Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Speed up DSA param gen test | Jack Lloyd | 2016-12-26 | 4 | -14/+42 |
| | | | | Record counter value in test data, and start the search from there. | ||||
* | Travis did not like these long tests | Jack Lloyd | 2016-12-25 | 1 | -2/+2 |
| | |||||
* | Add basic docs for TPM API | Jack Lloyd | 2016-12-24 | 2 | -1/+115 |
| | |||||
* | Fix XMSS speed command | Jack Lloyd | 2016-12-24 | 1 | -4/+6 |
| | |||||
* | Long test was too long | Jack Lloyd | 2016-12-24 | 1 | -6/+3 |
| | |||||
* | Add test option --run-long-tests | Jack Lloyd | 2016-12-24 | 13 | -58/+131 |
| | | | | | | Previously longer tests were hidden behind higher 'soak levels' but these arbitrary cutoffs are confusing compared to a simple short tests/long tests split. | ||||
* | Merge GH #783 Expose TLS message types to applications | Jack Lloyd | 2016-12-24 | 21 | -31/+45 |
|\ | |||||
| * | Export tls_messages.h as a public header | René Korthaus | 2016-12-23 | 21 | -31/+45 |
| | | | | | | | | | | | | | | TLS::Callbacks::inspect_handshake_message() allows applications to inspect all handshake messages, but this requires access to the types in tls_messages.h. As a matter of fact, this also exports tls_extensions.h as a public header. | ||||
* | | Compile fix | Jack Lloyd | 2016-12-23 | 1 | -0/+1 |
| | | |||||
* | | Fix file descriptor leak introduced in bcae34c0c | Jack Lloyd | 2016-12-23 | 2 | -5/+1 |
|/ | | | | Caused tests to fail on CI | ||||
* | Ignore the right thing | Jack Lloyd | 2016-12-23 | 1 | -1/+1 |
| | |||||
* | Fix minimized build | Jack Lloyd | 2016-12-23 | 1 | -0/+4 |
| | |||||
* | Remove nested anon namespace | Jack Lloyd | 2016-12-23 | 1 | -4/+0 |
| | |||||
* | Add DL_Group tests | Jack Lloyd | 2016-12-23 | 5 | -18/+169 |
| | | | | | | | | | Fix a bug in how the 6144 and 8192 IETF MODP groups were encoded; they have g and q values switched. Fixed by just switching the PEM header to match the actual encoded format. Rename DL_Group::X942_DH_PARAMETERS to ANSI_X9_42_DH_PARAMETERS to avoid a macro conflict with Windows cryptography headers (GH #482) | ||||
* | Fix ECDH test | Jack Lloyd | 2016-12-22 | 1 | -13/+10 |
| | |||||
* | More filter tests | Jack Lloyd | 2016-12-22 | 5 | -35/+83 |
| | | | | | Expose Data{Source,Sink}_Stream types even if no filesystem is available. Instead just guard the constructors taking a pathname. | ||||
* | Add tests for AEAD name and nonce size APIs | Jack Lloyd | 2016-12-22 | 1 | -0/+3 |
| | |||||
* | Add tests for 4-pass Tiger hash | Jack Lloyd | 2016-12-22 | 1 | -0/+12 |
| | |||||
* | Add AES GCM tests from Wycheproof | Jack Lloyd | 2016-12-22 | 1 | -0/+35 |
| | |||||
* | Add Wycheproof EAX test cases | Jack Lloyd | 2016-12-21 | 1 | -18/+170 |
| | |||||
* | Merge GH #779 Add ECDH/ECIES blinding and DH small subgroup checking | Jack Lloyd | 2016-12-21 | 4 | -18/+55 |
|\ | |||||
| * | Add missing q == 0 check in DL_Scheme_PublicKey::check_key() as q may not be ↵ | Never | 2016-12-20 | 1 | -7/+19 |
| | | | | | | | | available in all groups | ||||
| * | Blind the ECDH/ECIES agree operation. | Never | 2016-12-19 | 2 | -12/+21 |
| | | |||||
| * | Added DH public key check y^q mod p = 1 against small-subgroup attacks as ↵ | Never | 2016-12-19 | 1 | -0/+2 |
| | | | | | | | | described in rfc2785 | ||||
| * | Improved DL_Group verification. The group is invalid, if g^q mod p !=1 and ↵ | Never | 2016-12-19 | 1 | -5/+19 |
| | | | | | | | | increased number of Miller-Rabin iterations, if strong is set (we pass 128 as prob in make_prm.cpp). | ||||
* | | Add RSA PKCS1v1.5 signature verification tests from Wycheproof suite. | Jack Lloyd | 2016-12-20 | 5 | -1/+229 |
| | | | | | | | | | | A set of carefully generated invalid signatures which are sometimes accepted by implementations due to bugs in padding verification. | ||||
* | | Some readme changes | Jack Lloyd | 2016-12-19 | 1 | -48/+33 |
| | | | | | | | | | | | | Use https links where possible. [ci skip] | ||||
* | | Remove obsolete test data | Jack Lloyd | 2016-12-19 | 34 | -152/+0 |
| | | | | | | | | | | Remove test files for CVC as well as various tests which have subsequently been rewritten. | ||||
* | | Remove duplicate test data | Jack Lloyd | 2016-12-19 | 153 | -0/+6 |
| | | | | | | | | | | | | All 76 of the NIST certificate tests use the same root certificate and that issuer has an identical CRL for each test. So, just have the one copy. | ||||
* | | Add additional primality tests | Jack Lloyd | 2016-12-19 | 2 | -64/+222 |
| | | | | | | | | | | | | | | Add a long list of 'false' primes from Google's Wycheproof tests: https://github.com/google/wycheproof/blob/master/java/com/google/security/wycheproof/testcases/BigIntegerTest.java Split vector file format into Prime and NonPrime sections for easier reading. | ||||
* | | Merge GH #781 Fix Doxygen comments for ISO 9796 padding | Jack Lloyd | 2016-12-19 | 1 | -4/+4 |
|\ \ | |||||
| * | | ISO-9796-2 doxygen build fixes | Daniel Neus | 2016-12-19 | 1 | -4/+4 |
| | | | |||||
* | | | Merge GH #780 Add more PKCS11 tests | Jack Lloyd | 2016-12-19 | 1 | -0/+52 |
|\ \ \ | |/ / |/| | | |||||
| * | | add some PKCS#11 negative tests | Daniel Neus | 2016-12-19 | 1 | -0/+52 |
|/ / | | | | | | | | | - for PKCS11::Slot - for PKCS11::Session | ||||
* | | Fix ECIES test | Jack Lloyd | 2016-12-19 | 1 | -1/+1 |
| | | |||||
* | | Minor refactoring of Text_Based_Test | Jack Lloyd | 2016-12-19 | 39 | -149/+129 |
| | | | | | | | | | | | | Turns out astyle has some bugs wrt C++11 initialize lists. Rather than having astyle mangle all of the tests, convert to using a string which is split once at the start instead of a vector of keys. | ||||
* | | Add CertificatePathStatusCodes typedef | Jack Lloyd | 2016-12-18 | 2 | -31/+37 |
| | | | | | | | | Little easier to read perhaps, and helps prevent some astyle confusion. | ||||
* | | Merge GH #771 Use cstdint integer types | Jack Lloyd | 2016-12-18 | 578 | -5572/+5573 |
|\ \ | |||||
| * | | Convert to using standard uintN_t integer types | Jack Lloyd | 2016-12-18 | 578 | -5572/+5573 |
|/ / | | | | | | | | | | | Renames a couple of functions for somewhat better name consistency, eg make_u32bit becomes make_uint32. The old typedefs remain for now since probably lots of application code uses them. | ||||
* | | Add libs target to makefiles | Jack Lloyd | 2016-12-18 | 2 | -0/+4 |
| | | | | | | | | [ci skip] | ||||
* | | IncludeOS has random device files now | Jack Lloyd | 2016-12-18 | 1 | -0/+1 |
| | | | | | | | | | | | | GH #726 [ci skip] | ||||
* | | Add new module sanity check to configure.py | Jack Lloyd | 2016-12-18 | 1 | -0/+14 |
| | | | | | | | | [ci skip] | ||||
* | | Disable TLS signature and finished message checks in fuzzer mode | Jack Lloyd | 2016-12-17 | 4 | -8/+31 |
| | | | | | | | | | | Also use a const time comparison for the finished message, though I don't see any real way of exploiting that timing channel. | ||||
* | | Update OCSP manual, and inline to main X.509 doc | Jack Lloyd | 2016-12-17 | 3 | -48/+116 |
| | | | | | | | | [ci skip] | ||||
* | | Merge GH #777 Update X.509 manual | Jack Lloyd | 2016-12-17 | 1 | -58/+243 |
|\ \ | |||||
| * | | Update the X.509 manual and add more information | René Korthaus | 2016-12-17 | 1 | -58/+243 |
| | | | |||||
* | | | Merge GH #776 Support brainpool curves in OpenSSL provider | Jack Lloyd | 2016-12-17 | 1 | -1/+17 |
|\ \ \ | |||||
| * | | | Add support for brainpool curves in openssl provider | René Korthaus | 2016-12-17 | 1 | -1/+17 |
| |/ / | | | | | | | | | | | | | OpenSSL 1.0.2 added support for brainpool curves, so we can use it provided the version check succeeds. | ||||
* / / | Add OCSP fuzzer | Jack Lloyd | 2016-12-17 | 3 | -11/+27 |
|/ / | | | | | | | | | | | | | | | | | Some attempts at reducing overhead in ECC math tests, unclear if really changed anything for my machine but probably can't hurt. Fix LLVM build flags [ci skip] | ||||
* | | Merge GH #775 Update BSI TLS policy | Jack Lloyd | 2016-12-16 | 1 | -1/+4 |
|\ \ | | | | | | | | | | [ci skip] |