Commit Graph

546 Commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard
cab4a8807c Add RIPEMD-160 (core functions) 2014-01-17 14:04:25 +01:00
Manuel Pégourié-Gonnard
f51c8fc353 Add support for secp256k1 arithmetic 2014-01-10 18:17:18 +01:00
Manuel Pégourié-Gonnard
937340bce0 Add ecdsa_write_signature_det() 2014-01-06 15:29:03 +01:00
Manuel Pégourié-Gonnard
4daaef7e27 Add ecdsa_sign_det() with test vectors 2014-01-06 15:29:03 +01:00
Manuel Pégourié-Gonnard
fae079e4c5 Adapt ECDSA tests to new ecp_gen_keypair() 2014-01-06 11:01:24 +01:00
Manuel Pégourié-Gonnard
217a29c844 Fix bug in rnd_pseudo_rnd() test helper function
Only the first 4 bytes of the output were set, the rest was untouched.
2014-01-03 12:19:19 +01:00
Paul Bakker
5bc07a3d30 Prepped for 1.3.3 2013-12-31 10:57:44 +01:00
Paul Bakker
3a8cb6ff8e Proper const modifier in test_suite_x509_csr_check() 2013-12-30 20:41:54 +01:00
Paul Bakker
fe40f484fb Do not print error on missing kill target in compat.sh 2013-12-19 17:47:24 +01:00
Paul Bakker
20ed0f7e6d Fixed compat.sh arguments line in test-ref-configs.pl 2013-12-19 17:45:11 +01:00
Paul Bakker
a5320904bf Fixed dependency on POLARSSL_GENPRIME in PK tests 2013-12-19 17:29:52 +01:00
Paul Bakker
30a3062782 Added ability to filter configs in test-ref-configs.pl 2013-12-19 17:09:49 +01:00
Paul Bakker
474c2ce05f Fixed dependencies for some tests 2013-12-19 16:40:30 +01:00
Paul Bakker
5a607d26b7 Merged IPv6 support in the NET module 2013-12-17 14:34:19 +01:00
Manuel Pégourié-Gonnard
c9baa873ca Force server to IPv4 in compat.s 2013-12-17 14:10:58 +01:00
Manuel Pégourié-Gonnard
0759d369e6 Fix ciphersuite selection in compat.sh 2013-12-17 11:50:52 +01:00
Manuel Pégourié-Gonnard
31a2325810 Add ECDH_ECDSA suites to compat.sh 2013-12-17 11:32:31 +01:00
Manuel Pégourié-Gonnard
07b54e06da Fix EC suites version requirements in compat.sh 2013-12-17 11:32:31 +01:00
Manuel Pégourié-Gonnard
452f6ba1a6 compat.sh cleanups 2013-12-17 11:26:59 +01:00
Manuel Pégourié-Gonnard
a60fe8943d Add mpi_safe_cond_swap() 2013-12-05 15:58:38 +01:00
Manuel Pégourié-Gonnard
357ff65a51 Details in ecp_mul_mxz() 2013-12-05 15:58:38 +01:00
Manuel Pégourié-Gonnard
fe0af405f9 Adapt ecp_gen_keypair() to Curve25519 2013-12-05 15:58:38 +01:00
Manuel Pégourié-Gonnard
9a4a5ac4de Fix bug in mpi_set_bit 2013-12-05 15:58:38 +01:00
Manuel Pégourié-Gonnard
a0179b8c4a Change ecp_mul to handle Curve25519 too 2013-12-05 15:58:38 +01:00
Manuel Pégourié-Gonnard
312d2e8ea2 Adapt key checking functions for Curve25519 2013-12-05 15:58:38 +01:00
Paul Bakker
76af736a47 Merged splitting off curves from ecp.c into ecp_curves.c 2013-12-02 22:01:26 +01:00
Paul Bakker
a2ffccd09f Fixed memory leak in new x509parse test 2013-12-02 21:56:37 +01:00
Manuel Pégourié-Gonnard
a0d758b917 Fix typo in test dependency 2013-12-02 16:34:24 +01:00
Paul Bakker
c680405135 Removed test for empty data_files/dir0
dir0 is not in git (empty directories cannot be added to git)
2013-12-02 15:26:02 +01:00
Paul Bakker
014f143c2a Merged EC key generation support 2013-12-02 14:55:09 +01:00
Manuel Pégourié-Gonnard
0267e3dc9b Add ecp_curve_info_from_name() 2013-11-30 15:10:14 +01:00
Manuel Pégourié-Gonnard
104ee1d1f6 Add ecp_genkey(), prettier wrapper 2013-11-30 14:35:07 +01:00
Manuel Pégourié-Gonnard
fbae2a1f53 Add tests for x509_crt_parse_path() 2013-11-28 18:07:39 +01:00
Paul Bakker
3ddfa663a5 Renamed test_offset to prevent clash with one in ctr_drbg.c 2013-11-26 17:45:20 +01:00
Paul Bakker
88cd22646c Merged ciphersuite version improvements 2013-11-26 15:22:19 +01:00
Paul Bakker
3209ce3692 Merged ECP improvements 2013-11-26 15:19:17 +01:00
Manuel Pégourié-Gonnard
c6f03faeaf Update compat.sh ciphersuite versions 2013-11-26 14:29:13 +01:00
Paul Bakker
e4c71f0e11 Merged Prime generation improvements 2013-11-25 14:27:28 +01:00
Paul Bakker
8fc30b178c Various const fixes 2013-11-25 13:29:43 +01:00
Manuel Pégourié-Gonnard
378fb4b70a Split mpi_is_prime() and make its first arg const 2013-11-22 19:40:32 +01:00
Manuel Pégourié-Gonnard
3e3d2b818c Fix bug in mpi_safe_cond_assign() 2013-11-21 21:56:38 +01:00
Manuel Pégourié-Gonnard
71c2c21601 Add mpi_safe_cond_assign() 2013-11-21 21:56:38 +01:00
Manuel Pégourié-Gonnard
5868163e07 Add mpi_shrink() 2013-11-21 21:56:38 +01:00
Manuel Pégourié-Gonnard
ff27b7c968 Tighten ecp_mul() validity checks 2013-11-21 21:56:38 +01:00
Paul Bakker
d1bac4ae55 Removed core file 2013-11-19 17:37:08 +01:00
Paul Bakker
f4dc186818 Prep for PolarSSL 1.3.2 2013-11-04 17:29:42 +01:00
Paul Bakker
60b1d10131 Fixed spelling / typos (from PowerDNS:codespell) 2013-10-29 10:02:51 +01:00
Paul Bakker
3292562a33 Fixed Makefile for test_suite_pk 2013-10-28 17:32:48 +01:00
Paul Bakker
7bc745b6a1 Merged constant-time padding checks 2013-10-28 14:40:26 +01:00
Paul Bakker
1642122f8b Merged support for Camellia-GCM + ciphersuite and fixes to cipher layer 2013-10-28 14:38:35 +01:00
Paul Bakker
3f917e230d Merged optimizations for MODP NIST curves 2013-10-28 14:18:26 +01:00
Paul Bakker
08bb187bb6 Merged Public Key framwork tests 2013-10-28 14:11:09 +01:00
Manuel Pégourié-Gonnard
3daaf3d21d X509 key identifiers depend on SHA1 2013-10-28 13:58:32 +01:00
Manuel Pégourié-Gonnard
f8669dabf2 Fix error.c test suite relying on old name 2013-10-28 13:58:10 +01:00
Manuel Pégourié-Gonnard
7446833626 Fix endianness issue in test helper function 2013-10-28 13:02:20 +01:00
Manuel Pégourié-Gonnard
f8ab069d6a Make get_pkcs_padding() constant-time 2013-10-27 17:25:57 +01:00
Manuel Pégourié-Gonnard
65ea372f9b Rm unsupported suites (export) from compat.sh 2013-10-25 18:44:07 +02:00
Manuel Pégourié-Gonnard
8d01eea7af Add Camellia-GCM ciphersuites 2013-10-25 16:46:05 +02:00
Manuel Pégourié-Gonnard
c2bd7a2f2f Add test vectors for Camellia-GCM via cipher layer 2013-10-24 16:49:51 +02:00
Manuel Pégourié-Gonnard
0684f74023 Add failing test vectors for Camellia-GCM auth 2013-10-24 16:19:30 +02:00
Manuel Pégourié-Gonnard
2009718fbe Add tests for AES-{192,256}-GCM in cipher layer 2013-10-24 16:02:02 +02:00
Manuel Pégourié-Gonnard
87181d1deb Add Camellia-GCM to th cipher layer 2013-10-24 14:02:40 +02:00
Manuel Pégourié-Gonnard
7bd8a99e11 Fix GCM dependencies 2013-10-24 13:39:39 +02:00
Manuel Pégourié-Gonnard
13e0d449f7 Add Camellia-GCM test vectors
https://tools.ietf.org/html/draft-kato-ipsec-camellia-gcm-03#section-4
2013-10-24 13:24:25 +02:00
Manuel Pégourié-Gonnard
083d66821e Make GCM tests accept any cipher, not just AES 2013-10-24 13:21:39 +02:00
Manuel Pégourié-Gonnard
94dd5b4dd4 Rename GCM test suites to AES-GCM 2013-10-24 13:21:39 +02:00
Manuel Pégourié-Gonnard
e783f06f73 Start working on mod_p224
(Prototype, works only on 32-bit and little-endian 64-bit.)
2013-10-23 13:24:55 +02:00
Manuel Pégourié-Gonnard
cc67aee9c8 Make ecp_mod_p521 a bit faster 2013-10-23 13:24:55 +02:00
Manuel Pégourié-Gonnard
d1e7a45fdd Rework ecp_mod_p192()
On x86_64, this makes it 5x faster, and ecp_mul() 17% faster for this curve.
The code is shorter too.
2013-10-23 13:24:55 +02:00
Manuel Pégourié-Gonnard
18c443d3a8 Fix dependency issues in the test framework
When a constant in a test case is a symbol (either preprocessor or enum
value), enclose the corresponding translation code in the ifdef's attached
the test function, so that it compiles even if it isn't defined.
2013-10-17 14:58:24 +02:00
Manuel Pégourié-Gonnard
748190d319 Fix some dependency issues 2013-10-17 13:26:48 +02:00
Manuel Pégourié-Gonnard
75c7882de3 Add PK test for forbidden operations 2013-10-17 12:57:47 +02:00
Manuel Pégourié-Gonnard
67d4583835 Add PK tests for rsa encrypt/decrypt 2013-10-17 12:57:47 +02:00
Manuel Pégourié-Gonnard
b0a467fdbe Start adding a PK test suite 2013-10-15 15:19:59 +02:00
Paul Bakker
5c17ccdf2a Bumped version to 1.3.1 2013-10-15 13:12:41 +02:00
Paul Bakker
f34673e37b Merged RSA-PSK key-exchange and ciphersuites 2013-10-15 12:46:41 +02:00
Manuel Pégourié-Gonnard
eebb5ad6cc Add RSA-PSK and ECDHE-PSK suites to compat.sh 2013-10-15 12:27:22 +02:00
Manuel Pégourié-Gonnard
48ac3db551 Add OIDs for brainpool curves 2013-10-10 15:11:33 +02:00
Manuel Pégourié-Gonnard
201401646e Fix a few selftest typos 2013-10-10 13:21:48 +02:00
Manuel Pégourié-Gonnard
43545c8b4f Add test vectors for brainpool curves 2013-10-10 12:56:00 +02:00
Paul Bakker
1337affc91 Buffer allocator threading support 2013-09-29 15:02:11 +02:00
Paul Bakker
1ffefaca1e Introduced entropy_free() 2013-09-29 15:01:42 +02:00
Manuel Pégourié-Gonnard
420edcaf1d Clean up config-suite-b.h thanks to new certs 2013-09-25 11:52:38 +02:00
Manuel Pégourié-Gonnard
cc648d19dc Adapt test cases to new certs and file names 2013-09-24 21:25:54 +02:00
Manuel Pégourié-Gonnard
6a987f4a90 Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
Manuel Pégourié-Gonnard
cbf3ef3861 RSA and ECDSA key exchanges don't depend on CRL 2013-09-24 21:25:53 +02:00
Paul Bakker
c27c4e2efb Support faulty X509 v1 certificates with extensions
(POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3)
2013-09-23 15:01:36 +02:00
Manuel Pégourié-Gonnard
649854004b New script for testing standard configurations 2013-09-20 17:08:53 +02:00
Manuel Pégourié-Gonnard
eb1714e9c8 Fix certs/psk arguments in compat.sh 2013-09-20 12:44:08 +02:00
Manuel Pégourié-Gonnard
a7496f00ff Fix a few more warnings in small configurations 2013-09-20 11:29:59 +02:00
Manuel Pégourié-Gonnard
4fee79b885 Fix some more depend issues 2013-09-20 10:58:59 +02:00
Manuel Pégourié-Gonnard
387a211fad Fix some dependencies in tests 2013-09-20 10:58:59 +02:00
Paul Bakker
5ad403f5b5 Prepared for 1.3.0 RC0 2013-09-18 21:21:30 +02:00
Manuel Pégourié-Gonnard
15d5de1969 Simplify usage of DHM blinding 2013-09-18 14:35:55 +02:00
Manuel Pégourié-Gonnard
456d3b9b0b Make ECP error codes more specific 2013-09-18 14:35:53 +02:00
Manuel Pégourié-Gonnard
dd0f57f186 Check key size in cipher_setkey() 2013-09-18 14:34:32 +02:00
Manuel Pégourié-Gonnard
d331319a38 Check -m option in compat.sh 2013-09-18 14:34:32 +02:00
Paul Bakker
c559c7a680 Renamed x509_cert structure to x509_crt for consistency 2013-09-18 14:32:52 +02:00
Paul Bakker
ddf26b4e38 Renamed x509parse_* functions to new form
e.g. x509parse_crtfile -> x509_crt_parse_file
2013-09-18 13:46:23 +02:00
Paul Bakker
369d2eb2a2 Introduced x509_crt_init(), x509_crl_init() and x509_csr_init() 2013-09-18 12:01:43 +02:00
Paul Bakker
86d0c1949e Generalized function names of x509 functions not parse-specific
x509parse_serial_gets -> x509_serial_gets
x509parse_dn_gets -> x509_dn_gets
x509parse_time_expired -> x509_time_expired
2013-09-18 12:01:42 +02:00
Paul Bakker
5187656211 Renamed X509 / X509WRITE error codes to generic (non-cert-specific) 2013-09-17 14:36:05 +02:00
Paul Bakker
36713e8ed9 Fixed bunch of X509_PARSE related defines / dependencies 2013-09-17 13:25:29 +02:00
Paul Bakker
7c6b2c320e Split up X509 files into smaller modules 2013-09-16 21:41:54 +02:00
Paul Bakker
cff6842b39 POLARSSL_PEM_C split into POLARSSL_PEM_PARSE_C and POLARSSL_PEM_WRITE_C 2013-09-16 13:36:18 +02:00
Paul Bakker
77e23fb0e0 Move *_pemify() function to PEM module 2013-09-15 20:03:26 +02:00
Paul Bakker
40ce79f1e6 Moved DHM parsing from X509 module to DHM module 2013-09-15 17:43:54 +02:00
Paul Bakker
dce7fdcbc9 Fixed warnings in case POLARSSL_PEM_C is not defined 2013-09-15 17:15:26 +02:00
Paul Bakker
2292d1fad0 Fixed warnings in case POLARSSL_X509_PARSE_C is not defined 2013-09-15 17:06:49 +02:00
Paul Bakker
de56ca1097 The suite specific header should only be used when the suite is active 2013-09-15 17:05:21 +02:00
Paul Bakker
4606c7317b Added POLARSSL_PK_PARSE_C and POLARSSL_PK_WRITE_C 2013-09-15 17:04:23 +02:00
Paul Bakker
428b9ba3b7 Moved POLARSSL_FS_IO check to .function from .data 2013-09-15 15:20:37 +02:00
Paul Bakker
e827ce013f Fix for parse commit 2013-09-15 15:08:31 +02:00
Paul Bakker
c7bb02be77 Moved PK key writing from X509 module to PK module 2013-09-15 14:54:56 +02:00
Paul Bakker
1a7550ac67 Moved PK key parsing from X509 module to PK module 2013-09-15 13:47:30 +02:00
Manuel Pégourié-Gonnard
92cb1d3a91 Make CBC an option, step 3: individual ciphers 2013-09-13 17:25:43 +02:00
Manuel Pégourié-Gonnard
989ed38de2 Make CBC an option, step 2: cipher layer 2013-09-13 15:48:40 +02:00
Manuel Pégourié-Gonnard
4fe9200f47 Fix memory leak in GCM by adding gcm_free() 2013-09-13 13:45:58 +02:00
Manuel Pégourié-Gonnard
735b8fcb0b Fix blunder in 8a109f1 2013-09-13 12:57:23 +02:00
Paul Bakker
9013af76a3 Merged major refactoring of x509write module into development
This refactoring adds support for proper CSR writing and X509
certificate generation / signing
2013-09-12 11:58:04 +02:00
Manuel Pégourié-Gonnard
0237620a78 Fix some dependencies declaration 2013-09-12 11:57:02 +02:00
Manuel Pégourié-Gonnard
31e59400d2 Add missing f_rng/p_rng arguments to x509write_crt 2013-09-12 11:57:02 +02:00
Manuel Pégourié-Gonnard
f38e71afd5 Convert x509write_crt interface to PK 2013-09-12 11:57:02 +02:00
Manuel Pégourié-Gonnard
6de63e480d Add EC support to x509write_key 2013-09-12 11:57:01 +02:00
Manuel Pégourié-Gonnard
7f1f0926e4 Add test for x509write_key 2013-09-12 11:57:01 +02:00
Manuel Pégourié-Gonnard
3837daec9e Add EC support to x509write_pubkey 2013-09-12 11:57:01 +02:00
Manuel Pégourié-Gonnard
e1f821a6eb Adapt x509write_pubkey interface to use PK
key_app_writer will be fixed later
2013-09-12 11:57:01 +02:00
Manuel Pégourié-Gonnard
33250b0461 Add test for x509write_pubkey_pem() 2013-09-12 11:57:01 +02:00
Manuel Pégourié-Gonnard
ee73179b2f Adapt x509write_csr prototypes for PK 2013-09-12 11:57:00 +02:00
Manuel Pégourié-Gonnard
27d87fa6c4 Fix many off-by-one errors 2013-09-12 11:57:00 +02:00
Paul Bakker
c0dcf0ceb1 Merged blinding additions for EC, RSA and DHM into development 2013-09-10 14:44:27 +02:00
Paul Bakker
36b7e1efe7 Merged GCM refactoring into development
GCM is now independent of AES and can be used as a mode for any
cipher-layer supported 128-bit based block cipher
2013-09-10 14:41:05 +02:00
Paul Bakker
a5943858d8 x509_verify() now case insensitive for cn (RFC 6125 6.4) 2013-09-09 17:21:45 +02:00
Paul Bakker
cd35803684 Changes x509_csr to x509write_csr 2013-09-09 12:38:45 +02:00
Paul Bakker
43aff2aec4 Moved GCM to use cipher layer instead of AES directly 2013-09-09 00:10:27 +02:00
Paul Bakker
5e0efa7ef5 Added POLARSSL_MODE_ECB to the cipher layer 2013-09-08 23:04:04 +02:00
Paul Bakker
2397cf3ede First certificate writing test. Full server1.crt reconstruction 2013-09-08 15:58:15 +02:00
Manuel Pégourié-Gonnard
b8bd593741 Restrict cipher_update() for GCM 2013-09-05 17:06:10 +02:00
Manuel Pégourié-Gonnard
1af50a240b Cipher: test multiple cycles
GCM-cipher: just trust the user to call update_ad at the right time
2013-09-05 17:06:10 +02:00
Manuel Pégourié-Gonnard
ed8a02bfae Simplify DH blinding a bit 2013-09-04 17:18:28 +02:00
Manuel Pégourié-Gonnard
143b5028a5 Implement DH blinding 2013-09-04 16:29:59 +02:00
Manuel Pégourié-Gonnard
2d627649bf Change dhm_calc_secret() prototype 2013-09-04 14:22:07 +02:00
Manuel Pégourié-Gonnard
f7ce67f0d2 Add tests for gcm via cipher 2013-09-04 12:14:11 +02:00
Manuel Pégourié-Gonnard
8eccab5077 Add test vectors to the cipher test suite
Ensures the selected cipher/mode/padding is actually used
and padding and tag are actually checked.
2013-09-04 12:12:44 +02:00
Manuel Pégourié-Gonnard
43a4780b03 Ommit AEAD functions if GCM not defined 2013-09-03 19:28:35 +02:00
Manuel Pégourié-Gonnard
aa9ffc5e98 Split tag handling out of cipher_finish() 2013-09-03 19:20:55 +02:00
Manuel Pégourié-Gonnard
2adc40c346 Split cipher_update_ad() out or cipher_reset() 2013-09-03 19:20:55 +02:00
Manuel Pégourié-Gonnard
9c853b910c Split cipher_set_iv() out of cipher_reset() 2013-09-03 13:04:44 +02:00
Manuel Pégourié-Gonnard
e09d2f8261 Change ecp_mul() prototype to allow randomization
(Also improve an error code while at it.)
2013-09-02 14:29:09 +02:00
Manuel Pégourié-Gonnard
9241be7ac5 Change cipher prototypes for GCM 2013-08-31 18:07:42 +02:00