summaryrefslogtreecommitdiff
path: root/src/regress/lib (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Provide a script to generate test certificates/keys.jsing2021-12-271-0/+263
| | | | | | | This will allow us to generate a variety of client and server certificates, including expired and revoked certificates, using both RSA and ECDSA. Discussed with tb@
* add missing include path; ok tb@anton2021-12-261-1/+2
|
* The RFC 3779 test needs LIBRESSL_CRYPTO_INTERNAL as lon as the APItb2021-12-241-2/+2
| | | | isn't public.
* Print the name of the test before we run it.jsing2021-12-241-1/+2
|
* Style tweak in {d2i,i2d}_IPAddrBlocks()tb2021-12-241-5/+5
|
* Drop -g -O0 from CFLAGStb2021-12-241-2/+2
|
* link rfc3779 test to buildtb2021-12-241-2/+2
|
* Add initial test coverage for RFC 3779 code.tb2021-12-242-0/+1804
| | | | | | | | | | | | | | This exercises the code paths that are reached from the validator and also tests that the public API behaves as expected. There is a lot more that could be done here, but this test is already big enough. Missing are tests for X509v3_{addr,asid}_validate_{path,resource_set}() themselves. One test failure is ignored and will be fixed in the near future when a bad logic error in range_should_be_prefix() is fixed. A consequence of this bug is that we will currently accept and generate DER that doesn't conform to RFC 3779.
* fix typo: boolean true should decode to 1, not 0tb2021-12-231-2/+2
|
* Add regress coverage for the crazy SCT_new_from_base64() API.jsing2021-12-201-1/+57
|
* support processing <openssl/bn.h>schwarze2021-12-181-3/+24
|
* To ease maintenance, structure the lists of intentionally undocumentedschwarze2021-12-161-55/+109
| | | | | | symbols according to the reason (internal, obsolete, postponed) and according to the header file (asn1, objects, x509, ...). Also, add some minor tweaks needed for <openssl/objects.h>.
* Add coverage for CBS additions.jsing2021-12-151-2/+50
|
* Some more ASN.1 struct types that are postponed (because they areschwarze2021-12-151-2/+5
| | | | | | related to templating macros) or intentionally undocumented. Apart from NETSCAPE, PCTX, and low-level templating stuff, all ASN.1 functions, types, and macros are now documented.
* tweak for the generated sourcetb2021-12-141-2/+2
|
* more symbols that are postponed or intentionally undocumented andschwarze2021-12-141-6/+55
| | | | some regexp tweaks; the relevant parts of asn1.h are nearing completion
* Add regress coverage for ASN1_get_object()jsing2021-12-141-1/+262
|
* Add regress for ASN1_tag2bit() and ASN1_tag2str()jsing2021-12-142-1/+135
|
* remove a couple hundred sys/param.h includes in userland code, andderaadt2021-12-1350-227/+77
| | | | | | also whack some sys/cdefs.h early includes which is such a brutally bad pattern ok bluhm mbuhl
* Merge two bugfixes in ASN1_STRING_TABLE_add(3) and ASN1_STRING_TABLE_get(3)schwarze2021-12-112-2/+131
| | | | | | | | | | | | | | | | | | | | | | from the OpenSSL 1.1.1 branch, which is still under a free license, mostly this commit: commit d35c0ff30b31be9fd5dcf3d552a16feb8de464bc Author: Dr. Stephen Henson <steve@openssl.org> Date: Fri Oct 19 15:06:31 2012 +0000 fix ASN1_STRING_TABLE_add so it can override existing string table values This fixes a segfault in ASN1_STRING_TABLE_add(3), which tried to change a static const entry when called with an nid already in the default table, and it switches the precedence of the two tables in ASN1_STRING_TABLE_get(3). In addition, it changes behaviour in the following minor ways: * Ignore negative minsize and maxsize arguments, not just -1. * Ignore a zero mask and zero flags. It's unclear whether these additional changes make the API absolutely better, but we want compatibility with OpenSSL in these functions. Tweaks & OK tb@.
* Fix missing return in asn1_compare_bytes()jsing2021-12-091-1/+2
|
* Add initial tests for coverage of ASN.1 complex/constructed types.jsing2021-12-092-1/+228
|
* Add initial tests for coverage of ASN.1 basic/primitive types.jsing2021-12-092-1/+135
|
* be more specific which NETSCAPE stuff to ignore, and whyschwarze2021-12-071-10/+7
|
* Some improvements allowing to handle asn1.h and x509v3.h:schwarze2021-12-071-10/+47
| | | | | | | | | | | | | * handle multiple qualifiers on the function return type * handle function pointer type declarations * handle unions inside structs * handle forward struct declarations * handle "typedef const" * handle ASN1_F_, ASN1_R_, and X509V3_R_ error constants * handle "#if defined" in the same way as "#ifdef" * skip whitespace between "#" and "define" * skip whitespace before C comments * ignore TYPEDEF_D2I2D_OF
* Add initial regress for CT.jsing2021-12-054-1/+415
| | | | This provides test coverage for SCT encoding/decoding.
* gross trailing whitespacetb2021-12-041-16/+16
|
* Free cert, key and ocsp_staple on exit of do_keypair_test().tb2021-12-041-1/+4
| | | | Reported by Ilya Shipitsine, discussed with jsing
* Convert main into single exit to appease asan.tb2021-12-041-22/+33
|
* Explicitly free EVP_MD_CTX to appease asan. Reported by Ilya Shipitsin.tb2021-12-041-10/+16
|
* Add regress for ECPKParameters ASN.1 encoding/decoding.jsing2021-12-042-2/+210
|
* Tell testers which packages to install right away (and why)kn2021-12-023-3/+7
| | | | | | | Other regress tests do it differently; just fix/thouch those that did not mention any package name at all. This helps grepping logs for SKIPPED to find instructions for the next run.
* Add regress for {d2i,i2d}_{,DSA_,EC_,RSA_}PUBKEY{,_bio}().jsing2021-11-302-1/+570
|
* make the bn/mont test compile with opaque DH.tb2021-11-261-4/+12
|
* Rework this test to compile with opaque RSAtb2021-11-251-282/+427
|
* Resolve last issue with opaque BIGNUM in this test.tb2021-11-251-3/+3
|
* Prepare ssltest for opaque DHtb2021-11-211-18/+39
|
* wycheproof: modify RSA tests to work with opaque RSA structtb2021-11-211-11/+57
|
* wycheproof.go: modify some DSA and ECDSA code to work with opaque structstb2021-11-211-5/+23
|
* Switch to BIO_up_ref() instead of adjusting references manually.tb2021-11-202-16/+6
|
* Use BIO_up_ref() instead of adjusting refcounts manuallytb2021-11-201-9/+3
|
* Mark the X509_VERIFY_PARAM_ID variable type as intentionallyschwarze2021-11-191-3/+16
| | | | | | | undocumented. It is an opaque struct used only internally, as a sub-object of the public X509_VERIFY_PARAM type. All related API functions take X509_VERIFY_PARAM arguments, so X509_VERIFY_PARAM_ID is of no interest to the user.
* Make function prototype parsing a bit stricter,schwarze2021-11-191-1/+1
| | | | | | | | | | reducing the risk of accidental misparsing: Require whitespace after the function return type (before the asterisk indicating that the function returns a pointer, if any) and do not accept whitespace between the function name and the opening parenthesis of the parameter list. These changes are not a problem because we want that style for KNF reasons anyway.
* Very quick and dirty script to help me check that the symbolsschwarze2021-11-191-0/+266
| | | | | | | | | | | | | | in one of the public openssl/ header files are all documented. Before attempting to read this code, make sure that you are fully vaccinated against leaning toothpick syndrome. Example usage: ./check_complete.pl x509_vfy ./check_complete.pl -v x509 | less Intentionally not linked to the build. jsing@ agrees with the general direction.
* sha512test: replace EVP_MD_CTX_{cleanup,init} pair with EVP_MD_CTX_resettb2021-11-181-3/+2
|
* gost: missed one cleanuptb2021-11-181-2/+2
|
* sha256test: EVP_MD_CTX_cleanup -> EVP_MD_CTX_resettb2021-11-181-4/+3
|
* gost2814789t: EVP_MD_CTX_cleanup -> EVP_MD_CTX_resettb2021-11-181-2/+2
|
* evptest: no need to call EVP_MD_CTX_cleanup() before EVP_MD_CTX_free()tb2021-11-181-4/+3
|
* Use HMAC_CTX_reset() instead of HMAC_CTX_cleanup() + HMAC_CTX_init()tb2021-11-181-5/+3
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-04 09:58:07 +0000