aboutsummaryrefslogtreecommitdiffstats
path: root/src/tests/unit_tls.cpp
Commit message (Collapse)AuthorAgeFilesLines
* attemp_srp is overriding thus marking explicitallyDavid Carlier2019-11-301-1/+1
|
* Add a test of TLS-SRPJack Lloyd2019-11-231-1/+92
|
* Allow disabling TLS 1.0/1.1 and DTLS 1.0 at build timeJack Lloyd2019-11-101-1/+3
|
* Avoid situation where is_active and is_closed could both return trueJack Lloyd2019-10-221-0/+4
| | | | GH #2171
* Deprecate many publically available headersJack Lloyd2019-09-061-5/+0
|
* Add test case for DTLS reconnection from same client portJack Lloyd2019-07-131-0/+235
|
* Add support for HelloVerifyRequest on server sideJack Lloyd2019-06-181-0/+5
| | | | Closes GH #1833
* Let TLS serialization know which side we are sending asJack Lloyd2019-05-241-1/+1
| | | | Since this matters for some extensions
* Add support for supported versions extension from TLS 1.3Jack Lloyd2019-05-241-0/+11
|
* Fix feature macro checks.Jack Lloyd2019-04-261-2/+2
| | | | Add a checker script.
* Fixes for minimized buildsJack Lloyd2019-02-161-2/+4
| | | | Various configurations would fail build or test, fix that.
* Fix some warnings from PVS-StudioJack Lloyd2019-01-171-8/+14
| | | | No real bugs, but pointed out some odd constructs and duplicated logic
* Fix TLS signature algorithm intoleranceJack Lloyd2018-10-161-0/+10
| | | | GH #1708
* Fix bug that broke session decryption (and thus resumption)Jack Lloyd2018-04-091-0/+6
| | | | Introduced in 3657639ab. Add a test that would have caught this
* Add missing overrides [ci skip]Jack Lloyd2018-02-191-1/+1
|
* Add a test of TLS handshake with custom curve (secp112r1 in this case)Jack Lloyd2018-02-131-5/+31
|
* Use enums for TLS key exchange group paramsJack Lloyd2018-02-131-6/+13
|
* Have to remove sessions on client sideJack Lloyd2018-01-301-1/+1
| | | | | Clearing server side state doesn't help because we resume with a session ticket.
* Move generic TLS tests to test_tls.cppJack Lloyd2018-01-281-166/+0
| | | | | | Leaves unit_tls.cpp for the handshake level tests. Add some basic tests of the string<->enum conversions in tls_algos.h
* Use enums to represent TLS signature and kex algorithms.Jack Lloyd2018-01-281-2/+7
| | | | Adds support for PSS signatures (currently verifying only).
* Avoid resuming a session if policy doesn't allow itJack Lloyd2018-01-281-3/+3
| | | | Previously if the policy changed we'd continue to resume. #1431
* Blind attempt at fixing #1431Jack Lloyd2018-01-281-3/+2
|
* Add tests for server passing CA names for client authJack Lloyd2018-01-271-596/+289
|
* Fix a few warningsJack Lloyd2018-01-271-1/+1
|
* Make it possible to test custom extensionsJack Lloyd2018-01-271-256/+272
|
* Build fix when threads are disabled [ci skip]Jack Lloyd2018-01-191-0/+2
| | | | GH #1423
* Add copyright statements to files modified in the preceding 2 commitsHarry Reimann2017-12-041-0/+1
|
* Make support for certificate status messages optional via policyHarry Reimann2017-12-041-0/+3
| | | | | | | | Don't postpone the verification of a server certificate if certificate status messages are not expected in client handshake. When using an external crypto device it may be necessary to verify the certificate before using the public key for verification of the signature in the server key exchange message.
* Add support for ARIA GCM ciphersuitesJack Lloyd2017-11-031-0/+5
| | | | Tested against OpenSSL master
* Add supported groups TLS extension (RFC 7919)René Korthaus2017-10-171-4/+7
|
* Avoid protected data member in TLS testsJack Lloyd2017-10-021-4/+5
|
* Further header cleanupsJack Lloyd2017-09-281-0/+1
|
* Add final annotations as appropriate in the test codeJack Lloyd2017-09-221-3/+3
|
* More include header cleanupsJack Lloyd2017-09-211-1/+1
|
* Reformat code with astyle + fix code styleTomasz Frydrych2017-05-011-94/+183
|
* Fix botan_privkey_create if the desired algorithm was not available in buildJack Lloyd2017-04-031-0/+2
| | | | | | If DSA was disabled, caused memory corruption/crashes due to combination of uninitialized object and the tests not checking return values as carefully as they should.
* fix mem leak in tls unit testsDaniel Neus2017-03-031-4/+6
|
* Remove std::cout accidentally left from debuggingRené Korthaus2017-02-121-4/+0
|
* Fix compiling TLS tests without DSAJack Lloyd2017-02-111-0/+2
|
* Correct GH #869 for DSS CBC suitesJack Lloyd2017-02-071-2/+2
|
* Use SHA-384 with DHE_DSS_AES_256_CBCRené Korthaus2017-02-061-1/+5
|
* Add tests for DHE_DSS ciphersuitesRené Korthaus2017-02-061-5/+88
| | | | | As long as we support DSS ciphersuites, we should test them, even if they're deprecated.
* Fix various SunCC and Solaris warnings and build problems.Jack Lloyd2017-01-241-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | Based on build output sent by @noloader. If RLIMIT_MEMLOCK is not defined, assume regular user is not able to call mlock. This probably also affected Clang/GCC on Solaris. Work around resolution issue in SIMD_4x32 where it finds ambiguity between arg taking uint32_t and __m128i. This is probably some artifact of how SunCC represents vector types, and seems highly bogus in general but is easy to work around here. Change constructor taking a single value to instead be `SIMD_4x32::splat` function. The SIMD class is internal, so no API implications. Fix various warnings about lambda functions that were missing return types and which were not a single return statement. AIUI C++11 doesn't guarantee that lambda return type will be deduced in that situation, though in practice every compiler including SunCC seems to handle it. Disable AVX2 usage, since SunCC's intrinsics seem to be broken - its _mm_loadu_si256 takes non-const pointer. Rename a few variables in the tests to avoid shadowed var warnings.
* Avoid deprecation warning in TLS testsJack Lloyd2017-01-091-0/+3
|
* Avoid construct in test that causes compilation problem on XCode 6Jack Lloyd2017-01-041-2/+15
| | | | GH #798
* Increase default TLS DH min to 2048 bits, and add BSI policy class.Jack Lloyd2016-12-301-1/+3
| | | | | Moves BSI policy file to test data dir where it can be compared with what the hardcoded class outputs.
* Remove reference to CECPQ1_PSK OCB ciphersuite in test.Jack Lloyd2016-12-301-1/+0
| | | | | Initially planned, then decided to skip because supporting it requires more changes to the TLS handshake code than I want to do right now.
* Add CECPQ1 OCB ciphersuitesJack Lloyd2016-12-301-0/+7
| | | | | | Clean up the ciphersuite generation script a bit. [ci skip]
* One more Camellia TLS test fixJack Lloyd2016-12-281-1/+8
|
* Fix Camellia TLS testsJack Lloyd2016-12-281-2/+9
| | | | | | Disabling SHA-256 in TLS 1.1/1.2 has the effect of disabling the Camellia ECDH ciphersuites. So the test policy ended up with an empty ciphersuite list, when negotiating older versions.
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-21 12:25:05 +0000