Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Add support for DTLS handshake timeouts and retransmissions. | lloyd | 2014-10-06 | 8 | -65/+224 |
| | |||||
* | Specify version number in message when we reject due to policy | lloyd | 2014-10-06 | 2 | -2/+4 |
| | |||||
* | Handle new source file | lloyd | 2014-10-06 | 1 | -4/+0 |
| | |||||
* | Fix decoding indefinite length BER constructs that contain a context | lloyd | 2014-09-27 | 1 | -1/+1 |
| | | | | sensitive tag of zero. Github pull 26 from Janusz Chorko. | ||||
* | Don't bother polling std:: clocks if we have clock_gettime | lloyd | 2014-08-09 | 1 | -32/+22 |
| | |||||
* | Asserts here are nice | lloyd | 2014-08-09 | 1 | -2/+7 |
| | |||||
* | Move mul and square operations on a elliptic curve to CurveGFp so we | lloyd | 2014-08-09 | 4 | -213/+279 |
| | | | | | can use different representations/operations depending on the curve (eg, using a specialized version for P-256 reduction) | ||||
* | Have clear_mem just be a plain memset and only call the (slow) | lloyd | 2014-08-09 | 2 | -2/+2 |
| | | | | | zero_mem just before a deallocation where we are actually at risk of the compiler eliding the writes. | ||||
* | Fix header guard for amalgamation | lloyd | 2014-07-03 | 1 | -2/+2 |
| | |||||
* | Erroring on strict-overflow is a little too strict, GCC 4.9 is smart | lloyd | 2014-05-26 | 2 | -29/+25 |
| | |||||
* | Remove unused test. Bugzilla 272 | lloyd | 2014-05-17 | 1 | -65/+0 |
| | |||||
* | Correct CCM for L != 2. Bugzilla 270 | lloyd | 2014-05-16 | 2 | -1/+8 |
| | |||||
* | merge of 'ae7e800adaf5627c6033a09814b7e3644e7d92b7' | lloyd | 2014-05-16 | 1 | -3/+2 |
|\ | | | | | | | and 'b0a68aa4287f0ccf387bb9e9196d4aa1a682fe77' | ||||
| * | Avoid GCC 4.9 strict-overflow warning | lloyd | 2014-05-03 | 1 | -3/+2 |
| | | |||||
* | | VC2013 doesn't support __func__. Github #22 | lloyd | 2014-05-15 | 2 | -4/+10 |
| | | |||||
* | | Visual C++'s iterator debugging gets cranky with &vec[vec.size()]. | lloyd | 2014-05-15 | 2 | -2/+2 |
|/ | | | | Github #21 | ||||
* | Add default constructors to work around VC2013 issue. Github #17 | lloyd | 2014-05-01 | 2 | -0/+4 |
| | |||||
* | Support restricting compiler ISAs to specific architectures. Specifically | lloyd | 2014-05-01 | 1 | -1/+1 |
| | | | | | to work around weird MSVC limitations in 32-bit mode, but maybe useful elsewhere someday. Github #11. | ||||
* | Avoid initializer lists here, VC2013 doesn't like it. Github #18 | lloyd | 2014-05-01 | 2 | -5/+7 |
| | |||||
* | Require one plausible entropy source in auto_rng, prevents the common | lloyd | 2014-04-27 | 1 | -0/+1 |
| | | | | error of generating an amalagamation build with all of them disabled. | ||||
* | Remove stub for testing app | lloyd | 2014-04-27 | 2 | -2/+0 |
| | |||||
* | Any fixed MR iterations is probably wrong for somebody. Allow the user | lloyd | 2014-04-25 | 10 | -26/+69 |
| | | | | | | to specify a probability as well as if n was randomly chosen or not. If the input is random use a better bounds to reduce the number of needed tests. | ||||
* | Avoid std::chrono::steady_clock, missing in some distro gccs | lloyd | 2014-04-25 | 1 | -1/+0 |
| | |||||
* | Avoid crash if read returns an error. Canonical case is on the blocking device | lloyd | 2014-04-24 | 1 | -1/+2 |
| | | | | | with concurrent readers; if someone else got the entropy first we can get -1/errno=EAGAIN | ||||
* | Use MADV_DONTDUMP on Linux, equiv to MAP_NOCORE on BSD | lloyd | 2014-04-14 | 1 | -1/+5 |
| | |||||
* | Use 20 Miller-Rabin iterations regardless of the size of the integer. This | lloyd | 2014-04-13 | 4 | -186/+42 |
| | | | | | provides a much better worst-case error bound. Also take the nonce from anywhere in the usable range rather than limiting the bit size. | ||||
* | Compile fix | lloyd | 2014-04-13 | 1 | -2/+2 |
| | |||||
* | Have TLS_Data_Reader decoding errors include the actual msg type name | lloyd | 2014-04-12 | 12 | -44/+47 |
| | |||||
* | Verify that the server did not send any extension that the client didn't | lloyd | 2014-04-11 | 6 | -12/+41 |
| | | | | offer. Previously the client only checked a couple of special cases. | ||||
* | Fix a bug in Miller-Rabin primality testing introduced in 1.8.3 | lloyd | 2014-04-10 | 1 | -5/+6 |
| | | | | | | | | where we chose a single random nonce and tested it repeatedly, rather than choosing new nonces each time. Reported by Jeff Marrison. Also remove a pointless comparison (also pointed out by Jeff) and add an initial test using a witness of 2. | ||||
* | Better TLS checks | lloyd | 2014-04-10 | 3 | -29/+48 |
| | |||||
* | A std::deque's memory is not guaranteed to be contiguous | lloyd | 2014-04-06 | 1 | -1/+1 |
| | |||||
* | Make X.509 extension decoding failures point back to the problem extension | lloyd | 2014-04-05 | 2 | -10/+17 |
| | |||||
* | Add ECDHE_ECDSA CCM suites | lloyd | 2014-04-05 | 1 | -2/+14 |
| | |||||
* | X.509 path validation now performs all possible tests and returns a | lloyd | 2014-04-05 | 5 | -140/+156 |
| | | | | | | set of error codes, instead of failing immediately on first error. This prevents a 'weak' error like an expired certificate from hiding a major error such as signature validation failure or hard revocation. | ||||
* | Check Content-Length of HTTP responses | lloyd | 2014-04-05 | 1 | -1/+10 |
| | |||||
* | Fix an OCSP response decoding bug, we were not decoding KeyID properly. | lloyd | 2014-04-05 | 1 | -4/+5 |
| | | | | | | | | Also prioritize checking the status code before the dates, as otherwise an attacker could substitue a valid but expired response which marked the cert as revoked and we would still just return OCSP_EXPIRED. Obviously they can still play this game with an old (valid) OCSP response, but no point making it easy. | ||||
* | Remove debug headers | lloyd | 2014-04-05 | 1 | -3/+0 |
| | |||||
* | Darwin features | lloyd | 2014-04-05 | 1 | -0/+2 |
| | |||||
* | NetBSD portability fix and some performance tweaks in locking allocator | lloyd | 2014-04-05 | 2 | -2/+12 |
| | |||||
* | Avoid a ubsan warning on GCC 4.9 due uninitialized sign enum being | lloyd | 2014-03-30 | 2 | -5/+1 |
| | | | | read during swap (in the move constructor) | ||||
* | Support 0 length salts in PSSR. Bugzilla 268 | lloyd | 2014-03-27 | 2 | -3/+12 |
| | |||||
* | Add rng command which can dump RNG outputs or raw entropy samples | lloyd | 2014-03-22 | 4 | -2/+55 |
| | |||||
* | Simpify HMAC_RNG reseeding process. Actually update HMAC_DRBG reseed counter. | lloyd | 2014-03-22 | 6 | -63/+33 |
| | |||||
* | Add RFC 6979 nonce generator. Also some HMAC_DRBG cleanups. | lloyd | 2014-03-22 | 8 | -11/+172 |
| | |||||
* | Add --program-suffix option to configure | lloyd | 2014-03-22 | 3 | -11/+8 |
| | |||||
* | Add HMAC_DRBG | lloyd | 2014-03-21 | 8 | -22/+2646 |
| | |||||
* | Let Clang choose whichever C++ library it prefers | lloyd | 2014-03-13 | 1 | -4/+3 |
| | |||||
* | Fix release script | lloyd | 2014-02-22 | 1 | -0/+1 |
| | |||||
* | Use stdint.h instead of cstdint for Clang. Bugzilla 266 | lloyd | 2014-02-21 | 1 | -7/+9 |
| |