summaryrefslogtreecommitdiff
path: root/lib/prf.c
Commit message (Collapse)AuthorAgeFilesLines
* build: re-indent codeDaiki Ueno2023-04-241-51/+42
| | | | Signed-off-by: Daiki Ueno <ueno@gnu.org>
* Indent codeZoltan Fridrich2023-01-271-34/+24
| | | | | Co-authored-by: Simon Josefsson <simon@josefsson.org> Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
* prf: don't crash when called before handshake completionMiroslav Lichvar2019-11-061-0/+9
| | | | | | | If a gnutls_prf*() function is called before the handshake is completed, return GNUTLS_E_INVALID_REQUEST instead of crashing. Signed-off-by: Miroslav Lichvar <mlichvar@redhat.com>
* gnutls_prf_early: corrected Since version [ci skip]Nikos Mavrogiannopoulos2019-06-031-1/+1
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* prf: add function to retrieve early keying materialDaiki Ueno2019-04-191-26/+90
| | | | | | | | | This adds a new function gnutls_prf_early, which shall be called in a handshake hook waiting for GNUTLS_HANDSHAKE_CLIENT_HELLO. The test needs to be run in a datefudge wrapper as the early secrets depend on the current time (through PSK). Signed-off-by: Daiki Ueno <dueno@redhat.com>
* prf: centrally define "exporter" label in handshake.hDaiki Ueno2019-04-191-2/+1
| | | | Signed-off-by: Daiki Ueno <dueno@redhat.com>
* Use https:// for www.gnu.org and www.example.comTim Rühsen2019-03-131-1/+1
| | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* session state: TLS1.2 and TLS1.3 state is stored as unionNikos Mavrogiannopoulos2018-02-191-1/+1
| | | | | | | | | That is, to reduce memory usage as these protocol cannot be used in parallel. Relates: #281 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* session state: organized key exchange keys into structuresNikos Mavrogiannopoulos2018-02-191-1/+1
| | | | | | | That is, with the view of separating the data needed for TLS1.2 and earlier and TLS1.3. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* gnutls_prf_rfc5705: apply the context limits only under TLS1.2 or earlierNikos Mavrogiannopoulos2018-02-191-5/+5
| | | | | | These limits do not exist under TLS1.3. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* gnutls_prf_raw: fail under TLS1.3Nikos Mavrogiannopoulos2018-02-191-4/+9
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* gnutls_prf: prevent usage under TLS1.3Nikos Mavrogiannopoulos2018-02-191-5/+12
| | | | | | | Only allow its use when it is documented to have the same output as gnutls_rfc5705() and in that case make it a wrapper to it. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* gnutls_prf_rfc5705: calculate exporter using HKDF if TLS 1.3Daiki Ueno2018-02-191-18/+62
| | | | Signed-off-by: Daiki Ueno <dueno@redhat.com>
* handshake: simplify by storing a pointer to PRF mac entryNikos Mavrogiannopoulos2018-02-191-2/+2
| | | | | | | That way, we avoid multiple function calls to obtain information such as hash size, and other MAC properties. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* _gnutls_PRF: was made inline functionNikos Mavrogiannopoulos2017-06-011-27/+10
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* prf: implement the TLS 1.0 and 1.2 PRFs using nettleNikos Mavrogiannopoulos2017-06-011-214/+6
| | | | | | | That simplifies the existing PRF code and moves it in the crypto-backend component. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Cache MAC algorithm used for PRF functionDmitry Eremin-Solenikov2016-12-141-14/+2
| | | | | | | | Instead of spreading checks all over the GnuTLS, cache used PRF after setting the cipher suite and reference the value later. Like in _gnutls_PRF_raw the GNUTLS_MAC_MD5_SHA1 means MD5+SHA1 combo. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Use MAC_MD5_SHA1 instead of MAC_UNKNOWN to specify TLS 1.0 PRFDmitry Eremin-Solenikov2016-12-141-4/+4
| | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* several spacing fixes to keep syntax-check happyNikos Mavrogiannopoulos2016-09-111-12/+12
|
* gnutls_prf: document when its output matches gnutls_prf_rfc5705Nikos Mavrogiannopoulos2016-07-271-0/+3
|
* doc: corrected typoNikos Mavrogiannopoulos2016-06-191-1/+1
|
* Removed the 'gnutls_' prefix from files to simplify file namingNikos Mavrogiannopoulos2015-08-231-4/+4
|
* Moved the PRF functions to prf.cNikos Mavrogiannopoulos2015-08-231-0/+457
View Lorry Controller Status