aboutsummaryrefslogtreecommitdiffstats
path: root/src/tests
Commit message (Collapse)AuthorAgeFilesLines
* Add helper for test output files. Remove last uses of hardcoded data dir macrosJack Lloyd2015-11-165-60/+88
|
* Avoid multiplication by zero here as get_affine will reject itJack Lloyd2015-11-131-1/+1
|
* Include the version string in the test outputJack Lloyd2015-11-131-0/+2
|
* The TLS test for corrupted data was too strict in requiring thatJack Lloyd2015-11-131-30/+32
| | | | | the first block satisfy the request, since it was possible another record header appeared in some appended corrupted data.
* Add TLS_PSK testsJack Lloyd2015-11-132-54/+192
| | | | | | | | | | | Fix a bug which rejected any short server key exchanges. These can occur with a plain PSK with short or empty identity hints. Disable SHA-224 by default. Remove some vestigal RC4 cruft. Push more on the TLS corruption tests.
* Avoid calling get_files_recursive on a possible non-directory.Jack Lloyd2015-11-112-9/+10
| | | | | | | | | The Boost directory iterator throws an exception in that case. Interestingly the current VC version does not seem to. In the interests of portability just avoid this operation rather than trying to hack around it in the Boost fs version. GH #328
* Test all providers for PK operationsJack Lloyd2015-11-111-24/+103
|
* Fix occasional test failsJack Lloyd2015-11-114-7/+70
| | | | | | | | Increase the iterations of the BigInt::random_integer test. Since things get slow quickly, leave the larger range tests to higher soak levels. In TLS, if the corrupted data causes an exception immediately that's ok because it's corrupted data.
* Add missing copyright/license notices.Jack Lloyd2015-11-111-0/+6
| | | | [ci skip]
* Update and consolidate the test framework.Jack Lloyd2015-11-1178-21664/+8688
| | | | | | | | | | | The tests previously had used 4 to 6 different schemes internally (the vec file reader framework, Catch, the old InSiTo Boost.Test tests, the PK/BigInt tests which escaped the rewrite in 1.11.7, plus a number of one-offs). Converge on a design that works everywhere, and update all the things. Fix also a few bugs found by the test changes: SHA-512-256 name incorrect, OpenSSL RC4 name incorrect, signature of FFI function botan_pubkey_destroy was wrong.
* Merge pull request #317 from randombit/cc-flag-sanityJack Lloyd2015-10-271-2/+1
|\ | | | | Split up build options
| * Remove --build-mode and add individual toggles for optimization, debug,Jack Lloyd2015-10-261-2/+1
| | | | | | | | | | | | sanitizers and coverage as all 4 are usefully set independently. Use GCC 4.9 on CircleCI as it seems to be supported. Add ASan + UBSan test.
* | Add some tests of basic load/store opsJack Lloyd2015-10-271-2/+109
| |
* | Reduce workfactors in ffi tests to speed things alongJack Lloyd2015-10-271-2/+2
| |
* | Merge pull request #314 from randombit/ct-tls-cbc-paddingJack Lloyd2015-10-261-120/+431
|\ \ | |/ |/| TLS improvements
| * TLS improvementsJack Lloyd2015-10-251-120/+431
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Use constant time operations when checking CBC padding in TLS decryption Fix a bug in decoding ClientHellos that prevented DTLS rehandshakes from working: on decode the session id and hello cookie would be swapped, causing confusion between client and server. Various changes in the service of finding the above DTLS bug that should have been done before now anyway - better control of handshake timeouts (via TLS::Policy), better reporting of handshake state in the case of an error, and finally expose the facility for per-message application callbacks.
* | Disable two tests from x509test which no longer have correct dates.Jack Lloyd2015-10-262-2/+5
| | | | | | | | | | | | These will need to be regen'ed with corrected values. Fix for minimized builds.
* | Fix cert validation bugs found by x509test.Jack Lloyd2015-10-2344-15/+2662
|/ | | | Add test suite with certs from x509test
* FixJack Lloyd2015-10-191-2/+2
|
* ECDSA KATs only work for base implJack Lloyd2015-10-191-2/+2
| | | | | OpenSSL doesn't use RFC 6979 nonces, so if openssl was enabled ECDSA tests would fail.
* Expose providers for public key operationsJack Lloyd2015-10-141-2/+2
| | | | | | | | For PK_Encryptor and company they are requested via a new provider param to the constructors. The speed command gets a --provider option so you can see benchmark results with the different versions.
* Build fixJack Lloyd2015-10-141-1/+2
|
* Move DataSource to utils and rewrite PEM encoding to avoid filtersJack Lloyd2015-10-143-41/+13
| | | | | Removes filters as as an internal dependency pretty much entirely (outside of some dusty corners in misc).
* Don't treat missing ciphers, hashes, etc as test failuresJack Lloyd2015-10-116-9/+18
| | | | | Just print an error message and return. Reduces false fails with smaller builds
* Fix bcrypt testJack Lloyd2015-10-032-2/+2
|
* Merge pull request #286 from randombit/mce-cleanupJack Lloyd2015-09-306-82/+221
|\ | | | | Cleanup and document McEliece implementation
| * Fix for minimized buildJack Lloyd2015-09-291-0/+8
| |
| * McEliece cleanupsJack Lloyd2015-09-296-82/+213
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove and consolidate various headers Reduce memory usage of GF2m_Field by sharing the log and exponent tables across all instances of a particular word size. Remove McEliece_Public_Operation and McEliece_Private_Operation which were difficult to use safely. Instead only the KEM operations are exposed. Add McEliece_PublicKey::random_plaintext_element Add command line `mce` tool and some McEliece documentation Convert the speed program to check McEliece keys of the suggested size Add McEliece KATs for both key generation and KEM Fix HMAC_DRBG constructor which derefed a pointer before its time
* | Add some missing overridesDaniel Seither2015-09-251-4/+4
| |
* | Remove dead codeDaniel Seither2015-09-251-1/+0
| | | | | | | | `continue` cannot be reached due to `return` in the line above
* | Avoid concatination of charsSimon Warta2015-09-221-1/+1
|/ | | | | | | Ever tried? auto str = "some long string"; auto str2 = str + '\n'; It's not with the brainfuck finding the bug.
* Merge pull request #279 from randombit/fix-static-lib-registrationJack Lloyd2015-09-2111-31/+25
|\ | | | | Move the algorithm factory functions to T::create and move object registration to the source file for its base class. These resolve the issues which prevented successful use of a static library that was built with individual object files. Removes the restriction in configure.py which prevented building non-amalgamation static libs.
| * Remove use of lookup.h in favor of new T::create API.Jack Lloyd2015-09-2110-26/+20
| |
| * Fix pbkdf, pk padding and ECDH registration for static linking.Jack Lloyd2015-09-111-5/+5
| | | | | | | | | | | | | | | | With this change the tests pass when linked against a static library built in the normal (non-amalgamation) fashion. Remove the restriction in configure.py, and have circleci build the clang static build as a non-amalg.
* | Add a test for X509_Certificate::fingerprintJack Lloyd2015-09-121-0/+1
| | | | | | | | Value checked against `openssl x509 -fingerprint` of same cert
* | Update fuzzer testSimon Warta2015-09-101-28/+39
|/ | | | | | | * Handle No_Filesystem_Access case properly * Use steady_clock for benchmarking Fixes #276
* Fix pk signature test framework bug.Jack Lloyd2015-08-281-5/+5
| | | | | | | | Was attempting to test that the all-zero signature is invalid, then tested some mutated signatures. Unfortunately it zeroed out the signature before doing the mutation tests, so the mutated signatures were all very-low Hamming weight strings instead of being close to the original valid signature.
* Add test for compression of an empty bufferDaniel Seither2015-08-281-0/+7
| | | | | | | | | | | | This test currently fails: $ ./botan-test compression Failure testing zlib - zlib deflate error -2 Failure testing deflate - zlib deflate error -2 Failure testing gzip - zlib deflate error -2 Compression 3 tests 3 FAILs =============== Tests 3 FAILs
* Fix for minimized buildsJack Lloyd2015-08-211-0/+1
|
* Add power analysis countermeasures for ECC point multiplications.Jack Lloyd2015-08-215-73/+99
| | | | | | | | The plain PointGFp operator* now uses Montgomery ladder exclusively. Adds a blinded point multiply algorithm which uses exponent and point randomization, as well as a Montgomery ladder technique that takes a random walk of the possible addition chains for k.
* Reactivate FFI PBKDF minimum iterations testSimon Warta2015-08-211-3/+2
| | | | | as dicussed here: https://github.com/randombit/botan/commit/480999c2820b0da995108d7474a74755cafd2924
* Add stricter time parsing; Add more testsSimon Warta2015-08-111-1/+79
|
* Test implicit X509_Time copy constructor and assignmentSimon Warta2015-08-111-0/+17
|
* Add Not matcher for CatchSimon Warta2015-08-111-0/+24
|
* Minor refactoring of existing MatchersSimon Warta2015-08-111-7/+10
|
* Remove string constructor of X509_Time()Simon Warta2015-08-111-23/+23
| | | | | | | | | | | * Break down string representations to to_string() and readable_string() * Add m_ prefix to member variable names * Fix order of methods * Move comments Doxygen friendly to header * Make set_to() private (future subjejt of refectoring); People should use constructor Closes #185
* Refector tests style (use matchers)Simon Warta2015-08-111-82/+64
|
* Strict uint32 parsingSimon Warta2015-08-111-7/+10
|
* Avoid integer overlow in string->uint32 converterSimon Warta2015-08-101-0/+42
| | | | | | | On systems where unsigned long is uint64 (typically 64 bit systems), a string containing a number greater than 2^32-1 was sucessfully converted to a uint64 and than reduced to uint32, causing an overflow. E.g. to_u32bit("4294967296") was 0 and to_u32bit("4294967297") was 1.
* Deactivate tests that consistently fail in debug modeSimon Warta2015-08-091-0/+8
| | | | [ci skip]