Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Add missing headers fixing GCC 4.7 build | lloyd | 2015-06-17 | 2 | -0/+2 |
| | |||||
* | Avoid 0-defining BOTAN_USE_GCC_INLINE_ASM | simon | 2015-05-31 | 4 | -6/+6 |
| | | | | GH #103 | ||||
* | Add missing include | lloyd | 2015-05-31 | 1 | -0/+1 |
| | |||||
* | Include correct header for getenv. GH #99 | joerg | 2015-05-24 | 1 | -0/+1 |
| | |||||
* | Correct buffering logic in compression filter. GH issue #93 pull #95 | eric.cornelius | 2015-05-16 | 2 | -3/+4 |
| | | | | Found and fixed by Eric Cornelius <[email protected]> | ||||
* | Fix various bugs found by Coverity scanner. | lloyd | 2015-05-15 | 10 | -20/+27 |
| | | | | | | | Uninitialized variables, missing divide by zero checks, missing virtual destructor, etc. Only thing serious is bug in TLS maximum fragment decoder; missing breaks in switch statement meant receiver would treat any negotiated max frament as 4k limit. | ||||
* | Remove RC4 (and all support for stream ciphers) from TLS | lloyd | 2015-05-15 | 3 | -50/+5 |
| | |||||
* | Return null instead of throwing if compressor obj not available | lloyd | 2015-05-13 | 1 | -1/+3 |
| | |||||
* | Add tests for compression and SRP. | lloyd | 2015-05-13 | 2 | -4/+7 |
| | | | | | | | | Fix zlib decompression which was not ignoring Z_BUF_ERROR which is harmless in this context as process is already checking avail_in and avail_out after run returns. Bump version to 1.11.17 | ||||
* | Change `make_compressor` and `make_decompressor` to return a | lloyd | 2015-05-10 | 2 | -39/+49 |
| | | | | | compression type instead of the base transform class. Add some final annotations. | ||||
* | Change zlib to use Z_SYNC_FLUSH instead of Z_FULL_FLUSH for flushing. | lloyd | 2015-05-10 | 1 | -1/+1 |
| | | | | | This lets flush work for decompression also, and more generally provides what an application wants from a mid-stream compression flush. | ||||
* | Compression filters were not sizing buffer, causing no input to | lloyd | 2015-05-07 | 2 | -11/+16 |
| | | | | be consumed. GH #89 | ||||
* | Use available MinGW APIs (CryptoAPI and Unix-style fds). GH#84 | joerg | 2015-04-27 | 2 | -1/+3 |
| | |||||
* | Fix | lloyd | 2015-04-12 | 1 | -1/+1 |
| | |||||
* | Remove the stray binary character making Python3 unhappy, remove | lloyd | 2015-04-12 | 1 | -3/+2 |
| | | | | encoding= flags since they are not needed anymore and broke Python2. | ||||
* | Fix code that triggers a strange MSVC 'performance warning' | git | 2015-04-08 | 4 | -5/+5 |
| | | | | Github pull 74 from Chris Desjardins | ||||
* | Key agreement was missing the return check, add it to get_pk_op instead | lloyd | 2015-03-29 | 1 | -17/+11 |
| | |||||
* | Disable OpenSSL RSA by default until the test issues are worked out | lloyd | 2015-03-28 | 1 | -2/+2 |
| | | | | | (OpenSSL's PKCS/OAEP padding code naturally ignores our RNG, so we cannot fix the nonces for encryption). | ||||
* | Cleanups | lloyd | 2015-03-23 | 2 | -16/+11 |
| | |||||
* | Avoid putting very small values in mlock memory | lloyd | 2015-03-23 | 1 | -1/+3 |
| | |||||
* | Move the signature padding schemes to the PK operation classes, | lloyd | 2015-03-23 | 13 | -360/+390 |
| | | | | | | | | | as was previously done with encrypt/decrypt ops. One feature dropped on the floor here is previously PK_Signer by default did verification of signatures before releasing them as an measure against fault attacks. However in addition to being expensive this turned out to be difficult to implement with the new scheme. | ||||
* | RSA encrypt and decrypt using OpenSSL | lloyd | 2015-03-23 | 1 | -0/+148 |
| | |||||
* | Add ALPN (RFC 7301) and remove NPN | lloyd | 2015-03-20 | 18 | -316/+138 |
| | |||||
* | Windows fix | lloyd | 2015-03-20 | 2 | -5/+4 |
| | |||||
* | Add timeouts to HMAC_RNG entropy polling | lloyd | 2015-03-18 | 2 | -58/+57 |
| | |||||
* | This check doesn't make sense as the entropy source is shared | lloyd | 2015-03-18 | 1 | -15/+6 |
| | |||||
* | Remove the shared IO buffer from EntropySource_Accumulator. | lloyd | 2015-03-18 | 13 | -60/+51 |
| | | | | Instead each source that needs a buffer maintains their own. | ||||
* | Consider AES-NI as implying SSSE3 which lets us merge two of the | lloyd | 2015-03-15 | 1 | -1/+1 |
| | | | | | | amalgamation objects (aes_ni and clmul). The real advantage is for the static link, as GCM will pull in clmul via its reference, which is sufficient to also pull the AES impl into the link. | ||||
* | In PK encrypt/decrypt move pad calls to the operation. This allows an | lloyd | 2015-03-14 | 13 | -154/+284 |
| | | | | | | | | | op to use a padding scheme outside of our knowledge or control, for instance an OpenSSL RSA op which uses OpenSSL's padding code. Similar change for key agreement and KDFs for the same reason. Add an EME_Raw type; previously this operation was implicit in the code in pubkey.cpp | ||||
* | Specify class name for static function | lloyd | 2015-03-13 | 1 | -1/+1 |
| | |||||
* | Fix clmul which was broken by amalgamation ISA split. | lloyd | 2015-03-12 | 2 | -2/+2 |
| | | | | | Change GCM update granularity to BS (16) which is sufficient for GCM and more convenient to callers | ||||
* | Externalize the state of a RFC 6979 nonce computation. | lloyd | 2015-03-12 | 4 | -28/+63 |
| | | | | | | | | | | | | This lets you amortize quite a few memory allocations (RNG, various BigInts, etc) over many nonce generations. Change generate_rfc6979_nonce to just instantiate one of these states, call the function once, and return. This doesn't have any additional overhead versus the previous implementation of this function. Fix HMAC_DRBG to correctly reset its state to its starting position when you call clear() on it. | ||||
* | Avoid a ECC point multiplication in ECDSA signature verification by | lloyd | 2015-03-12 | 1 | -14/+20 |
| | | | | | | | distributing w into the exponents. This is at least a 50% speedup across all keysizes on my laptop. Optimization pointed out by Dr. Falko Strenzke on the mailing list. | ||||
* | Add BigInt::encode_1363 writing to specified buffer | lloyd | 2015-03-11 | 2 | -3/+10 |
| | |||||
* | Add BOTAN_DLL back to LibraryInitializer and move some of the implementation to | lloyd | 2015-03-11 | 6 | -10/+36 |
| | | | | | | | a source file. Without BOTAN_DLL the LibraryInitializer was removed entirely from the list of symbols which is not desired. Add some casts to avoid scary sounding but (upon review) harmless warnings from MSVC | ||||
* | LibraryInitializer being dllexport but completely inline seems to | lloyd | 2015-03-10 | 1 | -1/+1 |
| | | | | confuse VC2013. | ||||
* | Comile fixes for VC 2013. Based on github pull 56 | neusdan | 2015-03-10 | 4 | -51/+22 |
| | |||||
* | Fix Python cipher update_granularity() and default_nonce_length() | lloyd | 2015-03-09 | 2 | -0/+6 |
| | | | | which were completely broken. Pointed out by Uri B on mailing list. | ||||
* | Cleanups | lloyd | 2015-03-08 | 1 | -2/+2 |
| | |||||
* | Add BOTAN_NOEXCEPT macro to work around missing noexcept in VS 2013. | rcdailey | 2015-03-08 | 2 | -6/+6 |
| | | | | Based on github pull req 23 by Robert Daily. | ||||
* | Fix memory leak in TLS tests. Remove last few remaining uses of auto_ptr. | lloyd | 2015-03-08 | 2 | -0/+7 |
| | |||||
* | Fix macro checks for zero_mem. Github 55 | lloyd | 2015-03-06 | 1 | -2/+2 |
| | |||||
* | Typo | lloyd | 2015-03-06 | 1 | -1/+1 |
| | |||||
* | In Algo_Registry if a maker func fails, try the next most preferred one | lloyd | 2015-03-05 | 4 | -35/+60 |
| | | | | | | | | instead of bailing out immediately. Rename the 'builtin' provider to 'base' since really they are all built in. Fix MARK-4 when OpenSSL was enabled - it did not respect the skip param. | ||||
* | Hide Algorithm_Factory and use the functions in lookup.h internally. | lloyd | 2015-03-04 | 36 | -202/+207 |
| | | | | | | Fix two memory leaks (in TLS and modes) caused by calling get_foo and then cloning the result before saving it (leaking the original object), a holdover from the conversion between construction techniques in 1.11.14 | ||||
* | Add missing includes, broke clang | lloyd | 2015-03-04 | 1 | -0/+2 |
| | |||||
* | When comparing algorithm identifiers consider NULL and empty | lloyd | 2015-03-04 | 1 | -3/+17 |
| | | | | | parameters as equivalent. Based on a patch sent to the mailing list by Uri Blumenthal. | ||||
* | Add missing include | lloyd | 2015-03-02 | 1 | -0/+1 |
| | |||||
* | Avoid requiring a system header here | lloyd | 2015-03-02 | 1 | -1/+1 |
| | |||||
* | Fix decrypt in FFI/Python. Github issue 53 | lloyd | 2015-03-01 | 2 | -1/+7 |
| |