aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib
Commit message (Collapse)AuthorAgeFilesLines
* Remove inner/outer OID check in EC_PrivateKey ctorRené Korthaus2017-09-131-3/+0
| | | | | | | | RFC 5915 mandates that the OID of an ECDSA ECPrivateKey shall be id-ecPublicKey with the named curve as the parameters. ECPrivateKey may contain the named curve OID, too, which is compared to id-ecPublicKey. Such keys could not be loaded. We remove this check and add a test vector from strongswan.
* Merge GH #1202 Fix CFB IV carryover closes #1200Jack Lloyd2017-09-112-47/+44
|\
| * Address CFB carryover bugJack Lloyd2017-09-102-47/+44
| | | | | | | | | | | | Test data generated by 1.10 so hopefully no further issues here. GH #1200
* | Change SM2 encryption to match updated standard.Jack Lloyd2017-09-101-5/+5
| | | | | | | | | | | | | | | | Unfortunately it seems the SM2 format changed between 2010 and 2012, now the ciphertext is C1 || C3 || C2. Unfortunate no matter how you slice it, but at least it's easy to convert from one form to another.
* | Merge GH #1199 Run Windows CI build via Python scriptJack Lloyd2017-09-102-4/+1
|\ \
| * | Script the Windows CI buildJack Lloyd2017-09-082-4/+1
| |/
* | Merge GH #1203 Add Win32 filesystem API access for MinGWJack Lloyd2017-09-101-1/+55
|\ \
| * | Make it actually workJack Lloyd2017-09-101-2/+6
| | | | | | | | | | | | | | | Weirdly Wine at least does not set FILE_ATTRIBUTE_NORMAL on the files, instead sets FILE_ATTRIBUTE_ARCHIVE. ?? I have no idea what that's about.
| * | Well, it compilesJack Lloyd2017-09-101-1/+51
| |/
* / Fix bad comparison in Winsock codeJack Lloyd2017-09-101-1/+1
|/ | | | [ci skip]
* Fix loading of plaintext PKCS#8 private keysRené Korthaus2017-09-081-5/+10
| | | | | We fixed this in the C++ API in GH #381, but apparently not in ffi. Also adds the missing tests.
* Avoid throwing in deallocateJack Lloyd2017-09-071-4/+4
| | | | | | | Could end up causing a throw during a destructor leading to a crash, if the application created a very large secure_vector. Flagged by Coverity.
* Fix invalid comparison, potential segfault on invalid typeJack Lloyd2017-09-071-1/+2
| | | | Found by Coverity
* Bump version for SM2Jack Lloyd2017-09-071-1/+1
| | | | | | To reflect support for arbitrary hashes [ci skip]
* Merge GH #1189 Correct return value of botan_pk_op_verify_finishJack Lloyd2017-09-073-2/+4
|\
| * Correct return value of botan_pk_op_verify_finishJack Lloyd2017-09-063-2/+4
| | | | | | | | | | | | | | This function changed behavior in 0d403a3 see also GH #1187 Add new return code BOTAN_FFI_INVALID_VERIFIER and use it for both signature and bcrypt verification functions.
* | Add support for computing SM2 ZA field to FFIJack Lloyd2017-09-062-0/+42
| | | | | | | | This is a contribution from Ribose Inc.
* | Support arbitrary hashes for SM2 signaturesJack Lloyd2017-09-061-7/+37
| | | | | | | | This is a contribution from Ribose Inc
* | Remove unused memberJack Lloyd2017-09-061-1/+0
| |
* | Support arbitrary hashes for SM2 encryptionJack Lloyd2017-09-051-12/+17
|/ | | | This is a contribution from Ribose Inc.
* Simplify polynomial doubling codeJack Lloyd2017-09-055-156/+82
| | | | | | | | | | GCC and Clang generate effectively identical code for a template with parameters, vs completely unrolled code as was used previously. Add a little-endian variant so XTS can use it. This extends XTS support to cover 256 and 512-bit ciphers. I was not able to find another implementation that supports both XTS and ciphers with large blocks, so the XTS test vectors are self-generated.
* Correct TLS::Policy::latest_supported_versionJack Lloyd2017-09-041-2/+16
| | | | | This would do the wrong thing if TLS v1.2 was disabled but v1.0/v1.1 allowed.
* Added SHA3_XXX_PKCS OIDFrancis Dupont2017-09-041-0/+28
|
* Header shuffleJack Lloyd2017-09-041-5/+10
| | | | Still need basic system headers even when using asio for network
* MinGW fixesJack Lloyd2017-09-042-4/+4
|
* Merge GH #1182 Add support for ARMv8 AES instructionsJack Lloyd2017-09-034-0/+367
|\
| * Add support for AES extensions on ARMv8Jack Lloyd2017-09-034-0/+367
| | | | | | | | Based on the patch in GH #1146
* | Merge GH #1181 Add support for ARMv8 PMULL instructionJack Lloyd2017-09-034-0/+112
|\ \
| * | Add support for ARMv8 PMULL instructionJack Lloyd2017-09-034-0/+112
| |/ | | | | | | Contributed in GH #842
* | Merge GH #1180 Refactorings to support Windows PhoneJack Lloyd2017-09-0312-470/+528
|\ \ | |/ |/|
| * TypoJack Lloyd2017-09-031-1/+1
| |
| * Define macro so windows.h doesn't include winsock.hJack Lloyd2017-09-033-0/+4
| | | | | | | | Ugh Windows headers y u so nasty.
| * Move secure_scrub_memory to os_utils.cppJack Lloyd2017-09-032-40/+27
| |
| * Refactor network code used in http_utilJack Lloyd2017-09-033-140/+303
| | | | | | | | Move the actual socket stuff to os_utils.cpp
| * Refactor RNGs to support Windows PhoneJack Lloyd2017-09-026-291/+195
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This OS has its own crypto API and does not support CryptGenRandom. Splits System_RNG_Impl into distinct declarations one per implementation type. Easier to read now that we are up to 4 distinct versions. Removes the CryptoAPI entropy source, and replaces it with an entropy source that calls the system RNG. This is nominally a bit less flexible in that the entropy source allowed polling multiple providers (though we didn't actually make use of that). Plus side is it works on all systems. Currently the dev_random entropy source is still there because we do actually use it to poll both /dev/random and /dev/urandom, and it might be useful (on certain systems) to also poll a HW RNG, which are often assigned their own device node. This could debatably also be removed in favor of just reading the system RNG.
* | Cleanups in cpuid handling codeJack Lloyd2017-09-031-47/+47
| |
* | Avoid g_ prefix on local variableJack Lloyd2017-09-031-3/+3
| | | | | | | | Reserving it for globals so they are easy to grep for
* | Clean up use of <limits> headerJack Lloyd2017-09-038-14/+6
|/ | | | Don't include it where it is not needed, included it where it is used.
* Avoid using <iostream> header within the libraryJack Lloyd2017-09-022-2/+4
| | | | We only need <istream> + <ostream> here
* Support a negative base in power_modJack Lloyd2017-09-021-3/+16
| | | | Closes #1168
* De-inline accessor functions in Client_Hello typeJack Lloyd2017-09-012-93/+130
| | | | | This class is exposed but the extension types aren't, so calls to these functions from outside the library would not link.
* Don't try enforcing the hash policy for PSK ciphersuitesJack Lloyd2017-09-011-1/+1
| | | | Since we don't end up signing anything in any case.
* Enforce signature hash policy properlyJack Lloyd2017-08-314-17/+61
| | | | | | | | Previously if the client did not send signature_algorithms, or if it only included algos not in the policy, we would just fallback to the hardcoded SHA-1 default of TLS v1.2 Instead check the policy before accepting anything.
* Rename file to match conventionsJack Lloyd2017-08-311-0/+0
| | | | [ci skip]
* Fix missing virtual destructor on CSP_HandleJack Lloyd2017-08-313-3/+4
| | | | Caught by GCC cross compiling. Also fix a couple 0-as-null warnings.
* Merge GH #1169 Add LLVM bitcode targetJack Lloyd2017-08-312-2/+2
|\
| * Add support for LLVM bitcode targetJack Lloyd2017-08-302-2/+2
| |
* | More MSVC warnings fixesJack Lloyd2017-08-3111-19/+20
| |
* | Fix various MSVC warningsJack Lloyd2017-08-3125-69/+97
|/ | | | Based on VC2017 output
* Slight cleanup in Curve25519_PrivateKey constructorJack Lloyd2017-08-291-8/+6
|