aboutsummaryrefslogtreecommitdiffstats
path: root/src/tests/test_pubkey.cpp
Commit message (Collapse)AuthorAgeFilesLines
* silence trivial warningsNuno Goncalves2019-10-201-0/+2
| | | | Signed-off-by: Nuno Goncalves <[email protected]>
* Remove BearSSL providerJack Lloyd2019-07-051-1/+1
| | | | | | BearSSL is much slower than Botan's builtins, and it is not commonly included in distributions so doesn't even have the advantage of ubiquity.
* Add support for RFC 8032 Ed25519phJack Lloyd2019-06-201-7/+9
| | | | GH #1699
* Add support for hashing with CommonCryptoJose Pereira2018-09-031-2/+2
|
* Add PBES2 as alias for PBE-PKCS5v20Jack Lloyd2018-08-231-1/+1
| | | | Easier to remember and type.
* Add function to return the size of a key agreement outputJack Lloyd2018-08-121-1/+8
| | | | Very useful when using "Raw" DH/ECDH via the FFI API.
* Add functions to get size of PK ciphertext,plaintextJack Lloyd2018-08-101-0/+8
| | | | Needed for https://github.com/strongswan/strongswan/pull/109
* Add PK_Signer::signature_lengthJack Lloyd2018-08-101-0/+3
|
* Add ECDSA tests from WycheproofJack Lloyd2018-05-311-8/+25
|
* Make the tests VarMap an actual type instead of a hashmap typedef.Jack Lloyd2018-05-291-24/+24
|
* Support scrypt for encrypting private keysJack Lloyd2018-05-221-47/+62
|
* Fix PBE decoding and fix test macro checkJack Lloyd2018-05-221-2/+2
|
* Add a reproducer for OSS-Fuzz 7156Jack Lloyd2018-03-271-2/+15
|
* Support "mixed" OAEP hashesJack Lloyd2018-03-211-1/+44
| | | | | | Test vectors from pyca/cryptography Fixes GH #109
* Fix return value of PK_Encryptor::maximum_input_sizeJack Lloyd2018-01-131-0/+15
| | | | Fixes GH #1410
* Further build/test fixes for restricted configurationsJack Lloyd2017-09-241-10/+48
|
* More include header cleanupsJack Lloyd2017-09-211-1/+1
|
* Update SM2 to use ASN.1 encoding for ciphertextsJack Lloyd2017-09-201-1/+11
| | | | | | | | | There are in fact 3 different variations of SM2 standard, first C1||C2||C3, then C1||C3||C2, then (most recently) an ASN.1 encoding. This makes us compatible with GmSSL This work was sponsored by Ribose Inc (@riboseinc).
* Support PSSR_RawJack Lloyd2017-09-161-9/+17
| | | | | | | Allows PSS-signing a raw hash while also still specifying the salt length. GH #1211
* Add SM2 encryption schemeJack Lloyd2017-08-041-2/+3
| | | | This is a contribution from Ribose Inc (@riboseinc)
* Fix some maintainer mode warningsJack Lloyd2017-08-031-1/+1
|
* BearSSL: Support for ECDSAPatrick Wildt2017-07-051-2/+2
| | | | | | This commit adds support for ECDSA using BearSSL as a backend. This means we can test BearSSL's ECDSA algorithms using the extensive Botan testsuite.
* Merge GH #1035 Support generating RSA keys with OpenSSLJack Lloyd2017-05-031-89/+107
|\
| * Generate private RSA key with OpenSSL.Alexander Bluhm2017-04-301-89/+107
| | | | | | | | | | Implement RSA private key generation with RSA_generate_key_ex(). Make PK_Key_Generation_Test iterate over all providers.
* | Reformat code with astyle + fix code styleTomasz Frydrych2017-05-011-9/+9
|/
* Filter provider in test loops, skip text based without provider.Alexander Bluhm2017-04-211-16/+12
| | | | | | | | The tests for block, hash, stream, pubkey, and mac loop over all possible crypto providers. If a specific provider is given on the botan-test command line, use only this one. If the provider to be tested is restricted, skip text based tests that do not have a possible provider.
* Add missing try/catch in invalid signature testJack Lloyd2017-02-261-2/+10
| | | | From GH #889
* Add test option --run-long-testsJack Lloyd2016-12-241-2/+6
| | | | | | Previously longer tests were hidden behind higher 'soak levels' but these arbitrary cutoffs are confusing compared to a simple short tests/long tests split.
* Add RSA PKCS1v1.5 signature verification tests from Wycheproof suite.Jack Lloyd2016-12-201-0/+29
| | | | | A set of carefully generated invalid signatures which are sometimes accepted by implementations due to bugs in padding verification.
* Convert to using standard uintN_t integer typesJack Lloyd2016-12-181-1/+1
| | | | | | Renames a couple of functions for somewhat better name consistency, eg make_u32bit becomes make_uint32. The old typedefs remain for now since probably lots of application code uses them.
* Updates module policy, fixes test suite errorsMatthias Gierlings2016-12-011-1/+11
| | | | | | | - Moves SHAKE to prohibited algorithms - Catches an error during XMSS private key generation when SHAKE is disabled. This should not be reported as error by the test bench since [SHAKE is optional in XMSS](https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-07#section-5)
* Add test for various functions previously missed (T::clone, PBKDF::name, ↵Jack Lloyd2016-11-261-0/+3
| | | | | | | AEAD::output_length) Fix a bug in CCM, GCM, and OCB decryption which caused `output_length(tag_size())` to fail even though empty plaintexts are certainly defined for all three modes.
* When fuzzing verify/decrypt, choose a new value each time through loopJack Lloyd2016-11-261-8/+2
|
* Avoid recreating PK_Verifiers/PK_Decryptors multiple times in testJack Lloyd2016-11-261-45/+61
| | | | | | | All these tests ran once for each signing provider, instead of just once with all fixed data and then checking on the results of the encrypt/sign operations as needed. Speeds up `ecdsa_sign` by 11x, `rsa_encrypt` by 8x on my machine!
* Pubkey cleanupsJack Lloyd2016-11-121-18/+0
| | | | | | | | | | Add Public_Key::key_length usable for policy checking (as in TLS::Policy::check_peer_key_acceptable) Remove Public_Key::max_input_bits because it didn't make much sense for most algorithms actually. Remove message_parts and message_part_size from PK_Ops
* Add create_key self testJack Lloyd2016-11-031-0/+2
|
* Test PK key creation via create_private_key APIJack Lloyd2016-10-311-90/+95
|
* Fix pubkey tests when EMEs are disabled.Jack Lloyd2016-10-181-30/+14
| | | | | Test assumed EME was always there and would fail. This caused failures with BSI policy which disables PKCS1v1.5
* Make pk_ops.h internalJack Lloyd2016-10-081-1/+1
| | | | Some fixes for missing system_rng in ECIES and tests.
* Add missing try/catch blocks.Jack Lloyd2016-10-071-3/+23
| | | | Document that create_*_op is public but not for public consumption.
* Revert PK_Verifier change (don't require RNG there).Jack Lloyd2016-10-071-3/+3
| | | | | | | Verification is deterministic and public, so really no RNG is ever needed. Change provider handling - accepts "base", "openssl", or empty, otherwise throws a Provider_Not_Found exception.
* Remove Algo_Registry usage from public key code.Jack Lloyd2016-10-071-8/+8
| | | | | | | | Instead the key types exposes operations like `create_encryption_op` which will return the relevant operation if the algorithm supports it. Changes pubkey.h interface, now RNG is passed at init time. Blinder previous created its own RNG, now it takes it from app.
* eme / pubkey test improvementsDaniel Neus2016-07-251-6/+19
| | | | | | - add test for EME::maximum_input_size() - additionally use maximum_input_size() before pad() in OAEP and PKCS1 (remove code duplication) - prevent C4800 MSVC warning
* Add test vectors for RSA-KEM/KDF1René Korthaus2016-07-181-0/+1
| | | | | Adds test vectors for RSA-KEM with KDF1 from ISO 18033-2 and test vectors for KDF1 and KDF2 generated with BouncyCastle.
* Add ECGDSARené Korthaus2016-04-191-1/+1
|
* Clean up PK decryption encoding.Jack Lloyd2016-03-201-6/+11
| | | | | | | Previously RSA and ElGamal stripped off leading zeros which were then assumed by the padding decoders. Instead have them produce ciphertexts with leading zeros. Changes EME_Raw to strip leading zeros to match existing behavior.
* Avoid test failures in KEM when KDF is not found.Jack Lloyd2016-01-171-11/+29
| | | | GH #369
* Add ECDH via OpenSSLJack Lloyd2016-01-041-3/+16
| | | | | | | | | | Expose provider param in PK_Key_Agreement API Handle multiple providers in key agreement tests Fix some funky formatting of P-521 EC points in ecdh.vec which was being rejected by OpenSSL; for whatever reason the CAVS file had the affine coords with far more leading zeros than necessary.
* Add ECDH testsJack Lloyd2016-01-031-3/+3
| | | | Only has vectors for NIST curves (data taken from NIST CAVS file)
* Merge pull request #381 from cordney/fix-load-unencryped-key-from-berJack Lloyd2015-12-311-3/+0
|\ | | | | Fix loading of unencrypted, BER encoded private keys via PKCS8 api