aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Avoid potential side channel when generating RSA primesJack Lloyd2018-04-174-43/+179
| | | | | | | | | | Add a new function dedicated to generating RSA primes. Don't test for p.bits() > bits until the very end - rarely happens, and speeds up prime generation quite noticably. Add Miller-Rabin error probabilities for 1/2**128, which again speeds up RSA keygen and DL param gen quite a bit.
* Remove debug assignment [ci skip]Jack Lloyd2018-04-161-1/+0
|
* Truncate new SKIDs to 192 bitsJack Lloyd2018-04-162-6/+9
| | | | | More than long enough, and saves quite a bit of space especially for SHA-512 certificates.
* Add vars to split the two Karatsuba sub-workspacesJack Lloyd2018-04-161-14/+20
|
* Merge GH #1540 Progress towards const-time RSAJack Lloyd2018-04-1610-47/+112
|\
| * Add const time annotationsJack Lloyd2018-04-156-7/+43
| |
| * Simplify Karatsuba codeJack Lloyd2018-04-153-39/+43
| | | | | | | | And set us up for eventually having this be completely const time.
| * Use GCC builtins for clz operationJack Lloyd2018-04-151-1/+26
| |
* | Use bad_record_mac instead of decode_error for short TLS packetsJack Lloyd2018-04-161-1/+8
|/ | | | | Decode error seems more appropriate but it confuses some automated tools including older versions of TLS-Attacker.
* Add an explicit test mode buildJack Lloyd2018-04-143-5/+5
| | | | GH #1537
* Merge GH #1538 Minor ECC optimizationsJack Lloyd2018-04-148-21/+137
|\
| * Various minor ECC optimizationsJack Lloyd2018-04-138-21/+137
| | | | | | | | | | | | | | | | | | Add a way of getting Montgomery representation of one. Reduce use of temporaries in variable point mult. Prefer doubling over addition in precomputing fixed window. Add Brainpool ECDH tests Improves ECDH by 2-3% across the board
* | Merge GH #1531 Improve XMSS test coverageJack Lloyd2018-04-144-12/+12
|\ \ | |/ |/|
| * Removes unused overload in XMSS_HashMatthias Gierlings2018-04-122-12/+0
| | | | | | | | - Removes overload `XMSS_Hash::h_msg_update(secure_vector<uint8_t>&)`
| * Codecov - cover MT code in XMSS_PrivateKeyMatthias Gierlings2018-04-122-0/+12
| | | | | | | | | | | | Codecov does not reach all parts of the `XMSS_PrivateKey` code because too few cores are detected during the CI run. To cover the missed codepaths always return a large enough core count if botan is compiled with coverage.
* | Merge GH #1537 Add missing XMSS signature length checkJack Lloyd2018-04-124-23/+183
|\ \
| * | Adds missing XMSS signature length check.Matthias Gierlings2018-04-124-23/+183
| | | | | | | | | | | | | | | | | | | | | | | | - Fixes out of bounds read in `XMSS_Signature` constructor when the raw signature data supplied as arguments is shorter than the signature size defined by the XMSS parameter set encoded in the `XMSS_PublicKey`. - Fixes valid signatures with arbitrary appended data to be verified as correct signature.
* | | In XMSS_Tools::bench_threads only call hardware_concurrency onceJack Lloyd2018-04-121-7/+9
| | | | | | | | | | | | | | | Getting this value will typically require either a system call or a cpuid call, both of which are fairly expensive.
* | | Add missing override [ci skip]Jack Lloyd2018-04-121-1/+1
| | |
* | | Allow year up to 2200 in ASN1 time objectsJack Lloyd2018-04-124-5/+100
| |/ |/| | | | | | | | | Also tighten up checking of days Fixes GH #1536
* | Some makefile simplificationsJack Lloyd2018-04-111-11/+4
| |
* | Merge GH #1535 Don't create solib symlinks on OpenBSDJack Lloyd2018-04-112-1/+3
|\ \
| * | Do not create shared library symlinks on OpenBSD.Alexander Bluhm2018-04-122-1/+3
| |/ | | | | | | | | | | | | | | Symlinks to shared libraries confuse the OpenBSD dynamic linker. We need one file with two numbers. The problem became apparent when the abi_rev and the OpenBSD ports shared libs numbers diverged. Add a new conditional variable symlink_shared_lib to suppress the symlink in the makefile.
* | Merge GH #1534 Optimize EC doubling for curves with a == 0 and a == -3Jack Lloyd2018-04-113-9/+61
|\ \
| * | Optimize EC point doubling for a == 0 and a == -3Jack Lloyd2018-04-113-9/+61
| |/
* / Fix indentation [ci skip]Jack Lloyd2018-04-111-5/+5
|/
* Fix the botan-test --verbose flag, which did nothingJack Lloyd2018-04-119-24/+30
| | | | It used to do something, then I broke it.
* Merge GH #1533 Use mkstemp for temp files in testsJack Lloyd2018-04-113-1/+42
|\
| * Move mkstemp to Test::temp_file_nameJack Lloyd2018-04-113-8/+40
| |
| * Use mkstemp(3) to create file for test.Alexander Bluhm2018-04-101-1/+10
| | | | | | | | | | | | Creating a temporary file in the current directory may fail due to permissions. Use POSIX mkstemp(3) to create a temporary file in a secure way for the filter test.
* | Add EC_Group::a_is_zeroJack Lloyd2018-04-113-1/+19
| |
* | Add missing errno.h include to entropy/dev_randomfwsGonzo2018-04-111-0/+1
| |
* | Bump version to 2.7.0Jack Lloyd2018-04-101-1/+1
| |
* | Add missing overrideJack Lloyd2018-04-091-1/+1
|/
* Add DL_Group::exponent_bitsJack Lloyd2018-04-094-7/+25
| | | | Just a useful helper
* Add a Montgomery exponentiation that takes variable timeJack Lloyd2018-04-093-7/+52
| | | | | | | | In the case of RSA encryption/verification the public exponent is... public. So we don't need to carefully guard against side channels that leak the exponent. Improves RSA verification performance by 50% or more.
* Remove redundant access specifierJack Lloyd2018-04-091-1/+0
|
* Fix incorrect macro checkJack Lloyd2018-04-091-2/+2
|
* Remove extra trailing ;Jack Lloyd2018-04-091-1/+1
|
* Fix bug that broke session decryption (and thus resumption)Jack Lloyd2018-04-093-1/+55
| | | | Introduced in 3657639ab. Add a test that would have caught this
* Add a data file for RISC-V 64Jack Lloyd2018-04-091-0/+1
| | | | Debian has a build target for this.
* Fix off by one when decoding TLS-CBC ciphertextsJack Lloyd2018-04-096-28/+196
|
* Fix interop bug in TLS serverJack Lloyd2018-04-083-0/+33
| | | | | The connection would fail if the client advertised any signature algorithm we did not support (eg RSA/SHA-224)
* Square is always positiveJack Lloyd2018-04-081-0/+1
|
* Rename test data file to match the test nameJack Lloyd2018-04-082-1/+1
|
* Add BigInt::square plus a speed test for BigInt multiplyJack Lloyd2018-04-084-8/+72
|
* Convert comba script to Python3Jack Lloyd2018-04-082-27/+27
|
* Merge GH #1528 Add sanitizer-specific optimization flagsJack Lloyd2018-04-072-2/+4
|\
| * Add sanitizer-specific optimization flagsJack Lloyd2018-04-072-2/+4
| |
* | Merge GH #1527 Add functions getting Cipher_Mode/AEAD_Mode returning unique_ptrJack Lloyd2018-04-0720-97/+164
|\ \
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-26 10:58:27 +0000