aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Verify decoded length of GOST public keysJack Lloyd2021-06-101-0/+3
| | | | | | | | This format is fixed length, so verify that. Caught by OSS-Fuzz where UbSan noticed that if the decoded array was empty we would use &bits[0] of an empty vector. OSS-Fuzz 35123
* Remove dead function declarationsJack Lloyd2021-06-071-8/+2
|
* Small cleanups in EMSA1Jack Lloyd2021-06-071-10/+12
|
* FIX: export RSA pubkey via PKCS #11 w/o accessing sensitive dataRené Meusel2021-06-071-7/+3
|
* Move Roughttime test dataJack Lloyd2021-06-014-3/+3
|
* Move codec tests and dataJack Lloyd2021-06-016-264/+275
|
* Small test fixesJack Lloyd2021-05-304-12/+12
|
* In tests check for required keysJack Lloyd2021-05-3011-11/+19
| | | | | Correct various cases where tests were indicated to require keys which were actually optional or in a few cases not even used within the test.
* Split EMSA_PKCS1v15_Raw constructorsJack Lloyd2021-05-292-14/+15
|
* Skip negative test in ECDSAJack Lloyd2021-05-292-1/+20
| | | | | Since it cannot occur because we decoded from binary within the same function.
* Fix an ECKCDSA bugJack Lloyd2021-05-244-21/+77
| | | | | | Add some more test vectors (taken from https://github.com/ANSSI-FR/libecc) and fix a bug which occured when either the group was not an even multiple of 8 bits, or when the x,y coordinates had any leading zero bytes.
* Revamp x86 CPUIDJack Lloyd2021-05-241-8/+7
| | | | | | | | | Use the GCC intrinsics for gcc or clang Remove use of _cpuidex for Intel C++ since it seems to be missing in at least some situations (GH #2748) Allow using the inline asm on x86-32 or x32 modes
* Prevent using non-sensical padding schemesJack Lloyd2021-05-2211-8/+43
| | | | | Most padding schemes require message recovery, which, now that NR and RW have both been removed, limits their usage to RSA.
* Fix cast for ICC cpuid (GH #2748)Jack Lloyd2021-05-211-4/+1
|
* Fix a compilation problem with ICC (GH #2748)Jack Lloyd2021-05-211-6/+1
|
* Derive Cipher_Mode::authenticated via tag_sizeJack Lloyd2021-05-202-3/+1
|
* Merge GH #2747 Remove OpenMP supportJack Lloyd2021-05-204-11/+1
|\
| * Remove OpenMP supportJack Lloyd2021-05-194-11/+1
| |
* | Revert use of new safegcd bounds functionJack Lloyd2021-05-192-5/+5
| | | | | | | | | | OSS-Fuzz found a case where we didn't reach g == 0 at the end of the loop, which would cause an assert
* | Add missing limits includeJack Lloyd2021-05-191-0/+1
|/
* Test gcd in both directionsJack Lloyd2021-05-191-2/+4
|
* Add gcd results to speed cliJack Lloyd2021-05-191-2/+6
|
* When a test fails dump all of the keysJack Lloyd2021-05-191-3/+9
| | | | Makes debugging a bit easier
* DES doesn't use BMI2 anymoreJack Lloyd2021-05-191-2/+0
|
* Fix name constraint applicationJack Lloyd2021-05-085-6/+135
| | | | | | | A name constraint on an intermediate certificate should not constraint the intermediate itself, but only the subordinate certificates. Fixes GH #2737
* Name constraint fixesJack Lloyd2021-05-089-9/+236
| | | | | | | | | | | | Do not require name constraint extension to be critical. It is certainly a bad idea to issue non-critical name constraints, but it seems some CAs do use them in practice, and also most other implementations seem to accept such non-critical extensions. Fix name constraint DNS comparisons: previously these were case sensitive, which is wrong for DNS. GH #2735 and #2736
* Avoid early return from mem_pool fuzzerJack Lloyd2021-05-051-3/+1
|
* Remove redundant codeJack Lloyd2021-05-051-39/+22
| | | | Multiple returns of the same type in this header
* Merge GH #2734 Some MP header cleanupsJack Lloyd2021-05-0214-260/+186
|\
| * Avoid LGTM warningJack Lloyd2021-05-011-1/+3
| |
| * Use bigint_sub3 here instead of word_subJack Lloyd2021-05-011-5/+1
| |
| * Disable word_sub bypass for unrolled Montgomery redcJack Lloyd2021-05-012-25/+4
| |
| * More mp header cleanupsJack Lloyd2021-05-0111-79/+50
| |
| * Consolidate mp_madd.h into mp_asmi.hJack Lloyd2021-05-015-151/+129
| |
* | Merge GH #2733 Change CT::copy_output semanticsJack Lloyd2021-05-023-23/+92
|\ \
| * | Change CT::copy_output semanticsJack Lloyd2021-04-293-23/+92
| |/ | | | | | | | | | | Now if the flag is bad we always return an empty vector Add explicit tests for CT::copy_output
* | Merge GH #2731 Fix sstream formatting issues (see #2730)Jack Lloyd2021-05-027-26/+67
|\ \ | |/ |/|
| * Add a test of OID::to_stringJack Lloyd2021-04-271-0/+36
| | | | | | | | | | This is our canary in the coalmine for std::to_string respecting locale
| * Fix sstream usageJack Lloyd2021-04-276-26/+31
| |
* | Test both issuer and subject DNs for RDN SET testJack Lloyd2021-04-281-1/+3
|/
* Fix #2237 forcing OID::to_string to use C locale, avoiding thousand ↵Leonardo Backes Vargas2021-04-261-0/+1
| | | | separators from the process locale.
* Merge GH #2726 Add support for IRTF hash to curveJack Lloyd2021-04-2515-5/+739
|\
| * Implement draft-irtf-cfrg-hash-to-curveJack Lloyd2021-04-2515-5/+739
| | | | | | | | | | | | | | Specifically SSWU with xmd based expansion Currently only P-256, P-384 and P-521 are supported but in principle this could be extended to most curves except those with A*B == 0
* | Merge GH #2725 Modify BigInt constructorsJack Lloyd2021-04-2537-145/+218
|\ \
| * | Modify BigInt constructorsJack Lloyd2021-04-2437-145/+218
| |/ | | | | | | | | | | | | | | | | Add static methods for very common (eg zero, one) or very uncommon (eg ECSDA truncated integers) construction methods, instead of using C++ constructors for all of these. Also adds from_s32 which allows creating a negative BigInt easily, instead of -BigInt(-x) -> BigInt::from_s32(x)
* / Clean up some visibility issuesJack Lloyd2021-04-254-31/+31
|/
* Merge GH #2722 In RSA keygen require p, q differ by large rangeJack Lloyd2021-04-241-4/+13
|\
| * Don't loop forever if the RSA keygen rng is badJack Lloyd2021-04-211-1/+4
| |
| * In RSA keygen require that p and q differ by a wide rangeJack Lloyd2021-04-211-4/+10
| | | | | | | | This is required by FIPS 186-4 sec B.3.2
* | Allow disabling the thread pool at runtime via env variableJack Lloyd2021-04-212-10/+56
|/ | | | | | Currently this requires a manual reconfigure and recompilation. Not a complete fix for GH #2608 but at least a more convenient workaround.
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-13 08:36:35 +0000