| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Check return value of every BN_* functions in bntest | inoguchi | 2017-02-23 | 1 | -393/+426 |
| | | | | | | | | - add macro CHECK_GOTO - unify function return code to rc - add err: label for error goto ok bcook@ | ||||
| * | Remove unused variable in C source to make the test compile and pass. | bluhm | 2017-02-07 | 1 | -1/+0 |
| | | |||||
| * | LibreSSL : regress for carry bug in mulx4x_mont and sqr8x_mont | inoguchi | 2017-01-31 | 1 | -1/+78 |
| | | | | | | | | | | | | | This regress bntest.c patch is originally from master branch of OpenSSL. - dca2e0e test/bntest.c: regression test for CVE-2016-7055. - 3e7a496 test/bntest.c: regression test for carry bug in bn_sqr8x_internal. These tests were added for these commit. - 2fac86d bn/asm/x86_64-mont.pl: fix for CVE-2016-7055 (Low severity). - 3f4bcf5 bn/asm/x86_64-mont5.pl: fix carry bug in bn_sqr8x_internal. ok beck@ | ||||
| * | Add start of a regress for cert gen and validation. not clean, won't | beck | 2017-01-25 | 5 | -0/+394 |
| | | | | | hook it up yet | ||||
| * | link in rsa test | beck | 2017-01-25 | 1 | -1/+2 |
| | | |||||
| * | Add rsa test from openssl, since it has a license now | beck | 2017-01-25 | 2 | -0/+344 |
| | | |||||
| * | Make explicit _ct and _nonct versions of bn_mod_exp funcitons that | beck | 2017-01-21 | 5 | -8/+143 |
| | | | | | | | | | | | | | matter for constant time, and make the public interface only used external to the library. This moves us to a model where the important things are constant time versions unless you ask for them not to be, rather than the opposite. I'll continue with this method by method. Add regress tests for same. ok jsing@ | ||||
| * | unhook ocsp test from the default since it currently requires network access and | beck | 2017-01-18 | 1 | -2/+1 |
| | | | | | therefore appears to break in bluhm's test setup | ||||
| * | Update libcrypto regress to handle header and non-exported symbol changes. | jsing | 2016-12-21 | 4 | -4/+10 |
| | | |||||
| * | Add regress for X25519, converted from BoringSSL. | jsing | 2016-11-05 | 3 | -1/+150 |
| | | |||||
| * | Set PROG so that the binary correctly gets recompiled when the libraries | miod | 2016-11-05 | 1 | -11/+5 |
| | | | | | | | it is linked against change. ok beck@ jsing@ | ||||
| * | Move pqueue regress from libcrypto to libssl, since that's where the pqueue | jsing | 2016-11-04 | 4 | -140/+1 |
| | | | | | | code now lives. Also unbreak the regress following the symbol hiding changes in libssl. | ||||
| * | import new BN tests from OpenSSL | bcook | 2016-09-03 | 2 | -167/+434 |
| | | | | | | | | New tests that various BIGNUM methods behave correctly on zero/even inputs. from OpenSSL ok beck@ | ||||
| * | Make this regress build again | beck | 2016-09-02 | 2 | -4/+4 |
| | | |||||
| * | add ca cert error check and make the path configurable | bcook | 2016-07-07 | 1 | -1/+9 |
| | | | | | from Kinichiro Inoguchi | ||||
| * | remove extra assignment of s from 1.11, fix regression test | bcook | 2016-07-05 | 1 | -2/+1 |
| | | |||||
| * | On systems where we do not have BN_ULLONG defined (most 64-bit systems), | bcook | 2016-07-05 | 1 | -4/+24 |
| | | | | | | | | | | | | | | | BN_mod_word() can return incorrect results if the supplied modulus is too big, so we need to fall back to BN_div_word. Now that BN_mod_word may fail, handle errors properly update the man page. Thanks to Brian Smith for pointing out these fixes from BoringSSL: https://boringssl.googlesource.com/boringssl/+/67cb49d045f04973ddba0f92fe8a8ad483c7da89 https://boringssl.googlesource.com/boringssl/+/44bedc348d9491e63c7ed1438db100a4b8a830be ok beck@ | ||||
| * | make less awful.. test against cloudflare too | beck | 2016-07-05 | 2 | -9/+19 |
| | | |||||
| * | Add a nasty little ocsp regress test in the hope pedants will make it better. | beck | 2016-07-04 | 3 | -1/+140 |
| | | |||||
| * | Remove flags for disabling constant-time operations. | bcook | 2016-06-30 | 2 | -70/+33 |
| | | | | | | | | | This removes support for DSA_FLAG_NO_EXP_CONSTTIME, DH_FLAG_NO_EXP_CONSTTIME, and RSA_FLAG_NO_CONSTTIME flags, making all of these operations unconditionally constant-time. Based on the original patch by César Pereid. ok beck@ | ||||
| * | Gix misleading indent pointed out by GCC 6.1.libressl-v2.4.0 | bcook | 2016-05-30 | 1 | -4/+4 |
| | | | | | ok beck@ jsing@ | ||||
| * | Update AEAD regress to match EVP_aead_chacha20_poly1305() changes. | jsing | 2016-04-28 | 2 | -83/+83 |
| | | |||||
| * | After opening an AEAD, ensure that the decrypted output matches the | jsing | 2016-04-13 | 1 | -0/+5 |
| | | | | | plaintext for the regress test case. | ||||
| * | check return value for BN_hex2bn in regression tests | bcook | 2016-03-13 | 1 | -4/+10 |
| | | |||||
| * | initialize pointer to avoid undefined free on failure | bcook | 2015-12-28 | 1 | -2/+2 |
| | | | | | ok beck@ | ||||
| * | Add EVP_aead_chacha20_poly1305_ietf() - The informational RFC 7539, | reyk | 2015-11-02 | 2 | -0/+42 |
| | | | | | | | | | | "ChaCha20 and Poly1305 for IETF Protocols", introduced a modified AEAD construction that is incompatible with the common style that has been already used in TLS with EVP_aead_chacha20_poly1305(). The IETF version also adds a constant (salt) that is prepended to the nonce. OK mikeb@ jsing@ | ||||
| * | print unsigned ints with %u, not %d. Reported by Pascal Cuoq. | miod | 2015-10-30 | 1 | -2/+2 |
| | | |||||
| * | Add explicit LL suffixes to the numerical constants which do not fit in 32 bits. | miod | 2015-10-30 | 1 | -8/+8 |
| | | |||||
| * | Pull in <sys/types.h> to get ssize_t or <stdint.h> to get uint32_t, instead of | miod | 2015-10-30 | 1 | -0/+1 |
| | | | | | | relying upon previously included headers to do this, to enhance portability; from Pascal Cuoq, libressl github pull request #52 | ||||
| * | Missing initializer; spotted by coverity. | miod | 2015-10-25 | 1 | -2/+2 |
| | | |||||
| * | Extend tests to call ASN1_{GENERALIZED,UTC,}TIME_set_string() with a NULL | jsing | 2015-10-22 | 1 | -1/+19 |
| | | | | | | | | pointer - because, you know, you might want to set a string on a NULL object. The previous implementation apparently allowed this as a way of testing if the string was valid... probably because the *_check() functions are only useable after the string has already been set. | ||||
| * | Fix case where we wanted to test ASN1_TIME_set_string() but were testing | jsing | 2015-10-22 | 2 | -6/+6 |
| | | | | | ASN1_UTCTIME_set_string() twice instead. | ||||
| * | Change regress to not believe legacy times are valid | beck | 2015-10-19 | 1 | -65/+4 |
| | | |||||
| * | Add another invalid time, which is currently accepted. | jsing | 2015-10-02 | 1 | -1/+4 |
| | | |||||
| * | Fix a bug in the regress, and be much more pedantic about what is allowed | beck | 2015-09-30 | 1 | -22/+46 |
| | | | | | | | | per RFC 5380 in an X509. RFC 5280 states that all times before 2050 must be specified as a UTCtime, not a Generalized time, and all times after must be a UTC time. By extension this also means the smallest time allowed per RFC 5280 is 500101000000Z and the largest is 99991231235959Z.. | ||||
| * | Add an rfc5280 test suite to test x509_cmp_time. | beck | 2015-09-29 | 2 | -2/+362 |
| | | | | | | | Note some of these will yet fail with the current libcrypto as the current X509_cmp_time is not RFC5280 compliant ok jsing@ | ||||
| * | Fix sha2 regression test for libcrypto. | doug | 2015-09-29 | 1 | -2/+2 |
| | | | | | | | | | | By default, "openssl sha" used SHA-0. However, it was possible to use the form "openssl sha -sha256" to run SHA-256 instead. The regression test used this form. Since we removed SHA-0 support, the regress tests should now call "openssl <digest>". ok guenther@, bcook@ | ||||
| * | Add DER encoding/decoding coverage for ASN.1 GENERALIZEDTIME and UTCTIME. | jsing | 2015-09-25 | 1 | -39/+158 |
| | | |||||
| * | Add initial regress tests for ASN.1 times. | jsing | 2015-09-25 | 3 | -1/+372 |
| | | |||||
| * | Temporarily revive MD4 for MS CHAP support. | doug | 2015-09-14 | 3 | -1/+136 |
| | | |||||
| * | Remove MD4 support from LibreSSL. | doug | 2015-09-13 | 3 | -136/+1 |
| | | | | | | | | | MD4 should have been removed a long time ago. Also, RFC 6150 moved it to historic in 2011. Rides the major crank from removing SHA-0. Discussed with many including beck@, millert@, djm@, sthen@ ok jsing@, input + ok bcook@ | ||||
| * | Another style(9) grenade. | jsing | 2015-09-13 | 1 | -550/+825 |
| | | |||||
| * | Remove SHA-0 support. | doug | 2015-09-13 | 4 | -176/+1 |
| | | | | | | | | SHA-0 was withdrawn shortly after publication 20 years ago and replaced with SHA-1. This will require a major crank. ok bcook@, jsing@ | ||||
| * | Remove explicit NULL checks before *_free() calls and tidy some code. | jsing | 2015-09-13 | 1 | -28/+22 |
| | | |||||
| * | Use ECDH_size() and do some other clean up. | jsing | 2015-09-13 | 1 | -7/+6 |
| | | |||||
| * | remove e_os2.h includes | bcook | 2015-09-13 | 1 | -1/+0 |
| | | | | | ok jsing@ | ||||
| * | Wrap long lines. | jsing | 2015-09-13 | 1 | -16/+32 |
| | | |||||
| * | style(9) grenade. | jsing | 2015-09-13 | 1 | -153/+178 |
| | | |||||
| * | Cleanup enginetest a bit. | bcook | 2015-09-12 | 1 | -104/+84 |
| | | | | | | It was the only thing preventing -Werror from building on some systems due to the unchecked asprintf's. | ||||
| * | remove mysterious, decorative comment blocklets | bcook | 2015-07-18 | 1 | -21/+21 |
| | | |||||
 |
index : openbsd | |
| A mirror of https://github.com/libressl/openbsd.git |
| summaryrefslogtreecommitdiff |