aboutsummaryrefslogtreecommitdiffstats
path: root/src/tests
Commit message (Collapse)AuthorAgeFilesLines
* Add P-521 ECDSA testJack Lloyd2016-10-301-0/+9
| | | | GH #681
* Remove use of deprecated constructors in PKCS11 testsJack Lloyd2016-10-301-6/+6
|
* Merge GH #692 Remove deprecated RNGs and entropy sourcesJack Lloyd2016-10-302-1580/+0
|\
| * Remove HMAC_RNG, X9.31-RNG, BeOS stats, EGD reader, Unix process runnerJack Lloyd2016-10-282-1580/+0
| | | | | | | | | | Change AutoSeeded_RNG to use SHA-384, SHA-256, SHA-3(256), or SHA-1, whichever is available (in that order).
* | More filter testsJack Lloyd2016-10-291-1/+109
|/ | | | Simplify algo_filt.cpp using create_or_throw
* Merge GH #691/#488 Add GMAC. Add MessageAuthenticationCode::start_msgJack Lloyd2016-10-282-1/+90
|\
| * Add MAC::start_msg, update GMACJack Lloyd2016-10-281-33/+6
| | | | | | | | | | | | | | | | GMAC needs a per-message nonce specified with `start`, and other MACs are capable of using nonces (Skein-MAC, for instance) so move this API up to MAC class. Change GMAC::clone to clone the owned cipher.
| * Implements GMAC with GHASH.Matthias Gierlings2016-10-281-0/+30
| | | | | | | | | | Adds support for Galois Message Authentication Code calculation based on GHASH, rather than GCM_Mode.
| * Added implementation for GMACMatthias Gierlings2016-10-272-8/+94
| | | | | | | | | | | | - Added GMAC class - Integrated GMAC into MAC-Class test bench. Run GMAC tests using ./botan-test mac
* | Merge GH #687 Avoid unused return value warning under GCCJack Lloyd2016-10-281-2/+3
|\ \
| * | Fixes randombit/botan#677Matthias Gierlings2016-10-271-2/+3
| |/
* | make max_number_of_bytes_per_request configurableDaniel Neus2016-10-281-1/+60
| |
* | Small pushes on test coverageJack Lloyd2016-10-272-1/+16
| | | | | | | | | | No real way to test what/if `clear` does, but at least we know it runs and doesn't crash which is an improvement over the status quo.
* | Merge GH #689 Add tests for Pipe/Filter systemJack Lloyd2016-10-271-16/+167
|\ \
| * | Add more tests for Pipe/FilterJack Lloyd2016-10-271-16/+167
| |/ | | | | | | | | | | | | | | | | | | | | | | | | In this round of write some tests and find a bug, Threaded_Fork seems to be completely broken. I don't think the semaphore approach it uses really works (consistently) because a single worker thread can acquire the semaphore more than once. This can be seen in the (disabled) test of Threaded_Fork. Not sure what to do about Threaded_Fork - it has been broken since introduction and nobody has mentioned any problems so likely nobody has ever used it. May actually be better to remove it entirely rather than to fix it.
* | More tests for session managers.Jack Lloyd2016-10-271-1/+13
| | | | | | | | | | | | Using sqlite3 for one and memory for another meant only half of each implementation was tested. Instead use sqlite3 for a while, then switch to in-memory, to ensure both are covered.
* | Test MtE then EtM CBC modesJack Lloyd2016-10-271-1/+1
| | | | | | | | | | | | | | | | Otherwise we may end up trying to renegotiate EtM to MtE which is an error. Only occured sporadically due to low timeout set on session cache; only if we retried really quickly did it fail. Feels kind of hacky, but disabling EtM is a corner case anyway.
* | Fix TLS resumption bugsJack Lloyd2016-10-271-92/+155
|/ | | | | | | | | | | | | | | | | | | | | The client would attempt to resume a session, even if the session was for a version other than what it wanted to offer. If the server resumed with the original version, the client would then reject the 'incorrect' version. Instead, if the session is for a version other than what we want to offer, just start a fresh handshake. Fix resuming in the EtM case - even if the policy says otherwise, always resume EtM sessions as EtM. Servers are required to reject a MtE resumption on an EtM session. The new client hello already ordered extensions to prevent an empty extension from ever being last (working around a bug in some dumb stack somewhere), but this was not true for the resume case. Fix that. Beef up tests a bit - test ECDSA suites, alerts, and sqlite3 session db. Sharing the session state across all the tests is what tipped me off on the resumption bugs in the first place - as usual, what is not tested does not work correctly.
* Fix HMAC_DRBG fork testJack Lloyd2016-10-251-8/+14
| | | | | | | The fork test actually closed the pipe early so this test had been busted. Previously missed because the return value of read was not checked. Missed by me in e8908d4fb671 because I changed the test but did not run it before checking in. Hey, it compiled. :(
* Add missing variable to AES test vectorJack Lloyd2016-10-251-0/+1
|
* Static analyzer fixesJack Lloyd2016-10-252-20/+39
| | | | | | | | | Check return value of read, found by Clang. See also #677 Remove unused member variable in OpenSSL ECC, found by Clang. In ECDSA tests, if the pointer is null we should return rather than dereferencing it. Found by Coverity.
* Add long (4+ block) AES KATsJack Lloyd2016-10-251-0/+10
| | | | We were not previously hitting the 4 way unrolled loop in AES-NI in tests
* Merge GH #682 Improve test name consistencyJack Lloyd2016-10-255-5/+5
|\
| * Pubkey tests should express category [ci skip]René Korthaus2016-10-245-5/+5
| |
* | Add TPM and PKCS #11 to coverage buildJack Lloyd2016-10-241-8/+11
|/ | | | | | | SoftHSMv1 included in 14.04 is too old and many tests fail, so grabs prebuilt SoftHSMv2 binaries from www.randombit.net. This can change to use the packaged SoftHSM in 16.04, whenever Travis makes that available.
* Remove unneeded includesJack Lloyd2016-10-242-2/+0
|
* Fixes for build without 25519Jack Lloyd2016-10-241-0/+3
|
* Merge GH #673 X25519 TLS key exchangeJack Lloyd2016-10-241-0/+4
|\
| * X25519 key exchange for TLSJack Lloyd2016-10-211-0/+4
| | | | | | | | | | Client interops with google.com, server not tested against an independent client yet.
* | Merge GH #679 Unify test namingJack Lloyd2016-10-244-5/+5
|\ \
| * | Reunify registered test names [ci skip]René Korthaus2016-10-234-5/+5
| |/
* | ECIES ISO tests require SHA-1Jack Lloyd2016-10-211-1/+1
| |
* | Remove Algo_RegistryJack Lloyd2016-10-211-96/+6
|/ | | | | | | I repent my use of global constructors. I repent my use of global locks. Hopefully I will never touch this code again. :)
* Allow setting the validation time during PKIX path validationJack Lloyd2016-10-211-1/+5
| | | | | | | Previously validation asked the system clock which is not always the correct thing (for example when using Roughtime protocol). Had been on the todo list forever, forced into it by some of the test certs expiring today.
* Add SHAKE-128 as stream cipherJack Lloyd2016-10-191-0/+3379
| | | | | Updates NewHope to use that instead of the hard-coded SHAKE-128, and adds toggle for BoringSSL compat mode using AES-128/CTR + SHA-256.
* Add proper SHA-3Jack Lloyd2016-10-192-5/+1225
| | | | | | | | | | Kind of a copy and paste of Keccak, but only a single copy of the permutation at least. Keccak depends on SHA-3 instead of the reverse, so that SHA-3 can be enabled without also bringing in an unapproved hash function. Updates newhope code and removes API function newhope_hash which was an unofficial SHA-3-256.
* Fix pubkey tests when EMEs are disabled.Jack Lloyd2016-10-181-30/+14
| | | | | Test assumed EME was always there and would fail. This caused failures with BSI policy which disables PKCS1v1.5
* Maintainer mode fixesJack Lloyd2016-10-171-1/+0
|
* Merge GH #665 Add IncludeOS target, make filesystem/threads optionalJack Lloyd2016-10-173-3/+1
|\
| * Fix mutex in oids.cppJack Lloyd2016-10-122-2/+0
| | | | | | | | Remove bogus includes for TLS tests
| * Add IncludeOS target. Make filesystem support optional.Jack Lloyd2016-10-101-1/+1
| |
* | Increase slop size in FFI testJack Lloyd2016-10-141-2/+3
| | | | | | | | | | This is lame but I still cannot repro and random CI failures suck. Eventually I will fix the API.
* | Change Certificate_Store_in_SQL to take RNG as argument.Jack Lloyd2016-10-131-1/+1
| | | | | | | | | | Previously it created a new AutoSeeded_RNG in each function, sometimes without even using it.
* | Merge GH #659 TLS CBC is optionalJack Lloyd2016-10-131-0/+5
|\ \ | |/ |/|
| * Make TLS CBC optionalJack Lloyd2016-10-081-0/+5
| |
* | Make pk_ops.h internalJack Lloyd2016-10-084-12/+12
| | | | | | | | Some fixes for missing system_rng in ECIES and tests.
* | Add missing try/catch blocks.Jack Lloyd2016-10-073-12/+55
| | | | | | | | Document that create_*_op is public but not for public consumption.
* | Revert PK_Verifier change (don't require RNG there).Jack Lloyd2016-10-072-10/+10
| | | | | | | | | | | | | | Verification is deterministic and public, so really no RNG is ever needed. Change provider handling - accepts "base", "openssl", or empty, otherwise throws a Provider_Not_Found exception.
* | Remove Algo_Registry usage from public key code.Jack Lloyd2016-10-079-38/+38
|/ | | | | | | | Instead the key types exposes operations like `create_encryption_op` which will return the relevant operation if the algorithm supports it. Changes pubkey.h interface, now RNG is passed at init time. Blinder previous created its own RNG, now it takes it from app.
* TLS: Split CBC+HMAC modes to standalone AEAD_ModeJack Lloyd2016-10-071-116/+167
| | | | | Now record layer only deals with an AEAD, and the weird complications of CBC modes mostly hidden in tls_cbc.cpp