aboutsummaryrefslogtreecommitdiffstats
path: root/src/pbe/pbes1
Commit message (Collapse)AuthorAgeFilesLines
* Shuffle things around. Add NIST X.509 test to build.lloyd2014-01-013-272/+0
|
* Give everything setting a feature test macro in build.h a version codelloyd2013-11-281-1/+1
| | | | | | so application code can check for the specific API it expects without having to keep track of what versions APIs x,y,z changed. Arbitrarily set all current API versions to 20131128.
* Avoid using CBC filters directly in PBESlloyd2013-08-151-9/+3
|
* Add missing includes, noticed by OS X's Clang 4.1lloyd2012-10-301-0/+1
|
* More Doxygen warning fixeslloyd2012-07-091-0/+3
|
* Add new PBKDF interface that takes a std::chrono::milliseconds andlloyd2012-05-312-84/+102
| | | | | | | | | | | | | | | | | | | | runs the KDF until at least that much time has passed, then returns the number of interations used. New parameter to the PKCS8 encryption routines which tells how long to run the PBKDF. Defaults to 200 milliseconds, which is short enough that it is unlikely to bother anyone but long enough to provide quite reasonable security against cracking attacks. On a Core i7-860, 200 ms with PBKDF2/SHA-1 runs about 180K to 220K iterations (compare with previous default of 10K). New PBE interface, remove new_params/set_key and require all inputs including the passphrase to be passed to the constructor. Drop the PGP S2K as it is pretty weird and not really useful outside of a full PGP implementation. Drop the deprecated PKCS8::encrypt_key and PKCS8::encode functions.
* Some post merge fixups.lloyd2012-05-251-7/+2
| | | | | Fix some bugs that triggered if DEFAULT_BUFFERSIZE was either too small or an odd size.
* Fairly huge update that replaces the old secmem types with std::vectorlloyd2012-05-182-6/+6
| | | | | | using a custom allocator. Currently our allocator just does new/delete with a memset before deletion, and the mmap and mlock allocators have been removed.
* Convert the BER/DER coders to use size_t instead of u32bit for smalllloyd2011-02-091-1/+1
| | | | integer values. Update callers.
* Make MemoryRegion::set protected, change all callerslloyd2010-10-291-6/+8
|
* Use size_t in filterslloyd2010-10-122-4/+4
| | | | | This breaks API for anyone creating their own Filter types, but it had to happen eventually.
* More changes to avoid vector to pointer implicit conversionslloyd2010-09-141-1/+1
|
* More vector->pointer conversion removals.lloyd2010-09-131-2/+1
| | | | | | | | | | | Add RandomNumberGenerator::random_vec, which takes an length n and returns a new SecureVector with randomized contents of that size. This nicely covers most of the cases where randomize was being called on a vector, and is a little cleaner in the code as well, instead of vec.resize(length); rng.randomize(&vec[0], vec.size()); we just write vec = rng.random_vec(length);
* Give all Filter objects a method for querying their namelloyd2010-06-282-0/+8
|
* More Doxygen commentslloyd2010-06-161-1/+6
|
* More Doxygen updates/fixeslloyd2010-06-151-2/+2
|
* Increase the iteration count and salt size used for encryptedlloyd2010-06-151-1/+1
| | | | | | | | | | | | | | | | private keys. For the older PBES1, we can only increase the iteration count (from 2048 to 10000); the salt is fixed by the standard to 64 bits. This is probably OK, since PBES1 is also limited to (at best) 64-bit encryption keys and thus is pretty unsafe anyway. For PBES2, increase the iteration count (also 2048 to 10000) and increase the size of the salt from 64 bits to 96 bits. This will only affect keys which are encrypted by a version after this revision.
* Modify the S2K interface. Instead of being stateful in terms of the saltlloyd2010-02-011-3/+3
| | | | | | | | | | | and iteration count, force it to be passed to each call to derive_key. So remove current_salt, set_iterations, new_random_salt, and change_salt functions from S2K interface. Update examples and test application to match. While I was in there, change the passhash example to use 64 bit salts and 128 bit PBKDF2 outputs.
* Full working amalgamation build, plus internal-only headers concept.lloyd2009-12-161-7/+0
|
* Rename/remove some secmem member variables for better matching with STLlloyd2009-11-171-1/+1
| | | | | | | | containers (specifically vector). Rename is_empty to empty Remove has_items Rename create to resize
* Remove the 'realname' attribute on all modules and cc/cpu/os info files.lloyd2009-10-291-2/+0
| | | | | Pretty much useless and unused, except for listing the module names in build.h and the short versions totally suffice for that.
* Add a script that reads the output of print_deps.py and rewriteslloyd2009-07-151-1/+5
| | | | | | the info.txt files with the right module dependencies. Apply it across the codebase.
* Thomas Moschny passed along a request from the Fedora packagers which camelloyd2009-03-302-41/+45
| | | | | | | | | | | | | | | up during the Fedora submission review, that each source file include some text about the license. One handy Perl script later and each file now has the line Distributed under the terms of the Botan license after the copyright notices. While I was in there modifying every file anyway, I also stripped out the remainder of the block comments (lots of astericks before and after the text); this is stylistic thing I picked up when I was first learning C++ but in retrospect it is not a good style as the structure makes it harder to modify comments (with the result that comments become fewer, shorter and are less likely to be updated, which are not good things).
* Remove global state dependency from pbes1lloyd2008-11-112-36/+56
|
* Remove use of get_s2k in PBES1 and PBES2, since they both always wantedlloyd2008-11-091-4/+6
| | | | | a particular algorithm (PBKDF1 or PBKDF2, resp), only variation is the has function to use.
* Split the last parts of the 'core' modulelloyd2008-11-081-1/+1
| | | | Add some missing info.txts
* Move pbe/pbe_base to pbe/lloyd2008-10-261-1/+1
|
* Add PBKDF1,2 deps to PBES1,2lloyd2008-10-081-0/+1
|
* Revert part of revision b87599ffaee2d8ed2ec7597634413e73e4fb2fd8 thatlloyd2008-10-021-1/+1
| | | | | | | | added a new mandatory parameter of a Library_State& to get_cipher(). Do this so Monotone does not have to special case. Other lookup related functions like retrieve_<type> and add_algorithm() still require a Library_State& however.
* Move get_pbe from libstate to new pbe_base module (in pbe/)lloyd2008-10-011-2/+1
|
* Expose use of global state in some of the lookup functions, includinglloyd2008-09-291-1/+1
| | | | get_cipher
* Rename all modinfo.txt files to info.txt, since they are all (none) oflloyd2008-09-291-0/+0
| | | | | them modules now. In any case there is no distinction so info.txt seems better.
* New filters module. Add deps for it in some needed areas (codec, pbes)lloyd2008-09-281-0/+5
|
* Compliation fixeslloyd2008-09-281-1/+1
|
* Add missing PBE header and modinfo fileslloyd2008-09-281-0/+10
|
* Modularize PBEs (password-based encryption schemes)lloyd2008-09-282-0/+211