| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|
|
|
| |
then you can't use the global PRNG but everything else still works.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
PRNG everywhere. The removal of the global PRNG was generated by a
desire to remove the global library state entirely. However the real
point of this was to remove the use of globally visible _mutable_
state; of the mutable state, the PRNG is probably the least important,
and the most useful to share. And it seems unlikely that thread
contention would be a major issue in the PRNG.
Add back a global PRNG to Library_State. Use lazy initialization, so
apps that don't ever use a PRNG don't need a seeding step. Then have
AutoSeeded_RNG call that global PRNG.
Offer once again
RandomNumberGenerator& Library_State::global_rng();
which returns a reference to the global PRNG.
This RNG object serializes access to itself with a mutex.
Remove the hack known as Blinding::choose_nonce, replace with using
the global PRNG to choose a blinding nonce
|
|
|
|
|
| |
immediately fall back the the plain malloc-based allocator, which is
typically quite a bit faster.
|
|
|
|
|
|
|
|
| |
not. Instead provide via Extensions::add(). No way to modify behavior
currently, it just follows the previous default police.
Remove the config options from Library_State entirely. Die, mutable
singletons, die.
|
|
|
|
| |
variable directly.
|
|
|
|
|
| |
PK_Encryptor_EME and PK_Decryptor_EME; the message recovery is somewhat
implicit in the recovery of the plaintext.
|
|
|
|
| |
convert look_pk to simple forwarders.
|
|
|
|
|
| |
PK_Decrypting_Key, PK_Signing_Key, PK_Verifying_with_MR_Key, and
PK_Verifying_wo_MR_Key.
|
| |
|
| |
|
|
|
|
|
| |
Note: blinding is not currently being used for RSA, RW, DH or ElGamal,
which used to have them. This should be added back before release.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
performed. Up until now, each key object (eg DSA_PublicKey or
ECDH_PrivateKey) had two jobs: contain the key material, and know how
to perform any operations on that key. However because of a desire to
support alternative implementations (GNU MP, hardware, whatever),
there was a notion of operations, with the key objects containing an
op that they got via engine rather than actually implementing the
underlying algorithms directly.
Now, represent the operation as an abstract interface (typically
mapping a byte string to a byte string), and pass a plain Public_Key&
or Private_Key& to the engine. The engine does any checks it wants (eg
based on name, typeid, key sizes, etc), and either returns nothing
(I'll pass) or a pointer to a new operation that represents signatures
or encryption or what-have-you using that key.
This means that plain key objects no longer contain operations. This
is a major break with the traditional interface. On the other hand,
using these 'bare' operations without padding, KDFs, etc is 99% of the
time a bad idea anyway (and if you really need them, there are options
so you get the bare op but via the pubkey.h interfaces).
Currently this change is only implemented for DH and ECDH (ie, key
agreement algorithms). Additionally the optional engines (gnump and
openssl) have not been updated. I'll probably wait to touch those
until after I can change them all in one go for all algos.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
scheme, which is supposed to use the IEEE 1363-style concatenation
format, was identified with the X9.62 OIDs, which are documented to
use the DER sequence format. Switch the BSI ones to use the OIDs
allocated for this purpose by BSI, and add the X9.62 ECDSA/SHA-1 OID
since that was missing.
Correct an ECDSA test that assumed the cert was identified with the BSI
OID, even though in fact the cert in question uses an X9.62-style format.
|
|
|
|
|
|
|
|
| |
"ECC DOMAIN PARAMETERS", because I couldn't find any other library
that offered PEM encoding to be compatible with so I just picked
something. Turns out OpenSSL does have PEM encoding of EC params
(openssl ecparam), and uses "EC PARAMETERS". As good as anything
else, and allows interop, so change to use that.
|
| |
|
| |
|
|
|
|
| |
instead of weird custom format hard-coded in ec_dompar.cpp
|
|\
| |
| |
| |
| |
| | |
84baf58b29f3aaaee34e2b873d0040be5a6c4368)
to branch 'net.randombit.botan.gost_3410' (head 63cbe3e357c071d7960bfedc31101eff35895285)
|
| |
| |
| |
| |
| | |
breaking it apart. Otherwise it would miss on things like TLS.Digest.0 which
expand to Parallel(MD5,SHA-1) which needs further parsing.
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| | |
functions into the header.
|
| | |
|
| | |
|
| | |
|
|\ \
| |/
|/|
| |
| |
| | |
a338abd543caa402c32acd952e865c8ec8e85a69)
to branch 'net.randombit.botan.gost_3410' (head d09208e0a933da2df52494876849c542e5a556ca)
|
| |\
| | |
| | |
| | |
| | |
| | | |
744dccf92270cf16b80b50ee2759424c9866b256)
to branch 'net.randombit.botan.gost_3410' (head 761e22ccc5785e8d699f4ba80b8f72858aa5ca75)
|
| | |\
| | | |
| | | |
| | | |
| | | |
| | | | |
142a9359ba02d5dfcf3f2c9f99902f82ab41724e)
to branch 'net.randombit.botan.gost_3410' (head 064884e9c2fde8228effdd48e80fed78ff0c42cb)
|
| | |\ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
b431f4bc404f3ed4a5332b69100ff903fbbb1d6a)
to branch 'net.randombit.botan.gost_3410' (head ecd662f4afc7f412d2dd9ec8fd6ac4ac47aa1c13)
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
draft-dolmatov-cryptocom-gost34102001-06
Known problem: GOST's X.509 (and PKCS #8?) formats are different from
ECDSA. ECDSA uses compressed points, GOST uses a completely raw pair
of points (with, OF COURSE, no leading uncompressed pair identifier,
because using something that already exists would just be too much).
|
| | | | | |
|
| | | | |
| | | | |
| | | | |
| | | | | |
because it makes the code slightly more explicit.
|
| | | | | |
|
|/ / / /
| | | |
| | | |
| | | | |
Move most of the engine headers to internal
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Fixes for the amalgamation generator for internal headers.
Remove BOTAN_DLL exporting macros from all internal-only headers;
the classes/functions there don't need to be exported, and
avoiding the PIC/GOT indirection can be a big win.
Add missing BOTAN_DLLs where necessary, mostly gfpmath and cvc
For GCC, use -fvisibility=hidden and set BOTAN_DLL to the
visibility __attribute__ to export those classes/functions.
|
| |_|/
|/| | |
|
|/ /
| |
| |
| |
| | |
Change serp_simd_sbox.h's header guard to use the leading BOTAN_ prefix for
proper macro namespacing.
|
|/ |
|
|
|
|
|
| |
providing it. Also stubs in the engine for VIA's AES instructions, but
needs CPUID checking also.
|
|\
| |
| |
| |
| |
| | |
8fb69dd1c599ada1008c4cab2a6d502cbcc468e0)
to branch 'net.randombit.botan.general-simd' (head c05c9a6d398659891fb8cca170ed514ea7e6476d)
|
| |
| |
| |
| | |
and Altivec (though Altivec is seemingly slower ATM...)
|
|/
|
|
|
| |
Pretty much useless and unused, except for listing the module names in
build.h and the short versions totally suffice for that.
|