| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Feels kind of nasty, but it sucks more to have CI builds break because
of random failures.
|
|
|
|
|
| |
The result of fuzzing with AFL for a while, then running cmin on the
result.
|
|
|
|
| |
Also adds a (not const time) implementation of almost Montgomery reduction.
|
| |
|
|
|
|
|
|
| |
Removes a fair number of the power mod test cases for size and test time.
Would be better to add a randomized or fuzzer-based test. Otherwise no
change.
|
|
|
|
|
|
|
|
|
| |
Not optimized and relies on asm support for const time word_add/word_sub
instructions.
Fix a bug introduced in 46e9a89 - unpoison needs to call the valgrind
API with the pointer rather than the reference. Caused values not to
be unpoisoned.
|
|
|
|
|
|
| |
Unlikely to fail in this case but anything's possible.
Found by Coverity
|
|
|
|
|
|
|
| |
Would be better to iterate over all of the key types for this type of
coverage.
Avoids Coverity dead code warning on the error-case throw.
|
|
|
|
|
|
|
|
|
|
| |
Some tests only deallocated in the branch where some other test
on the object succeeded.
The ECDH FFI test didn't deallocate any of its objects, which was
missed by valgrind before now because the test was not being run.
Found by Coverity scanner
|
|
|
|
| |
value. asn1_time.cpp 159
|
|
|
|
| |
inside the body of a loop. test_compression.cpp 78
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The check on each individual size in curve_mul is too strict since
we rely on redc(x*1) during the on the curve computation.
Fix an off by one in ressol which caused it to occasionally reject
valid values.
Updating version 1.11.28 since existing 1.11.27 tag already pushed :(
Fix an off-by-one in ressol which would cause it to occasionly
give up too early.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If affine coordinates larger than the prime modulus were given,
a later multiplication could overflow the size of an allocated
output buffer, which was sized based on the size of the prime.
This will cause an overflow into either the system heap or if the
mlock/mmap pool allocator is in use, then into the adjacent key
material stored in the pool.
Reported by Alex Gaynor who found it with AFL
Also fix a one word overwrite in P-521 reduction. Found with AFL
|
|
|
|
|
|
|
| |
It first computed the first i for q**(2**i) == 1, then checked that i
was smaller than s. Given a composite modulus (for which the algorithm
does not work), the loop might do a very large amount of work before
returning the failure.
|
| |
|
| |
|
|\ |
|
| | |
|
|/
|
|
| |
GH #369
|
| |
|
| |
|
|
|
|
| |
found by gcc with -Wsuggest-override
|
|
|
|
| |
fix PVS-Studio perfomance warnings
|
|
|
|
|
|
|
|
|
|
| |
Expose provider param in PK_Key_Agreement API
Handle multiple providers in key agreement tests
Fix some funky formatting of P-521 EC points in ecdh.vec which was
being rejected by OpenSSL; for whatever reason the CAVS file had
the affine coords with far more leading zeros than necessary.
|
| |
|
|
|
|
| |
Only has vectors for NIST curves (data taken from NIST CAVS file)
|
|
|
|
|
|
| |
There was a special case for small scalars which managed to forget
that the integer 3 also fits into two bits. Found by adding a new set
of ECC point mul tests for the NIST curves.
|
|\
| |
| | |
Fix loading of unencrypted, BER encoded private keys via PKCS8 api
|
| | |
|
| | |
|
| |
| |
| |
| | |
Avoids various static init and destruction hassles.
|
| |
| |
| |
| |
| |
| |
| |
| | |
At some point during the test changeover the (C) info got lost
from this file.
Also try randomizing the point repr in the copy test, just to spice
things up a bit.
|
|\ \
| | |
| | | |
Some trivial compiler and PVS-Studio warning fixes
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | | |
Convert McEliece KEM to use it
Add RSA-KEM
|
| |/
|/| |
|
| | |
|
| | |
|
| |
| |
| |
| | |
file
|
|/
|
|
| |
This allows me to build and run tests out-of-tree :)
|
|
|
|
|
|
| |
Improve diagnostics when an exception escapes a test
GH #369
|
|
|
|
|
|
|
| |
in the algo factory.
Fixes remaining issues of GH #369 - test_pubkey.cpp was expecting Lookup_Error
when something isn't found.
|
|\
| |
| | |
Add all 18 GCM tests provided in NIST GCM spec
|
| |
| |
| |
| |
| |
| |
| |
| | |
This adds tests for key length 192 and 256. Test vector source:
http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm
/gcm-spec.pdf
Closes: #344
|
|/
|
|
|
|
|
| |
Understand using '-' on the command line to mean stdin
Fix last few unit tests that wanted to write to the filesystem; removes
outdata directory.
|
| |
|
|
|
|
| |
GH #369
|
|
|
|
|
|
| |
Also fix KDF tests which failed on missing algo
GH #367
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The command line tools' origin as a collection of examples and test
programs glued together led to some unfortunate problems; lots of
hardcoded values, missing parameters, and obsolete crypto.
Adds a small library for writing command line programs of the sort
needed here (cli.h), which cuts the length of many of the commands in
half and makes commands more pleasant to write and extend.
Generalizes a lot of the commands also, eg previously only
signing/verification with DSA/SHA-1 was included!
Removes the fuzzer entry point since that's fairly useless outside of
an instrumented build.
Removes the in-library API for benchmarking.
|