aboutsummaryrefslogtreecommitdiffstats
path: root/src/tests/test_pubkey.cpp
Commit message (Collapse)AuthorAgeFilesLines
* Add SM2 encryption schemeJack Lloyd2017-08-041-2/+3
| | | | This is a contribution from Ribose Inc (@riboseinc)
* Fix some maintainer mode warningsJack Lloyd2017-08-031-1/+1
|
* BearSSL: Support for ECDSAPatrick Wildt2017-07-051-2/+2
| | | | | | This commit adds support for ECDSA using BearSSL as a backend. This means we can test BearSSL's ECDSA algorithms using the extensive Botan testsuite.
* Merge GH #1035 Support generating RSA keys with OpenSSLJack Lloyd2017-05-031-89/+107
|\
| * Generate private RSA key with OpenSSL.Alexander Bluhm2017-04-301-89/+107
| | | | | | | | | | Implement RSA private key generation with RSA_generate_key_ex(). Make PK_Key_Generation_Test iterate over all providers.
* | Reformat code with astyle + fix code styleTomasz Frydrych2017-05-011-9/+9
|/
* Filter provider in test loops, skip text based without provider.Alexander Bluhm2017-04-211-16/+12
| | | | | | | | The tests for block, hash, stream, pubkey, and mac loop over all possible crypto providers. If a specific provider is given on the botan-test command line, use only this one. If the provider to be tested is restricted, skip text based tests that do not have a possible provider.
* Add missing try/catch in invalid signature testJack Lloyd2017-02-261-2/+10
| | | | From GH #889
* Add test option --run-long-testsJack Lloyd2016-12-241-2/+6
| | | | | | Previously longer tests were hidden behind higher 'soak levels' but these arbitrary cutoffs are confusing compared to a simple short tests/long tests split.
* Add RSA PKCS1v1.5 signature verification tests from Wycheproof suite.Jack Lloyd2016-12-201-0/+29
| | | | | A set of carefully generated invalid signatures which are sometimes accepted by implementations due to bugs in padding verification.
* Convert to using standard uintN_t integer typesJack Lloyd2016-12-181-1/+1
| | | | | | Renames a couple of functions for somewhat better name consistency, eg make_u32bit becomes make_uint32. The old typedefs remain for now since probably lots of application code uses them.
* Updates module policy, fixes test suite errorsMatthias Gierlings2016-12-011-1/+11
| | | | | | | - Moves SHAKE to prohibited algorithms - Catches an error during XMSS private key generation when SHAKE is disabled. This should not be reported as error by the test bench since [SHAKE is optional in XMSS](https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-07#section-5)
* Add test for various functions previously missed (T::clone, PBKDF::name, ↵Jack Lloyd2016-11-261-0/+3
| | | | | | | AEAD::output_length) Fix a bug in CCM, GCM, and OCB decryption which caused `output_length(tag_size())` to fail even though empty plaintexts are certainly defined for all three modes.
* When fuzzing verify/decrypt, choose a new value each time through loopJack Lloyd2016-11-261-8/+2
|
* Avoid recreating PK_Verifiers/PK_Decryptors multiple times in testJack Lloyd2016-11-261-45/+61
| | | | | | | All these tests ran once for each signing provider, instead of just once with all fixed data and then checking on the results of the encrypt/sign operations as needed. Speeds up `ecdsa_sign` by 11x, `rsa_encrypt` by 8x on my machine!
* Pubkey cleanupsJack Lloyd2016-11-121-18/+0
| | | | | | | | | | Add Public_Key::key_length usable for policy checking (as in TLS::Policy::check_peer_key_acceptable) Remove Public_Key::max_input_bits because it didn't make much sense for most algorithms actually. Remove message_parts and message_part_size from PK_Ops
* Add create_key self testJack Lloyd2016-11-031-0/+2
|
* Test PK key creation via create_private_key APIJack Lloyd2016-10-311-90/+95
|
* Fix pubkey tests when EMEs are disabled.Jack Lloyd2016-10-181-30/+14
| | | | | Test assumed EME was always there and would fail. This caused failures with BSI policy which disables PKCS1v1.5
* Make pk_ops.h internalJack Lloyd2016-10-081-1/+1
| | | | Some fixes for missing system_rng in ECIES and tests.
* Add missing try/catch blocks.Jack Lloyd2016-10-071-3/+23
| | | | Document that create_*_op is public but not for public consumption.
* Revert PK_Verifier change (don't require RNG there).Jack Lloyd2016-10-071-3/+3
| | | | | | | Verification is deterministic and public, so really no RNG is ever needed. Change provider handling - accepts "base", "openssl", or empty, otherwise throws a Provider_Not_Found exception.
* Remove Algo_Registry usage from public key code.Jack Lloyd2016-10-071-8/+8
| | | | | | | | Instead the key types exposes operations like `create_encryption_op` which will return the relevant operation if the algorithm supports it. Changes pubkey.h interface, now RNG is passed at init time. Blinder previous created its own RNG, now it takes it from app.
* eme / pubkey test improvementsDaniel Neus2016-07-251-6/+19
| | | | | | - add test for EME::maximum_input_size() - additionally use maximum_input_size() before pad() in OAEP and PKCS1 (remove code duplication) - prevent C4800 MSVC warning
* Add test vectors for RSA-KEM/KDF1René Korthaus2016-07-181-0/+1
| | | | | Adds test vectors for RSA-KEM with KDF1 from ISO 18033-2 and test vectors for KDF1 and KDF2 generated with BouncyCastle.
* Add ECGDSARené Korthaus2016-04-191-1/+1
|
* Clean up PK decryption encoding.Jack Lloyd2016-03-201-6/+11
| | | | | | | Previously RSA and ElGamal stripped off leading zeros which were then assumed by the padding decoders. Instead have them produce ciphertexts with leading zeros. Changes EME_Raw to strip leading zeros to match existing behavior.
* Avoid test failures in KEM when KDF is not found.Jack Lloyd2016-01-171-11/+29
| | | | GH #369
* Add ECDH via OpenSSLJack Lloyd2016-01-041-3/+16
| | | | | | | | | | Expose provider param in PK_Key_Agreement API Handle multiple providers in key agreement tests Fix some funky formatting of P-521 EC points in ecdh.vec which was being rejected by OpenSSL; for whatever reason the CAVS file had the affine coords with far more leading zeros than necessary.
* Add ECDH testsJack Lloyd2016-01-031-3/+3
| | | | Only has vectors for NIST curves (data taken from NIST CAVS file)
* Merge pull request #381 from cordney/fix-load-unencryped-key-from-berJack Lloyd2015-12-311-3/+0
|\ | | | | Fix loading of unencrypted, BER encoded private keys via PKCS8 api
| * Fix loading of unencrypted, BER encoded private keys via PKCS8 apiRené Korthaus2015-12-251-3/+0
| |
* | Merge pull request #378 from neusdan/warning_fixesJack Lloyd2015-12-261-1/+1
|\ \ | | | | | | Some trivial compiler and PVS-Studio warning fixes
| * | some trivial compiler/PVS-Studio warning fixesDaniel Neus2015-12-221-1/+1
| | |
* | | Add generalized KEM interfaceJack Lloyd2015-12-261-0/+40
| |/ |/| | | | | | | | | Convert McEliece KEM to use it Add RSA-KEM
* | Improve roundtrip BER/PEM testsJack Lloyd2015-12-231-24/+71
|/
* Add missing try/catch in signature verification test.Jack Lloyd2015-12-211-6/+18
| | | | | | Improve diagnostics when an exception escapes a test GH #369
* Throw Lookup_Error instead of bare Exception when creating an obj failsJack Lloyd2015-12-201-4/+4
| | | | | | | in the algo factory. Fixes remaining issues of GH #369 - test_pubkey.cpp was expecting Lookup_Error when something isn't found.
* Avoid test failures on missing algosJack Lloyd2015-12-191-4/+6
| | | | GH #369
* Test all providers for PK operationsJack Lloyd2015-11-111-24/+103
|
* Update and consolidate the test framework.Jack Lloyd2015-11-111-312/+161
| | | | | | | | | | | The tests previously had used 4 to 6 different schemes internally (the vec file reader framework, Catch, the old InSiTo Boost.Test tests, the PK/BigInt tests which escaped the rewrite in 1.11.7, plus a number of one-offs). Converge on a design that works everywhere, and update all the things. Fix also a few bugs found by the test changes: SHA-512-256 name incorrect, OpenSSL RC4 name incorrect, signature of FFI function botan_pubkey_destroy was wrong.
* Move DataSource to utils and rewrite PEM encoding to avoid filtersJack Lloyd2015-10-141-7/+4
| | | | | Removes filters as as an internal dependency pretty much entirely (outside of some dusty corners in misc).
* Fix pk signature test framework bug.Jack Lloyd2015-08-281-5/+5
| | | | | | | | Was attempting to test that the all-zero signature is invalid, then tested some mutated signatures. Unfortunately it zeroed out the signature before doing the mutation tests, so the mutated signatures were all very-low Hamming weight strings instead of being close to the original valid signature.
* Make Botan compile when only some modules are enabledSimon Warta2015-07-031-7/+12
| | | | Fixes #146.
* tests: Convert &vec[0] to vec.data()Simon Warta2015-06-301-1/+1
|
* Replace \n by std::endl in tests to ensure proper flushingSimon Warta2015-06-191-13/+13
| | | | | | | - Remove additional newlines in CHECK_MESSAGE call - Remove redundant output of algo in aead_test() Closes #115
* Comparison was invertedlloyd2015-04-281-1/+5
|
* Fix rare test failure in pubkey.lloyd2015-03-221-1/+4
| | | | | | | | The pubkey encrypt/decrypt test function tests various randomly corrupted ciphertexts to ensure none of them decrypt. On rare occasions PKCS #1 v1.5 does legitimately fail this test, but, well, PKCS v1.5 isn't a very good padding scheme. When this test fails and the pad is PKCS, log the values but don't actually fail the test since this is an expected behavior of PKCS padding.
* Fix memory leak in TLS tests. Remove last few remaining uses of auto_ptr.lloyd2015-03-081-2/+2
|
* Ensure all files have copyright and license info.lloyd2015-01-101-1/+1
| | | | | Update license header line to specify the terms and refer to the file, neither of which it included before.