Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | In SCAN_Name, keep track of the original inputs and make them accessible | lloyd | 2008-11-10 | 2 | -0/+6 |
| | |||||
* | Add a class Algorithm_Factory which encapsulates the Engine classes (and | lloyd | 2008-11-10 | 7 | -85/+160 |
| | | | | which will eventually encapsulate the lookup logic as well) | ||||
* | Reduce /dev/random poll times: 5ms for fast, 20 for slow | lloyd | 2008-11-10 | 1 | -2/+2 |
| | |||||
* | Several changes to HMAC_RNG, many on the basis of the paper | lloyd | 2008-11-10 | 1 | -27/+43 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Boaz Barak, Shai Halevi: A model and architecture for pseudo-random generation with applications to /dev/random. ACM Conference on Computer and Communications Security 2005. which I was referred to by Hugo Krawczyk. Changes include: Remove the entropy estimation. This is a major point of Barak and Halevi's paper: the entropy we want to estimate is the condtional entropy of the collected data from the point of view of an unknown attacker. Obviously this cannot be computed! Instead HMAC_RNG simply counts each byte of sampled data as one bit of estimated entropy. Increase the reseed threshold from 2^14 to 2^20 outputs, and change the fast poll during generation from once every 1024 outputs to once every 65536 outputs (though the fast poll might not trigger that often, if output lengths are very large - however this doesn't really matter much, and with the X9.31 wrapper it does kick off exactly every 2^16 outputs). The paper also has some good arguments why it is better to reseed rarely, making sure you have collected a large amount of (hopefully) unguessable state. Remove a second HMAC PRF operation which was only being done to destroy the previous K value. Considering it has a short lifetime, seems excessive (and really hurt performance). | ||||
* | The device reader constructors were being called too soon. Instead | lloyd | 2008-11-10 | 2 | -19/+40 |
| | | | | close the fds in the entropy source destructor. | ||||
* | Split pk_pad.h into eme.h and emsa.h | lloyd | 2008-11-10 | 13 | -35/+54 |
| | |||||
* | Modify OpenSSL to use SCAN_Name | lloyd | 2008-11-10 | 3 | -47/+34 |
| | |||||
* | Remove unused provider function | lloyd | 2008-11-10 | 1 | -2/+0 |
| | |||||
* | Fix include, add namespace and copyright | lloyd | 2008-11-10 | 1 | -1/+9 |
| | |||||
* | Add a facility in SCAN_Name for provider names | lloyd | 2008-11-10 | 2 | -3/+35 |
| | |||||
* | Add eng_ossl.cpp to build | lloyd | 2008-11-10 | 1 | -0/+1 |
| | |||||
* | Make the ARC4 implementation from OpenSSL visible in arc4_openssl.h | lloyd | 2008-11-10 | 5 | -93/+95 |
| | |||||
* | Remove support for block cipher padding methods in engine. Like S2K, | lloyd | 2008-11-10 | 10 | -130/+35 |
| | | | | | | | | | | they were not used at all outside of the core library implementations. One change is that now get_bc_pad returns a new object, instead of a pointer to a const shared padding method. This does imply a bit more dynamic memory overhead, but the modes are pretty light (stateless, for the most part), so this doesn't seem like a big deal. So modify ECB and CBC classes to add destructors to delete the padding object. | ||||
* | Remove support for S2K in Engines. There are only three implementations of | lloyd | 2008-11-10 | 8 | -110/+39 |
| | | | | | | an S2K in Botan, all in the core library, and it's relatively unlikely that that many more will be added. get_s2k still exists and performs a direct search across the possibilities. | ||||
* | Mention existence of O(n^1.5) squaring algorithm | lloyd | 2008-11-10 | 1 | -0/+3 |
| | |||||
* | Doxygen comment | lloyd | 2008-11-10 | 1 | -3/+3 |
| | |||||
* | Sort lines | lloyd | 2008-11-10 | 2 | -11/+10 |
| | |||||
* | Mark libstate as depending on mode_pad | lloyd | 2008-11-10 | 1 | -0/+1 |
| | |||||
* | Add dep in ecb and cbc on mode_pad | lloyd | 2008-11-10 | 2 | -0/+2 |
| | |||||
* | Remove find_bc_pad from lookup_stream.cpp | lloyd | 2008-11-10 | 1 | -25/+0 |
| | |||||
* | Split lookup_cipher.cpp into lookup_{block,stream,bc_pad}.cpp | lloyd | 2008-11-10 | 4 | -82/+131 |
| | |||||
* | Modify Lion lookup to use arg_count_between | lloyd | 2008-11-09 | 1 | -2/+1 |
| | |||||
* | Modify get_enc to use SCAN_Name | lloyd | 2008-11-09 | 1 | -82/+41 |
| | |||||
* | Modify get_pbe to use SCAN_Name | lloyd | 2008-11-09 | 1 | -18/+12 |
| | |||||
* | Add SCAN_Name::arg_count_between | lloyd | 2008-11-09 | 1 | -0/+6 |
| | |||||
* | Consistent whitespace | lloyd | 2008-11-09 | 1 | -0/+1 |
| | |||||
* | Constify | lloyd | 2008-11-09 | 2 | -4/+4 |
| | |||||
* | Modify Default_Engine to use SCAN_Name internally | lloyd | 2008-11-09 | 4 | -213/+161 |
| | |||||
* | Update modes requires since modebase is now modes | lloyd | 2008-11-09 | 7 | -7/+7 |
| | |||||
* | Add a SCAN_Name class that encapsulates operations currently done repeatedly | lloyd | 2008-11-09 | 3 | -0/+92 |
| | | | | all over the engine code. | ||||
* | In lookup.h, forward declare Library_State instead of including libstate.h | lloyd | 2008-11-09 | 1 | -1/+2 |
| | |||||
* | Move cipher mode base class to modes/ dir | lloyd | 2008-11-09 | 3 | -0/+0 |
| | |||||
* | Remove alias for HAVAL, also removed in 1.5.0 | lloyd | 2008-11-09 | 1 | -1/+0 |
| | |||||
* | Remove alias for SEAL (removed in 1.5.0!) | lloyd | 2008-11-09 | 1 | -1/+0 |
| | |||||
* | Move engine to libstate/ directory, since there is a mutual dependency | lloyd | 2008-11-09 | 39 | -3/+0 |
| | | | | | | (messy). Remove unused libstate.h includes from a few files. | ||||
* | Remove redundent includes | lloyd | 2008-11-09 | 3 | -5/+0 |
| | |||||
* | Remove unused variable1.7.20 | lloyd | 2008-11-09 | 1 | -2/+0 |
| | |||||
* | Make two variants of get_pbe more consistent | lloyd | 2008-11-09 | 1 | -13/+11 |
| | |||||
* | Remove use of get_s2k in PBES1 and PBES2, since they both always wanted | lloyd | 2008-11-09 | 2 | -9/+14 |
| | | | | | a particular algorithm (PBKDF1 or PBKDF2, resp), only variation is the has function to use. | ||||
* | Macro cleanup | lloyd | 2008-11-09 | 6 | -23/+18 |
| | |||||
* | Inline no-op Engine virtual functions | lloyd | 2008-11-09 | 2 | -63/+18 |
| | |||||
* | Move some lookup related code from src/engine to src/libstate/lookup.cpp | lloyd | 2008-11-09 | 4 | -507/+496 |
| | |||||
* | Rename SymmetricAlgorithm::key to key_schedule to avoid many name | lloyd | 2008-11-09 | 73 | -81/+81 |
| | | | | conflicts/collisions | ||||
* | Simplify implementation of Default_Engine::get_cipher somewhat | lloyd | 2008-11-08 | 1 | -94/+92 |
| | |||||
* | Remove lookup from parallel hash construction | lloyd | 2008-11-08 | 3 | -17/+22 |
| | |||||
* | Remove lookup.h use from EAX | lloyd | 2008-11-08 | 5 | -45/+28 |
| | |||||
* | Remove lookup.h from CTS mode | lloyd | 2008-11-08 | 3 | -54/+20 |
| | |||||
* | Remove lookup.h use from ECB, CBC, CFB | lloyd | 2008-11-08 | 7 | -105/+63 |
| | |||||
* | Add BOTAN_DLL macro to Default_IF_Op | lloyd | 2008-11-08 | 1 | -1/+1 |
| | |||||
* | Remove use of lookup.h from OFB | lloyd | 2008-11-08 | 4 | -14/+13 |
| |