summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* fuzz: Update README.md for clang-9 [skip ci]tmp-fuzz-readmeTim Rühsen2020-03-191-3/+5
| | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* Merge branch 'tmp-chacha' into 'master'Daiki Ueno2020-03-1911-0/+196
|\ | | | | | | | | cipher: expose raw ChaCha20 cipher See merge request gnutls/gnutls!1210
| * abi: add enum values for GNUTLS_CIPHER_CHACHA20_*tmp-chachaDaiki Ueno2020-03-191-0/+2
| | | | | | | | Signed-off-by: Daiki Ueno <dueno@redhat.com>
| * cipher: allow setting ChaCha20 initial block counterDaiki Ueno2020-03-194-6/+68
| | | | | | | | | | | | | | This also introduces GNUTLS_CIPHER_CHACHA20_32, which is a 96-bit nonce variant of GNUTLS_CIPHER_CHACHA20_64. Signed-off-by: Daiki Ueno <dueno@redhat.com>
| * nettle: vendor in ChaCha20 implementation from nettleDaiki Ueno2020-03-196-0/+102
| | | | | | | | | | | | | | This enables to use bundled ChaCha20 implementation if the system nettle doesn't have nettle_chacha_set_counter. Signed-off-by: Daiki Ueno <dueno@redhat.com>
| * cipher: expose raw ChaCha20 cipherDaiki Ueno2020-03-193-0/+30
|/ | | | Signed-off-by: Daiki Ueno <dueno@redhat.com>
* Merge branch 'tmp-ed448-fixes' into 'master'Daiki Ueno2020-03-185-4/+55
|\ | | | | | | | | ed448: fix certificate signature verification See merge request gnutls/gnutls!1213
| * tests/sign-is-secure: fix off-by-one errortmp-ed448-fixesDaiki Ueno2020-03-161-1/+1
| | | | | | | | | | | | | | Reported by Peter Dettman in: https://gitlab.com/gnutls/gnutls/-/issues/128#note_304892538 Signed-off-by: Daiki Ueno <dueno@redhat.com>
| * algorithms: properly calculate hash strength for Ed448Daiki Ueno2020-03-164-3/+54
| | | | | | | | | | | | | | | | | | | | | | | | | | The Ed448 signature scheme internally uses XOF (SHAKE256) as the hash function with 114-octet output. According to FIPS-202, the strength against collisions is calculated as: min(114*8/2, 256) = 256 Reported by Peter Dettman in: https://gitlab.com/gnutls/gnutls/-/issues/128#note_304892538 Signed-off-by: Daiki Ueno <dueno@redhat.com>
* | Merge branch 'improve_fips_selftests' into 'master'Nikos Mavrogiannopoulos2020-03-181-309/+377
|\ \ | | | | | | | | | | | | Improve FIPS signatures self-tests See merge request gnutls/gnutls!1206
| * | crypto-selftests-pk.c: Use deterministic signatures in test_known_sig()Anderson Toshiyuki Sasaki2020-03-161-165/+153
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use deterministic signatures for ECDSA and DSA in test_known_sig(). Do not call test_known_sig() for non-deterministic algorithms. Do not run PK_TEST() for algorithms tested with PK_KNOWN_TEST(). The deterministic algorithms are used if in FIPS-140 POST or if FIPS-140 mode is disabled. When called explicitly with FIPS-140 mode enabled, the pairwise-consistency test (PK_TEST()) is used instead. test_known_sig() was modified to support only deterministic algorithms. The "deterministic" parameter was replaced with the "flags" parameter through which the flags to be used in gnutls_privkey_sign_data() are passed. The hard-coded values for the ECDSA and DSA signatures were replaced with the values corresponding to the deterministic signatures to be used in known answer tests. The unused values for GOST signatures were removed. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
| * | crypto-selftests-pk.c: Use specified key in test_sig()Anderson Toshiyuki Sasaki2020-03-161-192/+269
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, test_sig() would use the same key regardless the value provided in bits parameter. The changes introduced make test_sig() to choose the key according to the value provided in bits. For RSA, only 2048 bits key is available for testing. The calls were adjusted accordingly. Introduced 2048 bits DSA key in test_sig(). Removed unused 512 bits key, leaving only the 2048 bits key available. For GOST, use the same keys for test_sig() and test_known_sig(). Remove the unused keys. Reorder constant values and change variables names for better readability. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
| * | crypto-selftests-pk.c: Fix PK_KNOWN_TEST and PK_TESTAnderson Toshiyuki Sasaki2020-03-111-17/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, when multiple tests where declared in sequence using one of the macros, only the first test would be executed. This happened because a check for the GNUTLS_SELF_TEST_FLAG_ALL was embedded in the macro. To allow more than one test to be executed in sequence, the check for the flag was removed from both macros. To keep the previous behaviour (execute only the first test) the check for the flag was moved to be after the first test, except for RSA since the RSA encryption test must be executed in FIPS mode. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
| * | crypto-selftests-pk.c: Move hardcoded values to the topAnderson Toshiyuki Sasaki2020-03-111-112/+112
| | | | | | | | | | | | Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
* | | .lgtm.yml: work around issues in LGTM systemNikos Mavrogiannopoulos2020-03-161-2/+4
| | | | | | | | | | | | | | | | | | | | | This disables dependency tracking and removes the gnulib tests to work-around a failure build gl/. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* | | bootstrap.conf: do not bring tests in gnulib clones (src/unistring)Nikos Mavrogiannopoulos2020-03-161-2/+2
| | | | | | | | | | | | | | | | | | | | | These tests are not being run, and they can cause issues as in !1208. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* | | .lgtm.yml: no longer bring nettle from masterNikos Mavrogiannopoulos2020-03-161-10/+2
| | | | | | | | | | | | | | | | | | The system used has already a sufficiently recent version. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* | | Merge branch 'x509-version' into 'master'Dmitry Baryshkov2020-03-158-63/+28
|\ \ \ | |_|/ |/| | | | | | | | lib/x509: use common routine for parsing data version See merge request gnutls/gnutls!1209
| * | lib/x509: use common routine for parsing data versionDmitry Baryshkov2020-03-128-63/+28
|/ / | | | | | | | | | | | | | | | | | | OSS Fuzzer noted an issue in parsing (incorrect) CRL files with zero-length version field. Certificate parser does not have this issue, while CRL and OCSP Request and Response parsers shows this problem. To remove code duplication extract common function and use it from all four parsers. Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
* | Merge branch 'fix-crq-ext' into 'master'Dmitry Baryshkov2020-03-112-11/+9
|\ \ | | | | | | | | | | | | x509: drop endless loop in print_extensions See merge request gnutls/gnutls!1205
| * | x509: apply same fix to print_crqDmitry Baryshkov2020-03-101-4/+3
| | | | | | | | | | | | Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
| * | x509: apply same fix to print_crlDmitry Baryshkov2020-03-101-4/+3
| | | | | | | | | | | | Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
| * | x509: drop endless loop in print_extensionsDmitry Baryshkov2020-03-102-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If crq is malformed in extensions part, print_extensions() might loop endlessly because gnutls_x509_crq_get_extension_info would return unhandled GNUTLS_ASN1_DER_ERROR looping over extension index, rather than bailing out. Fix this by handling this error code properly. Found thanks to oss-fuzz. Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
* | | Merge branch 'tmp-static-assert' into 'master'Daiki Ueno2020-03-114-17/+19
|\ \ \ | |_|/ |/| | | | | | | | lib: use static assertion to check enum values See merge request gnutls/gnutls!1201
| * | lib: use static assertion to check enum valuestmp-static-assertDaiki Ueno2020-03-102-11/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We previously had checks of enum values with '#if', such as below: #define GNUTLS_EXTENSION_MAX_VALUE 31 typedef enum extensions_t { ... GNUTLS_EXTENSION_MAX /* not real extension - used for iterators */ } extensions_t; /* we must provide at least 16 extensions for users to register */ #if GNUTLS_EXTENSION_MAX_VALUE - GNUTLS_EXTENSION_MAX < 16 # error not enough extension types #endif This doesn't work as expected; because GNUTLS_EXTENSION_MAX is not defined as a preprocessor macro, it always expands to 0. To properly do this check, we need to use static assert as provided as the 'verify' macro in gnulib. Signed-off-by: Daiki Ueno <dueno@redhat.com>
| * | hello_ext: use 64-bit integer to track extensionsDaiki Ueno2020-03-103-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | We currently have 26 predefined extensions, allowing the user to define 5 extra as tested in tests/handshake-large-packet.c. However, if we introduce one more, session->internals.used_exts exceeds. Signed-off-by: Daiki Ueno <dueno@redhat.com>
* | | Merge branch 'fix-issuer-sign-tool' into 'master'Dmitry Baryshkov2020-03-102-1/+2
|\ \ \ | |_|/ |/| | | | | | | | lib/x509/output.c: remove occasioinal memory leak in print_issuer_sign_tool() See merge request gnutls/gnutls!1203
| * | lib/x509/output.c: remove occasioinal memory leak in print_issuer_sign_tool()Dmitry Baryshkov2020-03-072-1/+2
| |/ | | | | | | | | | | | | Remove memory leak in error handling in print_issuer_sign_tool() by moving asn1_delete_structure to the end of the function. Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
* | Merge branch 'crl-crq-fuzz' into 'master'Dmitry Baryshkov2020-03-0920-0/+106
|\ \ | | | | | | | | | | | | | | | | | | fuzz: add simple x509 certificate requests fuzzer Closes #903 See merge request gnutls/gnutls!1204
| * | fuzz: add simple x509 certificate requests and revocation lists fuzzersDmitry Baryshkov2020-03-0920-0/+106
| |/ | | | | | | | | | | | | | | | | Add x509 certificate requests and certificate revocation lists fuzzers. Use data from tests/cert-tests as a starting seed for the corpora. Fixes #903 Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
* | Merge branch 'tmp-releases' into 'master'Nikos Mavrogiannopoulos2020-03-091-0/+26
|\ \ | | | | | | | | | | | | RELEASES.md: describe the release process [ci skip] See merge request gnutls/gnutls!1202
| * | RELEASES.md: describe the release processNikos Mavrogiannopoulos2020-03-051-0/+26
| |/ | | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* | Merge branch 'tmp-gen-suppressions' into 'master'Nikos Mavrogiannopoulos2020-03-062-1/+8
|\ \ | |/ |/| | | | | Let valgrind suggest suppression rules on any issue it finds See merge request gnutls/gnutls!1195
| * Add valgrind suppression for fun:decode_complex_string.isra.0tmp-gen-suppressionsTim Rühsen2020-02-211-0/+7
| | | | | | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
| * Add --gen-suppressions=all to valgrind to iautomatically generate ↵Tim Rühsen2020-02-211-1/+1
| | | | | | | | | | | | suppression rules Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* | Merge branch 'tmp-keylog-func' into 'master'Daiki Ueno2020-02-2716-182/+67
|\ \ | | | | | | | | | | | | keylogfile: simplify the callback mechanism See merge request gnutls/gnutls!1196
| * | keylogfile: simplify the callback mechanismtmp-keylog-funcDaiki Ueno2020-02-2216-182/+67
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This partially reverts commit 97117556 with a simpler interface. The original intention of having the callback mechanism was to reuse it for monitoring QUIC encryption changes. However, it turned out to be insufficient because such changes must be emitted after a new epoch is ready. Signed-off-by: Daiki Ueno <dueno@redhat.com>
* | | Merge branch 'macosx-aarch64-accel' into 'master'Nikos Mavrogiannopoulos2020-02-251-6/+4
|\ \ \ | |/ / |/| | | | | | | | Adding missing macosx directory for aarch64 acceleration See merge request gnutls/gnutls!1198
| * | Adding missing macosx directory for aarch64 accelerationRoss Nicholson2020-02-241-6/+4
|/ / | | | | | | Signed-off-by: Ross Nicholson <phunkyfish@gmail.com>
* | Merge branch 'pbkdf2' into 'master'Dmitry Baryshkov2020-02-214-216/+0
|\ \ | |/ |/| | | | | lib: drop unused pbkdf2 helpers See merge request gnutls/gnutls!1194
| * lib: drop unused pbkdf2 helpersDmitry Baryshkov2020-02-184-216/+0
|/ | | | | | | Updated pbkdf2 API in GnuTLS removed the need for PBKDF2 helpers, drop them now. Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
* Merge branch 'tmp-travis-bison' into 'master'Nikos Mavrogiannopoulos2020-02-111-5/+7
|\ | | | | | | | | TravisCI: Add bison See merge request gnutls/gnutls!1192
| * TravisCI: Add bison [skip ci]tmp-travis-bisonTim Rühsen2020-02-081-5/+7
| | | | | | | | | | | | The latest gnulib needs a newer bison than TravisCI OSX has. Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* | Merge branch 'wip-save-ocsp-multi' into 'master'Tim Rühsen2020-02-092-16/+91
|\ \ | | | | | | | | | | | | Add option to store all stapled OCSP responses to gnutls-cli See merge request gnutls/gnutls!1189
| * | gnutls-cli: Add option to store all stapled OCSP responsesFiona Klute2020-02-082-16/+91
|/ / | | | | | | | | | | | | | | Note that there's a small modification to the behavior of the existing --ocsp-save option: If there is no stapled OCSP response the output file is still created and will be empty. Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
* | Merge branch 'tmp-lgtm' into 'master'Tim Rühsen2020-02-081-1/+1
|\ \ | |/ |/| | | | | .lgtm.yml: Fix --disable-documentation to --disable-doc [skip ci] See merge request gnutls/gnutls!1191
| * .lgtm.yml: Fix --disable-documentation to --disable-doc [skip ci]Tim Rühsen2020-02-071-1/+1
| | | | | | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* | Merge branch 'tmp-keylog-hook' into 'master'Daiki Ueno2020-02-0717-25/+588
|\ \ | |/ |/| | | | | | | | | keylogfile: generalize with a callback Closes #852 See merge request gnutls/gnutls!1184
| * keylogfile: generalize with a callbacktmp-keylog-hookDaiki Ueno2020-02-0717-25/+588
| | | | | | | | | | | | | | | | | | This refactors the keylogfile mechanism by adding a callback to get notified when a new secret is derived and installed. That way, consumers can implement custom logging feature per session, which is particularly useful in QUIC implementation. Signed-off-by: Daiki Ueno <dueno@redhat.com>
* | Merge branch 'tmp-gnulib-update' into 'master'Tim Rühsen2020-02-072-0/+1
|\ \ | | | | | | | | | | | | | | | | | | Update gnulib to fix building on OSX 10.9 Closes #926 See merge request gnutls/gnutls!1190
View Lorry Controller Status