Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Handle PPC crypto bit in tests [ci skip] | Jack Lloyd | 2018-10-01 | 1 | -0/+2 |
| | |||||
* | Fix some warnings in ARM specific code | Jack Lloyd | 2018-10-01 | 2 | -28/+34 |
| | |||||
* | Fix more MSVC warnings | Jack Lloyd | 2018-10-01 | 10 | -29/+53 |
| | |||||
* | Avoid a MSVC 2015 warning | Jack Lloyd | 2018-10-01 | 3 | -3/+3 |
| | |||||
* | Fix some MSVC warnings | Jack Lloyd | 2018-09-30 | 8 | -18/+18 |
| | |||||
* | Move UUID to utils, test it, and fix bugs. | Jack Lloyd | 2018-09-30 | 5 | -106/+157 |
| | | | | Fixes #1695 | ||||
* | Refactor mode tests, and correct bugs found | Jack Lloyd | 2018-09-29 | 6 | -8/+38 |
| | | | | | | | | | | | | | | | | | | | Several problems in CBC found by adding tests - If you set a key, then set a nonce, then set a new key, you could encrypt without setting a new nonce. - It was possible to call CBC finish without setting a nonce, which would crash. - If you had an CBC decryption object, set a key, set a nonce, then reset message state, it should throw because no nonce is set. Instead it would carry on using an all-zero nonce. Disable CommonCrypto with PKCS7 padding as it seems to have some problem that I cannot figure out from the build logs. This work sponsored by Ribose Inc | ||||
* | Avoid null pointer write in FFI | Jack Lloyd | 2018-09-28 | 1 | -1/+4 |
| | | | | | | | | If a function returning variable length output was called with a null output buffer but a non-zero output buffer length, FFI layer would call memset(nullptr, 0, buffer_len) and crash. Caught by Coverity. | ||||
* | Use correct array length in Serpent AVX2 | Jack Lloyd | 2018-09-28 | 1 | -2/+2 |
| | | | | Not an actual problem, but flagged by Coverity | ||||
* | Spell check the documentation | Jack Lloyd | 2018-09-28 | 5 | -11/+11 |
| | |||||
* | Skip using mmap allocation if mlock is not available. | Jack Lloyd | 2018-09-27 | 1 | -8/+4 |
| | | | | | Previously this would just mmap but pointlessly as the memory was not locked; might as well use the standard heap in that case. | ||||
* | Add OS::running_in_privileged_state | Jack Lloyd | 2018-09-27 | 4 | -17/+41 |
| | | | | | | | | Avoid any getenv toggles or reading /proc if we are setuid/setgid. It is possible there is or will someday be some file in /proc that is world-readable, but if read by a privileged user causes some side effect. | ||||
* | Add a fuzzer for OAEP unpadding | Jack Lloyd | 2018-09-22 | 2 | -10/+33 |
| | | | | This tests the delim scanning section which must be const time. | ||||
* | Add fuzzer for mode unpadding, and fix bugs found thereby | Jack Lloyd | 2018-09-22 | 3 | -59/+73 |
| | | | | | | | Both PKCS7 and X9.23 padding modes did not examine the first byte of the purported padding if the padding took an entire block. So for example for a 64-bit cipher, PKCS7 would accept XX08080808080808 as a valid padding for any byte value. | ||||
* | Optimization for Poly1305 | Jack Lloyd | 2018-09-20 | 1 | -17/+24 |
| | | | | | Rearranging this code seems to let both GCC and Clang do a little better on the core loop, 4-7% depending on buffer size on my i7-6700k | ||||
* | Add support for using Linux getrandom syscall | Jack Lloyd | 2018-09-20 | 1 | -0/+39 |
| | | | | Disabled by default as it requires a relatively recent kernel and glibc. | ||||
* | Correct some maintiner mode warnings | Jack Lloyd | 2018-09-20 | 2 | -4/+4 |
| | |||||
* | Slight optimization for MGF1 | Jack Lloyd | 2018-09-20 | 1 | -2/+3 |
| | | | | Avoid needless allocations during PSS and OAEP operations. | ||||
* | Use an Alloc template to reduce duplication in Filter::send | Jack Lloyd | 2018-09-18 | 1 | -14/+6 |
| | |||||
* | Simplify BigInt::get_substring a bit | Jack Lloyd | 2018-09-15 | 1 | -10/+11 |
| | | | | And forbid 0 length substrings, which did not work correctly anyway. | ||||
* | Use new CAST-128 specific feature macro here | Jack Lloyd | 2018-09-15 | 1 | -1/+1 |
| | |||||
* | Define botan_scrypt in terms of botan_pwdhash | Jack Lloyd | 2018-09-13 | 1 | -12/+5 |
| | |||||
* | In FFI pwdhash functions, let len == 0 mean "call strlen" | Jack Lloyd | 2018-09-13 | 2 | -2/+18 |
| | |||||
* | In AutoSeeded_RNG invoke randomize_with_ts_input on the owned RNG | Jack Lloyd | 2018-09-13 | 1 | -1/+1 |
| | | | | | | | | Invoking on this means we use RandomNumberGenerator::randomize_with_ts_input which just adds timestamps. Whereas Stateful_RNG::randomize_with_ts_input (as implemented by the owned RNG) also adds the reseed counter and the last pid. Probably no real difference, but can't hurt and not any slower. | ||||
* | Split 'cast' module into CAST-128 and CAST-256 | Jack Lloyd | 2018-09-13 | 7 | -2/+7 |
| | | | | | | | They were only in the same place because of the desire to share the sbox tables, but that can be handled by adding a dependency. This makes it possible to disable CAST-256 while leaving CAST-128. | ||||
* | Merge GH #1670 New password hashing interface | Jack Lloyd | 2018-09-13 | 18 | -280/+1492 |
|\ | |||||
| * | Remove redundant operation | Jack Lloyd | 2018-09-10 | 1 | -4/+0 |
| | | |||||
| * | Support tuning in PGP-S2K PBKDF interface | Jack Lloyd | 2018-09-10 | 1 | -3/+8 |
| | | |||||
| * | Fix Doxygen comments | Jack Lloyd | 2018-09-10 | 1 | -2/+4 |
| | | |||||
| * | Add from_iterations | Jack Lloyd | 2018-09-10 | 8 | -13/+57 |
| | | |||||
| * | Add FFI | Jack Lloyd | 2018-09-10 | 2 | -15/+134 |
| | | | | | | | | This is a contribution of Ribose Inc (@riboseinc) | ||||
| * | Convert Scrypt | Jack Lloyd | 2018-09-10 | 4 | -128/+281 |
| | | | | | | | | | | | | | | This also changes some (library only) APIs so PBES2 needed to be modified. This is a contribution of Ribose Inc (@riboseinc) | ||||
| * | Convert PGP-S2K | Jack Lloyd | 2018-09-10 | 2 | -63/+225 |
| | | | | | | | | This is a contribution by Ribose Inc (@riboseinc) | ||||
| * | Convert PBKDF2 | Jack Lloyd | 2018-09-10 | 3 | -71/+226 |
| | | | | | | | | This is a contribution by Ribose Inc (@riboseinc) | ||||
| * | Add PasswordHash and PasswordHashFamily | Jack Lloyd | 2018-09-10 | 4 | -1/+242 |
| | | | | | | | | This is a contribution by Ribose Inc (@riboseinc) | ||||
| * | Promote Timer to an internal util class | Jack Lloyd | 2018-09-10 | 3 | -1/+336 |
| | | |||||
* | | Some document fixes | Jack Lloyd | 2018-09-13 | 1 | -8/+13 |
| | | | | | | | | | | Downgrade min Sphinx to 1.2 again - I checked and while Sphinx 1.2 produce many warnings it does generate usable output. | ||||
* | | Fix certstore tests | Jack Lloyd | 2018-09-11 | 1 | -0/+1 |
| | | | | | | | | Accidentally disabled in 643a4041bedc | ||||
* | | Add FFI functions for creating and getting X25519 data | Jack Lloyd | 2018-09-10 | 4 | -0/+102 |
| | | | | | | | | See GH #1680 | ||||
* | | Merge GH #1673 Add CommonCrypto block cipher interface | Jack Lloyd | 2018-09-10 | 6 | -5/+220 |
|\ \ | |||||
| * | | Add CommonCrypto block cipher support | Jose Pereira | 2018-09-10 | 6 | -5/+220 |
| | | | |||||
* | | | Remove redundant defines | Jack Lloyd | 2018-09-10 | 1 | -2/+0 |
|/ / | |||||
* | | Merge GH #1674 Add CommonCrypto cipher modes | Jack Lloyd | 2018-09-10 | 6 | -6/+461 |
|\ \ | |||||
| * | | Add CommonCrypto cipher modes support | Jose Pereira | 2018-09-09 | 6 | -6/+461 |
| | | | |||||
* | | | Report if Serpent is using AVX2 | Jack Lloyd | 2018-09-10 | 1 | -0/+7 |
| |/ |/| | |||||
* | | Support SM2 raw signatures | Jack Lloyd | 2018-09-09 | 1 | -57/+101 |
| | | | | | | | | | | | | Where SM2 signs a hash input provided by the application. This is a contribution by Ribose Inc (@riboseinc) | ||||
* | | Merge GH #1678 Add read_kv utility function | Jack Lloyd | 2018-09-09 | 2 | -3/+111 |
|\ \ | |||||
| * | | Add read_kv for parsing strings with key/value pairs | Jack Lloyd | 2018-09-09 | 2 | -3/+111 |
| |/ | | | | | | | This is a contribution by Ribose Inc (@riboseinc) | ||||
* | | Optimize CT::is_zero, CT::expand_mask, CT::expand_top_bit | Jack Lloyd | 2018-09-07 | 2 | -26/+24 |
| | | |||||
* | | Revert increase in Blowfish minimum length. | Jack Lloyd | 2018-09-07 | 2 | -2/+2 |
| | | | | | | | | | | | | We need to support short keys for 'PBKDF2(CMAC(Blowfish))' which is supported as part of passhash9 format, there the passphrase is used directly as the CMAC key. |