Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Reformat code with astyle + fix code style | Tomasz Frydrych | 2017-05-01 | 87 | -1807/+2679 |
| | |||||
* | Merge GH #1032 Throw exception with OpenSSL error message if OpenSSL API ↵ | Jack Lloyd | 2017-04-29 | 5 | -35/+65 |
|\ | | | | | | | call fails | ||||
| * | Throw OpenSSL exception if any OpenSSL function failed. | Alexander Bluhm | 2017-04-29 | 5 | -35/+65 |
| | | | | | | | | | | Checking for all failures helps to find problems early. The OpenSSL_Error() exception provides the OpenSSL error string. | ||||
* | | Do not load OpenSSL error messages in library. | Alexander Bluhm | 2017-04-28 | 1 | -1/+0 |
| | | | | | | | | | | | | The function ERR_load_crypto_strings() should be called by the program or during library initializeation. Remove it from get_openssl_enc_pad(), this looks like an accident. | ||||
* | | Show OpenSSL error messages if test fails. | Alexander Bluhm | 2017-04-28 | 1 | -0/+10 |
|/ | | | | | | Call ERR_load_crypto_strings() during test initialization if the openssl provider is also tested. This gives human readable error messages. | ||||
* | Merge GH #1000 Support seeking in CTR mode | Jack Lloyd | 2017-04-27 | 3 | -25/+2856 |
|\ | |||||
| * | Refactor: remove big-endian addition code duplication | René Meusel | 2017-04-13 | 2 | -18/+27 |
| | | |||||
| * | Refactor: use ::seek(0) in CTR_BE::set_iv() | René Meusel | 2017-04-13 | 1 | -18/+1 |
| | | |||||
| * | add test sets for CTR-BE(***) | René Meusel | 2017-04-13 | 1 | -0/+2810 |
| | | |||||
| * | Add implementation of CTR_BE::seek() | René Meusel | 2017-04-13 | 2 | -2/+31 |
| | | |||||
* | | Merge GH #1024 Further configure cleanups, make pylint mandatory | Jack Lloyd | 2017-04-27 | 1 | -3/+7 |
|\ \ | |||||
| * | | Make configure script pylint2 complient | Simon Warta | 2017-04-26 | 1 | -2/+6 |
| | | | |||||
| * | | Put lint travis job into action | Simon Warta | 2017-04-26 | 1 | -2/+2 |
| | | | |||||
* | | | Merge GH #1022 Support CBC ciphers via OpenSSL | Jack Lloyd | 2017-04-27 | 6 | -71/+344 |
|\ \ \ | |||||
| * | | | Implement cipher modes with OpenSSL. | Alexander Bluhm | 2017-04-25 | 6 | -71/+344 |
| |/ / | | | | | | | | | | | | | | | | Use the OpenSSL provider to implement AES CBC mode. Also pass down the provider to the encryption layer if there is no matching OpenSSL mode. Add a test with empty nonce. | ||||
* | | | Merge GH #1017 Complete wildcard handling for X.509 certificates | Jack Lloyd | 2017-04-27 | 3 | -4/+178 |
|\ \ \ | |||||
| * | | | Complete wildcard handling for X.509 certificates | René Korthaus | 2017-04-20 | 3 | -4/+178 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Hostname validation is used to make sure the certificate hostname matches the hostname of the connected host. RFC 6125 allows one wildcard in the left-most label of a hostname. Up to now, we only supported only the wildcard as the left-most label, e.g., www.example.com would match *.example.com, but www.example.com would not match www*.example.com, although it is permitted. Also adds test vectors from RFC 6125 as well as the OpenSSL test suite. | ||||
* | | | | Merge GH #1023 Add missing functions to TLS::Text_Policy | Jack Lloyd | 2017-04-27 | 1 | -1/+13 |
|\ \ \ \ | |||||
| * | | | | Make it easier to customize Text_Policy when inheriting from it | louiz’ | 2017-04-27 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This way, the library user can improve the class by adding missing functions or some other tweak they may find useful. Without any access to m_kv this is impossible. | ||||
| * | | | | Add some missing function overrides in TLS::Text_Policy | louiz’ | 2017-04-25 | 1 | -0/+12 |
| | |/ / | |/| | | |||||
* | | | | Merge GH #1027 Add error return to botan_mp_to_str | Jack Lloyd | 2017-04-27 | 2 | -1/+4 |
|\ \ \ \ | |||||
| * | | | | Add explicit return to FFI botan_mp_to_str. | Daniel Wyatt | 2017-04-26 | 2 | -1/+4 |
| |/ / / | | | | | | | | | | | | | This way we know if the buffer is insufficient. | ||||
* | | | | Add BOTAN_ALIGNAS macro for MSVC 2013 | Jack Lloyd | 2017-04-27 | 1 | -0/+9 |
| | | | | | | | | | | | | | | | | GH #1009 | ||||
* | | | | In text-based tests clear all data if algo changes | Jack Lloyd | 2017-04-27 | 1 | -0/+1 |
|/ / / | | | | | | | | | | | | | | | | | | | Curious test failure, HMAC(MD5) failing with "invalid IV length" (HMAC doesn't support an IV), it turned out to be the IV was left around from the previously run GMAC test. Just clear out all vars if a new [algo] header is seen in the file. | ||||
* | | | Filter provider in test loops, skip text based without provider. | Alexander Bluhm | 2017-04-21 | 8 | -22/+48 |
| | | | | | | | | | | | | | | | | | | | | | | | | The tests for block, hash, stream, pubkey, and mac loop over all possible crypto providers. If a specific provider is given on the botan-test command line, use only this one. If the provider to be tested is restricted, skip text based tests that do not have a possible provider. | ||||
* | | | Run tests for a specific provider. | Alexander Bluhm | 2017-04-21 | 3 | -2/+48 |
|/ / | | | | | | | | | | | | | | | Currently botan runs the tests for all crypto providers it can find. Add a --provider option for botan-test to specify exactly one provider. This allows to see which parts of a specific implementation have been tested. Pass down the given provider to a specific test class. | ||||
* | | Merge GH #1002 Cleanups in configure.py main function | Jack Lloyd | 2017-04-19 | 1 | -1/+1 |
|\ \ | |||||
| * | | Make template variable misc_config more specific | Simon Warta | 2017-04-18 | 1 | -1/+1 |
| | | | |||||
* | | | Fix Clang warning in ffi | Jack Lloyd | 2017-04-19 | 1 | -121/+117 |
|/ / | | | | | | | | | | | | | The do_get_field functions had C linkage but returned BigInt, which is a warning under Clang at least. Move these functions up outside of the extern "C" block, and rename them to not match the FFI function since these are not publically accessible APIs, just helper functions. | ||||
* | | Use 3 arg BOTAN_UNUSED in a codepath that is compiled often | Simon Warta | 2017-04-17 | 1 | -3/+1 |
| | | | | | | | | | | just to verify the implementation works fine across platforms and compilers | ||||
* | | Mark correct variables unused in FFI botan_{pub,priv}key_load_elgamal | Simon Warta | 2017-04-16 | 1 | -7/+2 |
| | | | | | | | | Closes #1011 | ||||
* | | Improve unused handling in ffi methods | Simon Warta | 2017-04-16 | 1 | -16/+8 |
| | | | | | | | | | | Make sure `key` is not touched when method is not implemented. Use one line UNUSED statements | ||||
* | | Let BOTAN_UNUSED take between 1 and 9 arguments | Simon Warta | 2017-04-16 | 1 | -2/+26 |
| | | |||||
* | | Merge GH #1006 Fix FFI cipher interface (see also GH #1003) | Jack Lloyd | 2017-04-15 | 2 | -65/+207 |
|\ \ | |||||
| * | | Add tests of GCM and CTR mode | Jack Lloyd | 2017-04-14 | 1 | -64/+205 |
| | | | |||||
| * | | Fix FFI cipher interface | Jack Lloyd | 2017-04-14 | 2 | -11/+12 |
| | | | | | | | | | | | | | | | | | | Was totally broken, when not encrypting in one shot. (GH #1003) Enable the test, which had been commented out :( | ||||
* | | | Guard include of ElGamal header | Jack Lloyd | 2017-04-15 | 1 | -1/+4 |
| | | | |||||
* | | | Support for ElGamal in FFI interface | Krzysztof Kwiatkowski | 2017-04-14 | 3 | -1/+168 |
|/ / | | | | | | | | | | | * Adds `botan_pubkey_load_elgamal' and `botan_privkey_load_elgamal' functions to FFI interface. * Adds test `ffi_test_elgamal' | ||||
* | | Merge GH #989 Avoid recursion in BER_Decoder::get_next_object | Jack Lloyd | 2017-04-13 | 2 | -11/+83 |
|\ \ | |||||
| * | | Add test for OSS-Fuzz 813 | Jack Lloyd | 2017-04-13 | 1 | -0/+67 |
| | | | |||||
| * | | Avoid recursion in BER_Decoder::get_next_object | Jack Lloyd | 2017-04-09 | 1 | -11/+16 |
| | | | |||||
* | | | Add hex encoder/decoder CLI util | Jack Lloyd | 2017-04-13 | 1 | -0/+37 |
| | | | |||||
* | | | Add HMAC CLI command | René Korthaus | 2017-04-13 | 1 | -0/+48 |
| |/ |/| | |||||
* | | fix missing flush in DataSink_Stream::end_msg | Philippe Lieser | 2017-04-10 | 3 | -0/+39 |
| | | |||||
* | | Fix afl fuzzer build [ci skip] | Jack Lloyd | 2017-04-09 | 1 | -1/+1 |
|/ | |||||
* | Add another AES-128 CFB test | Jack Lloyd | 2017-04-08 | 1 | -0/+6 |
| | | | | | Generated by OpenSSL, I needed this to help test https://github.com/riboseinc/rnp/pull/48 | ||||
* | Small ffi fixes | Jack Lloyd | 2017-04-08 | 2 | -4/+6 |
| | | | | | | | | | Constify arg to botan_pk_op_decrypt, and correct comment on botan_mp_is_positive, which returns true even for zero. Considered changing botan_mp_is_positive to match the comment, and return false for zero, but we already test that botan_mp_is_positive(0) == 1, so I left it as is and fixed the comment. | ||||
* | Configure codecov to accept a 0.05% decrease in coverage | Simon Warta | 2017-04-08 | 1 | -0/+15 |
| | |||||
* | Merge GH #979 Doc fix [ci skip] | Jack Lloyd | 2017-04-05 | 1 | -1/+1 |
|\ | |||||
| * | Fix description of coprime parameter to random_prime() [ci skip] | René Korthaus | 2017-04-05 | 1 | -1/+1 |
| | | | | | | | | Found during a review by BSI |