aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib
Commit message (Collapse)AuthorAgeFilesLines
* Avoid crash in PKCS1v1.5 unpadding if input len <= 2Jack Lloyd2016-12-081-0/+6
| | | | Don't think this can't happen outside of a fuzzer test
* Add missing netinet includes for sockaddr_inlouiz’2016-12-081-0/+1
|
* Merge GH #757 Fix X509 and PKCS8 formatting functions for PK keysJack Lloyd2016-12-0534-75/+96
|\
| * Fix TPM private_key_bits() exception messageRené Korthaus2016-12-051-1/+1
| |
| * Add Private_Key::private_key_info()René Korthaus2016-12-0525-38/+49
| | | | | | | | | | | | | | Adds new Private_Key::private_key_info() that returns a PKCS#8 PrivateKeyInfo structure. Renames the current Private_Key::pkcs8_private_key() to private_key_bits(). BER_encode() just invokes private_key_info().
| * Add Public_Key::subject_public_key()René Korthaus2016-12-0524-36/+46
| | | | | | | | | | | | | | Adds new Public_Key::subject_public_key() that returns a X.509 SubjectPublicKey structure. Renames the current Public_Key::x509_subject_public_key() to public_key_bits(). BER_encode() just invokes subject_public_key().
* | Merge GH #756 Remove ECB Cipher_Mode classJack Lloyd2016-12-055-268/+1
|\ \
| * | Remove ECB modeJack Lloyd2016-12-045-268/+1
| |/ | | | | | | | | | | | | Not a good thing to offer at this level. If you know what you are doing for the strange special case where it is necessary, the raw BlockCipher interface is available and probably more convenient.
* / Fix bad deref when ciphersuite value is larger than largest known idJack Lloyd2016-12-051-1/+1
|/ | | | Reported by @neverhub in GH #758 found by libFuzzer
* Expose pk_ops.h as public interface againJack Lloyd2016-12-0416-16/+26
| | | | | | | | | | | | I was initially thinking of Botan as somewhat closed system, but @cordney has a legit use case of wanting to expose a TPM sign operation, but using their internal TPM library and TPM key type. This requires the API be exposed so the derivation can occur. Add a comment in the header explaining that the header is not for normal application use and directing them to pubkey.h This basically reverts 2747e8e23aec43162
* system_rng: workaround read only urandomAlon Bar-Lev2016-12-011-1/+4
| | | | | | | | botan_rng_reseed: System_RNG write failed error 9 FFI ran 252 tests 1 FAILED Failure 1: FFI botan_rng_reseed unexpectedly failed with error code -1 Signed-off-by: Alon Bar-Lev <[email protected]>
* Fix missing include in kdf.cppJack Lloyd2016-11-291-0/+1
| | | | | | Showed up when compiling kdf.cpp with no KDFs enabled in build. [ci skip]
* Fix BER decoder integer overflowJack Lloyd2016-11-283-2/+45
|\
| * Check for overflow in BER decoder EOC scanningJack Lloyd2016-11-273-2/+45
| |
* | Add TLS::Policy::require_cert_revocation_infoJack Lloyd2016-11-283-1/+14
| |
* | Merge GH #738 Add OCSP stapling to TLS clientJack Lloyd2016-11-2816-61/+342
|\ \
| * | Add OCSP stapling support to TLS clientJack Lloyd2016-11-2616-61/+342
| | |
* | | define NOMINMAX 1 before every include of windows.hBaruch Burstein2016-11-286-4/+6
| |/ |/|
* | Add BOTAN_UNUSED when relevant OS support is missingJack Lloyd2016-11-272-0/+2
| |
* | Fix amalgamation for IncludeOS - avoid having <thread> pulled inJack Lloyd2016-11-271-1/+1
| |
* | Merge GH #590 Initial Cilk/OpenMP supportJack Lloyd2016-11-2714-261/+380
|\ \
| * | Add compiler.h macro header extracted from build.hJack Lloyd2016-11-263-10/+176
| | | | | | | | | | | | | | | | | | | | | | | | All this is just standard C that the user should not touch, so it doesn't really make sense to have it in the build.h template file. Remove BOTAN_TARGET_CPU_HAS_KNOWN_ENDIANESS - only used twice (in loadstor.h) and that code is clearer without it.
| * | Add Cilk/OpenMP supportJack Lloyd2016-11-2611-251/+204
| |/
* | No reason to deprecate this (only internally called) constructorJack Lloyd2016-11-261-1/+2
| |
* | Correct output_length bug in SIV and ChaCha20Poly1305 alsoJack Lloyd2016-11-262-2/+2
| |
* | Add TLS::Policy::to_stringJack Lloyd2016-11-262-0/+13
| |
* | Simple tests for AutoSeeded_RNGJack Lloyd2016-11-262-1/+2
|/
* Fix OpenSSL RC4 clone - ignored skip paramJack Lloyd2016-11-261-1/+1
|
* Add test for various functions previously missed (T::clone, PBKDF::name, ↵Jack Lloyd2016-11-263-3/+3
| | | | | | | AEAD::output_length) Fix a bug in CCM, GCM, and OCB decryption which caused `output_length(tag_size())` to fail even though empty plaintexts are certainly defined for all three modes.
* Merge GH #718 Add XMSS WOTS schemeJack Lloyd2016-11-2616-43/+563
|\
| * Adds changes from XMSS Review & resolves conflictsMatthias Gierlings2016-11-1210-120/+32
| |
| * Adds optional XMSS WOTS stand-alone componentsMatthias Gierlings2016-11-1214-12/+566
| | | | | | | | | | | | | | | | | | | | | | The main XMSS implementation does not expose stand-alone access to XMSS Winternitz One Time Signatures through the Botan::PK_Ops interfaces. XMSS WOTS is used by XMSS internally though. This PR implements a possible XMSS WOTS interface for stand-alone use. XMSS WOTS is tested through the XMSS tests, therefore there are no dedicated XMSS WOTS test vectors and test bench components implemented in this PR.
| * Added Extended Hash-Based Signatures (XMSS)Matthias Gierlings2016-11-126-3/+57
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [1] XMSS: Extended Hash-Based Signatures, draft-itrf-cfrg-xmss-hash-based-signatures-06 Release: July 2016. https://datatracker.ietf.org/doc/ draft-irtf-cfrg-xmss-hash-based-signatures/?include_text=1 Provides XMSS_PublicKey and XMSS_PrivateKey classes as well as implementations for the Botan interfaces PK_Ops::Signature and PK_Ops::Verification. XMSS has been integrated into the Botan test bench, signature generation and verification can be tested independently by invoking "botan-test xmss_sign" and "botan-test xmss_verify" - Some headers that are not required to be exposed to users of the library have to be declared as public in `info.txt`. Declaring those headers private will cause the amalgamation build to fail. The following headers have been declared public inside `info.txt`, even though they are only intended for internal use: * atomic.h * xmss_hash.h * xmss_index_registry.h * xmss_address.h * xmss_common_ops.h * xmss_tools.h * xmss_wots_parameters.h * xmss_wots_privatekey.h * xmss_wots_publickey.h - XMSS_Verification_Operation Requires the "randomness" parameter out of the XMSS signature. "Randomness" is part of the prefix that is hashed *before* the message. Since the signature is unknown till sign() is called, all message content has to be buffered. For large messages this can be inconvenient or impossible. **Possible solution**: Change PK_Ops::Verification interface to take the signature as constructor argument, and provide a setter method to be able to update reuse the instance on multiple signatures. Make sign a parameterless member call. This solution requires interface changes in botan. **Suggested workaround** for signing large messages is to not sign the message itself, but to precompute the message hash manually using Botan::HashFunctio and sign the message hash instead of the message itself. - Some of the available test vectors for the XMSS signature verification have been commented out in order to reduce testbench runtime.
* | Merge GH #653 OCSP and X.509 path validation refactorJack Lloyd2016-11-2526-549/+1347
|\ \ | | | | | | | | | | | | | | | Splits up path validation into several sub-functions for easier testing and creating customized validation code. Much improved OCSP handling and OCSP tests.
| * | Fix TLS tests wrt validation changesJack Lloyd2016-11-251-2/+2
| | | | | | | | | | | | Create empty CRLs so that revocation information is available.
| * | Add missing Doxygen param [ci skip]Jack Lloyd2016-11-251-0/+2
| | |
| * | Add a test for to_string(Certificate_Status_Code)Jack Lloyd2016-11-251-5/+5
| | |
| * | Add minimum_signature_strenght to Text_PolicyJack Lloyd2016-11-252-3/+9
| | | | | | | | | | | | Also (unrelated) enable CECPQ1 in Strict_Policy
| * | Add TLS::Policy::minimum_signature_strengthJack Lloyd2016-11-256-5/+25
| | | | | | | | | | | | | | | | | | Changes TLS callback API for cert verify to accept Policy& Sets default signature strength to 110 to force RSA ~2048.
| * | Address review comments from @cordneyJack Lloyd2016-11-256-114/+250
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Primarily doc updates but also expose some more logic in PKIX namespace, overall_status and merge_revocation_status. This allows calling more or less all of the logic used by the monolitic x509_path_validate in any way needed by an application. Add Certificate_Store_In_Memory::add_crl variant taking shared_ptr Add optional Certificate_Store_In_Memory* pointer to check_crl_online, valid CRLs are saved there.
| * | Fix popping empty container if no revocation data availableJack Lloyd2016-11-231-2/+2
| | |
| * | Add macro signalling support for online revocation checks.Jack Lloyd2016-11-232-3/+7
| | |
| * | Better OCSP tests including online testsJack Lloyd2016-11-232-2/+10
| | | | | | | | | | | | Tests touching network are gated by --run-online-tests flag.
| * | MSVC doesnt support #warningJack Lloyd2016-11-231-1/+1
| | |
| * | Add some simple OCSP testsJack Lloyd2016-11-231-0/+2
| | | | | | | | | | | | | | | | | | Nothing much but better than nothing. Also add a useful arg check to OCSP::Request constructor.
| * | Consult the response for matching certs also, fixes Symantec OCSPJack Lloyd2016-11-231-2/+20
| | |
| * | Add the documented function for OCSP timeoutsJack Lloyd2016-11-232-3/+10
| | |
| * | Move TLS cert verification callback from Credentials_Manager to TLS::CallbacksJack Lloyd2016-11-237-83/+110
| | | | | | | | | | | | | | | | | | It is the only function in C_M which is called on to process session-specific (and adversarially provided) inputs, rather than passively returning some credential which is typically not session specific.
| * | Refactor X.509 path validationJack Lloyd2016-11-237-356/+744
| | | | | | | | | | | | | | | | | | | | | | | | | | | Splits path building, path validation, CRL checks, and OCSP checks into distinct functions in namespace PKIX. The previous path validation APIs remain. Fixes to OCSP to store more information and to handle modern OCSP setups in at least some situations.
| * | Add find_cert_by_pubkey_sha1 to Certificate_Store_In_MemoryJack Lloyd2016-11-234-55/+64
| | |