| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |\ |
|
| | |
| |
| |
| |
| | |
The filters tests were missing many BOTAN_HAS guards
for hash functions, MACs and ciphers used.
|
| |/
|
|
| |
Only throw on systems where 32 bit std::time_t is used.
|
| |\ |
|
| | | |
|
| | | |
|
| |/
|
|
|
|
|
|
|
|
|
|
| |
Example:
"200305100350Z" interpreted as "2003/05/10 03:50:00 UTC"
correct is "2020/03/05 10:03:50 UTC"
According to RFC 5280:
UTCTime values ... MUST include seconds (i.e., times are YYMMDDHHMMSSZ) -> length 13
GeneralizedTime values ... MUST include seconds (i.e., times are YYYYMMDDHHMMSSZ) -> length 15
I think we should enforce the RFC5280 rules even if the ASN.1 rules are not that strict.
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
A OCSP request doesn't need the full subject certificate.
This extends the API to require instead of the subject certificate:
* OCSP::Request: subject serial.
* OCSP::online_check: subject serial AND ocsp responder url.
API breaking change:
* removal of OCSP::Request::subject() as OCSP::Request doesn't need to hold
the certificate, but only the serial.
Signed-off-by: Nuno Goncalves <[email protected]>
|
| |\ \
| |/
|/| |
|
| | | |
|
| |/
|
|
| |
Test certs have expired.
|
| |\
| |
| |
| | |
tests
|
| | | |
|
| | |\
| | |
| | |
| | |
| | | |
Rohde-Schwarz-Cybersecurity/extended-ec-public-key-checks
Extended ec public key checks
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This caused a test failure if run with --run-online-tests. This is not
the default but it caused the coverage build to fail.
Fix the test to reflect expired status. The whole thing does not
seem wholly satsifactory since we are still relying the behavior on an
external party, perhaps a mock OCSP responder should be created for
the tests.
|
| |/ /
| |
| |
| | |
From GH #889
|
| | | |
|
| |/ |
|
| | |
|
| | |
|
| |\ |
|
| | | |
|
| | |
| |
| |
| |
| | |
As long as we support DSS ciphersuites, we should test them,
even if they're deprecated.
|
| |/ |
|
| |
|
|
| |
Equivalent to an 8 byte all-zero IV, same handling as Salsa.
|
| |\
| |
| |
| | |
OS::get_high_resolution_clock
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Now let it return 0 if we have no hardware timestamp, and add
OS::get_high_resolution_clock for best available clock.
This is mainly because it's confusing for get_processor_timestamp to return
something that is not a processor timestamp and because it simplifies adding
cycles/byte output if we know that something is or is not a cycle counter.
Also adds Windows SEH version of run_cpu_instruction_probe. Untested, uncompiled.
|
| |/
|
|
| |
Tested on qemu-aarch64
|
| |
|
|
|
|
| |
Values take from the NESSIE submission package.
[ci skip]
|
| |
|
|
| |
It assumed if ECC was included then ECDH and ECDSA was also
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Based on build output sent by @noloader.
If RLIMIT_MEMLOCK is not defined, assume regular user is not able to
call mlock. This probably also affected Clang/GCC on Solaris.
Work around resolution issue in SIMD_4x32 where it finds ambiguity
between arg taking uint32_t and __m128i. This is probably some
artifact of how SunCC represents vector types, and seems highly bogus
in general but is easy to work around here. Change constructor taking
a single value to instead be `SIMD_4x32::splat` function. The SIMD
class is internal, so no API implications.
Fix various warnings about lambda functions that were missing return
types and which were not a single return statement. AIUI C++11 doesn't
guarantee that lambda return type will be deduced in that situation,
though in practice every compiler including SunCC seems to handle it.
Disable AVX2 usage, since SunCC's intrinsics seem to be broken - its
_mm_loadu_si256 takes non-const pointer.
Rename a few variables in the tests to avoid shadowed var warnings.
|
| | |
|
| |
|
|
| |
Instead just let the individual tests that need the RNG fail.
|
| | |
|
| | |
|
| |
|
|
|
| |
Mainly driven by missing test for OS::run_cpu_instruction_probe.
Currently only works on x86 and ARM. Tested on x86-64 native and aarch64 qemu.
|
| | |
|
| |
|
|
| |
Just use in-memory sqlite DB instead
|
| | |
|
| |
|
|
|
|
|
|
| |
When compiled by GCC 4.8 on AIX 7.1 ppc32, the TLS policy tests
fail because the exception thrown from the TLS policy check ends up
not being caught at runtime by the test if the catch statement
is for `std::exception&` or even `Botan::Exception&` but only
if the actually thrown type `Botan::TLS::TLS_Exception` is caught.
|
| | |
|
| |
|
|
| |
Found by Coverity scanner
|
| |
|
|
| |
GH #713
|
| |\ |
|
