| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
qemu is currently causing segmentation fault:
cipher: aes-128-gcm
cipher: aes-192-gcm
cipher: aes-256-gcm
cipher: chacha20-poly1305
qemu: uncaught target signal 11 (Segmentation fault) - core dumped
Segmentation fault (core dumped)
default cipher tests failed
FAIL test-ciphers-openssl.sh (exit status: 139)
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
| |
This reverts commit bbe93dc315009fe1f9a30426cbe20f4661b8435c.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Spotted by valgrind:
==5721== 40 bytes in 1 blocks are definitely lost in loss record 1 of 3
==5721== at 0x4839809: malloc (vg_replace_malloc.c:307)
==5721== by 0x4DC3E59: __gmp_default_allocate (in /usr/lib64/libgmp.so.10.4.0)
==5721== by 0x4DD26A3: __gmpz_realloc (in /usr/lib64/libgmp.so.10.4.0)
==5721== by 0x4DD8B9D: __gmpz_set_str (in /usr/lib64/libgmp.so.10.4.0)
==5721== by 0x499339D: _gnutls_gostdsa_unmask_key (gostdsa-mask.c:68)
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
| |
https://sourceforge.net/p/mingw-w64/bugs/818/
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
|
| |
The new fipshmac command provided by libkcapi requires NETLINK_CRYPTO,
which is not enabled on gitlab CI.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
|
| |
GCC 10 warns this:
tests.c:702:2: error: 'siginterrupt' is deprecated: Use sigaction with SA_RESTART instead [-Werror=deprecated-declarations]
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
| |
Also remove Debian.cross.mips-linux-gnu, as it is no longer supported.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
|
| |
This allows us to remove several backports, including XTS, CFB8,
raw-ChaCha, CMAC64, Curve448, and the GOST curves and hashes.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|\
| |
| |
| |
| | |
psktool: Fix hex-encoding logic of username
See merge request gnutls/gnutls!1349
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The previous code didn't modify the pointer to the realloc'ed region
nor check overflow before calling realloc.
Spotted by Anderson Sasaki in:
<https://gitlab.com/gnutls/gnutls/-/merge_requests/1345#note_439063374>.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|\ \
| |/
|/|
| |
| |
| |
| | |
PKCS #12: switch default encryption to AES-256-CBC
Closes #799
See merge request gnutls/gnutls!1348
|
|/
|
|
| |
Signed-off-by: Sahana Prasad <sahana@redhat.com>
|
|\
| |
| |
| |
| |
| |
| | |
psktool: encode username if it contains special character
Closes #1103
See merge request gnutls/gnutls!1345
|
| |
| |
| |
| | |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| |
| |
| |
| | |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| |
| |
| |
| |
| |
| |
| | |
This also moves the hex encoding of key to write_key for readability
and makes file stream closing robuster.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This fixes the build failure with -Werror:
configure:53786: gcc -o conftest -O0 -Wall -Werror -g3 conftest.c -lev >&5
conftest.c:412: error: "GNULIB_STRERROR" redefined [-Werror]
412 | #define GNULIB_STRERROR 1
|
conftest.c:305: note: this is the location of the previous definition
305 | #define GNULIB_STRERROR IN_GNUTLS_GNULIB_TESTS
|
cc1: all warnings being treated as errors
as well as improves code coverage.
Suggested by Bruno Haible in:
<https://lists.gnu.org/archive/html/bug-gnulib/2020-10/msg00148.html>.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| |
| |
| |
| | |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|\ \
| |/
|/|
| |
| |
| |
| | |
x86:add detection of instruction set on Zhaoxin CPU
Closes #1079
See merge request gnutls/gnutls!1335
|
| |
| |
| |
| |
| |
| |
| |
| | |
Modify the variables _gnutls_sha_padlock and _gnutls_sha_padlock_nano.
Add a comment for detecting CPU. Modify the indentation. Delete
initialization etc.
Signed-off-by: JonasZhou <JonasZhou@zhaoxin.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
Add detection of extended instruction set on Zhaoxin cpu,e.g:ssse3,sha,
etc. Set the priority of the algorithm according to the benchmark
test result on Zhaoxin cpu.
Signed-off-by: JonasZhou <JonasZhou@zhaoxin.com>
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | | |
x86: fix avx detection
Closes #1083
See merge request gnutls/gnutls!1334
|
| |/
| |
| |
| |
| |
| |
| |
| |
| | |
In the case of setting environment variables, AVX cannot be detected
correctly. Because only MOVBE is added to variable _gnutls_x86_cpuid_s,
there is no OSXSAVE. And according to the intel manual, using AVX
does not need to detect FMA.
Signed-off-by: JonasZhou <JonasZhou@zhaoxin.com>
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | | |
Add extra checks on memory allocation in src/ and examples
Closes #1102
See merge request gnutls/gnutls!1344
|
| | |
| | |
| | |
| | | |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This pacifies -fanalyzer false-positive:
common.c:552:3: warning: use of NULL '<unknown>' where non-null expected [CWE-690] [-Wanalyzer-null-argument]
Ideally, the function should be defined as 'extern inline' to avoid
code bloat by being copied across multiple translation units.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|/ /
| |
| |
| | |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|\ \
| | |
| | |
| | |
| | | |
fips: enable self-tests for KDF algorithms and CMAC
See merge request gnutls/gnutls!1341
|
| | |
| | |
| | |
| | |
| | |
| | | |
FIPS140-2 IG D.8 mandates self-tests on CMAC.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
FIPS140-2 IG D.8 mandates self-tests on approved KDF algorithms. As
the guidance only requires to run a single instance of each KDF
mechanism, this only exercises TLS1.2 PRF with HMAC-SHA-256 as the
underlying MAC algorithm.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
FIPS140-2 IG D.8 mandates self-tests on approved KDF algorithms. As
the guidance only requires running a single instance of each KDF
mechanism, this only exercises PBKDF2 with HMAC-SHA-256 as the
underlying MAC algorithm.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
FIPS140-2 IG D.8 mandates self-test on approved KDF algorithms. As
the guidance only requires running a single instance of each KDF
mechanism, this only exercises HKDF-Extract and HKDF-Expand operations
with HMAC-SHA-256 as the underlying MAC.
Although HKDF is non-approved, it would be sensible to do that as it
will be approved in FIPS140-3.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|\ \ \
| |/ /
|/| |
| | |
| | | |
fips: use 2048-bit prime for DH self-tests
See merge request gnutls/gnutls!1342
|
|/ /
| |
| |
| |
| |
| |
| |
| | |
According to FIPS140-2 IG 7.5, the minimum key size of FFC through
2030 is defined as 2048 bits. This updates the relevant self-test
using ffdhe3072 defined in RFC 7919.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|\ \
| | |
| | |
| | |
| | | |
tests: simplify shell-script usage
See merge request gnutls/gnutls!1337
|
| | |
| | |
| | |
| | |
| | |
| | | |
Pointed by Andreas Metzler.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
gnutls-serv invocations in cert-tests/dsa can take long time to launch
if valgrind tests are enabled.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This fixes a race condition in the timings between when a free port is
detected and when the port is actually used.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| | |
| | |
| | |
| | |
| | |
| | | |
This function is only used by testpkcs11.sh.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|