aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Reformat code with astyle + fix code styleTomasz Frydrych2017-05-0187-1807/+2679
|
* Merge GH #1032 Throw exception with OpenSSL error message if OpenSSL API ↵Jack Lloyd2017-04-295-35/+65
|\ | | | | | | call fails
| * Throw OpenSSL exception if any OpenSSL function failed.Alexander Bluhm2017-04-295-35/+65
| | | | | | | | | | Checking for all failures helps to find problems early. The OpenSSL_Error() exception provides the OpenSSL error string.
* | Do not load OpenSSL error messages in library.Alexander Bluhm2017-04-281-1/+0
| | | | | | | | | | | | The function ERR_load_crypto_strings() should be called by the program or during library initializeation. Remove it from get_openssl_enc_pad(), this looks like an accident.
* | Show OpenSSL error messages if test fails.Alexander Bluhm2017-04-281-0/+10
|/ | | | | | Call ERR_load_crypto_strings() during test initialization if the openssl provider is also tested. This gives human readable error messages.
* Merge GH #1000 Support seeking in CTR modeJack Lloyd2017-04-273-25/+2856
|\
| * Refactor: remove big-endian addition code duplicationRené Meusel2017-04-132-18/+27
| |
| * Refactor: use ::seek(0) in CTR_BE::set_iv()René Meusel2017-04-131-18/+1
| |
| * add test sets for CTR-BE(***)René Meusel2017-04-131-0/+2810
| |
| * Add implementation of CTR_BE::seek()René Meusel2017-04-132-2/+31
| |
* | Merge GH #1024 Further configure cleanups, make pylint mandatoryJack Lloyd2017-04-271-3/+7
|\ \
| * | Make configure script pylint2 complientSimon Warta2017-04-261-2/+6
| | |
| * | Put lint travis job into actionSimon Warta2017-04-261-2/+2
| | |
* | | Merge GH #1022 Support CBC ciphers via OpenSSLJack Lloyd2017-04-276-71/+344
|\ \ \
| * | | Implement cipher modes with OpenSSL.Alexander Bluhm2017-04-256-71/+344
| |/ / | | | | | | | | | | | | | | | Use the OpenSSL provider to implement AES CBC mode. Also pass down the provider to the encryption layer if there is no matching OpenSSL mode. Add a test with empty nonce.
* | | Merge GH #1017 Complete wildcard handling for X.509 certificatesJack Lloyd2017-04-273-4/+178
|\ \ \
| * | | Complete wildcard handling for X.509 certificatesRené Korthaus2017-04-203-4/+178
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Hostname validation is used to make sure the certificate hostname matches the hostname of the connected host. RFC 6125 allows one wildcard in the left-most label of a hostname. Up to now, we only supported only the wildcard as the left-most label, e.g., www.example.com would match *.example.com, but www.example.com would not match www*.example.com, although it is permitted. Also adds test vectors from RFC 6125 as well as the OpenSSL test suite.
* | | | Merge GH #1023 Add missing functions to TLS::Text_PolicyJack Lloyd2017-04-271-1/+13
|\ \ \ \
| * | | | Make it easier to customize Text_Policy when inheriting from itlouiz’2017-04-271-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This way, the library user can improve the class by adding missing functions or some other tweak they may find useful. Without any access to m_kv this is impossible.
| * | | | Add some missing function overrides in TLS::Text_Policylouiz’2017-04-251-0/+12
| | |/ / | |/| |
* | | | Merge GH #1027 Add error return to botan_mp_to_strJack Lloyd2017-04-272-1/+4
|\ \ \ \
| * | | | Add explicit return to FFI botan_mp_to_str.Daniel Wyatt2017-04-262-1/+4
| |/ / / | | | | | | | | | | | | This way we know if the buffer is insufficient.
* | | | Add BOTAN_ALIGNAS macro for MSVC 2013Jack Lloyd2017-04-271-0/+9
| | | | | | | | | | | | | | | | GH #1009
* | | | In text-based tests clear all data if algo changesJack Lloyd2017-04-271-0/+1
|/ / / | | | | | | | | | | | | | | | | | | Curious test failure, HMAC(MD5) failing with "invalid IV length" (HMAC doesn't support an IV), it turned out to be the IV was left around from the previously run GMAC test. Just clear out all vars if a new [algo] header is seen in the file.
* | | Filter provider in test loops, skip text based without provider.Alexander Bluhm2017-04-218-22/+48
| | | | | | | | | | | | | | | | | | | | | | | | The tests for block, hash, stream, pubkey, and mac loop over all possible crypto providers. If a specific provider is given on the botan-test command line, use only this one. If the provider to be tested is restricted, skip text based tests that do not have a possible provider.
* | | Run tests for a specific provider.Alexander Bluhm2017-04-213-2/+48
|/ / | | | | | | | | | | | | | | Currently botan runs the tests for all crypto providers it can find. Add a --provider option for botan-test to specify exactly one provider. This allows to see which parts of a specific implementation have been tested. Pass down the given provider to a specific test class.
* | Merge GH #1002 Cleanups in configure.py main functionJack Lloyd2017-04-191-1/+1
|\ \
| * | Make template variable misc_config more specificSimon Warta2017-04-181-1/+1
| | |
* | | Fix Clang warning in ffiJack Lloyd2017-04-191-121/+117
|/ / | | | | | | | | | | | | The do_get_field functions had C linkage but returned BigInt, which is a warning under Clang at least. Move these functions up outside of the extern "C" block, and rename them to not match the FFI function since these are not publically accessible APIs, just helper functions.
* | Use 3 arg BOTAN_UNUSED in a codepath that is compiled oftenSimon Warta2017-04-171-3/+1
| | | | | | | | | | just to verify the implementation works fine across platforms and compilers
* | Mark correct variables unused in FFI botan_{pub,priv}key_load_elgamalSimon Warta2017-04-161-7/+2
| | | | | | | | Closes #1011
* | Improve unused handling in ffi methodsSimon Warta2017-04-161-16/+8
| | | | | | | | | | Make sure `key` is not touched when method is not implemented. Use one line UNUSED statements
* | Let BOTAN_UNUSED take between 1 and 9 argumentsSimon Warta2017-04-161-2/+26
| |
* | Merge GH #1006 Fix FFI cipher interface (see also GH #1003)Jack Lloyd2017-04-152-65/+207
|\ \
| * | Add tests of GCM and CTR modeJack Lloyd2017-04-141-64/+205
| | |
| * | Fix FFI cipher interfaceJack Lloyd2017-04-142-11/+12
| | | | | | | | | | | | | | | | | | Was totally broken, when not encrypting in one shot. (GH #1003) Enable the test, which had been commented out :(
* | | Guard include of ElGamal headerJack Lloyd2017-04-151-1/+4
| | |
* | | Support for ElGamal in FFI interfaceKrzysztof Kwiatkowski2017-04-143-1/+168
|/ / | | | | | | | | | | * Adds `botan_pubkey_load_elgamal' and `botan_privkey_load_elgamal' functions to FFI interface. * Adds test `ffi_test_elgamal'
* | Merge GH #989 Avoid recursion in BER_Decoder::get_next_objectJack Lloyd2017-04-132-11/+83
|\ \
| * | Add test for OSS-Fuzz 813Jack Lloyd2017-04-131-0/+67
| | |
| * | Avoid recursion in BER_Decoder::get_next_objectJack Lloyd2017-04-091-11/+16
| | |
* | | Add hex encoder/decoder CLI utilJack Lloyd2017-04-131-0/+37
| | |
* | | Add HMAC CLI commandRené Korthaus2017-04-131-0/+48
| |/ |/|
* | fix missing flush in DataSink_Stream::end_msgPhilippe Lieser2017-04-103-0/+39
| |
* | Fix afl fuzzer build [ci skip]Jack Lloyd2017-04-091-1/+1
|/
* Add another AES-128 CFB testJack Lloyd2017-04-081-0/+6
| | | | | Generated by OpenSSL, I needed this to help test https://github.com/riboseinc/rnp/pull/48
* Small ffi fixesJack Lloyd2017-04-082-4/+6
| | | | | | | | | Constify arg to botan_pk_op_decrypt, and correct comment on botan_mp_is_positive, which returns true even for zero. Considered changing botan_mp_is_positive to match the comment, and return false for zero, but we already test that botan_mp_is_positive(0) == 1, so I left it as is and fixed the comment.
* Configure codecov to accept a 0.05% decrease in coverageSimon Warta2017-04-081-0/+15
|
* Merge GH #979 Doc fix [ci skip]Jack Lloyd2017-04-051-1/+1
|\
| * Fix description of coprime parameter to random_prime() [ci skip]René Korthaus2017-04-051-1/+1
| | | | | | | | Found during a review by BSI