aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Clarify comment on botan_privkey_loadJack Lloyd2018-08-021-1/+1
|
* Merge GH #1637 Merge SM2 signature and ECIES key typesJack Lloyd2018-08-0212-197/+101
|\
| * Combine SM2 key types for signatures and encryptionJack Lloyd2018-08-0112-197/+101
| | | | | | | | | | | | It seems in practice the same key may be end up used for both operations, so maintaining a distinction at the type level just complicates things.
* | Avoid requirement to set rng in botan_privkey_loadJack Lloyd2018-08-012-7/+9
|/
* Add a couple HMAC(SHA-512-256) test vectorsJack Lloyd2018-08-011-0/+11
|
* Add OID for HMAC with SHA-512/256Jack Lloyd2018-08-012-1/+4
|
* Merge GH #1636 Add Lucas primality testJack Lloyd2018-08-0116-147/+538
|\
| * Add Lucas test from FIPS 186-4Jack Lloyd2018-07-3116-147/+538
| | | | | | | | | | | | | | | | | | | | This eliminates an issue identified in the paper "Prime and Prejudice: Primality Testing Under Adversarial Conditions" by Albrecht, Massimo, Paterson and Somorovsky where DL_Group::verify_group with strong=false would accept a composite q with probability 1/4096, which is exactly as the error bound is documented, but still unfortunate.
* | Just skip 32-bit ARM iOS build entirelyJack Lloyd2018-08-011-2/+5
| |
* | Avoid XCode 9.4 due to compilation bugJack Lloyd2018-08-011-0/+1
|/ | | | | XCode 9.4 ICEs on the NewHope code in ARM 32-bit build and of course I can't report the bug since I don't have an Apple ID.
* Fix Doxygen comments for AutoSeeded_RNG [ci skip]Jack Lloyd2018-07-311-3/+7
|
* Ensure values are fully reduced during ECDSA signatureJack Lloyd2018-07-301-3/+3
| | | | | It was possible that the Barrett reduction code would fall back to standard division due to getting an input that was >= order^2.
* Support calling Whirlpool in OpenSSLJack Lloyd2018-07-261-0/+5
| | | | Available since 1.0.0, not sure how this was missed.
* GHASH - use explicit function to check for key being setJack Lloyd2018-07-251-1/+1
|
* Add OID for SM2 with SM3 signaturesJack Lloyd2018-07-242-1/+5
|
* Add include for getenvJack Lloyd2018-07-241-0/+1
|
* Only print FFI exceptions to stdout if an env var is setJack Lloyd2018-07-242-1/+7
| | | | So debugging is possible but default is silent.
* Add botan_mac_query_keylenJack Lloyd2018-07-243-1/+38
|
* Add botan_block_cipher_query_keylen plus some new FFI error codesJack Lloyd2018-07-245-5/+59
|
* Add additional HMAC tests from RFC 4231Jack Lloyd2018-07-241-0/+81
|
* Use Alloc templates instead of overriding for specific vector typesJack Lloyd2018-07-241-16/+16
|
* Fix bad assert in Goppa decodingJack Lloyd2018-07-241-3/+4
|
* Require SM2 ciphertexts be DER encodedJack Lloyd2018-07-241-2/+18
| | | | | | | Previously SM2 test would fail about 1 in a thousand times because we would corrupt the ciphertext such that the BER was still valid; it would change the length field to an indefinite length marker, which still decoded correctly.
* In ECC private key encoding, include the optional public key fieldJack Lloyd2018-07-232-9/+12
| | | | Otherwise GnuTLS refuses to parse the private key. Fixes #1634
* Merge GH #1628 In ECDSA verify, handle error seen with LibreSSL on non-x86Jack Lloyd2018-07-201-7/+16
|\
| * Handle another possible OpenSSL error only seen on non-x86_64Jack Lloyd2018-07-171-7/+16
| | | | | | | | GH #1627
* | Add FFI funcs to get algo name from cipher, MAC and hash objsJack Lloyd2018-07-197-25/+122
| |
* | Specialize code for BigInt right shift by 1Jack Lloyd2018-07-191-0/+22
| | | | | | | | | | Improves ECDSA by 2-3% due to improving the const time modular inversion algorithm (used for the mod-order inversions).
* | Fix error in CCM when L=8Jack Lloyd2018-07-183-6/+131
| | | | | | | | GH #1631
* | Support salts other than exactly 16 bytes for Blowfish key setupJack Lloyd2018-07-186-36/+151
| | | | | | | | | | | | Bcrypt only needs 16 byte salts but unfortunately Bcrypt-PBKDF is defined to use 64 byte salts instead. So extend support to handle any salt that is a multiple of 4 bytes.
* | Pylint 2.0 drops compat with Python2Jack Lloyd2018-07-171-2/+2
| | | | | | | | So force pip install to 1.9.2
* | Correct comment on Hardware_RNGJack Lloyd2018-07-171-2/+1
|/
* Update password hashing default settingsJack Lloyd2018-07-135-4/+71
| | | | | | | | Bcrypt work factor 10 is looking pretty low these days, as is 100K iterations of PBKDF2. Increase bcrypt to 12 and PBKDF2 to 150K, and also transition passhash9 to using SHA-512 instead of SHA-256. Also document bcrypt better, and add speed tests for bcrypt and passhash9
* Remove RC2 related OIDsJack Lloyd2018-07-132-7/+1
| | | | Since RC2 has been removed since 1c0bc3cc6b no reason to have these around.
* Bump the FFI versionJack Lloyd2018-07-133-2/+13
| | | | New FFI features added in #1621 and #1625
* Tighten up error checking in pk_decryptJack Lloyd2018-07-132-17/+27
|
* Correct a comment in Camellia code, and align the 256 byte tableJack Lloyd2018-07-131-1/+3
|
* Unroll SM4 encryption/decryption by 2Jack Lloyd2018-07-131-23/+105
| | | | Interleaving operations improves SM4/CTR from 26 cpb to 18 cpb
* Set a macro when optimizing for sizeJack Lloyd2018-07-131-0/+4
|
* Add FPE1 to C APIJack Lloyd2018-07-134-1/+155
| | | | GH #1612
* Define _ENABLE_EXTENDED_ALIGNED_STORAGE for MSVC 15.8Jack Lloyd2018-07-131-1/+1
| | | | See #1624 for background
* In speed command warn if some unknown flag is passed to --clear-cpuidJack Lloyd2018-07-111-1/+7
|
* Fix Doxygen problemJack Lloyd2018-07-101-0/+1
|
* Make use of AlgorithmIdentifier::USE_EMPTY_PARAMJack Lloyd2018-07-103-9/+3
|
* Fix ARMv7 buildJack Lloyd2018-07-091-0/+3
| | | | These hwcaps dont exist in 32-bit mode
* Add support for ARMv8 SM4 instructionsJack Lloyd2018-07-0910-5/+311
| | | | Tested in qemu
* Bump version to 2.8.0-preJack Lloyd2018-07-061-1/+1
|
* Prefetch AES tables during the key scheduleJack Lloyd2018-07-061-8/+27
| | | | | | | | Also prefetch SD during decryption since both TD and SD are used there. Need for prefetch in the key schedule identified in the paper "Eliminating Timing Side-Channel Leaks using Program Repair" by Guo, Schaumont, Wang
* Document new flag for setting bcrypt version [ci skip]Jack Lloyd2018-07-051-1/+1
|
* Small post-merge fixups of #1621Jack Lloyd2018-07-043-20/+20
| | | | | | | Formatting, and fix the API revision annotations Adds pem as explicit dependency to FFI; already pubkey pulls it in but good to be explicit.
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-28 06:49:20 +0000