| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
The signature of the alert callback remains unchanged to avoid
breaking applications, though now the buffer parameter is never set.
|
|
|
|
| |
Works around a libstdc++ bug when fuzzing with libFuzzer
|
|
|
|
|
|
|
| |
In some cases this can offer better optimization, via devirtualization.
And it lets the user know the class is not intended for derivation.
Some discussion in GH #402
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This avoids a scan over the entire 0 - 0xFFFF space which is mostly
empty, by instead keeping a second list in tls_suite_info which is
exactly the keys for which the switch statement has values.
This scan is only ever done once (when first needed) but removing it
is sufficient to increase AFL's throuhput by 4x since it goes through
a full startup on each test.
|
|
|
|
| |
fix PVS-Studio perfomance warnings
|
|
|
|
| |
Interop tested with mbed TLS
|
|\
| |
| | |
Some trivial compiler and PVS-Studio warning fixes
|
| | |
|
|/ |
|
| |
|
|
|
|
| |
See GH #340 and 6b9a3a5 for background
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The command line tools' origin as a collection of examples and test
programs glued together led to some unfortunate problems; lots of
hardcoded values, missing parameters, and obsolete crypto.
Adds a small library for writing command line programs of the sort
needed here (cli.h), which cuts the length of many of the commands in
half and makes commands more pleasant to write and extend.
Generalizes a lot of the commands also, eg previously only
signing/verification with DSA/SHA-1 was included!
Removes the fuzzer entry point since that's fairly useless outside of
an instrumented build.
Removes the in-library API for benchmarking.
|
| |
|
|
|
|
|
|
|
|
| |
As the alternatives are unfortunate for applications trying to catch
all library errors, and it seems deriving from std::runtime_error
causes problems with MSVC DLLs (GH #340)
Effectively reverts 2837e915d82e43
|
|
|
|
|
|
| |
Re-encoding the server key exchange meant that any leading zeros
in the values for DHE (or SRP) would be stripped out. This would
cause the signature check to fail.
|
|
|
|
| |
DB::spin now returns the number of rows affected
|
|
|
|
| |
since the primality tests are expensive in CPU time.
|
|
|
|
|
|
|
|
|
|
|
| |
Fix a bug which rejected any short server key exchanges. These can
occur with a plain PSK with short or empty identity hints.
Disable SHA-224 by default.
Remove some vestigal RC4 cruft.
Push more on the TLS corruption tests.
|
| |
|
|\
| |
| | |
TLS improvements
|
| |
| |
| |
| | |
Convert to a const time algo
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Use constant time operations when checking CBC padding in TLS decryption
Fix a bug in decoding ClientHellos that prevented DTLS rehandshakes
from working: on decode the session id and hello cookie would be
swapped, causing confusion between client and server.
Various changes in the service of finding the above DTLS bug that
should have been done before now anyway - better control of handshake
timeouts (via TLS::Policy), better reporting of handshake state in the
case of an error, and finally expose the facility for per-message
application callbacks.
|
|/
|
|
| |
Add test suite with certs from x509test
|
| |
|
|
|
|
| |
Only user-visible change is the removal of get_byte.h
|
| |
|
|
|
|
| |
protocol handler was specified to the Server constructor. GH #252
|
|
|
|
| |
Only botan-cli, botan-tests and the FFI module depend on PKCS8
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
Uninitialized variables, missing divide by zero checks, missing
virtual destructor, etc. Only thing serious is bug in TLS maximum
fragment decoder; missing breaks in switch statement meant receiver
would treat any negotiated max frament as 4k limit.
|
| |
|
| |
|
|
|
|
|
|
| |
Fix two memory leaks (in TLS and modes) caused by calling get_foo and
then cloning the result before saving it (leaking the original object),
a holdover from the conversion between construction techniques in 1.11.14
|
|
|
|
|
|
|
|
|
|
|
|
| |
ctypes Python wrapper that uses it. The API is intentionally designed
to have a very simple ABI (extern "C", all structs are opaque, no
memory ownership passing the FFI boundary, limited set of simple types
as args) so the ctypes wrapper is quite simple.
Currently ffi provides ciphers, hashes, MACs, RNGs, PBKDF, KDF,
bcrypt, and most public key operations.
Remove the old boost.python wrapper and all the build code for it.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Convert all uses of Algorithm_Factory and the engines to using Algo_Registry
The shared pool of entropy sources remains but is moved to EntropySource.
With that and few remaining initializations (default OIDs and aliases)
moved elsewhere, the global state is empty and init and shutdown are no-ops.
Remove almost all of the headers and code for handling the global
state, except LibraryInitializer which remains as a compatability stub.
Update seeding for blinding so only one hacky almost-global RNG
instance needs to be setup instead of across all pubkey uses (it uses
either the system RNG or an AutoSeeded_RNG if the system RNG is not
available).
|
|
|
|
| |
Remove global PRNG.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Transforms and BlockCiphers. Registration for all types is done at
startup but is very cheap as just a std::function and a std::map entry
are created, no actual objects are created until needed. This is a
huge improvement over Algorithm_Factory which used T::clone() as the
function and thus kept a prototype object of each type in memory.
Replace existing lookup mechanisms for ciphers, AEADs, and compression
to use the transform lookup. The existing Engine framework remains in
place for BlockCipher, but the engines now just call to the registry
instead of having hardcoded lookups.
s/Transformation/Transform/ with typedefs for compatability.
Remove lib/selftest code (for runtime selftesting): not the right approach.
|
| |
|
| |
|
| |
|
|
|
|
|
| |
and enable them in the default build, though still not enabled in the
runtime policy.
|
| |
|
| |
|
|
|
|
|
| |
Update license header line to specify the terms and refer to the file,
neither of which it included before.
|