aboutsummaryrefslogtreecommitdiffstats
path: root/src/tests/data
Commit message (Collapse)AuthorAgeFilesLines
* Add another AES-128 CFB testJack Lloyd2017-04-081-0/+6
| | | | | Generated by OpenSSL, I needed this to help test https://github.com/riboseinc/rnp/pull/48
* Merge GH #966 Add SM3 hash functionJack Lloyd2017-04-051-0/+423
|\
| * Add more SM3 hash test data.Daniel Wyatt2017-04-031-0/+417
| |
| * Add SM3 hash functionDaniel Wyatt2017-04-031-0/+6
| |
* | Fix X509 DN comparisonsJack Lloyd2017-04-042-0/+14
|/ | | | CVE-2017-2801
* Remove old timing test suiteJack Lloyd2017-03-287-0/+51
| | | | Replaced by version in cli added in #894
* Fix incorrect password truncation in bcrypt password hashing.Jack Lloyd2017-03-241-1/+271
| | | | | | | | | | The 56 char bound is bogus; Blowfish itself allows at most 448 bits in the key schedule, but Bcrypt's modification allows up to 72 chars for the password. Bug pointed out by Solar Designer. Also reject work factors 0...3 since all other extant bcrypt implementations require at least work factor 4. Adds more bcrypt tests generated by crypt_bcrypt and OpenBSD's version.
* Fix #917: calendar_point::to_std_timepoint() does not support years after 2037Daniel Neus2017-03-211-0/+3
| | | | Only throw on systems where 32 bit std::time_t is used.
* Add ECDSA key tests from Google's project WycheproofRené Korthaus2017-02-122-3/+18
|
* Add test vectors for invalid ECDSA public keys from FIPS 186-4René Korthaus2017-02-121-0/+184
|
* Add test vectors for invalid ECDSA public keys from FIPS 186-2René Korthaus2017-02-122-1/+189
|
* Support zero-length IV in ChaChaJack Lloyd2017-02-021-0/+3
| | | | Equivalent to an 8 byte all-zero IV, same handling as Salsa.
* Add more Noekeon testsJack Lloyd2017-01-271-8/+4114
| | | | | | Values take from the NESSIE submission package. [ci skip]
* Mark GMAC tests as being sensitive to clmul and AES-NI CPUID bitsJack Lloyd2017-01-171-0/+2
|
* Add tests for Stream_Cipher_ModeJack Lloyd2017-01-061-0/+14
| | | | GH #713
* Add tests for certificate status messageJack Lloyd2017-01-042-1/+18
| | | | | | | Currently untested by TLS crosstalk tests because it is not supported on the server side. Exposes the rest of TLS message types to application.
* Convert DH invalid key test to read from fileJack Lloyd2017-01-022-1/+32
|
* Add positive DH test vectors from NIST CAVPRené Korthaus2017-01-021-0/+232
|
* Increase default TLS DH min to 2048 bits, and add BSI policy class.Jack Lloyd2016-12-305-4/+26
| | | | | Moves BSI policy file to test data dir where it can be compared with what the hardcoded class outputs.
* Speed up DSA param gen testJack Lloyd2016-12-261-0/+20
| | | | Record counter value in test data, and start the search from there.
* Add tests for 4-pass Tiger hashJack Lloyd2016-12-221-0/+12
|
* Add AES GCM tests from WycheproofJack Lloyd2016-12-221-0/+35
|
* Add Wycheproof EAX test casesJack Lloyd2016-12-211-18/+170
|
* Add RSA PKCS1v1.5 signature verification tests from Wycheproof suite.Jack Lloyd2016-12-202-1/+158
| | | | | A set of carefully generated invalid signatures which are sometimes accepted by implementations due to bugs in padding verification.
* Remove obsolete test dataJack Lloyd2016-12-1934-152/+0
| | | | | Remove test files for CVC as well as various tests which have subsequently been rewritten.
* Remove duplicate test dataJack Lloyd2016-12-19152-0/+0
| | | | | | All 76 of the NIST certificate tests use the same root certificate and that issuer has an identical CRL for each test. So, just have the one copy.
* Add additional primality testsJack Lloyd2016-12-191-57/+214
| | | | | | | Add a long list of 'false' primes from Google's Wycheproof tests: https://github.com/google/wycheproof/blob/master/java/com/google/security/wycheproof/testcases/BigIntegerTest.java Split vector file format into Prime and NonPrime sections for easier reading.
* Add some additional ressol testsJack Lloyd2016-12-141-0/+20
|
* Fix exponentiation bug, related fixesJack Lloyd2016-12-142-0/+27
| | | | | | | | | | | | | | | GH #754 exposed a bug in the non-Montgomery exponentiation case. It turned out then when the fixed window was picked to any value > 1, the result would be incorrect due to an off by one. This is the one line fix in powm_fw.cpp Also fix a bug in bigint_mul which caused incorrect results, because the output BigInt was not being zeroed out before use. This is only exposed in rare cases, found (somewhat indirectly) in OSS-Fuzz #287. Add more modular exponentiation tests, which would have caught these issues earlier.
* Update test data to reflect change in e8009766ca2Jack Lloyd2016-12-111-24/+0
|
* Merge GH #759 Add ISO 9796-2 signature schemesJack Lloyd2016-12-082-0/+56
|\
| * Add ISO9796-2 Signature Schemes giving message recovery 2 and 3.Never2016-12-052-0/+56
| |
* | Merge GH #763 Document test vector originsJack Lloyd2016-12-085-0/+12
|\ \
| * | Add sources for some test vectors [ci skip]René Korthaus2016-12-085-0/+12
| | |
* | | Fix off by one in PKCS #1 v1.5 decryption decodingJack Lloyd2016-12-081-0/+46
|/ / | | | | | | | | | | | | | | | | | | | | | | When the code was changed in b8966d0f89e, the offset was not changed, so it would reject ciphertexts with exactly 8 bytes of random padding (the required minimum). Found by pkcs1 fuzzer which also had problems due to not having been updated at the same time. Add a test suite for decoding of PK decryption padding to cover the problem cases.
* | Remove ECB test vector fileJack Lloyd2016-12-041-418/+0
| | | | | | | | | | | | Two part commit with d44c00a as otherwise git assumes that ecb.vec was renamed xtea.vec, because the imported vectors swamped the ones that were previously being used in the bare block cipher tests.
* | Remove ECB modeJack Lloyd2016-12-043-0/+131
| | | | | | | | | | | | | | Not a good thing to offer at this level. If you know what you are doing for the strange special case where it is necessary, the raw BlockCipher interface is available and probably more convenient.
* | Add tests for TLS policy valuesJack Lloyd2016-11-264-0/+92
| |
* | Add test for various functions previously missed (T::clone, PBKDF::name, ↵Jack Lloyd2016-11-262-5/+5
| | | | | | | | | | | | | | AEAD::output_length) Fix a bug in CCM, GCM, and OCB decryption which caused `output_length(tag_size())` to fail even though empty plaintexts are certainly defined for all three modes.
* | Merge GH #653 OCSP and X.509 path validation refactorJack Lloyd2016-11-2511-2/+153
|\ \ | | | | | | | | | | | | | | | Splits up path validation into several sub-functions for easier testing and creating customized validation code. Much improved OCSP handling and OCSP tests.
| * | Account for new string in test dataJack Lloyd2016-11-251-2/+2
| | |
| * | Better OCSP tests including online testsJack Lloyd2016-11-235-0/+100
| | | | | | | | | | | | Tests touching network are gated by --run-online-tests flag.
| * | Add some simple OCSP testsJack Lloyd2016-11-235-0/+51
| |/ | | | | | | | | | | Nothing much but better than nothing. Also add a useful arg check to OCSP::Request constructor.
* | Add a couple more workfactor testsJack Lloyd2016-11-251-0/+6
| | | | | | | | [ci skip]
* | Adds SHAKE support for XMSSMatthias Gierlings2016-11-252-0/+120
| | | | | | | | | | | | | | - Enables code for shake support - Creating SHAKE hash function by name now allows to select output size of 256 Bit for SHAKE128 and 512 Bit for SHAKE256. - Adds *self-generated*, unverified test vectors for XMSS/SHAKE.
* | Add tests for PK work factor functionsJack Lloyd2016-11-221-0/+37
|/ | | | Expected results are just what it generated on my machine.
* Merge GH #727 Tests for KDF::nameJack Lloyd2016-11-1610-34/+34
|\
| * KDF1 uses a hash function onlyRené Korthaus2016-11-161-1/+1
| |
| * Add a test for KDF::name()René Korthaus2016-11-1510-34/+34
| | | | | | | | | | | | This required fixing some test vectors that previously omitted the MAC, defaulting to HMAC, that used the SHA-1 alias to SHA-160, and fixing X942_PRF::name().
* | Add negative tests for cipher mode paddingJack Lloyd2016-11-151-26/+69
|/