aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Avoid using std::cout and std::cerr within cli codeJack Lloyd2017-09-025-85/+87
| | | | Prevents redirection using --output and --error-output
* Output errors to cerrJack Lloyd2017-09-021-4/+4
|
* Avoid using <iostream> header within the libraryJack Lloyd2017-09-022-2/+4
| | | | We only need <istream> + <ostream> here
* Clean up fuzzer code a bitJack Lloyd2017-09-025-46/+34
| | | | | If we ever output something to the terminal it should be because we are crashing.
* Merge GH #1179 Support negative base in power_mod closes #1168Jack Lloyd2017-09-023-3/+44
|\
| * Support a negative base in power_modJack Lloyd2017-09-023-3/+44
| | | | | | | | Closes #1168
* | Merge GH #1178 Use botan-ci-tools repo for binaries needed by CIJack Lloyd2017-09-021-11/+14
|\ \ | |/ |/|
| * Fix qemu packageJack Lloyd2017-09-021-1/+1
| | | | | | | | The qemu-user-static package installs them under different names.
| * Use botan-ci-tools repo for packagesJack Lloyd2017-09-021-11/+14
| | | | | | | | | | | | | | | | | | | | | | Largely the goal with that is to reduce dependencies, especially removing www.randombit.net from the critical path for CI. Other marginally related attempts at speeding up CI - Only install qemu-user-static (which should be all we need) instead of the full qemu metapackage. - Avoid running brew update, all we need is ccache and really any version is fine.
* | Add --dump-traces option to tls_serverJack Lloyd2017-09-022-2/+19
| |
* | Add a script for running TLS-Attacker, remove old shell scriptsJack Lloyd2017-09-0215-163/+202
| | | | | | | | [ci skip]
* | Sort isa_extensions lists [ci skip]Simon Warta2017-09-024-14/+11
|/ | | | this removes the duplicate "sha" in x86_64
* Change http://botan.randombit.net to https URIsJack Lloyd2017-09-014-6/+6
| | | | | | Not a big deal since the site already uses HSTS, but whatever. [ci skip]
* Add a CLI util for inspecting TLS client hellosJack Lloyd2017-09-011-0/+111
|
* De-inline accessor functions in Client_Hello typeJack Lloyd2017-09-012-93/+130
| | | | | This class is exposed but the extension types aren't, so calls to these functions from outside the library would not link.
* Fix --error-output= option to cliJack Lloyd2017-09-011-3/+3
| | | | [ci skip]
* Merge GH #1173 Correct TLS signature hash policy checkJack Lloyd2017-09-015-18/+62
|\
| * Don't try enforcing the hash policy for PSK ciphersuitesJack Lloyd2017-09-011-1/+1
| | | | | | | | Since we don't end up signing anything in any case.
| * Enforce signature hash policy properlyJack Lloyd2017-08-315-18/+62
| | | | | | | | | | | | | | | | Previously if the client did not send signature_algorithms, or if it only included algos not in the policy, we would just fallback to the hardcoded SHA-1 default of TLS v1.2 Instead check the policy before accepting anything.
* | Merge GH #1174 Simplify AppVeyor build config closes #1172Jack Lloyd2017-09-011-50/+22
|\ \
| * | Simplifiy AppVeyor config, single debug build on VC2017Jack Lloyd2017-09-011-50/+22
| |/
* / Just skip Sonar build if SONAR_TOKEN is not setJack Lloyd2017-09-011-10/+5
|/ | | | | | This is the case for a PR coming from an external repo [ci skip]
* Rename file to match conventionsJack Lloyd2017-08-311-0/+0
| | | | [ci skip]
* Fix missing virtual destructor on CSP_HandleJack Lloyd2017-08-313-3/+4
| | | | Caught by GCC cross compiling. Also fix a couple 0-as-null warnings.
* Remove python3 dep from cli_testsJack Lloyd2017-08-311-1/+1
| | | | It runs fine under python2
* Simplify RNG logic in CLI a bitJack Lloyd2017-08-312-15/+13
|
* Merge GH #1169 Add LLVM bitcode targetJack Lloyd2017-08-3113-88/+133
|\
| * Work around limitation in old GCC and ClangJack Lloyd2017-08-311-1/+1
| |
| * Add support for fuzzing with KLEEJack Lloyd2017-08-302-2/+18
| | | | | | | | | | | | For the fuzzers, builds an object and then links in a second step, because we need that to link the fuzzer binaries for LLVM. (Clang will emit bitcode for us, but doesn't want to link it.)
| * Add support for LLVM bitcode targetJack Lloyd2017-08-309-17/+34
| |
| * Refactor RNG seeding logic in command line interfaceJack Lloyd2017-08-302-69/+81
| | | | | | | | | | This is needed for LLVM which doesn't have any usable entropy sources. Also useful for determinsitic private key creation, etc.
* | Make shellcheck happyJack Lloyd2017-08-311-6/+0
| | | | | | | | | | I have no idea if an empty if/then/fi block in shell is valid or not but anyway shellcheck doesn't like it so remove it.
* | Fix a few more MSVC warningsJack Lloyd2017-08-313-5/+5
| |
* | Merge GH #1171 Fix various MSVC warningsJack Lloyd2017-08-3142-101/+136
|\ \
| * | More MSVC warnings fixesJack Lloyd2017-08-3115-25/+34
| | |
| * | Fix various MSVC warningsJack Lloyd2017-08-3128-76/+102
| |/ | | | | | | Based on VC2017 output
* | Avoid variable overwriteJack Lloyd2017-08-311-7/+7
| | | | | | | | I hate (and always forget) how Python list comprehensions leak the iteration variable.
* | Ensure --unsafe-fuzzer-mode buildsJack Lloyd2017-08-311-0/+2
| |
* | Some attempts at speeding up CIJack Lloyd2017-08-312-11/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | First do amalgamation build on static instead of shared build. This is arbitrary, except that we do 3 shared builds, and only one static lib build, and the amalgamation kind of screws up ccache. Also avoid installing LZMA or Python3 on OS X. Just running Homebrew to install turns out to be significantly more expensive than either building the library or running the tests (!). Removes the workaround for homebrew #42553 because apparently it is fixed now.
* | Use multiprocessing in the fuzzer test scriptJack Lloyd2017-08-311-29/+37
|/ | | | Improved performance from ~48 seconds to ~10 seconds on my machine.
* Slight cleanup in Curve25519_PrivateKey constructorJack Lloyd2017-08-291-8/+6
|
* Remove unused includeJack Lloyd2017-08-291-1/+0
|
* Avoid having variable named m_emsa twice in class hierarchyJack Lloyd2017-08-292-8/+16
| | | | | | | | In fact the variable was only used if we use deterministic nonces, and just to extract the hash name. So just do that once, and only if we are not using random nonces. Flagged by Sonar
* Fix a valgrind const-time error in ISO 9796 paddingJack Lloyd2017-08-291-2/+7
| | | | It didn't unpoison the output values.
* Try to get Sonar to look at header filesJack Lloyd2017-08-291-1/+2
|
* Avoid false positive valgrind in TLS CBC decryptionJack Lloyd2017-08-291-2/+2
| | | | | | We poisoned the record before decrypting it, which caused failures with Camellia ciphersuites (or AES, on platforms that use T-tables). Instead poison it right after decrypting.
* Revert f16c3df4fc4edJack Lloyd2017-08-291-1/+1
| | | | Substantially more work required to get Sonar to report coverage
* Seems Sonar wants coverage infoJack Lloyd2017-08-291-1/+1
|
* For cross builds, build everything but test only a limited subsetJack Lloyd2017-08-291-6/+13
| | | | | | | | | Problem is running everything under qemu takes too long. But compiling everything will help catch some issues, and then we just restrict tests to those that complete quickly and/or are very important and/or excercise system specific code. Also add -j flag to make, got lost at some point.
* Avoid math on booleansJack Lloyd2017-08-291-3/+3
| | | | Sonar find