aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* In EMSA3_Raw::raw_data, clear message buffer (reset) before returninglloyd2008-11-281-1/+3
|
* Allow asking for EMSA3(Raw) in get_emsa (returning a new EMSA3_Raw object)lloyd2008-11-281-0/+4
|
* Add a variant of EMSA3 called EMSA3_Raw which does not hash the data orlloyd2008-11-282-46/+123
| | | | | | | add a digest identifier. This was a feature requested on the mailing list. Apparently this scheme is called CKM_RSA_PKCS in PKCS #11, and is supported by a number of libraries, including QCA.
* Add SHA-224 hash ids for EMSA2/X9.31 and EMSA3/PKCS #1 v1.5 public keylloyd2008-11-281-3/+14
| | | | signature padding schemes.
* Rickard Bondesson reported on the mailing list that he had noticedlloyd2008-11-281-11/+13
| | | | | | | | | | | | | | a discrepency between OpenSSL and Botan when generating SHA-512/EMSA3 signatures. In fact it turns out that the EMSA3 identifier for SHA-512 contained a typo and was incorrect. Unfortunately this means that SHA-512/EMSA3 signatures generated by Botan up until now will not be accepted by other implementations, and the signatures by other implementations would not be accepted by Botan. Currently I am not making any provision for backwards compatability with the old incorrect hash identifier, since I am assuming/guessing that SHA-512/EMSA3 is not a very common combination.
* Add Doxygen comment for Timer::clock. Fix @return in benchmark.h and x509_ca.hlloyd2008-11-253-2/+6
|
* If the read succeceed in EGD_EntropySource::slow_poll, the loop wouldlloyd2008-11-251-0/+2
| | | | | just continue on instead of returning the length of the buffer recv'ed from EGD.
* Disable using OpenSSL's AES - it is causing crashes for an unknown reason.lloyd2008-11-241-0/+6
| | | | | | Backtrace is deep inside EVP. Valgrind says it is writing after the end of the allocated buffer. Other ciphers (all 64-bit blocks) are fine. I do not know if the problem is 64/128 bit or some other reason.
* Fix a roundoff error in the block cipher benchmarkslloyd2008-11-241-16/+17
|
* In Pooling_Allocator::get_more_core, limit in_bytes to at most 1 MiB tolloyd2008-11-242-3/+4
| | | | avoid a potential integer overflow in the multiplication. Fixes bugid 27
* In pkg-config, don't link against a specific version number (eg -lbotan-1.8.0)lloyd2008-11-241-1/+1
| | | | | | | because that totally breaks with static libs. OTOH, not using the version number totally breaks if more than one version is installed. Kind of a tradeoff...
* Make X509_Store::CRL_Info public for IBM XLC 0.9 for Celllloyd2008-11-241-10/+14
|
* Wrap code and struct definitions internal to sha1_sse2_imp.cpp in anlloyd2008-11-241-0/+4
| | | | | anonymous namespace (in particular this should prevent Doxygen for generating documentation about the v4si union declared there).
* In es_ftw, remove check for if the return value of read() is largerlloyd2008-11-241-1/+1
| | | | | | than the value we gave it. This is pretty unlikely... also caused an annoying warning with some versions of GCC b/c it couldn't figure out the signed/unsigned comparison was safe in this case.
* Modify es_ftw to use xor_into_buflloyd2008-11-231-4/+4
|
* Reduce size of I/O buffer in HMAC_RNG from 128 to 96 bytes. Unlikely that anylloyd2008-11-231-1/+1
| | | | | entropy source will realistically be able to provide even 768 bits of entropy, so this is probably overkill even still.
* Previously es_unix would always try to get 16K, then return. Now itlloyd2008-11-231-4/+3
| | | | | | | tries to get an amount cooresponding with the size of the output buffer, specifically 128 times the output size. So, assuming we have enough working sources, each output byte will be the XOR of (at least) 128 bytes of text from the output programs. (Though RLE may reduce that somewhat)
* Add an Algorithm_Factory& argument to Engine::get_cipher to avoid alloyd2008-11-234-8/+13
| | | | dependency on libstate.h
* Remove openssl/gnump engine dep on libstate, no longer a deplloyd2008-11-232-8/+0
|
* Limit the output size of fast polls by the BeOS, Unix, and Win32 entropylloyd2008-11-233-0/+3
| | | | pollers that grab basic statistical data to 32 bytes.
* Use a simple run length encoding in xor_into_buf, so long blocks of spaces,lloyd2008-11-232-3/+22
| | | | | zero bytes, etc (relatively common, especially with the statistical pollers that use xor_into_buf) are removed. Counters wrap at 256.
* Compile fixlloyd2008-11-231-2/+2
|
* Remove now unused buf_es modulelloyd2008-11-233-134/+0
|
* Update BeOS entropy poller to also derive directly from EntropySourcelloyd2008-11-233-35/+46
| | | | | and use xor_into_buf. Completely untested, though it looks clean besides missing the BeOS headers+funcs if I try to compile on Linux.
* Fix return types in declarationlloyd2008-11-231-2/+3
|
* Convert Win32 stats polling entropy source to use xor_into_buf. Untested.lloyd2008-11-233-44/+59
|
* Fix indexing of ids array. Don't zeroize stat/rusage bufs before uselloyd2008-11-231-8/+4
|
* Use template version of xor_into_buf wherever useful in es_unix.cpplloyd2008-11-231-3/+3
|
* Pass by const reference so larger structs can be used with xor_into_buf templatelloyd2008-11-231-1/+1
|
* Use template version of xor_into_buf in es_unixlloyd2008-11-231-1/+1
|
* Move xor_into_buf to xor_buf.cpp. Also add a new template wrapper forlloyd2008-11-233-10/+39
| | | | xoring integer values in.
* Change unix_procs entropy source to be a plain EntropySource instead oflloyd2008-11-233-24/+47
| | | | | | | | | | | | | a Buffered_EntropySource. Data used in the poll is directly accumulated into the output buffer using XOR, wrapping around as needed. The implementation uses xor_into_buf from xor_buf.h This is simpler and more convincingly secure than the method used by Buffered_EntropySource. In particular the collected data is persisted in the buffer there much longer than needed. It is also much harder for entropy sources to signal errors or a failure to collected data using Buffered_EntropySource. And, with the simple xor_into_buf function, it is actually quite easy to remove without major changes.
* In Randpool and HMAC_RNG, zeroize the I/O buffer used for holding polledlloyd2008-11-232-0/+5
| | | | randomness data after the contents have been fed into the MAC.
* Add xor_into_buf. Add Doxygen comments for xor_buflloyd2008-11-231-10/+32
|
* Revert change that added multiblock support to SSE2 SHA-1. Was causinglloyd2008-11-233-206/+183
| | | | | a random segfault (always inside an SSE2 intrinsic). Did not investigate much beyond that. Worth looking into since it seemed worth another 1% or so.
* Dean Gaudet's original version of the SHA-1 SSE2 code supported multiplelloyd2008-11-233-183/+206
| | | | | blocks as input (and can overlap computations from one block to another - very nice). Reimport that original version and use it.
* Do a minor optimization in some of the compression functions, loadinglloyd2008-11-237-121/+145
| | | | | the registers only once and carrying the values over between loop iterations.
* Update SHA1_IA32 to use compress_nlloyd2008-11-231-2/+6
|
* I had not anticipated this being really worthwhile, but it turns outlloyd2008-11-2333-746/+876
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | to have been so! Change MDx_HashFunction::hash to a new compress_n which hashes an arbitrary number of blocks. I had a thought this might reduce a bit of loop overhead but the results were far better than I anticipated. Speedup across the board of about 2%, and very noticable (+10%) increases for MD4 and Tiger (probably b/c both of those have so few instructions in each iteration of the compression function). Before: SHA-1: amd64: 211.9 MiB/s core: 210.0 MiB/s sse2: 295.2 MiB/s MD4: 476.2 MiB/s MD5: 355.2 MiB/s SHA-256: 99.8 MiB/s SHA-512: 151.4 MiB/s RIPEMD-128: 326.9 MiB/s RIPEMD-160: 225.1 MiB/s Tiger: 214.8 MiB/s Whirlpool: 38.4 MiB/s After: SHA-1: amd64: 215.6 MiB/s core: 213.8 MiB/s sse2: 299.9 MiB/s MD4: 528.4 MiB/s MD5: 368.8 MiB/s SHA-256: 103.9 MiB/s SHA-512: 156.8 MiB/s RIPEMD-128: 334.8 MiB/s RIPEMD-160: 229.7 MiB/s Tiger: 240.7 MiB/s Whirlpool: 38.6 MiB/s
* Fix integer overflow in benchmarslloyd2008-11-231-4/+4
|
* Remove dep on buf_es in proc_walk info.txtlloyd2008-11-211-4/+0
|
* Fix poorly named functionlloyd2008-11-211-6/+6
|
* Last minute es_ftw optimizations / logic changes. Performance of seedinglloyd2008-11-212-35/+27
| | | | | | | | | was too slow, it was noticably slowing down AutoSeeded_RNG. Reduce the amount of output gathered to 32 times the size of the output buffer, and instead of using Buffered_EntropySource, just xor the read file data directly into the output buffer. Read up to 4096 bytes per file, but only count the first 128 towards the total goal (/proc/config.gz being a major culprit - large, random looking, and entirely or almost static).
* Remove debug printflloyd2008-11-211-1/+0
|
* Cache socket descriptors in EGD entropy source, instead of creating each polllloyd2008-11-212-50/+97
|
* Avoid a potential 32-bit overflow in Timer::combine_timers by promotinglloyd2008-11-211-2/+4
| | | | to 64 bit values before doing multiplication.
* Mention ANSI clock seems pretty bogus for benchmarkinglloyd2008-11-211-0/+3
|
* Add comment showing likely future API for multi-block encryption in BlockCipherlloyd2008-11-211-0/+6
|
* Move MISTY1 tables from mist_tab.cpp to misty1.cpp - pretty smalllloyd2008-11-214-118/+106
|
* Make Timer a pure virtual interface and add a new subclass ANSI_Clock_Timerlloyd2008-11-212-31/+40
| | | | | which uses the ANSI/ISO clock function (previously this had been the Timer::clock default implementation).
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-27 11:18:20 +0000