aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Add detection for RISCV compilersJack Lloyd2018-08-061-0/+8
|
* Increment shared lib ABI versionJack Lloyd2018-08-051-1/+1
| | | | Both #1637 and #1639 change ABI
* Fix OpenSSL modesJack Lloyd2018-08-051-1/+12
|
* Fix crashes when modes were used unkeyed.Jack Lloyd2018-08-059-29/+87
| | | | Fix crashes in OCB, GCM and CFB when called without a key being set.
* Use codec_base for Base64 encodingWambou2018-08-042-158/+153
|
* Fix complaints from latest pylintJack Lloyd2018-08-025-18/+23
|
* Misc EC_Group testsJack Lloyd2018-08-021-10/+18
|
* More CLI testsJack Lloyd2018-08-021-1/+9
|
* Additional CLI testsJack Lloyd2018-08-021-0/+38
|
* Add --no-fsname option to fingerprint commandJack Lloyd2018-08-021-2/+8
|
* Accept PKCS1v15 as an alias for EMSA3Jack Lloyd2018-08-023-5/+6
| | | | Not sure why it didn't have this already
* Format nitJack Lloyd2018-08-021-1/+1
|
* Clarify comment on botan_privkey_loadJack Lloyd2018-08-021-1/+1
|
* Merge GH #1637 Merge SM2 signature and ECIES key typesJack Lloyd2018-08-0212-197/+101
|\
| * Combine SM2 key types for signatures and encryptionJack Lloyd2018-08-0112-197/+101
| | | | | | | | | | | | It seems in practice the same key may be end up used for both operations, so maintaining a distinction at the type level just complicates things.
* | Avoid requirement to set rng in botan_privkey_loadJack Lloyd2018-08-012-7/+9
|/
* Add a couple HMAC(SHA-512-256) test vectorsJack Lloyd2018-08-011-0/+11
|
* Add OID for HMAC with SHA-512/256Jack Lloyd2018-08-012-1/+4
|
* Merge GH #1636 Add Lucas primality testJack Lloyd2018-08-0116-147/+538
|\
| * Add Lucas test from FIPS 186-4Jack Lloyd2018-07-3116-147/+538
| | | | | | | | | | | | | | | | | | | | This eliminates an issue identified in the paper "Prime and Prejudice: Primality Testing Under Adversarial Conditions" by Albrecht, Massimo, Paterson and Somorovsky where DL_Group::verify_group with strong=false would accept a composite q with probability 1/4096, which is exactly as the error bound is documented, but still unfortunate.
* | Just skip 32-bit ARM iOS build entirelyJack Lloyd2018-08-011-2/+5
| |
* | Avoid XCode 9.4 due to compilation bugJack Lloyd2018-08-011-0/+1
|/ | | | | XCode 9.4 ICEs on the NewHope code in ARM 32-bit build and of course I can't report the bug since I don't have an Apple ID.
* Fix Doxygen comments for AutoSeeded_RNG [ci skip]Jack Lloyd2018-07-311-3/+7
|
* Ensure values are fully reduced during ECDSA signatureJack Lloyd2018-07-301-3/+3
| | | | | It was possible that the Barrett reduction code would fall back to standard division due to getting an input that was >= order^2.
* Support calling Whirlpool in OpenSSLJack Lloyd2018-07-261-0/+5
| | | | Available since 1.0.0, not sure how this was missed.
* GHASH - use explicit function to check for key being setJack Lloyd2018-07-251-1/+1
|
* Add OID for SM2 with SM3 signaturesJack Lloyd2018-07-242-1/+5
|
* Add include for getenvJack Lloyd2018-07-241-0/+1
|
* Only print FFI exceptions to stdout if an env var is setJack Lloyd2018-07-242-1/+7
| | | | So debugging is possible but default is silent.
* Add botan_mac_query_keylenJack Lloyd2018-07-243-1/+38
|
* Add botan_block_cipher_query_keylen plus some new FFI error codesJack Lloyd2018-07-245-5/+59
|
* Add additional HMAC tests from RFC 4231Jack Lloyd2018-07-241-0/+81
|
* Use Alloc templates instead of overriding for specific vector typesJack Lloyd2018-07-241-16/+16
|
* Fix bad assert in Goppa decodingJack Lloyd2018-07-241-3/+4
|
* Require SM2 ciphertexts be DER encodedJack Lloyd2018-07-241-2/+18
| | | | | | | Previously SM2 test would fail about 1 in a thousand times because we would corrupt the ciphertext such that the BER was still valid; it would change the length field to an indefinite length marker, which still decoded correctly.
* In ECC private key encoding, include the optional public key fieldJack Lloyd2018-07-232-9/+12
| | | | Otherwise GnuTLS refuses to parse the private key. Fixes #1634
* Merge GH #1628 In ECDSA verify, handle error seen with LibreSSL on non-x86Jack Lloyd2018-07-201-7/+16
|\
| * Handle another possible OpenSSL error only seen on non-x86_64Jack Lloyd2018-07-171-7/+16
| | | | | | | | GH #1627
* | Add FFI funcs to get algo name from cipher, MAC and hash objsJack Lloyd2018-07-197-25/+122
| |
* | Specialize code for BigInt right shift by 1Jack Lloyd2018-07-191-0/+22
| | | | | | | | | | Improves ECDSA by 2-3% due to improving the const time modular inversion algorithm (used for the mod-order inversions).
* | Fix error in CCM when L=8Jack Lloyd2018-07-183-6/+131
| | | | | | | | GH #1631
* | Support salts other than exactly 16 bytes for Blowfish key setupJack Lloyd2018-07-186-36/+151
| | | | | | | | | | | | Bcrypt only needs 16 byte salts but unfortunately Bcrypt-PBKDF is defined to use 64 byte salts instead. So extend support to handle any salt that is a multiple of 4 bytes.
* | Pylint 2.0 drops compat with Python2Jack Lloyd2018-07-171-2/+2
| | | | | | | | So force pip install to 1.9.2
* | Correct comment on Hardware_RNGJack Lloyd2018-07-171-2/+1
|/
* Update password hashing default settingsJack Lloyd2018-07-135-4/+71
| | | | | | | | Bcrypt work factor 10 is looking pretty low these days, as is 100K iterations of PBKDF2. Increase bcrypt to 12 and PBKDF2 to 150K, and also transition passhash9 to using SHA-512 instead of SHA-256. Also document bcrypt better, and add speed tests for bcrypt and passhash9
* Remove RC2 related OIDsJack Lloyd2018-07-132-7/+1
| | | | Since RC2 has been removed since 1c0bc3cc6b no reason to have these around.
* Bump the FFI versionJack Lloyd2018-07-133-2/+13
| | | | New FFI features added in #1621 and #1625
* Tighten up error checking in pk_decryptJack Lloyd2018-07-132-17/+27
|
* Correct a comment in Camellia code, and align the 256 byte tableJack Lloyd2018-07-131-1/+3
|
* Unroll SM4 encryption/decryption by 2Jack Lloyd2018-07-131-23/+105
| | | | Interleaving operations improves SM4/CTR from 26 cpb to 18 cpb
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-02 05:42:25 +0000