summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* handshake-tls13: add session flag to disable sending session ticketstmp-no-auto-send-ticketDaiki Ueno2020-04-135-4/+326
| | | | | | | | | While GnuTLS by default implicitly sends NewSessionTicket during handshake, application protocols like QUIC set a clear boundary between "in handshake" and "post handshake", and NST must be sent in the post handshake state. Signed-off-by: Daiki Ueno <dueno@redhat.com>
* Merge branch 'fix-padlock' into 'master'Nikos Mavrogiannopoulos2020-03-302-4/+7
|\ | | | | | | | | | | | | Fix padlock accelerated code Closes #930 See merge request gnutls/gnutls!1226
| * padlock: fix exception in wrap_padlock_hash_fastDmitry Baryshkov2020-03-281-1/+0
| | | | | | | | | | | | | | | | | | | | wrap_padlock_hash_fast() allocates a context on a stack (via local variable) then tries to free it by calling wrap_padlock_hash_deinit() causing a crash. Remove a call to deinit() to fix a crash. Fixes #930 Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
| * padlock: fix exception in sha codeDmitry Baryshkov2020-03-281-0/+2
| | | | | | | | | | | | | | | | padlock sha code will segfault (at least on Nano) if it is passed a NULL data pointer (even if size is 0). Pass digest output buffer as a dummy data pointer in such case. Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
| * padlock: make cbc code return error properlyDmitry Baryshkov2020-03-281-3/+5
| | | | | | | | | | | | | | If underlying padlock_cbc_en/decrypt return an error, pass this error to calling code. Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
* | psk: added checks to satisfy static analyzersNikos Mavrogiannopoulos2020-03-301-0/+6
| | | | | | | | | | | | | | | | Added null checks in legacy callbacks to avoid warnings from static analyzers. The issues do not appear to be reproducible in real-world use. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* | Merge branch 'fix-dlts-client-zero-random' into 'master'Nikos Mavrogiannopoulos2020-03-291-1/+1
|\ \ | | | | | | | | | | | | | | | | | | dtls client hello: fix zeroed random (fixes #960) Closes #960 See merge request gnutls/gnutls!1225
| * | dtls client hello: fix zeroed random (fixes #960)Stefan Bühler2020-03-271-1/+1
|/ / | | | | | | | | | | | | This broke with bcf4de03 "handshake: treat reply to HRR as a reply to hello verify request", which failed to "De Morgan" properly. Signed-off-by: Stefan Bühler <stbuehler@web.de>
* | Merge branch 'better_SSL3.0_tests' into 'master'Nikos Mavrogiannopoulos2020-03-274-2/+49
|\ \ | | | | | | | | | | | | improve gnutls-cli-debug testing of old SSL 3.0 servers See merge request gnutls/gnutls!1221
| * | add NEWS entryDaniel Lenski2020-03-221-0/+3
| | | | | | | | | | | | Signed-off-by: Daniel Lenski <dlenski@gmail.com>
| * | add additional tests of SSL 3.0 (with extensions, and with cipher suites not ↵Daniel Lenski2020-03-223-1/+42
| | | | | | | | | | | | | | | | | | | | | | | | in SSL 3.0) See #958 Signed-off-by: Daniel Lenski <dlenski@gmail.com>
| * | test_ssl3: minimize cipher suites to those actually included in SSL 3.0Daniel Lenski2020-03-221-2/+5
| | | | | | | | | | | | | | | | | | See #958 Signed-off-by: Daniel Lenski <dlenski@gmail.com>
| * | SSL 3.0 (RFC6101) doesn't actually appear to require extensions, and some ↵Daniel Lenski2020-03-221-1/+1
| |/ | | | | | | | | | | | | | | servers don't accept them See #958 Signed-off-by: Daniel Lenski <dlenski@gmail.com>
* | Merge branch 'tmp-get-keylog-func' into 'master'Daiki Ueno2020-03-259-0/+27
|\ \ | | | | | | | | | | | | gnutls_session_get_keylog_function: new function See merge request gnutls/gnutls!1220
| * | gnutls_session_get_keylog_function: new functiontmp-get-keylog-funcDaiki Ueno2020-03-229-0/+27
| | | | | | | | | | | | | | | | | | | | | | | | This adds a way to retrieve the keylog function set by gnutls_session_set_keylog_function() to allow application protocols to implement custom logging facility. Signed-off-by: Daiki Ueno <dueno@redhat.com>
* | | Merge branch 'fix_echo_serv' into 'master'Daiki Ueno2020-03-241-2/+2
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | gnutls-serv: Do not exit when a message to be echoed is received Closes #959 See merge request gnutls/gnutls!1222
| * | | gnutls-serv: Do not exit when a message to be echoed is receivedAnderson Toshiyuki Sasaki2020-03-241-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, when gnutls-serv was executed with the --echo option, it would exit when a message to be echoed was received. Moreover, the server would output "Memory error" although no error occurred. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
* | | | Merge branch 'ajuaristi-issue-586' into 'master'Nikos Mavrogiannopoulos2020-03-2427-5212/+6436
|\ \ \ \ | |/ / / |/| | | | | | | | | | | | | | | | | | | support non-NULL-terminated PSKs Closes #586 See merge request gnutls/gnutls!917
| * | | _gnutls_check_id_for_change: ensure that we check the username lengthajuaristi-issue-586Nikos Mavrogiannopoulos2020-03-233-5/+8
| | | | | | | | | | | | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
| * | | Ensure that an incorrectly formatted password file doesn't cause invalid ↵Nikos Mavrogiannopoulos2020-03-231-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | memory access Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
| * | | Update NEWS fileAnder Juaristi2020-03-231-0/+7
| | | | | | | | | | | | | | | | Signed-off-by: Ander Juaristi <a@juaristi.eus>
| * | | Update filesAnder Juaristi2020-03-232-5077/+5568
| | | | | | | | | | | | | | | | Signed-off-by: Ander Juaristi <a@juaristi.eus>
| * | | psk: Allow non-NULL PSK usernamesAnder Juaristi2020-03-2322-132/+854
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit closes #586. Two new functions are introduced: gnutls_psk_server_get_username2() and gnutls_psk_set_client_username2(), which are identical in behavior to those named similarly (without the final '2'), but allow arbitrary gnutls datums (not strings) to be used as usernames. Two new callback functions are also introduced, with their respective setters: gnutls_psk_set_server_credentials_function2() and gnutls_psk_set_client_credentials_function2(). In addition, the password file format is extended so that non-string usernames can be specified. A leading '#' character tells GnuTLS that the username should be interpreted as a raw byte string (encoded in HEX). Example: #deadbeef:9e32cf7786321a828ef7668f09fb35db Signed-off-by: Ander Juaristi's avatarAnder Juaristi <a@juaristi.eus>
* | | | Merge branch 'postpone_config_loading' into 'master'Daiki Ueno2020-03-231-1/+1
|\ \ \ \ | |/ / / |/| | | | | | | | | | | | | | | | | | | global: Load configuration after FIPS POST Closes #956 See merge request gnutls/gnutls!1216
| * | | global: Load configuration after FIPS POSTAnderson Toshiyuki Sasaki2020-03-181-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, if the loaded configuration file disabled an algorithm tested during FIPS-140 power-on self-tests, the test would fail. By loading the configuration file after the test is finished, such failure is avoided as any algorithm is allowed during the tests. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
* | | | Merge branch 'fix-fuzz' into 'master'Tim Rühsen2020-03-231-3/+4
|\ \ \ \ | |_|_|/ |/| | | | | | | | | | | Two fixes for oss-fuzz build target See merge request gnutls/gnutls!1219
| * | | oss-fuzz: return build error if fuzzers have failed to buildDmitry Baryshkov2020-03-221-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Instead of silently ignoring build errors and running fewer fuzzers, exit on the first build error. Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
| * | | oss-fuzz: use CC rather than CXX to compile fuzzersDmitry Baryshkov2020-03-221-2/+3
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | clang++ will choke on several fuzzer sources because C++ is stricter than C wrt. type conversion: gnutls_base64_decoder_fuzzer.c:26:63: error: non-constant-expression cannot be narrowed from type 'size_t' (aka 'unsigned long') to 'unsigned int' in initializer list [-Wc++11-narrowing] gnutls_datum_t raw = {.data = (unsigned char *)data, .size = size}; Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
* | | Merge branch 'tmp-fuzz-readme' into 'master'Tim Rühsen2020-03-221-4/+6
|\ \ \ | |_|/ |/| | | | | | | | fuzz: Update README.md for clang-9 [skip ci] See merge request gnutls/gnutls!1218
| * | fuzz: Update README.md for clang-9 [skip ci]Tim Rühsen2020-03-221-4/+6
| | | | | | | | | | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* | | Merge branch 'eddsa-pkcs11' into 'master'Nikos Mavrogiannopoulos2020-03-207-4/+282
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | Add support for loading Ed25519 keys from PKCS#11 and using them Closes #946 See merge request gnutls/gnutls!1200
| * | | Validate EC_PARAMS for EdDSA keysJakub Jelen2020-03-183-4/+123
| | | | | | | | | | | | | | | | Signed-off-by: Jakub Jelen <jjelen@redhat.com>
| * | | pubkey: Validate input parameters in pubkey_import_ecc_rawJakub Jelen2020-03-181-1/+6
| | | | | | | | | | | | | | | | Signed-off-by: Jakub Jelen <jjelen@redhat.com>
| * | | tests: Verify writing and reading of ECDSA public keys from PKCS#11Jakub Jelen2020-03-181-0/+42
| | | | | | | | | | | | | | | | Signed-off-by: Jakub Jelen <jjelen@redhat.com>
| * | | tests: Verify writing and reading of EdDSA public keysJakub Jelen2020-03-181-0/+43
| | | | | | | | | | | | | | | | Signed-off-by: Jakub Jelen <jjelen@redhat.com>
| * | | pkcs11_write: Copy data to avoid double-free crashes and properly encode ↵Jakub Jelen2020-03-181-3/+12
| | | | | | | | | | | | | | | | | | | | | | | | EC_POINT attribute Signed-off-by: Jakub Jelen <jjelen@redhat.com>
| * | | Add support for loading EdDSA keys from PKCS#11 and using themJakub Jelen2020-02-282-0/+60
| | | | | | | | | | | | | | | | Signed-off-by: Jakub Jelen <jjelen@redhat.com>
* | | | Merge branch 'tmp-prf-get' into 'master'Daiki Ueno2020-03-2010-0/+46
|\ \ \ \ | |_|/ / |/| | | | | | | | | | | state: add function to get the current hash algorithm See merge request gnutls/gnutls!1217
| * | | state: add function to get the current hash algorithmtmp-prf-getDaiki Ueno2020-03-1910-0/+46
|/ / / | | | | | | | | | | | | | | | | | | | | | This is particularly useful when the application applies key derivation function by itself with the same underlying hash algorithm as the session. Signed-off-by: Daiki Ueno <dueno@redhat.com>
* | | Merge branch 'tmp-chacha' into 'master'Daiki Ueno2020-03-1911-0/+196
|\ \ \ | |_|/ |/| | | | | | | | cipher: expose raw ChaCha20 cipher See merge request gnutls/gnutls!1210
| * | abi: add enum values for GNUTLS_CIPHER_CHACHA20_*tmp-chachaDaiki Ueno2020-03-191-0/+2
| | | | | | | | | | | | Signed-off-by: Daiki Ueno <dueno@redhat.com>
| * | cipher: allow setting ChaCha20 initial block counterDaiki Ueno2020-03-194-6/+68
| | | | | | | | | | | | | | | | | | | | | This also introduces GNUTLS_CIPHER_CHACHA20_32, which is a 96-bit nonce variant of GNUTLS_CIPHER_CHACHA20_64. Signed-off-by: Daiki Ueno <dueno@redhat.com>
| * | nettle: vendor in ChaCha20 implementation from nettleDaiki Ueno2020-03-196-0/+102
| | | | | | | | | | | | | | | | | | | | | This enables to use bundled ChaCha20 implementation if the system nettle doesn't have nettle_chacha_set_counter. Signed-off-by: Daiki Ueno <dueno@redhat.com>
| * | cipher: expose raw ChaCha20 cipherDaiki Ueno2020-03-193-0/+30
|/ / | | | | | | Signed-off-by: Daiki Ueno <dueno@redhat.com>
* | Merge branch 'tmp-ed448-fixes' into 'master'Daiki Ueno2020-03-185-4/+55
|\ \ | | | | | | | | | | | | ed448: fix certificate signature verification See merge request gnutls/gnutls!1213
| * | tests/sign-is-secure: fix off-by-one errortmp-ed448-fixesDaiki Ueno2020-03-161-1/+1
| | | | | | | | | | | | | | | | | | | | | Reported by Peter Dettman in: https://gitlab.com/gnutls/gnutls/-/issues/128#note_304892538 Signed-off-by: Daiki Ueno <dueno@redhat.com>
| * | algorithms: properly calculate hash strength for Ed448Daiki Ueno2020-03-164-3/+54
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The Ed448 signature scheme internally uses XOF (SHAKE256) as the hash function with 114-octet output. According to FIPS-202, the strength against collisions is calculated as: min(114*8/2, 256) = 256 Reported by Peter Dettman in: https://gitlab.com/gnutls/gnutls/-/issues/128#note_304892538 Signed-off-by: Daiki Ueno <dueno@redhat.com>
* | | Merge branch 'improve_fips_selftests' into 'master'Nikos Mavrogiannopoulos2020-03-181-309/+377
|\ \ \ | | | | | | | | | | | | | | | | Improve FIPS signatures self-tests See merge request gnutls/gnutls!1206
| * | | crypto-selftests-pk.c: Use deterministic signatures in test_known_sig()Anderson Toshiyuki Sasaki2020-03-161-165/+153
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use deterministic signatures for ECDSA and DSA in test_known_sig(). Do not call test_known_sig() for non-deterministic algorithms. Do not run PK_TEST() for algorithms tested with PK_KNOWN_TEST(). The deterministic algorithms are used if in FIPS-140 POST or if FIPS-140 mode is disabled. When called explicitly with FIPS-140 mode enabled, the pairwise-consistency test (PK_TEST()) is used instead. test_known_sig() was modified to support only deterministic algorithms. The "deterministic" parameter was replaced with the "flags" parameter through which the flags to be used in gnutls_privkey_sign_data() are passed. The hard-coded values for the ECDSA and DSA signatures were replaced with the values corresponding to the deterministic signatures to be used in known answer tests. The unused values for GOST signatures were removed. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
| * | | crypto-selftests-pk.c: Use specified key in test_sig()Anderson Toshiyuki Sasaki2020-03-161-192/+269
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, test_sig() would use the same key regardless the value provided in bits parameter. The changes introduced make test_sig() to choose the key according to the value provided in bits. For RSA, only 2048 bits key is available for testing. The calls were adjusted accordingly. Introduced 2048 bits DSA key in test_sig(). Removed unused 512 bits key, leaving only the 2048 bits key available. For GOST, use the same keys for test_sig() and test_known_sig(). Remove the unused keys. Reorder constant values and change variables names for better readability. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
View Lorry Controller Status