aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib
Commit message (Collapse)AuthorAgeFilesLines
* More MSVC warnings fixesJack Lloyd2017-08-3111-19/+20
|
* Fix various MSVC warningsJack Lloyd2017-08-3125-69/+97
| | | | Based on VC2017 output
* Slight cleanup in Curve25519_PrivateKey constructorJack Lloyd2017-08-291-8/+6
|
* Remove unused includeJack Lloyd2017-08-291-1/+0
|
* Avoid having variable named m_emsa twice in class hierarchyJack Lloyd2017-08-292-8/+16
| | | | | | | | In fact the variable was only used if we use deterministic nonces, and just to extract the hash name. So just do that once, and only if we are not using random nonces. Flagged by Sonar
* Fix a valgrind const-time error in ISO 9796 paddingJack Lloyd2017-08-291-2/+7
| | | | It didn't unpoison the output values.
* Avoid false positive valgrind in TLS CBC decryptionJack Lloyd2017-08-291-2/+2
| | | | | | We poisoned the record before decrypting it, which caused failures with Camellia ciphersuites (or AES, on platforms that use T-tables). Instead poison it right after decrypting.
* Avoid math on booleansJack Lloyd2017-08-291-3/+3
| | | | Sonar find
* In OCSP::CertID don't crash if SHA-1 not availableJack Lloyd2017-08-291-1/+1
| | | | Caught with Sonar
* Avoid `throw new Exception`Jack Lloyd2017-08-291-1/+1
| | | | Caught by Sonar, once I managed to wade through the noise.
* OpenSSL module requires public key code be enabled in buildJack Lloyd2017-08-291-0/+4
|
* Merge GH #1158 Add build mode for fuzzer testsJack Lloyd2017-08-292-3/+9
|\
| * Fix bad iterator deref in OpenSSL RSAJack Lloyd2017-08-251-1/+3
| |
| * Add a guard to avoid doing &v[1] when v.size() == 1Jack Lloyd2017-08-251-2/+6
| | | | | | | | Found by running the fuzzers over corpus with debug iterators.
* | Avoid using GCC ivdep pragma in GCC 4.8 [ci skip]Jack Lloyd2017-08-281-1/+1
|/
* Cleanup ARIAJack Lloyd2017-08-232-379/+251
| | | | Remove NEON support, replace macros with inlines
* Add ARIA Block Cipher (GH #1004)Jeffrey Walton2017-08-234-0/+738
|
* Fix bug affecting AltiVec on ppc64le processorsJack Lloyd2017-08-231-8/+2
|
* Fix Altivec detectionJack Lloyd2017-08-221-2/+2
| | | | Broken in c3ae43c04c
* Add support for ECDHE_PSK AEAD ciphersuitesJack Lloyd2017-08-221-2/+6
| | | | From draft-ietf-tls-ecdhe-psk-aead-05, now with official codepoints.
* Remove BOTAN_PARALLEL_FOR from T-table AESJack Lloyd2017-08-221-1/+1
| | | | GH #1077
* Simplify botan_privkey_create_XXXJack Lloyd2017-08-221-87/+16
| | | | All of these can just forward to botan_privkey_create
* Add dh functions in ffiKonstantinos Kolelis2017-08-222-0/+96
|
* Merge GH #1154 Add check for passhash9 algo being available in testsJack Lloyd2017-08-192-0/+15
|\
| * Add is_passhash9_alg_supported()René Korthaus2017-08-192-0/+15
| |
* | Newhope cleanupsJack Lloyd2017-08-182-663/+668
|/ | | | Formatting, use size_t instead of int, etc
* Change type of botan_scrub_mem from uint8_t* to void*Jack Lloyd2017-08-172-2/+2
| | | | | The underlying function already takes void* and it makes sense to pass non-byte buffers to this function.
* In SHACAL2 be smarter about how the round keys are loadedJack Lloyd2017-08-161-9/+15
| | | | | | Using _mm_set_epi32 caused 2 distinct (adjacent) loads followed by an unpack to combine the registers. Have not tested on hardware to see if this actually improves performance.
* Optimize SHACAL2Jack Lloyd2017-08-162-46/+20
| | | | | | Combine several shuffle operations into one. Thanks to jww for the hint. Probably not noticably faster on any system.
* Allow signature using `Raw(hashname)`Jack Lloyd2017-08-153-7/+38
| | | | | | This confirms the message is exactly the size of the expected hash, and also causes RFC 6979 nonces to be generated using the specified hash. See also https://github.com/riboseinc/rnp/issues/367
* Update FFI versionJack Lloyd2017-08-152-5/+13
| | | | | | | Also fix botan_ffi_supports_api to return true for any supported version (2.0, 2.1/2.2, and 2.3). Really 2.2 should have had its own FFI version code since there were already many FFI API additions in that release.
* Add botan_hex_decode, botan_base64_encode, botan_base64_decode FFI funcsJack Lloyd2017-08-152-3/+52
|
* Merge GH #1151 Add SHACAL2Jack Lloyd2017-08-1517-0/+700
|\
| * Add 2x unrolling for SHACAL2 on x86Jack Lloyd2017-08-141-2/+71
| |
| * Add support for SHACAL2 using x86 SHA extensionsJack Lloyd2017-08-144-0/+109
| |
| * Notify callers of parallel ops for AES, IDEA, Noekeon, SHACAL2 and ThreefishJack Lloyd2017-08-1410-0/+85
| |
| * Pass by reference for MSVC x86Jack Lloyd2017-08-141-6/+8
| | | | | | | | | | It complains it cannot pass the __m128i without loss of alignment. (Why, I have no idea.)
| * Add SHACAL2 in generic SIMDJack Lloyd2017-08-135-0/+215
| | | | | | | | Bit over 2x faster on my desktop
| * Add SHACAL2Jack Lloyd2017-08-134-0/+220
| | | | | | | | 256 bit ARX block cipher with hardware support, what's not to love.
* | Improve polynomial doubling code, move to utilJack Lloyd2017-08-157-45/+169
|/ | | | | | | | | Now does 64-bits at a time instead of 8 bits, and avoids conditional timing channel on the XOR carry. Confirmed that at least GCC 7 and Clang 4 on x86-64 compile the functions without conditional jumps. Also removes CMAC as a dependency of OCB, which only needed it in order to call CMAC::poly_double
* Modify GOST-34.11 hash to avoid a GCC miscompilation.Jack Lloyd2017-08-131-1/+4
| | | | | | | | | | | | For whatever reason GCC 7 on i386 miscompiles this loop under -O3. I was not able to reduce the bug to a small testcase - extracting the problem section of the code to its own file, it behaves correctly. Also oddly, I was never able to repro this using Arch's gcc-multilib i386 compiler. But when compiled with the 'native' i386 compiler in a chroot it immediately fails. See GH #1148 and GH #882
* Silence clang warning in create_private_key().Alexander Bluhm2017-08-131-1/+1
| | | | | | If compiled with OpenSSL, clang emitted the warning "using the result of an assignment as a condition without parentheses". Putting parentheses around the assignment fixes this.
* Fix issue signing an ECDSA hash of all-zeros (GH #1143)Jack Lloyd2017-08-071-1/+1
| | | | | The tests were generated by Botan but I was able to verify the resulting signatures using Golang's ecdsa module.
* Merge GH #1142 Add SM2 encryption schemeJack Lloyd2017-08-078-12/+415
|\
| * When creating an EC curve with default params, use algo-specific curveJack Lloyd2017-08-041-1/+17
| | | | | | | | | | Eg previously ./botan keygen --algo=GOST-34.10 would create a GOST-34.10 curve over P-256, probably not useful in most cases.
| * Add SM2 encryption to FFIJack Lloyd2017-08-043-0/+58
| | | | | | | | Also add hooks for keygen, etc
| * Add SM2 encryption schemeJack Lloyd2017-08-045-11/+340
| | | | | | | | This is a contribution from Ribose Inc (@riboseinc)
* | Merge GH #1138 Add support for Windows sockets in http_util and TLS command ↵Jack Lloyd2017-08-073-1/+55
|\ \ | | | | | | | | | line utils
| * | Fix for amalgamation build on WindowsRené Korthaus2017-08-041-0/+1
| | |
| * | Use anonymous namespace to fix static buildRené Korthaus2017-08-041-0/+4
| | |
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-02 15:53:10 +0000