Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Fix an error in BigInt operator- | Jack Lloyd | 2018-02-23 | 2 | -6/+58 |
| | | | | (x) - (-x) would result in -2x instead of the correct 2x | ||||
* | New API for blinded ECC point multiplication | Jack Lloyd | 2018-02-21 | 2 | -0/+6 |
| | | | | No shared state | ||||
* | Use enums for TLS key exchange group params | Jack Lloyd | 2018-02-13 | 6 | -31/+25 |
| | |||||
* | Move bundledcertdir to x509/misc | Jack Lloyd | 2018-02-02 | 1 | -0/+0 |
| | |||||
* | Load every certificates of files found - add test. | Mathieu Souchaud | 2018-02-02 | 1 | -0/+37 |
| | |||||
* | Add a set of SHAKE-128 test vectors from NIST CAVS | Jack Lloyd | 2018-01-30 | 1 | -0/+627 |
| | |||||
* | Use enums to represent TLS signature and kex algorithms. | Jack Lloyd | 2018-01-28 | 2 | -2/+2 |
| | | | | Adds support for PSS signatures (currently verifying only). | ||||
* | Update TLS parser tests | Jack Lloyd | 2018-01-27 | 2 | -6/+6 |
| | | | | | Now all extensions are parsed at least to the extent of creating an unknown extension object. | ||||
* | Prepare for making BER_Object members private | Jack Lloyd | 2018-01-18 | 1 | -2/+2 |
| | | | | | Now there are usable accessors that allow the library to avoid using BER_Object members directly. | ||||
* | Fix a bug in asn1print - zero integers were not printed | Jack Lloyd | 2018-01-09 | 1 | -3/+3 |
| | |||||
* | Merge GH #1389 fix overflow handling in CTR with 128-bit wide counters | Jack Lloyd | 2018-01-05 | 1 | -0/+12 |
|\ | | | | | | | Introduced in #1262 not present in any release. | ||||
| * | add (failing) regression test for '0xFF * 16' IV in CTR_BE(AES-256) | René Meusel | 2018-01-05 | 1 | -0/+12 |
| | | |||||
* | | Add a test for CTR with 8 byte wide counters | Jack Lloyd | 2018-01-05 | 1 | -4/+7 |
|/ | | | | See #1389 | ||||
* | Improve output of the ASN1 printer | Jack Lloyd | 2018-01-03 | 6 | -20/+154 |
| | | | | | | | | | | The output was pretty much wrong for application-tagged types. Instead the type was printed as if it was a universal tag. Add a hack in the ASN1 printer for GeneralNames. These are a commonly used implicitly tagged type. Basically if it is a context specific field, and it looks like it might be a printable URI or DNS GeneralName, treat it as a string. | ||||
* | add test case for X509_Certificate::ca_issuers() | René Meusel | 2018-01-03 | 2 | -0/+77 |
| | |||||
* | Fix Ed25519 tests | Jack Lloyd | 2017-12-31 | 1 | -4/+3 |
| | | | | Due to an error in the test data they ended up being skipped at runtime. | ||||
* | Add some tests of ASN1_Pretty_Printer | Jack Lloyd | 2017-12-29 | 8 | -0/+50 |
| | | | | | The output is not fixed and may change in the future, but changes should at least be noticed. | ||||
* | Add a test of Skein using personalization string | Jack Lloyd | 2017-12-28 | 1 | -0/+5 |
| | | | | | Need to confirm this against another impl but at least this prevents regressions. | ||||
* | Fix RC4 name in case of skipped bytes | Jack Lloyd | 2017-12-28 | 2 | -36/+4 |
| | | | | | | | | | | Add a test to detect that. Add test that stream ciphers throw if they are asked to use a nonce of a size they don't support. Remove "In = 00...00" blocks since that's implicit in the stream cipher tests. | ||||
* | Avoid undefined behavior in SipHash | Jack Lloyd | 2017-12-23 | 1 | -0/+51 |
| | |||||
* | Enable signing X509 structures with rsa-pss | Fabian Weissberg | 2017-12-22 | 1 | -0/+40 |
| | |||||
* | Fix various x509 path validation bugs + path building with ambiguous DNs | Fabian Weissberg | 2017-12-20 | 421 | -159/+8674 |
| | | | | Signed-off-by: Fabian Weissberg <[email protected]> | ||||
* | Correct expected PSS error | Jack Lloyd | 2017-12-19 | 1 | -2/+2 |
| | |||||
* | Support uninitialized certificate objects | Jack Lloyd | 2017-12-04 | 1 | -0/+0 |
| | | | | | | | Issued raised by @securitykernel on Slack, there was no non-hacky way to decode a list of certificate objects because creating an uninitialized one wasn't allowed. However after #884 that got much closer to being viable, this is the last pieces. | ||||
* | Fix errors caught with tlsfuzzer | Jack Lloyd | 2017-11-26 | 1 | -0/+1 |
| | | | | | | | | | | | Don't send EC point format extension in server hello unless an EC suite was negotiated *and* the client sent the extension. Fix server FFDHE logic, this effectively disabled DHE ciphersuites for clients without FFDHE extension. Use unexpected_message alert in case of an unexpected message. (Previously an internal_error alert was sent.) | ||||
* | Add AES key wrap with padding | Jack Lloyd | 2017-11-19 | 3 | -0/+586 |
| | |||||
* | Optimize Twofish | Jack Lloyd | 2017-11-16 | 1 | -18/+2 |
| | | | | | Interleaving two blocks is 40-50% faster for any mode that supports parallel operation. | ||||
* | Move all the various X509 test data files under src/tests/data/x509 | Jack Lloyd | 2017-11-16 | 652 | -0/+0 |
| | |||||
* | Correct CAST-128 decryption with more than 1 block | Jack Lloyd | 2017-11-16 | 1 | -0/+4 |
| | |||||
* | Add a test for GH #1252 | Jack Lloyd | 2017-11-14 | 2 | -0/+28 |
| | |||||
* | Support seeking in Salsa20 | Jack Lloyd | 2017-11-14 | 1 | -0/+24 |
| | | | | Add a test that StreamCipher::seek throws if not keyed. | ||||
* | rename cert containing UTF8String consistently | René Meusel | 2017-11-10 | 1 | -0/+0 |
| | |||||
* | TEST: read (self signed) cert containing BMPString fields | René Meusel | 2017-11-10 | 1 | -0/+22 |
| | |||||
* | add test reading UTF-8 X509 cert | Rene Meusel | 2017-11-09 | 1 | -0/+24 |
| | |||||
* | Add UCS-2 and UCS-4 to UTF-8 conversion functions | Jack Lloyd | 2017-11-09 | 1 | -1/+19 |
| | | | | | | Crosschecked by fuzzing and comparing with iconv Needed in #1250 | ||||
* | Add SHACAL2 test from Bouncy Castle | Jack Lloyd | 2017-11-05 | 1 | -0/+5 |
| | | | | [ci skip] | ||||
* | Add some KDF2 values from Bouncy Castle | Jack Lloyd | 2017-11-02 | 1 | -0/+19 |
| | |||||
* | Add more SipHash tests | Jack Lloyd | 2017-10-26 | 1 | -0/+187 |
| | | | | Generated by ref implementation | ||||
* | Merge GH #1263 Support FFDHE negotiation in TLS | Jack Lloyd | 2017-10-22 | 3 | -4/+6 |
|\ | |||||
| * | Add supported groups TLS extension (RFC 7919) | René Korthaus | 2017-10-17 | 3 | -4/+6 |
| | | |||||
* | | Merge GH #1270 Support verification of PSS X.509 objects | Jack Lloyd | 2017-10-22 | 232 | -0/+8845 |
|\ \ | |||||
| * | | review changes | Daniel Neus | 2017-10-21 | 1 | -225/+225 |
| | | | |||||
| * | | X.509 RSA-PSS verification | Daniel Neus | 2017-10-20 | 232 | -0/+8845 |
| | | | |||||
* | | | Allow setting CTR width via string | Jack Lloyd | 2017-10-20 | 1 | -0/+18 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Prohibit very small counter widths (under 4 bytes), since they lead to trivial keystream reuse. Add tests. Fix clone which always returned an object with a block-wide counter. | ||||
* | | | Add GHASH using SSSE3 | Jack Lloyd | 2017-10-20 | 1 | -1/+1 |
|/ / | | | | | | | About 30% faster than scalar on Skylake | ||||
* / | GMAC test fixes | Jack Lloyd | 2017-10-18 | 1 | -1/+1 |
|/ | | | | [ci skip] | ||||
* | In TLS CBC padding check, only need to verify last 256 bytes | Jack Lloyd | 2017-09-29 | 1 | -2/+26 |
| | | | | | No reason to scan the entire record since it's assured at most 256 bytes of padding are used. Inspired by GH #1227 | ||||
* | Add a test of TLS CBC padding verification | Jack Lloyd | 2017-09-29 | 1 | -0/+36 |
| | | | | See also GH #1227 | ||||
* | Merge GH #1226 Add HKDF-Expand-Label | Jack Lloyd | 2017-09-27 | 1 | -0/+24 |
|\ | |||||
| * | Add HKDF-Expand-Label | Jack Lloyd | 2017-09-27 | 1 | -0/+24 |
| | | | | | | | | Step 1/n of TLS 1.3 |