| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds a minimal, callback-based API to import external PSK,
following RFC 9258. The client and the server importing external PSK
are supposed to set a callback to retrieve PSK, which returns flags
that may indicate the PSK is imported, along with the key:
typedef int gnutls_psk_client_credentials_function3(
gnutls_session_t session,
gnutls_datum_t *username, gnutls_datum_t *key,
gnutls_psk_key_flags *flags);
typedef int gnutls_psk_server_credentials_function3(
gnutls_session_t session,
const gnutls_datum_t *username, gnutls_datum_t *key,
gnutls_psk_key_flags *flags);
Those callbacks are responsible to call
gnutls_psk_format_imported_identity() for external PSKs to build a
serialized PSK identity, and set GNUTLS_PSK_KEY_EXT in flags if the
identity is an imported one.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| |
|
|
| |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| |
|
|
|
|
|
| |
since the `ok` variable isn't used any more, we can remove all code
used to calculate it
Signed-off-by: Hubert Kario <hkario@redhat.com>
|
| |
|
|
|
|
|
|
| |
Remove branching that depends on secret data.
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Signed-off-by: Hubert Kario <hkario@redhat.com>
Tested-by: Hubert Kario <hkario@redhat.com>
|
| |
|
|
|
| |
Co-authored-by: Simon Josefsson <simon@josefsson.org>
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
|
| |
|
|
|
|
|
| |
This is the latest recommendation, as described here:
https://www.gnu.org/licenses/gpl-howto.html
Signed-off-by: Stefan Kangas <stefankangas@gmail.com>
|
| |
|
|
|
|
|
| |
This mostly updates NEWS and license links. All links have been
manually tested and confirmed working.
Signed-off-by: Stefan Kangas <stefankangas@gmail.com>
|
| |\
| |
| |
| |
| | |
fix obtain credential type based on the key exchange type fail;fix log print key mac size error
See merge request gnutls/gnutls!1670
|
| | |
| |
| |
| | |
Signed-off-by: xuraoqing <xuraoqing@huawei.com>
|
| | |
| |
| |
| |
| |
| |
| | |
This adds stub definitions of public SRP functions even if SRP is
disabled with --disable-srp-authentication, to preserve the ABI.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| | |
| |
| |
| | |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| | |
| |
| |
| | |
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
|
| |/
|
|
| |
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
|
| |
|
|
|
| |
Co-authored-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
When compiled with gcc -fanalyzer, it reports:
cert.c: In function '_gnutls_pcert_to_auth_info':
cert.c:85:17: error: dereference of NULL 'info' [CWE-476] [-Werror=analyzer-null-dereference]
85 | if (info->raw_certificate_list != NULL) {
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
While compiling gnutls, some warnings related to deprecated names can be
printed, such as:
./../x509/x509_int.h:392:13: warning: 'ASN1_TYPE' macro is deprecated, use 'asn1_node' instead.
392 | int _gnutls_x509_write_key_int_le(ASN1_TYPE node, const char *value,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
To avoid that, rename types as show in devel/libtasn1/NEWS (release 3.1):
ASN1_DATA_NODE -> asn1_data_node_st
ASN1_ARRAY_TYPE -> asn1_static_node (was asn1_static_node_t)
ASN1_TYPE -> asn1_node
ASN1_TYPE_EMPTY -> NULL
static_struct_asn -> asn1_static_node_st
node_asn_struct -> asn1_node_st
node_asn -> asn1_node_st
Signed-off-by: Leonardo Bras <leobras.c@gmail.com>
|
| |
|
|
|
|
|
|
| |
When the server is advertising signature algorithms in TLS 1.2
CertificateRequest, it shouldn't send certificate_types not backed by
any of those algorithms.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| |
|
|
|
|
|
|
| |
"it's" is for contractions like "it is" or "it has". "its" is a
possessive pronoun, like "his" or "hers" or "theirs", none of which
have an apostrophe in them either.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
| |
|
|
| |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| |
|
|
|
|
| |
Spotted by codespell.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| |
|
|
|
|
|
| |
This is necessary for full public key validation in
SP800-56A (revision 3), section 5.6.2.3.1.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| |
|
|
|
|
|
|
| |
SP800-56A rev. 3 restricts the FIPS compliant clients to use only
approved DH parameters, defined in RFC 7919 and RFC 3526. This adds a
check in the handling of ServerKeyExchange if DHE is negotiated.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| |
|
|
|
|
|
| |
This makes it clear that "fd" is not a file descriptor but a FILE
pointer. Suggested by Tim Rühsen.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
This makes use of the "e" flag of fopen, provided by the Gnulib's
fopen-gnu module.
Reported by Remi Denis-Courmont in:
https://gitlab.com/gnutls/gnutls/-/issues/985
and fix suggested by Tim Rühsen.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| |
|
|
|
|
| |
memory access
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit closes #586.
Two new functions are introduced: gnutls_psk_server_get_username2()
and gnutls_psk_set_client_username2(), which are identical in behavior
to those named similarly (without the final '2'), but allow arbitrary
gnutls datums (not strings) to be used as usernames.
Two new callback functions are also introduced, with their respective
setters: gnutls_psk_set_server_credentials_function2() and
gnutls_psk_set_client_credentials_function2().
In addition, the password file format is extended so that non-string
usernames can be specified. A leading '#' character tells GnuTLS that the
username should be interpreted as a raw byte string (encoded in HEX).
Example:
#deadbeef:9e32cf7786321a828ef7668f09fb35db
Signed-off-by: Ander Juaristi's avatarAnder Juaristi <a@juaristi.eus>
|
| |
|
|
| |
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| |
|
|
|
|
|
|
| |
SChannel-based clients can not send GOST identifiers as a part of
SignatureAlgorithms extension. To mitigate this forcefully enable GOST
signature algorithms if client sends GOST ciphersuite.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
|
|
| |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
|
|
| |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
|
|
|
|
| |
Fixes Coverity issue 1454652
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
| |
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
This is a server side counterpart of
005a4d04145707daad9588acedfdb5f6cd97c80c.
Instead of signalling an error when no algorithm is usable in TLS 1.3,
it downgrades the session to TLS 1.2 with a warning.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
_gnutls_srp_entry_free would previously not free any parameters that
were known to gnutls to account for documented behavior of
gnutls_srp_set_server_credentials_function(). This was not updated
when the newly added 8192 parameter was added to the library.
This introduces a safety check for generator parameters, even though
in practice they are the same pointer.
Resolves: #761
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |
|
|
| |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
| |
|
|
| |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
| |\
| |
| |
| |
| | |
Automatically NULLify after gnutls_free()
See merge request gnutls/gnutls!923
|
| | |
| |
| |
| | |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
| |/
|
|
| |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
| |
|
|
|
|
|
| |
The API could return 0 or 1 matching certificates. The case of zero
can only happen in client side.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
|
| |
That is, we require a signing certificate when negotiating
TLS1.3, or when sending a client certificate (on all cases).
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
This only takes into account certificates in the credentials structure.
If certificates are provided in a callback, these must be checked by
the provider. For that we assume that the credentials structure is
filled when associated with a session; if not then the fallback mechanism
will not work and the handshake will fail.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
That is, we require a signing certificate when negotiating
TLS1.3, or when sending a client certificate (on all cases).
Before we would not perform any checks under TLS1.3 or when client
certificates are sent, assuming that the certificates used will always
be signing ones. However if the user sets up incorrectly a decryption
certificate we would use it for signing. This fix makes sure that an
error is returned early when these scenarios are detected.
Resolves: #690
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
| |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
| |
|
|
| |
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
|
| |
|
|
|
|
|
|
|
|
|
| |
This patch tries to make the code have the same time and memory access
aptterns across all branches of the decryption function so that timining
or cache side channels are minimized or neutralized.
To do so it uses a new nettle rsa decryption function that is
side-channel silent.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
| |
consistency reasons with its client couterpart.
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
|
| |
|
|
| |
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
|
| |
|
|
| |
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
|
