summaryrefslogtreecommitdiff
path: root/src/regress/lib (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* wycheproof: move AES key wrap tests to v1tb2025-09-051-4/+4
|
* wycheproof: add support for EcCurve teststb2025-09-051-1/+103
| | | | | | This checks for a collection of prime order groups (secp, Brainpool, FRP) the curve parameters are corrct. The collection is a superset of our built-in curves, so we get one more validation for exxentially free.
* wycheproof: add custom JSON unmarshaler big integerstb2025-09-051-9/+58
| | | | | | | | | | | Since the wycheproof tests were written in Java, they inherited some of that language's weirdnesses. For example, the hex representation may have odd length, is 2-complement and needs zero-padding if the top bit of a nibble is set, similar to ASN.1 integers. This is needed for correctly decoding the Primality test cases, which worked nicely in v0 but no longer for v1. Convert the Primality test to use this.
* wycheproof: make RSA tests worktb2025-09-051-43/+79
| | | | | | There's more work needed here since some of the tests are designed to test the signing side of things, where we only verify. To be dealt with later.
* wycheproof: move ECDSA tests to v1tb2025-09-051-14/+15
| | | | | | | | | | | | | This excludes the bitcoin tests since our ECDSA_verify() doesn't have the logic to enforce s < order / 2 to avoid the well-known malleability issue with secp256k1 that (r, s) is valid if and only if (r, order - s) is valid. Moreover, add a workaround for overly picky P1363 tests where only correctly padded P1363 signatures are accepted. As the test authors say "To our knowledge no standard (i.e., IEEE P1363 or RFC 7515) requires any explicit checks of the signature size during signature verification." In fact, the problem really is in the test code, not in libcrypto and is a bit annoying to fix in a non-silly way.
* wycheproof: move ECDH tests to v1 (skip PEM for now)tb2025-09-051-6/+5
|
* wycheproof: move AES to v1 and explicitly skip gmac testtb2025-09-051-3/+3
|
* wycheproof: go fmttb2025-09-041-6/+6
|
* wycheproof: move HKDF to v1tb2025-09-041-2/+2
|
* wycheproof: move EdDSA to v1tb2025-09-041-7/+7
| | | | | eddsa_test.json is now ed25519_test.json and again key* was renamed to PublicKey*.
* wycheproof: move DSA to v1tb2025-09-041-6/+6
| | | | key* are now called PublicKey*, so change teh json tags accordingly.
* wycheproof: move x25519 to v1tb2025-09-041-5/+5
|
* wycheproof: migrate {,X}ChaCha20-Poly1305 to v1tb2025-09-041-3/+3
|
* wycheproof: migrate HMAC to v1tb2025-09-041-3/+3
| | | | | This is straightforward since the schema did not change. This adds coverage for HMAC-SHA512/224 and HMAC-SHA512/256.
* wycheproof: add struct to support the testvector_v1 schematb2025-09-041-7/+26
|
* wycheproof: add version sum type and annotate all tests as v0tb2025-09-041-30/+41
| | | | | The version is passed to the test runner, so it can unmarshal the v0 and v1 JSON as appropriate later on.
* wycheproof: use local variables for testGroups and algorithmtb2025-09-041-7/+11
|
* wycheproof: start migrating to testvectors_v1tb2025-09-041-4/+5
| | | | | | | | | | | | In https://github.com/C2SP/wycheproof/pull/169, upstream removed the testvector/ path, thereby creating the need to migrate if we want to benefit from future changes and tests. While this has been around for a very long time and generally provided more and better coverage, there never was sufficient motivation to do so. As a first step, change use of the testVectorPath constant to use of a path variable so we can switch the tests one by one by appending _v1 when appropriate.
* ec_asn1_test: fix error messagetb2025-08-261-2/+2
|
* ec_asn1_test: d'oh. actually ensure all builtin curves are of prime ordertb2025-08-261-6/+6
|
* ec_asn1_test: ensure all builtin curves are of prime ordertb2025-08-261-1/+58
|
* rsa_method_test: point at correct function in error stringtb2025-08-261-2/+2
|
* freenull: missing target deps, use -Wall -Werror like elsewheretb2025-08-251-2/+4
|
* freenull.c.head: include mlkem.h for MLKEM_{private,public}_key_free()tb2025-08-251-1/+2
|
* Also print addresses of the _libre_ symbolstb2025-08-221-2/+6
|
* fix symbols test to actually detect missing _libre_ symbolstb2025-08-221-2/+2
|
* mlkem tests: include the public <openssl/mlkem.h>tb2025-08-172-5/+5
|
* Change gmtime() to return time in UTC rather than GMT, as required by our ownphessler2025-08-171-79/+79
| | | | | | manpage, POSIX, C standards, and other OSes. OK kettenis@, millert@
* mlkem_tests: remove unneded ret variable from mlkem_{decap,keygen}_tests()tb2025-08-151-19/+11
|
* Fix includes in mlkem unit and iteration teststb2025-08-154-16/+5
|
* mlkem_tests no longer depends on mlkem_tests_utiltb2025-08-151-2/+2
|
* mlkem_tests: use public mlkem.h, no longer needs mlkem_tests_util.htb2025-08-151-4/+3
|
* mlkem_tests: mop up after feral openssl devs were heretb2025-08-151-83/+91
|
* mlkem_unittest: undo unnecessary variable renamingtb2025-08-151-5/+5
|
* Add a reasonable ML-KEM API for public use.beck2025-08-145-593/+396
| | | | | | | | | | | | | | | Adapt the tests to use this API. This does not yet make the symbols public in Symbols.list which will happen shortly with a bump. This includes some partial rototilling of the non-public interfaces which will be shortly continued when the internal code is deduplicated to not have multiple copies for ML-KEM 768 and ML-KEM 1024 (which is just an artifact of unravelling the boring C++ code). ok jsing@, tb@
* Add benchmarks for 384 bit x 384 bit multiplication and 384 bit squaring.jsing2025-08-121-1/+14
|
* Add missing make dependency as the oclo binary depends onanton2025-08-091-1/+3
| | | | | ocloexec_verify. Take the easy route and ensure all binaries are built before the regress make target.
* link illumos oclo test to the treetb2025-08-041-2/+2
|
* Provide benchmarks for EC arithmetic.jsing2025-08-032-1/+212
| | | | | This provides benchmarking for EC_POINT_add(), EC_POINT_dbl() and EC_POINT_mul()'s scalar * generator path.
* Provide harness to run illumos's oclo tests from libc regresstb2025-08-023-0/+32
| | | | | | | This depends on the illumos-os-tests port I just imported and can be linked to the build once guenther lands the close-on-fork diff. Adapted from an initial diff by Ricardo Branco
* hash_test: remove variable name from prototype and fix a casttb2025-08-021-3/+3
|
* Retire interop tests with OpenSSL 3.3 and 3.4tb2025-07-259-141/+11
|
* regress/libcrypto/x509/bettertls: switch to eopenssl35tb2025-07-231-4/+4
|
* regress/libcrypto/ec: switch to openssl35tb2025-07-231-4/+4
|
* ec_asn1_test: fix includestb2025-07-231-1/+5
|
* ectest: fix includestb2025-07-231-6/+3
|
* c2sp: unhook openssl 3.3 and 3.4tb2025-07-231-2/+2
|
* libcrypto regress: add interop harness for openssl/3.5tb2025-07-098-10/+75
|
* libcrypto regress: move GOCACHE to obj/tb2025-07-093-12/+28
| | | | | | | | | | | | | While it may be acceptable for Go to fill regular users' homedirs with a compiler cache that is unable to deal with corruption and full disks, this is terrible for people running regress as root since the cache can quickly grow to hundreds of megs and can thus result in all sorts hilarity below /root. Move the GOCACHE under ${.OBJDIR} and use a cleanup target to get rid of it again. This makes these tests a bit slower for regular users as well, but so be it. Let's see how this goes before I switch libtls to the same model. discussed with claudio and jsing
* Add minimal regress coverage for AES-XTSjsing2025-07-051-2/+183
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2026-01-11 19:03:47 +0000