aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* Simplify polynomial doubling codeJack Lloyd2017-09-056-156/+95
| | | | | | | | | | GCC and Clang generate effectively identical code for a template with parameters, vs completely unrolled code as was used previously. Add a little-endian variant so XTS can use it. This extends XTS support to cover 256 and 512-bit ciphers. I was not able to find another implementation that supports both XTS and ciphers with large blocks, so the XTS test vectors are self-generated.
* Correct TLS::Policy::latest_supported_versionJack Lloyd2017-09-041-2/+16
| | | | | This would do the wrong thing if TLS v1.2 was disabled but v1.0/v1.1 allowed.
* Small cleanups in ci_build.pyJack Lloyd2017-09-041-13/+20
|
* Move travis.yml to src/scripts/ciJack Lloyd2017-09-041-0/+132
|
* Added SHA3_XXX_PKCS OIDFrancis Dupont2017-09-041-0/+28
|
* Header shuffleJack Lloyd2017-09-041-5/+10
| | | | Still need basic system headers even when using asio for network
* MinGW fixesJack Lloyd2017-09-042-4/+4
|
* Merge GH #1182 Add support for ARMv8 AES instructionsJack Lloyd2017-09-034-0/+367
|\
| * Add support for AES extensions on ARMv8Jack Lloyd2017-09-034-0/+367
| | | | | | | | Based on the patch in GH #1146
* | Merge GH #1181 Add support for ARMv8 PMULL instructionJack Lloyd2017-09-034-0/+112
|\ \
| * | Add support for ARMv8 PMULL instructionJack Lloyd2017-09-034-0/+112
| |/ | | | | | | Contributed in GH #842
* | Merge GH #1180 Refactorings to support Windows PhoneJack Lloyd2017-09-0317-480/+560
|\ \ | |/ |/|
| * TypoJack Lloyd2017-09-031-1/+1
| |
| * Define macro so windows.h doesn't include winsock.hJack Lloyd2017-09-033-0/+4
| | | | | | | | Ugh Windows headers y u so nasty.
| * Move secure_scrub_memory to os_utils.cppJack Lloyd2017-09-032-40/+27
| |
| * Refactor network code used in http_utilJack Lloyd2017-09-033-140/+303
| | | | | | | | Move the actual socket stuff to os_utils.cpp
| * Refactor RNGs to support Windows PhoneJack Lloyd2017-09-0211-301/+227
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This OS has its own crypto API and does not support CryptGenRandom. Splits System_RNG_Impl into distinct declarations one per implementation type. Easier to read now that we are up to 4 distinct versions. Removes the CryptoAPI entropy source, and replaces it with an entropy source that calls the system RNG. This is nominally a bit less flexible in that the entropy source allowed polling multiple providers (though we didn't actually make use of that). Plus side is it works on all systems. Currently the dev_random entropy source is still there because we do actually use it to poll both /dev/random and /dev/urandom, and it might be useful (on certain systems) to also poll a HW RNG, which are often assigned their own device node. This could debatably also be removed in favor of just reading the system RNG.
* | Cleanups in cpuid handling codeJack Lloyd2017-09-031-47/+47
| |
* | Avoid g_ prefix on local variableJack Lloyd2017-09-031-3/+3
| | | | | | | | Reserving it for globals so they are easy to grep for
* | Avoid leaking address info in the case of a connection failureJack Lloyd2017-09-031-2/+2
| | | | | | | | | | | | Not really a problem since we're exiting shortly afterwards. [ci skip]
* | Clean up use of <limits> headerJack Lloyd2017-09-038-14/+6
| | | | | | | | Don't include it where it is not needed, included it where it is used.
* | Add missing overrideJack Lloyd2017-09-031-1/+1
|/
* Avoid using std::cout and std::cerr within cli codeJack Lloyd2017-09-025-85/+87
| | | | Prevents redirection using --output and --error-output
* Output errors to cerrJack Lloyd2017-09-021-4/+4
|
* Avoid using <iostream> header within the libraryJack Lloyd2017-09-022-2/+4
| | | | We only need <istream> + <ostream> here
* Clean up fuzzer code a bitJack Lloyd2017-09-025-46/+34
| | | | | If we ever output something to the terminal it should be because we are crashing.
* Merge GH #1179 Support negative base in power_mod closes #1168Jack Lloyd2017-09-023-3/+44
|\
| * Support a negative base in power_modJack Lloyd2017-09-023-3/+44
| | | | | | | | Closes #1168
* | Merge GH #1178 Use botan-ci-tools repo for binaries needed by CIJack Lloyd2017-09-021-11/+14
|\ \ | |/ |/|
| * Fix qemu packageJack Lloyd2017-09-021-1/+1
| | | | | | | | The qemu-user-static package installs them under different names.
| * Use botan-ci-tools repo for packagesJack Lloyd2017-09-021-11/+14
| | | | | | | | | | | | | | | | | | | | | | Largely the goal with that is to reduce dependencies, especially removing www.randombit.net from the critical path for CI. Other marginally related attempts at speeding up CI - Only install qemu-user-static (which should be all we need) instead of the full qemu metapackage. - Avoid running brew update, all we need is ccache and really any version is fine.
* | Add --dump-traces option to tls_serverJack Lloyd2017-09-022-2/+19
| |
* | Add a script for running TLS-Attacker, remove old shell scriptsJack Lloyd2017-09-0215-163/+202
| | | | | | | | [ci skip]
* | Sort isa_extensions lists [ci skip]Simon Warta2017-09-024-14/+11
|/ | | | this removes the duplicate "sha" in x86_64
* Change http://botan.randombit.net to https URIsJack Lloyd2017-09-014-6/+6
| | | | | | Not a big deal since the site already uses HSTS, but whatever. [ci skip]
* Add a CLI util for inspecting TLS client hellosJack Lloyd2017-09-011-0/+111
|
* De-inline accessor functions in Client_Hello typeJack Lloyd2017-09-012-93/+130
| | | | | This class is exposed but the extension types aren't, so calls to these functions from outside the library would not link.
* Fix --error-output= option to cliJack Lloyd2017-09-011-3/+3
| | | | [ci skip]
* Merge GH #1173 Correct TLS signature hash policy checkJack Lloyd2017-09-015-18/+62
|\
| * Don't try enforcing the hash policy for PSK ciphersuitesJack Lloyd2017-09-011-1/+1
| | | | | | | | Since we don't end up signing anything in any case.
| * Enforce signature hash policy properlyJack Lloyd2017-08-315-18/+62
| | | | | | | | | | | | | | | | Previously if the client did not send signature_algorithms, or if it only included algos not in the policy, we would just fallback to the hardcoded SHA-1 default of TLS v1.2 Instead check the policy before accepting anything.
* | Merge GH #1174 Simplify AppVeyor build config closes #1172Jack Lloyd2017-09-011-50/+22
|\ \
| * | Simplifiy AppVeyor config, single debug build on VC2017Jack Lloyd2017-09-011-50/+22
| |/
* / Just skip Sonar build if SONAR_TOKEN is not setJack Lloyd2017-09-011-10/+5
|/ | | | | | This is the case for a PR coming from an external repo [ci skip]
* Rename file to match conventionsJack Lloyd2017-08-311-0/+0
| | | | [ci skip]
* Fix missing virtual destructor on CSP_HandleJack Lloyd2017-08-313-3/+4
| | | | Caught by GCC cross compiling. Also fix a couple 0-as-null warnings.
* Remove python3 dep from cli_testsJack Lloyd2017-08-311-1/+1
| | | | It runs fine under python2
* Simplify RNG logic in CLI a bitJack Lloyd2017-08-312-15/+13
|
* Merge GH #1169 Add LLVM bitcode targetJack Lloyd2017-08-3113-88/+133
|\
| * Work around limitation in old GCC and ClangJack Lloyd2017-08-311-1/+1
| |