| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
| |
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
That is, verify whether the various combinations of
GNUTLS_EXT_FLAG_CLIENT_HELLO,
GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO,
GNUTLS_EXT_FLAG_TLS13_SERVER_HELLO
work as expected with regards to sending and receiving
extensions.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
| |
That is, on the extension parsing functions ensure that
no extension which are not valid for the currently
received message are parsed.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
|
|
|
|
|
| |
We were previously using the variable named 'type' to indicate the
extension ID. With TLS 1.3, extensions are also given an applicability
type (which message the extension applies to), and thus renamed the
variable for clarity.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
|
|
| |
That is, avoid enabling experimental protocols.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
| |
They are being included conditionally depending on the RSA-PSS feature
(RSA-PSS and HKDF are expected to be introduced at the same version).
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
|
|
|
| |
This allows the test suite to run, even when TLS1.3 is still
experimental.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
|
|
| |
This enables TLS 1.3 key exchange based on the key share extension.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
|
| |
enabled
That is because after TLS 1.3 there is no negotiation of the version using
the Client Hello field, but with an extension.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
| |
This will simplify handling of the x25519 key exchange.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
| |
This is used in TLS 1.3 which introduces a new MPI over-the-wire
format.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
| |
TLS 1.3 implements resumption is a different way, so we should
introduce new resumption tests once that support is in place.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
This introduces the following new functions:
const version_entry_st *_gnutls_legacy_version_max(gnutls_session_t session);
const version_entry_st *_gnutls_version_max(gnutls_session_t session);
which replace their previous counterparts.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
| |
These test whether this extension is seen under TLS 1.3 in client
hello, and whether it is not present in server hello.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
| |
That is, when TLS 1.3 is negotiated the compression algorithms and
session ID fields are no longer sent.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
| |
algorithms
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
| |
If an application intentionally disables all signature algorithms, ensure
that we can operate by eliminating protocol options which require these
signature algorithms to be set.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
| |
In addition make sure we check gnutls_priority_set() for errors.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
| |
This tests the behavior when signature algorithms only available
under TLS1.3 are present in a TLS 1.2 session.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
| |
with TLS1.2
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
version
That is, when a signature algorithm that is only applicable
to specific TLS protocol semantics (e.g., ECDSA-SECP256R1-SHA256)
is enabled, under TLS 1.2, it will result to no code points being
added. That prevents connection errors due to "wrong" code
points being added that do not correspond to a usable signature
algorithm under the protocol.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Previously at handshake we would negotiate a ciphersuite and certificate
and later figure out a signature algorithm. Now we negotiate all at once,
so we no longer reach situations where mid-way of handshake we figure we
have no signature algorithm to use. Update the test cases relying on that
behavior to account the new one.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
That patch adds the signature algorithms:
- GNUTLS_SIGN_ECDSA_SECP256R1_SHA256
- GNUTLS_SIGN_ECDSA_SECP384R1_SHA384
- GNUTLS_SIGN_ECDSA_SECP521R1_SHA512
and enables them for the default TLS priority strings.
In addition it allows negotiating signature algorithms sharing
the same TLS IDs, but which have different semantics between TLS
versions (e.g., 6,4 maps to GNUTLS_SIGN_ECDSA_SHA512 under TLS 1.2
but to GNUTLS_SIGN_ECDSA_SECP521R1_SHA512 under TLS 1.3).
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
| |
This checks whether the Client Hello and Server Hello packets
contain the expected values.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
| |
That is, introduced the TLS 1.3 supported_versions extension. It is currently
only being used if negotiating TLS 1.3 or later.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
| |
That is, ensure that the functions used for TLS 1.2 and earlier
negotiation cannot be used with TLS 1.3. That is because TLS 1.3
is negotiated using a TLS extension.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
| |
That is, added check for TLS 1.3 random value requirements in client side,
and generation according to TLS 1.3 requirements for server and
client side.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
| |
Since GnuTLS can no longer negotiate MD5, we utilize a byte stream
of a connection which advertises MD5, and we make sure we detect the
right error code for the rejection of MD5 signature.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
| |
We no longer support them.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
|
| |
That is, for the MD5-using algorithms, as well as for the DSA2
signature algorithms that were never really used with TLS 1.2.
Kept DSA-SHA1 in order to be used by TLS 1.2 and legacy applications.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
| |
the list
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
| |
TLS 1.3 requires that SHA224 MUST NOT be used, and given the
fact that SHA224 was never widespread used in TLS 1.2, there
is no reason to keep these algorithms at all.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|