aboutsummaryrefslogtreecommitdiffstats
path: root/src/tests
Commit message (Collapse)AuthorAgeFilesLines
* Add FFI botan_hash_block_size.Daniel Wyatt2017-04-301-0/+5
|
* Show OpenSSL error messages if test fails.Alexander Bluhm2017-04-281-0/+10
| | | | | | Call ERR_load_crypto_strings() during test initialization if the openssl provider is also tested. This gives human readable error messages.
* Merge GH #1000 Support seeking in CTR modeJack Lloyd2017-04-271-0/+2810
|\
| * add test sets for CTR-BE(***)René Meusel2017-04-131-0/+2810
| |
* | Merge GH #1022 Support CBC ciphers via OpenSSLJack Lloyd2017-04-272-66/+91
|\ \
| * | Implement cipher modes with OpenSSL.Alexander Bluhm2017-04-252-66/+91
| | | | | | | | | | | | | | | | | | Use the OpenSSL provider to implement AES CBC mode. Also pass down the provider to the encryption layer if there is no matching OpenSSL mode. Add a test with empty nonce.
* | | Merge GH #1017 Complete wildcard handling for X.509 certificatesJack Lloyd2017-04-272-0/+94
|\ \ \
| * | | Complete wildcard handling for X.509 certificatesRené Korthaus2017-04-202-0/+94
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Hostname validation is used to make sure the certificate hostname matches the hostname of the connected host. RFC 6125 allows one wildcard in the left-most label of a hostname. Up to now, we only supported only the wildcard as the left-most label, e.g., www.example.com would match *.example.com, but www.example.com would not match www*.example.com, although it is permitted. Also adds test vectors from RFC 6125 as well as the OpenSSL test suite.
* | | | Merge GH #1027 Add error return to botan_mp_to_strJack Lloyd2017-04-271-0/+3
|\ \ \ \
| * | | | Add explicit return to FFI botan_mp_to_str.Daniel Wyatt2017-04-261-0/+3
| | |/ / | |/| | | | | | | | | | This way we know if the buffer is insufficient.
* / | | In text-based tests clear all data if algo changesJack Lloyd2017-04-271-0/+1
|/ / / | | | | | | | | | | | | | | | | | | Curious test failure, HMAC(MD5) failing with "invalid IV length" (HMAC doesn't support an IV), it turned out to be the IV was left around from the previously run GMAC test. Just clear out all vars if a new [algo] header is seen in the file.
* | | Filter provider in test loops, skip text based without provider.Alexander Bluhm2017-04-218-22/+48
| | | | | | | | | | | | | | | | | | | | | | | | The tests for block, hash, stream, pubkey, and mac loop over all possible crypto providers. If a specific provider is given on the botan-test command line, use only this one. If the provider to be tested is restricted, skip text based tests that do not have a possible provider.
* | | Run tests for a specific provider.Alexander Bluhm2017-04-213-2/+48
|/ / | | | | | | | | | | | | | | Currently botan runs the tests for all crypto providers it can find. Add a --provider option for botan-test to specify exactly one provider. This allows to see which parts of a specific implementation have been tested. Pass down the given provider to a specific test class.
* | Merge GH #1006 Fix FFI cipher interface (see also GH #1003)Jack Lloyd2017-04-151-65/+205
|\ \
| * | Add tests of GCM and CTR modeJack Lloyd2017-04-141-64/+205
| | |
| * | Fix FFI cipher interfaceJack Lloyd2017-04-141-11/+10
| | | | | | | | | | | | | | | | | | Was totally broken, when not encrypting in one shot. (GH #1003) Enable the test, which had been commented out :(
* | | Support for ElGamal in FFI interfaceKrzysztof Kwiatkowski2017-04-141-0/+76
|/ / | | | | | | | | | | * Adds `botan_pubkey_load_elgamal' and `botan_privkey_load_elgamal' functions to FFI interface. * Adds test `ffi_test_elgamal'
* | Merge GH #989 Avoid recursion in BER_Decoder::get_next_objectJack Lloyd2017-04-131-0/+67
|\ \ | |/ |/|
| * Add test for OSS-Fuzz 813Jack Lloyd2017-04-131-0/+67
| |
* | fix missing flush in DataSink_Stream::end_msgPhilippe Lieser2017-04-101-0/+27
|/
* Add another AES-128 CFB testJack Lloyd2017-04-081-0/+6
| | | | | Generated by OpenSSL, I needed this to help test https://github.com/riboseinc/rnp/pull/48
* Merge GH #966 Add SM3 hash functionJack Lloyd2017-04-051-0/+423
|\
| * Add more SM3 hash test data.Daniel Wyatt2017-04-031-0/+417
| |
| * Add SM3 hash functionDaniel Wyatt2017-04-031-0/+6
| |
* | Merge GH #978 Fix bad read in X509 DN comparisons (CVE-2017-2801)Jack Lloyd2017-04-043-0/+70
|\ \
| * | Fix X509 DN comparisonsJack Lloyd2017-04-043-0/+70
| | | | | | | | | | | | CVE-2017-2801
* | | Merge GH #900 Add ability to search by X509 DN hashJack Lloyd2017-04-042-193/+328
|\ \ \
| * | | Add tests for find_cert_by_raw_subject_dn_sha256Nuno Goncalves2017-04-041-1/+43
| | | | | | | | | | | | | | | | Signed-off-by: Nuno Goncalves <[email protected]>
| * | | Refactor test_certstor.cpp to prepare for adding testsNuno Goncalves2017-04-041-147/+181
| | | | | | | | | | | | | | | | Signed-off-by: Nuno Goncalves <[email protected]>
| * | | Format with astyle before major changesNuno Goncalves2017-04-031-30/+32
| | | | | | | | | | | | | | | | Signed-off-by: Nuno Goncalves <[email protected]>
| * | | Add unit tests for X509 hash methods:Nuno Goncalves2017-04-031-0/+56
| | | | | | | | | | | | | | | | | | | | | | | | | | | | X509_Certificate::raw_issuer_dn_sha256() X509_Certificate::raw_subject_dn_sha256() Signed-off-by: Nuno Goncalves <[email protected]>
| * | | Refactor and modernize files to be editedNuno Goncalves2017-04-031-45/+46
| | |/ | |/| | | | | | | Signed-off-by: Nuno Goncalves <[email protected]>
* | | Add block cipher interface to C APIJack Lloyd2017-04-041-0/+37
| |/ |/|
* | Merge GH #885 Change HMAC_DRBG::security_level to match NIST SP800-90AJack Lloyd2017-04-041-8/+36
|\ \
| * | Follow NIST SP 800-57 for HMAC_DRBG security levelRené Korthaus2017-04-031-0/+26
| | |
| * | Change security_strength of HMAC_DRBGRené Korthaus2017-04-031-8/+10
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | Looking into SP808-90A, it mentions that the max security strength is the security strength of the hash function for pre-image resistance. The current implementation however always only uses half of the output length, therefore only providing half of the security strength possible. However, SP800-90A supports only up to 256 bit security strength, so we fix it to this upper limit. In a second change, add_entropy() now also resets the reseed counter if enough entropy input provided.
* | Merge GH #965 Various code cleanupsJack Lloyd2017-04-045-9/+6
|\ \
| * | Content:Tomasz Frydrych2017-04-035-9/+6
| |/ | | | | | | | | | | | | | | | | * fixes for deprecated constructions in c++11 and later (explicit rule of 3/5 or implicit rule of 0 and other violations) * `default` specifier instead of `{}` in some places(probably all) * removal of unreachable code (for example `return` after `throw`) * removal of compilation unit only visible, but not used functions * fix for `throw()` specifier - used instead `BOTAN_NOEXCEPT` * removed not needed semicolons
* | Merge GH #964 Add various useful FFI functions for public key cryptoJack Lloyd2017-04-042-0/+130
|\ \ | |/ |/|
| * Implement botan_pubkey_loadJack Lloyd2017-04-031-1/+6
| | | | | | | | Declared in header, but was not defined. :(
| * Fix botan_privkey_create if the desired algorithm was not available in buildJack Lloyd2017-04-032-1/+20
| | | | | | | | | | | | If DSA was disabled, caused memory corruption/crashes due to combination of uninitialized object and the tests not checking return values as carefully as they should.
| * Add generic getters for PK parameters in C interfaceJack Lloyd2017-04-021-0/+106
| | | | | | | | Supporting RSA, DSA, and ECC. Add also DSA specific loading functions.
* | Merge GH #961 Add some more BigInt functions to C APIJack Lloyd2017-04-021-0/+50
|\ \ | |/ |/|
| * Add some more useful bigint functions to C interfaceJack Lloyd2017-03-311-0/+50
| |
* | Merge GH #960 Check name of test suite.Jack Lloyd2017-04-021-0/+11
|\ \
| * | Check name of test suite.Alexander Bluhm2017-03-311-0/+11
| |/ | | | | | | | | If botan-test is invoked with an invalid test name, fail with a usage error. This is more obvious than not running the test.
* / Print test name before running test.Alexander Bluhm2017-03-311-0/+1
|/ | | | | | To make it easy to repeat classes of tests, print the name of the test suite before starting it. This name can be used on the botan-test command line. If a test hangs, it is also obvious which.
* Build fixJack Lloyd2017-03-291-1/+1
|
* Fix RSA blinding testJack Lloyd2017-03-291-5/+7
| | | | | | Failed if OpenSSL was used since OpenSSL does (whatever it does). GH #879
* Fix final RSA blinding testJack Lloyd2017-03-291-4/+5
| | | | See GH #879