| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
| |
Call ERR_load_crypto_strings() during test initialization if the
openssl provider is also tested. This gives human readable error
messages.
|
|\ |
|
| | |
|
|\ \ |
|
| | |
| | |
| | |
| | |
| | |
| | | |
Use the OpenSSL provider to implement AES CBC mode. Also pass down
the provider to the encryption layer if there is no matching OpenSSL
mode. Add a test with empty nonce.
|
|\ \ \ |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Hostname validation is used to make sure the certificate
hostname matches the hostname of the connected host.
RFC 6125 allows one wildcard in the left-most label of
a hostname. Up to now, we only supported only the wildcard
as the left-most label, e.g., www.example.com would
match *.example.com, but www.example.com would not
match www*.example.com, although it is permitted.
Also adds test vectors from RFC 6125 as well as the
OpenSSL test suite.
|
|\ \ \ \ |
|
| | |/ /
| |/| |
| | | |
| | | | |
This way we know if the buffer is insufficient.
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | | |
Curious test failure, HMAC(MD5) failing with "invalid IV length"
(HMAC doesn't support an IV), it turned out to be the IV was left
around from the previously run GMAC test. Just clear out all vars
if a new [algo] header is seen in the file.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The tests for block, hash, stream, pubkey, and mac loop over all
possible crypto providers. If a specific provider is given on the
botan-test command line, use only this one. If the provider to be
tested is restricted, skip text based tests that do not have a
possible provider.
|
|/ /
| |
| |
| |
| |
| |
| |
| | |
Currently botan runs the tests for all crypto providers it can find.
Add a --provider option for botan-test to specify exactly one
provider. This allows to see which parts of a specific implementation
have been tested. Pass down the given provider to a specific test
class.
|
|\ \ |
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | | |
Was totally broken, when not encrypting in one shot. (GH #1003)
Enable the test, which had been commented out :(
|
|/ /
| |
| |
| |
| |
| | |
* Adds `botan_pubkey_load_elgamal' and `botan_privkey_load_elgamal'
functions to FFI interface.
* Adds test `ffi_test_elgamal'
|
|\ \
| |/
|/| |
|
| | |
|
|/ |
|
|
|
|
|
| |
Generated by OpenSSL, I needed this to help test
https://github.com/riboseinc/rnp/pull/48
|
|\ |
|
| | |
|
| | |
|
|\ \ |
|
| | |
| | |
| | |
| | | |
CVE-2017-2801
|
|\ \ \ |
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Nuno Goncalves <[email protected]>
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Nuno Goncalves <[email protected]>
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Nuno Goncalves <[email protected]>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
X509_Certificate::raw_issuer_dn_sha256()
X509_Certificate::raw_subject_dn_sha256()
Signed-off-by: Nuno Goncalves <[email protected]>
|
| | |/
| |/|
| | |
| | | |
Signed-off-by: Nuno Goncalves <[email protected]>
|
| |/
|/| |
|
|\ \ |
|
| | | |
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Looking into SP808-90A, it mentions that the max
security strength is the security strength
of the hash function for pre-image resistance.
The current implementation however always only
uses half of the output length, therefore only providing
half of the security strength possible.
However, SP800-90A supports only up to 256 bit
security strength, so we fix it to this upper limit.
In a second change, add_entropy() now also resets
the reseed counter if enough entropy input provided.
|
|\ \ |
|
| |/
| |
| |
| |
| |
| |
| |
| |
| | |
* fixes for deprecated constructions in c++11 and later (explicit rule of 3/5 or implicit rule of 0 and other violations)
* `default` specifier instead of `{}` in some places(probably all)
* removal of unreachable code (for example `return` after `throw`)
* removal of compilation unit only visible, but not used functions
* fix for `throw()` specifier - used instead `BOTAN_NOEXCEPT`
* removed not needed semicolons
|
|\ \
| |/
|/| |
|
| |
| |
| |
| | |
Declared in header, but was not defined. :(
|
| |
| |
| |
| |
| |
| | |
If DSA was disabled, caused memory corruption/crashes due to combination of
uninitialized object and the tests not checking return values as carefully
as they should.
|
| |
| |
| |
| | |
Supporting RSA, DSA, and ECC. Add also DSA specific loading functions.
|
|\ \
| |/
|/| |
|
| | |
|
|\ \ |
|
| |/
| |
| |
| |
| | |
If botan-test is invoked with an invalid test name, fail with a
usage error. This is more obvious than not running the test.
|
|/
|
|
|
|
| |
To make it easy to repeat classes of tests, print the name of the
test suite before starting it. This name can be used on the
botan-test command line. If a test hangs, it is also obvious which.
|
| |
|
|
|
|
|
|
| |
Failed if OpenSSL was used since OpenSSL does (whatever it does).
GH #879
|
|
|
|
| |
See GH #879
|