Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Make the DRBG hash selectable in build.h with BOTAN_AUTO_RNG_DRBG_HASH_FUNCTION | Jack Lloyd | 2016-07-17 | 3 | -3/+4 |
| | | | | Add some missing overrides | ||||
* | If EPERM when writing to the random device, return silently. | Jack Lloyd | 2016-07-17 | 1 | -1/+13 |
| | | | | | | | | | That failure seems like an explicit system policy decision, so accept it as such. Versus say EBADF or EFAULT which would instead suggest a library bug. This return is seen on OS X Travis CI, unclear if this is a problem with OS X or with how Travis does OS X containers. | ||||
* | Switch to HMAC_DRBG for all RNG generation. | Jack Lloyd | 2016-07-17 | 15 | -252/+6439 |
| | | | | | | | | Add support and tests for additional_data param to HMAC_DRBG Add Stateful_RNG class which has fork detection and periodic reseeding. AutoSeeded_RNG passes the current pid and time as additional_data | ||||
* | Fix SecRandomCopyBytes call with older OS X SDKs | Jack Lloyd | 2016-07-15 | 1 | -0/+1 |
| | | | | | | | | | | In 10.8 (and presumably older) versions, the header for SecRandomCopyBytes is SecRandom.h, and Security.h does not include SecRandom.h With this change, the include of Security.h may be redundant for all versions, but I have no way to test this. GH #528 | ||||
* | Fix undefined behavior in donna128 type | Jack Lloyd | 2016-07-15 | 1 | -6/+12 |
| | | | | | | | Caused Curve25519 tests to fail when compiled by Clang on ARM, may have affected other 32-bit platforms. GH #532 | ||||
* | Rename policy 'sane' to 'modern' which better reflects intent. | Jack Lloyd | 2016-07-11 | 1 | -29/+36 |
| | | | | | Add RFC 6979 which became optional along the line. Also add bcrypt and compression, and add TLS by default. Prohibit EGD. | ||||
* | Merge GH #531 Add AES/CBC/CTS tests from RFC 3962 | Jack Lloyd | 2016-07-11 | 2 | -0/+37 |
|\ | |||||
| * | Add test vectors for AES-CBC-CS3 aka AES/CBC/CTS from RFC 3962 | René Korthaus | 2016-07-11 | 2 | -0/+37 |
| | | | | | | | | | | | | Previously, CBC-CS3 only had tests with DES, but if DES is not enabled in the module policy, then CBC-CS3 is not tested at all. | ||||
* | | Merge GH #530 Remove egd from BSI policy | Jack Lloyd | 2016-07-11 | 1 | -1/+1 |
|\ \ | |||||
| * | | Remove egd entropy sources from BSI module policy | René Korthaus | 2016-07-11 | 1 | -1/+1 |
| |/ | |||||
* / | Add test vectors for block cipher padding modes | René Korthaus | 2016-07-11 | 4 | -2/+147 |
|/ | | | | | | | | | | | Exports get_bc_pad() to be used from tests. Adds separate handcrafted tests for block cipher padding modes. They were previously only tested implicitly during the block cipher modes of operation tests, though not all padding modes were covered. And in case a mode of operation is not part of the enabled modules, the previously tested padding modes are not covered at all. Fixes an off-by-one bug in the previously untested ANSI X9.23 padding mode, where the number of zero bytes in the pad was one more than allowed by the standard. | ||||
* | Merge GH #526 Some PKCS #11 fixes when used with BSI policy | Jack Lloyd | 2016-07-05 | 2 | -1/+3 |
|\ | |||||
| * | PKCS11 tests: run ECDSA software verification only if emsa_raw module is ↵ | Daniel Neus | 2016-07-05 | 1 | -0/+3 |
| | | | | | | | | available | ||||
| * | remove rfc6979 module dependency for pkcs11 | Daniel Neus | 2016-07-05 | 1 | -1/+0 |
| | | | | | | | | no longer needed since hash_for_emsa() is now in emsa.h | ||||
* | | prevent massive amount of MSVC C4100 warnings | Daniel Neus | 2016-07-05 | 1 | -0/+5 |
|/ | |||||
* | Merge GH #507 Add PKCS #11 support. Previous merge 360a3a5 missed later commits | Jack Lloyd | 2016-07-04 | 9 | -42/+27 |
|\ | |||||
| * | remove unnecessary include | Daniel Neus | 2016-06-28 | 1 | -1/+0 |
| | | |||||
| * | fix some warnings and one compile error | Daniel Neus | 2016-06-28 | 4 | -6/+7 |
| | | |||||
| * | check for asn1 and pubkey module presence | Daniel Neus | 2016-06-28 | 1 | -2/+7 |
| | | |||||
| * | reuse BigInt::encode_1363 instead of self written logic | Daniel Neus | 2016-06-28 | 1 | -6/+1 |
| | | |||||
| * | use NULL_RNG to make clear that the RNG is not used | Daniel Neus | 2016-06-28 | 2 | -24/+4 |
| | | |||||
| * | fix build with disabled pkcs11 module | Daniel Neus | 2016-06-28 | 2 | -3/+8 |
| | | |||||
* | | Merge GH #522 Update BSI policy, fix TLS | Jack Lloyd | 2016-07-04 | 4 | -3/+23 |
|\ \ | |||||
| * | | Remove unused kdf2 dependency from tls module | René Korthaus | 2016-07-04 | 1 | -1/+0 |
| | | | |||||
| * | | Various fixes with bsi module policy | René Korthaus | 2016-07-04 | 4 | -2/+23 |
| | | | |||||
* | | | Merge GH #507 Add PKCS #11 support | Jack Lloyd | 2016-07-04 | 36 | -44/+9829 |
|\ \ \ | |/ / |/| / | |/ | |||||
| * | add PKCS#11 support | Daniel Neus | 2016-06-17 | 36 | -44/+9829 |
| | | |||||
* | | Compile shared libraries (too) on FreeBSD | Lauri Nurmi | 2016-07-02 | 2 | -0/+6 |
| | | | | | | | | Soname_patterns and link commands are identical to those used with Linux | ||||
* | | Add missing override annotation. Fix formatting in ECIES tests | Jack Lloyd | 2016-06-30 | 2 | -21/+20 |
| | | |||||
* | | Add ECKDSA OIDs for SHA signatures | Jack Lloyd | 2016-06-22 | 1 | -0/+4 |
| | | | | | | | | From http://rootca.kisa.or.kr/kcac/down/Guide/Object%20Identifier%20Guideline%20for%20the%20Electronic%20Signature%20Certification%20System.pdf | ||||
* | | Update KDF1-ISO 18033 with KDF label argument | Jack Lloyd | 2016-06-20 | 2 | -2/+5 |
| | | |||||
* | | Merge GH #504 Add ECKCDSA | Jack Lloyd | 2016-06-20 | 21 | -26/+537 |
|\ \ | |||||
| * | | Add ECKCDSA signature algorithm | René Korthaus | 2016-06-14 | 23 | -26/+545 |
| |/ | |||||
* | | Merge GH #483 Add ECIES and KDF1 from ISO 18033 | Jack Lloyd | 2016-06-20 | 10 | -0/+1228 |
|\ \ | |||||
| * | | ecies: fix tests for ecies-iso (allow empty ciphertext) | Philipp Weber | 2016-05-30 | 1 | -3/+6 |
| | | | |||||
| * | | Merge remote-tracking branch 'remotes/origin/master' into ecies | Philipp Weber | 2016-05-30 | 35 | -127/+206 |
| |\ \ | |||||
| * | | | ecies review change: test for exception if the ciphertext is invalid | Philipp Weber | 2016-05-30 | 1 | -0/+8 |
| | | | | |||||
| * | | | ecies review change: decrypt only if mac is correct and catch exceptions ↵ | Philipp Weber | 2016-05-23 | 1 | -11/+25 |
| | | | | | | | | | | | | | | | | during decryption | ||||
| * | | | ecies review change: add missing ciphertext to test vectors | Philipp Weber | 2016-05-23 | 2 | -6/+3 |
| | | | | |||||
| * | | | ecies review change: make constant vector with test data const instead of static | Philipp Weber | 2016-05-23 | 1 | -1/+1 |
| | | | | |||||
| * | | | add ecies implementation according to iso-18033 | Philipp Weber | 2016-04-27 | 6 | -0/+1125 |
| | | | | |||||
| * | | | add kdf1 implementation according to iso-18033 (preparation for ecies) | Philipp Weber | 2016-04-27 | 4 | -0/+81 |
| | | | | |||||
* | | | | Use https:// urls for randombit.net links. | Jack Lloyd | 2016-06-19 | 1 | -3/+3 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously avoided since many clients don't have the CACert root, but now that Let's Encrypt is used instead anyone with a recent trust root should accept the certs for botan.randombit.net and lists.randombit.net [ci skip] | ||||
* | | | | Merge GH #497 Add StreamCipher::seek and implementation for ChaCha | Jack Lloyd | 2016-06-18 | 14 | -5/+575 |
|\ \ \ \ | | | | | | | | | | | | | | | | Also adds ChaCha8 support | ||||
| * | | | | Adding StreamCipher::seek interface, supporting seek in ChaCha, and also ↵ | SimCog | 2016-06-18 | 14 | -5/+575 |
| | |_|/ | |/| | | | | | | | | | | adding ChaCha8 support | ||||
* | | | | Merge GH #487 Remove CVC certificates and EMSA1_BSI signature encoding | Jack Lloyd | 2016-06-17 | 27 | -3072/+11 |
|\ \ \ \ | |||||
| * | | | | remove the already bitrotting and probably broken CVC implementation | Daniel Neus | 2016-05-18 | 19 | -2961/+0 |
| | | | | | |||||
| * | | | | remove all uses of EMSA1_BSI | Daniel Neus | 2016-05-02 | 5 | -43/+8 |
| | | | | | |||||
| * | | | | remove EMSA1_BSI (no longer recommended by BSI) | Daniel Neus | 2016-04-30 | 4 | -70/+5 |
| | | | | | |||||
* | | | | | Merge GH #495 Add label argument to KDF::derive_key | Jack Lloyd | 2016-06-17 | 27 | -5577/+4714 |
|\ \ \ \ \ |