| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
at config time.
|
| |
|
|
| |
already. Reported by Jeremy C. Reed <[email protected]>
|
| |
|
|
| |
Fix build log; copy and paste error.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In ECDSA, this cases should all be caught by the later check that R is
not zero, so I don't believe there is any security danger.
However the GOST 34.10 implementation did not have either check.
Fortunately, the function that extracts the affine X coordinate from
the Jacobian coordinates will throw an exception if the point is at
infinity, so we would not in fact accept invalid signatures, but this
is mostly by luck. And still represents a bit of a DoS potential.
I checked the history, it looks like not checking for zeros at the
start traces back to the original InSiTo code, and I copied the ECDSA
code for GOST without thinking about it too much.
|
| |
|
|
| |
abs(x) < modulus. Also remove unused member variables.
|
| |
|
|
|
|
|
|
|
| |
certificate policies extension, though it's really not supported
at all.
Remove test code from secmem.h
Fix building the examples
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
converting back and forth. This gives a 10 to 20% speedup on a Core
i7. In addition, the CurveGFp no longer contains a Barrett reducer,
saving 3 BigInts worth of memory.
Add a #if'ed out alternative to point multiplication using the
Montgomery ladder technique. It runs in (more or less) constant time,
but rather significantly slower than the 4 bit window technique
currently used.
Tweak the window sizes to match the theoretical optimums.
|
| |
|
|
| |
to the list by William Emmanuel S. Yu <[email protected]>
|
| |
|
|
|
|
| |
Define the Base64_Decoder filter in terms of base64_decode
Don't use locked memory in the hex or base64 filters.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
the low bytes were equal, then the saturating subtraction result in
that byte would be 0 with the high byte containing a non-zero value.
To deal with this, shift and or together the two values into the low
byte.
Add some new tests which check out the SIMD implementation more
carefully, including values that trigger the problem in the earlier
version.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
invokes the build with --cpu=i486 on x86-32.
Add -momit-leaf-frame-pointer to x86 specializations.
Use -march=atom for atom32 as well.
Use -mcpu=cell for Cell PPU - it's not documented, but GCC 4.6 has it.
Remove ancient/untested rs64a support from ppc64
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
working correctly under Clang - the technique for emulating unsigned
compare relied on signed overflow. The new method does not, and works
under GCC, ICC, and Clang. Even better, the compare takes only 2
instructions instead of 4.
Prevent using any of the asm implementations under Clang on x86-32.
All of them crash under Clang 2.9, unclear why.
|
| |
|
|
| |
not well tested.
|
| |
|
|
|
|
|
| |
by GCC.
Add Niagra targets for sparc, and extend/fix the Sun Studio flags for
SPARC64.
|
| |
|
|
|
| |
experimental Debian port), and add aliases for ARM to match the Debian
architectures.
|
| |
|
|
|
|
|
|
|
|
| |
maintainer.
Namespace the headers in /usr/local/include/botan-1.9/botan, so
multiple versions can be installed in parallel.
Down version to 1.9.18 since there are a good number of changes in
this release already.
|
| |
|
|
|
|
|
| |
Fix BigInt::get_substring when length is equal to 32 - an overflow
would cause the mask to be equal to 0 thus producing nothing at all.
Disable CVC by default, it's not ready for prime time in any sense.
|
| |
|
|
| |
consumer/desktop level Atoms are actually 32 bit.
|
| |
|
|
| |
overzealous perl script...
|
| |
|
|
|
|
|
|
| |
currently.
Include the source directory name in object file names.
Add some more DES test vectors.
|
| |
|
|
|
|
|
| |
conditionals to help avoid timing anylsis. Unfortunately GCC is too
smart for us and compiles it to jumps anyway; probably would need to
put the delim search into its own function and pass variables by
volatile pointers to force the compiler to do what we want.
|
| |
|
|
|
|
|
|
|
|
|
| |
and -fvisibility support if the version is too old. You can also turn
them off explicitly with the (hidden) option --without-visibility. We
get the version number from the binary specified with --cc-bin, if the
user set that, rather than from plain 'g++'.
Fix Solaris install - apparently 'install' cmd is broken/dumb.
Fix Ekopath flags for submodels.
|
| |
|
|
|
| |
far as I know this is the first and only real use, or even test, of
botan on the SH, I'll let them pick the names and flags...
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
results are undefined. This happens to work under GCC and most other
compilers, but does not under Visual C++ 2010. This broke hex_encode
when encoding an empty input, and this subsequently broke SSL
handshaking.
2010 includes a TR1 that works fine for SSL, but it puts the headers
in the main header space rather than under tr1/, so account for that.
Hack the socket header into working under WinSock
Tick version to 1.10.0
|
| | |
|
| |
|
|
|
|
|
| |
for Montgomery or multiply/square currently exist and almost ceratainly
won't be added during 1.10
Fix the name for Sun Studio in mp_asm64
|
| |
|
|
| |
support AES-NI.
|
| |
|
|
|
|
|
|
|
| |
right thing for most modern distros, and if someone is using Sun CC on
Linux they probably know if they don't want that.
Record successful Sun Studio 5.10 build, also note that Clang 2.9 also
seems to miscompile SSE2 IDEA. The Clang 2.9 build on FreeBSD did not
have this failure, wonder what happened there.
|
| |
|
|
|
|
| |
Back the reported version from 1.10.0 to 1.9.17 for the time
being. Still on the fence if this will be 1.10.0 or another release
candidate instead.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
will default to the full output file name. That actually worked as
expected when the so was always written as libbotan-1.8.2, but doesn't
anymore since soname does not match the written file. This probably
won't work right on Windows, but I don't have access to Intel C++ on
Windows.
Note good Intel C++ 11.1 build in build log
Note that CPython 2.7 works for configuring the build
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
around a bug in FreeBSD 6.1, which is long EOL.
If we can't figure out the CPU in configure.py, if running
verbosely dump the entire list of CPUs we know about.
Some doc cleanups.
Rename the 'beos' target to 'haiku', since testing shows that
botan can't compile under the old BeOS GCC 2.95 anyway.
Remove the call to idle_time in the stats entropy source - it causes a
crash on Haiku R1-alpha2 somewhere inside a system DLL. I didn't
bother debugging it beyond looking at the backtrace.
Add a 'bepc' alias for i386 as that is what Haiku reports its
processor as.
Fix the install dirs to match Haiku R1, though apparently they will
change in R2 anyway when they add package management.
Enable use of gmtime_r on Haiku.
|
| |
|
|
|
|
|
| |
standardized by NIST; the FPE currently included is just a random one
that was relatively easy to implement. Move the header to fpe_fe1.h,
and rename the function. Update the example and add some documentation
for it.
|
| |
|
|
|
|
| |
Add missing dependency in the SIMD engine that would cause build
failures when using --no-autoload and explicitly requesting a SIMD
algorithm like aes_ssse3 using --enable-modules.
|
| |
|
|
| |
added to the flags here.
|
| |
|
|
|
|
|
| |
disabled under gcc.
Hide asm labels in the x86-32 code; some did not begin with a .L so
they were being exported.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
proper. Enabled using --use-sphinx and --use-doxygen options, both of
which default to false. If Sphinx isn't enabled, the ReST sources are
copied directly (a case where having a very readable source format
comes in handy...)
The reference manual (either Sphinx processed into HTML, or the raw
source) and the Doxygen output (if enabled) are copied into the doc
directory upon install on Unix. Currently not done on Windows, the
install target is fairly bogus there currently, and hasn't been tested
in some time.
|
| |
|
|
|
|
|
|
|
|
| |
Some fixes for the Windows installer config
Remove the SIMD rotate overloads; VC 2010 does not like passing a
__m128i by value, which is required to match the template overload for
the regular rotates. Could change it to a const reference, but I would
worry this would inhibit compiler optimizations. Only used in one
place (Noekeon), so just use the long expressions there.
|
| |
|
|
|
| |
add support for features that it has that apparently the last version
I tested did not, including dynamic loading.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
More documentation updates.
The clean target wasn't removing one of the symlinks.
In the self-test application, warn if the version we are linked
against does not match the version we were built against. This
always indicates a problem. Someone who had an older version
installed on their system got very confused when the test app was
linked against it at runtime; this warning would have saved a
couple hours of puzzling by me. This would also have helped avoid
the nasty bug in 1.8.3
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
and a random number generator, and the other taking a group and a
preset private key value. The DL private keys instead have on
constructor for this; if the x value is zero, then a new random key is
created. For consistency, do this with ECC as well.
ECDH actually didn't have one of these constructors, forcing you to
either load from PKCS #8 or else use a random key.
Rename EC_Domain_Params to EC_Group, with a typedef for compatability.
More doc updates.
Update mtn ignores for Sphinx output
|
| |
|
|
|
|
| |
Reduce size of serial numbers of new certs from 256 to 128 bits;
2**64 certs is _probably_ sufficient, given that it would take hundreds
of exabytes of storage to hold that many certificates. :)
|
| |
|
|
|
| |
around a bug in GCC 4.[456] that prevents compilation when using
optimization and PIC on 32-bit x86.
|
| |
|
|
| |
match the norman Unix conventions.
|
| |
|
|
|
|
| |
Add some comments to help explain what is going on. Also add a
test using 512 blocks; all the existing ones were shorter, so
increment was not being tested at all. :(
|
| |
|
|
| |
doesn't actually care. Move it to examples/socket.h
|
