| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|/
|
|
| |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
|\
| |
| |
| |
| | |
Fix cross-compilation of the Guile bindings
See merge request gnutls/gnutls!1120
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Reported by Helmut Grohne <helmut@subdivi.de>
and Andreas Metzler <ametzler@bebt.de>
at <https://bugs.debian.org/943905>.
* guile/Makefile.am (%.go): Pass "GUILE_AUTO_COMPILE=0" to avoid
warnings about 'guild' needing to be compiled.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Reported by Helmut Grohne <helmut@subdivi.de>
and Andreas Metzler <ametzler@bebt.de>
at <https://bugs.debian.org/943905>.
* configure.ac: Add 'CROSS_COMPILING' conditional.
* guile/Makefile.am (CROSS_COMPILING_VARIABLE): New variable.
(%.go): Use it.
* guile/modules/gnutls.in <top level>: Do not call 'load-extension'
when "GNUTLS_GUILE_CROSS_COMPILING" is defined.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|\ \
| |/
|/|
| |
| | |
vko: fix possible unitilized scalar access
See merge request gnutls/gnutls!1118
|
|/
|
|
|
|
|
|
|
| |
Fix error path in _gnutls_gost_keytrans_decrypt. If
_asn1_strict_der_decode() fails, cleanup path will try to
gnutls_pk_params_release(&pub), which will access unitialized pub
variable. Fix by deleting asn1 sctructure directly.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
|\
| |
| |
| |
| | |
GOST key exchange support
See merge request gnutls/gnutls!1097
|
| |
| |
| |
| | |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
| |
| |
| |
| |
| |
| | |
Two GOST groups will have two curves attached. Add function to retrieve
group by curve, rather than by group id.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
| |
| |
| |
| |
| |
| | |
GOST VKO key derivation needs another opaque argument (called UKM).
Add an argument to _gnutls_pk_derive to accomodate that keying material.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
| |
| |
| |
| |
| | |
GOST VKO is a variant of ECDHE algorithm.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
|\ \
| | |
| | |
| | |
| | | |
nettle: backport fixes to cfb8_decrypt
See merge request gnutls/gnutls!1117
|
| | |
| | |
| | |
| | | |
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| | |
| | |
| | |
| | |
| | | |
Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
cfb8: don't truncate output IV if input is shorter than block size:
https://git.lysator.liu.se/nettle/nettle/commit/f4a9c842621baf5d71aa9cc3989851f44dc46861
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|\ \ \
| |/ /
|/| |
| | |
| | | |
prf: don't crash when called before handshake completion
See merge request gnutls/gnutls!1116
|
| |/
| |
| |
| |
| |
| |
| | |
If a gnutls_prf*() function is called before the handshake is completed,
return GNUTLS_E_INVALID_REQUEST instead of crashing.
Signed-off-by: Miroslav Lichvar <mlichvar@redhat.com>
|
|/
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|\
| |
| |
| |
| | |
tls-sig: reverse bytes in TLS signatures for GOST signatures
See merge request gnutls/gnutls!1114
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
GOST TLS suites have one peculiarity: CertificateVerify message uses
byte order opposite to the rest of GOST signature usage (BE instead of
LE). So, reverse byte order in signatures in TLS code. For now this
applies only to TLS 1.2 code. GOST TLS 1.3 ciphersuites will also follow
this approach. Legacy TLS 1.0 ciphersuites also had this peculiarity.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
|\ \
| | |
| | |
| | |
| | | |
Update CI to F31
See merge request gnutls/gnutls!1113
|
| | |
| | |
| | |
| | | |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | | |
This seems to have impacted windows compilation.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| | |
| | |
| | |
| | |
| | |
| | | |
It cannot be compiled in f30.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This fixes compilation in Fedora 30 which ships with this
version of autogen.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|\ \ \
| |_|/
|/| |
| | |
| | | |
nettle: Support sysctl(KERN_ARND) for random number generation on NetBSD.
See merge request gnutls/gnutls!1109
|
| | |
| | |
| | |
| | | |
Signed-off-by: Nia Alarie <nia@NetBSD.org>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This system call will never block and does not require a file
descriptor to be opened. It provides an endless stream of random
numbers from the kernel's ChaCha20-based random number generator.
Signed-off-by: Nia Alarie <nia@NetBSD.org>
|
|\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
doc: describe how to make gnutls-cli quiet for pipe usage
Closes #845
See merge request gnutls/gnutls!1108
|
| |/ /
| | |
| | |
| | | |
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
|
|\ \ \
| |_|/
|/| |
| | |
| | | |
lib: simplify uint24 handling
See merge request gnutls/gnutls!1107
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Drop separate uint24 type and functions to convert between it and
uint32_t. This makes _gnutls_read/_write_uint24 simpler and easier to
understand. And with faster assembly code.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
|\ \ \
| | | |
| | | |
| | | |
| | | | |
ecc: fix curve sizes for TC26-256 gost curves
See merge request gnutls/gnutls!1110
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | | |
Fix curve size being incorrectly set to 64 instead of 32 for several
GOST curves.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
|\ \ \
| |/ /
|/| |
| | |
| | | |
serv: move closing TABLE tag after actual table end
See merge request gnutls/gnutls!1111
|
|/ /
| |
| |
| |
| |
| | |
Move closing TABLE tag after printing information on cipher and MAC.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
|\ \
| |/
| |
| |
| | |
lib: drop gnutls_uint64 usage as sequence number
See merge request gnutls/gnutls!1102
|
|/
|
|
|
|
|
|
| |
GnuTLS is depending already on uint64_t being a properly defined type.
So there is no need to have a special byte-array type for 8-byte
integers. Use uint64_t instead, thus simplifying a code quite heavily.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
|\
| |
| |
| |
| | |
Support GOST cipher suite MAC calculation
See merge request gnutls/gnutls!1098
|
| |
| |
| |
| | |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
GOST ciphersuites require that MAC is calculated over _all_ packets,
rather than just current packet. Add flag to auth_cipher_hd_st
controlling this behaviour.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|