aboutsummaryrefslogtreecommitdiffstats
path: root/src/tests/test_pk_pad.cpp
Commit message (Collapse)AuthorAgeFilesLines
* Fix feature macro checks.Jack Lloyd2019-04-261-2/+2
| | | | Add a checker script.
* Fixes for minimized buildsJack Lloyd2019-02-161-1/+14
| | | | Various configurations would fail build or test, fix that.
* Use consistent logic for OAEP and PKCS1v15 decodingJack Lloyd2018-12-211-23/+26
| | | | | | | | | | | | The decoding leaked some information about the delimiter index due to copying only exactly input_len - delim_idx bytes. I can't articulate a specific attack that would work here, but it is easy enough to fix this to run in const time instead, where all bytes are accessed regardless of the length of the padding. CT::copy_out is O(n^2) and thus terrible, but in practice it is only used with RSA decryption, and multiplication is also O(n^2) with the modulus size, so a few extra cycles here doesn't matter much.
* Make the tests VarMap an actual type instead of a hashmap typedef.Jack Lloyd2018-05-291-3/+3
|
* Enable signing X509 structures with rsa-pssFabian Weissberg2017-12-221-0/+95
|
* Add final annotations as appropriate in the test codeJack Lloyd2017-09-221-1/+1
|
* Reformat code with astyle + fix code styleTomasz Frydrych2017-05-011-8/+9
|
* Minor refactoring of Text_Based_TestJack Lloyd2016-12-191-2/+2
| | | | | | Turns out astyle has some bugs wrt C++11 initialize lists. Rather than having astyle mangle all of the tests, convert to using a string which is split once at the start instead of a vector of keys.
* Convert to using standard uintN_t integer typesJack Lloyd2016-12-181-1/+1
| | | | | | Renames a couple of functions for somewhat better name consistency, eg make_u32bit becomes make_uint32. The old typedefs remain for now since probably lots of application code uses them.
* Fix PK EME decoding tests when algo is missingJack Lloyd2016-12-101-2/+6
|
* Fix off by one in PKCS #1 v1.5 decryption decodingJack Lloyd2016-12-081-0/+69
When the code was changed in b8966d0f89e, the offset was not changed, so it would reject ciphertexts with exactly 8 bytes of random padding (the required minimum). Found by pkcs1 fuzzer which also had problems due to not having been updated at the same time. Add a test suite for decoding of PK decryption padding to cover the problem cases.