aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Modify X509_CA::make_cert and X509_CA::sign_request to take a RNG referencelloyd2008-06-112-4/+6
| | | | argument in favor of referencing the global PRNG argument
* Move the declaration of the RandomNumberGenerator base class from base.hlloyd2008-06-101-0/+1
| | | | to rng.h (eventually base.h will be split up entirely and go away)
* Change PK_Signer::signature to take a RandomNumberGenerator referencelloyd2008-06-106-16/+25
| | | | instead of always using the global PRNG.
* PK_Encryptor::encrypt now takes a RandomNumberGenerator reference, insteadlloyd2008-06-104-11/+16
| | | | of using the global RNG object.
* Pass a RNG reference to the EMSA encoder functionslloyd2008-06-107-34/+60
|
* Pass RandomNumberGenerator references to public key operations that needlloyd2008-06-106-17/+22
| | | | | | | them (encrypt and sign), with the intent of slowly bubbling up the access points to the API level, at which point the application handles managing the RNG. This will allow removing the compiled-in global PRNG, and make testing much simpler.
* Add braces to avoid confusion (and a GCC 4.3 warning) in nested if/elselloyd2008-06-101-0/+2
|
* Remove Randpool header from X9.31 PRNG code: the RNGs are now decoupledlloyd2008-06-101-1/+0
|
* Check in the first import from InSiTo, SHA1PRNG, which implements thelloyd2008-06-071-0/+167
| | | | | Java SecureRandom PRNG algorithm. (I accidentally checked in the header in the previous revision).
* We must have ANSI_X931_RNG::clear() call destroy() on V, which sets thelloyd2008-06-071-1/+1
| | | | | | length to zero. That is because we encoded our seededness state as being if (and only if) V has non-zero length. After clearing, we have reset all state.
* Change how the ANSI X9.31 generator tells that it is seeded. Previously,lloyd2008-06-071-15/+11
| | | | | | | | | | | | | it was seeded if and only if the underlying PRNG was seeded. However if the PRNG always returned as being seeded, we would never generate a V value, etc (leaving them at the default zero). This would not occur with any of Botan's built in PRNGs since their implementations require that add_randomness be called at least once before is_seeded will return true. However this is not an invariant of the general RandomNumberGenerator interface. Now, the X9.31 PRNG is only seeded after it has a) detected that the PRNG is seeded, and b) generated a new random key and V vector.
* Wrap at 80 columnslloyd2008-05-251-1/+2
|
* Update EME_PKCS1v15::pad to use next_byte APIlloyd2008-05-251-1/+1
|
* Add RandomNumberGenerator::next_byte, which just returns a single bytelloyd2008-05-251-0/+10
| | | | value from the RNG. (Would an adapter class be more appropriate?)
* Make the two parameters of Randpool (which underlying block cipher and MAClloyd2008-05-252-8/+8
| | | | to use) explicit arguments to the constructor instead of being hardcoded.
* Use RNG argument in EME_PKCS1v15::pad instead of global objectlloyd2008-05-251-3/+2
|
* Pass an RNG reference to EME::padlloyd2008-05-244-11/+18
| | | | PK_Encryptor_MR_with_EME::enc references the global PRNG currently
* Don't use the global PRNG in implementations of PBE::new_paramslloyd2008-05-243-8/+9
|
* Remove random_integer() and replace it with a BigInt constructor taking alloyd2008-05-249-28/+27
| | | | RandomNumberGenerator reference. Update all callers.
* Pass an RNG reference to IF_Corelloyd2008-05-242-5/+6
|
* Keypair::check_key no longer references global PRNGlloyd2008-05-246-16/+28
|
* Remove version of OctetString::change that used global PRNGlloyd2008-05-241-1/+1
|
* Avoid global RNG in S2K::new_random_salt (RNG reference passed as argument ↵lloyd2008-05-241-3/+3
| | | | instead)
* Pass a RNG reference to load_check and gen_check functionslloyd2008-05-246-25/+23
|
* Avoid using the global RNG in check_key, instead pass a reference.lloyd2008-05-2411-26/+27
| | | | Update the examples
* Avoid using global rng in DL_Group::generate_dsa_primeslloyd2008-05-242-8/+8
|
* Previously random_integer and friends used the global PRNG object to getlloyd2008-05-2415-68/+101
| | | | | | | | | | | | | random bits. Now they take a reference to a RandomNumberGenerator object. This was applied several times out, so now the constructors to private key objects also take a RandomNumberGenerator& argument. This is also true for a number of randomized algorithms (Miller-Rabin, for instance). You can get a reference to the global PRNG with global_state().prng_reference() This is a provisional thing: and warning: it is not thread safe! If this is a problem instead keep per-thread PRNGs and pass them were needed.
* Policy change: No RSA key generation smaller than 1024 bits. Had been 128lloyd2008-05-241-1/+1
|
* Remove both default arguments to the constructor of ANSI_X931_RNG.lloyd2008-05-242-7/+7
| | | | | | | | | | | | | | | | | | If the second argument was NULL, it would default to a new Randpool. But this introduces an annoying dependency: really it is the caller who is relying on Randpool. Make this explicit by passing a new Randpool pointer to the constructor in Library_State. This will break all callers using ANSI_X931_RNG's constructors with default arguments. To regain the previous behavior, change: ANSI_X931_RNG rng; ANSI_X931_RNG rng("/*cipher name*/"); to ANSI_X931_RNG rng(/*cipher name, default was AES-256 */, new Randpool); You are free to pass another PRNG object if you like. This make require inclusion of <botan/randpool.h>
* The BER decoder assumed that all constructed types would be tagged aslloyd2008-05-081-3/+5
| | | | | | | | | | | | universal: this prevented it from decoding application, context-specific, or private-class constructions. Add a new parameter to BER_Decoder::start_cons which specifies the expected class type (default universal). The decoder still verifies that the constructed bit is set in the class tag. This provides parity with the interface to the DER encoder. Problem was found and reported by Falko Strenzke
* Remove Config::option_as_time, instead call timespec_to_u32bit inlloyd2008-05-023-24/+19
| | | | each caller.
* Add a new function timespec_to_u32bit that handles a very simplisticlloyd2008-05-012-27/+32
| | | | | | time format and converts it to a duration in seconds represented as a u32bit. This is from Config::option_as_time, which is now implemented simply as: return timespec_to_u32bit(option(key))
* Instead of reading from the Config object every time to get the slack welloyd2008-04-291-15/+19
| | | | | | should allow when checking timestamps, just call it once and store the value in the X509_Store object, passing it to validity_check with a new argument for the allowed time slack.
* Move validity_check() into an anonymous namespace inside x509stor.cpp,lloyd2008-04-292-30/+29
| | | | as that was the only place it was called from.
* Move Signature_Format enum to pubkey.hlloyd2008-04-292-32/+26
| | | | | | | | Including enums.h in needed places since asn1_int.h doesn't pull it in anymore. Remove Config::choose_sig_format, and move its logic into its only caller, the (global!) choose_sig_format in x509_ca.cpp
* propagate from branch 'net.randombit.botan.remove-libstate' (head ↵lloyd2008-04-2923-454/+185
|\ | | | | | | | | | | d4d75cf4f682ec63e316b853617e7cf9ba093272) to branch 'net.randombit.botan' (head 2fac918f1a1cb77d155cf434177e443d41e9e517)
| * propagate from branch 'net.randombit.botan' (head ↵lloyd2008-04-2123-454/+185
| |\ | | | | | | | | | | | | | | | 51f9ee5180a5cacdfff31504266e883b7bb0eb00) to branch 'net.randombit.botan.remove-libstate' (head 636b767b9686261418b1cb45a6271edeef87501b)
| | * propagate from branch 'net.randombit.botan' (head ↵lloyd2008-04-1723-454/+185
| | |\ | | | | | | | | | | | | | | | | | | | | 85596a0b1fbee6696261d36def7dad742375f7d9) to branch 'net.randombit.botan.remove-libstate' (head faf75eec422a3eb6108748315724fb6ac217dede)
| | | * propagate from branch 'net.randombit.botan' (head ↵lloyd2008-04-1223-454/+185
| | | |\ | | | | | | | | | | | | | | | | | | | | | | | | | bcae6a19d8d96ebde33c832c76a130ea02bc923a) to branch 'net.randombit.botan.remove-libstate' (head f640991b6e433a264f5d22a08338cfc9c24c82da)
| | | | * propagate from branch 'net.randombit.botan' (head ↵lloyd2008-04-1023-454/+185
| | | | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 6afe2db1f710f75bc27e189bb8bdb23613ce1ca3) to branch 'net.randombit.botan.remove-libstate' (head e40f0dbdfd847024c30fa0092c2acefc19a550b8)
| | | | | * Remove the Global_RNG namespace, along with rng.h and rng.cpp. This waslloyd2008-04-0712-88/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | essentially a facade for the RNG object living in the global library state. Rewrite all callers to directly invoke the global state object: this makes it more clear what functions are actually accessing mutable state outside of the normal reference graph (and thus, which functions will have to be altered in order to remove this dependency). Other facades remain in place for the configuration object and the memory allocator factory.
| | | | | * Remove X509_GlobalState in favor of static function Extensions::get_extensionlloyd2008-04-073-104/+23
| | | | | |
| | | | | * propagate from branch 'net.randombit.botan' (head ↵lloyd2008-04-071-15/+23
| | | | | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | db3791f6bba4b57dd8aed17893565dc5bcd68f02) to branch 'net.randombit.botan.remove-libstate' (head 627d12447b2bb32aa08ff5daa499ac9580a77a05)
| | | | | * | Remove Charset_Transcoder; hardwire UTF-8/Latin-1 conversions into charset.cpplloyd2008-04-074-159/+101
| | | | | | |
| | | | | * | In Botan, the Timer base class provides access to a high-resolutionlloyd2008-04-075-47/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | timer with an unspecified update rate and epoch. It is only used inside the entropy sources to provide some timing-dependent randomness. However, it is easier and basically 'as good' to treat the timers as entropy sources in their own right and feed their output directly into an entropy pool. This commit removes Library_State::system_clock and all calls to that function.
| | | | | * | Library_State::set_timer is never called from within Botan, low hanginglloyd2008-04-071-9/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | fruit for removal.
| | | | | * | The intent of this branch is to remove the global library state objectlloyd2008-04-075-47/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (Library_State, in libstate.{h,cpp}). It causes numerous 'interesting' problems with threads, etc, and the best solution here is to move to more or less an object-capability model, where the only objects that a piece of code can access are those which can be referenced through its arguments. First things first, remove the UI 'pulse' code. It is neither necessary nor sufficient for writing proper GUI/event driven code using Botan, has likely never been used in real code, and, given that, causes a distressing amount of overhead in terms of function calls made.
* | | | | | | The add_algorithm functions also need to be tagged with BOTAN_DLL inlloyd2008-04-251-5/+5
|/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | the source file (this seems to be the case for all global functions that we want to export from the library...)
* / / / / / Add BOTAN_DLL macro in all needed spots for working DLL export. Basedlloyd2008-04-211-5/+9
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | on a patch from Joel Low for MSVC, modified and tested with GCC using -fvisibility=hidden and the visibility attribute. Getting this working completely requires making the shared object and static lib builds completely distinct (which is also a win since it allows avoiding -fPIC usage, etc in the static lib). Currently too many things are being exported, though it is an improvement as internal-only code like the bigint_* functions are hidden.
* / / / / Always set the position to the start of the block when generating a newlloyd2008-04-151-3/+2
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | block of data in the X9.31 PRNG (previously, adding entropy would cause a new block to be computed but the read pointer would be the same as it had been in the old block). Nominally this is very slightly faster (we don't throw away bytes we just computed) but the change is more to make the code more obvious/explicit; I was surprised by its old behavior, which seems bad. In theory it could introduce additional weaknesses, if gaining advantage to this partial block that was being thrown away assisted in an attack (I do not know of any attacks against the X9.31 PRNG that work that way, however).
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-26 20:44:55 +0000