| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
This is not necessary for setup, but we want to zero the key out
in the event someone calls clear explicitly.
|
| |
|
|
|
|
| |
Instead of giving subclasses access to the variable directly.
|
| |
|
| |
|
| |
|
| |
|
|\ |
|
| |
| |
| |
| | |
Based on feedback from @securitykernel on the PR.
|
| |
| |
| |
| |
| |
| |
| | |
This commit implements the feedback from @securitykernel on the
PR and also changes the EC Group comparison to use the OID, akin
to OpenSSL. The EC Group comparison was needed before GH #1093
was merged, but now we can go use the OpenSSL variant.
|
| |
| |
| |
| |
| | |
Without the specific extern "C" declaration for the includes the
C functions might get C++'d so the linking stage fails.
|
| |
| |
| |
| |
| |
| | |
This commit adds support for ECDSA using BearSSL as a backend. This
means we can test BearSSL's ECDSA algorithms using the extensive
Botan testsuite.
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
BearSSL is an implementation of the SSL/TLS protocol in C aiming
to be correct and secure, small and highly portable. Thus making
it nicer to be included in a rather sparse bootloader. This commit
adds support for BearSSL's hash routines only, with more stuff
coming up in following commits. The goal is to be able to test
BearSSL using Botan's extensive testsuite.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
While using marketing names like 2013, 2015 etc. is more convenient at
first sight, it requires keeping a table about all supported compiler
versions, as there is no formular to calculate between the
representations.
Keeping a list of compilers leads to the following issue: if one version
of Botan is released in 2017, requiring MSVS 2015 for one module, this
source can be compiled using MSVS 2015 and 2017 but not a future version
like 2019.
Also preview/development versions of MSVC that may use an intermediate
version number cannot be handled with the marketing name table because
they may be unknown to the general public.
|
| |
| |
| |
| |
| |
| | |
All minimum compiler versions in rdseed are less or equal the minimum
compiler version for the Botan 2.x branch. Remove those explicit
restrictions to allow users with unknown cc_version to compile rdseed
|
|\ \
| | |
| | |
| | | |
maintainer build
|
| | | |
|
|\ \ \
| | | |
| | | |
| | | | |
to use it
|
| |/ / |
|
| | | |
|
| | |
| | |
| | |
| | |
| | | |
It was getting pretty big and would get worse over time, eg whenver
I get around to adding TLS support.
|
|\ \ \ |
|
| | | |
| | | |
| | | |
| | | |
| | | | |
Somehow this still passed all the tests, downside of 0 as the success
return I suppose.
|
| |\ \ \
| | | | |
| | | | |
| | | | | |
From PR #1097
|
| | | | | |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Previously any X_destroy function would just delete its arg
regardless of whatever the application passed in.
|
| | |/ /
| |/| |
| | | |
| | | |
| | | | |
Based on PR #1097 but I wanted to decrease the verbosity of the
resulting code.
|
|\ \ \ \
| |/ / /
|/| | | |
|
| | | | |
|
| | | | |
|
| | | | |
|
| |_|/
|/| |
| | |
| | |
| | |
| | | |
Introduced in 455bd2557cbb1343e59eefd97cb449f06a702c28
Found and reported by Roman Pozlevich
|
|\ \ \ |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Instead of explicitly encoding the domain, encode them with the
OID if the OID is available. This makes the ecdsa_sign test
run with OpenSSL, since OpenSSL needs the OID explicitly set.
|
| | | | |
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The ecdsa_sign test does not work for OpenSSL since the public key
that is derived from the private key does not store the OID of the
curve. Thus, the OpenSSL code cannot find the proper NID for the
given public key and cannot do a verification operation. We can
fix this by comparing the actual groups and not using the OIDs.
|
|\ \ \ |
|
| | | |
| | | |
| | | |
| | | |
| | | | |
It's not so obvious to a user at which end of the chain
the end entity certificate must be placed.
|
|/ / /
| | |
| | |
| | | |
fixes #1102
|
| | | |
|
|\ \ \ |
|
| | | | |
|
| | |/
| |/|
| | |
| | |
| | |
| | | |
From https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02
This is a contribution from Ribose Inc (@riboseinc).
|
|\ \ \
| |/ /
|/| | |
|
| |/
| |
| |
| |
| |
| |
| |
| | |
T[] variable is actually a constant, so precompute it in SM3_TJ
W1 expansion is very simple and can just be done inline.
Somewhat faster on my machine.
|
|\ \ |
|
| |/ |
|
|\ \ |
|
| |/
| |
| |
| |
| |
| |
| |
| |
| | |
Currently these functions will happily bit shift by >= sizeof(T)*8 bits.
However, this is undefined behavior, and results in unexpected results (0)
on at least one platform I've tested.
With this update, you can expect that rotate_left<uint32_t>(1, 32)==1
and rotate_right<uint32_t>(1, 32)==1.
|
|/
|
|
| |
Otherwise encoding would fail with an obtuse error message.
|