aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib
Commit message (Collapse)AuthorAgeFilesLines
* Add =default copy constructor decls for some pubkey types.Jack Lloyd2017-01-273-1/+15
| | | | | | | This inhibits default creation of C++11 move operators which we do not want. GH #849
* Add BOTAN_UNUSED in creator functionsJack Lloyd2017-01-275-0/+15
| | | | | | If all (say) stream ciphers are disabled, avoid unused arg warning. [ci skip]
* Merge GH #857 Add --with-external-libdir to configure.pyJack Lloyd2017-01-271-1/+2
|\
| * add "--with-external-libdir" to configure.pyDaniel Neus2017-01-261-1/+2
| | | | | | | | | | | | Fixes #767 and #19 Main purpose is to support external libs like OpenSSL on Windows.
* | Fix private key ctors API docs [ci skip]René Korthaus2017-01-279-11/+12
|/
* Fix various SunCC and Solaris warnings and build problems.Jack Lloyd2017-01-248-31/+42
| | | | | | | | | | | | | | | | | | | | | | | | Based on build output sent by @noloader. If RLIMIT_MEMLOCK is not defined, assume regular user is not able to call mlock. This probably also affected Clang/GCC on Solaris. Work around resolution issue in SIMD_4x32 where it finds ambiguity between arg taking uint32_t and __m128i. This is probably some artifact of how SunCC represents vector types, and seems highly bogus in general but is easy to work around here. Change constructor taking a single value to instead be `SIMD_4x32::splat` function. The SIMD class is internal, so no API implications. Fix various warnings about lambda functions that were missing return types and which were not a single return statement. AIUI C++11 doesn't guarantee that lambda return type will be deduced in that situation, though in practice every compiler including SunCC seems to handle it. Disable AVX2 usage, since SunCC's intrinsics seem to be broken - its _mm_loadu_si256 takes non-const pointer. Rename a few variables in the tests to avoid shadowed var warnings.
* Remove obsolete workaround for bug in some old Sun Studio versionJack Lloyd2017-01-241-5/+0
| | | | [ci skip]
* If PowerPC clock returns 0, skip it.Jack Lloyd2017-01-231-2/+10
| | | | | | Doesn't seem to be a problem with the asm, code works fine on physical hardware (POWER8) but on qemu (on CI) both instructions return zero and the test fails.
* Add CPUID::to_stringJack Lloyd2017-01-222-38/+67
| | | | | | | | | Deprecates CPUID::print, mainly to avoid use of ostream in utils. Main reasoning is some platforms do not have streams at all. If all uses of streams are for operator<< and operator>> overloads, these can be guarded by a future BOTAN_HAS_CPP_STREAMS system-feature flag. But when ostreams are required to use the API (as here), that is not possible.
* Add basic test for OS utilsJack Lloyd2017-01-221-4/+12
| | | | | Mainly driven by missing test for OS::run_cpu_instruction_probe. Currently only works on x86 and ARM. Tested on x86-64 native and aarch64 qemu.
* Remove unused iostream includeJack Lloyd2017-01-201-1/+0
| | | | [ci skip]
* Avoid requiring AT_DCACHEBSIZE (data cache size) getauxvalJack Lloyd2017-01-191-0/+3
| | | | | Missing on Android it appears, or at least on Kullo CI NDK. Not essential by any means.
* Fix for PowerPCJack Lloyd2017-01-171-2/+2
|
* Fixes for 32-bit ARMJack Lloyd2017-01-171-7/+38
|
* Refactor CPUID implementation, add ARM supportJack Lloyd2017-01-172-146/+322
| | | | | | Tested for ARM only under qemu-aarch64, need to check hardware before merging. Changes x86 CPUID bitmasks which does break ABI for 2.1, no API implications.
* Fixes for OS X buildJack Lloyd2017-01-172-1/+2
| | | | | | os_utils.h was missing an include, only noticed on OS X sigemptyset is a macro on OS X so cannot be called as ::sigemptyset
* Add OS::run_cpu_instruction_probeJack Lloyd2017-01-152-13/+107
| | | | | | Needed for ARM detection, also probably useful on PowerPC for AltiVec Works fine for me on Linux x86-64 testing with ud2 instruction.
* Enable PKCS11 module by default and remove --with-pkcs11 optionRené Korthaus2017-01-111-2/+0
| | | | | | The pkcs11 module once required the pkcs11 headers as an external dependency, but the headers were included a while ago. Still, the module was set to be load_on vendor. Instead, we can enable the module by default now.
* Merge GH #818 Fix DL_Group generator selectionJack Lloyd2017-01-066-12/+28
|\
| * Fix how DL_Group chooses generator for strong prime groups.Jack Lloyd2017-01-066-12/+28
| | | | | | | | | | | | | | | | | | | | | | Previously it fixed g=2 but this is not always correct. GH #784 Change default PEM header for X9.42 groups to match OpenSSL. We accept either on decoding. GH #784 Change {DL_Group,EC_Group}::PEM_for_named_curve to return std::string instead of a const char*. That makes a future refactoring I have in mind possible without breaking API.
* | Add try/catch blocks in noexcept destructors that might throwJack Lloyd2017-01-063-8/+29
|/ | | | Flagged by Coverity
* Merge GH #814 Avoid negotiating CECPQ1 if x25519 ECC is disabledJack Lloyd2017-01-061-0/+10
|\
| * Avoid negotiating CECPQ1 if x25519 ECC is disabledJack Lloyd2017-01-051-0/+10
| |
* | Merge GH #813 Remove obsolete entropy source infoJack Lloyd2017-01-061-18/+0
|\ \
| * | removed two more obsolete entropy source referencesDaniel Neus2017-01-061-14/+0
| | |
| * | Remove obsolete hres_timer includeDaniel Neus2017-01-061-4/+0
| | | | | | | | | | | | module doesn't exist anymore
* | | Return 0 bits in Darwin_SecRandom::poll on SecRandomCopyBytes failureDaniel Neus2017-01-061-0/+2
|/ /
* | Merge GH #806 Add tests for TLS certificate static messageJack Lloyd2017-01-051-8/+8
|\ \
| * | Add tests for certificate status messageJack Lloyd2017-01-041-8/+8
| |/ | | | | | | | | | | | | Currently untested by TLS crosstalk tests because it is not supported on the server side. Exposes the rest of TLS message types to application.
* | Merge GH #803 Add botan_ffi_supports_version funcJack Lloyd2017-01-052-0/+17
|\ \
| * | Add botan_ffi_supports_api functionJack Lloyd2017-01-042-0/+17
| |/ | | | | | | | | | | | | | | | | | | | | | | This lets us upgrade the FFI version over time and still allow applications to reliably detect if the current library binary supports their version. As an example, it would be useful to be able to add features to FFI sometime in 2.x. In that case, we would increase the value of the FFI API version, even though anything calling the old API would still work perfectly. Applications can verify at runtime the API they want to use is supported using this new call.
* / Move Data_Store from utils to x509Jack Lloyd2017-01-045-4/+4
|/ | | | | It is not a general purpose util or something we want applications to use. It is only used by x509 and hopefully will be removed from there soon enough.
* Merge GH #793 Add iOS targetJack Lloyd2017-01-031-0/+2
|\
| * Add os iosSimon Warta2017-01-031-0/+2
| |
* | Fix comment typo [ci skip]Jack Lloyd2017-01-031-1/+1
| |
* | Avoid using target function attribute in Clang before 3.8Jack Lloyd2017-01-031-1/+1
|/ | | | | | | | | | We support 3.5 or higher generally, but only Clang 3.8 has the function attributes. This doesn't affect the build with older Clang because the makefile still sets file-wide ISA flags. GCC supports this attribute in all versions we support. Fixes GH #797
* Remove SRP6 file supportJack Lloyd2016-12-312-133/+0
| | | | | | | | | | | | | It turns out SRP6 files use a different base64 alphabet than standard, and additionally Botan's decoding of the group id seems wrong though I haven't verified this second was a bug. In any case this code couldn't parse anything it was supposed to and never could. I had already planned on adding a database backed SRP store and removing this code but the fact that it's actually not functional for purpose suggests it's best to remove this now rather than let someone chance upon it and be endlessly frustrated that it doesn't seem to work because all the verifiers are garbled.
* Add a simple test of the all or nothing transformJack Lloyd2016-12-311-2/+2
|
* Improve filter testsJack Lloyd2016-12-313-2/+10
| | | | | | | Fix a bug in Pipe::check_available that must date back 15 years... Add destructors to compression filter so unique_ptr destructor runs without user having to include an extra header for the owned type.
* Increase default TLS DH min to 2048 bits, and add BSI policy class.Jack Lloyd2016-12-302-2/+56
| | | | | Moves BSI policy file to test data dir where it can be compared with what the hardcoded class outputs.
* Merge GH #785 Disable SHA-1 and weak RSA by default during cert validationJack Lloyd2016-12-301-6/+8
|\
| * Increase Path_Validation_Restrictions default min strength to 110Jack Lloyd2016-12-271-6/+8
| | | | | | | | | | Effectively disables 1024 bit RSA as well as SHA-1. Edit the tests where required to enable it again.
* | Add CECPQ1 OCB ciphersuitesJack Lloyd2016-12-301-1/+3
| | | | | | | | | | | | Clean up the ciphersuite generation script a bit. [ci skip]
* | Tiny code simplificationJack Lloyd2016-12-301-3/+1
| |
* | Prohibit SHA256/SHA384 ciphersuites in TLS 1.0/1.1 (GH #496)Jack Lloyd2016-12-281-3/+10
|/
* Remove unnecessary BOTAN_DLL annotationsJack Lloyd2016-12-274-5/+5
|
* Speed up DSA param gen testJack Lloyd2016-12-262-8/+14
| | | | Record counter value in test data, and start the search from there.
* Merge GH #783 Expose TLS message types to applicationsJack Lloyd2016-12-2420-30/+43
|\
| * Export tls_messages.h as a public headerRené Korthaus2016-12-2320-30/+43
| | | | | | | | | | | | | | TLS::Callbacks::inspect_handshake_message() allows applications to inspect all handshake messages, but this requires access to the types in tls_messages.h. As a matter of fact, this also exports tls_extensions.h as a public header.
* | Compile fixJack Lloyd2016-12-231-0/+1
| |
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-20 20:40:18 +0000