summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* wrap_nettle_pk_generate_keys: retry on provable key generationtmp-fix-fips-generationNikos Mavrogiannopoulos2018-06-261-3/+12
| | | | | | | | | This resolves issue with occasional failures under RSA key generation in FIPS140-2 mode. Resolves #283 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* Merge branch 'auto-sync-translations' into 'master'Nikos Mavrogiannopoulos2018-06-2619-23971/+1
|\ | | | | | | | | | | | | Let ./bootstrap sync from translationproject.org Closes #470 See merge request gnutls/gnutls!678
| * Let ./bootstrap sync from translationproject.orgTim Rühsen2018-06-2619-23971/+1
|/ | | | | | | | | | This makes manual updating of the translations obsolete. From now on, builds and tarballs will always have the latest translations included. We should not forget to inform translationproject.org to update the translations before a release. How to do that is described at https://translationproject.org/html/maintainers.html (6. Announcing).
* gnutls_session_get_desc: fixed desc printing of custom groupsNikos Mavrogiannopoulos2018-06-261-2/+5
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* doc update [ci skip]Nikos Mavrogiannopoulos2018-06-251-0/+7
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* aarch64: use getauxval() if available to discover cpu capstmp-aarch64Nikos Mavrogiannopoulos2018-06-242-35/+36
| | | | | | | | This improves CPU detection by avoiding the parsing of of a human-readable file and allows operation under debian multilib qemu setup. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* .gitlab-ci.yml: no need for submodule update on cross-buildsNikos Mavrogiannopoulos2018-06-241-1/+0
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* .gitlab-ci.yml: use qemu for aarch64 testingNikos Mavrogiannopoulos2018-06-241-23/+3
| | | | | | | This eliminates the need (and costs) to maintain a separate baremetal system. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* .gitlab-ci.yml: corrected typoNikos Mavrogiannopoulos2018-06-241-1/+1
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* .gitlab-ci.yml: skip submodule initialization when not necessarytmp-updated-buildsNikos Mavrogiannopoulos2018-06-241-2/+0
| | | | | | This prevents unnecessary download of submodules on CI. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* .gitlab-ci.yml: updated x86 CI builds with better datefudge detectionNikos Mavrogiannopoulos2018-06-246-27/+18
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* .gitlab-ci.yml: debian stretch build replaced by busterNikos Mavrogiannopoulos2018-06-241-2/+2
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* doc update [ci skip]Nikos Mavrogiannopoulos2018-06-231-3/+4
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* doc update [ci skip]Nikos Mavrogiannopoulos2018-06-231-0/+5
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* Merge branch 'gost-no-tls' into 'master'Nikos Mavrogiannopoulos2018-06-23119-101/+14557
|\ | | | | | | | | GOST certificates/PKCS#7/PKCS#12 support See merge request gnutls/gnutls!654
| * tests: add PKCS#12 test script for GOST 28147-89-encrypted filesDmitry Eremin-Solenikov2018-06-235-1/+90
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * certtool: honour --hash option when generating PKCS#12 filesDmitry Eremin-Solenikov2018-06-231-1/+7
| | | | | | | | | | | | | | Use algorithm specified with --hash option when generating MAC for PKCS#12 file, allowing user to select algorithms other than SHA-1. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * tests: expand pkcs7 test to also check GOST filesDmitry Eremin-Solenikov2018-06-234-2/+45
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * test: test GOST keys import/exportDmitry Eremin-Solenikov2018-06-231-0/+172
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * certtool: ask if certificate will be used for data encryptionDmitry Eremin-Solenikov2018-06-231-2/+1
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * tests: add common gost certificates for testsDmitry Eremin-Solenikov2018-06-231-0/+216
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * Support key matching with GOST keysDmitry Eremin-Solenikov2018-06-231-1/+11
| | | | | | | | | | | | | | GOST keys do not support signing non-GOST hashes, so use correct digest algorithm when verifying that GOST public and private keys match. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * Add generated GOST credentials for testsDmitry Eremin-Solenikov2018-06-2310-1/+258
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * Use GOST R 34.11-94 when generating key for PKCS data to be encrypted with ↵Dmitry Eremin-Solenikov2018-06-231-7/+34
| | | | | | | | | | | | GOST 28147-89 Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * certtool: support generating GOST-encrypted PKCS#8/12 filesDmitry Eremin-Solenikov2018-06-231-0/+10
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * Add gost certificates to chainverify testsDmitry Eremin-Solenikov2018-06-233-0/+90
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * Expand x509 sign/verify test with GOST algorithmsDmitry Eremin-Solenikov2018-06-233-1/+106
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * oids: expand to include GOST digests/signaturesDmitry Eremin-Solenikov2018-06-231-0/+24
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * tests: privkey-keygen: adapt to support GOST algorithmsDmitry Eremin-Solenikov2018-06-231-4/+11
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * Support GOST private keys generationDmitry Eremin-Solenikov2018-06-237-4/+169
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * certtool: support dumping GOST private key informationDmitry Eremin-Solenikov2018-06-232-0/+86
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * Add several DN entry definitions used by qualified GOST signaturesDmitry Eremin-Solenikov2018-06-231-0/+8
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * certool: export GOST privkeys only in PKCS#8 formatDmitry Eremin-Solenikov2018-06-231-1/+3
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * Add support for PKCS12 files using GOST MACDmitry Eremin-Solenikov2018-06-231-12/+116
| | | | | | | | | | | | | | Local PKCS12-based standard derives from RFC 7292 (PKCS #12) in using PBKDF2 to generate MAC key rather than using PKCS12 scheme. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * Add support for PBES2/PBKDF2 using GOST algorithmsDmitry Eremin-Solenikov2018-06-235-32/+233
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * Support PKCS#12 key derivation with GOST digestsDmitry Eremin-Solenikov2018-06-231-0/+5
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * Add support for importing/exporting GOST private keysDmitry Eremin-Solenikov2018-06-2312-0/+579
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * Support importing/exporting X.509 GOST public keysDmitry Eremin-Solenikov2018-06-2317-3/+772
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * Add ASN.1 definitions for GOST keysDmitry Eremin-Solenikov2018-06-232-1/+17
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * nettle: add support for GOST 34.10 public keysDmitry Eremin-Solenikov2018-06-231-1/+379
| | | | | | | | | | | | | | There is no support for GOST public keys derivation, as it is used only for TLS or PKCS#7 with encrypted content. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * Add few functions to support basic operations with GOST public keysDmitry Eremin-Solenikov2018-06-2312-0/+333
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * Add declarations for GOST R 34.10 signaturesDmitry Eremin-Solenikov2018-06-234-7/+32
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * Define GOST R 34.10 curvesDmitry Eremin-Solenikov2018-06-233-2/+91
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * Add declarations to support GOST public keysDmitry Eremin-Solenikov2018-06-2310-6/+60
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * Add support for I/O of little-endian MPIDmitry Eremin-Solenikov2018-06-234-13/+82
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * nettle: add support for unsigned LE MPIsDmitry Eremin-Solenikov2018-06-231-2/+18
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * nettle: add support for GOST 34.11 hash functionsDmitry Eremin-Solenikov2018-06-231-0/+71
| | | | | | | | | | | | Add support for GOST R 34.11-94 and Streebog (256/512) functions. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * nettle: support GOST28147-89 in CFB modeDmitry Eremin-Solenikov2018-06-231-0/+127
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * Add declarations for GOST 28147-89 cipher in CFB modeDmitry Eremin-Solenikov2018-06-232-1/+46
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * Add declarations for GOST R 34.11 (-94 and -2012) digest algorithmsDmitry Eremin-Solenikov2018-06-233-1/+42
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
View Lorry Controller Status