aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib
Commit message (Collapse)AuthorAgeFilesLines
* Handle PPC crypto bit in tests [ci skip]Jack Lloyd2018-10-011-0/+2
|
* Fix some warnings in ARM specific codeJack Lloyd2018-10-012-28/+34
|
* Fix more MSVC warningsJack Lloyd2018-10-0110-29/+53
|
* Avoid a MSVC 2015 warningJack Lloyd2018-10-013-3/+3
|
* Fix some MSVC warningsJack Lloyd2018-09-308-18/+18
|
* Move UUID to utils, test it, and fix bugs.Jack Lloyd2018-09-305-106/+157
| | | | Fixes #1695
* Refactor mode tests, and correct bugs foundJack Lloyd2018-09-296-8/+38
| | | | | | | | | | | | | | | | | | | Several problems in CBC found by adding tests - If you set a key, then set a nonce, then set a new key, you could encrypt without setting a new nonce. - It was possible to call CBC finish without setting a nonce, which would crash. - If you had an CBC decryption object, set a key, set a nonce, then reset message state, it should throw because no nonce is set. Instead it would carry on using an all-zero nonce. Disable CommonCrypto with PKCS7 padding as it seems to have some problem that I cannot figure out from the build logs. This work sponsored by Ribose Inc
* Avoid null pointer write in FFIJack Lloyd2018-09-281-1/+4
| | | | | | | | If a function returning variable length output was called with a null output buffer but a non-zero output buffer length, FFI layer would call memset(nullptr, 0, buffer_len) and crash. Caught by Coverity.
* Use correct array length in Serpent AVX2Jack Lloyd2018-09-281-2/+2
| | | | Not an actual problem, but flagged by Coverity
* Spell check the documentationJack Lloyd2018-09-285-11/+11
|
* Skip using mmap allocation if mlock is not available.Jack Lloyd2018-09-271-8/+4
| | | | | Previously this would just mmap but pointlessly as the memory was not locked; might as well use the standard heap in that case.
* Add OS::running_in_privileged_stateJack Lloyd2018-09-274-17/+41
| | | | | | | | Avoid any getenv toggles or reading /proc if we are setuid/setgid. It is possible there is or will someday be some file in /proc that is world-readable, but if read by a privileged user causes some side effect.
* Add a fuzzer for OAEP unpaddingJack Lloyd2018-09-222-10/+33
| | | | This tests the delim scanning section which must be const time.
* Add fuzzer for mode unpadding, and fix bugs found therebyJack Lloyd2018-09-223-59/+73
| | | | | | | Both PKCS7 and X9.23 padding modes did not examine the first byte of the purported padding if the padding took an entire block. So for example for a 64-bit cipher, PKCS7 would accept XX08080808080808 as a valid padding for any byte value.
* Optimization for Poly1305Jack Lloyd2018-09-201-17/+24
| | | | | Rearranging this code seems to let both GCC and Clang do a little better on the core loop, 4-7% depending on buffer size on my i7-6700k
* Add support for using Linux getrandom syscallJack Lloyd2018-09-201-0/+39
| | | | Disabled by default as it requires a relatively recent kernel and glibc.
* Correct some maintiner mode warningsJack Lloyd2018-09-202-4/+4
|
* Slight optimization for MGF1Jack Lloyd2018-09-201-2/+3
| | | | Avoid needless allocations during PSS and OAEP operations.
* Use an Alloc template to reduce duplication in Filter::sendJack Lloyd2018-09-181-14/+6
|
* Simplify BigInt::get_substring a bitJack Lloyd2018-09-151-10/+11
| | | | And forbid 0 length substrings, which did not work correctly anyway.
* Use new CAST-128 specific feature macro hereJack Lloyd2018-09-151-1/+1
|
* Define botan_scrypt in terms of botan_pwdhashJack Lloyd2018-09-131-12/+5
|
* In FFI pwdhash functions, let len == 0 mean "call strlen"Jack Lloyd2018-09-132-2/+18
|
* In AutoSeeded_RNG invoke randomize_with_ts_input on the owned RNGJack Lloyd2018-09-131-1/+1
| | | | | | | | Invoking on this means we use RandomNumberGenerator::randomize_with_ts_input which just adds timestamps. Whereas Stateful_RNG::randomize_with_ts_input (as implemented by the owned RNG) also adds the reseed counter and the last pid. Probably no real difference, but can't hurt and not any slower.
* Split 'cast' module into CAST-128 and CAST-256Jack Lloyd2018-09-137-2/+7
| | | | | | | They were only in the same place because of the desire to share the sbox tables, but that can be handled by adding a dependency. This makes it possible to disable CAST-256 while leaving CAST-128.
* Merge GH #1670 New password hashing interfaceJack Lloyd2018-09-1318-280/+1492
|\
| * Remove redundant operationJack Lloyd2018-09-101-4/+0
| |
| * Support tuning in PGP-S2K PBKDF interfaceJack Lloyd2018-09-101-3/+8
| |
| * Fix Doxygen commentsJack Lloyd2018-09-101-2/+4
| |
| * Add from_iterationsJack Lloyd2018-09-108-13/+57
| |
| * Add FFIJack Lloyd2018-09-102-15/+134
| | | | | | | | This is a contribution of Ribose Inc (@riboseinc)
| * Convert ScryptJack Lloyd2018-09-104-128/+281
| | | | | | | | | | | | | | This also changes some (library only) APIs so PBES2 needed to be modified. This is a contribution of Ribose Inc (@riboseinc)
| * Convert PGP-S2KJack Lloyd2018-09-102-63/+225
| | | | | | | | This is a contribution by Ribose Inc (@riboseinc)
| * Convert PBKDF2Jack Lloyd2018-09-103-71/+226
| | | | | | | | This is a contribution by Ribose Inc (@riboseinc)
| * Add PasswordHash and PasswordHashFamilyJack Lloyd2018-09-104-1/+242
| | | | | | | | This is a contribution by Ribose Inc (@riboseinc)
| * Promote Timer to an internal util classJack Lloyd2018-09-103-1/+336
| |
* | Some document fixesJack Lloyd2018-09-131-8/+13
| | | | | | | | | | Downgrade min Sphinx to 1.2 again - I checked and while Sphinx 1.2 produce many warnings it does generate usable output.
* | Fix certstore testsJack Lloyd2018-09-111-0/+1
| | | | | | | | Accidentally disabled in 643a4041bedc
* | Add FFI functions for creating and getting X25519 dataJack Lloyd2018-09-104-0/+102
| | | | | | | | See GH #1680
* | Merge GH #1673 Add CommonCrypto block cipher interfaceJack Lloyd2018-09-106-5/+220
|\ \
| * | Add CommonCrypto block cipher supportJose Pereira2018-09-106-5/+220
| | |
* | | Remove redundant definesJack Lloyd2018-09-101-2/+0
|/ /
* | Merge GH #1674 Add CommonCrypto cipher modesJack Lloyd2018-09-106-6/+461
|\ \
| * | Add CommonCrypto cipher modes supportJose Pereira2018-09-096-6/+461
| | |
* | | Report if Serpent is using AVX2Jack Lloyd2018-09-101-0/+7
| |/ |/|
* | Support SM2 raw signaturesJack Lloyd2018-09-091-57/+101
| | | | | | | | | | | | Where SM2 signs a hash input provided by the application. This is a contribution by Ribose Inc (@riboseinc)
* | Merge GH #1678 Add read_kv utility functionJack Lloyd2018-09-092-3/+111
|\ \
| * | Add read_kv for parsing strings with key/value pairsJack Lloyd2018-09-092-3/+111
| |/ | | | | | | This is a contribution by Ribose Inc (@riboseinc)
* | Optimize CT::is_zero, CT::expand_mask, CT::expand_top_bitJack Lloyd2018-09-072-26/+24
| |
* | Revert increase in Blowfish minimum length.Jack Lloyd2018-09-072-2/+2
| | | | | | | | | | | | We need to support short keys for 'PBKDF2(CMAC(Blowfish))' which is supported as part of passhash9 format, there the passphrase is used directly as the CMAC key.