing overridesDaniel Seither2015-07-301-8/+8
|
* lib/stream: Convert &vec[0] to vec.data()Simon Warta2015-06-231-2/+2
|
* Hide Algorithm_Factory and use the functions in lookup.h internally.lloyd2015-03-041-1/+1
| | | | | | Fix two memory leaks (in TLS and modes) caused by calling get_foo and then cloning the result before saving it (leaking the original object), a holdover from the conversion between construction techniques in 1.11.14
* Reduce the CTR_BE buffer down to just a few blocks.lloyd2015-02-171-14/+16
| | | | No performance impact afaict.
* Clean up root dir, remove some unneeded dependencieslloyd2015-02-051-5/+0
|
* Use registry for streams and MACs. Start updating callers.lloyd2015-01-312-1/+15
|
* Ensure all files have copyright and license info.lloyd2015-01-102-2/+2
| | | | | Update license header line to specify the terms and refer to the file, neither of which it included before.
* Guess I won't be needing theselloyd2014-01-181-1/+0
|
* More unique_ptrlloyd2014-01-182-71/+37
|
* Move lib into srclloyd2014-01-103-0/+201