| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
requirement is that OIDS for "<cipher>/CBC" and "HMAC(<hash>)" are
defined. This does assume the normal parameter set of just the IV, so
doesn't work right for (IIRC) RC5, but we don't have an OID set for
RC5/CBC anyway. Continue to default to SHA-1 plus AES-256 as prior
versions of the library can't handle any hashes other than SHA-1 or
any ciphers other than AES or DES. OpenSSL 1.0.0j seems to understand
SHA-256 + AES-256, though.
BER_Decoder::decode_optional was assuming optional values were
explicitly tagged. Now, only take that behavior if the input class tag
was for a context specific tagging.
Remove abort call for debugging from BER_Decoder
Add a new version of DER_Encoder::encode_if for single objects.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
runs the KDF until at least that much time has passed, then returns
the number of interations used.
New parameter to the PKCS8 encryption routines which tells how long to
run the PBKDF. Defaults to 200 milliseconds, which is short enough
that it is unlikely to bother anyone but long enough to provide quite
reasonable security against cracking attacks. On a Core i7-860, 200
ms with PBKDF2/SHA-1 runs about 180K to 220K iterations (compare with
previous default of 10K).
New PBE interface, remove new_params/set_key and require all inputs
including the passphrase to be passed to the constructor.
Drop the PGP S2K as it is pretty weird and not really useful outside
of a full PGP implementation.
Drop the deprecated PKCS8::encrypt_key and PKCS8::encode functions.
|
|
|
|
|
| |
Fix some bugs that triggered if DEFAULT_BUFFERSIZE was either too
small or an odd size.
|
|
|
|
| |
style cast in secmem.h
|
|
|
|
|
|
| |
using a custom allocator. Currently our allocator just does new/delete
with a memset before deletion, and the mmap and mlock allocators have
been removed.
|
|
|
|
| |
integer values. Update callers.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the parameters of the key length. Instead define a new function which
returns a simple object which contains this information.
This definitely breaks backwards compatability, though only with code
that directly manipulates low level objects like BlockCipher*s
directly, which is probably relatively rare.
Also remove some deprecated accessor functions from lookup.h. It turns
out block_size_of and output_size_of are being used in the TLS code; I
need to remove them from there before I can delete these entirely.
Really that didn't make much sense, because they assumed all
implementations of a particular algorithm will have the same
specifications, which is definitely not necessarily true, especially
WRT key length. It is much safer (and probably simpler) to first
retrieve an instance of the actual object you are going to use and
then ask it directly.
|
| |
|
|
|
|
|
| |
This breaks API for anyone creating their own Filter types, but it had
to happen eventually.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Add RandomNumberGenerator::random_vec, which takes an length n and
returns a new SecureVector with randomized contents of that size. This
nicely covers most of the cases where randomize was being called on a
vector, and is a little cleaner in the code as well, instead of
vec.resize(length);
rng.randomize(&vec[0], vec.size());
we just write
vec = rng.random_vec(length);
|
| |
|
| |
|
| |
|
| |
|
|\
| |
| |
| | |
and 'cf2b4d27dda134f49f065face1da51645bfbde57'
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
private keys.
For the older PBES1, we can only increase the iteration
count (from 2048 to 10000); the salt is fixed by the standard to
64 bits. This is probably OK, since PBES1 is also limited to
(at best) 64-bit encryption keys and thus is pretty unsafe
anyway.
For PBES2, increase the iteration count (also 2048 to 10000) and
increase the size of the salt from 64 bits to 96 bits.
This will only affect keys which are encrypted by a version after
this revision.
|
|/ |
|
|
|
|
|
| |
This caused Doxygen to think this was markup meant for it, which really
caused some clutter in the namespace page.
|
|
|
|
|
|
|
|
|
|
|
| |
and iteration count, force it to be passed to each call to derive_key.
So remove current_salt, set_iterations, new_random_salt, and change_salt
functions from S2K interface.
Update examples and test application to match.
While I was in there, change the passhash example to use 64 bit salts
and 128 bit PBKDF2 outputs.
|
| |
|
|
|
|
|
|
|
|
| |
containers (specifically vector).
Rename is_empty to empty
Remove has_items
Rename create to resize
|
|
|
|
|
| |
Pretty much useless and unused, except for listing the module names in
build.h and the short versions totally suffice for that.
|
|
|
|
|
|
| |
the info.txt files with the right module dependencies.
Apply it across the codebase.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
up during the Fedora submission review, that each source file include some
text about the license. One handy Perl script later and each file now has
the line
Distributed under the terms of the Botan license
after the copyright notices.
While I was in there modifying every file anyway, I also stripped out the
remainder of the block comments (lots of astericks before and after the
text); this is stylistic thing I picked up when I was first learning C++
but in retrospect it is not a good style as the structure makes it harder
to modify comments (with the result that comments become fewer, shorter and
are less likely to be updated, which are not good things).
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
was not the right place to keep track of this information. Also modify
all Algorithm_Factory constructor functions to take instead of a SCAN_Name
a pair of std::strings - the SCAN name and an optional provider name. If
a provider is specified, either that provider will be used or the request
will fail. Otherwise, the library will attempt best effort, based on
user-set algorithm implementation settings (combine with benchmark.h for
choosing the fastest implementation at runtime) or if not set, a static
ordering (preset in static_provider_weight in prov_weight.cpp, though it
would be nice to make this easier to toggle).
|
|
|
|
| |
this allows provider preferences to be passed down to sub-algorithms.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
a particular algorithm (PBKDF1 or PBKDF2, resp), only variation is the has
function to use.
|
|
|
|
| |
Add some missing info.txts
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
added a new mandatory parameter of a Library_State& to get_cipher().
Do this so Monotone does not have to special case.
Other lookup related functions like retrieve_<type> and add_algorithm()
still require a Library_State& however.
|
| |
|
| |
|
| |
|
|
|
|
| |
get_cipher
|
|
|
|
|
| |
them modules now. In any case there is no distinction so info.txt seems
better.
|