aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Ensure this works even if par mult param is set to 1Jack Lloyd2018-11-021-1/+1
| | | | As this paramater is technically a user configurable toggle.
* Correct testJack Lloyd2018-11-024-3/+18
| | | | This was trying to test for issue in #1723 but was incorrect.
* Merge GH #1724 Increase update granularity of GCM to work around FFI problemJack Lloyd2018-11-021-1/+1
|\
| * Fixed an issue where update_granularity is equal to tag_size in GCM mode, ↵chux05192018-11-011-1/+1
| | | | | | | | | | | | | | | | | | | | which will cause incremental decoding to fail in ffi. related code(ffi_cipher.cpp): ```cpp BOTAN_ASSERT(cipher.update_granularity() > cipher.minimum_final_size(), "logic error"); ```
* | Add missing <stdexcept> <string> necessaryCheney-Wang2018-11-021-0/+2
|/
* Minor optimization when primality checkingJack Lloyd2018-10-311-2/+4
| | | | | | | Avoid doing the comparison against the largest hard coded prime, when we know the prime table is 16 bits and we already have to compute the bitsize of n in order to calculate the required number of Miller-Rabin iterations.
* Handle setting AD after a nonce correctly in AEADsJack Lloyd2018-10-314-7/+40
| | | | | | | | | | | In some cases (EAX, GCM, ChaCha20Poly1305) the mode does not handle this. However previously it handled it incorrectly by producing incorrect output. Instead reject it with an exception. Add a test that, if the mode accepts an AD before the nonce, then it must process the message correctly. This is similar to the existing test that if the mode accepts an AD before the key is set it must do the right thing with it.
* Lint fix [ci skip]Jack Lloyd2018-10-301-4/+4
|
* Document TSSJack Lloyd2018-10-301-1/+8
|
* Add test for TSS cli utilJack Lloyd2018-10-302-2/+56
|
* Add CLI util for threshold secret sharingJack Lloyd2018-10-292-0/+115
|
* Fixes and improvments for TSS codeJack Lloyd2018-10-295-62/+341
| | | | Fix a bug (bad length field), new APIs, etc
* Add VarMap::get_req_bin_listJack Lloyd2018-10-292-2/+30
|
* Fix compilation problem when scrypt is disabledJack Lloyd2018-10-291-0/+1
| | | | Fixes GH #1720
* Add ChaCha in NEONJack Lloyd2018-10-264-0/+324
| | | | | Originally written by Jeffrey Walton for Crypto++, which was in turn based on my SSE2 ChaCha.
* In ChaCha AVX2/SSE2 code s/input/state/Jack Lloyd2018-10-262-80/+79
| | | | | It is confusing as while the stream cipher state is the input to the permutation, the stream cipher has an unrelated input (the text).
* Fix FFI compilation without hotp moduleTobias Brunner2018-10-251-2/+2
|
* Add missing <string> necessary to use std::string in tss.hBilly Robert O'Neal III2018-10-231-0/+1
|
* Use more informative error message for invalid CBC paddingJack Lloyd2018-10-231-1/+1
| | | | GH #1714
* Add some long Blowfish testsJack Lloyd2018-10-182-0/+14
| | | | | The test suite was not hitting the 4x unrolled Blowfish added in f7a8bd2780c
* Handle different library naming on Windows in pkg-config fileJack Lloyd2018-10-181-1/+1
|
* Add option to enable/disable generation of pkg-config fileJack Lloyd2018-10-182-0/+4
| | | | | | | Plus adds os info field to disable by default for systems where pkg-config is not commonly used. Closes #1268
* Set default compiler in the info files instead of in configure sourceJack Lloyd2018-10-185-0/+10
|
* Add an OS flag for if the shared lib should be symlinked or notJack Lloyd2018-10-182-0/+4
|
* Fix TLS version intolerance bugJack Lloyd2018-10-171-10/+10
| | | | Fixes #1710
* Merge GH #1709 Fix TLS intolerance of unknown signature algorithmsJack Lloyd2018-10-164-17/+33
|\
| * Fix TLS signature algorithm intoleranceJack Lloyd2018-10-164-17/+33
| | | | | | | | GH #1708
* | Fix CLI testsJack Lloyd2018-10-161-9/+13
|/ | | | Changing the sieve in 0536fe92 changed which primes we generate
* Merge GH #1707 Refactor base32/base64Jack Lloyd2018-10-153-72/+73
|\
| * Simplify base32/base64 by moving common logic to code_base.hJack Lloyd2018-10-153-72/+73
| |
* | Use a smaller sieve when generating primesJack Lloyd2018-10-151-3/+7
|/ | | | | | | | | | This was the original behavior but 5af44a91ad switched the sieve to always be the size of the hardcoded prime table. But this ends up being quite a bit slower than necessary. Instead use as many sieve elements as bits in the desired prime which is probably not precisely optimal but seems to provide good speedups for both 1024 and 2048 bit prime generation. This is especially notable when generating strong primes.
* Correct error with XTS minimum block sizeJack Lloyd2018-10-152-1/+580
| | | | | | | Add tests from NIST that demonstrate the problem, as well as OpenSSL generated tests for all input sizes 16...128 bytes. Fixes GH #1706
* Remove duplicated XTS test vectorsJack Lloyd2018-10-151-25/+2
|
* Merge GH #1704 Use emplace_back where appropriateJack Lloyd2018-10-156-15/+15
|\
| * move instead of copyrumcajs2018-10-146-15/+15
| |
* | Unroll Blowfish loop by 4 instead of 2Jack Lloyd2018-10-141-16/+45
|/ | | | Roughly 50% faster for parallel modes like CTR or CBC decrypt.
* Only use Python3 in CI builds if requested explicitlyJack Lloyd2018-10-121-2/+4
| | | | | | It looks like Travis has some old version of Python 3 which can't handle interpolating an integer into a byte string -- expr b"wtf %d" % (5) fails with whatever is on Travis, but works fine in Python 3.7
* Disable use of pylint3 in TravisJack Lloyd2018-10-123-9/+9
| | | | | Suddenly installing python3-pip is broken, and I don't care enough to dig deeper. Can probably come back when we switch to Xenial.
* Add an explicit OS target for EmscriptenJack Lloyd2018-10-126-8/+42
| | | | | This allows things to mostly work out of the box (#1702), and allows us to write Emscripten specific code where required.
* Small fixes for QNX [ci skip]Jack Lloyd2018-10-122-1/+2
| | | | Private report of a successful build on QNX 7 with these fixes.
* Make it possible to overwrite options to ar using AR_OPTIONSJack Lloyd2018-10-081-1/+2
| | | | | | | No convention for naming of this variable afaict Mostly useful as an escape hatch when we for whatever reason do the wrong thing, as in #1702 when used with emconfigure
* Fixes for building for LLVM bitcode/EmscriptenJack Lloyd2018-10-073-2/+7
| | | | GH #1702
* Alas, Clang in Travis is also too old for this to workJack Lloyd2018-10-061-1/+1
|
* GCC in Travis is too old (doesn't have ISA attribute)Jack Lloyd2018-10-061-1/+1
|
* Test single amalgamation fileJack Lloyd2018-10-051-0/+3
| | | | Would have detected #1700 before release.
* Add explicit AVX2 function annotationsJack Lloyd2018-10-053-2/+30
| | | | Needed for single amalagamation file with AVX2 enabled.
* Add more SM2 signature testsJack Lloyd2018-10-051-0/+56
| | | | | Using the standard SM2 and P-256 curves, instead of the SM2 test curve, for both SM3 and SHA-256 hashes. All values generated with GmSSL
* Merge GH #1698 Resolve leak during ECDSA verify with old OpenSSLJack Lloyd2018-10-042-6/+24
|\
| * Resolve a leak in OpenSSL ECDSA verification for old OpenSSLJack Lloyd2018-10-032-6/+24
| | | | | | | | | | | | The code was using the 1.0 API incorrectly and causing a leak. https://github.com/riboseinc/rnp/issues/757
* | Remove Travis notification emails [ci skip]Jack Lloyd2018-10-031-3/+0
|/