aboutsummaryrefslogtreecommitdiffstats
path: root/src/tests/data
Commit message (Collapse)AuthorAgeFilesLines
* Fix an error in BigInt operator-Jack Lloyd2018-02-232-6/+58
| | | | (x) - (-x) would result in -2x instead of the correct 2x
* New API for blinded ECC point multiplicationJack Lloyd2018-02-212-0/+6
| | | | No shared state
* Use enums for TLS key exchange group paramsJack Lloyd2018-02-136-31/+25
|
* Move bundledcertdir to x509/miscJack Lloyd2018-02-021-0/+0
|
* Load every certificates of files found - add test.Mathieu Souchaud2018-02-021-0/+37
|
* Add a set of SHAKE-128 test vectors from NIST CAVSJack Lloyd2018-01-301-0/+627
|
* Use enums to represent TLS signature and kex algorithms.Jack Lloyd2018-01-282-2/+2
| | | | Adds support for PSS signatures (currently verifying only).
* Update TLS parser testsJack Lloyd2018-01-272-6/+6
| | | | | Now all extensions are parsed at least to the extent of creating an unknown extension object.
* Prepare for making BER_Object members privateJack Lloyd2018-01-181-2/+2
| | | | | Now there are usable accessors that allow the library to avoid using BER_Object members directly.
* Fix a bug in asn1print - zero integers were not printedJack Lloyd2018-01-091-3/+3
|
* Merge GH #1389 fix overflow handling in CTR with 128-bit wide countersJack Lloyd2018-01-051-0/+12
|\ | | | | | | Introduced in #1262 not present in any release.
| * add (failing) regression test for '0xFF * 16' IV in CTR_BE(AES-256)René Meusel2018-01-051-0/+12
| |
* | Add a test for CTR with 8 byte wide countersJack Lloyd2018-01-051-4/+7
|/ | | | See #1389
* Improve output of the ASN1 printerJack Lloyd2018-01-036-20/+154
| | | | | | | | | | The output was pretty much wrong for application-tagged types. Instead the type was printed as if it was a universal tag. Add a hack in the ASN1 printer for GeneralNames. These are a commonly used implicitly tagged type. Basically if it is a context specific field, and it looks like it might be a printable URI or DNS GeneralName, treat it as a string.
* add test case for X509_Certificate::ca_issuers()René Meusel2018-01-032-0/+77
|
* Fix Ed25519 testsJack Lloyd2017-12-311-4/+3
| | | | Due to an error in the test data they ended up being skipped at runtime.
* Add some tests of ASN1_Pretty_PrinterJack Lloyd2017-12-298-0/+50
| | | | | The output is not fixed and may change in the future, but changes should at least be noticed.
* Add a test of Skein using personalization stringJack Lloyd2017-12-281-0/+5
| | | | | Need to confirm this against another impl but at least this prevents regressions.
* Fix RC4 name in case of skipped bytesJack Lloyd2017-12-282-36/+4
| | | | | | | | | | Add a test to detect that. Add test that stream ciphers throw if they are asked to use a nonce of a size they don't support. Remove "In = 00...00" blocks since that's implicit in the stream cipher tests.
* Avoid undefined behavior in SipHashJack Lloyd2017-12-231-0/+51
|
* Enable signing X509 structures with rsa-pssFabian Weissberg2017-12-221-0/+40
|
* Fix various x509 path validation bugs + path building with ambiguous DNsFabian Weissberg2017-12-20421-159/+8674
| | | | Signed-off-by: Fabian Weissberg <[email protected]>
* Correct expected PSS errorJack Lloyd2017-12-191-2/+2
|
* Support uninitialized certificate objectsJack Lloyd2017-12-041-0/+0
| | | | | | | Issued raised by @securitykernel on Slack, there was no non-hacky way to decode a list of certificate objects because creating an uninitialized one wasn't allowed. However after #884 that got much closer to being viable, this is the last pieces.
* Fix errors caught with tlsfuzzerJack Lloyd2017-11-261-0/+1
| | | | | | | | | | | Don't send EC point format extension in server hello unless an EC suite was negotiated *and* the client sent the extension. Fix server FFDHE logic, this effectively disabled DHE ciphersuites for clients without FFDHE extension. Use unexpected_message alert in case of an unexpected message. (Previously an internal_error alert was sent.)
* Add AES key wrap with paddingJack Lloyd2017-11-193-0/+586
|
* Optimize TwofishJack Lloyd2017-11-161-18/+2
| | | | | Interleaving two blocks is 40-50% faster for any mode that supports parallel operation.
* Move all the various X509 test data files under src/tests/data/x509Jack Lloyd2017-11-16652-0/+0
|
* Correct CAST-128 decryption with more than 1 blockJack Lloyd2017-11-161-0/+4
|
* Add a test for GH #1252Jack Lloyd2017-11-142-0/+28
|
* Support seeking in Salsa20Jack Lloyd2017-11-141-0/+24
| | | | Add a test that StreamCipher::seek throws if not keyed.
* rename cert containing UTF8String consistentlyRené Meusel2017-11-101-0/+0
|
* TEST: read (self signed) cert containing BMPString fieldsRené Meusel2017-11-101-0/+22
|
* add test reading UTF-8 X509 certRene Meusel2017-11-091-0/+24
|
* Add UCS-2 and UCS-4 to UTF-8 conversion functionsJack Lloyd2017-11-091-1/+19
| | | | | | Crosschecked by fuzzing and comparing with iconv Needed in #1250
* Add SHACAL2 test from Bouncy CastleJack Lloyd2017-11-051-0/+5
| | | | [ci skip]
* Add some KDF2 values from Bouncy CastleJack Lloyd2017-11-021-0/+19
|
* Add more SipHash testsJack Lloyd2017-10-261-0/+187
| | | | Generated by ref implementation
* Merge GH #1263 Support FFDHE negotiation in TLSJack Lloyd2017-10-223-4/+6
|\
| * Add supported groups TLS extension (RFC 7919)René Korthaus2017-10-173-4/+6
| |
* | Merge GH #1270 Support verification of PSS X.509 objectsJack Lloyd2017-10-22232-0/+8845
|\ \
| * | review changesDaniel Neus2017-10-211-225/+225
| | |
| * | X.509 RSA-PSS verificationDaniel Neus2017-10-20232-0/+8845
| | |
* | | Allow setting CTR width via stringJack Lloyd2017-10-201-0/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | Prohibit very small counter widths (under 4 bytes), since they lead to trivial keystream reuse. Add tests. Fix clone which always returned an object with a block-wide counter.
* | | Add GHASH using SSSE3Jack Lloyd2017-10-201-1/+1
|/ / | | | | | | About 30% faster than scalar on Skylake
* / GMAC test fixesJack Lloyd2017-10-181-1/+1
|/ | | | [ci skip]
* In TLS CBC padding check, only need to verify last 256 bytesJack Lloyd2017-09-291-2/+26
| | | | | No reason to scan the entire record since it's assured at most 256 bytes of padding are used. Inspired by GH #1227
* Add a test of TLS CBC padding verificationJack Lloyd2017-09-291-0/+36
| | | | See also GH #1227
* Merge GH #1226 Add HKDF-Expand-LabelJack Lloyd2017-09-271-0/+24
|\
| * Add HKDF-Expand-LabelJack Lloyd2017-09-271-0/+24
| | | | | | | | Step 1/n of TLS 1.3