aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib
Commit message (Collapse)AuthorAgeFilesLines
* Reset the ChaCha key in clearJack Lloyd2017-08-031-0/+1
| | | | | This is not necessary for setup, but we want to zero the key out in the event someone calls clear explicitly.
* Use new reset_reseed_counter function within Stateful_RNG as wellJack Lloyd2017-08-031-3/+3
|
* Add Stateful_RNG::reset_reseed_counterJack Lloyd2017-08-033-4/+7
| | | | Instead of giving subclasses access to the variable directly.
* Refactor stateful RNG tests to cover both HMAC_DRBG and ChaCha_RNGJack Lloyd2017-08-034-17/+38
|
* Add ChaCha_RNGJack Lloyd2017-08-033-0/+238
|
* Add explicit tests for RDRAND_RNG and System_RNGJack Lloyd2017-08-031-9/+7
|
* Fix some maintainer mode warningsJack Lloyd2017-08-031-6/+6
|
* Merge GH #1094 Add initial BearSSL providerJack Lloyd2017-08-026-1/+442
|\
| * BearSSL: replace more NULLs with nullptrPatrick Wildt2017-07-101-4/+4
| | | | | | | | Based on feedback from @securitykernel on the PR.
| * BearSSL: implement PR feedback and compare ECGroup OID namePatrick Wildt2017-07-054-18/+35
| | | | | | | | | | | | | | This commit implements the feedback from @securitykernel on the PR and also changes the EC Group comparison to use the OID, akin to OpenSSL. The EC Group comparison was needed before GH #1093 was merged, but now we can go use the OpenSSL variant.
| * BearSSL: move includes into extern "C"Patrick Wildt2017-07-052-3/+8
| | | | | | | | | | Without the specific extern "C" declaration for the includes the C functions might get C++'d so the linking stage fails.
| * BearSSL: Support for ECDSAPatrick Wildt2017-07-053-0/+240
| | | | | | | | | | | | This commit adds support for ECDSA using BearSSL as a backend. This means we can test BearSSL's ECDSA algorithms using the extensive Botan testsuite.
| * BearSSL: Initial support and hash testsPatrick Wildt2017-07-054-1/+180
| | | | | | | | | | | | | | | | | | BearSSL is an implementation of the SSL/TLS protocol in C aiming to be correct and secure, small and highly portable. Thus making it nicer to be included in a rather sparse bootloader. This commit adds support for BearSSL's hash routines only, with more stuff coming up in following commits. The goal is to be able to test BearSSL using Botan's extensive testsuite.
* | Use native compiler versioning of MSVCSimon Warta2017-07-312-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | While using marketing names like 2013, 2015 etc. is more convenient at first sight, it requires keeping a table about all supported compiler versions, as there is no formular to calculate between the representations. Keeping a list of compilers leads to the following issue: if one version of Botan is released in 2017, requiring MSVS 2015 for one module, this source can be compiled using MSVS 2015 and 2017 but not a future version like 2019. Also preview/development versions of MSVC that may use an intermediate version number cannot be handled with the marketing name table because they may be unknown to the general public.
* | Remove low compiler version restrictionsSimon Warta2017-07-311-3/+3
| | | | | | | | | | | | All minimum compiler versions in rdseed are less or equal the minimum compiler version for the Botan 2.x branch. Remove those explicit restrictions to allow users with unknown cc_version to compile rdseed
* | Merge GH #1132 Fix Doxygen errors and add -Wdocumentation flag to clang ↵Jack Lloyd2017-07-3110-16/+12
|\ \ | | | | | | | | | maintainer build
| * | Fix warnings from clangs -Wdocumentation flagJack Lloyd2017-07-2810-16/+12
| | |
* | | Merge GH #1131 Confirm OpenSSL supports curve at runtime before attempting ↵Jack Lloyd2017-07-311-12/+35
|\ \ \ | | | | | | | | | | | | to use it
| * | | Check if curve is built into OpenSSL at runtimeRené Korthaus2017-07-281-12/+35
| |/ /
* | | Add test for FFI keywrap, and constify argsJack Lloyd2017-07-312-9/+9
| | |
* | | Split up ffi.cpp into several filesJack Lloyd2017-07-3119-2314/+2552
| | | | | | | | | | | | | | | It was getting pretty big and would get worse over time, eg whenver I get around to adding TLS support.
* | | Merge GH #1128 Improve FFI exception safetyJack Lloyd2017-07-315-703/+368
|\ \ \
| * | | Add missing return in ffi_delete_objectJack Lloyd2017-07-251-4/+5
| | | | | | | | | | | | | | | | | | | | Somehow this still passed all the tests, downside of 0 as the success return I suppose.
| * | | Merge commit 'e015fd170' into ffi-fixesJack Lloyd2017-07-253-2/+13
| |\ \ \ | | | | | | | | | | | | | | | From PR #1097
| | * | | Don't crash if openssl can't allocate a new contextKirill A. Korinsky2017-06-293-2/+13
| | | | |
| * | | | In FFI, check the object magic before deletingJack Lloyd2017-07-251-30/+42
| | | | | | | | | | | | | | | | | | | | | | | | | Previously any X_destroy function would just delete its arg regardless of whatever the application passed in.
| * | | | Better exception guarding in FFIJack Lloyd2017-07-252-671/+312
| | |/ / | |/| | | | | | | | | | | | | | Based on PR #1097 but I wanted to decrease the verbosity of the resulting code.
* | | | Merge GH #1135 Add RFC 3394 keywrap to FFIJack Lloyd2017-07-312-0/+57
|\ \ \ \ | |/ / / |/| | |
| * | | Move declarations above TLS blockKrzysztof Kwiatkowski2017-07-301-11/+11
| | | |
| * | | FFI: Add interface for key wrapping with RFC 3394Krzysztof Kwiatkowski2017-06-292-0/+57
| | | |
* | | | add OCSP::Response::certificates() + unit testRené Meusel2017-07-211-0/+5
| | | |
* | | | Fix failure to fully zero memory before freeJack Lloyd2017-07-161-1/+1
| |_|/ |/| | | | | | | | | | | | | | Introduced in 455bd2557cbb1343e59eefd97cb449f06a702c28 Found and reported by Roman Pozlevich
* | | Merge GH #1093 In EC keys, use OID encoding if possibleJack Lloyd2017-07-031-6/+16
|\ \ \
| * | | ECC: use OID encoding if possiblePatrick Wildt2017-06-301-6/+16
| | | | | | | | | | | | | | | | | | | | | | | | Instead of explicitly encoding the domain, encode them with the OID if the OID is available. This makes the ecdsa_sign test run with OpenSSL, since OpenSSL needs the OID explicitly set.
| * | | Revert previous, we should fix it differently.Patrick Wildt2017-06-301-16/+20
| | | |
| * | | Allow ECDSA tests for OpenSSL by comparing EC GroupsPatrick Wildt2017-06-281-20/+16
| |/ / | | | | | | | | | | | | | | | | | | | | | The ecdsa_sign test does not work for OpenSSL since the public key that is derived from the private key does not store the OID of the curve. Thus, the OpenSSL code cannot find the proper NID for the given public key and cannot do a verification operation. We can fix this by comparing the actual groups and not using the OIDs.
* | | Merge GH #1107 Improve documentation of x509_path_validateJack Lloyd2017-07-031-1/+1
|\ \ \
| * | | Add position of end entity cert in x509_path_validate() doc [ci skip]René Korthaus2017-07-021-1/+1
| | | | | | | | | | | | | | | | | | | | It's not so obvious to a user at which end of the chain the end entity certificate must be placed.
* | | | escape \Z in doxygen comment causing doxygen warning (and in turn error), ↵Zoltan Gyarmati2017-07-011-1/+1
|/ / / | | | | | | | | | fixes #1102
* | | Update modern and nist policies with recent additionsJack Lloyd2017-06-301-0/+1
| | |
* | | Merge GH #1082 Add support for SM2 signature schemeJack Lloyd2017-06-309-2/+436
|\ \ \
| * | | Remove debug printsJack Lloyd2017-06-301-17/+1
| | | |
| * | | Add SM2 signature schemeJack Lloyd2017-06-299-2/+452
| | |/ | |/| | | | | | | | | | | | | From https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02 This is a contribution from Ribose Inc (@riboseinc).
* | | Merge GH #1098 Cleanups in SM3Jack Lloyd2017-06-301-81/+25
|\ \ \ | |/ / |/| |
| * | Cleanups in SM3 codeJack Lloyd2017-06-291-81/+25
| |/ | | | | | | | | | | | | | | T[] variable is actually a constant, so precompute it in SM3_TJ W1 expansion is very simple and can just be done inline. Somewhat faster on my machine.
* | Merge GH #1095 Catch exceptions in botan_mp_initJack Lloyd2017-06-291-3/+23
|\ \
| * | ffi: Catch exceptions in botan_mp_initDaniel Wyatt2017-06-281-3/+23
| |/
* | Merge GH #1096 Avoid undefined behavior in rotation operationsJack Lloyd2017-06-291-0/+2
|\ \
| * | Allow bit rotation by more than sizeof(T)*8 bits.Daniel Wyatt2017-06-281-0/+2
| |/ | | | | | | | | | | | | | | | | Currently these functions will happily bit shift by >= sizeof(T)*8 bits. However, this is undefined behavior, and results in unexpected results (0) on at least one platform I've tested. With this update, you can expect that rotate_left<uint32_t>(1, 32)==1 and rotate_right<uint32_t>(1, 32)==1.
* / Add a check in EC_Group encoding for OID being setJack Lloyd2017-06-291-0/+6
|/ | | | Otherwise encoding would fail with an obtuse error message.