aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib
Commit message (Collapse)AuthorAgeFilesLines
* Correct an error in SHACAL2 x86 code in unrolled caseJack Lloyd2017-09-201-3/+3
| | | | [ci skip]
* Merge GH #1212 Add support for 'raw' PSS signaturesJack Lloyd2017-09-203-51/+167
|\
| * Clear return value, and verify 'raw' hash matches expected sizeJack Lloyd2017-09-161-1/+7
| |
| * Support PSSR_RawJack Lloyd2017-09-163-51/+161
| | | | | | | | | | | | | | Allows PSS-signing a raw hash while also still specifying the salt length. GH #1211
* | Avoid using double underscore in variable namesJack Lloyd2017-09-203-11/+10
| | | | | | | | | | | | | | | | Reserved identifiers, per C++ standard GH #512 [ci skip]
* | Change header guard format to BOTAN_FOO_H_Jack Lloyd2017-09-20352-704/+704
| | | | | | | | | | | | ISO C++ reserves names with double underscores in them Closes #512
* | Use dword for bigint_divop if availableJack Lloyd2017-09-201-0/+5
| | | | | | | | | | | | Results in FPE being about 5x faster See #494
* | Export CurveGFp_Repr to avoid UBSan errorJack Lloyd2017-09-201-1/+1
| | | | | | | | GH #453
* | Add additional ids for AltiVec enabled POWER processorsJack Lloyd2017-09-191-3/+5
| | | | | | | | Taken from a patch to 1.10 in Debian
* | Complete the final annotation changesJack Lloyd2017-09-1920-98/+106
| |
* | More annotationsJack Lloyd2017-09-1912-304/+327
| |
* | Move the annotations to compiler.h since the user shouldn't modifyJack Lloyd2017-09-191-0/+23
| |
* | Add API stability annotations.Jack Lloyd2017-09-19255-671/+673
| | | | | | | | | | Defined in build.h, all equal to BOTAN_DLL so ties into existing system for exporting symbols.
* | Merge GH #1215 Deprecate package transformJack Lloyd2017-09-191-0/+2
|\ \
| * | Deprecate package transformJack Lloyd2017-09-191-0/+2
| | | | | | | | | | | | | | | Unclear what's up with #825 but in any case this function is funky and I don't care enough to try to debug/fix it...
* | | Add basic tests for const time utilsJack Lloyd2017-09-191-28/+10
|/ / | | | | | | Remove CT::min and CT::max which were unused and it turns out, broken.
* | Merge GH #872 Add ability for TLS servers to prohibit renegotiationJack Lloyd2017-09-193-2/+16
|\ \
| * | Fix logic of renegotiation checkJack Lloyd2017-02-203-4/+6
| | | | | | | | | | | | | | | | | | Turning the policy off broke the server entirely. Expose the new flag to Text_Policy
| * | Add TLS::Policy::allow_client_initiated_renegotiationJack Lloyd2017-02-193-2/+14
| | | | | | | | | | | | Parallel of the server policy flag.
* | | Merge GH #1205 Support large blocks in OCB modeJack Lloyd2017-09-192-62/+134
|\ \ \
| * | | Change wide block OCBJack Lloyd2017-09-151-29/+0
| | | | | | | | | | | | | | | | | | | | Ted Krovetz confirmed there were bugs in the reference code for blocks > 128 bits so these values should be the correct ones.
| * | | Add alternate form for matching OCB ref codeJack Lloyd2017-09-111-4/+30
| | | |
| * | | Support larger block sizes in OCBJack Lloyd2017-09-102-59/+134
| | | | | | | | | | | | | | | | | | | | | | | | This doesn't match the draft-3 test vectors and may be bogus. [ci skip]
* | | | Merge GH #1213 Improve ARM processor detection for systems without getauxvalJack Lloyd2017-09-188-502/+670
|\ \ \ \
| * | | | Add ARM feature detection for systems without getauxvalJack Lloyd2017-09-172-15/+129
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For iOS use sysctl to get the product name and use a static table of minimum versions. For everything else (not Linux/Android or iOS) try probe functions. Only for Aarch64 to keep things simple.
| * | | | Split up cpuid.cpp into arch-specific filesJack Lloyd2017-09-178-502/+556
| | | | | | | | | | | | | | | | | | | | | | | | | As more archs and detection methods are used, the file was getting a little hard to follow.
* | | | | Avoid int vs size_t warning in OpenSSL codeJack Lloyd2017-09-171-1/+1
| | | | |
* | | | | Avoid old style casts in Ed25519Jack Lloyd2017-09-172-270/+262
| | | | |
* | | | | Fix Doxygen comment problemsJack Lloyd2017-09-171-4/+4
| | | | |
* | | | | Move socket classes to anon namespace.Jack Lloyd2017-09-171-172/+181
| | | | | | | | | | | | | | | | | | | | A little cleaner than in the function.
* | | | | Fix Wshadow warningJack Lloyd2017-09-171-5/+5
|/ / / /
* | | | Simplify code in get_processor_timestampJack Lloyd2017-09-161-21/+12
| | | |
* | | | Fix an off by 8Jack Lloyd2017-09-161-1/+1
| | | |
* | | | Revert SIMDing of xor_buf in f39aa7bbJack Lloyd2017-09-161-29/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Forgot this causes all kinds of issues when the SIMD ISA is not part of the base instruction set (needing -maltivec, etc). It just happens to work on x86-64 because SSE2 is part of the base ISA there. Instead just unroll by 16x this seems to be enough that GCC figures it out.
* | | | Use constant_time_compare instead of same_memJack Lloyd2017-09-1622-23/+36
| | | | | | | | | | | | | | | | New name, same great operation
* | | | De-inline xor_buf, add SIMD and unrollingJack Lloyd2017-09-163-34/+133
| | | | | | | | | | | | | | | | Improves CBC and OCB performance with AES-NI quite noticably
* | | | Small cleanup in CBC modeJack Lloyd2017-09-162-21/+23
| | | |
* | | | Small cleanup in bcryptJack Lloyd2017-09-161-3/+3
| | | |
* | | | Add missing override annotationsJack Lloyd2017-09-161-6/+6
| | | |
* | | | Small simplification in CAST-128Jack Lloyd2017-09-161-41/+41
| |_|/ |/| |
* | | Merge duplicated logic for clearing CPUID bitsJack Lloyd2017-09-162-0/+42
| | |
* | | Minor simplifications in SIMD_32 constructorJack Lloyd2017-09-161-2/+5
| | |
* | | reenable 8 byte gcm tagsAtanas Filyanov2017-09-151-1/+2
| | |
* | | Allow GCM tag size in the range 96..128 bitsAtanas Filyanov2017-09-141-1/+2
| | |
* | | Merge GH #1208 Fix decoding of RFC 5915 ECC keysJack Lloyd2017-09-131-3/+0
|\ \ \
| * | | Remove inner/outer OID check in EC_PrivateKey ctorRené Korthaus2017-09-131-3/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | RFC 5915 mandates that the OID of an ECDSA ECPrivateKey shall be id-ecPublicKey with the named curve as the parameters. ECPrivateKey may contain the named curve OID, too, which is compared to id-ecPublicKey. Such keys could not be loaded. We remove this check and add a test vector from strongswan.
* | | | allow 12 byte GCM tags and add test vectorsAtanas Filyanov2017-09-131-1/+1
|/ / /
* | | Merge GH #1202 Fix CFB IV carryover closes #1200Jack Lloyd2017-09-112-47/+44
|\ \ \ | |/ / |/| |
| * | Address CFB carryover bugJack Lloyd2017-09-102-47/+44
| | | | | | | | | | | | | | | | | | Test data generated by 1.10 so hopefully no further issues here. GH #1200
* | | Change SM2 encryption to match updated standard.Jack Lloyd2017-09-101-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | Unfortunately it seems the SM2 format changed between 2010 and 2012, now the ciphertext is C1 || C3 || C2. Unfortunate no matter how you slice it, but at least it's easy to convert from one form to another.