| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Just runs the specified test several times, or until first failure.
|
| |\ |
|
| | |
| |
| |
| | |
while encrypting/decrypting
|
| |\ \ |
|
| | | |
| | |
| | |
| | | |
GH #896
|
| |\ \ \ |
|
| | | | |
| | | |
| | | |
| | | | |
Also adds RSA key constructors using BN
|
| |/ / /
| | |
| | |
| | | |
Replaced by version in cli added in #894
|
| |\ \ \ |
|
| | | | | |
|
| | | | | |
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The 56 char bound is bogus; Blowfish itself allows at most 448 bits
in the key schedule, but Bcrypt's modification allows up to 72 chars
for the password. Bug pointed out by Solar Designer.
Also reject work factors 0...3 since all other extant bcrypt
implementations require at least work factor 4.
Adds more bcrypt tests generated by crypt_bcrypt and OpenBSD's version.
|
| | | | |
|
| |\ \ \ |
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
The filters tests were missing many BOTAN_HAS guards
for hash functions, MACs and ciphers used.
|
| |/ / /
| | |
| | |
| | | |
Only throw on systems where 32 bit std::time_t is used.
|
| |\ \ \ |
|
| | | | | |
|
| | | | | |
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Example:
"200305100350Z" interpreted as "2003/05/10 03:50:00 UTC"
correct is "2020/03/05 10:03:50 UTC"
According to RFC 5280:
UTCTime values ... MUST include seconds (i.e., times are YYMMDDHHMMSSZ) -> length 13
GeneralizedTime values ... MUST include seconds (i.e., times are YYYYMMDDHHMMSSZ) -> length 15
I think we should enforce the RFC5280 rules even if the ASN.1 rules are not that strict.
|
| |\ \ \ |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
A OCSP request doesn't need the full subject certificate.
This extends the API to require instead of the subject certificate:
* OCSP::Request: subject serial.
* OCSP::online_check: subject serial AND ocsp responder url.
API breaking change:
* removal of OCSP::Request::subject() as OCSP::Request doesn't need to hold
the certificate, but only the serial.
Signed-off-by: Nuno Goncalves <[email protected]>
|
| |\ \ \ \
| |/ / /
|/| | | |
|
| | | | | |
|
| |/ / /
| | |
| | |
| | | |
Test certs have expired.
|
| |\ \ \
| | | |
| | | |
| | | | |
tests
|
| | | | | |
|
| | |\ \ \
| | |_|/
| |/| |
| | | |
| | | | |
Rohde-Schwarz-Cybersecurity/extended-ec-public-key-checks
Extended ec public key checks
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | |_|/
|/| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This caused a test failure if run with --run-online-tests. This is not
the default but it caused the coverage build to fail.
Fix the test to reflect expired status. The whole thing does not
seem wholly satsifactory since we are still relying the behavior on an
external party, perhaps a mock OCSP responder should be created for
the tests.
|
| |/ /
| |
| |
| | |
From GH #889
|
| | | |
|
| |/ |
|
| | |
|
| | |
|
| |\ |
|
| | | |
|
| | |
| |
| |
| |
| | |
As long as we support DSS ciphersuites, we should test them,
even if they're deprecated.
|
| |/ |
|
| |
|
|
| |
Equivalent to an 8 byte all-zero IV, same handling as Salsa.
|
| |\
| |
| |
| | |
OS::get_high_resolution_clock
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Now let it return 0 if we have no hardware timestamp, and add
OS::get_high_resolution_clock for best available clock.
This is mainly because it's confusing for get_processor_timestamp to return
something that is not a processor timestamp and because it simplifies adding
cycles/byte output if we know that something is or is not a cycle counter.
Also adds Windows SEH version of run_cpu_instruction_probe. Untested, uncompiled.
|
| |/
|
|
| |
Tested on qemu-aarch64
|
| |
|
|
|
|
| |
Values take from the NESSIE submission package.
[ci skip]
|
| |
|
|
| |
It assumed if ECC was included then ECDH and ECDSA was also
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Based on build output sent by @noloader.
If RLIMIT_MEMLOCK is not defined, assume regular user is not able to
call mlock. This probably also affected Clang/GCC on Solaris.
Work around resolution issue in SIMD_4x32 where it finds ambiguity
between arg taking uint32_t and __m128i. This is probably some
artifact of how SunCC represents vector types, and seems highly bogus
in general but is easy to work around here. Change constructor taking
a single value to instead be `SIMD_4x32::splat` function. The SIMD
class is internal, so no API implications.
Fix various warnings about lambda functions that were missing return
types and which were not a single return statement. AIUI C++11 doesn't
guarantee that lambda return type will be deduced in that situation,
though in practice every compiler including SunCC seems to handle it.
Disable AVX2 usage, since SunCC's intrinsics seem to be broken - its
_mm_loadu_si256 takes non-const pointer.
Rename a few variables in the tests to avoid shadowed var warnings.
|
| | |
|
