aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* In SCAN_Name, keep track of the original inputs and make them accessiblelloyd2008-11-102-0/+6
|
* Add a class Algorithm_Factory which encapsulates the Engine classes (andlloyd2008-11-107-85/+160
| | | | which will eventually encapsulate the lookup logic as well)
* Reduce /dev/random poll times: 5ms for fast, 20 for slowlloyd2008-11-101-2/+2
|
* Several changes to HMAC_RNG, many on the basis of the paperlloyd2008-11-101-27/+43
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Boaz Barak, Shai Halevi: A model and architecture for pseudo-random generation with applications to /dev/random. ACM Conference on Computer and Communications Security 2005. which I was referred to by Hugo Krawczyk. Changes include: Remove the entropy estimation. This is a major point of Barak and Halevi's paper: the entropy we want to estimate is the condtional entropy of the collected data from the point of view of an unknown attacker. Obviously this cannot be computed! Instead HMAC_RNG simply counts each byte of sampled data as one bit of estimated entropy. Increase the reseed threshold from 2^14 to 2^20 outputs, and change the fast poll during generation from once every 1024 outputs to once every 65536 outputs (though the fast poll might not trigger that often, if output lengths are very large - however this doesn't really matter much, and with the X9.31 wrapper it does kick off exactly every 2^16 outputs). The paper also has some good arguments why it is better to reseed rarely, making sure you have collected a large amount of (hopefully) unguessable state. Remove a second HMAC PRF operation which was only being done to destroy the previous K value. Considering it has a short lifetime, seems excessive (and really hurt performance).
* The device reader constructors were being called too soon. Insteadlloyd2008-11-102-19/+40
| | | | close the fds in the entropy source destructor.
* Split pk_pad.h into eme.h and emsa.hlloyd2008-11-1013-35/+54
|
* Modify OpenSSL to use SCAN_Namelloyd2008-11-103-47/+34
|
* Remove unused provider functionlloyd2008-11-101-2/+0
|
* Fix include, add namespace and copyrightlloyd2008-11-101-1/+9
|
* Add a facility in SCAN_Name for provider nameslloyd2008-11-102-3/+35
|
* Add eng_ossl.cpp to buildlloyd2008-11-101-0/+1
|
* Make the ARC4 implementation from OpenSSL visible in arc4_openssl.hlloyd2008-11-105-93/+95
|
* Remove support for block cipher padding methods in engine. Like S2K,lloyd2008-11-1010-130/+35
| | | | | | | | | | they were not used at all outside of the core library implementations. One change is that now get_bc_pad returns a new object, instead of a pointer to a const shared padding method. This does imply a bit more dynamic memory overhead, but the modes are pretty light (stateless, for the most part), so this doesn't seem like a big deal. So modify ECB and CBC classes to add destructors to delete the padding object.
* Remove support for S2K in Engines. There are only three implementations oflloyd2008-11-108-110/+39
| | | | | | an S2K in Botan, all in the core library, and it's relatively unlikely that that many more will be added. get_s2k still exists and performs a direct search across the possibilities.
* Mention existence of O(n^1.5) squaring algorithmlloyd2008-11-101-0/+3
|
* Doxygen commentlloyd2008-11-101-3/+3
|
* Sort lineslloyd2008-11-102-11/+10
|
* Mark libstate as depending on mode_padlloyd2008-11-101-0/+1
|
* Add dep in ecb and cbc on mode_padlloyd2008-11-102-0/+2
|
* Remove find_bc_pad from lookup_stream.cpplloyd2008-11-101-25/+0
|
* Split lookup_cipher.cpp into lookup_{block,stream,bc_pad}.cpplloyd2008-11-104-82/+131
|
* Modify Lion lookup to use arg_count_betweenlloyd2008-11-091-2/+1
|
* Modify get_enc to use SCAN_Namelloyd2008-11-091-82/+41
|
* Modify get_pbe to use SCAN_Namelloyd2008-11-091-18/+12
|
* Add SCAN_Name::arg_count_betweenlloyd2008-11-091-0/+6
|
* Consistent whitespacelloyd2008-11-091-0/+1
|
* Constifylloyd2008-11-092-4/+4
|
* Modify Default_Engine to use SCAN_Name internallylloyd2008-11-094-213/+161
|
* Update modes requires since modebase is now modeslloyd2008-11-097-7/+7
|
* Add a SCAN_Name class that encapsulates operations currently done repeatedlylloyd2008-11-093-0/+92
| | | | all over the engine code.
* In lookup.h, forward declare Library_State instead of including libstate.hlloyd2008-11-091-1/+2
|
* Move cipher mode base class to modes/ dirlloyd2008-11-093-0/+0
|
* Remove alias for HAVAL, also removed in 1.5.0lloyd2008-11-091-1/+0
|
* Remove alias for SEAL (removed in 1.5.0!)lloyd2008-11-091-1/+0
|
* Move engine to libstate/ directory, since there is a mutual dependencylloyd2008-11-0939-3/+0
| | | | | | (messy). Remove unused libstate.h includes from a few files.
* Remove redundent includeslloyd2008-11-093-5/+0
|
* Remove unused variable1.7.20lloyd2008-11-091-2/+0
|
* Make two variants of get_pbe more consistentlloyd2008-11-091-13/+11
|
* Remove use of get_s2k in PBES1 and PBES2, since they both always wantedlloyd2008-11-092-9/+14
| | | | | a particular algorithm (PBKDF1 or PBKDF2, resp), only variation is the has function to use.
* Macro cleanuplloyd2008-11-096-23/+18
|
* Inline no-op Engine virtual functionslloyd2008-11-092-63/+18
|
* Move some lookup related code from src/engine to src/libstate/lookup.cpplloyd2008-11-094-507/+496
|
* Rename SymmetricAlgorithm::key to key_schedule to avoid many namelloyd2008-11-0973-81/+81
| | | | conflicts/collisions
* Simplify implementation of Default_Engine::get_cipher somewhatlloyd2008-11-081-94/+92
|
* Remove lookup from parallel hash constructionlloyd2008-11-083-17/+22
|
* Remove lookup.h use from EAXlloyd2008-11-085-45/+28
|
* Remove lookup.h from CTS modelloyd2008-11-083-54/+20
|
* Remove lookup.h use from ECB, CBC, CFBlloyd2008-11-087-105/+63
|
* Add BOTAN_DLL macro to Default_IF_Oplloyd2008-11-081-1/+1
|
* Remove use of lookup.h from OFBlloyd2008-11-084-14/+13
|