aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* V814 Decreased performance. The 'strlen' function was called multiple times ↵Daniel Neus2016-02-081-2/+1
| | | | inside the body of a loop. test_compression.cpp 78
* Make SRP6 support optional in TLSJack Lloyd2016-02-0710-20/+72
| | | | | | | | Remove SRP_SHA from the default policy, since normal applications do not need it. Removes nullptr initializers of unique_ptrs in the Server_Key_Exchange constructor, that's the default unique_ptr already.
* Utils needs librt dependency due to calling clock_gettimeJack Lloyd2016-02-071-0/+4
| | | | Was previously on hres_timer entropy source
* Add explicit fork check to HMAC_RNGJack Lloyd2016-02-076-85/+118
| | | | | | | | | | | Add OS functions get_process_id, get_processor_timestamp, and get_system_timestamp_ns. HMAC_RNG uses the pid call to detect forks to initiate a reseed. It also adds the output of all three functions (the pid, the CPU cycle counter, and the system timestamp) into the PRF input. Calls the new OS timer functions from hres_timer entropy source. Removes the call to QPC in es_win32 which is mostly redundant with the one in hres_timer.
* Remove support for the TLS min fragment length extension.Jack Lloyd2016-02-0711-147/+18
|
* Remove TLS heartbeat support.Jack Lloyd2016-02-0716-292/+1
| | | | | The signature of the alert callback remains unchanged to avoid breaking applications, though now the buffer parameter is never set.
* Remove dead write. Closes GH #401Jack Lloyd2016-02-071-2/+5
|
* Remove redundant initialization. Closes GH #399Jack Lloyd2016-02-071-1/+0
|
* Revert GH #365 Replace deprecated Win API calls in Win32_EntropySourceJack Lloyd2016-02-061-3/+3
| | | | | | | | | | | | | | | | | | Thinking it over I've realized this was not a good move; XP may be EOLed but is still widely used and even VS 2015 still supports targeting XP. It's not really the same situation as going to extra efforts for supporting SunOS 5.1 or VAX/VMS, instead it actively broke support for something which is still widely deployed. And for those building for XP the options are patch out the call (GH #416) or disable win32_stats altogether in their build. I'd like to prevent downstream distributors from having to patch, because that can get messy. And while the design of CryptGenRandom is not disclosed it apparently has changed over time and at one point (IIRC) used RC4 to generate outputs, so if there is any OS that could use some extra help generating seed material it is XP. There may be future code that really makes use of APIs added after XP - CryptoNG, TPM support, etc and then people targetting XP will have to compile out those modules. But it doesn't make sense to break it here for this small gain.
* Order the accesses to A[] in the Keccak permutation.Jack Lloyd2016-02-061-17/+17
| | | | | | Consistent speed up of about ~5% on my machine. Also tried moving all the A[] values to local registers, was slower.
* Fix two bugs in 1.11.27 which caused test failures.1.11.28Jack Lloyd2016-02-013-4/+6
| | | | | | | | | | | | | The check on each individual size in curve_mul is too strict since we rely on redc(x*1) during the on the curve computation. Fix an off by one in ressol which caused it to occasionally reject valid values. Updating version 1.11.28 since existing 1.11.27 tag already pushed :( Fix an off-by-one in ressol which would cause it to occasionly give up too early.
* Fix heap overflow in ECC point multiplicationJack Lloyd2016-02-016-4/+76
| | | | | | | | | | | | | | If affine coordinates larger than the prime modulus were given, a later multiplication could overflow the size of an allocated output buffer, which was sized based on the size of the prime. This will cause an overflow into either the system heap or if the mlock/mmap pool allocator is in use, then into the adjacent key material stored in the pool. Reported by Alex Gaynor who found it with AFL Also fix a one word overwrite in P-521 reduction. Found with AFL
* Fix (nearly) infinite loop in RESSOL (modular square root).Jack Lloyd2016-02-013-8/+43
| | | | | | | It first computed the first i for q**(2**i) == 1, then checked that i was smaller than s. Given a composite modulus (for which the algorithm does not work), the loop might do a very large amount of work before returning the failure.
* Fix indentJack Lloyd2016-01-301-171/+193
|
* Add Blake2b hash function (GH #413 by cynecx)Jack Lloyd2016-01-305-0/+3388
|\
| * Blake2b: use rotate_right instead of a macrocynecx2016-01-271-7/+5
| |
| * Blake2b: Fix for MSVCcynecx2016-01-261-5/+3
| |
| * Blake2b: Add copyright & fix header guardcynecx2016-01-262-3/+17
| |
| * Blake2b: add 'abc' test vectorcynecx2016-01-261-0/+3
| |
| * Add Blake2b hash functioncynecx2016-01-265-0/+3375
| |
* | Guard use of X9.31 RNG in macro checkJack Lloyd2016-01-291-3/+5
| |
* | Avoid -Wmaybe-uninitialized warning under GCC 5.3Jack Lloyd2016-01-291-4/+6
| | | | | | | | | | | | As best I can tell it wasn't actually possible for the value to be used uninitialized, since it was initialized if m_outer_summands > 1 and only used if m_outer_summands was at least 2.
* | Fix buffer sizes in speed. Avoid repeated MAC keyingsJack Lloyd2016-01-291-12/+8
| |
* | Add time tests for all RNG typesJack Lloyd2016-01-261-11/+68
|/
* Add speed test for entropy sourcesJack Lloyd2016-01-171-6/+31
|
* Add missing overrides and fix -Wpedantic 'extra ;' warningsJack Lloyd2016-01-177-33/+33
| | | | | | | | | | Remove -Wsuggest-attribute=noreturn from maintainer mode flags as it seems like outside of the assertion failure macro any other suggestion would always be a false positive (an unimplemented function or the like). Or at least, if such a function needing noreturn to assist with static analysis is added in the future it will be obvious, by virtue of the static analyzer warnings which occur due to the missing noreturn preventing the analyzer from understanding code flow.
* Merge GH #410 enable -WpedanticJack Lloyd2016-01-173-3/+3
|\
| * Enable -Wpedantic on gcc and clangRené Korthaus2016-01-133-3/+3
| |
* | Avoid test failures in KEM when KDF is not found.Jack Lloyd2016-01-172-19/+44
| | | | | | | | GH #369
* | Make Entropy_Sources and Entropy_Accumulator final.Jack Lloyd2016-01-171-4/+2
| | | | | | | | Remove bogus virtual destructor on Entropy_Accumulator (has no virtuals)
* | Support small buffers in speed tests. Add RNG speed tests.Jack Lloyd2016-01-171-90/+136
| |
* | Avoid set<Ciphersuite>Jack Lloyd2016-01-171-6/+7
|/ | | | Works around a libstdc++ bug when fuzzing with libFuzzer
* Merge GH #365 Replace deprecated Windows API calls in Win32_EntropySourceJack Lloyd2016-01-131-3/+3
|\ | | | | | | | | | | By adopting MemoryStatusEx, this drops support for XP and Server 2003 which do not implement this API. This is considered a feature as these versions are already EOLed by Microsoft.
| * Replace deprecated Win API calls in Win32_EntropySourceDaniel Neus2015-12-161-3/+3
| | | | | | | | | | * GetTickCount is replaced by GetTickCount64(): see https://msdn.microsoft.com/en-us/library/windows/desktop/ms724408(v=vs.85).aspx for details * GlobalMemoryStatus is replaced by GlobalMemoryStatusEx: see https://msdn.microsoft.com/en-us/library/windows/desktop/aa366589(v=vs.85).aspx for details
* | Merge GH #409 Add Microsoft SmartcardLogon extended key usage OIDJack Lloyd2016-01-121-0/+2
|\ \
| * | Add Microsoft SmartcardLogon extended key usage OIDRené Korthaus2016-01-121-0/+2
| | |
* | | Merge GH #408 Add final attribute on many classesJack Lloyd2016-01-12133-244/+246
|\ \ \
| * | | Add final attribute to many classesJack Lloyd2016-01-10133-244/+246
| |/ / | | | | | | | | | | | | | | | | | | In some cases this can offer better optimization, via devirtualization. And it lets the user know the class is not intended for derivation. Some discussion in GH #402
* | | Merge GH #407 Add m_ prefix to more member variablesJack Lloyd2016-01-124-109/+109
|\ \ \
| * | | Prefix more member vars with m_ prefixRené Korthaus2016-01-114-109/+109
| |/ /
* / / Get rid of "extra ';'" warnings and force semicolon after macrosSimon Warta2016-01-114-6/+9
|/ /
* | Merge remote-tracking branch 'remotes/github/master' into noreturnDaniel Neus2016-01-09216-2991/+3022
|\ \ | | | | | | | | | | | | # Conflicts: # src/build-data/cc/gcc.txt
| * | Mass-prefix member vars with m_René Korthaus2016-01-08206-2980/+3011
| | |
| * | move -Wsuggest-override to maintainer_warning_flagsDaniel Neus2016-01-081-2/+2
| | | | | | | | | | | | to not break compatibility with older gcc versions (available in gcc 5.1)
| * | add missing overridesDaniel Neus2016-01-0810-10/+10
| | | | | | | | | | | | found by gcc with -Wsuggest-override
* | | move noreturn before the function declarationDaniel Neus2016-01-081-2/+2
| | |
* | | fix BOTAN_NORETURN macroDaniel Neus2016-01-081-1/+1
| | |
* | | don't declare functions noreturn that are maybe implemented in the futureDaniel Neus2016-01-084-5/+5
| | | | | | | | | | | | In addition don't declare virtual functions noreturn
* | | add BOTAN_NORETURN macro and mark those functions that do not return with itDaniel Neus2016-01-087-7/+23
|/ /
* | Precompile the list of TLS ciphersuitesJack Lloyd2016-01-064-297/+479
| | | | | | | | | | | | | | | | | | | | This avoids a scan over the entire 0 - 0xFFFF space which is mostly empty, by instead keeping a second list in tls_suite_info which is exactly the keys for which the switch statement has values. This scan is only ever done once (when first needed) but removing it is sufficient to increase AFL's throuhput by 4x since it goes through a full startup on each test.
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-05 00:57:23 +0000