| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
This is particularly useful when the application applies key
derivation function by itself with the same underlying hash algorithm
as the session.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
|
|
| |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In TLS 1.3, the protocol maximum of plaintext size is 2^14+1, while
it is 2^14 in TLS 1.2. To accommodate that, this introduces the
following invariant:
- when the maximum is set by the user with
gnutls_record_set_max_size(), store it as is. The value range is
[511, 16834].
- when the maximum is negotiated through record_size_limit extension,
it can be [512, 16385]. In TLS 1.3, subtract by 1 to fit in [511,
16384].
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Overriding gnutls_rnd() with visibility 'protected' doesn't always work.
E.g. LDFLAGS="-Wl,-Bsymbolic-functions" seems to have priority on
Debian derived systems.
Fixes #584
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|
|
|
|
|
|
|
| |
This adds support of the final RFC numbers.
Resolves #542
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
|
|
|
|
|
|
|
| |
This implements the record_size_limit extension as defined in RFC 8449.
Although it obsoletes the max_record_size extension, for compatibility
reasons GnuTLS still sends it on certain occasions. For example, when
the new size is representable as the codepoint defined for
max_record_size.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
|
|
|
|
| |
Resolves #506
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
| |
This was inadvertently omitted and that could cause unexpected
issues when one of the peers would close the connection earlier
than expected.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With the psk_key_exchange_modes extension, clients can restrict the
key exchange modes for use with resumption and in that case the server
shouldn't send NewSessionTicket. This patch makes use of it to avoid
receiving useless tickets, by sending the psk_key_exchange_modes
extension unless PSK is completely disabled.
A couple of tests need to be adjusted: tls13/prf to take into account
of the psk_key_exchange_modes extension sent, and tls13/no-psk-exts to
not treat the presence of the extension as error.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
from "pure"
This change enhances signature algorithms to have a private key algorithm
parameter. That is, to allow signature algorithms operating with a private
key of type X while the public key is of type Y. That is useful for the
RSA-PSS signatures which are of two types; one which is seen from servers
having PKCS#1 1.5 certificates, the other with RSA-PSS certificates, while
both utilize RSA-PSS private keys.
This is a draft-ietf-tls-tls13-23 change.
Resolves #400
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Also version negotiation was moved to supported_versions extension,
and session ID is set by client following appendix D.4.
This is a draft-ietf-tls-tls13-22 change.
Resolves #393, #389, #397
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
| |
This is a draft-ietf-tls-tls13-23 change.
Resolves #398
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
| |
Resolves #330
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|