Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | wget it ourselves, and include the hash of the file in the output | lloyd | 2013-11-28 | 2 | -24/+57 |
| | |||||
* | Fix file rename in info.txt and add a check for this in configure | lloyd | 2013-11-28 | 1 | -1/+1 |
| | |||||
* | TLS in-memory session manager now requires a rng object as a | lloyd | 2013-11-28 | 2 | -5/+7 |
| | | | | | constructor argument, previously it used the global rng which caused a serialization point across server threads. | ||||
* | Add a simple HTTP 1.0 GET using asio (for CRLs and OCSP) | lloyd | 2013-11-27 | 5 | -1/+137 |
| | |||||
* | Include Perl's build flags. Bug 254 | lloyd | 2013-11-23 | 1 | -1/+1 |
| | |||||
* | merge of '68c716734951de7d2d263d5ed5162e963d6c32be' | lloyd | 2013-11-20 | 5 | -55/+14 |
|\ | | | | | | | and '714a603d145c840eec1464ea31d0d07c2bf640fa' | ||||
| * | Compile fixes for Python wrapper | lloyd | 2013-11-20 | 5 | -55/+14 |
| | | |||||
* | | Only service small allocations out of the mlock pool | lloyd | 2013-11-20 | 2 | -2/+5 |
| | | |||||
* | | Add a basic DTLS policy | lloyd | 2013-11-20 | 1 | -0/+13 |
| | | |||||
* | | Fix old style cast warnings | lloyd | 2013-11-20 | 1 | -30/+30 |
|/ | |||||
* | Add HKDF | lloyd | 2013-11-17 | 3 | -0/+114 |
| | |||||
* | Fix get_cipher_mode for OCB and GCM with short tags | lloyd | 2013-11-17 | 1 | -2/+2 |
| | |||||
* | Inline kdf.cpp as all are simple forwarding calls | lloyd | 2013-11-17 | 2 | -62/+24 |
| | |||||
* | Enable all the GCC warning flags, as we now require at least GCC 4.7 anyway | lloyd | 2013-11-16 | 5 | -8/+6 |
| | | | | Fix a few nullptr and cast warnings. | ||||
* | Add includes needed by OS X | lloyd | 2013-11-12 | 1 | -0/+2 |
| | |||||
* | Split off Unix_EntropySource's fast_poll to a new source | lloyd | 2013-11-10 | 3 | -25/+14 |
| | |||||
* | Return a value | lloyd | 2013-11-09 | 1 | -1/+1 |
| | |||||
* | Add to build.h template | lloyd | 2013-11-09 | 1 | -0/+7 |
| | |||||
* | Remove decl of already removed function | lloyd | 2013-11-09 | 1 | -6/+0 |
| | |||||
* | Move RNG reseed controls to build.h | lloyd | 2013-11-09 | 1 | -9/+9 |
| | |||||
* | Uninitialized pointer | lloyd | 2013-11-09 | 1 | -1/+2 |
| | |||||
* | In HMAC_RNG record number of bytes since last poll and reseed based on | lloyd | 2013-11-09 | 2 | -17/+26 |
| | | | | that rather than the counter. | ||||
* | Include a timestamp as part of the HMAC_RNG PRF inputs | lloyd | 2013-11-09 | 1 | -0/+6 |
| | |||||
* | Don't actually deprecate AutoSeeded_RNG | lloyd | 2013-11-09 | 1 | -1/+0 |
| | |||||
* | Fix EGD settings. Some cleanup and renaming. | lloyd | 2013-11-09 | 6 | -49/+46 |
| | |||||
* | Make the process running entropy source much faster by running multiple commands | lloyd | 2013-11-09 | 9 | -556/+429 |
| | | | | | | | in parallel. On my laptop, a reseed using only process running takes .22 s wall clock in trunk and .06 s with this change - and that's after increasing the amount we read by 5 times (by reducing the entropy estimate per byte from .005 bits to 1/1024 bits). | ||||
* | Use a page size buffer as we are reading from a pipe | lloyd | 2013-11-08 | 1 | -1/+1 |
| | |||||
* | At least 128 bits, not at most 128 | lloyd | 2013-11-08 | 1 | -1/+1 |
| | |||||
* | Previously, AutoRNG was just a reference to the global rng, which can | lloyd | 2013-11-08 | 15 | -563/+210 |
| | | | | | | | | | | | cause a huge amount of lock contention in heavily multithreaded code. Now each AutoRNG is its own uniquely seeded HMAC_RNG. The set of entropy sources is shared rather than being per-RNG (so there is only one open fd to /dev/random, etc). So reseeding is still a global lock, but sharing the resources (open file descriptors, etc) across RNGs seems worth the contention. Remove Randpool, which was only used if HMAC_RNG was disabled at build. | ||||
* | merge of '5e53891d2c77f27a22d07ed26923745f9a5f3336' | lloyd | 2013-11-08 | 1 | -2/+2 |
|\ | | | | | | | and 'a895552efd212665d83064e9517976ef63f41368' | ||||
| * | Use BS constant where possible | lloyd | 2013-11-07 | 1 | -2/+2 |
| | | |||||
* | | Use override | lloyd | 2013-11-08 | 1 | -1/+1 |
| | | |||||
* | | Simplify device opening, and avoid leaking a file descriptor if it was | lloyd | 2013-11-08 | 1 | -18/+14 |
| | | | | | | | | | | | | too large to fit in an fd_set. Read at least 128 bits even if the poll is asking for less. | ||||
* | | Add more possible clock types | lloyd | 2013-11-08 | 1 | -0/+12 |
| | | |||||
* | | Avoid static const in GCM as well | lloyd | 2013-11-07 | 1 | -1/+1 |
|/ | |||||
* | Work around a strange bug where Clang won't find CCM_Mode::BS unless | lloyd | 2013-11-07 | 1 | -1/+1 |
| | | | | it is non-static. | ||||
* | Poll all randomness devices instead of breaking out early | lloyd | 2013-11-06 | 2 | -85/+38 |
| | |||||
* | Split TLS callbacks into a data callback and an alert callback. | lloyd | 2013-11-05 | 8 | -37/+61 |
| | | | | | In practice applications treated these two cases completely differently, so there was no reason to combine them into a single callback. | ||||
* | Remove duplicate definition of Serpent sboxes | lloyd | 2013-11-02 | 4 | -628/+443 |
| | |||||
* | Fix encoding error in ECC groups using OID method. Reported by and | lloyd | 2013-10-30 | 1 | -1/+1 |
| | | | | patch from fxdupont on github. | ||||
* | Fix padding error in CBC encryption if offset != 0 | lloyd | 2013-10-12 | 1 | -3/+2 |
| | |||||
* | Simplify AD processing in non-AEAD case | lloyd | 2013-09-08 | 1 | -22/+12 |
| | |||||
* | Add Brainpool curves to TLS, and prefer them by default. | lloyd | 2013-09-08 | 2 | -0/+15 |
| | | | | Remove 224-bit NIST curve from default parameter list. | ||||
* | Remove Record struct | lloyd | 2013-09-07 | 5 | -196/+120 |
| | |||||
* | Don't pass Record struct to handshake parser | lloyd | 2013-09-06 | 3 | -14/+22 |
| | |||||
* | Enable CCM ciphersuites in TLS. Disable SHA-1 for signatures in TLS v1.2 | lloyd | 2013-09-06 | 2 | -5/+57 |
| | |||||
* | Correct Ciphersuite::valid and to_string for CCM | lloyd | 2013-09-05 | 1 | -1/+11 |
| | |||||
* | Support CCM-8 ciphersuites | lloyd | 2013-09-05 | 1 | -6/+14 |
| | |||||
* | Enable CCM mode in TLS suite_info generator | lloyd | 2013-09-05 | 1 | -4/+23 |
| | |||||
* | Add CCM mode | lloyd | 2013-09-05 | 5 | -20/+445 |
| |