| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
| |
That simplifies the existing PRF code and moves it in the
crypto-backend component.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
| |
The reason is that this API, assumes very low level primitives which
are not available for the newer RSA-PSS private keys.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
|
|
| |
That will allow this function to operate with the new key types.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
| |
GNUTLS_PRIVKEY_SIGN_FLAG_REPRODUCIBLE
For simplicity, rename GNUTLS_PRIVKEY_SIGN_FLAG_REPRODUCIBLE to GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
| |
The same code was available in _gnutls_privkey_find_sign_params().
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
| |
That makes sure that the high level APIs are used when possible, and
separate the TLS 1.2 from other code paths. This will allow supporting
signature schemes like EdDSA and others.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
| |
There were several tests that were utilizing SHA1 signatures but were
not failing due to the bug in gnutls_pubkey_verify_hash2().
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
| |
non-RSA keys
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
| |
This flag is not required for verification since the signature algorithm
is sufficient to detect RSA-PSS without requiring any flags.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Previously --generate-privkey wouldn't ask for password unless --pkcs8
was explicitly given. Keep that behavior, and do not ask for any password
even if we need to export to PKCS#8 for some key types. Always require
the --pkcs8 option to encrypt with password.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
| |
This option could accomodate future enhancements/additions in
certificate signining.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
| |
These tests fail because tls-fuzzer currently does not properly implement
RSA-PSS.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
| |
An RSA-PSS key has additional parameters which cannot be stored
in the "standard" PKCS#1 format. For that when asked to generate
an RSA-PSS key, we export to the PKCS#8 form.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
| |
Previously it was expecting a different alert code than gnutls returned.
Now gnutls returns the expected alert code (GNUTLS_A_DECRYPT_ERROR)
on malformed signatures.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
| |
This makes server respond with GNUTLS_A_DECRYPT_ERROR on malformed signatures,
which is the expected behavior. Hinted by Hubert Kario.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
| |
That allows including all the existing signatures including DSA.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
| |
That includes tests with RSA and RSA-PSS server and client certificates.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
| |
That is in addition to GNUTLS_PK_RSA
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
| |
GOST VKO and PSS keys would support several public keys, so change
the previous 1:1 kx->pk mapping into 1:many.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
| |
That is, the privkey_sign_hash() function was made static (no users other
than the same file), and gnutls_privkey_sign_hash will take into account
the GNUTLS_PRIVKEY_SIGN_FLAG_RSA_PSS, if specified.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
That is, when signing a TLS message, take into account the
negotiated signature algorithm, in addition to the hash algorithm
to decide which flags to pass to gnutls_privkey_sign_hash(). This
allows signing the handshake messages with RSA-PSS even when an RSA
key is present.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
|
| |
They are prioritized low on the list to reduce compatibility
issues in case they are wrongly implemented in gnutls or in the
peer implementation. To be revised when more elaborate compatibility
tests are made.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
That is instead of using a 1-1 mapping of signature algorithms
to public key algorithms, use gnutls_sign_supports_pk_algorithm()
to determine whether algorithms match. That way we can allow
GNUTLS_SIGN_RSA_PSS_SHA256 under GNUTLS_PK_RSA and GNUTLS_PK_RSA_PSS
keys.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
That is, do not check the flag GNUTLS_VERIFY_USE_RSA_PSS, as we
already have enough information to determine whether an RSA-PSS
signature is used (the sign algorithm). Also return the code
GNUTLS_E_INCOMPATIBLE_SIG_WITH_KEY when a signature algorithm
incompatible with the public key is encountered.
In addition, fixed few misplacements of GNUTLS_PK_RSA_PSS in switch
cases.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
|
| |
This function allows to test whether a combination of public key
algorithm and signature algorithm are supported. This is introduced
for RSA-PSS signatures which can be generated by a GNUTLS_PK_RSA key
or by a GNUTLS_PK_RSA_PSS key.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch enables RSA-PSS signature scheme in the X.509 functions and
certtool.
When creating RSA-PSS signature, there are 3 different scenarios:
a. both a private key and a certificate are RSA-PSS
b. the private key is RSA, while the certificate is RSA-PSS
c. both the private key and the certificate are RSA
For (a) and (b), the RSA-PSS parameters are read from the certificate.
Any conflicts in parameters between the private key and the certificate
are reported as an error.
For (c), the sign functions, such as gnutls_x509_crt_privkey_sign() or
gnutls_privkey_sign_data(), shall be instructed to generate an RSA-PSS
signature. This can be done with the new flag
GNUTLS_PRIVKEY_SIGN_FLAG_RSA_PSS.
Verification is similar to signing, except for the case (c), use the
flag GNUTLS_VERIFY_USE_RSA_PSS instead of
GNUTLS_PRIVKEY_SIGN_FLAG_RSA_PSS.
From the command line, certtool has a couple of new options: --rsa-pss
and --rsa-pss-sign. The --rsa-pss option indicates that the generated
private key or certificate is restricted to RSA-PSS, while the
--rsa-pss-sign option indicates that the generated certificate is signed
with RSA-PSS.
For simplicity, there is no means of choosing arbitrary salt length.
When it is not given by a private key or a certificate, it is
automatically calculated from the underlying hash algorithm and the
RSA modulus bits.
[minor naming changes by nmav]
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|