| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Generated by OpenSSL, I needed this to help test
https://github.com/riboseinc/rnp/pull/48
|
|\ |
|
| | |
|
| | |
|
|/
|
|
| |
CVE-2017-2801
|
|
|
|
| |
Replaced by version in cli added in #894
|
|
|
|
|
|
|
|
|
|
| |
The 56 char bound is bogus; Blowfish itself allows at most 448 bits
in the key schedule, but Bcrypt's modification allows up to 72 chars
for the password. Bug pointed out by Solar Designer.
Also reject work factors 0...3 since all other extant bcrypt
implementations require at least work factor 4.
Adds more bcrypt tests generated by crypt_bcrypt and OpenBSD's version.
|
|
|
|
| |
Only throw on systems where 32 bit std::time_t is used.
|
| |
|
| |
|
| |
|
|
|
|
| |
Equivalent to an 8 byte all-zero IV, same handling as Salsa.
|
|
|
|
|
|
| |
Values take from the NESSIE submission package.
[ci skip]
|
| |
|
|
|
|
| |
GH #713
|
|
|
|
|
|
|
| |
Currently untested by TLS crosstalk tests because it is not
supported on the server side.
Exposes the rest of TLS message types to application.
|
| |
|
| |
|
|
|
|
|
| |
Moves BSI policy file to test data dir where it can be compared with
what the hardcoded class outputs.
|
|
|
|
| |
Record counter value in test data, and start the search from there.
|
| |
|
| |
|
| |
|
|
|
|
|
| |
A set of carefully generated invalid signatures which are sometimes
accepted by implementations due to bugs in padding verification.
|
|
|
|
|
| |
Remove test files for CVC as well as various tests which have
subsequently been rewritten.
|
|
|
|
|
|
| |
All 76 of the NIST certificate tests use the same root certificate
and that issuer has an identical CRL for each test.
So, just have the one copy.
|
|
|
|
|
|
|
| |
Add a long list of 'false' primes from Google's Wycheproof tests:
https://github.com/google/wycheproof/blob/master/java/com/google/security/wycheproof/testcases/BigIntegerTest.java
Split vector file format into Prime and NonPrime sections for easier reading.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GH #754 exposed a bug in the non-Montgomery exponentiation case.
It turned out then when the fixed window was picked to any value
> 1, the result would be incorrect due to an off by one. This is
the one line fix in powm_fw.cpp
Also fix a bug in bigint_mul which caused incorrect results,
because the output BigInt was not being zeroed out before use. This
is only exposed in rare cases, found (somewhat indirectly) in
OSS-Fuzz #287.
Add more modular exponentiation tests, which would have caught
these issues earlier.
|
| |
|
|\ |
|
| | |
|
|\ \ |
|
| | | |
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When the code was changed in b8966d0f89e, the offset was not changed,
so it would reject ciphertexts with exactly 8 bytes of random padding
(the required minimum).
Found by pkcs1 fuzzer which also had problems due to not having been
updated at the same time.
Add a test suite for decoding of PK decryption padding to cover the
problem cases.
|
| |
| |
| |
| |
| |
| | |
Two part commit with d44c00a as otherwise git assumes that ecb.vec
was renamed xtea.vec, because the imported vectors swamped the ones
that were previously being used in the bare block cipher tests.
|
| |
| |
| |
| |
| |
| |
| | |
Not a good thing to offer at this level. If you know what you
are doing for the strange special case where it is necessary,
the raw BlockCipher interface is available and probably more
convenient.
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
AEAD::output_length)
Fix a bug in CCM, GCM, and OCB decryption which caused `output_length(tag_size())`
to fail even though empty plaintexts are certainly defined for all three modes.
|
|\ \
| | |
| | |
| | |
| | |
| | | |
Splits up path validation into several sub-functions for easier testing
and creating customized validation code. Much improved OCSP handling
and OCSP tests.
|
| | | |
|
| | |
| | |
| | |
| | | |
Tests touching network are gated by --run-online-tests flag.
|
| |/
| |
| |
| |
| |
| | |
Nothing much but better than nothing.
Also add a useful arg check to OCSP::Request constructor.
|
| |
| |
| |
| | |
[ci skip]
|
| |
| |
| |
| |
| |
| |
| | |
- Enables code for shake support
- Creating SHAKE hash function by name now allows to select output size
of 256 Bit for SHAKE128 and 512 Bit for SHAKE256.
- Adds *self-generated*, unverified test vectors for XMSS/SHAKE.
|
|/
|
|
| |
Expected results are just what it generated on my machine.
|
|\ |
|
| | |
|
| |
| |
| |
| |
| |
| | |
This required fixing some test vectors that previously
omitted the MAC, defaulting to HMAC, that used the SHA-1
alias to SHA-160, and fixing X942_PRF::name().
|
|/ |
|