aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Correct error with XTS minimum block sizeJack Lloyd2018-10-152-1/+580
| | | | | | | Add tests from NIST that demonstrate the problem, as well as OpenSSL generated tests for all input sizes 16...128 bytes. Fixes GH #1706
* Remove duplicated XTS test vectorsJack Lloyd2018-10-151-25/+2
|
* Merge GH #1704 Use emplace_back where appropriateJack Lloyd2018-10-156-15/+15
|\
| * move instead of copyrumcajs2018-10-146-15/+15
| |
* | Unroll Blowfish loop by 4 instead of 2Jack Lloyd2018-10-141-16/+45
|/ | | | Roughly 50% faster for parallel modes like CTR or CBC decrypt.
* Only use Python3 in CI builds if requested explicitlyJack Lloyd2018-10-121-2/+4
| | | | | | It looks like Travis has some old version of Python 3 which can't handle interpolating an integer into a byte string -- expr b"wtf %d" % (5) fails with whatever is on Travis, but works fine in Python 3.7
* Disable use of pylint3 in TravisJack Lloyd2018-10-123-9/+9
| | | | | Suddenly installing python3-pip is broken, and I don't care enough to dig deeper. Can probably come back when we switch to Xenial.
* Add an explicit OS target for EmscriptenJack Lloyd2018-10-126-8/+42
| | | | | This allows things to mostly work out of the box (#1702), and allows us to write Emscripten specific code where required.
* Small fixes for QNX [ci skip]Jack Lloyd2018-10-122-1/+2
| | | | Private report of a successful build on QNX 7 with these fixes.
* Make it possible to overwrite options to ar using AR_OPTIONSJack Lloyd2018-10-081-1/+2
| | | | | | | No convention for naming of this variable afaict Mostly useful as an escape hatch when we for whatever reason do the wrong thing, as in #1702 when used with emconfigure
* Fixes for building for LLVM bitcode/EmscriptenJack Lloyd2018-10-073-2/+7
| | | | GH #1702
* Alas, Clang in Travis is also too old for this to workJack Lloyd2018-10-061-1/+1
|
* GCC in Travis is too old (doesn't have ISA attribute)Jack Lloyd2018-10-061-1/+1
|
* Test single amalgamation fileJack Lloyd2018-10-051-0/+3
| | | | Would have detected #1700 before release.
* Add explicit AVX2 function annotationsJack Lloyd2018-10-053-2/+30
| | | | Needed for single amalagamation file with AVX2 enabled.
* Add more SM2 signature testsJack Lloyd2018-10-051-0/+56
| | | | | Using the standard SM2 and P-256 curves, instead of the SM2 test curve, for both SM3 and SHA-256 hashes. All values generated with GmSSL
* Merge GH #1698 Resolve leak during ECDSA verify with old OpenSSLJack Lloyd2018-10-042-6/+24
|\
| * Resolve a leak in OpenSSL ECDSA verification for old OpenSSLJack Lloyd2018-10-032-6/+24
| | | | | | | | | | | | The code was using the 1.0 API incorrectly and causing a leak. https://github.com/riboseinc/rnp/issues/757
* | Remove Travis notification emails [ci skip]Jack Lloyd2018-10-031-3/+0
|/
* Bump version to 2.9Jack Lloyd2018-10-011-1/+1
|
* Make a few simple functions constexprJack Lloyd2018-10-016-32/+29
| | | | This is primarily just to verify that C++11 constexpr works.
* Remove support for Visual C++ 2013Jack Lloyd2018-10-0149-210/+127
| | | | Closes GH #1557
* Fix more MSVC warningsJack Lloyd2018-10-014-31/+56
|
* With MSVC, use /arch:AVX for AVX2 enabled codeJack Lloyd2018-10-011-1/+1
| | | | | It seems otherwise VC generates a mix of SSE and AVX code resulting in lots of transition penalties.
* Fix [ci skip]Jack Lloyd2018-10-011-1/+1
|
* Handle PPC crypto bit in tests [ci skip]Jack Lloyd2018-10-012-1/+3
|
* Fix some warnings in ARM specific codeJack Lloyd2018-10-012-28/+34
|
* Fix more MSVC warningsJack Lloyd2018-10-0115-37/+59
|
* Avoid a MSVC 2015 warningJack Lloyd2018-10-013-3/+3
|
* Fix some MSVC warningsJack Lloyd2018-09-308-18/+18
|
* Merge GH #1696 Fix bugs in UUID classJack Lloyd2018-09-306-106/+230
|\
| * Move UUID to utils, test it, and fix bugs.Jack Lloyd2018-09-306-106/+230
| | | | | | | | Fixes #1695
* | Add some tests of the versioning functionsJack Lloyd2018-09-301-0/+46
|/
* Add more tests for CBC, CFB, OFB, CTR and GCMJack Lloyd2018-09-296-2/+635
| | | | From NIST CAVP, OpenSSL test data, and elsewhere
* Refactor mode tests, and correct bugs foundJack Lloyd2018-09-299-127/+206
| | | | | | | | | | | | | | | | | | | Several problems in CBC found by adding tests - If you set a key, then set a nonce, then set a new key, you could encrypt without setting a new nonce. - It was possible to call CBC finish without setting a nonce, which would crash. - If you had an CBC decryption object, set a key, set a nonce, then reset message state, it should throw because no nonce is set. Instead it would carry on using an all-zero nonce. Disable CommonCrypto with PKCS7 padding as it seems to have some problem that I cannot figure out from the build logs. This work sponsored by Ribose Inc
* Avoid null pointer write in FFIJack Lloyd2018-09-282-1/+7
| | | | | | | | If a function returning variable length output was called with a null output buffer but a non-zero output buffer length, FFI layer would call memset(nullptr, 0, buffer_len) and crash. Caught by Coverity.
* Use correct array length in Serpent AVX2Jack Lloyd2018-09-281-2/+2
| | | | Not an actual problem, but flagged by Coverity
* Spell check the documentationJack Lloyd2018-09-287-14/+14
|
* Skip using mmap allocation if mlock is not available.Jack Lloyd2018-09-271-8/+4
| | | | | Previously this would just mmap but pointlessly as the memory was not locked; might as well use the standard heap in that case.
* Add OS::running_in_privileged_stateJack Lloyd2018-09-274-17/+41
| | | | | | | | Avoid any getenv toggles or reading /proc if we are setuid/setgid. It is possible there is or will someday be some file in /proc that is world-readable, but if read by a privileged user causes some side effect.
* fileno is a macro on OpenBSDJack Lloyd2018-09-271-3/+4
|
* Merge GH #1692 Fix test failure when http_util disabledJack Lloyd2018-09-261-1/+1
|\
| * Fix x509_path_x509test failing when http_util module was not enabledJose Pereira2018-09-251-1/+1
| |
* | No need for an RNG object here [ci skip]Jack Lloyd2018-09-251-2/+1
| |
* | Change Clang fuzzing flags to avoid deprecated options. [ci skip]Jack Lloyd2018-09-241-1/+1
| |
* | Avoid some gcc warnings in mode padding fuzzer [ci skip]Jack Lloyd2018-09-231-1/+5
| |
* | Fix a crash in the mode padding fuzzerJack Lloyd2018-09-232-0/+5
| | | | | | | | | | | | The reference version of 1and0 padding would crash on an all-zero input. OSS-Fuzz 10628
* | Add a fuzzer for OAEP unpaddingJack Lloyd2018-09-223-10/+135
| | | | | | | | This tests the delim scanning section which must be const time.
* | Add fuzzer for mode unpadding, and fix bugs found therebyJack Lloyd2018-09-225-59/+312
| | | | | | | | | | | | | | Both PKCS7 and X9.23 padding modes did not examine the first byte of the purported padding if the padding took an entire block. So for example for a 64-bit cipher, PKCS7 would accept XX08080808080808 as a valid padding for any byte value.
* | Optimization for Poly1305Jack Lloyd2018-09-201-17/+24
| | | | | | | | | | Rearranging this code seems to let both GCC and Clang do a little better on the core loop, 4-7% depending on buffer size on my i7-6700k