aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Add ChaCha20Poly1305 TLS ciphersuites compatible with Google's implementationlloyd2014-12-318-116/+136
|
* Add helper and update commentlloyd2014-12-311-2/+8
|
* Support the older ChaCha20Poly1305 AEAD from draft-agl-tls-chacha20poly1305-04lloyd2014-12-313-10/+42
| | | | | which we distinguish by the nonce size (always 64 bits in this format, always 96 bits in the CFRG document).
* Fix one past the end write in Poly1305 finishlloyd2014-12-311-1/+1
|
* Decruftlloyd2014-12-312-15/+1
|
* Add AEAD based on ChaCha20 and Poly1305 defined in ↵lloyd2014-12-295-0/+259
| | | | draft-irtf-cfrg-chacha20-poly1305-03
* Add Poly1305, based on poly1305-donna by Andrew Moon.lloyd2014-12-299-11/+621
|
* Support 96 bit nonces in ChaCha20 as specified in ↵lloyd2014-12-293-3/+21
| | | | draft-irtf-cfrg-chacha20-poly1305-03
* All tests now share an RNG. Uses system RNG if availablelloyd2014-12-2823-53/+65
|
* Provide a test reportlloyd2014-12-271-0/+2
|
* When encrypting McEliece or Curve25519 keys, default to GCM instead of CBC.lloyd2014-12-273-11/+22
| | | | Add OIDS for OCB mode with various ciphers.
* Add Curve25519 based on curve25519-donna by Adam Langley.lloyd2014-12-2713-0/+1015
| | | | | | This uses only the c64 version from curve25519-donna; on systems that don't have a native uint128_t type, a donna128 type stands in for just enough 128-bit operations to satisfy donna.cpp
* Fix header guards for amalgamation (github issue 35)lloyd2014-12-224-31/+31
|
* Printing too earlylloyd2014-12-221-4/+4
|
* Fix a couple things pointed out by VC++ warnings.lloyd2014-12-222-8/+3
|
* Remove obsolete examplelloyd2014-12-221-103/+0
|
* Fix System_RNG for Windows, fix nmake clean targetlloyd2014-12-222-3/+3
|
* Enable system_rng on Windows and MinGW (untested)lloyd2014-12-215-5/+17
|
* Stack protector flags are required also at link time, at least on MinGWlloyd2014-12-211-3/+3
| | | | Github issue 34
* Always need boost_system in cmdline due to asiolloyd2014-12-201-1/+1
|
* Add abstract database interface so applications can easily store infolloyd2014-12-2012-311/+443
| | | | | | in places other than sqlite3, though sqlite3 remains the only implementation. The interface is currently limited to precisely the functionality the TLS session manager needs and will likely expand.
* Correct commentlloyd2014-12-181-2/+2
|
* Add MinGW support for the CryptoAPI RNG. Also disable the dependencieslloyd2014-12-174-10/+3
| | | | | | | | in auto_rng for a working entropy source as in situations where it doesn't work almost none of the library builds. Disable boost by default from the library. Github issue 34. Unrelated - remove long dead Tru64 as a target.
* New download directory structure.lloyd2014-12-171-5/+5
| | | | Point users at github issues instead of bugzilla.
* In OpenSSL engine drop support for public key operations. These PK ops just calllloyd2014-12-176-588/+0
| | | | | BN directly and so don't get the benefit of side channel protections in either OpenSSL's or Botan's implementations of the algorithms.
* Fix missing dependency in filters (Github pull 33 from tiwoc)lloyd2014-12-131-0/+1
|
* Don't crash if /usr/share/ca-certificates doesn't existlloyd2014-12-101-1/+5
|
* Remove debug printlloyd2014-12-101-2/+0
|
* Implement RFC 6979 determinstic signatures for DSA and ECDSA.lloyd2014-12-1027-909/+322
| | | | | Drop the GNU MP engine. Its implementations were potentially faster in some scenarios but not well protected against side channels.
* Switch to using Montgomery ladder for EC point multiplication.lloyd2014-12-102-103/+79
| | | | | The test function create_random_point did not actually create a point on the curve - fix.
* Implement a strength estimator for McEliece keys based on HyMES versionlloyd2014-12-096-15/+125
|
* Figure out which decompressor to use based on the input file extension.lloyd2014-12-098-72/+123
| | | | | | | | Rename Bzip to Bzip2, and split Zlib and Deflate compressors into two completely distinct types rather than using a bool flag to the Zlib constructor. Ignore null pointers to our free implementation (LZMA does this).
* Cleanup for pbe name parsing in PKCS #8 encoderlloyd2014-12-082-16/+26
|
* Add a basic speed test for McEliecelloyd2014-12-082-0/+81
|
* Remove the Overbeck conversion at Dr. Strenzke's request.lloyd2014-12-064-328/+25
| | | | | | | | While a CCA2 proof of this scheme exists, it is written in German and for various reasons publishing a translation would be a complicated affair. Without a (well studied) English proof it is harder to understand the security of the overall scheme. Thus only KEM, which seems much easier to prove, will be offered.
* Add KEM scheme for McEliecefstrenzke2014-12-064-21/+179
|
* Nullptr cleanuplloyd2014-12-061-1/+1
|
* Untested support for using CryptGenRandom in System_RNGlloyd2014-12-061-0/+32
|
* Combine release notes into single text file on installlloyd2014-12-062-12/+38
|
* Add an easy way to directly use the system PRNG.lloyd2014-12-024-0/+125
|
* Handle repeated installs into the same dir.lloyd2014-12-021-0/+32
| | | | Format and install the license text.
* GCC 4.9 fixeslloyd2014-12-022-1/+3
|
* Add OIDs for Twofish, Serpent, and McEliecelloyd2014-11-291-0/+4
|
* Move all PK workfactor esstimators to workfactors.*lloyd2014-11-295-5/+33
|
* Fix Windows build. Github issue 32lloyd2014-11-263-7/+4
|
* Add an implementation of McEliece encryption based on HyMESfstrenzke2014-11-2626-13/+3634
| | | | | | | (https://www.rocq.inria.fr/secret/CBCrypto/index.php?pg=hymes). The original version is LGPL but cryptsource GmbH has secured permission to release it under a BSD license. Also includes the Overbeck CCA2 message encoding scheme.
* On Windows fs::path::native() is a u16 stringlloyd2014-11-221-1/+1
|
* Cleanup PBES2 and add GCM supportlloyd2014-11-1912-468/+267
|
* Remove use of filters/pipelloyd2014-11-192-25/+13
|
* Add gzip compression transform and compress command line prog.lloyd2014-11-199-76/+256
|