Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Fix further compiler macro bug exposed by #921 | Jack Lloyd | 2017-03-19 | 1 | -1/+1 |
| | |||||
* | Merge GH #921 Fix compiler macro mixup | Jack Lloyd | 2017-03-19 | 2 | -2/+2 |
|\ | |||||
| * | BOTAN_TARGET_COMPILER_IS -> BOTAN_BUILD_COMPILER_IS | Daniel Neus | 2017-03-15 | 2 | -2/+2 |
|/ | |||||
* | Merge GH #913 Follow PKIX rules for X.509 time formatting | Jack Lloyd | 2017-03-13 | 2 | -24/+97 |
|\ | |||||
| * | Fix: UTCTime interpreted as GeneralizedTime | Daniel Neus | 2017-03-13 | 2 | -24/+97 |
| | | | | | | | | | | | | | | | | | | | | | | | | Example: "200305100350Z" interpreted as "2003/05/10 03:50:00 UTC" correct is "2020/03/05 10:03:50 UTC" According to RFC 5280: UTCTime values ... MUST include seconds (i.e., times are YYMMDDHHMMSSZ) -> length 13 GeneralizedTime values ... MUST include seconds (i.e., times are YYYYMMDDHHMMSSZ) -> length 15 I think we should enforce the RFC5280 rules even if the ASN.1 rules are not that strict. | ||||
* | | Merge GH #912 Fix OpenBSD shared lib name | Jack Lloyd | 2017-03-13 | 2 | -9/+11 |
|\ \ | |||||
| * | | OpenBSD does not have 3 digit soname and library symlinks. | Alexander Bluhm | 2017-03-13 | 2 | -9/+11 |
| |/ | | | | | | | | | Set library name for openbsd to libbotan-2.so.0.0 and do not install symlinks. | ||||
* | | Merge GH #908 Document --with-build-dir correctly | Jack Lloyd | 2017-03-13 | 1 | -1/+1 |
|\ \ | |||||
| * | | Document --with-build-dir correctly in building manual. | Alexander Bluhm | 2017-03-09 | 1 | -1/+1 |
| |/ | |||||
* | | Merge GH #907 API doc fixes | Jack Lloyd | 2017-03-13 | 2 | -4/+4 |
|\ \ | |/ |/| | |||||
| * | Small fixes in API docs [ci skip] | René Korthaus | 2017-03-09 | 2 | -4/+4 |
|/ | |||||
* | Merge GH #905 Fix TLS doc re default DH minimum size | Jack Lloyd | 2017-03-07 | 1 | -1/+1 |
|\ | |||||
| * | Fix the default value (2048) of minimum_dh_group_size in the documentation | louiz’ | 2017-03-07 | 1 | -1/+1 |
| | | |||||
* | | Merge GH #901 Allow OCSP requests without the full subject certificate | Jack Lloyd | 2017-03-07 | 7 | -24/+69 |
|\ \ | |/ |/| | |||||
| * | Allow OCSP requests without the full subject certificate | Nuno Goncalves | 2017-03-04 | 7 | -24/+69 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A OCSP request doesn't need the full subject certificate. This extends the API to require instead of the subject certificate: * OCSP::Request: subject serial. * OCSP::online_check: subject serial AND ocsp responder url. API breaking change: * removal of OCSP::Request::subject() as OCSP::Request doesn't need to hold the certificate, but only the serial. Signed-off-by: Nuno Goncalves <[email protected]> | ||||
* | | Merge GH #904 Fix memory leak in TLS tests | Jack Lloyd | 2017-03-03 | 1 | -4/+6 |
|\ \ | |/ |/| | |||||
| * | fix mem leak in tls unit tests | Daniel Neus | 2017-03-03 | 1 | -4/+6 |
| | | |||||
* | | Change name constraint test to use a fixed reference time | Jack Lloyd | 2017-03-03 | 1 | -2/+6 |
| | | | | | | | | Test certs have expired. | ||||
* | | Avoid calling memmove with a null source in PKCSv1 signature encoding | Jack Lloyd | 2017-03-03 | 1 | -1/+7 |
| | | | | | | | | Only occured with EMSA_Raw. Caught by GCC 7 warning | ||||
* | | Add missing include, caught by GCC 7 | Jack Lloyd | 2017-03-03 | 1 | -0/+1 |
| | | | | | | | | Closes GH #903 | ||||
* | | Fix compiler warnings in timing_test CLI | Jack Lloyd | 2017-03-03 | 1 | -2/+4 |
|/ | |||||
* | Merge GH #902 Extend EC_PublicKey check, add EC_Group check, ECC invalid key ↵ | Jack Lloyd | 2017-03-02 | 8 | -4/+534 |
|\ | | | | | | | tests | ||||
| * | remove debug output from ecc_invalid unit tests | Never | 2017-02-28 | 1 | -2/+0 |
| | | |||||
| * | Merge pull request #2 from ↵ | Tobias | Never | 2017-02-28 | 5 | -1/+457 |
| |\ | | | | | | | | | | | | | Rohde-Schwarz-Cybersecurity/extended-ec-public-key-checks Extended ec public key checks | ||||
| | * | Add ECDSA key tests from Google's project Wycheproof | René Korthaus | 2017-02-12 | 4 | -13/+57 |
| | | | |||||
| | * | Add test vectors for invalid ECDSA public keys from FIPS 186-4 | René Korthaus | 2017-02-12 | 2 | -0/+185 |
| | | | |||||
| | * | Add test vectors for invalid ECDSA public keys from FIPS 186-2 | René Korthaus | 2017-02-12 | 3 | -1/+228 |
| | | | |||||
| * | | verify ec domain in EC_PublicKey::check_key | Never | 2017-02-28 | 1 | -1/+6 |
| | | | |||||
| * | | EC_PublicKey::check_key for curves with cofactor > 1 | Never | 2017-02-27 | 1 | -1/+24 |
| | | | |||||
| * | | Add ec_group verify function | Never | 2017-02-24 | 2 | -1/+49 |
| | | | |||||
* | | | Merge GH #893 Remove ECC fixed window code | Jack Lloyd | 2017-03-02 | 2 | -60/+7 |
|\ \ \ | |||||
| * | | | Converge on a single side channel silent ec mp alg: randomized | Never | 2017-02-22 | 2 | -60/+7 |
| | | | | | | | | | | | | | | | | | | | | Montgomery ladder with order.bits()/2 bit scalar blinding and point randomization | ||||
* | | | | Increase timing test defaults | Jack Lloyd | 2017-02-26 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | | | | | | | Mona errors out on < 512 values per secret [ci skip] | ||||
* | | | | Merge GH #894 Add timing_test command line util | Jack Lloyd | 2017-02-26 | 1 | -0/+454 |
|\ \ \ \ | |||||
| * | | | | Add `botan timing_test` command line utility | Jack Lloyd | 2017-02-26 | 1 | -0/+454 |
| | | | | | |||||
* | | | | | The certificate being tested by the OCSP online test has expired. | Jack Lloyd | 2017-02-26 | 1 | -1/+2 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This caused a test failure if run with --run-online-tests. This is not the default but it caused the coverage build to fail. Fix the test to reflect expired status. The whole thing does not seem wholly satsifactory since we are still relying the behavior on an external party, perhaps a mock OCSP responder should be created for the tests. | ||||
* | | | | | Merge GH #898 Fix pylint warnings in configure | Jack Lloyd | 2017-02-26 | 1 | -30/+40 |
|\ \ \ \ \ | |/ / / / |/| | | | | |||||
| * | | | | Configure: rename variables to avoid redefining builtins | Simon Warta | 2017-02-26 | 1 | -7/+7 |
| | | | | | |||||
| * | | | | Configure: Fix wrong variable name (credits to pylint) | Simon Warta | 2017-02-26 | 1 | -1/+1 |
| | | | | | |||||
| * | | | | Configure: remove trailing whitespace | Simon Warta | 2017-02-26 | 1 | -1/+1 |
| | | | | | |||||
| * | | | | Configure: move some members to shared InfoObject constructor | Simon Warta | 2017-02-26 | 1 | -20/+30 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The classes members members `infofile`, `lives_in`, `parent_module` and `basename` are all created from the infofile path and do not need the lexer, which interprets content of the info file. Pulling those out into a shared superclass constructor makes those members visible to a linting tool, reducing the number of warnings dramatically. | ||||
| * | | | | Configure: Disable wrong-import-position pylint warning | Simon Warta | 2017-02-26 | 1 | -1/+1 |
|/ / / / | |||||
* | | | | Add missing try/catch in invalid signature test | Jack Lloyd | 2017-02-26 | 1 | -2/+10 |
| | | | | | | | | | | | | | | | | From GH #889 | ||||
* | | | | Merge GH #891 Constant time decoding for ISO 9796 unpadding | Jack Lloyd | 2017-02-26 | 1 | -14/+26 |
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | Including missing length check #888 Replaces #889 | ||||
| * | | | | fix possible iso9796 side channel and add length check | Never | 2017-02-21 | 1 | -14/+26 |
| |/ / / | |||||
* | | | | Merge GH #895 | Jack Lloyd | 2017-02-26 | 8 | -12/+0 |
|\ \ \ \ | |_|/ / |/| | | | | | | | | | | | | | | | | | | | Remove verify_end calls before end_cons, since that function already verifies there is no leftover bits. Closes #890 | ||||
| * | | | Remove verify_end() chained immediatly before end_cons() (close #890) | Nuno Goncalves | 2017-02-25 | 8 | -12/+0 |
|/ / / | | | | | | | | | | | | | | | | | | | BER_Decoder::end_cons() allready assures the verify_end() function, so it is redundant. Signed-off-by: Nuno Goncalves <[email protected]> | ||||
* | | | Some todos [ci skip] | Jack Lloyd | 2017-02-23 | 1 | -1/+4 |
| | | | |||||
* | | | In CLI, if system RNG is available prefer it | Jack Lloyd | 2017-02-23 | 2 | -3/+10 |
|/ / | |||||
* | | Fix ECDSA timing test data | Jack Lloyd | 2017-02-20 | 1 | -1/+1 |
| | | | | | | | | | | | | See GH #880 [ci skip] |