| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds a minimal, callback-based API to import external PSK,
following RFC 9258. The client and the server importing external PSK
are supposed to set a callback to retrieve PSK, which returns flags
that may indicate the PSK is imported, along with the key:
typedef int gnutls_psk_client_credentials_function3(
gnutls_session_t session,
gnutls_datum_t *username, gnutls_datum_t *key,
gnutls_psk_key_flags *flags);
typedef int gnutls_psk_server_credentials_function3(
gnutls_session_t session,
const gnutls_datum_t *username, gnutls_datum_t *key,
gnutls_psk_key_flags *flags);
Those callbacks are responsible to call
gnutls_psk_format_imported_identity() for external PSKs to build a
serialized PSK identity, and set GNUTLS_PSK_KEY_EXT in flags if the
identity is an imported one.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
| |
Signed-off-by: peonix <ajeetsinghchahar2@gmail.com>
|
|
|
|
| |
Signed-off-by: peonix <ajeetsinghchahar2@gmail.com>
|
|
|
|
| |
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch removes the old gnutlsxx library and instead moves all the
definitions of the source file `gnutlsxx.c` to the header file
`gnutlsxx.h`. However, both the C and the C++ library are built. (as
before.)
The user of the C++ interface has two options to choose from:
1. include `gnutlsxx.h` in their application and link against the C
library. (the default.)
2. include `gnutlsxx.h` in their application, compile with the
GNUTLS_GNUTLSXX_NO_HEADERONLY macro defined and link against the C++
library.
Addresses Ref #1381
Signed-off-by: Nikolaos Chatzikonstantinou <nchatz314@gmail.com>
|
|
|
|
|
| |
Co-authored-by: Simon Josefsson <simon@josefsson.org>
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
|
|
|
|
|
| |
Co-authored-by: Simon Josefsson <simon@josefsson.org>
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
|
|
|
|
|
|
|
| |
This adds support for SRTP_AEAD_AES_128_GCM and SRTP_AEAD_AES_256_GCM
profiles defined in RFC 7714.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
|
|
|
|
| |
<gnutls/socket.h> is meant for the functions that depend on
<sys/socket.h>, which is not available on Windows platforms.
As the KTLS API doesn't rely on <sys/socket.h>, move the function and
enum to <gnutls/gnutls.h>.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
| |
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
|
|
|
|
| |
Signed-off-by: Simon Josefsson <simon@josefsson.org>
|
|
|
|
|
|
|
|
| |
This adds a couple of functions gnutls_cipher_encrypt3 and
gnutls_cipher_decrypt3, which add or remove padding as necessary if
the length of the plaintext is not a multiple of the block size.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
FIPS140-3 IG 10.3.E Periodic Self-Testing says:
At security levels 1 and 2, acceptable means for initiating the
periodic self-tests include a provided service, resetting, rebooting
or power cycling.
Neither resetting, rebooting, nor power-cycling is suitable because
those involve operations outside of the module. Therefore this patch
adds a new API to manually run the substance of FIPS140 self-tests.
Suggeested by Richard Costa and Stephan Mueller in:
https://gitlab.com/gnutls/gnutls/-/issues/1364
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
|
| |
This adds gnutls_aead_cipher_set_key, which enables to reuse the same
handle but reset the context and key, without releasing the memory.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The existing GNUTLS_NO_TICKETS flag affects all versions of TLS, where
PFS is assured in TLS 1.3, while it is not in TLS 1.2. This adds a
new flag GNUTLS_NO_TICKETS_TLS12 to allow applications to disable
session tickets only in TLS 1.2.
As the only means of resumption in TLS 1.3 is using session tickets,
we could repurpose the GNUTLS_NO_TICKETS flag make it no-op in TLS
1.3. However it would break backward compatibility, so we defer it to
the next major release.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| |
|
|\
| |
| |
| |
| | |
system config disable KTLS
See merge request gnutls/gnutls!1559
|
| |
| |
| |
| |
| |
| |
| | |
Added option for system config `ktls = false` to disable ktls
system-wide
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
|
|/
|
|
| |
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
|
|
|
|
| |
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
|
|\
| |
| |
| |
| | |
ktls: sendfile
See merge request gnutls/gnutls!1486
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
added API function: gnutls_record_send_file().
added: _gnutls_ktls_send_file() function which increases the performance
by offloading the file encryption to kernel, thus the data never goes
to userspace.
updated tests/gnutls_ktls to cover new API
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
|
|\ \
| | |
| | |
| | |
| | | |
bump GNUTLS_MAX_ALGORITHM_NUM / MAX_ALGOS
See merge request gnutls/gnutls!1538
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Fedora 36 LEGACY crypto-policy uses allowlisting format
and is long enough to blow past the 64 priority string
elements mark, causing, effectively, priority string truncation.
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
|
| |/
|/|
| |
| | |
Signed-off-by: Dimitris Apostolou <dimitris.apostolou@icloud.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The existing method to obtain the name of the currently negotiated TLS
ciphersuite is as follows:
- call gnutls_cipher_get, gnutls_mac_get, gnutls_kx_get
- call gnutls_cipher_suite_get_name with the value from the above functions
This process is cumbersome and only works with TLS 1.2 or earlier;
moreover the returned names are GnuTLS specific.
This change adds a new function gnutls_ciphersuite_get to eliminate
those limitations. It returns the "canonical" name of the
ciphersuite, which is mostly identical to the ones registered in IANA,
with an exception for compatibility.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
| |
ktls enum flags API
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
|
|
|
|
|
|
|
| |
ktls is enabled by default, we can check if inicialization was
succesfull with gnutls_transport_is_ktls_enabled
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit implements import and export functions for the X.509
Certificate Transparency Signed Certificate Timestamp (SCT) extension
(RFC 6962).
A new constant GNUTLS_X509EXT_OID_CT_SCT is introduced
with the value "1.3.6.1.4.1.11129.2.4.2".
The following new public API functions are introduced:
- gnutls_x509_ext_ct_scts_init
- gnutls_x509_ext_ct_scts_deinit
- gnutls_x509_ext_ct_import_scts
- gnutls_x509_ext_ct_export_scts
- gnutls_x509_ct_sct_get_version
- gnutls_x509_ct_sct_get
Signed-off-by: Ander Juaristi <a@juaristi.eus>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds a new mode of interpreting the [overrides] section. If
"override-mode" is set to "allowlisting" in the [global] section, all
the algorithms (hashes, signature algorithms, curves, and versions)
are initially marked as insecure/disabled. Then the user can enable
them by specifying allowlisting keywords such as "secure-hash" in the
[overrides] section.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Co-authored-by: Alexander Sosedkin <asosedkin@redhat.com>
|
|
|
|
|
|
|
|
|
| |
This adds a couple of flags to RSA-PSS signing and verification, to
enforce that the salt length matches the digest length. That is not
only recommended in RFC 4055, but also mandated in RFC 8446 in the TLS
1.3 context.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
|
| |
The message is prohibited in QUIC:
https://tools.ietf.org/html/draft-ietf-quic-tls-34#section-8.3
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
|
|
| |
The flag was only for the server, but it turned out to be useful for
client to explicitly indicate early data, when 0-RTT is handled
out-of-band as in QUIC.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
|
|
|
| |
This commit adds two new tls channel binding types into enum
gnutls_channel_binding_t:
* tls-server-end-point
* tls-exporter
Signed-off-by: Ruslan N. Marchenko <me@ruff.mobi>
|
|
|
|
|
|
| |
line with the other parameters.
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
|
|
|
|
|
|
| |
Flagged by cppcheck.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|\
| |
| |
| |
| |
| |
| | |
x509: check certificate trust status when adding CA through AIA
Closes #1100
See merge request gnutls/gnutls!1354
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The previous issuer callback API had a drawback: the callback is
supposed to add CA to the trust list by itself. This was error-prone,
because the callback must check the new CA is trusted by the already
added CA. This instead moves the responsibility to the library.
This also rewrites the chain amendment logic in a side-effect free
manner. The application can assume that the trust information stored
on gnutls_x509_trust_list_t shouldn't change after the verification.
The missingissuer test has been extended to cover all the possible
patterns exhaustively.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| |
| |
| |
| |
| |
| |
| | |
This adds gnutls_alert_set_read_function(), to allow QUIC
implementations to be notified when an alert message is sent.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| |
| |
| |
| |
| |
| |
| |
| | |
For the use with QUIC, the change of traffic secrets must be notified
_after_ a new epoch is set up for reading or writing, and we can't
simply reuse the keylog mechanism.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| |
| |
| |
| |
| |
| |
| |
| | |
This adds a couple of functions, gnutls_handshake_set_read_function()
and gnutls_handshake_write(), to allow QUIC implementations to
directly interact with the TLS state machine.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|/
|
|
|
|
|
| |
The maximum is chosen from the default configuration of SoftHSMv2:
https://github.com/opendnssec/SoftHSMv2/blob/develop/CMakeLists.txt#L61
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
|
|
|
| |
applications
to have a way to pass the gnutls_verify_output_function() as a callback so that the full
path of the certificate chain to the trusted root can be avaiable as output.
Signed-off-by: Sahana Prasad <sahana@redhat.com>
|
|
|
|
|
|
|
|
|
| |
FIPS140-2 IG D.8 mandates self-tests on approved KDF algorithms. As
the guidance only requires to run a single instance of each KDF
mechanism, this only exercises TLS1.2 PRF with HMAC-SHA-256 as the
underlying MAC algorithm.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|