aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Create a persistent registry for ECC group dataJack Lloyd2018-02-0410-403/+572
| | | | Now a single copy is maintained of each EC group info
* Move bundledcertdir to x509/miscJack Lloyd2018-02-022-1/+1
|
* Merge GH #1436 In Certificate_Store load multiple certs from fileJack Lloyd2018-02-023-2/+81
|\
| * Load every certificates of files found - fix test.Mathieu Souchaud2018-02-021-3/+0
| |
| * Load every certificates of files found - add test.Mathieu Souchaud2018-02-022-0/+69
| |
| * Load every certificates of files found.Mathieu Souchaud2018-02-011-2/+15
| |
* | Use -m32 for x86-32 builds with GCCJack Lloyd2018-02-021-0/+1
| | | | | | | | | | This used to not work but is fine with GCC 4.8 which is the minimum version we support. Fixes #1438
* | Increase default speed --msec to 300Jack Lloyd2018-02-021-1/+1
| | | | | | | | | | A good balance between being responsive and reasonable accurate. At 100 msec lots of errors wrt dynamic throttling etc.
* | Avoid deprecated functions in OpenSSL provider [ci skip]Jack Lloyd2018-02-011-3/+3
| |
* | Merge GH #1435 Use shared_ptr representation for EC_GroupJack Lloyd2018-02-0121-246/+480
|\ \
| * | Fix deprecation warningsJack Lloyd2018-02-012-11/+20
| | |
| * | Simplify ECC test OID lookupJack Lloyd2018-01-311-18/+17
| | |
| * | Avoid CurveGFp in EC_Group interfaceJack Lloyd2018-01-317-44/+125
| | |
| * | Use shared representation of EC_GroupJack Lloyd2018-01-3117-202/+347
| |/ | | | | | | Hide CurveGFp with an eye for eventual removal
* / Fix crash in x509_unit if any of DH, ECDH, or ElGamal were disabledJack Lloyd2018-02-012-5/+16
|/ | | | | | | | | | Introduced in bf1548695aea Was missed by CI because the BSI and NIST modules don't require x509, so none of the tests ran in that configuration. Explicitly add x509 for such builds. Fixes #1437
* Optimize SHA_3::expandJack Lloyd2018-01-311-15/+14
| | | | Noticable speedup for SHAKE esp with longer output lengths
* Add a few more tests of the test suite codeJack Lloyd2018-01-301-2/+56
|
* Fix copy paste errorJack Lloyd2018-01-302-2/+2
|
* Add function to query if filesystem support is enabled.Jack Lloyd2018-01-304-80/+63
| | | | Makes for much simpler code.
* Merge GH #1434 Avoid unnecessary allocations in SHA-3 finalizationJack Lloyd2018-01-305-71/+697
|\
| * WhitespaceJack Lloyd2018-01-301-5/+5
| |
| * Use copy_out_vec_le instead of explicit loop in SHA-3 and KeccakJack Lloyd2018-01-302-4/+2
| |
| * Reorganize SHA-3 source file [ci skip]Jack Lloyd2018-01-301-35/+35
| | | | | | | | Put all the statics at beginning followed by member functions.
| * Add a set of SHAKE-128 test vectors from NIST CAVSJack Lloyd2018-01-301-0/+627
| |
| * Avoid allocating zero bytes for SHA-3 paddingJack Lloyd2018-01-304-27/+28
| | | | | | | | Inspired by #1433
* | For hash/mac speed tests finalize the computation under the timerJack Lloyd2018-01-301-1/+6
| | | | | | | | | | | | Otherwise this misses the perf difference between SHAKE-128(512) and SHAKE-128(5120000) all the extra computation happens in the final function.
* | Have to remove sessions on client sideJack Lloyd2018-01-301-1/+1
|/ | | | | Clearing server side state doesn't help because we resume with a session ticket.
* Move FFI tests to sub-functionsJack Lloyd2018-01-301-235/+292
| | | | Add a test for hostname match function
* Add botan_x509_cert_hostname_matchJack Lloyd2018-01-302-0/+15
|
* Add test for non-null pointerJack Lloyd2018-01-301-0/+9
|
* Improve X.509 documentationJack Lloyd2018-01-292-86/+150
| | | | GH #1428
* Catch exceptions from subprocess in build_docs [ci skip]Jack Lloyd2018-01-291-6/+12
| | | | If eg binary file not found, this just crashed with no useful diagnostic.
* Update newsJack Lloyd2018-01-281-0/+25
|
* Merge GH #1285 Use enums for TLS params, add PSS signature supportJack Lloyd2018-01-2829-953/+1484
|\
| * Move generic TLS tests to test_tls.cppJack Lloyd2018-01-285-211/+310
| | | | | | | | | | | | Leaves unit_tls.cpp for the handshake level tests. Add some basic tests of the string<->enum conversions in tls_algos.h
| * Reorder signature scheme listJack Lloyd2018-01-281-12/+20
| | | | | | | | Now PSS shows up first and we negotiate it by default ;)
| * Use enums to represent TLS signature and kex algorithms.Jack Lloyd2018-01-2827-747/+1171
|/ | | | Adds support for PSS signatures (currently verifying only).
* Avoid resuming a session if policy doesn't allow itJack Lloyd2018-01-283-6/+7
| | | | Previously if the policy changed we'd continue to resume. #1431
* Blind attempt at fixing #1431Jack Lloyd2018-01-281-3/+2
|
* Fix a leak in OpenSSL block ciphersJack Lloyd2018-01-281-0/+3
| | | | Introduced when support for 1.1.0 API was added in #1056
* Fix amalgamation pragma for SSE 4.1Jack Lloyd2018-01-281-0/+6
| | | | Missed by Travis builds because GCC is too old there.
* Merge GH #1395 Add info on server-desired CA names to client cert callbackJack Lloyd2018-01-275-601/+329
|\
| * Add tests for server passing CA names for client authJack Lloyd2018-01-271-596/+289
| |
| * For TLS client auth add callback giving list of trusted CA namesJack Lloyd2018-01-274-5/+40
| | | | | | | | Fixes #1261
* | Note release schedule on index pageJack Lloyd2018-01-271-2/+3
| |
* | In client hello printer, don't require the handshake headerJack Lloyd2018-01-271-11/+8
|/
* Merge GH #1394 Add ability to use custom extensions, control which ↵Jack Lloyd2018-01-2713-276/+427
|\ | | | | | | extensions are used
| * Fix a few warningsJack Lloyd2018-01-272-3/+3
| |
| * Update TLS parser testsJack Lloyd2018-01-272-6/+6
| | | | | | | | | | Now all extensions are parsed at least to the extent of creating an unknown extension object.
| * Make it possible to test custom extensionsJack Lloyd2018-01-274-269/+331
| |