| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
If the client advertises TLS < 1.2 before TLS 1.3 and the server is
configured with TLS 1.3 enabled, the server should select TLS 1.3;
otherwise the client will disconnect when seeing downgrade sentinel.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
|
|
|
|
|
|
|
| |
We already depend on nettle 3.4.1 which provides that symbol,
ensure that we use it consistently.
Relates: #835
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|\
| |
| |
| |
| |
| |
| | |
Do not forbid excess random padding in TLS1.x CBC ciphersuites
Closes #811
See merge request gnutls/gnutls!1054
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Since some point in 3.6.x we updated the calculation of maximum record size,
however that did not include the possibility of random record padding available
for CBC ciphersuites which exceeds the maximum. This commit allows for larger
sizes for these ciphersuites to account for random padding as applied by
gnutls 2.12.x.
Resolves: #811
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |
| |
| |
| | |
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
DECR_LEN was previously implemented in a way that it first decrements
the given length and then checks whether the result is negative. This
requires the caller to properly coerce the length argument to a signed
integer, before invoking the macro.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|/
|
|
|
|
| |
Fix c&p error in KX-removal loop.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
|
|
|
|
|
| |
21600 seconds is six hours.
Signed-off-by: Michael Catanzaro <mcatanzaro@gnome.org>
|
|
|
|
|
|
|
| |
This adds an in-place equivalent of gnutls_aead_cipher_encrypt() and
gnutls_aead_cipher_decrypt(), that works on data buffers.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
|
|
|
|
|
| |
This replaces the macros AUTH_UPDATE and ENCRYPT used in
gnutls_aead_cipher_encryptv() with the iov_iter interface.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
|
|
|
|
|
| |
This adds an iterator interface over giovec_t array, extracting a
fixed sized block.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
|
|
|
|
|
| |
This exposes the deterministic ECDSA/DSA functionality through the
GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
|
|
|
|
|
|
|
| |
This adds functions to perform deterministic ECDSA/DSA, namely
_gnutls_{ecdsa,dsa}_compute_k(), which computes the k value according
to RFC 6979. The retrieved k value can be given to
nettle_{ecdsa,dsa}_sign() through a wrapper random function.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
|
|
|
|
|
|
| |
This makes the functionality available on gcc 4.8.
Resolves: #812
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
|
|
|
| |
inih's license terms requires shipping a copy of the license when
redistributing the source.
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
|
|
|
|
|
|
|
|
|
| |
It's no longer required to retry this function with the same parameters
if you want to use gnutls_record_discard_queued().
Fixes #806
Signed-off-by: Michael Catanzaro <mcatanzaro@igalia.com>
|
|\
| |
| |
| |
| | |
nettle/gost: support building with GOST-enabled Nettle
See merge request gnutls/gnutls!1044
|
| |
| |
| |
| |
| |
| |
| |
| | |
Check for nettle_xts_encrypt_message() function rather than just
xts_encrypt_message(). All functions in nettle are renamed to contain
`nettle_` prefix.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
| |
| |
| |
| |
| |
| | |
Nettle library starts to gain support for GOST algorithms. Support
building GnuTLS with GOST-enabled nettle library.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Added test certificates (cert10.der) with registered ID
Updated Makefile for inclusion of test certificates
Updated SAN unknown test certificates (cert5.der)
Signed-off-by: Karsten Ohme <k_o_@users.sourceforge.net>
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | | |
Fixed alerts returned on TLS1.3 corner cases
Closes #682
See merge request gnutls/gnutls!1045
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This enables the tls-fuzzer tests 'test-tls13-certificate-verify.py'.
Resolves: #682
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|/ /
| |
| |
| | |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|\ \
| | |
| | |
| | |
| | | |
ext/session_ticket: eliminate redundant memcpy
See merge request gnutls/gnutls!1040
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In _gnutls_encrypt_session_ticket, ticket.encrypted_state is allocated
from ticket_data->data, thus those memory areas may overlap. Using
memcpy here leads to undefined behavior.
Spotted by valgrind run on ppc64le.
==95231== Source and destination overlap in memcpy(0x47ce3a2, 0x47ce3a2, 160)
==95231== at 0x408A840: memcpy (vg_replace_strmem.c:1023)
==95231== by 0x424EE9F: pack_ticket (session_ticket.c:139)
==95231== by 0x424FA4F: _gnutls_encrypt_session_ticket (session_ticket.c:335)
==95231== by 0x4199E3B: generate_session_ticket (session_ticket.c:249)
==95231== by 0x419A333: _gnutls13_send_session_ticket (session_ticket.c:307)
==95231== by 0x40F8817: _gnutls13_handshake_server (handshake-tls13.c:511)
==95231== by 0x4110DEB: handshake_server (handshake.c:3331)
==95231== by 0x410C70B: gnutls_handshake (handshake.c:2727)
==95231== by 0x10009EBF: retry_handshake (serv.c:1306)
==95231== by 0x1000AB67: tcp_server (serv.c:1500)
==95231== by 0x10009E5B: main (serv.c:1297)
==95231==
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|\ \
| | |
| | |
| | |
| | | |
pkcs11: ignore login error when traversing tokens
See merge request gnutls/gnutls!1031
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If a token is a general access device, it is expected that login
attempt to that token returns error:
https://github.com/p11-glue/p11-kit/blob/master/trust/module.c#L852
On the other hand, _pkcs11_traverse_tokens treats the error as fatal
and stops iteration. This behavior prevents object search without
token specifier if such tokens are registered in the system.
Reported by Stanislav Zidek in
https://bugzilla.redhat.com/show_bug.cgi?id=1705478
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
There were few infinite loop constructions which were checking
for an always true condition. Make sure that this construction
is marked explicitly as while(1) to assist static analysers, or
reviewers.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |/
|/|
| |
| |
| |
| |
| | |
Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15665
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|\ \
| | |
| | |
| | |
| | | |
gnutls_session_get_desc: avoid printing a NULL value
See merge request gnutls/gnutls!1038
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When gnutls_session_set_premaster() is used (under openconnect),
it is possible that gnutls_session_get_desc will print a string like
this: "(DTLS1.2)-(ECDHE-(null))-(AES-256-GCM)"
With this change we ensure that we do not print null values.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|\ \ \
| | | |
| | | |
| | | |
| | | | |
nettle/rnd-fips: add FIPS 140-2 continuous RNG test
See merge request gnutls/gnutls!1034
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This adds a continuous random number generator test as defined in FIPS
140-2 4.9.2, by iteratively fetching fixed sized block from the system
and comparing consecutive blocks.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
lib: add support for AES-GMAC
Closes #781
See merge request gnutls/gnutls!1036
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Fail _wrap_nettle_mac_set_nonce() and _wrap_nettle_mac_fast() if MAC
requires nonce, but it was not supplied.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Calling set_nonce before set_key is plain incorrect. For GMAC key is not
initialized. For UMAC set_key will reset nonce to empty.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Add support for computing AES-GMAC using MAC API, as requested by Samba
for SMB3 support.
Resolves: #781
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
options
Resolves: #794
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We were not setting the third array member correctly, though
this didn't have any impact to previous implementations as they
did not rely on it. This also moves away from the custom implementation
of cpuid (which was limited), and we now rely on the compiler's
version.
This effectively enables support for SHA_NI.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
During the test suite run we require that all supported
MAC and hash algorithms implement the copy function.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | | |
This implements the new API to all internal implementations.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | | |
Add gnutls_hash_copy() function for copying message digest context.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|