| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Turns out MSVC 2013 doesn't have constexpr at all (!!)
|
|
|
|
| |
Remove unused and empty get_byte.h
|
|
|
|
|
| |
Previously it created a new AutoSeeded_RNG in each function, sometimes
without even using it.
|
|
|
|
| |
The system rng is already a hard requirement for FFI anyway.
|
|\ |
|
| | |
|
|\ \ |
|
| | | |
|
|\ \ \ |
|
| | | | |
|
|\ \ \ \ |
|
| |/ / / |
|
|/ / / |
|
| | |
| | |
| | |
| | | |
Adds a Crypto++-like doxygen mainpage. Replaces the formerly empty mainpage.
|
|\ \ \ |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
With no provider specified, Win32_CAPI_EntropySource::poll does not call
::CryptGenRandom and returns 0, leading to subsequent PRNG_Unseeded
exceptions.
|
| | | | |
|
| | | |
| | | |
| | | |
| | | | |
GH #656
|
| | | |
| | | |
| | | |
| | | | |
GH #656
|
| | | | |
|
| | | |
| | | |
| | | |
| | | | |
Some fixes for missing system_rng in ECIES and tests.
|
| | | |
| | | |
| | | |
| | | | |
Document that create_*_op is public but not for public consumption.
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Verification is deterministic and public, so really no RNG is ever needed.
Change provider handling - accepts "base", "openssl", or empty, otherwise
throws a Provider_Not_Found exception.
|
| |_|/
|/| |
| | |
| | |
| | |
| | |
| | |
| | | |
Instead the key types exposes operations like `create_encryption_op`
which will return the relevant operation if the algorithm supports it.
Changes pubkey.h interface, now RNG is passed at init time.
Blinder previous created its own RNG, now it takes it from app.
|
| | |
| | |
| | |
| | |
| | | |
Now record layer only deals with an AEAD, and the weird complications
of CBC modes mostly hidden in tls_cbc.cpp
|
|\ \ \
| |/ /
|/| | |
|
| | | |
|
| |/ |
|
|\ \
| | |
| | |
| | | |
Also changes Cert store interface to return shared_ptr, see GH #471
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
|\ \ \
| | | |
| | | |
| | | | |
See also GH #647
|
| | |/
| |/|
| | | |
Implement a backoff approach to opening the system RNG: if opening read-write fails, try to open read-only. This will allow the RNG to be used, but attempts to add entropy will fail. If opening as read-only also fails, only then throw an exception.
|
|\ \ \ |
|
| | |/
| |/|
| | |
| | |
| | |
| | | |
Compiling botan with disabled rc4 module fails in case of openssl w/o rc4...
Error:
./src/lib/prov/openssl/openssl_rc4.cpp:15:25: fatal error: openssl/rc4.h: No such file or directory
#include <openssl/rc4.h>
|
| |/
|/|
| |
| | |
Fixes GH #644
|
| | |
|
|/ |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
TLS message parsing:
- CertificateVerify
- HelloVerify
- ClientHello (with extensions)
- ServerHello (with extensions)
- NewSessionTicket
- Alert
TLS message processing:
- HelloVerify
TLS Policy tests
Unit tests with TLS client authentication
Added test_throws method that checks the correct exception message.
|
| |
|
| |
|
|\ |
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
The EtM and MtE codepaths had a lot of duplicated code.
Tests ok, also did manual testing against a few online machines
including the EtM test server at eid.vx4.net
|
|\ \ |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The Cipher_Mode::update API is more general than needed to just
support ciphers (this is due to it previously being an API of
Transform which before 8b85b780515 was Cipher_Mode's base class)
Define a less general interface `process` which either processes the
blocks in-place, producing exactly as much output as there was input,
or (SIV/CCM case) saves the entire message for processing in `finish`.
These two uses cover all current or anticipated cipher modes.
Leaves `update` for compatability with existing callers; all that is
needed is an inline function forwarding to `process`.
Removes the return type from `start` - in all cipher implementations,
this always returned an empty vector.
Adds BOTAN_ARG_CHECK macro; right now BOTAN_ASSERT is being used
for argument checking in some places, which is not right at all.
|