| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|
|
|
| |
bytes. Bug noted by Falko Strenzke, fix by M. Braun. (bug id 31)
|
|
|
|
|
|
| |
I don't know that having same_mem be sensitive to input would actually
allow any form of timing attack in the current codebase, but it seemed
like a prudent thing to do in any case.
|
|
|
|
|
|
|
|
|
|
|
| |
When a reseed is attempted, up to poll_bits attempts will be made, running
in order through the set of available sources. So for instance if poll_bits
is set to the default 256, then up to 256 polls will be performed (some of
which might not provide any entropy, of course) before stopping; of course
if the accumulators goal is achived before that point, then the polling stops.
This should greatly help to resolve the recent rash of PRNG unseeded problems
some people have been having.
|
| |
|
|
|
|
| |
select loop (up to a second)
|
|
|
|
|
|
| |
/dev/urandom
/dev/random
/dev/srandom (OpenBSD-specific)
|
|
|
|
|
| |
but with the most recent change to decouple version # and so version this
is wrong - use @{var:so_version} instead.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a comment that the limitation of the personalization string
being a maximum of 64 characters is due to the implementation and
not the specification (but it makes it easy to implement, and in
this particular case 64 characters is probably fine).
Add some tests for the personalization option, generated by the
Skein reference implementation.
Disable stripping whitespace in checks/misc.cpp:strip - it strips
the personalization tag, which breaks the test, and isn't needed
otherwise because the test files are well-formed.
|
|
|
|
| |
personalization option.
|
| |
|
|
|
|
|
| |
rotate.h, or when it was not needed at all. Remove or change the includes
as needed.
|
| |
|
|
|
|
|
|
| |
been removed when that portion of the code was split off. Remove the
duplicated code from engine.h and update some code in pubkey that still
relied on the declarations in engine.h instead of pk_engine.h
|
|
|
|
| |
number increments, for stable releases that don't affect binary compat.
|
| |
|
|
|
|
|
| |
with the version in earlier releases. Rickard Bondesson pointed out that
this was a problem on the mailing list.
|
|
|
|
|
|
|
| |
botan-config --libs - with shared objects it makes no difference, but
with static libs this doesn't bring in the needed symbols correctly since
only symbols needed by earlier objects on the command line are brought
in. Reported by Thomas Moschny.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
no subclass needs access to any of these variables.
|
|
|
|
| |
going to be compressed - otherwise it's a noop.
|
|
|
|
|
| |
the changeover from single block hashing to having each hash support multiple
sequential blocks of input.
|
|
|
|
| |
statement (at least as far as the calling code is concerned)
|
|
|
|
|
| |
that is the only code that needs to see them. Record the name in the Param
object.
|
|
|
|
|
| |
precompute the deltas when they are just a few additions; removing the
additions from the encrypt/decrypt rounds seems enough to me.
|
| |
|
|
|
|
|
|
|
|
| |
implementation.
In addition to the GOST 34.11 test parameters (used in Crypto++ among other
things), the GOST 34.11 CryptoPro parameters (used in implementations of the
GOST hash function) are now supported.
|
|
|
|
| |
param isn't set.
|
|
|
|
|
|
|
| |
can be done directly, so there is no need to copy the key several times
for the key schedule (since the GOST 'key schedule' is very simple and the
access pattern can now be directly inserted into the code). Looks to be
about 10% faster on my Core2, as well.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
up during the Fedora submission review, that each source file include some
text about the license. One handy Perl script later and each file now has
the line
Distributed under the terms of the Botan license
after the copyright notices.
While I was in there modifying every file anyway, I also stripped out the
remainder of the block comments (lots of astericks before and after the
text); this is stylistic thing I picked up when I was first learning C++
but in retrospect it is not a good style as the structure makes it harder
to modify comments (with the result that comments become fewer, shorter and
are less likely to be updated, which are not good things).
|
|
|
|
| |
somewhat cleaner .so dependencies on ELF systems. Patch from Zack Weinberg.
|
|
|
|
| |
HashFunction; include hash.h instead
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GostR3411_94_TestParamSet, this is compatible with the implementations in
Crypto++ and OpenSSL. This is not backwards compatible, though once the
implementation supports multiple param sets (which is required, unfortunately,
for compatability with various standards by CryptoCom, who have defined not
one but at least 4 (!!!) different sboxes to use with GOST), I may offer
Botan's previous sbox set as an option.
Since adding the GOST hash function (34.11) and signing algorithm (34.10)
are on the long term agenda (request by Rickard Bondesson, as the Russian
authorities want to use their local standards for their DNSSEC use), I
renamed the block cipher class (which had been just 'GOST') to GOST_28147_89
to minimize future name clashes.
|
|
|
|
| |
the mailing list.
|
| |
|
| |
|
|\
| |
| |
| | |
and 'fc89152d6d99043fb9ed1e9f2569fde3fee419e5'
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Make the fast poll significantly more pessimistic/realistic about how
many bits of randomness we're getting from getrusage and stat.
Don't cut out from execing programs if the desired poll bits is under
128. Simply poll until either the accumulator says we're done or we run
out of sources. Assumption is that the poll won't be run at all unless
it is ncessary (es_unix comes late in the list of sources to use since
it is pretty slow).
|
| | |
|
| |\
| | |
| | |
| | |
| | |
| | | |
4518ef63a5e28e22a61d21a6066d0d4a5cf0616e)
to branch 'net.randombit.botan.entropy-poll-redesign' (head c8e07f10a193b25bab726af99ea2ea77a0f30eaf)
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Instead simply consider the PRNG seeded if a poll kicked off from reseed
met its goal, or if the user adds data.
Doing anything else prevents creating (for instance) a PRNG seeded with
64 bits of entropy, which is unsafe for some purposes (key generation)
but quite possibly safe enough for others (generating salts and such).
|