| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
It was already close, but the carry loop would break early and
selecting which value to copy out was indexed on the borrow bit. Have
the carry loop run through, and add a const-time conditional copy
operation and use that to copy the output.
Convert ct_utils to CT namespace. Templatize the utils, which I was
hesitant to do initially but is pretty useful when dealing with
arbitrary word sizes.
Remove the poison macros, replace with inline funcs which reads
cleaner at the call site.
|
| | |
|
| |
|
|
|
|
| |
For RSA, RC4, and ECDSA put the openssl versions in the same directory
as the base version. They just rely on a macro check for the openssl
module to test for the desire to use OpenSSL.
|
| |
|
|
| |
In OAEP expand the const time block to cover MGF1 also
|
| |
|
|
|
|
|
|
| |
via timing channels.
Add annotations for checking constant-time code using ctgrind to
PKCS #1 and OAEP, as well as IDEA and Curve25519 which were already
written as constant time code.
|
| |\
| |
| | |
Support for 64 bit ARM
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This adds support for 64 bit ARM cores as used in many high-end phones
such as all iPhones beginning with the 5s. While these newer phones
still run 32 bit ARM code, Apple doesn't allow apps to be submitted to
the app store if they don't provide a 64 bit build.
This commit adds a new arm64 arch and renames arm to arm32 to stay
consistent with the other architectures. The name arm can still be used
for configuring because it has been added as an alias for arm32.
Additionally, the one piece of ARM inline assembly that can be found in
Botan doesn't work on 64 bit ARM, so I use the solution that has been
proposed in #180: Use __builtin_bswap32 instead of inline assembly.
|
| |/
|
|
|
| |
Removes filters as as an internal dependency pretty much entirely
(outside of some dusty corners in misc).
|
| |
|
|
|
|
|
| |
Ever tried?
auto str = "some long string";
auto str2 = str + '\n';
It's not with the brainfuck finding the bug.
|
| | |
|
| |
|
|
|
|
| |
Avoids needing to include simd_32 to see if SIMD is disabled. This
had caused a build break on Linux x86-32 as SSE2 must be enabled on
a per-file basis.
|
| |
|
|
| |
Only user-visible change is the removal of get_byte.h
|
| | |
|
| |
|
|
|
|
|
| |
* Add random_prime benchmark
* Add is_prime benchmark
* Respect runtime in benchmark_transform(). This sets default runtime
from 2s to 0.5s per configuration
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
On systems where unsigned long is uint64 (typically 64 bit systems), a
string containing a number greater than 2^32-1 was sucessfully converted
to a uint64 and than reduced to uint32, causing an overflow. E.g.
to_u32bit("4294967296") was 0 and to_u32bit("4294967297") was 1.
|
| |\
| |
| | |
Enable use of cpuid.h with clang
|
| | | |
|
| |/ |
|
| | |
|
| |
|
|
| |
Closes #202
|
| | |
|
| |
|
|
|
|
|
| |
With modern compilers, all are slower than the C++ and SSE2 versions
of the same algos.
GH #216
|
| |
|
|
|
|
| |
The android.txt is a copy of linux.txt minus the getsid feature
(Android's libc, Bionic, doesn't support it) and the alias linux-gnu. It
is supported anywhere where linux is supported.
|
| |
|
|
| |
Closes #199
|
| |
|
|
| |
Closes #198
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. src/lib/codec/base64/base64.cpp: :
(round_up<size_t>(input_length, 3) / 3) * 4;
2. src/lib/codec/base64/base64.cpp: :
(round_up<size_t>(input_length, 4) * 3) / 4;
3. src/lib/filters/transform_filter.cpp: return round_up(target_size,
update_granularity);
4. src/lib/math/bigint/bigint.cpp:
m_reg.resize(round_up<size_t>(size, 8));
5. src/lib/math/bigint/bigint.cpp:
m_reg.resize(round_up<size_t>((length / WORD_BYTES) + 1, 8));
6. src/lib/math/numbertheory/mp_numth.cpp: BigInt z(BigInt::Positive,
round_up<size_t>(2*x_sw, 16));
7. src/lib/modes/cbc/cbc.cpp: return round_up(input_length,
cipher().block_size());
8. src/lib/modes/ecb/ecb.cpp: return round_up(input_length,
cipher().block_size());
9. src/lib/modes/xts/xts.cpp: return round_up(input_length,
cipher().block_size());
10. src/lib/pbkdf/pbkdf2/pbkdf2.cpp: const size_t blocks_needed =
round_up(out_len, prf_sz) / prf_sz;
11. src/lib/tls/tls_record.cpp: const size_t buf_size = round_up(
12. src/lib/utils/rounding.h:inline T round_up(T n, T align_to)
1. Reason for change
2. Reason for change
3. first argument cannot be 0 (`target_size = 1024`)
4. Is a bug in the current implementation iff `size = 0`
5. first argument cannot be 0
6. round_up should return 0 if `x_sw = 0`
7. ?
8. ?
9. ?
10. first argument cannot be 0 (`if(out_len == 0) return 0;`)
11. first argument is unlikely to be 0 (`iv_size + msg_length + mac_size
+ (block_size ? 1 : 0)`)
12. Implementation
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
GH #103
|
| |
|
|
| |
Github pull 74 from Chris Desjardins
|
| | |
|
| |
|
|
| |
Based on github pull req 23 by Robert Daily.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
alternate implementation for Unix and add some feature checks so a
boost-free build of the tests and command line are possible again.
|
| |
|
|
| |
Cipher_Mode. Add missing includes in entropy sources, noticed by clang.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Convert all uses of Algorithm_Factory and the engines to using Algo_Registry
The shared pool of entropy sources remains but is moved to EntropySource.
With that and few remaining initializations (default OIDs and aliases)
moved elsewhere, the global state is empty and init and shutdown are no-ops.
Remove almost all of the headers and code for handling the global
state, except LibraryInitializer which remains as a compatability stub.
Update seeding for blinding so only one hacky almost-global RNG
instance needs to be setup instead of across all pubkey uses (it uses
either the system RNG or an AutoSeeded_RNG if the system RNG is not
available).
|
| |
|
|
| |
Remove global PRNG.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Transforms and BlockCiphers. Registration for all types is done at
startup but is very cheap as just a std::function and a std::map entry
are created, no actual objects are created until needed. This is a
huge improvement over Algorithm_Factory which used T::clone() as the
function and thus kept a prototype object of each type in memory.
Replace existing lookup mechanisms for ciphers, AEADs, and compression
to use the transform lookup. The existing Engine framework remains in
place for BlockCipher, but the engines now just call to the registry
instead of having hardcoded lookups.
s/Transformation/Transform/ with typedefs for compatability.
Remove lib/selftest code (for runtime selftesting): not the right approach.
|
| | |
|
| | |
|
