aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Add message to BOTAN_ARG_CHECK and use it more widelyJack Lloyd2018-05-1344-95/+138
|
* Properly set thread counts in asio TLS serversJack Lloyd2018-05-092-4/+31
| | | | X || Y || 2 always evaluates to 1...
* Inline BigInt::shrink_to_fitJack Lloyd2018-05-092-7/+5
| | | | Improves P-256 a bit
* Extensions to X509 CLI utilsJack Lloyd2018-05-091-5/+18
| | | | | | gen_self_signed: add --days= and --der to set lifetime and output format. cert_info: accept '-' to read from stdin
* Merge GH #1564 Add 24x Comba multiply/squareJack Lloyd2018-05-095-3/+1103
|\
| * Add 24-word wide Comba multiply/squareJack Lloyd2018-05-085-3/+1103
| | | | | | | | | | | | Improves performance on "odd" sized DH/RSA (eg 1536, 3072, 6144) where otherwise the Karatsuba operation bottoms out with 24-word operands which ended up in the basecase multiply.
* | Slight refactoring to avoid GCC signed overflow warnings. [ci skip]Jack Lloyd2018-05-081-4/+4
|/ | | | Couldn't occur since length is 24 bits but GCC couldn't figure that out.
* Merge GH #1563 Use correct calling convention for RtlGenRandomJack Lloyd2018-05-071-4/+8
|\
| * Use type BYTE instead of BOOLEANSimon Warta2018-05-081-1/+4
| |
| * Rename RtlGenRandom_f -> RtlGenRandom_fptrSimon Warta2018-05-071-3/+3
| | | | | | | | because this is a function pointer, not a function
| * Rewrite assignment of RtlGenRandom_f using "using"Simon Warta2018-05-071-1/+1
| |
| * Check return value of m_rtlgenrandom against proper typeSimon Warta2018-05-071-1/+2
| |
| * Use BOOLEAN return type for RtlGenRandom_fSimon Warta2018-05-071-1/+1
| |
| * Add missing NTAPI to RtlGenRandom_f signatureSimon Warta2018-05-071-1/+1
| |
* | Fix some warnings new in GCC 8.1Jack Lloyd2018-05-076-43/+49
| | | | | | | | | | It thinks the typedefs are "locals" that are being conflicted with, which seems wrong to me but whatever.
* | Improve PEM detection for asn1 printerJack Lloyd2018-05-031-5/+22
| |
* | Let pkcs8 command line util accept '-' for stdinJack Lloyd2018-05-031-3/+6
| |
* | Use Montgomery_Int::sub to avoid an allocationJack Lloyd2018-05-021-2/+2
| |
* | Remove needless allocation in Montgomery_Int::mul_byJack Lloyd2018-05-022-7/+41
| |
* | Improve performance of Pollard rho implementationJack Lloyd2018-05-021-12/+36
| | | | | | | | | | | | Using Montgomery is somewhat faster and allows avoiding mallocs. Test GCD only on intervals since gcd is 90+% of the runtime cost.
* | Make Montgomery_Int public, add function for addition with workspaceJack Lloyd2018-05-022-3/+11
| |
* | Add arch aliases for Debian builds [ci skip]Jack Lloyd2018-05-022-0/+5
| |
* | Merge GH #1560 Add OpenPGP specific (Ed|X)25519 OIDsJack Lloyd2018-05-022-1/+9
|\ \
| * | Add OpenPGP-specific curve OIDsMarcus Brinkmann2018-05-022-1/+9
| | |
* | | Correct file name to regenerate [ci skip]Jack Lloyd2018-05-021-1/+1
|/ /
* | Inline this operator+ [ci skip]Jack Lloyd2018-04-262-6/+1
| |
* | Add a comment on side channels hereJack Lloyd2018-04-261-4/+5
| |
* | Correct handling of gcd(p - 1, e) in RSA keygenJack Lloyd2018-04-261-7/+25
| | | | | | | | | | | | | | | | | | | | We were calling inverse mod but because p - 1 > e the binary extended euclidean algorithm was used instead of the const time version. Use the fact that e is odd (for RSA keys) to remove the factors of 2 from p - 1 and then check coprimality that way, since it allows using our const time algo.
* | Remove unused includeJack Lloyd2018-04-261-1/+0
| |
* | Add a couple more GCD testsJack Lloyd2018-04-261-0/+8
| |
* | Rewrite GCD in less branchy way, and use Montgomery in M-R testJack Lloyd2018-04-261-16/+30
| |
* | Add BigInt functions for adding, subtracting and comparing with wordsJack Lloyd2018-04-264-51/+142
| | | | | | | | Avoids needless allocations for expressions like x - 1 or y <= 4.
* | Add final annotations [ci skip]Jack Lloyd2018-04-241-3/+3
| |
* | Add BigInt::mod_subJack Lloyd2018-04-234-93/+128
| |
* | Use EC_Group::inverse_mod_order where appropriateJack Lloyd2018-04-203-7/+4
| |
* | Merge GH #1547 Add optimized P-384 field inversionJack Lloyd2018-04-201-0/+72
|\ \
| * | Add Fermat based inversion of P-384 field elementsJack Lloyd2018-04-191-0/+72
| | | | | | | | | | | | | | | | | | | | | | | | | | | Cuts about 100K cycles from the inversion, improving ECDSA sign by 10% and ECDH by ~2% Addition chain from https://briansmith.org/ecc-inversion-addition-chains-01 GH #1479
* | | Reorder Travis builds [ci skip]Jack Lloyd2018-04-191-1/+1
|/ / | | | | | | | | | | | | | | I guess Travis has changed how they sort builds, previously compiler took precedence but now the BUILD_MODE env variable does. Anyway the result is Sonar build runs later than before, which adds several minutes to the overall build time. Put it near the top so it starts early and can run concurrently with other builds.
* | Add field inversion for P-521Jack Lloyd2018-04-181-0/+68
| | | | | | | | ECDSA sign about 10% faster, ECDSA verify and ECDH about 5% faster.
* | Add optimized inversion for P-256Jack Lloyd2018-04-181-0/+75
| | | | | | | | | | | | Could be slightly more clever here but this is pretty decent. GH #1479
* | Add timing for ECC double and addition algorithmsJack Lloyd2018-04-181-0/+33
| |
* | Add cycle counter for NIST reductionJack Lloyd2018-04-181-0/+52
| |
* | Add early exit for P-192 reduceJack Lloyd2018-04-181-0/+5
| |
* | Remove now unused functionJack Lloyd2018-04-181-19/+0
| |
* | Optimize P-224 reductionJack Lloyd2018-04-181-47/+77
| | | | | | | | 5-7% faster ECDSA
* | Further NIST reduction tweaksJack Lloyd2018-04-181-40/+44
| |
* | P-192 optimizationsJack Lloyd2018-04-181-34/+64
| | | | | | | | 5-7% faster for ECDSA and ECDH
* | Micro optimizations in P-256 and P-384 reductionsJack Lloyd2018-04-181-30/+73
| | | | | | | | Improves ECDSA and ECDH by 1% or so.
* | Minor optimizations for P-256 and P-384Jack Lloyd2018-04-171-161/+65
| | | | | | | | Improves ECDSA by ~5% on Skylake
* | Merge GH #1544 Handle arvm8l hostJack Lloyd2018-04-171-0/+2
|\ \