Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
* | Simplify polynomial doubling code | Jack Lloyd | 2017-09-05 | 6 | -156/+95 | |
| | | | | | | | | | | GCC and Clang generate effectively identical code for a template with parameters, vs completely unrolled code as was used previously. Add a little-endian variant so XTS can use it. This extends XTS support to cover 256 and 512-bit ciphers. I was not able to find another implementation that supports both XTS and ciphers with large blocks, so the XTS test vectors are self-generated. | |||||
* | Correct TLS::Policy::latest_supported_version | Jack Lloyd | 2017-09-04 | 1 | -2/+16 | |
| | | | | | This would do the wrong thing if TLS v1.2 was disabled but v1.0/v1.1 allowed. | |||||
* | Small cleanups in ci_build.py | Jack Lloyd | 2017-09-04 | 1 | -13/+20 | |
| | ||||||
* | Move travis.yml to src/scripts/ci | Jack Lloyd | 2017-09-04 | 1 | -0/+132 | |
| | ||||||
* | Added SHA3_XXX_PKCS OID | Francis Dupont | 2017-09-04 | 1 | -0/+28 | |
| | ||||||
* | Header shuffle | Jack Lloyd | 2017-09-04 | 1 | -5/+10 | |
| | | | | Still need basic system headers even when using asio for network | |||||
* | MinGW fixes | Jack Lloyd | 2017-09-04 | 2 | -4/+4 | |
| | ||||||
* | Merge GH #1182 Add support for ARMv8 AES instructions | Jack Lloyd | 2017-09-03 | 4 | -0/+367 | |
|\ | ||||||
| * | Add support for AES extensions on ARMv8 | Jack Lloyd | 2017-09-03 | 4 | -0/+367 | |
| | | | | | | | | Based on the patch in GH #1146 | |||||
* | | Merge GH #1181 Add support for ARMv8 PMULL instruction | Jack Lloyd | 2017-09-03 | 4 | -0/+112 | |
|\ \ | ||||||
| * | | Add support for ARMv8 PMULL instruction | Jack Lloyd | 2017-09-03 | 4 | -0/+112 | |
| |/ | | | | | | | Contributed in GH #842 | |||||
* | | Merge GH #1180 Refactorings to support Windows Phone | Jack Lloyd | 2017-09-03 | 17 | -480/+560 | |
|\ \ | |/ |/| | ||||||
| * | Typo | Jack Lloyd | 2017-09-03 | 1 | -1/+1 | |
| | | ||||||
| * | Define macro so windows.h doesn't include winsock.h | Jack Lloyd | 2017-09-03 | 3 | -0/+4 | |
| | | | | | | | | Ugh Windows headers y u so nasty. | |||||
| * | Move secure_scrub_memory to os_utils.cpp | Jack Lloyd | 2017-09-03 | 2 | -40/+27 | |
| | | ||||||
| * | Refactor network code used in http_util | Jack Lloyd | 2017-09-03 | 3 | -140/+303 | |
| | | | | | | | | Move the actual socket stuff to os_utils.cpp | |||||
| * | Refactor RNGs to support Windows Phone | Jack Lloyd | 2017-09-02 | 11 | -301/+227 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This OS has its own crypto API and does not support CryptGenRandom. Splits System_RNG_Impl into distinct declarations one per implementation type. Easier to read now that we are up to 4 distinct versions. Removes the CryptoAPI entropy source, and replaces it with an entropy source that calls the system RNG. This is nominally a bit less flexible in that the entropy source allowed polling multiple providers (though we didn't actually make use of that). Plus side is it works on all systems. Currently the dev_random entropy source is still there because we do actually use it to poll both /dev/random and /dev/urandom, and it might be useful (on certain systems) to also poll a HW RNG, which are often assigned their own device node. This could debatably also be removed in favor of just reading the system RNG. | |||||
* | | Cleanups in cpuid handling code | Jack Lloyd | 2017-09-03 | 1 | -47/+47 | |
| | | ||||||
* | | Avoid g_ prefix on local variable | Jack Lloyd | 2017-09-03 | 1 | -3/+3 | |
| | | | | | | | | Reserving it for globals so they are easy to grep for | |||||
* | | Avoid leaking address info in the case of a connection failure | Jack Lloyd | 2017-09-03 | 1 | -2/+2 | |
| | | | | | | | | | | | | Not really a problem since we're exiting shortly afterwards. [ci skip] | |||||
* | | Clean up use of <limits> header | Jack Lloyd | 2017-09-03 | 8 | -14/+6 | |
| | | | | | | | | Don't include it where it is not needed, included it where it is used. | |||||
* | | Add missing override | Jack Lloyd | 2017-09-03 | 1 | -1/+1 | |
|/ | ||||||
* | Avoid using std::cout and std::cerr within cli code | Jack Lloyd | 2017-09-02 | 5 | -85/+87 | |
| | | | | Prevents redirection using --output and --error-output | |||||
* | Output errors to cerr | Jack Lloyd | 2017-09-02 | 1 | -4/+4 | |
| | ||||||
* | Avoid using <iostream> header within the library | Jack Lloyd | 2017-09-02 | 2 | -2/+4 | |
| | | | | We only need <istream> + <ostream> here | |||||
* | Clean up fuzzer code a bit | Jack Lloyd | 2017-09-02 | 5 | -46/+34 | |
| | | | | | If we ever output something to the terminal it should be because we are crashing. | |||||
* | Merge GH #1179 Support negative base in power_mod closes #1168 | Jack Lloyd | 2017-09-02 | 3 | -3/+44 | |
|\ | ||||||
| * | Support a negative base in power_mod | Jack Lloyd | 2017-09-02 | 3 | -3/+44 | |
| | | | | | | | | Closes #1168 | |||||
* | | Merge GH #1178 Use botan-ci-tools repo for binaries needed by CI | Jack Lloyd | 2017-09-02 | 1 | -11/+14 | |
|\ \ | |/ |/| | ||||||
| * | Fix qemu package | Jack Lloyd | 2017-09-02 | 1 | -1/+1 | |
| | | | | | | | | The qemu-user-static package installs them under different names. | |||||
| * | Use botan-ci-tools repo for packages | Jack Lloyd | 2017-09-02 | 1 | -11/+14 | |
| | | | | | | | | | | | | | | | | | | | | | | Largely the goal with that is to reduce dependencies, especially removing www.randombit.net from the critical path for CI. Other marginally related attempts at speeding up CI - Only install qemu-user-static (which should be all we need) instead of the full qemu metapackage. - Avoid running brew update, all we need is ccache and really any version is fine. | |||||
* | | Add --dump-traces option to tls_server | Jack Lloyd | 2017-09-02 | 2 | -2/+19 | |
| | | ||||||
* | | Add a script for running TLS-Attacker, remove old shell scripts | Jack Lloyd | 2017-09-02 | 15 | -163/+202 | |
| | | | | | | | | [ci skip] | |||||
* | | Sort isa_extensions lists [ci skip] | Simon Warta | 2017-09-02 | 4 | -14/+11 | |
|/ | | | | this removes the duplicate "sha" in x86_64 | |||||
* | Change http://botan.randombit.net to https URIs | Jack Lloyd | 2017-09-01 | 4 | -6/+6 | |
| | | | | | | Not a big deal since the site already uses HSTS, but whatever. [ci skip] | |||||
* | Add a CLI util for inspecting TLS client hellos | Jack Lloyd | 2017-09-01 | 1 | -0/+111 | |
| | ||||||
* | De-inline accessor functions in Client_Hello type | Jack Lloyd | 2017-09-01 | 2 | -93/+130 | |
| | | | | | This class is exposed but the extension types aren't, so calls to these functions from outside the library would not link. | |||||
* | Fix --error-output= option to cli | Jack Lloyd | 2017-09-01 | 1 | -3/+3 | |
| | | | | [ci skip] | |||||
* | Merge GH #1173 Correct TLS signature hash policy check | Jack Lloyd | 2017-09-01 | 5 | -18/+62 | |
|\ | ||||||
| * | Don't try enforcing the hash policy for PSK ciphersuites | Jack Lloyd | 2017-09-01 | 1 | -1/+1 | |
| | | | | | | | | Since we don't end up signing anything in any case. | |||||
| * | Enforce signature hash policy properly | Jack Lloyd | 2017-08-31 | 5 | -18/+62 | |
| | | | | | | | | | | | | | | | | Previously if the client did not send signature_algorithms, or if it only included algos not in the policy, we would just fallback to the hardcoded SHA-1 default of TLS v1.2 Instead check the policy before accepting anything. | |||||
* | | Merge GH #1174 Simplify AppVeyor build config closes #1172 | Jack Lloyd | 2017-09-01 | 1 | -50/+22 | |
|\ \ | ||||||
| * | | Simplifiy AppVeyor config, single debug build on VC2017 | Jack Lloyd | 2017-09-01 | 1 | -50/+22 | |
| |/ | ||||||
* / | Just skip Sonar build if SONAR_TOKEN is not set | Jack Lloyd | 2017-09-01 | 1 | -10/+5 | |
|/ | | | | | | This is the case for a PR coming from an external repo [ci skip] | |||||
* | Rename file to match conventions | Jack Lloyd | 2017-08-31 | 1 | -0/+0 | |
| | | | | [ci skip] | |||||
* | Fix missing virtual destructor on CSP_Handle | Jack Lloyd | 2017-08-31 | 3 | -3/+4 | |
| | | | | Caught by GCC cross compiling. Also fix a couple 0-as-null warnings. | |||||
* | Remove python3 dep from cli_tests | Jack Lloyd | 2017-08-31 | 1 | -1/+1 | |
| | | | | It runs fine under python2 | |||||
* | Simplify RNG logic in CLI a bit | Jack Lloyd | 2017-08-31 | 2 | -15/+13 | |
| | ||||||
* | Merge GH #1169 Add LLVM bitcode target | Jack Lloyd | 2017-08-31 | 13 | -88/+133 | |
|\ | ||||||
| * | Work around limitation in old GCC and Clang | Jack Lloyd | 2017-08-31 | 1 | -1/+1 | |
| | |