aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Mostly revert 2f4fd18182d5a75c40cd831e7ee3c314be5c57d6, only keep thelloyd2008-03-10202-202/+202
| | | | | updated dates on files that have actually changed this year. This makes the diff across versions readable again.
* Unroll the loops in SHA_160::hash that unpack the input and perform thelloyd2008-03-091-4/+15
| | | | | expansion. While I would prefer to have the compiler to this, using GCC 4.1.2 it is 4% faster on a Core2 Q6600 with the loops partially unrolled.
* Rename offset_ variables to idx_lloyd2008-03-091-30/+30
|
* Alter bigint_madd2 and bigint_madd3 to take only 3 (4, resp) arguments,lloyd2008-03-093-6/+6
| | | | | | | with the last one being both one of the input values and the output carry register, since almost always they were in fact the same variable. Also update the x86 and x86-64 modules.
* Also inline xor_buf, both for immediate effeciency gains and for futurelloyd2008-03-091-34/+0
| | | | writing of it in assembly.
* Put reverse_bytes into bit_ops.h so they can be inlined. Rewrite the versionlloyd2008-03-081-29/+0
| | | | | | | for 64-bit to not use 64-bit constants - that way GCC won't complain everwhere. Plan is for a module to replace all of these with asm (bswap, xchg on x86), at least for x86-64
* Mass update of the copyright date. Honestly I don't know why I bother,lloyd2008-02-14208-208/+208
| | | | | | | but might as well keep it up to date. And it's easier to do it once with a 'perl -pi' command than to update each file over time. Apologies to anyone looking at diffs.
* Add a short comment describing Turing::fixedSlloyd2007-11-191-1/+1
|
* Change the default list of PRNG devices fromlloyd2007-11-171-1/+1
| | | | | | | | | /dev/urandom /dev/random to /dev/random /dev/srandom /dev/urandom because the es_dev module can handle reads from devices that may block without ever blocking for an unbounded amount of time.
* Drop es_file: replaced by es_devlloyd2007-11-172-37/+0
|
* Add a hook for the es_dev module in Builtin_Moduleslloyd2007-11-171-0/+8
|
* Mark start and end as const in karatsuba_size since they are never modifiedlloyd2007-11-161-2/+2
| | | | after assignment.
* Revert the change that renamed append() to push_back(). As pointed outlloyd2007-11-1513-40/+40
| | | | | | by Joel Low on the mailing list, the STL container types have only a single version of push_back(), along with variations of insert() for handling range-based appending.
* Rename MemoryRegion::append to push_backlloyd2007-11-1413-40/+40
| | | | Change all callers in the library and self-test code.
* Remove the ability to load an external configuration file. Applicationslloyd2007-11-143-150/+0
| | | | | | | | | | | needing this functionality probably already have a preexisting configuration system that they would rather use. Also remove the documentation about this feature, and the example configuration (which was pretty out of date, anyway). RFC on this change sent to the mailing list on 11-13-2007, no responses after 24 hours. It seems quite likely this code is not in use anywhere.
* merge of '3302429a7b66a2e175af0e12870f150aaf81445e'lloyd2007-11-121-2/+0
|\ | | | | | | and '9f004fd94273d5449388f933f767d6d5c24068d8'
| * Remove unused include of assert.hlloyd2007-11-071-2/+0
| |
* | Make IDEA::mul_inv just a function in an anonymous namespace, since it reallylloyd2007-11-111-38/+36
| | | | | | | | had no reason/need to be a class method.
* | Remove some static_casts that weren't required and didn't do much to makelloyd2007-11-111-11/+11
| | | | | | | | the code more readable/explicit either.
* | Have IDEA's mul() return the result instead of altering a reference value.lloyd2007-11-111-13/+25
|/ | | | | | Split up some lines for readability. Benchmarks somewhat slower than the previous version (34.3 vs 32.0 on my Core2, gcc 4.1.2), will need to investigate.
* Have Malloc_Allocator directly inherit from the Allocator interface, withoutlloyd2007-10-211-2/+2
| | | | | | | | | using the infrastructure in Pooling_Allocator. Using malloc directly is slightly faster than using Botan's memory pools (using the glibc implementation). It may also reduce internal fragmentation, since the current Pooling_Allocator design is rather suboptimal in that regard.
* Move reverse_bytes from bit_ops.h to bit_ops.cpplloyd2007-10-211-0/+30
|
* sha160.cpp needs include of bit_ops.h, problem was masked by the asm versionslloyd2007-10-191-0/+1
| | | | when I was testing on x86 and x86-64 machines.
* bit_ops.h no longer includes loadstor.hlloyd2007-10-1954-30/+52
| | | | | | | | | Where loadstor.h was needed but only implicitly included via bit_ops.h, include it directly Add endian reversal functions to bit_ops.h Remove some unneeded includes in big_ops2.cpp and a few other files.
* Fold an XOR operation that was happening during SEED encryption/decryption tolloyd2007-10-191-6/+6
| | | | | occur inside the key schedule instead. This should lead to (slightly) better scheduling in the compiled code by reducing the length of a critical path.
* Don't hard code any directories to search for programs into es_unix.lloyd2007-10-191-1/+1
| | | | | | | All are now specified through the config. The new default is just /bin, /sbin, /usr/bin, and /usr/sbin. Formerly /usr/ucb, /usr/etc, and /etc were also searched. If you want this behavior again you have to explicitly set the rng/unix_path configuration setting.
* merge of '7abb64699f9d0ffd4305b8c5686ce581f68c01ed'lloyd2007-10-191-0/+2
|\ | | | | | | and 'dda7bbd71591790326178cc71409a956cf121d6b'
| * The flag that we had run a slow pollwas only set if one was forced fromlloyd2007-10-191-0/+2
| | | | | | | | | | | | a fast poll request, and not if a slow poll was specifically requested. So a sequence of slow and then fast polls would trigger a second slow poll, which was not desired.
* | Add support for IPv4 addresses in the X.509 alternative name extension.lloyd2007-10-163-5/+28
| | | | | | | | Original patch from Yves Jerschow.
* | Add functions that can convert between binary IPv4 addresses and standardlloyd2007-10-161-1/+43
| | | | | | | | decimal-dotted string notation.
* | Truncate the X9.42 PRF output if the counter overflows.lloyd2007-10-151-1/+1
| |
* | Make some formatting between the encryption and decryption code equivalent.lloyd2007-10-151-1/+4
| |
* | Use shorter variable names in the TEA code.lloyd2007-10-151-12/+12
| |
* | Move the self tests from LibraryInitializer::initialize tolloyd2007-10-152-7/+7
|/ | | | | Library_State::initialize: now the LibraryInitializer is just a simple wrapper to create/destroy the state with no other operations.
* The last checkin did not work; the Library_State constructor called code1.7.2lloyd2007-10-132-9/+31
| | | | | | | | that called global_state(), which cased an infinite recursion. Make creating a Library_State a two-phase operation, first an empty constructor (just sets all pointers to NULL), then an initializer that sets up everything needed to start up the library.
* Move most of the initializer code directly into the Library_State constructorlloyd2007-10-132-80/+65
|
* If we attempt to access the global state, and it is null, calllloyd2007-10-071-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | LibraryInitializer::initialize(), which will set it for us (or fail by throwing an exception, which will be propogated to the caller). So any instances of creating a LibraryInitializer where no option arguments are passed can be removed; instead that initialization will run when or if you execute an operation where Botan requires the services provided in the state. Because no options are passed, the library will be using the default (debug and not thread safe) mutex type: so hopefully you'll quickly get an exception when the debug mutex realizes it is being used in a threaded application, but there is risk of operations silently failing before that happens. You can call LibraryInitializer::deinitialize() at the end of your main function (or whenever you think you won't need Botan anymore), to free the global state; if not a number of cleanup destructors will not run (including the final scrub of memory). You can even shut down Botan speculatively; if it turns out you need it again, it just means you'll have to take the cost of another initialization. However in applications that use Botan only in small bursts, or in rarely taken codepaths, you can remove the state entirely and suffer zero memory overhead. This probably only makes sense in memory constrained systems, but it's reasonable to do now. Speculatively deallocating the state is probably not thread safe without extra work. One thread calling deinitialize() would invalidate pointers that would have been visible to other threads. One (untested) idea: have an atomic integer with the number of current threads using Botan. If any thread decrements and hits zero, it could deinitialize Botan safely. This might cause too many repeated startup/shutdowns, which would depend on the app use pattern. In addition, since you can't pass arguments to the new Library_State, you can't specify the use of real mutexes (or anything else): so for right now, this only works in applications that are fine with the standard options. I want to find a way to get that working, though, since it's very inelegant. Currently a Default_Mutex (not at all thread safe but somewhat error checking) will be used. And self test will always be run (more on that below). I wrote a program that just initializes and shuts down in a tight loop. Running on my Gentoo box (Core2 E6400, gcc 4.1.2): thread_safe? selftest? time (ms) ------------ --------- --------- no yes 6.1 no no 3.8 yes yes 6.7 yes no 3.8 If you're actually worried that the library might start up OK but then start failing basic self tests, what you actually want to do is have a thread that runs diagnostics on your entire process state (including calling Botan's self test code) every N seconds. The question is how to get arguments from the outside world to the constructor of the Library_State that is created inside of global_state(): avoiding many self tests to save a bit of time (many applications won't care about the extra cost but sometimes 2 or 3 ms is important), and thread safety (beacuse you can't specify to use a real mutex).
* Add OIDs for SHA-224, SHA-256, SHA-384, SHA-512, and DSA with SHA-224 andlloyd2007-10-031-1/+9
| | | | SHA-256 (from draft-ietf-pkix-sha2-dsa-ecdsa-01)
* If DL_Group's constructor can't find a group, throw a reasonably informativelloyd2007-09-291-1/+6
| | | | exception instead of one for a PEM decode error which is not very helpful.
* Use the OUTPUT_LENGTH constant instead of assuming the block size of the cipherlloyd2007-09-171-6/+7
| | | | is 64 bits.
* Check in an initial implementation of CBC-MAC.lloyd2007-09-162-0/+110
| | | | | | | The test vectors were generated by Crypto++ 5.5 on a Linux/x86-64 machine. Test vectors for CBC-MAC(DES) all pass, for inputs up to 63 bytes. For CBC-MAC(AES-128), all test vectors with inputs over 10 bytes fail to verify against what Crypto++ produces. Unknown at this time where the bug lies.
* Use Botan:: prefixes to work around a bug in Visual Studio C++ 2003. Patchlloyd2007-07-271-2/+2
| | | | from Christophe Meessen on the development list.
* If counter overflows, truncate the output of KDF2. That effectivelylloyd2007-07-261-1/+1
| | | | | limits the output to just a bit under 2^32 bytes, which is the maximum you can request anyway.
* Avoid C-style casts (as detected by GCC's -Wold-style-cast) and instead use lloyd2007-07-2334-99/+109
| | | | static_cast or reinterpret_cast, as needed.
* Use std::string::data() instead of std::string::c_str() in cases where welloyd2007-07-219-10/+10
| | | | | just want access to the underlying data representation but don't care if the return value is NULL terminated or not.
* Combine the Blowfish initial sbox contents into a single 1024 element array.lloyd2007-07-172-98/+91
|
* If an algorithm cache lookup fails, index the newly created prototype objectlloyd2007-07-171-6/+7
| | | | | | | | | | | | | | | | | | | | | under the name that the algorithm was originally requested by. This enables proper caching for algorithm names which deref_alias fails to fully dereference such as "HMAC(SHA-1)". The previous code had two major problems with names of that type, firstly that the cache was effectively bypassed due to all prototype objects in Algorithm_Cache_Impl being indexed by their canonical names rather than the alias that they were requested under, and that there existed a race condition where a prototype object might be deleted while in use in multithreaded code. The downside of this change is that using multiple names to refer to a single algorithm causes multiple prototype objects to be created, one for each name that is in use. However the memory overhead of this should be fairly minimal and given the severity of the race condition this seems like a worthwhile tradeoff. A more complete fix would be to fix deref_alias to properly derference all alias names. That fix would be complimentary with this change in that if deref_alias handled all names properly there would be a single prototype object and there would then be no additional memory overhead to the cache.
* We don't need to use locked memory in the X.509 distinguished name.lloyd2007-06-111-1/+1
|
* On an assignment or initialization split across lines, put the = at the endlloyd2007-05-312-6/+6
| | | | of the line rather than the start.
* propagate from branch 'net.randombit.botan.stable' (head ↵lloyd2007-05-311-1/+1
|\ | | | | | | | | | | e92fe807f749c526669303bd1530dd76a4d10a86) to branch 'net.randombit.botan' (head 04a56f961f413296df6637b77ec45aa444513cfc)
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-14 01:03:57 +0000