| Commit message (Collapse) | Author | Age | Files | Lines |
|\ |
|
| |
| |
| |
| |
| |
| |
| | |
TLS::Callbacks::inspect_handshake_message() allows applications
to inspect all handshake messages, but this requires
access to the types in tls_messages.h. As a matter of fact,
this also exports tls_extensions.h as a public header.
|
| | |
|
|/
|
|
| |
Caused tests to fail on CI
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
Fix a bug in how the 6144 and 8192 IETF MODP groups were encoded; they
have g and q values switched. Fixed by just switching the PEM header
to match the actual encoded format.
Rename DL_Group::X942_DH_PARAMETERS to ANSI_X9_42_DH_PARAMETERS to avoid
a macro conflict with Windows cryptography headers (GH #482)
|
| |
|
|
|
|
|
| |
Expose Data{Source,Sink}_Stream types even if no filesystem is
available. Instead just guard the constructors taking a pathname.
|
| |
|
| |
|
| |
|
| |
|
|\ |
|
| |
| |
| |
| | |
available in all groups
|
| | |
|
| |
| |
| |
| | |
described in rfc2785
|
| |
| |
| |
| | |
increased number of Miller-Rabin iterations, if strong is set (we pass 128 as prob in make_prm.cpp).
|
| |
| |
| |
| |
| | |
A set of carefully generated invalid signatures which are sometimes
accepted by implementations due to bugs in padding verification.
|
| |
| |
| |
| |
| | |
Remove test files for CVC as well as various tests which have
subsequently been rewritten.
|
| |
| |
| |
| |
| |
| | |
All 76 of the NIST certificate tests use the same root certificate
and that issuer has an identical CRL for each test.
So, just have the one copy.
|
| |
| |
| |
| |
| |
| |
| | |
Add a long list of 'false' primes from Google's Wycheproof tests:
https://github.com/google/wycheproof/blob/master/java/com/google/security/wycheproof/testcases/BigIntegerTest.java
Split vector file format into Prime and NonPrime sections for easier reading.
|
|\ \ |
|
| | | |
|
|/ /
| |
| |
| |
| | |
- for PKCS11::Slot
- for PKCS11::Session
|
| | |
|
| |
| |
| |
| |
| |
| | |
Turns out astyle has some bugs wrt C++11 initialize lists. Rather
than having astyle mangle all of the tests, convert to using a string
which is split once at the start instead of a vector of keys.
|
| |
| |
| |
| | |
Little easier to read perhaps, and helps prevent some astyle confusion.
|
| |
| |
| |
| |
| |
| | |
Renames a couple of functions for somewhat better name consistency,
eg make_u32bit becomes make_uint32. The old typedefs remain for now
since probably lots of application code uses them.
|
| |
| |
| |
| | |
[ci skip]
|
| |
| |
| |
| |
| |
| | |
GH #726
[ci skip]
|
| |
| |
| |
| |
| | |
Also use a const time comparison for the finished message, though
I don't see any real way of exploiting that timing channel.
|
|\ \ |
|
| | |
| | |
| | |
| | |
| | | |
OpenSSL 1.0.2 added support for brainpool curves, so we
can use it provided the version check succeeds.
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| | |
Some attempts at reducing overhead in ECC math tests, unclear if
really changed anything for my machine but probably can't hurt.
Fix LLVM build flags
[ci skip]
|
| |
| |
| |
| |
| |
| | |
The previous assert had been already put there for the benefit
of clang-analyzer, but in Clang 3.9 it does not help. Instead
test X value directly, which works.
|
| |
| |
| |
| |
| |
| |
| | |
Matches how OpenSSL/BoringSSL fuzzers work which is useful because fuzzer
corpus can be cross-pollinated among implementations.
[ci skip]
|
| |
| |
| |
| | |
[ci skip]
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
GH #754 exposed a bug in the non-Montgomery exponentiation case.
It turned out then when the fixed window was picked to any value
> 1, the result would be incorrect due to an off by one. This is
the one line fix in powm_fw.cpp
Also fix a bug in bigint_mul which caused incorrect results,
because the output BigInt was not being zeroed out before use. This
is only exposed in rare cases, found (somewhat indirectly) in
OSS-Fuzz #287.
Add more modular exponentiation tests, which would have caught
these issues earlier.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add explicit length limitations, to prevent the fuzzer from just
giving us increasingly long inputs until timeout occurs due
to non-linear algorithms.
Use LLVM fuzzer interface in all cases, and just have AFL driver
call that API when a define is set to include a main function.
OSS-Fuzz will be using the LLVM API, regardless of the fuzzing engine.
[ci skip]
|
|/
|
|
| |
[ci skip]
|
| |
|
|
|
|
| |
Technically defined, but should never be seen in practical crypto context.
|
|\ |
|
| |
| |
| |
| |
| |
| |
| | |
Changes all the Public_Key derived classes ctors to take a
std::vector instead of a secure_vector for the DER encoded
public key bits. There is no point in transporting a public
key in secure storage. (GH #768)
|
|/ |
|
|\ |
|