Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Add T::provider() to allow user to inquire about implementation used | Jack Lloyd | 2016-09-15 | 29 | -20/+178 |
| | | | | | For block ciphers, stream ciphers, hashes, MACs, and cipher modes. Cipher_Mode already had it, with a slightly different usage. | ||||
* | Fix build on PowerPC. Fix test runs on non-x86 | Jack Lloyd | 2016-09-15 | 1 | -4/+1 |
| | |||||
* | Add cpuid overload to test framework | Jack Lloyd | 2016-09-15 | 13 | -75/+213 |
| | |||||
* | Merge optimized implementations into base class | Jack Lloyd | 2016-09-15 | 32 | -708/+460 |
| | | | | | | | | | | Various algorithms had an optimized implementation (for SSE2, AVX2, etc) which was offered alongside the 'base' implementation. This is admittedly very useful for testing, but it breaks user expectations in bad ways. See GH #477 for background. Now encrypting with `AES_128` (say) just runs whatever implementation is best on the current processor/build. | ||||
* | Disable locking_allocator on valgrind/ASan builds. | Jack Lloyd | 2016-09-14 | 1 | -2/+2 |
| | | | | GH #626 | ||||
* | Add TLS 1.2 PRF test vectors | René Korthaus | 2016-09-13 | 1 | -0/+34 |
| | |||||
* | Add missing guard | Jack Lloyd | 2016-09-09 | 1 | -0/+4 |
| | |||||
* | Add test of FPE_FE1 | Jack Lloyd | 2016-09-09 | 2 | -0/+59 |
| | | | | Self-generated vectors, just a basic smoke test right now. | ||||
* | Prevent use of secure_vector with non-integer types | Jack Lloyd | 2016-09-09 | 1 | -0/+3 |
| | | | | | If a non trival type was used, memory corruption could occur. Original issue reported by Matthias Gierlings. | ||||
* | These vectors can be const | Jack Lloyd | 2016-09-09 | 1 | -2/+2 |
| | |||||
* | Remove bogus decl | Jack Lloyd | 2016-09-05 | 1 | -2/+0 |
| | |||||
* | Merge GH #613 NewHope R-LWE key exchange | Jack Lloyd | 2016-09-05 | 9 | -7/+6876 |
|\ | |||||
| * | Fix tests on things that are not little endian | Jack Lloyd | 2016-08-30 | 1 | -12/+6 |
| | | |||||
| * | Newhope is really limited by RNG speed. | Jack Lloyd | 2016-08-30 | 1 | -5/+33 |
| | | | | | | | | 4x-8x overall speedup switching from HMAC_DRBG to ChaCha20 | ||||
| * | Avoid requiring alignment (think this was just for the AVX2 version) | Jack Lloyd | 2016-08-30 | 2 | -37/+35 |
| | | | | | | | | Change to standard int types | ||||
| * | Fix tests with newhope disabled | Jack Lloyd | 2016-08-30 | 1 | -3/+10 |
| | | |||||
| * | Fix header guard, macro tidy | Jack Lloyd | 2016-08-30 | 2 | -5/+7 |
| | | |||||
| * | Add NEWHOPE KEM scheme | Jack Lloyd | 2016-08-30 | 9 | -7/+6847 |
| | | | | | | | | | | | | | | | | | | | | Provides conjectured 200-bit security against a quantum attacker. Based on the public domain reference implementation at https://github.com/tpoeppelmann/newhope and bit-for-bit compatible with that version. Test vectors generated by the reference testvector.c | ||||
* | | No need for long all-zero input after cd9f852 | Jack Lloyd | 2016-09-05 | 1 | -1/+0 |
| | | |||||
* | | Merge GH #616 ChaCha SSE2 optimizations | Jack Lloyd | 2016-09-05 | 6 | -72/+371 |
|\ \ | |||||
| * | | Avoid _mm_set_epi64x which is missing on 32-bit MSVC 12 | Jack Lloyd | 2016-09-02 | 1 | -8/+8 |
| | | | |||||
| * | | Correct macro check | Jack Lloyd | 2016-09-01 | 2 | -2/+2 |
| | | | |||||
| * | | Missing increment in SSE2 version, broke ChaCha20Poly1305 tests | Jack Lloyd | 2016-09-01 | 2 | -0/+11 |
| | | | | | | | | | | | | But not any ChaCha20 tests due to no long test inputs. Add one. | ||||
| * | | 4x interleaved SSE2 | Jack Lloyd | 2016-09-01 | 2 | -69/+228 |
| | | | |||||
| * | | ChaCha 4 ways | Jack Lloyd | 2016-09-01 | 3 | -129/+153 |
| | | | |||||
| * | | SSE2 ChaCha | Jack Lloyd | 2016-09-01 | 4 | -6/+111 |
| | | | |||||
* | | | Make copy constructor and assignment default | René Korthaus | 2016-09-05 | 2 | -29/+2 |
| | | | |||||
* | | | Call base class assignment operator in X509_Certificate | René Korthaus | 2016-09-04 | 2 | -2/+3 |
| | | | |||||
* | | | Update policy files wrt algorithm removals | Jack Lloyd | 2016-09-02 | 2 | -13/+0 |
| | | | |||||
* | | | Remove IF_Scheme_{Public,Private}Key | Jack Lloyd | 2016-09-02 | 6 | -283/+186 |
| | | | | | | | | | | | | | | | | | | With the removal of Rabin-Williams, RSA is the only remaining subclass, And it's very unlikely any new integer factorization based scheme would be added in the future. | ||||
* | | | Remove XTEA SIMD impl | Jack Lloyd | 2016-09-02 | 3 | -165/+0 |
| | | | | | | | | | | | | | | | Testing showed no actual speedup on either i7 (SSE2) or POWER7 (Altivec), so it is just dead weight. | ||||
* | | | Remove deprecated Nyberg-Rueppel and Rabin-Williams signatures | Jack Lloyd | 2016-09-02 | 15 | -972/+1 |
| | | | |||||
* | | | Remove deprecated hashes MD2, HAS-160, and RIPEMD-128 | Jack Lloyd | 2016-09-02 | 20 | -999/+0 |
| | | | |||||
* | | | Remove deprecated ciphers MARS, RC2, RC5, RC6, SAFER-SK and TEA | Jack Lloyd | 2016-09-02 | 31 | -12339/+1 |
| | | | | | | | | | | | | | | | XTEA was also deprecated but has been spared, it does seem to be somewhat common (eg, included in the Go x/crypto library) | ||||
* | | | Let the input arg to stream cipher test be optional. | Jack Lloyd | 2016-09-01 | 3 | -98/+5 |
|/ / | | | | | | | | | | | If ommitted, assume an all zero input. Remove some In = 0000... from test files. | ||||
* | | Merge GH #610 Fix coverage | Jack Lloyd | 2016-09-01 | 1 | -3/+3 |
|\ \ | |||||
| * | | new try | Daniel Neus | 2016-09-01 | 1 | -3/+3 |
| | | | |||||
| * | | fix coverage | Daniel Neus | 2016-08-28 | 1 | -2/+2 |
| | | | |||||
* | | | get_processor_timestamp should never return 0 if it can help it. | Jack Lloyd | 2016-09-01 | 1 | -16/+59 |
| | | | | | | | | | | | | | | | | | | | | | For example it used to return 0 on Linux/ARM... If no QPC or asm version, use clock_gettime if available, or else std::chrono::high_resolution_clock as a fallback. | ||||
* | | | Check for non-existent modules in policy files. | Jack Lloyd | 2016-09-01 | 2 | -9/+2 |
| | | | | | | | | | | | | | | | | | | Fix policy files. GH #614 | ||||
* | | | Merge GH #578/#492: TLS EtM extension and new policy toggles | Jack Lloyd | 2016-08-31 | 22 | -132/+597 |
|\ \ \ | |||||
| * \ \ | Merge master into this branch, resolving conflicts with #457/#576 | Jack Lloyd | 2016-08-31 | 356 | -15062/+38847 |
| |\ \ \ | | | | | | | | | | | | | | | | which recently landed on master. | ||||
| * | | | | Address some issues with PR 492 | Jack Lloyd | 2016-08-13 | 14 | -58/+120 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Adds copyright notices for Juraj Somorovsky and Christian Mainka of Hackmanit for the changes in 7c7fcecbe6a and 6d327f879c Add Policy::check_peer_key_acceptable which lets the app set an arbitrary callback for examining keys - both the end entity signature keys from certificates and the peer PFS public keys. Default impl checks that the algorithm size matches the min keylength. This centralizes this logic and lets the application do interesting things. Adds a policy for ECDSA group size checks. Increases default policy minimums to 2048 RSA and 256 ECC. (Maybe I'm an optimist after all.) | ||||
| * | | | | Merge branch 'master' into Encrypt-then-MAC-with-policy | Juraj Somorovsky | 2016-05-12 | 25 | -78/+71 |
| |\ \ \ \ | | | | | | | | | | | | | | | | | | | Merged recent changes and resolved minor conflicts in tls record classes. | ||||
| * | | | | | Encrypt-then-MAC extension (RFC 7366) | Juraj Somorovsky | 2016-05-11 | 20 | -112/+372 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Introduced a countermeasure against the logjam attack Short TLS records (AES-CBC) now return BAD_RECORD_MAC Fixed a compatibility problem with OpenSSL and TLS 1.0 (BEAST countermeasure) | ||||
| * | | | | | TLS Policy support | Christian Mainka | 2016-05-03 | 7 | -27/+173 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * --policy works for TLS Server and TLS Client * Example policy BSI_TR-02102-2.txt * Fine granular configuration for TLS 1.0, 1.1, 1.2 and DTLS 1.0 and 1.2 * Minimum ecdh and rsa group size | ||||
* | | | | | | Fix TLS build with SRP6 disabled | Jack Lloyd | 2016-08-31 | 1 | -1/+1 |
| |_|/ / / |/| | | | | |||||
* | | | | | Maintainer mode fixes | Jack Lloyd | 2016-08-31 | 3 | -4/+4 |
| | | | | | |||||
* | | | | | HMAC_RNG ignored its entropy_source argument :( | Jack Lloyd | 2016-08-31 | 1 | -1/+1 |
| | | | | | |||||
* | | | | | Fix another unused variable warning | Jack Lloyd | 2016-08-31 | 1 | -1/+1 |
| | | | | |