aboutsummaryrefslogtreecommitdiffstats
path: root/src/pbe/pbes2
Commit message (Collapse)AuthorAgeFilesLines
* Add missing includes, noticed by OS X's Clang 4.1lloyd2012-10-301-0/+1
|
* More Doxygen commentslloyd2012-07-061-3/+7
|
* Wrong OID namelloyd2012-06-011-1/+1
|
* Allow arbitrary ciphers and hashes with PKCS #5 v2.0. The onlylloyd2012-05-312-55/+33
| | | | | | | | | | | | | | | | | | requirement is that OIDS for "<cipher>/CBC" and "HMAC(<hash>)" are defined. This does assume the normal parameter set of just the IV, so doesn't work right for (IIRC) RC5, but we don't have an OID set for RC5/CBC anyway. Continue to default to SHA-1 plus AES-256 as prior versions of the library can't handle any hashes other than SHA-1 or any ciphers other than AES or DES. OpenSSL 1.0.0j seems to understand SHA-256 + AES-256, though. BER_Decoder::decode_optional was assuming optional values were explicitly tagged. Now, only take that behavior if the input class tag was for a context specific tagging. Remove abort call for debugging from BER_Decoder Add a new version of DER_Encoder::encode_if for single objects.
* Add new PBKDF interface that takes a std::chrono::milliseconds andlloyd2012-05-312-82/+79
| | | | | | | | | | | | | | | | | | | | runs the KDF until at least that much time has passed, then returns the number of interations used. New parameter to the PKCS8 encryption routines which tells how long to run the PBKDF. Defaults to 200 milliseconds, which is short enough that it is unlikely to bother anyone but long enough to provide quite reasonable security against cracking attacks. On a Core i7-860, 200 ms with PBKDF2/SHA-1 runs about 180K to 220K iterations (compare with previous default of 10K). New PBE interface, remove new_params/set_key and require all inputs including the passphrase to be passed to the constructor. Drop the PGP S2K as it is pretty weird and not really useful outside of a full PGP implementation. Drop the deprecated PKCS8::encrypt_key and PKCS8::encode functions.
* Some post merge fixups.lloyd2012-05-251-8/+3
| | | | | Fix some bugs that triggered if DEFAULT_BUFFERSIZE was either too small or an odd size.
* Replace 0 and NULL pointer constants with nullptr. Also fix an oldlloyd2012-05-181-2/+2
| | | | style cast in secmem.h
* Fairly huge update that replaces the old secmem types with std::vectorlloyd2012-05-182-7/+7
| | | | | | using a custom allocator. Currently our allocator just does new/delete with a memset before deletion, and the mmap and mlock allocators have been removed.
* Convert the BER/DER coders to use size_t instead of u32bit for smalllloyd2011-02-091-1/+1
| | | | integer values. Update callers.
* Eliminate the constant size_t values in SymmetricAlgorithm that givelloyd2010-10-281-2/+2
| | | | | | | | | | | | | | | | | | | the parameters of the key length. Instead define a new function which returns a simple object which contains this information. This definitely breaks backwards compatability, though only with code that directly manipulates low level objects like BlockCipher*s directly, which is probably relatively rare. Also remove some deprecated accessor functions from lookup.h. It turns out block_size_of and output_size_of are being used in the TLS code; I need to remove them from there before I can delete these entirely. Really that didn't make much sense, because they assumed all implementations of a particular algorithm will have the same specifications, which is definitely not necessarily true, especially WRT key length. It is much safer (and probably simpler) to first retrieve an instance of the actual object you are going to use and then ask it directly.
* s/BLOCK_SIZE/block_size()/lloyd2010-10-131-1/+1
|
* Use size_t in filterslloyd2010-10-122-4/+4
| | | | | This breaks API for anyone creating their own Filter types, but it had to happen eventually.
* More changes to avoid vector to pointer implicit conversionslloyd2010-09-141-1/+1
|
* More vector->pointer conversion removals.lloyd2010-09-131-5/+2
| | | | | | | | | | | Add RandomNumberGenerator::random_vec, which takes an length n and returns a new SecureVector with randomized contents of that size. This nicely covers most of the cases where randomize was being called on a vector, and is a little cleaner in the code as well, instead of vec.resize(length); rng.randomize(&vec[0], vec.size()); we just write vec = rng.random_vec(length);
* Give all Filter objects a method for querying their namelloyd2010-06-282-0/+8
|
* Yet more Doxygen commentslloyd2010-06-162-15/+28
|
* More Doxygen updates/fixeslloyd2010-06-151-2/+2
|
* Increase the iteration count and salt size used for encryptedlloyd2010-06-151-2/+2
| | | | | | | | | | | | | | | | private keys. For the older PBES1, we can only increase the iteration count (from 2048 to 10000); the salt is fixed by the standard to 64 bits. This is probably OK, since PBES1 is also limited to (at best) 64-bit encryption keys and thus is pretty unsafe anyway. For PBES2, increase the iteration count (also 2048 to 10000) and increase the size of the salt from 64 bits to 96 bits. This will only affect keys which are encrypted by a version after this revision.
* Use "/*" instead of "/**" in starting comments at the begining of a file.lloyd2010-06-071-1/+1
| | | | | This caused Doxygen to think this was markup meant for it, which really caused some clutter in the namespace page.
* Modify the S2K interface. Instead of being stateful in terms of the saltlloyd2010-02-011-3/+3
| | | | | | | | | | | and iteration count, force it to be passed to each call to derive_key. So remove current_salt, set_iterations, new_random_salt, and change_salt functions from S2K interface. Update examples and test application to match. While I was in there, change the passhash example to use 64 bit salts and 128 bit PBKDF2 outputs.
* Full working amalgamation build, plus internal-only headers concept.lloyd2009-12-161-7/+0
|
* Rename/remove some secmem member variables for better matching with STLlloyd2009-11-171-2/+2
| | | | | | | | containers (specifically vector). Rename is_empty to empty Remove has_items Rename create to resize
* Remove the 'realname' attribute on all modules and cc/cpu/os info files.lloyd2009-10-291-2/+0
| | | | | Pretty much useless and unused, except for listing the module names in build.h and the short versions totally suffice for that.
* Add a script that reads the output of print_deps.py and rewriteslloyd2009-07-151-6/+13
| | | | | | the info.txt files with the right module dependencies. Apply it across the codebase.
* Thomas Moschny passed along a request from the Fedora packagers which camelloyd2009-03-302-8/+12
| | | | | | | | | | | | | | | up during the Fedora submission review, that each source file include some text about the license. One handy Perl script later and each file now has the line Distributed under the terms of the Botan license after the copyright notices. While I was in there modifying every file anyway, I also stripped out the remainder of the block comments (lots of astericks before and after the text); this is stylistic thing I picked up when I was first learning C++ but in retrospect it is not a good style as the structure makes it harder to modify comments (with the result that comments become fewer, shorter and are less likely to be updated, which are not good things).
* Fix memory leaks in PBE_PKCS5v20 and get_pbelloyd2008-11-122-0/+8
|
* Remove support for provider identifiers from SCAN_Name - it turns out thislloyd2008-11-121-1/+1
| | | | | | | | | | | | was not the right place to keep track of this information. Also modify all Algorithm_Factory constructor functions to take instead of a SCAN_Name a pair of std::strings - the SCAN name and an optional provider name. If a provider is specified, either that provider will be used or the request will fail. Otherwise, the library will attempt best effort, based on user-set algorithm implementation settings (combine with benchmark.h for choosing the fastest implementation at runtime) or if not set, a static ordering (preset in static_provider_weight in prov_weight.cpp, though it would be nice to make this easier to toggle).
* Switch to Algorithm_Factory in PBES2lloyd2008-11-112-80/+82
|
* Remove use of get_s2k in PBES1 and PBES2, since they both always wantedlloyd2008-11-091-5/+8
| | | | | a particular algorithm (PBKDF1 or PBKDF2, resp), only variation is the has function to use.
* Split the last parts of the 'core' modulelloyd2008-11-081-1/+1
| | | | Add some missing info.txts
* Move pbe/pbe_base to pbe/lloyd2008-10-261-1/+1
|
* Add PBKDF1,2 deps to PBES1,2lloyd2008-10-081-0/+1
|
* Revert part of revision b87599ffaee2d8ed2ec7597634413e73e4fb2fd8 thatlloyd2008-10-021-1/+1
| | | | | | | | added a new mandatory parameter of a Library_State& to get_cipher(). Do this so Monotone does not have to special case. Other lookup related functions like retrieve_<type> and add_algorithm() still require a Library_State& however.
* Move oids.h to oid_lookup. Allows for much smaller build by disabling asn1lloyd2008-10-011-4/+5
|
* Move get_pbe from libstate to new pbe_base module (in pbe/)lloyd2008-10-011-2/+1
|
* Expose use of global state in some of the lookup functions, includinglloyd2008-09-291-1/+1
| | | | get_cipher
* Rename all modinfo.txt files to info.txt, since they are all (none) oflloyd2008-09-291-0/+0
| | | | | them modules now. In any case there is no distinction so info.txt seems better.
* New filters module. Add deps for it in some needed areas (codec, pbes)lloyd2008-09-281-0/+5
|
* Compliation fixeslloyd2008-09-281-1/+1
|
* Add missing PBE header and modinfo fileslloyd2008-09-282-0/+55
|
* Modularize PBEs (password-based encryption schemes)lloyd2008-09-281-0/+230