Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
283,307 Commits 606 Branches 0 Tags 3.1 GiB
Commit Graph

64 Commits

Author SHA1 Message Date
gson ce24a0bfcd Double the timeout for the bn test case; 360 seconds is no longer 
sufficient under qemu since the latest openssl update.
 2020-04-11 16:55:33 +00:00
hikaru 068d6bf691 Add HMAC-SHA-{256,384,512} test cases. 2019-12-03 04:20:45 +00:00
gson 8d7fd85720 The runtime of the ecdsa test case increased approximately sixfold 
with the openssl update on 2019-06-09, and it is now timing out on
sparc.  Increase the timeout by roughly the same factor.
 2019-06-16 10:45:50 +00:00
gson 462b0659d5 Timeout for evp test case is still not enough for qemu/sparc 2019-03-27 21:14:54 +00:00
gson 61e97463c5 A timeout of 480 seconds is not enough for the t_pubkey:ec test case 
on qemu/sparc.
 2018-09-29 10:54:35 +00:00
gson 683f5e4226 The default timeout of 300 seconds is not enough for the t_ciphers:evp 
test case on qemu/sparc since the import of openssl 1.1.0i on 2018-08-18.
 2018-09-29 10:50:33 +00:00
christos e1e91be8a7 Force libcrypto to be loaded after libcryptotest for the benefit of sun2 2018-09-28 23:40:45 +00:00
christos b4a1544ad5 Remove tests that don't exist anymore in OpenSSL-1.1.1 (We should add the 
one ones it adds though :-)
 2018-09-24 16:25:24 +00:00
christos 54bebabb33 Merge openssl-1.1.1 2018-09-23 13:34:57 +00:00
martin 3cbaed46a2 PR lib/53044: remove tests not provided by OpenSSL 1.1.x 2018-02-22 14:24:03 +00:00
christos c885e6eac2 put .PATH after the variable is defined. 2018-02-09 03:20:21 +00:00
christos 531428e66d fix 1.0 build; thanks ODE make. 2018-02-08 23:52:26 +00:00
christos 60b220f792 include the right test directory for the right openssl version 2018-02-08 23:41:26 +00:00
christos e1f413f949 adjust tests for 1.1 2018-02-08 21:59:10 +00:00
christos 97ebf3e411 constify more to avoid gcc stupidity. 2017-06-14 21:43:02 +00:00
martin a3b64c360a Avoid variable lenght buffers to help the stack protector (hopefully no 
functional change)
 2017-06-13 08:16:16 +00:00
knakahara 1c9c125617 add tests of ioctl for /dev/crypto 2017-06-09 06:09:01 +00:00
riastradh ef315f7931 Remove MKCRYPTO option. 
Originally, MKCRYPTO was introduced because the United States
classified cryptography as a munition and restricted its export.  The
export controls were substantially relaxed fifteen years ago, and are
essentially irrelevant for software with published source code.

In the intervening time, nobody bothered to remove the option after
its motivation -- the US export restriction -- was eliminated.  I'm
not aware of any other operating system that has a similar option; I
expect it is mainly out of apathy for churn that we still have it.
Today, cryptography is an essential part of modern computing -- you
can't use the internet responsibly without cryptography.

The position of the TNF board of directors is that TNF makes no
representation that MKCRYPTO=no satisfies any country's cryptography
regulations.

My personal position is that the availability of cryptography is a
basic human right; that any local laws restricting it to a privileged
few are fundamentally immoral; and that it is wrong for developers to
spend effort crippling cryptography to work around such laws.

As proposed on tech-crypto, tech-security, and tech-userlevel to no
objections:

https://mail-index.netbsd.org/tech-crypto/2017/05/06/msg000719.html
https://mail-index.netbsd.org/tech-security/2017/05/06/msg000928.html
https://mail-index.netbsd.org/tech-userlevel/2017/05/06/msg010547.html

P.S.  Reviewing all the uses of MKCRYPTO in src revealed a lot of
*bad* crypto that was conditional on it, e.g. DES in telnet...  That
should probably be removed too, but on the grounds that it is bad,
not on the grounds that it is (nominally) crypto.
 2017-05-21 15:28:36 +00:00
riastradh 09956316a6 Remove MKCRYPTO_RC5. Unconditionally include RC5 in libcrypto.so. 
This option existed only because RC5 is covered by patents that, twenty
years ago, we had reason to suspect the patent holder, RSA, Inc., might
litigate.  The two US patents in question are 5,724,428 and 5,835,600.

According to the USPTO Patent Term Calculator web site at
<https://www.uspto.gov/patent/laws-and-regulations/patent-term-calculator#heading-5>
(retrieved 2017-05-21), patents filed after 1995-06-07 expire twenty
years after the filing date.

number          filing date
5,724,428       1995-11-01
5,835,600       1997-04-21

Thus, these patents appear to be expired.

As proposed on tech-crypto and tech-security:

https://mail-index.netbsd.org/tech-crypto/2017/05/05/msg000718.html
https://mail-index.netbsd.org/tech-security/2017/05/05/msg000927.html
 2017-05-21 14:20:44 +00:00
knakahara e7af88294b add opencrypto atf for CRYPTO_3DES_CBC and CRYPTO_AES_CBC(=CRYPTO_RIJNDAEL128_CBC). 2017-04-17 03:59:37 +00:00
spz cff8db61e4 periphereal updates and generated files for the new openssl. 
Expect at least one more commit until the tree builds again.
 2016-10-14 16:09:43 +00:00
martin b38d15f64d Bump timeouts so they work on a 32bit sparc (poor Krups) 2016-10-13 09:25:37 +00:00
pgoyette 0bfb85b87f For the skipped ARC4 test, don't bother trying to run the test clean-up 
code.  It runs rump.halt which returns an error status (since rump was
never started in the first place), and this causes atf to complain about
the cleanup routine's return status, logging the test as a failure!
 2015-12-26 07:10:03 +00:00
prlw1 a0b4c35b18 correct test name 2015-03-16 16:42:27 +00:00
pgoyette 0746ac4120 Sprinkle in some UNCONST() 2014-01-19 13:40:59 +00:00
pgoyette 5e565c166a Include more of the test cases from RFC 1321. 
XXX cases 3, 6, and 9 are currently disabled because we don't seem
to handle plain-text in other than 8-byte chunks.
 2014-01-18 20:40:27 +00:00
pgoyette f2915fe1a6 Remove some debugging code. 2014-01-18 20:10:34 +00:00
pgoyette cd62f2eb7f Free each crypto(4) session when we're done with it. (A new session 
is created for each test case.)
 2014-01-18 19:44:41 +00:00
pgoyette 435332144e Fix verification to use correct buffer. 
Use test cases defined in RFC 1321
 2014-01-18 15:55:32 +00:00
pgoyette 101f54fefd Add the test cases for sha1_hmac 2014-01-18 15:15:16 +00:00
joerg 3732193e19 Needs some unconst. 2014-01-18 02:31:14 +00:00
pgoyette b685948516 Additional tests for SHA1_HMAC (with test cases from RFC2202) 2014-01-17 22:33:02 +00:00
pgoyette 10805d8a0e Add additional test cases from RFC2202 2014-01-17 22:31:25 +00:00
pgoyette 140e400a0b Use RFC 3713 vector, add comment to identify the source 2014-01-17 19:39:51 +00:00
pgoyette 80fe9fc110 Reenable h_null (NULL_CBC) test. It works if we correctly pass a NULL iv. 2014-01-17 19:35:33 +00:00
pgoyette 1b0aa2a2ae Clean up the helper programs. Remove the code to print the results, and 
make sure that all helpers actually check the results against the correct
values.
 2014-01-17 14:16:08 +00:00
pgoyette 5119ac7130 Disable the arc4 and null_cbc tests for now. The swcrypto driver does 
not (yet) support them.
 2014-01-17 14:14:54 +00:00
joerg 7fe431c6a2 Use __arraycount and size_t as the format strings are wrong anyway. 2014-01-16 23:56:04 +00:00
pgoyette 075b927c1d Since sizeof() is unsigned, use an unsigned int for the loop index. 
Fixes latest build break.
 2014-01-16 22:06:45 +00:00
pgoyette 5b57b2e95d Include all of the examples from RFC3566 2014-01-16 18:09:55 +00:00
martin 89ed65c0d4 Remove bogus TESTSDIR 2014-01-15 10:19:55 +00:00
pgoyette fda7dd4887 Descend into new opencrypto test suite 2014-01-14 18:06:27 +00:00
pgoyette 9bee98a7d5 Add some trivial tests for the in-kernel opencrypto framework, and link 
them into the build.  (Thanks to Matthias Drochner for the test programs!)

XXX The arc4 and null tests currently fail - under investigation.
 2014-01-14 17:51:39 +00:00
spz 67d12f6407 more MKCRYPTO_IDEA and MKCRYPTO_MDC2 removal (resp, adjustment to IDEA and 
MBC2 now always being included)
MKCRYPTO_RC5 now builds shared libs, add the missing files to sets
 2012-07-14 16:04:04 +00:00
christos e2d5622544 MKCRYPTO_{IDEA,MDC2} is no more 2012-07-14 04:06:17 +00:00
mrg f3383e2258 fix a build issue with MKCRYPTO=no. 2011-10-22 21:13:25 +00:00
spz 8efcedf571 give the idea, rc5 and mdc2 checks a chance of working if they are defined 
to be compiled
 2011-07-05 10:03:09 +00:00
christos e4bf07bdfe Fix patented algo compilation 2011-06-12 16:16:26 +00:00
christos 2a18cea9f4 Turn warns on for all tests and fix all the bugs. 2011-06-11 18:03:17 +00:00
spz 56d7efa655 add tests for evb and srp 2011-06-09 05:25:17 +00:00