aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Optimize right shift a littlelloyd2008-09-051-14/+38
|
* Replace __builtin_ctzl with a new ctz function in bit_ops.hlloyd2008-09-051-1/+1
|
* Wrap the BigInt register in a small class that caches the significantlloyd2008-09-052-38/+81
| | | | | words. BigInt::sig_words() was showing up very hot on valgrind runs, this seems to reduce the usage substantially.
* Revert change to dl_work_factor for now - breaks ElGamal testslloyd2008-09-051-0/+14
|
* Rewrite dl_work_factor using a lookup table with data from RFC 3526,lloyd2008-09-051-16/+18
| | | | | | | | | | | | "More Modular Exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE)", which removes Botan's dependency on standard math library (which can be a big deal on embedded systems, and it seemed silly to have just a single function cause us to pull in potentially all of libm) Also this makes the values Botan will pick for exponent sizes more obvious; previously one would have to run through the computation or call the function and observe the output.
* Add the IKE 6144-bit MODP group, from RFC 3526lloyd2008-09-051-0/+37
|
* Define the functions from bit_ops.h as inline template functions, insteadlloyd2008-09-051-68/+0
| | | | of always converting to u64bit and passing to a non-inlined function.
* A possible optimization to low_zero_bits (which was showing up hot inlloyd2008-09-021-6/+22
| | | | | some DSA/NR benchmarks). Requires GCC/ICC for __builtin_ctzl, though that will change shortly.
* Where bit_ops.h was used to get xor_buf, include xor_buf.h insteadlloyd2008-09-0226-25/+25
|
* Reduce RW creation min also to 512 for benchmarkslloyd2008-09-021-1/+1
|
* The counter is not specified, so do not mention itlloyd2008-08-311-1/+1
|
* Add DSS groups with 2048 and 3072 bit p values (and 256 bit q subgroups).lloyd2008-08-311-105/+141
| | | | | | These were generated using the FIPS 186-3 PRNG, with seed values generating by applying SHA-256 to the UTF-8 encodings of the strings "Botan 2048 DSS seed #51" and "Botan 3072 DSS seed #24"
* Allow generating 512 and 768 bit DSA keys.lloyd2008-08-311-6/+9
|
* Allow creating 512 bit RSA keys again (for benchmark, mostly)lloyd2008-08-311-1/+1
|
* Merge mp_sqr.cpp and mp_mul.cpp into mp_karat.cpp, since there is a lotlloyd2008-08-272-147/+132
| | | | | | of similar-but-not-identical code between them. (Can't merge for performance reasons, squaring is a special case of multiplication allowing extra optimizations)
* Use -BigInt(1) instead of BigInt("-1") to avoid the parsing overhead.lloyd2008-08-271-2/+2
| | | | | Instead just call the u64bit constructor and invert using the BigInt operator.
* Add a specialized version of theta() for NullVector, since it cleans uplloyd2008-07-151-4/+25
| | | | the key schedule, and perhaps offers slightly better code generation.
* merge of '17a621a99c0fb8685efd5f3f3411a44e4d5ff835'lloyd2008-07-131-0/+1
|\ | | | | | | and 'df7d36d4e4fe81092c682b0ef92ac3a9ef12cbd3'
| * Missing include of timers.h, error if no timer modules usedlloyd2008-07-081-0/+1
| |
* | Add the block cipher Noekeon (http://gro.noekeon.org/). Only "indirect mode"lloyd2008-07-112-0/+177
|/ | | | keying is supported (see section 2.3 of the specification for details)
* Fix return values for ressol(), saying BigInt x = -1 does somethinglloyd2008-07-071-2/+2
| | | | unexpected (see ticket #23, http://bugs.randombit.net/show_bug.cgi?id=23)
* Remove unneeded parenslloyd2008-07-071-1/+1
|
* Add an implementation of the Shanks-Tonelli algorithm, which is used tolloyd2008-07-071-0/+82
| | | | find square roots modulo a prime. Contributed by FlexSecure GmbH
* Remove printf in catch blocklloyd2008-07-071-1/+0
|
* Extend random_prime() to be able to generate primes of any bit size.lloyd2008-07-051-1/+10
| | | | | | | | | | | bits <= 1 -> error bits == 2 -> choose 2 or 3 at random bits == 3 -> choose 5 or 7 at random bits == 4 -> choose 11 or 13 at random bits >= 5 -> procedure used previously. Tested by running random_prime() with random bit sizes <= 16 until it had generated all <= 16 bit primes.
* Remove the free-standing function deref_alias. It only served as a forwarderlloyd2008-06-307-33/+32
| | | | | | for the implementation in Library_State. Instead explicitly call deref_alias on global_state() wherever the old freestanding version was used. This serves to make (more) uses of the global state explicit rather than implicit.
* Remove the default_pbe option. Instead hardcode the default intolloyd2008-06-302-5/+2
| | | | | | | PKCS8::encrypt_key - this is slightly less flexible, but removes the dependency on the Library_State object. And if someone wants to use a different algorithm, they just have to pass in an actual value for the pbe string instead of letting it default to the empty string.
* Remove option v1_assume_ca, no longer usedlloyd2008-06-301-2/+0
|
* Previously X509_Store took two configuration values from the librarylloyd2008-06-302-9/+3
| | | | | | | | | config state: how long successful validations should be cached, and the amount of slack to allow on time boundary checks. Now these are passed as arguments to the constructor, as a pair of 32-bit integers representing the number of seconds to allow as slack and the number of seconds to cache validations for. They default to the same compiled in defaults as before, 24 hours (86400 seconds) and 30 minutes (1800 seconds), respectively.
* Remove the Config class.lloyd2008-06-3011-166/+104
| | | | | | | | In reality, Config was a singleton, with the only owner being the Library_State object. Theoretically one could create and use another Config instance, but in practice it was never done. Reflect the reality and inline the members and public functions of Config in Library_State, removing Config entirely.
* Remove global_config() - replace by direct calls to global_state()lloyd2008-06-3012-41/+47
|
* Make use of RandomNumberGenerator implementing add_entropy_source inlloyd2008-06-281-14/+16
| | | | make_rng()
* Add interfaces for add_entropy_source and add_entropy tolloyd2008-06-282-8/+16
| | | | | | | | | | | RandomNumberGenerator, and make ANSI_X931_PRNG's implementations just forward the arguments to the underlying RNG. This allows seeding the RNG even if no entropy modules are loaded into the library. Also it allows actually adding user-specified data; to do it otherwise would require creating the RNG objects yourself and retaining a pointer to the Randpool, which is pretty bogus. Move Null_RNG to rng.h
* Reseed the underlying PRNG when ANSI_X931_PRNG:reseed is calledlloyd2008-06-281-0/+2
|
* The two remaining locks were not being deleted, leaking memorylloyd2008-06-281-0/+2
|
* Change make_rng to be a static member of RandomNumberGeneratorlloyd2008-06-281-1/+1
|
* New structure for entropy sources + RNGs. The entropy sources are owned bylloyd2008-06-274-164/+169
| | | | | | | Randpool, it will query them as needed (or if asked to do so). New function make_rng() that creates an RNG (X9.31 backed by a Randpool) and seeds it. Remove the entropy source related code from the Modules/Builtin_Modules classes.
* Avoid warninglloyd2008-06-271-1/+1
|
* Remove the global PRNG object as well as the global list of entropy sources.lloyd2008-06-272-117/+1
|
* Remove PRNG_Unseeded throw() specifies from the RNG randomize() functions.lloyd2008-06-272-2/+2
| | | | | | They were probably not a good idea. If nothing else, these functions might throw bad_alloc, and possibly other errors. Something broad like std::exception might be applicable, but that seems pointlessly broad.
* OctetString now requires a RandomNumberGenerator& to create a randomlloyd2008-06-271-3/+4
| | | | key or IV; it does not reference the global RNG.
* Reorganize the EMSA classes, and remove the last references to prng_referencelloyd2008-06-275-58/+126
| | | | in the library ccode.
* Previously if DL_Group was given a q value of zero, it would check tolloyd2008-06-271-4/+0
| | | | | | | | | | | | see if (p-1)/2 was prime, and if so set q to that. This is to deal with certain bogus DH formats (PKCS #3, specifically; the 'modern' ANSI formats always provide the q subgroup value). However this required access to the RNG. Rather than push RNG usage all the way down into that part of DL group, simply remove the feature. Since PKCS #3 format is only really used for DH keys, it will not much affect anything functionally (that I can see).
* Remove unneeded include of libstate.hlloyd2008-06-271-1/+0
|
* Remove load checking, as it requires an RNG (at least at the moment).lloyd2008-06-2710-58/+47
| | | | | | | | | Probably some variation of it will be added back in later, at least to do basic checks like that primes are really odd (and we can do basic primality checks, etc, even with an RNG). Alternative: call check_key() manually on public keys you load with an RNG object.
* Split IF_Core constructor into two, one for public keys and one for private.lloyd2008-06-272-5/+12
| | | | Public version doesn't need an RNG argument.
* Remove SHA1PRNG for the moment, untillloyd2008-06-231-167/+0
| | | | | | | | | a) I am sure we really want to include this (proprietary, unanalyzed?) PRNG in Botan b) I have a chance to add test cases and clean up the code. Also note a few more changes in the changelog, and set a provisial release date for sometime in July.
* Remove the hooks for the AEP module, since it was removed due to lack oflloyd2008-06-221-16/+0
| | | | | | testability (have a card still, but the drivers are for 2.4 kernel and seemingly not 64-bit or thread safe, so it's pretty much a paperweight right now).
* Similiar combining transform for the ElGamal, DSA, and NR private keylloyd2008-06-203-53/+34
| | | | constructors.
* Consolidate the two DH_PrivateKey constructors into a single one takinglloyd2008-06-201-20/+13
| | | | | a RNG reference, a group, and an (optional) private key. The public key is now always rederived from the private.
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-17 06:27:00 +0000