aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Fix further compiler macro bug exposed by #921Jack Lloyd2017-03-191-1/+1
|
* BOTAN_TARGET_COMPILER_IS -> BOTAN_BUILD_COMPILER_ISDaniel Neus2017-03-152-2/+2
|
* Merge GH #913 Follow PKIX rules for X.509 time formattingJack Lloyd2017-03-132-24/+97
|\
| * Fix: UTCTime interpreted as GeneralizedTimeDaniel Neus2017-03-132-24/+97
| | | | | | | | | | | | | | | | | | | | | | | | Example: "200305100350Z" interpreted as "2003/05/10 03:50:00 UTC" correct is "2020/03/05 10:03:50 UTC" According to RFC 5280: UTCTime values ... MUST include seconds (i.e., times are YYMMDDHHMMSSZ) -> length 13 GeneralizedTime values ... MUST include seconds (i.e., times are YYYYMMDDHHMMSSZ) -> length 15 I think we should enforce the RFC5280 rules even if the ASN.1 rules are not that strict.
* | Merge GH #912 Fix OpenBSD shared lib nameJack Lloyd2017-03-132-9/+11
|\ \
| * | OpenBSD does not have 3 digit soname and library symlinks.Alexander Bluhm2017-03-132-9/+11
| |/ | | | | | | | | Set library name for openbsd to libbotan-2.so.0.0 and do not install symlinks.
* / Small fixes in API docs [ci skip]René Korthaus2017-03-092-4/+4
|/
* Merge GH #901 Allow OCSP requests without the full subject certificateJack Lloyd2017-03-076-18/+51
|\
| * Allow OCSP requests without the full subject certificateNuno Goncalves2017-03-046-18/+51
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A OCSP request doesn't need the full subject certificate. This extends the API to require instead of the subject certificate: * OCSP::Request: subject serial. * OCSP::online_check: subject serial AND ocsp responder url. API breaking change: * removal of OCSP::Request::subject() as OCSP::Request doesn't need to hold the certificate, but only the serial. Signed-off-by: Nuno Goncalves <[email protected]>
* | Merge GH #904 Fix memory leak in TLS testsJack Lloyd2017-03-031-4/+6
|\ \ | |/ |/|
| * fix mem leak in tls unit testsDaniel Neus2017-03-031-4/+6
| |
* | Change name constraint test to use a fixed reference timeJack Lloyd2017-03-031-2/+6
| | | | | | | | Test certs have expired.
* | Avoid calling memmove with a null source in PKCSv1 signature encodingJack Lloyd2017-03-031-1/+7
| | | | | | | | Only occured with EMSA_Raw. Caught by GCC 7 warning
* | Add missing include, caught by GCC 7Jack Lloyd2017-03-031-0/+1
| | | | | | | | Closes GH #903
* | Fix compiler warnings in timing_test CLIJack Lloyd2017-03-031-2/+4
|/
* Merge GH #902 Extend EC_PublicKey check, add EC_Group check, ECC invalid key ↵Jack Lloyd2017-03-028-4/+534
|\ | | | | | | tests
| * remove debug output from ecc_invalid unit testsNever2017-02-281-2/+0
| |
| * Merge pull request #2 from ↵Tobias | Never2017-02-285-1/+457
| |\ | | | | | | | | | | | | Rohde-Schwarz-Cybersecurity/extended-ec-public-key-checks Extended ec public key checks
| | * Add ECDSA key tests from Google's project WycheproofRené Korthaus2017-02-124-13/+57
| | |
| | * Add test vectors for invalid ECDSA public keys from FIPS 186-4René Korthaus2017-02-122-0/+185
| | |
| | * Add test vectors for invalid ECDSA public keys from FIPS 186-2René Korthaus2017-02-123-1/+228
| | |
| * | verify ec domain in EC_PublicKey::check_keyNever2017-02-281-1/+6
| | |
| * | EC_PublicKey::check_key for curves with cofactor > 1Never2017-02-271-1/+24
| | |
| * | Add ec_group verify functionNever2017-02-242-1/+49
| | |
* | | Merge GH #893 Remove ECC fixed window codeJack Lloyd2017-03-022-60/+7
|\ \ \
| * | | Converge on a single side channel silent ec mp alg: randomizedNever2017-02-222-60/+7
| | | | | | | | | | | | | | | | | | | | Montgomery ladder with order.bits()/2 bit scalar blinding and point randomization
* | | | Increase timing test defaultsJack Lloyd2017-02-261-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | Mona errors out on < 512 values per secret [ci skip]
* | | | Merge GH #894 Add timing_test command line utilJack Lloyd2017-02-261-0/+454
|\ \ \ \
| * | | | Add `botan timing_test` command line utilityJack Lloyd2017-02-261-0/+454
| | | | |
* | | | | The certificate being tested by the OCSP online test has expired.Jack Lloyd2017-02-261-1/+2
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This caused a test failure if run with --run-online-tests. This is not the default but it caused the coverage build to fail. Fix the test to reflect expired status. The whole thing does not seem wholly satsifactory since we are still relying the behavior on an external party, perhaps a mock OCSP responder should be created for the tests.
* | | | Add missing try/catch in invalid signature testJack Lloyd2017-02-261-2/+10
| | | | | | | | | | | | | | | | From GH #889
* | | | Merge GH #891 Constant time decoding for ISO 9796 unpaddingJack Lloyd2017-02-261-14/+26
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | Including missing length check #888 Replaces #889
| * | | | fix possible iso9796 side channel and add length checkNever2017-02-211-14/+26
| |/ / /
* | / / Remove verify_end() chained immediatly before end_cons() (close #890)Nuno Goncalves2017-02-258-12/+0
| |/ / |/| | | | | | | | | | | | | | | | | BER_Decoder::end_cons() allready assures the verify_end() function, so it is redundant. Signed-off-by: Nuno Goncalves <[email protected]>
* | | In CLI, if system RNG is available prefer itJack Lloyd2017-02-232-3/+10
|/ /
* | Fix ECDSA timing test dataJack Lloyd2017-02-201-1/+1
| | | | | | | | | | | | See GH #880 [ci skip]
* | Avoid use of deprecated function in (deprecated) Serialized_RNG constructorJack Lloyd2017-02-192-2/+12
| |
* | Merge GH #880 Add ECDSA timing testsJack Lloyd2017-02-195-1/+71
|\ \
| * | Add ecdsa timing testNever2017-02-165-1/+71
| | |
* | | Merge GH #881 Adjust number of Miller-Rabin iterations in DSA param gen and ↵Jack Lloyd2017-02-192-3/+3
|\ \ \ | | | | | | | | | | | | RSA checks
| * | | increase miller-rabin iterations for RSA strong check_key. We call is_prime ↵Never2017-02-131-1/+1
| | | | | | | | | | | | | | | | with prob=128 during sampling and we should check with the same prob
| * | | increase miller-rabin iterations for dsa primes (FIPS-186-4)Never2017-02-131-2/+2
| |/ /
* | | Merge GH #886 Improve ffi docsJack Lloyd2017-02-191-29/+196
|\ \ \
| * | | Document hash, rng, mac, pbkdf and kdf in ffi handbookRené Korthaus2017-02-191-34/+171
| | | |
| * | | Add more docs for ffiRené Korthaus2017-02-191-1/+31
| | | |
* | | | CLI OCSP: fix expected OK return codeNuno Goncalves2017-02-181-1/+1
|/ / / | | | | | | | | | Signed-off-by: Nuno Goncalves <[email protected]>
* | | Fix botan-test verbose modeRené Korthaus2017-02-142-2/+2
| | |
* | | Remove std::cout accidentally left from debuggingRené Korthaus2017-02-121-4/+0
| |/ |/|
* | Resolve Doxygen error in cpuid.hJack Lloyd2017-02-111-1/+2
| | | | | | | | The macro has to be on its own line or Doxygen gets confused.
* | Fix compiling TLS tests without DSAJack Lloyd2017-02-111-0/+2
|/