aboutsummaryrefslogtreecommitdiffstats
path: root/src/tests/test_mceliece.cpp
Commit message (Collapse)AuthorAgeFilesLines
* Further build/test fixes for restricted configurationsJack Lloyd2017-09-241-1/+8
|
* Add final annotations as appropriate in the test codeJack Lloyd2017-09-221-2/+2
|
* More include header cleanupsJack Lloyd2017-09-211-1/+0
|
* Reformat code with astyle + fix code styleTomasz Frydrych2017-05-011-24/+32
|
* Add test option --run-long-testsJack Lloyd2016-12-241-8/+28
| | | | | | Previously longer tests were hidden behind higher 'soak levels' but these arbitrary cutoffs are confusing compared to a simple short tests/long tests split.
* Minor refactoring of Text_Based_TestJack Lloyd2016-12-191-5/+4
| | | | | | Turns out astyle has some bugs wrt C++11 initialize lists. Rather than having astyle mangle all of the tests, convert to using a string which is split once at the start instead of a vector of keys.
* Convert to using standard uintN_t integer typesJack Lloyd2016-12-181-21/+21
| | | | | | Renames a couple of functions for somewhat better name consistency, eg make_u32bit becomes make_uint32. The old typedefs remain for now since probably lots of application code uses them.
* Add Private_Key::private_key_info()René Korthaus2016-12-051-3/+3
| | | | | | | Adds new Private_Key::private_key_info() that returns a PKCS#8 PrivateKeyInfo structure. Renames the current Private_Key::pkcs8_private_key() to private_key_bits(). BER_encode() just invokes private_key_info().
* Add Public_Key::subject_public_key()René Korthaus2016-12-051-3/+3
| | | | | | | Adds new Public_Key::subject_public_key() that returns a X.509 SubjectPublicKey structure. Renames the current Public_Key::x509_subject_public_key() to public_key_bits(). BER_encode() just invokes subject_public_key().
* Don't force HMAC_DRBG to be enabledJack Lloyd2016-11-181-17/+23
| | | | | No need to strictly require it, and some applications may only want system RNG or RDRAND.
* Remove Algo_Registry usage from public key code.Jack Lloyd2016-10-071-4/+4
| | | | | | | | Instead the key types exposes operations like `create_encryption_op` which will return the relevant operation if the algorithm supports it. Changes pubkey.h interface, now RNG is passed at init time. Blinder previous created its own RNG, now it takes it from app.
* RNG changes (GH #593)Jack Lloyd2016-08-241-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Change reseed interval logic to count calls to `randomize` rather than bytes, to match SP 800-90A Changes RNG reseeding API: there is no implicit reference to the global entropy sources within the RNGs anymore. The entropy sources must be supplied with the API call. Adds support for reseding directly from another RNG (such as a system or hardware RNG). Stateful_RNG keeps optional references to both an RNG and a set of entropy sources. During a reseed, both sources are used if set. These can be provided to HMAC_DRBG constructor. For HMAC_DRBG, SP800-90A requires we output no more than 2**16 bytes per DRBG request. We treat requests longer than that as if the caller had instead made several sequential maximum-length requests. This means it is possible for one or more reseeds to trigger even in the course of generating a single (long) output (generate a 256-bit key and use ChaCha or HKDF if this is a problem). Adds RNG::randomize_with_ts_input which takes timestamps and uses them as the additional_data DRBG field. Stateful_RNG overrides this to also include the process ID and the reseed counter. AutoSeeded_RNG's `randomize` uses this. Officially deprecates RNG::make_rng and the Serialized_RNG construtor which creates an AutoSeeded_RNG. With these removed, it would be possible to perform a build with no AutoSeeded_RNG/HMAC_DRBG at all (eg, for applications which only use the system RNG). Tests courtesy @cordney in GH PRs #598 and #600
* Add Stateful_RNGJack Lloyd2016-07-171-1/+1
| | | | | | | | | | | | | | Handles fork checking for HMAC_RNG and HMAC_DRBG AutoSeeded_RNG change - switch to HMAC_DRBG as default. Start removing the io buffer from entropy poller. Update default RNG poll bits to 256. Fix McEliece test, was using wrong RNG API. Update docs.
* Switch to HMAC_DRBG for all RNG generation.Jack Lloyd2016-07-171-3/+2
| | | | | | | | Add support and tests for additional_data param to HMAC_DRBG Add Stateful_RNG class which has fork detection and periodic reseeding. AutoSeeded_RNG passes the current pid and time as additional_data
* Tweak for readability in McEliece testsJack Lloyd2016-06-071-15/+10
| | | | Using a struct here seems cleaner
* Avoid test failures in KEM when KDF is not found.Jack Lloyd2016-01-171-8/+15
| | | | GH #369
* Merge pull request #378 from neusdan/warning_fixesJack Lloyd2015-12-261-1/+1
|\ | | | | Some trivial compiler and PVS-Studio warning fixes
| * some trivial compiler/PVS-Studio warning fixesDaniel Neus2015-12-221-1/+1
| |
* | Add generalized KEM interfaceJack Lloyd2015-12-261-14/+18
|/ | | | | | Convert McEliece KEM to use it Add RSA-KEM
* Add --data-dir option to test commandJack Lloyd2015-12-201-1/+1
| | | | | | | Understand using '-' on the command line to mean stdin Fix last few unit tests that wanted to write to the filesystem; removes outdata directory.
* Reroot the exception hierarchy into a toplevel Exception classJack Lloyd2015-12-111-2/+2
| | | | | | | | As the alternatives are unfortunate for applications trying to catch all library errors, and it seems deriving from std::runtime_error causes problems with MSVC DLLs (GH #340) Effectively reverts 2837e915d82e43
* Update and consolidate the test framework.Jack Lloyd2015-11-111-175/+176
| | | | | | | | | | | The tests previously had used 4 to 6 different schemes internally (the vec file reader framework, Catch, the old InSiTo Boost.Test tests, the PK/BigInt tests which escaped the rewrite in 1.11.7, plus a number of one-offs). Converge on a design that works everywhere, and update all the things. Fix also a few bugs found by the test changes: SHA-512-256 name incorrect, OpenSSL RC4 name incorrect, signature of FFI function botan_pubkey_destroy was wrong.
* Fix bcrypt testJack Lloyd2015-10-031-1/+1
|
* Merge pull request #286 from randombit/mce-cleanupJack Lloyd2015-09-301-82/+9
|\ | | | | Cleanup and document McEliece implementation
| * McEliece cleanupsJack Lloyd2015-09-291-82/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove and consolidate various headers Reduce memory usage of GF2m_Field by sharing the log and exponent tables across all instances of a particular word size. Remove McEliece_Public_Operation and McEliece_Private_Operation which were difficult to use safely. Instead only the KEM operations are exposed. Add McEliece_PublicKey::random_plaintext_element Add command line `mce` tool and some McEliece documentation Convert the speed program to check McEliece keys of the suggested size Add McEliece KATs for both key generation and KEM Fix HMAC_DRBG constructor which derefed a pointer before its time
* | Remove dead codeDaniel Seither2015-09-251-1/+0
|/ | | | `continue` cannot be reached due to `return` in the line above
* Fix module combi: adler32,mceSimon Warta2015-07-081-13/+17
|
* Make Botan compile when only some modules are enabledSimon Warta2015-07-031-0/+8
| | | | Fixes #146.
* tests: Convert &vec[0] to vec.data()Simon Warta2015-06-301-9/+9
|
* Replace \n by std::endl in tests to ensure proper flushingSimon Warta2015-06-191-4/+4
| | | | | | | - Remove additional newlines in CHECK_MESSAGE call - Remove redundant output of algo in aead_test() Closes #115
* Ensure all files have copyright and license info.lloyd2015-01-101-0/+8
| | | | | Update license header line to specify the terms and refer to the file, neither of which it included before.
* Add MCEIES, an integrated encryption system using McEliece and AES-256/OCBlloyd2015-01-081-47/+109
|
* All tests now share an RNG. Uses system RNG if availablelloyd2014-12-281-2/+2
|
* Remove the Overbeck conversion at Dr. Strenzke's request.lloyd2014-12-061-99/+25
| | | | | | | | While a CCA2 proof of this scheme exists, it is written in German and for various reasons publishing a translation would be a complicated affair. Without a (well studied) English proof it is harder to understand the security of the overall scheme. Thus only KEM, which seems much easier to prove, will be offered.
* Add KEM scheme for McEliecefstrenzke2014-12-061-21/+68
|
* Add an implementation of McEliece encryption based on HyMESfstrenzke2014-11-261-0/+266
(https://www.rocq.inria.fr/secret/CBCrypto/index.php?pg=hymes). The original version is LGPL but cryptsource GmbH has secured permission to release it under a BSD license. Also includes the Overbeck CCA2 message encoding scheme.