aboutsummaryrefslogtreecommitdiffstats
path: root/checks
Commit message (Collapse)AuthorAgeFilesLines
* GOST was using a completely non-standard set of sboxes. Change it to uselloyd2009-03-271-20/+59
| | | | | | | | | | | | | | | GostR3411_94_TestParamSet, this is compatible with the implementations in Crypto++ and OpenSSL. This is not backwards compatible, though once the implementation supports multiple param sets (which is required, unfortunately, for compatability with various standards by CryptoCom, who have defined not one but at least 4 (!!!) different sboxes to use with GOST), I may offer Botan's previous sbox set as an option. Since adding the GOST hash function (34.11) and signing algorithm (34.10) are on the long term agenda (request by Rickard Bondesson, as the Russian authorities want to use their local standards for their DNSSEC use), I renamed the block cipher class (which had been just 'GOST') to GOST_28147_89 to minimize future name clashes.
* Check in a branch with a major redesign on how entropy polling is performed.lloyd2009-01-271-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Combine the fast and slow polls, into a single poll() operation. Instead of being given a buffer to write output into, the EntropySource is passed an Entropy_Accumulator. This handles the RLE encoding that xor_into_buf used to do. It also contains a cached I/O buffer so entropy sources do not individually need to allocate memory for that with each poll. When data is added to the accumulator, the source specifies an estimate of the number of bits of entropy per byte, as a double. This is tracked in the accumulator. Once the estimated entropy hits a target (set by the constructor), the accumulator's member function predicate polling_goal_achieved flips to true. This signals to the PRNG that it can stop performing polling on sources, also polls that take a long time periodically check this flag and return immediately. The Win32 and BeOS entropy sources have been updated, but blindly; testing is needed. The test_es example program has been modified: now it polls twice and outputs the XOR of the two collected results. That helps show if the output is consistent across polls (not a good thing). I have noticed on the Unix entropy source, occasionally there are many 0x00 bytes in the output, which is not optimal. This also needs to be investigated. The RLE is not actually RLE anymore. It works well for non-random inputs (ASCII text, etc), but I noticed that when /dev/random output was fed into it, the output buffer would end up being RR01RR01RR01 where RR is a random byte and 00 is the byte count. The buffer sizing also needs to be examined carefully. It might be useful to choose a prime number for the size to XOR stuff into, to help ensure an even distribution of entropy across the entire buffer space. Or: feed it all into a hash function? This change should (perhaps with further modifications) help WRT the concerns Zack W raised about the RNG on the monotone-dev list.
* Add some test vectors for EMSA3(Raw) with RSA generated using Crypto++lloyd2008-11-301-0/+58
|
* Add verification tests for RSA/EMSA4 signatures generated by Crypto++ 5.5.2lloyd2008-11-281-0/+136
| | | | using SHA-224, SHA-256, and RIPEMD-160
* Add test vectors for RSA/EMSA2 generated by Crypto++ 5.5.2lloyd2008-11-281-0/+318
| | | | | using hashes SHA-224, SHA-256, SHA-384, SHA-512, RIPEMD-128, RIPEMD-160, and Whirlpool.
* Add test vectors for RSA EMSA3 with RIPEMD-160 and Tiger. Generated bylloyd2008-11-281-0/+153
| | | | Crypto++ 5.5.2 on motoko (x86-64 Gentoo)
* Add a set of test vectors for RSA/EMSA3 with SHA-1, SHA-224, SHA-256,lloyd2008-11-281-0/+337
| | | | SHA-384, and SHA-512 generated using Crypto++ 5.5.2
* Using SHA-1 as the check hash in the block cipher tests is messy b/c SHA-1lloyd2008-11-231-1/+1
| | | | | has many engine variants, etc. Instead use CRC32 which tends to work and not be surprising.
* Add a few test vectors for SHA-1 with longer inputslloyd2008-11-231-0/+129
|
* Move AutoSeeded_RNG decl before check for --help flag, so startup time is ↵lloyd2008-11-221-2/+2
| | | | easy to measure
* Disable ec_tests.cpp unless ECDSA is enabledlloyd2008-11-171-1/+13
|
* Reorganize all GF(p)/ECC tests to be called from pk.cpplloyd2008-11-174-11/+13
|
* Output that ECC tests are being run, and run them after GF(p) math tests ↵lloyd2008-11-172-2/+5
| | | | which is a reasonable ordering
* Tame ec_tests.cpp and integrate it into the test code.lloyd2008-11-173-1115/+1124
| | | | | | | | I'm seeing one failure on Core2. Have not diagnosed at all. A number of tests are #if'ed out. Many were rubbed out in the original InSiTo version, others I commented out due to changed/removed APIs.
* Add ec_test.cpp from InSiTo (low level ECC test cases)lloyd2008-11-171-0/+1202
|
* Fix mode benchmarkinglloyd2008-11-171-0/+2
|
* Use std::vector instead of SecureVector to hold random input for filter ↵lloyd2008-11-171-3/+3
| | | | benchmark
* Only create RNG if needed in test applloyd2008-11-131-5/+5
|
* Remove support for provider identifiers from SCAN_Name - it turns out thislloyd2008-11-121-0/+2
| | | | | | | | | | | | was not the right place to keep track of this information. Also modify all Algorithm_Factory constructor functions to take instead of a SCAN_Name a pair of std::strings - the SCAN name and an optional provider name. If a provider is specified, either that provider will be used or the request will fail. Otherwise, the library will attempt best effort, based on user-set algorithm implementation settings (combine with benchmark.h for choosing the fastest implementation at runtime) or if not set, a static ordering (preset in static_provider_weight in prov_weight.cpp, though it would be nice to make this easier to toggle).
* Change LibraryInitializer back to accepting a std::string for backwardslloyd2008-11-111-1/+1
| | | | compatability.
* Fix segfault due to shared objects in DLIES testlloyd2008-11-111-3/+10
|
* Remove lookup.h use from DLIES, PK key agreement, DSA param gen, get_enc.cpplloyd2008-11-112-4/+13
|
* Update initializer in self-testlloyd2008-11-101-3/+2
|
* Another check for Parallel matching TLS.Digest.0 checklloyd2008-11-101-0/+3
|
* Handle HMAC_RNG not being enabled in dolook2.cpplloyd2008-11-101-11/+20
|
* Add DLIES benchmarklloyd2008-11-091-10/+72
|
* Remove include of enums.hlloyd2008-11-081-1/+0
|
* Split the last parts of the 'core' modulelloyd2008-11-081-0/+1
| | | | Add some missing info.txts
* Add AutoSeeded_RNG to benchmark outputlloyd2008-11-072-0/+10
|
* Add HMAC_RNG benchmarks. Change X9.31 PRNG to use HMAC_RNG as lower RNGlloyd2008-10-282-11/+35
|
* Remove stray textlloyd2008-10-281-1/+0
|
* Use a single RNG in check/test codelloyd2008-10-271-10/+5
|
* Move rng.{cpp,h} from core to rng/ topdirlloyd2008-10-261-21/+19
| | | | | | | | | | | | | | Add a new class AutoSeeded_RNG that is a RandomNumberGenerator that wraps up the logic formerly in RandomNumberGenerator::make_rng. make_rng in fact now just returns a new AutoSeeded_RNG object. AutoSeeded_RNG is a bit more convenient because - No need to use auto_ptr - No need to dereference (same syntax everywhere - it's an underestimated advantage imo) Also move the code from timer/timer_base to timer/
* Kill stray textlloyd2008-10-241-1/+1
|
* More useful PK benchmark output (also a bit easier to parse)lloyd2008-10-221-32/+46
|
* Use heap rather than stack for data input. Increase size to 128klloyd2008-10-221-5/+5
|
* Avoid integer overflows in the benchmark timer code. This would lead tolloyd2008-10-222-5/+10
| | | | bad results, especially noticable with fast algorithms and long test times.
* Timer tried to guess if it should use seconds or ms, but it always chooselloyd2008-10-171-13/+4
| | | | | | | the wrong one in some situation or another. Just print milliseconds no matter what. Also it's easier to read/compare if everything is in the same unit (obv)
* Move CVC tests back to the last thing, also disable for the moment becauselloyd2008-10-151-1/+1
| | | | | | | | | several are failing with an uncaught exception. The test failures may be due to the fact that ECDSA's support for EAC is not included at the moment, and the CVC code that attempts to do it is #if'ed out. It certainly can't help anyway. Exception is a decoding error, so seems quite plausible.
* Fix include of mp_asm.h in mp_ia32_msvc/mp_asmi.h (used quotes instead of ↵lloyd2008-10-151-1/+1
| | | | brackets)
* Add a CBC-MAC/AES test vector from Bounce Castle via InSiTo's cbcmac_tests.cpplloyd2008-10-141-0/+6
|
* Point CVC tests against the right directorylloyd2008-10-141-36/+38
|
* Add test suite for card verifiable certificates (cert/cvc) from InSiTo ↵lloyd2008-10-144-18/+608
| | | | (tests by Falko Strenzke)
* Add ECKAEG tests from InSiTo, by Manuel Hartllloyd2008-10-143-0/+299
|
* Add ECKAEG benchmark. Fix several problems found in ECKAEG key (had pure ↵lloyd2008-10-131-5/+73
| | | | virtuals)
* Spellinglloyd2008-10-131-2/+2
|
* Add DES/CBC and 3DES/CBC to benchmark output. (3DES/CBC shows up as 17%lloyd2008-10-131-0/+3
| | | | faster than OpenSSL's - I hope that is not a fluke in the benchmark program)
* Add a simplistic ECDSA benchmarklloyd2008-10-121-0/+58
|
* ec_test_mes1 file no longer used by ECDSA testslloyd2008-10-121-1/+0
|
* ECDSA test cleanup. Remove some old commented out code.lloyd2008-10-121-40/+41
|