diff options
author | Thai Duong <thaidn@users.noreply.github.com> | 2017-02-01 10:45:16 -0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-02-01 10:45:16 -0800 |
commit | 397bfb49f8cf9975706d29577075aa703a4755c1 (patch) | |
tree | 8bba871b7a7fddde1e14262b5a0ed86e420fd0d8 /doc/index.md | |
parent | b898a62f3f61fa30bf1ffd1e04016387ccd59141 (diff) | |
download | wycheproof-397bfb49f8cf9975706d29577075aa703a4755c1.tar.gz |
Google -> GitHub Sync, 1 Feb 2017 (#19)
* Removing duplicates from BigIntegerTest.
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=142548323
* Remove @NoPresubmitCheck from testModifiedPublic() and testModifiedPublicSpec(). The corresponding bug was fixed in BC 1.55 or BC 1.56.
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=142561682
* minor typos
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=142743772
* Regenerating the test vectors for ECDSA:
- this adds more comments for bugtypes and modifications or the signatures.
- fixes some ugly formatting.
- adds some additional test vectors.
There are no new bugs.
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=144619819
* Regenerating DSA test vectors:
This adds a few more test vectors.
The test vectors are now divided between test vectors with valid BER encodings
and test vectors with invalid DER encodings.
The description of the test vector better describes what was modified.
Also fixing issue #17 on Github: testVectors in DsaTest not using the message parameter
There are no changes to the presubmit tests. Tests that can be enabled because of the
Oracles security update will be added in another CL.
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=144814889
* Regenerating test vectors for EcdhTest.java
Merging a test with small order into the test vectors.
Fixing ASN encoding of 0 (from 0200 to 020100, i.e. length must be > 0).
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=144815129
* Regenerating RSA signatures.
Adding test vectors that were removed because of b/31575502. Oracle fixes this with CVE-2016-5547.
Changing ASN tags with value 0x50 to 0x30 (0x50 would be something like sequence of sequence but does not exist), hence the old vectors are unlikely to cause problems.
Adding more modifications of OIDs. The new vectors unpack the OIDs and change the nodes.
(E.g. the OID for sha256 is the hexadecimal string "608648016503040201" which is an
ASN encoding of "2.16.840.1.101.3.4.2.1". The new test vectors include invalid encoding,
encodings with additional nodes, deleted nodes and nodes that are changed to large integers)
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=144846826
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=145060646
* Removing presubmit restrictions for tests that have been fixed internally and upstream.
Mainly these are tests with CVEs that were announced during the Jan 17 security update
by Oracle.
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=145397539
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=145418516
* Adding the CVE numbers from Oracles Jan 17 security update to the documentation.
Minor changes to some test vectors: Some of the garbage added to the ASN encoding
was itself incorrect and has been replaced.
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=145650774
* ECDSA MODIFIED_SIGNATURES should be public now.
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=146186539
Diffstat (limited to 'doc/index.md')
-rw-r--r-- | doc/index.md | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/doc/index.md b/doc/index.md index c664ba1..0d570e6 100644 --- a/doc/index.md +++ b/doc/index.md @@ -1,7 +1,7 @@ # Project Wycheproof This page describes the goals and strategies of project Wycheproof. See -[README](../README.md) for introduction to the project. +[README](../README.md) for an introduction to the project. ## Defense in depth @@ -33,7 +33,7 @@ rather than exploitability. Examples: One of the goals of Wycheproof is to test for compatibility issues. Switching JCE providers should not introduce vulnerabilities simply because -the solution was developed with another provider. +the solution was developed by another provider. An example for this was the following observation: When using AES-GCM then javax.crypto.CipherInputStream worked sort of with JCE and @@ -49,10 +49,10 @@ cryptographic libraries based on the bugs found would be biased: * Libraries used internally in Google get more attention. Serious vulnerabilities in these libraries should be fixed at the time the tests are added to Wycheproof. On the other hand it is also likely that - tests find a larger number of bugs in thsese libraries when old versions are + tests find a larger number of bugs in these libraries when old versions are tested. * Tests often check for expected behaviour and compatibility. - Excpected behaviour is often defined by a prominent library. + Expected behaviour is often defined by a prominent library. Pointing out such problems can therefore penalize smaller third party libraries. * We are working toward covering as many potential vulnerabilities as possible @@ -71,7 +71,7 @@ We should promote robust interfaces with the goal to simplify the use of the library, codereviews of applications using the library and testing the library. -* When cryptrographic primitives require randomness then the random +* When cryptographic primitives require randomness then the random numbers should be chosen by the library. It shouldn't be possible for a user to provide randomness. If the library itself chooses the randomness then it is possible (at least to some degree) to check |