aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib
Commit message (Collapse)AuthorAgeFilesLines
* Handle repeated initializations of the library better and deal withlloyd2015-01-245-77/+60
| | | | initializations across multiple threads safely.
* Allow reducing the size of the allocated mlock pool via env variablelloyd2015-01-241-9/+27
| | | | | | (BOTAN_MLOCK_POOL_SIZE, specified in decimal KB). Currently we read this even when setuid as the worst a user could do is disable mlock, which they can already do via ulimits.
* Add Strict_Policy. Disable server initiated renegotiation by default.lloyd2015-01-232-13/+43
|
* Add support for configuring a TLS::Policy by text filelloyd2015-01-235-109/+202
|
* Avoid needless buffering when handling padding byteslloyd2015-01-231-4/+4
|
* Centralize where string.h/cstring is included to mem_ops.hlloyd2015-01-2316-42/+32
| | | | See github 42 for background
* Amalgamation fixeslloyd2015-01-235-32/+16
|
* Remove memset_s, not implemented on any machine I can test on andlloyd2015-01-231-7/+5
| | | | | | | | problematic for requiring a special define before the first include of string.h. Instead optionally call memset via a volatile function pointer as a faster alternative to byte at a time writes. Github 42, 45
* Update TLS OCB ciphersuites to match draft-zauner-tls-aes-ocb-00lloyd2015-01-213-3/+47
| | | | | and enable them in the default build, though still not enabled in the runtime policy.
* Add SipHashlloyd2015-01-114-0/+179
|
* Remove DES startup selftestslloyd2015-01-111-19/+0
|
* Remove SSLv3 and handling of SSLv2 client hellos.lloyd2015-01-1126-559/+38
|
* Clean up base64 handling. Github pull 40 from webmaster128lloyd2015-01-111-11/+10
|
* Support any key length for TLS session encryption by hashing with HMAClloyd2015-01-101-4/+16
|
* Ensure all files have copyright and license info.lloyd2015-01-10679-694/+698
| | | | | Update license header line to specify the terms and refer to the file, neither of which it included before.
* Add MCEIES, an integrated encryption system using McEliece and AES-256/OCBlloyd2015-01-083-0/+154
|
* This assumed other headers it did not includelloyd2015-01-081-1/+2
|
* No need to reseed RNG in DSA sign as RNG is no longer usedlloyd2015-01-081-4/+2
|
* Side channel commentarylloyd2015-01-082-0/+26
|
* Inline BigInt::get_bit and byte_atlloyd2015-01-082-23/+9
|
* Change TLS session encryption to use AES-256/GCM instead of CBC+HMAClloyd2015-01-085-202/+26
|
* Cleanuplloyd2015-01-081-7/+5
|
* Add missing includelloyd2015-01-081-0/+1
|
* Handle zero length inputs correctly in base64. Github issue 37lloyd2015-01-081-2/+9
|
* Add OID for SHA-512/256lloyd2015-01-081-0/+2
|
* Add SHA-512/256lloyd2015-01-0814-74/+128
| | | | | Define some new functions for copying out arrays of words and use them across hashes.
* Avoid referencing &vec[vec.size()] as this triggers iterator debugginglloyd2015-01-074-6/+6
| | | | asserts in MSVC 2013. Github pull 36 from Simon Warta.
* Support setting the number of pad bytes in a heartbeat message. Uselloyd2015-01-075-70/+86
| | | | | random instead of all-zero padding. Check on sanity of received pads to the extent possible. Bugzilla 269.
* Use RtlSecureZeroMemory or memset_s if availablelloyd2015-01-071-0/+13
|
* If no certificate stores at all are available skip OCSP checkslloyd2015-01-041-5/+7
|
* Remove config used for testing DTLS-SRTPlloyd2015-01-041-3/+2
|
* Add DTLS-SRTP key establishment from RFC 5764 (required for WebRTC).lloyd2015-01-0411-134/+293
| | | | | | | | | | | | | | Github issue 27. Refactor server hello handling to make it easier to handle other extensions. The manual specified that 224 bit NIST primes were disabled by default for TLS but they were not. Additionaly disable the 256k1 curve and reorder the remaining curves by size. Rewrite the max fragment length extension code to roughly what an ideal compiler would have turned the original code into, using a switch instead of a lookup into a small constant std::map.
* Add ChaCha20Poly1305 TLS ciphersuites compatible with Google's implementationlloyd2014-12-317-95/+122
|
* Add helper and update commentlloyd2014-12-311-2/+8
|
* Support the older ChaCha20Poly1305 AEAD from draft-agl-tls-chacha20poly1305-04lloyd2014-12-312-10/+34
| | | | | which we distinguish by the nonce size (always 64 bits in this format, always 96 bits in the CFRG document).
* Fix one past the end write in Poly1305 finishlloyd2014-12-311-1/+1
|
* Decruftlloyd2014-12-312-15/+1
|
* Add AEAD based on ChaCha20 and Poly1305 defined in ↵lloyd2014-12-294-0/+246
| | | | draft-irtf-cfrg-chacha20-poly1305-03
* Add Poly1305, based on poly1305-donna by Andrew Moon.lloyd2014-12-298-11/+298
|
* Support 96 bit nonces in ChaCha20 as specified in ↵lloyd2014-12-292-3/+12
| | | | draft-irtf-cfrg-chacha20-poly1305-03
* When encrypting McEliece or Curve25519 keys, default to GCM instead of CBC.lloyd2014-12-273-11/+22
| | | | Add OIDS for OCB mode with various ciphers.
* Add Curve25519 based on curve25519-donna by Adam Langley.lloyd2014-12-277-0/+813
| | | | | | This uses only the c64 version from curve25519-donna; on systems that don't have a native uint128_t type, a donna128 type stands in for just enough 128-bit operations to satisfy donna.cpp
* Fix header guards for amalgamation (github issue 35)lloyd2014-12-224-31/+31
|
* Fix a couple things pointed out by VC++ warnings.lloyd2014-12-222-8/+3
|
* Fix System_RNG for Windows, fix nmake clean targetlloyd2014-12-221-2/+2
|
* Enable system_rng on Windows and MinGW (untested)lloyd2014-12-213-5/+15
|
* Add abstract database interface so applications can easily store infolloyd2014-12-2012-311/+443
| | | | | | in places other than sqlite3, though sqlite3 remains the only implementation. The interface is currently limited to precisely the functionality the TLS session manager needs and will likely expand.
* Correct commentlloyd2014-12-181-2/+2
|
* Add MinGW support for the CryptoAPI RNG. Also disable the dependencieslloyd2014-12-173-1/+3
| | | | | | | | in auto_rng for a working entropy source as in situations where it doesn't work almost none of the library builds. Disable boost by default from the library. Github issue 34. Unrelated - remove long dead Tru64 as a target.
* In OpenSSL engine drop support for public key operations. These PK ops just calllloyd2014-12-176-588/+0
| | | | | BN directly and so don't get the benefit of side channel protections in either OpenSSL's or Botan's implementations of the algorithms.