Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Add AES key wrap with padding | Jack Lloyd | 2017-11-19 | 10 | -75/+1005 |
| | |||||
* | Avoid OCSPing on the Let's Encrypt CA cert | Jack Lloyd | 2017-11-19 | 1 | -6/+2 |
| | | | | | | Their issuing CA seems to have some performance problems with OCSP (https://github.com/letsencrypt/boulder/issues/1929) and it's currently causing timeouts in the tests. | ||||
* | Constify variables in AES-NI code | Jack Lloyd | 2017-11-18 | 1 | -104/+104 |
| | |||||
* | Add a function for checking if poly_double_n supports a particular size | Jack Lloyd | 2017-11-18 | 3 | -6/+10 |
| | |||||
* | Allow parsing and printing certificates with unknown public key algos | Jack Lloyd | 2017-11-18 | 2 | -6/+31 |
| | |||||
* | Add timings for RFC 3394 keywrap | Jack Lloyd | 2017-11-18 | 1 | -0/+40 |
| | |||||
* | Add feature macro for Sqlite3 being enabled in build | Jack Lloyd | 2017-11-18 | 1 | -0/+3 |
| | |||||
* | Prefix execution of install.py with Python binary | Jack Lloyd | 2017-11-16 | 3 | -2/+4 |
| | | | | | | | Fixes GH #1297 This is done even on GNU make builds, since the same issue affects MinGW | ||||
* | Fix encoding of subject key identifier | Jack Lloyd | 2017-11-16 | 5 | -23/+27 |
| | | | | | | Changed in #884 - we were copying the entire public key as the public key id. Instead hash it with whatever hash we are using to sign the certificate. | ||||
* | Optimize Twofish | Jack Lloyd | 2017-11-16 | 2 | -94/+158 |
| | | | | | Interleaving two blocks is 40-50% faster for any mode that supports parallel operation. | ||||
* | Fix path to cert test data | Jack Lloyd | 2017-11-16 | 1 | -1/+1 |
| | |||||
* | Merge GH #1296 Allow using secure_allocator with std::string under VC2013 | Jack Lloyd | 2017-11-16 | 1 | -5/+21 |
|\ | |||||
| * | Fix secure_allocator with std::string on VS2013 | Daniel Neus | 2017-11-16 | 1 | -5/+21 |
| | | | | | | | | Closes #1295 | ||||
* | | Fix Python tests | Jack Lloyd | 2017-11-16 | 1 | -1/+1 |
| | | |||||
* | | Move all the various X509 test data files under src/tests/data/x509 | Jack Lloyd | 2017-11-16 | 659 | -41/+41 |
|/ | |||||
* | Fix a memory leak in the case where certificate extension decoding fails. | Jack Lloyd | 2017-11-16 | 2 | -30/+33 |
| | | | | | | Introduced in #884 Found by OSS-Fuzz (bug 4249) | ||||
* | Correct CAST-128 decryption with more than 1 block | Jack Lloyd | 2017-11-16 | 2 | -32/+36 |
| | |||||
* | Optimizations for CAST-128 | Jack Lloyd | 2017-11-16 | 1 | -45/+135 |
| | | | | | Similarly to Blowfish, 2x unrolling produces a 50-60% perf boost due to increased ILP. | ||||
* | Optimize Blowfish | Jack Lloyd | 2017-11-16 | 1 | -41/+82 |
| | | | | | | | Doing two blocks at a time exposes more ILP and substantially improves performance. Idea from http://jultika.oulu.fi/files/nbnfioulu-201305311409.pdf | ||||
* | Update ASN.1 fuzzer | Jack Lloyd | 2017-11-15 | 2 | -12/+12 |
| | |||||
* | Correct handling of nested context specific | Jack Lloyd | 2017-11-15 | 1 | -4/+3 |
| | |||||
* | Move ASN1 printer to the library | Jack Lloyd | 2017-11-15 | 5 | -382/+418 |
| | |||||
* | Encapsulate ASN1 printer logic in a class | Jack Lloyd | 2017-11-15 | 1 | -133/+163 |
| | |||||
* | Increase the size of an ASN.1 tag enum to 32-bits | Jack Lloyd | 2017-11-15 | 1 | -1/+1 |
| | | | | Fixes GH #751 | ||||
* | Merge GH #884 Refactor X.509 cert/CRL internals | Jack Lloyd | 2017-11-15 | 34 | -999/+1630 |
|\ | |||||
| * | Remove debug abort [ci skip] | Jack Lloyd | 2017-11-14 | 1 | -1/+0 |
| | | |||||
| * | Consolidate function for testing for ASN.1 string types | Jack Lloyd | 2017-11-14 | 4 | -34/+25 |
| | | |||||
| * | Check for keyCertSign on non-CA certificates during validation | Jack Lloyd | 2017-11-14 | 1 | -0/+14 |
| | | | | | | | | GH #1089 | ||||
| * | Catch exceptions in NIST validation tests | Jack Lloyd | 2017-11-14 | 1 | -33/+41 |
| | | |||||
| * | Fix PKCS10 subject alt name usage | Jack Lloyd | 2017-11-14 | 5 | -7/+31 |
| | | | | | | | | GH #1010 | ||||
| * | Add a test for GH #1252 | Jack Lloyd | 2017-11-14 | 4 | -1/+61 |
| | | |||||
| * | Small cleanups in X509 tests | Jack Lloyd | 2017-11-14 | 1 | -22/+41 |
| | | |||||
| * | Avoid deprecated functions in FFI | Jack Lloyd | 2017-11-14 | 1 | -3/+3 |
| | | |||||
| * | Use new APIs in path validation and name constraint handling | Jack Lloyd | 2017-11-14 | 2 | -6/+14 |
| | | |||||
| * | Store CRL_Entry data in shared_ptr | Jack Lloyd | 2017-11-14 | 2 | -41/+81 |
| | | |||||
| * | Store X509_CRL data in shared_ptr | Jack Lloyd | 2017-11-14 | 2 | -69/+102 |
| | | |||||
| * | Store PKCS10 request data in structure | Jack Lloyd | 2017-11-14 | 2 | -65/+85 |
| | | |||||
| * | Refactor certificate extension handling | Jack Lloyd | 2017-11-14 | 2 | -274/+441 |
| | | |||||
| * | Store all data of an X509 certificate in a shared_ptr data struct. | Jack Lloyd | 2017-11-14 | 4 | -364/+567 |
| | | |||||
| * | Use new Decoding_Error constructor | Jack Lloyd | 2017-11-14 | 1 | -4/+2 |
| | | |||||
| * | Require SHA-2 for X.509 module | Jack Lloyd | 2017-11-14 | 1 | -0/+1 |
| | | | | | | | | The certstore interface assumes it and it's probably not unreasonable... | ||||
| * | In X509_CA save the hash function used | Jack Lloyd | 2017-11-14 | 2 | -2/+11 |
| | | |||||
| * | Move X509_DN and AlternativeName from asn1 to x509 | Jack Lloyd | 2017-11-14 | 8 | -81/+118 |
| | | |||||
* | | Remove SIMD perf test from speed | Jack Lloyd | 2017-11-15 | 1 | -116/+0 |
|/ | | | | As written it is very bogus and produces wildly incorrect results. | ||||
* | Fix seek test with OpenSSL RC4 | Jack Lloyd | 2017-11-14 | 1 | -1/+1 |
| | |||||
* | Support seeking in Salsa20 | Jack Lloyd | 2017-11-14 | 8 | -9/+61 |
| | | | | Add a test that StreamCipher::seek throws if not keyed. | ||||
* | Add OIDS::oid2str and str2oid | Jack Lloyd | 2017-11-14 | 1 | -0/+10 |
| | | | | Using the name "lookup" for both directions is confusing. | ||||
* | Add a second constructor to Decoding_Error which takes an exception string. | Jack Lloyd | 2017-11-14 | 2 | -0/+5 |
| | |||||
* | Add <functional> include to TLS headers which use std::function | Jack Lloyd | 2017-11-14 | 2 | -0/+2 |
| | |||||
* | Compile fix | Jack Lloyd | 2017-11-14 | 1 | -2/+2 |
| |