| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
| |
We support 3.5 or higher generally, but only Clang 3.8 has the
function attributes. This doesn't affect the build with older Clang
because the makefile still sets file-wide ISA flags.
GCC supports this attribute in all versions we support.
Fixes GH #797
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
It turns out SRP6 files use a different base64 alphabet than standard,
and additionally Botan's decoding of the group id seems wrong though
I haven't verified this second was a bug. In any case this code couldn't
parse anything it was supposed to and never could.
I had already planned on adding a database backed SRP store and removing
this code but the fact that it's actually not functional for purpose
suggests it's best to remove this now rather than let someone chance upon
it and be endlessly frustrated that it doesn't seem to work because all
the verifiers are garbled.
|
| | |
|
| |
|
|
|
|
|
| |
Fix a bug in Pipe::check_available that must date back 15 years...
Add destructors to compression filter so unique_ptr destructor runs
without user having to include an extra header for the owned type.
|
| |
|
|
|
| |
Moves BSI policy file to test data dir where it can be compared with
what the hardcoded class outputs.
|
| |\ |
|
| | |
| |
| |
| |
| | |
Effectively disables 1024 bit RSA as well as SHA-1.
Edit the tests where required to enable it again.
|
| | |
| |
| |
| |
| |
| | |
Clean up the ciphersuite generation script a bit.
[ci skip]
|
| | | |
|
| |/ |
|
| | |
|
| |
|
|
| |
Record counter value in test data, and start the search from there.
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| | |
TLS::Callbacks::inspect_handshake_message() allows applications
to inspect all handshake messages, but this requires
access to the types in tls_messages.h. As a matter of fact,
this also exports tls_extensions.h as a public header.
|
| | | |
|
| |/
|
|
| |
Caused tests to fail on CI
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Fix a bug in how the 6144 and 8192 IETF MODP groups were encoded; they
have g and q values switched. Fixed by just switching the PEM header
to match the actual encoded format.
Rename DL_Group::X942_DH_PARAMETERS to ANSI_X9_42_DH_PARAMETERS to avoid
a macro conflict with Windows cryptography headers (GH #482)
|
| |
|
|
|
| |
Expose Data{Source,Sink}_Stream types even if no filesystem is
available. Instead just guard the constructors taking a pathname.
|
| |\ |
|
| | |
| |
| |
| | |
available in all groups
|
| | | |
|
| | |
| |
| |
| | |
described in rfc2785
|
| | |
| |
| |
| | |
increased number of Miller-Rabin iterations, if strong is set (we pass 128 as prob in make_prm.cpp).
|
| | | |
|
| | |
| |
| |
| | |
Little easier to read perhaps, and helps prevent some astyle confusion.
|
| | |
| |
| |
| |
| |
| | |
Renames a couple of functions for somewhat better name consistency,
eg make_u32bit becomes make_uint32. The old typedefs remain for now
since probably lots of application code uses them.
|
| | |
| |
| |
| |
| |
| | |
GH #726
[ci skip]
|
| | |
| |
| |
| |
| | |
Also use a const time comparison for the finished message, though
I don't see any real way of exploiting that timing channel.
|
| | |
| |
| |
| |
| | |
OpenSSL 1.0.2 added support for brainpool curves, so we
can use it provided the version check succeeds.
|
| | |
| |
| |
| |
| |
| | |
The previous assert had been already put there for the benefit
of clang-analyzer, but in Clang 3.9 it does not help. Instead
test X value directly, which works.
|
| | | |
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GH #754 exposed a bug in the non-Montgomery exponentiation case.
It turned out then when the fixed window was picked to any value
> 1, the result would be incorrect due to an off by one. This is
the one line fix in powm_fw.cpp
Also fix a bug in bigint_mul which caused incorrect results,
because the output BigInt was not being zeroed out before use. This
is only exposed in rare cases, found (somewhat indirectly) in
OSS-Fuzz #287.
Add more modular exponentiation tests, which would have caught
these issues earlier.
|
| |
|
|
| |
Technically defined, but should never be seen in practical crypto context.
|
| |
|
|
|
|
|
| |
Changes all the Public_Key derived classes ctors to take a
std::vector instead of a secure_vector for the DER encoded
public key bits. There is no point in transporting a public
key in secure storage. (GH #768)
|
| |\ |
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
The unpad functions return the blocksize as padding position, if the padding is invalid.
.
|
| |\ \ |
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Kind of a vestigial thing from an earlier iteration of the module
design, and never useful to specify anymore since taking all the cpp
files is what you want exactly 100% of the time.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Avoid having any files within src/lib (in any subdirs) with
the same name. That seems worth avoiding even just on the basis
of avoiding basic confusion (looked in named.cpp - no the other one...)
and may allow simplifying the build in various ways.
|
| | | |
| | |
| | |
| | | |
Some attempt at consistency
|
| |\ \ \ |
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
Allow custom extensions in CA-signed cert requests
Add templated getter for extensions
|
| | |_|/
|/| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When the code was changed in b8966d0f89e, the offset was not changed,
so it would reject ciphertexts with exactly 8 bytes of random padding
(the required minimum).
Found by pkcs1 fuzzer which also had problems due to not having been
updated at the same time.
Add a test suite for decoding of PK decryption padding to cover the
problem cases.
|
