| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
| |
* yet another ocsp response vector.
and yet there will be at least one more after this
* add one more
|
| | |
|
| |
|
|
|
|
| |
* add more OCSP response vectors
* another vector and better docs
|
| |
|
|
|
|
|
|
|
|
| |
* OCSP response vector
* oops, wrong name
* move ocsp response vector docs
* make alex happy
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Fix encoding errors in RSA test keys.
enc-rsa-pkcs8.pem and unenc-rsa-pkcs8.pem did not encode the RSA key
correctly. Per RFC 8017, appendix A.1:
The object identifier rsaEncryption identifies RSA public and private
keys as defined in Appendices A.1.1 and A.1.2. The parameters field
has associated with this OID in a value of type AlgorithmIdentifier
SHALL have a value of type NULL.
rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 }
unenc-rsa-pkcs8.pem, however, was missing that NULL, which was, in turn,
carried into the encrypted payload of enc-rsa-pkcs8.pem. The DER
version, enc-rsa-pkcs8.der, carries this mistake too. Interestingly,
unenc-rsa-pkcs8.der does *not* have it. I'm guessing it was converted
with the openssl command-line tool which fixed the encoding in
conversion.
Current versions of OpenSSL are lax and ignore the parameters field, but
it's best to test against spec-compliant inputs. Fix unenc-rsa-pkcs8.pem
to match unenc-rsa-pkcs8.der and then refresh enc-rsa-pkcs8.{der,pem}
with the new encoding but otherwise the same encryption parameters.
I've refreshed the dumpasn1 (at least that's what it looks like)
preamble at the top of each file, but the current version of dumpasn1
appears to have changed the spacing slightly, so there's some whitespace
diff noise.
* Update test-vectors.rst.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
| |
These can be used when OpenSSL 1.1.1 is released
|
| |
|
|
| |
NIST has updated the vectors to cover the bug we had. Let's use those
vectors. Thanks NIST!
|
| |
|
|
|
|
|
|
| |
* Added badtime.pem vector
In connection with forthcoming PR to fix #4158
* shortened line, corrected and->and
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* 2.2 release!
* also change versions
|
| | |
|
| |
|
|
|
|
|
|
| |
* add 1200 byte HKDF test vector and a generator/verifier for it
* exit non-zero when failing
* ugh
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* add unique identifier test vector
* wrap a line I didn't even touch...
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
* oaep label vector
* add count so we can use the nist vector loader
* add RSA key from the boring vectors as well
https://boringssl.googlesource.com/boringssl/+/ce3773f9fe25c3b54390bc51d72572f251c7d7e6/crypto/evp/evp_tests.txt#8
|
| | |
|
| |
|
|
|
|
| |
* add test vector with invalid basicconstraints
* sigh
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* 2.0 version bump and changelog
* dates are just an illusion
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Support DH parameter serizalization - no X9.42
* Support X9.42 serialization - DER not working
* Fix dhp_rfc5114_2.der
Changing the DER parameters serialization after the
fix in openssl commit a292c9f1b835
* DH parameters X9.42 DER serialization fixed
* fix _skip_dhx_unsupported
* document DH parameter_bytes
* PEP8 fixes
* Document load_pem_parameters
* Document load_der_parameters
* document ParameterFormat
* Increase test coverage
* Increase test covrage
* Remove unneeded check
* Fix typo
* Fix error in load_der_parameters
* Add load_pem_parameters and load_der_parameters to interfaces
* CR fixes
* Removed unverified phrase
* Update version to 2.0
* Fix pep8
* Rename ParameterFormat.ASN1 to ParameterFormat.DHParameter
* link pkcs3
* Add new line at end of file to serialization.rst
* Rename DHparameters to PKCS3
* doc CR fix
|
| | |
|
| |
|
|
|
| |
http://csrc.nist.gov/groups/STM/cavp/documents/mac/ccmtestvectors.zip
No TLS :(
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
* add ChaCha20Poly1305 test vectors from OpenSSL/RFC7539
* add the boringssl tests as well
* highlight the lines
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
The OpenSSL manual recommends a buffer size of 80 for OBJ_oid2txt:
https://www.openssl.org/docs/crypto/OBJ_nid2ln.html#return_values.
But OIDs longer than this occur in real life (e.g. Active Directory
makes some very long OIDs). If the length of the stringified OID
exceeds the buffer size, allocate a new buffer that is big enough to
hold the stringified OID, and re-do the conversion into the new
buffer.
|
| |
|
| |
The original source of this vector does not have a space, we added it by accident
|
| |
|
|
|
|
| |
* Refs #3461 -- added a test vector with SCTs
* timestamp is a word
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Support DH q (subgroup order)
* Change RFC5114.txt to NIST format
* Add tests for DH q
* Update docs for DH q
* Fix pep8
* Improve test covergae for DH q
* Create _dh_params_dup that copy q if DHparams_dup don't
On OpenSSL < 1.0.2 DHparams_dup don't copy q. _dh_params_dup
call DHparams_dup and if the version is smaller than 1.0.2
copy q manually
* Copy q manually on libressl
* Add to test vectors serialized RFC5114 2048 bit DH parameters with 224 bit subgroup
* Support serialization of DH with q
* Add tests for serialization of DH with q
* Support DH serialization with q only if Cryptography_HAS_EVP_PKEY_DHX is true
* Raise exception when trying to serialize DH X9.42 when not supported
* raise unsupported key type when deserilizing DH X9.42 if not supported
* pep8 fixes
* Fix test_serialization
* Add dhx_serialization_supported method to DHBacked
* document q in dh_parameters_supported
* Rename dhx_serialization_supported to dh_x942_serialization_supported
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* DH keys support serialization
* Add DH serialization documentation
* Add tests for DH keys serialization in DER encoding
* update version to 1.8
* Allow only SubjectPublicKeyInfo serialization
* Remove support in TraditionalOpenSSL format
* Fix pep8
* Refactor dh serialization tests
|
| | |
|
