aboutsummaryrefslogtreecommitdiffstats
path: root/src/tests
Commit message (Collapse)AuthorAgeFilesLines
* Ensure all files have copyright and license info.lloyd2015-01-1041-28/+219
| | | | | Update license header line to specify the terms and refer to the file, neither of which it included before.
* Add MCEIES, an integrated encryption system using McEliece and AES-256/OCBlloyd2015-01-081-47/+109
|
* Add SHA-512/256lloyd2015-01-082-1/+6
| | | | | Define some new functions for copying out arrays of words and use them across hashes.
* Add Brainpool and secp160r1 ECDSA testslloyd2015-01-052-1/+153
|
* Support the older ChaCha20Poly1305 AEAD from draft-agl-tls-chacha20poly1305-04lloyd2014-12-311-0/+8
| | | | | which we distinguish by the nonce size (always 64 bits in this format, always 96 bits in the CFRG document).
* Add AEAD based on ChaCha20 and Poly1305 defined in ↵lloyd2014-12-291-0/+13
| | | | draft-irtf-cfrg-chacha20-poly1305-03
* Add Poly1305, based on poly1305-donna by Andrew Moon.lloyd2014-12-291-0/+323
|
* Support 96 bit nonces in ChaCha20 as specified in ↵lloyd2014-12-291-0/+9
| | | | draft-irtf-cfrg-chacha20-poly1305-03
* All tests now share an RNG. Uses system RNG if availablelloyd2014-12-2823-53/+65
|
* Provide a test reportlloyd2014-12-271-0/+2
|
* Add Curve25519 based on curve25519-donna by Adam Langley.lloyd2014-12-274-0/+137
| | | | | | This uses only the c64 version from curve25519-donna; on systems that don't have a native uint128_t type, a donna128 type stands in for just enough 128-bit operations to satisfy donna.cpp
* Implement RFC 6979 determinstic signatures for DSA and ECDSA.lloyd2014-12-104-163/+237
| | | | | Drop the GNU MP engine. Its implementations were potentially faster in some scenarios but not well protected against side channels.
* Switch to using Montgomery ladder for EC point multiplication.lloyd2014-12-101-55/+75
| | | | | The test function create_random_point did not actually create a point on the curve - fix.
* Remove the Overbeck conversion at Dr. Strenzke's request.lloyd2014-12-061-99/+25
| | | | | | | | While a CCA2 proof of this scheme exists, it is written in German and for various reasons publishing a translation would be a complicated affair. Without a (well studied) English proof it is harder to understand the security of the overall scheme. Thus only KEM, which seems much easier to prove, will be offered.
* Add KEM scheme for McEliecefstrenzke2014-12-061-21/+68
|
* Add an implementation of McEliece encryption based on HyMESfstrenzke2014-11-263-0/+268
| | | | | | | (https://www.rocq.inria.fr/secret/CBCrypto/index.php?pg=hymes). The original version is LGPL but cryptsource GmbH has secured permission to release it under a BSD license. Also includes the Overbeck CCA2 message encoding scheme.
* Use the OCB test specified in RFC 7253 instead of the -03 draft versionlloyd2014-11-161-72/+50
|
* Add specialized reduction for P-521 along with 9x9 Comba routines.lloyd2014-11-151-12/+16
| | | | | Roughly 35-50% faster on my laptop (depending on if mlock is enabled, the overhead in that allocator is becoming much more of a hotspot).
* OCB cleanup and additional testslloyd2014-11-072-2/+106
|
* Replace Transformatio::nstart with start_raw so we can do a full setlloyd2014-11-053-7/+7
| | | | of overloads in the base class with the same name.
* Various small fixes and cleanups, new is_prime utillloyd2014-11-032-2/+11
|
* No need to pass version by referencelloyd2014-10-311-1/+2
|
* Add some secp256k1 KATs and a randomized ECC test suggested inlloyd2014-10-105-3/+148
| | | | http://crypto.stackexchange.com/questions/784
* Remove unused test. Bugzilla 272lloyd2014-05-171-65/+0
|
* Correct CCM for L != 2. Bugzilla 270lloyd2014-05-161-0/+7
|
* Any fixed MR iterations is probably wrong for somebody. Allow the userlloyd2014-04-251-4/+4
| | | | | | to specify a probability as well as if n was randomly chosen or not. If the input is random use a better bounds to reduce the number of needed tests.
* Better TLS checkslloyd2014-04-102-28/+46
|
* X.509 path validation now performs all possible tests and returns alloyd2014-04-051-3/+3
| | | | | | set of error codes, instead of failing immediately on first error. This prevents a 'weak' error like an expired certificate from hiding a major error such as signature validation failure or hard revocation.
* Add RFC 6979 nonce generator. Also some HMAC_DRBG cleanups.lloyd2014-03-223-0/+73
|
* Add HMAC_DRBGlloyd2014-03-214-21/+2487
|
* Fix warningslloyd2014-02-131-1/+1
|
* Cleanupslloyd2014-02-132-18/+0
|
* Remove global variableslloyd2014-02-131-71/+64
|
* Update Clang flags. Remove unneeded includes of init.hlloyd2014-02-091-1/+0
|
* Compile fixeslloyd2014-02-091-5/+3
|
* More fixes for minified buildslloyd2014-02-0917-87/+124
|
* Include build.h in tests.h so feature macro checks work consistently.lloyd2014-02-081-0/+1
|
* Fix minimized builds. Patch by Markus Wanner sent to botan-devellloyd2014-02-085-1/+32
|
* Fix a bug introduced in 1.11.6 where we tried to check CRL signatureslloyd2014-02-082-80/+52
| | | | | | against the wrong key, causing any check to fail. Clean up the NIST X.509 path validation tests and run them by default.
* Remove Square, Skipjack, Luby-Rackoff, and Blue Midnight Wish.lloyd2014-02-084-983/+0
|
* Compile fixeslloyd2014-02-081-0/+1
|
* Add the CMAC constants for 256 and 512 bit block cipherslloyd2014-02-022-0/+18
| | | | | Also add test vectors for Threefish-512 CMAC and EAX, both generated by the library.
* Add ChaChalloyd2014-01-317-14/+64
|
* Add initializer for test mainlloyd2014-01-181-0/+3
|
* Fix Skein_512::clearlloyd2014-01-181-0/+14
|
* Split off the keyed interfaces of transform to Keyed_Transformlloyd2014-01-182-2/+2
| | | | | Remove the unhelpful 'Algorithm' base class which had previously acted more or less as a global base.
* Remove PBES1 entirelylloyd2014-01-182-9/+6
|
* Split up docs into the reference manual, the website, and everything else.lloyd2014-01-1028-8/+48
| | | | | | | | | | | Add `website` target to makefile. Some progress towards fixing minimized builds. TLS now hard requires ECDSA and GCM since otherwise a minimized build has only insecure options. Remove boost_thread dependency in command line tool
* Split up test vectors into per-algo files and app into botan-test forlloyd2014-01-10114-55381/+50085
| | | | the tests and botan for everything else.
* Fix warningslloyd2014-01-072-1/+2
|