Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Create a persistent registry for ECC group data | Jack Lloyd | 2018-02-04 | 7 | -400/+541 |
| | | | | Now a single copy is maintained of each EC group info | ||||
* | Merge GH #1436 In Certificate_Store load multiple certs from file | Jack Lloyd | 2018-02-02 | 1 | -2/+15 |
|\ | |||||
| * | Load every certificates of files found. | Mathieu Souchaud | 2018-02-01 | 1 | -2/+15 |
| | | |||||
* | | Avoid deprecated functions in OpenSSL provider [ci skip] | Jack Lloyd | 2018-02-01 | 1 | -3/+3 |
| | | |||||
* | | Fix deprecation warnings | Jack Lloyd | 2018-02-01 | 2 | -11/+20 |
| | | |||||
* | | Avoid CurveGFp in EC_Group interface | Jack Lloyd | 2018-01-31 | 3 | -21/+105 |
| | | |||||
* | | Use shared representation of EC_Group | Jack Lloyd | 2018-01-31 | 11 | -123/+304 |
|/ | | | | Hide CurveGFp with an eye for eventual removal | ||||
* | Optimize SHA_3::expand | Jack Lloyd | 2018-01-31 | 1 | -15/+14 |
| | | | | Noticable speedup for SHAKE esp with longer output lengths | ||||
* | Add function to query if filesystem support is enabled. | Jack Lloyd | 2018-01-30 | 2 | -0/+17 |
| | | | | Makes for much simpler code. | ||||
* | Whitespace | Jack Lloyd | 2018-01-30 | 1 | -5/+5 |
| | |||||
* | Use copy_out_vec_le instead of explicit loop in SHA-3 and Keccak | Jack Lloyd | 2018-01-30 | 2 | -4/+2 |
| | |||||
* | Reorganize SHA-3 source file [ci skip] | Jack Lloyd | 2018-01-30 | 1 | -35/+35 |
| | | | | Put all the statics at beginning followed by member functions. | ||||
* | Avoid allocating zero bytes for SHA-3 padding | Jack Lloyd | 2018-01-30 | 4 | -27/+28 |
| | | | | Inspired by #1433 | ||||
* | Add botan_x509_cert_hostname_match | Jack Lloyd | 2018-01-30 | 2 | -0/+15 |
| | |||||
* | Improve X.509 documentation | Jack Lloyd | 2018-01-29 | 1 | -1/+9 |
| | | | | GH #1428 | ||||
* | Move generic TLS tests to test_tls.cpp | Jack Lloyd | 2018-01-28 | 2 | -5/+7 |
| | | | | | | Leaves unit_tls.cpp for the handshake level tests. Add some basic tests of the string<->enum conversions in tls_algos.h | ||||
* | Reorder signature scheme list | Jack Lloyd | 2018-01-28 | 1 | -12/+20 |
| | | | | Now PSS shows up first and we negotiate it by default ;) | ||||
* | Use enums to represent TLS signature and kex algorithms. | Jack Lloyd | 2018-01-28 | 22 | -716/+1144 |
| | | | | Adds support for PSS signatures (currently verifying only). | ||||
* | Avoid resuming a session if policy doesn't allow it | Jack Lloyd | 2018-01-28 | 2 | -3/+4 |
| | | | | Previously if the policy changed we'd continue to resume. #1431 | ||||
* | Fix a leak in OpenSSL block ciphers | Jack Lloyd | 2018-01-28 | 1 | -0/+3 |
| | | | | Introduced when support for 1.1.0 API was added in #1056 | ||||
* | For TLS client auth add callback giving list of trusted CA names | Jack Lloyd | 2018-01-27 | 4 | -5/+40 |
| | | | | Fixes #1261 | ||||
* | Fix a few warnings | Jack Lloyd | 2018-01-27 | 1 | -2/+2 |
| | |||||
* | Make it possible to test custom extensions | Jack Lloyd | 2018-01-27 | 3 | -13/+59 |
| | |||||
* | Add an examine callback also | Jack Lloyd | 2018-01-27 | 7 | -11/+45 |
| | |||||
* | Add ability for application to control which TLS extensions are used | Jack Lloyd | 2018-01-27 | 9 | -1/+56 |
| | | | | GH #1186 | ||||
* | Fix speed test of cipher modes [ci skip] | Jack Lloyd | 2018-01-27 | 1 | -0/+1 |
| | | | | | Add BOTAN_HAS_CIPHER_MODES which is an easier to read/remember macro than BOTAN_HAS_MODES | ||||
* | Merge GH #1385 Remove TLS compression negotitation logic | Jack Lloyd | 2018-01-24 | 11 | -118/+60 |
|\ | |||||
| * | Remove vestigial support for TLS compression | Jack Lloyd | 2018-01-21 | 11 | -118/+60 |
| | | | | | | | | | | It was never supported and never will be. Removing negotiation entirely simplifies the code a bit. | ||||
* | | Merge GH #1429 Improve application ability to set extensions in PKCS10 requests | Jack Lloyd | 2018-01-23 | 8 | -121/+201 |
|\ \ | |||||
| * | | Allow applications to easily override extensions in cert requests | Jack Lloyd | 2018-01-23 | 8 | -121/+201 |
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | Refactor the code so it's possible to create a cert request without going through x509self.h (PKCS10_Request::create). Add Extensions::add_new, so we can add an extension to a PKCS10 request without stomping on one already included by the application. Refactor the X509 unit tests to avoid (some) duplicated key creations. Just create a key once at the start and use it for all of the tests. GH #1428 | ||||
* | | Comments from code review | Krzysztof Kwiatkowski | 2018-01-22 | 2 | -6/+71 |
| | | |||||
* | | FFI function for Elgamal key generation | Krzysztof Kwiatkowski | 2018-01-21 | 2 | -0/+19 |
| | | | | | | | | | | Adds function for Elgamal key generation that allows usage of 'p' chosen by the caller. | ||||
* | | FFI function for DSA key generation | Krzysztof Kwiatkowski | 2018-01-21 | 2 | -0/+19 |
|/ | | | | | Adds function for DSA key generation that allows usage of 'p' and 'q' chosen by the caller. | ||||
* | Add Pipe::prepend_filter | Jack Lloyd | 2018-01-21 | 2 | -1/+32 |
| | | | | Fixes #1402 | ||||
* | Fix documentation of DataSource::end_of_data. | Marcus Brinkmann | 2018-01-19 | 1 | -1/+1 |
| | |||||
* | Merge GH #1420 Changes to (eventually) allow making BER_Object members private | Jack Lloyd | 2018-01-18 | 18 | -194/+255 |
|\ | |||||
| * | Prepare for making BER_Object members private | Jack Lloyd | 2018-01-18 | 18 | -194/+255 |
| | | | | | | | | | | Now there are usable accessors that allow the library to avoid using BER_Object members directly. | ||||
* | | Make PBES2 optional | Jack Lloyd | 2018-01-18 | 2 | -9/+35 |
|/ | | | | See #1416 for reasoning | ||||
* | Fix crash in EMSA_PKCS1v15_Raw if the hash function was not enabled. | Jack Lloyd | 2018-01-17 | 1 | -1/+1 |
| | | | | GH #1416 | ||||
* | Correct dependencies of kdf and pbkdf [ci skip] | Jack Lloyd | 2018-01-17 | 3 | -2/+5 |
| | | | | They assumed base pulled in hash and mac which is no longer true | ||||
* | First update the sieve, then check for a match | Jack Lloyd | 2018-01-17 | 1 | -3/+7 |
| | | | | | | This allows shortcutting the checks Use (p-1)/2 instead p/2, same result because p is odd but confusing. | ||||
* | Merge GH #1413 Improve speed of prime generation especially safe primes | Jack Lloyd | 2018-01-17 | 3 | -37/+85 |
|\ | |||||
| * | Correctly handle generating small primes | Jack Lloyd | 2018-01-16 | 1 | -0/+12 |
| | | |||||
| * | Improve speed of prime generation especially safe primes | Jack Lloyd | 2018-01-16 | 3 | -37/+73 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | First, correct a bug in the sieve code. It would break early if a value did not match up with the sieve. However in that case, the sieve values would be out of sync with the value of p, and would be returning effectively random results. This caused prime generation to be slower than it should be, both because the sieve was incorrectly rejecting values that were not multiples of any small prime and was allowing values that were multiples of small primes to move on to the Miller-Rabin test. In the sieve, also sieve so that 2*q+1 is also not a multiple of the small primes. This speeds up safe prime generation. GH #1411 | ||||
* | | Merge GH #1408 Use an ABI flag for enabling Aarch64 crypto operations | Jack Lloyd | 2018-01-17 | 4 | -14/+4 |
|\ \ | |/ |/| | |||||
| * | ABI for Aarch64 crypto | Jack Lloyd | 2018-01-12 | 4 | -14/+4 |
| | | |||||
* | | Enforce an overall max depth on recursion in ASN1 printer | Jack Lloyd | 2018-01-15 | 2 | -14/+41 |
| | | | | | | | | | | Otherwise a sufficiently nested value can cause us to recurse endlessly, causing stack exhaustion. OSS-Fuzz 5333 | ||||
* | | Fix return value of PK_Encryptor::maximum_input_size | Jack Lloyd | 2018-01-13 | 1 | -1/+1 |
| | | | | | | | | Fixes GH #1410 | ||||
* | | Expose SM2_compute_za | Jack Lloyd | 2018-01-12 | 1 | -6/+7 |
|/ | | | | | Was already supposed to be public, which is why it's declared in a public header - just missed the export annotation. | ||||
* | Merge GH #1407 Don't have hard dependency on base classes | Jack Lloyd | 2018-01-12 | 26 | -16/+136 |
|\ |