delta/gnutls.git - gitlab.com: gnutls/gnutls.git

	Commit message (Collapse)	Author	Age	Files	Lines
...
*	doc: simplified the default client example	Nikos Mavrogiannopoulos	2017-06-16	1	-19/+2
\| \| \| \| \| \|	Removed optional paths. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	tests: added reproducer for OCSP response found test casestmp-ocsp-status-fix	Nikos Mavrogiannopoulos	2017-06-15	4	-4/+115
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	fuzz: documented location for OCSP-related reproducers	Nikos Mavrogiannopoulos	2017-06-15	1	-6/+7
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	ocsp: added sanity check in returned length	Nikos Mavrogiannopoulos	2017-06-15	1	-1/+4
\| \| \| \| \| \| \|	This addresses: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1492 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	doc: added/modernized text on AEAD ciphers [ci skip]	Nikos Mavrogiannopoulos	2017-06-15	1	-18/+31
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	doc update	Nikos Mavrogiannopoulos	2017-06-15	1	-1/+1
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	tests: improved duplicate extension test	Nikos Mavrogiannopoulos	2017-06-15	1	-4/+4
\| \| \| \| \| \| \| \|	Instead of sending two duplicate extensions of which one is invalid, send two valid ones instead. That way, we avoid the possibility of false positives due to the validation code of the extension contents. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	tests: verify that duplicate extensions are rejected	Nikos Mavrogiannopoulos	2017-06-14	2	-1/+220
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	TLS extensions: added duplicate extension check on server side	Nikos Mavrogiannopoulos	2017-06-14	1	-5/+18
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	gnutls_init: better naming for internal function	Nikos Mavrogiannopoulos	2017-06-14	1	-7/+9
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	tests: added unit test for overriding TLS extensions	Nikos Mavrogiannopoulos	2017-06-14	2	-1/+316
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	TLS extensions: mark each extension which cannot be overriden	Nikos Mavrogiannopoulos	2017-06-14	17	-29/+37
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	TLS extensions: combined the extension data and resumed data structures	Nikos Mavrogiannopoulos	2017-06-14	2	-112/+80
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	removed type extension_priv_data_t	Nikos Mavrogiannopoulos	2017-06-14	13	-103/+101
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	gnutls_int.h: groupped extension structures together	Nikos Mavrogiannopoulos	2017-06-14	1	-11/+13
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	TLS extensions: several simplifications	Nikos Mavrogiannopoulos	2017-06-14	6	-144/+133
\| \| \| \| \| \| \|	This allows extensions set by the application to override some of the internal ones. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	.gitlab-ci.yml: FreeBSD system is no longer available; disabling for CI [ci ↵	Nikos Mavrogiannopoulos	2017-06-14	1	-21/+21
\| \| \| \| \| \|	skip] Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	doc updatetmp-pkcs11-no-leading-zeros	Nikos Mavrogiannopoulos	2017-06-12	1	-0/+7
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	updated auto-generated files	Nikos Mavrogiannopoulos	2017-06-12	3	-0/+25
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	doc: added reference to privkey export functions	Nikos Mavrogiannopoulos	2017-06-12	1	-1/+6
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	tests: added basic unit tests for the export_*_raw2() functions	Nikos Mavrogiannopoulos	2017-06-12	1	-6/+121
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	corrected typo in x962 functions	Nikos Mavrogiannopoulos	2017-06-12	7	-13/+13
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	pkcs11: do not set leading zeros on integers	Nikos Mavrogiannopoulos	2017-06-12	1	-13/+14
\| \| \| \| \| \| \| \| \| \|	PKCS#11 defines integers as unsigned having most significant byte first, e.g., 32768 = 0x80 0x00. This is interpreted literraly by some HSMs which do not accept an integer with a leading zero. Resolves: #215 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	Introduced functions to export integers with no leading zero	Nikos Mavrogiannopoulos	2017-06-12	8	-41/+291
\| \| \| \| \| \| \| \| \| \| \| \|	That is introduced the flag GNUTLS_EXPORT_FLAG_NO_LZ and: * gnutls_pubkey_export_rsa_raw2 * gnutls_pubkey_export_dsa_raw2 * gnutls_pubkey_export_ecc_raw2 * gnutls_privkey_export_rsa_raw2 * gnutls_privkey_export_dsa_raw2 * gnutls_privkey_export_ecc_raw2 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	nettle: use older GMP macros for mpz_mod_2exp and mpz_div_2exp	Nikos Mavrogiannopoulos	2017-06-08	2	-3/+3
\| \| \| \| \| \|	These ensure that compilation will succeed even when building with gmp-mini. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	_gnutls_ucs2_to_utf8: use void* as pointer type to avoid compiler ↵	Nikos Mavrogiannopoulos	2017-06-08	1	-1/+1
\| \| \| \| \| \|	assumptions on alignment [ci skip] Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	ciphersuites: removed unused function	Nikos Mavrogiannopoulos	2017-06-08	1	-15/+0
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	nettle/cipher: document that ctx_ptr is 16-byte aligned, and use void* to ↵	Nikos Mavrogiannopoulos	2017-06-08	1	-4/+6
\| \| \| \| \| \|	avoid compiler assumptions Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	certtool: corrected typo in strcmp() use	Nikos Mavrogiannopoulos	2017-06-08	1	-2/+2
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	_gnutls_x509_privkey_reinit: ensure fields will not be re-used	Nikos Mavrogiannopoulos	2017-06-08	1	-0/+2
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	certtool: improved error message when public key cannot be figured [ci skip]	Nikos Mavrogiannopoulos	2017-06-08	1	-1/+1
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	updated auto-generated files for new signing APItmp-enhance-signing-apis	Nikos Mavrogiannopoulos	2017-06-07	4	-2/+8
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	handshake: simplify handshake by using the new signing API	Nikos Mavrogiannopoulos	2017-06-07	1	-37/+8
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	tests: introduced unit tests of the new signing API	Nikos Mavrogiannopoulos	2017-06-07	2	-0/+431
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	abstract API: introduced new signing functions	Nikos Mavrogiannopoulos	2017-06-07	5	-24/+166
\| \| \| \| \| \| \| \| \|	That is, the gnutls_privkey_sign_data2() and gnutls_privkey_sign_hash2(). The new functions perform signing with input the signature algorithm instead of the hash algorithm; that allows to use algorithms where the hash algorithm is not used, or the public key algorithm may be different than the key's. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	pkix: removed unused definition	Nikos Mavrogiannopoulos	2017-06-07	1	-2/+0
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	gnutls_privkey_st: removed unused elementtmp-multi-updates	Nikos Mavrogiannopoulos	2017-06-07	2	-2/+1
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	gnutls_session_get_desc: improved ciphersuite description	Nikos Mavrogiannopoulos	2017-06-07	1	-13/+34
\| \| \| \| \| \| \|	That is, separated the key exchange from the signature algorithm used by the server, and list them in different fields. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	tests: key-import-export: use cert-common.h	Nikos Mavrogiannopoulos	2017-06-07	1	-33/+7
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	tests: simplified CPPFLAGS of tests using internal gnutls funcs	Nikos Mavrogiannopoulos	2017-06-07	1	-25/+5
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	tests: key-exchange: added error checking in gnutls_certificate_set_x509_key_memtmp-more-rsa-pss-related-changes	Nikos Mavrogiannopoulos	2017-06-06	1	-3/+12
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	_gnutls_check_key_cert_match: account for RSA and RSA-PSS mismatches	Nikos Mavrogiannopoulos	2017-06-06	1	-2/+13
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	certtool: fix DER export with --p7-info	Nikos Mavrogiannopoulos	2017-06-06	1	-8/+10
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	updated auto-generated filestmp-psktool-updates	Nikos Mavrogiannopoulos	2017-06-05	2	-63/+109
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	doc update	Nikos Mavrogiannopoulos	2017-06-05	1	-3/+5
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	psktool: minor documentation updates	Nikos Mavrogiannopoulos	2017-06-05	1	-2/+2
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	tests: added basic functionality check for psktool	Nikos Mavrogiannopoulos	2017-06-05	2	-1/+88
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	psktool: increased default key size to 256-bits	Nikos Mavrogiannopoulos	2017-06-05	1	-1/+1
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	psktool: do not assume any default key file	Nikos Mavrogiannopoulos	2017-06-05	1	-4/+4
\| \| \| \|	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
*	clarify documentation and arguments for psktool	Daniel Kahn Gillmor	2017-06-05	2	-11/+18
\| \| \| \| \| \| \| \| \| \| \|	* psktool's -p argument should really be short for --pskfile, not --passwd. there is no passwd involved. * the example documentation switches names halfway through, which is confusing. * there is no prompt for a password. do not mention it in the example.