aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib
Commit message (Collapse)AuthorAgeFilesLines
* Merge GH #665 Add IncludeOS target, make filesystem/threads optionalJack Lloyd2016-10-1759-85/+281
|\
| * Add ISA annotations to functions using SIMD, AES, etcJack Lloyd2016-10-149-0/+44
| | | | | | | | | | | | | | | | Also emit `#pragma GCC target` in the ISA specific amalgamation files. This allows compiling without any special compiler flags, at least with GCC 6.2 and Clang 3.8. The ISA annotations are ignored in MSVC, which just emits whatever instruction the intrinsic requires.
| * More no-filesystem fixesJack Lloyd2016-10-125-0/+12
| |
| * Fix mutex in oids.cppJack Lloyd2016-10-121-7/+7
| | | | | | | | Remove bogus includes for TLS tests
| * Abstract out mutex type. Make threads optional.Jack Lloyd2016-10-1230-62/+162
| |
| * Add IncludeOS target. Make filesystem support optional.Jack Lloyd2016-10-1016-17/+57
| |
* | Remove constexpr use introduced in 20f7e4ecJack Lloyd2016-10-162-7/+7
| | | | | | | | Turns out MSVC 2013 doesn't have constexpr at all (!!)
* | util: Some simple constexpr usesJack Lloyd2016-10-133-31/+9
| | | | | | | | Remove unused and empty get_byte.h
* | Change Certificate_Store_in_SQL to take RNG as argument.Jack Lloyd2016-10-134-14/+19
| | | | | | | | | | Previously it created a new AutoSeeded_RNG in each function, sometimes without even using it.
* | ffi: Avoid deprecated PK constructors.Jack Lloyd2016-10-131-4/+4
| | | | | | | | The system rng is already a hard requirement for FFI anyway.
* | Merge GH #659 TLS CBC is optionalJack Lloyd2016-10-136-2/+18
|\ \
| * | Make TLS CBC optionalJack Lloyd2016-10-086-2/+18
| | |
* | | Merge GH #646 Fix MSVC debug configurations. Add debug builds to AppVeyorJack Lloyd2016-10-131-0/+9
|\ \ \
| * | | Diable static_assert in secure_allocator in MSVC debugSimon Warta2016-10-131-0/+9
| | | |
* | | | Merge GH #663 Compression docsJack Lloyd2016-10-111-1/+38
|\ \ \ \
| * | | | Improve compression doc [ci skip]René Korthaus2016-10-111-1/+38
| | | | |
* | | | | Merge GH #662 Doxygen commentsJack Lloyd2016-10-1112-146/+395
|\ \ \ \ \
| * | | | | Improve cert doxygen [ci skip]René Korthaus2016-10-1112-146/+395
| |/ / / /
* / / / / Improve base doxygen [ci skip]René Korthaus2016-10-113-1/+22
|/ / / /
* | | / Add doxygen mainpageRené Korthaus2016-10-101-0/+57
| |_|/ |/| | | | | | | | Adds a Crypto++-like doxygen mainpage. Replaces the formerly empty mainpage.
* | | Merge GH #655 Fix Win32 CryptoAPI sourceJack Lloyd2016-10-101-1/+1
|\ \ \
| * | | The implicit constructor does not specify a provider.slaviber2016-10-071-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | With no provider specified, Win32_CAPI_EntropySource::poll does not call ::CryptGenRandom and returns 0, leading to subsequent PRNG_Unseeded exceptions.
* | | | Fix Clang warningsJack Lloyd2016-10-092-4/+2
| | | |
* | | | The other half of 55b8fb5Jack Lloyd2016-10-091-7/+9
| | | | | | | | | | | | | | | | GH #656
* | | | OpenSSL EC: Correctly handle OpenSSL not supporting the curveJack Lloyd2016-10-092-6/+6
| | | | | | | | | | | | | | | | GH #656
* | | | This happening is actually a user error (eg, wrong key type)Jack Lloyd2016-10-091-7/+14
| | | |
* | | | Make pk_ops.h internalJack Lloyd2016-10-0813-37/+113
| | | | | | | | | | | | | | | | Some fixes for missing system_rng in ECIES and tests.
* | | | Add missing try/catch blocks.Jack Lloyd2016-10-071-1/+27
| | | | | | | | | | | | | | | | Document that create_*_op is public but not for public consumption.
* | | | OpenSSL fixesJack Lloyd2016-10-072-4/+4
| | | |
* | | | Revert PK_Verifier change (don't require RNG there).Jack Lloyd2016-10-0736-166/+208
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Verification is deterministic and public, so really no RNG is ever needed. Change provider handling - accepts "base", "openssl", or empty, otherwise throws a Provider_Not_Found exception.
* | | | Remove Algo_Registry usage from public key code.Jack Lloyd2016-10-0761-388/+1080
| |_|/ |/| | | | | | | | | | | | | | | | | | | | Instead the key types exposes operations like `create_encryption_op` which will return the relevant operation if the algorithm supports it. Changes pubkey.h interface, now RNG is passed at init time. Blinder previous created its own RNG, now it takes it from app.
* | | TLS: Split CBC+HMAC modes to standalone AEAD_ModeJack Lloyd2016-10-077-338/+683
| | | | | | | | | | | | | | | Now record layer only deals with an AEAD, and the weird complications of CBC modes mostly hidden in tls_cbc.cpp
* | | Merge GH #645 TLS compressed pointsJack Lloyd2016-10-0710-5/+143
|\ \ \ | |/ / |/| |
| * | Minor improvementsRené Korthaus2016-10-033-25/+7
| | |
| * | Support encoding of supported point formats extensionRené Korthaus2016-10-0310-5/+161
| |/
* | Merge GH #631 Cert store in SQLJack Lloyd2016-10-0421-82/+587
|\ \ | | | | | | | | | Also changes Cert store interface to return shared_ptr, see GH #471
| * | 2nd review roundseu2016-10-024-50/+68
| | |
| * | remove superfluous includesKai Michaelis2016-10-022-9/+0
| | |
| * | 1st review roundKai Michaelis2016-10-023-15/+8
| | |
| * | Certificate store using SQLiteKai Michaelis2016-10-0218-82/+585
| | |
* | | Merge GH #648 Accept read-only access to /dev/urandomJack Lloyd2016-10-041-0/+6
|\ \ \ | | | | | | | | | | | | See also GH #647
| * | | Resolve #647Nathan Hourt2016-10-031-0/+6
| | |/ | |/| | | | Implement a backoff approach to opening the system RNG: if opening read-write fails, try to open read-only. This will allow the RNG to be used, but attempts to add entropy will fail. If opening as read-only also fails, only then throw an exception.
* | | Merge GH #641: If RC4 is disabled, disable OpenSSL version alsoJack Lloyd2016-10-041-1/+1
|\ \ \
| * | | fix compiler error: openssl w/o rc4t0b32016-10-011-1/+1
| | |/ | |/| | | | | | | | | | | | | Compiling botan with disabled rc4 module fails in case of openssl w/o rc4... Error: ./src/lib/prov/openssl/openssl_rc4.cpp:15:25: fatal error: openssl/rc4.h: No such file or directory #include <openssl/rc4.h>
* | | Fix entropy source selection logic on WindowsJack Lloyd2016-10-041-1/+2
| |/ |/| | | | | Fixes GH #644
* | SIV is restricted to 128 bit ciphersJack Lloyd2016-10-021-0/+2
| |
* | Missing inline specifierJack Lloyd2016-10-021-1/+1
|/
* New TLS positive and negative tests.Juraj Somorovsky2016-09-302-7/+7
| | | | | | | | | | | | | | | | | | | TLS message parsing: - CertificateVerify - HelloVerify - ClientHello (with extensions) - ServerHello (with extensions) - NewSessionTicket - Alert TLS message processing: - HelloVerify TLS Policy tests Unit tests with TLS client authentication Added test_throws method that checks the correct exception message.
* Removed redundant check in ClientHello parserJuraj Somorovsky2016-09-301-3/+0
|
* Vector out of bounds fixJuraj Somorovsky2016-09-301-1/+1
|