aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Make the DRBG hash selectable in build.h with BOTAN_AUTO_RNG_DRBG_HASH_FUNCTIONJack Lloyd2016-07-173-3/+4
| | | | Add some missing overrides
* If EPERM when writing to the random device, return silently.Jack Lloyd2016-07-171-1/+13
| | | | | | | | | That failure seems like an explicit system policy decision, so accept it as such. Versus say EBADF or EFAULT which would instead suggest a library bug. This return is seen on OS X Travis CI, unclear if this is a problem with OS X or with how Travis does OS X containers.
* Switch to HMAC_DRBG for all RNG generation.Jack Lloyd2016-07-1715-252/+6439
| | | | | | | | Add support and tests for additional_data param to HMAC_DRBG Add Stateful_RNG class which has fork detection and periodic reseeding. AutoSeeded_RNG passes the current pid and time as additional_data
* Fix SecRandomCopyBytes call with older OS X SDKsJack Lloyd2016-07-151-0/+1
| | | | | | | | | | In 10.8 (and presumably older) versions, the header for SecRandomCopyBytes is SecRandom.h, and Security.h does not include SecRandom.h With this change, the include of Security.h may be redundant for all versions, but I have no way to test this. GH #528
* Fix undefined behavior in donna128 typeJack Lloyd2016-07-151-6/+12
| | | | | | | Caused Curve25519 tests to fail when compiled by Clang on ARM, may have affected other 32-bit platforms. GH #532
* Rename policy 'sane' to 'modern' which better reflects intent.Jack Lloyd2016-07-111-29/+36
| | | | | Add RFC 6979 which became optional along the line. Also add bcrypt and compression, and add TLS by default. Prohibit EGD.
* Merge GH #531 Add AES/CBC/CTS tests from RFC 3962Jack Lloyd2016-07-112-0/+37
|\
| * Add test vectors for AES-CBC-CS3 aka AES/CBC/CTS from RFC 3962René Korthaus2016-07-112-0/+37
| | | | | | | | | | | | Previously, CBC-CS3 only had tests with DES, but if DES is not enabled in the module policy, then CBC-CS3 is not tested at all.
* | Merge GH #530 Remove egd from BSI policyJack Lloyd2016-07-111-1/+1
|\ \
| * | Remove egd entropy sources from BSI module policyRené Korthaus2016-07-111-1/+1
| |/
* / Add test vectors for block cipher padding modesRené Korthaus2016-07-114-2/+147
|/ | | | | | | | | | | Exports get_bc_pad() to be used from tests. Adds separate handcrafted tests for block cipher padding modes. They were previously only tested implicitly during the block cipher modes of operation tests, though not all padding modes were covered. And in case a mode of operation is not part of the enabled modules, the previously tested padding modes are not covered at all. Fixes an off-by-one bug in the previously untested ANSI X9.23 padding mode, where the number of zero bytes in the pad was one more than allowed by the standard.
* Merge GH #526 Some PKCS #11 fixes when used with BSI policyJack Lloyd2016-07-052-1/+3
|\
| * PKCS11 tests: run ECDSA software verification only if emsa_raw module is ↵Daniel Neus2016-07-051-0/+3
| | | | | | | | available
| * remove rfc6979 module dependency for pkcs11Daniel Neus2016-07-051-1/+0
| | | | | | | | no longer needed since hash_for_emsa() is now in emsa.h
* | prevent massive amount of MSVC C4100 warningsDaniel Neus2016-07-051-0/+5
|/
* Merge GH #507 Add PKCS #11 support. Previous merge 360a3a5 missed later commitsJack Lloyd2016-07-049-42/+27
|\
| * remove unnecessary includeDaniel Neus2016-06-281-1/+0
| |
| * fix some warnings and one compile errorDaniel Neus2016-06-284-6/+7
| |
| * check for asn1 and pubkey module presenceDaniel Neus2016-06-281-2/+7
| |
| * reuse BigInt::encode_1363 instead of self written logicDaniel Neus2016-06-281-6/+1
| |
| * use NULL_RNG to make clear that the RNG is not usedDaniel Neus2016-06-282-24/+4
| |
| * fix build with disabled pkcs11 moduleDaniel Neus2016-06-282-3/+8
| |
* | Merge GH #522 Update BSI policy, fix TLSJack Lloyd2016-07-044-3/+23
|\ \
| * | Remove unused kdf2 dependency from tls moduleRené Korthaus2016-07-041-1/+0
| | |
| * | Various fixes with bsi module policyRené Korthaus2016-07-044-2/+23
| | |
* | | Merge GH #507 Add PKCS #11 supportJack Lloyd2016-07-0436-44/+9829
|\ \ \ | |/ / |/| / | |/
| * add PKCS#11 supportDaniel Neus2016-06-1736-44/+9829
| |
* | Compile shared libraries (too) on FreeBSDLauri Nurmi2016-07-022-0/+6
| | | | | | | | Soname_patterns and link commands are identical to those used with Linux
* | Add missing override annotation. Fix formatting in ECIES testsJack Lloyd2016-06-302-21/+20
| |
* | Add ECKDSA OIDs for SHA signaturesJack Lloyd2016-06-221-0/+4
| | | | | | | | From http://rootca.kisa.or.kr/kcac/down/Guide/Object%20Identifier%20Guideline%20for%20the%20Electronic%20Signature%20Certification%20System.pdf
* | Update KDF1-ISO 18033 with KDF label argumentJack Lloyd2016-06-202-2/+5
| |
* | Merge GH #504 Add ECKCDSAJack Lloyd2016-06-2021-26/+537
|\ \
| * | Add ECKCDSA signature algorithmRené Korthaus2016-06-1423-26/+545
| |/
* | Merge GH #483 Add ECIES and KDF1 from ISO 18033Jack Lloyd2016-06-2010-0/+1228
|\ \
| * | ecies: fix tests for ecies-iso (allow empty ciphertext)Philipp Weber2016-05-301-3/+6
| | |
| * | Merge remote-tracking branch 'remotes/origin/master' into eciesPhilipp Weber2016-05-3035-127/+206
| |\ \
| * | | ecies review change: test for exception if the ciphertext is invalidPhilipp Weber2016-05-301-0/+8
| | | |
| * | | ecies review change: decrypt only if mac is correct and catch exceptions ↵Philipp Weber2016-05-231-11/+25
| | | | | | | | | | | | | | | | during decryption
| * | | ecies review change: add missing ciphertext to test vectorsPhilipp Weber2016-05-232-6/+3
| | | |
| * | | ecies review change: make constant vector with test data const instead of staticPhilipp Weber2016-05-231-1/+1
| | | |
| * | | add ecies implementation according to iso-18033Philipp Weber2016-04-276-0/+1125
| | | |
| * | | add kdf1 implementation according to iso-18033 (preparation for ecies)Philipp Weber2016-04-274-0/+81
| | | |
* | | | Use https:// urls for randombit.net links.Jack Lloyd2016-06-191-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously avoided since many clients don't have the CACert root, but now that Let's Encrypt is used instead anyone with a recent trust root should accept the certs for botan.randombit.net and lists.randombit.net [ci skip]
* | | | Merge GH #497 Add StreamCipher::seek and implementation for ChaChaJack Lloyd2016-06-1814-5/+575
|\ \ \ \ | | | | | | | | | | | | | | | Also adds ChaCha8 support
| * | | | Adding StreamCipher::seek interface, supporting seek in ChaCha, and also ↵SimCog2016-06-1814-5/+575
| | |_|/ | |/| | | | | | | | | | adding ChaCha8 support
* | | | Merge GH #487 Remove CVC certificates and EMSA1_BSI signature encodingJack Lloyd2016-06-1727-3072/+11
|\ \ \ \
| * | | | remove the already bitrotting and probably broken CVC implementationDaniel Neus2016-05-1819-2961/+0
| | | | |
| * | | | remove all uses of EMSA1_BSIDaniel Neus2016-05-025-43/+8
| | | | |
| * | | | remove EMSA1_BSI (no longer recommended by BSI)Daniel Neus2016-04-304-70/+5
| | | | |
* | | | | Merge GH #495 Add label argument to KDF::derive_keyJack Lloyd2016-06-1727-5577/+4714
|\ \ \ \ \