| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds a minimal, callback-based API to import external PSK,
following RFC 9258. The client and the server importing external PSK
are supposed to set a callback to retrieve PSK, which returns flags
that may indicate the PSK is imported, along with the key:
typedef int gnutls_psk_client_credentials_function3(
gnutls_session_t session,
gnutls_datum_t *username, gnutls_datum_t *key,
gnutls_psk_key_flags *flags);
typedef int gnutls_psk_server_credentials_function3(
gnutls_session_t session,
const gnutls_datum_t *username, gnutls_datum_t *key,
gnutls_psk_key_flags *flags);
Those callbacks are responsible to call
gnutls_psk_format_imported_identity() for external PSKs to build a
serialized PSK identity, and set GNUTLS_PSK_KEY_EXT in flags if the
identity is an imported one.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
|
|
| |
This adds a couple of functions gnutls_cipher_encrypt3 and
gnutls_cipher_decrypt3, which add or remove padding as necessary if
the length of the plaintext is not a multiple of the block size.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
FIPS140-3 IG 10.3.E Periodic Self-Testing says:
At security levels 1 and 2, acceptable means for initiating the
periodic self-tests include a provided service, resetting, rebooting
or power cycling.
Neither resetting, rebooting, nor power-cycling is suitable because
those involve operations outside of the module. Therefore this patch
adds a new API to manually run the substance of FIPS140 self-tests.
Suggeested by Richard Costa and Stephan Mueller in:
https://gitlab.com/gnutls/gnutls/-/issues/1364
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
|
| |
This adds gnutls_aead_cipher_set_key, which enables to reuse the same
handle but reset the context and key, without releasing the memory.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
| |
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
|
|
|
|
| |
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The existing method to obtain the name of the currently negotiated TLS
ciphersuite is as follows:
- call gnutls_cipher_get, gnutls_mac_get, gnutls_kx_get
- call gnutls_cipher_suite_get_name with the value from the above functions
This process is cumbersome and only works with TLS 1.2 or earlier;
moreover the returned names are GnuTLS specific.
This change adds a new function gnutls_ciphersuite_get to eliminate
those limitations. It returns the "canonical" name of the
ciphersuite, which is mostly identical to the ones registered in IANA,
with an exception for compatibility.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
|
| |
ktls is enabled by default, we can check if inicialization was
succesfull with gnutls_transport_is_ktls_enabled
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
|
|
|
|
| |
Signed-off-by: Ander Juaristi <a@juaristi.eus>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds a new mode of interpreting the [overrides] section. If
"override-mode" is set to "allowlisting" in the [global] section, all
the algorithms (hashes, signature algorithms, curves, and versions)
are initially marked as insecure/disabled. Then the user can enable
them by specifying allowlisting keywords such as "secure-hash" in the
[overrides] section.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Co-authored-by: Alexander Sosedkin <asosedkin@redhat.com>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
|
| |
This adds gnutls_alert_set_read_function(), to allow QUIC
implementations to be notified when an alert message is sent.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
|
|
| |
For the use with QUIC, the change of traffic secrets must be notified
_after_ a new epoch is set up for reading or writing, and we can't
simply reuse the keylog mechanism.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
|
|
| |
This adds a couple of functions, gnutls_handshake_set_read_function()
and gnutls_handshake_write(), to allow QUIC implementations to
directly interact with the TLS state machine.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
|
|
|
| |
applications
to have a way to pass the gnutls_verify_output_function() as a callback so that the full
path of the certificate chain to the trusted root can be avaiable as output.
Signed-off-by: Sahana Prasad <sahana@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
gnutls-cli to
automatically download missing intermediate CAs in a certificate chain
lib/cred-cert.c : adds set and get APIs to get user data in the
gnutls_x509_trust_list_set_getissuer_function() callback.
Signed-off-by: Sahana Prasad <sahana@redhat.com>
|
|
|
|
| |
Signed-off-by: Sahana Prasad <sahana@redhat.com>
|
|
|
|
|
|
|
| |
Basically export print_pkcs7_info() in a way usable by external
applications.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
|
|
|
|
|
|
|
|
| |
This adds a generalized version of gnutls_ext_get_name, which can
retrieve the name of the extension, even if it is registered per
session.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|\
| |
| |
| |
| | |
gnutls_session_get_keylog_function: new function
See merge request gnutls/gnutls!1220
|
| |
| |
| |
| |
| |
| |
| |
| | |
This adds a way to retrieve the keylog function set by
gnutls_session_set_keylog_function() to allow application protocols to
implement custom logging facility.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit closes #586.
Two new functions are introduced: gnutls_psk_server_get_username2()
and gnutls_psk_set_client_username2(), which are identical in behavior
to those named similarly (without the final '2'), but allow arbitrary
gnutls datums (not strings) to be used as usernames.
Two new callback functions are also introduced, with their respective
setters: gnutls_psk_set_server_credentials_function2() and
gnutls_psk_set_client_credentials_function2().
In addition, the password file format is extended so that non-string
usernames can be specified. A leading '#' character tells GnuTLS that the
username should be interpreted as a raw byte string (encoded in HEX).
Example:
#deadbeef:9e32cf7786321a828ef7668f09fb35db
Signed-off-by: Ander Juaristi's avatarAnder Juaristi <a@juaristi.eus>
|
|
|
|
|
|
|
|
| |
This is particularly useful when the application applies key
derivation function by itself with the same underlying hash algorithm
as the session.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
This partially reverts commit 97117556 with a simpler interface. The
original intention of having the callback mechanism was to reuse it
for monitoring QUIC encryption changes. However, it turned out to be
insufficient because such changes must be emitted after a new epoch is
ready.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
|
|
|
|
|
|
|
| |
This refactors the keylogfile mechanism by adding a callback to get
notified when a new secret is derived and installed. That way,
consumers can implement custom logging feature per session, which is
particularly useful in QUIC implementation.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
This exposes HKDF and PBKDF2 functions from the library. Instead of
defining a single KDF interface as in PKCS #11, this patch defines 3
distinct functions for HKDF-Extract, HKDF-Expand, and PBKDF2
derivation, so that we can take advantage of compile time checking of
necesssary parameters.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
|
|
|
|
| |
Add gnutls_hmac_get_key_size() to retrieve MAC key size.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
|
|
|
| |
This adds an in-place equivalent of gnutls_aead_cipher_encrypt() and
gnutls_aead_cipher_decrypt(), that works on data buffers.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
|
|
|
|
| |
Add gnutls_hash_copy() function for copying message digest context.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
|
|
|
|
|
|
|
|
| |
Add gnutls_hmac_copy() API to duplicate MAC handler state, which is
necessary for SMB3 support.
Resolves: #787
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The previous behavior was that both sending and receiving limits are
negotiated to be the same value. It was problematic when:
- client sends a record_size_limit with a large value in CH
- server sends a record_size_limit with a smaller value in EE
- client updates the limit for both sending and receiving, upon
receiving EE
- server sends a Certificate message larger than the limit
With this patch, each peer maintains the sending / receiving limits
separately so not to confuse with the contradicting settings.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
|
|
|
|
|
|
|
| |
This adds a new function gnutls_prf_early, which shall be called in a
handshake hook waiting for GNUTLS_HANDSHAKE_CLIENT_HELLO. The test
needs to be run in a datefudge wrapper as the early secrets depend on
the current time (through PSK).
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
These have output ABI format compatibility and that means we can
take snapshots to test ABI against. We also hard-code explicitly
the SONAME version to ensure no accidental SONAME bumps happen.
This patch also moves symbols.last in the devel/ subdirectory
and no internal files are shipped.
Relates: #292
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|