aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Clear K after new PRK is generated.lloyd2008-10-281-4/+7
|
* Set the default XTS (ASCII value of "Botan HMAC_RNG XTS") only once, inlloyd2008-10-281-86/+92
| | | | | | | the constructor. This avoids repeatedly resetting it for each reseed, if HMAC_RNG is used without entropy sources and using only application-provided entropy. Very slightly more efficient and also the code for reseed becomes a bit clearer.
* Wrap lines to 80 columnslloyd2008-10-2810-30/+54
|
* Modify AutoSeeded_RNG to use HMAC_RNG instead of Randpool, if HMAC_RNG islloyd2008-10-282-5/+20
| | | | | | | | available in the build. If neither is avilable, the constructor will throw an exception. As before, the underlying RNG will be wrapped in an X9.31 PRNG using AES-256 as the block cipher (if X9.31 is enabled in the build).
* Add HMAC_RNG, which is an RNG design based on Hugo Krawczyk's paperlloyd2008-10-283-0/+403
| | | | | | | | "On Extract-then-Expand Key Derivation Functions and an HMAC-based KDF". While it has much smaller state than Randpool (256-512 bits, typically, versus 4096 bits commonly used in Randpool), the more formal design analysis seems attractive (and realistically if the RNG can manage to contain 256 bits of conditional entropy, that is more than sufficient).
* In ANSI_X931_RNG::reseed, only attempt to reseed the X9.31 state iflloyd2008-10-281-7/+10
| | | | the underlying PRNG's reseed was a success.
* Substantially change Randpool's reseed logic. Now when a reseedlloyd2008-10-2719-34/+107
| | | | | | | | | | | | | | | | | | | | | | | | | | is requested, Randpool will first do a fast poll on each entropy source that has been registered. It will count these poll results towards the collected entropy count, with a maximum of 96 contributed bits of entropy per poll (only /dev/random reaches this, others measure at 50-60 bits typically), and a maximum of 256 for sum contribution of the fast polls. Then it will attempt slow polls of all devices until it thinks enough entropy has been collected (using the rather naive entropy_estimate function). It will count any slow poll for no more than 256 bits (100 or so is typical for every poll but /dev/random), and will attempt to collect at least 512 bits of (estimated/guessed) entropy. This tends to cause Randpool to use significantly more sources. Previously it was common, especially on systems with a /dev/random, for only one or a few sources to be used. This change helps assure that even if /dev/random and company are broken or compromised the RNG output remains secure (assuming at least some amount of entropy unguessable by the attacker can be collected via other sources). Also change AutoSeeded_RNG do an automatic poll/seed when it is created.
* TLS_PRF also depends on MD5 and SHA1, was not so markedlloyd2008-10-261-0/+2
|
* In KDF instead of lookup, instantiate fixed hashes (MD5, SHA-1) directlylloyd2008-10-264-21/+24
|
* Remove lookup.h use from OpenPGP S2Klloyd2008-10-263-23/+14
|
* Make S2K base class non-copyable and non-assignable by default (use clone ↵lloyd2008-10-261-0/+3
| | | | instead)
* Move EntropySource base class to new entropy_src.h (which allows the ↵lloyd2008-10-2615-28/+76
| | | | | | implementations to decouple from knowing about RandomNumberGenerator).
* Remove prohibition against generating DSA parameter set with a 224 bit q,lloyd2008-10-261-4/+0
| | | | since SHA-224 is now implemented.
* Move rng.h from core to rnglloyd2008-10-261-0/+0
|
* Move rng.{cpp,h} from core to rng/ topdirlloyd2008-10-2615-56/+158
| | | | | | | | | | | | | | Add a new class AutoSeeded_RNG that is a RandomNumberGenerator that wraps up the logic formerly in RandomNumberGenerator::make_rng. make_rng in fact now just returns a new AutoSeeded_RNG object. AutoSeeded_RNG is a bit more convenient because - No need to use auto_ptr - No need to dereference (same syntax everywhere - it's an underestimated advantage imo) Also move the code from timer/timer_base to timer/
* Move kdf/kdf_base to kdflloyd2008-10-2610-7/+6
|
* Move pbe/pbe_base to pbe/lloyd2008-10-266-3/+3
|
* Move s2k.{h,cpp} and S2K algos from core and kdf to new s2k/ dirlloyd2008-10-2613-2/+1
|
* Put pk_pad.{h,cpp} from core into pk_pad/ dir (cleaner I think)lloyd2008-10-266-2/+15
|
* Move libstate and selftest out of core/ dir to toplevellloyd2008-10-2626-5/+5
|
* Add alias for Intel T2250. Based on /proc/cpuinfo sent by Benjamin Laulloyd2008-10-241-0/+1
|
* Added prescott submodel to ia32 architecture, including aliases formarkus2008-10-241-0/+7
| | | | most Intel Core Duo (32 bit, as opposed to Core 2 Duo being 64 bit).
* Use -O2 instead of -O3 with Intel C++lloyd2008-10-221-1/+1
|
* Install pkg-config file to /lib/pkgconfiglloyd2008-10-222-5/+13
|
* Update ICC flags for 10.1lloyd2008-10-221-3/+3
|
* Delete generated botan.pc on make distcleanlloyd2008-10-152-2/+2
|
* Add pkg-config support (requested/suggested by Zack Weinberg on monotone-dev)lloyd2008-10-151-0/+11
|
* merge of '141433027ee455b8c8b2829f5233eb577039bd41'lloyd2008-10-151-3/+3
|\ | | | | | | and 'a70931899dfcc15fe8aa2ace40712717859afe50'
| * Doxygen commentlloyd2008-10-151-3/+3
| |
* | Clean up VC++ ia32 asm a bit, use new defs of word3_muladd* from generic ↵lloyd2008-10-151-49/+28
| | | | | | | | mp_asmi.h
* | Fix include of mp_asm.h in mp_ia32_msvc/mp_asmi.h (used quotes instead of ↵lloyd2008-10-152-5/+5
|/ | | | brackets)
* Fixup Doxygen errorlloyd2008-10-141-3/+3
|
* Enable sorting in Doxygen outputlloyd2008-10-141-1/+1
|
* Remove two declared but not defined constructors of EAC_Signed_Objectlloyd2008-10-141-4/+1
|
* Add an OID to policy.cpp needed by the CVC codelloyd2008-10-141-0/+3
|
* Add ECKAEG benchmark. Fix several problems found in ECKAEG key (had pure ↵lloyd2008-10-132-36/+59
| | | | virtuals)
* RNG::reseed commentlloyd2008-10-131-1/+1
|
* Add some Doxygen comments from InSiTo written for config.h (now gone/split up)lloyd2008-10-132-13/+69
|
* Remove spurious trailing ; after blockslloyd2008-10-135-8/+9
|
* Add InSiTo Doxygen comments for freestore.hlloyd2008-10-131-4/+40
|
* Wrap lineslloyd2008-10-131-5/+8
|
* Doxygen comments for eac_asn_obj.h from latest InSiTolloyd2008-10-131-20/+132
|
* Add trailing H__ to some header guards. Line wrap long comment.lloyd2008-10-138-34/+37
|
* Add Doxygen comments for secmem.h from InSiTolloyd2008-10-131-19/+237
|
* Add Doxygen comments from InSiTo to x509self.hlloyd2008-10-131-27/+148
|
* Doxygen comments for X509_Certificate, from InSiTolloyd2008-10-131-12/+123
|
* Doxygen comments for pkcs8.h from InSiTolloyd2008-10-131-31/+127
|
* Doxygen comments for lookup.h from InSiTolloyd2008-10-131-35/+184
|
* Another batch of InSiTo Doxygen commentslloyd2008-10-134-39/+268
|
* Kill stray charlloyd2008-10-131-1/+1
|
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-22 21:35:40 +0000