aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Throw a Decoding_Error if TLS AEAD packet is shorter than the tag.Jack Lloyd2017-11-261-0/+3
| | | | | Otherwise this ended up as an assertion failure which translated to internal_error alert.
* Fix errors caught with tlsfuzzerJack Lloyd2017-11-264-10/+6
| | | | | | | | | | | Don't send EC point format extension in server hello unless an EC suite was negotiated *and* the client sent the extension. Fix server FFDHE logic, this effectively disabled DHE ciphersuites for clients without FFDHE extension. Use unexpected_message alert in case of an unexpected message. (Previously an internal_error alert was sent.)
* Merge #1313 Fix Doxygen comment on HashFunction::create_or_throwJack Lloyd2017-11-251-1/+1
|\
| * Minor documentation fix in HashFunction::create_or_throw.Marcus Brinkmann2017-11-261-1/+1
| |
* | Merge #1312 Fix documentation of compression/decompression update function.Jack Lloyd2017-11-251-2/+2
|\ \
| * | Fix documentation of compression/decompression update function.Marcus Brinkmann2017-11-261-2/+2
| |/
* | Merge #1311 Add create and create_or_throw factories for ↵Jack Lloyd2017-11-253-0/+127
|\ \ | | | | | | | | | Compression_Algorithm and Decompression_Algorithm.
| * | Documentation fix in compression create/create_or_throw functions.Marcus Brinkmann2017-11-261-6/+4
| | |
| * | Add create and create_or_throw factories for Compression_Algorithm and ↵Marcus Brinkmann2017-11-253-0/+129
| |/ | | | | | | Decompression_Algorithm.
* | Fix bzip2 compression issue.Jack Lloyd2017-11-253-24/+48
| | | | | | | | | | | | When finishing, bzip2 returns BZ_STREAM_END when it has produced all output. If we end up calling the compression routine again (even with avail_in == 0), bzip2 returns an error.
* | Add test case for bzip2 compression filter.Marcus Brinkmann2017-11-251-0/+36
|/
* Add Pipe::append_filterJack Lloyd2017-11-243-13/+36
| | | | | Similar to append but it only allows modfication before start_msg. See GH #1306
* Merge GH #1304 Avoid infinite recursion on nested indefinite length constructsJack Lloyd2017-11-212-17/+69
|\
| * Avoid uncontrolled recusion on indefinite length encodingsJack Lloyd2017-11-202-17/+69
| | | | | | | | | | A sufficiently nested indefinite length construction would cause stack exhaustion and a crash. Found by OSS-Fuzz - issue 4353
* | Allow building asn1print even if PEM is disabledJack Lloyd2017-11-212-2/+12
|/ | | | Just throws if --pem arg is used.
* Add AES key wrap with paddingJack Lloyd2017-11-1910-75/+1005
|
* Avoid OCSPing on the Let's Encrypt CA certJack Lloyd2017-11-191-6/+2
| | | | | | Their issuing CA seems to have some performance problems with OCSP (https://github.com/letsencrypt/boulder/issues/1929) and it's currently causing timeouts in the tests.
* Constify variables in AES-NI codeJack Lloyd2017-11-181-104/+104
|
* Add a function for checking if poly_double_n supports a particular sizeJack Lloyd2017-11-183-6/+10
|
* Allow parsing and printing certificates with unknown public key algosJack Lloyd2017-11-182-6/+31
|
* Add timings for RFC 3394 keywrapJack Lloyd2017-11-181-0/+40
|
* Add feature macro for Sqlite3 being enabled in buildJack Lloyd2017-11-181-0/+3
|
* Prefix execution of install.py with Python binaryJack Lloyd2017-11-163-2/+4
| | | | | | | Fixes GH #1297 This is done even on GNU make builds, since the same issue affects MinGW
* Fix encoding of subject key identifierJack Lloyd2017-11-165-23/+27
| | | | | | Changed in #884 - we were copying the entire public key as the public key id. Instead hash it with whatever hash we are using to sign the certificate.
* Optimize TwofishJack Lloyd2017-11-162-94/+158
| | | | | Interleaving two blocks is 40-50% faster for any mode that supports parallel operation.
* Fix path to cert test dataJack Lloyd2017-11-161-1/+1
|
* Merge GH #1296 Allow using secure_allocator with std::string under VC2013Jack Lloyd2017-11-161-5/+21
|\
| * Fix secure_allocator with std::string on VS2013Daniel Neus2017-11-161-5/+21
| | | | | | | | Closes #1295
* | Fix Python testsJack Lloyd2017-11-161-1/+1
| |
* | Move all the various X509 test data files under src/tests/data/x509Jack Lloyd2017-11-16659-41/+41
|/
* Fix a memory leak in the case where certificate extension decoding fails.Jack Lloyd2017-11-162-30/+33
| | | | | | Introduced in #884 Found by OSS-Fuzz (bug 4249)
* Correct CAST-128 decryption with more than 1 blockJack Lloyd2017-11-162-32/+36
|
* Optimizations for CAST-128Jack Lloyd2017-11-161-45/+135
| | | | | Similarly to Blowfish, 2x unrolling produces a 50-60% perf boost due to increased ILP.
* Optimize BlowfishJack Lloyd2017-11-161-41/+82
| | | | | | | Doing two blocks at a time exposes more ILP and substantially improves performance. Idea from http://jultika.oulu.fi/files/nbnfioulu-201305311409.pdf
* Update ASN.1 fuzzerJack Lloyd2017-11-152-12/+12
|
* Correct handling of nested context specificJack Lloyd2017-11-151-4/+3
|
* Move ASN1 printer to the libraryJack Lloyd2017-11-155-382/+418
|
* Encapsulate ASN1 printer logic in a classJack Lloyd2017-11-151-133/+163
|
* Increase the size of an ASN.1 tag enum to 32-bitsJack Lloyd2017-11-151-1/+1
| | | | Fixes GH #751
* Merge GH #884 Refactor X.509 cert/CRL internalsJack Lloyd2017-11-1534-999/+1630
|\
| * Remove debug abort [ci skip]Jack Lloyd2017-11-141-1/+0
| |
| * Consolidate function for testing for ASN.1 string typesJack Lloyd2017-11-144-34/+25
| |
| * Check for keyCertSign on non-CA certificates during validationJack Lloyd2017-11-141-0/+14
| | | | | | | | GH #1089
| * Catch exceptions in NIST validation testsJack Lloyd2017-11-141-33/+41
| |
| * Fix PKCS10 subject alt name usageJack Lloyd2017-11-145-7/+31
| | | | | | | | GH #1010
| * Add a test for GH #1252Jack Lloyd2017-11-144-1/+61
| |
| * Small cleanups in X509 testsJack Lloyd2017-11-141-22/+41
| |
| * Avoid deprecated functions in FFIJack Lloyd2017-11-141-3/+3
| |
| * Use new APIs in path validation and name constraint handlingJack Lloyd2017-11-142-6/+14
| |
| * Store CRL_Entry data in shared_ptrJack Lloyd2017-11-142-41/+81
| |
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-27 06:41:23 +0000