summaryrefslogtreecommitdiff
path: root/lib
Commit message (Collapse)AuthorAgeFilesLines
* doc: corrected typos [ci skip]Nikos Mavrogiannopoulos2018-11-211-4/+4
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* crypto-self-tests-pk: added RSA-PSS sign/verify testsNikos Mavrogiannopoulos2018-11-201-16/+28
| | | | | | | | | This also corrects the GOST R 34.10-2012-512-TC26-512-A self test. Relates: #597 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Merge branch 'tmp-eddsa-pkcs11' into 'master'Nikos Mavrogiannopoulos2018-11-193-0/+80
|\ | | | | | | | | | | | | Added support for Ed25519 keys under PKCS#11 Closes #417 See merge request gnutls/gnutls!812
| * Add support for EDDSA/Ed25519 object support via PKCS#11Simo Sorce2018-11-193-0/+80
| | | | | | | | | | | | | | | | | | Tested with softHSM 2.5.0 Resolves #417 Signed-off-by: Simo Sorce <simo@redhat.com> Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* | Merge branch 'tmp-fix-certificate-type' into 'master'Nikos Mavrogiannopoulos2018-11-192-26/+33
|\ \ | |/ |/| | | | | gnutls_certificate_type_get*: ensure that the default type is returned See merge request gnutls/gnutls!806
| * gnutls_certificate_type_get*: updated documentation to list limitationstmp-fix-certificate-typeNikos Mavrogiannopoulos2018-11-191-16/+23
| | | | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
| * gnutls_certificate_type_get*: ensure that the default type is returnedNikos Mavrogiannopoulos2018-11-181-10/+10
| | | | | | | | | | | | | | | | | | | | | | | | That is, ensure that unless we negotiate something else than X509, the default certificate type is returned to applications. Previously we wouldn't do that for TLS1.3 resumed sessions, and we would return zero (invalid type) instead. That addresses issues with applications checking explicitly for X509 certificate type being present. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* | record: gnutls_record_send_early_data: check the upper limitDaiki Ueno2018-11-181-1/+10
| | | | | | | | Signed-off-by: Daiki Ueno <dueno@redhat.com>
* | tls13/session_ticket: fix "max_early_data_size" extension handlingDaiki Ueno2018-11-182-4/+5
|/ | | | | | session->security_parameters.max_early_data_size is initially set to 0. Signed-off-by: Daiki Ueno <dueno@redhat.com>
* update documentation on GNUTLS_AUTO_REAUTH and gnutls_record_get_direction ↵Nikos Mavrogiannopoulos2018-11-172-9/+14
| | | | | | | | | | | [ci skip] That clarifiesthe intention, and adds warning of using this flag when multiple threads are involved. Based on suggestion by Michael Catanzaro. Relates: #615 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* Merge branch 'tpm12_testing' into 'master'Nikos Mavrogiannopoulos2018-11-161-0/+1
|\ | | | | | | | | tests: tpm: Add a test case for tpmtool See merge request gnutls/gnutls!807
| * lib: tpm: Fix a memory leakStefan Berger2018-11-151-0/+1
| | | | | | | | Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
* | Merge branch 'gost-raw-privkeys' into 'master'Nikos Mavrogiannopoulos2018-11-167-5/+114
|\ \ | | | | | | | | | | | | Improve support of GOST private keys parsing See merge request gnutls/gnutls!802
| * | nettle/gost: gostdsa: use size_t instead of mp_limb_tDmitry Eremin-Solenikov2018-11-162-2/+2
| | | | | | | | | | | | | | | | | | | | | Use size_t for size variables instead of mp_limb_t (data type rather than size type). Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * | pkcs8: support GOST keys without encapsulationDmitry Eremin-Solenikov2018-11-161-2/+22
| | | | | | | | | | | | | | | | | | | | | | | | Add support for yet another representation of GOST private keys: LE-formatted number encoded into pkcs-8-PrivateKeyInfo.privateKey without any additional encapsulation. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * | nettle: unmaks GOST private keys if necessaryDmitry Eremin-Solenikov2018-11-161-0/+3
| | | | | | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * | nettle/gost: support GOST key unmaskingDmitry Eremin-Solenikov2018-11-163-1/+87
| | | | | | | | | | | | | | | | | | | | | | | | New Russian reccomendation defines 'key masking' in the form of several concatenated numbers, which must be multiplied modulo Q to get private key. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* | | Merge branch 'tmp-anti-replay-updates' into 'master'Nikos Mavrogiannopoulos2018-11-167-38/+65
|\ \ \ | |/ / |/| | | | | | | | | | | | | | updates in anti-replay subsystem Closes #610 See merge request gnutls/gnutls!805
| * | anti_replay: moved new add function into anti_replay structureNikos Mavrogiannopoulos2018-11-157-38/+65
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The new function was not sharing anything with the existing gnutls_db_* backend, and moving it to anti_replay structure is more clean and allows for deviations from the old API conventions (e.g., now we can pass pointers for efficiency and pass the expiration time as part of the call). Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* | | _gnutls_x509_read_eddsa_pubkey(): sanity check the input valuestmp-cert-statusNikos Mavrogiannopoulos2018-11-151-4/+10
| | | | | | | | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* | | gnutls_x509_privkey_import_ecc_raw(): fail on invalid sizesNikos Mavrogiannopoulos2018-11-152-0/+13
| | | | | | | | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* | | doc: minor updates in elliptic curve documentationNikos Mavrogiannopoulos2018-11-154-48/+51
|/ / | | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* | pkcs7: allow BER encoding when parsing encapContentInfo.eContentDmitry Eremin-Solenikov2018-11-141-2/+2
|/ | | | | | | CMS specification explicitly allows BER encoding in CMS files. RFC 4134 example 4.5 uses BER indefinite encoding. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Merge branch 'tpm12_fix_memory_leak' into 'master'Nikos Mavrogiannopoulos2018-11-131-5/+0
|\ | | | | | | | | tpm: Fix memory leak in encode_tpmkey_url See merge request gnutls/gnutls!800
| * tpm: Fix memory leak in encode_tpmkey_urlStefan Berger2018-11-121-5/+0
| | | | | | | | | | | | | | | | When returning the key URL in encode_tpm_key_url we do not need to allocate a separate buffer for the URL since we return the allocated buffer from _gnutls_buffer_to_datum(). Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
* | Merge branch 'tmp-0rtt' into 'master'Daiki Ueno2018-11-1223-143/+1132
|\ \ | | | | | | | | | | | | | | | | | | add support for 0-RTT Closes #127 See merge request gnutls/gnutls!775
| * | TLS 1.3: implement anti-replay measure using ClientHello recordingDaiki Ueno2018-11-129-2/+301
| | | | | | | | | | | | | | | | | | | | | This implements ClientHello recording outlined in section 8.2 of RFC 8446. Signed-off-by: Daiki Ueno <dueno@redhat.com>
| * | db: introduce gnutls_db_set_add_functionDaiki Ueno2018-11-125-0/+31
| | | | | | | | | | | | | | | | | | | | | This adds a way to store an entry if it is not found in the database, so that the implementation can provide atomic test-and-set. Signed-off-by: Daiki Ueno <dueno@redhat.com>
| * | db: introduce gnutls_db_check_entry_expire_timeDaiki Ueno2018-11-124-1/+43
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This would be particularly useful when the same database is used to store long-lived TLS 1.2 session data and short-lived TLS 1.3 anti-replay entries. Note that the existing gnutls_db_check_entry doesn't fit in this use-case, as it takes gnutls_session_t as the argument. Signed-off-by: Daiki Ueno <dueno@redhat.com>
| * | tls13/session_ticket: record timestamp in ticketDaiki Ueno2018-11-122-4/+26
| | | | | | | | | | | | | | | | | | | | | This is needed for implementing freshness checks outlined in 8.3 of RFC 8446. Signed-off-by: Daiki Ueno <dueno@redhat.com>
| * | str: suppress compiler warning when time_t is 32-bitDaiki Ueno2018-11-121-1/+1
| | | | | | | | | | | | Signed-off-by: Daiki Ueno <dueno@redhat.com>
| * | record: introduce new API functions for early dataDaiki Ueno2018-11-114-1/+124
| | | | | | | | | | | | | | | | | | | | | | | | This introduces gnutls_record_get_max_early_data_size(), gnutls_record_send_early_data(), and gnutls_record_recv_early_data() functions. Signed-off-by: Daiki Ueno <dueno@redhat.com>
| * | handshake: handle early dataDaiki Ueno2018-11-1112-108/+572
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This plumbers early data handling in the handshake processes, which consists of: - traffic key updates taking into account of client_early_traffic_secret - early data buffering in both server and client - the EndOfEarlyData message handling - making use of max_early_data_size extension in NewSessionTicket Signed-off-by: Daiki Ueno <dueno@redhat.com>
| * | session_pack: record max_early_data_size in session dataDaiki Ueno2018-11-111-2/+8
| | | | | | | | | | | | | | | | | | | | | max_early_data_size sent as part of NST should be recorded and restored when the session data is set back on the session. Signed-off-by: Daiki Ueno <dueno@redhat.com>
| * | record: fix memleak when rejecting early dataDaiki Ueno2018-11-111-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | The "discard" label previously used assumes that the decrypted record is already added to record_recv_buffer. It is not the case when rejecting early data. Release the allocated memory manually and return early. Signed-off-by: Daiki Ueno <dueno@redhat.com>
| * | constate: add epoch_rel argument to _gnutls_epoch_dupDaiki Ueno2018-11-114-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is necessary for handling early data. Previously, _gnutls_epoch_dup() copied the parameters from EPOCH_READ_CURRENT, while the client only sets EPOCH_WRITE_CURRENT when sending early data. This allows caller to specify from which epoch the parameters are copied. Signed-off-by: Daiki Ueno <dueno@redhat.com>
| * | handshake: refactor early secret derivationDaiki Ueno2018-11-112-16/+8
| | | | | | | | | | | | Signed-off-by: Daiki Ueno <dueno@redhat.com>
| * | handshake: record transcript hash for ClientHelloDaiki Ueno2018-11-112-0/+8
| | | | | | | | | | | | | | | | | | | | | This is necessary to compute client_early_traffic_secret and early_exporter_master_secret in TLS 1.3. Signed-off-by: Daiki Ueno <dueno@redhat.com>
| * | ext/pre_shared_key: use predefined macros for secret labelsDaiki Ueno2018-11-112-5/+5
| |/ | | | | | | Signed-off-by: Daiki Ueno <dueno@redhat.com>
* | Merge branch 'tmp-f29' into 'master'Dmitry Eremin-Solenikov2018-11-124-13/+21
|\ \ | |/ |/| | | | | | | | | .gitlab-ci.yml: move to fedora29 for CI Closes #607 See merge request gnutls/gnutls!794
| * pkcs12: cleanups, and two memory leak fixesNikos Mavrogiannopoulos2018-11-101-10/+8
| | | | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
| * Added checks to avoid false negatives reported by static analyzersNikos Mavrogiannopoulos2018-11-102-2/+9
| | | | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
| * Initialize output var to avoid false negative from static analyzersNikos Mavrogiannopoulos2018-11-091-1/+4
| | | | | | | | | | | | | | This was identified by clang analyzer's on _gnutls_x509_dn_to_string and _gnutls_x509_decode_string. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* | Unconditionally include nettle/memxor.htmp-remove-gl-memxorTim Rühsen2018-11-101-5/+0
|/ | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* Merge branch 'tmp-ignore-ctypes' into 'master'Nikos Mavrogiannopoulos2018-11-021-22/+28
|\ | | | | | | | | | | | | gnutls_priority_init: ignore CTYPE-OPENPGP options Closes #593 See merge request gnutls/gnutls!789
| * gnutls_priority_init: ignore CTYPE-OPENPGP optionstmp-ignore-ctypesNikos Mavrogiannopoulos2018-11-011-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | In GnuTLS 3.6.0 we dropped support for openpgp keys, however the CTYPE-OPENPGP is often seen in applications, sometimes as -CTYPE-OPENPGP to ensure it is not enabled. We simply ignore this priority string when seen, to avoid preventing these applications from running. Resolves #593 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
| * gnutls_priority_init: fixed indentation according to project rulesNikos Mavrogiannopoulos2018-11-011-22/+25
| | | | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* | ext/record_size_limit: handle the extension in TLS 1.2 ServerHellotmp-fix-record-size-limit-tls12Daiki Ueno2018-11-011-1/+1
|/ | | | | | | Previously it had assumed that TLS 1.2 servers don't send the extension, while actually it can be present in ServerHello. Signed-off-by: Daiki Ueno <dueno@redhat.com>
* gnutls_priority_set: re-organizedtmp-fix-priority-setNikos Mavrogiannopoulos2018-10-311-22/+22
| | | | | | | | | The sanity tests we moved prior to setting these priorities and the %GNUTLS_E_NO_PRIORITIES_WERE_SET error code is returned consistently to indicate that the existing priorities were not overwritten. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* gnutls_priority_set: do not override the version after handshake is completeNikos Mavrogiannopoulos2018-10-301-4/+6
| | | | | | | | | | | When an application would re-set priorities prior to a rehandshake we would override the negotiated version with the highest supported, something which may lead to issues. This disables that unnecessary version override. See: https://bugzilla.redhat.com/show_bug.cgi?id=1634736 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
View Lorry Controller Status