aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib
Commit message (Collapse)AuthorAgeFilesLines
* Disable AVX2 Serpent on MSVCJack Lloyd2019-09-271-0/+6
| | | | | | MSVC 19.24.28117 miscompiles it GH #2120
* Merge GH #2119 Optimize CTR_BE::seekJack Lloyd2019-09-271-1/+20
|\
| * Optimize CTR_BE::seekJack Lloyd2019-09-261-1/+20
| |
* | Merge GH #2117 ChaCha20Poly1305 optimizationsJack Lloyd2019-09-261-7/+10
|\ \ | |/ |/|
| * Avoid memory allocations during ChaCha20Poly1305 start and finishJack Lloyd2019-09-261-7/+10
| | | | | | | | Saves about .5 cbp with 1024 byte messages
* | Add tests for SIMD_4x32::shift_elems_{left,right}Jack Lloyd2019-09-251-0/+6
| |
* | Merge CLMUL and PMULL codeJack Lloyd2019-09-2512-510/+287
|/ | | | Same algorithms were used just using SSSE3 vs NEON
* Fix warning "type attributes ignored after type is already defined"Jack Lloyd2019-09-251-1/+1
|
* Merge GH #2110 Properly decode error-status OCSP responsesJack Lloyd2019-09-243-6/+27
|\
| * add status code to OCSP responsesPatrick Schmidt2019-09-243-6/+27
| |
* | Add a RWLockJack Lloyd2019-09-235-9/+107
| |
* | add X.509 Usage_Type::ENCRYPTIONRené Meusel2019-09-182-1/+5
|/
* Merge GH #2104 Add a variant of RandomNumberGenerator::random_vecJack Lloyd2019-09-137-15/+26
|\
| * Add a variant of RandomNumberGenerator::random_vecJack Lloyd2019-09-137-15/+26
| | | | | | | | | | This avoids the unlock(rng.random_vec(...)) pattern which is pretty wasteful in terms of heap overhead.
* | Merge GH #2103 Fix AES vperm in single amalgmation modeJack Lloyd2019-09-131-3/+11
|\ \
| * | Fix AES vperm in single file amalgamationJack Lloyd2019-09-121-3/+11
| |/ | | | | | | Nothing enabled ssse3 in that case.
* | Merge GH #2102 Support loading an EC point with affine zero coordinateJack Lloyd2019-09-132-2/+3
|\ \
| * | Support loading an EC point with affine zero coordinates.Jack Lloyd2019-09-122-2/+3
| |/ | | | | | | | | | | | | | | For example it is possible to construct a point with x coordinate of zero whenenver b has a square root modulo p. Found during integration with https://github.com/catenacyber/elliptic-curve-differential-fuzzer
* | Fix a leak in Extensions::add when duplicate OID attemptedJack Lloyd2019-09-131-1/+5
| |
* | Add testsJack Lloyd2019-09-122-1/+11
| | | | | | | | | | Also implement Extensions::get_extension_bits which was declared but not implemented !
* | Add Extensions::removeJack Lloyd2019-09-102-1/+18
|/ | | | From #2073
* Merge GH #2061 Add header deprecation warningsJack Lloyd2019-09-08164-47/+410
|\
| * Walk back on deprecating theseJack Lloyd2019-09-061-2/+8
| |
| * MoarJack Lloyd2019-09-062-1/+3
| |
| * Deprecate many publically available headersJack Lloyd2019-09-06162-45/+400
| |
* | Disable vperm AES on big-endian systemsJack Lloyd2019-09-071-0/+2
| | | | | | | | | | All the constants need to be tweaked and possibly other changes are required.
* | Add support for vector permute AES using AltiVecJack Lloyd2019-09-073-0/+28
| | | | | | | | Slower than T-tables on the machines I've tried, but constant time.
* | Unroll xor_buf by 32 bytesJack Lloyd2019-09-061-37/+46
| | | | | | | | Improves overall ChaCha and AES-NI GCM by 1-3%
* | Optimizations for CTR_BE::add_counterJack Lloyd2019-09-061-14/+9
| | | | | | | | This is in the hot path for GCM
* | In aes_vperm avoid loading from data segmentJack Lloyd2019-09-061-17/+12
| | | | | | | | I do not understand the mechanism but this is slightly faster.
* | Style tweaksJack Lloyd2019-09-061-25/+34
|/
* Remove the scalar SIMD_4x32 implementationJack Lloyd2019-09-052-160/+34
| | | | | | On platforms without a SIMD engine, the scalar version does offer some slight performance increase due to unrolling but is probably not worth it in terms of code size.
* Merge GH #2096 Unroll POWER8 AES instructions by 4xJack Lloyd2019-09-043-110/+350
|\
| * Unroll POWER8 AES instructions by 4xJack Lloyd2019-09-041-105/+328
| | | | | | | | Improves performance by 20-30% on POWER9
| * Fix gcc warnings in Altivec SIMD_4x32 codeJack Lloyd2019-09-041-5/+10
| |
| * Avoid dynamic endian dispatch if we don't need itJack Lloyd2019-09-041-0/+12
| |
* | Make ssse3/sse2 dependencies explicit rather than implicitJack Lloyd2019-09-046-0/+8
| | | | | | | | Previously --disable-sse2/--disable-ssse3 would not work as expected
* | Add build supportJack Lloyd2019-09-041-2/+13
| |
* | Some cleanupsJack Lloyd2019-09-041-54/+52
| |
* | Unroll blocks by 2xJack Lloyd2019-09-032-70/+188
| |
* | Avoid runtime endian dispatch when value is known staticallyJack Lloyd2019-09-011-8/+34
| |
* | Support NEON for AES vector permutesJack Lloyd2019-09-015-110/+169
|/ | | | Rename aes_ssse3 -> aes_vperm
* Merge GH #2093 Abstract the SSSE3 code for vector permute AESJack Lloyd2019-09-013-614/+512
|\
| * Build fixesJack Lloyd2019-08-312-3/+2
| |
| * Abstract the AES SSSE3 implementation to support other SIMDJack Lloyd2019-08-313-613/+512
| |
* | Fix warning - always_inline attribute wants also inlineJack Lloyd2019-08-311-1/+1
|/
* Merge GH #2092 Add BOTAN_FORCE_INLINE to fix BLAKE2b MSVC performance issueJack Lloyd2019-08-312-3/+20
|\
| * Add BOTAN_FORCE_INLINE and use it in BLAKE2bJack Lloyd2019-08-312-3/+20
| | | | | | | | Closes #2089
* | Fix PBKDF2 with zero iterationsJack Lloyd2019-08-311-0/+6
|/ | | | | | | | | | | It would go into a very long loop. OpenSSL treats iterations==0 same as iterations==1 but this seems confusing. Instead just reject it. Unrelated, fix a divide by zero if asked to tune with 0 byte output. Closes GH #2088
* Fixes and tweaks from feedbackDavid Carlier2019-08-282-27/+25
|