aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Merge GH #1053 Fix path length constraint checking (GH #991)Jack Lloyd2017-05-2114-5/+310
|\
| * fix pathLenConstraint validationDaniel Neus2017-05-1914-5/+310
| | | | | | | | | | | | | | | | | | | | | | Fixes GH #991 The problem with the current implementation of the chain validation code is that is runs from the end certificate to the trust cert. @securitykernel and me tried to fix the pathLenConstraint validation within this reverse loop but we were not sure if we missed some edge cases. So we felt safer to use the algorithm listed in RFC 5280 which executes from the top to the bottom. It's probably best to rewrite the code to use the whole algorithm from RFC 5280, i.e. validating the chain from the trust to the end cert. Additionally, we wrote some tests including the one that raised this issue initially.
* | Fix warningsJack Lloyd2017-05-192-3/+3
| |
* | Fixes for MSVC version detectionJack Lloyd2017-05-191-1/+1
| | | | | | | | | | See comments in https://github.com/randombit/botan/commit/7f019174bfcf3c2b31bda74fe40ce35727db1cef
* | Merge GH #826 Add support for Intel SHA instructionsJack Lloyd2017-05-1913-2/+485
|\ \
| * | Set minimum compiler versions for SHA intrinsicsJack Lloyd2017-05-192-0/+12
| | |
| * | Add support for Intel SHA-1/SHA-2 instructionsJack Lloyd2017-05-1913-2/+473
| | | | | | | | | | | | Based on GH #807 and #808
* | | Add SM3 OIDs and PKCSv1.5 hash prefixJack Lloyd2017-05-193-1/+16
|/ /
* | Merge GH #359 Add botan cli encryption toolJack Lloyd2017-05-194-0/+355
|\ \
| * | Fix 3 space indentSimon Warta2017-04-181-4/+4
| | |
| * | Add BOTAN_HAS_AEAD_MODES requirement for encryption cliSimon Warta2017-04-182-2/+2
| | |
| * | Run cli tests on TravisSimon Warta2017-04-181-0/+7
| | |
| * | Some linting cleanups for cli_tests.pySimon Warta2017-04-181-6/+6
| | |
| * | Update registration format of "encryption" cli commandSimon Warta2017-04-181-2/+2
| | |
| * | Add more ciphersSimon Warta2017-04-182-13/+71
| | |
| * | Fix whitespace errorsSimon Warta2017-04-182-3/+3
| | |
| * | Fix bug in vecparser: member must not be staticSimon Warta2017-04-181-2/+1
| | |
| * | Adapt cli command encryption to new cli interfaceSimon Warta2017-04-181-37/+42
| | |
| * | Add botan encryption cli appSimon Warta2017-04-183-0/+286
| | |
* | | Merge GH #1052 Add build-time compiler detectionJack Lloyd2017-05-191-3/+3
|\ \ \
| * | | Let modules specify minimum compiler version, add runtime compiler version checkJack Lloyd2017-05-181-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This comes up recently to support CPU extensions by Intel (#826) and ARM (#844) since the intrinsic functions were only added in compiler versions more recent than the minimums we generally support, but might actually be useful for all kinds of things in the future since one can add a (new, otherwise optional) C++14 or C++17 module in 2.x branch while continuing to support the current set of supported compiler versions for the main library functionality. Uses RDSEED as the test case, to ensure version detection/comparisons work on all platforms.
* | | | Merge GH #1051 Extensions for PKCSv1.5 signature formattingJack Lloyd2017-05-198-5/+96
|\ \ \ \
| * | | | Accept SHA1 and SHA-1 as aliases for hash_idJack Lloyd2017-05-181-2/+3
| | | | |
| * | | | Add botan_pkcs_hash_id to FFIJack Lloyd2017-05-187-3/+93
| | |_|/ | |/| | | | | | | | | | | | | | | | | | Extend EMSA_PKCS1v15_Raw to optionally take a hash function for which the PKCS hash id is prefixed to the message as usual. This allows signing a message using PKCSv1.5 padding where the hash is provided externally.
* | | | Merge GH #1044 Handle IV carryover in CBC, CFB, and stream ciphersJack Lloyd2017-05-199-43/+243
|\ \ \ \ | |_|/ / |/| | |
| * | | Handle IV carryover in CBC, CFB, and stream ciphersJack Lloyd2017-05-139-43/+243
| | | | | | | | | | | | | | | | | | | | | | | | Allow an empty nonce to mean "continue using the current cipher state". GH #864
* | | | Maintainer mode fixesJack Lloyd2017-05-182-4/+9
| | | |
* | | | Add ability to clear cpuid bits before running benchmarks.Jack Lloyd2017-05-181-1/+14
| |/ / |/| | | | | | | | | | | | | | | | | Should be extended further, and some duplicated logic with the tests here, but useful as is. [ci skip]
* | | Fix botan_privkey_load_rsa misleading parameter names.Daniel Wyatt2017-05-133-5/+5
|/ / | | | | | | RSA_PrivateKey's constructor take p,q,e,d,n.
* | Post-merge changes to SP 800-56A KDF (GH #1040)Jack Lloyd2017-05-063-77/+120
| | | | | | | | | | | | | | Instead of using a template split the KDF into two different classes that both call a template utility function to actually run the KDF algo. Simplify the "empty salt" logic and avoid having to instantiate a hash object just to get the hash block size.
* | Merge GH #1040 Add SP800-56A KDFJack Lloyd2017-05-065-0/+3071
|\ \
| * | Align with comments from code reviewKrzysztof Kwiatkowski2017-05-042-6/+5
| | |
| * | KDF SP800-56A: Add test vectors with 0 length salt to improve coverageKrzysztof Kwiatkowski2017-05-031-0/+60
| | |
| * | Use uint64_t to represent 32-bit number (fixes unittests)Krzysztof Kwiatkowski2017-05-031-1/+1
| | |
| * | Update copyright headersKrzysztof Kwiatkowski2017-05-032-2/+6
| | |
| * | Add vectors for HMAC backed SP800-56A KDFKrzysztof Kwiatkowski2017-05-031-2/+1417
| | |
| * | SP800-56A revision 2 implementationKrzysztof Kwiatkowski2017-05-033-29/+74
| | |
| * | Adds KDF based on SP 800-56A. Currently it is revision 1 (alternative 1). It ↵Krzysztof Kwiatkowski2017-05-035-0/+1548
| | | | | | | | | | | | should be extended to revision 2.
* | | Don't use len() to verify emptynessSimon Warta2017-05-041-1/+4
| | |
* | | Remove comment: FIXME without further descriptionSimon Warta2017-05-041-1/+1
| | |
* | | Make pylint mandatory for botan2.pySimon Warta2017-05-041-2/+2
| | |
* | | Work around name conflict of symbol "rng"Simon Warta2017-05-041-13/+14
| | |
* | | Add base exception type: BotanExceptionSimon Warta2017-05-041-22/+30
| | |
* | | Fix various pylint warningsSimon Warta2017-05-041-8/+10
| | |
* | | Avoid redefining build-in name "hash"Simon Warta2017-05-041-3/+3
| | | | | | | | | | | | | | | this breaks applications using a parameter labels, e.g. pubkey.fingerprint(hash='SHA-512')
* | | Silence invalid name warning for module "botan"Simon Warta2017-05-041-2/+2
| | |
* | | Silence pylint invalid class name warningsSimon Warta2017-05-041-12/+12
| | |
* | | Use comments to organize code sectionsSimon Warta2017-05-041-35/+40
| | |
* | | Remove trailing whitespaceSimon Warta2017-05-041-1/+1
| | |
* | | Break long linesSimon Warta2017-05-041-14/+29
| | |