aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Remove Spec typedef from pk_opsJack Lloyd2016-11-081-35/+0
| | | | Was used by Algo_Registry lookups, no longer needed after #668
* Add CPUID::is_little_endianJack Lloyd2016-11-072-0/+35
| | | | | Having a runtime endian test to verify against the build setting is useful.
* If peek fails, force EOF with a readJack Lloyd2016-11-071-0/+3
| | | | | | DataSource_Stream::peek resets EOF bit after a failed peek Fixes #657 cert_info infinite loop
* Add OID for XMSSJack Lloyd2016-11-061-0/+3
| | | | [ci skip]
* Update Doxygen comment [ci skip]Jack Lloyd2016-11-061-1/+0
|
* Add ec_group_info cmdletJack Lloyd2016-11-061-0/+35
|
* Add signature KAT test for GOST 34.10-2001Jack Lloyd2016-11-063-1/+49
| | | | | | Vectors here just whatever we spit out, but I can't find any GOST vectors using the 'A' param set. Anyway at least with this, we are testing to have consistent behavior across platforms.
* Keep track of the number of synchronisations achievedJoel Low2016-11-062-3/+11
| | | | | This allows wait() to be called immediately after sync() returns, even if not all of the waiting threads have awoken.
* Re-enable the Threaded Fork testJoel Low2016-11-061-1/+1
|
* Implement barriers for Threaded ForkJoel Low2016-11-064-11/+84
| | | | | | | | This commit introduces a concept of a barrier, where all threads must synchronise before continuing. Threaded Fork uses this to ensure that all input is consumed by each sink exactly once. Fixes #695.
* Tweak readme textsJack Lloyd2016-11-051-0/+8
| | | | [ci skip]
* Revert "Move contrib/sqlite to github.com/randombit/botan-sqlite"Jack Lloyd2016-11-057-0/+792
| | | | | | This reverts commit cfb12bf77940c566de1e6de4a79db6fe0d02ef1e. tl;dr monorepo is better, especially for a project this small.
* Fixes for PerlJack Lloyd2016-11-052-2/+3
|
* Revert "Remove the Perl XS module"Jack Lloyd2016-11-0515-0/+1861
| | | | | | | This reverts commit 2ec08fa6b5fd270e50f8526c1c6dfaabfda66e02. The Perl wrapper was removed as unmaintained, but nobody is likely to maintain it if they don't know it exists.
* Add an additional test for Threaded_ForkJack Lloyd2016-11-051-0/+25
|
* Fix test, catching wrong exception typeJack Lloyd2016-11-051-1/+1
|
* Merge GH #709 Fix DSA param gen for FIPS 186-3Jack Lloyd2016-11-051-5/+3
|\
| * Fix DSA parameter generation to use the correct loop bound.Jack Lloyd2016-11-031-5/+3
| | | | | | | | | | | | | | | | 4096 is the value from FIPS 186-2, FIPS 186-3 uses 4*pbits which is the obvious extension of the FIPS 186-2 scheme to larger parameter sizes. Pointed out by @neverhub Removes support for 512 and 768 bit DSA groups because WTF no.
* | Avoid bogus include with compression disabledJack Lloyd2016-11-041-1/+4
| |
* | Merge GH #710 Allow custom EC curve to be specified at build timeJack Lloyd2016-11-046-1/+45
|\ \
| * | Change oids.py and regenerate oids.cppRené Korthaus2016-11-032-1/+11
| | |
| * | Add an in-house EC curve for TLS at compile-timeRené Korthaus2016-11-035-0/+34
| | | | | | | | | | | | | | | | | | One additional, application-specific curve can be added at compile time, using the new configure.py --house-curve=curve.pem,funky311,1.2.3.4,FEFF.
* | | Merge GH #714 Use pk_ops_fwd headerJack Lloyd2016-11-041-12/+1
|\ \ \
| * | | use "forward declare header" pk_ops_fwd.h instead of self forward declaring themDaniel Neus2016-11-041-12/+1
| | | |
* | | | Skip bzip2 compression entropy testsJack Lloyd2016-11-041-8/+5
| | | | | | | | | | | | | | | | Large block size makes the differential test fragile.
* | | | Fix entropy testsJack Lloyd2016-11-041-6/+3
| | | | | | | | | | | | | | | | This interface changed, and it seems the test was only partially updated.
* | | | Handle missing SHA-x in DSA param gen testJack Lloyd2016-11-041-8/+13
| | | |
* | | | Don't require compression in filter codeJack Lloyd2016-11-043-1/+8
| | | |
* | | | Fix PKCS11 test errorJack Lloyd2016-11-045-22/+66
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously PKCS11_ECDSA_PrivateKey::check_key failed because no verification is possible using this key type (does not derive from public key). Split keypair consistency to allow two key arguments. ECDSA keypair consistency disabled in the tests still, because SoftHSMv2 gives mechanism invalid errors. I think this is a SoftHSMv2 issue with the signature mechanism. Remove no longer used Key_Type typedefs (need to be removed everywhere). GH #712
* | | Add test for DSA parameter generationJack Lloyd2016-11-032-2/+130
| | | | | | | | | | | | | | | Limited to 1024 bit params by default to keep runtimes reasonable, but test vectors for all sizes from FIPS 186-3 do pass.
* | | Add short output KDF1 testJack Lloyd2016-11-031-0/+5
| |/ |/|
* | Fix bogus codeJack Lloyd2016-11-031-2/+2
| | | | | | | | | | Not caught by anything because nothing includes lookup.h except for the amalgamation build which sucks up everything.
* | Run PKCS11 key self testsJack Lloyd2016-11-031-0/+3
|/
* Compile fixJack Lloyd2016-11-031-1/+1
|
* Simplify some code by using T::create_or_throwJack Lloyd2016-11-0310-75/+26
|
* Remove unused values from build.hJack Lloyd2016-11-032-4/+11
| | | | | | | Have the /proc setting in build.h actually control the entropy source configuration (!) GH #708
* Merge GH #706 Remove ability to add OIDs at runtime. Remove OID lockJack Lloyd2016-11-0315-567/+722
|\
| * Remove ability to add OIDS at runtime. Remove global OID lock.Jack Lloyd2016-11-0315-567/+722
| | | | | | | | | | | | | | | | | | | | | | OID map is now generated from an input file on an as needed basis. Just uses a sequence of ifs - simple, fast, and small code size. Merges oid_lookup sub-module which was already required by asn1 anyway, so completely non-optional. Removes @neusdan's nice OID tests since without any runtime adds the tests are moot.
* | Merge GH #705 Simplify EMSA1 validation with message recoveryJack Lloyd2016-11-031-14/+12
|\ \
| * | Simplify EMSA1 message recovery codeJack Lloyd2016-11-021-14/+12
| | |
* | | Update PKCS11 code, no RNG requiredJack Lloyd2016-11-031-14/+1
| | |
* | | Add create_key self testJack Lloyd2016-11-031-0/+2
| | |
* | | Remove automatic self-testing of public and private keysJack Lloyd2016-11-0318-139/+39
| |/ |/| | | | | | | | | | | | | | | | | | | | | | | Rarely expected and often causes performance problems, especially for private keys. Instead applications should call check_key explicitly to validate keys when necessary. Note this removal doesn't apply to tests like ECDH on-the-curve tests, where a check on the public key is required for security of our own key. Updates most APIs to remove RNG calls, where they are no longer required. Exception is PKCS8 interface, pending further work there (see GH #685) it just ignores the RNG argument now.
* | Add new configure argument --optimize-for-sizeJack Lloyd2016-11-034-0/+4
| | | | | | | | | | | | | | | | | | | | | | Uses -Os for GCC/Clang/ICC, /O1 for MSVC. Might be used in the future to control compile time features also (eg using a large precomputed table, vs not). Does not have any influence on module selection, just informs the build that a smaller binary is preferable. [ci skip]
* | Compile fixJack Lloyd2016-11-031-1/+1
| |
* | Remove blowfish table source file.Jack Lloyd2016-11-031-190/+0
| | | | | | | | | | Split commit with 4c777878 because, no git, I did not rename blfs_tab.cpp -> blowfish.cpp
* | Inline Blowfish tables to blowfish.cppJack Lloyd2016-11-032-3/+182
| | | | | | | | Only needed there.
* | Rename zero_mem to secure_scrub_memoryJack Lloyd2016-11-036-24/+45
| |
* | Move cert/x509 to top level and pem and pbes2 to pubkey.Jack Lloyd2016-11-0343-0/+0
| | | | | | | | | | | | | | | | | | The `cert` dir was just an artifact of having previously supported CVC (smartcard cert format), removed a long time ago. The pem and pbes2 code is directly related to the pubkey code, in fact the only caller of pbes2 (likely anywhere, not just in the library) is in pkcs8.cpp
* | Move ISA optimized versions under the main algo dirJack Lloyd2016-11-0314-12/+0
| | | | | | | | | | | | | | | | Previously it made sense for them to be in distinct dirs because they were standalone. However with #580 that is no longer the case, so move them to subdirs. Configure knows that anything underneath a directory has a dependency on the parent dir, so update info.txt files accordingly to remove explicit dependencies where set.