| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
echo -n does not work on (at least) Solaris 10 and MacOS X, while printf
will do the right thing and is available at least as far back as 4.2 BSD
(and as a policy, I'm not interested in supporting Unix distros that shipped
before I was born).
Patch from Markus Wanner.
|
|
|
|
|
|
|
|
|
|
| |
we call stat. Apparently on 32-bit Linux (or at least on Ubuntu
8.04/x86), struct stat has some padding bytes, which are not
written to by the syscall, but valgrind doesn't realize that this
is OK, and warns about uninitialized memory access when we read
the contents of the struct. Since this data is then fed into the
PRNG, the PRNG state and output becomes tainted, which makes
valgrind's output rather useless.
|
|
|
|
|
|
|
|
|
|
| |
occur because PKCS #5 v2.0 doesn't support empty passphrases (though
maybe it should?). In this case pbe->set_key would throw an exception,
causing the stack to be unwound without the (dynamically created) PBE
object being deleted. Use auto_ptr to hold the PBE*, then .release()
it when passing it to the Pipe (since Pipe takes ownership of its Filters).
Noticed when looking at valgrind analysis of monotone's sync command.
|
|
|
|
| |
since it is relevant to the implementation.
|
|
|
|
| |
in the header.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
on Solaris 10 with GCC 3.4.3.
First, remove the definition of _XOPEN_SOURCE_EXTENDED=1 in mmap_mem.cpp
and unix_cmd.cpp, because apparently on Solaris defining this macro breaks
C++ compilation entirely with GCC:
http://bugs.opensolaris.org/bugdatabase/view_bug.do?bug_id=6395191
In es_egd.cpp and es_dev.cpp, include <fcntl.h> to get the declaration of
open(), which is apparently where open(2) lives on Solaris - this matches
the include the *BSD man pages for open(2) show, though AFAIK the BSDs
all compiled fine without it (probably due to greater efforts to be
source-compatible with Linux systems by *BSD developers).
I have not been able to test these changes personally on Solaris but
Rickard reports that with these changes everything compiles OK.
Update lib version to 1.8.0-pre. ZOMG. Finally.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
add a digest identifier. This was a feature requested on the mailing list.
Apparently this scheme is called CKM_RSA_PKCS in PKCS #11, and is supported
by a number of libraries, including QCA.
|
|
|
|
| |
signature padding schemes.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a discrepency between OpenSSL and Botan when generating SHA-512/EMSA3
signatures. In fact it turns out that the EMSA3 identifier for SHA-512
contained a typo and was incorrect.
Unfortunately this means that SHA-512/EMSA3 signatures generated by
Botan up until now will not be accepted by other implementations, and
the signatures by other implementations would not be accepted by Botan.
Currently I am not making any provision for backwards compatability with
the old incorrect hash identifier, since I am assuming/guessing that
SHA-512/EMSA3 is not a very common combination.
|
| |
|
|
|
|
|
| |
just continue on instead of returning the length of the buffer recv'ed
from EGD.
|
|
|
|
|
|
| |
Backtrace is deep inside EVP. Valgrind says it is writing after the end of
the allocated buffer. Other ciphers (all 64-bit blocks) are fine. I do not
know if the problem is 64/128 bit or some other reason.
|
| |
|
|
|
|
| |
avoid a potential integer overflow in the multiplication. Fixes bugid 27
|
|
|
|
|
|
|
| |
because that totally breaks with static libs. OTOH, not using the version
number totally breaks if more than one version is installed.
Kind of a tradeoff...
|
| |
|
|
|
|
|
| |
anonymous namespace (in particular this should prevent Doxygen for
generating documentation about the v4si union declared there).
|
|
|
|
|
|
| |
than the value we gave it. This is pretty unlikely... also caused an
annoying warning with some versions of GCC b/c it couldn't figure out
the signed/unsigned comparison was safe in this case.
|
| |
|
|
|
|
|
| |
entropy source will realistically be able to provide even 768 bits of entropy,
so this is probably overkill even still.
|
|
|
|
|
|
|
| |
tries to get an amount cooresponding with the size of the output buffer,
specifically 128 times the output size. So, assuming we have enough working
sources, each output byte will be the XOR of (at least) 128 bytes of text
from the output programs. (Though RLE may reduce that somewhat)
|
|
|
|
| |
dependency on libstate.h
|
| |
|
|
|
|
| |
pollers that grab basic statistical data to 32 bytes.
|
|
|
|
|
| |
zero bytes, etc (relatively common, especially with the statistical
pollers that use xor_into_buf) are removed. Counters wrap at 256.
|
| |
|
| |
|
|
|
|
|
| |
and use xor_into_buf. Completely untested, though it looks clean besides
missing the BeOS headers+funcs if I try to compile on Linux.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
xoring integer values in.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a Buffered_EntropySource. Data used in the poll is directly accumulated
into the output buffer using XOR, wrapping around as needed. The
implementation uses xor_into_buf from xor_buf.h
This is simpler and more convincingly secure than the method used
by Buffered_EntropySource. In particular the collected data is persisted
in the buffer there much longer than needed. It is also much harder for
entropy sources to signal errors or a failure to collected data using
Buffered_EntropySource. And, with the simple xor_into_buf function, it
is actually quite easy to remove without major changes.
|
|
|
|
| |
randomness data after the contents have been fed into the MAC.
|
| |
|
|
|
|
|
| |
a random segfault (always inside an SSE2 intrinsic). Did not investigate
much beyond that. Worth looking into since it seemed worth another 1% or so.
|
|
|
|
|
| |
blocks as input (and can overlap computations from one block to another -
very nice). Reimport that original version and use it.
|
|
|
|
|
| |
the registers only once and carrying the values over between loop
iterations.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
to have been so! Change MDx_HashFunction::hash to a new compress_n
which hashes an arbitrary number of blocks. I had a thought this might
reduce a bit of loop overhead but the results were far better than I
anticipated. Speedup across the board of about 2%, and very
noticable (+10%) increases for MD4 and Tiger (probably b/c both
of those have so few instructions in each iteration of the
compression function).
Before:
SHA-1:
amd64: 211.9 MiB/s
core: 210.0 MiB/s
sse2: 295.2 MiB/s
MD4: 476.2 MiB/s
MD5: 355.2 MiB/s
SHA-256: 99.8 MiB/s
SHA-512: 151.4 MiB/s
RIPEMD-128: 326.9 MiB/s
RIPEMD-160: 225.1 MiB/s
Tiger: 214.8 MiB/s
Whirlpool: 38.4 MiB/s
After:
SHA-1:
amd64: 215.6 MiB/s
core: 213.8 MiB/s
sse2: 299.9 MiB/s
MD4: 528.4 MiB/s
MD5: 368.8 MiB/s
SHA-256: 103.9 MiB/s
SHA-512: 156.8 MiB/s
RIPEMD-128: 334.8 MiB/s
RIPEMD-160: 229.7 MiB/s
Tiger: 240.7 MiB/s
Whirlpool: 38.6 MiB/s
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
was too slow, it was noticably slowing down AutoSeeded_RNG. Reduce the
amount of output gathered to 32 times the size of the output buffer,
and instead of using Buffered_EntropySource, just xor the read file
data directly into the output buffer. Read up to 4096 bytes per file, but
only count the first 128 towards the total goal (/proc/config.gz being
a major culprit - large, random looking, and entirely or almost static).
|