aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Check all padding bytes in ESP_Padding::unpad()René Korthaus2016-11-152-4/+24
|
* Check all ESP padding bytes during unpadRené Korthaus2016-11-141-12/+11
|
* Add ESP block cipher padding from RFC 4303René Korthaus2016-11-143-1/+83
| | | | | ESP padding is one of the recommended padding methods from BSI-TR-02102-1.
* Add params to XMSS test inputsJack Lloyd2016-11-123-47/+53
| | | | | | | This prevents the test suite from globbing all the XMSS tests together under "XMSS/Raw"; since XMSS ignores the padding anyway, pretend the param string is the padding which causes the normal logic in the signature test code to do the right thing.
* Remove unused Key_Type typedefsJack Lloyd2016-11-122-4/+0
| | | | [ci skip]
* Remove unused variable from testsJack Lloyd2016-11-122-8/+0
|
* Basic speed test for XMSSJack Lloyd2016-11-121-0/+34
|
* Fixes for XMSS wrt 9c72dabc9Jack Lloyd2016-11-125-31/+6
|
* Merge GH #717 Add XMSS signaturesJack Lloyd2016-11-1236-1/+4348
|\
| * Implements changes from XMSS reviewMatthias Gierlings2016-11-1113-82/+18
| | | | | | | | | | | | | | | | | | - Removes custom XMSS_Hash assignment operator. - Changes mutex type used in XMSS_Index_Registryfrom std::mutex to Botan::mutex_type, changes lock_guard accordingly. - Removes singleton and endianess detection from XMSS_Tools, changes XMSS_Tools::concat() to be a static method. - XMSS/XMSS_WOTS check_key() now always returns true.
| * Added Extended Hash-Based Signatures (XMSS)Matthias Gierlings2016-11-1137-1/+4412
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [1] XMSS: Extended Hash-Based Signatures, draft-itrf-cfrg-xmss-hash-based-signatures-06 Release: July 2016. https://datatracker.ietf.org/doc/ draft-irtf-cfrg-xmss-hash-based-signatures/?include_text=1 Provides XMSS_PublicKey and XMSS_PrivateKey classes as well as implementations for the Botan interfaces PK_Ops::Signature and PK_Ops::Verification. XMSS has been integrated into the Botan test bench, signature generation and verification can be tested independently by invoking "botan-test xmss_sign" and "botan-test xmss_verify" - Some headers that are not required to be exposed to users of the library have to be declared as public in `info.txt`. Declaring those headers private will cause the amalgamation build to fail. The following headers have been declared public inside `info.txt`, even though they are only intended for internal use: * atomic.h * xmss_hash.h * xmss_index_registry.h * xmss_address.h * xmss_common_ops.h * xmss_tools.h * xmss_wots_parameters.h * xmss_wots_privatekey.h * xmss_wots_publickey.h - XMSS_Verification_Operation Requires the "randomness" parameter out of the XMSS signature. "Randomness" is part of the prefix that is hashed *before* the message. Since the signature is unknown till sign() is called, all message content has to be buffered. For large messages this can be inconvenient or impossible. **Possible solution**: Change PK_Ops::Verification interface to take the signature as constructor argument, and provide a setter method to be able to update reuse the instance on multiple signatures. Make sign a parameterless member call. This solution requires interface changes in botan. **Suggested workaround** for signing large messages is to not sign the message itself, but to precompute the message hash manually using Botan::HashFunctio and sign the message hash instead of the message itself. - Some of the available test vectors for the XMSS signature verification have been commented out in order to reduce testbench runtime.
* | Pubkey cleanupsJack Lloyd2016-11-1244-308/+134
|/ | | | | | | | | | Add Public_Key::key_length usable for policy checking (as in TLS::Policy::check_peer_key_acceptable) Remove Public_Key::max_input_bits because it didn't make much sense for most algorithms actually. Remove message_parts and message_part_size from PK_Ops
* Merge GH #552 Add Cipher_Mode::reset, better AEAD testsJack Lloyd2016-11-1026-64/+491
|\
| * Cipher_Mode and AEAD_Mode improvementsDaniel Neus2016-11-0826-64/+491
| | | | | | | | | | | | | | | | | | | | | | | | See PR #552 - Add Cipher_Mode::reset() which resets just the message specific state and allows encrypting again under the existing key - In Cipher_Mode::clear() (at some planes) use cipher->clear() instead of resetting the pointer which would make the cipher object unusable - EAX_Decryption::output_length() bugfix?! Now its possible to decrypt an empty ciphertext (just a tag) - Bugfix for GCM_Decryption::finish() - set tag length in GCM_Mode::name() - Cipher_Mode tests: add tests for reset()and process() - AEAD_Mode tests: add tests for reset(), clear(), update() and process()
* | Add SHAKE-128 and SHAKE-256 as hash functionsJack Lloyd2016-11-1012-93/+326
| |
* | Remove remaining old style casts.Jack Lloyd2016-11-093-7/+6
| | | | | | | | | | | | Still not a hard error even in maintainer mode because sometimes system headers pull in C style casts via macros (eg MAP_FAILED). But, it not being a hard error makes it easy to backslide.
* | NewHope cleanupJack Lloyd2016-11-091-63/+300
| | | | | | | | Remove old style casts, wrap some very long lines.
* | Check missing Pipe::read return valuesJack Lloyd2016-11-092-6/+12
| |
* | Add BOTAN_WARN_UNUSED_RESULT macroJack Lloyd2016-11-093-13/+19
| | | | | | | | Only works for GCC and Clang
* | Assert expected EOF from readJack Lloyd2016-11-091-1/+1
| | | | | | | | Found by Coverity.
* | Correct comment [ci skip]Jack Lloyd2016-11-081-1/+1
| |
* | Remove Key_Type typedefsJack Lloyd2016-11-0814-32/+0
| | | | | | | | Also part of Algo_Registry and not needed after #668
* | Remove Spec typedef from pk_opsJack Lloyd2016-11-081-35/+0
|/ | | | Was used by Algo_Registry lookups, no longer needed after #668
* Add CPUID::is_little_endianJack Lloyd2016-11-072-0/+35
| | | | | Having a runtime endian test to verify against the build setting is useful.
* If peek fails, force EOF with a readJack Lloyd2016-11-071-0/+3
| | | | | | DataSource_Stream::peek resets EOF bit after a failed peek Fixes #657 cert_info infinite loop
* Add OID for XMSSJack Lloyd2016-11-061-0/+3
| | | | [ci skip]
* Update Doxygen comment [ci skip]Jack Lloyd2016-11-061-1/+0
|
* Add ec_group_info cmdletJack Lloyd2016-11-061-0/+35
|
* Add signature KAT test for GOST 34.10-2001Jack Lloyd2016-11-063-1/+49
| | | | | | Vectors here just whatever we spit out, but I can't find any GOST vectors using the 'A' param set. Anyway at least with this, we are testing to have consistent behavior across platforms.
* Keep track of the number of synchronisations achievedJoel Low2016-11-062-3/+11
| | | | | This allows wait() to be called immediately after sync() returns, even if not all of the waiting threads have awoken.
* Re-enable the Threaded Fork testJoel Low2016-11-061-1/+1
|
* Implement barriers for Threaded ForkJoel Low2016-11-064-11/+84
| | | | | | | | This commit introduces a concept of a barrier, where all threads must synchronise before continuing. Threaded Fork uses this to ensure that all input is consumed by each sink exactly once. Fixes #695.
* Tweak readme textsJack Lloyd2016-11-051-0/+8
| | | | [ci skip]
* Revert "Move contrib/sqlite to github.com/randombit/botan-sqlite"Jack Lloyd2016-11-057-0/+792
| | | | | | This reverts commit cfb12bf77940c566de1e6de4a79db6fe0d02ef1e. tl;dr monorepo is better, especially for a project this small.
* Fixes for PerlJack Lloyd2016-11-052-2/+3
|
* Revert "Remove the Perl XS module"Jack Lloyd2016-11-0515-0/+1861
| | | | | | | This reverts commit 2ec08fa6b5fd270e50f8526c1c6dfaabfda66e02. The Perl wrapper was removed as unmaintained, but nobody is likely to maintain it if they don't know it exists.
* Add an additional test for Threaded_ForkJack Lloyd2016-11-051-0/+25
|
* Fix test, catching wrong exception typeJack Lloyd2016-11-051-1/+1
|
* Merge GH #709 Fix DSA param gen for FIPS 186-3Jack Lloyd2016-11-051-5/+3
|\
| * Fix DSA parameter generation to use the correct loop bound.Jack Lloyd2016-11-031-5/+3
| | | | | | | | | | | | | | | | 4096 is the value from FIPS 186-2, FIPS 186-3 uses 4*pbits which is the obvious extension of the FIPS 186-2 scheme to larger parameter sizes. Pointed out by @neverhub Removes support for 512 and 768 bit DSA groups because WTF no.
* | Avoid bogus include with compression disabledJack Lloyd2016-11-041-1/+4
| |
* | Merge GH #710 Allow custom EC curve to be specified at build timeJack Lloyd2016-11-046-1/+45
|\ \
| * | Change oids.py and regenerate oids.cppRené Korthaus2016-11-032-1/+11
| | |
| * | Add an in-house EC curve for TLS at compile-timeRené Korthaus2016-11-035-0/+34
| | | | | | | | | | | | | | | | | | One additional, application-specific curve can be added at compile time, using the new configure.py --house-curve=curve.pem,funky311,1.2.3.4,FEFF.
* | | Merge GH #714 Use pk_ops_fwd headerJack Lloyd2016-11-041-12/+1
|\ \ \
| * | | use "forward declare header" pk_ops_fwd.h instead of self forward declaring themDaniel Neus2016-11-041-12/+1
| | | |
* | | | Skip bzip2 compression entropy testsJack Lloyd2016-11-041-8/+5
| | | | | | | | | | | | | | | | Large block size makes the differential test fragile.
* | | | Fix entropy testsJack Lloyd2016-11-041-6/+3
| | | | | | | | | | | | | | | | This interface changed, and it seems the test was only partially updated.
* | | | Handle missing SHA-x in DSA param gen testJack Lloyd2016-11-041-8/+13
| | | |
* | | | Don't require compression in filter codeJack Lloyd2016-11-043-1/+8
| | | |
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-15 18:17:35 +0000