aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Add some final annotations in the PK testsJack Lloyd2017-01-021-7/+7
|
* Convert DH invalid key test to read from fileJack Lloyd2017-01-023-42/+62
|
* Merge GH #790 Add DH tests from NIST CAVPJack Lloyd2017-01-024-3/+315
|\
| * Add test vectors for public key checks from NIST CAVPRené Korthaus2017-01-021-0/+39
| |
| * Load q for DH public key in testsRené Korthaus2017-01-021-1/+11
| |
| * Add positive DH test vectors from NIST CAVPRené Korthaus2017-01-024-2/+265
| |
* | Merge GH #792 Fix BigInt::random_integer testJack Lloyd2017-01-021-9/+8
|\ \
| * | Increase value of ITERATIONS_PER_POSSIBLE_VALUE to 750Simon Warta2017-01-021-1/+2
| | | | | | | | | | | | to avoid test failures
| * | Simplify loop to foreach in test_random_integer()Simon Warta2017-01-021-2/+2
| | |
| * | Fix math in test_random_integer()Simon Warta2017-01-021-5/+3
| | | | | | | | | | | | | | | Removes complicated extra variable "dev", which was calculated incorrectly: if ratio = 0.0 then dev = 0.0, resulting in a test success.
| * | Rename ITERATIONS -> ITERATIONS_PER_POSSIBLE_VALUESimon Warta2017-01-021-3/+3
| |/
* / Don't use deprecated PK_Signer ctor in testsRené Korthaus2017-01-011-1/+1
|/
* Run python in coverage modeJack Lloyd2016-12-311-1/+1
|
* Add test for TPMJack Lloyd2016-12-311-0/+83
| | | | | | | Compiles, but basically untested as my machine with a working TPM suffered a fatal logic board failure some time ago. If TPM is compiled in but creating the TPM context fails, test assumes no hardware is available and returns.
* Fix for minimized buildJack Lloyd2016-12-311-1/+7
|
* Fix for EME-Raw being disabled as in BSI policyJack Lloyd2016-12-311-1/+8
|
* Remove SRP6 file supportJack Lloyd2016-12-312-133/+0
| | | | | | | | | | | | | It turns out SRP6 files use a different base64 alphabet than standard, and additionally Botan's decoding of the group id seems wrong though I haven't verified this second was a bug. In any case this code couldn't parse anything it was supposed to and never could. I had already planned on adding a database backed SRP store and removing this code but the fact that it's actually not functional for purpose suggests it's best to remove this now rather than let someone chance upon it and be endlessly frustrated that it doesn't seem to work because all the verifiers are garbled.
* Add a simple test of the all or nothing transformJack Lloyd2016-12-312-2/+58
|
* Add test that triggers Blinder to reinitialize stateJack Lloyd2016-12-311-0/+36
|
* Improve filter testsJack Lloyd2016-12-316-8/+127
| | | | | | | Fix a bug in Pipe::check_available that must date back 15 years... Add destructors to compression filter so unique_ptr destructor runs without user having to include an extra header for the owned type.
* Another fix for missing SHA1, and workaround Apple Clang problem.Jack Lloyd2016-12-311-8/+9
|
* Fix test with SHA-1 disabledJack Lloyd2016-12-311-0/+3
|
* Missing addJack Lloyd2016-12-311-0/+1
|
* Add more tests for random prime and DL group generationJack Lloyd2016-12-303-3/+120
|
* Increase default TLS DH min to 2048 bits, and add BSI policy class.Jack Lloyd2016-12-308-7/+85
| | | | | Moves BSI policy file to test data dir where it can be compared with what the hardcoded class outputs.
* Remove reference to CECPQ1_PSK OCB ciphersuite in test.Jack Lloyd2016-12-301-1/+0
| | | | | Initially planned, then decided to skip because supporting it requires more changes to the TLS handshake code than I want to do right now.
* Merge GH #785 Disable SHA-1 and weak RSA by default during cert validationJack Lloyd2016-12-304-13/+17
|\
| * Increase Path_Validation_Restrictions default min strength to 110Jack Lloyd2016-12-274-13/+17
| | | | | | | | | | Effectively disables 1024 bit RSA as well as SHA-1. Edit the tests where required to enable it again.
* | Add CECPQ1 OCB ciphersuitesJack Lloyd2016-12-303-25/+42
| | | | | | | | | | | | Clean up the ciphersuite generation script a bit. [ci skip]
* | Disable OpenSSL in lcov scriptJack Lloyd2016-12-301-1/+1
| | | | | | | | | | Kind of confuses the output. And also seems to crash for me (somewhere deep inside OpenSSL). Unclear what the problem is there.
* | Tiny code simplificationJack Lloyd2016-12-301-3/+1
| |
* | One more Camellia TLS test fixJack Lloyd2016-12-281-1/+8
| |
* | Fix Camellia TLS testsJack Lloyd2016-12-281-2/+9
| | | | | | | | | | | | Disabling SHA-256 in TLS 1.1/1.2 has the effect of disabling the Camellia ECDH ciphersuites. So the test policy ended up with an empty ciphersuite list, when negotiating older versions.
* | Merge GH #786 Fix fuzzer after #783 header changeJack Lloyd2016-12-281-1/+1
|\ \ | | | | | | | | | [ci skip]
| * | Fix building this fuzzerAlex Gaynor2016-12-281-1/+1
| |/ | | | | (untested)
* | Add tls_ciphers commandJack Lloyd2016-12-281-0/+123
| | | | | | | | Lists ciphersuites that will be sent for a particular policy/version.
* | Prohibit SHA256/SHA384 ciphersuites in TLS 1.0/1.1 (GH #496)Jack Lloyd2016-12-281-3/+10
|/
* Remove unnecessary BOTAN_DLL annotationsJack Lloyd2016-12-274-5/+5
|
* Speed up DSA param gen testJack Lloyd2016-12-264-14/+42
| | | | Record counter value in test data, and start the search from there.
* Travis did not like these long testsJack Lloyd2016-12-251-2/+2
|
* Fix XMSS speed commandJack Lloyd2016-12-241-4/+6
|
* Long test was too longJack Lloyd2016-12-241-6/+3
|
* Add test option --run-long-testsJack Lloyd2016-12-2413-58/+131
| | | | | | Previously longer tests were hidden behind higher 'soak levels' but these arbitrary cutoffs are confusing compared to a simple short tests/long tests split.
* Merge GH #783 Expose TLS message types to applicationsJack Lloyd2016-12-2421-31/+45
|\
| * Export tls_messages.h as a public headerRené Korthaus2016-12-2321-31/+45
| | | | | | | | | | | | | | TLS::Callbacks::inspect_handshake_message() allows applications to inspect all handshake messages, but this requires access to the types in tls_messages.h. As a matter of fact, this also exports tls_extensions.h as a public header.
* | Compile fixJack Lloyd2016-12-231-0/+1
| |
* | Fix file descriptor leak introduced in bcae34c0cJack Lloyd2016-12-232-5/+1
|/ | | | Caused tests to fail on CI
* Ignore the right thingJack Lloyd2016-12-231-1/+1
|
* Fix minimized buildJack Lloyd2016-12-231-0/+4
|
* Remove nested anon namespaceJack Lloyd2016-12-231-4/+0
|