Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Add SM3 hash function | Daniel Wyatt | 2017-04-03 | 4 | -0/+218 |
| | |||||
* | Merge GH #961 Add some more BigInt functions to C API | Jack Lloyd | 2017-04-02 | 2 | -47/+137 |
|\ | |||||
| * | Add some more useful bigint functions to C interface | Jack Lloyd | 2017-03-31 | 2 | -47/+137 |
| | | |||||
* | | Fix Doxygen comment errors | Jack Lloyd | 2017-03-31 | 1 | -1/+3 |
|/ | | | | [ci skip] | ||||
* | Merge GH #954 Always poll 256 bytes from getentropy syscall | Jack Lloyd | 2017-03-30 | 1 | -3/+4 |
|\ | |||||
| * | Always poll 256 bytes from Getentropy. | Alexander Bluhm | 2017-03-30 | 1 | -3/+4 |
| | | | | | | | | | | | | The OpenBSD system limit for getentropy(2) is 256 bytes. It does not make sense to use the BOTAN_SYSTEM_RNG_POLL_REQUEST define here. As it is only used in one place, another define would be overkill. | ||||
* | | Use arc4random(3) as system rng on OpenBSD. | Alexander Bluhm | 2017-03-30 | 1 | -0/+15 |
|/ | | | | | | | | | OpenBSD provides the arc4random(3) function in libc for user land programs that need good random data. Use this to implement the Botan system random number generator. It has the advantage over /dev/urandom that it works without file descriptors and in chroot(2) environment. Internally libc is currently using a ChaCha20 cipher as PRNG and getentropy(2) to reseed itself automatically. | ||||
* | Disable entropy proc_walk on OpenBSD. | Alexander Bluhm | 2017-03-30 | 1 | -1/+0 |
| | | | | | The /proc file system was disabled for years. With OpenBSD 5.7 the implementation has been removed from the kernel sources. | ||||
* | Merge GH #899 Add ability to specify iterations when encrypting a private key | Jack Lloyd | 2017-03-29 | 6 | -18/+382 |
|\ | |||||
| * | Add ability to specify iterations when encrypting a private key | Jack Lloyd | 2017-02-26 | 6 | -18/+382 |
| | | | | | | | | GH #896 | ||||
* | | Merge GH #946 Expose multiple precision integers in C interface | Jack Lloyd | 2017-03-29 | 3 | -10/+500 |
|\ \ | |||||
| * | | Expose BigInt API subset to C API | Jack Lloyd | 2017-03-28 | 3 | -10/+500 |
| | | | | | | | | | | | | Also adds RSA key constructors using BN | ||||
* | | | Use getentropy(2) as random source. | Alexander Bluhm | 2017-03-29 | 4 | -0/+78 |
|/ / | | | | | | | | | | | | | | | Gather entropy from system call getentropy(2). This is available since in OpenBSD 5.6 and Solaris 11.3. It can provide up to 256 bytes entropy from the kernel without blocking. As a system call it does not need a file descriptor and works in chroot(2) environments without device nodes. | ||||
* | | Merge GH #944 Add check_key to C API | Jack Lloyd | 2017-03-28 | 2 | -1/+21 |
|\ \ | |||||
| * | | Expose PK::check_key functions in C interface | Jack Lloyd | 2017-03-27 | 2 | -1/+21 |
| | | | |||||
* | | | Fix incorrect password truncation in bcrypt password hashing. | Jack Lloyd | 2017-03-24 | 1 | -7/+11 |
|/ / | | | | | | | | | | | | | | | | | | | The 56 char bound is bogus; Blowfish itself allows at most 448 bits in the key schedule, but Bcrypt's modification allows up to 72 chars for the password. Bug pointed out by Solar Designer. Also reject work factors 0...3 since all other extant bcrypt implementations require at least work factor 4. Adds more bcrypt tests generated by crypt_bcrypt and OpenBSD's version. | ||||
* | | Fix some compiler warnings. | Jack Lloyd | 2017-03-22 | 2 | -2/+2 |
| | | |||||
* | | Remove duplicate include GH #928 | Jack Lloyd | 2017-03-22 | 1 | -1/+0 |
| | | |||||
* | | Merge GH #897 Add generic memory type BER decoder | Jack Lloyd | 2017-03-22 | 1 | -0/+32 |
|\ \ | |||||
| * | | Add generic memory type value BER decoder | Nuno Goncalves | 2017-03-07 | 1 | -0/+32 |
| | | | | | | | | | | | | Signed-off-by: Nuno Goncalves <[email protected]> | ||||
* | | | Fix #917: calendar_point::to_std_timepoint() does not support years after 2037 | Daniel Neus | 2017-03-21 | 1 | -3/+4 |
| | | | | | | | | | | | | Only throw on systems where 32 bit std::time_t is used. | ||||
* | | | No C++ exceptions from cpu probe functions. See GH #920 | Jack Lloyd | 2017-03-19 | 2 | -26/+11 |
| | | | |||||
* | | | Fix further compiler macro bug exposed by #921 | Jack Lloyd | 2017-03-19 | 1 | -1/+1 |
| | | | |||||
* | | | BOTAN_TARGET_COMPILER_IS -> BOTAN_BUILD_COMPILER_IS | Daniel Neus | 2017-03-15 | 2 | -2/+2 |
| | | | |||||
* | | | Merge GH #913 Follow PKIX rules for X.509 time formatting | Jack Lloyd | 2017-03-13 | 1 | -2/+2 |
|\ \ \ | |||||
| * | | | Fix: UTCTime interpreted as GeneralizedTime | Daniel Neus | 2017-03-13 | 1 | -2/+2 |
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Example: "200305100350Z" interpreted as "2003/05/10 03:50:00 UTC" correct is "2020/03/05 10:03:50 UTC" According to RFC 5280: UTCTime values ... MUST include seconds (i.e., times are YYMMDDHHMMSSZ) -> length 13 GeneralizedTime values ... MUST include seconds (i.e., times are YYYYMMDDHHMMSSZ) -> length 15 I think we should enforce the RFC5280 rules even if the ASN.1 rules are not that strict. | ||||
* / / | Small fixes in API docs [ci skip] | René Korthaus | 2017-03-09 | 2 | -4/+4 |
|/ / | |||||
* | | Allow OCSP requests without the full subject certificate | Nuno Goncalves | 2017-03-04 | 5 | -16/+43 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A OCSP request doesn't need the full subject certificate. This extends the API to require instead of the subject certificate: * OCSP::Request: subject serial. * OCSP::online_check: subject serial AND ocsp responder url. API breaking change: * removal of OCSP::Request::subject() as OCSP::Request doesn't need to hold the certificate, but only the serial. Signed-off-by: Nuno Goncalves <[email protected]> | ||||
* | | Avoid calling memmove with a null source in PKCSv1 signature encoding | Jack Lloyd | 2017-03-03 | 1 | -1/+7 |
| | | | | | | | | Only occured with EMSA_Raw. Caught by GCC 7 warning | ||||
* | | Add missing include, caught by GCC 7 | Jack Lloyd | 2017-03-03 | 1 | -0/+1 |
| | | | | | | | | Closes GH #903 | ||||
* | | Merge GH #902 Extend EC_PublicKey check, add EC_Group check, ECC invalid key ↵ | Jack Lloyd | 2017-03-02 | 3 | -3/+79 |
|\ \ | | | | | | | | | | tests | ||||
| * | | verify ec domain in EC_PublicKey::check_key | Never | 2017-02-28 | 1 | -1/+6 |
| | | | |||||
| * | | EC_PublicKey::check_key for curves with cofactor > 1 | Never | 2017-02-27 | 1 | -1/+24 |
| | | | |||||
| * | | Add ec_group verify function | Never | 2017-02-24 | 2 | -1/+49 |
| | | | |||||
* | | | Merge GH #893 Remove ECC fixed window code | Jack Lloyd | 2017-03-02 | 1 | -48/+2 |
|\ \ \ | |_|/ |/| | | |||||
| * | | Converge on a single side channel silent ec mp alg: randomized | Never | 2017-02-22 | 1 | -48/+2 |
| |/ | | | | | | | | | Montgomery ladder with order.bits()/2 bit scalar blinding and point randomization | ||||
* | | Merge GH #891 Constant time decoding for ISO 9796 unpadding | Jack Lloyd | 2017-02-26 | 1 | -14/+26 |
|\ \ | | | | | | | | | | | | | | | | Including missing length check #888 Replaces #889 | ||||
| * | | fix possible iso9796 side channel and add length check | Never | 2017-02-21 | 1 | -14/+26 |
| |/ | |||||
* / | Remove verify_end() chained immediatly before end_cons() (close #890) | Nuno Goncalves | 2017-02-25 | 8 | -12/+0 |
|/ | | | | | | | BER_Decoder::end_cons() allready assures the verify_end() function, so it is redundant. Signed-off-by: Nuno Goncalves <[email protected]> | ||||
* | Avoid use of deprecated function in (deprecated) Serialized_RNG constructor | Jack Lloyd | 2017-02-19 | 2 | -2/+12 |
| | |||||
* | Merge GH #881 Adjust number of Miller-Rabin iterations in DSA param gen and ↵ | Jack Lloyd | 2017-02-19 | 2 | -3/+3 |
|\ | | | | | | | RSA checks | ||||
| * | increase miller-rabin iterations for RSA strong check_key. We call is_prime ↵ | Never | 2017-02-13 | 1 | -1/+1 |
| | | | | | | | | with prob=128 during sampling and we should check with the same prob | ||||
| * | increase miller-rabin iterations for dsa primes (FIPS-186-4) | Never | 2017-02-13 | 1 | -2/+2 |
| | | |||||
* | | Document hash, rng, mac, pbkdf and kdf in ffi handbook | René Korthaus | 2017-02-19 | 1 | -34/+171 |
| | | |||||
* | | Add more docs for ffi | René Korthaus | 2017-02-19 | 1 | -1/+31 |
| | | |||||
* | | Resolve Doxygen error in cpuid.h | Jack Lloyd | 2017-02-11 | 1 | -1/+2 |
|/ | | | | The macro has to be on its own line or Doxygen gets confused. | ||||
* | Remove function comments n*4/3 and n*3/4 in base64 | Evgeny Pokhilko | 2017-02-06 | 2 | -6/+29 |
| | | | | | | | The parameter comments were misleading because they did not take into account that input_length must be rounded up to a multiple of 3 and 4 for encode and decode respectively. Two new functions were added to calculate the correct maximum output length. | ||||
* | Support zero-length IV in ChaCha | Jack Lloyd | 2017-02-02 | 2 | -3/+17 |
| | | | | Equivalent to an 8 byte all-zero IV, same handling as Salsa. | ||||
* | Merge GH #860 Support CPU instruction probe on Windows, add ↵ | Jack Lloyd | 2017-01-31 | 4 | -39/+76 |
|\ | | | | | | | OS::get_high_resolution_clock | ||||
| * | Fix missing return in Windows path | Jack Lloyd | 2017-01-30 | 1 | -7/+3 |
| | |