aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib
Commit message (Collapse)AuthorAgeFilesLines
* Make TLS::Blocking_Client non-finalJack Lloyd2017-10-021-1/+1
| | | | It is intended for derivation! Just not tested...
* sigemptyset is a macro on OS XJack Lloyd2017-10-021-1/+1
|
* Remove protected m_handle data from PKCS11::ObjectJack Lloyd2017-10-023-6/+18
|
* Make m_emsa in PK_{Signature,Verification}_with_EMSA privateJack Lloyd2017-10-022-4/+7
|
* Make EMSA1 data privateJack Lloyd2017-10-021-6/+4
| | | | It was already final so leaving data as protected makes no sense...
* Make kv in TLS_Text_Policy private, add protected setterJack Lloyd2017-10-022-0/+14
|
* Remove protected data members from X509_ObjectJack Lloyd2017-10-025-41/+27
| | | | Just need const accessors, no reason for any subclass to modify values.
* Remove needless blockJack Lloyd2017-10-021-11/+7
|
* Avoid using namespace in FFI headersJack Lloyd2017-10-025-7/+3
| | | | Internal only headers but Sonar doesn't know that
* Prefix names in global namespace with ::Jack Lloyd2017-10-023-7/+7
|
* Remove redundant "virtual override" declarations.Jack Lloyd2017-10-028-36/+34
|
* Fix some cast warnings from SonarJack Lloyd2017-10-015-6/+6
|
* Use explicit :: or std:: to refer to functions in namespacesJack Lloyd2017-10-011-1/+1
|
* Use explicit_bzero on OpenBSDJack Lloyd2017-09-301-2/+7
| | | | [ci skip]
* Remove unused namespaceJack Lloyd2017-09-301-4/+0
|
* Avoid -size_tJack Lloyd2017-09-301-1/+1
|
* Guard against self-assignmentJack Lloyd2017-09-302-0/+6
| | | | Found with Sonar
* Change this code so Sonar understands div by zero can't happenJack Lloyd2017-09-301-2/+3
|
* Another FFI struct vs class fixJack Lloyd2017-09-301-1/+1
|
* Retract explicit on OIDJack Lloyd2017-09-301-1/+1
| | | | This conversion is often useful
* FFI objects have to be structs because we expose them to CJack Lloyd2017-09-302-5/+4
|
* Use explicit on more single-argument constructorsJack Lloyd2017-09-3014-20/+23
|
* Avoid bogus declarations in GMACJack Lloyd2017-09-301-25/+3
| | | | | These functions are declared/defined on MessageAuthenticationCode, and call the start_msg virtual.
* Address some MSVC warningsJack Lloyd2017-09-307-134/+139
|
* Use class instead of struct for objects with member functionsJack Lloyd2017-09-3013-156/+183
| | | | Flagged by Sonar and quite reasonable
* Add annotation so GCC/Clang/MSVC know it is an allocation function.Jack Lloyd2017-09-302-1/+12
|
* Merge GH #1231 Hide secure_allocator allocate in a functionJack Lloyd2017-09-305-22/+55
|\
| * Missing include, noticed by OS XJack Lloyd2017-09-291-0/+1
| |
| * In secure_allocator, hide mlock/new usage in a function in mem_opsJack Lloyd2017-09-295-22/+54
| | | | | | | | | | | | | | Switch to calloc/free instead of new/delete - shouldn't matter since we are only allocate integral types. This change reduces the size of libbotan-2.so by ~300 Kb on my system.
* | Thinko fixJack Lloyd2017-09-301-1/+1
| |
* | Compat typedef PBKDF -> S2KJack Lloyd2017-09-291-1/+12
|/ | | | [ci skip]
* Avoid throwing in pool allocator deallocation pathJack Lloyd2017-09-291-8/+1
| | | | | | std::terminate can ruin your day Coverity find
* Merge GH #1229 Simplify allocator and avoid MSVC perf issueJack Lloyd2017-09-291-37/+5
|\
| * Add back size_type typedefJack Lloyd2017-09-291-0/+1
| | | | | | | | | | | | | | Lacking this seems to cause interesting issues with Apple Clang on 32-bit ARM. It seems like it implicitly defines a size_type that is the same size as size_t, but not actually size_t, so we get an unsigned long vs unsigned int mismatch on the type.
| * Of course MSVC 2013 has to be specialJack Lloyd2017-09-291-0/+7
| |
| * Simplifiy secure_allocatorJack Lloyd2017-09-291-44/+4
| | | | | | | | | | | | | | | | | | According to https://howardhinnant.github.io/allocator_boilerplate.html we don't need most of what was in there in C++11 and later. I think I originally wrote that code referencing a C++03 doc. Specifically avoiding construct, destruct prevents a performance issue in MSVC (GH #1228)
* | In TLS CBC padding check, only need to verify last 256 bytesJack Lloyd2017-09-291-8/+16
|/ | | | | No reason to scan the entire record since it's assured at most 256 bytes of padding are used. Inspired by GH #1227
* Add a test of TLS CBC padding verificationJack Lloyd2017-09-292-9/+12
| | | | See also GH #1227
* Include pk_keys.h in pkcs8.h and x509_key.hJack Lloyd2017-09-292-2/+2
| | | | Not strictly required but seems likely to cause problems for applications.
* Require HMAC for HKDFJack Lloyd2017-09-281-0/+4
| | | | Not actually strictly required but in practice doesn't make much sense.
* Fixes for MSVCJack Lloyd2017-09-282-2/+2
| | | | BOTAN_UNUSED "uses" the RNG :/
* Further header cleanupsJack Lloyd2017-09-2817-9/+29
|
* Add variants of PKCS8::load_key that don't require an RNG argumentJack Lloyd2017-09-282-32/+112
| | | | | It's not used and only there for compat with existing callers, but no reason we can't offer a version that doesn't require it.
* Doxygen commentJack Lloyd2017-09-281-0/+6
| | | | [ci skip]
* Header cleanupsJack Lloyd2017-09-285-5/+3
|
* Merge GH #1224 Address side channel in Montgomery exponentiationJack Lloyd2017-09-286-36/+98
|\
| * Add valgrind annotations to check const_time_lookupJack Lloyd2017-09-261-0/+5
| |
| * Use a side channel silent table look up in the Montgomery exponentiationJack Lloyd2017-09-256-36/+93
| |
* | Make poly_dbl.h a submodule of utilsJack Lloyd2017-09-278-1/+20
| | | | | | | | | | Only required by a few modules and if none of them are in use then the whole thing can just be skipped from the build.
* | Add HKDF-Expand-LabelJack Lloyd2017-09-273-2/+62
| | | | | | | | Step 1/n of TLS 1.3