| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
_decode_pkcs8_modern_ecdh_key is virtually the same as
_decode_pkcs8_eddsa_key. Another implementation would be
to collapse these two functions into one, since their structure
is identical.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
| |
| |
| |
| |
| |
| |
| | |
These are just trivial extension points where the codepath is the same
for the ECDH scheme as it is for the EdDSA scheme.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This uses the same structure as _gnutls_x509_write_eddsa_pubkey.
Another way to write this would be to combine those two functions,
despite X448 and X25519 not being EdDSA at all.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
I am not confident in the strings I chose to match on in
ASN1_ETYPE_PRINTABLE_STRING, in that I do not know what registry
I should look this up in.
The *parse_ecc_ecdh_params and *import_ecc_ecdh functions are tweaked
analogs to the eddsa versions of those functions.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is basically a copy of the EdDSA case in the switch statement.
Another way to implement it would be to augment the EdDSA case (and
the functions it uses) to have that case also handle ECDH use of the
CFRG curves.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
| |
| |
| |
| | |
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
| |
| |
| |
| |
| |
| | |
This is useful for the so-called CFRG curves used in ECDH, x25519 and x448.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
| |
| |
| |
| | |
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
|\ \
| | |
| | |
| | |
| | | |
wrap_nettle_hash_exists: add missing hash algorithms
See merge request gnutls/gnutls!1473
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This adds SHAKE-128, SHAKE-256, and RIPEMD-160 to the supported
algorithms by nettle. While SHAKEs are not a hash algorithm but an
XOF, it would be consistent to report they are implemented.
The simple test is expanded to exercise the code
path (gnutls_digest_get_id → wrap_nettle_hash_exists).
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|\ \ \
| |_|/
|/| |
| | |
| | | |
fuzz: explicitly supply LDFLAGS to clang++ command line
See merge request gnutls/gnutls!1474
|
| |/
| |
| |
| |
| |
| |
| | |
This prevented fuzzer programs being linked in Ubuntu 20.03, used in
oss-fuzz.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|\ \
| |/
|/|
| |
| | |
.gitlab-ci.yml: new ASan job with -DAGGRESSIVE_REALLOC
See merge request gnutls/gnutls!1472
|
|/
|
|
|
|
|
| |
This would exercise the same logic currently covered with
fedora-valgrind-aggressive in each MR.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|\
| |
| |
| |
| | |
devel: provide external git diff driver for *.abi files
See merge request gnutls/gnutls!1214
|
| |
| |
| |
| |
| |
| |
| |
| | |
This adds an external diff driver for *.abi files, that shows only
interesting changes in those files. This would be useful when adding
a new API.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|\ \
| | |
| | |
| | |
| | | |
fuzz: allow multiple definitions of gnutls_rnd in oss-fuzz
See merge request gnutls/gnutls!1471
|
|/ /
| |
| |
| | |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|\ \
| | |
| | |
| | |
| | | |
Suppress warnings spotted by LGTM
See merge request gnutls/gnutls!1470
|
| | |
| | |
| | |
| | |
| | |
| | | |
Spotted by LGTM.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| | |
| | |
| | |
| | |
| | |
| | | |
Spotted by LGTM.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|\ \ \
| |/ /
|/| |
| | |
| | | |
tls-fuzzer: update submodules to the latest
See merge request gnutls/gnutls!1469
|
| | |
| | |
| | |
| | | |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|/ /
| |
| |
| | |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|\ \
| | |
| | |
| | |
| | | |
fix SSSE3 SHA384 to work more than once
See merge request gnutls/gnutls!1466
|
|/ /
| |
| |
| |
| |
| |
| |
| | |
The output function called sha512_digest() instead of sha384_digest(),
which caused the hash context to be reinitialized for SHA512 instead of
SHA384 and all following digests using the hash handle were wrong.
Signed-off-by: Miroslav Lichvar <mlichvar@redhat.com>
|
|\ \
| | |
| | |
| | |
| | | |
testcompat-openssl-tls13-cli.sh: disable early data testing for CI stability
See merge request gnutls/gnutls!1468
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This test is causing intermittent failure quite often in the CI.
Let's temporarily disable it until the cause is properly investigated.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|/ /
| |
| |
| |
| |
| |
| |
| | |
This makes the locking logic per port, not per entire make process.
It also makes use of absolute paths for locking directory, so that
tlsfuzzer tests can use it.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|\ \
| | |
| | |
| | |
| | | |
tests/tls13/post-handshake-with-cert: avoid a race condition
See merge request gnutls/gnutls!1464
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
A server tries to close connection and kill the client after reauth.
Client, in turn, attempts to send data in some cases.
This patch makes the server wait for the client to terminate first.
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
|
|\ \ \
| |/ /
|/| |
| | |
| | | |
Avoid tests killing entire process groups
See merge request gnutls/gnutls!1463
|
| | |
| | |
| | |
| | | |
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | | |
Add a safeguard to `terminate()` so that we don't kill whole pgroups.
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
|
|/ /
| |
| |
| |
| |
| |
| | |
`terminate()` executed from the child process results in a `kill(0, SIGTERM)`,
bringing the whole pgroup down. `exit(1)` should be called instead.
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
|
|\ \
| | |
| | |
| | |
| | | |
INSTALL.md: Update documentation on building static library
See merge request gnutls/gnutls!1462
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
As of commit a88eb79d88c53531c49d7cedfce2207f36ac8a9d, building a
static archive (libgnutls.a) is off by default. This commit updates the
documentation for building a static library in INSTALL.md .
Signed-off-by: Nick Child <nick.child@ibm.com>
|
|\ \ \
| |/ /
|/| |
| | |
| | | |
guile: Add 'gnutls_x509_crt_get_fingerprint', 'GNUTLS_DIG_SHA256'
See merge request gnutls/gnutls!1461
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* guile/modules/gnutls/build/enums.scm (%digest-enum): Add 'sha256'.
* guile/modules/gnutls.in: Export 'digest/sha256'.
* guile/tests/x509-certificates.scm: Test 'digest/sha256' with
'x509-certificate-fingerprint'.
(%sha256-fingerprint): New constant.
Signed-off-by: Simon South <simon@simonsouth.net>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* guile/src/core.c (MAX_HASH_SIZE): New constant.
(scm_gnutls_x509_certificate_fingerprint): New function.
* guile/modules/gnutls.in: Export 'x509-certificate-fingerprint'.
* guile/tests/x509-certificates.scm: Test 'x509-certificate-fingerprint'.
(%sha1-fingerprint): New constant.
(u8vector->hex-string): New procedure.
Signed-off-by: Simon South <simon@simonsouth.net>
|
|\ \
| | |
| | |
| | |
| | | |
x509: pin/password callback support for openssl encrypted private keys
See merge request gnutls/gnutls!1459
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| | |
This attempts to use the registered pin callback when the password for
an encrypted openssl private key is not supplied. This matches the
functionality for PKCS8 sealed keys above and is similar to what openssl
does in this situation.
Signed-off-by: Craig Gallek <cgallek@gmail.com>
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | | |
mem: instrument with ASan memory poisoning as well as valgrind
Closes #1260
See merge request gnutls/gnutls!1458
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This makes it possible to catch undefined memory access in the more
lightweight CI runs.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
pk: add flags to force RSA-PSS salt length to match digest length
Closes #1258
See merge request gnutls/gnutls!1455
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This adds a couple of flags to RSA-PSS signing and verification, to
enforce that the salt length matches the digest length. That is not
only recommended in RFC 4055, but also mandated in RFC 8446 in the TLS
1.3 context.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|\ \ \
| |/ /
|/| |
| | |
| | | |
fips: allow more RSA modulus sizes
See merge request gnutls/gnutls!1453
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously, we restricted RSA modulus size to be either 2048 or 3072
bits in FIPS mode, following FIPS 186-4. On the other hand, FIPS
140-2 IG A.14 and FIPS 140-3 IG C.F updates it to allow arbitrary
modulus sizes equal to or larger than 2048 bits under certain
conditions.
This change reflects the guidance, though it only allows known sizes
due to the complexity of calculating the approximate security strength
using the formula in FIPS 140-2 IG 7.5.
Suggested-by: Stephan Mueller
Reviewed-by: Stephan Mueller
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|\ \
| | |
| | |
| | |
| | | |
tests: tls13/key_share: rewrite as single process
See merge request gnutls/gnutls!1457
|