Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Feb 8 11:02:39 2025 +0900
.gitlab-ci.yml: temporarily disable fedora-nettle-minigmp/test
This target for some reason takes too long to complete. As we don't
recommend building it with --enable-mini-gmp, only exercise the build
stage for now.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Feb 8 07:58:34 2025 +0900
Revert "doc: Fix races in a parallel build."
This reverts commit 8daba130cc0c4100186af0b61bc3e65d54a46727, which
turned out to cause a rebuild of .info files at "make distcheck" in a
read-only srcdir.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Jan 26 09:32:40 2025 +0900
Release 3.8.9
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Feb 7 06:28:03 2025 +0900
maint: update libtasn1 to 4.20.0
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Nov 18 17:23:46 2024 +0900
x509: optimize name constraints processing
This switches the representation name constraints from linked lists to
array lists to optimize the lookup performance from O(n) to O(1), also
enforces a limit of name constraint checks against subject alternative
names.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Feb 5 17:19:03 2025 +0900
certtool: default to PKCS#8 when generating RSA-OAEP key
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jan 29 11:57:44 2025 +0900
key_share: send illegal_parameter when parsing EC key share fails
When the received EC key share is malformed,
_gnutls_ecc_ansi_x962_import returns GNUTLS_E_PARSING_ERROR or
GNUTLS_E_MEMORY_ERROR, which maps to an internal_error alert. This
explicitly return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER to send
illegal_parameter instead, in compliance with the RFC.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Jan 26 09:38:21 2025 +0900
m4: update ax_code_coverage.m4 from autoconf-archive
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Jan 25 18:09:25 2025 +0900
tests: remove unmatched GCC pragma in tests/test-chains-issuer-aia.h
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Jan 25 18:07:44 2025 +0900
build: don't redefine AM_CPPFLAGS in libdane/Makefile.am
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jan 15 11:16:32 2025 +0900
maint: consolidate licensing information to top-level directory
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Jan 25 09:58:25 2025 +0900
NEWS: mention leancrypto support
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Jan 25 17:58:01 2025 +0900
tests: add a way to assume enabled groups in pqc-hybrid-kx.sh
With this patch, if TESTS_ENABLED_GROUPS is set, the listed groups
must be enabled and the pqc-hybrid-kx.sh test would fail.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jan 22 15:15:49 2025 +0900
.gitlab-ci.yml: exercise --with-leancrypto
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jan 20 14:18:10 2025 +0900
leancrypto: support leancrypto for post-quantum algorithms
This adds support for leancrypto as an additional and the preferred
backend for now, until Nettle gains the proper support for PQC
algorithms. There are a few advantages over liboqs, namely:
- It already has required input validations for ML-KEM as in FIPS 203,
such as Modulus check, which are currently missing in liboqs
- It provides an API to generate ML-KEM/ML-DSA key pairs from a seed,
which is required to support the seed-only private key format proposed
in draft-ietf-lamps-dilithium-certificates-05 and later
- No need to avoid undesired OpenSSL dependency; all the symmetric
algorithms are natively implemented by leancrypto itself
As the supposed use-case of this is to statically link leancrypto with
GnuTLS, this doesn't support loading leancrypto with dlopen.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jan 22 07:45:46 2025 +0900
datum, mem, str: add helper functions to steal pointers
This introduces 3 new inline functions, namely _gnutls_steal_datum,
_gnutls_steal_buffer, and _gnutls_steal_pointer, to return a copy of
data structure and reset the original pointer. Those would enable to
return a populated data structure upon success; otherwise free the
partially filled data structure in a single code path, e.g.,
```c
gnutls_datum_t tmp_result = { NULL, 0 };
// Calculate tmp_result
...
if (error)
goto cleanup;
// Propagate tmp_result to *result
*result = _gnutls_steal_datum(&tmp_result);
cleanup:
_gnutls_free_datum(&tmp_result);
return ret;
```
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Fri Jan 24 17:12:52 2025 +0100
Add check for empty compressed certificate
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Jan 16 11:46:14 2025 +0900
pkcs8: remove HAVE_LIBOQS ifdefs
The key encoding and decoding operations currently do not use liboqs
functions. Remove unnecessary HAVE_LIBOQS ifdefs so it will be easier
to port to other implementations.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Stanislav Zidek <szidek@redhat.com>
Date: Thu Jan 16 16:33:59 2025 +0100
tls-interop: update
Signed-off-by: Stanislav Zidek <szidek@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Wed Jan 8 15:15:12 2025 +0100
Fix Edwards EC_POINT encoding
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Jan 12 11:36:39 2025 +0900
gnulib: update gnulib submodule
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Jan 12 11:24:56 2025 +0900
doc: update copy of LGPLv2.1 to the latest, without FSF address
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Jan 12 11:34:13 2025 +0900
gnulib: work around misinteractions between close and fchdir modules
This caused a build failure on mingw. The workaround was suggested by
Bruno Haible in:
<https://lists.gnu.org/archive/html/bug-gnulib/2024-12/msg00179.html>
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Jan 12 11:35:28 2025 +0900
build: define GNUTLS_BUILDING_LIB while compiling sources in lib/
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jan 10 17:39:18 2025 +0900
configure: run autoupdate
This fixes the warnings generated by autoupdate:
configure.ac:55: warning: AC_PROG_CC_C99 is obsolete; use AC_PROG_CC
configure.ac:139: warning: The preprocessor macro `STDC_HEADERS' is obsolete.
Except in unusual embedded environments, you can safely include all
ISO C90 headers unconditionally.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Date: Sun Dec 22 11:29:59 2024 +0900
doc: Fix races in a parallel build.
* configure.ac: Use AC_PROG_MKDIR_P macro.
* doc/Makefile.am (stamp_functions, stamp_enums): Use the MKDIR_P
variable it defines.
(error_codes.texi, algorithms.texi, alerts.texi): Add dependency on
errcodes via a prerequisite, not a make invocation
(DISTCLEANFILES): Register the newly depended upon binaries.
Fixes: <https://gitlab.com/gnutls/gnutls/-/issues/1635>
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jan 14 11:25:34 2025 +0900
algorithms: centrally define KEM algorithm sizes in group entries
This switches to define the public key and ciphertext sizes of ML-KEM
algorithms in gnutls_group_entry_st, instead of deriving those from
the algorithm name at the usage in the TLS key shares.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jan 14 11:15:13 2025 +0900
algorithms: rename GNUTLS_{PK,SIGN}_ML_DSA_* to GNUTLS_*_MLDSA*
To be consistent with ML-KEM algorithms, omit underscores in ML-DSA
gnutls_pk_algorithm_t and gnutls_sign_algorithm_t enum definitions,
while keeping hyphens in the human readable names.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jan 14 11:12:34 2025 +0900
algorithms: rename GNUTLS_PK_ML_KEM_* to GNUTLS_PK_MLKEM*
To be consistent with the naming of hybrid groups, omit underscores in
the enum definition, while keeping hyphens in human readable names.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Loganaden Velvindron <loganaden@gmail.com>
Date: Mon Jan 13 23:56:52 2025 +0000
key_share: support SecP384r1MLKEM1024 group
Signed-off-by: Loganaden Velvindron <logan@cyberstorm.mu>
Signed-off-by: Jaykishan Mutkawoa <jay@cyberstorm.mu>
Signed-off-by: Kavish Nadan <kn@cyberstorm.mu>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jan 7 12:36:19 2025 +0900
x509: stop using version field of MLDSAPrivateKey
Previously we indicated the used ML-DSA algorithm in the version field
of MLDSAPrivateKey, though this information is also available in
privateKeyAlgorithm field as OID. With this change, the version field
is always set to 1 to be compatible with OneAsymmetricKey with a
non-empty publicKey field. When decoding, if the version is 1, the
public key is read from publicKey field; otherwise it will be
extracted from the privateKey field to interoperate with the other
implementations such as OpenSSL/oqsprovider.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Dec 26 17:34:51 2024 +0900
NEWS: add entry for ML-DSA support
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Dec 26 10:56:08 2024 +0900
tests: add basic tests for ML-DSA usage with certtool
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Dec 26 11:07:15 2024 +0900
nettle: ensure liboqs is loaded for signing operations with ML-DSA
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Dec 26 10:31:05 2024 +0900
algorithms: document ML-KEM/ML-DSA in public enums
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Dec 26 10:28:08 2024 +0900
algorithms: rename GNUTLS_PK_MLKEM768 to GNUTLS_PK_ML_KEM_768
To be consistent with ML-DSA algorithms, this renames
GNUTLS_PK_MLKEM768 to GNUTLS_PK_ML_KEM_768, while the old name is
preserved through a compatibility macro.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Dec 24 18:14:39 2024 +0900
certtool: enable ML-DSA private key generation
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Dec 26 10:38:33 2024 +0900
algorithms: expose ML-DSA algorithm entries regardless of liboqs
Also this omits mapping between ML-DSA-44 and secparams, as there is
no way to express an algorithm is at security level category 2, which
uses a hash collision search instead of a brute-force key search on
AES. See Appendix B of draft-ietf-lamps-dilithium-certificates for
further details.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Dec 24 16:57:54 2024 +0900
fips: perform pair-wise consistency test for ML-DSA
Also mark the signature creation and verification operation as
non-approved, as the current version of liboqs doesn't implement
sufficient checks for input.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jan 7 23:23:22 2025 +0900
.gitlab-ci.yml: bump cache version
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jan 7 20:30:15 2025 +0900
Update year of copyright notices in doc/gnutls.texi
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Dec 24 10:15:45 2024 +0900
configure: cache results of AC_*_IFELSE checks
This make the configure process a little faster when --cache-file is
given from the previous build, as it avoids running compilers, etc.,
as well as makes the features configurable through cached variables.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Dec 23 16:36:26 2024 +0900
configure: fix output for checking whether dlopen(SONAME) works
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Dec 10 15:54:15 2024 +0900
tests: fix "fail" function usage
The "fail" shell function takes a PID as the first argument.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Dec 10 13:48:08 2024 +0900
tests: fix tense in messages
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Dec 9 21:40:07 2024 +0900
build: error "make distcheck" if bootstrap is called with --skip-po
This prevents mistakes when creating a tarball, as in 3.8.7.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Date: Tue Dec 24 20:44:12 2024 +0900
tests: Find p11-kit module directory via pkg-config.
* tests/p11-kit-load.sh (P11_MODULE_PATH): New variable; use it to
locate p11-kit-trust.so.
* tests/p11-kit-trust.sh (PKG_CONFIG, P11_MODULE_PATH): Likewise.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Author: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Date: Sun Dec 22 00:00:39 2024 +0900
build: Skip tls-fuzzer when python-six is not available.
* configure.ac [HAVE_PYTHON_SIX]: New conditional.
* tests/suite/Makefile.am (scripts_to_test)
[HAVE_PYTHON_SIX]: Conditionally include tls-fuzzer test scripts.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Author: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Date: Sat Dec 21 21:47:56 2024 +0900
tests: Skip multi-ticket-reception test when valgrind is not available.
This test would hang when attempting to run without valgrind
available.
* tests/suite/multi-ticket-reception.sh: Skip when VALGRIND is not set.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Author: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Date: Sat Dec 21 22:51:02 2024 +0900
configure.ac: Ensure Python is available when it's needed.
* configure.ac: Use AM_PATH_PYTHON only when needed, and ensure it
then succeeds.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Author: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Date: Sat Dec 21 16:29:39 2024 +0900
bootstrap.conf: Sort requirements.
* bootstrap.conf (buildreq): Sort.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Author: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Date: Sat Dec 21 12:47:56 2024 +0900
bootstrap.conf: Require the 'wget' command.
wget is used to retrieve translation files.
* bootstrap.conf (buildreq): Register wget.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Author: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Date: Sat Dec 21 11:37:51 2024 +0900
bootstrap.conf: Require the 'bison' command.
* bootstrap.conf (buildreq): Register bison.
Fixes: <https://gitlab.com/gnutls/gnutls/-/issues/1196>
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Author: Sahil Siddiq <sahilcdq@proton.me>
Date: Thu Dec 12 18:29:39 2024 +0530
Set default value of early date size for client to 0
This commit sets the default value of "early_data_size" to 0 for
the client. "early_data_size" is set to a non-zero value when the
server sends the relevant extension in a session ticket to the
client.
This makes it easy for the client to determine if a server
supports early data.
Link: https://gitlab.com/gnutls/gnutls/-/issues/1619
Signed-off-by: Sahil Siddiq <sahilcdq@proton.me>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Dec 6 09:53:18 2024 +0900
groups: represent hybrid groups with an array of IDs
Previously, the supported_groups array contained externally defined
elements, which is legitimate in C99 but caused error with Clang:
groups.c:93:2: error: initializer element is not a compile-time constant
group_x25519,
^~~~~~~~~~~~
This reworks the array definition of indirection through group
IDs (gnutls_group_t, i.e., integer).
This also makes pqc-hybrid-kx test more exhaustive.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Stanislav Zidek <szidek@redhat.com>
Date: Mon Dec 9 13:32:14 2024 +0100
fix tmt provision -h local
TMT started requiring --feeling-safe for local provisioning.
Signed-off-by: Stanislav Zidek <szidek@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Dec 3 21:50:05 2024 +0900
x509: print errors when importing name constraints fails
Like printing SCTS, report any error to stdout when iterating over
name constraints in a certificate.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Angel Yankov <angel.yankov@suse.com>
Date: Thu Nov 28 10:54:45 2024 +0200
As DSA is not-approved in FIPS 140-3, there is no need to run a self test on it.
Signed-off-by: Angel Yankov <angel.yankov@suse.com>
Author: d-Dudas <david.dudas03@e-uvt.ro>
Date: Sun Nov 17 15:12:28 2024 +0200
Removed support for Falcon algorithms
Signed-off-by: David Dudas <david.dudas03@e-uvt.ro>
Author: pohsingwu <pohsingwu@synology.com>
Date: Sun Nov 17 02:01:37 2024 +0800
fips: mark EdDSA as approved in FIPS mode
FIPS 186-5 approves EdDSA.
Signed-off-by: Po-Hsing Wu <pohsingwu@synology.com>
Author: d-Dudas <david.dudas03@e-uvt.ro>
Date: Wed Nov 6 20:46:59 2024 +0200
Removed support for Sphincs algorithms
Signed-off-by: David Dudas <david.dudas03@e-uvt.ro>
Author: David Dudas <david.dudas03@e-uvt.ro>
Date: Thu Oct 24 18:56:30 2024 +0300
Added SHA3x4 callbacks for liboqs.
Signed-off-by: David Dudas <david.dudas03@e-uvt.ro>
Author: d-Dudas <david.dudas03@e-uvt.ro>
Date: Sun Sep 22 16:22:13 2024 +0300
Moved ML-DSA algorithms from the experimtental algorithms to non-exeperimental algorithms.
Signed-off-by: David Dudas <david.dudas03@e-uvt.ro>
Author: d-Dudas <david.dudas03@e-uvt.ro>
Date: Sat Aug 31 19:46:02 2024 +0300
Changed from Dilithium to ML-DSA
Signed-off-by: David Dudas <david.dudas03@e-uvt.ro>
Author: d-Dudas <david.dudas03@e-uvt.ro>
Date: Mon Jul 29 00:00:40 2024 +0300
Add experimental support for post-quantum digital signature algorithms in X.509 certificates
- Dilithium
- Falcon
- Sphincs family
Signed-off-by: David Dudas <david.dudas03@e-uvt.ro>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Nov 7 22:10:20 2024 +0900
liboqs: don't call OQS_destroy if the version is 0.11.0
OQS_destroy in liboqs 0.11.0 unconditionally calls OpenSSL functions
for cleanup; see:
https://github.com/open-quantum-safe/liboqs/pull/1982
As it doesn't do anything other than that so far, just skip it for
now.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: David Dudas <david.dudas03@e-uvt.ro>
Date: Thu Nov 7 09:31:53 2024 +0900
liboqs: add SHA3x4 callbacks
Signed-off-by: David Dudas <david.dudas03@e-uvt.ro>
Modified-by: Daiki Ueno <ueno@gnu.org>
Author: Angel Yankov <angel.yankov@suse.com>
Date: Thu Oct 24 15:00:28 2024 +0300
fips: Allow SigVer only with RSA keys with modulus >= 2048 bits
This is for easier complience with FIPS 186-5,
otherwise it would be necessary to justify how
the timestamp is provided to prove that only
pre-existing signatures can be verified in compliance
with FIPS 186-5.
Signed-off-by: Angel Yankov <angel.yankov@suse.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Nov 6 14:24:05 2024 +0900
dlwrap: regenerate files
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Nov 6 14:14:50 2024 +0900
gnutls_privkey_get_spki: avoid NULL dereference in invalid call
Reported and solution suggested by David Meliksetyan in:
https://gitlab.com/gnutls/gnutls/-/issues/1579
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Nov 5 22:56:36 2024 +0900
gnutls-cli-debug: skip GOST and X25519 tests in FIPS mode
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Nov 2 12:13:54 2024 +0900
Release 3.8.8
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Sep 14 15:31:04 2024 +0300
Fixed the check at src/benchmark-tls.c
Signed-off-by: David Meliksetyan <d.meliksetyan@fobos-nt.ru>
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Sep 25 11:27:30 2024 +0900
dlwrap: clarify the code generation is one time only [ci skip]
This makes it clear that dlwrap is not a build-time dependency but a
one-time passive code generator.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Sep 25 09:59:42 2024 +0900
devel/generate-dlwrap.sh: remove --clang-resource-dir option
The option is automatically inferred in dlwrap 0.3.6.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Nov 1 11:10:49 2024 +0900
priority: give KEM groups precedence over EC(DH) groups in TLS 1.3
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Nov 1 10:50:56 2024 +0900
key_share: detect overlap of PK types in hybrid groups
The client limits sending the key_share extension to at most one from
each public key type. To support hybrid groups, the logic needs to be
extedended to check all siblings.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Oct 30 14:05:10 2024 +0900
_gnutls_session_supports_group: return boolean instead of error code
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Oct 8 08:51:44 2024 +0900
groups: register SecP256r1MLKEM768 and X25519MLKEM768
This adds entries for SecP256r1MLKEM768 and X25519MLKEM768
post-quantum hybrid key agreement schemes as defined in
draft-kwiatkowski-tls-ecdhe-mlkem.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Oct 9 17:09:04 2024 +0900
key_share: rework hybrid algorithms handling
Previously we put 2 public key algorithms in a single
gnutls_group_entry_st, with pk and pk2 fields. That turned to be not
flexible enough to handle the cases where the number of combinations
increases or the order of algorithms is swapped. This changes the
representation with a linked list so one can easily construct and
traverse any combinations.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Oct 14 17:50:27 2024 +0900
priority: take into account of KEM groups
When constructing a ciphersuite list, include hybrid PQC groups with
KEM as the first key share.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Oct 9 18:10:25 2024 +0900
supported_groups: give KEM groups higher priority than DH
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Oct 9 17:04:44 2024 +0900
str: add _gnutls_ro_buffer_init
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Oct 8 06:34:16 2024 +0900
pk: plumb ML-KEM 768 in addition to Kyber 768
This adds GNUTLS_PK_MLKEM768 in the regular algorithm range, while
keeping GNUTLS_PK_EXP_KYBER768 in the experimental algorithm range.
This also modifies the privkey-keygen test to skip unsupported
algorithms at run-time.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Oct 7 17:49:24 2024 +0900
liboqs: provide SHA2 stubs
As well as SHA3, this implements GnuTLS backed stubs for SHA2
functions, which will be necessary for SLH-DSA signature support.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Oct 7 16:46:28 2024 +0900
liboqs: check library version at run-time
This is to safeguard when the library is compiled with a newer liboqs
but deployed to an enviromnent with an older liboqs, which may break
ABI compatibility.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Oct 7 13:39:22 2024 +0900
liboqs: require version 0.11.0
liboqs 0.11.0 shipped with public headers for plugging in alternative
symmetric algorithms (e.g., sha3_ops.h), which were previously
missing.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Angel Yankov <angel.yankov@suse.com>
Date: Thu Oct 24 15:08:04 2024 +0300
fips: Mark gnutls_hash_fast as approved in FIPS SLI
There is no reason for gnutls_hash_fast to not
be approved unde the SLI as part of the approved service
Message Digest (same as gnutls_hash_init, gnutls_hash , gnutls_hash_output ).
Add a transition to state approved when using gnutls_hash_fast.
Signed-off-by: Angel Yankov <angel.yankov@suse.com>
Author: Angel Yankov <angel.yankov@suse.com>
Date: Thu Oct 24 15:13:22 2024 +0300
fips: Mark operations using P-192 as not approved
P-192 is not an approved curve as of FIPS 186-5, so mark operations
using it as NOT approved in the SLI.
Signed-off-by: Angel Yankov <angel.yankov@suse.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Mon Oct 21 19:59:20 2024 +0200
nettle: mangle sha3_128_ctx
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Oct 16 14:42:47 2024 +0900
hash: return error if gnutls_hash is called after squeeze
Previously, when gnutls_hash is called after gnutls_hash_squeeze, it
hits an assertion failure in nettle:
sha3.c:76: _nettle_sha3_update: Assertion `pos < block_size' failed.
This adds an internal function to check whether the hash context has
already been finalized with squeezing and in that case errors out.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Thu Oct 10 13:26:22 2024 +0200
compress_certificate: improve error checks
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date: Tue Oct 8 09:51:00 2024 -0700
lib/nettle/int/nettle-internal.h: include alloca.h if configure found it
Needed for alloca definition on Solaris, to avoid build error with gcc 14:
lib/nettle/int/nettle-internal.h:59:39: error: implicit declaration of
function 'alloca' [-Wimplicit-function-declaration]
59 | #define TMP_ALLOC(name, size) (name = alloca(sizeof(*name) * (size)))
| ^~~~~~
Closes #782
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Wed Sep 25 13:32:14 2024 +0200
tests/key-material-set-dtls: retry send/recv on E_AGAIN/E_INTERRUPTED
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Fri Sep 27 12:09:51 2024 +0200
Ignore unknown compression algs when using CLI
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Wed Sep 25 09:05:35 2024 +0200
tests/ktls: skip CHACHA20-POLY1305 in FIPS mode
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Jeff Mattson <jmattson@sei.cmu.edu>
Date: Tue Sep 24 10:53:23 2024 -0400
fix formatting
Signed-off-by: Jeff Mattson <jmattson@sei.cmu.edu>
Author: Jeff Mattson <jmattson@sei.cmu.edu>
Date: Tue Sep 24 10:33:50 2024 -0400
iterate ocsp response records for matching certificate
Signed-off-by: Jeff Mattson <jmattson@sei.cmu.edu>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sat Sep 7 16:41:33 2024 +0200
Fix configure syntax error on non-working faketime
Closes #1576
Authored-by: Tim Kosse
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sun Aug 25 15:02:57 2024 +0200
Select whether to link/dlopen tpm2 at configure time
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sun Aug 25 13:01:30 2024 +0200
Select whether to link/dlopen libocs at configure time
(This defaults to off)
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sat Aug 24 18:35:07 2024 +0200
Select whether to link/dlopen brotli at configure time
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sat Aug 24 13:55:14 2024 +0200
Select whether to link/dlopen zstd at configure time
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sat Aug 24 12:58:15 2024 +0200
Use HAVE_ZLIB for both automake and autoconf
Do not mix HAVE_LIBZ and HAVE_ZLIB
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Fri Sep 20 16:04:44 2024 +0200
nettle: fail OAEP decryption on unknown hash
_rsa_oaep_decrypt() "returns 1 on success; 0 otherwise",
but here we've returned non-zero on using an unsupported hash.
This confused the error reporting into thinking gnutls_privkey_decrypt_data()
has succeeded, while it hasn't.
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Andreas Metzler <ametzler@debian.org>
Date: Mon Aug 19 14:46:29 2024 +0200
Select whether to link/dlopen zlib configure time
Now requires pkg-conf for locating zlib.
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sun Aug 18 12:34:09 2024 +0200
Add status-message on whether dlopen is available.
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Aug 29 19:07:11 2024 +0900
ocsp: gnutls_ocsp_status_request_is_checked: fix note on TLS 1.3 [ci skip]
The previous note on limitation under TLS 1.3 was misleading, as it
used "server-side" and "client-side" in a confusing manner. This
rewords the sentence to be more consistent.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Ekaterina Zilotina <zilotina.ed@npc-ksb.ru>
Date: Mon Aug 26 13:22:36 2024 +0300
tools: fix memleak around getline
Fixes: #1573
Signed-off-by: Ekaterina Zilotina <zilotina.ed@npc-ksb.ru>
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Sahil Siddiq <sahilcdq@proton.me>
Date: Fri Aug 23 00:02:37 2024 +0530
doc: Fix error and improve doc
The description of "gnutls_psk_allocate_client_credentials" incorrectly
states that sc is a pointer to a "gnutls_psk_server_credentials_t". sc
is a pointer to a "gnutls_psk_client_credentials_t".
In the description of "gnutls_credentials_set", mention the type that
the cred parameter should be when using GNUTLS_CRD_PSK.
Signed-off-by: Sahil Siddiq <sahilcdq@proton.me>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Aug 21 14:50:54 2024 +0900
fips: skip HMAC checks of nettle libraries when statically linked
Since commit b6e9b10347ed577a9a37b7b28e1a039c5f6ccb16, it is possible
to link Nettle libraries statically. In that case, FIPS integrity
checks against the Nettle shared libraries should be skipped as they
are not used by GnuTLS.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Brad Smith <brad@comstyle.com>
Date: Wed Aug 14 07:34:18 2024 -0400
accelerated: aarch64: add FreeBSD/aarch64 support
Signed-off-by: Brad Smith <brad@comstyle.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Aug 16 13:35:47 2024 +0900
build: add liboqs in Requires.private in gnutls.pc if needed
When --with-liboqs is specified and liboqs cannot be dlopen'ed, it
will be linked at build time. In that case gnutls.pc should indicate
that through Requires.private.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Aug 16 09:48:31 2024 +0900
build: don't emit Requires.private for dlopened libraries
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Aug 16 09:42:15 2024 +0900
build: fix setting AM_CONDITIONAL for brotli and zstd
As the with_{libbrotli,libzsttd} variables are unset if configured
with --without-{brotli,zstd}, check the unequality to "no" doesn't
work; use explicit matching with "yes" instead.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Andreas Metzler <ametzler@debian.org>
Date: Thu Aug 15 16:22:02 2024 +0200
revert back to datefudge for "openssl ocsp".
openssl's -attime only changes the verification logic but not the
generation.
Broken by: d1bc7f644422c4d87edfcd9fafe7f292a1a3a6de
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Aug 15 19:47:09 2024 +0900
release-steps: mention how to propose package update in Fedora [ci skip]
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Andreas Metzler <ametzler@debian.org>
Date: Thu Aug 15 12:42:56 2024 +0200
Also set ENABLE_DSA for tests in cert-tests subdirectory.
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Aug 15 09:45:04 2024 +0900
Release 3.8.7
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Aug 15 10:01:10 2024 +0900
doc: fix menu entry for RSAES-PKCS1-v1_5 system wide configuration
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Aug 15 09:43:41 2024 +0900
liboqs: avoid uninitialized value in pk_ops.verify_priv_params
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Aug 14 09:12:58 2024 +0900
build: change Nettle library link order to support static linking
As libhogweed uses libnettle functions such as nettle_cnd_memcpy,
libhogweed should come before libnettle in $(LIBADD), when linked
statically.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Aug 14 01:17:29 2024 +0900
compress-cert: don't send bad_certificate alert manually
The library API is not designed to proactively send alert by itself,
but it is rather a responsibility of the application to decide to
which alert to be sent when. This removes the manual call to
gnutls_alert_send in the code handling TLS 1.3 Certificate message
when a decompression error happens.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sun Aug 11 15:43:45 2024 +0200
Use openssl's -attime option instead of faketime/datefudge
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Aug 12 05:54:07 2024 +0900
tests: testdane.sh: ignore torproject.org for now
danetool --check returns an error when tested against the host. This
temporarily disables it.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Aug 9 07:07:05 2024 +0900
.gitlab-ci.yml: add fedora-no-liboqs/test
The new fedora-no-liboqs/test exercises fedora/test without liboqs. In
that case the hybrid-pqc-kx.sh test should be safely skipped.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Aug 9 07:04:25 2024 +0900
dlwrap: don't assume dlopen/dlsym sets errno
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Aug 1 20:17:15 2024 +0900
pkcs12: enable PBMAC1 by default in FIPS mode
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Aug 1 20:15:31 2024 +0900
pkcs12: use gnutls_hmac API for MAC calculation
Instead of the internal _gnutls_mac API, this switches to using
gnutls_hmac API, which has checks on whether the algorithm is FIPS
approved.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Aug 1 20:11:00 2024 +0900
pkcs12: don't switch FIPS indicator upon export
Now that we have a FIPS compliant MAC calculation using PBMAC1.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jul 31 09:40:44 2024 +0900
gnutls_group_list: take into account of public key algorithms
Previously the function only checked if the ECC curves are
supported. Now that hybrid key exchange with KEM is supported, it
should also check public key systems.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jul 23 09:01:01 2024 +0900
tpm2: switch to using dlwrap for loading TSS2 libraries
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jul 26 11:25:22 2024 +0900
NEWS: mention 3.8.7 changes
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jul 30 07:53:18 2024 +0900
.github/workflows: use macos-latest runner
This also does:
- update checkout action to v4
- manually supply CFLAGS and LDFLAGS of GMP
- point to the homebrew version of bison executable
- supply CFLAGS and LDFLAGS of libunistring
- install coreutils for "timeout"
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jul 30 15:15:30 2024 +0900
tests: gnutls-cli-debug.sh: make timeout program configurable
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jul 30 13:51:55 2024 +0900
tests: pkgconfig.sh: respect LDFLAGS
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jul 30 09:19:28 2024 +0900
build: set CFLAGS as necessary
When header files of optional libraries are installed on a non-default
locations, e.g., with homebrew, CFLAGS must be set so the compiler can
find them at build time for the definition of data types and macros.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jul 29 14:13:36 2024 +0900
.gitlab-ci.yml: bump cache version
To update the Debian CI image from bullseye to bookworm.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jul 26 21:48:23 2024 +0900
.gitlab-ci.yml: use Python implementation of gnulib-tool
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jul 29 09:01:21 2024 +0900
dlwrap: regenerate zlib wrapper
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jul 29 08:40:34 2024 +0900
liboqs: check whether Kyber768 is compiled in
In the default build configuration of liboqs 0.10.1, Kyber768 is
disabled. This adds a guard against it and skip tests if not
available.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jul 26 11:30:03 2024 +0900
gnulib: update gnulib submodule
Also make sure to include "config.h"; otherwise overriding headers
from Gnulib will complain:
In file included from inih/ini.c:14:
./../gl/stdio.h:71:3: error: #error "Please include config.h first."
71 | #error "Please include config.h first."
| ^~~~~
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Jul 27 09:15:10 2024 +0900
build: ignore -Wmissing-variable-declarations for now
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jul 26 23:08:06 2024 +0900
randomart: avoid using u_int
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jul 26 22:35:35 2024 +0900
tests: sanity-cpp: don't use <minmax.h> from Gnulib
Adding Gnulib include directory causes some conflict through indirect
include of <pthread.h>. As sanity-cpp.cpp only uses MIN macro, we can
simply define it by ourselves instead of including <minmax.h>.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jul 26 09:33:03 2024 +0900
build: do not print liboqs enablement status
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jul 24 12:55:58 2024 +0900
build: update cligen submodule
This is to respect SOURCE_DATE_EPOCH and to stop using the "error"
function from <error.h>.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jul 23 20:48:26 2024 +0900
liboqs: defer loading of liboqs at run-time
Instead of loading liboqs at startup, this defers it until the liboqs
functions are actually used.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jul 24 14:42:02 2024 +0900
nettle: run pairwise consistency test only in FIPS mode
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jul 23 16:08:16 2024 +0900
build: avoid multiple definition if mpn_cnd_add_n
When Nettle is built with mini-gmp, mpn_cnd_add_n is always defined in
libhogweed and thus causes a symbol clash when linking with both
libgnutls and the latest libgmp.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jul 23 16:04:56 2024 +0900
build: link against libhogweed when checking nettle_rsa_oaep_*
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jul 22 14:07:28 2024 +0900
tests: pkcs12-pbmac1: exercise extended/truncated MAC values
This adds a couple of new test vectors embedding
PFX.macData.mac.digest with extended/truncated MAC values, both of
which should fail MAC verification.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Co-authored-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jul 23 09:50:04 2024 +0900
tests: pqc-hybrid-kx: use key and certificate in distribution
The Ed25519 key and certificate in doc/credentials/x509/ are currently
not included in the distribution. Use the ECDSA ones in the test to
make the test work.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jul 23 15:12:11 2024 +0900
liboqs: manually load liboqs.so at startup
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jul 23 11:25:18 2024 +0900
dlwrap: use different macro for library soname in generated code
As GnuTLS opt in for manual initialization of dlopen'ed libraries,
config.h shouldn't define the SONAME macro used in the generated code.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jul 22 10:30:11 2024 +0900
tests: hash-large: exercise gnutls_hash_output(..., NULL)
This adds a call to gnutls_hash_output with DIGEST argument as NULL to
exercise the context reset behavior added in commit
eced4c0c2b3d3ee6a35dab99616a25910b623f79.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jul 22 10:16:31 2024 +0900
crypto-selftests-pk: only define dsa_2048_privkey if DSA is enabled
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jul 22 10:33:11 2024 +0900
tests: assign unique names to temporary directories
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jul 17 12:15:06 2024 +0900
tests: iov: fix printing of error
This fixes an incorrect usage of a printf format specifier and adds
extra length check before calling memcmp.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jul 17 12:14:24 2024 +0900
privkey_openssl: avoid deinitializing cipher context on error path
When gnutls_cipher_init returns error, the cipher handle is not
initialized and thus shouldn't be deinitialized.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jul 8 15:46:13 2024 +0900
.gitlab-ci.yml: use --with-liboqs in fedora/build
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Jun 2 07:19:14 2024 +0900
key_share: support X25519Kyber768Draft00
This implements X25519Kyber768Draft00 hybrid post-quantum key exchange
in TLS 1.3, based on the draft:
https://datatracker.ietf.org/doc/draft-tls-westerbaan-xyber768d00/
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri May 31 09:18:27 2024 +0900
build: plumb liboqs as an optional dependency
This exposes OQS functions necessary to implement Kyber768 through
dlopen with stub implementation for lower-level cryptographic
primitives, such as SHA3 and DRBG.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Mon Jul 8 16:13:40 2024 +0200
Add configuration option to disable/enable DSA signing and verification
DSA signing and verification is enabled by default
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jul 2 07:53:02 2024 +0900
.gitlab-ci.yml: don't disable compression support in fedora/build
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Jun 29 13:36:58 2024 +0900
build: switch to using dlwrap for loading compression libraries
This switches the logic to load compression libraries from the
hand-written code to the automatically generated code by the dlwrap
tool[1], which enables to select whether to use dlopen or link to the
library at build time.
1. https://crates.io/crates/dlwrap
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Jun 29 13:34:36 2024 +0900
build: detect SONAME for compression libraries at configure
Instead of hard-coding the SONAMEs for zlib, libzstd, libbrotlienc,
and libbrotlidec, this checks the actual SONAMEs at configure time, so
the first argument of dlopen is more acurate when a SONAME is bumped.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Jul 6 11:59:08 2024 +0900
build: check if dlopen(SONAME) works in configure
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Jun 29 09:52:55 2024 +0900
m4: factor out soname check into a separate macro
This moves the SONAME detection from configure.ac to m4/hooks.m4 as
the LIBGNUTLS_CHECK_SONAME macro. The new macro doesn't implicitly
set *_LIBRARY_SONAME to "none", so the callers need to adjust
themselves depending on whether the macro is defined.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Tue Jul 2 16:00:40 2024 +0200
Release 3.8.6
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Tue Jul 2 17:13:21 2024 +0200
Make asm-sources
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Bill Roberts <bill.roberts@arm.com>
Date: Thu Jun 20 09:00:49 2024 -0500
aarch64: no lint asm block
For clang-format, have it ignore the asm block in the header.
Fixes:
clang-format --dry-run lib/accelerated/aarch64/aarch64-common.h
lib/accelerated/aarch64/aarch64-common.h:109:13: warning: code should be clang-formatted [-Wclang-format-violations]
.pushsection .note.gnu.property, "a";
Signed-off-by: Bill Roberts <bill.roberts@arm.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Wed Jun 19 14:40:23 2024 +0200
test/cert-tests: use --attime in more tests
With this change, building should be fine until 2049
on platforms with 64-bit time_t.
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Wed Jun 19 14:39:53 2024 +0200
tests: use --attime in more tests
With this change, building should build fine until 2039
on platforms with 64-bit time_t.
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Thu Jun 20 14:37:01 2024 +0200
tests/Makefile: expose ac_cv_sizeof_time_t
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Stanislav Zidek <szidek@redhat.com>
Date: Tue Jun 11 17:23:11 2024 +0200
tls-interoperability: workaround for openssl CCM8
CCM8 moved to SECLEVEL=0 in openssl
Signed-off-by: Stanislav Zidek <szidek@redhat.com>
Author: Stanislav Zidek <szidek@redhat.com>
Date: Fri May 31 10:50:42 2024 +0200
remove obsolete testcompat-openssl-* tests
These tests are superseded by tls-interoperability/ test suite
with the exception of 0-RTT (--earlydata) tests.
Signed-off-by: Stanislav Zidek <szidek@redhat.com>
Author: Bill Roberts <bill.roberts@arm.com>
Date: Mon Jun 10 12:16:53 2024 -0500
lib/accelerated: add CFLAGS to aarch64/elf
When building with certain cflags, like -mbranch-protection=standard,
the assembly generation needs to get the CFLAGS to enable assembler
level features. Without this, closing PAC/BTI feature support will not
be completed.
Example:
export CFLAGS='-mbranch-protection=standard'
export CPPFLAGS='-mbranch-protection=standard'
\# not needed, just for error reporting
export LDFLAGS='-Wl,-zforce-bti,--fatal-warnings'
./bootstrap
./configure --with-included-libtasn1 --with-included-unistring
make asm-sources
make -j4
readelf -n ./lib/.libs/libgnutls.so
Displaying notes found in: .note.gnu.property
Owner Data size Description
GNU 0x00000010 NT_GNU_PROPERTY_TYPE_0
Properties: AArch64 feature: BTI, PAC
<snip>
readelf -n ./lib/.libs/libgnutlsxx.so
Displaying notes found in: .note.gnu.property
Owner Data size Description
GNU 0x00000010 NT_GNU_PROPERTY_TYPE_0
Properties: AArch64 feature: BTI, PAC
<snip>
Related to: #1517
Signed-off-by: Bill Roberts <bill.roberts@arm.com>
Author: Bill Roberts <bill.roberts@arm.com>
Date: Mon Jun 10 12:46:09 2024 -0500
lib/accelerated: add missing space on pushsection
Missing a space between pushsection and the section name.
Results in this error:
lib/accelerated/aarch64/aarch64-common.h:109: Error: unknown pseudo-op: `.pushsection.note.gnu.property'
Signed-off-by: Bill Roberts <bill.roberts@arm.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Jun 6 10:51:56 2024 +0900
tls-fuzzer: move SSL3 specific tests to gnutls-nocert-ssl3.json
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Jun 6 09:30:13 2024 +0900
tests: skip pthreads tests when cross compiling
These tests hangs under qemu-user-static on Fedora 40.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jun 5 16:33:16 2024 +0900
tests: testcompat-openssl-tls13: explicitly allow CCM8 ciphersuites
Since OpenSSL 3.2, CCM8 is only allowed in security level 0. This
tweaks test scripts to explicitly enable this level but only enable
TLS 1.3 to exclude any TLS 1.2 ciphersuites.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jun 5 10:48:38 2024 +0900
build: indent code using Clang 18
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jun 5 10:43:02 2024 +0900
tests: dtls/dtls-stress: silence -Wcalloc-transposed-args warning
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jun 5 10:39:38 2024 +0900
tests: mini-global-init: include <stdlib.h> for exit on Windows
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jun 5 06:50:27 2024 +0900
.gitlab-ci.yml: switch to using Fedora 40
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jun 4 09:31:31 2024 +0900
tests: add missing global_init/gnutls_global_deinit for MinGW
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jun 4 11:29:50 2024 +0900
.gitlab-ci.yml: restore MinGW tweaks
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jun 4 10:37:40 2024 +0900
.gitlab-ci.yml: bump cache version
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Bill Roberts <bill.roberts@arm.com>
Date: Fri Feb 2 14:05:55 2024 -0600
lib/accellerated: update asm and enable PAC/BTI
Update the asm sources generated from devel/openssl which have the BTI
and PAC support. Add the -mbranch-protection=standard build flag to the
generated sources. On older machines that don't have support, the
options are in the NOP space and will be NOP'd, on architectures with
support the instructions are executed as expected.
Note that this updates the ELF GNU NOTES section to indicate that BTI
and PAC are enabled. For BTI this must be in all the ELF files loaded
and linked or the feature is disabled as all execution segments need it.
After updating the asm sources via make asm-sources, you can build and
get a PAC/BTI enabled binary and test via the testsuite to verify.
readelf -n ./lib/.libs/libgnutls.so
Displaying notes found in: .note.gnu.property
Owner Data size Description
GNU 0x00000010 NT_GNU_PROPERTY_TYPE_0
Properties: AArch64 feature: BTI, PAC
Signed-off-by: Bill Roberts <bill.roberts@arm.com>
Author: Bill Roberts <bill.roberts@arm.com>
Date: Fri Feb 2 14:04:29 2024 -0600
cfg.mk: add common headers used for asm gen
The common headers are needed when generating the assembly, so make them
depencies of the build target.
Signed-off-by: Bill Roberts <bill.roberts@arm.com>
Author: Bill Roberts <bill.roberts@arm.com>
Date: Fri Feb 2 12:39:25 2024 -0600
openssl: update 3.2.1
Signed-off-by: Bill Roberts <bill.roberts@arm.com>
Author: Bill Roberts <bill.roberts@arm.com>
Date: Tue Feb 6 08:11:33 2024 -0600
ci: ignore parse errors from gcovr
The documentation for gcovr suggests this as a work around to a bug in gcovr
that cause negative hit values, which is impossible, and is not accepted by
default and will cause the CI to fail:
- https://gcovr.com/en/stable/guide/gcov_parser.html
To correct this, add option:
-gcov-ignore-parse-errors=negative_hits.warn_once_per_file
Signed-off-by: Bill Roberts <bill.roberts@arm.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Jun 2 16:50:06 2024 +0900
nettle: add a way to reset hash context
This makes gnutls_hash_output just reset the hash context without
calling out Nettle's hash digest function if DIGEST argument is NULL.
That is particularly useful when used with SHAKE, as its _shake_output
function marks ctx->index in a special way indicating incremental
output is in progress.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jan 1 12:51:38 2024 +0900
.gitlab-ci.yml: switch to using Fedora 39
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jan 15 09:02:47 2024 +0900
.gitlab-ci.yml: temporarily disable implicit library init on MinGW64
This doesn't seem to work on the latest Wine 8.19.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jan 1 12:57:55 2024 +0900
.gitlab-ci.yml: indent code using Clang 17
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Jan 14 16:57:11 2024 +0900
tests: update tlslite-ng submodule for Python asyncore deprecation
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Jun 2 09:12:15 2024 +0900
nettle: avoid symbol clash in sha3-shake.h
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed May 29 17:41:36 2024 +0900
algorithms: expose SHAKE from public API
This adds a new function gnutls_hash_squeeze, which works similarly to
gnutls_hash_output but enables to retrieve output of arbitrary length.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed May 29 17:40:55 2024 +0900
nettle: vendor-in SHAKE implementation
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed May 29 10:13:53 2024 +0900
devel: update nettle submodule
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri May 17 10:34:46 2024 +0900
shuffle_exts: avoid theoretical wrap around of unsigned integer
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Apr 30 22:28:29 2024 +0900
load_dir_certs: avoid memleak
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed May 15 10:17:41 2024 +0900
nettle: utilize nettle_cbc_aes*_encrypt for performance
While CBC encryption is inherently slow for lack of parallelisim,
Nettle >= 3.8 provides specialized AES-CBC encryption functions to
improve performance by avoiding multiple calls to block cipher
initialization. This patch makes GnuTLS use those functions if
available.
Here are the results of benchmark:
* GNUTLS_CPUID_OVERRIDE=0x1, without nettle_cbc_aes*_encrypt:
Checking cipher-MAC combinations, payload size: 16384
AES-128-CBC-SHA1 0.90 GB/sec
AES-128-CBC-SHA256 0.88 GB/sec
Checking ciphers, payload size: 16384
AES-128-CBC 1.56 GB/sec
* GNUTLS_CPUID_OVERRIDE=0x1, with nettle_cbc_aes*_encrypt:
Checking cipher-MAC combinations, payload size: 16384
AES-128-CBC-SHA1 1.08 GB/sec
AES-128-CBC-SHA256 1.05 GB/sec
Checking ciphers, payload size: 16384
AES-128-CBC 2.16 GB/sec
* GNUTLS_CPUID_OVERRIDE unset:
Checking cipher-MAC combinations, payload size: 16384
AES-128-CBC-SHA1 1.13 GB/sec
AES-128-CBC-SHA256 1.05 GB/sec
Checking ciphers, payload size: 16384
AES-128-CBC 2.24 GB/sec
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Apr 30 10:17:37 2024 +0900
Support PBMAC1 usage in PKCS#12
This allows usage of PBMAC1 as the MAC to verify a PKCS#12 structure,
following draft-ietf-lamps-pkcs12-pbmac1[1]. While the MAC
verification is transparent, the generation requires a new API
gnutls_pkcs12_generate_mac3 to be used with the
GNUTLS_PKCS12_USE_PBMAC1 flag.
certtool has also been extended with the --pbmac1 option, which can be
used in combination with --to-p12.
1. https://datatracker.ietf.org/doc/draft-ietf-lamps-pkcs12-pbmac1/
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue May 14 12:40:38 2024 +0900
gnutls_pkcs12_generate_mac2: factor out mac generation logic
This would allow us to easily implement PBMAC1 usage in PKCS#12.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue May 14 11:09:21 2024 +0900
pkcs7-crypt: output keyLength in PBKDF2 only if it is greater than 0
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue May 14 10:48:43 2024 +0900
pkcs7-crypt: use _gnutls_x509_write_uint32 as possible
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue May 14 10:24:03 2024 +0900
_gnutls_x509_read_uint: accept values greater than 0x7FFFFFFF
_gnutls_x509_read_uint previously only accepted integer values encoded
in 4 bytes without checking if the first byte indicates a negative
integer in 2's complement format. This adds the check and also avoid
unnecessary memory allocation.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri May 10 14:57:32 2024 +0900
.gitlab-ci.yml: run fedora-threadsan/build without ASLR
ThreadSanitizer doesn't cope well with newer kernel (>= 6.6.x) when
ASLR is enabled:
https://github.com/google/sanitizers/issues/1716
This disables ASLR locally around the fedora-threadsan tasks.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri May 10 09:05:01 2024 +0900
.gitlab-ci.yml: Bump cache version
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu May 9 23:29:30 2024 +0900
.gitlab-ci.yml: use correct tag for GitLab 1.70 deployment
The "shared", "linux", and "docker" tags we use to select shared CI
runners are consolidated into "saas-linux-small-amd64" in GitLab 1.70:
https://docs.gitlab.com/ee/update/deprecations.html#removal-of-tags-from-small-saas-runners-on-linux
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon May 6 07:46:29 2024 +0900
build: fix confusions between libtasn1 and GnuTLS error codes
libtasn1 error codes returned from asn1_{read,write}_value are always
positive. Check against ASN1_SUCCESS instead.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Kai Pastor <dg0yt@darc.de>
Date: Wed Apr 24 07:36:22 2024 +0200
Fix configuration with multi-word GMP_LIBS.
Signed-off-by: Kai Pastor <dg0yt@darc.de>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Thu Apr 11 17:53:06 2024 +0200
Prevent GCOVR from returning NegativeHits exception
see https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68080
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Wed Apr 10 12:51:33 2024 +0200
Fix RSAES-PKCS1-v1_5 system-wide configuration
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Wed Apr 3 13:03:21 2024 +0200
Release 3.8.5
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Tue Mar 26 11:48:58 2024 +0100
Add option to disable RSAES-PKCS1-v1_5
A new option `allow-rsa-pkcs1-encrypt` has been added into the
system-wide library configuration which allows to enable/disable
the RSAES-PKCS1-v1_5. Currently, the RSAES-PKCS1-v1_5 is enabled
by default.
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Alyssa Ross <hi@alyssa.is>
Date: Mon Mar 25 10:17:29 2024 +0000
Mangle/hide GNUTLS-built nettle_rsa_compute_root_tr()
Since bfb326f6e ("nettle: plumb RSA-OAEP in the Nettle crypto backend"),
building gnutls statically fails due to a duplicate definition of
nettle_rsa_compute_root_tr (which comes from "rsa_compute_root_tr" being
replaced by a preprocessor macro).
This patch fixes this by renaming the GNUTLS version by redefining the
value of the rsa_compute_root_tr macro.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Mar 22 12:47:00 2024 +0900
x509: support PBES1-DES-SHA1
PBES1 with single DES backed by SHA-1 hash is used to parse legacy
PKCS#8 file in GCR.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Mar 26 20:18:08 2024 +0900
nettle: avoid potential memleak with GMP older than 6.2.0
As GMP 6.1.0 or ealier eagerly allocates memory at mpz_init_set_str,
if the operand is already initialized, it will cause a small leak.
See also: https://gmplib.org/repo/gmp/rev/f049e75390fc
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Mar 25 06:45:39 2024 +0900
gnutls_privkey_decrypt_data: don't free plaintext on failure
As _wrap_nettle_pk_decrypt uses a locally allocated buffer for the
plaintext, it doesn't need to free the plaintext given by the caller.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Mar 22 10:48:02 2024 +0900
nettle: plumb RIPEMD160
RIPEMD160 is still used by GnuTLS to calculate fingerprint for an
OpenPGP key when displaying it:
- https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=g10/keyid.c;h=7e4c50b59de8c25756c5ce890deecab233f19b53;hb=refs/heads/master#l800
- https://gitlab.gnome.org/GNOME/gcr/-/blob/f3c95db45099dff288986aa367007da1e855a3d0/gcr/gcr-openpgp.c#L268
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Mon Mar 18 12:48:32 2024 +0100
Release 3.8.4
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jan 12 17:56:58 2024 +0900
nettle: avoid normalization of mpz_t in deterministic ECDSA
This removes function calls that potentially leak bit-length of a
private key used to calculate a nonce in deterministic ECDSA. Namely:
- _gnutls_dsa_compute_k has been rewritten to work on always
zero-padded mp_limb_t arrays instead of mpz_t
- rnd_mpz_func has been replaced with rnd_datum_func, which is backed
by a byte array instead of an mpz_t value
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jan 29 13:52:46 2024 +0900
gnutls_x509_trust_list_verify_crt2: remove length limit of input
Previously, if cert_list_size exceeded DEFAULT_MAX_VERIFY_DEPTH, the
chain verification logic crashed with assertion failure. This patch
removes the restriction while keeping the maximum number of
retrieved certificates being DEFAULT_MAX_VERIFY_DEPTH.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Dimitri Papadopoulos <3350651-DimitriPapadopoulos@users.noreply.gitlab.com>
Date: Sat Mar 16 13:48:01 2024 +0100
Fix a few typos found by codespell
Signed-off-by: Dimitri Papadopoulos <3350651-DimitriPapadopoulos@users.noreply.gitlab.com>
Author: Stanislav Zidek <szidek@redhat.com>
Date: Thu Mar 14 12:57:25 2024 +0100
TLS interoperability: updated tests
Signed-off-by: Stanislav Zidek <szidek@redhat.com>
Author: Stanislav Zidek <szidek@redhat.com>
Date: Wed Mar 6 14:06:05 2024 +0100
TLS interoperability: test actual compiled master
Previously, system (fedora) version of GnuTLS was used in TLS
interoperability tests.
fedora-ktls/build was repurposed for native (as similar as possible)
fedora build and both unit- and interop- tests are running with
this build.
Signed-off-by: Stanislav Zidek <szidek@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Mar 14 09:01:52 2024 +0900
NEWS: Mention RSA-OAEP support [ci skip]
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Mar 10 06:58:46 2024 +0900
x509: fix reading of MGF-1 OID
asn1_read_value may return error code in a positive integer thus the
previous code could lead to an access to uninitialized value. This is
a regression in the RSA-OAEP support. Spotted by oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67300
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Mar 8 12:48:09 2024 +0900
tests: add test for RSA-OAEP cert generation with certtool
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Mon Mar 4 13:41:22 2024 +0100
Fix mingw build on fedora
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Ramesh Adhikari <adhikari.resume@gmail.com>
Date: Mon Mar 4 01:48:06 2024 +0000
Fix typo in fallback _gnutls_no_log macro alias in errors.h
Previously, when C99_MACROS is not defined, _gnutls_no_log was
expanded to _gnutle_null_log and thus caused a compilation error.
Reported by Andrew Lilley Brinker in:
https://gitlab.com/gnutls/gnutls/-/issues/1530
Signed-off-by: Ramesh <adhikari.resume@gmail.com>
Author: Sahil Siddiq <icegambit91@gmail.com>
Date: Mon Mar 4 02:03:09 2024 +0530
Remove duplicate line in eagain-common.h
HANDSHAKE(c, s) has already been defined on line
64. Hence, the macro on line 96 can be removed.
Signed-off-by: Sahil Siddiq <icegambit91@gmail.com>
Author: Sahil Siddiq <icegambit91@gmail.com>
Date: Mon Mar 4 01:46:37 2024 +0530
tests: rewrite 'hello_retry_request' as single process
Part of issue #1472.
https://gitlab.com/gnutls/gnutls/-/issues/1472
Signed-off-by: Sahil Siddiq <icegambit91@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Feb 18 07:10:53 2024 +0900
crypto-selftests-pk: add test case for RSA-OAEP
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Feb 8 20:32:53 2024 +0900
tests: add basic test for RSA-OAEP encryption
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Feb 8 18:40:00 2024 +0900
certtool: support generating RSA-OAEP private key
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Feb 8 18:39:41 2024 +0900
abstract: plumb RSA-OAEP in the abstract key types API
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Feb 8 18:39:23 2024 +0900
x509: plumb RSA-OAEP in X.509 interface
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Feb 16 17:03:33 2024 +0900
_gnutls_x509_decode_string: tolerate empty strings
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Feb 8 18:38:44 2024 +0900
nettle: plumb RSA-OAEP in the Nettle crypto backend
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Feb 23 09:03:46 2024 +0900
tests: support KAT in (EC)DH tests
While the logic existed, known answer tests were omitted in
tests/dh-compute, tests/dh-compute2, tests/ecdh-compute, and
tests/ecdh-compute2. This enables the support for it as well as fixes
a couple of issues in the logic: avoid using `success` variable as it
shadows the helper function with the same name defined in
tests/utils.h, invert the memcmp condition, and properly use peer_x
and peer_y in place of x and y in ecdh-compute2.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Feb 8 15:32:37 2024 +0900
spki: support RSA-OAEP parameters
This adds a new API gnutls_x509_spki_{get,set}_rsa_oaep_params to
retrieve and store RSA-OAEP parameters embedded in
SubjectPublicKeyInfo.
As RSA-OAEP labels are allocated, this also adds copy and clear method
on the gnutls_x509_spki_st struct and use them extensively instead of
memcpy and memset.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Feb 8 17:07:39 2024 +0900
algorithms: register RSA-OAEP
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Feb 8 20:38:33 2024 +0900
nettle: vendor-in RSA-OAEP implementation
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Aug 19 12:32:27 2022 +0900
build: allow GMP to be statically linked
Even though we set the custom allocator[1] to zeroize sensitive data,
it can be easily invalidated if the application sets its own custom
allocator. An approach to prevent that is to link against a static
library of GMP, so the use of GMP is privatized and the custom
allocator configuration is not shared with other applications.
This patch allows libgnutls to be linked with the static library of
GMP. Note that, to this work libgmp.a needs to be compiled with -fPIC
and libhogweed in Nettle is also linked to the static library of GMP.
1. https://gitlab.com/gnutls/gnutls/-/merge_requests/1554
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Thu Feb 15 13:29:46 2024 +0100
tests: rename testdir of pkcs11-tool.sh
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Wed Feb 14 12:25:25 2024 +0100
tests: skip pkcs11-tool.sh in FIPS mode
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Xin Long <lucien.xin@gmail.com>
Date: Thu Feb 1 17:21:05 2024 -0500
lib: fix a potential segfault in _gnutls13_recv_finished
In _gnutls13_recv_finished(), 'buf' is not initialized or set when
_gnutls13_compute_finished() returns an err, and goto cleanup may
cause a segfault crash as it frees the uninitialized buf.allocd in
_gnutls_buffer_clear().
So fix it by return if _gnutls13_compute_finished() returns an err
in _gnutls13_recv_finished().
Signed-off-by: Xin Long <lucien.xin@gmail.com>
Author: Xin Long <lucien.xin@gmail.com>
Date: Thu Feb 1 16:50:22 2024 -0500
lib: fix a segfault in _gnutls13_recv_end_of_early_data
A crash occur in my app that uses gnutls13 early data, stack trace:
#0 free (libc.so.6 + 0x97bf0)
#1 _gnutls_buffer_clear (libgnutls.so.30 + 0x77c8c)
#2 _gnutls13_recv_end_of_early_data (libgnutls.so.30 + 0xaf308)
#3 _gnutls13_handshake_server (libgnutls.so.30 + 0x42d6c)
#4 handshake_server (libgnutls.so.30 + 0x4ff6c)
The root cause is that _gnutls_buffer_clear() was trying to free
'buf' that is not initialized or set if GNUTLS_NO_END_OF_EARLY_DATA
flag is set on server side.
This patch fixes it by simply initializing buf at the begginning of
_gnutls13_recv_end_of_early_data().
Signed-off-by: Xin Long <lucien.xin@gmail.com>
Author: Avinash Sonawane <rootkea@gmail.com>
Date: Tue Feb 13 22:39:49 2024 +0530
lib/x509/x509.c: add missing argument to macro invokation
Signed-off-by: Avinash Sonawane <rootkea@gmail.com>
Author: Avinash Sonawane <rootkea@gmail.com>
Date: Tue Feb 13 15:07:32 2024 +0530
lib/mpi.c: extract flag correctly
Signed-off-by: Avinash Sonawane <rootkea@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Jan 27 11:09:18 2024 +0900
serv: fix memleak when a connected client disappears
Reported by Hubert Kario.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jan 23 11:54:32 2024 +0900
ktls: fix kernel version checking using utsname
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Fri Jan 19 14:22:35 2024 +0100
Make compression libraries dynamically loadable
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jan 16 14:51:36 2024 +0900
Release 3.8.3
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jan 10 19:13:17 2024 +0900
rsa-psk: minimize branching after decryption
This moves any non-trivial code between gnutls_privkey_decrypt_data2
and the function return in _gnutls_proc_rsa_psk_client_kx up until the
decryption. This also avoids an extra memcpy to session->key.key.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Jan 11 15:45:11 2024 +0900
x509: detect loop in certificate chain
There can be a loop in a certificate chain, when multiple CA
certificates are cross-signed with each other, such as A → B, B → C,
and C → A. Previously, the verification logic was not capable of
handling this scenario while sorting the certificates in the chain in
_gnutls_sort_clist, resulting in an assertion failure. This patch
properly detects such loop and aborts further processing in a graceful
manner.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Clemens Lang <cllang@redhat.com>
Date: Fri Jan 12 11:12:14 2024 +0100
fips: Zeroize temporary values
The standard says "temporary value(s) generated during the integrity
test of the module's software […] shall be zeroised from the module upon
completion of the integrity test".
That includes the computed HMAC value, which is currently not zeroized
after the test. Add explicit calls to gnutls_memset() to fix that.
Signed-off-by: Clemens Lang <cllang@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jan 15 10:42:26 2024 +0900
.gitlab-ci.yml: bump cache version
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Clemens Lang <cllang@redhat.com>
Date: Fri Jan 12 11:32:22 2024 +0100
.gitlab-ci.yml: Adjust to Alpine Linux' clang-format path change
According to Alpine Linux' package database search functionality, the
clang16-extra-tools package now installs clang-format in
/usr/lib/llvm16/bin/clang-format.
/usr/bin/clang-format is provided by clang17-extra-tools instead, but
requires changes in formatting. Add /usr/lib/llvm16/bin to PATH for the
formatting script to continue using the previous version.
Signed-off-by: Clemens Lang <cllang@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Jan 14 16:53:15 2024 +0900
tests: suppress leaks in libsofthsm2
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jan 1 14:26:08 2024 +0900
tests/pkcs11-tool.sh: skip if neither p11tool nor certool is built
When compiled with --disable-tools, we can't assume p11tool and
certool are available. This also switches to using create_testdir and
locate any intermediate files under a temporary directory which is
cleaned up at exit.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jan 1 12:51:16 2024 +0900
Update year of copyright notices in doc/gnutls.texi
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Jakub Jelen <jjelen@redhat.com>
Date: Fri Dec 1 18:16:05 2023 +0100
tests: Reproducer for regression in parent (requires opensc installed)
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Author: Jakub Jelen <jjelen@redhat.com>
Date: Thu Nov 30 11:30:30 2023 +0100
pkcs11: Unbreak importing EdDSA keys with curve name in parameters
Fixes: #1515
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Author: Mark Harfouche <mark.harfouche@gmail.com>
Date: Mon Nov 27 12:20:23 2023 +0000
specify osstatus_error takes in an OSStatus as its first argument
Signed-off-by: Mark Harfouche <mark.harfouche@gmail.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Fri Oct 20 13:43:46 2023 +0200
Release 3.8.2
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Oct 23 09:26:57 2023 +0900
auth/rsa_psk: side-step potential side-channel
This removes branching that depends on secret data, porting changes
for regular RSA key exchange from
4804febddc2ed958e5ae774de2a8f85edeeff538 and
80a6ce8ddb02477cd724cd5b2944791aaddb702a. This also removes the
allow_wrong_pms as it was used sorely to control debug output
depending on the branching.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Nov 10 15:54:01 2023 +0900
tests: ktls.sh: skip if kernel version is older than 5.11
The test assumes that CHACHA20-POLY1305 ciphersuites are available,
though they were added in 5.11.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Nov 10 15:49:53 2023 +0900
ktls: check Linux kernel version at run time
When a GnuTLS application runs in a container guest and the host
kernel is older than expected, it fails at initializing KTLS. This
adds a check at run time, using uname.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Nov 9 17:17:36 2023 +0900
x509: clarify the calling convention of AIA callbacks
This updates the documentation of
gnutls_x509_trust_list_set_getissuer_function to explicitly mention
that the callback shall initialize the output arguments upon
successful call, even if the result is empty.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Nov 9 13:33:13 2023 +0900
cli: fix --ca-auto-retrieve crash when no caIssuer is present in AIA
Previously, when caIssuer URI is not present in the certificate's AIA
extension, the callback successfully returned 0, but didn't initialize
the output arguments, resulting in a segmentation fault in the caller.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Ajit Singh <ajeetsinghchahar2@gmail.com>
Date: Mon Nov 6 15:45:10 2023 +0530
handshake.c: Fixed a missing goto statement
Signed-off-by: Ajit Singh <ajeetsinghchahar2@gmail.com>
Author: Frediano Ziglio <freddy77@gmail.com>
Date: Sun Nov 5 17:47:44 2023 +0000
lib: Use correct transport getting error number
For write we need to use transport_send_ptr, not transport_recv_ptr.
Signed-off-by: Frediano Ziglio <freddy77@gmail.com>
Author: Dimitri Papadopoulos <3350651-DimitriPapadopoulos@users.noreply.gitlab.com>
Date: Thu Oct 26 00:17:33 2023 +0200
.lgtm.yml: remove LGTM.com configuration file
LGTM.com has been deprecated and replaced by GitHub code analysis:
https://github.blog/2022-08-15-the-next-step-for-lgtm-com-github-code-scanning/
Signed-off-by: Dimitri Papadopoulos <3350651-DimitriPapadopoulos@users.noreply.gitlab.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Oct 18 08:21:05 2023 +0900
NEWS: mention KTLS support in FreeBSD [ci skip]
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Clemens Lang <cllang@redhat.com>
Date: Wed Oct 18 10:50:08 2023 +0200
CONTRIBUTING.md: Fix file name in reviewer checklist
The coding guidelines are in CONTRIBUTING.md, not CONTRIBUTION.md (which
does not exist).
Signed-off-by: Clemens Lang <cllang@redhat.com>
Author: xuraoqing <xuraoqing@huawei.com>
Date: Wed Aug 23 11:56:03 2023 +0800
srptool: rework entry parsing without indexing
This simplifies the loop matching and parsing an SRP entry,
considering the buffer read with fgets is always NUL-terminated.
Signed-off-by: xuraoqing <xuraoqing@huawei.com>
Modified-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Oct 18 05:24:33 2023 +0900
.gitlab-ci.yml: disable p11-kit for MinGW builds
Currently, tests are failing with page fault in MinGW64 builds if
p11-kit is enabled. This temporarily disables it.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Oct 13 17:36:57 2023 +0900
cli: add --starttls-name option
Some deployment of application protocols, such as XMPP, require a
different hostname than the host being connected. This adds a new
option, --starttls-name, to gnutls-cli to specify it separately.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Oct 7 17:25:45 2023 +0900
.gitlab-ci.yml: hook devel/check-headers.sh in .pre target
This adds devel/check-headers.sh in the .pre target phase so any
inconsistent header inclusion would be detected early in the CI.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Oct 7 17:24:02 2023 +0900
devel: make local header inclusion consistent
This is the result of running devel/check-headers.sh --format on all
.c and .h files under lib.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Oct 7 17:17:39 2023 +0900
devel: add script to fix header inclusion
This adds check-headers.sh script which scans .c files and checks that
local header files under lib/ are consistently included with #include
"foo.h" instead of #include <foo.h>.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Yongye Zhu <zyy1102000@gmail.com>
Date: Wed Oct 4 09:26:14 2023 +0000
ktls: add support for FreeBSD
This extend the KTLS support to FreeBSD, with the AES-GCM-128, AES-GCM-256, and ChaCha20-Poly1305 ciphersuites.
Signed-off-by: Yongye Zhu <zyy1102000@gmail.com>
Reviewed-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Sep 28 11:38:36 2023 +0900
pkcs11: support Ed448 keys
This adds support for Ed448 keys backed by PKCS#11. To differentiate
Ed448 keys from Ed25519 keys, this requires an extra logic to check
CKA_EC_PARAMS when reading public keys.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Sep 28 11:37:15 2023 +0900
tests: refactor pkcs11-privkey-generate
This factors out key generation logic into a separate function so we
can easily extend the test to cover more key types.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Sep 23 15:37:03 2023 +0900
pkcs11: fix key pair generation for EdDSA
Previouly we used the CKM_EDDSA mechanism to generate key pair, though
the mechanism can only be used for signing and verification as
specified in PKCS#11 3.1 section 6.3. For key generation, the
CKM_EC_EDWARDS_KEY_PAIR_GEN mechanism (or
CKM_EC_MONTGOMERY_KEY_PAIR_GEN, if the point is represented in the
Montgomery form) needs to be used.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Dimitri Papadopoulos <3350651-DimitriPapadopoulos@users.noreply.gitlab.com>
Date: Sun Sep 17 16:29:38 2023 +0200
doc: fix typos found by codespell
Signed-off-by: Dimitri Papadopoulos <3350651-DimitriPapadopoulos@users.noreply.gitlab.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Sep 11 13:59:45 2023 +0900
gnutls_privkey_generate2: allow missing Q for DH
As the Q parameter is optional in the gnutls_dh_params_t, this allows
generating Diffie-Hellman private key without that parameter.
While it is mandatory in FIPS mode, it is ensured when generating the
DH parameters or importing through gnutls_dh_params_import_raw3.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Sep 10 20:19:13 2023 +0900
abstract: add gnutls_pubkey_export_dh_raw
This adds gnutls_pubkey_export_dh_raw, a public key counterpart of
gnutls_privkey_export_dh_raw. This also replaces the P, Q, G
parameters with gnutls_dh_params_t in the function signatures to avoid
unnecessary serialization of bignums.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Miroslav Lichvar <mlichvar@redhat.com>
Date: Mon Sep 11 10:45:39 2023 +0200
cipher: fix AES-SIV-GCM key lengths
Fix provided key lengths of AES-SIV-GCM ciphers, which have halved keys
when compared to AES-SIV-CMAC.
Signed-off-by: Miroslav Lichvar <mlichvar@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Sep 11 07:23:51 2023 +0900
gnutls_pubkey_import_privkey: support GNUTLS_PK_DH
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Sep 6 14:55:10 2023 +0900
NEWS: mention AES-GCM-SIV support
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Sep 6 14:02:43 2023 +0900
nettle: expose SIV-GCM through the AEAD interface
This adds a couple of new cipher algorithms GNUTLS_CIPHER_AES_128_SIV_GCM
and GNUTLS_CIPHER_AES_256_SIV_GCM, exposing nettle_siv_gcm_aes{128,256}*
functions.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Sep 6 13:34:27 2023 +0900
nettle: vendor-in SIV-GCM implementation
This imports SIV-GCM implementation from Nettle 3.9.1, while still
assuming Nettle 3.6 as the baseline. As such, only non-optimized
implementation is imported. Performance critical applications are
advised to build GnuTLS with Nettle 3.9.1 or later.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Sep 5 09:39:28 2023 +0900
devel: update nettle submodule
This updates nettle submodule to the 3.9.1 release.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Apr 12 08:17:44 2022 +0200
gnutls_privkey_derive_secret: new function
This adds a new function gnutls_privkey_derive_secret, which can be
used in conjunction with the other key import or key generation API to
calculate shared secret.
Key import can be done with gnutls_{pubkey,privkey}_import_ecc_raw for
ECDH and gnutls_{pubkey,privkey}_import_dh_raw for FFDH, while key
generation could be done with gnutls_privkey_generate2 with respective
algorithms (e.g., GNUTLS_PK_ECDH_X25519) and key generation parameters
in gnutls_keygen_data_st format.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Aug 31 13:55:58 2023 +0900
abstract, x509: add functions to import and export DH keys
This adds a couple of functions to import and export Diffie-Hellman
private keys. While it shares the structure as DSA, it differs in q
parameter which is optional in Diffie-Hellman and the algorithm
ID: GNUTLS_PK_DH vs GNUTLS_PK_DSA.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Sep 3 10:20:37 2023 +0900
abstract, x509: refactor raw DSA key import logic
This switches to using DSA_{P,Q,G,X,Y} instead of magic number, and
adds check for required parameters.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Sep 3 10:36:13 2023 +0900
mpi: remove unnecessary integer size conversion
The following pattern:
```c
size_t siz = prime->size;
if (_gnutls_mpi_init_scan_nz(&tmp_prime, prime->data, siz)) {
...
}
```
was previously written as:
```c
size_t siz = prime->size;
if (_gnutls_mpi_scan_nz (&tmp_prime, prime->data, &siz))
...
}
```
Now that _gnutls_mpi_init_scan_nz takes an immediate integer instead
of a pointer, we don't need to account for the integere size and thus
no conversion should be necessary.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Aug 31 09:21:23 2023 +0900
gnutls_privkey_generate2: accept DH parameters
This adds a new GNUTLS_KEYGEN_DH type for gnutls_keygen_data_st, so
gnutls_privkey_generate2 can use pre-generated DH parameters instead
of newly generated ones.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Apr 12 08:28:22 2022 +0200
gnutls_privkey_import_ecc_raw: allow X25519/X448 curves
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Apr 12 08:21:12 2022 +0200
gnutls_pubkey_import_ecc_raw: allow X25519/X448 curves
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Aug 28 15:47:04 2023 +0900
tests: ignore SIGPIPE in forking tests if the parent is TLS client
If the tests are forking and the parent process is a client, care must
be taken to handle SIGPIPE reported by the child process (server) when
the client closes the connection.
This hadn't been exposed until commit
dd79ac9bcf90012e090726adf7c1940bcce8333f, thanks to the fact that the
parent process kept the other pipe end which effectively prevented a
"broken pipe".
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Aug 23 10:43:54 2023 +0900
benchmark: use fallback gettime provided by Gnulib's timespec module
If CLOCK_PROCESS_CPUTIME_ID is not defined, a fallback gettime
function was defined as an inline function. Given that "timespec.h"
from Gnulib already defines such a fallback function with the same
name, it's not necessary to redefine it. This should fix the build
issue with Clang:
In file included from ../../gnutls-3.8.1/src/cli.c:65:
../../gnutls-3.8.1/src/benchmark.h:38:20: error: static declaration of 'gettime' follows non-static declaration
inline static void gettime(struct timespec *ts)
^
../../gnutls-3.8.1/src/gl/timespec.h:93:6: note: previous declaration is here
void gettime (struct timespec *) _GL_ARG_NONNULL ((1));
^
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Aug 22 10:43:38 2023 +0900
.gitlab-ci.yml: bundle libssp-0.dll in the Windows archive
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Sam James <sam@gentoo.org>
Date: Mon Aug 7 08:23:50 2023 +0100
configure.ac: Avoid noise when faketime is not available
We already checked for whether faketime is installed, so don't try to call it
if we couldn't find a path to it.
This avoids noise like:
```
checking for faketime... no
checking for datefudge... no
checking whether faketime program works... 1691391464
/var/tmp/portage/net-libs/gnutls-3.8.1/work/gnutls-3.8.1/configure: line 11540: 2006-09-23 00:00:00: command not found
/var/tmp/portage/net-libs/gnutls-3.8.1/work/gnutls-3.8.1/configure: line 11540: test: =: unary operator expected
no
```
Bug: https://bugs.gentoo.org/911833
Signed-off-by: Sam James <sam@gentoo.org>
Author: Adrian Bunk <bunk@debian.org>
Date: Sun Aug 6 22:46:22 2023 +0300
Move the GNUTLS_NO_EXTENSIONS compatibility #define to gnutls.h
Signed-off-by: Adrian Bunk <bunk@debian.org>
Author: Samuel Thibault <samuel.thibault@ens-lyon.org>
Date: Sun Aug 6 20:37:31 2023 +0200
Fix build on GNU/Hurd
GNU/Hurd does not define an arbitrary PATH_MAX limitation, so pathbuf
can define its own abitrary limitation.
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Thu Aug 3 11:52:04 2023 +0200
Release 3.8.1
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Thu Aug 3 14:09:33 2023 +0200
Safeguard against overflow inside pkcs11_find_objects
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Tue Jul 25 16:23:49 2023 +0200
Refactor pkcs11_find_objects to use p11-kit iterator
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jul 31 23:46:19 2023 +0900
tests: propagate $CFLAGS in pkgconfig.sh
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jul 31 11:54:27 2023 +0900
.gitlab-ci.yml: re-enable i686 cross build
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jul 31 17:38:02 2023 +0900
doc: fix C++ example compilation on MinGW
The examples under doc/examples/ are compiled with Gnulib, which
overrides write if it's not available, as a macro. This conflicts
with the usage of std::iostream::write in ex-cxx.cpp. To avoid the
build issue, use a custom namespace to hide it, as suggested in:
https://www.gnu.org/software/gnulib/manual/html_node/A-C_002b_002b-namespace-for-gnulib.html
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Thu Jul 27 10:36:48 2023 +0200
Reduce the number of objects received per iteration in pkcs11_find_objects
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jul 24 09:14:20 2023 +0200
.gitlab-ci.yml: drop use of Debian cross images
Due to licensing concern, we had to remove the Debian-based CI images
for cross compilation. Some of them are already covered by the
Fedora-based CI images, though it would be nice if the following are
added back:
- x86 (32-bit): maybe we could just use -m32 on Fedora image,
similarly to mingw targets
- Arm (32-bit)
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Jul 23 08:17:32 2023 +0200
.gitlab-ci.yml: enable use of Fedora cross toolchain
This adds new tests for cross-compiling to AArch64, PowerPC 64 (LE),
and s390x through the CI image based on Fedora 38. The main advantage
of doing this is that the toolchain version is in sync with the
current Fedora native builds.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Jul 20 08:54:36 2023 +0200
accelerated: check nonce length in aead_{encrypt,decrypt}
This propagates any IV length mismatch detected as an error, in the
accelerated code for x86.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Jul 20 08:49:30 2023 +0200
nettle: check nonce length in aead_{encrypt,decrypt}
This adds a missing check on the maximum IV length in aead_encrypt and
aead_decrypt, to the Nettle crypto backend.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Elias Gustafsson <elias.skondal@gmail.com>
Date: Tue Apr 4 02:16:04 2023 +0200
tests: add negative serial number test
Signed-off-by: Elias Gustafsson <elias.skondal@gmail.com>
Author: Elias Gustafsson <elias.skondal@gmail.com>
Date: Tue Apr 4 02:07:21 2023 +0200
certtool: reject negative serial numbers
Signed-off-by: Elias Gustafsson <elias.skondal@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jul 10 14:53:35 2023 +0200
tests: use template file for generating long DNS certificate request
Instead of an interaction file, which causes problems on Windows when
reading a password from tty.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Jul 8 14:47:19 2023 +0200
tests: fix error code in ocsp-tests/ocsp-must-staple-connection.sh
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Jul 8 14:42:33 2023 +0200
tests: print diff when cert-tests/crq.sh produces unexpected output
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Jul 8 06:36:39 2023 +0200
build: remove unused backward compatibility macro
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jul 7 15:48:19 2023 +0200
tests: remove unnecessary calls to skip_if_no_datefudge
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jul 5 17:00:40 2023 +0200
NEWS: mention --attime option
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jul 5 17:45:54 2023 +0200
tests: use SH_LOG_COMPILER in cert-tests
This omits the need of setting executable bits on shell script tests,
as well as makes the log file naming consistent.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Jul 8 06:29:17 2023 +0200
gnutls-serv, gnutls-cli, gnutls-cli-debug: add --attime option
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Wilbur Wetterquarz <freaxmate@protonmail.com>
Date: Wed Mar 22 01:00:09 2023 +0100
certtool: add --attime option
This adds a --attime option to certtool, so the tests don't need
faketime or datefudge to adjust system time.
Signed-off-by: Wilbur Wetterquarz <freaxmate@protonmail.com>
Modified-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Jul 6 14:30:52 2023 +0200
ocsptool: fix memleak spotted by ASan
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Pravek Sharma <sharmapravek@gmail.com>
Date: Sun Mar 12 22:31:33 2023 -0400
ocsptool: add --attime option
This adds a --attime option to ocsptool, so the tests don't need
faketime or datefudge to adjust system time.
Signed-off-by: Pravek Sharma <sharmapravek@gmail.com>
Modified-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jul 5 17:28:47 2023 +0200
system: override gettime if time is overridden
If the gnutls_time is manually set by user, it would be more intuitive
to also update gnutls_gettime to use it internally.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jul 5 15:55:16 2023 +0200
tests: detect faketime at configure time
Previously, the test suite checked the existence of faketime or
datefudge at "make check", multiple times when it is needed. This
moves the check to configure and check it only once.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Co-authored-by: Andreas Metzler <ametzler@bebt.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jul 4 09:47:52 2023 +0200
priority: add config keyword "tls-session-hash"
This adds a new keyword in the configuration file, "tls-session-hash",
which shall appear in the [overrides] section and takes either
"request" or "require" as the argument. This is particularly useful
when reverting the EMS requirement in FIPS mode for interoperability
reasons.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Jun 29 10:04:51 2023 +0200
tls1-prf: mark use of non-EMS PRF non-approved in FIPS
This adds service indicator transitions around the use of TLS 1.2 PRF.
As of May 16, 2023, the use of extended master secret is mandatory
according to FIPS 140-3 IG. This patch detects the usage of non-EMS
KDF by checking the label: if it is "master secret", the service
indicator transitions to a non-approved state.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sun Jun 4 14:15:45 2023 +0200
Fix update-copyright-year target for switch from GNU autogen
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sun Jun 4 13:53:43 2023 +0200
Automate and fix manpage copyright year update
Handle manpage copyright year update in update-copyright-year
target, and fix the library manpage copyright year statement, $(YEAR)
expanded to an empty string
Broken by: 5a58370864e04f5dbb05b0ae453e6fa592a93175
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sat Jun 3 13:27:53 2023 +0200
Bump manpage copyright year
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jun 5 16:47:36 2023 +0200
tests: re-add test-ciphersuite-names.sh to TESTS
The test was removed from TESTS in commit
5e52b0d0fec0d9eaac30ca8f35fd7b8368064222.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Jun 1 16:08:24 2023 +0200
tests: update tests/suite/ciphersuite after a96b04ff
The commit a96b04ffcf8fd7375dc3c0f90602bf679f5a9791 introduced a new
field in gnutls_cipher_suite_entry_st for gnutls_ciphersuite_get. The
scan-gnutls.sh script needs to be updated to correctly parse the
ciphersuites list. This also fixes the include path so the test
doesn't require gnutls to be installed on the system.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jul 7 13:18:20 2023 +0200
tests: make testcompat-openssl-tls13-serv.sh less flaky
Bash has a special variable GROUPS[1] which clashes with our use in
testcompat-openssl-tls13-serv.sh as a list of key exchange groups.
This avoids using it as well as expands the logging message to
indicate what is tested.
1. https://www.gnu.org/software/bash/manual/html_node/Bash-Variables.html#index-GROUPS
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jul 7 10:07:26 2023 +0200
lib: suppress -Wmaybe-uninitialized warning
Spotted by GCC 13:
pkcs11.c: In function 'gnutls_pkcs11_token_get_info':
pkcs11.c:2535:25: error: 'str' may be used uninitialized [-Werror=maybe-uninitialized]
2535 | memcpy(output, str, len);
| ^~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jun 7 16:44:00 2023 +0200
lib: suppress false-positive -Wanalyzer-out-of-bounds
GCC analyzer from GCC 13 reports this:
verify-high.c:1471:21: error: stack-based buffer over-read [CWE-126] [-Werror=analyzer-out-of-bounds]
1471 | if (gnutls_x509_trust_list_get_issuer(
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1472 | list, cert_list[i - 1], &issuer,
This is false-positive, as i is always in a range 0 < i < cert_list_size.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jun 7 11:54:54 2023 +0200
lib: suppress false-positive -Wanalyzer-deref-before-check
GCC analyzer from GCC 13 reports an error when a pointer dereference
followed by a memcpy:
x509_dn.c:54:17: error: check of '*name.data' for NULL after already dereferencing it [-Werror=analyzer-deref-before-check]
54 | memcpy(_oid, name->data, name->size);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This is a false-positive, because we check name->size is > 0 on a
previous line.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jun 7 11:43:32 2023 +0200
src: suppress clang-analyzer warning
clang-analyzer from Clang 16 reports the following:
serv.c:2069:2: warning: Null pointer passed to 1st parameter expecting 'nonnull' [core.NonNullParamChecker]
memcpy(cache_db[i].session_data.data, data.data, data.size);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jun 6 09:30:50 2023 +0200
.gitlab-ci.yml: switch to Fedora 38 images
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Stephen Paul Weber <singpolyma@singpolyma.net>
Date: Tue Jul 4 22:28:48 2023 -0500
Fix DTLS handshake when first fragment is 1 byte
Asterisk sometimes generates this, and it seems like a valid case. If
the first fragment is 1 byte then subsequent fragments will still try to
merge into it so it needs to have a big enough buffer for this to happen.
Signed-off-by: Stephen Paul Weber <singpolyma@singpolyma.net>
Author: Ajit Singh <ajeetsinghchahar2@gmail.com>
Date: Wed Jun 7 22:06:57 2023 +0530
m4/hooks.m4: Fixed typo
Signed-off-by: Ajit Singh <ajeetsinghchahar2@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed May 24 09:02:26 2023 +0200
.gitlab-ci.yml: pull in clang16-extra-tools instead of clang15-*
Also re-indent the existing code with the newer version of clang.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu May 11 09:57:09 2023 +0900
tests: use GNUTLS_SELF_TEST_FLAG_ALL macro instead of magic number
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu May 11 09:52:20 2023 +0900
crypto-selftests: mark CFB8 block sizes tests optional
It was not obvious that the second function supplied to CASE2 macro
was only called when GNUTLS_SELF_TEST_FLAG_ALL is set. This splits
the macro into two: the one to be required and the other to be
optional.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu May 11 22:13:25 2023 +0900
nettle: remove files no longer used
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue May 2 08:41:08 2023 +0900
psk: Add basic support for RFC 9258 external PSK importer interface
This adds a minimal, callback-based API to import external PSK,
following RFC 9258. The client and the server importing external PSK
are supposed to set a callback to retrieve PSK, which returns flags
that may indicate the PSK is imported, along with the key:
typedef int gnutls_psk_client_credentials_function3(
gnutls_session_t session,
gnutls_datum_t *username, gnutls_datum_t *key,
gnutls_psk_key_flags *flags);
typedef int gnutls_psk_server_credentials_function3(
gnutls_session_t session,
const gnutls_datum_t *username, gnutls_datum_t *key,
gnutls_psk_key_flags *flags);
Those callbacks are responsible to call
gnutls_psk_format_imported_identity() for external PSKs to build a
serialized PSK identity, and set GNUTLS_PSK_KEY_EXT in flags if the
identity is an imported one.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Apr 24 12:39:42 2023 +0900
build: re-indent code
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Mar 17 18:17:30 2023 +0900
doc: add missing documentation for enums
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Mar 16 11:31:42 2023 +0900
.gitlab-ci.yml: install clang15-extra-tools for clang-format
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Mar 17 13:05:41 2023 +0900
gnutls.h.in: stop indenting doc-comments for typedefs
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Mar 16 16:21:37 2023 +0900
build: use /* clang-format {on|off} */ annotation
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Apr 24 12:38:56 2023 +0900
doc: mention how to indent source code
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Mar 16 10:33:14 2023 +0900
build: switch to using clang-format instead of GNU indent
GNU indent yields weird output when using the Linux kernel coding
style as in the below examples, which affects code readability.
- Too long lines cause unexpected indentation:
if (!
(priv->flags &
GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED)
&& (priv->flags & GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT)
&& data.size > 0) {
- Unary operators (`-` and `+`) after a type cast are not recognized
properly: `(time_t)-1` becomes `(time-t) - 1`
- Long conditionals are wrapped before binary operators, such as `&&`
or `||`. This is not mandatory in the style, but all the occurrences
are replaced with that style
This switches to using clang-format instead, with the configuration
used in the Linux kernel as of commit
596ff4a09b8981790e15572e8e7bc904df5835e7:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/.clang-format
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Apr 15 08:04:01 2023 +0900
doc: fix typo in %DISABLE_SAFE_RENEGOTIATION documentation
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Apr 2 08:21:41 2023 +0900
doc: mention ClientHello extensions shuffling
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Apr 2 08:16:33 2023 +0900
hello_ext: minor cleanup of extension shuffling code
This reduces the number of calls to gnutls_rnd(GNUTLS_RND_RANDOM)
based on the assumption that extension indices fit in uint8_t.
This also renames the priority string modifier from %NO_EXTS_SHUFFLE
to %NO_SHUFFLE_EXTENSIONS.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: xuraoqing <609179072@qq.com>
Date: Thu Apr 13 09:56:26 2023 +0000
tests: add test for gnutls_certificate_set_x509_trust
Signed-off-by: xuraoqing <xuraoqing@huawei.com>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sun Mar 5 14:27:39 2023 +0100
Update docs for faketime instead of datefudge
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sun Mar 19 14:42:27 2023 +0100
Drop unused function.
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sun Mar 5 14:17:31 2023 +0100
Also use gnutls_timewrapper non-frozen time
also switch timeout/wrapper order
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sun Mar 5 11:29:17 2023 +0100
Use gnutls_timewrapper for static (frozen time) instances
Also switch setsid/wrapper order
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Andreas Metzler <ametzler@debian.org>
Date: Fri Mar 17 18:18:46 2023 +0100
Add wrapper around faketime/datefudge
Prefer faketime, fall back to datefudge.
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Andreas Metzler <ametzler@debian.org>
Date: Tue Feb 28 18:49:56 2023 +0100
Change timestamp format for faketime compatibility.
Change all timestamps passed to "datefudge -s" to "YYYY-MM-DD hh:mm:ss"
format for compatibility with faketime -f ("Freeze clock" advanced format)
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: ATHARVA S MARATHE <atharvamarathe8@gmail.com>
Date: Tue Apr 4 03:49:13 2023 +0000
gnutls-serv: add configurable timeout
This adds --timeout option to gnutls-serv to control the inactivity
interval, which would be useful for testing.
Fixes: #1471
Signed-off-by: maratheatharva <atharvamarathe8@gmail.com>
Author: @Ajit <ajeetsinghchahar2@gmail.com>
Date: Sat Apr 1 23:05:00 2023 +0000
hello_ext: add ClientHello extension permutation
This adds a mechanism to randomize the order of TLS extensions in the
ClientHello to make fingerprinting harder. The mechanism is enabled by
default and a new priority keyword %NO_EXTS_SHUFFLE has been added to
turn it off.
Signed-off-by: peonix <ajeetsinghchahar2@gmail.com>
Author: Tobias Heider <tobias.heider@canonical.com>
Date: Thu Mar 30 16:38:05 2023 +0200
fips: adjust pbkdf2 tests for SP 800-132 limits
- Make sure to always use approved iteration count
- Check that salt < 16 return non-approved
- Check that iteration count < 1000 returns non-approved
Signed-off-by: Tobias Heider <tobias.heider@canonical.com>
Author: Tobias Heider <tobias.heider@canonical.com>
Date: Thu Mar 30 11:36:34 2023 +0200
fips: add additional pbkdf limit checks as defined in SP 800-132
Signed-off-by: Tobias Heider <tobias.heider@canonical.com>
Author: peonix <ajeetsinghchahar2@gmail.com>
Date: Tue Mar 28 14:21:07 2023 +0530
changes to keep backward compatibility
Signed-off-by: peonix <ajeetsinghchahar2@gmail.com>
Author: peonix <ajeetsinghchahar2@gmail.com>
Date: Tue Mar 28 14:20:47 2023 +0530
reformatted
Signed-off-by: peonix <ajeetsinghchahar2@gmail.com>
Author: peonix <ajeetsinghchahar2@gmail.com>
Date: Tue Mar 28 09:10:36 2023 +0530
Updated desc for @GNUTLS_NO_DEFAULT_EXTENSIONS
Signed-off-by: peonix <ajeetsinghchahar2@gmail.com>
Author: peonix <ajeetsinghchahar2@gmail.com>
Date: Tue Mar 28 09:08:40 2023 +0530
Modifier GNUTLS_NO_EXTENSIONS renamed to GNUTLS_NO_DEFAULT_EXTENSIONS
Signed-off-by: peonix <ajeetsinghchahar2@gmail.com>
Author: xuraoqing <xuraoqing@huawei.com>
Date: Wed Mar 22 11:46:55 2023 +0800
fix incorrect parameter description of crl import function
Signed-off-by: xuraoqing <xuraoqing@huawei.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Mar 19 13:01:39 2023 +0900
psk: guard against the case where psk_auth_info_t has NULL username
This happens when gnutls_psk_server_get_username is called from a
client. Also simplify the embedded NUL-byte check with memchr.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Mar 19 13:00:36 2023 +0900
src: print_info: prefer gnutls_psk_server_get_username2
gnutls_psk_server_get_username only supports NUL-terminated usernames,
while we added support for non-NULL terminated usernames in
d00638997fa269a975095d852633b48b2b64fbf9.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: xuraoqing <xuraoqing@huawei.com>
Date: Mon Mar 20 14:43:34 2023 +0800
add DER crl list import test
Signed-off-by: xuraoqing <xuraoqing@huawei.com>
Author: xuraoqing <xuraoqing@huawei.com>
Date: Mon Mar 20 14:18:19 2023 +0800
add get dn by oid test
Signed-off-by: xuraoqing <xuraoqing@huawei.com>
Author: Yongye Zhu <zyy1102000@gmail.com>
Date: Sat Mar 18 15:33:57 2023 -0500
rewrite tests/tls13/key_limits.c in single process
Signed-off-by: Yongye Zhu <zyy1102000@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Mar 18 10:52:13 2023 +0900
.gitlab-ci.yml: make use of .pre stage
Jobs in the .pre stage run before any other jobs:
https://docs.gitlab.com/ee/ci/yaml/index.html#stage-pre
As commit-check is lightweight and a prerequisite for merging MRs,
this moves it from the test stage to .pre.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Mar 13 16:58:45 2023 +0900
pkcs11: respect Mozilla's time-based distrust upon issuer lookup
This implements the basic logic needed to support time-based distrust
of CA, according to [1].
1. https://wiki.mozilla.org/CA/Additional_Trust_Changes#Distrust_After
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: xuraoqing <609179072@qq.com>
Date: Mon Mar 13 14:04:03 2023 +0000
tests: add tests for CRL issuer get functions
Signed-off-by: xuraoqing <xuraoqing@huawei.com>
Author: Richard W.M. Jones <rjones@redhat.com>
Date: Fri Mar 10 11:15:19 2023 +0000
ktls: Do not return GNUTLS_E_INTERRUPTED/AGAIN from short writes
If sendmsg returns a short write, we end up going around the loop with
data_to_send being smaller. However if sendmsg then returns -EAGAIN
or -EINTR then we return an error. But we have "forgotten" that we
already sent some data.
This causes the caller to retry gnutls_record_send with the full
buffer (ie. with a buffer that has already been partially sent),
causing desynchronization.
Instead check if we sent some data in this case and return the number
of bytes sent.
Fixes: https://gitlab.com/gnutls/gnutls/-/issues/1470
Thanks: Dan Berrange for suggesting a fix
Signed-off-by: Richard W.M. Jones <rjones@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Mar 9 14:09:14 2023 +0900
tests: skip TLS 1.2 resume tests without EMS under FIPS
In FIPS mode, extended master secret is required and those tests are
not supported.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Mar 5 15:20:35 2023 +0900
tests: close unused peer socket in the tests using socketpair
Otherwise, the subsequent call to wait will block, when the child
process exits abnormally. Checked with the following script:
for i in $(git grep -l socketpair); do
if ! grep -q 'close.*\[' $i; then echo $i; fi
done
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Feb 21 15:35:37 2023 +0900
fips: enable %FORCE_SESSION_HASH by default under FIPS mode
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Feb 21 14:46:09 2023 +0900
priority: add %FORCE_SESSION_HASH modifier
This adds a new priority string modifier %FORCE_SESSION_HASH, which
requires to negotiate extended master secret and aborts the connection
if the peer does not send the extension in hello messages.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: xuraoqing <xuraoqing@huawei.com>
Date: Mon Mar 6 14:42:16 2023 +0800
add gnutls_pkcs7_get_signature_count test
Signed-off-by: xuraoqing <xuraoqing@huawei.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Mar 2 13:24:22 2023 +0900
.gitlab-ci.yml: switch to Fedora 37 images
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Christopher Baines <mail@cbaines.net>
Date: Tue Sep 20 11:33:45 2022 +0200
doc: Don't depend on /usr/bin/perl in the Makefile.am.
Instead, work if perl is on the $PATH. I hit this problem on GNU Guix
which doesn't use the /usr/bin directory.
Signed-off-by: Christopher Baines <mail@cbaines.net>
Author: xuraoqing <xuraoqing@huawei.com>
Date: Tue Feb 28 11:40:11 2023 +0800
remove unused extern variables
Signed-off-by: xuraoqing <xuraoqing@huawei.com>
Author: Pedro Monreal <pmgdeb@gmail.com>
Date: Thu Feb 16 17:02:38 2023 +0100
pk: extend pair-wise consistency to cover DH key generation
Perform SP800 56A (rev 3) 5.6.2.1.4 Owner Assurance of Pair-wise
Consistency check, even if we only support ephemeral DH, as it is
required by FIPS 140-3 IG 10.3.A.
Signed-off-by: Pedro Monreal <pmgdeb@gmail.com>
Co-authored-by: Daiki Ueno <ueno@gnu.org>
Author: xuraoqing <609179072@qq.com>
Date: Mon Feb 27 05:37:50 2023 +0000
gnutls-serv: fix possible memory leakage around realloc
Signed-off-by: xuraoqing <xuraoqing@huawei.com>
Author: Radostin Stoyanov <radostin@redhat.com>
Date: Sat Feb 25 10:16:38 2023 +0900
tests: fix typo in rsa-encrypt-decrypt
Signed-off-by: Radostin Stoyanov <radostin@redhat.com>
Author: Pedro Monreal <pmgdeb@gmail.com>
Date: Fri Feb 24 22:02:48 2023 +0000
ecdh: perform SP800-56A rev3 full pubkey validation on key derivation
This implements full public key validation required in
SP800-56A rev3, section 5.6.2.3.3.
Co-authored-by: Daiki Ueno <ueno@gnu.org>
Signed-off-by: Pedro Monreal <pmgdeb@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Feb 23 10:41:41 2023 +0900
.gitmodules: revert to use full URLs for submodules
The previous attempt to use relative paths caused issues when the
repository is mirrored, requiring all the local submodules are
mirrored as well.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Fri Feb 10 11:32:43 2023 +0100
Update release steps
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Fri Feb 10 11:31:38 2023 +0100
Fix typo in NEWS
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Feb 21 17:09:49 2023 +0900
.gitlab-ci.yml: simplify timestamp preservation
This simplifies commit 738b968271 to consolidate the logic into
default target.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Feb 20 09:36:00 2023 +0900
.gitlab-ci.yml: bump cache version
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Feb 20 17:35:38 2023 +0900
.gitlab-ci.yml: preserve timestamp around bootstrap
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Feb 20 09:49:32 2023 +0900
.gitlab-ci.yml: take advantage of git submodules in GitLab CI
GitLab CI has support for automatic checkout of submodules, though it
requires some modifications to .gitmodules:
https://docs.gitlab.com/ee/ci/git_submodules.html
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Feb 17 15:02:29 2023 +0900
.gitlab-ci.yml: use artifacts:untracked
The "artifacts:untracked" enables to efficiently archive build
artifacts:
https://docs.gitlab.com/ee/ci/yaml/#artifactsuntracked
Also copy files with bootstrap, as symlinks are excluded from the
artifacts.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Feb 17 11:29:23 2023 +0900
gnulib: update git submodule
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: xuraoqing <609179072@qq.com>
Date: Mon Feb 13 11:32:34 2023 +0800
use xrealloc replace realloc in src/serv.c which just for test.
Signed-off-by: xuraoqing <609179072@qq.com>
Author: Peter Leitmann <pleitman@redhat.com>
Date: Thu Feb 9 22:34:00 2023 +0100
add new interop tests
Signed-off-by: Peter Leitmann <pleitman@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Thu Feb 9 12:47:13 2023 +0100
Release 3.8.0
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: xuraoqing <609179072@qq.com>
Date: Tue Feb 7 11:37:04 2023 +0800
fix possible out-of-bounds access
Signed-off-by: xuraoqing <609179072@qq.com>
Author: Hubert Kario <hkario@redhat.com>
Date: Wed Feb 8 14:43:45 2023 +0100
document the CVE fix
Signed-off-by: Hubert Kario <hkario@redhat.com>
Author: Hubert Kario <hkario@redhat.com>
Date: Wed Feb 8 14:32:09 2023 +0100
rsa: remove dead code
since the `ok` variable isn't used any more, we can remove all code
used to calculate it
Signed-off-by: Hubert Kario <hkario@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Tue Aug 9 16:05:53 2022 +0200
auth/rsa: side-step potential side-channel
Remove branching that depends on secret data.
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Signed-off-by: Hubert Kario <hkario@redhat.com>
Tested-by: Hubert Kario <hkario@redhat.com>
Author: xuraoqing <609179072@qq.com>
Date: Tue Feb 7 10:34:48 2023 +0800
remove inoperative variable
Signed-off-by: xuraoqing <609179072@qq.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Wed Feb 1 13:29:34 2023 +0100
socket: set pull/push functions on windows
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Wed Feb 1 10:00:12 2023 +0100
Add missing dll to mingw archive
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Mon Jan 30 12:32:56 2023 +0100
Indent cpp header
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Nikolaos Chatzikonstantinou <nchatz314@gmail.com>
Date: Mon Dec 19 07:34:49 2022 +0200
gnutlsxx: add source file for shared library
The compiler will not produce a shared library from a header, so a
source file is necessary when producing the gnutlsxx shared library.
Signed-off-by: Nikolaos Chatzikonstantinou <nchatz314@gmail.com>
Author: Nikolaos Chatzikonstantinou <nchatz314@gmail.com>
Date: Mon Dec 19 06:02:17 2022 +0200
gnutlsxx: remove unnecessary linking from makefiles
Signed-off-by: Nikolaos Chatzikonstantinou <nchatz314@gmail.com>
Author: Nikolaos Chatzikonstantinou <nchatz314@gmail.com>
Date: Mon Dec 19 01:37:08 2022 +0200
gnutlsxx: become header-only library
This patch removes the old gnutlsxx library and instead moves all the
definitions of the source file `gnutlsxx.c` to the header file
`gnutlsxx.h`. However, both the C and the C++ library are built. (as
before.)
The user of the C++ interface has two options to choose from:
1. include `gnutlsxx.h` in their application and link against the C
library. (the default.)
2. include `gnutlsxx.h` in their application, compile with the
GNUTLS_GNUTLSXX_NO_HEADERONLY macro defined and link against the C++
library.
Addresses Ref #1381
Signed-off-by: Nikolaos Chatzikonstantinou <nchatz314@gmail.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Fri Jan 27 15:42:39 2023 +0100
Silence 'make syntax-check'
Co-authored-by: Simon Josefsson <simon@josefsson.org>
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Fri Jan 27 15:22:01 2023 +0100
NEWS: mention code indentation
Co-authored-by: Simon Josefsson <simon@josefsson.org>
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Fri Jan 27 15:03:53 2023 +0100
Indent code
Co-authored-by: Simon Josefsson <simon@josefsson.org>
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Fri Jan 27 11:10:51 2023 +0100
Check code indentation in 'check_commit'
Co-authored-by: Simon Josefsson <simon@josefsson.org>
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Fri Jan 27 11:08:05 2023 +0100
Deal with '# define' for indent -ppi1
Co-authored-by: Simon Josefsson <simon@josefsson.org>
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Fri Jan 27 10:27:21 2023 +0100
Fix indent errors
Co-authored-by: Simon Josefsson <simon@josefsson.org>
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Fri Jan 27 13:38:45 2023 +0100
Add code indentation scripts
Co-authored-by: Simon Josefsson <simon@josefsson.org>
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jan 17 19:47:11 2023 +0900
.gitlab-ci.yml: take advantage of GitLab code coverage visualization
This switches to using gcovr instead of our custom coverage generation
rule to take advantage of "Test coverage visualization" in GitLab:
https://docs.gitlab.com/ee/ci/testing/test_coverage_visualization.html
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Dec 30 11:08:36 2022 +0900
.gitlab-ci.yml: consolidate duplicate "aggressive" targets
The UB+ASAN-Werror.Fedora.x86_64.gcc-aggressive shared almost same
tasks with UB+ASAN-Werror-aggressive.Fedora.x86_64.gcc, except the
former explicitly specified --disable-hardware-acceleration.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jan 11 15:24:14 2023 +0900
.gitlab-ci.yml: disable cppcheck for now
The current version of cppcheck hangs at the usage of Gnulib's
intprops module:
https://trac.cppcheck.net/ticket/10192
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Sep 20 15:08:59 2022 +0900
trust: make filesystem path construction flexible
To handle pathnames longer than the fixed length (previously 256),
this adds a set of internal API functions around the gnutls_pathbuf_st
struct, which enables to safely and efficiently construct pathnames.
The new API initially uses the statically allocated buffer and starts
allocating memory on heap only after the limit has reached.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Mon Jan 2 13:25:14 2023 +0100
Fix error codes for unsolicited compressed certificate
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Tue Jan 3 09:06:01 2023 +0100
Update year of copyright notices in doc/gnutls.texi
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Thu Dec 8 12:41:34 2022 +0100
Forbid unsolicited CompressedCertificate message
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Thu Dec 8 11:49:16 2022 +0100
Fail when received cert is compressed with disabled method
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Thu Dec 8 12:08:10 2022 +0100
Slight reformating of compress_certificate code
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Dec 28 12:42:27 2022 +0900
build: suppress ABI change for GNUTLS_SRTP_AEAD_AES_*_GCM additions
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Stefan Kangas <stefankangas@gmail.com>
Date: Tue Dec 27 19:53:11 2022 +0100
doc: Fix Debian package name texlive-plain-generic
The package texlive-generic-recommended is a transitional dummy package for
texlive-plain-generic in Debian buster (currently oldstable).
See: https://packages.debian.org/texlive-generic-recommended
Signed-off-by: Stefan Kangas <stefankangas@gmail.com>
Author: Stefan Kangas <stefankangas@gmail.com>
Date: Tue Dec 27 19:13:53 2022 +0100
doc: Fix several minor issues in INSTALL.md
- Fix reference to moved file.
- Fix a dead link, and a typo.
- Use two spaces between sentences, and no trailing whitespace.
Signed-off-by: Stefan Kangas <stefankangas@gmail.com>
Author: Stefan Kangas <stefankangas@gmail.com>
Date: Tue Dec 27 18:02:13 2022 +0100
Sync GPL/LGPL license files from Gnulib
Signed-off-by: Stefan Kangas <stefankangas@gmail.com>
Author: Stefan Kangas <stefankangas@gmail.com>
Date: Tue Dec 27 16:42:58 2022 +0100
Replace FSF snail mail addresses with URL
This is the latest recommendation, as described here:
https://www.gnu.org/licenses/gpl-howto.html
Signed-off-by: Stefan Kangas <stefankangas@gmail.com>
Author: Stefan Kangas <stefankangas@gmail.com>
Date: Tue Dec 27 15:16:05 2022 +0100
Prefer HTTPS to HTTP in URLs
This mostly updates NEWS and license links. All links have been
manually tested and confirmed working.
Signed-off-by: Stefan Kangas <stefankangas@gmail.com>
Author: Stefan Kangas <stefankangas@gmail.com>
Date: Mon Dec 26 23:48:16 2022 +0100
Fix typos
Signed-off-by: Stefan Kangas <stefankangas@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Dec 24 17:37:24 2022 +0900
srtp: support AES-GCM profiles
This adds support for SRTP_AEAD_AES_128_GCM and SRTP_AEAD_AES_256_GCM
profiles defined in RFC 7714.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Dec 24 17:07:26 2022 +0900
build: remove MAX_RECORD_SEND_SIZE in favor of max_record_send_size
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Dec 8 11:53:20 2022 +0900
record: enable check on CCS content also in TLS 1.2
This generilizes the value check of Change Cipher Spec for all TLS
protocol versions including TLS 1.2 or earlier. It also fixes the
logic of the check so the value is decrypted before being examined,
according to the RFC.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Dec 18 08:00:59 2022 +0900
tests: conditionalize SRP tests
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Dec 17 15:44:07 2022 +0900
build: disable SRP authentication by default
SRP authentication in TLS is not up to date with the latest TLS
standards and its ciphersuites are based on the CBC mode and SHA-1.
This makes the feature disabled by default at compile time, though the
users are still be able to enable it with --enable-srp-authentication
configure option.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Dec 19 18:40:37 2022 +0900
.gitlab-ci.yml: ensure libtasn1-tools is installed
With recent DNF, removing libtasn1-devel causes libtasn1-tools to be
removed. Manually reinstall it in that case.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Dec 17 15:55:33 2022 +0900
build: disable TLS heartbeat extension by default
The heartbeat extension in TLS (RFC 6520) is not widely used given
other implementations dropped support for it. This makes it disabled
by default, though the users are able to enable it back with the
--enable-heartbeat-support configure option.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: xuraoqing <xuraoqing@huawei.com>
Date: Thu Dec 15 17:02:59 2022 +0800
fix memory leak when process client ecdh key exchage
Signed-off-by: xuraoqing <xuraoqing@huawei.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Dec 18 08:21:46 2022 +0900
cert-auth: alloc_and_load_x509_certs: check requested cert count
... instead of pointer. Otherwise GCC analyzer treats it as
-Wanalyzer-null-dereference in the caller side. While that shouldn't
happen, it would be nice to make the code handle it robustly.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Dec 18 08:05:05 2022 +0900
build: avoid using implicit int to adhere to C99
Otherwise -Wstrict-prototypes now emits the following warnings:
mini-dtls-large.c:30:5: error: function declaration isn't a prototype [-Werror=strict-prototypes]
30 | int main()
| ^~~~
mini-dtls-large.c: In function 'main':
mini-dtls-large.c:30:5: error: old-style function definition [-Werror=old-style-definition]
cc1: all warnings being treated as errors
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Peter Leitmann <pleitman@redhat.com>
Date: Wed Dec 14 18:22:54 2022 +0100
new interop-tests
Signed-off-by: Peter Leitmann <pleitman@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Dec 15 00:51:42 2022 +0900
build: remove code guarded with no longer defined ENABLE_RSA_EXPORT
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Dec 15 00:48:16 2022 +0900
build: remove checks on no longer defined ENABLE_OPENPGP
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Dec 15 00:45:04 2022 +0900
srp: provide stubs of public functions even if SRP is disabled
This adds stub definitions of public SRP functions even if SRP is
disabled with --disable-srp-authentication, to preserve the ABI.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: xuraoqing <xuraoqing@huawei.com>
Date: Mon Dec 12 15:10:59 2022 +0800
fix log print server write mac key size error
Signed-off-by: xuraoqing <xuraoqing@huawei.com>
Author: xuraoqing <xuraoqing@huawei.com>
Date: Mon Dec 12 15:06:14 2022 +0800
fix log print client write mac key size error
Signed-off-by: xuraoqing <xuraoqing@huawei.com>
Author: xuraoqing <xuraoqing@huawei.com>
Date: Mon Dec 12 15:05:20 2022 +0800
fix get credential type with key exchange algorithm fail
Signed-off-by: xuraoqing <xuraoqing@huawei.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Fri Dec 2 13:12:30 2022 +0100
Use soname instead of file name in fipshmac sections
Using fipshmac program with an argument, for example:
fipshmac /usr/lib64/libgnutls.so.30.28.1
would create a section [libgnutls.so.30.28.1]
and the internal comparison with soname would fail.
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date: Mon Oct 31 12:17:43 2022 +0100
KTLS: Invalidate session on ktls error
We invalidate the session if an KTLS related error occurs after it was
initialized i.e. keys were set on the interfaces.
As of now this only affects key_update() which should be fixed via a
kernel patch. Thus future fallback mechanism implementation is not likely
as that would require yet another kernel patch.
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date: Fri Dec 2 11:07:48 2022 +0100
KTLS: add ciphersuites (tests)
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date: Thu Dec 1 15:37:33 2022 +0100
KTLS: add ciphersuites
* TLS_AES_128_CCM_SHA256
* TLS_CHACHA20_POLY1305_SHA256
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Nov 29 11:15:34 2022 +0900
fips: rename .gnutls.hmac back to .libgnutls.so.*.hmac
Using a GnuTLS specific construction of .hmac file name causes a
problem with dracut, which expects that .hmac files are installed
alongside the corresponding shared libraries.
To preserve backward compatibility, this renames the file name back to
.libgnutls.so.*.hmac, while the content remains the same covering all
the dependent libraries (libgnutls, libhogweed, libnettle, and
libgmp).
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Nov 28 12:15:26 2022 +0900
priority: accept "ktls = false" in configuration file
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Nov 28 12:13:31 2022 +0900
src: print KTLS enablement status in gnutls-serv/gnutls-cli
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Nov 28 12:17:12 2022 +0900
includes: move KTLS function definition out of <gnutls/socket.h>
<gnutls/socket.h> is meant for the functions that depend on
<sys/socket.h>, which is not available on Windows platforms.
As the KTLS API doesn't rely on <sys/socket.h>, move the function and
enum to <gnutls/gnutls.h>.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Nov 28 11:14:53 2022 +0900
tests: fix memory leak in resume-with-previous-stek
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Nov 28 11:10:58 2022 +0900
src: fix memory leak in print_rawpk_info
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Nov 23 15:38:25 2022 +0900
.gitlab-ci.yml: disable full test suite in fedora-nettle jobs
This adds --disable-full-test-suite to fedora-nettle jobs, assuming
other tests have enough coverage of what Nettle provides.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Nov 22 13:01:58 2022 +0900
build: pacify sc_unportable_grep_q check
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Nov 22 12:20:58 2022 +0900
.gitlab-ci.yml: disable GCC analyzer in sanitizer jobs
It turned out that -fanalyzer combined with -fsanitize=undefined takes
excessive time when compiling certain files, e.g., lib/priority.c.
Removing -fanalyzer should be safe as it is enabled in other
Fedora-based jobs.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Oct 6 18:44:48 2022 +0900
build: suppress GCC analyzer warnings
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Oct 5 17:44:01 2022 +0900
tests: skip tpm2.sh test for now if OpenSSL version 3 is detected
tpm2-tss-engine does not work well with OpenSSL 3 yet.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Sep 30 15:52:41 2022 +0900
.gitlab-ci.yml: bump cache version
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Sep 27 13:13:21 2022 +0900
.gitlab-ci.yml: update fedora image to Fedora 36
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Sep 26 16:48:24 2022 +0900
tests: move <assert.h> out of extern "C"
This fixes the issue with <assert.h> provided by Gnulib:
../gl/assert.h:209:1: error: template with C linkage
209 | template <int w>
| ^~~~~~~~
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Sep 26 16:46:47 2022 +0900
build: use AM_DISTCHECK_CONFIGURE_FLAGS
Also remove AUTOGEN=false setting, which is no longer necessary.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Sep 25 05:36:49 2022 +0900
.gitlab-ci.yml: update mingw image to Fedora 36
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Sep 26 15:40:55 2022 +0900
gl: add workaround for mingw32 build
This reverts __MINGW_USE_VC2005_COMPAT setting that causes undesired
effects, as mentioned in:
https://lists.gnu.org/archive/html/bug-gnulib/2022-09/msg00150.html
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Jan 8 18:14:16 2022 +0100
gnulib: update git submodule
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Nov 16 23:02:13 2022 +0900
nettle: mark non-compliant RSA-PSS salt length to be not-approved
According to FIPS 186-5 5.4, the salt length must be in the range
between 0 and the hash length inclusive. While the use of those salt
lengths is still allowed for compatibility, it is reported as
non-approved operation through FIPS service indicator.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Samuel Thibault <samuel.thibault@ens-lyon.org>
Date: Wed Nov 16 00:38:54 2022 +0000
tests: More SIGPIPE treatment as error
81f8d97b3486 ("tests: treat all signals as error") turned some SIGPIPE signals
to EPIPE, but missed tests/mini-dtls-mtu.c.
During
gnutls_bye(session, GNUTLS_SHUT_WR),
on Linux we get
client|<11>| WRITE: enqueued 39 bytes for 0x3. Total 39 bytes.
client|<11>| WRITE FLUSH: 39 bytes in buffer.
client|<2>| WRITE: -1 returned from 0x3, errno: 111
(ECONNREFUSED)
but on GNU/Hurd a SIGPIPE is sent instead of returning of ECONNREFUSED.
We thus need to turn it into an error to correctly interpret the test
result.
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Tue Nov 15 14:35:24 2022 +0100
Remove library path checking from FIPS integrity check
The library path check is being dropped as checking the HMAC of
libraries should be sufficient. Checking the exact path where the
library resides showed to be failure prone. The sonames of libraries are
internally indirectly compared.
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Wed Nov 9 16:10:58 2022 +0100
Fipshmac: always use realpaths
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Oct 31 20:15:48 2022 +0900
handshake: clear server's session ticket indication at rehandshake
While OpenSSL server doesn't indicate a session ticket in the second
handshake of TLS 1.2 rehandshake, GnuTLS client previously waited for
it as it didn't clear the internal flag (session_ticket_renew) thus
the effect remained. This patch clears the flag properly at the end
of each handshake.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Eric Blake <eblake@redhat.com>
Date: Thu Oct 13 17:21:21 2022 -0500
priority: fix typos in documentation
Fixes: ac2751d8049bf97cf486469d3c3407b83dd1fb3c
Signed-off-by: Eric Blake <eblake@redhat.com>
Author: Eric Blake <eblake@redhat.com>
Date: Fri Oct 14 14:02:14 2022 -0500
priority: Use gnutls_free consistently
The whole point of gnutls_calloc() is to allow an alternative to
malloc() where that alternative takes over all aspects of heap
management; as such, it is never safe to pair bare free() with memory
managed by gnutls. Not to mention that it looks bad to mix calls to
gnutls_free() and free() to the same variable within the same
function.
Signed-off-by: Eric Blake <eblake@redhat.com>
Author: Eric Blake <eblake@redhat.com>
Date: Wed Nov 2 08:48:19 2022 -0500
privkey: Allow deinit after failed export
The documentation for gnutls_privkey_export_* states that the caller
must use gnutls_*_deinit on key, without mentioning whether this
requirement is still present when the function fails. But the
implementation has a code path where key is left uninitialized.
Similar to the recent fix for *_init, guarantee that *key is set to a
sane value on all exit paths.
Signed-off-by: Eric Blake <eblake@redhat.com>
Author: Eric Blake <eblake@redhat.com>
Date: Fri Oct 14 13:40:50 2022 -0500
lib: Consistenly return sane results for all *_init()
After looking at gnutls_init(), I went and audited all other
*_init(gnutls_*_t) functions, to see if Bug #1414 applies in more
situations. We had an inconsistent mix: some functions that went out
of their way to leave the parameter uninitialized on failure (such as
gnutls_x509_crt_init()); many that always left the parameter
initialized on failure (such as gnutls_x509_ext_ct_scts_init()), often
by relying on the gnutls_free() macro that assigns the pointer to NULL
after using the gnutls_free_function() callback pointer (such as
gnutls_pkcs11_obj_init()); but a few others that left stale pointers
on certain failures (such as gnutls_priority_init2()) or even which
used the wrong deallocation function (such as
gnutls_pkcs11_privkey_init()).
As with gnutls_init(), portable programs should either pre-initialize
memory to zero before calling _init() if they plan to unconditionally
call _deinit() (safe for all but gnutls_pkcs11_privkey_init()), or
they should avoid calling _deinit() if _init() failed. But since we
can't force all existing clients to change, it is safest if we
unconditionally and consistently initialize the client's memory before
ALL failure paths.
Rather than try to adjust documentation of each *_init() function
(including those not needing a change), I instead generalized
documentation into the manual.
Signed-off-by: Eric Blake <eblake@redhat.com>
Author: Eric Blake <eblake@redhat.com>
Date: Thu Oct 13 14:07:29 2022 -0500
gnutls_init: Always initialize *session
We provide gnutls_session_t as an opaque type, therefore, unless we
document otherwise, client code should not assume that there is a safe
initialization value to assign to such storage, leaving the only way
to properly initialize the type as a call to gnutls_init(). Likewise,
the documentation was clear that gnutls_deinit(session) must be used
after success, but ambiguous as to whether that was necessary after
failure.
Our implementation has always been such that the opaque types are
pointers under the hood, where gnutls_deinit(NULL) is a no-op, and
that (for gnutls_init at least) it is safe to omit a call to
gnutls_deinit(session) on failure. But without documentation, clients
cannot rely on either of those facts; and our code base was
inconsistent on whether all other *_init/*_deinit function pairs
behave in the same manner (see the next commit).
A search of existing code in the wild shows that some clients
pre-initialize the memory to 0 (which happens to be safe although
currently undocumented), often by passing in a pointer to a
gnutls_session_t residing in a larger struct that was reserved with
calloc(), cleared with memset(), or similar; but this is not
universal, and there are other clients in the wild that pass in
uninitialized memory. It's too late to change the documentation to
mandate that users should pre-initialize their memory to 0 prior to
gnutls_init(), although it doesn't hurt to recommend it for
portability when building for older versions of gnutls.
In most cases, using gnutls_deinit(session) after failure was a no-op
- most of our error exit paths use the gnutls_free() macro which has
the side effect of forcing the caller's pointer to NULL on failure
(since gnutls is built with GNUTLS_INTERNAL_BUILD defined). We also
happen to be lucky for a user that pre-initializes their memory to 0
before calling gnutls_init() - any error exit path where we did not
touch the user's pointer leaves the client with gnutls_deinit(session)
being a no-op. But if the client passes in an uninitialized pointer,
and FAIL_IF_LIB_ERROR triggers, then we fail the function while
leaving the pointer uninitialized, at which point the caller using
gnutls_deinit(session) attempts to free uninitialized memory, which
has potential security implications - yet we did not warn the client
to avoid gnutls_deinit() in that scenario.
The most robust fix is thus along two fronts: improving the
documentation to inform the user what they can expect, but also
tweaking our code to avoid undefined behavior with existing client
code bases by guaranteeing that whether or not the client
pre-initializes memory to 0 and/or calls gnutls_deinit() on failure,
they can't mess up.
Fixes: bug #1414.
Signed-off-by: Eric Blake <eblake@redhat.com>
Author: Eric Blake <eblake@redhat.com>
Date: Wed Nov 2 08:40:08 2022 -0500
build: Silence cppcheck false positive
An upcoming patch will touch gnutls_pkcs11_privkey_init(), which is
sufficient to make the cppcheck portion of CI choke on a false
positive in the unrelated gnutls_pkcs11_privkey_import_url() because
the file becomes interesting again. cppcheck is not smart enough to
realize that an out-of-scope memory reference stored in a[1] is not
going to be utilized by the later pkcs11_get_attribute_value(..., a,
1) outside the if block; but the solution is as simple as expanding
the scope of tval.
Signed-off-by: Eric Blake <eblake@redhat.com>
Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date: Fri Oct 14 15:51:28 2022 +0200
Handle private keys with lowercase hex digits in DEK-Info
Some tools, for example win-acme, create encrypted private keys in OpenSSL's
traditional format containing lowercase hex digits in the IV part of the
DEK-Info PEM header. These key files are accepted by OpenSSL. Prior to this
patch, GnuTLS did reject these keys with GNUTLS_E_INVALID_REQUEST.
Signed-off-by: Tim Kosse <tim.kosse@filezilla-project.org>
Co-authored-by: Daiki Ueno <ueno@gnu.org>
Author: Simon Josefsson <jas@josefsson.org>
Date: Mon Oct 31 21:24:01 2022 +0100
Drop stale doc/announce.txt.
Signed-off-by: Simon Josefsson <simon@josefsson.org>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Mon Oct 17 15:27:37 2022 +0200
Fix removal of duplicate certs during verification
Co-authored-by: Daiki Ueno <ueno@gnu.org>
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Simon Josefsson <jas@josefsson.org>
Date: Wed Oct 12 15:02:35 2022 +0200
Drop guile bindings. See <https://gitlab.com/gnutls/guile/>.
Signed-off-by: Simon Josefsson <simon@josefsson.org>
Author: Simon Josefsson <jas@josefsson.org>
Date: Tue Oct 25 14:46:30 2022 +0200
doc: Add NEWS entry.
Signed-off-by: Simon Josefsson <simon@josefsson.org>
Author: Simon Josefsson <jas@josefsson.org>
Date: Tue Oct 25 14:45:29 2022 +0200
Update libtasn1 to 4.19.0.
Signed-off-by: Simon Josefsson <simon@josefsson.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Oct 21 15:48:39 2022 +0900
cipher: add restriction on CCM tag length under FIPS mode
This change prohibits any use of tag length other than 4, 6, 8, 10,
12, 14, and 16 bytes in CCM used under FIPS mode, in accordance with
SP800-38C A.1. While use of tag lengths smaller than 8 bytes is not
recommended, we simply allow 4 and 6 bytes tags for now.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Mon Oct 24 11:01:44 2022 +0200
compress_certificate: fix err code on invalid length
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Fri Oct 21 11:19:56 2022 +0200
Ignore unknown algorithms received in compress_certificate extension
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Oct 21 18:12:33 2022 +0900
build: fix AUTHORS generation
Without revision supplied, git shortlog expects to read commits from
stdin and produces the following error:
GEN AUTHORS
fatal: using multiple --group options with stdin is not supported
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Thu Oct 20 12:38:39 2022 +0200
Fix handshake segfault if no privkey is supplied
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Fri Sep 23 12:59:52 2022 +0200
gnutls_rnd manage memory per-thread
Co-authored-by: Pedro Marzo <marzo.pedro@gmail.com>
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Tue Oct 4 16:37:29 2022 +0200
Add GNUTLS_NO_STATUS_REQUEST flag and NO_STATUS_REQUEST priority string modifier
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Sep 29 21:19:26 2022 +0900
fips: only mark HMAC as approved in PBKDF2
As ACVP only allows HMAC used with PBKDF2[1], this change marks other
hash algorithms not-approved.
1. https://pages.nist.gov/ACVP/draft-celi-acvp-pbkdf.html
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Sep 20 01:25:51 2022 +0900
fips: mark gnutls_key_generate with short key sizes non-approved
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Sep 19 14:49:23 2022 +0900
fips: mark PBKDF2 with short key and output sizes non-approved
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Oct 6 19:30:57 2022 +0900
.gitignore: follow tests/fips-rsa-sizes naming change
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Oct 17 11:11:43 2022 +0900
tests: move FIPS service indicator functions to common file
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date: Mon Sep 5 13:05:17 2022 +0200
KTLS: fallback to default
If an error occurs during setting of keys either initial or key update
then fallback to default mode of operation (disable ktls) and let the
user know
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date: Tue Aug 9 12:11:16 2022 +0200
KTLS: rekey test
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date: Fri Aug 5 16:38:02 2022 +0200
KTLS: set write alert callback
Use callback for sending alerts.
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date: Mon Aug 22 10:50:37 2022 +0200
KTLS: receive key update
handle received GNUTLS_HANDSHAKE_KEY_UPDATE set keys accordingly
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date: Wed Aug 3 14:20:35 2022 +0200
KTLS: send update key request
Set hanshake send function after interface initialization
TODO: handel setting function differently
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date: Tue Aug 2 13:35:39 2022 +0200
KTLS: set new keys for keyupdate
set new keys durring gnutls_session_key_update()
setting keys
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date: Tue Aug 2 15:00:50 2022 +0200
KTLS: set key on specific interfaces
It is now possible to set key on specific interface.
If interface given is not ktls enabled then it will be ignored.
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Thu Sep 29 15:31:28 2022 +0200
Make XTS key check failure not fatal
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Stanislav Zidek <szidek@redhat.com>
Date: Fri Sep 30 15:36:17 2022 +0200
NSS interoperability test - 2way TLSv1.3
Signed-off-by: Stanislav Zidek <szidek@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Sep 29 17:13:00 2022 +0900
fips: mark composite signature API not-approved
This makes the FIPS service indicator to transit to not-approved when
gnutls_privkey_sign_hash* is used. In FIPS, single-shot
API (gnutls_privkey_sign_data*) is preferred over composite API.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Sep 20 16:06:13 2022 +0900
fips: fix checking on hash algorithm used in ECDSA
Previously we checked against the "preferred" hash algorithm based on
the curve, instead of the one actually used.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Wed Sep 21 14:56:49 2022 +0200
Release 3.7.8
Not bumping LT_CURRENT / LT_AGE since abi-check reports no changes.
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Wed Sep 21 14:26:55 2022 +0200
NEWS: add an entry for allowlisting-relaxing functions restriction
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Tue Sep 13 17:07:37 2022 +0200
Reduce sensitive language
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Sep 19 07:40:01 2022 +0900
accelerated: avoid symbol export mismatch with _gnutls_x86_cpuid_s
If the LD doesn't have support for version scripts,
_gnutls_x86_cpuid_s is exported through libtool's
--export-symbols-regex and that causes link error with clang:
libtool: link: nmedit -s .libs/libgnutls-symbols.expsym .libs/libgnutls.30.dylib
/Library/Developer/CommandLineTools/usr/bin/nmedit: error: symbols names listed in: .libs/libgnutls-symbols.expsym not in: /opt/local/var/macports/build/_Users_marius_Development_MacPorts_ports_devel_gnutls/gnutls-devel/work/gnutls-3.7.5/lib/.libs/libgnutls.30.dylib
__gnutls_x86_cpuid_s
make[4]: *** [libgnutls.la] Error 1
This patch renames _gnutls_x86_cpuid_s to GNUTLS_x86_cpuid_s to avoid
the issue.
Problem investigated and fix suggested by Clemens Lang in:
https://gitlab.com/gnutls/gnutls/-/issues/1370#note_967832583
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Sep 18 17:38:46 2022 +0900
compress-cert: support compression of client certificates
Previously the compress_certificate extension was sent by the server
as part of ServerHello, which violates RFC 8879. This patch instead
send it as an extension of CertificateRequest.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Fri Sep 9 13:32:16 2022 +0200
Report system config file location via gnutls-cli
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Aug 20 11:06:07 2022 +0900
src: request tls-exporter only when unique master secrets are used
This is to comply with RFC9266 4.2.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Aug 29 06:41:46 2022 +0900
gnutls_session_channel_binding: perform check on "tls-exporter"
According to RFC9622 4.2, the "tls-exporter" channel binding is only
usable when the handshake is bound to a unique master secret. This
adds a check whether either TLS 1.3 or extended master secret
extension is negotiated.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Aug 20 10:58:23 2022 +0900
doc: mention GNUTLS_CB_TLS_EXPORTER
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Doug Nazar <nazard@nazar.ca>
Date: Tue Aug 16 01:47:49 2022 -0400
cipher: Ensure correct alignment
Unsigned math is required to calculate the current alignment.
Signed-off-by: Doug Nazar <nazard@nazar.ca>
Author: Tobias Heider <tobias.heider@canonical.com>
Date: Tue Aug 23 13:47:38 2022 +0200
Unload custom allocators in gnutls_crypto_deinit()
Closes #1398
Signed-off-by: Tobias Heider <tobias.heider@canonical.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Aug 15 09:39:18 2022 +0900
accelerated: clear AVX bits if it cannot be queried through XSAVE
The algorithm to detect AVX is described in 14.3 of "Intel® 64 and IA-32
Architectures Software Developer’s Manual".
GnuTLS previously only followed that algorithm when registering the
crypto backend, while the CRYPTOGAMS derived SHA code assembly expects
that the extension bits are propagated to _gnutls_x86_cpuid_s.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Aug 18 09:01:20 2022 +0900
srptool: resurrect default value for -i
The default option value for -i (--index) was dropped during the
cligen conversion. This adds it back for compatibility with the
existing command line usage.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Aug 18 09:00:44 2022 +0900
cligen: update git submodule
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Tue Aug 16 10:34:05 2022 +0200
tests: add fips-rsa-sizes
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Wed Feb 16 14:36:48 2022 +0100
update documentation on allowlisting API
(in a separate commit so that it's easier to compare)
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Wed Feb 16 14:28:18 2022 +0100
plumb allowlisting API through the config, restrict usage to early times
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Martin Storsjo <martin@martin.st>
Date: Mon Aug 15 23:50:16 2022 +0300
windows: Avoid -Wint-conversion errors
Clang 15 made "incompatible pointer to integer conversion" an error
instead of a plain warning. This fixes errors like these:
system/keys-win.c:257:13: error: incompatible pointer to integer conversion initializing 'HCRYPTHASH' (aka 'unsigned long') with an expression of type 'void *' [-Wint-conversion]
HCRYPTHASH hHash = NULL;
^ ~~~~
Signed-off-by: Martin Storsjo <martin@martin.st>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Tue Feb 15 16:26:52 2022 +0100
lib/priority: extract parts of cfg_apply into cfg_*_set_array*
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Mon Feb 14 18:00:25 2022 +0100
lib/priority: move sigalgs filtering to set_ciphersuite_list
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Aug 3 16:39:47 2022 +0900
nettle: mark RSA SigVer operation approved for known modulus sizes
SP800-131A rev2 suggests certain RSA modulus sizes under 2048
bits (1024, 1280, 1536, and 1792) may continue to be used for
signature verification but not for signature generation. This loosen
the current service indicator report to approve them.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Aug 9 12:55:04 2022 +0900
nettle: check RSA modulus size in bits rather than bytes
Previously we checked RSA modulus size clamped to byte unit instead of
bits. This makes the check stricter by explicitly calculating the
modulus size in bits.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Tue Aug 9 12:08:24 2022 +0200
fips: disable GNUTLS_CIPHER_3DES_CBC self-test
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Aug 8 13:54:13 2022 +0900
.gitlab-ci.yml: mark all CI jobs interruptible
This allows previous pipelines to be cancelled if a new job is
submitted subsequently:
https://docs.gitlab.com/ee/ci/yaml/#interruptible
Suggested-by: Zoltán Fridrich <zfridric@redhat.com>
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Stanislav Zidek <szidek@redhat.com>
Date: Mon Aug 8 23:07:21 2022 +0200
Moved TLS interoperability tests to submodule.
Signed-off-by: Stanislav Zidek <szidek@redhat.com>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sun Jul 31 10:28:15 2022 +0200
Avoid &> redirection bashism in testsuite
Broken by 7b700dbcd5907944a7dd2f74cd26ad8586cd4bac
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Stanislav Zidek <szidek@redhat.com>
Date: Thu Feb 11 13:57:27 2021 +0100
interoperability testing with openssl
GitLab CI extended to run 2way interoperability tests with openssl on
Fedora. Also prepared for adding further interoperability tests once
they are in better shape.
Signed-off-by: Stanislav Zidek <szidek@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Aug 4 16:37:51 2022 +0900
_gnutls_decrypt_pbes1_des_md5_data: use public crypto API
This is a follow-up of e7f9267342bc2231149a640163c82b63c86f1dfd. In
the decryption code path with PBES1, algorithm checks for FIPS was not
applied, because it used internal functions that bypass those checks.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Simon Josefsson <jas@josefsson.org>
Date: Sat Jul 30 21:06:42 2022 +0200
Update doc for GNUTLS_CB_TLS_EXPORTER towards RFC9266.
Signed-off-by: Simon Josefsson <simon@josefsson.org>
Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date: Fri Jul 29 10:38:42 2022 +0200
KTLS: hotfix
session->internals.pull_func is set to system_read during gnutls_init()
so check for user set pull/push function added in commit mentioned
bellow will never pass.
source: 2d3cba6bb21acb40141180298f3924c73c7de8f8
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Thu Jul 28 12:49:59 2022 +0200
Release 3.7.7
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jul 26 11:39:57 2022 +0900
socket: only set pull/push functions when --save-*-trace is used
This allows gnutls-cli to use KTLS for the transport, unless either
--save-client-trace or --save-server-trace is used.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jul 26 11:38:41 2022 +0900
handshake: do not enable KTLS if custom pull/push functions are set
If gnutls_transport_set_pull_function or
gnutls_transport_set_push_function is used, we can't assume the
underlying transport handle is an FD.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Fri Jul 22 12:00:11 2022 +0200
Fix double free during gnutls_pkcs7_verify
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jul 27 20:23:26 2022 +0900
guile: revert gnutls/build/tests.scm to use use-modules
This partially reverts e727eb7901a3f1754de970c8529925ae3d591b90. For
some reason, the usage of #:use-module causes some behavioral
difference that affects reauth.scm test.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Mon Jul 25 16:07:54 2022 +0200
Fix memory leak in gnutls_pkcs7_import
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Jul 14 15:19:23 2022 +0900
crypto-api: add block cipher API with automatic padding
This adds a couple of functions gnutls_cipher_encrypt3 and
gnutls_cipher_decrypt3, which add or remove padding as necessary if
the length of the plaintext is not a multiple of the block size.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jul 22 11:54:29 2022 +0900
tests: temporarily disable checking against unresolvable hosts
*.dane.verisignlabs.com and fedoraproject.org are no longer
resolvable.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jul 20 15:00:10 2022 +0900
src: add __attribute__((malloc)) to safe_open_rw
This silences -Wsuggest-attribute=malloc warning with GCC 12. While
we could use ATTRIBUTE_DEALLOC(fclose, 1), it is currently not
possible to use it until Gnulib is updated.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jul 20 14:54:48 2022 +0900
src: add NULL check on return value of realloc used in tests
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Jun 30 21:24:23 2022 +0900
tests: resume-with-previous-stek: initialize session data
Spotted by gcc-analyzer 12.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Jun 30 21:23:31 2022 +0900
tests: add __attribute__((__noreturn__)) to _fail and fail_ignore
To suppress warnings with gcc-analyzer 12.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Jun 30 21:13:53 2022 +0900
crypto-selftests: fix decryption check condition in test_cipher_aead
Spotted by gcc-analyzer 12.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Jun 30 20:57:30 2022 +0900
x509, tpm2: use asn1_node instead of deprecated ASN1_TYPE
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Ludovic Courtès <ludo@gnu.org>
Date: Sun Jul 10 23:41:26 2022 +0200
guile: Allow session record ports to have a 'close' procedure.
This addition makes it easy to close the backing file descriptor or port
of a session when its record port is closed.
* guile/src/core.c (SCM_GNUTLS_SESSION_RECORD_PORT_SESSION): Add SCM_CAR.
(SCM_GNUTLS_SESSION_RECORD_PORT_CLOSE_PROCEDURE)
(SCM_GNUTLS_SET_SESSION_RECORD_PORT_CLOSE)
(SCM_GNUTLS_SESSION_RECORD_PORT_P)
(SCM_VALIDATE_SESSION_RECORD_PORT): New macros.
(make_session_record_port): Change "stream" argument to a pair.
(close_session_record_port): New function.
(scm_gnutls_session_record_port): Add optional 'close' parameter and
honor it.
(scm_gnutls_set_session_record_port_close_x): New function.
(scm_init_gnutls_session_record_port_type): Add call to
'scm_set_port_close' and 'scm_set_port_needs_close_on_gc'.
* guile/tests/session-record-port.scm: Test it.
* NEWS: Update.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Author: Ludovic Courtès <ludo@gnu.org>
Date: Sun Jul 10 17:03:03 2022 +0200
guile: Remove support for the 1.8.x series.
The last Guile 1.8.x release dates back to 2010.
* configure.ac: Remove 1.8 from 'GUILE_PKG'.
* doc/gnutls-guile.texi (Guile Preparations): Remove mention of Guile 1.8.
* guile/src/core.c (mark_session_record_port)
(free_session_record_port): Remove.
(scm_init_gnutls_session_record_port_type): Remove corresponding
'scm_set_port_mark' and 'scm_set_port_free' calls.
* guile/modules/gnutls.in: Remove top-level 'cond-expand' forms for
Guile 1.8.
* guile/modules/gnutls/build/tests.scm: Likewise.
* NEWS: Update.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Author: Ludovic Courtès <ludo@gnu.org>
Date: Sun Jul 10 17:02:17 2022 +0200
maint: Update guile.m4.
* m4/guile.m4: Update from Guile 3.0.7.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Author: Brad Smith <brad@comstyle.com>
Date: Fri Jul 15 22:44:03 2022 -0400
accelerated: aarch64: add OpenBSD/aarch64 support
Signed-off-by: Brad Smith <brad@comstyle.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jun 27 11:14:50 2022 +0900
cipher: limit plaintext length supplied to AES-GCM
According to SP800-38D 5.2.1.1, input data length of AES-GCM
encryption function must be less than or equal to 2^39-256 bits.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Ludovic Courtès <ludo@gnu.org>
Date: Sun Jul 10 18:54:54 2022 +0200
guile: Session record port treats premature termination as EOF.
* guile/src/core.c (do_fill_port) [USING_GUILE_BEFORE_2_2]: Treat
GNUTLS_E_PREMATURE_TERMINATION as EOF.
(read_from_session_record_port) [!USING_GUILE_BEFORE_2_2]: Likewise.
* guile/tests/premature-termination.scm: New file.
* guile/Makefile.am (TESTS): Add it.
* NEWS: Update.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Author: Richard Costa <richard.costa@suse.com>
Date: Sat Jul 9 00:50:21 2022 +0000
Add self-test code inside a FIPS context
Self-test code exercise lots of different FIPS-related code with
side-effects. So, in order to prevent it from losing information when
executing inside another context, we create an appropriated one.
If the self-test fails, then the library is placed in error state, so it
doesn't matter for other contexts.
Signed-off-by: Richard Maciel Costa <richard.costa@suse.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Tue May 10 15:20:45 2022 +0200
Increase the limit of TLS PSK usernames from 128 to 65535 characters
Co-authored-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Apr 1 08:04:57 2022 +0200
fips: make service indicator logging louder
Previously, the only way to monitor the FIPS context transtion was to
increase logging level to debug (2), which produces unrelated output.
This changes the minimum logging level to audit (1) for when the
transition happens.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jun 27 09:29:13 2022 +0900
nettle: restrict output size of HKDF-Expand to 255 * HashLen
RFC 5869 2.3 requires that requested output length of HKDF-Expand to
be equal to or less than 255 times hash output size.
Inspired by the report by Guido Vranken in:
https://lists.gnupg.org/pipermail/gcrypt-devel/2022-June/005328.html
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Tue Jun 28 17:22:36 2022 +0200
tests/fips-test: minor extension
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jun 28 13:46:44 2022 +0900
.gitlab-ci.yml: add fedora-ktls pipeline
This is to ensure that the same testsuite succeeds even if we compile
the library with --enable-ktls and KTLS is enabled with a run-time
configuration.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jun 28 10:53:55 2022 +0900
ktls: _gnutls_ktls_enable: fix GNUTLS_KTLS_SEND calculation
Previously, if the first setsockopt for GNUTLS_KTLS_RECV fails and the
same socket is used for both sending and receiving, GNUTLS_KTLS_SEND
was unconditionally set. This fixes the conditions and also adds more
logging.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jun 28 10:23:33 2022 +0900
handshake: do not reset KTLS enablement in gnutls_handshake
As gnutls_handshake can be repeatedly called upon non-blocking setup,
we shouldn't try to call setsockopt for KTLS upon every call.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jun 28 09:37:22 2022 +0900
tests: enable KTLS config while running gnutls_ktls test
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Gregor Jasny <gjasny@googlemail.com>
Date: Tue Jun 21 11:18:16 2022 +0200
README.md: explicitly install libtasn1-bin
Signed-off-by: Gregor Jasny <gjasny@googlemail.com>
Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date: Tue Jun 14 16:16:11 2022 +0200
KTLS: disable by default enable by config
KTLS will be disabled by default when build with `--enable-ktls` to
enable it, use config file option `ktls = true` in [global] section.
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jun 3 15:43:00 2022 +0900
fips: provide function to manually run FIPS self-tests
FIPS140-3 IG 10.3.E Periodic Self-Testing says:
At security levels 1 and 2, acceptable means for initiating the
periodic self-tests include a provided service, resetting, rebooting
or power cycling.
Neither resetting, rebooting, nor power-cycling is suitable because
those involve operations outside of the module. Therefore this patch
adds a new API to manually run the substance of FIPS140 self-tests.
Suggeested by Richard Costa and Stephan Mueller in:
https://gitlab.com/gnutls/gnutls/-/issues/1364
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Wed May 18 15:38:21 2022 +0200
tests/suite/tls-fuzzer: remove most of the -n limiters...
... since tlsfuzzer now sets reasonable (~<10s/script) limits
for most of the scripts by default
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Wed May 18 13:41:18 2022 +0200
tests/suite/tls-fuzzer: pin current error messages with -X
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun May 29 10:54:48 2022 +0900
build: Revert "Disable test scripts on windows"
This reverts commit d2b99e3b3429e9b9a6fbff46598fd4c6a0910f65.
It turned out that the test failures under mingw were caused by a
regression in wine 7.5, possibly:
https://bugs.winehq.org/show_bug.cgi?id=52743
Now that the latest wine package based on wine 7.9 has no issues with
running those test scripts, this enables them again in the build
process.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Fri May 27 09:17:55 2022 +0200
Release 3.7.6
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Asad Mehmood <asad78611@googlemail.com>
Date: Mon May 23 14:35:46 2022 +0000
libdane: fix typo in Makefile.am
Signed-off-by: Asad Mehmood <asad78611@googlemail.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Fri May 13 14:37:05 2022 +0200
Add release steps for windows builds
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Wed May 18 11:43:26 2022 +0200
Fix out-of-bounds memcpy in gnutls_realloc_zero()
Co-authored-by: Tobias Heider <tobias.heider@canonical.com>
Co-authored-by: Daiki Ueno <ueno@gnu.org>
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Thu May 19 10:27:51 2022 +0200
Disable test scripts on windows
This is a temporary solution to avoid failures
of test scripts when ran on windows
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Thu May 12 10:38:23 2022 +0200
Release 3.7.5
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue May 10 09:52:26 2022 +0200
cligen: update git submodule
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Fri Apr 29 12:28:50 2022 +0200
Improve certificate sanity checks
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date: Mon Mar 28 17:49:22 2022 +0200
Fix psk_ke_modes_recv_params() wrongly setting HSK_PSK_KE_MODE_INVALID
If the preferred side (as per session->internals.priorities->server_precedence)
only supports one algorithm and if it is not the first in the other side's list
of algorithms, then psk_ke_modes_recv_params did wrongly set
session->internals.hsk_flags to HSK_PSK_KE_MODE_INVALID.
Fixes #1303
This issue was originally discovered while analyzing
https://forum.filezilla-project.org/viewtopic.php?t=54333
Signed-off-by: Tim Kosse <tim.kosse@filezilla-project.org>
Co-authored-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat May 7 10:07:01 2022 +0200
tests/cmocka-common.h: include <stdarg.h> before <cmocka.h>
As documented in <https://api.cmocka.org/group__cmocka.html#details>,
<stdarg.h> must be included before <cmocka.h>.
Suggested by Brad Smith in:
https://gitlab.com/gnutls/gnutls/-/issues/1360
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Apr 29 12:01:53 2022 +0200
configure.ac: check if compiler supports -Wa,-march=all
Clang from LLVM 13.0.0 caused a segumentation fault if an unknown
architecture is supplied through -march. While this has been fixed in
13.0.1, until it is widely deployed this adds a configure check as a
safeguard:
https://github.com/llvm/llvm-project/commit/d31f8cc6884ba3cc3e088fd57c4c533868e8a8b2
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Jan 15 11:27:20 2022 +0100
gnutls_aead_cipher_set_key: new function
This adds gnutls_aead_cipher_set_key, which enables to reuse the same
handle but reset the context and key, without releasing the memory.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jan 17 11:48:39 2022 +0100
crypto-api: support AES-SIV with scatter-gather API
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jan 17 11:17:46 2022 +0100
crypto-api: refactor iov_store_st operations
This replaces copy_from_iov to more generic append_from_iov.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jan 17 10:36:44 2022 +0100
crypto-api: split scatter-gather AEAD implementation to helper funcs
These _encryptv, _encryptv2, and _decryptv2 functions take orthogonal
code paths depending on whether the underlying AEAD implementation
supports message based API. This patch split the implementation to
dedicated helper functions.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jan 17 10:07:02 2022 +0100
crypto-api: add integer overflow checks around copying IOV
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Thu May 5 12:10:46 2022 +0200
Extend fipshmac to take a path to libgnutls.so
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed May 4 15:27:16 2022 +0200
.github/workflows/macos.yml: display tests/cert-tests/*.log
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed May 4 15:23:49 2022 +0200
lib/fips.c: suppress -Wdiscarded-qualifiers warning
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed May 4 15:22:16 2022 +0200
.gitignore: ignore tests/tls13/compress-cert*
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed May 4 15:19:17 2022 +0200
tests/cert-tests/pkcs12.sh: use portable sed invocations
The BSD sed doesn't recognize '\|' as the alternative operator, and
the last '}' must be preceded with a newline.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Sep 21 08:07:25 2021 +0200
tls: add flag to disable session ticket in TLS 1.2
The existing GNUTLS_NO_TICKETS flag affects all versions of TLS, where
PFS is assured in TLS 1.3, while it is not in TLS 1.2. This adds a
new flag GNUTLS_NO_TICKETS_TLS12 to allow applications to disable
session tickets only in TLS 1.2.
As the only means of resumption in TLS 1.3 is using session tickets,
we could repurpose the GNUTLS_NO_TICKETS flag make it no-op in TLS
1.3. However it would break backward compatibility, so we defer it to
the next major release.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Nov 28 11:31:30 2021 +0100
session_ticket: avoid invalid free on error path
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Sep 21 11:08:06 2021 +0200
_gnutls_version_max: return NULL if priorities are not populated
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon May 2 07:41:12 2022 +0200
m4: update from autoconf-archive
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Apr 17 10:56:35 2022 +0200
.github/workflows/macos.yml: pull in gtk-doc
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Thu Apr 28 12:17:16 2022 +0200
gnutls-cli, gnutls-serv: print supported channel binding
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Sep 4 07:16:18 2021 +0200
.gitlab-ci.yml: replace valgrind checks with ASan
Running the full test suite under valgrind wastes a lot of time and
may cause intermittent failures due to timeout. We have them mainly
for VALGRIND_MAKE_MEM_UNDEFINED client request, though the ASan tests
now cover the equivalent after
f23c3a6cba43706a6ebb3f9b0018cd658dcc0a72.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Thu Apr 14 11:29:26 2022 +0200
Use packit to automate fedora upstream release
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com>
Date: Sun Apr 24 17:03:18 2022 +0900
Preserve mbuffer type when linearized
Signed-off-by: Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com>
Author: Brian Wickman <bwickman97@outlook.com>
Date: Thu Apr 21 05:52:36 2022 +0000
Fix for #1132
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Apr 11 14:00:16 2022 +0200
.gitignore: ignore files generated by asn1Parser
These files are no longer maintained in the repository, after commit
16061937.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Apr 8 10:23:51 2022 +0200
cligen: update git submodule
This also reverts commit fd0e28a3 and changes how the cligen python
files are included in the distribution.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Tue Apr 12 16:34:52 2022 +0200
Small fips-test refactoring
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Mon Apr 11 16:04:38 2022 +0200
Add zeroization of some critical security parameters
to comply with FIPS-140-3 requirements
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sun Apr 10 13:22:22 2022 +0200
Document C++ soname bump in NEWS.
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Andreas Metzler <ametzler@debian.org>
Date: Wed Mar 30 18:26:36 2022 +0200
Add missing gtk-doc for GNUTLS_COMP_BROTLI/ZSTD.
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Andreas Metzler <ametzler@debian.org>
Date: Wed Mar 30 18:18:12 2022 +0200
Add missing copyright header
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Tue Apr 5 16:28:41 2022 +0200
Add missing FIPS service indicator transitions
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Wed Apr 6 15:33:32 2022 +0200
Remove 3DES from FIPS approved algorithms.
According to the section 2 of SP800-131A Rev.2, 3DES algorithm
will be disallowed for encryption after December 31, 2023:
https://csrc.nist.gov/publications/detail/sp/800-131a/rev-2/final
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Fri Apr 1 12:34:12 2022 +0200
Mark HKDF and AES-GCM as approved when used in TLS
Co-authored-by: Pedro Monreal <pmgdeb@gmail.com>
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Mar 31 15:50:51 2022 +0200
bootstrap.conf: use install-sh to copy cligen files
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Mar 19 10:01:09 2022 +0100
lib/{gnutls,pkix}_asn1_tab.c: remove autogenerated files
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Mar 19 10:00:08 2022 +0100
devel/README-ci.freebsd.md: stop mentioning autogen
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Mar 19 09:59:58 2022 +0100
.github/workflows/macos.yml: stop installing autogen
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Mar 19 09:53:54 2022 +0100
configure.ac: always assume GTK_DOC_CHECK macro
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Mar 31 14:28:32 2022 +0200
fips: simplify library integrity checking
This removes code duplication by grouping the path and hmac fields in
hmac_file structure.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Thu Mar 31 10:13:06 2022 +0200
Increase length limit of PKCS#12 passwords
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date: Fri Mar 25 11:31:05 2022 +0100
ktls config documentation
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
Author: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Date: Thu Mar 31 08:57:07 2022 +1100
Fix off-by one exit condition in pkcs#11 priv keys lookup
In function find_privkeys(), the list-> array is allocated to be of size
lists->key_ids_size. "current" is the index where the next found key will
be written (starts at 0).
The current exit condition is thus incorrect:
if (current > list->key_ids_size)
break;
This will allow "current" to be equal to list->key_ids_size which will
potentially cause an overflow if more keys are returned by the loop than
was originally found when calculating that size.
This is very unlikely, but incorrect nonetheless.
Fix this by using the more classic construct of testing for the array bound
in the loop exit condition, as suggested by Daiki Ueno.
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Author: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Date: Mon Mar 21 13:45:11 2022 +1100
Fix matching of last key of a pkcs#11 token
Retrieving the cert for the last key of a token fails due to an
off-by-one bug in find_privkeys():
In the loop that iterates the keys, "current" contains the index
of the "next" key slot, which is also the active "count" of populated
slots in the output struct find_pkey_list_st.
The current statement:
list->key_ids_size = current - 1;
Means we return a "key_ids_size" of the current count minus one, ie 0
for 1 key etc... However, this isn't what the callers expect, for example:
find_multi_objs_cb() does:
ret = find_privkeys(sinfo, tinfo, &plist);
if (ret < 0) {
gnutls_assert();
return ret;
}
if (plist.key_ids_size == 0) {
gnutls_assert();
return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
}
So a slot with a single key will fail when trying to find a certificate
Subsequent uses of "plist" in that function also show that it's expected
to contain the real slot count:
for (i = 0; i < plist.key_ids_size; i++) {
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Wed Mar 23 16:55:51 2022 +0100
Consolidate FIPS .hmac files
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date: Fri Mar 18 11:37:10 2022 +0100
system config disable KTLS
Added option for system config `ktls = false` to disable ktls
system-wide
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
Author: Pedro Monreal <pmgdeb@gmail.com>
Date: Tue Mar 22 13:01:53 2022 +0100
lib/crypto-selftests.c: Add a selftest for PBKDF2 that complies with FIPS 140-3.
Signed-off-by: Pedro Monreal <pmgdeb@gmail.com>
Author: Tobias Heider <tobias.heider@canonical.com>
Date: Mon Mar 14 16:17:28 2022 +0100
Use custom allocators for GMP to make sure temporary secrets
from cryptographic operations in nettle are deleted safely.
Signed-off-by: Tobias Heider <tobias.heider@canonical.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Mar 18 08:10:12 2022 +0100
devel/release-steps.md: expand steps to generate tarball [ci-skip]
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Mar 18 07:54:06 2022 +0100
NEWS: mention couple more changes in 3.7.4 release [ci-skip]
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Sam James <sam@gentoo.org>
Date: Fri Mar 18 05:51:29 2022 +0000
configure.ac: fix zstd detection
Fixes typo in zstd detection.
None of the used autoconf macros will define `has_zstd_h` so
configure will (AFAICT) always fail to find zstd, even if it succeeded
via pkg-config moments before.
Drop it and rely solely on pkg-config as that's the only search
we're actually doing.
Fixes: https://gitlab.com/gnutls/gnutls/-/issues/1343
Signed-off-by: Sam James <sam@gentoo.org>
Author: Sam James <sam@gentoo.org>
Date: Fri Mar 18 05:40:28 2022 +0000
configure.ac: fix brotli/zstd configure argument name
The old `./configure` arguments for brotli and zstd respectively
were inconsistent with the `./configure --help` output.
Old: --without-libbrotli --without-libzstd (also --with-*)
New: --without-brotli --without-zstd (also --with-*)
Fixes: https://gitlab.com/gnutls/gnutls/-/issues/1342
Signed-off-by: Sam James <sam@gentoo.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Mar 16 11:19:29 2022 +0100
cligen: update git submodule
To avoid emitting empty "list" substruct in header files, as well as
assuming the Python pwd module is always available.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Wed Mar 16 15:42:40 2022 +0100
Release 3.7.4
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Tue Mar 8 18:01:37 2022 +0100
Make gnutls compliant to RFC5280
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Mar 14 16:03:07 2022 +0100
cli, serv: allow multiple --compress-cert options
This eliminates the need of parsing the comma separated list manually.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Tobias Heider <tobias.heider@canonical.com>
Date: Sun Mar 13 23:58:42 2022 +0100
Handle all cases of calloc returning NULL.
Signed-off-by: Tobias Heider <tobias.heider@canonical.com>
Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date: Fri Mar 11 18:22:18 2022 +0100
Fix global-ini-handler
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Feb 10 15:58:08 2022 +0100
Make option specification type-safe
This switches the CLI code and documentation generation to the
external cligen module, which provides more type-safe specification.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Tobias Heider <tobias.heider@canonical.com>
Date: Wed Mar 9 01:18:20 2022 +0100
fips: use GNUTLS_FIPS140_STRICT instead of magic number.
Signed-off-by: Tobias Heider <tobias.heider@canonical.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Mar 9 08:07:58 2022 +0100
locks: define lock functions as a macro
When threads are not supported, glthread_* functions are defined as
no-op and thus dereferencing lock variables in inline functions will
cause compilation error. This change fixes it by redefining our lock
functions as a macro so it will also be compiled out.
Reported by Fabrice Fontaine in:
https://gitlab.com/gnutls/gnutls/-/issues/1330
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Mar 9 07:25:01 2022 +0100
.gitlab-ci.yml: prolong timeout for slow CI jobs
Suggested by Marvin Scholz in:
https://gitlab.com/gnutls/gnutls/-/merge_requests/1543#note_859825412
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Feb 23 19:48:52 2022 +0100
tpm2: dynamically load tss2 libraries as needed
libtss2-esys links to OpenSSL or mbed TLS for cryptography, which may
cause packaging issues. This instead dlopen's tss2 libraries as
needed so non-TPM applications continue working without loading
multiple crypto libraries.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Wed Jan 12 14:57:42 2022 +0100
Add compress_certificate extension (RFC8879)
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Craig Gallek <cgallek@gmail.com>
Date: Sun Feb 27 10:39:07 2022 -0500
x509: fix return error code for failed decryption without key
Decrypting an encrypted private key previously returned
GNUTLS_E_DECRYPTION_FAILED when no password was supplied. This changed when
decryption via pin callbacks was added in d31b89de.
That change should have included a check for callback existence in order to
preserve the error path of the no-password case.
This adds the check and a test for the previous behavior.
Resolves bug #1321
Signed-off-by: Craig Gallek <cgallek@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Feb 24 09:55:01 2022 +0100
gnutls_record_send_file: make it work with non-blocking I/O
When either read() or gnutls_record_send() returns EAGAIN, just return
to the caller so it can call this function again, instead of retrying
internally.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Marvin Scholz <epirat07@gmail.com>
Date: Wed Feb 23 19:03:51 2022 +0100
configure.ac: add missing Libs.private for macOS
On macOS the CoreFoundation and Security frameworks are used by
GnuTLS, however those were missing in the Libs.private in the .pc
resulting in link failures with static builds when relying on the
output of pkg-config --static.
Signed-off-by: Marvin Scholz <epirat07@gmail.com>
Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date: Wed Feb 16 11:25:11 2022 +0100
non-KTLS sendfile test
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date: Wed Feb 16 11:23:36 2022 +0100
non-KTLS sendfile
Added: sendfile API functionality for non KTLS enabled builds.
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Feb 22 17:09:46 2022 +0100
algorithms: ensure _list() exclude non-existing algorithms
This aligns the behavior of _list() function for sign/pk to the one
for cipher/mac: the former previously returned all the algorithms
defined, while the latter returns only algorithms compiled in.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Feb 22 17:25:26 2022 +0100
Revert "algorithms: compile out GOST algorithm IDs if they are disabled"
This reverts commit aa94bcbdaa55899f4f4ae13dc3e9a8c559354676.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date: Wed Feb 16 11:22:47 2022 +0100
auto-generated files update
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date: Tue Nov 16 12:05:53 2021 +0100
ktls: sendfile
added API function: gnutls_record_send_file().
added: _gnutls_ktls_send_file() function which increases the performance
by offloading the file encryption to kernel, thus the data never goes
to userspace.
updated tests/gnutls_ktls to cover new API
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Feb 21 16:36:32 2022 +0100
algorithms: compile out GOST algorithm IDs if they are disabled
When compiled with --disable-gost, gnutls-cli --list still prints GOST
algorithms for public key systems and signatures. This change adds
compile time checks to suppress them.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Mon Feb 21 18:19:25 2022 +0100
lib/algorithms: add UB warnings on late allowlisting API invocations
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Mon Feb 14 13:48:37 2022 +0100
lib/priority: defer setting system-wide priority string
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Mon Feb 14 12:44:57 2022 +0100
lib/priority: split up update_system_wide_priority_string
This is done in preparation for deferring priority string evaluation.
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Feb 21 16:28:49 2022 +0100
priority: compile out GOST algorithms IDs if they are disabled
When compiled with --disable-gost, gnutls-cli --priority NORMAL --list
still prints GOST algorithms for ciphers, MACs, and signatures. This
change adds compile time checks to suppress them.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Fri Feb 18 11:05:15 2022 +0100
bump GNUTLS_MAX_ALGORITHM_NUM / MAX_ALGOS
Fedora 36 LEGACY crypto-policy uses allowlisting format
and is long enough to blow past the 64 priority string
elements mark, causing, effectively, priority string truncation.
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Dimitris Apostolou <dimitris.apostolou@icloud.com>
Date: Thu Feb 17 17:35:59 2022 +0200
Fix typos
Signed-off-by: Dimitris Apostolou <dimitris.apostolou@icloud.com>
Author: Zoltan Fridrich <zfridric@redhat.com>
Date: Thu Feb 17 11:46:29 2022 +0100
Disable some tests in fips mode
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Feb 10 17:35:13 2022 +0100
_gnutls_pkcs_raw_{decrypt,encrypt}_data: use public crypto API
These functions previously used the internal crypto
API (_gnutls_cipher_*) which does not have algorithm checks for FIPS.
This change switches the code to use the public crypto
API (gnutls_cipher_*) to trigger proper state transitions under FIPS
mode.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Feb 10 16:43:08 2022 +0100
pkcs12: mark MAC generation and verification as FIPS non-approved
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Feb 15 17:38:20 2022 +0100
gnutls_transport_is_ktls_enabled: fix return value of stub
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jan 12 10:37:53 2022 +0100
gnutls_ciphersuite_get: new function to get unique ciphersuite name
The existing method to obtain the name of the currently negotiated TLS
ciphersuite is as follows:
- call gnutls_cipher_get, gnutls_mac_get, gnutls_kx_get
- call gnutls_cipher_suite_get_name with the value from the above functions
This process is cumbersome and only works with TLS 1.2 or earlier;
moreover the returned names are GnuTLS specific.
This change adds a new function gnutls_ciphersuite_get to eliminate
those limitations. It returns the "canonical" name of the
ciphersuite, which is mostly identical to the ones registered in IANA,
with an exception for compatibility.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Dec 20 09:28:10 2021 +0100
tls-fuzzer: prolong timeout for FFDHE tests
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Nov 26 20:03:15 2021 +0100
.gitlab-ci.yml: prolong timeout for fedora-nettle-minigmp/test
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Nov 26 09:37:58 2021 +0100
.gitlab-ci.yml: fix nettle installation path
.fedora-nettle/build clones the nettle into "nettle-git" and
temporarily change the working directory while buidling it. After
moving back to the original working directory, the installation path
should be prefixed with "${PWD}/nettle-git/".
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Feb 1 15:19:52 2022 +0100
certtool --generate-privkey: update warnings on RSA key sizes
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Jan 27 18:17:43 2022 +0100
rsa_generate_fips186_4_keypair: accept a few more modulus sizes
While _rsa_generate_fips186_4_keypair was modified to accept modulus
sizes other than 2048 and 3076, rsa_generate_fips186_4_keypair, which
calls that function, was not updated to accept such modulus sizes.
Spotted by Alexander Sosedkin.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jan 7 11:24:36 2022 +0100
.gitlab-ci.yml: update Fedora images to Fedora 35
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Seppo Yli-Olli <seppo.yliolli@gmail.com>
Date: Mon Jan 31 18:32:28 2022 +0200
Bump libgnutlsxx soname due to ABI break
db_check_entry and db_check_entry now have const parameters
Signed-off-by: Seppo Yli-Olli <seppo.yliolli@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jan 28 07:49:42 2022 +0100
configure.ac: make --with-tpm and --with-tpm2 independent
These features are not mutually exclusive, so it doesn't make sense to
disable the TPM 1.2 support with TPM 2.0 support.
Reported by Jan Palus in:
https://gitlab.com/gnutls/gnutls/-/issues/1313
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jan 28 12:50:56 2022 +0100
gen-getopt.py: avoid struct member name clash with C keywords
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jan 28 07:55:25 2022 +0100
tests: tcp_connect: avoid resource leak on error path
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jan 28 08:48:47 2022 +0100
README.md: fix versions in build status and add 3.6.x
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Jan Palus <jpalus@fastmail.com>
Date: Fri Jan 28 11:07:02 2022 +0100
ktls: fix _gnutls_ktls_send_control_msg return value
always returned 0 on success while contract mandates to return number of
bytes sent
Fixes #1314
Signed-off-by: Jan Palus <jpalus@fastmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jan 28 06:35:45 2022 +0100
release-steps: fix markup
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date: Thu Jan 27 13:54:21 2022 +0100
KTLS: hotfix
fixed: keys will be set only when both sockets were enabled for ktls
fixed: session->internals.ktls_enabled left uninitialized for non
ktls-enabled build
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Wed Jan 26 16:25:01 2022 +0100
lib/accelerated: use unlikely on buffer length checks more consistently
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Wed Jan 26 16:15:36 2022 +0100
lib/accelerated: rearranged several size checks to avoid overflow
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Tue Jan 25 12:32:59 2022 +0100
tests/scripts/common: fix skipping over x86-specific tests
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Tue Jan 25 13:37:55 2022 +0100
tests/slow/test-hash-large: output GNUTLS_CPUID_OVERRIDE hints
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Tue Jan 25 13:46:46 2022 +0100
tests/slow/cipher-api-test: add happy paths, specific error checks etc
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Tue Jan 25 13:36:19 2022 +0100
lib/accelerated: report GNUTLS_E_SHORT_MEMORY_BUFFER in many places
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Mon Jan 24 17:37:24 2022 +0100
.gitlab-ci.yml: enable hardware acceleration in UB+ASAN jobs
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Mon Jan 24 17:34:35 2022 +0100
tests/slow/cipher-api-test: actually test for short buffer...
... avoiding the case when different failures mask the intended one
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Mon Jan 24 17:33:48 2022 +0100
lib/accelerated/x86/aes-gcm-x86-pclmul-avx: add short buffer checks
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sun Jan 23 13:40:17 2022 +0100
testsuite: Fix endless loop on /bin/sh without $RANDOM
Closes #1315
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sun Jan 23 07:52:21 2022 +0100
testsuite: Fix missed instances of &> redirection
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Andreas Metzler <ametzler@debian.org>
Date: Fri Jan 21 18:25:52 2022 +0100
Avoid &> redirection bashism in testsuite
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jan 17 16:48:10 2022 +0100
Release 3.7.3
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jan 18 06:43:07 2022 +0100
tests: privkey-keygen: fix memory leak
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Oct 30 08:56:07 2021 +0200
x509: fix thread-safety in gnutls_x509_trust_list_verify_crt2
This function previously used gnutls_x509_trust_list_get_issuer
without GNUTLS_TL_GET_COPY flag, which is required when the function
is called from multi-threaded application and PKCS #11 trust store is
in use.
Reported and the change suggested by Remi Gacogne in:
https://gitlab.com/gnutls/gnutls/-/issues/1277
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Jan 16 07:57:02 2022 +0100
cli: add --list-config option
With this option gnutls-cli prints the build-time configuration of the
library, retrieved through gnutls_get_library_config.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jan 11 07:36:27 2022 +0100
fips: add build option to embed FIPS module info in library config
This adds a couple of configure options, --with-fips140-module-name
and --with-fips140-module-version, which packagers can use to embed
FIPS module information in the library.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jan 11 07:34:59 2022 +0100
global: add API to retrieve library configuration at run time
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Jan 16 12:17:39 2022 +0100
configure.ac: emit feature summary as C macro
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Jan 16 16:19:53 2022 +0100
tests: suppress GCC -fanalyzer warnings
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Jan 16 16:00:10 2022 +0100
.gitignore: ignore more files
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Jan 16 15:59:01 2022 +0100
src: avoid overriding noinst_PROGRAMS
In src, we now have two helper programs: systemkey and dumpcfg.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Jan 13 14:30:02 2022 +0100
build: hide maintainer tool invocation behind AM_V_GEN
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Thu Jan 13 14:35:07 2022 +0100
tests: use more aliases in tests for better alias testing coverage
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jan 7 10:02:32 2022 +0100
.gitlab-ci.yml: run static analyzers on Python files
This runs a couple of code analysis on the Python scripts added to
remove AutoGen dependency.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jan 7 09:58:11 2022 +0100
.gitlab-ci.yml: bump cache key for python3 detection
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jan 5 08:09:36 2022 +0100
README.md: mention Python as requirement instead of AutoGen
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jan 5 07:39:10 2022 +0100
src: remove AutoGen .def files
As neither the tools nor documentation depends on AutoGen, we don't
need to include the AutoGen definition files.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jan 5 07:24:03 2022 +0100
doc: generate man-pages from JSON
This replaces man-pages generation previously provided by the autogen
-Tagman.tpl command with a Python script (gen-cmd-man.py).
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jan 4 09:06:21 2022 +0100
doc: generate texinfo files from JSON
This replaces texinfo generation previously provided by the autogen
-Tagtexi.tpl command with a Python script (gen-cmd-texi.py).
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jan 3 11:02:43 2022 +0100
src: remove included copy of libopts
As no tools link with libopts anymore, we don't need to include it in
the distribution.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jan 3 10:30:34 2022 +0100
src: replace autoopts/libopts with minimal config parser
This replaces configuration file parsing code previously provided by
<autoopts/options.h>, with a minimal compatible implementation.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Dec 31 18:13:58 2021 +0100
src: generate option handling code from JSON
This replaces AutoGen based command-line parser with a Python
script (gen-getopt.py), which takes JSON description as the input.
The included JSON files were converted one-off using the parse-autogen
program: https://gitlab.com/dueno/parse-autogen.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jan 4 15:18:26 2022 +0100
python: add library for handling JSON-based option description
This adds the jsonopts Python module used by the command-line parser
generator and documentation generators in the following commits. This
also bumps the required Python interpreter version to 3.6.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Co-authored-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Jan 13 09:36:52 2022 +0100
pkcs12: use the correct MAC algorithm for GOST key generation
According to the latest TC-26 requirements, the MAC algorithm used for
PBKDF2 should always be HMAC_GOSTR3411_2012_512.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jan 12 08:15:24 2022 +0100
tests: simple: check if the digest algorithm is compiled in
When the library is built with --disable-gost, gnutls_digest_get_id
returns GNUTLS_DIG_UNKNOWN for GOST algorithms.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jan 11 14:07:56 2022 +0100
x509: fix potential wrong usage of memcpy
Spotted by GCC analyzer:
common.c:552:17: warning: use of NULL 'out.data' where non-null expected [CWE-476] [-Wanalyzer-null-argument]
552 | memcpy(output_data, out.data, (size_t) out.size);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Jan 9 08:34:52 2022 +0100
cert-auth: suppress false-positive warnings with GCC analyzer
When compiled with gcc -fanalyzer, it reports:
cert.c: In function '_gnutls_pcert_to_auth_info':
cert.c:85:17: error: dereference of NULL 'info' [CWE-476] [-Werror=analyzer-null-dereference]
85 | if (info->raw_certificate_list != NULL) {
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jan 7 17:48:22 2022 +0100
gnutls_pkcs12_generate_mac: use SHA256 by default
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Dec 20 16:16:23 2021 +0100
.gitlab-ci.yml: reduce PKCS#12 iteration count while testing
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Dec 21 15:02:45 2021 +0100
tests: check algorithms for generating PKCS#12 file
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Dec 26 17:40:42 2021 +0100
cipher-api-test: mention why it is written using fork
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Nov 23 15:23:34 2021 +0100
fips: plumb service indicator to symmetric key crypto operations
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Co-authored-by: Pedro Monreal <pmonrealgonzalez@suse.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Aug 31 13:29:45 2021 +0200
fips: plumb service indicator to public key crypto operations
This installs service indicator state transitions in certain public
key operations in gnutls_crypto_pk_st, namely:
* fallible operations
- encrypt
- sign
- generate_keys
- derive
* infallible operations
- decrypt, decrypt2
- verify
other operations, such as generate_params, are not considered as
crypto operation. Note that fallible operations above mean that those
return value could indicate error, while infallible operations do not
have distinction between errors and failures: decrypt/verify failures
are treated as a successful completion of the operation.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Co-authored-by: Pedro Monreal <pmonrealgonzalez@suse.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Dec 21 15:17:55 2021 +0100
_gnutls_pkcs_generate_key: use HMAC-SHA256 for PBKDF2
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Dec 20 16:34:30 2021 +0100
pkcs12: determine iteration count for MAC at build time
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Dec 20 16:13:06 2021 +0100
pkcs7: determine iteration count for PBKDF2 at build time
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Dec 20 15:56:24 2021 +0100
certtool: --to-p12: use modern algorithms by default
Currently certtool uses PKCS12-3DES-SHA1 for encrypting keys in
PKCS#12, while it is suggested to migrate to more modern algorithms,
namely AES-128-CBC with PBKDF2 and SHA-256:
https://bugzilla.redhat.com/show_bug.cgi?id=1759982
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jul 23 10:31:08 2021 +0200
fips: add functions to inspect thread-local FIPS operation state
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Andreas Metzler <ametzler@debian.org>
Date: Thu Jan 6 07:17:01 2022 +0100
Drop unquoted angle brackets in gtk-doc comment.
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Andreas Metzler <ametzler@debian.org>
Date: Thu Jan 6 07:15:31 2022 +0100
Fix gtk-doc build, use http URI in sgml master.
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Sat Jan 1 21:12:51 2022 +0200
p11tool: add --mark-always-authenticate option
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Sun Jan 2 19:31:33 2022 +0200
doc: updated copyrights for 2022
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Nov 18 19:02:03 2021 +0100
accelerated: fix CPU feature detection for Intel CPUs
This fixes read_cpuid_vals to correctly read the CPUID quadruple, as
well as to set the bit the ustream CRYPTOGAMS uses to identify Intel
CPUs.
Suggested by Rafael Gieschke in:
https://gitlab.com/gnutls/gnutls/-/issues/1282
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Dec 22 17:00:03 2021 +0100
padlock: reset _gnutls_x86_cpuid_s only after padlock check succeeds
Otherwise it clears _gnutls_x86_cpuid_s which may already hold valid
CPUID detected for Intel and AMD CPUs.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Dec 22 09:12:25 2021 +0100
wrap_nettle_hash_fast: avoid calling _update with zero-length input
As Nettle's hash update functions internally call memcpy, providing
zero-length input may cause undefined behavior.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Dec 22 08:22:04 2021 +0100
gnutls_{hash,hmac}_copy: mention the functions do not always work
It is known that some built-in accelerated implementation, such as
AF_ALG, does not support copying hash/hmac contexts. This expands the
documentation to suggest checking the return value of those functions.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Mon Dec 20 17:47:36 2021 +0100
tests: extend system-override-curves-allowlist with key generation
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Mon Dec 20 16:50:59 2021 +0100
tests: tweak system-override-curves-allowlist insignificantly
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Fri Dec 17 18:49:27 2021 +0100
README: document tpm2-tss-engine test dependency
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Thu Dec 16 12:46:38 2021 +0100
use sha384_digest in lib/accelerated/aarch64/sha-aarch64.c sha384
Mirrors https://gitlab.com/gnutls/gnutls/-/merge_requests/1466
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date: Thu Dec 2 16:35:31 2021 +0100
ktls: flags
ktls enum flags API
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date: Fri Oct 15 15:00:17 2021 +0200
KTLS: API
ktls is enabled by default, we can check if inicialization was
succesfull with gnutls_transport_is_ktls_enabled
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Dec 9 11:22:14 2021 +0100
.gitignore: ignore tests/x509cert-ct
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Dec 9 11:03:50 2021 +0100
X509 CT: defer filling in the length field
This eliminates the need of precalculating the payload size, to make
it easier to adapt to new format.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Fri Dec 10 13:47:21 2021 +0100
tests: fix out of tree builds with ASAN
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Thu Nov 11 14:05:40 2021 +0100
tests: add protocol-set-allowlist
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Thu Nov 11 14:04:54 2021 +0100
tests: add tcp_connect to utils
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Dec 9 10:48:58 2021 +0100
X509 CT: use size_t for array index instead of unsigned
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Ander Juaristi <a@juaristi.eus>
Date: Fri Nov 26 18:20:44 2021 +0100
Update symbols
Signed-off-by: Ander Juaristi <a@juaristi.eus>
Author: Ander Juaristi <a@juaristi.eus>
Date: Wed Nov 17 19:28:50 2021 +0100
devel: Suppress new API functions
Signed-off-by: Ander Juaristi <a@juaristi.eus>
Author: Ander Juaristi <a@juaristi.eus>
Date: Sat Nov 28 19:04:35 2020 +0100
x509 CT: Add tests
Signed-off-by: Ander Juaristi <a@juaristi.eus>
Author: Ander Juaristi <a@juaristi.eus>
Date: Mon Nov 15 20:03:12 2021 +0100
x509 CT: implement new public API
This commit implements import and export functions for the X.509
Certificate Transparency Signed Certificate Timestamp (SCT) extension
(RFC 6962).
A new constant GNUTLS_X509EXT_OID_CT_SCT is introduced
with the value "1.3.6.1.4.1.11129.2.4.2".
The following new public API functions are introduced:
- gnutls_x509_ext_ct_scts_init
- gnutls_x509_ext_ct_scts_deinit
- gnutls_x509_ext_ct_import_scts
- gnutls_x509_ext_ct_export_scts
- gnutls_x509_ct_sct_get_version
- gnutls_x509_ct_sct_get
Signed-off-by: Ander Juaristi <a@juaristi.eus>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Nov 30 14:33:33 2021 +0100
devel/libgnutls.abignore: ignore drbg_aes_* functions
These functions are only defined when compiled with
--enable-fips140-mode.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu May 6 12:41:40 2021 +0200
priority: support allowlisting in configuration file
This adds a new mode of interpreting the [overrides] section. If
"override-mode" is set to "allowlisting" in the [global] section, all
the algorithms (hashes, signature algorithms, curves, and versions)
are initially marked as insecure/disabled. Then the user can enable
them by specifying allowlisting keywords such as "secure-hash" in the
[overrides] section.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Co-authored-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Nov 27 16:48:51 2021 +0100
CONTRIBUTING.md: clarify how to introduce new API
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Nov 27 16:39:41 2021 +0100
release-steps: "make abi-dump-latest" at release time
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Nov 27 16:36:17 2021 +0100
build: stop running abi-dump-latest at "make files-update"
The procedure of registering ABI updates has changed in
bd3c78b9d10937adb1855b85bca1864972a1c986.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Nov 24 18:44:13 2021 +0100
build: update to use the latest valgrind-tests module from Gnulib
This adjust the existing valgrind invocations in the test suite with:
https://www.gnu.org/software/gnulib/manual/html_node/Valgrind-options.html
- make --suppressions option to per directory, using AM_VALGRINDFLAGS
- use LOG_VALGRIND for LOG_COMPILER
- quote '$(LOG_VALGRIND)' in TESTS_ENVIRONMENT
- move gl_VALGRIND_TESTS_DEFAULT_NO call before gl_INIT
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Evgeny Grin <k2k@narod.ru>
Date: Fri Nov 26 14:08:22 2021 +0300
sockets: fixed compiler warning on Windows x32
Signed-off-by: Evgeny Grin <k2k@narod.ru>
Author: Evgeny Grin <k2k@narod.ru>
Date: Fri Nov 26 13:50:52 2021 +0300
sockets: fixed building for Windows with compilers without VLA support
Signed-off-by: Evgeny Grin <k2k@narod.ru>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed May 5 16:27:55 2021 +0200
priority: refactor config file parsing
This adds the following refactoring:
- avoid side-effects during parsing the config file, by separating
application phase; the parsed configuration can be applied globally
with cfg_apply, after validation
- make _gnutls_*_mark_{disabled,insecure} take an ID instead of the
name
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Nov 16 18:46:41 2021 +0100
locks: deprecate gnutls_global_set_mutex
As the library now uses static mutexes, rwlocks, and onces, it doesn't
make much sense to only replace dynamic mutex usage.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Nov 14 14:57:15 2021 +0100
locks: use once execution for on-demand initialization of globals
This makes sure that the global variables are initialized only once.
Most of those variables are initialized at ELF constructor, though a
couple of occasions they are initialized on-demand: the global keylog
file pointer and TPM2 TCTI context. To properly protect the
initialization this patch uses gl_once provided by Gnulib.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Nov 14 16:39:29 2021 +0100
locks: rework rwlock primitives
Remove GNUTLS_STATIC_RWLOCK_*LOCK macros and respect return values of
rwlock primitives.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Nov 16 18:20:24 2021 +0100
pkcs11: switch to using static mutex
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Nov 16 18:00:12 2021 +0100
verify-tofu: switch to using static mutex for locking
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Nov 14 14:04:59 2021 +0100
locks: replace custom mutex wrappers with "glthread/lock.h"
As Gnulib provides portability wrappers of mutex implementations, we
don't need to provide similar wrappers by ourselves.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 22 14:52:10 2019 +0100
Port openconnect TPM2 code
This introduces transparent loading of TPM2 keys which are in PEM
form by gnutls_privkey_import_x509_raw() and higher level functions
which wrap it.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Co-authored-by: David Woodhouse <dwmw2@infradead.org>
Co-authored-by: Daiki Ueno <ueno@gnu.org>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Mon Nov 8 19:07:28 2021 +0100
tests: set $abs_top_builddir in more places
`$abs_top_builddir` has been used all across tests' subdirectories
(through tests/scripts/common.sh)
but has only been defined for tests/suite/ ones.
Defining it in other Makefiles where `top_builddir` is being passed.
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Oct 30 17:17:47 2021 +0200
priority: rework config reloading logic and locking
The previous reloading logic relied on the existence of [priority]
section (in the initial loading) as an indicator whether the file is
loaded. This didn't work well in the following cases:
- when the section didn't exist initially and then is added later
- when the section existed initially and then is removed later
To handle these cases, this change adds a new flag
system_priority_file_loaded which can be used together with the mtime
check.
This also adds an rwlock to protect global configuration.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Nov 1 16:46:50 2021 +0100
Revert "priority: fix potential race in reloading system-wide config"
This reverts commit 890c6937a3cfb4a0704bc815324221ec4cb89840.
Considering the entire logic around reloading the config file, the fix
was suboptimal.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Oct 28 18:55:26 2021 +0200
priority: fix potential race in reloading system-wide config
_gnutls_update_system_priorities is called from gnutls_priority_set*
functions every time when the SYSTEM keyword is used and updates a
global variable system_wide_priority_strings if the configuration
changes. Although the critical path is protected with mtime check, it
should also hold a lock to avoid occasional race condition in
multi-thread programs. This also clears
system_wide_priority_strings_init upon unloading and before reloading
the config file (thanks to Alexander Sosedkin).
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Thu Oct 21 12:46:56 2021 +0200
.gitlab-ci.yml: add caching to cppcheck
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Oct 26 07:50:16 2021 +0200
devel: update release procedure taking into account of abi-dump
As the *.abi files have been moved into a separate repository, we need
an extra step to update the repository for new release.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Wed Oct 20 17:49:56 2021 +0200
NEWS: add a notice of insecure-hash filtering ciphersuites on PRF
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Wed Oct 20 14:37:07 2021 +0200
tests: add system-override-hash-influences-prf
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Wed Oct 20 14:36:44 2021 +0200
priority: filter out ciphersuites with prf blocked by insecure-hash
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Wed Oct 20 14:34:58 2021 +0200
priority: refactor ciphersuite filtering
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date: Fri May 14 15:56:06 2021 +0200
ktls: basic implementation of SW mode
ktls enables us to offload encryption/decryption to the kernel
prerequisites:
- configured with `--enable-ktls`
- tls module `modprobe tls` check with 'lsmod | grep tls'
- per connection:
gnutls_transport_set_int{2} must be set
When prerequisities are met then ktls is used by default.
If GnuTLS encounters a error during KTLS initialization, it will
not use ktls and fallback to userspace.
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Oct 18 16:27:46 2021 +0200
devel: make use of abidw --drop-private-types
This will produce more compact abixml output.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Oct 18 11:49:46 2021 +0200
devel: move .abi files into a separate repository
Changes to the .abi files are a bit too noisy to track in the main
repository. This moves the files out of this repository and embed it
as a git submodule.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Steve Lhomme <robux4@ycbcr.xyz>
Date: Thu Sep 23 09:03:50 2021 +0200
fix mingw64 detection
__MINGW64__ is only defined for 64 bits builds of mingw64 [1].
The intended test what to only use the CertEnumCRLsInStoreFunc via LoadLibrary
for some ancient mingw32 build and never for mingw64.
__MINGW64_VERSION_MAJOR is a proper define to identify mingw64 against mingw32.
[1] https://sourceforge.net/p/predef/wiki/Compilers/
Co-authored-by: Johannes Kauffmann <johanneskauffmann@hotmail.com>
Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Sep 17 11:03:25 2021 +0200
wrap_nettle_hash_exists: add missing hash algorithms
This adds SHAKE-128, SHAKE-256, and RIPEMD-160 to the supported
algorithms by nettle. While SHAKEs are not a hash algorithm but an
XOF, it would be consistent to report they are implemented.
The simple test is expanded to exercise the code
path (gnutls_digest_get_id → wrap_nettle_hash_exists).
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Sep 18 07:18:59 2021 +0200
fuzz: explicitly supply LDFLAGS to clang++ command line
This prevented fuzzer programs being linked in Ubuntu 20.03, used in
oss-fuzz.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Fri Sep 17 16:37:24 2021 -0400
lib/x509: Avoid memcpy when string is empty
This fixes an ASAN warning in fuzz/gnutls_private_key_parser_fuzzer
when run against the malformed private key
fuzz/gnutls_private_key_parser_fuzzer.in/10a5c92fa30ddb6cbb4286d7699b2b7a7e032b17
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Wed Aug 11 17:31:40 2021 -0400
NEWS: added news about certtool handling x448 and x25519
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Wed Aug 11 15:59:21 2021 -0400
tests: add test for generating x25519 and x448 certificates
These certs should work just fine for the purposes of cryptographic
e-mail (S/MIME).
These usage flags are also used in the end-entity certificates found
in https://datatracker.ietf.org/doc/draft-ietf-lamps-samples/
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Fri May 14 17:14:41 2021 -0400
tests: update details about sample X25519 certificate
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Fri May 7 20:14:53 2021 -0400
certtool: add x448 and x25519 for --key-type
This is a simple extension of the certtool command-line interface.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Fri May 7 22:25:41 2021 -0400
certtool: when making X25519 or X448 certs, always use "key agreement"
This is related to #1227 -- but in this case, it's enforcing a
requirement of RFC 8410 §5.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Fri May 7 21:53:47 2021 -0400
x509: handle X25519 and X448 in read_pubkey
_gnutls_x509_read_ecdh_pubkey is basically a clone of
_gnutls_x509_read_eddsa_pubkey. Another form of implementation
would be to collapse these two static functions into a common
function for all "CFRG" curves.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Fri May 7 21:30:53 2021 -0400
nettle: handle X25519 and X448 in pk_fixup
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Fri May 7 20:23:41 2021 -0400
x509: enable importing secret keys for X448 and X25519.
_decode_pkcs8_modern_ecdh_key is virtually the same as
_decode_pkcs8_eddsa_key. Another implementation would be
to collapse these two functions into one, since their structure
is identical.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Fri May 7 19:53:28 2021 -0400
Enable X25519 and X448 everywhere that EdDSA is supported.
These are just trivial extension points where the codepath is the same
for the ECDH scheme as it is for the EdDSA scheme.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Fri May 7 20:14:07 2021 -0400
x509: handle X448 and X25519 in write_pubkey
This uses the same structure as _gnutls_x509_write_eddsa_pubkey.
Another way to write this would be to combine those two functions,
despite X448 and X25519 not being EdDSA at all.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Fri May 7 20:12:15 2021 -0400
pubkey: handle X25519 and X448 in gnutls_pubkey_import_pkcs11
I am not confident in the strings I chose to match on in
ASN1_ETYPE_PRINTABLE_STRING, in that I do not know what registry
I should look this up in.
The *parse_ecc_ecdh_params and *import_ecc_ecdh functions are tweaked
analogs to the eddsa versions of those functions.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Fri May 7 19:48:10 2021 -0400
nettle: extend pk_verify_priv_params to handle X25519 and X448
This is basically a copy of the EdDSA case in the switch statement.
Another way to implement it would be to augment the EdDSA case (and
the functions it uses) to have that case also handle ECDH use of the
CFRG curves.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Fri May 7 19:36:14 2021 -0400
lib/pk: treat modern ECDH octet streams the same way as eddsa streams.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Fri May 7 19:34:59 2021 -0400
lib/algorithms: add modern ecdh functions comparable to curve_is_eddsa
This is useful for the so-called CFRG curves used in ECDH, x25519 and x448.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Thu May 6 14:10:46 2021 -0400
algorithms: Explicitly name ECDH_X448_OID and ECDH_X25519_OID
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Sep 10 17:08:52 2021 +0200
.gitlab-ci.yml: new ASan job with -DAGGRESSIVE_REALLOC
This would exercise the same logic currently covered with
fedora-valgrind-aggressive in each MR.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Sep 9 18:36:46 2021 +0200
fuzz: allow multiple definitions of gnutls_rnd in oss-fuzz
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Sep 9 09:46:04 2021 +0200
build: remove tautological if conditions
Spotted by LGTM.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Sep 9 09:38:21 2021 +0200
ext/{client,server}_cert_type: use proper types for integers
Spotted by LGTM.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Sep 6 15:51:41 2021 +0200
tests: use PYTHONPATH instead of creating symlinks in srcdir
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Sep 7 17:56:02 2021 +0200
tls-fuzzer: update submodules to the latest
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Miroslav Lichvar <mlichvar@redhat.com>
Date: Wed Sep 1 15:48:27 2021 +0200
fix SSSE3 SHA384 to work more than once
The output function called sha512_digest() instead of sha384_digest(),
which caused the hash context to be reinitialized for SHA512 instead of
SHA384 and all following digests using the hash handle were wrong.
Signed-off-by: Miroslav Lichvar <mlichvar@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Sep 4 10:38:23 2021 +0200
testcompat-openssl-tls13-cli.sh: disable early data testing
This test is causing intermittent failure quite often in the CI.
Let's temporarily disable it until the cause is properly investigated.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Sep 5 18:48:09 2021 +0200
testcompat-openssl-tls13-cli.sh: use different tmpdirs for sub-tests
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Sep 5 17:28:43 2021 +0200
tests: rework port locking
This makes the locking logic per port, not per entire make process.
It also makes use of absolute paths for locking directory, so that
tlsfuzzer tests can use it.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Mon Aug 30 19:26:49 2021 +0200
tests/tls13/post-handshake-with-cert: avoid a race condition
A server tries to close connection and kill the client after reauth.
Client, in turn, attempts to send data in some cases.
This patch makes the server wait for the client to terminate first.
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Mon Aug 30 19:38:03 2021 +0200
tests: remove unused `terminate` from 2 tests
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Fri Aug 27 17:10:37 2021 +0200
tests: add a safeguard to terminate()
Add a safeguard to `terminate()` so that we don't kill whole pgroups.
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Fri Aug 27 17:02:51 2021 +0200
tests: don't kill whole pgroups
`terminate()` executed from the child process results in a `kill(0, SIGTERM)`,
bringing the whole pgroup down. `exit(1)` should be called instead.
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Nick Child <nick.child@ibm.com>
Date: Wed Aug 25 15:13:07 2021 -0400
INSTALL.md: Update documentation on building static library [skip ci]
As of commit a88eb79d88c53531c49d7cedfce2207f36ac8a9d, building a
static archive (libgnutls.a) is off by default. This commit updates the
documentation for building a static library in INSTALL.md .
Signed-off-by: Nick Child <nick.child@ibm.com>
Author: Simon South <simon@simonsouth.net>
Date: Sun Aug 22 08:41:36 2021 +0200
guile: Add 'GNUTLS_DIG_SHA256' enum value.
* guile/modules/gnutls/build/enums.scm (%digest-enum): Add 'sha256'.
* guile/modules/gnutls.in: Export 'digest/sha256'.
* guile/tests/x509-certificates.scm: Test 'digest/sha256' with
'x509-certificate-fingerprint'.
(%sha256-fingerprint): New constant.
Signed-off-by: Simon South <simon@simonsouth.net>
Author: Simon South <simon@simonsouth.net>
Date: Sun Aug 22 08:40:14 2021 +0200
guile: Add binding for 'gnutls_x509_crt_get_fingerprint'.
* guile/src/core.c (MAX_HASH_SIZE): New constant.
(scm_gnutls_x509_certificate_fingerprint): New function.
* guile/modules/gnutls.in: Export 'x509-certificate-fingerprint'.
* guile/tests/x509-certificates.scm: Test 'x509-certificate-fingerprint'.
(%sha1-fingerprint): New constant.
(u8vector->hex-string): New procedure.
Signed-off-by: Simon South <simon@simonsouth.net>
Author: Craig Gallek <cgallek@gmail.com>
Date: Wed Aug 11 12:54:37 2021 -0400
x509: pin/password callback support for openssl encrypted private keys
This attempts to use the registered pin callback when the password for
an encrypted openssl private key is not supplied. This matches the
functionality for PKCS8 sealed keys above and is similar to what openssl
does in this situation.
Signed-off-by: Craig Gallek <cgallek@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Aug 7 09:16:50 2021 +0200
mem: instrument with ASan memory poisoning as well as valgrind
This makes it possible to catch undefined memory access in the more
lightweight CI runs.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Aug 2 18:32:28 2021 +0200
pk: add flags to force RSA-PSS salt length to match digest length
This adds a couple of flags to RSA-PSS signing and verification, to
enforce that the salt length matches the digest length. That is not
only recommended in RFC 4055, but also mandated in RFC 8446 in the TLS
1.3 context.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jul 21 10:34:23 2021 +0200
fips: allow more RSA modulus sizes
Previously, we restricted RSA modulus size to be either 2048 or 3072
bits in FIPS mode, following FIPS 186-4. On the other hand, FIPS
140-2 IG A.14 and FIPS 140-3 IG C.F updates it to allow arbitrary
modulus sizes equal to or larger than 2048 bits under certain
conditions.
This change reflects the guidance, though it only allows known sizes
due to the complexity of calculating the approximate security strength
using the formula in FIPS 140-2 IG 7.5.
Suggested-by: Stephan Mueller
Reviewed-by: Stephan Mueller
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Aug 3 14:17:41 2021 +0200
tests: tls13/key_share: rewrite as single process
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Aug 4 06:45:30 2021 +0200
.gitlab-ci.yml: cppcheck: disable style checks
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Aug 3 11:44:52 2021 +0200
devel: suppress cppcheck 2.5 false-positives
This fixes errors and warnings as well as some style issues spotted by
cppcheck 2.5. Others are recorded in the suppressions file.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Fiona Klute <fiona.klute@gmx.de>
Date: Tue Jul 13 23:53:12 2021 +0200
gnutls_ocsp_resp_verify: Check key purpose if signer not on trust list
According to [1] the id-kp-OCSPSigning key purpose is only needed for
delegated signers, not signers explicitly set as trusted. The previous
code would reject a signature directly from a CA on the trust list
(without delegation) because the CA certificate didn't contain the
id-kp-OCSPSigning key purpose.
The tests included in this commit check:
1. Is a signature directly from a CA on the trust list accepted?
2. Is a signature from a delegated signer issued by a CA on the trust
list accepted?
3. Is a signature from a certificate without id-kp-OCSPSigning issued
by a CA on the trust list rejected?
Note that the CA in these tests is also the one that issued the
certificate the OCSP response is for, but the code (current and
previous) doesn't enforce this.
[1] https://datatracker.ietf.org/doc/html/rfc6960#section-4.2.2.2
Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jun 28 07:04:55 2021 +0200
tests: set SH_LOG_COMPILER so sh tests run under $(SHELL)
This omits the need of setting executable bits on shell script tests.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jun 25 08:39:12 2021 +0200
key_share: treat X25519 and X448 as same PK type when advertising
Previously, if both X25519 and X448 groups were enabled in the
priority string, the client sent both algorithms in a key_share
extension, while it was only capable of handling one algorithm from
the same (Edwards curve) category. This adds an extra check so the
client should send either X25519 or X448.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Michael Catanzaro <mcatanzaro@redhat.com>
Date: Tue Jun 22 14:12:09 2021 -0500
Fix gnutls_certificate_set_trust_list() return value documentation
This function is documented to return an error code, but in fact it has
no return value and never fails. Fix this.
Signed-off-by: Michael Catanzaro <mcatanzaro@redhat.com>
Author: Ludovic Courtès <ludo@gnu.org>
Date: Sat Apr 24 22:02:14 2021 +0200
guile: Writes to record ports handle EAGAIN/EINTR transparently.
Reported at <https://issues.guix.gnu.org/47867>
by Florian Pelz <pelzflorian@pelzflorian.de>.
This is a followup to a229bb36c9592b151f6feb277238c41ab39f40a9.
* guile/src/core.c (write_to_session_record_port) [USING_GUILE_BEFORE_2_2]:
Keep looping upon GNUTLS_E_AGAIN and GNUTLS_E_INTERRUPTED.
(write_to_session_record_port) [!USING_GUILE_BEFORE_2_2]: Loop on
GNUTLS_E_INTERRUPTED and return -1 on GNUTLS_E_AGAIN if C_SESSION is
backed by a file descriptor.
* NEWS: Update.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jun 11 06:58:43 2021 +0200
priority: reflect system wide config when constructing sigalgs
Otherwise the client would advertise signature algorithms which it
cannot use and cause handshake to fail.
Reported by Philip Schaten in:
https://lists.gnupg.org/pipermail/gnutls-help/2021-June/004711.html
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jun 9 14:29:11 2021 +0200
p11tool: mention how CKA_IDs of certs are calculated upon --write
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat May 29 07:18:17 2021 +0200
Release 3.7.2
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat May 29 07:09:07 2021 +0200
release-steps: remove unnecessary steps
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat May 29 06:56:57 2021 +0200
AUTHORS: take into account of Co-authored-by:
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat May 29 06:52:42 2021 +0200
.mailmap: update
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Tue May 18 16:32:55 2021 -0400
certtool: order DN components by scale.
DN components are expected to be ordered by scale, with the wire format
representing larger-scale components (like country or organization) before
smaller-scale components (like state or organizationalUnit).
The bulk of the changes here of course are changes to the target
certificates in the test suite.
Note that a change was necessary in tests/cert-tests/crq.sh because it
tests the "interactive" mode of certtool. If any user is scripting
certtool in this way, this change will cause a backwards-incompatible
break. However, I think this is OK -- the supported scripted/batch
mode for certtool should use a template file, and I don't think it's
important to maintain a strict api on the interactive mode.
The main change here is to order the DN from least-specific-to-most,
in particular:
country, state, locality, org, orgunit, cn, uid
But I've also made an additional arbitrary choice, which is that DC
(domain component) comes *after* uid. This was already the case in
certificate generation, but in *request* generation, it was the other
way around. I've changed request generation to match this ordering
from certificate generation.
Closes: #1243
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu May 27 10:00:22 2021 +0200
build: fix interface version dependencies in libgnutls.map
Previously, the predecessor of GNUTLS_3_7_0 was mistakenly set to
GNUTLS_3_4 instead of GNUTLS_3_6_14. This fix shouldn't have any
impact on ABI, given the dynamic loader doesn't take into account of
ordering of versions. See also the first paragraph on:
https://www.akkadia.org/drepper/dsohowto.pdf#page=38
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu May 27 09:34:50 2021 +0200
build: require libkcapi 1.3.0 or later if --enable-afalg
The libkcapi 1.3.0 brings a couple of changes needed for GnuTLS:
* fix: remove prctl PR_SET_DUMPABLE to allow library to be debugged
* fix: ensure that sendmsg is always used as fallback when vmsplice cannot be used
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri May 28 17:05:56 2021 +0200
tlsfuzzer: update git submodules
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri May 28 08:51:27 2021 +0200
nettle: update git submodule to 3.7.2 release
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri May 28 08:50:19 2021 +0200
gnulib: update git submodule
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu May 27 08:10:30 2021 +0200
devel: update libtasn1 submodule
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Leonardo Bras <leobras.c@gmail.com>
Date: Fri May 21 03:40:03 2021 -0300
guile: Fix implicit conversion warning
When building, the following warning may be printing:
CC guile_gnutls_v_2_la-utils.lo
core.c: In function 'scm_gnutls_set_server_session_certificate_request_x':
core.c:545:13: warning: implicit conversion from 'gnutls_certificate_request_t' to 'gnutls_certificate_status_t' [-Wenum-conversion]
545 | c_request = scm_to_gnutls_certificate_request (request, 2, FUNC_NAME);
| ^
core.c:547:53: warning: implicit conversion from 'gnutls_certificate_status_t' to 'gnutls_certificate_request_t' [-Wenum-conversion]
547 | gnutls_certificate_server_set_request (c_session, c_request);
|
Fix this warning by changing c_request type to gnutls_certificate_request_t.
Signed-off-by: Leonardo Bras <leobras.c@gmail.com>
Author: Leonardo Bras <leobras.c@gmail.com>
Date: Fri May 21 03:11:29 2021 -0300
ASN1 : Remove warnings related to old libtasn1 namings
While compiling gnutls, some warnings related to deprecated names can be
printed, such as:
./../x509/x509_int.h:392:13: warning: 'ASN1_TYPE' macro is deprecated, use 'asn1_node' instead.
392 | int _gnutls_x509_write_key_int_le(ASN1_TYPE node, const char *value,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
To avoid that, rename types as show in devel/libtasn1/NEWS (release 3.1):
ASN1_DATA_NODE -> asn1_data_node_st
ASN1_ARRAY_TYPE -> asn1_static_node (was asn1_static_node_t)
ASN1_TYPE -> asn1_node
ASN1_TYPE_EMPTY -> NULL
static_struct_asn -> asn1_static_node_st
node_asn_struct -> asn1_node_st
node_asn -> asn1_node_st
Signed-off-by: Leonardo Bras <leobras.c@gmail.com>
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Mon May 17 13:33:28 2021 -0400
git: Do not ignore certtool templates.
This effectively reverts part of
dc85966364994006f9337e4749d1487e4b8e16a1 in order to ensure that
tests/cert-tests/templates/*.tmpl are not ignored by git.
Closes: #1242
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Mon May 17 13:20:26 2021 -0400
tests/cert-tests: test a policy without any policyQualifiers.
Ensure that a policy without policyQualifiers gets created with an
omitted sequence of qualifiers, rather than an empty sequence of
qualifiers.
We use NIST's test policy OID for this test.
This tests the fix for #1238.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Fri May 14 17:57:54 2021 -0400
x509: Omit empty sequences of policyQualifiers.
When a certificate has a policy attached but no policyQualifiers,
`certtool` should omit the policyQualifiers sequence entirely, rather
than emitting an empty sequence.
Closes: #1238
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri May 14 15:59:37 2021 +0200
cert auth: filter out unsupported cert types from TLS 1.2 CR
When the server is advertising signature algorithms in TLS 1.2
CertificateRequest, it shouldn't send certificate_types not backed by
any of those algorithms.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon May 17 07:58:43 2021 +0200
pre_shared_key: limit 0-RTT to resumption connections
While RFC 8446 allows 0-RTT data in a non-resumption connection
established with external PSK, it requires a mechanism to associate
encryption parameters with PSK. Until we provide a new API for that,
let's limit the 0-RTT use to resumption connections only.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Wed May 12 20:49:20 2021 -0400
x509: Write keyUsage extension with minimal BIT STRING
Avoid embedding trailing cleared bits in the BIT STRING for the
keyUsage extension.
The overwhelming majority of this changeset is correcting the
artifacts in the test suite, most of which had keyUsage with a
non-minimal encoding. The only functional code change is in
lib/x509/x509_ext.c.
Closes: #1236
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri May 14 08:48:24 2021 +0200
.gitlab-ci.yml: add bootstrap stage
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri May 14 08:26:37 2021 +0200
serv: stop setting AI_ADDRCONFIG on getaddrinfo
AI_ADDRCONFIG is only useful when the NODE argument is given in the
getaddrinfo call, as described in RFC 3493 6.1. Suggested by Andreas
Metzler in:
https://gitlab.com/gnutls/gnutls/-/issues/1007#note_356637206
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu May 13 15:03:10 2021 +0200
configure.ac: specify -ladvapi32 in mingw builds
This library needs to be linked for CryptAcquireContextW, used in
lib/system/keys-win.c. Suggested by Tim Kosse in:
https://gitlab.com/gnutls/gnutls/-/issues/1232
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue May 11 09:50:22 2021 +0200
tests: don't install crypt32.dll and ncrypt.dll replacement
Reported by Tim Kosse in:
https://gitlab.com/gnutls/gnutls/-/issues/1232
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Apr 29 18:44:28 2021 +0200
gnutls_early_{cipher,prf_hash}_get: new functions
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Apr 29 11:50:00 2021 +0200
tests: rework tls13-early-data to check key scheduling
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Apr 29 18:25:55 2021 +0200
tests: tls13-early-data: use TLS_CHACHA20_POLY1305_SHA256
When resuming in TLS 1.3, the negotiated PRF hash must match the one
used in the initial handshake.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Apr 29 18:09:01 2021 +0200
tests: remove shell-script wrapper for tls13/prf-early
The wrapper (tls13/prf-early.sh) was merely for running
tls13/prf-early under datefudge. The same thing can now be done with
virt_time_init_at.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Apr 29 17:56:37 2021 +0200
tests: virt-time: add virt_time_init_at
This allows the tests to set the current time to arbitrary point,
instead of the current time; useful for the tests checking the traces
such as tls13/prf-early.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Apr 29 08:35:02 2021 +0200
gnutls_init: add flag to omit EndOfEarlyData messages
The message is prohibited in QUIC:
https://tools.ietf.org/html/draft-ietf-quic-tls-34#section-8.3
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Apr 29 08:26:46 2021 +0200
gnutls_init: redefine GNUTLS_ENABLE_EARLY_DATA flag for client
The flag was only for the server, but it turned out to be useful for
client to explicitly indicate early data, when 0-RTT is handled
out-of-band as in QUIC.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Apr 29 08:23:15 2021 +0200
state: call secret_func on early write key change as well
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu May 13 08:38:20 2021 +0200
.gitlab-ci.yml: doc-dist.Fedora: invoke "texconfig rehash"
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu May 13 08:01:27 2021 +0200
systemkey: remove unused --inder and --infile options
While those options have no effect, the command previously tried to
open a file for reading and leaked file descriptor.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed May 12 16:55:37 2021 +0200
keylog: suppress -Wanalyzer-file-leak warnings
This workarounds the following warnings with gcc analyzer:
kx.c:156:69: error: leak of FILE '<unknown>' [CWE-775] [-Werror=analyzer-file-leak]
156 | _gnutls_bin2hex(session->security_parameters.
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~^
157 | client_random, GNUTLS_RANDOM_SIZE,
| ~~~~~~~~~~~~~
This should be harmless because the keylog file pointer is closed in
the ELF destructor.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed May 12 14:46:56 2021 +0200
.gitlab-ci.yml: update build images to Fedora 34 and Alpine 3.13
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed May 12 14:44:37 2021 +0200
devel: regenerate abidw dump files
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue May 11 15:29:03 2021 +0200
.gitlab-ci.yml: bump cache version
This should fix the nettle_streebog512_update detection.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue May 11 14:25:38 2021 +0200
srptool: add missing fclose on error path
Spotted by gcc analyzer:
srptool.c:113:32: warning: leak of FILE 'fp' [CWE-775] [-Wanalyzer-file-leak]
113 | return -1;
| ^
also:
srptool.c:560:32: warning: leak of FILE 'fp' [CWE-775] [-Wanalyzer-file-leak]
560 | return -1;
| ^
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu May 13 08:40:59 2021 +0200
tests: _check_wait_status: use only async-thread-safe function
As this function shall be called in a signal handler, it shouldn't use
'exit' as it's not async-thread-safe.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue May 11 14:23:45 2021 +0200
gnutls-serv: use only async-signal-safe functions in signal handler
Spotted by gcc analyzer:
serv.c:1138:9: warning: call to 'exit' from within signal handler [CWE-479] [-Wanalyzer-unsafe-call-within-signal-handler]
1138 | exit(1);
| ^~~~~~~
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue May 11 14:13:45 2021 +0200
certtool: tighten allocation check
Spotted by gcc analyzer:
certtool-cfg.c:856:24: warning: use of possibly-NULL 'copy' where non-null expected [CWE-690] [-Wanalyzer-possible-null-argument]
856 | while (strcmp(pass, copy) != 0
| ^~~~~~~~~~~~~~~~~~
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue May 11 14:08:33 2021 +0200
psktool: tighten allocation check
Spotted by gcc analyzer:
psk.c:275:21: warning: use of possibly-NULL '_username.data' where non-null expected [CWE-690] [-Wanalyzer-possible-null-argument]
275 | if (strncmp(p, (const char *) _username.data,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue May 11 13:16:51 2021 +0200
.gitignore: ignore more files
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue May 11 11:08:59 2021 +0200
_tls13_{derive,expand}_secret2: fix array parameter mismatch
This suppresses the warning with -Warray-parameter
secrets.c:85:40: warning: argument 6 of type 'const uint8_t[64]' {aka 'const unsigned char[64]'} with mismatched bound [-Warray-parameter=]
85 | const uint8_t secret[MAX_HASH_SIZE],
| ~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~
In file included from secrets.c:28:
secrets.h:43:41: note: previously declared as 'const uint8_t[32]' {aka 'const unsigned char[32]'}
43 | const uint8_t secret[MAX_CIPHER_KEY_SIZE],
| ~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue May 11 11:04:54 2021 +0200
_gnutls_retrieve_pin: remove array declarator in function argument
This was originally to eliminate the warnings with -Warray-parameter:
pin.c:70:27: warning: argument 5 of type 'char[256]' with mismatched bound [-Warray-parameter=]
70 | char pin[GNUTLS_PKCS11_MAX_PIN_LEN], unsigned pin_size)
| ~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from pin.c:23:
./pin.h:9:48: note: previously declared as 'char *'
9 | unsigned pin_flags, char *pin, unsigned pin_size);
| ~~~~~~^~~
though it turned out to be unnecessary because the function merely
delegate the call to the user-supplied callbacks.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Wed May 5 18:05:29 2021 -0400
spelling: The possessive pronoun "its" has no apostrophe.
"it's" is for contractions like "it is" or "it has". "its" is a
possessive pronoun, like "his" or "hers" or "theirs", none of which
have an apostrophe in them either.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Tue May 4 15:08:08 2021 -0400
certtool: Align warning about --provable with actual code
If I try to generate an ed25519 key, it is *not* an ECDSA key. But I
see this warning:
0 dkg@host:~$ certtool --generate-privkey --provable --key-type ed25519
Generating a 256 bit EdDSA (Ed25519) private key ...
The --provable parameter cannot be used with ECDSA keys.
1 dkg@host:~$
Looking at the code and documentation, it's clear that --provable only
works for RSA and DSA. This fix aligns the warning message with the
underlying mechanism.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon May 3 16:35:43 2021 +0200
x509/verify: treat SHA-1 signed CA in the trusted set differently
Suppose there is a certificate chain ending with an intermediate CA:
EE → ICA1 → ICA2. If the system trust store contains a root CA
generated with the same key as ICA2 but signed with a prohibited
algorithm, such as SHA-1, the library previously reported a
verification failure, though the situation is not uncommon during a
transition period of root CA.
This changes the library behavior such that the check on signature
algorithm will be skipped when examining the trusted root CA.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon May 3 17:27:56 2021 +0200
global: rename GNUTLS_NO_EXPLICIT_INIT to GNUTLS_NO_IMPLICIT_INIT
The old envvar still has effect but has been marked as deprecated.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon May 3 14:19:22 2021 +0200
certtool: fix parsing of --verify-profile option
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Ruslan N. Marchenko <me@ruff.mobi>
Date: Sun May 2 23:29:39 2021 +0200
Add tests for call gnutls_session_channel_binding
Add test unit which executes positive and negative test scenarios
using standard gnutls testing framework.
Signed-off-by: Ruslan N. Marchenko <me@ruff.mobi>
Author: Ruslan N. Marchenko <me@ruff.mobi>
Date: Sat May 1 23:05:54 2021 +0200
Add tls-server-end-point tls channel binding implementation.
Add server-end-point tls channel binding into gnutls_session_channel_binding
method. The implementation extracts session's certificate, its signature
algorithm, and calculates digest of the extracted certificate using
the function based on extracted algorithm, as per RFC5929.
Signed-off-by: Ruslan N. Marchenko <me@ruff.mobi>
Author: Ruslan N. Marchenko <me@ruff.mobi>
Date: Sat May 1 10:16:37 2021 +0200
Restructure gnutls_session_channel_binding and add tls-exporter
The restructure removes explicit pre-check for supported binding
type(s) and instead relies now on catch-all return which returns
UNIMPLEMENTED_FEATURE if no type was handled. In addition to that
it returns UNIMPLEMENTED_FEATURE for tls-unique request on TLSv1.3
session, since that is not supposed to work hence requires explicit
error. Finally new binding type tls-exporter implementation is
added.
Signed-off-by: Ruslan N. Marchenko <me@ruff.mobi>
Author: Ruslan N. Marchenko <me@ruff.mobi>
Date: Sat May 1 10:22:14 2021 +0200
Introduce new tls channel binding types into gnutls_channel_binding_t
This commit adds two new tls channel binding types into enum
gnutls_channel_binding_t:
* tls-server-end-point
* tls-exporter
Signed-off-by: Ruslan N. Marchenko <me@ruff.mobi>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Apr 28 11:04:20 2021 +0200
certtool: don't copy CRL distribution point from CA cert
Suggested by Thomas Karlsson in:
https://gitlab.com/gnutls/gnutls/-/issues/1126
While this changes the default behavior, CDP can always be set through
the template or interactive input.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Apr 25 17:04:46 2021 +0200
gnutls_x509_crt_get_dn: clarify null-termination of the output
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Apr 25 10:48:09 2021 +0200
build: do not install .hmac files
It turned out that distro package building process might perform
post-processing (e.g., strip) of the shared libraries after install,
and that may cause inconsistency with the installed .hmac files.
Let's not try too hard on this but defer the final hmac calculation to
distributions. It is still useful to keep our own fipshmac as it
makes it easier to run FIPS tests.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Apr 25 06:51:20 2021 +0200
tests: fix test script file name in distribution
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Apr 25 06:50:03 2021 +0200
.gitignore: ignore ctags, etags, and GNU global files
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Apr 23 15:36:37 2021 +0200
handshake: fix timing of sending early data
Previously, the client was sending early data after receiving a Server
Hello message, which not only negates the benefit of 0-RTT, but also
was a logic error as it can only be decrypted by the server when the
initial handshake and the resuming handshake agree on the same
ciphersuites. This fixes that behavior in the following ways:
- extend the session data format to include the selected ciphersuites,
even in TLS 1.3
- setup the epoch for early data, right before the client sending
early data (also right after the server deciding to accept early
data).
- extend the test case to use different ciphersuites in the initial
and resuming handshakes
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Ludovic Courtès <ludo@gnu.org>
Date: Fri Apr 23 09:44:20 2021 +0200
guile: Tests show their PID upon uncaught exceptions.
* guile/modules/gnutls/build/tests.scm (run-test): Display the PID when
throwing an exception.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Author: Ludovic Courtès <ludo@gnu.org>
Date: Fri Feb 5 12:28:35 2021 +0100
guile: Avoid the deprecated 'scm_t_uint8' type.
* guile/src/core.c: Use 'uint8_t' instead of 'scm_t_uint8', which is
deprecated in Guile 3.0.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Author: Ludovic Courtès <ludo@gnu.org>
Date: Tue Dec 22 10:30:43 2020 +0100
guile: Avoid potentially missed reference.
There's one case where 'register_weak_reference' is called several times
on the same object, in 'set-certificate-credentials-x509-keys!', where
PRIVKEY could have been GC'd before CRED.
* guile/src/core.c (register_weak_reference): Add TO to the weak
references of FROM instead of overriding them.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Apr 23 10:28:03 2021 +0200
afalg: use pkg-config to detect libkcapi
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Apr 23 10:03:47 2021 +0200
afalg: support AES-XTS algorithms
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Apr 23 09:56:40 2021 +0200
afalg: cleanup header inclusion
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Ludovic Courtès <ludo@gnu.org>
Date: Mon Dec 21 18:22:14 2020 +0100
guile: Remove leftover comment about allocation routines.
This is a followup to 872409857351f28b1e3c21526bfa6606c918b176.
* guile/src/core.c (scm_init_gnutls): Remove leftover comment.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Apr 23 09:50:16 2021 +0200
afalg: remove unnecessary initialization
That would make it easier to spot any uninitialized memory access with
valgrind.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Apr 23 09:45:51 2021 +0200
afalg: assert IV size returned from the kernel is in the range
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Apr 23 09:42:03 2021 +0200
NEWS: mention AF_ALG support
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Apr 14 17:27:43 2021 +0200
crypto-selftests: tolerate errors of gnutls_{hash,hmac}_copy
Some hardware accelerated implementations, such as afalg, cannot
support the copy operation. This patch turns it a soft-error, as the
code below is already checking if the copy is non-NULL, before
performing any operation on it.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Apr 22 16:42:01 2021 +0200
handshake: don't regenerate legacy_session_id in second CH after HRR
According to RFC 8446 4.1.2, the client must send the same Client
Hello after Hello Retry Request, except for the certain extensions,
and thus legacy_session_id must be preserved.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Apr 14 16:50:28 2021 +0200
_gnutls_cipher_init: fallback if setiv is not implemented for AEAD
The _gnutls_cipher_init function currently assumes that all the cipher
implementations have .setiv method. This is not the case for
AEAD-only implementations such as afalg.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Stephan Mueller <smueller@chronox.de>
Date: Sat Oct 14 20:46:09 2017 +0200
Add AF_ALG acceleration
The patch set adds the backend implementation to use the Linux kernel
crypto API via the AF_ALG interface. The GnuTLS AF_ALG extension uses
libkcapi [1] as the backend library which implements the actual kernel
communication.
[1] http://www.chronox.de/libkcapi.html
The symmetric cipher support, the hashing and the MAC support are
validated to work correctly using NIST CAVS test vectors.
The AEAD cipher support was tested by connecting to a remote host using
gnutls-cli (the following log strips out unrelated information):
Processed 143 CA certificate(s).
...
- Certificate type: X.509
- Got a certificate list of 1 certificates.
- Certificate[0] info:
...
- Description: (TLS1.2)-(ECDHE-SECP384R1)-(RSA-SHA512)-(AES-256-GCM)
- Session ID: 9E:5E:FC:09:2A:4E:2A:3D:22:44:68:42:C3:F6:2D:AB:F9:67:08:CE:6D:EE:E4:A2:EF:80:43:FE:3B:D9:1E:FE
- Ephemeral EC Diffie-Hellman parameters
- Using curve: SECP384R1
- Curve size: 384 bits
- Version: TLS1.2
- Key Exchange: ECDHE-RSA
- Server Signature: RSA-SHA512
- Cipher: AES-256-GCM
- MAC: AEAD
- Options: extended master secret, safe renegotiation,
- Handshake was completed
- Simple Client Mode:
Signed-off-by: Stephan Mueller <smueller@chronox.de>
Co-authored-by: Daiki Ueno <ueno@gnu.org>
Co-authored-by: Hedgehog5040 <krenzelok.frantisek@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Apr 16 13:56:40 2021 +0200
priority: add option to disable TLS 1.3 middlebox compatibility mode
This adds a new option %DISABLE_TLS13_COMPAT_MODE to disable TLS 1.3
compatibility mode at run-time.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Mar 30 13:39:46 2021 +0200
_gnutls_calloc: remove unused function
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Mar 29 14:09:51 2021 +0200
keys-win: free certificate context in gnutls_system_key_iter_deinit
Suggested by Bjørn Christensen in:
https://gitlab.com/gnutls/gnutls/-/issues/1197
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Mar 29 11:06:37 2021 +0200
build: avoid integer overflow in additions
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Feb 21 08:43:26 2021 +0100
build: avoid potential integer overflow in array allocation
This relies on _gnutls_reallocarray for all occasions of array
allocations, so that they can benefit from the built-in overflow
checks.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Mar 29 13:08:23 2021 +0200
pkcs11x: find_ext_cb: fix error propagation
Use explicit error value, as rv is not set in this code path.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Feb 21 08:42:23 2021 +0100
mem: add _gnutls_reallocarray and _gnutls_reallocarray_fast
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Feb 21 08:34:13 2021 +0100
bootstrap: pull in 'xalloc-oversized' module from Gnulib
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sat Mar 20 13:52:25 2021 +0100
build: doc: install missing image file gnutls-crypto-layers.png
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Mar 15 11:03:44 2021 +0100
examples: avoid memory leak in ex-verify
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Mar 15 11:03:22 2021 +0100
examples: avoid memory leak in tlsproxy
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Mar 15 10:56:46 2021 +0100
src: avoid file descriptor leak in socket_open2
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Mar 15 10:48:49 2021 +0100
gnutls-cli-debug: avoid resource leak in saving DHE params
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Mar 15 10:47:50 2021 +0100
srptool: avoid FILE pointer leak on error
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Mar 15 09:55:20 2021 +0100
gnulib: update git submodule
This brings in the fix for parse-datetime test failures on NetBSD:
https://lists.gnu.org/archive/html/bug-gnulib/2021-03/msg00069.html
https://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=commit;h=35f8ff2e1162bf3ee60d99b6812f2ae10f3f2898
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Mar 10 16:12:23 2021 +0100
str: suppress -Wunused-function if AGGRESSIVE_REALLOC is defined
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Mar 10 16:11:29 2021 +0100
_gnutls_buffer_resize: account for unused area if AGGRESSIVE_REALLOC
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Mar 10 05:06:13 2021 +0100
Release 3.7.1
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jan 29 14:06:50 2021 +0100
pre_shared_key: avoid use-after-free around realloc
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jan 29 14:06:32 2021 +0100
key_share: avoid use-after-free around realloc
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Mar 9 13:41:59 2021 +0100
_gnutls_buffer_resize: add option to use allocation simpler logic
This helps detect common mistakes[1] in realloc usage with valgrind,
where the caller assumes that the original ptr is always returned.
1. https://bugzilla.mozilla.org/show_bug.cgi?id=1377618
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Co-authored-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Mar 9 20:29:37 2021 +0100
x86: flip polarity of check_fast_pclmul
Otherwise GCC produces the following warnings as the stub
__get_cpuid() is defined as '#define __get_cpuid(...) 0':
x86-common.c: In function 'register_x86_crypto':
x86-common.c:314:15: warning: 'a' may be used uninitialized in this function [-Wmaybe-uninitialized]
314 | family = ((a >> 8) & 0x0F);
| ~~~^~~~~
x86-common.c:308:15: note: 'a' was declared here
308 | unsigned int a,b,c,d;
| ^
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Mar 9 13:07:26 2021 +0100
gnutls_buffer_append_data: remove duplicated code
The function shared the same logic as in _gnutls_buffer_resize.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Mon Mar 8 14:56:32 2021 +0100
lib/nettle: get rid of _rnd_system_entropy_check
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Mon Mar 8 11:54:16 2021 +0100
lib/global: don't call now-noop _gnutls_rnd_check
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Thu Mar 4 10:54:44 2021 +0100
sysrng-linux: re-open /dev/urandom every time
Prompted by the following comment of Daiki Ueno:
> I also wonder why we keep the fd open for such a long time in the first
> place. Both OpenSSL and NSS have a similar fallback to /dev/urandom
> if getrandom is not available, but opens the device in one-shot,
> when reseeding is needed (and that's pretty rare).
https://gitlab.com/gnutls/gnutls/-/merge_requests/1383#note_521749519
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
Date: Fri Mar 5 12:31:45 2021 +0100
Add unit test for id-on-xmppAddr decoding error
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Mar 5 12:08:25 2021 +0100
gnutls_x509_trust_list_verify_crt2: skip duped certs for PKCS11 too
The commit 09b40be6e0e0a59ba4bd764067eb353241043a70 (part of
gnutls/gnutls!1370) didn't cover the case where the trust store is
backed by PKCS #11, because it used _gnutls_trust_list_get_issuer,
which only works with file based trust store.
This patch replaces the call with more generic
gnutls_x509_trust_list_get_issuer so it also works with other trust
store implementations.
Reported by Michal Ruprich.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
Date: Thu Mar 4 16:44:21 2021 +0100
output UTF-8 decoded id-on-xmppAddr SAN's
tls_x509_crt_get_subject_alt_name()` makes a promise [1] "If an
otherName OID is known, the data will be decoded. ... RFC 3920
id-on-xmppAddr SAN is recognized." which it didn't hold.
Before this patch the output was still in DER format, e.g. for a
id-on-xmppAddr which is always UTF-8 (0x0c): `0x0c <len> <xmppAddr>`
This patch fixes the issue and now it returns the decoded string.
[1]
https://www.gnutls.org/manual/gnutls.html#gnutls_005fx509_005fcrt_005fget_005fsubject_005falt_005fname
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Sun Feb 28 13:56:21 2021 +0100
Changed _gnutls_session_cert_type_supported prototype and name to follow guidelines for boolean functions.
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Thu Feb 25 12:06:55 2021 +0100
Changed certificate retrieval callback prototype parameter name to be in line with the other parameters.
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Sat Jan 23 19:24:46 2021 +0100
Added documentation for rawpk use in certificate retrieval callback.
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Thu Feb 25 15:20:05 2021 +0100
Added extra logging and done some variable refactoring for server cert type extension.
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Thu Jan 28 20:05:51 2021 +0100
Added extra logging and done some variable refactoring for client cert type extension.
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Author: JonasZhou <JonasZhou@zhaoxin.com>
Date: Thu Feb 25 15:48:36 2021 +0800
padlock:add support for AES-192-CBC
Padlock code misses support for AES-192. Extend it to support AES-192.
Due to poor performance of padlock-aes-xxx-gcm, only padlock-aes-192-cbc
is added.
Signed-off-by: JonasZhou <JonasZhou@zhaoxin.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Feb 19 15:36:48 2021 +0100
.gitlab-ci.yml: run fedora-valgrind jobs only on upstream branches
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Jan 30 18:35:14 2021 +0100
tests: remove *hello_random_value tests
Those tests are meaningless and merely introduces extra flakiness, now
that the uninitialized random bytes are detected by valgrind.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Jan 30 13:34:40 2021 +0100
.gitlab-ci.yml: use longer handshake timeout for valgrind jobs
Also limit the parallelism to $(nproc) to be less resource intensive.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Jan 30 18:22:18 2021 +0100
tests: make any ad-hoc timeout setting controllable through envvar
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Jan 30 10:49:07 2021 +0100
tests: suffix .sh for all shell-script tests
Otherwise valgrind will run against /bin/sh.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Jan 30 09:23:02 2021 +0100
tests: don't conditionalize valgrind with --disable-full-test-suite
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jan 29 15:36:44 2021 +0100
tests: don't run shell-script tests under valgrind
https://www.gnu.org/software/gnulib/manual/html_node/Valgrind-and-shell-scripts.html
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Jan 30 09:25:06 2021 +0100
nettle: check lib state early to cope with synthesized error
tests/x509sign-verify-error.c calls _gnutls_lib_simulate_error before
the actual private key operations. That previously resulted in
infloop / conditional jump depending on uninitialized data, because
the random function (gnutls_rnd) was not able to feed sufficient
randomness in that case.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jan 29 14:09:17 2021 +0100
tests: fix memory leak in tests/tls13/no-auto-send-ticket
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Jan 24 07:49:34 2021 +0100
tests: remove init_fds test
This test does nothing to expose the original problem linked in the comment:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=760476
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Jan 23 14:36:57 2021 +0100
safe-memfuncs: rely on explicit_bzero implementation from gnulib
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Feb 17 11:31:23 2021 +0100
.gitlab-ci.yml: remove scriptlet to generate HMAC files for FIPS
This is now generated automatically during the build.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Ondrej Moris <omoris@redhat.com>
Date: Fri Oct 30 20:43:56 2020 +0100
fips: replace fipshmac usage with internal program
This introduces a non-installed program "fipshmac" and uses it for
generating HMAC files required in FIPS 140-2. The generated files are
installed along with the main library.
Resolves issues #1101.
Signed-off-by: Ondrej Moris <omoris@redhat.com>
Co-authored-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Feb 17 07:24:27 2021 +0100
build: don't remove distributed stamp files on "make clean"
Those files are created by the maintainers and should remain after
"make clean" when the distribution tarball is used.
Reported by christian wagner in:
https://gitlab.com/gnutls/gnutls/-/issues/1088
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Feb 16 08:45:23 2021 +0100
fastopen: remove call to abort()
Ideally, this function should have a way to return an error, but
simply not enabling TFO wouldn't hurt.
Reported by Tim Rühsen in:
https://gitlab.com/gnutls/gnutls/-/issues/603
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Feb 16 08:39:17 2021 +0100
hex: use a table to avoid meaningless assertion
Reported by Tim Rühsen in:
https://gitlab.com/gnutls/gnutls/-/issues/604
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Feb 17 06:38:41 2021 +0100
gnutlsxx: add const and explicit specifiers where possible
Flagged by cppcheck.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Dmitriy Tsvettsikh <dmitrycvet@gmail.com>
Date: Wed Feb 17 04:28:47 2021 +0500
configure.ac: fix "nettle_rsa_sec_decrypt" check error
When libhogweed built with external gmplib, then it required explicit
path to gmplib to pass check.
Signed-off-by: Dmitriy Tsvettsikh <dmitrycvet@gmail.com>
Author: Evgeny Grin <k2k@narod.ru>
Date: Sun Jan 10 21:36:18 2021 +0300
Sockets: implement sendmsg()-like functions on Win32
Use WSASend() to send several buffer per one sys-call.
Unified send()/recv() support for POSIX/Win32.
Signed-off-by: Evgeny Grin <k2k@narod.ru>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Feb 16 07:51:10 2021 +0100
gnutlsxx: dh_params, rsa_params: actually assign values in operator=
The previous implementation assigned the value to a temporary variable
and then return it without assigning it to 'this'. That is not only
contradictory to user's expectation but also cppcheck treats it as a
logic error.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Feb 15 15:51:25 2021 +0100
README.md: don't suggest installing lockfile-progs
The dependency has been removed in
5eff2002b0f7ac54b14326f207b5a9e509269555.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Feb 15 14:54:14 2021 +0100
.gitlab-ci.yml: fix typo in cppcheck -I argument
Reported by Tim Rühsen in:
https://gitlab.com/gnutls/gnutls/-/issues/705
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Feb 15 14:53:39 2021 +0100
README.md: fix typo in libev URL
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Feb 13 15:56:22 2021 +0100
.gitlab-ci.yml: bump cache version
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Feb 8 12:24:31 2021 +0100
bootstrap.conf: initialize openssl submodule
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Feb 8 08:46:13 2021 +0100
configure.ac: fix misleading --help output on guile bindings
Reported by Tim Rühsen in:
https://gitlab.com/gnutls/gnutls/-/issues/577
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Feb 7 18:54:45 2021 +0100
bootstrap: update from Gnulib
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Feb 7 17:38:31 2021 +0100
bootstrap.conf: refactor detection of gtk-doc and gnulib sockets
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Feb 13 15:57:36 2021 +0100
.gitignore: ignore more files
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Andreas Metzler <ametzler@debian.org>
Date: Tue Feb 9 14:16:54 2021 +0100
Fix test error with nettle in non-default location
Move #include <nettle/memxor.h> from gnutls_int.h to lib/cipher.c, drop
now superfluous NETTLE_CFLAGS from CPPFLAGS of multiple tests #including
gnutls_int.h.
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Feb 11 06:45:47 2021 +0100
.gitlab-ci.yml: remove FreeBSD run
This used to run on a dedicated FreeBSD runner, which is no longer
maintained.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Feb 9 15:26:07 2021 +0100
tests/gnutls-cli-debug.sh: don't unset system priority settings
When the test is exercised, GNUTLS_SYSTEM_PRIORITY_FILE is set in many
places, such as TESTS_ENVIRONMENT tests/Makefile.am or a packaging
system that runs the test in a restricted environment. Unsetting it
after a temporary use forces the remaining part of the test to use the
default system priority, which might not be the intention of the user.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Dec 28 12:14:13 2020 +0100
gnutls_x509_trust_list_verify_crt2: ignore duplicate certificates
The commit ebb19db9165fed30d73c83bab1b1b8740c132dfd caused a
regression, where duplicate certificates in a certificate chain are no
longer ignored but treated as a non-contiguous segment and that
results in calling the issuer callback, or a verification failure.
This adds a mechanism to record certificates already seen in the
chain, and skip them while still allow the caller to inject missing
certificates.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Co-authored-by: Andreas Metzler <ametzler@debian.org>
Author: Dosenpfand <m@sad.bz>
Date: Sun Feb 7 23:17:28 2021 +0100
doc: Add some missing algorithm keywords to priority string table
Signed-off-by: Markus Gasser <m@sad.bz>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Feb 3 16:05:22 2021 +0100
tests: close unused fd opened by socketpair
Otherwise the tests block forever, even if the child exits.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Feb 3 15:56:42 2021 +0100
.gitlab-ci.yml: remove redundant "make check" in build stage
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Jan 24 07:34:24 2021 +0100
handshake: TLS 1.3: don't generate session ID in resumption mode
The commit e0bb98e1f71f94691f600839ff748d3a9f469d3e revealed that the
previous code always generated session ID in the TLS 1.3 middlebox
compatibility mode even when the handshake is being resumed.
This could cause a difference in PSK binder calculation if the server
sends an HRR in the resumption handshake.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Feb 3 15:50:08 2021 +0100
gnutls_session_is_resumed: don't check session ID in TLS 1.3
In middlebox compatibiltiy mode, TLS 1.3 client simulates the TLS 1.2
resumption handshake, so checking session ID for resumption is
pointless. This worked previously because the client always generated
new random value even in a true resumption handshake, but didn't
update the session parameters properly.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Feb 4 08:39:04 2021 +0100
_gnutls_openpgp_send_fingerprint: remove unused declaration
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Feb 4 08:38:16 2021 +0100
_gnutls_session_is_resumable: remove unused internal function
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Feb 4 08:56:33 2021 +0100
handshake: replace TRUE and FALSE with <stdbool.h>
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Feb 4 08:30:30 2021 +0100
handshake: replace RESUME_TRUE and RESUME_FALSE with <stdbool.h>
Having those constants could cause wrong impression that there is a
third possible value.
To reproduce the changes other than lib/gnutls_int.h:
for i in `git ls-files lib`; do
sed -i
-e 's/\(session->internals.\(resumed\|resumable\)\) *\(== *RESUME_FALSE\|!= *RESUME_TRUE\)/!\1/' \
-e 's/\(session->internals.\(resumed\|resumable\)\) *\(== *RESUME_TRUE\|!= *RESUME_FALSE\)/\1/' \
-e 's/RESUME_TRUE/true/' \
-e 's/RESUME_FALSE/false/' \
$i
done
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Dec 29 09:59:06 2020 +0100
testcompat-openssl: run TLS 1.3 client/server tests in parallel
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Dec 29 07:26:16 2020 +0100
testcompat-openssl: remove hand-written parallelism
Previously, the test used to launch multiple tests in background and
then join them using shell primitives. That approach makes the test
slower as it cannot benefit from the automake's parallel test harness,
as well as it makes diagnostic harder because the lines in the log
file mix up.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Dec 29 10:06:50 2020 +0100
testcompat-polarssl: remove hand-written parallelism
Previously, the test used to launch multiple tests in background and
then join them using shell primitives. That approach makes the test
slower as it cannot benefit from the automake's parallel test harness,
as well as it makes diagnostic harder because the lines in the log
file mix up.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jan 22 14:37:47 2021 +0100
fips: avoid memleak in (EC)DH internal APIs
There were some confusions of gnutls_pk_params_clear and
gnutls_pk_params_release, as well as the number of parameters to scan
in the gnutls_pk_params_st structure.
Flagged by address sanitizer:
==354688==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 192 byte(s) in 12 object(s) allocated from:
#0 0x7f13506163cf in __interceptor_malloc (/lib64/libasan.so.6+0xab3cf)
#1 0x7f13503b94de in wrap_nettle_mpi_init /home/ueno/devel/gnutls/lib/nettle/mpi.c:79
#2 0x7ffcb8495f07 ([stack]+0x1ef07)
Direct leak of 160 byte(s) in 10 object(s) allocated from:
#0 0x7f13506163cf in __interceptor_malloc (/lib64/libasan.so.6+0xab3cf)
#1 0x7f13503b94de in wrap_nettle_mpi_init /home/ueno/devel/gnutls/lib/nettle/mpi.c:79
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Tom Carroll <incentivedesign@gmail.com>
Date: Sun Jan 10 15:28:50 2021 -0800
Deinitialize pcerts array elements during cleanup.
In gnutls_certificate_set_x509_key() cleanup, the pcert elements should
be deinitialized, freeing pcert's pubkey and cert fields.
Signed-off-by: Tom Carroll <incentivedesign@gmail.com>
Author: Tom Carroll <incentivedesign@gmail.com>
Date: Sun Jan 10 21:40:52 2021 -0800
Ensure ca_list != NULL and ca_list_size > 0.
As ca_list_size is used in malloc, ensure that ca_list_size > 0.
If ca_list_size > 0, then ca_list cannot be NULL. Make these
assumptions explicit with argument condition check.
Signed-off-by: Tom Carroll <incentivedesign@gmail.com>
Author: Tom Carroll <incentivedesign@gmail.com>
Date: Sun Jan 10 21:31:19 2021 -0800
Verify that cert_list != NULL and cert_list_size > 0.
gnutls_certificate_set_x509_key() assumes that cert_list != NULL and
cert_list_size > 0. These assumptions are evident as cert_list_size is
used for malloc and cert_list[0] is accessed. Make those assumptions
explicit with argument condition check.
Signed-off-by: Tom Carroll <incentivedesign@gmail.com>
Author: Martin Storsjo <martin@martin.st>
Date: Thu Jan 7 13:41:12 2021 +0200
configure: Remove -no_weak_links from LDFLAGS after detecting function availability
This reverts commit 945a48993dcdd9ead17216e55c59db209923ea5e
and fixes the original issue (#966) differently.
This makes sure that when targeting a version of macOS less than
10.12, we won't pick up and unconditionally use functions that
only appeared later, when building with Xcode 11.4 or newer.
(With Xcode 11.4 or newer, the fix from 945a48993dcdd9 caused
-no_weak_links not be added, affecting the function availability
tests.)
Signed-off-by: Martin Storsjo <martin@martin.st>
Author: Fiona Klute <fiona.klute@gmx.de>
Date: Thu Jan 7 20:29:54 2021 +0100
Update year of copyright notices in doc/gnutls.texi
Static analysis in CI checks if this is up to date, and fails if
not. This fixes the failure.
Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
Author: Fiona Klute <fiona.klute@gmx.de>
Date: Sat Jan 2 18:24:18 2021 +0100
Update CI documentation for use of Github Actions
Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
Author: Fiona Klute <fiona.klute@gmx.de>
Date: Sat Jan 2 18:22:55 2021 +0100
Remove Travis CI configuration
Replaced by Github Actions workflow added in
9fc73ec96fa5adfc8e9a4bd2ee9e6543ffcfe120.
Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
Author: Fiona Klute <fiona.klute@gmx.de>
Date: Tue Dec 29 22:03:53 2020 +0100
Github Actions job for MacOS CI
Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Dec 29 19:24:28 2020 +0100
gnulib: update git submodule
This brings in the fix for building with autoconf 2.70:
https://lists.gnu.org/archive/html/bug-gnulib/2020-12/msg00091.html
Suggested by Jan Palus in:
https://gitlab.com/gnutls/gnutls/-/issues/1138
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Sadie Powell <sadie@witchery.services>
Date: Fri Dec 11 05:39:56 2020 +0000
Fix a common typo of gnutls_priority_t.
Signed-off-by: Sadie Powell <sadie@witchery.services>
Author: Andreas Metzler <ametzler@debian.org>
Date: Tue Dec 8 11:36:57 2020 +0100
libgnutls-openssl: Clean up list of exported symbols
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Dec 29 09:46:36 2020 +0100
testcompat-openssl: specify -sigalgs on s_client command line
This is a left-over of commit
23958322865a8a77c2f924f569484e5fd150a24b. Otherwise the OpenSSL system
configuration may affect algorithm selection.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Dec 28 16:16:53 2020 +0100
testpkcs11: use datefudge to trick certificate expiry
The certificates stored in tests/testpkcs11-certs expired on
2020-12-13. To avoid verification failure due to that, use datefudge
to set custom date when calling gnutls-cli, gnutls-serv, and certtool.
Based on the patch by Andreas Metzler:
https://gitlab.com/gnutls/gnutls/-/issues/1135#note_469682121
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Stefan Berger <stefanb@linux.ibm.com>
Date: Mon Dec 21 09:36:47 2020 -0500
tests: Fix tpmtool_test due to changes in trousers
Recent changes to trousers now require an ownership of root:tss for
the tcsd config file, older ones requires tss:tss. So, start tcsd
using trial and error with either one of these ownership configurations
until one works.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Author: Norbert Pocs <npocs@redhat.com>
Date: Fri Oct 30 17:18:30 2020 +0100
Fix non-empty session id (TLS13_APPENDIX_D4)
When TLS1.3 is used with middlebox compatible mode, the session id should be filled with random session id,
but remained empty.
Signed-off-by: Norbert Pocs <npocs@redhat.com>
Closes #1074
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Dec 2 10:30:08 2020 +0100
Release 3.7.0
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Dec 2 09:33:21 2020 +0100
NEWS: update for 3.7.0 release
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: ihsinme <ihsinme@gmail.com>
Date: Mon Nov 30 14:56:15 2020 +0000
fix invalid unsigned arithmetic.
Signed-off-by: ihsinme <ihsinme@gmail.com>
Author: Stanislav Zidek <szidek@redhat.com>
Date: Fri Nov 27 13:24:24 2020 +0100
CI pipeline rework - using stages and inheritance
Signed-off-by: Stanislav Zidek <szidek@redhat.com>
Author: Michael Catanzaro <mcatanzaro@gnome.org>
Date: Mon Nov 30 13:08:01 2020 -0600
x509: Improve documentation of new set_getissuer_function
Since gnutls!1354, some of this information is now obsolete. The caller
is no longer responsible for verifying the certificate or adding it to
the trust list. GnuTLS will now handle that. Instead, the callback
should always import the missing certificate and return success if the
certificate was imported, or failure otherwise.
Also, let's point to gnutls_x509_crt_get_authority_info_access(), since
it is useful in combination with this function.
Finally, since this callback is emitted once for each missing
intermediate certificate, it's probably less confusing if we talk about
only a single missing intermediate here. Yes, there could be multiple
missing certificates, but a single invocation of this callback can only
deal with one.
Signed-off-by: Michael Catanzaro <mcatanzaro@gnome.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Nov 29 18:17:54 2020 +0100
fuzz: limit the retry count in handshake fuzzer
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Nov 29 17:44:24 2020 +0100
gnutls_handshake_write: don't enqueue empty Handshake message
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Nov 29 16:51:45 2020 +0100
fuzz: fix undefined behavior on left shift
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Date: Tue Nov 24 11:13:07 2020 +0100
accelerated: Re-generate assembly sources
Re-generate assembly sources from the updated openssl submodule.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Nov 24 10:54:06 2020 +0100
verify-tofu: return errors from store functions if callback fails
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Date: Tue Nov 24 10:46:12 2020 +0100
devel: Update openssl submodule
Update openssl submodule to current OpenSSL_1_1_1-stable branch
(8e813c085a).
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Nov 23 07:49:04 2020 +0100
configure.ac: include <libguile.h> when checking scm_* functions
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Nov 12 06:49:12 2020 +0100
crypto-backend: remove ability of overriding ciphers
Those functions has been deprecated in 3.6.9 as they do not have
active use cases.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Nov 9 10:11:04 2020 +0100
NEWS: add entry for QUIC related API functions
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Nov 9 09:05:05 2020 +0100
fuzz: fuzz gnutls_handshake_write
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Mar 24 17:51:56 2020 +0100
alert: add callback to intercept alert messages
This adds gnutls_alert_set_read_function(), to allow QUIC
implementations to be notified when an alert message is sent.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Feb 21 17:48:37 2020 +0100
handshake: add callback to get notified with traffic secret change
For the use with QUIC, the change of traffic secrets must be notified
_after_ a new epoch is set up for reading or writing, and we can't
simply reuse the keylog mechanism.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Feb 19 14:35:04 2020 +0100
handshake: add functions to read/write handshake messages directly
This adds a couple of functions, gnutls_handshake_set_read_function()
and gnutls_handshake_write(), to allow QUIC implementations to
directly interact with the TLS state machine.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Nov 11 19:15:13 2020 +0100
x509: rework issuer callback
The previous issuer callback API had a drawback: the callback is
supposed to add CA to the trust list by itself. This was error-prone,
because the callback must check the new CA is trusted by the already
added CA. This instead moves the responsibility to the library.
This also rewrites the chain amendment logic in a side-effect free
manner. The application can assume that the trust information stored
on gnutls_x509_trust_list_t shouldn't change after the verification.
The missingissuer test has been extended to cover all the possible
patterns exhaustively.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Nov 12 10:57:21 2020 +0100
_gnutls_cert_log: assume that 'cert' is nonnull
This makes static analyzers happy.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Nov 15 09:57:37 2020 +0100
_gnutls_sort_clist: simplify the calling convention
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Tomas Mraz <tmraz@fedoraproject.org>
Date: Mon Oct 26 15:23:24 2020 +0100
Use proper record version in client hello after hello retry request
Signed-off-by: Tomas Mraz <tmraz@fedoraproject.org>
Fixes: #1053
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Nov 12 07:46:19 2020 +0100
pkcs11: increase the maximum PIN length from 31 to 255
The maximum is chosen from the default configuration of SoftHSMv2:
https://github.com/opendnssec/SoftHSMv2/blob/develop/CMakeLists.txt#L61
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 12 08:45:03 2020 +0100
_gnutls_x509_read_value: don't count terminating null byte for OIDs
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Co-authored-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Nov 12 09:19:30 2020 +0100
x509: clarify how to release memory allocated for DN
The application can assume that DNs returned from
_gnutls_x509_get_dn() are allocated with gnutls_malloc() and thus
shall be freed with gnutls_free().
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Michael Catanzaro <mcatanzaro@gnome.org>
Date: Mon Oct 12 16:33:54 2020 -0500
pkcs11: fix session leak in error path
gnutls_pkcs11_obj_set_info() fails to call pkcs11_close_session() after
a successful pkcs11_open_session() if called with an invalid itype
parameter. That would be programmer error, of course, but better not
forget to close the session regardless.
Signed-off-by: Michael Catanzaro <mcatanzaro@gnome.org>
Author: Sahana Prasad <sahana@redhat.com>
Date: Mon Sep 28 10:21:40 2020 +0200
Adds a new API gnutls_session_set_verify_output_function() that allows TLS applications
to have a way to pass the gnutls_verify_output_function() as a callback so that the full
path of the certificate chain to the trusted root can be avaiable as output.
Signed-off-by: Sahana Prasad <sahana@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Nov 5 05:57:01 2020 +0100
.gitlab-ci.yml: temporarily allow failures on Debian.cross.aarch64
qemu is currently causing segmentation fault:
cipher: aes-128-gcm
cipher: aes-192-gcm
cipher: aes-256-gcm
cipher: chacha20-poly1305
qemu: uncaught target signal 11 (Segmentation fault) - core dumped
Segmentation fault (core dumped)
default cipher tests failed
FAIL test-ciphers-openssl.sh (exit status: 139)
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Nov 5 05:56:31 2020 +0100
.gitlab-ci.yml: use nettle git master for FreeBSD.x86_64
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Nov 6 09:54:54 2020 +0100
tls-sig: defer allowed sigalg check to gnutls_pubkey_verify_data2
This reverts 485f2551e68d1b4ee70be2960f0a241b4a2b9fb9. After the new
configuration file has been introduced, the allowed algorithms are
checked after this part.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Remi Olivier <remi_8@hotmail.com>
Date: Wed Oct 28 20:43:25 2020 -0700
Fix memory leak with client certificate auth
Fix memory leak with client certificate auth when rehandshake with ocsp
More info in bug: gnutls/gnutls#1107
Signed-off-by: Remi Olivier <remi_8@hotmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Nov 5 05:51:56 2020 +0100
Revert ".lgtm.yml: no longer bring nettle from master"
This reverts commit bbe93dc315009fe1f9a30426cbe20f4661b8435c.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Nov 4 19:05:58 2020 +0100
gostdsa: fix memleak in _gnutls_gostdsa_unmask_key
Spotted by valgrind:
==5721== 40 bytes in 1 blocks are definitely lost in loss record 1 of 3
==5721== at 0x4839809: malloc (vg_replace_malloc.c:307)
==5721== by 0x4DC3E59: __gmp_default_allocate (in /usr/lib64/libgmp.so.10.4.0)
==5721== by 0x4DD26A3: __gmpz_realloc (in /usr/lib64/libgmp.so.10.4.0)
==5721== by 0x4DD8B9D: __gmpz_set_str (in /usr/lib64/libgmp.so.10.4.0)
==5721== by 0x499339D: _gnutls_gostdsa_unmask_key (gostdsa-mask.c:68)
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Nov 4 18:58:25 2020 +0100
testcompat-openssl: use RC4-SHA instead of RC4-MD5 for testing
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Nov 4 11:43:35 2020 +0100
.gitlab-ci.yml: use Fedora 33 with LEGACY policy for SSL 3.0 testing
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Nov 4 09:46:10 2020 +0100
.gitlab-ci.yml: supply -fstack-protector required by latest MinGW
https://sourceforge.net/p/mingw-w64/bugs/818/
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Nov 4 08:56:04 2020 +0100
tls-fuzzer: update submodules
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Oct 12 17:42:15 2020 +0200
.gitlab-ci.yml: avoid using fipshmac
The new fipshmac command provided by libkcapi requires NETLINK_CRYPTO,
which is not enabled on gitlab CI.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Oct 4 14:08:37 2020 +0200
src: remove use of siginterrupt
GCC 10 warns this:
tests.c:702:2: error: 'siginterrupt' is deprecated: Use sigaction with SA_RESTART instead [-Werror=deprecated-declarations]
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Oct 3 16:15:25 2020 +0200
.gitlab-ci.yml: update build-images for nettle 3.6
Also remove Debian.cross.mips-linux-gnu, as it is no longer supported.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Sep 6 08:56:07 2020 +0200
build: hard require nettle 3.6
This allows us to remove several backports, including XTS, CFB8,
raw-ChaCha, CMAC64, Curve448, and the GOST curves and hashes.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Hans Leidekker <hans@codeweavers.com>
Date: Tue Nov 3 12:31:38 2020 +0100
Make y parameter optional in gnutls_privkey_import_dsa_raw().
Signed-off-by: Hans Leidekker <hans@codeweavers.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Oct 30 16:53:47 2020 +0100
psktool: Fix hex-encoding logic of username
The previous code didn't modify the pointer to the realloc'ed region
nor check overflow before calling realloc.
Spotted by Anderson Sasaki in:
<https://gitlab.com/gnutls/gnutls/-/merge_requests/1345#note_439063374>.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Sahana Prasad <sahana@redhat.com>
Date: Thu Oct 29 10:18:56 2020 +0100
PKCS#12: switch default encryption to AES-256-CBC
Signed-off-by: Sahana Prasad <sahana@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Oct 26 16:32:59 2020 +0100
srptool: fix FILE pointer leak
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Oct 25 08:36:57 2020 +0100
mini-record-timing: use only async-signal-safe functions in handler
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Oct 24 10:23:03 2020 +0200
psktool: encode username if it contains special character
This also moves the hex encoding of key to write_key for readability
and makes file stream closing robuster.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Oct 26 15:42:22 2020 +0100
bootstrap.conf: exercise more tests from Gnulib
This fixes the build failure with -Werror:
configure:53786: gcc -o conftest -O0 -Wall -Werror -g3 conftest.c -lev >&5
conftest.c:412: error: "GNULIB_STRERROR" redefined [-Werror]
412 | #define GNULIB_STRERROR 1
|
conftest.c:305: note: this is the location of the previous definition
305 | #define GNULIB_STRERROR IN_GNUTLS_GNULIB_TESTS
|
cc1: all warnings being treated as errors
as well as improves code coverage.
Suggested by Bruno Haible in:
<https://lists.gnu.org/archive/html/bug-gnulib/2020-10/msg00148.html>.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Oct 24 09:48:07 2020 +0200
gnutls_psk_set_server_credentials_file: document the file format
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Oct 18 17:58:49 2020 +0200
serv: use only async-signal-safe functions in signal handlers
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Oct 18 09:50:46 2020 +0200
_gnutls_asn2err: define as static inline
This pacifies -fanalyzer false-positive:
common.c:552:3: warning: use of NULL '<unknown>' where non-null expected [CWE-690] [-Wanalyzer-null-argument]
Ideally, the function should be defined as 'extern inline' to avoid
code bloat by being copied across multiple translation units.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Oct 18 07:19:29 2020 +0200
doc/examples/ex-ocsp-client.c: check malloc return value
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Oct 18 07:25:42 2020 +0200
serv: peer_print_info: add overflow check on realloc
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Oct 18 07:17:38 2020 +0200
serv: replace our own list implementation with Gnulib's gl_list
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Oct 5 17:59:46 2020 +0200
fips: run CMAC self-tests
FIPS140-2 IG D.8 mandates self-tests on CMAC.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Oct 5 17:44:30 2020 +0200
fips: add self-tests for TLS-PRF
FIPS140-2 IG D.8 mandates self-tests on approved KDF algorithms. As
the guidance only requires to run a single instance of each KDF
mechanism, this only exercises TLS1.2 PRF with HMAC-SHA-256 as the
underlying MAC algorithm.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Oct 6 11:54:21 2020 +0200
fips: use larger prime for DH self-tests
According to FIPS140-2 IG 7.5, the minimum key size of FFC through
2030 is defined as 2048 bits. This updates the relevant self-test
using ffdhe3072 defined in RFC 7919.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Oct 5 16:59:50 2020 +0200
fips: add self-tests for PBKDF2
FIPS140-2 IG D.8 mandates self-tests on approved KDF algorithms. As
the guidance only requires running a single instance of each KDF
mechanism, this only exercises PBKDF2 with HMAC-SHA-256 as the
underlying MAC algorithm.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Oct 5 16:12:46 2020 +0200
fips: add self-tests for HKDF
FIPS140-2 IG D.8 mandates self-test on approved KDF algorithms. As
the guidance only requires running a single instance of each KDF
mechanism, this only exercises HKDF-Extract and HKDF-Expand operations
with HMAC-SHA-256 as the underlying MAC.
Although HKDF is non-approved, it would be sensible to do that as it
will be approved in FIPS140-3.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Oct 3 14:50:26 2020 +0200
tests: add missing ${EXEEXT}
Pointed by Andreas Metzler.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Oct 2 17:23:27 2020 +0200
tests: prolong timeout in wait_for_port
gnutls-serv invocations in cert-tests/dsa can take long time to launch
if valgrind tests are enabled.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Sep 28 19:05:52 2020 +0200
tests: remove unused lock facility using lockfile-create
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Sep 26 11:58:17 2020 +0200
tests: create lock for tests using GETPORT
This fixes a race condition in the timings between when a free port is
detected and when the port is actually used.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Sep 24 11:48:24 2020 +0200
tests: simplify program detection
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Sep 24 10:47:30 2020 +0200
tests: rewrite launch_server using launch_bare_server
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Sep 27 16:11:32 2020 +0200
x509: correct argument of gnutls_verify_output_function
This is a leftover of 52e78f1e. We need to call
gnutls_verify_output_function with the replaced CA cert instead of the
original cert.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Sep 23 09:34:09 2020 +0200
tests: remove launch_pkcs11_server
This function is only used by testpkcs11.sh.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Sep 23 09:12:32 2020 +0200
tests: remove unused first argument from launch_server
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Sep 23 09:09:45 2020 +0200
tests: use ": ${FOO=BAR}" syntax for default handling in shell scripts
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: JonasZhou <JonasZhou@zhaoxin.com>
Date: Wed Sep 23 19:22:50 2020 +0800
x86:Modify variable name
Modify the variables _gnutls_sha_padlock and _gnutls_sha_padlock_nano.
Add a comment for detecting CPU. Modify the indentation. Delete
initialization etc.
Signed-off-by: JonasZhou <JonasZhou@zhaoxin.com>
Author: JonasZhou <JonasZhou@zhaoxin.com>
Date: Tue Sep 15 16:36:57 2020 +0800
x86:add detection of instruction set on Zhaoxin CPU
Add detection of extended instruction set on Zhaoxin cpu,e.g:ssse3,sha,
etc. Set the priority of the algorithm according to the benchmark
test result on Zhaoxin cpu.
Signed-off-by: JonasZhou <JonasZhou@zhaoxin.com>
Author: JonasZhou <JonasZhou@zhaoxin.com>
Date: Wed Sep 16 14:08:21 2020 +0800
x86: fix avx detection
In the case of setting environment variables, AVX cannot be detected
correctly. Because only MOVBE is added to variable _gnutls_x86_cpuid_s,
there is no OSXSAVE. And according to the intel manual, using AVX
does not need to detect FMA.
Signed-off-by: JonasZhou <JonasZhou@zhaoxin.com>
Author: JonasZhou <JonasZhou@zhaoxin.com>
Date: Wed Sep 23 14:19:39 2020 +0800
padlock:fix exception in wrap_padlock_hmac_fast
In function wrap_padlock_hmac_fast, use free to release local variables
ctx. Remove a call to wrap_padlock_hmac_deinit() to fix a crash.
Signed-off-by: JonasZhou <JonasZhou@zhaoxin.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Sep 14 17:59:00 2020 +0200
testcompat-openssl: specify -sigalgs
The default selection of signature schemes is also affected by the
crypto-policies, and needs to be explicitly enabled with -sigalgs.
Suggested by Tomas Mraz.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Sep 14 08:31:17 2020 +0200
inih: remove unused code
This avoids -fanalyzer false-positive in GCC 10:
https://bugzilla.redhat.com/show_bug.cgi?id=1878600
as well as the cppcheck warning:
"variableScope:lib/inih/ini.c:99,style,The scope of the variable 'start' can be reduced."
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Sep 20 17:49:17 2020 +0200
priority: add Ed448 to SECURE192 signing algorithms
Reported Vladimír Čunát in:
https://gitlab.com/gnutls/gnutls/-/merge_requests/984#note_349374656
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sat Sep 19 10:57:04 2020 +0200
testsuite: Fix $SERV / $GNUTLS_SERV inconsistency
Some tests did not support overriding the PATH to gnutls-serv by setting
the environment variable SERV but used GNUTLS_SERV instead.
Closes #1090
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Andreas Metzler <ametzler@debian.org>
Date: Fri Sep 18 13:55:06 2020 +0200
In testsuite scripts use "$@" instead of $*.
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Sep 13 17:19:32 2020 +0200
build: remove dead assignments
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Sep 8 19:55:14 2020 +0200
spki: work around GCC 10 -Warray-bounds false-positive
Suggested by Martin Sebor in:
https://bugzilla.redhat.com/show_bug.cgi?id=1876801#c1
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Sep 8 19:51:07 2020 +0200
tls13/session_ticket: remove _gnutls13_session_ticket_unset
The function was not really useful because _gnutls_free_datum()
has a NULL check as in free(). This also makes GCC 10 happy if
-Warray-bounds=2 is specified:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=96984
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Sep 7 09:52:52 2020 +0200
tests: allow clock_nanosleep in seccomp tests
The nanosleep wrapper in glibc has changed the implementation using
the clock_nanosleep syscall:
https://sourceware.org/git/?p=glibc.git;a=commit;h=3537ecb49cf7177274607004c562d6f9ecc99474
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Sep 7 09:52:09 2020 +0200
.gitlab-ci.yml: bump build environment to Fedora 32
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Andreas Metzler <ametzler@debian.org>
Date: Wed Sep 16 07:18:51 2020 +0200
testsuite: Run GOST part of tests/gnutls-cli-debug.sh
Closes #1097
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Andreas Metzler <ametzler@debian.org>
Date: Wed Sep 16 07:13:06 2020 +0200
testsuite: Fix GOST gnutls-cli-debug test
GOST algorithms are not enabled by default, explicitely request them in
priority string.
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Sahana Prasad <sahana@redhat.com>
Date: Mon Sep 14 13:09:00 2020 +0200
Modifies P_hash() to hash the seed and label separately
Thereby not restricting the implementation of prf to MAX_SEED_SIZE
MAX_SEED_SIZE is not used anymore
Signed-off-by: Sahana Prasad <sahana@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Sep 17 12:03:20 2020 +0200
build: ignore pointless -Wformat-nonliteral warning
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Sep 17 11:15:43 2020 +0200
configure.ac: don't enable warning only available in decent gcc
-Warith-conversion is new in GCC 10.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Sep 12 20:29:54 2020 +0200
.gitlab-ci.yml: bump cache version
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Sep 13 20:27:05 2020 +0200
build: ignore pointless -Wformat-y2k warning
Printing UTCTime really needs last 2 digits of the year.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Sep 13 17:52:44 2020 +0200
gnulib: update git submodule
This brings in the build fixes of parse-datetime module:
https://lists.gnu.org/archive/html/bug-gnulib/2020-07/msg00178.html
https://lists.gnu.org/archive/html/bug-gnulib/2020-08/msg00001.html
https://lists.gnu.org/archive/html/bug-gnulib/2020-09/msg00046.html
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Nikolay Sivov <nsivov@codeweavers.com>
Date: Sun Sep 6 23:42:33 2020 +0300
Make private exponent optional in gnutls_privkey_import_rsa_raw().
Signed-off-by: Nikolay Sivov <nsivov@codeweavers.com>
Author: Nikolay Sivov <nsivov@codeweavers.com>
Date: Sun Sep 6 21:18:57 2020 +0300
Use symbols defined for RSA key parameter indices in some more places.
Signed-off-by: Nikolay Sivov <nsivov@codeweavers.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Aug 22 17:19:39 2020 +0200
handshake: reject no_renegotiation alert if handshake is incomplete
If the initial handshake is incomplete and the server sends a
no_renegotiation alert, the client should treat it as a fatal error
even if its level is warning. Otherwise the same handshake
state (e.g., DHE parameters) are reused in the next gnutls_handshake
call, if it is called in the loop idiom:
do {
ret = gnutls_handshake(session);
} while (ret < 0 && gnutls_error_is_fatal(ret) == 0);
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Nikolay Sivov <nsivov@codeweavers.com>
Date: Wed Sep 2 23:49:14 2020 +0300
Consolidate optional arguments tests for RSA key import, cleanup after each import.
Signed-off-by: Nikolay Sivov <nsivov@codeweavers.com>
Author: Nikolay Sivov <nsivov@codeweavers.com>
Date: Wed Sep 2 23:14:14 2020 +0300
Move RSA key parameter counter fixup closer to exponent update helper.
Signed-off-by: Nikolay Sivov <nsivov@codeweavers.com>
Author: Sahana Prasad <sahana@redhat.com>
Date: Tue Sep 1 23:16:53 2020 +0200
src/cli: adds new option '--ca-auto-retrieve' that can be used with gnutls-cli to
automatically download missing intermediate CAs in a certificate chain
lib/cred-cert.c : adds set and get APIs to get user data in the
gnutls_x509_trust_list_set_getissuer_function() callback.
Signed-off-by: Sahana Prasad <sahana@redhat.com>
Author: Nikolay Sivov <nsivov@codeweavers.com>
Date: Tue Sep 1 21:00:18 2020 +0300
Add some tests for optional arguments in gnutls_privkey_import_rsa_raw().
Signed-off-by: Nikolay Sivov <nsivov@codeweavers.com>
Author: Nikolay Sivov <nsivov@codeweavers.com>
Date: Tue Sep 1 19:29:20 2020 +0300
Fix optional parameters counter when importing RSA private keys.
Currently gnutls_privkey_import_rsa_raw() allows 3 last arguments to be omitted,
key fixup logic however checks for 3 missing arguments when updating coefficient 'u'
but then asserts when updating exponents 'e1' and 'e2' assuming only 2 parameters
are missing at that point.
Signed-off-by: Nikolay Sivov <nsivov@codeweavers.com>
Author: Nikolay Sivov <nsivov@codeweavers.com>
Date: Tue Sep 1 19:15:02 2020 +0300
Use symbols defined for RSA key parameter indices in more places.
Signed-off-by: Nikolay Sivov <nsivov@codeweavers.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Aug 30 14:40:13 2020 +0200
tests: fix sizeof usage in mini-record-timing
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Aug 30 14:35:47 2020 +0200
padlock: fix partial PHE detection
The xsha1 instruction takes complete SHA-1 blocks (64 bytes) instead
of arbitrary length data when EAX is set to -1.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Albrecht Dreß <albrecht.dress@arcor.de>
Date: Sat Aug 29 14:33:05 2020 +0200
improve gnutls-serv EOL processing
add option `--crlf` to gnutls-serv to disable replacing a received CRLF
by LF in echo mode (fixes #1073).
Signed-off-by: Albrecht Dreß <albrecht.dress@arcor.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Aug 13 18:17:08 2020 +0200
gnutls_aead_cipher_decrypt: check output buffer size before writing
While the documentation of gnutls_aead_cipher_decrypt indicates that
the inout argument ptext_len initially holds the size that
sufficiently fits the expected output size, there was no runtime check
on that. This makes the interface robuster against misuses.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Aug 16 11:43:35 2020 +0200
handshake: check TLS version against modified server priorities
The server needs to take into account of multiple factors when
determining the TLS protocol version actually being used:
- the legacy version
- "supported_versions" extension
- user_hello_func that may modify the server's priorities
Only after that it can check whether the TLS version is enabled in the
server's priorities.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Aug 16 18:23:24 2020 +0200
gnutls_x509_crt_export2: return 0 instead of the length
This aligns the behavior to the documentation.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Fiona Klute <fiona.klute@gmx.de>
Date: Sun Aug 16 14:05:44 2020 +0200
Fix parser output in tests/cert-tests/data/gost-cert-nogost.pem
When building without GOST support parsing a GOST certificate must
return an "error importing public key" message instead of key
details. This change makes tests/cert-tests/pem-decoding pass for
builds with --disable-gost.
Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Aug 14 07:27:40 2020 +0200
cert-session: check OCSP error responses
If the OCSP responder returns an error code, such as tryLater, we
can't proceed to examine the response bytes. In that case, just skip
the check unless the stapling is mandatory on this certificate.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Steve Lhomme <robux4@ycbcr.xyz>
Date: Wed Jul 15 09:34:19 2020 +0200
mangle gnutls-built ecc_scalar_random
GNUTLS builds ecc-random.c but ecc_scalar_random() is a public API. So we
mangle the internal version we build.
ecc_mod_random is unaffected as it's an internal API that is mangled by GNUTLS.
Fixes #1016
Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Aug 13 15:56:20 2020 +0200
minitasn1: move WARN_CFLAGS setting to configure.ac
Some compilers don't support -Wno-type-limits, while they support
-Wtype-limits.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Jun 4 16:42:07 2020 +0200
_gnutls_fips_mode_enabled: treat selftest failure as FIPS disabled
Previously gnutls_fips140_mode_enabled() returned true, even after
selftests have failed and the library state has switched to error.
While later calls to crypto operations fails, it would be more
convenient to have a function to detect that state.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Aug 12 08:10:51 2020 +0200
doc: assorted typo fixes
Spotted by codespell.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Aug 12 07:29:30 2020 +0200
serv, cli: ensure that invalid flag is always set
According to the documentation, the GNUTLS_CERT_INVALID flag must
always be set in case of verification failure, together with the flag
indicating the actual error cause.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Aug 12 07:27:17 2020 +0200
cert-session: fail hard if mandatory stapling is not honored
According to the documentation, the GNUTLS_CERT_INVALID flag must
always be set in case of verification failure, together with the flag
indicating the actual error cause.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Michael Catanzaro <mcatanzaro@gnome.org>
Date: Fri Aug 7 13:55:23 2020 -0500
Fix invalid free in missing issuer test case error path
This variable is not initialized in this error path: it's only
initialized if gnutls_x509_crt_get_authority_info_access() succeeds.
Signed-off-by: Michael Catanzaro <mcatanzaro@gnome.org>
Author: Michael Catanzaro <mcatanzaro@gnome.org>
Date: Fri Aug 7 13:00:22 2020 -0500
Fix typo in API docs
Signed-off-by: Michael Catanzaro <mcatanzaro@gnome.org>
Author: Petr Pavlu <petr.pavlu@suse.com>
Date: Wed Jul 8 10:12:30 2020 +0200
pubkey: avoid spurious audit messages from _gnutls_pubkey_compatible_with_sig()
When checking in _gnutls_pubkey_compatible_with_sig() whether a public
key is compatible with a signature algorithm, run first
pubkey_supports_sig() before performing weaker checks that can accept
the given algorithm but with an audit-log warning. This avoids an issue
when a weaker check would log an audit message for some signature
algorithm that would then be determined as incompatible by the
pubkey_supports_sig() check anyway.
For instance, a GnuTLS server might have a certificate with a SECP384R1
public key and a client can report that it supports
ECDSA-SECP256R1-SHA256 and ECDSA-SECP384R1-SHA384. In such a case, the
GnuTLS server will eventually find that it must use
ECDSA-SECP384R1-SHA384 with this public key. However, the code would
first run _gnutls_pubkey_compatible_with_sig() to check if SECP384R1 is
compatible with ECDSA-SECP256R1-SHA256. The function would report the
audit warning "The hash size used in signature (32) is less than the
expected (48)" but then reject the signature algorithm in
pubkey_supports_sig() as incompatible because it has a different curve.
Since the algorithm gets rejected it is not necessary to inform about
its hash size difference in the audit log.
Signed-off-by: Petr Pavlu <petr.pavlu@suse.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Jul 18 08:26:48 2020 +0200
ecdh: perform SP800-56A rev3 full pubkey validation on keygen
This implements full public key validation required in
SP800-56A rev3, section 5.6.2.3.3.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jul 17 17:47:06 2020 +0200
dh: perform SP800-56A rev3 full pubkey validation on keygen
This implements full public key validation required in SP800-56A rev3,
section 5.6.2.3.1.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jul 17 17:45:17 2020 +0200
dh-primes: make the FIPS approved check return Q value
This is necessary for full public key validation in
SP800-56A (revision 3), section 5.6.2.3.1.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jul 10 09:42:30 2020 +0200
ecdh: check validity of P before export
SP800-56A rev3 section 5.7.1.2 step 2 mandates that the validity of
the calculated shared secret is verified before the data is returned
to the caller. This patch adds the validation check.
Suggested by Stephan Mueller.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jul 10 09:35:49 2020 +0200
dh: check validity of Z before export
SP800-56A rev3 section 5.7.1.1 step 2 mandates that the validity of the
calculated shared secret is verified before the data is returned to the
caller. This patch adds the validation check.
Suggested by Stephan Mueller.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Alexander Sosedkin <asosedkin@redhat.com>
Date: Fri Jul 3 14:54:17 2020 +0200
tests: split up system-override-sig-hash.sh
Split up system-override-sig-hash.sh
so that the errors won't get swallowed or conflated.
Also correct unused `srcdir` to `builddir`,
which I believe was meant to be set there.
Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Author: Steve Lhomme <robux4@ycbcr.xyz>
Date: Mon Jun 22 09:09:05 2020 +0200
fix connectx not available on older macOS SDK
Fixes this compilation error:
system/fastopen.c:134:9: error: 'connectx' is only available on macOS 10.11 or newer [-Werror,-Wunguarded-availability]
ret = connectx(fd, &endpoints, SAE_ASSOCID_ANY, CONNECT_RESUME_ON_READ_WRITE | CONNECT_DATA_IDEMPOTENT, NULL, 0, NULL, NULL);
^~~~~~~~
/Applications/Xcode9.2.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.13.sdk/usr/include/sys/socket.h:713:5: note: 'connectx' has been marked as being introduced in macOS 10.11 here, but the deployment target is macOS 10.7.0
The detection is the same as found in curl [1].
If HAVE_BUILTIN_AVAILABLE is not available we fallback to the code without
TCP_FASTOPEN_OSX.
The OS values match exactly the values found in
https://opensource.apple.com/source/xnu/xnu-4570.41.2/bsd/sys/socket.h
[1] https://github.com/curl/curl/commit/870d849d48a26b8eeb0d4bb1f4655367a4a191ca
Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
Author: James Bottomley <James.Bottomley@HansenPartnership.com>
Date: Sun Jun 28 21:33:09 2020 +0200
build: use $(LIBPTHREAD) rather than non-existent $(LTLIBPTHREAD)
On a very recent openSUSE build, libgnutls is getting built without
libpthread. This caused a thread related error when trying to load a
pkcs11 module that uses threading. The reason is rather convoluted:
glibc actually controls all the pthread_ function calls, but it
returns success without doing anything unless -lpthread is in the link
list. What's happening is that gnutls_system_mutex_init() is being
called on _gnutls_pkcs11_mutex before library pthreading is
initialized, so the pthread_mutex_init ends up being a nop. Then, when
the pkcs11 module is loaded, pthreads get initialized and the call to
pthread_mutex_lock is real, but errors out on the uninitialized mutex.
The problem seems to be that nothing in the gnulib macros gnutls
relies on for threading support detection actually sets LTLIBPTHREAD,
they only set LIBPTHREAD. The fix is to use LIBPTHREAD in
lib/Makefile.in
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Jun 21 16:03:54 2020 +0200
safe_memcmp: remove in favor of gnutls_memcmp
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jun 26 10:21:26 2020 +0200
dhe: check if DH params in SKE match the FIPS approved algorithms
SP800-56A rev. 3 restricts the FIPS compliant clients to use only
approved DH parameters, defined in RFC 7919 and RFC 3526. This adds a
check in the handling of ServerKeyExchange if DHE is negotiated.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jun 26 09:43:02 2020 +0200
dh-primes: add MODP primes from RFC 3526
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Fiona Klute <fiona.klute@gmx.de>
Date: Tue Jun 16 21:23:14 2020 +0200
Update tlsfuzzer to get Python interpreter detection
Tlsfuzzer also assumed the Python interpreter would be called
"python", this update is necessary to get a fixed version (see
https://github.com/tomato42/tlsfuzzer/pull/671).
Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
Author: Fiona Klute <fiona.klute@gmx.de>
Date: Tue Jun 16 20:48:44 2020 +0200
Detect Python interpreter instead of assuming "python"
This makes the extended test suite work one Debian(-ish) systems
without Python 2, where the Python 3 interpreter is called "python3".
Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jun 12 16:50:14 2020 +0200
.gitlab-ci.yml: bump configure cache version
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jun 12 11:34:38 2020 +0200
.gitignore: ignore more files
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jun 12 11:32:58 2020 +0200
build: avoid -Wenum-conversion warnings with GCC 10
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sun Jun 14 23:31:27 2020 +0300
.gitlab-ci: disable config.cache for nettle-master builds
Disable usage of config.cache for nettle-master builds. Such
config.cache files can easily become stale, thus resulting in build
failures.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Fiona Klute <fiona.klute@gmx.de>
Date: Sun Jun 14 12:52:46 2020 +0200
Wipe session ticket keys before releasing the session structure
This includes both a copy of the master key and one or two derived
keys, all of which could be used to decrypt session tickets if
stolen. The derived keys could only be used for tickets issued within
a certain time frame (by default several hours).
The documentation for gnutls_session_ticket_enable_server() already
states that the master key should be wiped before releasing it, and
the same should apply to internal copies.
Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jun 9 10:44:57 2020 +0200
tests/cert-test/invalid-sig: use datefudge to test expired certs
Suggested by Andreas Metzler in:
https://gitlab.com/gnutls/gnutls/-/issues/1021
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jun 9 10:41:18 2020 +0200
tests: check_for_datefudge: don't exit the test programs
This makes check_for_datefudge not to immediately exit the program,
but to return non-zero to allow the tests by themselves to control the
behavior when "datefudge" is not found.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Vitezslav Cizek <vcizek@suse.com>
Date: Tue Jun 9 13:54:04 2020 +0200
configure: improve nettle, gmp, and hogweed soname detection
Some linkers might optimize away the libraries passed on the
command line if they aren't actually needed, such as gnu ld with
--as-needed.
The ldd output then won't list the shared libraries and the
detection will fail.
Make sure nettle and others are really used.
Signed-off-by: Vitezslav Cizek <vcizek@suse.com>
Author: Lei Maohui <leimaohui@cn.fujitsu.com>
Date: Mon Jun 8 16:15:07 2020 +0900
Modied the license to GPLv2.1+ to keep with LICENSE file.
Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jun 8 06:45:24 2020 +0200
configure.ac: prefer the latest version of build infrastructure
AM_GNU_GETTEXT_REQUIRE_VERSION tells autopoint to copy the latest
possible build infrastructure installed on the system, rather than the
fixed version from the archive.dir.tar.xz. This makes the
bootstrapping slightly faster and allows us not to stick with the
ancient gettext version.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Steve Lhomme <robux4@ycbcr.xyz>
Date: Sun Jun 7 17:41:21 2020 +0000
CI: fix typo in the Vista target
This resulted in the MinGW64.Vista+ target doing the same thing as the MinGW64
target.
Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Jun 7 15:46:51 2020 +0200
RELEASES.md: move the release steps to devel/ [ci skip]
As the information is only useful to developers, having it under
devel/ rather than in the tarball is more releavant.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Jun 7 15:45:13 2020 +0200
RELEASES.md: mention 3.7.x releases
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Jun 7 15:41:59 2020 +0200
RELEASES.md: fix typo in scp command line
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Jun 7 15:39:39 2020 +0200
NEWS: add missing API modifications to 3.6.14 entry
Reported by Andreas Metzler in:
https://lists.gnupg.org/pipermail/gnutls-help/2020-June/004650.html
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Jan 9 01:42:22 2020 +0300
crypto-selftest: add test vectors for MAGMA/KUZNYECHIK-CTR-ACPKM
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Jan 9 01:11:50 2020 +0300
crypto-api: add _gnutls_cipher_set_key wrapper()
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Oct 17 16:38:40 2019 +0300
cipher/mac: enhance handlers with setkey callback
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Jan 9 00:58:50 2020 +0300
selftests: add test vectors for MAGMA/KUZNYECHIK-OMAC
Add test vectors for newly added MAC algorithms.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Sep 21 22:11:51 2018 +0300
lib: add Magma/Kuznyechik OMAC support
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Sep 21 22:11:14 2018 +0300
lib: add Magma/Kuznyechik ciphers support
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Sep 21 22:10:30 2018 +0300
nettle/gost: add ACPKM rekeying code
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Sep 21 22:10:03 2018 +0300
nettle/gost: add CMAC-64/Magma/Kuznyechik code
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Sep 21 22:09:36 2018 +0300
nettle/gost: add Kuznyechik code
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Sep 21 22:09:11 2018 +0300
nettle/gost: add Magma code
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Sep 21 22:08:44 2018 +0300
nettle/gost: export gost28147_decrypt_simple for magma cipher
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Steve Lhomme <robux4@ycbcr.xyz>
Date: Sat Jun 6 14:05:16 2020 +0200
Merge the extra libraries to link dynamically in GNUTLS_LIBS_PRIVATE
This should fix #1020 where bcrypt is missing from thirdparty_libadd.
Ultimately it would be good to add libraries that always need to be linked in
one variable that is shared between the Makefile and the pkg-config file.
Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jun 5 16:26:33 2020 +0200
crypto-api: always allocate memory when serializing iovec_t
The AEAD iov interface falls back to serializing the input buffers if
the low-level cipher doesn't support scatter/gather encryption.
However, there was a bug in the functions used for the serialization,
which causes memory leaks under a certain condition (i.e. the number
of input buffers is 1).
This patch makes the logic of the functions simpler, by removing a
micro-optimization that tries to minimize the number of calls to
malloc/free.
The original problem was reported by Marius Steffen in:
https://bugzilla.samba.org/show_bug.cgi?id=14399
and the cause was investigated by Alexander Haase in:
https://gitlab.com/gnutls/gnutls/-/merge_requests/1277
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date: Thu Jun 4 16:59:33 2020 +0200
tests: updated tlsfuzzer tests to latest version
excluded some tests from test-certificate-malformed.py
Signed-off-by: KrenzelokFrantisek <krenzelok.frantisek@gmail.com>
Author: Sahana Prasad <sahana@redhat.com>
Date: Wed May 27 12:42:24 2020 +0200
devel/libgnutls-latest-x86_64.abi, doc, NEWS, and manpage updates
Signed-off-by: Sahana Prasad <sahana@redhat.com>
Author: Sahana Prasad <sahana@redhat.com>
Date: Fri May 22 15:11:32 2020 +0200
tests: Adds new tests missingissuer and missingissuer_aia
Signed-off-by: Sahana Prasad <sahana@redhat.com>
Author: Sahana Prasad <sahana@redhat.com>
Date: Fri May 22 09:42:47 2020 +0200
Implements a callback function gnutls_x509_trust_list_set_getissuer_function()
Signed-off-by: Sahana Prasad <sahana@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jun 1 14:18:03 2020 +0200
Release 3.6.14 [ci skip]
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jun 2 21:45:17 2020 +0200
valgrind: check if session ticket key is used without initialization
This adds a valgrind client request for
session->key.session_ticket_key to make sure that it is not used
without initialization.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jun 2 20:53:11 2020 +0200
stek: differentiate initial state from valid time window of TOTP
There was a confusion in the TOTP implementation in stek.c. When the
mechanism is initialized at the first time, it records the timestamp
but doesn't initialize the key. This removes the timestamp recording
at the initialization phase, so the key is properly set later.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jun 2 05:38:28 2020 +0200
gnutls_cipher_init: fix potential memleak
Upon failure this function returns without freeing memory allocated
internally. This makes sure that it is released and do not touch the
output handle argument.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jun 2 05:34:29 2020 +0200
gnutls_aead_cipher_init: fix potential memleak
When _gnutls_aead_cipher_init() fails, the function returns without
freeing the allocted handle. This was once fixed in commit
502be130493e8ce802cdf60fffdbb5f1885352a5 but regressed after a code
reorganization in commit 2eef509ce5f2d250f8dcaeffa46444dd2b694e91.
Reported by Miroslav Lichvar.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jun 1 17:23:59 2020 +0200
serv: omit upper bound of --maxearlydata option definition
It turned out that AutoGen treats numbers that exceed INT_MAX in a
platform dependent way. In this case, 4294967295 (UINT_MAX) is
treated as is on 64-bit platforms, while it is interpreted as "-1" on
32-bit platforms. This causes a problem when the program
documentation is compiled under multilib environment.
Reported by Ivan Molodetskikh in:
https://bugzilla.redhat.com/show_bug.cgi?id=1841844
and the cause was identified by Anderson Toshiyuki Sasaki.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun May 31 14:28:48 2020 +0200
tests: add test case for certificate chain superseding
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun May 31 13:59:53 2020 +0200
x509: trigger fallback verification path when cert is expired
gnutls_x509_trust_list_verify_crt2 use the macro SIGNER_OLD_OR_UNKNOWN
to trigger the fallback verification path if the signer of the last
certificate is not in the trust store. Previously, it doesn't take
into account of the condition where the certificate is expired.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun May 31 12:39:14 2020 +0200
_gnutls_pkcs11_verify_crt_status: check validity against system cert
To verify a certificate chain, this function replaces known
certificates with the ones in the system trust store if possible.
However, if it is found, the function checks the validity of the
original certificate rather than the certificate found in the trust
store. That reveals a problem in a scenario that (1) a certificate is
signed by multiple issuers and (2) one of the issuers' certificate has
expired and included in the input chain.
This patch makes it a little robuster by actually retrieving the
certificate from the trust store and perform check against it.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Mar 16 17:16:08 2020 +0100
devel: provide external git diff driver for *.abi files [ci skip]
This adds an external diff driver for *.abi files, that shows only
interesting changes in those files. This would be useful when adding
a new API.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat May 30 11:06:57 2020 +0200
build: write "FILE *fp" instead of "FILE *fd"
This makes it clear that "fd" is not a file descriptor but a FILE
pointer. Suggested by Tim Rühsen.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon May 25 15:33:49 2020 +0200
gnutls_load_file: document limitation regarding partial failure
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon May 25 11:21:38 2020 +0200
cert-cred: clear private key data loaded from file
This makes use of the RF_SENSITIVE flag newly added to read_file
function when reading potentially senstive information from a file.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon May 25 10:09:28 2020 +0200
lib: avoid file descriptor leak when application forks
This makes use of the "e" flag of fopen, provided by the Gnulib's
fopen-gnu module.
Reported by Remi Denis-Courmont in:
https://gitlab.com/gnutls/gnutls/-/issues/985
and fix suggested by Tim Rühsen.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon May 25 18:37:51 2020 +0200
gnulib: update git submodule
This brings in the new fopen-gnu module and the RF_SENSITIVE flag for
fread_file and read_file. This also adds the following changes to be
consistent with the latest changes in Gnulib:
- the callers of fread_file and read_file to be adjusted for the FLAGS
argument
- "attribute.h" needs to be used extensively
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu May 28 00:05:35 2020 +0300
p12: do not encrypt encrypt certificate bag with empty password
Do not encrypt certificate bag if the user has specified empty password
(--password ''). Encryption can be turned on by specifying
--empty-password.
Fixes #888
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Steve Lhomme <robux4@ycbcr.xyz>
Date: Wed Apr 29 10:32:08 2020 +0200
win32: use bcrypt instead of CryptoAPI on Vista+ for random numbers
CryptoAPI is a deprecated API [1] that is forbidden in UWP builds.
Rewrite the CryptoAPI calls in bcrypt.
bcrypt is used instead of CryptoAPI when targeting Windows Vista and above.
https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-cryptdecrypt
Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed May 27 23:42:01 2020 +0300
certtool: do not ask for private key password if it was provided
Make pin_callback() use cinfo->password if it is set (via command line
or from template).
Fixes #933
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu May 28 03:15:55 2020 +0300
.travis.yml: use several different OSX versions
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Steve Lhomme <robux4@ycbcr.xyz>
Date: Wed May 27 21:14:50 2020 +0000
win32: move the NCRYPT key import into a function
No functional change. The has been simply moved.
Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
Author: Steve Lhomme <robux4@ycbcr.xyz>
Date: Wed May 27 21:13:43 2020 +0000
configure.ac: determine if the Vista APIs can be linked statically
If _WIN32_WINNT is higher or equal to 0x0600, Vista API's are allowed during
the build. We can assume that the minimum platform the code will run on is
Vista [1]
In that case there's no need to call API's (ncrypt) dynamically when it can be
done statically.
[1] https://docs.microsoft.com/en-us/cpp/porting/modifying-winver-and-win32-winnt
Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed May 27 00:34:02 2020 +0300
lib: add support for AES-192-GCM
Add support for AES-192 in GCM mode.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue May 26 16:19:59 2020 +0300
configure: check that -no_weak_links works with FD_SET
Several Xcode/SDK versions provide FD_SET implementation that does not
work with -no_weak_links. Check that this option does not break FD_SET
usage.
Fixes #966
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue May 26 13:12:24 2020 +0300
tests: build datefudge-check during make all
Most of the tests depend on datefudge-check. Let's make it during 'make
all' stage to allow running individual tests w/o requiring to build it
separately.
Fixes #920
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue May 26 13:06:03 2020 +0300
configure.ac: add -fno-builtin-strcmp if valgrind is enabled
Recent GCC provides strcmp which makes Valgrind assume that it accesses
uninitialized data. Disable this optimization if Valgrind tests are
enabled.
Fixes #944
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: rrivers2 <5981058-rrivers2@users.noreply.gitlab.com>
Date: Sun May 24 23:11:01 2020 +0000
Update session_ticket.c to add support for zero length session tickets returned from the server
check that ticket_len > 0 prior to calling gnutls_realloc_fast
Signed-off-by: Rod Rivers <5981058-rrivers2@users.noreply.gitlab.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu May 14 05:54:58 2020 +0300
build: vendor in libtasn1 code
Instead of keeping the minitasn1 source in Git, vendor in it during
bootstrap as we do with Nettle code. This also upgrades included
minitasn1 to latest version (4.16.0).
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Steve Lhomme <robux4@ycbcr.xyz>
Date: Tue May 19 16:23:40 2020 +0200
win32: link with crypt32
Since 5d03564cccd2c10c41252ea468d4a098bd08e9c1 we use CertOpenStore().
To properly link it needs to be linked with the crypt32.dll.
https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-certopenstore
This library was missing from the pkg-config library. It exists in
thirdparty_libadd to link gnutls as a DLL.
Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue May 19 16:18:39 2020 +0200
fips: remove FIPS_STARTUP_ONLY_TEST_CASE macro
The macro was intended to avoid non-recoverable errors during library
initialization, but the code path has been removed in commit
3963518d067a64412bbe0aa9ce5fc33ae729c15f.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon May 18 12:25:42 2020 +0200
fips: make FIPS140-2 mode enablement logic simpler
Previously, to enable the FIPS140-2 mode, both /etc/system-fips and
the fips=1 kernel command line need to be set. While this was
designed to be consistent, the convention is not well followed by the
other crypto libraries and the former tends to be ignored. This
aligns the behavior to the latter, i.e. if fips=1 is set, the library
enables the FIPS140-2 mode regardless of the existence of
/etc/system-fips.
Suggested by Alexander Sosedkin.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon May 18 00:13:34 2020 +0300
x509: support commonName extension
Add support for Common Name certificate extension.
Fixes #989
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Daniel Lenski <dlenski@gmail.com>
Date: Sun May 17 14:50:47 2020 -0700
refine tests for ancient servers which support both SSL 3.0 and TLS 1.0, but both only with %NO_EXTENSIONS
This is a follow-up to !1221.
See #958 and https://gitlab.com/openconnect/openconnect/-/issues/145 for a
real-world example of ancient Cisco servers with these deficiencies.
With !1221 only, gnutls-cli-debug reports that these ancient servers only support
SSL 3.0 (but without extensions). Information after this point is
largely erroneous:
$ gnutls-cli-debug ***vpn.***.com
GnuTLS debug client 3.6.12
Checking ***vpn.***.com:443
whether the server accepts default record size (512 bytes)... no
whether %ALLOW_SMALL_RECORDS is required... no
for SSL 3.0 (RFC6101) support... yes
for SSL 3.0 with extensions... no
With this additional change, gnutls-cli-debug correctly reports that such a
server also supports TLS 1.0 (but again with extensions disabled). Below
I've marked some of the significant fields that have changed:
$ gnutls-cli-debug ***vpn.***.com
GnuTLS debug client 3.6.12
Checking ***vpn.***.com:443
whether the server accepts default record size (512 bytes)... no
whether %ALLOW_SMALL_RECORDS is required... no
for SSL 3.0 (RFC6101) support... yes
for SSL 3.0 with extensions... no
whether we need to disable TLS 1.2... yes
whether we need to disable TLS 1.1... yes
# This is now correct:
whether we need to disable TLS 1.0... no
# This is now correct:
whether %NO_EXTENSIONS is required... yes
# This is now correct:
for TLS 1.0 (RFC2246) support... yes
for TLS 1.1 (RFC4346) support... no
fallback from TLS 1.1 to... failed
for TLS 1.2 (RFC5246) support... no
# This is now correct:
for known TLS or SSL protocols support... yes
TLS1.2 neg fallback from TLS 1.6 to... failed (server requires fallback dance)
for inappropriate fallback (RFC7507) support... no
for HTTPS server name... ******
for certificate chain order... sorted
for Safe renegotiation support (SCSV)... no
for version rollback bug in RSA PMS... no
for version rollback bug in Client Hello... no
whether the server ignores the RSA PMS version... no
whether small records (512 bytes) are tolerated on handshake... yes
whether cipher suites not in SSL 3.0 spec are accepted... yes
whether a bogus TLS record version in the client hello is accepted... yes
whether the server understands TLS closure alerts... partially
whether the server supports session resumption... yes
for anonymous authentication support... no
for ephemeral Diffie-Hellman support... no
for RFC7919 Diffie-Hellman support... no
for AES-GCM cipher (RFC5288) support... no
for AES-CCM cipher (RFC6655) support... no
for AES-CCM-8 cipher (RFC6655) support... no
for AES-CBC cipher (RFC3268) support... no
for CAMELLIA-GCM cipher (RFC6367) support... no
for CAMELLIA-CBC cipher (RFC5932) support... no
# This is now correct:
for 3DES-CBC cipher (RFC2246) support... yes
# This is now correct:
for ARCFOUR 128 cipher (RFC2246) support... yes
for CHACHA20-POLY1305 cipher (RFC7905) support... no
for GOST28147-CNT cipher (draft-smyshlyaev-tls12-gost-suites) support... no
for MD5 MAC support... yes
for SHA1 MAC support... yes
for SHA256 MAC support... no
for GOST28147-IMIT MAC (draft-smyshlyaev-tls12-gost-suites) support... no
Signed-off-by: Daniel Lenski <dlenski@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sun May 17 22:01:22 2020 +0300
x509: aki: always print authorityCert info
Always print authorityCertIssuer/SerialNumber. Currently it is output
only if keyIdentifier is not present.
Fixes #991
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon May 11 23:50:40 2020 +0300
output: add Russian security class policies
Add Russian Security Class certificate policies (per
draft-deremin-rfc4491-bis).
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon May 11 23:11:56 2020 +0300
x509: print certificate policiy names
Add ability to print names for several pre-defined Certificate policies.
Currently the list is populated with anyPolicy from X.509 and CA/B
policies.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu May 14 02:22:05 2020 +0300
certtool: use gnutls_pkcs7_print_signature_info
Use new function to remove code duplication.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu May 14 02:20:57 2020 +0300
pkcs7: add function to display signature information
Basically export print_pkcs7_info() in a way usable by external
applications.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu May 14 02:22:20 2020 +0300
pkcs7: decode attribute OIDs when printing
Try printing symbolic names for well-known OIDs when printing PKCS7
signature info.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu May 14 05:28:20 2020 +0300
devel: add libtasn1 submodule
GnuTLS maintains a part of libtasn1 sources in form of minitasn1 import.
Add libtasn1 submodule to ease synchronization with libtasn1.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu May 14 02:15:23 2020 +0300
x509: generify oid to str conversions
Make oid to name conversion functions generic enough by allowing caller
to specify a pointer to OID table.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Date: Mon May 4 18:23:45 2020 +0200
accelerated: use AES-NI for AES-XTS when available
This introduces a wrapper for the CRYPTOGAMS AES-XTS implementation
already present in the generated assembly code.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Author: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Date: Fri Mar 20 16:37:33 2020 +0100
gnutls-cli: Add option to wait for resumption data
This introduces the --waitresumption command line option which makes the
client to wait for the resumption data until a ticket is received under
TLS1.3. The client will block if no ticket is received. The new option
has no effect if the option --resume is not provided.
This is useful to force the client to wait for the resumption data when
the server takes long to send the ticket, allowing the session
resumption to be tested. This is a common scenario in CI systems where
the testing machines have limited resources.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Author: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Date: Tue May 5 19:27:59 2020 +0200
benchmark: enable AES-XTS cipher
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Aug 16 17:01:05 2019 +0200
nettle: disable RSA blinding in FIPS selftests
Nettle's RSA signing, encryption and decryption functions still
require randomness for blinding, so fallback to use a fixed buffer in
selftests where entropy might not be available.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Apr 26 19:27:11 2020 +0200
nettle: expose SIV-CMAC through the AEAD interface
This adds a couple of new cipher algorithms GNUTLS_CIPHER_AES_128_SIV
and GNUTLS_CIPHER_AES_256_SIV, exposing nettle_siv_cmac_aes{128,256}*
functions. Note that they can only used with the AEAD interface and
authentication tags are prepended (not appended) to the ciphertext.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Apr 26 19:27:05 2020 +0200
nettle: vendor in SIV-CMAC implementation
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Apr 26 19:26:57 2020 +0200
nettle: avoid manual backports of CFB8, CMAC, and XTS
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Apr 26 19:26:48 2020 +0200
nettle: rename import-chacha-from-nettle.sh to import-from-nettle.sh
This script will handle other backports except ECC as well.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Apr 26 19:26:36 2020 +0200
configure.ac: fix broken nettle_cfb8_decrypt detection
Given the fixed version of the function will be part of Nettle 3.6,
use pkg-config --atleast-version instead of a manually comparison of
the Nettle version.
Fixes #974.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed Apr 29 12:41:52 2020 +0200
New make target 'update-copyright-year'
We don't want to automatically update the copyright year as this
prevents reproducible builds.
Instead, 'make update-copyright-year' has to be executed at the
start of each new year and the changes have to be pushed.
Closes #980
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Apr 29 20:43:23 2020 +0300
tests/prime-check: don't include gmp.h
Do not include gmp.h header, <nettle/bignum.h> conflicts with it in
mini-gmp configuration and includes this header on it's own in
non-mini-gmp config.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Apr 28 17:45:40 2020 +0300
tests/srp: increase timeouts
SRP test times out if running on the GitLab CI with mini-gmp version of
Nettle. Increase timeouts to let the test pass.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Apr 28 15:48:29 2020 +0300
CI: add nettle-mini-gmp test
Wget/Wget2 OSS-Fuzz builders use mini-gmp version of nettle. Check that
we do not break them occasionally.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Apr 30 07:05:19 2020 +0200
doc: expand GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE description on RSA-PSS [ci skip]
For RSA-PSS, this flag alone doens't fully enable reproducible
signatures and the user needs to indicate the fact that a zero-length
salt is used through SPKI upon verification.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Apr 28 03:06:26 2020 +0300
gost: use gostdsa-vko from nettle 3.6rc3
Now as we have upgraded Nettle to 3.6rc3 (which includes gostdsa_vko),
use this function from imported nettle sources.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Apr 28 13:59:15 2020 +0300
nettle: update imported source to nettle 3.6rc3
Update imported nettle version to 3.6rc3. This will bring in updated
gmp-glue code and a possiblity to use gostdsa-vko imported from nettle
sources.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Apr 6 14:37:53 2020 +0200
fips: check library soname during configure
Previously, we hard-coded the sonames of linked libraries for FIPS
integrity checking. That required downstream packagers to manually
adjust the relevant code in lib/fips.c, when a new interface version
of the dependent libraries (nettle, gmp) becomes available and linked
to libgnutls.
This patch automates that process with the configure script.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Mar 27 09:53:38 2020 +0100
gnutls_session_ext_register: keep track of extension name
Previously it discarded the name argument, and that was making the
debug output awkward, e.g., running tests/tls-session-ext-register -v:
client|<4>| EXT[0x9cdc20]: Preparing extension ((null)/242) for 'client hello'
client|<4>| EXT[0x9cdc20]: Preparing extension ((null)/241) for 'client hello'
client|<4>| EXT[0x9cdc20]: Sending extension (null)/241 (2 bytes)
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sun Feb 16 00:28:43 2020 +0300
gost: update gostdsa_vko to follow Nettle
Update gostdsa_vko() following changes going to be accepted into Nettle.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Apr 21 16:29:41 2020 +0200
gnutls_ext_get_name2: new function
This adds a generalized version of gnutls_ext_get_name, which can
retrieve the name of the extension, even if it is registered per
session.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Apr 16 18:49:22 2020 +0300
build: attempt to fix build issues on FreeBSD
BSD sed does not like \n and \0 in string substitution. Workaround this
by using sed magic.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Apr 15 18:49:26 2020 +0300
gitlab CI: when calling cppcheck ignore lib/nettle/ecc rather than lib/nettle/curve448
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Apr 14 14:17:07 2020 +0300
gitlab-ci: add test for usage of nettle/hogweed internal symbols
Check that GnuTLS does not depend on Nettle/Hogweed internal symbols.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Apr 14 13:47:43 2020 +0300
nettle: vendor in poly1305 code
Nettle's poly1305 code ended up with internal symbol _poly1305_block in
public header. This causes issues on Nettle version changes. Since those
symbols are going to become nettle-internal, vendor in relevant source
file.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Apr 13 17:54:28 2020 +0300
gost: import _nettle_write_le32 to stop using Nettle's internal symbol
Remove another dependency on nettle internal symbol by vendoring in
_nettle_write_le32 code
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Apr 13 17:06:06 2020 +0300
nettle: use new imported source files for GOST DSA
Provide GOST support using source files copied by script rather than
manually crafted by me.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Apr 13 16:11:02 2020 +0300
build: import-curve448 -> import-ecc
As the script now imports not just Curve448, but also gost code, rename
the script, target directory and symbols to follow that.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Apr 11 15:28:29 2020 +0200
xts: check key blocks according to FIPS-140-2 IG A.9
The implementation guidance suggests that a check of key1 != key2
should be done at any place before the keys are used:
https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Module-Validation-Program/documents/fips140-2/FIPS1402IG.pdf
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Apr 13 16:08:29 2020 +0300
devel: modify curve448 script to import gost sources
Curve448 script already imports several ecc sources into GnuTLS tree.
Modify it to also vendor in GOST-related ecc files.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Apr 13 12:43:42 2020 +0300
import-chacha: fix several additional symbol clashes
Fix sed script used to rename symbols to remove few additional symbols
sitting in _nettle_FOO namespace.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Apr 13 12:59:12 2020 +0300
curve448: import write-le64.c which defines internal symbol
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Apr 13 12:43:42 2020 +0300
import-curve448: fix several additional symbol clashes
Fix sed script used to rename symbols to remove few additional symbols
sitting in _nettle_FOO namespace.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Mar 30 11:27:40 2020 +0200
handshake-tls13: add session flag to disable sending session tickets
While GnuTLS by default implicitly sends NewSessionTicket during
handshake, application protocols like QUIC set a clear boundary
between "in handshake" and "post handshake", and NST must be sent in
the post handshake state.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Bernhard M. Wiedemann <bwiedemann@suse.de>
Date: Sun Apr 5 15:09:57 2020 +0200
tests: Fix status-request-revoked after 2020-10-24
included certs expire 2020-10-24 so this test fails after that date.
Fixes #967
This patch was done while working on reproducible builds for openSUSE.
Signed-off-by: Bernhard M. Wiedemann <bwiedemann@suse.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Mar 31 06:58:48 2020 +0200
build: use valgrind client request to detect undefined memory use
This tightens the check introduced in
ac2f71b892d13a7ab4cc39086eef179042c7e23c, by using the valgrind client
request to explicitly mark the "uninitialized but initialization is
needed before use" regions. With this patch and the
fix (c01011c2d8533dbbbe754e49e256c109cb848d0d) reverted, you will see
the following error when running dtls_hello_random_value under
valgrind:
$ valgrind ./dtls_hello_random_value
testing: default
==520145== Conditional jump or move depends on uninitialised value(s)
==520145== at 0x4025F5: hello_callback (dtls_hello_random_value.c:90)
==520145== by 0x488BF97: _gnutls_call_hook_func (handshake.c:1215)
==520145== by 0x488C1AA: _gnutls_send_handshake2 (handshake.c:1332)
==520145== by 0x488FC7E: send_client_hello (handshake.c:2290)
==520145== by 0x48902A1: handshake_client (handshake.c:2908)
==520145== by 0x48902A1: gnutls_handshake (handshake.c:2740)
==520145== by 0x402CB3: client (dtls_hello_random_value.c:153)
==520145== by 0x402CB3: start (dtls_hello_random_value.c:317)
==520145== by 0x402EFE: doit (dtls_hello_random_value.c:331)
==520145== by 0x4023D4: main (utils.c:254)
==520145==
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Pierre Ossman <ossman@cendio.se>
Date: Tue Mar 24 15:32:13 2020 +0100
Compare DNs by comparing their string representations
A binary comparison will not work in case the contents is the same but
the ASN.1 type differ (e.g. PrintableString vs UTF8String). Such
variations are permitted so we need to handle them.
Signed-off-by: Pierre Ossman <ossman@cendio.se>
Author: Pierre Ossman <ossman@cendio.se>
Date: Tue Mar 24 15:29:34 2020 +0100
Properly compare DNs when checking sorting
We might want to do other things than a simple memcmp() so make sure
we're using the right helper when comparing DNs.
Signed-off-by: Pierre Ossman <ossman@cendio.se>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 31 16:58:07 2020 +0200
IDNA: require libidn2 2.0.0
We require private symbols which dissapear at some point in
IDN2 releases in order to support old versions of libidn2. Simplify
the code by requiring only recent versions and avoid issues such
as #832.
Resolves: #832
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 31 07:40:21 2020 +0200
NEWS: updated for release
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 30 20:52:36 2020 +0200
NEWS: doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 30 20:52:27 2020 +0200
bumped version
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Mar 29 21:30:37 2020 +0200
NEWS: doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Mar 29 21:30:37 2020 +0200
tests: added check for random value of client and server hello in TLS
This creates a tests that checks whether the TLS client and server
hello have sufficient non-zero bytes.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Mar 29 19:05:30 2020 +0200
tests: added reproducer for client hello random value behavior in DTLS
This adds an equivalent test of tls13/hello_random_value.c for DTLS
and extends the tests for server hello as well.
Relates: #960
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 30 08:23:03 2020 +0200
psk: added checks to satisfy static analyzers
Added null checks in legacy callbacks to avoid warnings from
static analyzers. The issues do not appear to be reproducible
in real-world use.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sat Mar 28 02:31:10 2020 +0300
padlock: fix exception in wrap_padlock_hash_fast
wrap_padlock_hash_fast() allocates a context on a stack (via local
variable) then tries to free it by calling wrap_padlock_hash_deinit()
causing a crash. Remove a call to deinit() to fix a crash.
Fixes #930
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sat Mar 28 02:29:31 2020 +0300
padlock: fix exception in sha code
padlock sha code will segfault (at least on Nano) if it is passed a NULL
data pointer (even if size is 0). Pass digest output buffer as a dummy
data pointer in such case.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sat Mar 28 02:27:31 2020 +0300
padlock: make cbc code return error properly
If underlying padlock_cbc_en/decrypt return an error, pass this error to
calling code.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Stefan Bühler <stbuehler@web.de>
Date: Fri Mar 27 17:17:57 2020 +0100
dtls client hello: fix zeroed random (fixes #960)
This broke with bcf4de03 "handshake: treat reply to HRR as a reply to
hello verify request", which failed to "De Morgan" properly.
Signed-off-by: Stefan Bühler <stbuehler@web.de>
Author: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Date: Tue Mar 24 09:55:08 2020 +0100
gnutls-serv: Do not exit when a message to be echoed is received
Previously, when gnutls-serv was executed with the --echo option, it
would exit when a message to be echoed was received. Moreover, the
server would output "Memory error" although no error occurred.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 18 11:23:47 2020 +0100
_gnutls_check_id_for_change: ensure that we check the username length
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 18 10:01:53 2020 +0000
Ensure that an incorrectly formatted password file doesn't cause invalid memory access
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Ander Juaristi <a@juaristi.eus>
Date: Sun Mar 15 23:31:49 2020 +0100
Update NEWS file
Signed-off-by: Ander Juaristi <a@juaristi.eus>
Author: Ander Juaristi <a@juaristi.eus>
Date: Tue Mar 3 11:49:32 2020 +0000
Update files
Signed-off-by: Ander Juaristi <a@juaristi.eus>
Author: Ander Juaristi <a@juaristi.eus>
Date: Mon Mar 2 16:37:10 2020 +0100
psk: Allow non-NULL PSK usernames
This commit closes #586.
Two new functions are introduced: gnutls_psk_server_get_username2()
and gnutls_psk_set_client_username2(), which are identical in behavior
to those named similarly (without the final '2'), but allow arbitrary
gnutls datums (not strings) to be used as usernames.
Two new callback functions are also introduced, with their respective
setters: gnutls_psk_set_server_credentials_function2() and
gnutls_psk_set_client_credentials_function2().
In addition, the password file format is extended so that non-string
usernames can be specified. A leading '#' character tells GnuTLS that the
username should be interpreted as a raw byte string (encoded in HEX).
Example:
#deadbeef:9e32cf7786321a828ef7668f09fb35db
Signed-off-by: Ander Juaristi's avatarAnder Juaristi <a@juaristi.eus>
Author: Daniel Lenski <dlenski@gmail.com>
Date: Sun Mar 22 19:12:44 2020 -0700
add NEWS entry
Signed-off-by: Daniel Lenski <dlenski@gmail.com>
Author: Daniel Lenski <dlenski@gmail.com>
Date: Sun Mar 22 19:01:55 2020 -0700
add additional tests of SSL 3.0 (with extensions, and with cipher suites not in SSL 3.0)
See #958
Signed-off-by: Daniel Lenski <dlenski@gmail.com>
Author: Daniel Lenski <dlenski@gmail.com>
Date: Sun Mar 22 19:00:32 2020 -0700
test_ssl3: minimize cipher suites to those actually included in SSL 3.0
See #958
Signed-off-by: Daniel Lenski <dlenski@gmail.com>
Author: Daniel Lenski <dlenski@gmail.com>
Date: Sun Mar 22 18:58:26 2020 -0700
SSL 3.0 (RFC6101) doesn't actually appear to require extensions, and some servers don't accept them
See #958
Signed-off-by: Daniel Lenski <dlenski@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Mar 22 10:44:51 2020 +0100
gnutls_session_get_keylog_function: new function
This adds a way to retrieve the keylog function set by
gnutls_session_set_keylog_function() to allow application protocols to
implement custom logging facility.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sun Mar 22 16:07:12 2020 +0300
oss-fuzz: return build error if fuzzers have failed to build
Instead of silently ignoring build errors and running fewer fuzzers,
exit on the first build error.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sun Mar 22 16:05:40 2020 +0300
oss-fuzz: use CC rather than CXX to compile fuzzers
clang++ will choke on several fuzzer sources because C++ is stricter
than C wrt. type conversion:
gnutls_base64_decoder_fuzzer.c:26:63: error: non-constant-expression
cannot be narrowed from type 'size_t' (aka 'unsigned long') to 'unsigned
int' in initializer list [-Wc++11-narrowing]
gnutls_datum_t raw = {.data = (unsigned char *)data, .size = size};
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu Mar 19 17:49:11 2020 +0100
fuzz: Update README.md for clang-9 [skip ci]
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Mar 15 11:18:30 2020 +0100
state: add function to get the current hash algorithm
This is particularly useful when the application applies key
derivation function by itself with the same underlying hash algorithm
as the session.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Mar 14 09:53:31 2020 +0100
abi: add enum values for GNUTLS_CIPHER_CHACHA20_*
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Mar 14 06:09:56 2020 +0100
cipher: allow setting ChaCha20 initial block counter
This also introduces GNUTLS_CIPHER_CHACHA20_32, which is a 96-bit
nonce variant of GNUTLS_CIPHER_CHACHA20_64.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Mar 13 17:24:26 2020 +0100
nettle: vendor in ChaCha20 implementation from nettle
This enables to use bundled ChaCha20 implementation if the system
nettle doesn't have nettle_chacha_set_counter.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Mar 14 06:01:49 2020 +0100
cipher: expose raw ChaCha20 cipher
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Date: Wed Mar 18 16:17:39 2020 +0100
global: Load configuration after FIPS POST
Previously, if the loaded configuration file disabled an algorithm
tested during FIPS-140 power-on self-tests, the test would fail. By
loading the configuration file after the test is finished, such failure
is avoided as any algorithm is allowed during the tests.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Author: Jakub Jelen <jjelen@redhat.com>
Date: Wed Mar 11 18:31:49 2020 +0100
Validate EC_PARAMS for EdDSA keys
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Author: Jakub Jelen <jjelen@redhat.com>
Date: Fri Mar 6 13:41:25 2020 +0100
pubkey: Validate input parameters in pubkey_import_ecc_raw
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Author: Jakub Jelen <jjelen@redhat.com>
Date: Fri Feb 28 18:50:53 2020 +0100
tests: Verify writing and reading of ECDSA public keys from PKCS#11
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Author: Jakub Jelen <jjelen@redhat.com>
Date: Fri Feb 28 18:45:14 2020 +0100
tests: Verify writing and reading of EdDSA public keys
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Author: Jakub Jelen <jjelen@redhat.com>
Date: Fri Feb 28 18:40:42 2020 +0100
pkcs11_write: Copy data to avoid double-free crashes and properly encode EC_POINT attribute
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 14 23:15:45 2020 +0100
.lgtm.yml: work around issues in LGTM system
This disables dependency tracking and removes the gnulib
tests to work-around a failure build gl/.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 12 20:46:58 2020 +0100
bootstrap.conf: do not bring tests in gnulib clones (src/unistring)
These tests are not being run, and they can cause issues as
in !1208.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 14 22:39:05 2020 +0100
.lgtm.yml: no longer bring nettle from master
The system used has already a sufficiently recent version.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Date: Thu Apr 4 15:45:02 2019 +0200
crypto-selftests-pk.c: Use deterministic signatures in test_known_sig()
Use deterministic signatures for ECDSA and DSA in test_known_sig(). Do
not call test_known_sig() for non-deterministic algorithms. Do not run
PK_TEST() for algorithms tested with PK_KNOWN_TEST().
The deterministic algorithms are used if in FIPS-140 POST or if FIPS-140
mode is disabled. When called explicitly with FIPS-140 mode enabled,
the pairwise-consistency test (PK_TEST()) is used instead.
test_known_sig() was modified to support only deterministic algorithms.
The "deterministic" parameter was replaced with the "flags" parameter
through which the flags to be used in gnutls_privkey_sign_data() are
passed.
The hard-coded values for the ECDSA and DSA signatures were replaced
with the values corresponding to the deterministic signatures to be used
in known answer tests. The unused values for GOST signatures were
removed.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Author: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Date: Thu Mar 5 15:54:06 2020 +0100
crypto-selftests-pk.c: Use specified key in test_sig()
Previously, test_sig() would use the same key regardless the value
provided in bits parameter. The changes introduced make test_sig() to
choose the key according to the value provided in bits.
For RSA, only 2048 bits key is available for testing. The calls were
adjusted accordingly.
Introduced 2048 bits DSA key in test_sig(). Removed unused 512 bits
key, leaving only the 2048 bits key available.
For GOST, use the same keys for test_sig() and test_known_sig(). Remove
the unused keys.
Reorder constant values and change variables names for better
readability.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Mar 16 11:09:29 2020 +0100
tests/sign-is-secure: fix off-by-one error
Reported by Peter Dettman in:
https://gitlab.com/gnutls/gnutls/-/issues/128#note_304892538
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Mar 16 11:03:41 2020 +0100
algorithms: properly calculate hash strength for Ed448
The Ed448 signature scheme internally uses XOF (SHAKE256) as the hash
function with 114-octet output. According to FIPS-202, the strength
against collisions is calculated as:
min(114*8/2, 256) = 256
Reported by Peter Dettman in:
https://gitlab.com/gnutls/gnutls/-/issues/128#note_304892538
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Mar 12 12:56:37 2020 +0300
lib/x509: use common routine for parsing data version
OSS Fuzzer noted an issue in parsing (incorrect) CRL files with
zero-length version field. Certificate parser does not have this issue,
while CRL and OCSP Request and Response parsers shows this problem. To
remove code duplication extract common function and use it from all four
parsers.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Date: Thu Apr 4 17:22:04 2019 +0200
crypto-selftests-pk.c: Fix PK_KNOWN_TEST and PK_TEST
Previously, when multiple tests where declared in sequence using one of
the macros, only the first test would be executed. This happened
because a check for the GNUTLS_SELF_TEST_FLAG_ALL was embedded in the
macro. To allow more than one test to be executed in sequence, the
check for the flag was removed from both macros.
To keep the previous behaviour (execute only the first test) the check
for the flag was moved to be after the first test, except for RSA since
the RSA encryption test must be executed in FIPS mode.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Author: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Date: Wed Apr 3 13:40:04 2019 +0200
crypto-selftests-pk.c: Move hardcoded values to the top
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Mar 10 22:42:02 2020 +0300
x509: apply same fix to print_crq
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Mar 10 22:41:54 2020 +0300
x509: apply same fix to print_crl
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Mar 10 12:12:36 2020 +0300
x509: drop endless loop in print_extensions
If crq is malformed in extensions part, print_extensions() might loop
endlessly because gnutls_x509_crq_get_extension_info would return
unhandled GNUTLS_ASN1_DER_ERROR looping over extension index, rather
than bailing out. Fix this by handling this error code properly. Found
thanks to oss-fuzz.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Feb 29 17:01:10 2020 +0100
lib: use static assertion to check enum values
We previously had checks of enum values with '#if', such as below:
#define GNUTLS_EXTENSION_MAX_VALUE 31
typedef enum extensions_t {
...
GNUTLS_EXTENSION_MAX /* not real extension - used for iterators */
} extensions_t;
/* we must provide at least 16 extensions for users to register */
#if GNUTLS_EXTENSION_MAX_VALUE - GNUTLS_EXTENSION_MAX < 16
# error not enough extension types
#endif
This doesn't work as expected; because GNUTLS_EXTENSION_MAX is not
defined as a preprocessor macro, it always expands to 0. To properly
do this check, we need to use static assert as provided as the
'verify' macro in gnulib.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Mar 1 10:16:08 2020 +0100
hello_ext: use 64-bit integer to track extensions
We currently have 26 predefined extensions, allowing the user to
define 5 extra as tested in tests/handshake-large-packet.c. However,
if we introduce one more, session->internals.used_exts exceeds.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sat Mar 7 01:05:45 2020 +0300
fuzz: add simple x509 certificate requests and revocation lists fuzzers
Add x509 certificate requests and certificate revocation lists fuzzers.
Use data from tests/cert-tests as a starting seed for the corpora.
Fixes #903
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sat Mar 7 01:09:55 2020 +0300
lib/x509/output.c: remove occasioinal memory leak in print_issuer_sign_tool()
Remove memory leak in error handling in print_issuer_sign_tool() by
moving asn1_delete_structure to the end of the function.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 2 20:28:21 2020 +0100
RELEASES.md: describe the release process
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Jakub Jelen <jjelen@redhat.com>
Date: Fri Feb 28 16:18:58 2020 +0100
Add support for loading EdDSA keys from PKCS#11 and using them
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Author: Ross Nicholson <phunkyfish@gmail.com>
Date: Sun Feb 23 07:55:43 2020 +0000
Adding missing macosx directory for aarch64 acceleration
Signed-off-by: Ross Nicholson <phunkyfish@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Feb 21 16:38:29 2020 +0100
keylogfile: simplify the callback mechanism
This partially reverts commit 97117556 with a simpler interface. The
original intention of having the callback mechanism was to reuse it
for monitoring QUIC encryption changes. However, it turned out to be
insufficient because such changes must be emitted after a new epoch is
ready.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Feb 21 13:14:48 2020 +0100
Add valgrind suppression for fun:decode_complex_string.isra.0
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Feb 21 13:14:03 2020 +0100
Add --gen-suppressions=all to valgrind to iautomatically generate suppression rules
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Feb 18 14:35:37 2020 +0300
lib: drop unused pbkdf2 helpers
Updated pbkdf2 API in GnuTLS removed the need for PBKDF2 helpers, drop
them now.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Fiona Klute <fiona.klute@gmx.de>
Date: Sat Feb 8 23:47:17 2020 +0100
gnutls-cli: Add option to store all stapled OCSP responses
Note that there's a small modification to the behavior of the existing
--ocsp-save option: If there is no stapled OCSP response the output
file is still created and will be empty.
Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Sat Feb 8 18:04:27 2020 +0100
TravisCI: Add bison [skip ci]
The latest gnulib needs a newer bison than TravisCI OSX has.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Feb 2 08:13:50 2020 +0100
keylogfile: generalize with a callback
This refactors the keylogfile mechanism by adding a callback to get
notified when a new secret is derived and installed. That way,
consumers can implement custom logging feature per session, which is
particularly useful in QUIC implementation.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Feb 7 16:55:11 2020 +0100
.lgtm.yml: Fix --disable-documentation to --disable-doc [skip ci]
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu Feb 6 16:48:48 2020 +0100
cfg.mk: Exclude sc_prohibit_gnu_make_extensions from syntax-check
This new gnulib check does not work with GNU awk 5.0.1 and GNU make 4.2.1.
References:
https://lists.gnu.org/archive/html/bug-gnulib/2019-05/msg00095.html
https://lists.gnu.org/archive/html/bug-gnulib/2019-06/msg00040.html
https://lists.gnu.org/archive/html/bug-gnulib/2019-07/msg00046.html
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu Feb 6 15:52:50 2020 +0100
Update gnulib to fix building on OSX 10.9
Fixes #926
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Dimitri John Ledkov <xnox@ubuntu.com>
Date: Tue Jan 14 15:14:59 2020 +0000
testcompat-openssl: improve testing against secured OpenSSL versions.
In Debian, and soon Ubuntu, OpenSSL is compiled with SECLEVEL=2 and
requiring minimum TLSv1.2. However, smaller hashes/keys/versions are
allowed if one enables SECLEVEL=1. Do so when testing pre v1.2 algos,
and thus enabling testing more compatability combinations.
Signed-off-by: Dimitri John Ledkov <xnox@ubuntu.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Feb 5 16:06:30 2020 +0300
nettle/gost: gost28147: require calling set_param before set_key
Require selecting parameter set before setting the key. There is no need
to provide default setting, if a param is always selected anyway.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Feb 3 05:18:29 2020 +0100
tests: skip pkcs12-gost under GNUTLS_FORCE_FIPS_MODE
The MAC algorithm used in the PBKDF2 is actually prohibited in the
FIPS mode and previously there wasn't a check for that.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Feb 2 17:58:56 2020 +0100
privkey_pkcs8: remove unused #include <nettle/pbkdf2.h>
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Feb 2 17:57:37 2020 +0100
pkcs7-crypt: refactor using gnutls_pbkdf2
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Feb 2 16:15:51 2020 +0100
pkcs12: refactor using gnutls_pbkdf2
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Feb 2 16:00:56 2020 +0100
secrets: refactor using gnutls_hkdf_{extract,expand}
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Feb 2 14:44:05 2020 +0100
crypto-api: add generic crypto functions for KDF
This exposes HKDF and PBKDF2 functions from the library. Instead of
defining a single KDF interface as in PKCS #11, this patch defines 3
distinct functions for HKDF-Extract, HKDF-Expand, and PBKDF2
derivation, so that we can take advantage of compile time checking of
necesssary parameters.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Michael Catanzaro <mcatanzaro@gnome.org>
Date: Sun Feb 2 09:47:25 2020 -0600
session_pack: fix leak in error path
If called at the wrong time, it allocates the buffer sb and forgets to
clear it.
Signed-off-by: Michael Catanzaro <mcatanzaro@gnome.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 1 23:09:01 2020 +0100
.mailmap: map Dmitry's email to a single name [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 1 23:02:55 2020 +0100
NEWS: fixed issue number for 448
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 1 22:54:13 2020 +0100
NEWS: refactored for release
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 1 22:44:41 2020 +0100
hooks.m4: bumped so-version
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Jan 29 20:00:53 2020 +0300
nettle/gost: support use GOST DSA support from master branch
Use GOST DSA and GOST curves provided by Nettle's master branch.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Jan 28 13:05:14 2020 +0300
pkcs12: do not go try calculating pbkdf2 with 0 iterations
Nettle will abort on a call to pbkdf2 if iterations is 0. Add check to
GnuTLS PKCS12 GOST code to check that iter is not 0.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Bjoern Jacke <bjacke@samba.org>
Date: Mon Jan 27 19:40:53 2020 +0100
add support for local threads with studio and ibm compilers
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 26 21:45:29 2020 +0100
tlsfuzzer: optimized tests for CI and enabled x448
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 26 21:32:18 2020 +0100
tlsfuzzer: fix test-tls13-large-number-of-extensions.py
This test requires a TLS-1.3-only server as its tests clash with
extensions supported by a TLS-1.2 server. Ensure that the extensions
that overlap with TLS-1.2 are not manipulated as we don't have
a pure TLS-1.3-only implementation.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 21 10:32:59 2020 +0100
GOSTR341194: mark as insecure for digital signatures
Although there are no practical attacks known on the algorithm, the practical
strength of the algorithm is weaker than the theoritical. In addition this algorithm
is already considered legacy, and as such mark it as insecure for digital
signatures to reduce the attack surface.
Relates: #909
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sun Jan 26 18:39:18 2020 +0100
Avoid pushd/popd bashism in testsuite
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon Jan 20 11:48:50 2020 +0100
tests/key-material-dtls.c: Try again on GNUTLS_E_AGAIN and GNUTLS_E_INTERRUPTED
This fixes issues on the CI cross-runners with 'make -jN', N > 1.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Sat Jan 4 14:37:46 2020 +0100
Use make with crafted -j for CI builds and tests
This speeds up the Gitlab CI runners. E.g. measured timings of the
Debian.x86_64 runner show ~40% speedup (down from 38 to 23 minutes).
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jan 25 22:28:32 2020 +0100
tests: updated tlsfuzzer tests to latest version
This adds new tests, reduces running time, and removes test-tls13-obsolete-curves.py.
The latter introduced too pendantic tests on curves we don't implement,
and requires significant changes to passing with limited benefit. For example
it requires the server to error on mismatching entries (and we simply ignore
them). As its value is low (we do not target to be a reference implementation
for testing broken clients), it was removed.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jan 25 22:02:48 2020 +0100
key shares: avoid using internal errors
On unknown curves or illegal parameters, make sure we return the
right error code which will translate to the appropriate alert.
Resolves: #907
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 24 23:12:07 2020 +0100
fuzz: fixed Ed448 fuzzer traces
The fuzzer files for ed448 were the reverse for client and server.
Enhanced the fuzzer tools to run a single fuzzer, and added more
clear documentation on how to generate and manually test the fuzzer
outputs.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 24 23:11:34 2020 +0100
README-adding-traces.md: updated with more precise information
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 24 22:57:49 2020 +0100
fuzzers: added ed448 keys
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Sat Jan 25 11:18:09 2020 +0100
Create files in gl/ licenced lgpl2+ instead of lgpl3+
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 24 22:53:50 2020 +0100
fuzzers: when provided with a parameter they will run on a single file
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Jan 24 22:04:41 2020 +0300
.gitlab-ci.yml: remove --disable-gost from nettle-master test
Remove --disable-gost switch from the test using Nettle's master branch
as GnuTLS is now compatible again with nettle/master.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Jan 23 13:07:23 2020 +0300
lib/nettle/gost: restore compatibility with nettle master
Use newer format of ecc curve data if curve448 support is detected.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 24 16:38:15 2020 +0100
.gitlab-ci.yml: force running jobs on linux runners
There are shared windows runners in gitlab, that will fail
running our jobs.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Jan 23 16:25:43 2020 +0100
fuzz: import key, certificate, and traces using Ed448
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jan 22 05:25:19 2020 +0100
tlsfuzzer: enable tests for X448
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jan 20 11:17:51 2020 +0100
.gitlab-ci.yml: set WINEPATH to allow eccdata run under Wine
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Jan 19 12:13:48 2020 +0100
.gitlab-ci.yml: export LDFLAGS throughout the FreeBSD build
Otherwise the build process wouldn't be able to find -lgmp.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jan 13 11:35:15 2020 +0100
.gitlab-ci.yml: add target to build against nettle master
This is similar to the build/gnutls target in nettle's own gitlab CI.
The only difference is that this will build/test all branches of
GnuTLS against the master branch of nettle.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Apr 22 08:27:43 2019 +0200
algorithms: implement X448 key exchange and Ed448 signature scheme
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Apr 21 21:13:30 2019 +0200
nettle: vendor in Curve448 and Ed448 implementation
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 15 11:05:31 2020 +0100
tls13: request OCSP responses as a server
The TLS1.3 protocol requires the server to advertise an empty
OCSP status request extension on its certificate verify message
for an OCSP response to be sent by the client. We now always
send this extension to allow clients attaching those responses.
Resolves: #876
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Jan 20 15:08:04 2020 +0300
x509: add OGRNIP DN entry definition used by qualified GOST certificates
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Nov 6 15:14:48 2019 +0300
x509: include digestParamSet into GOST 512-bit curves A and B params
Old implementations do not understand PublicKeyParams with omitted
digestParamSet. So include the field for old 512-bit curves to improve
compatibility with old implementations.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Jan 20 03:16:56 2020 +0300
fuzz in gost pkcs7/8/12 files
Add several examples of PKCS#7/#8/#12 files using GOST keys, ciphers and
digest functions.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Jan 20 03:11:08 2020 +0300
pkcs12: use correct key length when using STREEBOG-512
PKCS#12 files using GOST HMAC (GOST R 34.11-94 and Streebog) use special
function to generate MAC key. Pass correct key length (fixed to be 32)
when generating PKCS#12 files protected with Streebog (currently it
incorrectly uses 64 there).
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 17 21:34:45 2020 +0100
gnutls-cli-debug: ignore tests when algorithms are unavailable
When gnutls-cli-debug is run on systems where a particular algorithm
is disabled, ensure that we don't stop the testing; in that case
we ignore the test.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 15 14:44:22 2020 +0100
doc update [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 15 09:46:38 2020 +0100
tls13: do not send OCSP responses as client without server requesting
In client side ensure we see a request for OCSP from servers before
sending one.
Relates: #876
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Dimitri John Ledkov <xnox@ubuntu.com>
Date: Tue Jan 7 11:32:37 2020 +0000
libgnutls: Add system-wide default-priority-string override.
Signed-off-by: Dimitri John Ledkov <xnox@ubuntu.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Jan 13 01:20:28 2020 +0300
lib: fix _kx_priority_gost termination item
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sun Jan 12 19:24:51 2020 +0300
tests/priorities: add tests for GOST ciphersuites enablement
Add test counting GOST ciphersuites and ciphers available.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Fiona Klute <fiona.klute@gmx.de>
Date: Sat Jan 11 21:16:50 2020 +0100
gnutls-cli: Log all stapled OCSP responses when running with --verbose
Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Jan 10 14:17:44 2020 +0300
pk: set generated key algo before calling pct_test
In wrap_nettle_pk_generate_keys() set params->algo before calling
pct_test() as GOST sign/verify use that field.
Reported-by: Daiki Ueno
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Jan 10 14:16:56 2020 +0300
CI: FIPS140-2 run make check without enforcing FIPS mode
Some distributions might enable --enable-fips140-mode, without actually
enabling/enforcing FIPS at runtime. Catch issues in such configurations
(reported by Daiki Ueno).
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jan 7 11:24:01 2020 +0100
tests: add test for revoked OCSP response
This adds a test that exercises a failed handshake upon receipt of an
OCSP response with the "revoked" status.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jan 8 16:01:38 2020 +0100
ocsp: set GNUTLS_CERT_INVALID if OCSP response indicates revocation
This makes the OCSP based certificate verification adhere to the
convention used throughout the library: "The 'GNUTLS_CERT_INVALID'
flag is always set on a verification error and more detailed flags
will also be set when appropriate."
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Jan 8 22:17:55 2020 +0300
NEWS: expand documentation for GOST priority strings
Use +GOST-ALL shortcut to enable GOST ciphersuites. Also document newly
added GOST shortcuts.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Jan 8 22:11:51 2020 +0300
priority: make priority matching less error-prone
To remove possibility of using wrong length or using strncasecmp()
instead of c_strncasecmp() define PRIO_MATCH(name) macro taking care
about all details.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Jan 8 22:07:19 2020 +0300
priority: add new GOST-ALL shortcut
Add GOST-ALL as an alias for CIPHER-GOST-ALL, MAC-GOST-ALL, KX-GOST-ALL,
SIGN-GOST-ALL and GROUP-GOST-ALL.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Jan 8 22:03:44 2020 +0300
priority: add more GOST shortcuts
Add shortcuts for GOST ciphers, MACs and KXes. For now they contain only
one item, but this list will be expanded as support for GOST-CTR-ACPKM
ciphersuites will be added.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Jan 8 21:10:55 2020 +0300
lib/priority: add SIGN-GOST-ALL keyword
Add SIGN-GOST-ALL keyword containing all defined GOST signature
algorithms.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 9 13:03:10 2020 +0100
doc: clarify thread safeness in gnutls_global_init()
This documents and clarifies the thread safeness of gnutls_global_init()
and its constraints.
Resolves: #900
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Jan 8 20:22:11 2020 +0300
lib/priority: use c_strncasecmp() for string comparison
Use c_strncasecmp() instead of just strncasecmp() which can be affected
by locale.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Jan 8 21:31:32 2020 +0300
doc: document GOST priority options
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Jan 8 21:37:28 2020 +0300
doc: document GOST cipher and MAC algorithms
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Jan 8 22:08:14 2020 +0300
priority: fix GROUP-GOST-ALL comparison length
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jan 4 13:38:01 2020 +0100
tests: replace invalid extension OIDs with valid ones
libtasn1 4.15.0 or earlier allow encoding and decoding
of invalid OIDs, but more recent versions may stop
accepting them. Ensure that our test suite includes
OIDs which can be decoded by all versions of libtasn1.
Relates:
https://gitlab.com/gnutls/libtasn1/issues/25
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Dimitri John Ledkov <xnox@ubuntu.com>
Date: Mon Jan 6 09:41:27 2020 +0000
tests/Makefile.am: use absolute top_srcdir for GNUTLS_PRIORITY_FILE
Some tests, e.g. in suite/tls-fuzzer execute scripts from
sub-directories, making the relative path to system.prio in the
environment pointing to a non-existent file. Export system.prio
testsuite file as an absolute path to avoid this issue.
Signed-off-by: Dimitri John Ledkov <xnox@ubuntu.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 3 20:21:07 2020 +0100
doc: updated epub.texi from gnutls.texi
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 3 16:58:04 2020 +0100
.gitlab-ci.yml: identify on runtime to db2epub directory
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Jan 3 13:17:28 2020 +0100
Remove && command concatenation in .gitlab-ci.yml
As it turns out, `set -e` doesn't work if one of the commands fail,
maybe except the last command.
Seen, tested and reproduced on Fedora28 image.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 3 13:55:09 2020 +0100
.gitlab-ci.yml: merged ASAN and UBSAN runs
This in addition to merging the two CI runs, it also attempts
to run the fuzz code under SHANI for CI.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Edward Stangler <estangler@bradmark.com>
Date: Fri Jan 3 10:36:21 2020 +0000
Fixes dummy getrandom() when errno = EAGAIN.
Fixes #892.
Signed-off-by: Edward Stangler <estangler@bradmark.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu Jan 2 16:15:15 2020 +0100
Fix '-Werror=unused-const-variable=' in fuzz/
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Sun Dec 22 13:20:03 2019 +0100
Fix NULL ptr access in _gnutls_iov_iter_next()
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Sat Dec 21 19:21:55 2019 +0100
Use check_for_datefudge in tests
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Dec 20 11:00:53 2019 +0100
Fix "left shift cannot be represented in type 'int'" in hello_ext.[ch]
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu Dec 19 12:33:34 2019 +0100
Fix 2x -Wunused-function in tests/
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu Dec 19 12:23:34 2019 +0100
certtool-cfg.c: Silence -Wunused-variable if HAVE_IPV6 not set
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu Dec 19 11:48:47 2019 +0100
status_request.c: Silence -Wsign-compare
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu Dec 19 11:46:23 2019 +0100
rnd-fuzzer.c: Suppress shift sanitization check
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu Dec 19 11:17:43 2019 +0100
handshake.c: Suppress warning in fuzzing build
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed Dec 18 19:44:10 2019 +0100
Fix implicit value change in verify-high.c
verify-high.c:284:7: runtime error: implicit conversion from type 'size_t'
(aka 'unsigned long') of value 15421545260338 418178 (64-bit, unsigned) to
type 'uint32_t' (aka 'unsigned int') changed the value to 437555714 (32-bit,
unsigned)
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed Dec 18 16:39:38 2019 +0100
UBSAN: Fail tests if UB detected
Suppressions are in devel/ubsan.supp.
Suppressions only work on recoverable checks.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 29 21:53:32 2019 +0100
gnutls_x509_crt_get_extension_info: optimize when critical equals NULL
That is, do not perform the look ups necessary to calculate the value
when it will not be used.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 30 05:35:45 2019 +0100
fuzz: import certificate with and without sanity checks
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 29 22:33:07 2019 +0100
x509: reject certificates having duplicate extensions
According to RFC5280 a certificate must not include more than
one instance of a particular extension. We were previously printing
warnings when such extensions were found, but that is insufficient
to flag such certificates. Instead, refuse to import them.
Resolves: #887
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 3 08:53:55 2020 +0100
tests/suite: do not include scripts into dist
This part of the test suite is only run on CI.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 2 14:09:50 2020 +0100
ecore cli: updated and rewritten to use libev
That removes a lot of code that was not necessary in the gnutls test
suite.
Resolves: #884
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 2 22:32:43 2020 +0100
.gitlab-ci.yml: use separate images for mingw and fedora builds
This should result to faster image loading for CI builds.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 2 14:55:11 2020 +0100
tests: use newer nettle APIs in cipher-override.c
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 1 21:37:01 2020 +0100
doc: updated copyrights for 2020
This updates the copyright year for documentation
and excludes gnulib files from the copyright check.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sun Dec 29 12:52:21 2019 +0300
cli: fix building with GOST disabled
Fix building gnutls-cli (benchmark part) with GOST keys support being
disabled.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sun Dec 29 12:49:16 2019 +0300
cli: support building with OCSP and ANON disabled
Support gnutls-cli when building GnuTLS with OCSP and ANON
authentication API disabled.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sun Dec 29 12:49:16 2019 +0300
serv: support building with OCSP disabled
Support gnutls-serv when building GnuTLS with OCSP API disabled.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sat Nov 9 02:29:19 2019 +0300
tls12-server-kx-neg: add tests without GOST signature algorithms
Add tests mimicking SChannel clients which are unable to send proper
SignatureAlgorithms extension.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sat Nov 9 02:01:22 2019 +0300
SignatureAlgorithms: force-enable GOST signatures for GOST KX
SChannel-based clients can not send GOST identifiers as a part of
SignatureAlgorithms extension. To mitigate this forcefully enable GOST
signature algorithms if client sends GOST ciphersuite.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Dec 24 16:26:27 2019 +0300
benchmark: enable benchmarking of GOST CNT ciphersuite/KX
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Dec 24 02:33:26 2019 +0300
benchmark: support benchmarking GOST ciphers/MACs
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Dec 24 02:32:17 2019 +0300
benchmark: use mac key size instead of block size
Use newly added gnutls_hmac_get_key_size() to get key size instead of
assuming that key size = block size (incorrect for GOST 28147 IMIT).
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Dec 24 02:31:30 2019 +0300
crypto-api: add gnutls_hmac_get_key_size() function
Add gnutls_hmac_get_key_size() to retrieve MAC key size.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Dec 24 01:20:24 2019 +0300
nettle/gost: remove gost28147_imit_init
Rewrite gost28147 imit code to clean up state and index on key setup to
be sure that imit context is properly cleaned.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Ludovic Courtès <ludo@gnu.org>
Date: Wed Nov 20 16:10:11 2019 +0100
guile: Arrange to make 'gnutls.scm' architecture-independent.
Fixes #838.
Reported by Andreas Metzler.
* configure.ac: Define and substitute 'maybe_guileextensiondir'.
* guile/Makefile.am (.in.scm): Substitute 'maybe_guileextensiondir'.
* guile/modules/gnutls.in <top level>: Use @maybe_guileextensiondir@.
Check if %LIBDIR is true.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 23 20:20:58 2019 +0100
x509: do not tolerate invalid DER time
This effectively reverts !400 and ensures that we no longer tolerate
invalid DER time. This complements the previous commit by Lili Quan
and ensures we provide the --disable-strict-der-time backwards compatibility
option.
Resolves: #207
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Dec 14 10:51:48 2019 +0100
certtool: always set extensions from template
Previously we would only set these extensions specific with add_extension
when generating using --generate-certificate. The change makes sure these
options are considered even when generating an extension from a certificate
request. Issue reported on the mailing list.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Dec 14 10:44:16 2019 +0100
tests: check certificate generation from certificate request
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 20 20:37:32 2019 +0100
tests: ensure test suite does not apply global config
When running the test suite we do not apply the global
gnutls configration as it may change options that are
tested.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 5 11:40:31 2019 +0100
gnutls-cli: improved output of --benchmark-tls-kx
It is now printed in a way that separates the tests. Example:
```
(TLS1.3)-(ECDHE-SECP256R1)-(RSA-PSS-RSAE-SHA256)-(AES-128-GCM)
- 179.19 transactions/sec
- avg. handshake time: 5.57 ms
- standard deviation: 0.57
(TLS1.3)-(ECDHE-X25519)-(RSA-PSS-RSAE-SHA256)-(AES-128-GCM)
- 182.24 transactions/sec
- avg. handshake time: 5.48 ms
- standard deviation: 0.64
```
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 4 13:58:21 2019 +0100
gnutls-cli: benchmark-tls-kx can work with sub-ms accuracy
This allows micro and nanoseconds to be reported if necessary,
and it changes reporting of sample variance to standard deviation
giving a possibly better overview as it is in the same units as
the average.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Jul 19 15:40:46 2018 +0300
gnutls-cli-debug: add GOST_CNT-related KX/cipher/MAC tests
Add test for VKO-GOST-12, GOST28147-TC26Z-CNT and GOST28147-TC26Z-IMIT
support by the server.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 19 21:13:15 2019 +0100
README.md: updated to list fuzz coverage results [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Dimitri John Ledkov <xnox@ubuntu.com>
Date: Sun Dec 15 20:32:02 2019 +0000
doc: update reference to the default configuration file
Signed-off-by: Dimitri John Ledkov <xnox@ubuntu.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 19 20:28:50 2019 +0100
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 19 09:37:34 2019 +0100
_gnutls_verify_crt_status: apply algorithm checks to trusted CAs
If a CA is found in the trusted list, check in addition to
time validity, whether the algorithms comply to the expected
level. This addresses the problem of accepting CAs which would
have been marked as insecure otherwise.
Resolves: #877
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 18 14:38:32 2019 +0100
certtool: added option to apply a certificate verification profile
This applies to the --verify and --verify-chain commands.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 18 14:29:21 2019 +0100
Export profile ID/name handling functions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 18 14:04:35 2019 +0100
is_level_acceptable: apply the system-wide profile in all verifications
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Lili Quan <13132239506@163.com>
Date: Thu Dec 19 17:14:20 2019 +0100
Introduced check to reject certificates with non-digits in time field
According to RFC5280 we should reject such certificates.
Resolves: #870
Signed-off-by: Lili Quan <13132239506@163.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Nov 13 23:47:16 2019 +0300
abi-check: fix include paths
If GnuTLS is built outside of source tree, abicheck will miss gnutls.h
header which is generated in the build tree. Expand arguments to include
it.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Dec 18 23:28:48 2019 +0300
doc: document GROUP-GOST-ALL keyword
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Nov 27 15:48:57 2019 +0300
NEWS: add news entry, describing TLS 1.3 vs GOST issues
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Jul 17 19:41:47 2019 +0300
ext/signature: use GOST signatures for GOST ciphersiuites
draft-smyshlyaev-tls12-gost-suites limits SignatureAndHash algorithms
in CertificateRequest message to GOST values if GOST cipher suite is
selected.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Sep 3 10:48:09 2019 +0300
tls13-server-kx-neg: add test for GOST-enabled server and client
If both client and server have enabled TLS 1.3 and GOST-CNT
ciphersuites, they should correctly negotiate a connection, but using
TLS 1.2 version.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Oct 9 07:17:59 2017 +0300
tests: added testcases for ciphersuite/KX negotiation with VKO-GOST
This verifies whether the ciphersuite negotiation will detect and
reject incompatible data present in credentials.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sat Sep 23 21:37:38 2017 +0300
tests: add tests for KX-GOST-VKO using different key variants
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Oct 27 03:31:49 2016 +0300
Add GOST cipher suites
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sun Feb 10 12:18:40 2019 +0300
priority: add GROUP-GOST-ALL keyword
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Nov 30 13:11:28 2016 +0300
Support GOST certificate request values
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sat Sep 23 21:56:23 2017 +0300
lib: fix group selection in case of GOST cipher suites
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Dec 17 20:09:54 2019 +0100
Sync with fuzzers from OSS-Fuzz
Only lots of corpora removed (by merge step). Not sure why.
But there are several new UBs detected.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Dec 17 19:52:58 2019 +0100
Amend fuzz scripts and README for clang-8
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Dec 17 19:52:05 2019 +0100
Add fuzz corpora for gnutls_ext_raw_parse_fuzzer
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 16 12:54:23 2019 +0100
fuzzer: added fuzzer for gnutls_ext_raw_parse()
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 16 12:45:06 2019 +0100
gnutls_ocsp_status_request_is_checked: mark explicitly as unsigned the return type
Also some documentation updates.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 16 11:35:48 2019 +0100
README.md: updated CI build badge [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Dec 14 15:41:17 2019 +0100
Provide flag to identify sessions that an OCSP response was requested
That adds the flag GNUTLS_SFLAGS_CLI_REQUESTED_OCSP which can be
checked by a server application to determine whether the
client has requested stapled OCSP responses.
This includes minor cleanups in the status request handling code.
Resolves: #829
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Dec 7 21:30:17 2019 +0100
abi: updated to latest const changes and added NEWS entry
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue May 21 21:50:33 2019 +0200
Add const to function arguments in lib/x509
This change does not introduce functionality changes.
It just adds const promises to the caller.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 5 17:06:22 2019 +0100
gnutls-serv: do not exit on command failure
If gnutls_reauth() or gnutls_heartbeat_ping() fail, gnutls-serv
would simply quit. This prevents using this tool in a test environment
like tlsfuzzer. Ensure that we don't quit on error.
Resolves: #868
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 4 22:18:02 2019 +0100
.triage-policies.yml: updated to work with latest gitlab-triage [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Vitezslav Cizek <vcizek@suse.com>
Date: Wed Dec 4 15:24:17 2019 +0100
lib: remove obsolete AVOID_INTERNALS
Although commit 1f246c381e8a7449d84b143ffe50a0818622d2a3 enabled
the self-check functions unconditionally, the #ifdefs AVOID_INTERNALS
remained in lib/crypto-selftests-pk.c.
Signed-off-by: Vitezslav Cizek <vcizek@suse.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 2 17:32:16 2019 +0100
Revert "Released 3.6.11.1 including missing files"
This reverts commit 1e9c9ba0c0798b5566902e6c5ab83418826dd7f5.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 2 17:08:43 2019 +0100
Released 3.6.11.1 including missing files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 2 08:56:05 2019 +0100
libopts: include new files into dist
This also includes --enable-local-libopts flag to make dist
to catch future regressions.
Resolves: #867
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 1 22:39:01 2019 +0100
released 3.6.11
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Fiona Klute <fiona.klute@gmx.de>
Date: Sun Dec 1 19:20:17 2019 +0100
Write OCSP status request debug information to logfile, if set
The status information not part of the payload data and should be
separate when using --logfile.
Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
Author: Fiona Klute <fiona.klute@gmx.de>
Date: Sun Dec 1 18:45:28 2019 +0100
Send log messages about loading client credentials to logfile, if set
Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 29 20:30:26 2019 +0100
.travis.yml: explicitly install openssl to address build issue
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 29 16:19:07 2019 +0100
NEWS: documented AES-CFB8 fix [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 29 13:06:41 2019 +0100
bumped version
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 28 09:08:28 2019 +0100
.travis.yml: update submodules [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 29 09:40:55 2019 +0100
base64: minor improvements in OOM handling and test suite
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 28 15:05:17 2019 +0100
gnutls_base64_decode2() succeeds decoding the empty string
This is a behavioral change of the API but it conforms to
the RFC4648 expectations.
Resolves: #834
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 27 16:13:06 2019 +0100
Revert "tests: ignore datefudge-check check when running on command line"
This commit was breaking CI on FreeBSD systems.
This reverts commit 1fe4f8e289d666979618fbb909983ac05aad11ac.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 25 22:36:22 2019 +0100
certtool: always include the CRL distribution points on CAs
Previously we would omit the CRL distribution points from a non-self
signed CA certificate, even if contained in the template.
Resolves: #765
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 25 22:38:05 2019 +0100
tests: ignore datefudge-check check when running on command line
That allows running the tests individually without make or setting
top_builddir variable.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Nov 22 17:21:19 2019 +0300
tests: make tests pass with disabled GOST algorithms
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Nov 22 16:43:49 2019 +0300
gitlab-ci: enable running make check on minimal build
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Ludovic Courtès <ludo@gnu.org>
Date: Mon Nov 11 21:36:22 2019 +0100
guile: Silence auto-compilation warning for 'guild'.
Reported by Helmut Grohne <helmut@subdivi.de>
and Andreas Metzler <ametzler@bebt.de>
at <https://bugs.debian.org/943905>.
* guile/Makefile.am (%.go): Pass "GUILE_AUTO_COMPILE=0" to avoid
warnings about 'guild' needing to be compiled.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sun Nov 10 14:06:58 2019 +0300
vko: fix possible unitilized scalar access
Fix error path in _gnutls_gost_keytrans_decrypt. If
_asn1_strict_der_decode() fails, cleanup path will try to
gnutls_pk_params_release(&pub), which will access unitialized pub
variable. Fix by deleting asn1 sctructure directly.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Ludovic Courtès <ludo@gnu.org>
Date: Mon Nov 11 21:30:48 2019 +0100
guile: Do not attempt to load shared object when cross-compiling.
Reported by Helmut Grohne <helmut@subdivi.de>
and Andreas Metzler <ametzler@bebt.de>
at <https://bugs.debian.org/943905>.
* configure.ac: Add 'CROSS_COMPILING' conditional.
* guile/Makefile.am (CROSS_COMPILING_VARIABLE): New variable.
(%.go): Use it.
* guile/modules/gnutls.in <top level>: Do not call 'load-extension'
when "GNUTLS_GUILE_CROSS_COMPILING" is defined.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Oct 27 03:30:34 2016 +0300
Add support for VKO GOST key exchange
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Nov 7 18:25:01 2019 +0100
.gitlab-ci.yml: bump configure cache version
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Günther Deschner <gd@samba.org>
Date: Wed Nov 6 13:17:57 2019 +0100
crypto-selftests: test CFB8 ciphers with different chunksizes
Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Nov 8 10:10:09 2019 +0100
nettle: use included CFB8 implementation if nettle is 3.5
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sun Feb 10 02:38:43 2019 +0300
groups: add function to return group by curve
Two GOST groups will have two curves attached. Add function to retrieve
group by curve, rather than by group id.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue May 7 18:01:33 2019 +0300
ecc: define curve->group relationship
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Aug 29 11:09:31 2017 +0300
Declare groups corresponding to GOST curves
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Dec 2 06:26:55 2016 +0300
Add GOST key transport support
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Jun 7 13:19:55 2018 +0300
nettle: add support for GOST key derivation
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Oct 27 18:58:12 2016 +0300
_gnutls_pk_derive: add argument for nonce
GOST VKO key derivation needs another opaque argument (called UKM).
Add an argument to _gnutls_pk_derive to accomodate that keying material.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Jun 14 15:39:39 2018 +0300
nettle/gost: add support for GOST VKO algorithm
GOST VKO is a variant of ECDHE algorithm.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Jun 14 15:39:19 2018 +0300
nettle/gost: provide GOST keywrapping support
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Miroslav Lichvar <mlichvar@redhat.com>
Date: Wed Nov 6 11:37:10 2019 +0100
prf: don't crash when called before handshake completion
If a gnutls_prf*() function is called before the handshake is completed,
return GNUTLS_E_INVALID_REQUEST instead of crashing.
Signed-off-by: Miroslav Lichvar <mlichvar@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Nov 6 12:07:24 2019 +0100
nettle: backport fixes to cfb8_decrypt
cfb8: don't truncate output IV if input is shorter than block size:
https://git.lysator.liu.se/nettle/nettle/commit/f4a9c842621baf5d71aa9cc3989851f44dc46861
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 5 16:47:17 2019 +0100
gnutls_privkey_sign_data2: removed unnecessary text [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 1 14:04:27 2019 +0100
.gitlab-ci.yml: do not inline strcmp in valgrind build
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 1 10:24:24 2019 +0100
.gitlab-ci.yml: removed unnecessary use of --enable-valgrind-tests
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: nia <nia@NetBSD.org>
Date: Thu Oct 31 18:36:49 2019 +0000
Add NEWS entry for the NetBSD KERN_ARND change.
Signed-off-by: Nia Alarie <nia@NetBSD.org>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu May 18 05:36:49 2017 +0300
tls-sig: reverse bytes in TLS signatures for GOST signatures
GOST TLS suites have one peculiarity: CertificateVerify message uses
byte order opposite to the rest of GOST signature usage (BE instead of
LE). So, reverse byte order in signatures in TLS code. For now this
applies only to TLS 1.2 code. GOST TLS 1.3 ciphersuites will also follow
this approach. Legacy TLS 1.0 ciphersuites also had this peculiarity.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 30 10:39:49 2019 +0100
.gitlab-ci.yml: updated CI environment to F31
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 11 20:46:41 2019 +0200
tests: include config.h in rawpk-api.c
This seems to have impacted windows compilation.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 11 15:57:43 2019 +0200
tests: global-init-override do not run in windows
It cannot be compiled in f30.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 11 14:44:39 2019 +0200
updated to libopts 5.18.16
This fixes compilation in Fedora 30 which ships with this
version of autogen.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sun Oct 27 03:12:45 2019 +0300
serv: move closing TABLE tag after actual table end
Move closing TABLE tag after printing information on cipher and MAC.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sun Oct 27 03:08:33 2019 +0300
ecc: fix curve sizes for TC26-256 gost curves
Fix curve size being incorrectly set to 64 instead of 32 for several
GOST curves.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: nia <nia@NetBSD.org>
Date: Sat Oct 26 20:58:49 2019 +0100
nettle: Support sysctl(KERN_ARND) for RNG on NetBSD.
This system call will never block and does not require a file
descriptor to be opened. It provides an endless stream of random
numbers from the kernel's ChaCha20-based random number generator.
Signed-off-by: Nia Alarie <nia@NetBSD.org>
Author: Björn Jacke <bjacke@samba.org>
Date: Fri Oct 25 17:25:39 2019 +0200
doc: describe how to make gnutls-cli quiet for pipe usage
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Oct 24 18:01:55 2019 +0300
lib: simplify uint24 handling
Drop separate uint24 type and functions to convert between it and
uint32_t. This makes _gnutls_read/_write_uint24 simpler and easier to
understand. And with faster assembly code.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sun Oct 20 18:49:41 2019 +0300
lib: drop gnutls_uint64 usage as sequence number
GnuTLS is depending already on uint64_t being a properly defined type.
So there is no need to have a special byte-array type for 8-byte
integers. Use uint64_t instead, thus simplifying a code quite heavily.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Oct 21 15:55:47 2019 +0300
sign: convert tls13_ok to flags field
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Oct 21 18:55:26 2019 +0300
tls-sig: split TLS 1.0/1.1 CertificateVerify code
For the symmetry split the TLS 1.[01] CertificateVerify code, so that
main functions work as pure multiplexors.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Oct 21 14:08:00 2019 +0300
mac: mark GOST28147-TC26Z-IMIT as using CONTINUOUS_MAC
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu May 18 04:09:51 2017 +0300
Support GOST cipher suite MAC calculation
GOST ciphersuites require that MAC is calculated over _all_ packets,
rather than just current packet. Add flag to auth_cipher_hd_st
controlling this behaviour.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Oct 21 13:57:55 2019 +0300
mac: change preimage_insecure to be a flag
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Oct 18 13:19:04 2019 +0300
cipher: replace several bools with single flags instance
Replace bools in cipher_entry_st with flags field.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Jun 21 19:34:45 2018 +0300
lib: pubkey vs TLS signature compatibility for GOST algorithms
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Oct 18 13:22:06 2019 +0300
src: fix noreturn-related warning
Recent autogen started adding '#include <stdnoreturn.h>' into -args.h
files. However in GnuTLS tools code this results in the following
warnings, because stdnoreturn.h unconditionally redefines 'noreturn' to
_Noreturn:
warning: '_Noreturn' attribute directive ignored
Use __noreturn__ attribute instead as does Gnulib.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Dec 2 08:28:34 2016 +0300
Allow using implicit IV for stream ciphers with TLS
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Aug 29 11:10:33 2017 +0300
prf: add Streebog (GOST R 34.11-2012) PRF support
Add support and tests for PRF generated using both Streebog versions.
This is necessary for adding GOST TLS ciphersuites support.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Sat Oct 12 20:59:22 2019 +0200
Add const to several read-only packet sequence params
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Sun Oct 13 12:04:20 2019 +0200
tests/buffer.c: Add unit test for _gnutls_buffer_unescape()
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed Oct 9 18:54:12 2019 +0200
lib/x509/x509.c: Check before pointer dereference in get_alt_name()
Fixes Coverity issue 1361513
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed Oct 9 18:44:35 2019 +0200
cipher: Let _gnutls_auth_cipher_setiv() return int
Fixes Coverity issue 1454646
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed Oct 9 18:34:22 2019 +0200
lib/record.c: Use assignment instead of memcpy()
Fixes Coverity issue 1454647
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed Oct 9 18:27:11 2019 +0200
lib/sslv2_compat.c: Check return value of _gnutls_generate_session_id()
Fixes Coverity issue 1454649
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed Oct 9 18:11:10 2019 +0200
lib/x509/output.c: Remove unneeded NULL check in print_crt_pubkey()
Fixes Coverity issue 1454670
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed Oct 9 18:04:44 2019 +0200
lib/auth/srp_passwd.c: Fix NULL dereference in _gnutls_srp_pwd_read_entry()
Fixes Coverity issue 1454652
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed Oct 9 17:53:54 2019 +0200
lib/str.c: Replace sscanf() in _gnutls_buffer_unescape()
Fixes Coverity issue 1454651
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed Oct 9 17:39:24 2019 +0200
lib/handshake.c: Check return value of _gnutls_version_max()
Fixes Coverity issue 1454674
Fixes Coverity issue 1454658
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed Oct 9 17:37:42 2019 +0200
Remove trailing spaces in several files
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 10 17:49:01 2019 +0200
.gitlab-ci.yml: removed coverity build [ci skip]
The coverity run is subject to several restrictions by the service,
and thus it is not really useful in the main CI runs as it cannot reasonably
be run on MRs or master. As such we simplify the main CI file by moving the
coverity to the coverage sub-project and running it weekly.
The new location is at:
https://gitlab.com/gnutls/coverage
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Oct 5 03:30:32 2019 +0200
crq APIs: fix typos [ci skip]
Resolves: #842
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 25 07:04:04 2019 +0200
document limitations of gnutls_record_discard_queued() [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Ricardo M. Correia <rcorreia@wizy.org>
Date: Wed Oct 9 17:37:22 2019 +0200
README.md: document lscpu/util-linux dependency for make check
Closes #764
Signed-off-by: Ricardo M. Correia <rcorreia@wizy.org>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Oct 9 01:29:07 2019 +0300
testpkcs11.sh: test that we output mechanism flags correctly
Verify some of PKCS#11 mechanism flags.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Sep 25 21:11:09 2019 +0300
p11tool: print mechanism info in list-mechanisms
Print key size range and flags in mechanisms list.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Oct 9 00:10:09 2019 +0300
tests/psk-file: fix heizenbug in last test
Currently last test case in psk-file expects that the server will
terminate connection with fatal error and close connection. Client will
receive GNUTLS_E_PUSH_ERROR error. However on slow boxes (or under qemu)
client is able to receive server's fatal alert thus returning unexpected
error. To make this behaviour predictable make server wait for client to
read all data and actually close connection on it's own.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 8 07:23:31 2019 +0200
session tickets: parse extension during session resumption on client side
It is possible for a server to send a new session ticket during
TLS1.2 resumption. To be able to parse it as client we need to
check the extension during resumption as well.
Resolves: #841
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Jun 24 01:37:31 2019 +0300
ext/supported_groups: don't consider non-EC groups for EC
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Aug 2 02:08:00 2019 +0300
tests: correct gost server certificates
Correct GOST server certificates:
- use only Digital Signature Key Usage,
- use new format for 512-bit curve key and certificate.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 8 06:48:44 2019 +0200
.gitlab-ci.yml: only run coverity task on 3_6_x tags [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Oct 2 17:05:10 2019 +0300
cert-tests/gost: add certificate with new GOSTParameters struct
Add certificate example using simplified (new) GOSTParameters structure.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 7 20:59:34 2019 +0200
.gitlab-ci.yml: include an automated coverity build on tags
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Sep 25 18:13:37 2019 +0300
lib: implement support for updated GOST PublicKeyParameters
Recomendation for standardization R 1323565.1.023-2018 has made changes
to PublicKeyParameters for GOST R 34.10-2012 keys. It has removed
encryptionParamSet (since now S-BOX is basically fixed as TC26-Z) and
made digestParamSet OPTIONAL (as it can be concluded from public key
OID). Implement these requirements.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Apr 25 15:06:58 2019 +0300
nettle/pk: add support for "new" TC26 256 B curve
TC26 likes aliases. Thus "new" TC26 256 B curve is the same as old
CryptoPro-256-A curve (but with limitation to use GOST R 34.10-2012).
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sat Sep 28 21:40:30 2019 +0300
lib/ecc: add documentation for GOST-related curves
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue May 7 15:24:53 2019 +0300
lib: define more GOST curves
Declare GOST curves from GOST R 34.10-2001 and GOST R 34.10-2012 (test
curves) and GOST curves defined by TC26 itself.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Oct 1 18:15:19 2019 +0200
gnutls_aead_cipher_{en,de}cryptv2: write back cached data to buffers
Previously, those functions failed to write the output to the buffers
if the buffer length is not multiple of cipher block size. This makes
sure that the cached data is always flushed.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Oct 1 18:14:48 2019 +0200
iov: add _gnutls_iov_iter_sync to write back cached data to iov
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Oct 3 10:34:18 2019 +0200
iov: _gnutls_iov_iter_next: return bytes instead of blocks
This eliminates the need of special handling of final block. Also
adds more tests in exceptional cases.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Oct 5 03:27:01 2019 +0200
NEWS: added entry for 3.6.11
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Fri Oct 4 20:50:19 2019 +0200
Updated NEWS to reflect the added raw public-key handling functionality for gnutls-cli/serv tools.
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Mon Sep 30 21:22:59 2019 +0200
Added functional regression tests for rawpk functionality in gnutls-cli and gnutls-serv.
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Tue Aug 27 17:10:04 2019 +0200
Implemented raw public key support for gnutls-serv application.
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Mon Aug 26 17:12:40 2019 +0200
Implemented raw public key support for gnutls-cli application.
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Oct 2 14:47:44 2019 +0300
nettle/mac: add missing ifdef
Add an ifdef guarding gost28147 include.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sun Sep 29 18:55:18 2019 +0200
cipher-alignment: migrate LDADD/CFLAGS after rename
Test was renamed from mini-alignment to cipher-alignment.
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 29 12:24:02 2019 +0200
bumped versions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 28 21:25:25 2019 +0200
.gitlab-ci.yml: run pic-check on i686-linux-gnu to catch wrong assembly
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sat Sep 28 14:28:12 2019 +0200
Regenerate asm files with -fPIC
CRYPTOGAMS' perl-scripts can produce different output if -fPIC is passed
as option. Set -fPIC for the same files as openssl does.
Closes #818
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 28 12:42:12 2019 +0200
certtool: ensure that PKCS#8 file does not contain key description
Resolves: #840
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sat Sep 28 21:23:17 2019 +0300
NEWS: document previous changes [ci skip]
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Aug 2 13:55:18 2019 +0300
tests: add verbose logging to server-kx-neg tests
Add support for verbose logging to tls*-server-kx-neg tests.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Jun 19 17:42:53 2018 +0300
lib/algorithms: add AID values assigned by IANA
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Sep 27 17:00:29 2019 +0300
x509: add support for Russian extensions defined for qualified certificate
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sun Sep 1 11:05:35 2019 +0300
crypto-selftests: add CNT and IMIT self tests
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Jun 14 15:37:20 2018 +0300
nettle: provide GOST 28147-89 IMIT MAC support
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Jun 14 15:36:55 2018 +0300
nettle: provide GOST 28147-89 CNT mode support
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Sep 26 16:45:25 2019 +0200
ext/supported_versions: reorder client precedence if necessary
If the client advertises TLS < 1.2 before TLS 1.3 and the server is
configured with TLS 1.3 enabled, the server should select TLS 1.3;
otherwise the client will disconnect when seeing downgrade sentinel.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 25 06:23:22 2019 +0200
gnutls_session_get_data2: fix operation without a timeout callback
When TLS1.3 was introduced, gnutls_session_get_data2 was modified
to assume that the callbacks set included the timeout one which was
not previously necessary except for some special cases. This corrects
that issue and makes sure that gnutls_session_get_data2() does not
fail (but not necessarily succeed), if that timeout callback is not
set.
Resolves: #823
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 25 06:18:48 2019 +0200
_gnutls_io_check_recv: added newline to error message
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 23 21:42:14 2019 +0200
tests: cipher-alignment: ensure cipher registration
That is, ensure that the registered cipher is called at least
once in the program. That is, to make this test fail if the registration
API ever become deprecated/no-op.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 23 21:11:53 2019 +0200
tests: mini-alignment moved to modern nettle API
That is, it no longer uses the deprecated API, and it is also
removed to cipher-alignment for clarity.
Resolves: #835
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 23 21:05:48 2019 +0200
nettle: use nettle_get_secpp* consistently
We already depend on nettle 3.4.1 which provides that symbol,
ensure that we use it consistently.
Relates: #835
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 20 22:09:39 2019 +0200
Updates in OCSP status response related documentation
gnutls_certificate_set_ocsp_status_request_file2: corrected documentation
This corrects the documented return code in gnutls_certificate_set_ocsp_status_request_file2
and the applicability of gnutls_ocsp_status_request_is_checked.
Resolves: #836
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 20 21:04:09 2019 +0200
tests: added server side OCSP check
This checks whether gnutls_ocsp_status_request_is_checked() is functional
on server-side verification.
Relates: #829
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 20 20:57:51 2019 +0200
tests: added server-side verification test
This tests gnutls_certificate_verify_peers2() operation in server
side.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 19 21:26:25 2019 +0200
gnutls_ocsp_status_request_is_checked: added tests in client side
This ensures that this function has functional tests.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 16 15:03:41 2019 +0200
pkcs11-mock: updated license based on upstream project [ci skip]
Based on the relicense of the original project:
https://github.com/Pkcs11Interop/pkcs11-mock
Applied in commit: 8751256956e414c1b0a30414831f5083afbf64bf
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Ludovic Courtès <ludo@gnu.org>
Date: Sat Jun 1 16:54:47 2019 +0200
guile: Add support for Guile 3.0.
* configure.ac: Add 3.0 to 'GUILE_PKG', as well as the
previously-supported versions.
* doc/gnutls-guile.texi (Guile Preparations): Update list of supported
versions.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Author: Ludovic Courtès <ludo@gnu.org>
Date: Sat Jun 1 16:52:34 2019 +0200
doc: Run guile with '-q'.
This makes sure we don't load the user's ~/.guile.
* doc/Makefile.am (GUILE_FOR_BUILD): Pass '-q'.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 12 15:21:55 2019 +0200
tlsfuzzer: enable atypical padding check
The atypical padding check is complementary to the existing
GnuTLS 2.12.x interop test.
This commit also upgrades to the latest version, and adds new TLS1.3
tests as well.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Aug 8 18:04:18 2019 +0200
lib/*: remove unnecessary cast to ssize_t
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Aug 8 18:02:08 2019 +0200
gnutls_int.h: make DECR_LEN neutral to signedness
DECR_LEN was previously implemented in a way that it first decrements
the given length and then checks whether the result is negative. This
requires the caller to properly coerce the length argument to a signed
integer, before invoking the macro.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Sep 11 11:24:17 2019 +0200
.gitlab-ci.yml: bump configure cache version
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Sep 10 13:50:45 2019 +0200
.gitlab-ci.yml: export guile related envvars for doc-dist.Fedora
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 6 08:36:04 2019 +0200
tests: check interoperability testing with gnutls 2.12.x and SHA256
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Aug 3 21:51:58 2019 +0200
_gnutls_epoch_set_keys: do not forbid random padding in TLS1.x CBC ciphersuites
Since some point in 3.6.x we updated the calculation of maximum record size,
however that did not include the possibility of random record padding available
for CBC ciphersuites which exceeds the maximum. This commit allows for larger
sizes for these ciphersuites to account for random padding as applied by
gnutls 2.12.x.
Resolves: #811
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Ludovic Courtès <ludo@gnu.org>
Date: Sat Jul 20 16:13:02 2019 +0200
.gitlab-ci.yml: minimal.Fedora.x86_64: Pass '--disable-guile' the 2nd time as well.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Author: Ludovic Courtès <ludo@gnu.org>
Date: Sat Jul 20 16:08:48 2019 +0200
.gitlab-ci.yml: doc-dist.Fedora: Pass "GUILE", "GUILD", and "guile_snarf" to 'configure'.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Author: Ludovic Courtès <ludo@gnu.org>
Date: Sat Aug 31 16:38:13 2019 +0200
maint: Include Guile's M4 macros.
This ensures 'GUILE_PKG' & co. behaves as we want. Previously we had
problem in CI when using 'guile.m4' coming from potentially old distro
packages, as discussed in issue !1020:
https://gitlab.com/gnutls/gnutls/merge_requests/1020#note_194443890
* m4/guile.m4: New file, from Guile's 'stable-2.2' branch,
commit 9846178c69445142ef0b9432417453d2d4de6635.
* .x-sc_prohibit_test_minus_ao: New file.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Sep 5 11:36:27 2019 +0300
priority: fix loop which removes systemwide disabled KX algos
Fix c&p error in KX-removal loop.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Sun Sep 1 13:50:35 2019 +0200
Added initial corpora for rawpk client and server fuzzers.
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Sun Sep 1 13:49:59 2019 +0200
Implemented server rawpk fuzzer.
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Sun Sep 1 13:49:40 2019 +0200
Implemented client rawpk fuzzer.
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Sep 2 16:34:08 2019 +0300
gnutls-cli-debug: fix early break for no version supported check
Currently gnutls-cli-debug code hardodes index of tests, after which it
will check if any known protocols (SSL 3.0/TLS1.[0123]) are supported by
the server. However this number is hardcoded and thus easy to break.
This is exactly what happened after adding %ALLOW_SMALL_RECORDS check.
Two tests were added in front of tests lists without updating this
index.
So let's make this check robust by adding another test which will return
fatal error if no known protocols are supported. While we are at it,
also simplify tests loop by removing internal loop completely and
controlling opening/closing a socket with a flag.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Aug 3 21:32:47 2019 +0200
tests: added interoperability test with gnutls 2.12.x
This enables this test in debian build.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Ludovic Courtès <ludo@gnu.org>
Date: Sat Aug 31 16:33:33 2019 +0200
guile: Update the list of certificate status values.
* guile/modules/gnutls/build/enums.scm (%certificate-status-enum): Add
'gnutls_certificate_status_t' values that were missing.
* guile/src/core.c (scm_gnutls_peer_certificate_status): Add
'MATCH_STATUS' clauses to handle them.
* guile/modules/gnutls.in: Export them.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Author: Michael Catanzaro <mcatanzaro@gnome.org>
Date: Tue Aug 13 14:55:19 2019 -0500
Fix typo in gnutls_db_set_cache_expiration() docs
21600 seconds is six hours.
Signed-off-by: Michael Catanzaro <mcatanzaro@gnome.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Aug 2 07:40:44 2019 +0200
crypto-api: add gnutls_aead_cipher_{en,de}cryptv2
This adds an in-place equivalent of gnutls_aead_cipher_encrypt() and
gnutls_aead_cipher_decrypt(), that works on data buffers.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Aug 1 18:13:38 2019 +0200
crypto-api: use giovec_t iterator interface for aead_encryptv
This replaces the macros AUTH_UPDATE and ENCRYPT used in
gnutls_aead_cipher_encryptv() with the iov_iter interface.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Aug 1 17:41:45 2019 +0200
iov: add iterator interface for giovec_t
This adds an iterator interface over giovec_t array, extracting a
fixed sized block.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Aug 7 15:55:44 2019 +0200
nettle: prohibit deterministic ECDSA/DSA under FIPS except selftests
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Aug 5 15:21:55 2019 +0200
nettle: enable deterministic ECDSA/DSA during FIPS selftests
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jul 29 14:01:11 2019 +0200
pk: implement deterministic ECDSA/DSA
This exposes the deterministic ECDSA/DSA functionality through the
GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Aug 7 14:37:00 2019 +0200
privkey_sign_prehashed: remove unused argument
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jul 29 15:10:51 2019 +0200
privkey_sign_raw_data: remove unnecessary local variable
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jul 29 14:00:30 2019 +0200
nettle: add functions for deterministic ECDSA/DSA
This adds functions to perform deterministic ECDSA/DSA, namely
_gnutls_{ecdsa,dsa}_compute_k(), which computes the k value according
to RFC 6979. The retrieved k value can be given to
nettle_{ecdsa,dsa}_sign() through a wrapper random function.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 2 21:57:40 2019 +0200
read_cpuid_vals: use __get_cpuid_count() only when available
This makes the functionality available on gcc 4.8.
Resolves: #812
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 2 22:16:31 2019 +0200
src/Makefile.am: fix detection of .bak files
This fixes detection in a way to work in builds outside the
source directory.
Resolves: #810
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 2 21:25:39 2019 +0200
configure: AS_HELP_STRING cannot print variables; don't try
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Karsten Ohme <k_o_@users.sourceforge.net>
Date: Tue Jun 18 12:17:14 2019 +0000
Notes about Ubuntu specific software versions not available.
Signed-off-by: Karsten Ohme <k_o_@users.sourceforge.net>
Author: Andreas Metzler <ametzler@debian.org>
Date: Mon Jul 29 17:47:42 2019 +0200
Ship inih/LICENSE.txt in release tarball
inih's license terms requires shipping a copy of the license when
redistributing the source.
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Michael Catanzaro <mcatanzaro@igalia.com>
Date: Fri Jul 26 11:18:07 2019 -0500
Improve documentation of gnutls_record_send()
It's no longer required to retry this function with the same parameters
if you want to use gnutls_record_discard_queued().
Fixes #806
Signed-off-by: Michael Catanzaro <mcatanzaro@igalia.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 26 09:57:29 2019 +0200
certtool: default to yes on signing certificates for CAs
When asking the questions for CA certificate generation, default
to yes to signing certificates. This is because that's the most
common type of CAs generated and defaulting to yes eliminates
the need for restart on error.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 25 20:38:14 2019 +0200
bumped version for 3.6.9
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 22 12:43:50 2019 +0200
gnutls.h: mark AEAD ciphers as such in gnutls_cipher_algorithm_t description
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 22 10:00:51 2019 +0200
abi-check: correctly bail-out on errors
Added suppressions for _MAX enumerator values.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Karsten Ohme <k_o_@users.sourceforge.net>
Date: Sat Jun 22 00:39:56 2019 +0200
Support for Generalname registeredID from RFC 5280 in subject alt name
Added test certificates (cert10.der) with registered ID
Updated Makefile for inclusion of test certificates
Updated SAN unknown test certificates (cert5.der)
Signed-off-by: Karsten Ohme <k_o_@users.sourceforge.net>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jul 21 10:18:35 2019 +0200
libgnutls.abignore: added comment linking to syntax
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jul 21 10:06:22 2019 +0200
NEWS: updated for upcoming release [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Jul 16 14:41:50 2019 +0200
Fix documented params for gnutls_certificate_retrieve_function3()
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jul 14 22:27:50 2019 +0200
Fixed alerts returned on TLS1.3 corner cases
This enables the tls-fuzzer tests 'test-tls13-certificate-verify.py'.
Resolves: #682
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sun Jul 14 12:17:18 2019 +0300
nettle/backport: fix xts-backport guarding check
Check for nettle_xts_encrypt_message() function rather than just
xts_encrypt_message(). All functions in nettle are renamed to contain
`nettle_` prefix.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Jul 11 21:37:08 2019 +0300
nettle/gost: support building with GOST-enabled Nettle
Nettle library starts to gain support for GOST algorithms. Support
building GnuTLS with GOST-enabled nettle library.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Jun 30 08:23:41 2019 +0200
tests: remove unused destructive/p11-kit-load.sh
This file is replaced with tests/p11-kit-load.sh and
tests/pkcs11/list-tokens.c.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jun 19 17:21:16 2019 +0200
pkcs11: ignore login error when traversing tokens
If a token is a general access device, it is expected that login
attempt to that token returns error:
https://github.com/p11-glue/p11-kit/blob/master/trust/module.c#L852
On the other hand, _pkcs11_traverse_tokens treats the error as fatal
and stops iteration. This behavior prevents object search without
token specifier if such tokens are registered in the system.
Reported by Stanislav Zidek in
https://bugzilla.redhat.com/show_bug.cgi?id=1705478
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jul 8 16:54:56 2019 +0200
ext/session_ticket: avoid calling memcpy on overlapping memory areas
In _gnutls_encrypt_session_ticket, ticket.encrypted_state is allocated
from ticket_data->data, thus those memory areas may overlap. Using
memcpy here leads to undefined behavior.
Spotted by valgrind run on ppc64le.
==95231== Source and destination overlap in memcpy(0x47ce3a2, 0x47ce3a2, 160)
==95231== at 0x408A840: memcpy (vg_replace_strmem.c:1023)
==95231== by 0x424EE9F: pack_ticket (session_ticket.c:139)
==95231== by 0x424FA4F: _gnutls_encrypt_session_ticket (session_ticket.c:335)
==95231== by 0x4199E3B: generate_session_ticket (session_ticket.c:249)
==95231== by 0x419A333: _gnutls13_send_session_ticket (session_ticket.c:307)
==95231== by 0x40F8817: _gnutls13_handshake_server (handshake-tls13.c:511)
==95231== by 0x4110DEB: handshake_server (handshake.c:3331)
==95231== by 0x410C70B: gnutls_handshake (handshake.c:2727)
==95231== by 0x10009EBF: retry_handshake (serv.c:1306)
==95231== by 0x1000AB67: tcp_server (serv.c:1500)
==95231== by 0x10009E5B: main (serv.c:1297)
==95231==
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 9 10:06:47 2019 +0200
lib: mark infinite loops explicitly
There were few infinite loop constructions which were checking
for an always true condition. Make sure that this construction
is marked explicitly as while(1) to assist static analysers, or
reviewers.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 9 09:56:24 2019 +0200
tests: improve coverage of CRQ related functions
That adds sanity check of crq-related functions that were not included
in the testsuite at all.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 8 19:33:50 2019 +0200
encode_ber_digest_info: added sanity check
Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15665
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 3 21:04:23 2019 +0200
doc update [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 13 09:13:22 2019 +0200
testcompat-openssl: added interop test with DTLS 1.2
This tests AES-CBC ciphersuites in isolation, as they are
prioritized lower than AES-GCM. We want to test them explicitly
because they have different behavior under EtM.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 7 23:22:52 2019 +0200
tests: added sanity check for rfc7633 behavior
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 7 16:51:30 2019 +0200
tests: status-request-missing: renamed to rfc7633-missing
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 7 16:39:53 2019 +0200
status-request-ext: run under all TLS versions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 7 16:35:11 2019 +0200
tests: status-request: cleanup
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 7 16:34:21 2019 +0200
tests: status-request-missing: run for all TLS versions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jun 29 21:02:11 2019 +0200
gnutls-cli-debug: test whether RSA key exchange is supported
Resolves: #449
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 28 21:08:32 2019 +0200
gnutls_session_get_desc: avoid printing a NULL value
When gnutls_session_set_premaster() is used (under openconnect),
it is possible that gnutls_session_get_desc will print a string like
this: "(DTLS1.2)-(ECDHE-(null))-(AES-256-GCM)"
With this change we ensure that we do not print null values.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jun 21 15:49:26 2019 +0200
nettle/rnd-fips: add FIPS 140-2 continuous RNG test
This adds a continuous random number generator test as defined in FIPS
140-2 4.9.2, by iteratively fetching fixed sized block from the system
and comparing consecutive blocks.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Jun 28 16:54:30 2019 +0300
lib: document gnutls_hmac_fast vs nonce relationship
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Jun 28 00:27:01 2019 +0300
tests/gnutls_hmac_fast: run test for AES-UMAC-96/-128
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Jun 25 00:12:29 2019 +0300
nettle: return true for gnutls_mac_exists(AES-CMAC*)
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Jun 28 16:28:58 2019 +0300
NEWS: add an entry for AES-GMAC algorithms
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Jun 28 00:27:01 2019 +0300
tests/gnutls_hmac_fast: run test for AES-GMAC-128/-192/-256
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Jun 28 16:19:15 2019 +0300
nettle/mac: fail mac calculation if nonce is required but not provided
Fail _wrap_nettle_mac_set_nonce() and _wrap_nettle_mac_fast() if MAC
requires nonce, but it was not supplied.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Jun 28 00:27:04 2019 +0300
nettle/mac: in mac_fast call set_nonce after set_key
Calling set_nonce before set_key is plain incorrect. For GMAC key is not
initialized. For UMAC set_key will reset nonce to empty.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Jun 24 20:29:31 2019 +0300
lib: add support for AES-GMAC
Add support for computing AES-GMAC using MAC API, as requested by Samba
for SMB3 support.
Resolves: #781
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 28 14:59:19 2019 +0200
tests: gnutls_x509_crt_list_import: verify that return code is as documented
That checks whether the return code of gnutls_x509_crt_list_import()
contains the number of loaded certificates.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 28 08:20:31 2019 +0200
gnutls_x509_crt_list_import2: updated doc to reflect the actual return value options
Resolves: #794
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 29 15:28:28 2019 +0200
Align _gnutls_x86_cpuid_s as OPENSSL_ia32cap_P would be
We were not setting the third array member correctly, though
this didn't have any impact to previous implementations as they
did not rely on it. This also moves away from the custom implementation
of cpuid (which was limited), and we now rely on the compiler's
version.
This effectively enables support for SHA_NI.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 26 14:43:19 2019 +0200
Updated asm files to latest version under cryptogams license
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Jun 26 14:24:42 2019 +0300
NEWS: document gnutls_hash/hmac_copy addition
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 26 11:27:27 2019 +0200
gnutls_hash/hmac_copy: check its usability in all cases
During the test suite run we require that all supported
MAC and hash algorithms implement the copy function.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 26 11:20:25 2019 +0200
accelerated ciphers: implement hmac and hash copy
This implements the new API to all internal implementations.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Jun 26 11:00:39 2019 +0300
lib: add support for gnutls_hash_copy()
Add gnutls_hash_copy() function for copying message digest context.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Jun 24 17:42:10 2019 +0300
crypto-selftests: add test for gnutls_hmac_copy()
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Jun 24 17:38:56 2019 +0300
api: add gnutls_hmac_copy() function
Add gnutls_hmac_copy() API to duplicate MAC handler state, which is
necessary for SMB3 support.
Resolves: #787
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Nov 30 01:34:14 2016 +0300
Add MAC copying support to nettle backend
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Nov 30 01:32:30 2016 +0300
Add MAC api to support copying of instances
GOST ciphersuites requires continuously computing MAC of all the
previously sent or received data. The easies way to support that is to
add support for copy function, that creates MAC instance with the same
internal state.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 29 10:36:24 2019 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 4 16:25:37 2019 +0200
config: added ability to override and mark algorithms as disabled
This allows the system administrator or the distributor to use
the gnutls configuration file to mark hashes, signature algorithms,
TLS versions, curves, groups, ciphers KX, and MAC algorithms as
insecure (the last four only in the context of a TLS session).
It also allows to set a minimum profile which the applications
cannot fall below.
The options intentionally do not allow marking algorithms as
secure so that the configuration file cannot be used as an attack
vector. This change also makes sure that unsupported and disabled protocols
during compile time (e.g., SSL3.0), do not get listed by gnutls-cli.
The configuration file feature can be disabled at compile time
with an empty --with-system-priority-file.
This patch it introduces the function gnutls_get_system_config_file()
allowing applications to check whether a configuration file
was used.
Resolves: #587
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 3 11:59:37 2019 +0200
Use inih to parse configuration file
This introduces the inih copylib, and makes our configuration
file parsing more flexible.
Relates: #587
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 19 21:38:32 2019 +0200
Marked the crypto backend registration APIs as deprecated
This is to warn for a future conversion of these APIs to a no-op.
Resolves: #789
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 19 14:20:26 2019 +0000
gnutls-cli-debug.sh: sanity check of %ALLOW_SMALL_RECORDS test
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jun 7 11:39:53 2019 +0200
tlsfuzzer: test both with and without %ALLOW_SMALL_RECORDS
The option changes the behavior of the server, it would make sense to
check both with and without %ALLOW_SMALL_RECORDS.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jun 7 15:10:36 2019 +0200
tlsfuzzer: use fixed HTTP response for record_size_limit tests
Previously those tests assumed varying sizes of connection information
gnutls-serv sends. This is too brittle and if the default algorithm
has changed the tests need to be updated.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jun 7 14:54:58 2019 +0200
gnutls-serv: add --httpdata option to respond with fixed sized data
By default, the gnutls-server --http responds with the connection
information. While this is useful for manual testing, fixed content
would be more desirable for automated testing.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jun 7 11:37:37 2019 +0200
gnutls-cli-debug: check if %ALLOW_SMALL_RECORDS is required
This adds a new test against the server to check if
%ALLOW_SMALL_RECORDS is required to continue communicating with the
server. The test is in two parts: one to check if the server accepts
records with the default size (512 bytes) and the other is to check if
%ALLOW_SMALL_RECORDS helps if the previuos test fails.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jun 19 14:36:31 2019 +0200
gnutls-serv: add --recordsize option
This adds a means to set maximum record size to receive. If the size
is less than our default (< 512), --priority with %ALLOW_SMALL_RECORDS
also needs to be specified.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Karsten Ohme <k_o_@users.sourceforge.net>
Date: Wed Jun 19 07:51:16 2019 +0200
Corrected call for updating ABI files
Signed-off-by: Karsten Ohme <k_o_@users.sourceforge.net>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jun 16 14:08:54 2019 +0200
doc: updated p11-kit links [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sat Jun 15 11:38:46 2019 +0200
CONTRIBUTING.md: Fix syntax error [ci skip]
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Ludovic Courtès <ludo@gnu.org>
Date: Wed Jun 12 11:37:39 2019 +0200
guile: Add support for post-handshake reauthentication.
* guile/modules/gnutls/build/enums.scm (%connection-flag-enum): New
variable.
(%gnutls-enums): Add it.
* guile/modules/gnutls.in: Export 'reauthenticate',
'connection-flag->string', and all the 'connection-flag/' bindings.
* guile/src/core.c (scm_gnutls_make_session): Add rest arguments FLAGS
and honor it.
(scm_gnutls_reauthenticate): New function.
* guile/tests/reauth.scm: New file.
* guile/Makefile.am (TESTS): Add it.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Author: Ludovic Courtès <ludo@gnu.org>
Date: Wed Jun 12 11:32:19 2019 +0200
guile: Loop or poll upon GNUTLS_E_AGAIN and GNUTLS_E_INTERRUPTED.
* guile/src/core.c (do_fill_port) [USING_GUILE_BEFORE_2_2]: Loop while
'gnutls_record_recv' returns GNUTLS_E_AGAIN or GNUTLS_E_INTERRUPTED.
(read_from_session_record_port) [!USING_GUILE_BEFORE_2_2]: Likewise, and
return -1 if SCM_GNUTLS_SESSION_TRANSPORT_IS_FD and we got GNUTLS_E_AGAIN.
(session_record_port_fd) [!USING_GUILE_BEFORE_2_2]: New function.
(scm_init_gnutls_session_record_port_type) [!USING_GUILE_BEFORE_2_2]:
Call 'scm_set_port_read_wait_fd'.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Author: Ludovic Courtès <ludo@gnu.org>
Date: Fri Jun 7 11:06:18 2019 +0200
guile: Add bindings for 'gnutls_error_is_fatal'.
* guile/src/errors.c (scm_gnutls_fatal_error_p): New function.
* guile/modules/gnutls.in: Export 'fatal-error?'.
* guile/tests/errors.scm: test 'fatal-error?'.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Author: Ludovic Courtès <ludo@gnu.org>
Date: Fri Jun 7 10:34:42 2019 +0200
guile: Update list of error values.
* guile/modules/gnutls/build/enums.scm (%error-enum): Update list of
error constants.
* guile/modules/gnutls.in (gnutls): Adjust exports accordingly.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jun 12 14:02:05 2019 +0200
fips: run selftests over overridden AES-CBC algorithm
Previously, we only tested nettle's AES-CBC in
_gnutls_fips_perform_self_checks1(), which is called before the
implementation is overridden. This adds an AES-CBC self-test in
_gnutls_fips_perform_self_checks2() so it can test the actual
implementation.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Ludovic Courtès <ludo@gnu.org>
Date: Thu Jun 6 18:30:28 2019 +0200
guile: Deprecate OpenPGP bindings.
* guile/modules/gnutls.in (define-deprecated): New macro.
Use it for all the *openpgp* bindings.
* guile/src/core.c: Rename *openpgp* bindings with a '%' prefix.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 10 22:12:09 2019 +0200
gnutls_privkey_sign_hash2: accept the GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA flag
Previously this flag was ignored, although documented not to.
This patch also enables the tests sign-verify-newapi and sign-verify-data-newapi
which were supposed to test this interface, but were never enabled.
This was caught by Andreas Metzler.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 30 13:49:22 2019 +0200
tests: removed debugging output from GETPORT
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jun 8 19:19:03 2019 +0200
.gitlab-ci.yml: include top log files in all build failures [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Ludovic Courtès <ludo@gnu.org>
Date: Fri Jun 7 10:16:02 2019 +0200
guile: Remove unbounded uses of 'alloca'.
* guile/src/core.c (ALLOCA_MAX_SIZE, FAST_ALLOC): New macros.
(set_certificate_file):
(scm_gnutls_set_certificate_credentials_x509_key_files_x)
(scm_gnutls_set_srp_server_credentials_files_x)
(scm_gnutls_set_srp_client_credentials_x)
(scm_gnutls_srp_base64_encode, scm_gnutls_srp_base64_decode)
(scm_gnutls_set_psk_server_credentials_file_x)
(scm_gnutls_pkcs8_import_x509_private_key)
(scm_gnutls_x509_certificate_matches_hostname_p)
(scm_gnutls_import_openpgp_private_key): Use 'FAST_ALLOC' instead of
'alloca'.
* guile/src/utils.c: Remove unneeded <alloca.h> include.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Author: Ludovic Courtès <ludo@gnu.org>
Date: Fri Jun 7 10:11:12 2019 +0200
guile: Always provide 'scm_gc_malloc_pointerless'.
* guile/src/core.c (scm_gc_malloc_pointerless)
[!HAVE_SCM_GC_MALLOC_POINTERLESS]: New macro.
(make_session_record_port): Remove #ifdef HAVE_SCM_GC_MALLOC_POINTERLESS.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jun 5 16:48:39 2019 +0200
tls13/key_update: ignore multiple key updates instead of error
This fixes the multiple KeyUpdate messages handling in commit
65e2aa80d114d4bef095d129c2eda475e473244a, where illegal_parameter is
sent even if the limit doesn't exceed.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon Jun 3 21:53:05 2019 +0200
Prefix gcc attributes with 'attr_'
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 3 13:26:18 2019 +0200
gnutls_prf_early: corrected Since version [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Sun Jun 2 12:42:16 2019 +0200
Fix warn_unused_result for clang < 4
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jun 1 16:18:50 2019 +0200
.gitlab-ci.yml: switched fedora to latest version
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 30 14:42:52 2019 +0200
Makefile.am: do not create files when it shouldn't
If a pdf or html file is not distributed, previously `make dist`
would create a file called '*.pdf' which did not make sense. This
addresses this problem.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 25 21:17:27 2019 +0200
Do not regenerate autogen files if --enable-local-libopts is given
This addresses issue on installed systems which have autogen but
use --enable-local-libopts. In these systems if the installed autogen
would not match the local libopts library version compilation would
fail because the auto-generated files depend on the corresponding to
autogen version libopts internals.
Resolves: #772
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 27 15:16:52 2019 +0200
Remove malloc from gnutls_srp_set_server_fake_salt_seed()
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon May 20 12:49:51 2019 +0200
gnutls_session_set_data(): Check for allocation error
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon May 20 12:46:54 2019 +0200
_gnutls_set_[str]datum: Cleanup, add function attributes
_gnutls_set_datum(): Do not change output 'dat' on error
_gnutls_set_strdatum: Likewise, cleanup code
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue May 21 11:17:39 2019 +0200
Add nonnull, nonnull_all and warn_unusd_result attributes in lib/gnutls_int.h
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 28 07:05:46 2019 +0200
doc: do not distribute pdf files
It compicates the 'make dist' phase and does not add much
value as the files are available from the web site.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 28 06:45:56 2019 +0200
released 3.6.8
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 27 22:34:42 2019 +0200
minor updates in the latex version of the manual [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 27 21:29:44 2019 +0200
doc update [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun May 26 21:35:19 2019 +0200
RELEASES.md: document the releases policy [ci skip]
This adds a file to document the policy on releases based on
the discussions taken place in the last face to face meeting.
https://gitlab.com/gnutls/gnutls/wikis/face2face-meeting-fosdem2019
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 24 12:59:13 2019 +0200
.gitlab-ci.yml: ensure that the LIBS variable is empty after a configure run
We do not use this variable as it is global and applies to all of
tests, applications and library, and when it is set it is usually due to
bugs in configure.ac.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 23 21:20:49 2019 +0200
Do not add libraries in the global LIBS in configure
This ensures that libraries are linked with the programs
requiring them.
Resolves: #735
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 23 11:41:45 2019 +0200
bumped version
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 24 05:46:18 2019 +0200
tests: prf-early fixes the global version
This allows having fixed data in the hello message involved.
That required exposing the variable holding the global gnutls
version number for testing.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 23 21:32:58 2019 +0200
certtool: corrected typo in manual [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 23 21:11:58 2019 +0200
Revert "bumped version"
In order to make the CI functional again. The version number update
seems to conflict with tests/tls13/prf-early.sh
This reverts commit d34d93b8713cf10235ce7016fd69b6932b0752c0.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 23 15:29:23 2019 +0200
tests: prf-early.sh: use the static flag of datefudge
This eliminates unexpected failures of the test in slower systems.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 23 15:41:19 2019 +0200
tlsfuzzer: reverted accidental move to incorrect version
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 23 11:44:12 2019 +0200
NEWS: doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 23 11:41:45 2019 +0200
bumped version
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Simo Sorce <simo@redhat.com>
Date: Wed May 22 15:08:45 2019 -0400
Pass down Q for FFDHE in al pre TLS1.3 as well
Signed-off-by: Simo Sorce <simo@redhat.com>
Author: Simo Sorce <simo@redhat.com>
Date: Tue May 21 09:40:01 2019 -0400
Check Q for FFDHE primes in prime-check
These are mersenne primes so q = (p - 1) / 2
We check that p = (q * 2) + 1
Signed-off-by: Simo Sorce <simo@redhat.com>
Author: Simo Sorce <simo@redhat.com>
Date: Mon May 20 17:13:12 2019 -0400
Always pass in and check Q in TLS 1.3
In FIPS mode do an extra check that we did have Q, but it is always
passed into the tls13 derive function from the callers.
Signed-off-by: Simo Sorce <simo@redhat.com>
Author: Simo Sorce <simo@redhat.com>
Date: Fri May 17 14:05:37 2019 -0400
Add plumbing to handle Q parameter in DH exchanges
Signed-off-by: Simo Sorce <simo@redhat.com>
Author: Simo Sorce <simo@redhat.com>
Date: Tue May 14 18:38:33 2019 -0400
Add test to ensure ECDH exchange behaves correctly
This test ensures that public keys are properly tested for validity
before a ECDH exchange is computed.
Signed-off-by: Simo Sorce <simo@redhat.com>
Author: Simo Sorce <simo@redhat.com>
Date: Fri May 10 14:49:05 2019 -0400
Add test to ensure DH exchange behaves correctly
This test ensures that public keys are properly tested for validity
before a DH exchange is computed.
Signed-off-by: Simo Sorce <simo@redhat.com>
Author: Simo Sorce <simo@redhat.com>
Date: Fri May 3 12:32:56 2019 -0400
Add Full Public Key Check for DH
This is for NIST SP800-56A requirements and FIPS CAVS testing.
GnuTLS never passes in a non-empty Q for normal operations, but tests will
and if Q is passed in it needs to be checked.
Signed-off-by: Simo Sorce <simo@redhat.com>
Author: Simo Sorce <simo@redhat.com>
Date: Wed May 1 10:57:51 2019 -0400
Fix Copy&Paste error
Signed-off-by: Simo Sorce <simo@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed May 22 10:39:27 2019 +0200
tls13/key_update: increase handling limit from 1 to 8
The limit was too small when testing the capability of handling
multiple KeyUpdate messages with tlsfuzzer.
This requires a change in the rate limit logic, as previously it
doesn't count the KeyUpdate messages despite the name of
KEY_UPDATES_PER_SEC.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed May 22 11:51:57 2019 +0200
tlsfuzzer: use %ALLOW_SMALL_RECORDS for testing
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed May 22 11:16:03 2019 +0200
priority: add new option to allow small records (>= 64)
There is a mismatch in the lower limit of record sizes in RFC
8449 (64) and our default (512). If the server advertises a smaller
limit than our default, the client has no way to keep communicating
with the server.
This patch adds a new priority string option %ALLOW_SMALL_RECORDS to
set the limit to 64.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue May 21 08:32:21 2019 +0200
record_add_to_buffers: check if there is an incomplete handshake header
The function checks if a Handshake message is interleaved with an
Application Data, but the check was insuffient because it assumed that
a complete header is received in the buffer.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri May 17 11:51:00 2019 +0200
algorithms: eliminate the FFDHE alert desc requirement
This implements the errata for RFC 7919 eliminating the requirement to
reply with an insufficient_security alert when we have negotiated an
FFDHE group, but cannot find common ciphersuite:
https://www.rfc-editor.org/errata/eid4908
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Aleksei Nikiforov <darktemplar@basealt.ru>
Date: Fri May 17 14:44:06 2019 +0300
Mark second argument of function gnutls_x509_crt_equals2 as const
This will allow using this function with certificates
returned by function gnutls_certificate_get_peers
without casts dropping const qualifier or
making temporary copies out of retrieved data.
Signed-off-by: Aleksei Nikiforov <darktemplar@basealt.ru>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 21 08:22:08 2019 +0200
tests: verify functionality of GNUTLS_VERIFY_DISABLE_CA_SIGN flag
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Kenneth J. Miller <ken@miller.ec>
Date: Mon Apr 15 17:56:13 2019 +0200
pubkey: remove deprecated TLS1_RSA flag check
The gnutls_certificate_verify_flags comparisons against
OLD_PUBKEY_VERIFY_FLAG_TLS1_RSA conflicts with
GNUTLS_VERIFY_DISABLE_CA_SIGN and no longer seems to be used in calls to
both gnutls_pubkey_verify_data2 and gnutls_pubkey_verify_hash2 as it
seems to have been fully replaced by GNUTLS_VERIFY_USE_TLS1_RSA.
Resolves: #754
Signed-off-by: Kenneth J. Miller <ken@miller.ec>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 21 05:54:35 2019 +0200
x509.h: corrected typo in newly introduced definition
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 20 21:34:30 2019 +0200
x509.h: removed stray '%'
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 20 16:13:12 2019 +0200
certtool: CA certificates will contain the digital signature key usage flag
This change ensures that all certificates will contain the digital
signature key usage flag if that's specified in the template.
Resolves: #767
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 20 14:40:31 2019 +0200
Added profile to correspond to the future security parameter
It seems that the FUTURE security level parameter was added
without a corresponding verification profile. This patch address
the issue by introducing it.
Resolves: #770
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 20 15:47:41 2019 +0200
tests: added unit tests of utc and generalTime convertor
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Apr 29 19:03:55 2019 +0200
server auth: disable TLS 1.3 if no signature algorithm is usable
This is a server side counterpart of
005a4d04145707daad9588acedfdb5f6cd97c80c.
Instead of signalling an error when no algorithm is usable in TLS 1.3,
it downgrades the session to TLS 1.2 with a warning.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 18 21:13:10 2019 +0200
algorithms/secparams.c: fixed indentation
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 20 14:34:56 2019 +0200
gnutls-serv: GERR macro will output in stderr
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon May 20 11:10:11 2019 +0200
Apply STD3 ASCII rules in gnutls_idna_map()
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri May 10 11:42:46 2019 +0200
Fix _Thread_local for C99 installed in C11 environments
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri May 10 11:27:32 2019 +0200
Remove redundant typedef of Tspi_Context_GetTpmObject_func()
Gcc 4.4 errors out on this.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed May 15 09:47:24 2019 +0200
Update gnulib for gcc-9 manywarnings
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 14 21:39:46 2019 +0200
Check all memory allocation in examples and certtool
Resolves: #739
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Apr 25 17:08:43 2019 +0200
ext/record_size_limit: distinguish sending and receiving limits
The previous behavior was that both sending and receiving limits are
negotiated to be the same value. It was problematic when:
- client sends a record_size_limit with a large value in CH
- server sends a record_size_limit with a smaller value in EE
- client updates the limit for both sending and receiving, upon
receiving EE
- server sends a Certificate message larger than the limit
With this patch, each peer maintains the sending / receiving limits
separately so not to confuse with the contradicting settings.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue May 7 14:49:05 2019 +0300
lib/nettle: fix carry flag in Streebog code
Fix carry flag being calculated incorrectly in Streebog code.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri May 10 13:31:23 2019 +0200
Fix endless looping GETPORT in tests/scripts/common.sh
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 10 06:30:12 2019 +0200
_gnutls_srp_entry_free: follow consistent behavior in freeing data
_gnutls_srp_entry_free would previously not free any parameters that
were known to gnutls to account for documented behavior of
gnutls_srp_set_server_credentials_function(). This was not updated
when the newly added 8192 parameter was added to the library.
This introduces a safety check for generator parameters, even though
in practice they are the same pointer.
Resolves: #761
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 8 22:08:18 2019 +0200
dane.h: added multiple inclusion header guard
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 8 21:52:54 2019 +0200
tools: suppress ctime() error from static analysers
This function is not thread safe and can be easily misused
even in single threaded scenarios (one such minor bug fixed).
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 8 22:05:10 2019 +0200
accelerated: added header guards
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Sun Apr 28 11:11:23 2019 +0200
Add or clean header guards in lib/includes/gnutls/
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed May 1 20:33:28 2019 +0200
Add or clean header guards in lib/nettle
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Sun Apr 28 12:22:59 2019 +0200
Add or clean header guards in tests/
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Sun Apr 28 12:19:01 2019 +0200
Add or clean header guards in src/
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Sun Apr 28 12:11:13 2019 +0200
Add or clean header guards in lib/x509/
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Sun Apr 28 12:08:27 2019 +0200
Add or clean header guards in lib/tls13/
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Sun Apr 28 12:05:32 2019 +0200
Add or clean header guards in lib/extras/
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Sun Apr 28 12:03:07 2019 +0200
Add or clean header guards in lib/ext/
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Sun Apr 28 11:55:37 2019 +0200
Add or clean header guards in lib/auth/
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu Mar 14 21:21:50 2019 +0100
Add or clean header guards in lib/
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed Apr 24 21:21:12 2019 +0200
Add 'Header guards' section in CONTRIBUTING.md
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Daniel Schaefer <git@danielschaefer.me>
Date: Sun May 5 14:35:02 2019 +0200
guile: Properly format guile configure options
Without the square brackets autoconf turns hyphens into underscores,
which is not what we want or what the help says.
Signed-off-by: Daniel Schaefer <git@danielschaefer.me>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 3 19:10:03 2019 +0200
gnutls_sign_list: document the non-thread-safeness
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Apr 30 14:42:51 2019 +0200
crypto: add private API to retrieve internal IV
For FIPS validation purposes, this adds a new function
_gnutls_cipher_get_iv() that exposes internal IV after encryption and
decryption. The function is not generally useful because the IV value
can be easily calculated from the initial IV and the subsequent
ciphertext but for FIPS validation purposes.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Apr 29 13:15:33 2019 +0200
abi-check: supply --hd2 to abi-check-latest target
To suppress changes in internal structures.
Suggested by Nikos Mavrogiannopoulos.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 20 18:46:23 2019 +0200
certtool: refuse to accept an incompatible key type
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 15 14:32:55 2019 +0200
certtool: generate RSA-PSS certificates from RSA keys
When generating certificates it was not possible to generate
an RSA-PSS certificate from an RSA key (common scenario). This
fixes the certificate generation to include such a method.
Ironically there was a test for this scenario but the test
was limited to checking that the combination of certtool parameters
succeeded; modified the test to check the textual expression of
the certificate for the RSA-PSS indicators.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Apr 19 22:04:24 2019 +0200
tls13/session_ticket: use the same ticket_age_add regardless of endianness
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Apr 19 16:59:31 2019 +0200
tls13/session_ticket: avoid UB regarding 64-bit time encoding
On 32-bit platform, struct timespec.tv_sec can be signed 32-bit and
thus right shifting 32 could be an undefined behavior.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Apr 19 08:12:56 2019 +0200
tests: make datefudge check robuster
When checking datefudge availability under cross-compiling environment
with a binfmt wrapper, it is not sufficient to check against the host
executable. This instead uses a test executable compiled for the
target architecture.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Apr 11 14:35:32 2019 +0200
serv, cli: add --keymatexport option
This adds --keymatexport and --keymatexportsize options to both
gnutls-serv and gnutls-cli. Those would be useful for testing
interoperability with other implementations.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Apr 11 12:11:00 2019 +0200
prf: add function to retrieve early keying material
This adds a new function gnutls_prf_early, which shall be called in a
handshake hook waiting for GNUTLS_HANDSHAKE_CLIENT_HELLO. The test
needs to be run in a datefudge wrapper as the early secrets depend on
the current time (through PSK).
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Apr 11 12:07:00 2019 +0200
handshake: generate early exporter secret
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Apr 11 12:00:46 2019 +0200
handshake: move early secrets calculation to pre_shared_key
TLS 1.3 Early Secret and the derived keys are calculated upon a PSK
being selected, thus the code fits better in ext/pre_shared_key.c.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Apr 11 12:10:00 2019 +0200
tests/tls13/prf: check if the exported material matches on server
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Apr 11 11:23:26 2019 +0200
prf: centrally define "exporter" label in handshake.h
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Andreas Metzler <ametzler@debian.org>
Date: Thu Apr 18 18:43:30 2019 +0200
doc: Add documentation for GNUTLS_CERT_IGNORE
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Apr 16 14:27:10 2019 +0200
p11tool: copy vendor query attributes when listing privkeys
When listing private keys on a specified token, "pin-value" is
ignored and the tool looks for GNUTLS_PIN, because it internally
strips out vendor query attributes from the original URL.
This also replaces the global uses of GNUTLS_PIN envvar in
testpkcs11.sh to check the case where the envvar is not in effect.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 7 13:22:21 2019 +0200
abi-check: simplify ABI comparison using libabigail tools
These have output ABI format compatibility and that means we can
take snapshots to test ABI against. We also hard-code explicitly
the SONAME version to ensure no accidental SONAME bumps happen.
This patch also moves symbols.last in the devel/ subdirectory
and no internal files are shipped.
Relates: #292
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 7 18:29:02 2019 +0200
.gitignore: ignore tests/libpkcs11mock2.la
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 7 14:30:30 2019 +0200
gnutls.h: re-define GNUTLS_CRT_RAWPK
This was available before 3.6.4, and was incorrectly removed.
It was found using libabigail tools.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Bernhard M. Wiedemann <bwiedemann@suse.de>
Date: Sun Apr 14 16:53:52 2019 +0200
Extend test cert to 2049-05-27
instead of expiring in 2024-02-29
This update did not trigger y2038 bugs on 32-bit systems.
Without this patch, one test fails after 2024:
doit:124: rsa pss key: gnutls_x509_crt_verify_data2 |
FAIL x509sign-verify (exit status: 1)
Signed-off-by: Bernhard M. Wiedemann <bwiedemann@suse.de>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sun Apr 14 15:25:31 2019 +0000
Fix link error with gcc-9
Use LDADD instead of LDFLAGS to link test cipher-openssl-compat against
libcrypto. This fixes a build error with gcc9 which passes the linker
option --as-needed by default.
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 14 16:15:23 2019 +0200
doc: mark TLS1.2 functions as such [ci skip]
gnutls_cipher_suite_get_name and gnutls_session_get_master_secret
are marked as TLS1.2 or earlier-only as they cannot be used with
TLS 1.3.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 13 08:37:50 2019 +0200
gnutlsxx.h: removed fixme comments [ci skip]
They served no purpose.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 13 08:33:57 2019 +0200
gnutls-cli: renamed global variable name
That is because the same variable name is used by local
variables as well.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu Apr 11 09:46:21 2019 +0200
Fix WIN32 custom push/pull functions
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Reported-by: J. Ali Harlow (@j_ali on Gitlab.com)
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Apr 9 18:20:15 2019 +0200
tests: fix race condition in tls13/post-handshake-with-cert-pkcs11
The test had a strange setup of server/client processes: the server
runs in a child process and the client runs in a parent process. The
intention behind this was to detect softhsm availability in the parent
process and exit with 77 if missing. However, there was a potential
race when the server exits and proceeds to the next call of start().
This fixes the process setup and moves the softhsm detection at the
program startup.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Tue Apr 9 19:01:46 2019 +0300
build: rename guile variables to match upstream names
Reduce confusion between the upstream terms and the gnutls terms.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Wed Apr 3 18:42:26 2019 +0300
build: allow override guile system location
guile has three settings acquired from system:
* GUILE_SITE
* GUILE_SITE_CCACHE
* GUILE_EXTENSION
The <guile-2.2 m4 macro exposed only GUILE_SITE while build tried to guess the
other variables based on the $libdir of the gnutls which may be different.
The >=guile-2.2 m4 macro provides all settings for build to use as default,
while allowing to override each.
Resolves: #748
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Marius Bakke <mbakke@fastmail.com>
Date: Tue Apr 9 14:17:09 2019 +0200
Makefile.am: Don't assume autoopts-config returns a single dash.
On distributions such as Nix or Guix, `autoopts-config libsrc` may
return something along the lines of
"/gnu/store/...-autogen-5.18.16/share/autogen/libopts-42.1.17.tar.gz".
* Makefile.am (libopts-check): Print only the last field from
autoopts-config output.
Signed-off-by: Marius Bakke <mbakke@fastmail.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Apr 9 12:19:00 2019 +0200
Pass CI commit check if branches are 'even'
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Mon Apr 8 20:34:24 2019 +0300
tests: cert-tests: crl: cleanup files
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Tue Apr 9 07:59:53 2019 +0300
ci: refresh the cache due to failures in debian
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 7 13:03:20 2019 +0200
CONTRIBUTING.md: document unit testing method of internal functions [ci skip]
Resolves: #749
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Apr 4 16:51:28 2019 +0200
tests: add post-handshake auth test using PKCS#11 token
This adds a test that exercise the client's auth rejection logic,
using the RSA-PSS disabled PKCS #11 token.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Apr 4 16:40:11 2019 +0200
tests: add mock PKCS#11 module disabling RSA-PSS
This adds libpkcs11mock2.so, which wraps SoftHSM but filters out the
use of the CKM_RSA_PKCS_PSS mechanism. That way we can simulate the
situation where the certificate is RSA while the private key cannot be
used for RSA-PSS.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 6 08:34:43 2019 +0200
nettle: include config.h before checking for definitions
This makes sure that we don't include the internal backport
if compiled with a version of nettle that includes that code.
We also exclude nettle/backport from the static analyzer's list
as it contains files outside our control (from nettle project).
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
Date: Thu Mar 28 23:04:13 2019 +0100
gnutls_memset(): calling explicit_bzero() is enough to zero-fill a buffer
If we use explicit_bzero() to zero-fill a buffer in gnutls_memset() we
don't need to zero it again via a volatile trick later in this function.
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
Author: Elta Koepp <elta_koepp@gmail.com>
Date: Fri Apr 5 10:04:12 2019 -0400
[OSCP] Fix : null pointer resp
Signed-off-by: Elta Koepp <elta_koepp@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Apr 4 17:01:24 2019 +0200
cert auth: reject auth if no signature algorithm is usable in TLS 1.3
Previously, when there is no overlap between usable signature
algorithms and the "signature_algorithms" extension in Certificate
Request, the client failed in sending Certificate Verify, followed by
a connection close. In TLS 1.3, it is possible to keep the connection
but reject the authentication by not sending Certificate Verify.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Apr 1 14:14:12 2019 +0200
handshake: remove unnecessary HSK_CRT_SENT flag
Previously, while the flag HSK_CRT_SENT was checked in
_gnutls13_send_certificate_verify, the flag was never set anywhere.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 3 11:59:37 2019 +0200
.gitlab-ci.yml: do not run commit-check on master branch
That is, because there are no diffs to check.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Simo Sorce <simo@redhat.com>
Date: Fri Mar 29 14:01:14 2019 -0400
Fix check_if_signed
Fix the target branch we check against by adding upstream as remote.
Drop the use of set -e as this causes the shell to immediately exit on
errors instead of allowing the code to check the failure and report what
it faled about.
Also print which commits are being checked and what information was found
so that a CI failure can be better diagnosed.
Signed-off-by: Simo Sorce <simo@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 30 05:37:02 2019 +0100
doc update [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Simo Sorce <simo@redhat.com>
Date: Fri Oct 19 15:53:27 2018 -0400
Vendor in XTS functionality from Nettle
If nettle's XTS is not available, use a vendored in version from master.
This is necessary as long as we need to link against 3.4 for ABI
compatibility reasons.
Signed-off-by: Simo Sorce <simo@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 29 06:08:06 2019 +0100
fuzz: improvements in gnutls_x509_verify_fuzzer [ci skip]
Added a larger set of corpus (generated with afl-fuzz), and made
sure that the fuzzer application crashes if verification succeeds.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu Mar 28 10:41:13 2019 +0100
Let check_if_signed fail if git fails
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Elta Koepp <alexi_2019@protonmail.com>
Date: Wed Mar 27 13:38:50 2019 +0000
Update ocsptool-common.c
Author: Elta Koepp <alexi_2019@protonmail.com>
Date: Wed Mar 27 12:55:55 2019 +0000
Detect malloc failure.
malloc(data.size + 1) maybe returns NULL on failure.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 27 07:21:31 2019 +0100
released 3.6.7
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Mar 25 16:06:39 2019 +0100
handshake: add missing initialization of local variable
Resolves: #704
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 25 15:47:51 2019 +0100
fuzz: added fuzzer for certificate verification
This also adds a reproducer for CVE-2019-3829.
Resolves: #694
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 26 16:11:42 2019 +0100
bumped version
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Date: Tue Mar 26 11:05:06 2019 +0100
fips140: Perform SHA-3 self tests
It is required to perform the self tests to validate SHA-3
implementation.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Mar 24 08:37:05 2019 +0100
tools: removed unused code
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Ke Zhao <kzhao@redhat.com>
Date: Thu Mar 21 11:27:24 2019 -0400
gnutls-cli: Fix output with option "--logfile"
The X.509 connection would still print informational message to the
stdout by default. Move that output to logfile and add x509 functionality
test in the test suite.
Signed-off-by: Ke Zhao <kzhao@redhat.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Sat Mar 23 00:38:17 2019 +0200
configure.ac: remove --with-guile-site-dir
The hack of distcheck is not known and should not be the default as the
GUILE_SITE_DIR macro is the default expected behavior.
There is little value in specifying any other location of the site-dir as it
is out of the guile configuration so best to remove.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 20 11:40:15 2019 +0100
_x509_en/decode_provable_seed: clarified purpose of functions [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 1 11:15:47 2019 +0100
handshake: increase the default number of tickets we send to 2
This makes it easier for clients which perform multiple connections
to the server to use the tickets sent by a default server. That's
because 2 tickets allow for 2 new connections (if one is using each
ticket once as recommended), which in turn lead to 4 new and so on.
Resolves: #596
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 23 21:02:56 2019 +0100
Improved estimation of wait in gnutls_session_get_data2
Previously we would wait an arbitrary value of 50ms for the
server to send session tickets. This change makes the client
wait for the estimated single trip time + 60 ms for the server
to calculate the session tickets. This improves the chance
to obtain tickets from internet servers during the call of
gnutls_session_get_data2().
Resolves: #706
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 16 19:59:07 2019 +0100
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Ke Zhao <kzhao@redhat.com>
Date: Wed Mar 6 13:23:24 2019 -0500
gnutls-cli: Add option "--logfile" to redirect information message output
First, add an option "--logfile" so user could choose a specific file to
store all the informational messages. In some cases, informational
messages may cause unexpected result if the output is standard output.
With this option, user could redirect these messages to a specific
file. This will be helpful in testing and tracking.
Second, replace printf() function with log_msg() function
This log_msg() function is used when "--logfile" is enabled.
Third, add a functionality test for "--logfile" option
Add a test script to test if "--logfile" option works as it should be.
Signed-off-by: Ke Zhao <kzhao@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 15 17:00:17 2019 +0100
Removed all FIXME comments in code [ci skip]
We expand informational comments on limitations, but with removing
FIXME (keyword didn't help fixing these), and remove completely unhelpful
comments, obsolete ones, or comments about ideas.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 13 15:14:37 2019 +0100
pkcs11: security officer login implies writable session
According to the PKCS#11 v2.30, 6.7.1 there are no read-only Security Officer
sessions.
Resolves: #721
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Steve Lhomme <robux4@ycbcr.xyz>
Date: Wed Mar 13 14:54:28 2019 +0000
inet_ntop is available in Windows but not via arpa/inet.h
It's found in ws2tcpip.h which is already included in gnutls_int.h
arpa/inet.h doesn't exist on Windows, so add arpa_inet to the list of headers
replaced by gnulib if not found.
Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu Mar 7 10:16:46 2019 +0100
Update the GNU Free Documentation License (FDL)
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon Feb 25 10:36:36 2019 +0100
Fix URL of ABI compliance checker
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon Feb 25 10:32:24 2019 +0100
Fix URLs of p11-kit
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Feb 5 17:00:41 2019 +0100
Use https:// in lib/, src/, and m4/
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Feb 5 16:56:08 2019 +0100
Use https:// for arbitrary files #1
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Feb 5 16:44:37 2019 +0100
Use https:// for www.iana.org
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Feb 5 16:25:25 2019 +0100
Use https:// for csrc.nist.gov
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Feb 5 16:22:43 2019 +0100
Use https:// for www.gnu.org and www.example.com
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 13 09:03:39 2019 +0100
.gitlab-ci.yml: updated cache key name
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Mar 10 13:59:32 2019 +0100
tests: verify that 'certtool -i --outder' does not output text
A common regression in the past, was certtool outputting text while
writing raw DER data. Ensure that the certificate-info option does not
regress.
Resolves: #627
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 9 21:50:46 2019 +0100
SECURITY.md: updated to reflect the current practice [ci skip]
This change updates the SECURITY guidelines to reflect the current
practice (no special security releases), and thus refer directly
to the upcoming or following release. Furthermore, it removes
any mention of absolute time, as the release cadence is already
fixed to bi-monthly.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 9 21:14:39 2019 +0100
doc: removed cyclo subdir
This directory had a makefile which was intended to calculate the cyclomatic
complexity, however that was not functional, and not related with gnutls'
documentation.
Resolves: #727
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 8 20:17:49 2019 +0100
NEWS: fix NEWS entries [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Mar 4 17:17:47 2019 +0100
tls13/certificate: utilize "certificate_required" alert
This could make errors more distinguishable when the client sends no
certificates or a bad certificate.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Feb 27 18:38:09 2019 +0100
alert: recognize "certificate_required"
This may be sent if the server received an empty Certificate message.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Date: Fri Jan 18 13:17:46 2019 +0100
.gitlab-ci.yml: Test FIPS HMAC self-test
This enables the integrity self-tests in FIPS140 test build.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Author: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Date: Fri Jan 11 11:23:21 2019 +0100
fips140: Ignore newlines read at the end of HMAC file
This makes the integrity check to ignore newlines appended after the
HMAC value.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Author: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Date: Thu Jan 10 14:04:02 2019 +0100
fips140: Fix the names of files used in integrity checks
The names of the libraries haven't been updated when the soname version
were bumped.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Author: Bas van Schaik <gitlab.com@s.traiectum.net>
Date: Thu Feb 28 22:15:26 2019 +0000
Create .lgtm.yml for LGTM.com C/C++ analysis
Signed-off-by: Bas van Schaik <gitlab.com@s.traiectum.net>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 25 14:41:24 2019 +0100
.gitlab-ci.yml: added thread sanitizer run
This checks for unsafe uses of variables in our included threaded
tests.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 25 14:35:16 2019 +0100
Protected _gnutls_epoch_get from _gnutls_epoch_gc on false start
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 25 15:11:19 2019 +0100
gnutls_record_send2: try to ensure integrity of operations on false and early start
This adds a double check in the sanity check of gnutls_record_send2()
for the initial_negotiation_completed value, making sure that the
check will be successful even in parallel operation of send/recv.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Feb 24 21:13:27 2019 +0100
mini-dtls-pthread: renamed and fixed several shortcomings
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Feb 24 00:19:21 2019 +0100
Make false start and early start multi-thread recv/send safe
An application that is sending and receiving from different threads
after handshake is complete cannot take advantage of false start because
gnutls_record_send2() detects operations during the handshake process
as invalid.
Because in early start and false start the remaining handshake process needs
only to receive data, and the sending side is already set-up, this error
detection is bogus. With this patch we remove it.
Resolves: #713
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 23 18:57:09 2019 +0100
doc: added more information on operation under multiple threads
Relates: #713
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Mar 1 20:13:38 2019 +0100
Update ./bootstrap from latest gnulib
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 27 10:01:47 2019 +0100
Clarifications on AEAD ciphers
Relates: #716
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 27 09:29:04 2019 +0100
Improve documentation for gnutls_cipher_get_iv_size
This clarifies what is returned and what is to be expected on algorithms
with variable IV sizes.
Resolves: #717
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 26 15:42:01 2019 +0100
pkcs11: clarify GNUTLS_PKCS11_TOKEN_MODNAME presence [ci skip]
Resolves: #633
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 26 15:21:48 2019 +0100
cppcheck: suppress warning on nettle code [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sat Feb 23 18:43:49 2019 +0100
gnutls-cli: fix --benchmark-ciphers type overflow
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 23 21:19:06 2019 +0100
_gnutls_recv_handshake: added explicit sanity checks
Although, this function acts on the message provided as expected and thus
it should never call a message parsing function on unexpected
messages, we make a more explicit sanity check. This unifies the
sanity checks existing within the involved functions.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Feb 12 15:20:23 2019 +0100
gnutls_x509_crt_init: Fix dereference of NULL pointer
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Feb 12 15:14:07 2019 +0100
Remove redundant resets of variables after free()
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Feb 12 15:09:11 2019 +0100
Automatically NULLify after gnutls_free()
This method prevents direct use-after-free and
double-free issues.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Feb 19 13:56:35 2019 +0100
tlsfuzzer: update to the latest upstream for downgrade protection tests
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Feb 9 10:26:56 2019 +0100
ext/supported_versions: regenerate server random
This adds a call to _gnutls_gen_server_random() in handling the
"supported_versions" extension, so that the TLS 1.3 downgrade sentinel
is set only when the earlier versions are selected.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Feb 5 11:01:20 2019 +0100
Update ax_code_coverage.m4 to latest release of autoconf-archive
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
Date: Thu Feb 21 14:49:36 2019 +0100
lib: x509: Minor directory browsing simplification
Signed-off-by: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
Author: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
Date: Mon Feb 18 14:41:56 2019 +0100
Revert "Revert "verify-high2: Fix cert dir iteration on Win32""
This reverts commit 681330882da19099eea360fab141cab937c45677.
Signed-off-by: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
This revert also contains the fix to the original commit (invalid
utf8->utf16 conversion) and a minor simplification of the _treaddir loop.
Author: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
Date: Mon Feb 18 17:12:54 2019 +0100
iconv: Allow _gnutls_utf8_to_ucs2 to output little endian
Signed-off-by: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
Author: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
Date: Mon Feb 18 09:37:04 2019 +0100
lib: Provide _Thread_local on MSVC
Signed-off-by: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon Feb 18 21:38:38 2019 +0100
Add test for starttls XMPP
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed Feb 6 11:30:06 2019 +0100
gnutls-cli: Fix --starttls-proto=xmpp
Fixes two issues with gnutls-cli --starttls-proto=xmpp:
1. Print 'Timeout' on timeout instead of random errno message
2. Do not wait for linefeed when using XMPP (XML)
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon Feb 18 15:38:56 2019 +0100
check_if_signed: Get source branch if not set
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: R. Andrew Bailey <bailey@akamai.com>
Date: Thu Feb 14 09:38:33 2019 -0500
tests: wrap ADD_SYSCALL for getrandom in test for SYS_getrandom
Signed-off-by: R. Andrew Bailey <bailey@akamai.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Feb 8 14:46:33 2019 +0100
gnutls_record_set_max_size: make it work on server side
The record_size_limit extension can also be specified by the server to
indicate the maximum plaintext. Also add test cases for asymmetric
settings between server and client.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Jan 31 13:39:35 2019 +0100
tlsfuzzer: update to the latest upstream for record_size_limit test
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Feb 8 13:22:13 2019 +0100
ext/record_size_limit: account for content type octet in TLS 1.3
In TLS 1.3, the protocol maximum of plaintext size is 2^14+1, while
it is 2^14 in TLS 1.2. To accommodate that, this introduces the
following invariant:
- when the maximum is set by the user with
gnutls_record_set_max_size(), store it as is. The value range is
[511, 16834].
- when the maximum is negotiated through record_size_limit extension,
it can be [512, 16385]. In TLS 1.3, subtract by 1 to fit in [511,
16384].
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Jan 31 16:56:55 2019 +0100
decrypt_packet_tls13: add check for max plaintext size
There is check in _gnutls_recv_in_buffers already, but for TLS 1.3 we
need to take account of the padding.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jan 25 17:00:44 2019 +0100
record: reject too large plaintext after decryption
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jan 30 16:45:08 2019 +0100
constate: reset max_record_recv_size upon renegotiation
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jan 30 10:21:07 2019 +0100
session_pack: reset max_record_recv_size when packing
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Jan 17 11:53:35 2019 +0100
ext/record_size_limit: don't confuse with negotiated/user-supplied maximum
As documented in gnutls_int.h, max_record_send_size is for tracking
the user-supplied maximum, while max_record_recv_size for the
protocol negotiated maximum.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Jan 20 09:18:21 2019 +0100
ext/max_record: server shouldn't send it with record_size_limit
Otherwise, the connection will be disconnected by the client, as
suggested in RFC: A client MUST treat receipt of both
"max_fragment_length" and "record_size_limit" as a fatal error, and it
SHOULD generate an "illegal_parameter" alert.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Feb 7 16:28:52 2019 +0100
_gnutls_hello_ext_is_present: don't ignore max_fragment_length
The extension is assigned the internal ID 0.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jan 25 17:04:40 2019 +0100
.dir-locals.el: disable indent-tabs-mode in js-mode
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 14 13:01:34 2019 +0100
bootstrap.conf: do not override GNULIB_SRCDIR
This was not set in all of our CI platforms, and was causing
issues in MacOSX.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 11 09:18:46 2019 +0100
x509: corrected issue in the algorithm parameters comparison
Each certificate has two fields to set the signature algorithm
and parameters used for the digital signature. One of the fields is
authenticated and the other is not. It is required from RFC5280 to
enforce the equality of these fields, but currently due to an issue
we wouldn't enforce the equality of the parameters fields. This
fix corrects the issue.
We also move an RSA-PSS certificate in chainverify that was relying
on invalid parameters, to this set of invalid certificates.
Resolves: #698
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 13 07:54:59 2019 +0000
tests: added further checks for gnutls_pkcs11_token_get_info
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Jan 29 16:10:59 2019 +0100
Fix uninitialized warning in pkcs11.c
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed Feb 13 17:22:21 2019 +0100
Cleanup lib/auth/cert.c as suggested by cppcheck
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon Feb 11 10:41:47 2019 +0100
Fix 32bit overflow issue in src/serv-args.def
Fixing this warning seen on 32bit architectures:
serv-args.c: In function 'doOptMaxearlydata':
serv-args.c:1431:14: warning: overflow in conversion from 'long long int' to 'long int' changes value from '4294967296' to '0' [-Woverflow]
{ 1, 4294967296 } };
^~~~~~~~~~
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Feb 8 13:03:30 2019 +0100
Remove typedef'ing ssize_t in gnutls.h
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed Feb 6 20:54:45 2019 +0100
Use inet_pton() from gnulib
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 9 10:52:29 2019 +0100
bootstrap: refuse to bootstrap if any dependencies bring gnulib's network stack
If gnulib's network stack is brought (due to a dependency) in the library
it will make the library unusable to non-gnulib using applications. This
prevents windows applications for example to use gnutls, and so on. Even
more it is quite hard to catch that issue because our testsuite uses
gnulib as well. Instead we try to catch the these modules at import time.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed Feb 6 20:35:11 2019 +0100
Use inet_ntop() from gnulib
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Feb 3 12:18:30 2019 +0100
_gnutls_gen_rawpk_crt: corrected the use of assert
The API could return 0 or 1 matching certificates. The case of zero
can only happen in client side.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Feb 3 08:47:50 2019 +0100
raw public keys: apply the key usage bits the same way as X.509
That is, we require a signing certificate when negotiating
TLS1.3, or when sending a client certificate (on all cases).
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 2 09:13:40 2019 +0100
Fallback to TLS 1.2 when incompatible with signature certs are provided
This only takes into account certificates in the credentials structure.
If certificates are provided in a callback, these must be checked by
the provider. For that we assume that the credentials structure is
filled when associated with a session; if not then the fallback mechanism
will not work and the handshake will fail.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 2 07:10:10 2019 +0100
Enforce the certificate key usage restrictions on all cases
That is, we require a signing certificate when negotiating
TLS1.3, or when sending a client certificate (on all cases).
Before we would not perform any checks under TLS1.3 or when client
certificates are sent, assuming that the certificates used will always
be signing ones. However if the user sets up incorrectly a decryption
certificate we would use it for signing. This fix makes sure that an
error is returned early when these scenarios are detected.
Resolves: #690
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon Jan 21 12:54:58 2019 +0100
Fetch OSS-Fuzz corpora much faster [skip ci]
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 4 15:10:19 2019 +0100
.triage-policies.yml: added [ci skip]
This adds a set of policies regarding issues and merge requests
to be enforced by the gitlab-triage bot. That is:
- Issues without any label for more than a month are marked
with needs attention label
- Issues with needinfo label are closed if they are not updated
within a month
- Merge requests marked as WIP with no update within 5 months
are closed.
These rules are not enforced automatically; we have to schedule
a run of the gitlab-triage bot.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sat Feb 2 17:47:48 2019 +0300
build: do not generate mech-list.h if p11-kit is not available
Compiling GnuTLS with no p11-kit installed will result in a serie of
warnings during build time because mech-list.h will be generated even if
pkcs11 tool compilation is disabled. Move mech-list.h generation to
happen only if pkcs11 is enabled, thus removing these warnings.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sat Feb 2 17:32:01 2019 +0300
build: pass NETTLE_LIBS together with HOGWEED_LIBS
libhogweed might depend on exact non-system-wide nettle, so let's pass
NETTLE_LIBS flags together when using HOGWEED_LIBS.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Sat Jan 26 21:44:28 2019 +0100
Add GNUTLS_E_RECEIVED_DISALLOWED_NAME for illegal SNI names
An illegal/disallowed SNI server name previously generated
the misleading message "An illegal parameter has been received.".
This commit changes it to
"A disallowed SNI server name has been received.".
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Jan 30 21:58:34 2019 +0300
lib/nettle: replace nettle-stdint.h with just stdint.h
Nettle library is going to drop nettle-stdint.h. Replace this include
with with just <stdint.h>.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon Jan 28 15:25:30 2019 +0100
Fix 'make glimport' and update CONTRIBUTING.md
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Sun Jan 27 13:59:56 2019 +0200
.gitignore: add test files
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Sun Jan 27 13:17:35 2019 +0200
build: detect previous supported guile
A recent change in the m4 macro of guile enforces latest guile:
---
AC_DEFUN([GUILE_PROGS],
[_guile_required_version="m4_default([$1], [$GUILE_EFFECTIVE_VERSION])"
if test -z "$_guile_required_version"; then
_guile_required_version=2.2
fi
---
The result:
---
checking for guile-snarf... /usr/bin/guile-snarf
checking for guild... /usr/bin/guild
checking for guile-2.2... no
checking for guile2.2... no
checking for guile-2... no
checking for guile2... no
checking for guile... /usr/bin/guile
checking for Guile version >= 2.2... configure: error: Guile 2.2 required, but 2.0.14 found
---
Probably best to specify the supported version explicitly when calling
GUILE_PROGS, to keep existing behavior calling the GUILE_PKG detects the
existing packages.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Jan 25 11:51:56 2019 +0100
Fix unused var warning in guile/src/core.c
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Jan 25 12:26:46 2019 +0100
Fix abi-check failure
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 25 08:32:17 2019 +0100
NEWS: updated
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 25 08:24:21 2019 +0100
src/Makefile.am: remove .bak files before autogenerating
This avoids errors due to files pre-existing but not being
writable.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 25 08:18:01 2019 +0100
bumped versions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 25 08:13:26 2019 +0100
Makefile.am: require guile-2.2 for release
That's because guile.m4 from previous releases has issues
with the latest version.
Resolves: #631
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 24 20:25:59 2019 +0100
priorities: when %NO_EXTENSIONS is specified disable TLS1.3
This makes the behavior of this priority string option well-defined
even when TLS1.3 is enabled.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Andreas Metzler <ametzler@debian.org>
Date: Thu Jan 24 18:48:40 2019 +0100
certtool.1: fix formatting
Apostroph at start of a line is a control character in manpages, avoid
it. Also drop wrong indent.
See https://bugs.debian.org/920215
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jan 23 17:52:47 2019 +0100
tlsfuzzer: update to the latest upstream for record_size_limit tests
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Jan 24 01:57:13 2019 +0300
configure.ac: fix substitution for libatomic
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 23 20:51:11 2019 +0100
.travis.yml: avoid installing submodules
They are not necessary for building and testing the basic
test suite.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 23 20:42:34 2019 +0100
update on "Fix gnutls.pc for multiarch builds"
This replaces LTLIBUNISTRING with LIBUNISTRING in Makefile.am.
The former is no longer produced by configure.ac.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed Jan 23 15:13:12 2019 +0100
set_ciphersuite_list(): Use linear approach to cleanup priorities
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jan 22 15:47:39 2019 +0100
tests: check record_size_limit is reset after resumption
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Jan 19 10:31:52 2019 +0100
constate: don't restore max_record_recv_size from resumed data
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Jan 17 17:50:49 2019 +0100
ext/record_size_limit: mark it as mandatory extension
In a resuming session record_size_limit is always renegotiated, and
thus the server should parse the extension always.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Jan 17 11:52:50 2019 +0100
ext/record_size_limit: reject too large extension payload
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jan 5 14:12:46 2019 +0100
gnutls-serv: improvements in UDP server
This modifies the server to deinitialize the session after use
(avoiding leaks), and to only send the hello verify request when
a client hello is seen.
This also adds a basic unit test of gnutls-serv with the --udp option.
Resolves #632
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Date: Wed Jan 23 13:36:23 2019 +0100
configure.ac: add comment for -latomic
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 23 08:42:54 2019 +0100
tests: added tests for multiple ticket reception
This introduces tests for the reception (parsing) of multiple tickets
by a gnutls client. It uses the tlslite-ng server because unlike a gnutls
server, tlslite-ng does send multiple tickets in a single record. That
way we test that we can parse both ways of sending tickets.
Resolves: #511
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed Jan 23 11:45:39 2019 +0100
Update gnulib
Closes #653 (printf %n crashes on Android)
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 21 20:53:06 2019 +0100
gnutls_alert_send_appropriate: do not send alert to peer on all errors
That is, do not send alerts for success, or for errors indicating that
an alert has been received. This changes the documented function behavior
but does not break any existing caller expectations.
Relates: #672
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 21 20:33:00 2019 +0100
gnutls_pkcs11_privkey_import_url: enable RSA-PSS only when an RSA key can sign
In gnutls_pkcs11_privkey_import_url() we only enabled RSA-PSS functionality to
the key if the CKM_RSA_PKCS_PSS mechanism is available to the token. However,
if the specific key is not marked for use with digital signatures (CKA_SIGN
set), then we may have still ended-up using it and fail when using it. We
now test whether CKA_SIGN is set prior to enabling such keys for PSS.
Resolves: #667
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 21 20:56:10 2019 +0100
alert: associate unsupported curve alerts with handshake failure
Resolves: #672
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu Jan 10 14:53:32 2019 +0100
Check for Signed-off-by: in CI
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Sun Jan 20 12:00:07 2019 +0100
Avoid excessive CPU usage in gnutls_idna_map()
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Sat Jan 19 18:19:42 2019 +0100
Fix uninitialized variable in tests/x509dn.c
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Sat Jan 19 18:04:31 2019 +0100
crypto-selftests.c: Fix checking return value
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 11 07:23:40 2019 +0100
auto-generate the AUTHORS file
The original file was unmaintained since long time. This is now
auto-generated from the git shortlog, at release time.
Relates: #606
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Date: Thu Jan 17 13:24:04 2019 +0100
configure.ac: check if libatomic is needed
gnutls source code uses the C++11 <atomic> functionality since
https://github.com/gnutls/gnutls/commit/7978a733460f92b31033affd0e487c86d66c643d,
which internally is implemented using the __atomic_*() gcc built-ins
On certain architectures, the __atomic_*() built-ins are implemented in
the libatomic library that comes with the rest of the gcc runtime. Due
to this, code using <atomic> might need to link against libatomic,
otherwise one hits build issues such as:
../lib/.libs/libgnutls.so: undefined reference to `__atomic_fetch_sub_4'
on an architecture like SPARC.
To solve this, a configure.ac check is added to know if we need to
link against libatomic or not. The library is also added to gnutls.pc.
Fixes:
- http://autobuild.buildroot.org/results/6c749bd592ceffeacadd2ab570d127936cce64b2
- http://autobuild.buildroot.org/results/30aa83d3cf3482af8a59250c196c85f4a278d343
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu Jan 17 10:22:45 2019 +0100
Fix gnutls.pc for multiarch builds
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 14 10:56:27 2019 +0100
certtool: data encipherment is disabled by default
For the TLS protocol this option is not necessary, and if enabled
by mistake (as default) and no other option is set, then the
generated key will be unusable. Thus we disable it, to generate
working keys by default.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 10 19:23:12 2019 +0100
.travis.yml: use ./bootstrap instead of make autoreconf
The latter is no longer available after the removal of
GNUMakefile.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 10 07:56:17 2019 +0100
The flag %NO_EXTENSIONS is disabling extension support while being functional
That is, the %NO_EXTENSIONS option is the only documented way to disable
extensions completely from a session. Clarify that message, mention that
its behavior is undefined when combine with TLS1.3, and make sure that it
is functional. The latter makes sure that safe renegotiation and extended
master secret extensions remain disabled when this flag is given.
That simplifies testing certain scenarios under TLS1.0 or TLS1.1 when
no extensions must be used.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 8 12:26:19 2019 +0100
When sending no extensions do not include a zero length
According to RFC5246:
The presence of extensions can be detected by determining whether
there are bytes following the compression_method field at the end of
the ServerHello.
and as such we correct our behavior to not send the zero length bytes.
This was our behavior in 3.5.x and 3.3.x branch, and thus this corrects
a regression of gnutls with these branches.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 8 19:37:49 2019 +0000
Avoid calling sign_algorithm_get_name() when we already have pointer to the algorithm.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jan 2 13:21:49 2019 +0100
tls-sig: check RSA-PSS signature key compatibility also in TLS 1.2
This extends commit 51d21634 to cover the optional TLS 1.2 cases,
which RFC 8446 4.2.3 suggests: "Implementations that advertise support
for RSASSA-PSS (which is mandatory in TLS 1.3) MUST be prepared to
accept a signature using that scheme even when TLS 1.2 is negotiated".
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jan 8 18:09:29 2019 +0100
tlsfuzzer: update to the latest upstream for the TLS 1.2 CV tests
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jan 8 18:06:17 2019 +0100
alert: map GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM to illegal_parameter
This alert is more appropriate according to the tlsfuzzer test:
https://github.com/tomato42/tlsfuzzer/commit/4b6a4aa8b00cf3f3bcb2388d1bfdad985610ed1d
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jan 8 14:40:25 2019 +0100
Revert "build: remove src/*.bak from distribution"
This reverts commit 9ba397aa841730e4824d2bf8537aa15e711ad9b3, as it
turned out to be not practical. See !862 for the discussion.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 8 12:07:00 2019 +0100
_gnutls_hello_ext_set_datum: removed unnecessary remark [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Maks Naumov <maksqwe1@ukr.net>
Date: Tue Jan 8 00:05:23 2019 +0200
Fix _gnutls_write_new_general_name() result checking
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Mon Jan 7 17:46:10 2019 +0200
build: install all m4 macros
having all m4 macros in m4/ directory enables easier autoreconf process for
downstream as dependency programs that provide these macros are not required.
both gtk-doc and guile requires huge dependency list, and currently are
required per any change (patch) in autotools.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jan 2 13:44:50 2019 +0100
ext/pre_shared_key: avoid unnecessary use of VLA for MSVC
Suggested by Gisle Vanem in:
https://github.com/gnutls/gnutls/commit/fd8c1ec8fe155861dffa28811127f101b6697b4b#r31802648
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Jan 4 09:47:24 2019 +0100
Fix typos in lib/
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu Jan 3 16:36:17 2019 +0100
Unroll MinGW CI runner commands
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 3 09:51:34 2019 +0100
tests: treat all signals as error
Previously we were only treating SIGSEGV as error though there is
no reason to treat other signals as success and they may hide an
actual error case (e.g., when SIGPIPE is received). With this change we
treat any signals received by the child except SIGTERM as error, and
we ensure that SIGPIPE is ignored in all tests.
This also updates tests/slow/cipher-api-test.c to test failures with
SIGABRT or otherwise consistently.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 4 14:48:26 2019 +0100
Revert "verify-high2: Fix cert dir iteration on Win32"
This was failing CI (x509cert-tl) but was not detected due to
a bug.
This reverts commit 362a0c30b79ccede7e5bc3a7747c3e7f1d30889a.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Marga Manterola <marga@google.com>
Date: Thu Jan 3 17:57:29 2019 +0000
Fix typo when checking for ed25519 support
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Jan 1 14:26:04 2019 +0100
Fix typos in doc/
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 3 09:13:56 2019 +0100
_gnutls13_handshake_sign_data: properly fail on signing error
When signing failed, gnutls would return an invalid signed message
(with no data) instead of failing.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed Jan 2 10:29:48 2019 +0100
Fix 'make distcheck'
The following error will be fixed:
ERROR: files left in build directory after distclean:
./tests/softhsm-privkey-eddsa-test.config
make[1]: *** [Makefile:1833: distcleancheck] Error 1
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed Jan 2 10:22:26 2019 +0100
Remove auto-generated gnulib files from repo
Bootstrapping with latest gnulib updated both files,
so they are obviously auto-generated files which do not
belong into the repository.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed Jan 2 10:02:11 2019 +0100
Update required autoconf version to 2.63
This fixes the bootstrap error with the latest gnulib:
gnulib/gnulib-tool: *** minimum supported autoconf version is 2.63. Try adding AC_PREREQ([2.63]) to your configure.ac.
gnulib/gnulib-tool: *** Stop.
./bootstrap: gnulib-tool failed
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed Jan 2 09:56:42 2019 +0100
Update gnulib
This fixes the following 'make syntax-check' failure:
maint.mk: out of date copyright in ./gnulib/lib/version-etc.c; update it
make: *** [maint.mk:1199: sc_copyright_check] Error 1
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed Jan 2 09:49:19 2019 +0100
Update copyright year in doc/gnutls.texi
This fixes the following error of 'make syntax-check':
maint.mk: out of date copyright in doc/gnutls.texi; update it
make: *** [maint.mk:1201: sc_copyright_check] Error 1
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 30 16:25:08 2018 +0100
examples: ignore GNUTLS_E_AGAIN or INTERRUPTED errors
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 30 16:00:43 2018 +0100
examples: use a valid DNS name
This prevents a gnutls server from sending an unexpected message
alert due to invalid DNS name encoding, if the example is not modified.
Resolves: #663
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Sat Dec 29 19:16:57 2018 +0100
Fix OSS-Fuzz build
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Dec 25 14:44:11 2018 +0300
tests: cipher-openssl-compat: don't call EVP_CIPHER_CTX_init()
There is no need to call EVP_CIPHER_CTX_init() after
EVP_CIPHER_CTX_new().
Fixes #658
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Dec 25 14:43:56 2018 +0300
tests: cipher-openssl-compat: don't fail if OpenSSL doesn't provide cipher
LibreSSL does not provide ChaCha20-Poly1305 through EVP_CIPHER
interface, so let's skip the test if cipher is not available.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 20 17:49:21 2018 +0100
gnutls_pubkey_import_ecc_raw: set the public key bits
This sets the number of key bits once an ECC key is imported.
Resolves #640
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 21 07:58:24 2018 +0100
GNUTLS_X509_NO_WELL_DEFINED_EXPIRATION: deprecated
This removes the documented use of this macro. It was non-functional.
Given the nature of the definition of the non-well defined date for
certificates, it may be wise not to use a special macro at all. The
reason is that the no-well defined date is a real date (~year 9999),
and any approximation with seconds will be unstable due to irregular
leap seconds.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 21 07:54:40 2018 +0100
gnutls-cli-debug: removed unused variable
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
Date: Mon Dec 17 11:37:12 2018 +0100
win32: Check that CertOpenStore is behaving as CertOpenSystemStore
The test isn't located in tests/windows since we need the actual
libcrypt32 implementations.
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu Dec 20 16:33:34 2018 +0100
testrandom.sh: Fix endless loop
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 19 09:41:41 2018 +0100
vasprintf: use from gnulib; don't bundle twice
Relates #653
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
Date: Thu Dec 13 17:31:29 2018 +0100
win32: Use CertOpenStore instead of CertOpenSystemStore
CertOpenSystemStore is not available when building for windows store.
Both functions are available since windows XP, so there is no
compatibility change.
CertOpenSystemStore documentation states "Only current user certificates
are accessible using this method, not the local machine store." hence we
pass CERT_SYSTEM_STORE_CURRENT_USER.
We also use the wide chars variants, in the event the ansi ones are
silently rejected by windows store applications (which is not
documented, but which I strongly suspect)
This is equivalent to Wine's implementation of CertOpenSystemStore:
https://github.com/wine-mirror/wine/blob/master/dlls/crypt32/store.c#L904
Author: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
Date: Tue Dec 4 15:18:36 2018 +0100
keys-win: Disable private key import on windows store
Windows store drastically limits the available functions.
In this case, at least CryptSetProvParam and the NCrypt* functions
can't be used
Signed-off-by: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
Author: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
Date: Tue Dec 4 13:22:52 2018 +0100
verify-high2: Fix cert dir iteration on Win32
And especially when building for windows store, which only allows
unicode version of opendir & friends functions.
Author: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
Date: Tue Dec 4 11:53:48 2018 +0100
lib: Don't hardcode LoadLibraryA
Those functions are forbidden when building for Windows Store
Signed-off-by: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Dec 18 16:27:29 2018 +0100
.gitlab-ci.yml: Remove assert in gl/tests/test-strerror.c
A bug made our CI cross builds fail.
See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916779
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Nov 16 16:22:10 2018 +0100
tests/cert-tests/certtool-eddsa: Increase portability (fix for busybox)
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Nov 16 16:20:17 2018 +0100
tests/cert-tests/certtool: SKIP if --disable-bash-tests was given
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Nov 16 16:13:31 2018 +0100
tests/cert-tests/pkcs12-utf8: Use /bin/sh instead of bash
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Nov 16 16:12:31 2018 +0100
tests/cert-tests/pkcs12-corner-cases: Increase portability (fix for busybox)
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Nov 16 16:11:53 2018 +0100
tests/cert-tests/certtool-ecdsa: Increase portability (fix for busybox)
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Nov 16 16:06:18 2018 +0100
tests/cert-tests/pem-decoding: Increase portability (fix for busybox)
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Nov 16 13:28:26 2018 +0100
tests/cert-tests/certtool-crl-decoding: Increase portability (fix for busybox)
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Nov 16 12:34:01 2018 +0100
tests/long-crl.sh: Increase portability (fix for busybox)
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Nov 16 12:14:27 2018 +0100
tests/gnutls-cli-debug.sh: Remove bashisms
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Nov 23 19:58:49 2018 +0100
tests/scripts/common.sh: Add check_if_equal()
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Nov 16 12:08:06 2018 +0100
tests/scripts/common.sh: Make random port value work on busybox
On busybox 'date +%N' returns an empty value.
On 'dash' (Debian shell) $RANDOM doesn't work.
This commit works first tries $RANDOM and then falls back to 'date +%N'.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Dec 15 22:14:18 2018 +0100
doc: minor fixes [ci skip]
Created NEWS entry for 3.6.6 and unified the listing of gnutls_init_flags_t
items.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Peter Wu <peter@lekensteyn.nl>
Date: Sat Dec 15 22:01:10 2018 +0100
pkcs11: fix memleak in gnutls_pkcs11_token_get_ptr
find_token_modname_cb uses p11_kit_config_option to retrieve the module
name, but its return value (stored in tn.modname) must be freed.
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Sat Aug 26 14:22:44 2017 +0200
Implemented support for raw public-key functionality (RFC7250).
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Author: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
Date: Thu Dec 13 11:00:03 2018 +0100
configure.ac: Always enable unicode support on windows
Author: Peter Wu <peter@lekensteyn.nl>
Date: Thu Nov 29 18:21:22 2018 +0100
pkcs11: fix memleak when querying for GNUTLS_PKCS11_TOKEN_MODNAME
find_token_modname_cb uses p11_kit_config_option to retrieve the module
name, but its return value must be free'd.
Other fixes:
- Do not silently truncate the output buffer, return an error instead.
- If the module name is unavailable, do not write "(null)" to the
output. Write an empty string instead.
- The module path can be of arbitrary length, so passing output=NULL to
learn the length seems reasonable, except that snprintf crashed on a
NULL pointer dereference.
Fixes: 241f9f0b1 ("Added GNUTLS_PKCS11_TOKEN_MODNAME for gnutls_pkcs11_token_get_info")
Signed-off-by: Peter Wu <peter@lekensteyn.nl>
Author: Peter Wu <peter@lekensteyn.nl>
Date: Thu Nov 29 18:43:39 2018 +0100
pkcs11: clarify gnutls_pkcs11_*_get_info output_size
It was not clear whether @output_size contains the actual string length
or the buffer length (including null terminator).
Signed-off-by: Peter Wu <peter@lekensteyn.nl>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu Nov 15 10:44:20 2018 +0100
build: remove src/*.bak from distribution
Instead, include the autogen-generated *.c, *.h and the stamp files in
the distribution.
To prevent the bundled files being linked with incompatible autogen
libopts, this adds an extra check in configure. If the detected
system libopts version is too old, it will use the included libopts
implementation.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 12 09:48:01 2018 +0100
GNUTLS_PCERT_NO_CERT: marked as unused/ignored
This flag was already a no-op.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 11 09:34:22 2018 +0100
srp/psk: update recommendations for usernames [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 12 06:15:25 2018 +0100
doc: include PSK examples into documentation
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Dec 6 14:59:30 2018 +0100
tlsfuzzer: update to the latest upstream to eanble CCS tests
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Dec 4 17:15:02 2018 +0100
Fix gnutls_handshake_set_timeout() for values < 1000
handshake-timeout.c now tests for <1000ms timeout and for >=1000ms
timeout. The test duration decreased from 45s to 1.2s.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Nov 22 14:59:11 2018 +0100
record: make CCS handling stricter in TLS 1.3
In TLS 1.3, the change_cipher_spec messages received under the
following conditions should be treated as unexpected record type:
containing value other than 0x01, or received after the handshake.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 5 14:44:23 2018 +0100
bootstrap: only update the required submodules for building
Although we have few submodules they are not all required for
building and testing. This patch modified bootstrap.conf not
to update all of them, but only the necessary for building and
testing.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sat Dec 1 13:26:20 2018 +0100
Fix error message on old or missing nettle.
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Dec 1 06:04:45 2018 +0100
released 3.4.1
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Simo Sorce <simo@redhat.com>
Date: Wed Oct 3 13:12:38 2018 -0400
Constant time/cache PKCS#1 RSA decryption
This patch tries to make the code have the same time and memory access
aptterns across all branches of the decryption function so that timining
or cache side channels are minimized or neutralized.
To do so it uses a new nettle rsa decryption function that is
side-channel silent.
Signed-off-by: Simo Sorce <simo@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 28 16:00:34 2018 +0100
Added test about rsa decryption under pkcs11
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 30 10:28:28 2018 +0100
gnutls_x509_crt_set_expiration_time: fixed documentation [ci skip]
Fixed the documentation of the function to reflect reality.
This function did not accept the GNUTLS_X509_NO_WELL_DEFINED_EXPIRATION
macro.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 30 08:49:50 2018 +0100
NEWS: updated [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 30 08:44:35 2018 +0100
bumped version
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Nov 29 06:05:22 2018 +0300
tests: attempt to fix test errors on Mac OS X
It looks like Mac OS X's grep has issues with applying basic regexps
with alternation operator inside. Use several grep calls in pipeline to
achieve the same result.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Nov 28 23:39:32 2018 +0300
travis: print logs for all failed tests
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Nov 28 14:10:35 2018 +0300
lib: fix pkcs11 using defines from PKCS#11 3.0 for EdDSA
pkcs11 support code uses several definitions from forthcoming PKCS#11
standard version. Older p11-kit versions do not provide these
definitions. Detect and disable code supporting EdDSA if compiling
GnuTLS with older p11-kit library.
Closes #626
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Fixes: 88377775a3eff679a9ec60ab9bfc6b3c683a0407
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 28 20:08:29 2018 +0100
CONTRIBUTING.md: specify rules for static/inline functions [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 22 17:36:17 2018 +0100
CONTRIBUTING.md: proposal for new features/modifications approach [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 21 21:09:33 2018 +0100
CONTRIBUTING.md: added proposal on commenting style [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Nov 28 16:03:59 2018 +0300
tests: fix crl test under MinGW32/64
Use --outfile instead of output redirection to stop CR from sneaking
into temp file. Extra CR symbols make grep choke on that file.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Stephan Mueller <smueller@chronox.de>
Date: Tue Nov 27 22:27:26 2018 +0100
DRBG: Use ACVP validated test vector in self test
Due to removing all of the FIPS 140-2 continuous self test leftovers,
the DRBG test vector must be updated as the very first DRBG block is not
dropped any more.
The test complies with the CAVP test definition specified in "The
NIST SP 800-90A Deterministic Random Bit Generator Validation
System (DRBGVS)" section 6.2.
The test vector is obtained during a successful trial run using the
NIST ACVP server. The following registration was used to generate the
test vector:
{
"algorithm":"ctrDRBG",
"prereqVals":[
{
"algorithm":"AES",
"valValue":"same"
}
],
"predResistanceEnabled":[
false
],
"reseedImplemented":true,
"capabilities":[
{
"mode":"AES-256",
"derFuncEnabled":false,
"entropyInputLen":[
384
],
"nonceLen":[
0
],
"persoStringLen":[
0,
256
],
"additionalInputLen":[
0,
256
],
"returnedBitsLen":512
}
]
},
Signed-off-by: Stephan Mueller <smueller@chronox.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 27 13:47:46 2018 +0100
Fix session description info printing
This fixes a truncation issue in session description information printing
for certain ciphersuites, and adds a limited testing of expected description
strings for certain ciphersuites.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 20 11:30:22 2018 +0100
Prevent applications from combining legacy versions of TLS with TLS1.3
It can happen that an application due to a misconfiguration, enables TLS1.3
in combination with TLS1.0 or TLS1.1 only. In that case a server which is
unaware of the TLS1.3 protocol will reply by selecting the TLS1.2 protocol
instead and that answer will be rejected by the client. With this change
we ensure that TLS1.3 is not enabled in these problematic scenarios.
Resolves: #621
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Nov 21 18:35:07 2018 +0300
cert-tests: verify --no-text switch for pkcs7/pkcs12 info
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Nov 16 03:46:52 2018 +0300
certtool: don't output textual information if --no-text was given
Disable text output if --no-text option was given for --p7-info and
--p12-info.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Nov 21 20:05:20 2018 +0300
certtool: don't output pkcs12 information to stderr
Print all pkcs12-info output to outfile, rather than stderr.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Nov 21 18:35:07 2018 +0300
cert-tests: verify --no-text switch for cert/crq/pub/privkeys
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Nov 16 03:46:52 2018 +0300
certtool: don't output textual information if --no-text was given
Change privkey/certificate/CRL/CSR handling to disable text output if
--no-text option was given.
Closes #487
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Stefan Berger <stefanb@linux.ibm.com>
Date: Mon Nov 19 11:47:45 2018 -0500
tests: tpm: Use kill_proc to terminate a process
Use kill_proc to terminate a process by first sending it SIGTERM,
waiting max. 1 second and then use SIGKILL.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Author: Stefan Berger <stefanb@linux.ibm.com>
Date: Mon Nov 19 11:19:53 2018 -0500
tests: tpm: Redirect help screen output to stdout
The dash shell doesn't seem to understand &>/dev/null, so use
>/dev/null to quiet down the help screen check.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Nov 24 16:59:12 2018 +0100
doc: suggest to check max_early_data_size before sending early data
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Nov 22 14:59:54 2018 +0100
tests: resume: suppress compiler warnings
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Stephan Mueller <smueller@chronox.de>
Date: Sun Nov 25 13:46:44 2018 +0100
DRBG: Remove all traces of FIPS 140-2 continuous self test
The removal allows the CAVS / ACVP test required for a successful FIPS
140-2 validation to pass.
Signed-off-by: Stephan Mueller <smueller@chronox.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Nov 22 15:04:00 2018 +0100
.gitignore: ignore more files and sort them alphabetically
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Sat Nov 24 15:58:48 2018 +0100
bootstrap.conf: add "autogen" to buildreq
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Nov 24 15:57:11 2018 +0100
build: fix srcdir detection when VPATH build
Unlike the ".c.c.bak:" and ".h.h.bak:" rules, ".def.stamp:" needs this
adjustment because the source files (*.bak) are not provided as $<.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sat Nov 24 16:00:48 2018 +0100
tests: remove unnecessary session creation in tls13/anti_replay
This test only checks the behavior of _gnutls_anti_replay_check, thus
session is not needed at all.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 21 21:09:55 2018 +0100
doc: corrected typos [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 19 14:16:50 2018 +0100
tests: added test for RSA decryption under gnutls_privkey_import_ext4
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 19 14:07:39 2018 +0100
crypto-self-tests-pk: added RSA-PSS sign/verify tests
This also corrects the GOST R 34.10-2012-512-TC26-512-A self
test.
Relates: #597
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 16 21:04:49 2018 +0100
tests: added TLS1.3 tests for PKCS#11 and external key types
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Simo Sorce <simo@redhat.com>
Date: Thu Oct 25 10:03:01 2018 -0400
Add support for EDDSA/Ed25519 object support via PKCS#11
Tested with softHSM 2.5.0
Resolves #417
Signed-off-by: Simo Sorce <simo@redhat.com>
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Simo Sorce <simo@redhat.com>
Date: Thu Oct 25 10:44:14 2018 -0400
Fix RSA-PSS tests to properly return skip value
Signed-off-by: Simo Sorce <simo@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 18 20:22:08 2018 +0100
gnutls_certificate_type_get*: updated documentation to list limitations
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 19 06:50:55 2018 +0100
tests: resume: use spaces around '?' and ':' according to coding style
Also set a link to the kernel coding style in CONTRIBUTIONS.md
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 14 15:20:08 2018 +0100
gnutls_certificate_type_get*: ensure that the default type is returned
That is, ensure that unless we negotiate something else than
X509, the default certificate type is returned to applications.
Previously we wouldn't do that for TLS1.3 resumed sessions, and
we would return zero (invalid type) instead.
That addresses issues with applications checking explicitly
for X509 certificate type being present.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Nov 16 16:13:31 2018 +0100
tests/tls13-early-data: check if max_early_data_size is advertised
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Nov 16 14:25:49 2018 +0100
serv: add --maxearlydata option
Also exercise this in testcompat-tls13-openssl.sh.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Nov 18 05:47:08 2018 +0100
record: gnutls_record_send_early_data: check the upper limit
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Nov 16 16:12:13 2018 +0100
tls13/session_ticket: fix "max_early_data_size" extension handling
session->security_parameters.max_early_data_size is initially set to 0.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Nov 17 19:30:20 2018 +0100
update documentation on GNUTLS_AUTO_REAUTH and gnutls_record_get_direction [ci skip]
That clarifiesthe intention, and adds warning of using this flag when
multiple threads are involved. Based on suggestion by Michael Catanzaro.
Relates: #615
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 16 21:16:33 2018 +0100
.gitlab-ci.yml: run coverage build over fedora
This will include the TPM subsystem in the coverage report.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Stefan Berger <stefanb@linux.ibm.com>
Date: Fri Nov 16 10:47:23 2018 -0500
tests: tpm: Extend test case to not use --register
Extend the tpmtool test case to also test without the --register
parameter.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Author: Stefan Berger <stefanb@linux.ibm.com>
Date: Wed Nov 14 10:07:08 2018 -0500
tests: tpm: Add a test case for tpmtool
This test case exercises tpmtool and uses certtool to create a
self-signed certificate with the TPM. It uses swtpm as TPM emulator and
configures tcsd to talk to swtpm.
Extend the Readme.md with the packages needed for TPM support and TPM test
support.
This test case needs to be run as root since tcsd needs to be started
as root.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Author: Stefan Berger <stefanb@linux.ibm.com>
Date: Fri Nov 16 06:48:01 2018 -0500
.gitlab-ci.yml: copy the log files of minimal.Fedora to the gitlab server
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Author: Stefan Berger <stefanb@linux.ibm.com>
Date: Thu Nov 15 19:55:02 2018 -0500
lib: tpm: Fix a memory leak
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Nov 16 03:38:38 2018 +0300
doc: mention GOST private key unmasking and additional format support
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Nov 13 11:25:17 2018 +0300
cert-tests: test parsing and decoding of GOST private keys
Add a test for parsing and decoding GOST private keys in different
formats, incuding encrypted keys.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Nov 13 11:23:37 2018 +0300
certtool: support --pkcs-cipher none
If password is specified on command line currently certtool will always
output encrypted pkcs8 file. Add `--pkcs-cipher none' allowing one to
force certtool to output unencrypted private keys.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Nov 13 03:02:35 2018 +0300
nettle/gost: gostdsa: use size_t instead of mp_limb_t
Use size_t for size variables instead of mp_limb_t (data type rather
than size type).
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Nov 13 02:48:05 2018 +0300
pkcs8: support GOST keys without encapsulation
Add support for yet another representation of GOST private keys:
LE-formatted number encoded into pkcs-8-PrivateKeyInfo.privateKey
without any additional encapsulation.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Nov 13 02:47:39 2018 +0300
nettle: unmaks GOST private keys if necessary
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Nov 13 02:45:18 2018 +0300
nettle/gost: support GOST key unmasking
New Russian reccomendation defines 'key masking' in the form of
several concatenated numbers, which must be multiplied modulo Q to get
private key.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Stefan Berger <stefanb@linux.ibm.com>
Date: Thu Nov 15 12:43:01 2018 -0500
tpmtool: Fix a memory leak related to TPM key list
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 15 16:03:38 2018 +0100
updated auto-generated-files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 14 13:56:52 2018 +0100
anti_replay: moved new add function into anti_replay structure
The new function was not sharing anything with the existing
gnutls_db_* backend, and moving it to anti_replay structure
is more clean and allows for deviations from the old API
conventions (e.g., now we can pass pointers for efficiency
and pass the expiration time as part of the call).
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 13 22:49:26 2018 +0100
_gnutls_x509_read_eddsa_pubkey(): sanity check the input values
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 13 09:24:06 2018 +0100
gnutls_x509_privkey_import_ecc_raw(): fail on invalid sizes
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 11 08:25:56 2018 +0100
tests: verify whether certificate request levels behave consistently
This verifies whether the behavior of GNUTLS_CERT_IGNORE, GNUTLS_CERT_REQUEST
and GNUTLS_CERT_REQUIRE is consistent accross protocols.
Relates #615
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 11 08:52:13 2018 +0100
doc: minor updates in elliptic curve documentation
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 14 13:42:01 2018 +0100
tests: added a test for detecting duplicate early data
Resolves #610
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Nov 14 01:43:05 2018 +0300
tests: add testfile from RFC4134 Section 4.5
Add test example demonstrating indefinite-length BER encoding of PKCS#7
data.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Nov 12 03:34:31 2018 +0300
pkcs7: allow BER encoding when parsing encapContentInfo.eContent
CMS specification explicitly allows BER encoding in CMS files. RFC 4134
example 4.5 uses BER indefinite encoding.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Nov 14 01:49:08 2018 +0300
configure.ac: drop obsolete info line
Since 4b567871 there is no `ac_enable_session_tickets` variable, so
let's drop obsolete remnants.
Closes #616
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Noted-by: Dilyan Palauzov
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Nov 13 10:07:09 2018 +0100
build: minor cleanup of mech-list.h generation
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Nov 13 10:02:17 2018 +0100
README-ci.freebsd.md: require autogen
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Nov 12 13:41:19 2018 +0100
build: remove autogen .bak files from the repository
While the .bak files are necessary for not requiring autogen on
deployment environment, they are not needed for development and may
cause conflict when other developers use different version of
autogen. This removes those files from the repository and require
autogen at make dist time.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Nov 12 15:48:44 2018 +0100
build: use suffix rules for generating .bak files
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Nov 12 15:48:14 2018 +0100
build: use AM_MISSING_PROG for autogen
That makes error message more friendly when autogen is not installed
on developing environment.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Stefan Berger <stefanb@linux.ibm.com>
Date: Mon Nov 12 09:20:44 2018 -0500
tpm: Fix memory leak in encode_tpmkey_url
When returning the key URL in encode_tpm_key_url we do not need to allocate
a separate buffer for the URL since we return the allocated buffer from
_gnutls_buffer_to_datum().
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Oct 15 13:35:43 2018 +0200
doc: mention 0-RTT
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Oct 21 07:34:07 2018 +0200
serv: enable anti-replay when early data is used
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Oct 19 17:52:48 2018 +0200
TLS 1.3: implement anti-replay measure using ClientHello recording
This implements ClientHello recording outlined in section 8.2 of RFC
8446.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Nov 1 15:37:42 2018 +0100
db: introduce gnutls_db_set_add_function
This adds a way to store an entry if it is not found in the database,
so that the implementation can provide atomic test-and-set.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Nov 8 17:54:11 2018 +0100
db: introduce gnutls_db_check_entry_expire_time
This would be particularly useful when the same database is used to
store long-lived TLS 1.2 session data and short-lived TLS 1.3
anti-replay entries. Note that the existing gnutls_db_check_entry
doesn't fit in this use-case, as it takes gnutls_session_t as the
argument.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Oct 22 15:26:07 2018 +0200
tls13/session_ticket: record timestamp in ticket
This is needed for implementing freshness checks outlined in 8.3 of
RFC 8446.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Nov 8 15:46:42 2018 +0100
str: suppress compiler warning when time_t is 32-bit
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Oct 22 11:12:02 2018 +0200
testcompat-tls13-openssl: exercise early data transmission
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Oct 15 11:29:56 2018 +0200
tests: add tests for early data
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Oct 12 13:33:13 2018 +0200
cli: add --earlydata option
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Oct 12 13:33:00 2018 +0200
serv: add --earlydata option
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Oct 12 13:34:21 2018 +0200
record: introduce new API functions for early data
This introduces gnutls_record_get_max_early_data_size(),
gnutls_record_send_early_data(), and gnutls_record_recv_early_data()
functions.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Oct 12 11:45:59 2018 +0200
handshake: handle early data
This plumbers early data handling in the handshake processes, which
consists of:
- traffic key updates taking into account of client_early_traffic_secret
- early data buffering in both server and client
- the EndOfEarlyData message handling
- making use of max_early_data_size extension in NewSessionTicket
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Oct 28 07:57:34 2018 +0100
session_pack: record max_early_data_size in session data
max_early_data_size sent as part of NST should be recorded and
restored when the session data is set back on the session.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Sun Oct 28 07:57:57 2018 +0100
record: fix memleak when rejecting early data
The "discard" label previously used assumes that the decrypted record
is already added to record_recv_buffer. It is not the case when
rejecting early data. Release the allocated memory manually and
return early.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Oct 12 17:10:51 2018 +0200
constate: add epoch_rel argument to _gnutls_epoch_dup
This is necessary for handling early data. Previously,
_gnutls_epoch_dup() copied the parameters from EPOCH_READ_CURRENT,
while the client only sets EPOCH_WRITE_CURRENT when sending early
data. This allows caller to specify from which epoch the parameters
are copied.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Oct 12 11:29:57 2018 +0200
handshake: refactor early secret derivation
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Oct 5 10:41:23 2018 +0200
handshake: record transcript hash for ClientHello
This is necessary to compute client_early_traffic_secret and
early_exporter_master_secret in TLS 1.3.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Oct 5 11:13:24 2018 +0200
ext/pre_shared_key: use predefined macros for secret labels
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Nov 6 09:38:43 2018 +0100
Unconditionally include nettle/memxor.h
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Nov 10 10:54:32 2018 +0100
gnutls-cli: use assert to mark impossible path
This avoids static analyzers from complaining.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Nov 10 07:46:24 2018 +0100
pkcs12: cleanups, and two memory leak fixes
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 9 07:44:02 2018 +0100
tls13: use system's openssl for interop testing
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 9 20:11:42 2018 +0100
Added checks to avoid false negatives reported by static analyzers
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Nov 6 14:47:41 2018 +0300
src: update autogenerated .bak files
Update files to include proper year, version, etc.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Nov 6 14:42:56 2018 +0300
src: include .bak files in EXTRA_DIST
Including .bak files in EXTRA_DIST allows us to stop hand-generating
these files in distribution. Instead they are directly copied from the
source tree.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Nov 6 14:34:18 2018 +0300
src: update .bak files during -args.c/.h regeneration
To ease updating of .bak files, update them when regenerating
Autogen'erated source files.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Nov 6 12:01:49 2018 +0300
doc: fix texi generation in out-of-tree builds
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Nov 6 10:52:47 2018 +0300
src: mark autogen'ed sources as nodist_
Mark autogenerated sources as not distributable. We are distributing
.bak files instead.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Nov 5 16:37:02 2018 +0300
Makefile.am: drop manpages regeneration from dist-hook
There is no need anymore to regenerate tools manpages, they will be
generated automatically from doc/manpages/Makefile.am.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Nov 5 16:22:25 2018 +0300
manpages: fix manpages distribution
It seems that dist_man_MANS does not work properly with Automake
conditionals. Automake will not distribute files which are conditionally
disabled at this make run. As released tarballs include all manpages
already, let's include them unconditionally.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Nov 5 15:02:50 2018 +0300
manpages: fix tools manpages generation
Pass additional include path to let autogen find common arguments
template.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Nov 5 14:53:46 2018 +0300
manpages: un-unroll the loop
Replace unrolled loop over header files with for-loop to simplify
Makefile.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Nov 5 14:30:53 2018 +0300
configure.ac: merge autogen/libopts checks
Move handling of autogen/libopts to a single place. Enforce usage of
local libopts if autogen is not found.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Nov 5 13:12:51 2018 +0300
doc: fix documentation generation in out-of-tree builds
gtk-doc will not process gnutls.h.in file, so we need to point it to
generated gnutls.h file, found inside builddir.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Nov 5 00:43:55 2018 +0300
cfg.mk: fix ChangeLog generation on out-of-tree builds
ChangeLog regeneration does not work for out-of-tree build, so let's fix
that.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sun Nov 4 14:29:11 2018 +0300
src: args-std.def: substitute variables using configure
Use standard way (configure script) to substiture variables in
args-std.def file, instead of manually replacing them in dist-hook.
Fixes #567
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 9 20:07:24 2018 +0100
Initialize output var to avoid false negative from static analyzers
This was identified by clang analyzer's on _gnutls_x509_dn_to_string
and _gnutls_x509_decode_string.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 5 20:51:33 2018 +0100
.gitlab-ci.yml: move to fedora29 for CI
This also moves the x86 CI builds to the debian cross infrastructure
as we have a more reliable way of generating a 32-bit image.
Resolves #607
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Stefan Berger <stefanb@linux.ibm.com>
Date: Fri Nov 2 18:33:32 2018 -0400
tpmtool: Support --srk-well-known for SRK with 20 zero bytes password
Implement --srk-well-known for SRK with 20 zero bytes password.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 7 09:56:56 2018 +0100
testcompat-openssl: do not test DSS or small curves with 1.1.1
DSA uses 1024-bit parameters, and these together with curves of
less than 256 bits are not accepted by debian's openssl.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 7 10:20:32 2018 +0100
doc/credentials: increased key size in RSA client cert
This is used by the test suite and recent openssl in debian requires
a larger certificates.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 7 10:16:10 2018 +0100
certtool: allow --update-certificate to replace public key
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 7 08:37:23 2018 +0100
README.md: updated instructions to apply to fedora29
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Ander Juaristi <a@juaristi.eus>
Date: Thu Oct 4 14:57:47 2018 +0200
Update docs for session ticket key rotation [ci skip]
Fix #581.
Signed-off-by: Ander Juaristi <a@juaristi.eus>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Nov 1 13:43:17 2018 +0100
ext/record_size_limit: handle the extension in TLS 1.2 ServerHello
Previously it had assumed that TLS 1.2 servers don't send the
extension, while actually it can be present in ServerHello.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 30 19:56:47 2018 +0100
gnutls_priority_init: ignore CTYPE-OPENPGP options
In GnuTLS 3.6.0 we dropped support for openpgp keys, however
the CTYPE-OPENPGP is often seen in applications, sometimes
as -CTYPE-OPENPGP to ensure it is not enabled. We simply
ignore this priority string when seen, to avoid preventing
these applications from running.
Resolves #593
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 30 19:46:09 2018 +0100
gnutls_priority_init: fixed indentation according to project rules
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 19 12:04:29 2018 +0200
gnutls_priority_set: re-organized
The sanity tests we moved prior to setting these priorities
and the %GNUTLS_E_NO_PRIORITIES_WERE_SET error code is returned
consistently to indicate that the existing priorities were not
overwritten.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 17 14:53:47 2018 +0200
gnutls_priority_set: do not override the version after handshake is complete
When an application would re-set priorities prior to a rehandshake
we would override the negotiated version with the highest supported,
something which may lead to issues. This disables that unnecessary
version override. See:
https://bugzilla.redhat.com/show_bug.cgi?id=1634736
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 30 10:28:20 2018 +0100
gnutls-serv: use default priorities when none are given
This makes it in par with gnutls-cli.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Oct 29 01:42:28 2018 +0300
self-tests: add GOST public key tests
Test vectors provided in standard are not that usefull (they use
unsupported curves with a != -3), so these test vectors were generated
by hand.
Fixes #492
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 29 07:24:01 2018 +0100
NEWS: added CMAC entries [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Simo Sorce <simo@redhat.com>
Date: Sun Oct 28 12:19:46 2018 -0400
Add NEWS entry about AES-CMAC
Signed-off-by: Simo Sorce <simo@redhat.com>
Author: Simo Sorce <simo@redhat.com>
Date: Fri Oct 26 16:55:27 2018 -0400
Add selftests for CMAC
Signed-off-by: Simo Sorce <simo@redhat.com>
Author: Simo Sorce <simo@redhat.com>
Date: Fri Oct 26 13:38:13 2018 -0400
Vendor in CMAC functionality from Nettle
If nettle's CMAC is not available, use a vendored in version from master.
This is necessary as long as we need to link against 3.4 for ABI
compatibility reasons.
Signed-off-by: Simo Sorce <simo@redhat.com>
Author: Simo Sorce <simo@redhat.com>
Date: Fri Oct 26 13:22:23 2018 -0400
Add CMAC Support
Signed-off-by: Simo Sorce <simo@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sun Oct 28 15:44:15 2018 +0300
NEWS: Add entry mentioning fix of S-BOXes for CryptoPro-B,-C,-D variants
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sun Oct 28 10:13:00 2018 +0300
self-tests: add GOST symmetric algorithms tests
Add tests for:
- GOST 28147-89 CFB cipher
- GOST R 34.11-94 hash function
- Streebog-256/-512 hash functions
- HMAC using GOST R 34.11-94/Streebog functions
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sun Oct 28 10:11:21 2018 +0300
nettle: fix s-boxes selection for rare GOST 28147-89 variants
gost28147-89 code contained c&p error, which resulted in using S-BOX
CryptoPro-A instead of -B, -C, -D. Fix that.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 26 22:50:52 2018 +0200
doc update [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Oct 24 13:08:45 2018 +0200
ext/pre_shared_key: don't assume ob_ticket_age < ticket_age_add
Previously, the server treated the condition as error, while it is
possible that ob_ticket_age may have wrapped round by 2^32.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Oct 25 12:32:52 2018 +0200
tls13/session_ticket: calculate ticket_age in milliseconds
Previously we calculated ticket age from the current wall clock in
seconds, multiplying by 1000. This is conceptually wrong, because
ticket age is designed to be in milliseconds.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Oct 26 08:18:01 2018 +0200
str: add macros to encode/decode struct timespec value
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Oct 25 13:47:13 2018 +0200
system: provide a means to replace gettime implementation
While gettime() is extensively used in the code, the library
previously hadn't provided a way to replace it for testing. This adds
a new internal function _gnutls_global_set_gettime_function and makes
use of it through virt-time.h.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Simo Sorce <simo@redhat.com>
Date: Wed Oct 24 15:45:23 2018 -0400
Add selftest for CFB8
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Oct 25 12:09:05 2018 +0200
_gnutls_timespec_cmp: new inline function
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Oct 25 12:02:53 2018 +0200
tls13/session_ticket: rename tls13_ticket_t type to tls13_ticket_st
This is consistent with the coding guideline.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 25 08:29:27 2018 +0200
gnutls-cli: reduce printed session information
When connecting to a server we were printing a lot of duplicate
information that was already part of the "Description" string.
No longer print that information unless --verbose is given.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 24 13:05:58 2018 +0200
gnutls-cli: do not print errors twice
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Simo Sorce <simo@redhat.com>
Date: Wed Oct 24 13:04:22 2018 -0400
Vendor in CFB8 functionality from Nettle
If nettle's CFB8 is not available, use a vendored in version from master.
This is necessary as long as we need to link against 3.4 for ABI
compatibility reasons.
Signed-off-by: Simo Sorce <simo@redhat.com>
Author: Simo Sorce <simo@redhat.com>
Date: Wed Oct 24 12:14:51 2018 -0400
Add AES-CFB8 Support
Signed-off-by: Simo Sorce <simo@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 15 15:59:48 2018 +0200
p11tool: fix initialization of security officer's PIN
Previously we would call gnutls_pkcs11_token_set_pin() without an
old PIN provided, which will result to the use of C_InitPIN() on the
underlying module. The C_InitPIN() in contrast with C_SetPIN() will
only work for the user and not for the administrator. As such, we
always provide the oldpin for when we change the admin's PIN.
Resolves #561
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 23 15:20:45 2018 +0200
fips140: aligned code with documentation
That is, we introduce the documented but unimplemented macros
GNUTLS_FIPS140_SET_LAX_MODE() and GNUTLS_FIPS140_SET_STRICT_MODE().
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Mon Oct 22 10:52:08 2018 +0200
Simplified check for NULL pointer to reduce code changes.
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Mon Oct 22 10:51:19 2018 +0200
Unified abbreviation for certificate type priorities in code.
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Thu Oct 11 21:25:11 2018 +0200
Renamed CHECK_AUTH macro to CHECK_AUTH_TYPE to be more clear what it checks.
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Thu Oct 11 21:13:45 2018 +0200
Renamed _gnutls_server_select_cert() to _gnutls_select_server_cert() for consistency reasons with its client couterpart.
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Thu Oct 11 21:05:33 2018 +0200
Renamed certificate_credential_append_crt_list() to certificate_credential_append_keypair().
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Thu Oct 11 21:01:25 2018 +0200
Renamed _gnutls_auth_info_set() to _gnutls_auth_info_init().
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Wed May 23 10:16:00 2018 +0200
Renamed fields in priority_st to improve code readability. Fixes #453.
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Tue May 22 12:35:31 2018 +0200
Added NULL pointer check in gnutls_certificate_free_credentials for safety.
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Mon May 21 10:11:28 2018 +0200
Renamed _gnutls_proc_x509_server_crt to _gnutls_proc_x509_crt.
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Sat May 19 16:01:01 2018 +0200
Small fixes for comments and log strings.
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu Oct 18 11:09:09 2018 +0200
SKIP tests/global-init-override if weak symbols don't work
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 16 15:06:04 2018 +0200
tests: eagain-auto-auth: only compiled in systems with cmocka available
This fixes build issue at MacOSX CI.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 12 16:36:12 2018 +0200
tlsfuzzer: updated to latest upstream and enabled new tests
Resolves: #591
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 12 17:08:15 2018 +0200
handshake: send missing extension alert
When a key share extension is not seen under TLS1.3, send
the missing extension alert.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 4 08:27:10 2018 +0200
_gnutls_server_select_cert: return error when no server cert is selected
When a certificate callback is used and no certificate is provided
by it, return an error rather than trying to use it (and crashing)
later. Note that this affects only an "illegal" code path when
a server would have provided no certificate, something which must
not happen on a real-world server.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 1 11:58:15 2018 +0200
gnutls_init: added flag for automatic re-authentication
This introduces the GNUTLS_AUTO_REAUTH gnutls_init() flag and makes
re-authentication under TLS simpler to enable and use.
Resolves #571
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 29 14:21:59 2018 +0200
pkcs11 uris: the URI scheme is case insensitive
Makes the comparisons of the URI scheme to use c_strcasecmp
from gnulib. It also replaces various straw strcasecmp with
the gnulib variant. This ensures that comparison will be
reliable irrespective of the locale.
Resolves #590
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 11 21:49:11 2018 +0200
.gitlab-ci.yml: cross CI requires privileged systems
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Oct 9 12:46:12 2018 +0200
Fix check for GNU C compiler in eina_cpu.c
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Oct 9 12:34:26 2018 +0200
Fix gen-mech-list.sh on Solaris / Bourne Shell
`cmd` is more compatible than $(cmd).
The shell is "sh (Schily Bourne Shell) version 2013/01/14 a+ (i386-pc-solaris2.9)"
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Oct 5 19:41:15 2018 +0200
Let bootstrap check for gperf and autopoint
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon Oct 8 11:25:23 2018 +0200
Skip tests/tls13/prf.c if visibility 'protected' doesn't work
Overriding gnutls_rnd() with visibility 'protected' doesn't always work.
E.g. LDFLAGS="-Wl,-Bsymbolic-functions" seems to have priority on
Debian derived systems.
Fixes #584
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Oct 6 16:43:33 2018 +0200
tests: added unit test for gnutls_session_set_id
This adds a unit and a negative test which ensures that
a client will not be tricked in performing resumption when
this function is used.
Resolves #585
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 4 08:29:41 2018 +0200
doc: fix use of gnutls_ext_raw_parse callback [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 30 22:05:59 2018 +0200
gnutls_priority_set: do not override version on handshake
When handshake is in progress, do not override the default TLS
version in the session. This allows gnutls_priority_set to be called
in the post_client_hello function without breaking the handshake.
Resolves #580
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 2 11:57:31 2018 +0200
encrypt_packet_tls13: added explicit check on iv_size bounds
Although there are no ciphers defined for TLS1.3 which would overflow
the assumed bound, an explicit check is necessary to avoid that code
be a liability in future updates.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 1 09:18:46 2018 +0200
privkey_pkcs8: added reference for validation parameters OID [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 1 08:31:16 2018 +0200
NEWS: corrected typo [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu Sep 27 21:11:21 2018 +0200
Use ASCII version of strcasecmp() in library code
strcasecmp() has side effects in some locales.
What we really need is c_strcasecmp() from Gnulib for comparing
ASCII strings.
Fixes #570
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Sep 27 11:02:33 2018 +0300
.gitlab-ci.yml: reenable SSLv2 hello support for SSL-3.0.Fedora.x86_64
Reenable SSLv2 hello support to let several SSL-3.0 tls-fuzzer tests
pass.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Sep 27 01:05:09 2018 +0300
tlsfuzzer: disable SSL3.0 in export-ciphers-rejected test
These tests will fail with SSL3.0-enabled gnutls-serv unless --ssl3
option was passed. We will run these tests anyway from
gnutls-nocert-ssl3.json, so disable them here.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Sep 27 00:42:21 2018 +0300
tlsfuzzer: support running from separate build dir
Adapt tls-fuzzer-common.sh script to be able to run tests in case
srcdir != builddir.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Sep 25 17:00:14 2018 +0300
.gitlab-ci.yml: reenable full test suite in SSL-3.0/SHA-1 case
Reenable full test suite run in SSL-3.0/SHA-1 CI test case to let us
catch issues in legacy code.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Sep 24 16:07:19 2018 +0300
tlsfuzzer: add missing script
Makefile.am refers tls-fuzzer-nocert-ssl3.sh script, which is missing
in the source tree. Add it back.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Sep 27 00:35:20 2018 +0300
tlsfuzzer: move common code to separate file
Move common code to tls-fuzzer-common.sh to ease further adjustments.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Sep 26 23:34:16 2018 +0300
tlsfuzzer: use random port for tls-fuzzer-nocert test
Like the rest of tls-fuzzer tests, pass "-p PORT" to subtests, allowing
usage of random port for server.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Sep 26 23:34:16 2018 +0300
tlsfuzzer: use random port for tls-fuzzer-cert test
Like the rest of tls-fuzzer tests, pass "-p PORT" to subtests, allowing
usage of random port for server.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed Sep 26 12:54:37 2018 +0200
Make tlsproxy/buffer.c compilable by gcc 4.4.7
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 26 09:38:04 2018 +0200
_gnutls_check_key_purpose: eliminated dead code
Resolves #573
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 25 13:52:25 2018 +0200
manpages: do not generate any manpages for openpgp.h
This API is no longer functional and is only available as stubs
for backwards binary compatibility.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 25 13:06:57 2018 +0200
manpage generation: cleanup
Recognize parameters of the form unsigned char name[8], and
do not print obscure warnings. Furthermore gdoc will fail
when a function parameter is not described or when no
function is found. This addresses the generation of undetected
errors in generated manpages.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 25 12:07:10 2018 +0200
doc: fixed missing function and enumeration parameters
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 25 14:12:26 2018 +0200
tests: removed unused file
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 25 18:10:12 2018 +0200
mech-list.h: generate unique entries
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 24 17:33:03 2018 +0200
released 3.6.4
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 21 16:31:58 2018 +0200
tests: pkcs12-utf8 depend on bash
The NetBSD default shell cannot handle the UTF-8 strings we use
in that script.
Resolves #544
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 21 16:20:36 2018 +0200
bumped versions and updated NEWS file
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 21 16:18:23 2018 +0200
Enable the TLS1.3 protocol by default
As the protocol has been finalized, and the implementation is
stable and interoperable, there is no need to enable it conditionally.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 18 08:36:18 2018 +0200
gnutls-cli: enable CRL validation on startup
This also makes the failure in adding CRLs or CAs, a fatal error.
Resolves #564
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 20 16:44:51 2018 +0200
Provide a more flexible PKCS#11 search of trust store certificates
This addresses the problem where the CA certificate doesn't
have a subject key identifier whereas the end certificates
have an authority key identifier.
Resolves #569
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 18 08:35:32 2018 +0200
trust list: added flag to force failure on CRL validation error
This allows an application to be notified of the addition of invalid
CRLs in the trust list.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Sep 18 11:50:43 2018 +0200
Remove auto-generated src/mech-list.h from repo
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Sep 18 15:35:20 2018 +0200
Fix issue introduced in 20886264fe
This makes _gnutls_resolve_priorities() return a string that is always
allocated with the gnutls memory functions.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 19 14:15:20 2018 +0200
session tickets: check timestamp for validity
We were previously only relying on the client's view of the
ticket lifetime for TLS1.3 tickets. This makes sure that we
only resume tickets that the server considers valid and consolidates
the expiration time checks to _gnutls_check_resumed_params().
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 20 10:11:42 2018 +0200
ECC export/import: updated documentation on EdDSA curves
This clarifies the format that parameters in the EdDSA curves
will be returned, and also ensures that the import/export
functions fail on unsupported curves.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 19 15:03:32 2018 +0200
tests: use virt-time.h in resumption tests
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Ander Juaristi <a@juaristi.eus>
Date: Tue Sep 18 09:40:20 2018 +0200
Added session ticket key rotation with TOTP
This introduces session ticket key rotation on server side. The
key set with gnutls_session_ticket_enable_server() is used as a
master key to generate time-based keys for tickets. The rotation
relates to the gnutls_db_set_cache_expiration() period.
Resolves #184
Signed-off-by: Ander Juaristi <a@juaristi.eus>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Sep 18 03:05:51 2018 +0300
certtool: print GOST public key with MSB first
OpenSSL and other libraries print MSB first, when printing GOST public
keys. Let's return to this convention.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Sep 18 03:05:51 2018 +0300
x509: print_pubkey: print GOST public key with MSB first
OpenSSL and other libraries print MSB first, when printing GOST public
keys. Let's return to this convention.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Sep 18 00:53:17 2018 +0300
lib: use little endian when importing/exporting GOST keys
GOST R 34.10 native format is little endian. It is better for the
application code to use native format data to interface library, rather
than convert buffers on their own.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Sep 18 00:51:05 2018 +0300
mpi: add function to dprint mpi in little endianness
Add little endian counterpart to _gnutls_mpi_dprint and
_gnutls_mpi_dprint_le.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Sep 17 12:26:31 2018 +0300
gnutls.h: correct GOST R number references [ci skip]
Fix numeric GOST R ids used in documentation, too many numbers:
- GOST R 34.11 is digest function
- GOST R 34.10-2001 is a digital signature over GOST R 34.11-94 digest
- GOST R 34.10-2012 is a digital signature over GOST R 34.11-2012 digest
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon Sep 17 10:12:38 2018 +0200
Update git submodules via ./bootstrap
Setting $SUBMODULE_NOFETCH to a non-empty value adds
--no-fetch to the git command (for CI speedup).
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 17 15:14:12 2018 +0200
tests: pkcs1-pad: run with SHA-1 enabled or disabled
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 17 12:58:38 2018 +0200
.gitlab-ci.yml: enable run with SHA-1 enabled
This adds a CI run with SHA-1 enabled, and corrects issues in the
testsuite when that's the case.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 17 09:28:08 2018 +0200
gnutls_x509_trust_list_add_trust_mem: fix behavior with unaccounted certs
If gnutls_x509_trust_list_add_cas returns less than clist_size, the additional
unaccounted certificates will never be freed.
Relates #552
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 17 09:12:29 2018 +0200
gnutls_x509_trust_list_add_cas: corrected return value
When the flag GNUTLS_TL_USE_IN_TLS is used and add_new_ca_to_rdn_seq
the return value did not include the last certificate added to the
list. This corrects its return value.
Relates #552
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 17 09:10:24 2018 +0200
fixed documentation in trust list functions
That clarifies and addresses issues in the documentation of
gnutls_x509_trust_list_add_crls() and gnutls_x509_trust_list_add_cas()
Relates #552
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 16 15:54:41 2018 +0200
tests: added CRL verification tests
This tests CRL verification with certtool --verify-crl on correct
and incorrect cases.
Relates #564
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 16 15:35:19 2018 +0200
certtool: updates in documentation in messages for CRL generation
This fixes the messages printed for the generation of a CRL, and
makes the return code of the CRL verification depending on the
verification result.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 14 16:32:05 2018 +0200
Fix variable used in reallocation
This corrects the variable name used in the sizeof argument
for realloc. This does not alter the actual allocation size,
but rather it fixes a logic error.
Relates: #554
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 22 15:25:06 2018 +0200
.gitignore: updated
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 22 10:08:41 2018 +0200
dtls: recover when a NewSessionTicket message is lost
When the server's NewSessionTicket gets lost while the ChangeCipherSpec
goes through, the client did not request retransmission by retransmitting
his last flight, and the handshake was blocked. This commit addresses
the issue and adds a reproducer.
Resolves #543
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Aug 27 17:44:35 2018 +0200
tlsfuzzer: remove duplicate tests and sort them alphabetically
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Andreas Schwab <schwab@suse.de>
Date: Mon Sep 10 17:35:08 2018 +0200
doc: fix reference to invocation nodes
Signed-off-by: Andreas Schwab <schwab@suse.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 20 15:17:04 2018 +0200
priority: be backwards compatible with priority strings starting with NONE
That is, we allow priority strings which do not enable any groups to
work, by disabling TLS1.3. For example
'NONE:+VERS-TLS-ALL:+MAC-ALL:+RSA:+AES-128-GCM:+SIGN-ALL:+COMP-NULL'
is still operational, but no TLS1.3 is enabled when specified.
Resolves: #549
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Aug 24 16:34:14 2018 +0200
Use gnutls_strdup() instead of strdup() in library code
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Aug 24 16:27:36 2018 +0200
Remove gnulib work-around '#undef strdup'
The 'issue' should be fixed already. Even if not, it has to
addressed in gnulib.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Aug 21 15:02:56 2018 +0200
ext/pre_shared_key: use consistent name for regitration entry
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Aug 21 14:54:41 2018 +0200
ext/pre_shared_key: make ticket age calculation consistent
Previously we used a pattern like this:
uint32_t obfuscated_ticket_age, ticket_age_add;
time_t ticket_age;
ticket_age = obfuscated_ticket_age - ticket_age_add;
if (ticket_age < 0) {
...
}
This always evaluates to false, because subtraction between unsigned
integers yields an unsigned integer. Let's do the comparison before
subtraction and also use correct types for representing time: uint32_t
for protocol time and time_t for system time.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Aug 17 15:45:20 2018 +0200
tls13/psk_ext_parser: simplify the iterator interface
Previously it was unclear whether psk_ext_parser_st is stateful or
not. This change introduces the simpler API to iterate over the
immutable data (psk_ext_parser_st), following the iterator pattern.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 21 16:18:11 2018 +0200
gnutls-cli-debug: mention RFC8446 for TLS1.3 and RFC8422 for X25519
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Aug 21 13:10:48 2018 +0200
Remove --no-git from ./bootstrap [ci skip]
This removes the --no-git option as bootstrap itself does not use
the remote repository for cloning. At least as long $GNULIB_SRCDIR
points to a recent enough local gnulib git repo.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 17 14:02:34 2018 +0200
handshake: do not negotiate TLS1.3 using the legacy version field
Previously we could end-up with a TLS1.3 connection if the TLS1.3
ID was seen on the wire. We now explicitly fallback to TLS1.2
when we see a protocol with TLS1.3 semantics in an SSL2.0 or
in the legacy version of the client hello.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 17 12:57:25 2018 +0200
handshake: simplified protocol version checking functions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 17 10:50:15 2018 +0200
tlsfuzzer: modify to use the final code points
Relates #542
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 13 20:55:50 2018 +0200
fuzz: updated traces for final TLS1.3 version
Resolves #359
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 13 20:46:21 2018 +0200
protocols: bumped TLS1.3 version number to RFC8446 value
This adds support of the final RFC numbers.
Resolves #542
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Wed Aug 15 18:29:32 2018 +0200
Implemented RFC7250 certificate type negotiation extensions.
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Aug 10 14:06:16 2018 +0200
ext/record_size_limit: new extension
This implements the record_size_limit extension as defined in RFC 8449.
Although it obsoletes the max_record_size extension, for compatibility
reasons GnuTLS still sends it on certain occasions. For example, when
the new size is representable as the codepoint defined for
max_record_size.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Aug 14 16:46:12 2018 +0200
ext/max_record: remove use of extension private data
As the extension data is always stored in
session->security_parameters.max_record_send_size, it shouldn't be
necessary to track it with the private data.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 17 14:43:30 2018 +0200
gnutls_session_resumption_requested: fixed behavior under TLS1.3
This makes gnutls_session_resumption_requested() functional under
TLS1.3 and introduces a unit test of the function.
Resolves #546
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 19 18:59:02 2018 +0200
.gitlab-ci.yml: use --no-git to bootstrap
That is, to reduce CI time, and avoid failures due to
non-availability of the gnulib git repo.
Resolves #547
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 17 14:48:56 2018 +0200
hello_ext: removed bogus comment
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 17 16:08:37 2018 +0200
.gitmodules: gnulib submodule is now synced from libidn's mirror
This mirror is updated hourly and is hosted on gitlab, meaning
less dependency on external sites downtime.
Resolves: #547
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Andreas Metzler <ametzler@debian.org>
Date: Wed Aug 15 14:20:43 2018 +0200
Fix two typos (overriden/guarranteed)
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 13 21:47:53 2018 +0200
doc: document the non-portability of NONE priority string
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 13 20:22:48 2018 +0200
tools: check output of called functions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 13 20:19:55 2018 +0200
write_oid_and_params: moved nullity check of params earlier
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 9 16:13:50 2018 +0200
gnutls_session_set_premaster: corrected error checks
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 9 16:12:36 2018 +0200
pubkey_verify_hashed_data: apply algorithm checks
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 9 16:09:21 2018 +0200
privkey_sign_raw_data: use assert to mark code which always succeeds
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 9 16:05:47 2018 +0200
_gnutls_send_change_cipher_spec: removed unnecessary test
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 13 21:04:56 2018 +0200
.travis.yml: do not run brew upgrade
This addresses issue with travis compilation on MacOSX.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 7 16:27:19 2018 +0200
gnutls_memset: use explicit_bzero
That is, use the glibc function when available and the second
parameter is zero.
Resolves #230
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 7 09:52:55 2018 +0200
use a consistent method to mark fall-through in switch cases
Also document that method in contribution guide.
Resolves #306
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Aug 7 14:45:07 2018 +0200
ext/pre_shared_key: prevent crash if no server credentials are set
Previously, if server is configured without PSK credentials and the
client authenticated with PSK, the server crashed with:
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7b190ba in server_recv_params (session=0x636fc0, data=0x634e6e "",
len=46, pskcred=0x0) at pre_shared_key.c:523
523 prf = pskcred->binder_algo;
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Aug 7 13:21:16 2018 +0200
tlsfuzzer: update to the latest version
Also enable test-tls13-ffdhe-sanity.py,
test-tls13-session-resumption.py, and
test-tls13-unrecognised-groups.py.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Aug 7 12:32:56 2018 +0200
alert: map GNUTLS_E_NO_COMMON_KEY_SHARE to handshake_failure
Previously, when server received a ClientHello that does include only
groups from unassigned ranges in supported_groups, it aborted the
connection with an illegal_parameter.
Resolves #537
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Aug 7 11:43:32 2018 +0200
algorithms: add support for FFDHE6144
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 3 22:26:47 2018 +0200
Corrected the importing of ECDSA public keys
This seems to be a regression since EdDSA support. The call to
_gnutls_x509_get_pk_algorithm() in public key import was unnecessary
and in fact it was overriding the available curve with a curve associated
with the OID. As the ECDSA OID doesn't include the curve, that had the
result of deleting the already read curve.
Resolves #538
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 3 14:13:14 2018 +0200
Ensure we are sending the right protocol version on second client hello
That is, when we respond to a Hello Retry Request as client, we put
the TLS1.2 version on the second client hello to send a hello that is
as close as possible to the original hello. That effectively separates
the handling of TLS1.2 rehandshake and TLS1.3 hello retry request
when sending a client hello.
Resolves #535
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 7 07:30:55 2018 +0200
doc: improved text on certifications
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 7 07:13:35 2018 +0200
doc: few improvements over certificate validation text
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 30 21:50:35 2018 +0200
gnutls-serv: re-introduce the session identifier message
The message "If your browser supports session resuming, then you should
see the same session ID, when you press the reload button", is now printed
again even under TLS1.3.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 30 16:48:26 2018 +0200
resume: keep persistent session identifiers
With the introduction of session ticket support (TLS1.2) and
TLS1.3, session identifiers have no persistency on server or
client side. Improve the situation by introducing persistent
session identifiers on server side in a backwards compatible
way.
Resolves #484
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Jul 19 15:57:59 2018 +0200
.gitlab-ci.yml: include fuzz/*.log in artifacts
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jul 18 15:56:17 2018 +0200
tests: tls-fuzzer: enable tests relying on header fragmentation
Those tests were previously disabled because splitting of handshake
messages in a very short (< 4 bytes) fragments is not implemented.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Aug 2 15:44:15 2018 +0200
record: send unexpected_message upon empty unencrypted records
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jul 27 06:30:41 2018 +0200
buffers: handle very short fragmentation of handshake messages
If the received record doesn't even complete the handshake
header (i.e., the record size < 4), keep it in a temporary buffer and
let the caller receive more records. Once enough amount of data is
received, move the already received records back to record_buffer and
proceed to the normal processing.
Fixes: #272
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jul 27 06:23:12 2018 +0200
mbuffers: introduce _mbuffer_head_push_first
This is similar to _mbuffer_enqueue, but adds an element to the
beginning of the buffer.
This is to make the incomplete header handling case easier.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jul 27 06:10:37 2018 +0200
_gnutls_parse_record_buffered_msgs: eliminate local variable usage
If `remain > 0` is true, `recv_buf[0].length > 0` always holds.
Combine those conditions and remove the `remain` utilizing MIN().
This is to make the incomplete header handling case easier.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jul 27 05:35:02 2018 +0200
buffers: avoid confusion in fragment length calculation
Previously, to calculate the fragment length, it added/subtracted one
to the ending offset back and forth; that was not easier to read and
couldn't handle empty payload messages in TLS.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Aug 2 16:59:27 2018 +0200
tlsfuzzer: update to the latest version
Also enable test-tls13-0rtt-garbage.py.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jul 16 11:30:05 2018 +0200
TLS 1.3: ignore "early_data" extension
As 0-RTT is still not implemented in GnuTLS, the server responds with
1-RTT, by skipping decryption failure up to max_early_data_size, as
suggested in 4.2.10 Early Data Detection.
Resolves #512
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 3 21:45:14 2018 +0200
p11tool: print expiration time on certificates
This is particularly useful when displaying information about a
certificate trust store.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 19 15:52:26 2018 +0200
tls1.3: server returns early on handshake when no cert is provided by client
Under TLS1.3 the server knows the negotiated keys early, if no client
certificate is sent. In that case, the server is not only able to
transmit the session ticket immediately after its finished message,
but is also able to transmit data, similarly to false start.
Resolves #481
Resolves #457
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 23 15:01:49 2018 +0200
gnutls-serv: don't close connection properly when handshake is not yet complete
In the case handshake is not yet complete and we need
to terminate, it is because of an issue. As such prefer an
unclear termination at this stage. This addresses error detection
issues with tlsfuzzer.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 2 16:16:27 2018 +0200
gnutls-cli: corrected input buffer null-termination
This was a regression in the previous cleanup at
f138ff85df69976badce44a5c46157cce091020f included in
3.6.3.
Resolves #534
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 31 11:37:50 2018 +0200
certtool: added example of converting to DER in manpage
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Jul 27 23:46:50 2018 +0200
Fix gcc-8 -Wabi warnings
Fixes #531
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 27 11:58:38 2018 +0200
ext/key_share: check the validity of server key shares
That is, when generating the public key based on the server's
key share, ensure that the algorithms match completely with
the key shares the client initially sent. This was detected
by the updated traces for TLS1.3 fuzzying.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 26 15:37:58 2018 +0200
gnutls-serv: improve output under TLS1.3
That is, silence fields no longer applicable under TLS1.3
and make sure that newer functions like gnutls_session_get_desc()
get used when describing the session.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 26 15:06:34 2018 +0200
fuzz: updated traces for latest TLS1.3 draft
Relates #359
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 26 12:40:54 2018 +0200
tests: run tls-fuzzer PSK testsuite
Resolves #508
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 26 11:27:23 2018 +0200
tests: added unit test of handshake with large certificate
This checks whether handshake message fragmentation and de-fragmentation
is functional on server and client.
Resolves #513
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 26 11:02:37 2018 +0200
certtool: eliminated limits in certificate export size
That allows printing an exporting certificates of size only bounded
by avail memory.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 26 10:56:25 2018 +0200
certtool: eliminate maximum limit in fields read with READ_MULTI_LINE_TOKENIZED()
This allows to generate a certificate with an extension of arbitrary size.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 25 16:41:38 2018 +0200
gnutls.h: corrected typo
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 25 14:48:47 2018 +0200
send_client_hello: don't override version after HRR is received
When a Hello Retry Request is received, do not set our (transient)
version to TLS1.2 on the second client hello. That's because both
peers have already negotiated TLS1.3.
This addresses issue with peers which may send a changecipherspec
message at this stage, which is now allowed when our version is
set to be TLS1.2. Introduced test suite using openssl and resumption
using HRR which reproduces the issue.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 25 13:08:35 2018 +0200
hello_ext_parse: apply the test for pre-shared key ext being last on client hello
We were incorrectly insisting on pre-shared key extension being last in
both client and server hello. That was incorrect, as only in client hello
it is required by TLS1.3 to be last.
Quoting:
The "pre_shared_key" extension MUST be the last extension in the
ClientHello (this facilitates implementation as described below).
Servers MUST check that it is the last extension and otherwise fail
the handshake with an "illegal_parameter" alert.
Resolves #525
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 24 20:58:10 2018 +0200
.gitlab-ci.yml: automatically retry failed jobs
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 24 16:48:32 2018 +0200
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 24 16:38:08 2018 +0200
allow no certificates to be reported by the gnutls_certificate_retrieve_function callbacks
In 9829ef9a we introduced a wrapper over the older callback functions
which didn't handle this case.
Resolves #528
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Jul 20 20:49:28 2018 +0300
cert-cred: fix possible segfault when resetting cert retrieval function
Reset get_cert_callback3 callback to NULL if provided callback is NULL.
Otherwise after the certificate request call_legacy_cert_cb1 /
call_legacy_cert_cb2 will try to unconditionally call legacy_cert_cb1 /
legacy_cert_cb2 callback (set to NULL) leading to segfault.
Fixes: 9829ef9a3ca06d60472599df7c74ebb9a53f1fe2
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sun Jul 22 20:31:36 2018 +0300
kx: for uniformity print master secret size
During keys setup phase debug log will contain sizes of all keys and
secrets, except master secret. Dump MS length (48) to log for
uniformity.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sun Jul 22 20:31:09 2018 +0300
constate: dump full key block to log
Include full key block to the debug log.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sun Jul 22 20:30:04 2018 +0300
constate: dump MAC keys to debug log
_gnutls_set_keys() can dump client/server write keys/ivs to debug log,
but it skips MAC keys. Add MAC keys to log.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sun Jul 22 20:25:35 2018 +0300
constate: drop unused variable in _gnutls_set_keys
_gnutls_set_keys() creates rrnd as client random + server random, but
does not use it (it was used before for export key generation, but was
not removed when dropping support for export cipher suites).
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Fixes: 8bdb8d53aa5b4c5d04255b6c9b5f2dac8b23d51b
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sat Jul 21 13:23:42 2018 +0300
cert auth: simplify certificate selection code
Merge pubkey_is_compat_with_cs() and select_sign_algorithm() functions
to ease extension of certificate selection code.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu Jul 19 12:50:13 2018 +0200
Remove trailing dot from hostname input
Fixes #532
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 17 09:03:38 2018 +0200
gnutls_x509_privkey_import_ecc_raw: encode parameters on import
That makes the structure fully usable after import. In _encode_privkey()
use the lower-level _gnutls_x509_export_int2() for key encoding as the
call to higher gnutls_x509_privkey_export2() could result to an infinite
recursion when keys are incomplete.
Introduced additional tests for PKCS#8 key import and export.
Resolves: #516
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Jul 19 14:19:07 2018 +0300
certtool: use gnutls_gost_paramset_get_name
gost_param_name() predates gnutls_gost_paramset_get_name() and
gnutls_gost_paramset_t. Use current API functions instead of hand-coding
new functions.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 19 11:24:04 2018 +0200
gnutls-cli: do not fail if CKA_ID is too long
Increased the buffer needed to read reasonable-sized CKA_IDs
and avoid failure when the CKA_ID is too long.
Resolves #520
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 19 07:47:40 2018 +0200
.gitlab-ci.yml: combined abi-check and TLS1.3 check runs
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 19 06:06:34 2018 +0200
tests: handshake-timeout: reverted virt-time.h usage
The tests nature (waiting on a socket) didn't fit well with the virt-time
implementation. Reverted to original real-time wait and improved error
detection in child process.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 16 14:04:01 2018 +0200
gnutls_priority_init: fix err_pos on invalid strings
When the provided string would be resolved (e.g., due to a @ priority
being used), to a different string, then do not attempt to
detect the right location of the error. It will not be useful to the caller.
This addresses the issue of test suite failure when --with-system-priority-file
and --with-default-priority-string are provided. It also enhances the test suite
with these options being active.
Resolves #517
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 17 21:55:33 2018 +0200
examples: tlsproxy: use snprintf instead of strncpy
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 17 08:17:13 2018 +0200
doc: simplified documentation on threads
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 17 13:53:02 2018 +0200
examples: tlsproxy: eliminated warnings
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 16 09:10:21 2018 +0200
.gitlab-ci.yml: updated win32 targets
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 16 08:27:54 2018 +0200
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jul 15 18:38:40 2018 +0200
gnutls-cli: mark legacy options as deprecated
This removes the --ranges and --disable-extensions options from
the default listing of options. They are disfunctional and may
be removed in the future.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jul 14 17:39:03 2018 +0200
.travis.yml: update brew and use nettle 3.4
Resolves #480
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jul 14 08:39:52 2018 +0200
.gitlab-ci.yml: Werror build runs with -std=c99
This ensures that the errors reported will be relevant
for the required version of the standard.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jul 14 17:30:49 2018 +0200
bumped versions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jul 14 08:27:26 2018 +0200
_gnutls_resolve_priorities: avoid gnu extension for ?: construct
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 13 16:11:16 2018 +0200
NEWS: doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 13 14:23:28 2018 +0200
nettle/rnd-fips: updated documentation
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 13 14:01:44 2018 +0200
gnutls-cli: improve error reporting with -l --priority option
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 13 11:18:21 2018 +0200
cipher-listings: use the sed found by configure script and make it portable
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 13 09:04:42 2018 +0200
tests: tls-fuzzer: separated SSL3.0 from TLS1.x tests
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 12 16:17:02 2018 +0200
gnutls-cli-debug: do not attempt SSL3.0 negotiation when not enabled
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 12 15:41:21 2018 +0200
priorities: ensure that SSL3.0 enablement fails early when disabled
That is, that a priority string with only SSL3.0 present is discarded as
invalid.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 12 15:14:39 2018 +0200
The SSL 3.0 protocol is disabled on compile time by default
It can be re-enabled by specifying --enable-ssl3-support on configure script.
This is the first step before removing support for the protocol completely.
Relates #103
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 13 08:45:49 2018 +0200
tests: gnutls-cli-debug.sh: corrected run under FIPS mode
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 13 07:10:11 2018 +0200
doc: minor text updates
Updated text for gnutls_session_ext_master_secret_status and for
GNUTLS_NO_EXTENSIONS flag which is defunc.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 13 07:08:42 2018 +0200
gnutls-cli-debug: fix EtM and extended master secret discovery
In particular do not set the GNUTLS_NO_EXTENSIONS flag by default,
and only enable block ciphers for the EtM check.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 13 06:40:08 2018 +0200
tests: improved unit test of gnutls-cli-debug
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 12 09:20:57 2018 +0200
gnutls-cli-debug: generalized cipher tests
That is, tests now check for either the 128-bit or the 256-bit
of the cipher consistently.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 12 09:19:13 2018 +0200
gnutls-cli-debug: removed legacy tests no longer applicable
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 12 09:17:11 2018 +0200
gnutls-cli-debug: detect TLS1.3 support
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 11 21:26:05 2018 +0200
gnutls-cli-debug: when testing servers enable all ciphers
Resolves #515
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jul 3 11:33:21 2018 +0200
doc: update for TLS 1.3
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 2 09:56:35 2018 +0200
_gnutls13_recv_async_handshake: process multiple and split handshake messages
It is permitted to concatenate multiple async handshake messages in a single
record message as well as split large messages (NST) into multiple records.
Modified _gnutls13_recv_async_handshake() to process them correctly, instead
of assuming that they are formatted as one message per record.
Resolves #510
Resolves #504
Relates #511
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 2 10:18:23 2018 +0200
tests: check whether multiple tickets can be sent/received
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 2 10:11:41 2018 +0200
gnutls_session_ticket_send: allow sending multiple tickets in one go
This allows combining the tickets in a single record message when
possible.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 4 07:42:44 2018 +0200
tests: handshake-timeout: use virt_sec_sleep() to avoid long delays in test
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 2 16:28:28 2018 +0200
generate_session_ticket: tickets cannot extend the original session time
That is, on a resumed session the server would not issue new tickets
that would have extended the lifetime of the originally issued ticket.
Resolves #476
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 3 18:42:01 2018 +0200
pre_shared_key: do not send extension when no identities are present
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 2 20:25:40 2018 +0200
tests: corrected priority strings in session-tickets-ok and other cleanups
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 3 10:22:04 2018 +0200
doc: mention session ticket behavior under TLS1.3
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 2 16:29:04 2018 +0200
generate_session_ticket: use a 4-byte nonce by default
It is not necessary to use large nonces.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 2 16:22:04 2018 +0200
pre_shared_key: use time_t type for ticket_age variable
This is guarranteed to allow negative values, and also be 32-bits.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 2 16:19:35 2018 +0200
generate_session_ticket: fixed comment
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Jul 9 18:21:20 2018 +0300
lib: document digest and paramset in gost key import functions
Document behaviour of gnutls_pubkey_import_gost_raw,
gnutls_privkey_import_gost_raw and gnutls_x509_privkey_import_gost_raw.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Jul 9 14:22:34 2018 +0300
lib/x509: use new function to deduce default GOST paramset
Use new _gnutls_gost_paramset_default() function to deduce default GOST
paramset, instead of hardcoding if/else in several places.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Jul 9 14:02:14 2018 +0300
lib: remove undefined behaviour when handling GOST paramset
Initial version of GOST patchset used param < 0 to represent unknown
value. Later special enum entry GNUTLS_GOST_PARAMSET_UNKNOWN was
introduced. Fix several leftovers comparing params to 0 directly.
Closes #505.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 9 12:40:59 2018 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 25 10:36:18 2018 +0200
gnutls_priority_init2,gnutls_set_default_priority_append: introduced
This allows enhancing the default priority with additional
options, allowing an application to introduce stricter (or weaker)
settings without requiring it to override all settings.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jul 7 19:52:04 2018 +0200
doc update [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jul 7 19:48:14 2018 +0200
doc update [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sat Jul 7 14:20:01 2018 +0200
configure: Fix progress message for --enable-tls13-support
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jul 7 10:21:51 2018 +0200
tests: tls-fuzzer-alpn: operate on random port
This allows parallel run of the test with other tlsfuzzer tests.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 3 08:49:06 2018 +0200
configure: added option --enable-tls13-support
The new option enables TLS1.3 draft-28 support unconditionally.
Updated the test suite to run when TLS1.3 is enabled by default,
and added a CI run with TLS1.3 enabled.
Resolves #424
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 3 11:45:31 2018 +0200
_gnutls_figure_common_ciphersuite: apply rfc7919 requirements only under TLS1.2
Under TLS1.3 there is no requirement to return insufficient security depending
on the FFDHE group negotiation.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 3 09:06:27 2018 +0200
supported_versions: do not parse in server side when TLS1.3 is disabled
This allows a server to negotiate older versions using the previous TLS
negotiation scheme.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 3 08:31:13 2018 +0200
protocols: bumped TLS1.3 protocol to draft-28
Resolves #506
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 4 10:08:06 2018 +0200
tests: mini-record-timing: avoid warning for too large stack usage
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 2 11:47:34 2018 +0200
tlsfuzzer: updated to include RSA and RSA-PSS related tests
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 2 08:32:52 2018 +0200
sign_supports_cert_pk_algorithm: corrected check for RSAE-PSS
If the signature algorithm sets the `cert_pk` field, ignore the
`pk` field completely. Not doing that would make the RSAE signature
algorithms with RSA-PSS certificates which is against the intended
use of `cert_pk`.
Resolves #500
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 2 14:12:48 2018 +0200
tlsproxy: included but not as submodule
This allows updating the example when necessary within the repository
and reduces the amount of external dependencies for CI.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 2 14:12:15 2018 +0200
tlsproxy: removed submodule
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jul 1 21:03:28 2018 +0200
tests: introduced tests about crypto API failures on illegal use
This ensures that any mistakes in using the crypto API are propagated
to the higher level calls, or result to an abort().
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jul 1 12:49:55 2018 +0200
gnutls_aead_cipher_encryptv: eliminate signed/unsigned warnings under x86
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jul 1 22:00:09 2018 +0200
accelerated: error on the cases where the nettle API would have errored
This ensures that illegal uses of the API would be propagated to
the higher levels.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jul 1 22:08:16 2018 +0200
gnutls_cipher_add_auth: propagate error codes
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jul 1 11:27:48 2018 +0200
certtool: properly print an int64_t value
Also included the gnulib inttype module for portability.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jul 1 11:24:16 2018 +0200
certtool: print information on time_t restrictions on failure
This informs the user of the tool why dates after 2038 cannot
be expressed on systems with a 32-bit time_t.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jun 30 16:49:53 2018 +0200
tests: verify that certtool operates as expected with dates after 2038
That is, whether it works with a time_t of 64-bit size, and fails
with a time_t of 32-bit size.
Resolves #370
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jul 1 12:39:28 2018 +0200
tests: check explicitly the size of time_t
Previously we were disabling the 2038 tests on 32-bit systems,
but there can be 32-bit systems with a 64-bit time_t. Ensure
that we run the right tests.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jun 30 16:48:54 2018 +0200
tests: better guarding of variable SKIP_DATEFUDGE_CHECK
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 27 21:31:43 2018 +0200
tests: ignore PIPE signal on TLS1.3-related tests
This was inadvertently omitted and that could cause unexpected
issues when one of the peers would close the connection earlier
than expected.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 27 15:00:13 2018 +0200
tests: check for GNUTLS_E_GOT_APPLICATION_DATA on post-handshake auth
That is, check whether GNUTLS_E_GOT_APPLICATION_DATA is received as
documented, and whether post-handshake auth can complete while this
is being sent.
Resolves #490
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 27 14:38:40 2018 +0200
post-handshake: return GNUTLS_E_GOT_APPLICATION_DATA as documented to
Relates #490
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 27 13:57:11 2018 +0200
tests: introduced test for post-handshake auth + PSK
Relates #489
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 27 14:19:02 2018 +0200
tls13 handshake: allow certificate messages after handshake
This allows post-handshake authentication even when PSK
is negotiated.
Resolves #489
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 27 13:41:13 2018 +0200
gnutls_session_get_flags: introduced GNUTLS_SFLAGS_POST_HANDSHAKE_AUTH
This allows a server application to detect whether the client
would support post handshake authentication or not without initiating
via gnutls_reauth().
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 2 08:10:45 2018 +0200
gnutls-serv: make --disable-client-cert and --require-client-cert options incompatible
That is refuse to run when both options are specified.
Resolves #502
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 29 22:40:27 2018 +0200
tests: verify whether GNUTLS_TLS_VERSION_MAX is negotiated on default mode
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Jun 29 10:33:18 2018 +0200
Fixes + cleanups for .gitlab-ci.yml
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 27 21:46:24 2018 +0200
p11tool: remove duplicate branch
The GNUTLS_PKCS11_OBJ_ATTR_MATCH and GNUTLS_PKCS11_OBJ_ATTR_ALL
attributes are the same, so there is no need to handle them
separately.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Jun 26 12:50:30 2018 +0200
Add strdup-posix gnulib module
Some files in gl/tests won't build in environments without
strdup(), e.g. MinGW on Debian. The gnulib docs advise to
explicitly add the module.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 21 11:29:19 2018 +0200
testcompat-tls13-openssl: fix openssl interactions
* Do not require certificate validation on tests where no certificate is sent
* Rekey test performs data transfer after re-key
This introduces a dependency on the expect package for testing, and
updates openssl to address an issue in post-handshake auth interop
testing.
Resolves #488
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 22 14:14:07 2018 +0200
gnutls-serv: when post-handshake auth is asked; require a certificate
This allows testing post-handshake authentication using gnutls-serv.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 21 15:05:40 2018 +0200
key update: corrected generation of keys
Resolves #485
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 21 08:46:04 2018 +0200
gnutls-cli: wait for all server data prior to closing connection
This cleans-up the existing code which was disfunctional and
allows detecting errors which happen after we transmit data
to the server.
Relates #485
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 27 13:34:16 2018 +0200
.gitignore: added new test executables
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 27 13:27:39 2018 +0200
tests: eliminated compiler warnings
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Jun 26 16:02:45 2018 +0300
Update .gitignore files according to bootstrap
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Jun 26 15:22:49 2018 +0300
src: fix regenerating autogen files if builddir = srcdir
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Rolf Eike Beer <eike@sf-mail.de>
Date: Tue Jun 26 15:18:36 2018 +0200
convert from milliseconds to timespec without loop
Signed-off-by: Rolf Eike Beer <eike@sf-mail.de>
Author: Rolf Eike Beer <eike@sf-mail.de>
Date: Tue Jun 26 15:02:51 2018 +0200
use timespec_sub_ms() instead of open coding it
Signed-off-by: Rolf Eike Beer <eike@sf-mail.de>
Author: Rolf Eike Beer <eike@sf-mail.de>
Date: Tue Jun 26 14:59:54 2018 +0200
avoid overflow when substracting timespecs if rdtsc is not available
This may still overflow on platforms where unsigned long is 32 bit (e.g. 32 bit
Un*x, any Windows) when the delta is more than 4 seconds.
Signed-off-by: Rolf Eike Beer <eike@sf-mail.de>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Jun 26 11:38:58 2018 +0300
lib/nettle/gost: support building with mini-nettle/mini-gmp
Do not depend directly on gmp.h.
Closes: #497
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Rolf Eike Beer <eike@sf-mail.de>
Date: Tue Jun 26 09:39:19 2018 +0200
avoid rounding errors and overflows when substracting timespecs
The current Unix time will cause overflows if multiplied with 1000, which could
lead to rounding errors afterwards. Do the substractions first so all numbers
stay small enough to fit into unsigned ints.
Signed-off-by: Rolf Eike Beer <eike@sf-mail.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 25 12:30:55 2018 +0200
wrap_nettle_pk_generate_keys: retry on provable key generation
This resolves issue with occasional failures under RSA key generation
in FIPS140-2 mode.
Resolves #283
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Sat Jun 23 15:11:17 2018 +0200
Let ./bootstrap sync from translationproject.org
This makes manual updating of the translations obsolete.
From now on, builds and tarballs will always have the latest translations
included.
We should not forget to inform translationproject.org to update the
translations before a release. How to do that is described at
https://translationproject.org/html/maintainers.html (6. Announcing).
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 26 02:38:51 2018 +0200
gnutls_session_get_desc: fixed desc printing of custom groups
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 25 10:06:25 2018 +0200
doc update [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jun 24 21:46:15 2018 +0200
aarch64: use getauxval() if available to discover cpu caps
This improves CPU detection by avoiding the parsing of
of a human-readable file and allows operation under debian
multilib qemu setup.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jun 24 21:50:15 2018 +0200
.gitlab-ci.yml: no need for submodule update on cross-builds
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 18 13:14:03 2018 +0200
.gitlab-ci.yml: use qemu for aarch64 testing
This eliminates the need (and costs) to maintain a separate baremetal
system.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jun 24 08:27:00 2018 +0200
.gitlab-ci.yml: corrected typo
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jun 24 08:06:55 2018 +0200
.gitlab-ci.yml: skip submodule initialization when not necessary
This prevents unnecessary download of submodules on CI.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jun 24 06:51:14 2018 +0200
.gitlab-ci.yml: updated x86 CI builds with better datefudge detection
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jun 24 06:58:37 2018 +0200
.gitlab-ci.yml: debian stretch build replaced by buster
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jun 23 19:38:26 2018 +0200
doc update [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jun 23 19:35:13 2018 +0200
doc update [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Jun 15 13:38:44 2018 +0300
tests: add PKCS#12 test script for GOST 28147-89-encrypted files
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Jun 15 13:06:41 2018 +0300
certtool: honour --hash option when generating PKCS#12 files
Use algorithm specified with --hash option when generating MAC for
PKCS#12 file, allowing user to select algorithms other than SHA-1.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sun Sep 24 10:31:39 2017 +0300
tests: expand pkcs7 test to also check GOST files
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sat Sep 23 22:51:19 2017 +0300
test: test GOST keys import/export
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sat Sep 23 21:40:34 2017 +0300
certtool: ask if certificate will be used for data encryption
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sat Sep 23 21:37:18 2017 +0300
tests: add common gost certificates for tests
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Dec 6 03:57:24 2016 +0300
Support key matching with GOST keys
GOST keys do not support signing non-GOST hashes, so use correct digest
algorithm when verifying that GOST public and private keys match.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sat Nov 26 04:51:41 2016 +0300
Add generated GOST credentials for tests
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Nov 21 20:58:00 2016 +0300
Use GOST R 34.11-94 when generating key for PKCS data to be encrypted with GOST 28147-89
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Nov 21 20:52:43 2016 +0300
certtool: support generating GOST-encrypted PKCS#8/12 files
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Nov 18 00:23:54 2016 +0300
Add gost certificates to chainverify tests
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Nov 17 10:47:16 2016 +0300
Expand x509 sign/verify test with GOST algorithms
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Nov 17 10:22:11 2016 +0300
oids: expand to include GOST digests/signatures
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Aug 29 17:44:10 2017 +0300
tests: privkey-keygen: adapt to support GOST algorithms
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Oct 24 20:56:46 2016 +0300
Support GOST private keys generation
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Oct 21 18:01:20 2016 +0300
certtool: support dumping GOST private key information
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Oct 21 17:38:57 2016 +0300
Add several DN entry definitions used by qualified GOST signatures
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Aug 28 14:34:33 2017 +0300
certool: export GOST privkeys only in PKCS#8 format
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Nov 9 14:19:58 2016 +0300
Add support for PKCS12 files using GOST MAC
Local PKCS12-based standard derives from RFC 7292 (PKCS #12) in using
PBKDF2 to generate MAC key rather than using PKCS12 scheme.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Nov 9 14:02:56 2016 +0300
Add support for PBES2/PBKDF2 using GOST algorithms
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sat Jan 28 06:01:01 2017 +0300
Support PKCS#12 key derivation with GOST digests
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Oct 21 17:56:04 2016 +0300
Add support for importing/exporting GOST private keys
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Sep 18 12:54:12 2017 +0300
Support importing/exporting X.509 GOST public keys
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Oct 21 04:43:35 2016 +0300
Add ASN.1 definitions for GOST keys
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Oct 21 04:07:36 2016 +0300
nettle: add support for GOST 34.10 public keys
There is no support for GOST public keys derivation, as it is used only
for TLS or PKCS#7 with encrypted content.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Oct 21 17:05:38 2016 +0300
Add few functions to support basic operations with GOST public keys
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Oct 21 04:02:30 2016 +0300
Add declarations for GOST R 34.10 signatures
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Oct 21 03:55:10 2016 +0300
Define GOST R 34.10 curves
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Oct 21 04:00:21 2016 +0300
Add declarations to support GOST public keys
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Nov 29 05:28:17 2016 +0300
Add support for I/O of little-endian MPI
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Nov 29 05:30:10 2016 +0300
nettle: add support for unsigned LE MPIs
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Oct 21 04:05:41 2016 +0300
nettle: add support for GOST 34.11 hash functions
Add support for GOST R 34.11-94 and Streebog (256/512) functions.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Oct 21 04:05:07 2016 +0300
nettle: support GOST28147-89 in CFB mode
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Oct 27 03:18:32 2016 +0300
Add declarations for GOST 28147-89 cipher in CFB mode
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Oct 21 03:57:17 2016 +0300
Add declarations for GOST R 34.11 (-94 and -2012) digest algorithms
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Aug 29 15:12:53 2017 +0300
Import GOST-supporting part from Nettle pending patches
Nettle upstream takes significant time to accept GOST-related patches.
As per Nikos' suggestion, push relevant parts to GnuTLS, so that they
can be tested in wild at the same time supporting GOST ciphersuite code.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sun Sep 17 20:57:52 2017 +0300
.gitlab-ci.yml: disable gost in minimal build
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Oct 26 22:34:17 2016 +0300
Add configure argument to disable GOST support
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 12 10:16:10 2018 +0200
_gnutls_parse_hello_extensions: enforce that pre-shared-key extension is last
This is a requirement in draft-ietf-tls-tls13-28 4.2.11 section:
The "pre_shared_key" extension MUST be the last extension in the
ClientHello (this facilitates implementation as described below).
Servers MUST check that it is the last extension and otherwise fail
the handshake with an "illegal_parameter" alert.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 12 10:01:22 2018 +0200
tests: check whether we send the pre-shared key extension after dumbfw
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 12 09:35:16 2018 +0200
tests: corrected typo in comment
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 8 10:48:32 2018 +0200
extensions: corrected order of pre-shared-key and dumbfw
The pre-shared-key MUST always be last under TLS1.3 while the
dumbfw extension should be last in order to do proper evaluation
of extension size (gnutls requirement). As such the protocol
requirement takes precedence.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Jun 19 13:21:44 2018 +0200
Fix test code for -Werror
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 19 14:59:33 2018 +0200
tests: updated supplemental tests for TLS1.3
This includes tests that verify that TLS1.3 is not negotiated
when supplemental data are set in client and/or server side.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 19 16:03:52 2018 +0200
gnutls_supplemental_register: disable TLS 1.3 globally
This allows using the registered supplemental data handlers, since
these are not used under TLS 1.3.
Resolves #479
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 19 14:42:13 2018 +0200
gnutls_session_supplemental_register: disable TLS1.3 when set
This allows using the registered supplemental data handlers, since
these are not used under TLS 1.3.
Resolves #479
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Jun 19 12:02:13 2018 +0200
Remove oss-fuzz copora from tarball
The size of the corpora is huge and not needed for normal builds.
This patch also fixes test run issues on Windows.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 20 13:20:27 2018 +0200
gnutls-cli: introduce the rekey1 inline command
That allows performing a rekey locally and with the
peer.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 18 11:33:34 2018 +0200
document new behavior on safe padding removal
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 18 11:22:36 2018 +0200
record: fail with invalid request when attempting to send no pad and no data
Previously we were returning an internal error which seems to be incorrect
in that case.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 18 11:15:56 2018 +0200
tests: enhance padding check
This introduces tests for zero-data transfers with padding as well
as padding and de-padding with safe padding flag set.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 18 11:03:40 2018 +0200
gnutls-cli: added CCM run under TLS1.2 in benchmark mode
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 18 11:00:39 2018 +0200
cipher: made TLS1.3 safe padding check optional
This patch introduces the gnutls_init() flag GNUTLS_SAFE_PADDING_CHECK
which makes the TLS1.3 safe padding check optional. That way applications
which do not utilize the TLS1.3 padding do not get penalized by the performance
drop in TLS1.3 packet processing. This addresses a regression in TLS1.3
packet processing performance.
Resolves: #466
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 19 13:16:13 2018 +0200
gnutls_session_get_id: document restrictions
This documents the fact that a TLS session ID cannot be relied
to be unique or to even have a meaningful value.
Resolves #484
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 19 13:08:27 2018 +0200
tests: verify that resumed session ID matches original
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Jun 19 18:23:14 2018 +0300
Makefile.am: move autogen files update to src/Makefile.am
Move autogen'ed files update to src/Makefile.am to simplify code and
support out-of-tree builds.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Jun 19 18:20:18 2018 +0300
Makefile.am: files-update: support out-of-tree builds
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Jun 19 11:26:09 2018 +0300
symbol-check: fix typo to make it work for out-of-tree builds
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jun 16 15:46:25 2018 +0200
aarch64: update elf files to correspond to the macosx version
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jun 10 14:08:54 2018 +0200
macosx: include aarch64 asm files
Relates #475
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jun 16 15:27:02 2018 +0200
Makefile.am: abi-check: fetch fresh tags
This addresses the issue of failed abi-check CI runs on
forked repositories.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 18 15:10:32 2018 +0200
drbg-aes: removed the continuous DRBG checks
These are no longer necessary for FIPS140-2 compliance.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Jun 15 19:39:22 2018 +0200
Fix usage of 'autoreconf'
'autoreconf' created a different configure script than ./bootstrap.
The result was a broken wchar.h that failed to compile.
The work-around was 'autoreconf -I gl/m4' which is not what a developer
expects. This patch moves gl/m4/* to m4/ which is the default include dir
for autoreconf.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Martin Storsjo <martin@martin.st>
Date: Thu Jun 14 12:53:42 2018 +0300
configure: Check for clock_gettime and fmemopen using a proper test
Don't use AC_CHECK_FUNCS for these functions, but actually test by
including the real header that defines the functions. This allows
the macOS version selection work as intended, making the references
to these functions weak if targeting a version of macOS where these
functions aren't available. Thanks to -no_weak_imports, these weak
references end up in failed linker tests, marking the functions as
unavailable.
This fixes issue #142.
Signed-off-by: Martin Storsjo <martin@martin.st>
Author: Martin Storsjo <martin@martin.st>
Date: Thu Jun 14 12:52:03 2018 +0300
configure: Include sys/random.h before checking for getentropy on macOS
This function is available since macOS 10.12, but it's in
sys/random.h on macOS, contrary to the other platforms supporting
it where it is present in unistd.h.
If we don't include the right header that declares the function
and its availability, the configure check would succeed even if
targeting older versions of macOS that lacks the function.
Also include the same header in the source file that actually
uses getentropy.
Signed-off-by: Martin Storsjo <martin@martin.st>
Author: Martin Storsjo <martin@martin.st>
Date: Thu Jun 14 12:36:10 2018 +0300
configure: Pass -no_weak_imports to the linker, if supported
This avoids linking to functions that aren't available in the
lowest targeted macOS version.
If the proper header declaring a function is included, and
gnutls is built with -mmacosx-version-min or the
MACOSX_DEPLOYMENT_TARGET environment variable is set, each
reference to a function that doesn't exist in the minimum
targeted version will be made a weak reference, so that loading
the binary still works, but the function pointer will resolve
to NULL if running on a version of the platform that lacks it.
Since this project doesn't do such runtime checks for functions
it expects to have available, we should instead add this linker
option to fail on the weak references. This allows autoconf to
work as intended, detecting that these functions aren't usable.
This flag appeared in Xcode 8, so check for its availability
before using it. (Xcode 8 and the 10.12 SDK is coincidentally
the release where most relevant new functions appeared, so with
older Xcode versions, the modern platform functions we might want
to avoid don't exist.)
See issue #142.
Signed-off-by: Martin Storsjo <martin@martin.st>
Author: Martin Storsjo <martin@martin.st>
Date: Thu Jun 14 13:47:41 2018 +0300
configure: Remove a duplicate check for fmemopen
The duplicate was added in 5bb8a18b without any specific reasoning
as to why.
Signed-off-by: Martin Storsjo <martin@martin.st>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jun 13 17:50:20 2018 +0200
tlsfuzzer: update to the latest version
Also enable test-tls13-hrr.py.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jun 13 17:47:50 2018 +0200
_gnutls13_handshake_server: send CCS immediately after HRR
In the TLS 1.3 middlebox compatibility mode, CCS follows the first
handshake message sent from the server, that is either SH or HRR.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 14 13:43:30 2018 +0200
_gnutls13_handshake_server: corrected transition when post_handshake callback is set
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jun 13 17:43:32 2018 +0200
_gnutls_send_change_cipher_spec: don't cache under TLS 1.3
Under TLS 1.3, when the server sent HRR, CCS may be followed by
receiving ClientHello. In that case, the messsage shouldn't be
cached.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jun 10 11:42:10 2018 +0200
abi-check skip session::set_transport_vec_push_function
This prevents an abi-compliance checker error when run under
gcc8 (though this error is not there under any other gcc).
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun May 27 15:13:47 2018 +0200
corrected check for iovec types in libc
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jun 2 22:23:29 2018 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jun 2 22:15:58 2018 +0200
gnutls-cli: benchmark for TLS1.3 and TLS1.2
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jun 2 21:37:00 2018 +0200
cipher: use gnutls_aead_cipher_encryptv
This eliminates the need of a memory allocation during each
packet encryption when no padding is done.
Relates #458
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jun 2 21:25:10 2018 +0200
gnutls_aead_cipher_encryptv: introduced
This API allows encryption using a scatter input, by also
taking advantage of ciphers which are optimized for such input.
That is particularly useful under TLS1.3 since its encryption is
based on encryption of scattered data (data+pad).
Resolves #458
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jun 2 21:23:41 2018 +0200
MAX_CIPHER_BLOCK_SIZE: increased to 64-bytes for CHACHA20
This was not necessary since that value was only used by block
(in TLS sense) ciphers, but that definition could also be used
for the CHACHA20.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 14 14:51:23 2018 +0200
configure: reduce warnings about implicit-fallthrough [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 14 13:22:03 2018 +0200
gnutls_alert_send_appropriate: fix type
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 14 13:18:54 2018 +0200
README-ci.freebsd.md: updated for new build method with gnulib [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed Jun 6 09:45:32 2018 +0200
Use $(MAKE) instead of make
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Jun 5 17:06:05 2018 +0200
distclean temp. test files for 'make distcheck'
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Jun 5 10:58:10 2018 +0200
Add DISTCLEANFILES to src/Makefile.am to fix 'make distcheck'
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon Jun 4 16:15:07 2018 +0200
Fix creation of ChangeLog for 'make distcheck'
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon Jun 4 11:56:57 2018 +0200
Fix 'compare-makefile' make target for 'make distcheck'
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon Jun 4 11:33:18 2018 +0200
Fix 'compare-exported' make target for 'make distcheck'
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu May 31 13:20:51 2018 +0200
Fix distcheck issues
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon May 21 16:25:20 2018 +0200
Fix gcc 8 warnings
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Sat May 19 13:24:58 2018 +0200
Fix CI testing -Werror
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Sat May 19 10:19:32 2018 +0200
Skip sc_prohibit_always_true_header_tests
We can't simply remove the checks for HAVE_SYS_SOCKET_H.
If we do, we have to make checks on real WIN32, which
is currently not an option.
So we skip sc_prohibit_always_true_header_tests.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Sat May 19 09:37:24 2018 +0200
Fix sc_prohibit_always-defined_macros
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri May 18 23:23:26 2018 +0200
Avoid certain gnulib tests
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri May 18 23:10:16 2018 +0200
Update GTK-DOC check in configure.ac
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed Jun 6 09:19:45 2018 +0200
Use ./bootstrap in .gitlab-ci.yml
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri May 18 20:31:31 2018 +0200
Add bootstrap + bootstrap.conf
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri May 18 20:06:16 2018 +0200
Add gnulib submodule
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Jun 13 12:12:18 2018 +0300
nettle: require Nettle library >= 3.4
Nettle version 3.4 was released more than a half year ago, require it to
compile GnuTLS library. It allows us to remove bundled code that was
merged into that release.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jun 12 13:01:17 2018 +0200
.gitlab-ci.yml: fix artifact paths for TLS1.3/interop
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 12 09:12:07 2018 +0200
tlsfuzzer-tls13: use a random port for testing
That eliminates the need for locking and allows parallel runs.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jun 8 13:13:27 2018 +0200
tlsfuzzer: update to the latest version
Also enable the TLS 1.3 tests.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jun 11 12:08:18 2018 +0200
buffers: remove redundant assignment
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Jun 11 10:51:16 2018 +0200
record: use correct alert type upon receiving empty Alert
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jun 8 15:55:06 2018 +0200
record: improve empty message handling in TLS 1.3
Previously, _gnutls_recv_in_buffers() silently discarded empty
messages because such messages are used as a countermeasure to
vulnerabilities in the CBC mode. In TLS 1.3, however, there are only
AEAD ciphers and such logic is meaningless. Moreover, in the protocol
it is suggested to send "unexpected_message" alert when receiving
empty messages in certain occasions. This change moves the empty
message handling to record_add_to_buffers().
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jun 8 12:51:40 2018 +0200
record: fix padding removal when the payload is zero-length
Previoysly if TLSInnerPlaintext.content is zero-length, the loop
couldn't detect ContentType following the content.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 5 10:37:58 2018 +0200
priorities: introduced %FORCE_ETM
This introduces a priority string option to force encrypt-then-mac
during negotiation, to prevent negotiating the legacy CBC ciphersuites.
Resolves #472
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 6 09:25:20 2018 +0200
priorities: hmac-sha256 ciphersuites were removed from defaults
These ciphersuites are deprecated since the introduction of AEAD
ciphersuites, and are only necessary for compatibility with older
servers. Since older servers already support hmac-sha1 there is
no reason to keep these ciphersuites enabled by default, as they
increase our attack surface.
Relates #456
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 7 09:56:49 2018 +0200
cbc_mac_verify: require minimum padding under SSL3.0
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 7 09:54:50 2018 +0200
cipher: separated CBC w/o EtM handling
This would allow to further modify for more invasive work-arounds.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 4 17:57:52 2018 +0200
dummy_wait: always hash the same amount of blocks that would have been on minimum pad
This improves protection against lucky13-type of attacks when
encrypt-then-mac is not in use.
Resolves #456
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 21 09:04:55 2018 +0200
cbc-record-check.sh: introduced
That enhances the existing CBC check and adds sha384, uses PSK
to reduce handshake time, and other updates.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 18 15:43:36 2018 +0200
dummy_wait: correctly account the length field in SHA384 HMAC
The existing lucky13 attack count-measures did not work correctly for
SHA384 HMAC.
The overall impact of that should not be significant as SHA384 is prioritized
lower than SHA256 or SHA1 and thus it is not typically negotiated, unless a
client prioritizes a SHA384 MAC, or a server only supports SHA384, and in both
cases the vulnerability is only present if Encrypt-then-MAC (RFC7366) is unsupported
by the peer.
Resolves #455
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu Jun 7 12:11:30 2018 +0200
Fix warnings seen on OpenCSW Solaris 10
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 8 08:56:23 2018 +0200
gnutls_session_get_data2: harmonize documentation with practice
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed Jun 6 12:45:13 2018 +0200
Fix variable overflow in TLS1.3 session ticket code
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jun 1 15:04:49 2018 +0200
tls13/session_ticket: don't send ticket when no common KE modes
When the server had received psk_key_exchange_modes extension which
doesn't have any overlap with the server configuration, omit to send
NewSessionTicket.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jun 5 14:08:26 2018 +0200
ext/psk_ke_modes: always send extension unless disabled in config
With the psk_key_exchange_modes extension, clients can restrict the
key exchange modes for use with resumption and in that case the server
shouldn't send NewSessionTicket. This patch makes use of it to avoid
receiving useless tickets, by sending the psk_key_exchange_modes
extension unless PSK is completely disabled.
A couple of tests need to be adjusted: tls13/prf to take into account
of the psk_key_exchange_modes extension sent, and tls13/no-psk-exts to
not treat the presence of the extension as error.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed May 23 22:26:20 2018 +0200
Add --enable-doc to DISTCHECK_CONFIGURE_FLAGS
Make sure that 'make distcheck' works even if
'./configure --disable-doc' has been used in the project dir.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed May 23 22:24:05 2018 +0200
Fix tests 'ocsp-must-staple-connection' and 'ocsp-tls-connection'
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Wed May 23 22:22:27 2018 +0200
Fix tests/cert-tests/template-test for 'make distcheck'
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jun 1 09:54:41 2018 +0200
ext/pre_shared_key: make PSK identity parsing robuster
Previously, to determine whether a PSK identity is a ticket or a PSK
username, it relied on PskIdentity.obfuscated_ticket_age, which
"SHOULD" be 0 if the identity is a PSK username.
This patch instead checks the key name of the ticket first and then
check the constraints of the PSK username. That way, it can
distinguish tickets and PSK usernames in a more realible manner.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Jun 1 10:01:08 2018 +0200
_gnutls_decrypt_session_ticket: fail early on key name mismatch
If the key name of the ticket doesn't match, we don't need to parse
the entire ticket.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Tue May 29 15:53:45 2018 +0200
Renamed extension supported ECC to supported groups. Fixes #451.
Split combined ECC extensions into different files.
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu May 24 12:45:32 2018 +0200
Fix more warnings in tests/
To not introduce larger code changes, these bugs are mostly
fixed by #pragma understood by gcc and clang.
A check for the minimal gcc/clang version prevents warnings about
unknown pragmas with other or older compilers.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu May 24 09:49:34 2018 +0200
Fix warnings in test suite
Fixes:
tls-ext-register.c:238:11: warning: unused variable 'i' [-Wunused-variable]
record-retvals.c:118:14: warning: unused variable 'vers' [-Wunused-variable]
record-retvals.c:347:1: warning: label 'next' defined but not used [-Wunused-label]
alerts.c:71:14: warning: unused variable 'vers' [-Wunused-variable]
alerts.c:71:11: warning: unused variable 'i' [-Wunused-variable]
alerts.c:160:11: warning: unused variable 'i' [-Wunused-variable]
send-client-cert.c:176:6: warning: no previous prototype for 'start' [-Wmissing-prototypes]
tls-session-supplemental.c:186:6: warning: unused variable 'optval' [-Wunused-variable]
tls-session-supplemental.c:184:7: warning: unused variable 'topbuf' [-Wunused-variable]
tls-session-supplemental.c:183:6: warning: unused variable 'err' [-Wunused-variable]
x509self.c:211:6: warning: unused variable 'optval' [-Wunused-variable]
x509self.c:208:7: warning: unused variable 'topbuf' [-Wunused-variable]
x509self.c:207:6: warning: unused variable 'err' [-Wunused-variable]
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 22 09:14:45 2018 +0200
tests: resume: check whether PSK username matches on resumption
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 22 09:04:32 2018 +0200
resumption: reduce session parameters stored under TLS1.3
That is, do not store extensions or security parameters which
depend on extension negotiation.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 15 16:35:32 2018 +0200
session_ticket: use random nonces
Avoid using any time values in plain as this could allow association
of clients.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 15 16:03:23 2018 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 15 14:14:55 2018 +0200
doc: mention changes under TLS 1.3
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 15 11:22:24 2018 +0200
tests: added main use-case test for gnutls_session_ticket_send()
It verifies whether a server can use gnutls_session_ticket_send()
to send a ticket after re-authentication, and whether a client
can receive that ticket and re-authenticate with it, while
its certificate is made available to server.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 15 11:21:55 2018 +0200
handshake: do not include async messages into transcript
This prevents the session tickets to affect re-authentication
or other operations that require the transcript.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 15 10:27:00 2018 +0200
gnutls_session_ticket_send: new function
Introduced in order for a server to be able to send an arbitrary
amount of tickets, at any time.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 15 10:10:20 2018 +0200
handshake: store session parameters in TLS1.3 ticket
This allows a TLS1.3 server to obtain certificate or other
information from the client on a resumed session.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 14 16:05:27 2018 +0200
handshake: TLS1.3 async messages trigger the handshake hook
That is, the callback set with gnutls_handshake_set_hook_function() is
now called even on the async handshake messages received under TLS1.3,
such as key update, etc.
Resolves #441
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 14 14:33:15 2018 +0200
tests: check various parameters on resumption
That is, check gnutls_session_is_resumed() is functional on server
side, whether PRF is respected on resumption, whether gnutls_certificate_get_peers()
and gnutls_certificate_get_ours() operate as expected, and whether session
resumption fails with tickets after expiration time has passed.
In addition improve function documentation by documenting the current
semantics for the functions above.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Apr 17 13:32:18 2018 +0200
tests: exercise TLS 1.3 session resumption
This requires a few changes to the resume.c test: because
NewSessionTicket is a post-handshake message,
gnutls_session_get_data2() needs to be called after sending the first
application data. Also, when GNUTLS_E_AGAIN, gnutls_record_recv()
needs to retry.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Apr 30 14:27:52 2018 +0200
gnutls-cli: ignore E_AGAIN to accommodate async handshake message
When an async handshake message has arrived while no application data
is available, gnutls_record_recv() returns GNUTLS_E_AGAIN and the loop
in socket_recv() blocks. Since socket_recv() is guarded by select(),
it should be safe to ignore GNUTLS_E_AGAIN.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 14 09:01:59 2018 +0200
gnutls_auth_get_type: simplified
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Ander Juaristi <a@juaristi.eus>
Date: Mon Apr 16 17:13:47 2018 +0200
TLS 1.3: Introduced TLS 1.3 session resumption
This introduces session resumption under TLS 1.3. For that,
it enables the psk_ke_modes extension when we enable session
tickets. It enables sending session tickets in addition to
PSK usernames. The detection of resumption vs pure PSK is done by
comparing the indexes sent with the index received by the server.
TLS 1.3 session tickets are always sent to the peer unless the
GNUTLS_NO_TICKETS is specified.
Resolves #290
Signed-off-by: Ander Juaristi <a@juaristi.eus>
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 10 14:25:12 2018 +0200
psk_ke_modes: introduce psk_ke_modes_is_required() and update doc
This adds a helper function to be extended when session resumption
is added, and clarifies why we send a prioritized list on ke modes.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Signed-off-by: Ander Juaristi <a@juaristi.eus>
Author: Ander Juaristi <a@juaristi.eus>
Date: Thu Apr 12 17:58:47 2018 +0200
session tickets: expose {encrypt,decrypt}_ticket as internal API
To reuse the same ticket construction in any TLS versions, expose the
private functions in ext/session_ticket.c.
Signed-off-by: Ander Juaristi <a@juaristi.eus>
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu May 3 09:39:15 2018 +0200
ext/pre_shared_key: fix binder calculation when HRR is sent
In that case, ClientHello1 and HelloRetryRequest are included in the
PSK binder computation, not only the truncated ClientHello2.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Mon Apr 16 17:22:19 2018 +0200
handshake: record transcript offset of client Finished
This is for deriving resumption_master_secret, whose value is
calculated over ClientHello...client Finished.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu May 24 15:24:17 2018 +0200
Fix testdane by removing www.kumari.net
danetool --check www.kumari.net:
Verification: Verification failed. The certificate differs.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Tue May 22 11:22:42 2018 +0200
Fixed some spelling issues. [ci skip]
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Mon May 21 21:58:55 2018 +0200
Added extra extension flag to docs.
Added description of default pack and unpack functions.
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Mon May 21 09:44:16 2018 +0200
Removed section about Heartbleed.
Referenced new functions _gnutls_hello_ext_set_datum / _gnutls_hello_ext_get_datum for manipulation extension data.
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Sun May 20 10:23:36 2018 +0200
Fixed typo and incorrect function references.
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Sat May 19 22:22:29 2018 +0200
Updated documentation on Hello extensions.
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 19 11:30:35 2018 +0200
pkcs11: consistent/clear naming of find obj callbacks and structs
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 18 11:04:34 2018 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 18 09:19:16 2018 +0200
gnutls_pkcs11_token_get_ptr, gnutls_pkcs11_obj_get_ptr: introduced
This allows an application to open a PKCS#11 token using a URI,
and use it directly, bypassing gnutls. That is useful to take
advantage of PKCS#11 functionality not wrapped by gnutls but
still use PKCS#11 URIs to identify the token.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 19 12:47:16 2018 +0200
CONTRIBUTING.md: document why gnulib is kept separate [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Martin Sucha <anty.sk+git@gmail.com>
Date: Fri May 18 18:52:41 2018 +0200
certtool: split long prompt for serial
Signed-off-by: Martin Sucha <anty.sk+git@gmail.com>
Author: Martin Sucha <anty.sk+git@gmail.com>
Date: Fri May 18 13:00:43 2018 +0200
doc: add note about CRL numbers to man page
Signed-off-by: Martin Sucha <anty.sk+git@gmail.com>
Author: Martin Sucha <anty.sk+git@gmail.com>
Date: Fri May 18 12:35:39 2018 +0200
certtool: ask again until serial/crl number is valid
Signed-off-by: Martin Sucha <anty.sk+git@gmail.com>
Author: Martin Sucha <anty.sk+git@gmail.com>
Date: Fri May 18 11:39:53 2018 +0200
tests: remove check for broken datefudge
This check is not necessary with Fedora 28 build image
currently used for CI as it contains datefudge 1.22
as well.
Signed-off-by: Martin Sucha <anty.sk+git@gmail.com>
Author: Martin Sucha <anty.sk+git@gmail.com>
Date: Fri May 18 10:43:26 2018 +0200
certtool: remove extra function
I did not notice strip_nl previously.
Signed-off-by: Martin Sucha <anty.sk+git@gmail.com>
Author: Martin Sucha <anty.sk+git@gmail.com>
Date: Fri May 18 10:31:30 2018 +0200
tests: add negative tests for certtool crl numbers
Signed-off-by: Martin Sucha <anty.sk+git@gmail.com>
Author: Martin Sucha <anty.sk+git@gmail.com>
Date: Sun May 13 23:28:33 2018 +0200
doc: add NEWS about serial and CRL numbers
Signed-off-by: Martin Sucha <anty.sk+git@gmail.com>
Author: Martin Sucha <anty.sk+git@gmail.com>
Date: Sun May 13 23:04:29 2018 +0200
doc: add hex format to example template
Signed-off-by: Martin Sucha <anty.sk+git@gmail.com>
Author: Martin Sucha <anty.sk+git@gmail.com>
Date: Thu May 17 12:31:01 2018 +0200
certtool: use larger serial and CRL numbers
Serial/CRL numbers can be up to 20 octets in length
as per RFC 5280, so it should be possible to use
such numbers as input to certtool. certtool
only allowed to specify 63-bit numbers in
template file or interactively (even though
it generated larger numbers in batch mode
by default).
This patch allows large numbers to be specified
as a hexadecimal string. Parsing of decimal numbers
larger than native integers would require adding
dependency on libgmp directly to certtool or
extending the API exposed by GnuTLS library with parsing
functions. Since most tools (including GnuTLS) display
serial numbers in hexadecimal, it is not worth the
trouble to support large decimal numbers.
Default values are unified between batch mode and
interactive input and their size is extended.
CA/Browser forum recommends CAs to include at least
64 bits of random data in the certificate serial
numbers in Baseline Requirements[1] section 7.1, but
gnutls adds only 32 bits. Some other
implementations generate default serial numbers
with more entropy as well, here is the current state
as of May 2018:
+----------------+-------------------------------+
| Implementation | Random bits in default serial |
+----------------+-------------------------------+
| OpenSSL [2] | 159 |
| CFSSL [3] | 159 |
| wolfSSL [4] | 128 |
| GnuTLS | 32 |
| Mbed TLS [5] | 0 (defaults to 1) |
+----------------+-------------------------------+
The 20 octet field size can fit numbers up to 159 bits
since the most significant bit must be zero as numbers
in DER encoding are in two's complement and the serial
and CRL numbers must be positive.
Default serial numbers are extended to full 159 bits
allowed by the field size and are completely random,
which matches other implementations.
CRL numbers have the same size requirements, but also
need to be monotonic (RFC 5280, section 5.2.3). That's
why timestamp is used in them. The timestamp portion
is extended from 31 bits to 39 bits as 31 bits will
overflow in year 2038. The rest of the available space
up to 159 bits allowed in the 20 octet limit is filled
with random bits.
Since the new CRL numbers are larger, the requirement for them
to be monotonically increasing is preserved when upgrading to a
newer version. This does not hold the other way around though,
so after using a newer version of certtool to generate a CRL
with default number and publishing it, it's not possible
to use older version anymore to generate subsequent CRLs.
Unfortunately, there is no easy workaround for users of older
certtool, since it is not possible to specify CRL numbers
greater than 63 bits manually prior to this change.
Users intending to downgrade to older version later are advised
to specify the CRL numbers in new version of certtool
manually with values they are smaller than what would get
generated by default in the old version.
grep does not recognize CRLF line endings generated
in tests using MinGW, so we need to convert those to
LF endings for $ in the regex to match test output
correctly.
datefudge 1.21 that is present in Fedora 26
image trims the timestamp to 32 bits. That bug was
fixed in datefudge 1.22 available in the Debian image,
so we check if datefudge behaves correctly
and skip the test that uses more than 32 bits if
datefudge is broken.
[1] https://cabforum.org/wp-content/uploads/CA-Browser-Forum-BR-1.4.2.pdf
[2] https://github.com/openssl/openssl/blob/6ebb49f3f9c9333611192561979bb799fa1eb76d/apps/apps.c#L1513
[3] https://github.com/cloudflare/cfssl/blob/5d63dbd981b5c408effbb58c442d54761ff94fbd/signer/local/local.go#L295
[4] https://github.com/wolfSSL/wolfssl/blob/d60b16c5b8c19cc61db4a5c3f5e085a7a158cd28/wolfcrypt/src/asn.c#L9791
[5] https://github.com/ARMmbed/mbedtls/blob/84a1107818aaddfd2abe4c5a3478cf84ab2e26b4/programs/x509/cert_write.c#L81
Signed-off-by: Martin Sucha <anty.sk+git@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 7 09:52:32 2018 +0200
handshake: do not send TLS extensions under DTLS and vice versa
That is, introduce the notion of TLS-only and DTLS-only extensions,
providing a framework to prevent sending extensions which are registered
for example for TLS 1.3, under DTLS and vice versa.
Resolves #440
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 7 11:51:41 2018 +0200
gnutls_ext_raw_parse: introduced GNUTLS_EXT_RAW_FLAG_DTLS_CLIENT_HELLO
This allows parsing extensions from a DTLS client hello.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 16 15:32:35 2018 +0200
tests: fix serv location in testcompat-main-openssl
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sun May 13 14:39:14 2018 +0200
tests/suite: add missing file to dist
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sun May 13 14:33:17 2018 +0200
Allow running of test against installed gnutls-serv
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 4 14:55:21 2018 +0200
gnutls_certificate_set_retrieve_function3: updated documentation
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 2 14:30:24 2018 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 29 15:16:35 2018 +0200
pcert: added functionality to retrieve lists
That introduces gnutls_pcert_list_import_x509_file() and
gnutls_x509_crt_list_import_url().
Resolves #373
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 12 10:10:28 2018 +0200
tests: sanity-cpp: fixes for win32
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 12 09:51:59 2018 +0200
.gitlab-ci.yml: bumped version of cache due to addition of CXXFLAGS
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 12 09:04:28 2018 +0200
tests: fix failures in cxx example
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 12 08:47:15 2018 +0200
cxx: bring few modern functions, and allow to get the raw session
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Philippe Widmer <pw@earthwave.ch>
Date: Thu May 10 16:44:58 2018 +0200
New constructors for classes client_session() and server_session() provide passing flags. Closes #438.
Signed-off-by: Philippe Widmer <pw@earthwave.ch>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 10 13:38:32 2018 +0200
tests: mini-record-timing: updated to work under newer gnutls [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 10 05:49:07 2018 +0200
tests: key_update: improved error checking and increased timeout
That is to avoid reaching the maximum number of key updates per second.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 5 22:31:39 2018 +0200
.gitlab-ci.yml: moved fedora CI builds to F28
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 5 23:21:16 2018 +0200
tests: testcompat-openssl: disable DSS ciphersuites under SSL3.0
Previously if openssl wouldn't support DSS, we would only disable
DSS under TLS1.0 or later, not under SSL 3.0. This fixes interoperability
with Fedora28 openssl.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 7 08:12:12 2018 +0200
Makefile.am: optimized the abi-check configure step
Also ensured that the same build flags are applied in both builds
for ABI checking.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 5 23:15:06 2018 +0200
several updates to address issues found by clang static analyzer
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 5 22:51:26 2018 +0200
nettle: fix casts which result to warnings in newer gcc
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 7 21:58:30 2018 +0200
tests: updated for GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER from handshake
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 7 21:49:16 2018 +0200
handshake: use GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER consistently
Also treat GNUTLS_E_ILLEGAL_PARAMETER as a synonym if returned during
a connection.
Relates #442
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 7 21:42:44 2018 +0200
CONTRIBUTING.md: documented status of C++ library [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 7 10:50:30 2018 +0200
tests: cookie: fixed exit condition [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 7 15:39:30 2018 +0200
doc update [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 7 08:17:09 2018 +0200
.gitlab-ci.yml: fixes in win32 builds
Relates #439
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 4 08:39:30 2018 +0200
certtool: honor --ask-pass when loading a private key
This also improves the password prompt when the password requested
is not for a smart card.
Resolves: #436
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Michael Weiser <michael.weiser@gmx.de>
Date: Fri Apr 27 15:35:30 2018 +0200
.gitlab-ci.yml: Disable full test suite for cross builds
Disable the full test suite for cross CI builds to speed them up.
Signed-off-by: Michael Weiser <michael.weiser@gmx.de>
Author: Michael Weiser <michael.weiser@gmx.de>
Date: Wed Apr 25 16:54:27 2018 +0200
.gitlab-ci.yml: Expire all build log artifacts
Signed-off-by: Michael Weiser <michael.weiser@gmx.de>
Author: Michael Weiser <michael.weiser@gmx.de>
Date: Wed Mar 28 22:47:01 2018 +0200
Use configured CC for pkg-config test
Using the configured compiler aids in running the test suite under qemu
or in a multlib scenario.
Signed-off-by: Michael Weiser <michael.weiser@gmx.de>
Author: Michael Weiser <michael.weiser@gmx.de>
Date: Mon Mar 19 19:02:12 2018 +0100
Add Debian-based qemu cross CI targets
Signed-off-by: Michael Weiser <michael.weiser@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 5 22:38:56 2018 +0200
updated-auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 5 22:17:15 2018 +0200
fuzzer: added fresh TLS1.3 server trace
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 5 21:59:13 2018 +0200
gnutls-serv: all skipping DTLS cookie request
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 5 21:45:56 2018 +0200
gnutls-cli: corrected data written by server trace
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 3 11:53:51 2018 +0200
tests: post handshake auth: test more combinations
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 3 11:48:46 2018 +0200
post_handshake_auth: send extension irrespective of certificates being present
The feature does not necessarily require certificates to be present
and an empty cert can be presented. Furthermore, the certificates
can be set later on the credentials structure.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 3 13:48:52 2018 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 8 18:38:47 2018 +0200
tests: added interop tests with openssl under TLS1.3
This adds interoperability tests for:
* PSK with elliptic curve DHE
* RSA,RSA-PSS,secp256r1,ed25519 server certificate
* RSA,RSA-PSS,secp256r1,ed25519 client certificate
* X25519,SECP256R1 key share exchange
* key share with HRR
Relates #328
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 23 10:07:32 2018 +0200
doc: clarified re-handshake details under TLS1.2 server
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 23 09:09:41 2018 +0200
tls13/certificate_request: corrected check of duplicate signature algorithms
Made the check local when parsing a certificate request, as we may
receive multiple requests when post-handshake authentication is
in place. Furthermore check whether this extension has been received
as this is a mandatory one. In addition handle a memory leak when
multiple peer certificates are set.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 23 08:41:22 2018 +0200
gnutls_reauth: doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 20 21:35:52 2018 +0200
gnutls-cli: enhanced tool for TLS1.3 options
This patch allows a client to enable post-handshake
authentication, perform re-key and restrict the sent key shares.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 20 14:51:15 2018 +0200
tls13/certificate: send empty certificate instead of skipping
According to TLS1.3 spec:
The server's certificate_list MUST always be non-empty. A client
will send an empty certificate_list if it does not have an
appropriate certificate to send in response to the server's
authentication request.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 20 13:47:57 2018 +0200
_gnutls_figure_common_ciphersuite: ignore certificate check if PSK is negotiated
That is, if we are performing PSK under TLS1.3, don't bother
checking whether the certificate is compatible with the ciphersuite;
there isn't any.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 20 10:53:51 2018 +0200
tls13/certificate_verify: corrected context in signatures in client side
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 20 10:47:59 2018 +0200
_gnutls13_handshake_sign_data: avoid unnecessary copy
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 20 09:01:28 2018 +0200
handshake: cleanup in TLS1.3 initial secret calculation
That eliminates duplicate code in server hello parsing.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 20 08:06:14 2018 +0200
psk: compute binder which is compatible with draft-ietf-tls-tls13
Previously the computed binder values was not compatible with any
TLS1.3 draft, and was not interoperating with openssl or tlslite.
Resolves #427
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 4 08:06:35 2018 +0200
CONTRIBUTING.md: added text on CI [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 3 14:19:34 2018 +0200
tests: fallback scsv: check proper fallback under TLS 1.3
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 3 15:13:13 2018 +0200
encrypt_packet_tls13: made size check safer
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 28 11:14:34 2018 +0200
pkcs11: mark private key objects as sensitive by default
That is, to prevent accidentally creating objects which can
be exported.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 23 15:02:53 2018 +0200
tests: check the behavior of TLS1.2 key exchange methods under TLS1.3
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 23 15:11:28 2018 +0200
psk: mark psk_ke_modes as invalid when ignored
TLS1.3 handles the receiving of pre-shared keys extension as
invalid when the psk_ke_modes extension is not received as well.
As such, when we ignore the psk_ke_modes for some reason (e.g.,
no credentials) we need to indicate that it was received. We
use the invalid mode flag for that reason, allowing the handshake
to fail later for the right reason (e.g., no credentials error rather
than illegal extension).
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 23 15:01:48 2018 +0200
priority: handle RSA-PSK ciphersuites similar to SRP
That is, when specified disable TLS1.3.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sat Apr 28 14:14:30 2018 +0200
Add another sni related test
As --sni-hostname does not imply --verify-hostname a hostname mismatch
still triggers an error.
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 23 14:00:15 2018 +0200
tests: sni-hostname was updated to support TLS1.3
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 29 13:44:04 2018 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sat Apr 28 14:11:27 2018 +0200
doc: Add crossreference/warning
Add pointer to --verify-hostname to --sni-hostname description.
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 23 13:58:22 2018 +0200
gnutls-cli: added option to specify the verification hostname
This enables testing various scenarios, by allowing to specify the
hostname to be used for certificate validation when connecting to
a remote host (e.g., localhost but with a certificate for example.com).
Resolves #344
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 26 09:06:00 2018 +0200
doc: fixes for better latex pdf generation [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 24 08:36:06 2018 +0200
retrieve_pin: refuse to retrieve PIN from URI more than one time
That is, prevent re-using a static PIN if it has already been
known to be wrong. Introduced tests of that behavior.
Resolves #425
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 24 16:42:10 2018 +0200
doc: updated OCSP documentation [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 22 16:02:08 2018 +0200
gnutls.h.in: corrected typo [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 20 08:42:27 2018 +0200
fuzz: corrected TLS1.3 enablement [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 17 10:59:25 2018 +0200
_gnutls_epoch_new: allow re-allocation epoch next epoch
On certain cases when re-handshake is interrupted by application
data, _gnutls_epoch_new() will be called twice. Make sure that
this does not lead to an error. We also rename the function to
clarify its purpose _gnutls_epoch_setup_next().
Resolves #426
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 17 09:52:01 2018 +0200
tests: added reproducers for receiving app data when rehandshake is expected
Relates: #426
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 17 09:31:12 2018 +0200
tests: eliminated exit_code variable used in few tests
It was a legacy variable for error printing that was never
used uniformly.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 17 09:24:29 2018 +0200
tests: eagain: moved to cmocka and enhanced for TLS1.3
That also makes macros from eagain-common.h functioning under cmocka.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 16 09:51:11 2018 +0200
tests: tls12-rehandshake-cert*: run multiple rehandshake tests
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 17 07:45:54 2018 +0200
tls13/finished: addressed memory leak in receiving finished packet
Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7518
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 16 15:35:33 2018 +0200
priority: document the reasons for the order of supported groups [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 16 15:14:01 2018 +0200
handshake: described the epoch reference counting [ci skip]
It is used only in DTLS where multiple handshake states may be
active.
Resolves #421
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 16 09:51:11 2018 +0200
tests: tls12-rehandshake-cert-3: run multiple rehandshake tests
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 11 14:35:26 2018 +0200
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 11 08:34:15 2018 +0200
ANON,SRP,NULL ciphersuites: when set do not negotiate TLS1.3 or later
The reason is that these ciphersuites cannot be negotiated using TLS1.3.
There is a different strategy followed for these.
* NULL ciphersuites: they are not something normally enabled and used
for debugging purposes mostly. When set both in client and server side
only TLS1.2 can be used.
* SRP ciphersuites: they are used on client side when the client is actually
performing a username-password authentication with SRP. On server side we
can have indeed a server support SRP and non-SRP. In that case we limit
both on TLS1.2. That an unfortunate restriction, but is not a regression
and IMHO these servers would most likely be phased out as very few would
want to stick to TLS1.2 connections for SRP; or we may have an SRP update
for TLS1.3 which could lift that limitation in the future.
* ANON ciphersuites: they are used in certain client/server setups where very
basic level of security is required, and in opportunistic encryption scenarios.
There is a difference in the handling of these cases. In the case of Anon-only
server/clients they provide the session with anonymous credentials structure; in
the case of opportunistic encryption they provide both certificate and anonymous
credentials. Thus we allow the protocol (TLS1.3) be in the priorities, but if we
see no certificate or PSK credentials we disable TLS1.3 negotiation.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 7 21:42:57 2018 +0200
ext/pre_shared_key: cleanups in error handling
This addresses a memory leak found via oss-fuzz. It also
sets the right index on the selected PSK, and returns the
right server error code on incorrect key file.
Addresses:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7465
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 7 21:27:27 2018 +0200
ext/psk_ke_modes: corrected data access
That also improves the if-checks.
Issue and reproducer discovered via oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7470
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 7 21:06:53 2018 +0200
fuzz: added client and server traces for TLS 1.3 draft-26 [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 7 06:20:05 2018 +0200
doc: corrected space-tab issues in examples
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 6 20:51:39 2018 +0200
constate: fixed key generation for TLS1.3
This amends 62ea232f180b980a0d4b6462c468706db6cc4700, and
removes invalid NULL checks, as well as corrects the key
set for server side.
This is verified against openssl master, but does not include
automated test suite; it will be tested as part of #328
Resolves #419
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 4 14:51:08 2018 +0200
doc: re-organized and modernized examples
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 4 13:47:36 2018 +0200
doc: updated for TLS1.3
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 6 13:36:11 2018 +0200
fuzz: added PSK traces with TLS1.3
Relates: #359
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 4 15:28:37 2018 +0200
psk: save the username on auth info struct under TLS1.3
Add the necessary tests to verify that gnutls_psk_server_get_username()
reports the right username under TLS1.2 and TLS1.3.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 22 10:02:36 2018 +0100
tests: enhanced test suite for TLS1.3 and PSK
That includes tests with unknown usernames and connections with wrong key
and updates to fastopen.sh to use certificate auth, making it applicable
under TLS1.3.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 29 09:51:32 2018 +0200
priority: added GROUP-DH-ALL and GROUP-EC-ALL
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 3 13:10:30 2018 +0200
dumbfw: account for extension data padding
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 5 09:04:47 2018 +0200
Simplified the _gnutls13_psk_ext_parser interface and added unit tests
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Ander Juaristi <a@juaristi.eus>
Date: Thu Mar 22 08:59:56 2018 +0100
Added support for out-of-band Pre-shared keys under TLS1.3
That adds support for pre-shared keys with and without Diffie-Hellman
key exchange. That's a modified version of initial Ander's patch.
Resolves #414
Resolves #125
Signed-off-by: Ander Juaristi <a@juaristi.eus>
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 6 10:36:18 2018 +0200
certtool: key-type desc was moved along the privkey functionality [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 4 13:47:25 2018 +0200
gnutls_record_can_use_length_hiding: corrected return type
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 4 16:54:15 2018 +0200
encrypt_packet_tls13: reverted to original API
That allows more uniformity across encrypt/decrypt, and
across different protocol handling.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Mar 25 20:08:26 2018 +0200
nettle: corrected typo in version check for compatibility mode with 3.3
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 13 11:11:52 2018 +0100
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 13 09:45:44 2018 +0100
protocols: bumped TLS1.3 protocol to draft -26
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 13 09:23:05 2018 +0100
record: added AAD data when encrypting or decrypting
This is a requirement of draft-ietf-tls-tls13-25
Resolves #409
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 12 17:10:42 2018 +0100
priorities: disable any key exchange methods if there is no TLS1.2 or earlier
That is, because TLS1.2 has specific requirements in the ordering of
curves/groups if certain ciphersuites (ECDHE/DHE) are present, and
by being able to eliminate them early we simplify the negotiation
for TLS1.3-only clients/servers.
Relates #378
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 9 12:12:56 2018 +0100
_gnutls_supported_ecc_recv_params: take into account precedence
That is, when %SERVER_PRECEDENCE is given in the priority string make
sure that the negotiated curve of DH group respects the server's priorities.
That's very relevant under TLS1.3 as ciphersuite negotiation itself, where
%SERVER_PRECEDENCE applied, does contain only the cipher algorithm and MAC
unlike TLS1.2 which included key exchange as well.
Resolves #378
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 12 10:37:00 2018 +0100
supported_versions: cannot be used to negotiate pre-TLS1.3
This is a requirement of draft-ietf-tls-tls13-26
Resolves #410
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 23 20:45:40 2018 +0100
doc update [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 23 07:04:37 2018 +0100
doc: mention gnutls_privkey_import_ext4 in upgrade from 3.5.x
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 23 07:02:23 2018 +0100
doc: added since field in gnutls_record_send2() description
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 23 06:47:55 2018 +0100
Makefile.am: reduce automake warnings and corrected version
That is, avoid using the := syntax, set the right version variable
and use a hidden file for abi-check cache stamp.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Mar 18 15:46:36 2018 +0100
The abi-check target was updated to check against the last tag
As abi-dumper and abi-compliance-checker tools are not reliable when
run across different systems, we now compare the previous tag ABI with the
current compiled library. That is in contrast with the previous behavior
of storing the output files of abi-dumper, which can become obsolete on
a CI update.
That also moves the ABI check only on the CI, and not in the 'make dist' rule
as it takes significant time to run.
This relates to an issue reported against libidn2's use of abi-compliance-checker
but it affects gnutls as they share similar code:
https://gitlab.com/libidn/libidn2/issues/42
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 20 07:15:13 2018 +0100
nettle/pk: include nettle/version.h
That enables the nettle version macros to operate.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 19 14:42:38 2018 +0100
tests: avoid duplicate runs of tests when not necessary
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 19 18:31:40 2018 +0100
tests: moved invalid-cert reproducer into fuzz/ reproducers
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 19 18:29:23 2018 +0100
tests: testpkcs11.sh was moved to the main tests
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 19 18:24:10 2018 +0100
tests: long-crl.sh was moved to main suite
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 19 15:22:14 2018 +0100
tests: suite: dropped ocsp-coverage and cert-coverage
These tests are duplicates of fuzz/gnutls_ocsp_resp/req_parser_fuzzer
and gnutls_x509_parser_fuzzer.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 19 15:11:38 2018 +0100
tests: testsrn.sh was removed as duplicate of safe-renegotation/ tests
Also safe-renegotiation tests were made TLS1.2-only as they do not
apply to TLS1.3.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 19 15:07:14 2018 +0100
tests: pkcs7-cat: moved to main suite
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 13 15:46:16 2018 +0100
tests: updated for TLS1.3 inclusion
This moves the test to use a specific version or test multiple
TLS versions if applicable.
Resolves #413
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 19 09:00:23 2018 +0100
tests: mini-record-retvals was split into return vals checking and alerts checking
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 13 13:47:46 2018 +0100
tests: client-fast-open: updated for TLS1.3
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 13 13:43:47 2018 +0100
tests: removed unused test
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 13 13:41:19 2018 +0100
tests: auto-verify: update for TLS1.3
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 10 19:08:08 2018 +0100
doc update [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 8 16:21:20 2018 +0100
tlsfuzzer: updated to the latest version
Also enabled the RSA-PSS tests.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 8 16:00:34 2018 +0100
alert: send the appropriate alert on GNUTLS_E_ERROR_IN_FINISHED_PACKET
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 8 14:54:55 2018 +0100
Bumped TLS1.3 draft version to -23
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 8 13:57:05 2018 +0100
Hello retry request matches server hello
That also distinguishes between them by using the special random value,
and implements the version check as in draft-ietf-tls-tls13-24.
Resolves #391 #390 #392
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 7 12:52:46 2018 +0100
tests: added negative tests for RSA-PSS key exchange
Relates #400
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 6 15:09:50 2018 +0100
signatures: distinguish RSA-PSS signatures with RSA PKCS#1 1.5 certificates from "pure"
This change enhances signature algorithms to have a private key algorithm
parameter. That is, to allow signature algorithms operating with a private
key of type X while the public key is of type Y. That is useful for the
RSA-PSS signatures which are of two types; one which is seen from servers
having PKCS#1 1.5 certificates, the other with RSA-PSS certificates, while
both utilize RSA-PSS private keys.
This is a draft-ietf-tls-tls13-23 change.
Resolves #400
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 28 12:41:40 2018 +0100
Server hello format follows TLS1.2 format
Also version negotiation was moved to supported_versions extension,
and session ID is set by client following appendix D.4.
This is a draft-ietf-tls-tls13-22 change.
Resolves #393, #389, #397
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 28 11:38:53 2018 +0100
Renumbered the key share extension to 51
This is a draft-ietf-tls-tls13-23 change.
Resolves #398
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 22 16:12:55 2018 +0100
record: ignore any ChangeCipherSpec messages under TLS1.3 handshake
Also send ChangeCipherSpec messages under TLS1.3 handshake.
This is a draft-ietf-tls-tls13-22 change.
Resolves #395
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 22 14:42:43 2018 +0100
record: send 0x0303 under TLS1.3
This is a draft-ietf-tls-tls13-22 change.
Resolves #396
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 8 12:03:39 2018 +0100
cryptodev: fix prototype of cryptodev_mac_fast [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 7 16:14:51 2018 +0100
cryptodev: added missing macro [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 5 15:42:14 2018 +0100
tests: added unit tests of gnutls_x509_crt_export
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 2 23:21:34 2018 +0100
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 2 23:09:11 2018 +0100
gnutls_x509_crt_export2: avoid re-encoding
That prevents possible re-encoding issues in libtasn1 or ambiguously
formatted DER data, from affecting verbatim usage of certificates.
Relates #403
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 2 17:48:01 2018 +0100
tests: added reproducer with DER re-encoding error on client side
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Mar 4 19:07:29 2018 +0100
cfg.mk: update-po rule uses commit -s
This makes it produce a commit message which can be sent to
the repo (Signed-off-by is mandatory).
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Mar 4 19:01:41 2018 +0100
Sync with TP.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Mar 4 19:01:23 2018 +0100
CONTRIBUTING.md: added more info about gnulib
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Sat Mar 3 18:42:20 2018 +0100
Improve fuzzer coverage report creation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 2 23:40:43 2018 +0100
pkcs11: set the modulus bits on RSA keys
That value is necessary when using RSA-PSS keys.
Relates #402
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 2 14:51:31 2018 +0100
gnutls_privkey_import_ext4: enhanced with GNUTLS_PRIVKEY_INFO_PK_ALGO_BITS flag
That flag is utilized by the information function to obtain the
value of the parameters (e.g., modulus). That information is necessary
to safely handle RSA-PSS keys.
For RSA-PSS keys this is a regression since 3.6.0 where this API was
introduced, but as this change is necessary and 3.6.x is not yet marked
as stable, it should be acceptable.
Relates #402
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 2 11:18:12 2018 +0100
_gnutls_find_rsa_pss_salt_size: add a validity check for salt size
That is, in order to reject invalid parameters.
Resolves #402
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 2 09:38:55 2018 +0100
tests: eliminated destructive tests
That adds a dependency to p11-kit 0.23.10 for the test suite.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 1 16:38:29 2018 +0100
configure: simplified nettle version check
Relates #401
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Łukasz Stelmach <stlman@poczta.fm>
Date: Tue Feb 27 15:44:55 2018 +0100
gnutls-cli: do not ask any questions with --strict-tofu
Signed-off-by: Łukasz Stelmach <stlman@poczta.fm>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Feb 27 22:04:10 2018 +0100
Update oss-fuzz corpora
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 22 11:43:53 2018 +0100
drbg-aes: use the new nettle APIs for AES
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 22 11:29:08 2018 +0100
accelerated: padlock: use the new nettle APIs
Also remove any ifdefs for nettle (it is not conditionally compiled in),
and do not register accelerators for AES-192-CBC. That cipher is widely
ignored to bother.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 26 11:46:09 2018 +0100
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 26 11:44:56 2018 +0100
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 23 09:55:50 2018 +0100
gnutls_ext_raw_parse: introduced function
That function can be combined with callbacks like
gnutls_handshake_set_hook_function() for applications to
be able to process messages when necessary.
Resolves #382
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 21 11:46:08 2018 +0100
fuzz: added TLS1.3 client and server traces [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 21 11:21:36 2018 +0100
fuzz: enable fuzzer target in afl examples and add missing script [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 21 11:20:31 2018 +0100
fuzz: fixes in README file [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 19 20:11:57 2018 +0100
updated Since version in new function entries as well as map file versions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 19 17:17:45 2018 +0100
fuzz: enable TLS1.3 in server and client fuzzers
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 19 15:10:00 2018 +0100
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 19 15:02:36 2018 +0100
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Jan 23 16:39:36 2018 +0100
record: new gnutls_record_send2 function
This adds a new function gnutls_record_send2() which takes an extra
argument to specify the padding size of the record.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Feb 8 13:24:46 2018 +0100
_gnutls_record_overhead: count content type octet in plaintext
In TLS 1.3, TLSInnerPlaintext has the 'type' field followed by the
padding. Exclude it from the overhead calculation.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jan 3 14:14:56 2018 +0100
tests: check extended record padding work with TLS 1.3
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Dec 21 17:02:22 2017 +0100
range: make length hiding always usable under TLS 1.3
This patch reintroduce the extended record padding mode removed in
commit 7df219f0. Under TLS 1.3, the padding mode can be implemented
in the record protocol.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Jan 3 14:10:22 2018 +0100
tests: re-enable mini-record-range test
This test was previously disabled as part of NEW_PADDING extension
removal (commit 7df219f0). Even though the extension is not usable,
gnutls_record_send_range() should work with the standard TLS block
cipher padding.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Dec 21 15:53:30 2017 +0100
doc: fix mention of gnutls_record_send_range()
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jan 27 16:38:14 2018 +0100
po: lib/x509/ocsp.c added to translatable files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 4 17:32:58 2018 +0100
tests: corrected various typos
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 4 17:26:54 2018 +0100
doc: use 3.6.xx to be consistent with other version references
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 2 12:44:15 2018 +0100
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 13 10:11:57 2017 +0100
doc: getfuncs.pl: distinguish between different typedef types
That allows to properly distinguish a struct from a one liner
typedef.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 13 08:00:38 2017 +0100
check_ocsp_response: print OCSP response actual error on debug log
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 12 14:55:29 2017 +0100
x509/cert: reorganized
Split functionality related to certificate credentials and
session certificate handling in cert-cred.c and cert-session.c
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 29 16:19:56 2017 +0100
tests: added unit test for gnutls_ocsp_resp_list_import2
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 18 10:35:53 2017 +0200
doc: updated
* document the new behavior of gnutls_certificate_set_ocsp_status_request_file
* updated text on OCSP stapled responses
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 21 16:31:02 2017 +0100
tests: added ocsptool sanity check program
This checks its functionality in loading and exporting PEM
and DER structures.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 16 16:05:15 2017 +0200
tests: enhanced OCSP tests
* Run tests under TLS1.2 and TLS1.3
* Verify whether multiple OCSP responses are received in client
side, under TLS1.3.
* Verify that OCSP status responses can be sent by
client under TLS1.3
* Verify operation of gnutls_certificate_retrieve_function3
* Verify operation when multiple OCSP responses by file are set
Resolves #307
Resolves #291
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 12 08:47:00 2017 +0100
cert auth: use a single callback to call for OCSP
That is, when selecting the certificate to use, point to
the callback to use as well (whether it being the global or
a specific) one, for OCSP.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 22 10:32:04 2017 +0100
ocsp: introduced gnutls_certificate_get_ocsp_expiration()
This is a function to allow obtaining the validity of the OCSP responses
already set in the credential structures.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 8 13:45:24 2017 +0100
ocsp: enhanced the OCSP response loading APIs
Introduced gnutls_certificate_set_ocsp_status_request_file2() and
gnutls_certificate_set_ocsp_status_request_mem(). These functions
behave as the equivalent certificate loading functions and pre-load
the OCSP response provided as a file, either in DER or in PEM form.
In addition, ensure that if the server is provided a problematic OCSP
response, or the OCSP response is not renewed before it is invalid, we
will not provide it to the clients.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 18 11:26:55 2017 +0200
gnutls-serv: allow loading multiple OCSP responses
That is, allow specifying multiple 'ocsp-response' options on
command line. In addition introduce the option 'ignore-ocsp-response-errors'
which will set the GNUTLS_CERTIFICATE_SKIP_OCSP_RESPONSE_CHECK flag
prior to importing the response.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 18 10:32:20 2017 +0200
cert: introduced flag GNUTLS_CERTIFICATE_SKIP_OCSP_RESPONSE_CHECK
This allows reverting the new semantics of checking the loaded
OCSP response against the certificates present and return
to the 3.5.x semantics.
That option is also useful for debugging as it allows setting
an arbitrary response and checking gnutls' client behavior with that.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 7 16:16:55 2017 +0100
gnutls_certificate_set_ocsp_status_request_file: match input response to certificates
That is, iterate through the certificate chain to figure to which
certificate the response corresponds to, and assign it to it.
That allows for applications to re-use this function to set
multiple responses when available.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 6 13:51:52 2017 +0100
ocsp: moved non-extension related functions to ocsp-api.c
That keeps ext/status_response.c clear of items that are
not related with the extension handling.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 17 09:59:53 2017 +0200
gnutls_ocsp_status_request_get2: allow operation under TLS1.3 for server side
Under TLS1.3 it is possible for both client and server to send the
status request extension in certificate message.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 17 08:32:09 2017 +0200
select_sign_algorithm: check KX type only on pre-TLS1.3
That, when selecting a certificate under TLS1.3, considers
the negotiated signature algorithms for compatibility with the
certificate to be selected.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 6 13:45:21 2017 +0100
rename _gnutls_selected_certs_set -> selected_certs_set
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 6 13:32:28 2017 +0100
ocsp: send all the OCSP responses under TLS1.3
That is, any responses set by the caller application (directly
or via a callback), will be sent to the peer.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 6 13:18:16 2017 +0100
introduced gnutls_certificate_retrieve_function3
That allows a certificate callback to provide OCSP responses in addition
to certificates. That also introduces a flags option which currently
accepts GNUTLS_CERT_RETR_DEINIT_ALL which allows the callback to
specify whether the provided data should be deinitialized.
To simplify the certificate callback code, all previous (now legacy)
callbacks are implemented as wrappers over the new callback function.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 29 14:27:44 2017 +0100
gnutls_ocsp_resp_list_import2: introduced
That is, introduced function to to import multiple OCSP PEM
responses into a list.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 21 16:20:48 2017 +0100
ocsptool: import and export OCSP responses in PEM format
That also modifies the 'request-info' and 'response-info' commands
to check the 'outfile' parameter and if set, to store the corresponding
structure into that file. Currently for OCSP requests there is no
printing of PEM data.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 21 14:59:31 2017 +0100
ocsp: introduced gnutls_ocsp_resp_import2 and gnutls_ocsp_resp_export2
These allow importing and exporting an OCSP response to PEM format,
in addition to DER.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 13 09:36:38 2017 +0200
_gnutls_x509_cert_verify_peers: verify all received OCSP responses
That is, when verifying the server's certificate, take into account
all present OCSP responses.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 13 09:31:58 2017 +0200
gnutls_ocsp_status_request_get2: added function
The function extends gnutls_ocsp_status_request_get() to
retrieve more than a single responses.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 10 10:21:19 2017 +0200
tls13/certificate: parse OCSP status response and save responses in auth info struct
That provides support of OCSP status response under TLS 1.3.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 10 11:14:19 2017 +0200
ext/status_request: allow more than a single OCSP response to be received
That change allows for arbitrary number of OCSP responses
which is required in TLS1.3. The received list is now stored
in auth structure, and thus packed with it on resumption data.
The status response extension data, are now only used on server
side, when temporarily storing the OCSP response to send.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 10 09:59:17 2017 +0200
_gnutls_copy_certificate_auth_info: simplified and avoid multiple allocations
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 19 16:16:29 2017 +0100
tests: updated to account for HMAC-SHA384 and CAMELLIA removal
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 19 16:00:45 2017 +0100
priorities: provide a more consistent "story" for default cipher settings
Current settings in NORMAL priorities which were affected:
* Enabled ciphers:
- AES-GCM
- CHACHA20-POLY1305
- AES-CCM
- AES-CBC
* Enabled signature algorithms:
- RSA-SHA256
- RSA-PSS-SHA256
- ECDSA-SHA256 / ECDSA-SECP256R1-SHA256
- EDDSA-ED25519
- RSA-SHA384
- RSA-PSS-SHA384
- ECDSA-SHA384 / ECDSA-SECP384R1-SHA384
- RSA-SHA512
- RSA-PSS-SHA512
- ECDSA-SHA512 / ECDSA-SECP521R1-SHA512
- RSA-SHA1
- ECDSA-SHA1
Removed:
* Ciphersuites utilizing HMAC-SHA384. That MAC is only used on "legacy"
type of ciphersuites, and doesn't provide any advantage over HMAC-SHA256.
* Ciphersuites utilizing CAMELLIA were removed. TLS1.3 doesn't define any
CAMELLIA ciphersuites, and thus provide consistent defaults across
protocols.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 17 09:27:36 2017 +0200
certificate request: corrected parsing of signature algorithms
That fixes an issue in TLS 1.3 certificate request message parsing.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 4 18:22:54 2017 +0100
tlsfuzzer: updated to latest master
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Dec 9 11:23:24 2017 +0100
doc: documented hsk_flags "lifetime" and its reset
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 8 13:13:31 2017 +0100
session state: TLS1.2 and TLS1.3 state is stored as union
That is, to reduce memory usage as these protocol cannot be used
in parallel.
Relates: #281
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 8 13:08:02 2017 +0100
session state: organized key exchange keys into structures
That is, with the view of separating the data needed for
TLS1.2 and earlier and TLS1.3.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 7 16:52:21 2017 +0100
record state: avoid memory allocations for stored keys
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 7 16:25:31 2017 +0100
handshake: ffdhe flags merged with handshake flags
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 7 16:09:12 2017 +0100
handshake: false start flag merged with hsk_flags
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 7 15:36:01 2017 +0100
handshake: use hsk_flags in TLS1.2 and TLS1.3
The flags provide a more transparent view of the received
and expected messages.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 5 09:01:56 2017 +0100
doc: added text on TLS1.3 rekey and reauthentication
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 4 17:45:11 2017 +0100
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 2 15:30:43 2017 +0100
tests: re-enabled post-handshake auth tests
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 2 15:19:10 2017 +0100
handshake: added support for post-handshake authentication
That is:
* introduced a gnutls_init() flag for clients to enable post-handshake
authentication
* introduced gnutls_reauth() function, to be called by servers to request
authentication, and by clients to perform authentication
Resolves #562
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 21 11:12:14 2017 +0100
gnutls_record_set_state: use const for seq_number
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 20 16:56:12 2017 +0100
tests: added test suite on key limits
This checks whether key update occurs for the expected ciphersuites.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 20 16:52:58 2017 +0100
gnutls_record_get_state: doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 20 16:01:29 2017 +0100
Introduce key usage limits under TLS1.3
That introduces a transparent key update for sending key after
the safety limit is reached.
Resolves #130
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 20 13:08:18 2017 +0100
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 30 08:59:17 2017 +0100
tests: removed unused variables and introduced temporal vars in macros
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 30 08:51:06 2017 +0100
tests: check gnutls_rehandshake() and gnutls_handshake() under TLS1.3
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Oct 28 12:38:52 2017 +0200
gnutls_*handshake: wrap gnutls_session_key_update under TLS 1.3
The semantics of the gnutls_handshake() and gnutls_rehandshake() functions
were tied to TLS 1.2 and earlier behavior. This patch attempts to merge
the two different semantics as follows:
TLS1.2:
* gnutls_rehandshake: sends a hello request message (asks the peer for a re-handshake)
in server side; invalid to be called in client side.
* gnutls_handshake: performs a re-handshake in either client or server side;
in server side it is expected to be called after
gnutls_rehandshake().
TLS1.3:
* gnutls_rehandshake: in server side sends a key update and asks the peer to re-key
as well; remains invalid to be called in client side.
* gnutls_handshake: sends a key update and asks the peer to re-key as well;
in client side; is a no-op when called in server side.
Relates #131
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 19 16:45:18 2017 +0200
tests: added unit tests with TLS1.3 key update
Relates #131
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 19 16:27:30 2017 +0200
handshake: introduced gnutls_session_key_update()
This function allows updating keys of the session and notifying
the peer.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 19 14:52:03 2017 +0200
handshake: added TLS1.3 passive key update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Nov 29 11:18:40 2017 +0100
keylogfile: write TLS 1.3 secrets
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Nov 28 18:28:19 2017 +0100
_gnutls_nss_keylog_write: define new internal API
This patch turns the write_nss_key_log function to an internal
API (with a different name) so that it can be called from other places
implementing TLS 1.3 key scheduling.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 27 11:27:12 2017 +0100
tls-fuzzer: enabled the large hello checks
These were previously not working because tls-fuzzer was not TLS1.3-ready.
This is addressed at the current update, and as such we enable them.
That commit also enables the SNI resumption tests.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 29 16:21:45 2017 +0100
hkdf: refer to nettle's hkdf.h when available
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 29 14:04:30 2017 +0100
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 27 11:07:40 2017 +0100
gnutls_prf_rfc5705: apply the context limits only under TLS1.2 or earlier
These limits do not exist under TLS1.3.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 27 11:04:59 2017 +0100
gnutls_prf_raw: fail under TLS1.3
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 27 09:10:24 2017 +0100
tests: included behavioral test of gnutls_prf under TLS1.3
Resolves #330
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 27 09:03:31 2017 +0100
gnutls_prf: prevent usage under TLS1.3
Only allow its use when it is documented to have the same output
as gnutls_rfc5705() and in that case make it a wrapper to it.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Nov 24 11:07:20 2017 +0100
gnutls_prf_rfc5705: calculate exporter using HKDF if TLS 1.3
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Nov 24 10:55:43 2017 +0100
handshake-tls13: derive and store exporter_master_secret
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Nov 24 10:34:26 2017 +0100
_tls13_derive_secret: define secret argument
TLS 1.3 exporters need to derive a secret from exporter_master_secret
or early_exporter_master_secret, not the handshake or application
secret stored in temp_secret. Add a new argument @secret to
_tls13_derive_secret to specify any secret.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 8 11:45:25 2017 +0100
session state: combined srp and dh prime bits variables
They were being used for the same purpose, and SRP as well as
DH, do not overlap to require two different variables.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 8 11:41:59 2017 +0100
session state: mark mod_auth_st_int as constant
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 8 11:39:53 2017 +0100
dtls: cookie is stored dynamically when needed rather than in pre-allocated size
That reduces the number of bytes used in cases where DTLS is not in use or
we are in server-side.
Relates #281
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 10 09:54:13 2017 +0200
removed legacy/unused rsa-related structures/functions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sat Sep 23 21:43:45 2017 +0300
lib: simplify adding groups according to prioritites
There is little point, remembering if EC or DHE came first and then
adding necessary groups checking that flag. Instead just add groups at
the time first EC or DHE ciphersuite is met.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 4 09:21:06 2017 +0200
tests: added unit test for RDNs in cert callback
This verifies whether the RDNs received at the callbacks under
TLS1.2 and TLS1.3 have the expected values (corresponding to the
certificates used).
Resolves #297
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 3 15:59:14 2017 +0200
gnutls_auth*_get_type: use gnutls_kx_get to retrieve key exchange
That allows the functions to operate under TLS 1.3 which have
no key exchange as part of the ciphersuite.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 3 15:28:07 2017 +0200
tests: check certificate callbacks under TLS 1.2 and 1.3
Resolves #278
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 3 14:56:15 2017 +0200
tests: added unit tests for client certificate under TLS1.3
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 3 14:21:33 2017 +0200
handshake: handle the certificate authorities extension
That is, when sending or receiving the certificate request message.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 3 13:59:39 2017 +0200
handshake: added support for client certificates
That is, receive and parse a certificate request, certificate
verify, as well as certificate in server side.
That way, client certificates
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 3 11:48:28 2017 +0200
handshake: return GNUTLS_E_NO_CERTIFICATE_FOUND when no certificate is found in TLS1.3
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 3 11:43:45 2017 +0200
handshake: send certificate request when requested
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 6 11:00:16 2017 +0200
tests: added check for client hello random value after HRR
That way we ensure that we follow the tls1.3 draft which requires
the second client hello to be identical to the initial one.
Resolves #299
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 6 11:16:17 2017 +0200
handshake: treat reply to HRR as a reply to hello verify request
That is, re-use the client random value on the client hello which
is a reply to a hello retry request.
Relates #299
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 6 10:18:33 2017 +0200
tests: added key share behavioral test
This verifies whether the gnutls_init() flags GNUTLS_KEY_SHARE_TOP,
GNUTLS_KEY_SHARE_TOP2, GNUTLS_KEY_SHARE_TOP3 behave as advertized.
Resolves #284
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 6 09:05:20 2017 +0200
key share: added flags to gnutls_init() to modify its default behavior
That way the application can adjust the range of keys generated
during client hello attempting to guess the server's algorithm.
Applications are intentionally not given the option to select the
algorithm in the key share, but rather chose from the prioritized
list of groups, to avoid a disconnect between the prioritized
groups, and the key share sent.
Relates #284
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 2 15:40:24 2017 +0100
handshake: initialize buffer prior to use
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 4 10:55:48 2017 +0200
tests: added tests for TLS1.2- rollback detection
That is, tests which check
* whether the server's generated values under TLS1.2- match the expected
* whether the client would fail on negotiation if the rollback values are detected
Resolves #293
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 4 10:33:11 2017 +0200
_gnutls_set_server_random: corrected TLS1.2 and TLS1.1 rollback detection
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 3 11:08:04 2017 +0200
extensions: renamed _gnutls_hello_ext_*sdata to _gnutls_hello_ext_*priv
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 3 09:35:52 2017 +0200
server_name: use the new API for ext data setting
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 3 08:58:59 2017 +0200
extensions: enhanced extension lib with pack and unpack functions
That allows the functionality to be used for the majority of extensions.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 3 08:41:51 2017 +0200
tests: check the correct handling of cookie extension in client side
Resolves #218
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 3 08:39:58 2017 +0200
extensions: allow receiving and sending extensions which were not advertised by client side
That is needed due to the special treatment of the cookie extension,
which is sent by the server in HRR even if it was not advertised by
the client.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 29 16:41:09 2017 +0200
extensions: optimized gid_to_ext_entry() map on known extensions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 29 16:23:10 2017 +0200
extensions: avoid double loop when parsing received extensions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 29 15:40:36 2017 +0200
extensions: avoid looping to discover location of saved data
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 29 15:16:04 2017 +0200
handshake: added support for reading and sending cookie extension
That introduces an internal API to associate data to an extension.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 13 08:45:09 2017 +0100
doc: document the GNUTLS_E_NO_COMMON_KEY_SHARE usage
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 29 11:58:25 2017 +0200
tests: added unit test for hello retry request support
Resolves #285
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 29 14:24:54 2017 +0200
tests: rehandshake tests were restricted to TLS1.2
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 29 14:11:34 2017 +0200
handshake: reduce assert printouts in common cases
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 29 10:10:48 2017 +0200
handshake: accept hello retry request in client side
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 29 09:08:59 2017 +0200
buf: _gnutls_buffer_pop_data made easier to use
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 29 09:01:41 2017 +0200
handshake: simplified version parsing
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 21 16:40:43 2017 +0200
handshake: send hello retry request when no key share matches
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 29 12:54:38 2017 +0200
ext: do not advertize post handshake authentication
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 29 08:21:54 2017 +0200
tests: check TLS1.3 record layer packet modification
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 28 07:50:42 2017 +0200
handshake: split set_client_random to gen and set
This aligns with set_server_random() and gen_server_random().
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 28 07:47:40 2017 +0200
handshake: only attempt to detect downgrade attacks if TLS1.3 is supported
Otherwise, connections under TLS 1.2 may fail, even if client never enabled
TLS 1.3 support.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 27 15:10:07 2017 +0200
nettle/pk: explicitly mark intentional fallthrough in switch cases
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 22 16:59:31 2017 +0200
key share: removed duplicate message
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 27 08:20:10 2017 +0200
tests: fix warning in rng-sigint.c
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 27 08:58:26 2017 +0200
tests: improved tls-session-supplemental
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 26 16:44:39 2017 +0200
kx: moved to new buffer API
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 26 15:38:58 2017 +0200
handshake: moved to the new mbuffer API
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 26 12:54:18 2017 +0200
handshake: use the new buffer type in TLS 1.3
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 26 11:57:18 2017 +0200
handshake: new helper functions to use gnutls_buffer_st to generate mbuffers
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 26 10:29:15 2017 +0200
tlsfuzzer: disable non TLS1.3-ready tests
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 25 16:28:38 2017 +0200
tests: added tests for TLS1.3 record generation / parsing
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 25 09:47:52 2017 +0200
tests: introduced basic TLS1.3 key exchange test suite
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 25 16:26:45 2017 +0200
record: adjusted overhead calculation for TLS1.3
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 25 14:49:23 2017 +0200
priority: include groups into priority when having a TLS1.3-only session
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 25 09:46:32 2017 +0200
priority: do include all the version's signature semantics
This resolves issue, which prevented handling certain types
of TLS1.3-only signatures, depending on the order of enabled
protocols.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 25 09:32:25 2017 +0200
ext/key_share: corrected release of MPI parameters
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 25 09:28:45 2017 +0200
ext/signature: explicitly prevent RSA/DSA and SHA1 signatures on TLS1.3
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 22 16:55:36 2017 +0200
hello ext: reduce verbosity
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 22 11:10:56 2017 +0200
constate.h: removed non-existing function
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 22 10:55:43 2017 +0200
record: any alert is fatal under TLS1.3
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 18 14:49:24 2017 +0200
extensions: introduced functions to obtain currently parsed message
This allows the extension handling code to operate differently
on different messages.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 21 09:30:39 2017 +0200
supported_versions: print the received versions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 21 12:58:51 2017 +0200
handshake: introduced server side handshake [2/2]
That is, send server certificate verify and receive
certificate and certificate verify messages. In addition
introduced flags to mark the expected, or sent messages.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 21 10:21:26 2017 +0200
cs: select certificate under TLS1.3
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 21 09:53:47 2017 +0200
handshake: introduced server side handshake [1/2]
That is, send certificate request and certificate in server side
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 21 09:50:10 2017 +0200
ciphersuites: introduce a maximum supported TLS/DTLS version
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 21 09:41:37 2017 +0200
handshake: properly set the default record version
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 20 16:07:39 2017 +0200
handshake: send encrypted extensions handshake message
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 15 13:54:25 2017 +0200
handshake: parse new session ticket message
That does not include extension handling.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 20 15:33:16 2017 +0200
str: added _gnutls_buffer_pop_prefix24 and _gnutls_buffer_pop_prefix8
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 27 15:07:04 2017 +0200
str: use assert to mark impossible cases
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 20 15:21:16 2017 +0200
str: allow creating a read-only buffer
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 20 13:43:14 2017 +0200
gnutls_session_get_desc: more descriptive name for TLS1.3 ciphersuites
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 15 09:11:37 2017 +0200
handshake: generate application keys
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 15 08:30:52 2017 +0200
constate: added _gnutls_epoch_dup
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 15 07:59:21 2017 +0200
constate: indentation fixes
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 14 10:22:36 2017 +0200
handshake: added basic support for TLS 1.3 handshake in client side
That does not include support for client certificates as it
requires extension handling improvements in order for extensions
to be context sensitive (now they cannot distinguish whether the
parsing routine is called during client hello or certificate request
reading)
This does not include proper parsing of extensions present in
the certificate message.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 13 14:19:12 2017 +0200
handshake: added parsing of encrypted extensions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 25 10:44:43 2017 +0200
crypto-api: introduce internal version of AEAD API
This allows to initialize the TLS 1.3 connection state without
additional allocations as required by the external API.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 11 15:16:51 2017 +0200
record: added TLS 1.3 record parsing and key derivation
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 18 13:48:13 2017 +0200
handshake: introduced TLS 1.3 handshake client state machine outline
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 20 11:56:28 2017 +0200
extensions: separate the hello extensions from others
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 20 11:51:10 2017 +0200
hello_ext.h: removed non-existant function definition
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 20 11:48:30 2017 +0200
extensions: files renamed to hello_ext
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 20 11:46:55 2017 +0200
extensions: renamed hello extension handling functions appropriately
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 20 11:40:54 2017 +0200
extensions: simplified semantics of store and check functions
That is, _gnutls_extension_list_check was made a boolean function,
and both were renamed to more appropriate names such as,
_gnutls_hello_ext_is_present, _gnutls_hello_ext_save.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 20 11:30:12 2017 +0200
extension: renamed functions to reflect purpose
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 20 10:05:53 2017 +0200
extensions: use the low-level extension parsing code for hello parsing
That's a step towards unification of TLS-type extension handling
for TLS 1.3.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 20 09:46:34 2017 +0200
extv: introduced a low-level extension parsing code
This will simplify the parsing and handling of extensions throughout
the TLS 1.3 message contents.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 19 12:58:56 2017 +0200
extensions: simplified the extension tracking
Instead of keep a list of the received TLS extension IDs, use the bits
in a variable to mark the received extensions. That reduces the
overall memory usage due to extension tracking.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 19 12:48:14 2017 +0200
extensions: use an internal extension ID independent of the TLS id
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 15 14:46:13 2017 +0200
str: rename _gnutls_buffer_pop_prefix to _gnutls_buffer_pop_prefix32
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 15 14:45:20 2017 +0200
str: rename _gnutls_buffer_pop_datum_prefix to _gnutls_buffer_pop_datum_prefix32
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 14 14:10:14 2017 +0200
security params: store PRF when packing session
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 14 14:03:43 2017 +0200
handshake: simplify by storing a pointer to PRF mac entry
That way, we avoid multiple function calls to obtain information
such as hash size, and other MAC properties.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 14 12:13:09 2017 +0200
ext/signature: improved TLS 1.3 signature algorithm negotiation
That is, we introduce a simpler way to handle multiple versions
of a single signature algorithm.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 14 11:21:51 2017 +0200
str: added helper functions to read prefixed data with 8 or 16-bit headers
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 14 09:44:58 2017 +0200
ecc: do not warn on receiving extension on client side
This extension can be received used under TLS 1.3 on the client side.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 14 14:30:07 2017 +0200
Added TLS 1.3 HKDF key derivation functionality
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 12 10:30:59 2017 +0200
extensions: include extension number in debugging message
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 12 10:12:41 2017 +0200
tests: check behavior on the extension hello flags
That is, verify whether the various combinations of
GNUTLS_EXT_FLAG_CLIENT_HELLO,
GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO,
GNUTLS_EXT_FLAG_TLS13_SERVER_HELLO
work as expected with regards to sending and receiving
extensions.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 11 10:26:44 2017 +0200
extensions: apply extension msg type restrictions
That is, on the extension parsing functions ensure that
no extension which are not valid for the currently
received message are parsed.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 11 10:13:07 2017 +0200
extensions: mark the message validity of each supported extension
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 11 09:50:58 2017 +0200
extensions: type renamed to id for clarity
We were previously using the variable named 'type' to indicate the
extension ID. With TLS 1.3, extensions are also given an applicability
type (which message the extension applies to), and thus renamed the
variable for clarity.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 12 08:03:59 2017 +0200
tests: guile: don't use VERS-TLS-ALL
That is, avoid enabling experimental protocols.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 12 08:00:00 2017 +0200
.gitlab-ci.yml: abi-coverage: include guile logs
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 14 09:20:25 2017 +0200
nettle: added HKDF functions
They are being included conditionally depending on the RSA-PSS feature
(RSA-PSS and HKDF are expected to be introduced at the same version).
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 11 15:54:40 2017 +0200
gnutls-cli-debug: use explicit TLS versions rather than TLS-ALL
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 15 15:37:04 2017 +0200
_gnutls_server_select_suite: don't set auth callbacks for TLS 1.3
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 15 11:00:27 2017 +0200
supported_versions: print negotiated protocol
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 18 15:35:21 2017 +0200
Negotiate draft-TLS1.3
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 18 14:14:58 2017 +0200
handshake: added the TLS 1.3 ciphersuites
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 11 11:45:39 2017 +0200
handshake: print negotiated version after its negotiation (for TLS1.3)
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 11 11:33:31 2017 +0200
tests: fix TLS version to 1.2 for tests which used VERS-TLS-ALL
This allows the test suite to run, even when TLS1.3 is still
experimental.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 14 09:34:05 2017 +0200
Added support for key share extension
This enables TLS 1.3 key exchange based on the key share extension.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 18 09:23:53 2017 +0200
handshake: always accept TLS 1.2 in client hello if we have later protocols enabled
That is because after TLS 1.3 there is no negotiation of the version using
the Client Hello field, but with an extension.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 18 08:23:01 2017 +0200
require nettle 3.3 or later
This will simplify handling of the x25519 key exchange.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 14 09:10:11 2017 +0200
str: added function to append fixed-size MPI
This is used in TLS 1.3 which introduces a new MPI over-the-wire
format.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 13 11:57:26 2017 +0200
tests: resumption tests were restricted to TLS 1.2
TLS 1.3 implements resumption is a different way, so we should
introduce new resumption tests once that support is in place.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 13 11:52:07 2017 +0200
ext/post_handshake: restrict the use of this extension to TLS 1.3 or later
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 13 11:46:29 2017 +0200
handshake: optimizations and enhancements in session version handling
This introduces the following new functions:
const version_entry_st *_gnutls_legacy_version_max(gnutls_session_t session);
const version_entry_st *_gnutls_version_max(gnutls_session_t session);
which replace their previous counterparts.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 13 11:21:24 2017 +0200
tests: check for post-handshake extension in TLS 1.2-only sessions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 13 11:14:56 2017 +0200
tests: added unit tests for post-handshake-auth extension
These test whether this extension is seen under TLS 1.3 in client
hello, and whether it is not present in server hello.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 13 10:33:18 2017 +0200
handshake: send client and server hellos according to TLS 1.3
That is, when TLS 1.3 is negotiated the compression algorithms and
session ID fields are no longer sent.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 13 09:44:28 2017 +0200
Added support for post handshake auth extension
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 12 13:40:19 2017 +0200
tests: updated for new behavior of disabling protocols on missing signature algorithms
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 12 13:38:39 2017 +0200
tests: verify that no signature algorithms with (D)TLS 1.2 will cause an error
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 12 13:33:46 2017 +0200
priorities: when no signature algorithms eliminate (D)TLS 1.2 or later
If an application intentionally disables all signature algorithms, ensure
that we can operate by eliminating protocol options which require these
signature algorithms to be set.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 12 13:16:10 2017 +0200
tests: safer use of gnutls_bye in _test_cli_serv()
In addition make sure we check gnutls_priority_set() for errors.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 12 09:40:46 2017 +0200
tests: added checks for special signature algorithms
This tests the behavior when signature algorithms only available
under TLS1.3 are present in a TLS 1.2 session.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 12 09:38:26 2017 +0200
tests: verify that +SIGN-ECDSA-SECP256R1-SHA256 has no effect when combined with TLS1.2
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 12 08:56:18 2017 +0200
tests: added signature tests for ECDSA-SECP256R1-SHA256
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 12 09:19:16 2017 +0200
priority: do not include signature algorithms that apply to different TLS version
That is, when a signature algorithm that is only applicable
to specific TLS protocol semantics (e.g., ECDSA-SECP256R1-SHA256)
is enabled, under TLS 1.2, it will result to no code points being
added. That prevents connection errors due to "wrong" code
points being added that do not correspond to a usable signature
algorithm under the protocol.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 11 14:07:43 2017 +0200
tests: updated for the new behavior of handshake
Previously at handshake we would negotiate a ciphersuite and certificate
and later figure out a signature algorithm. Now we negotiate all at once,
so we no longer reach situations where mid-way of handshake we figure we
have no signature algorithm to use. Update the test cases relying on that
behavior to account the new one.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 11 11:09:51 2017 +0200
pubkey: enforce TLS 1.3 signature restrictions on verification
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 10 16:43:51 2017 +0200
ext/signature: added TLS 1.3 signature algorithm negotiation
That patch adds the signature algorithms:
- GNUTLS_SIGN_ECDSA_SECP256R1_SHA256
- GNUTLS_SIGN_ECDSA_SECP384R1_SHA384
- GNUTLS_SIGN_ECDSA_SECP521R1_SHA512
and enables them for the default TLS priority strings.
In addition it allows negotiating signature algorithms sharing
the same TLS IDs, but which have different semantics between TLS
versions (e.g., 6,4 maps to GNUTLS_SIGN_ECDSA_SHA512 under TLS 1.2
but to GNUTLS_SIGN_ECDSA_SECP521R1_SHA512 under TLS 1.3).
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 19 15:20:00 2017 +0200
tests: added unit test for TLS 1.3 version negotiation
This checks whether the Client Hello and Server Hello packets
contain the expected values.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 19 14:17:40 2017 +0200
handshake: added support for negotiating version using extension
That is, introduced the TLS 1.3 supported_versions extension. It is currently
only being used if negotiating TLS 1.3 or later.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 19 13:30:46 2017 +0200
handshake: legacy version negotiation is not used for TLS 1.3
That is, ensure that the functions used for TLS 1.2 and earlier
negotiation cannot be used with TLS 1.3. That is because TLS 1.3
is negotiated using a TLS extension.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 19 11:57:22 2017 +0200
Added TLS 1.3 Hello message random generation
That is, added check for TLS 1.3 random value requirements in client side,
and generation according to TLS 1.3 requirements for server and
client side.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 19 14:57:55 2018 +0100
Revert "priority: disable the enabled by default RSA-PSS signature algorithms"
This reverts commit ef44477127952c13e93d7ea88f7b549bf36602f5.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 10 11:13:57 2018 +0100
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 22 11:52:19 2018 +0100
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 30 07:41:26 2018 +0100
tests: check gnutls_fips140_set_mode operation per thread
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 21 15:49:42 2018 +0100
tests: added unit test of gnutls_fips140_set_mode
Also ensure that 512-bit keys cannot be generated
in FIPS140-2 mode
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 22 11:40:42 2018 +0100
tests: gnutls_hmac_fast: explicitly enable MD5 use under FIPS140-2 mode
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 21 12:38:29 2017 +0100
tests: gc.c -> gnutls_hmac_fast.c
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 22 09:15:03 2018 +0100
doc: documented gnutls_fips140_set_mode and gnutls_fips_mode_t
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 21 15:07:00 2018 +0100
fips140: added function for applications to switch the FIPS140-2 mode
That would allow FIPS140-2 compliant applications to use forbidden
algorithms by switching to a lax FIPS140-2 mode.
Resolves #352
Resolves #353
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 21 14:01:17 2018 +0100
fips140: enforcement of allowed ciphers moved to crypto-api.c and cipher_int.c
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 20 15:36:59 2017 +0100
fips140: enforcement of hash and MACs use moved to crypto-api.c and hash_int.c
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 19 08:38:35 2018 +0100
tests: srp: increased timeout to 40secs [ci skip]
Since we increased the maximum parameters to 8k, ensure
that slower systems have enough time to complete the handshake.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Feb 18 20:58:07 2018 +0100
doc: updates NEWS entry for 3.6.2 adding ABI changes [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 16 08:54:26 2018 +0100
latex: introduced functionWarning macro
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 16 08:27:56 2018 +0100
bumped version
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 13 16:34:09 2018 +0100
tests: check whether gnutls_credentials_set() can be set in an hsk hook
This is useful when these are set during the handshake process
on the handshake hook before client hello is parsed.
Relates #382
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 13 16:47:16 2018 +0100
doc: documented how to set the credentials late in certain vhost scenarios
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 13 16:21:52 2018 +0100
doc: updated text on gnutls_handshake_set_hook_function
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 13 11:12:09 2018 +0100
doc update [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 12 11:18:06 2018 +0100
priority: disable the enabled by default RSA-PSS signature algorithms
They have been modified in the latest (yet unsupported) TLS 1.3
drafts, so prevent causes interoperability failures by keeping them
on.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 12 09:20:17 2018 +0100
tests: cipher-openssl-compat: extend to include CCM tests
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Michael Catanzaro <mcatanzaro@igalia.com>
Date: Fri Feb 9 10:22:24 2018 -0600
Improve documentation of gnutls_x509_trust_list_iter_get_ca [ci skip]
The documentation is confusing because it implies that
gnutls_x509_trust_list_iter_deinit() should be called after using this
function, but in fact it is generally not necessary.
Also, there was a typo here ("usin").
Signed-off-by: Michael Catanzaro <mcatanzaro@igalia.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 7 18:59:39 2018 +0100
.gitlab-ci.yml: run the fuzz testsuite under various CPU capabilities
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 7 09:24:18 2018 +0100
accelerated: make explicit key size check to all accelerated ciphers
That is, do not rely on checks done on asm level, as they vary and
may change over updates. Also handle consistently invalid key sizes
by returning an error, and eliminate calls to abort().
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Vitezslav Cizek <vcizek@suse.com>
Date: Tue Feb 6 16:46:31 2018 +0100
accelerated: check keysize in SSSE3 cipher setkey
aes_ssse3_cipher_setkey() accepted any key size,
which could lead to invalid memory access.
Such as with the oss-fuzz corpora file
fuzz/gnutls_pkcs8_key_parser_fuzzer.in/da59d34eacdf50a0019a457fb7c4916be48c99a5
Signed-off-by: Vitezslav Cizek <vcizek@suse.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 8 14:32:42 2018 +0100
p11tool: updated documentation [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 7 11:34:36 2018 +0100
nettle: use the nettle_get_secp API when available
Resolves #380
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 6 09:46:41 2017 +0100
nettle base64_encode_raw: use cast to avoid warnings
Nettle switched prototypes for base64_encode_raw() as follows:
-base64_encode_raw(uint8_t *dst, size_t length, const uint8_t *src);
+base64_encode_raw(char *dst, size_t length, const uint8_t *src);
That means we need to cast fist param to void if we want to avoid
warnings on different platforms.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 6 14:40:59 2018 +0100
accelerated: x86-common: do not use _xgetbv() with clang
Resolves #372
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 6 14:37:42 2018 +0100
configure: treat solaris as ELF system
Resolves #376
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 6 04:03:45 2018 +0100
tests: repeat cipher test with multiple keys and nonces
In addition include chacha20-poly1305 into the tests.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 6 03:59:17 2018 +0100
accelerated: aarch64: fix GCM counter increment
Ensure that we restrict the GCM counter to the 4 bytes assigned to it.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 6 04:39:39 2018 +0100
accelerated: fix use of SSSE3 vpaes_encrypt
Previously we assumed that the nettle GCM internal functions
will use the provided ECB function for single block encryption.
Newer versions no longer operate that way. Ensure that we
are compatible with them.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 5 20:25:23 2018 +0100
accelerated: fix use of aesni_ecb_encrypt()
Previously we assumed that the nettle GCM internal functions
will use the provided ECB function for single block encryption.
Newer versions no longer operate that way. Ensure that we
are compatible with them.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 2 15:49:48 2018 +0100
serv: increase cache size used for resumption
That allows sessions with longer parameters to be able
to be resumed.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 2 11:09:22 2018 +0100
CONTRIBUTING.md: check the issue closing as part of review [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 2 10:35:11 2018 +0100
gnutls-cli: no longer print certificate types or compression methods
We don't support any other compression methods than the null compression,
nor any other certificate types.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Jay Foad <jay.foad@gmail.com>
Date: Sat Jan 27 09:13:17 2018 +0100
Inline version macros into its users.
This fixes a problem in _gnutls_version_is_supported() where we want to
use preprocessing directives in the loop body. Doing this within a macro
argument is undefined behaviour according to the C standard, and not
supported by the system compiler on AIX.
Signed-off-by: Jay Foad <jay.foad@gmail.com>
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 26 15:49:53 2018 +0100
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 26 15:48:52 2018 +0100
certtool: deprecated the --certificate-pubkey option
That option is duplicate since --pubkey-info can provide the same
information.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 26 15:44:21 2018 +0100
certtool: avoid duplicate deinitialization on --certificate-pubkey
Resolves #368
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 21 12:25:10 2018 +0100
dh: document why BER decoding rules are allows
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 21 12:19:12 2018 +0100
pubkey: use the strict DER decoder for SubjectPublicKeyInfo
Although there is no explicit RFC mentioning the SubjectPublicKeyInfo
encoding, this structure is a subset of the X.509 certificate's structure
and as such it is expected to be in DER form.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 21 11:36:20 2018 +0100
pk: document need for the generic BER decoder
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 17 19:26:12 2018 +0100
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 17 19:25:36 2018 +0100
tests: check whether deletion of a certificate object works
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 17 19:15:46 2018 +0100
p11tool: corrected issue preventing the deletion of objects in batch mode
Previously initialization of PIN callbacks would only happen during listing
of objects, which happened only in non-batch mode.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 17 19:10:52 2018 +0100
p11tool: corrected type affecting use of --only-urls
It would enable batch mode accidentally.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 19 11:42:02 2018 +0100
tests: pkcs11/tls-neg-pkcs11-key: updated for softhsm with PKCS#11 support
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 22 09:06:25 2018 +0100
added sub-section on selecting the right return value [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 17 17:35:54 2018 +0100
doc update [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 17 08:38:13 2018 +0100
examples: use gnutls_certificate_set_x509_system_trust
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 12 16:14:23 2018 +0100
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 12 13:23:03 2018 +0100
tests: privkey-verify-broken: addressed uninitialized var use
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 10 15:41:50 2018 +0100
tests: check whether get_mtu() functions relate to the set values
That is, verify that gnutls_dtls_set_data_mtu() value would be
reflected into gnutls_dtls_get_data_mtu(), as well as the
gnutls_dtls_set_mtu() to gnutls_dtls_get_mtu().
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 10 15:35:36 2018 +0100
tests: added unit test for _gnutls_record_overhead()
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 12 09:01:54 2018 +0100
DTLS: improved data MTU calculation under CBC ciphersuites
The data MTU calculation under CBC ciphersuites takes into
account that the overhead of these ciphersuites is constant (IV +
hash + 1 byte padding), though the capacity varies due to the padding
block. That is, on 16-byte padding block, one padding byte is the
overhead but the rest 15 bytes are accounted for data MTU.
That also has the side effect that setting a data MTU using
gnutls_dtls_set_data_mtu(), is not definite, and the actual
MTU may be larger for these ciphersuites --i.e., the
return value of gnutls_dtls_get_data_mtu().
Resolves #360
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 10 10:58:30 2018 +0100
fuzz: added reproducer for leak in gnutls_x509_crl_list_import
That was detected by oss-fuzz in:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4930
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 10 10:56:28 2018 +0100
gnutls_x509_crt_list_import: eliminated memory leak
That leak would be triggered if GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED
flag was used and the input data would exceed the maximum limit.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 9 11:31:45 2018 +0100
libtasn1: updated to latest libtasn1 master branch
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 3 16:41:36 2018 +0100
gnutls_pkcs12_key_parser_fuzzer.in: added reproducer for oss-fuzz #4890
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 7 09:55:37 2018 +0100
doc update [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 3 16:27:03 2018 +0100
doc: updated copyright year for manual
That eliminates the 'make syntax-check' error.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Dec 30 20:12:36 2017 +0100
tests: added reproducer for self-signed verification error
Relates #347
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Dec 30 19:57:08 2017 +0100
x509/verify: when verifying against a self signed certificate ignore issuer
That is, ignore issuer when checking the issuer's parameters strength. That
resolves the issue of marking self-signed certificates as with insecure
parameters during verification.
Resolves #347
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 20 08:16:29 2017 +0100
gnutls_pk_self_test: include ECDSA tests on GNUTLS_PK_EC
Previously when a request for a specific self check on GNUTLS_PK_EC
was done, only ECDH tests would be run. This change includes the ECDSA
tests as well (GNUTLS_PK_EC and GNUTLS_PK_ECDSA are an alias to each other).
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 19 16:40:59 2017 +0100
tests: hash-large: increase parallelism to allow fast run in CI
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 8 11:14:58 2017 +0100
doc: reference gnutls_prf_rfc5705 instead of gnutls_prf
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 3 11:34:32 2017 +0100
tests: utils.h: forbid compilation with NDEBUG
This allows to rely on the assert() macro being functional on
the test suite.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 3 10:49:12 2017 +0100
tests: p11-kit-load.sh: verify that all modules are loaded after a private key operation
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 30 15:08:22 2017 +0100
tests: enhanced pkcs11/list-tokens
This not only creates a trust list with the system certificates, but
also attempts to verify a certificate, increasing the number of calls
to PKCS#11 verification API (and thus ensuring there are no calls
which may trigger the load of other modules).
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 30 14:31:07 2017 +0100
pkcs11 verification: always use the GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE
That is, make sure that all our calls to PKCS#11 subsystem for verification
will only trigger the trust module initialization, and not the generic
PKCS#11 initialization.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 30 14:28:46 2017 +0100
pkcs11: simplify trusted module loading state
That is always utilize the same flags (GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE)
to determine whether to initialize trusted modules only or
proceed with general initialization.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 30 12:52:57 2017 +0100
_gnutls_pkcs11_check_init: improved transition between states
The init_level_t for PKCS#11 modules, was incorrectly handled as a
linear state transition, causing few cases in the transition to be
incorrectly handled. Define precisely the state transitions and
enforce them in _gnutls_pkcs11_check_init.
That addresses a regression introduced by the previous state handling
addition, which made impossible to switch from the trusted state to
the all modules.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 30 11:44:14 2017 +0100
tests: corrected destructive/p11-kit-load.sh error checking
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Dec 1 11:13:29 2017 +0100
gnutls-serv: fix double-free on inactivity timeout
Previously, gnutls-serv --echo segfaulted when closing client
connection after inactivity timeout. Here is the valgrind output:
==20246== Invalid free() / delete / delete[] / realloc()
==20246== at 0x4C2FD18: free (vg_replace_malloc.c:530)
==20246== by 0x405310: listener_free (serv.c:154)
==20246== by 0x408B57: tcp_server (serv.c:1568)
==20246== by 0x407DA6: main (serv.c:1231)
==20246== Address 0x6ed4fe0 is 0 bytes inside a block of size 3 free'd
==20246== at 0x4C2FD18: free (vg_replace_malloc.c:530)
==20246== by 0x408A1D: tcp_server (serv.c:1548)
==20246== by 0x407DA6: main (serv.c:1231)
==20246== Block was alloc'd at
==20246== at 0x4C2EB6B: malloc (vg_replace_malloc.c:299)
==20246== by 0x6A64489: strdup (in /usr/lib64/libc-2.25.so)
==20246== by 0x407310: get_response (serv.c:948)
==20246== by 0x408840: tcp_server (serv.c:1492)
==20246== by 0x407DA6: main (serv.c:1231)
==20246==
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Nov 28 15:45:59 2017 +0100
.dir-locals.el: new file
This forces Emacs to use the Linux kernel coding style for all C code.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Nov 28 15:45:54 2017 +0100
build: remove m4 files pulled in by autopoint
Having these files in the git repository causes unnecessary changes
after "make bootstrap".
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 29 17:16:41 2017 +0100
gnutls_aead_cipher_init: corrected potential memory leak
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 28 14:28:46 2017 +0100
doc: provided basic documentation of the FIPS140-2 mode [ci skip]
Resolves #332
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 27 09:42:26 2017 +0100
tests: verify whether group remains the same after resumption
Resolves #331
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 27 09:31:52 2017 +0100
_gnutls_set_resumed_parameters: restore the group from resumed parameters
That allows resumed sessions to have the original group information such as
curve used for key exchange or FFDHE parameters.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 27 08:19:01 2017 +0200
tests: removed unnecessary assert
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 10 14:23:20 2017 +0200
tests: delete temporary files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 8 11:47:22 2017 +0100
session state: use the right type for send_cert_req variable
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 24 08:17:40 2017 +0100
tests: client-fastopen: introduce child signal handler and delay prior to starting
This addresses a hang issue on freebsd builds.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 22 17:36:30 2017 +0100
psktool: allow up to 512-byte keys
This aligns the psktool --help output with the psktool operation.
Suggested by Jack Lloyd.
Resolves #327
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 21 20:26:43 2017 +0100
getfuncs-map.pl: added gnutls_srp_8192_group* symbols to ignore list
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 21 19:24:29 2017 +0100
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 21 19:17:01 2017 +0100
srptool: --create-conf no longer includes 1024-bit parameters
In addition it includes the 8192-bit parameters, and
the default params used for a new user are the 2k ones.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 21 13:23:21 2017 +0100
tests: updated SRP checks
Test 1024, 1536, 2048, 3072, 4096 and 8192 bit parameters.
In addition, verify that parameters not in the SRP spec are
rejected by a gnutls client.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 21 13:05:12 2017 +0100
.gitlab-ci.yml: move destructive tests after trust store tests
That is, to ensure they are only run after the trust store
is complete and that it doesn't affect its output.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 20 14:43:21 2017 +0100
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 20 14:34:20 2017 +0100
tests: include the 8192-bit SRP prime into param checks
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 20 14:33:33 2017 +0100
srp: added the 8192-bit prime
As we now reject any primes not in the SRP spec, we include
that parameter to ensure we can handle clients within the
spec but with large parameters.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 20 14:10:02 2017 +0100
srp: reject any parameters not in the SRP draft
This implements the SHOULD requirement from RFC5054, i.e., to
only accept group parameters that come from a trusted source,
such as those listed in Appendix A.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 20 14:07:12 2017 +0100
fuzz: srp-client: decreased acceptable prime bits to 1024 [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 9 09:47:10 2017 +0100
tests: combined key and cert tests
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 9 09:40:23 2017 +0100
tests: windows subdir is only included on windows builds
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 8 16:32:48 2017 +0100
tests: dtls subdir was merged into main tests
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 20 13:49:55 2017 +0100
fuzz: srp-client: restrict prime bits to 1537 [ci skip]
That avoids timeouts in the oss-fuzz infrastructure:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3277
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 19 16:39:16 2017 +0100
doc: corrected typo
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 16 16:57:29 2017 +0100
doc: better detect acronym keyword on latex output
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 16 16:53:46 2017 +0100
doc: latex: resolve all citation issues
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 16 16:43:21 2017 +0100
doc: citations translate into references in texinfo
That makes the citations to be links in the generated html manual.
Resolves: #321
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 13 11:03:35 2017 +0100
p11tool: renamed pkcs11_set_pin() to allow static linking
Resolves #322
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 15 11:47:31 2017 +0100
cfg.mk: do not include reproducer files into syntax checks
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 15 10:31:00 2017 +0100
gnutls_x509_ext_import_proxy: corrected memory leak
Also added reproducer for the memory leak found.
Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3159
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 8 13:56:56 2017 +0100
tools: do not access unused variables
This avoids warnings by static analyzers.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 8 10:51:51 2017 +0100
.gitlab-ci.yml: disabled gcc warnings on CI builds and use dash
That should decrease the time spent in configure. Based on suggestions
by Tim Ruehsen.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 5 20:46:47 2017 +0100
.gitlab-ci.yml: use configure cache file and ccache
That reduces the total time spent per build by caching configure
checks, and compilation artifacts.
Also that patch set no longer uploads coverage files as artifacts.
These files are not generally useful, and removing that "feature"
will reduce CI running time.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Nov 4 17:18:23 2017 +0100
doc: corrected typo [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 3 15:10:03 2017 +0100
tests: list-tokens: not only list but also verify whether module is operational
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 3 15:03:35 2017 +0100
pkcs11: refuse to load modules with duplicate information
That is, when ck_info matches, we soft fail loading the module.
That is, because in several cases the pointers got by p11-kit
may differ for the same modules.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 3 14:33:24 2017 +0100
tests: enhanced PKCS#11 loading test
Test whether implicit initialization in trusted module (e.g.,
via verification), would result to proper initialization of additional
modules once a PCKS#11 function is called.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 30 13:51:33 2017 +0100
tests: added PKCS#11 module loading test
This checks:
1. Whether all modules are loaded from p11-kit when
no explicit gnutls_pkcs11_init() is called and
pkcs11 calls are accessed.
2. Whether only the trusted modules are loaded from
p11-kit and no other PKCS#11 calls than PKCS#11
cert validation is performed.
3. Whether the trusted modules are loaded when
gnutls_pkcs11_init() is called with manual
flag.
Resolves #315
Resolves #316
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 30 11:29:38 2017 +0100
pkcs11: allow loading trusted modules when pkcs11 was initialized in manual mode
When a PKCS#11 trust module is used in the system, but gnutls_pkcs11_init()
is explicitly called with GNUTLS_PKCS11_FLAG_MANUAL flag, then the PKCS#11
trust store was not loaded, and thus prevent any certificate validation.
This change allows initializing the trust modules only even if generic
PKCS#11 support is disabled by the application.
Relates #316
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 30 09:57:09 2017 +0100
pkcs11: introduce multiple levels of loading
That allows to load the PKCS#11 trusted modules (on systems which use them)
without loading all the potentially present PKCS#11 modules.
Relates #315
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 31 09:18:15 2017 +0100
CONTRIBUTING.md: added a short text on reviewing code [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Roberto Newmon <robertonewmon@fake-box.com>
Date: Sun Oct 29 08:30:02 2017 +0000
Fix non-null warning
Help the compiler understand the control flow in the MATCH_FUNC and
INVALID_MATCH_FUNC macros.
Because we are using macros, the compiler is not able to correlate the
replaced values of the macro variables to each other yielding non-null
warnings. Introduce a C variable to mimic the macro variable helping
the compiler understanding the control flow.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Oct 21 15:17:22 2017 +0200
tests: test whether PKCS#11 generation works without login
Resolves #147
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Oct 21 15:10:03 2017 +0200
p11tool: attempt to auto-login when the token requires it
In operations like generation or writing objects, run as if --login
was given if the token is marked to require login.
Relates #147
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Oct 21 15:01:53 2017 +0200
p11tool: print PKCS#11 token flags in --list-tokens
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Oct 21 14:53:37 2017 +0200
pkcs11: forward token flags to applications
That is, gnutls_pkcs11_token_get_flags() will not return the
most common/useful PKCS#11 token flags, in addition to trusted and HW
flags.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Oct 21 09:44:37 2017 +0200
doc update [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Oct 21 02:18:07 2017 +0200
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 19 10:14:33 2017 +0200
doc update [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Thomas Klute <thomas2.klute@uni-dortmund.de>
Date: Wed Oct 18 19:50:57 2017 +0200
gnutls_server_name_set: Clarify meaning of the name_length parameter [ci skip]
Signed-off-by: Thomas Klute <thomas2.klute@uni-dortmund.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 18 15:57:53 2017 +0200
doc: mention SHA224 removal in upgrade guide
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 18 15:55:57 2017 +0200
bumped version
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 18 10:18:33 2017 +0200
gnutls-serv: print the right error code on OCSP request setting
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 18 13:42:21 2017 +0200
ocsptool: doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 16 11:41:36 2017 +0200
doc update [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 27 13:25:02 2017 +0200
cmp_hsk_types: fixed check for SSLv2 hello
Previously, if SSLv2 hello support was disabled, the check for
the expected TLS message was incorrect.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Oct 7 10:06:09 2017 +0200
doc: improve documentation on provable private keys
Resolves #301
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Oct 7 09:44:54 2017 +0200
doc: enhanced text on PKCS#7 and public keys
Resolves #302
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Oct 1 12:20:18 2017 +0200
tests: check whether key IDs with SHA512 are corrected calculated
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Oct 1 12:18:54 2017 +0200
certtool: allow using SHA512 for key IDs
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Oct 1 12:17:26 2017 +0200
_gnutls_get_key_id: introduce flag GNUTLS_KEYID_USE_SHA512
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Oct 1 12:14:11 2017 +0200
tests: check fingerprint generation with SHA512
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Oct 1 12:12:25 2017 +0200
certtool: allow using --fingerprint with sha384 or sha512
Resolves #295
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Andreas Metzler <ametzler@debian.org>
Date: Wed Sep 27 19:21:59 2017 +0200
Modernize gtk-doc support
Update gtk-doc.make, m4/gtk-doc.m4 and doc/reference/Makefile.am from
gtk-doc git head (that is 1.26 +
c08cc78562c59082fc83b55b58747177510b7a70).
Disable gtkdoc-check.
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Rowan Thorpe <rowan@rowanthorpe.com>
Date: Wed Sep 27 21:41:43 2017 +0300
Fix autoreconf invocation to actually run autopoint
Signed-off-by: Rowan Thorpe <rowan@rowanthorpe.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 25 16:57:31 2017 +0200
CONTRIBUTING.md: added some text on introducing new APIs [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 24 10:52:08 2017 +0200
tests: re-purposed client_dsa_key test to match new behavior of the library
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 24 10:47:05 2017 +0200
tests: update TLS 1.2 tests to account for RSA-PSS client signatures
On commit de4f55b4dcf4bbe8f788e1f8f5bd59cd596f7d36:
"signature: on client side, refuse to negotiate non-enabled signature schemes"
the behavior of allowing a client to utilize disabled for the session
signatures, and thus the negotiated signatures now match the ones
in the session's priority string.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 23 08:37:50 2017 +0200
signature: on client side, refuse to negotiate non-enabled signature schemes
That amends/reverts commit 6aa8c390b08a25b18c0799fbd42bd0eec703fae4:
"On client side allow signing with the signature algorithm of our cert"
Previously, when we initially disabled DSA, we allowed client certificates
which can do DSA-SHA1 to be utilized to ease migration from these certificates.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 15 09:53:01 2017 +0200
_gnutls_epoch_gc: ensure there are no stray epochs after gc
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 15 09:29:30 2017 +0200
constate: simplified allocation of epochs
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 15 08:26:22 2017 +0200
_gnutls_epoch_get(): simplified use
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 24 17:42:01 2017 +0200
gnutls_x509_crt/q_set_spki: always initialize the spki structure
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 23 11:17:21 2017 +0200
gnutls-cli: always initialize the inline commands struct
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 23 11:13:31 2017 +0200
gnutls-cli-debug: eliminated memory leaks
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 23 11:11:27 2017 +0200
ocsptool: eliminate memory leaks
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 23 11:09:00 2017 +0200
certtool: use assert to protect var access
The code correctly uses the variables, but the assert ensures
that static analyzers follow the intended paths too.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 23 11:06:53 2017 +0200
srptool: removed unused variables
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 23 11:06:24 2017 +0200
psktool: remove unused variables
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 23 11:05:18 2017 +0200
gnutls-cli: fix memory leak
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 23 11:04:21 2017 +0200
tools: eliminated dead assignments
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 23 10:59:58 2017 +0200
ocsptool: check chain size on verification
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 19 11:08:19 2017 +0200
.gitlab-ci.yml: use static analyzer and Werror build in src
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 23 08:29:17 2017 +0200
tests: enhanced resumption checks with same and different SNI
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 23 08:19:21 2017 +0200
server name: refuse to resume a session which server name doesn't match
That is, follow the RFC6066 requirement that server:
"MUST NOT accept the request to resume the session if the
server_name extension contains a different name."
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 23 10:47:15 2017 +0200
gnutls-cli: eliminate few memory leaks
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Thomas Klute <thomas2.klute@uni-dortmund.de>
Date: Thu Sep 21 11:00:33 2017 +0200
tests: New test for SNI parsing during cache-based session resumption
Signed-off-by: Thomas Klute <thomas2.klute@uni-dortmund.de>
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Thomas Klute <thomas2.klute@uni-dortmund.de>
Date: Thu Sep 21 10:45:05 2017 +0200
Ensure the SNI extension is parsed during cache-based resumption
This patch changes the parse_type of the SNI extension to
GNUTLS_EXT_MANDATORY to ensure it is parsed during every handshake.
With SNI previously classified as GNUTLS_EXT_APPLICATION, GnuTLS
servers ignored the SNI extension when resuming a TLS session from
cache, because "application" level extensions are skipped during
resumption. As a result, gnutls_server_name_get() always returned
GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE when called on the resumed
session, breaking virtual server systems.
According to RFC 6066, Section 3 the SNI extension must be parsed on
session resumption if implemented at all:
"A server that implements this extension MUST NOT accept the request
to resume the session if the server_name extension contains a
different name."
This change allows applications using GnuTLS to match SNI data on
resumed sessions.
Signed-off-by: Thomas Klute <thomas2.klute@uni-dortmund.de>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Sep 18 17:06:15 2017 +0300
tests: explicitly check for gnutls.pc in pkgconfig.sh
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Sep 18 13:33:53 2017 +0300
test: use proper library name in pkgconfig.sh error message
If there is a -R flag in p11-kit-1.pc file, pkgconfig.sh test will still
reference libidn2.pc, rather than proper source of the message. Also
move the test for library flags before updating PKG_CONFIG_PATH.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Sep 18 13:32:40 2017 +0300
tests: use libidn2 in pkgconfig.sh
Since abe6a12b9766219163f99d7807a0b07fbe5f590c GnuTLS does not support
libidn1. Switch pkgconfig.sh test to use libidn2.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Sep 19 20:36:22 2017 +0200
parse-datetime: Fix buffer overflow
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 18 15:35:32 2017 +0200
tlsfuzzer: document the reason of failure of few fragmentation tests
It seems that gnutls does not accept records carrying handshake messages
that contain less bytes than necessary to recover the handshake header.
The TLS protocol allows that option, and other implementations seem to
accept that fragmentation.
Relates #272
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 16 18:21:36 2017 +0200
parse_handshake_header: removed duplicate check
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 16 14:03:54 2017 +0200
ecdh: return more appropriate error code on empty packet
This makes tlsfuzzer's test-x25519 detect the right error
code on empty message. Previously this issue was masked by our
refusal to accept 1-byte sized fragments.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 15 16:34:02 2017 +0200
parse_handshake_header: allow 1-byte sized fragments
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 15 16:21:02 2017 +0200
tests: added reproducer for DTLS infinite loop
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon Sep 18 20:55:25 2017 +0200
pkcs11/get_key_algo_type(): Always initialize bits variable
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon Sep 18 20:53:23 2017 +0200
tests/base64-raw: Remove unused variable
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon Sep 18 15:54:19 2017 +0200
gnutls.h: Remove redundant function declarations
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 14 11:56:27 2017 +0200
x509: removed debugging code [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 27 13:58:58 2017 +0200
tests: modified the MD5 signature algorithm negotiation tests
Since GnuTLS can no longer negotiate MD5, we utilize a byte stream
of a connection which advertises MD5, and we make sure we detect the
right error code for the rejection of MD5 signature.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 27 08:42:10 2017 +0200
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 27 08:36:01 2017 +0200
tlsfuzzer: no longer include tests involving SHA224 signatures
We no longer support them.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 26 15:04:32 2017 +0200
algorithms/sign: removed TLS identifiers for legacy algorithms
That is, for the MD5-using algorithms, as well as for the DSA2
signature algorithms that were never really used with TLS 1.2.
Kept DSA-SHA1 in order to be used by TLS 1.2 and legacy applications.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 26 15:02:47 2017 +0200
algorithms/sign: legacy signature algorithms were moved toward the end of the list
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 26 14:58:17 2017 +0200
algorithms/sign: no longer enable SHA224 hash in signatures
TLS 1.3 requires that SHA224 MUST NOT be used, and given the
fact that SHA224 was never widespread used in TLS 1.2, there
is no reason to keep these algorithms at all.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 8 16:19:38 2017 +0200
tlsfuzzer: added large client hello tests
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 8 15:16:55 2017 +0200
win32: removed no longer used subdir
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 8 14:01:09 2017 +0200
.gitlab-ci.yml: added warning cppcheck checks
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 7 16:54:24 2017 +0200
.gitlab-ci.yml: removed initialization step
That is, combine syntax-check with the static analyzers run. That
provides more parallelism per build and reduces the overall time
spent on a successful run.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 7 16:20:01 2017 +0200
doc: added README on FreeBSD CI setup
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 7 16:21:44 2017 +0200
.gitlab-ci.yml: added FreeBSD build
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 7 17:05:57 2017 +0200
tests: ip-utils: added include for FreeBSD compilation
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 7 14:12:20 2017 +0200
.gitlab-ci.yml: enable more cppcheck tests
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 8 12:15:47 2017 +0200
tests: updated tlsfuzzer to reduce rsa-pss failures
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 7 15:51:57 2017 +0200
crq: doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 7 09:31:30 2017 +0200
tests: added unit test for gnutls_x509_crq_sign
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 7 09:11:06 2017 +0200
tests: added verification checks into crl_apis
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 7 09:10:20 2017 +0200
gnutls_x509_crl_verify: check next update field for presence
If not present do not attempt to utilize its value.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 7 08:33:24 2017 +0200
tests: added verification check into crt_apis
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 7 08:30:13 2017 +0200
tests: added unit test for gnutls_x509_crt_sign
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 7 08:24:41 2017 +0200
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 7 09:23:28 2017 +0200
gnutls_x509_crq_sign: undeprecate
After the updates of the function semantics, it is no longer
needed to deprecate it.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 7 09:13:54 2017 +0200
gnutls_x509_crl_sign: undeprecate
After the updates of the function semantics, it is no longer
needed to deprecate it.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 7 09:21:16 2017 +0200
gnutls_x509_crq_sign: no longer sign with SHA1
Modify the behavior of the functions to sign with an appropriate
to the public key hash algorithm. That although it modifies the
semantics of the functions, it allows them to be useful even after
SHA1 is considered insecure.
In addition to that, the functions which accept a hash algorithm, will
accept a null hash, which instructs the function to select a
reasonable choice.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 7 08:21:47 2017 +0200
gnutls_x509_*_sign: no longer sign with SHA1
Modify the behavior of the functions to sign with an appropriate
to the public key hash algorithm. That although it modifies the
semantics of the functions, it allows them to be useful even after
SHA1 is considered insecure.
In addition to that, the functions which accept a hash algorithm, will
accept a null hash, which instructs the function to select a
reasonable choice.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 7 08:12:05 2017 +0200
doc: document the change of gnutls_x509_crt_sign
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 8 08:31:42 2017 +0200
tests: tolerate leaks in opensc-pkcs11 when present
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 7 08:08:12 2017 +0200
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 6 14:51:59 2017 +0200
tests: added reproducer for safe renegotiation failure with openssl
Relates #259
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 6 15:11:00 2017 +0200
handshake: check SCSVs prior to resuming a session
This ensures that extensions which are also available as SCSVs
are parsed prior to resuming a session. This resolves an issue
with openssl sending SCSV instead of an extension for the safe
renegotiation.
Relates #259
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Thomas Klausner <wiz@NetBSD.org>
Date: Wed Sep 6 19:16:30 2017 +0200
Use $(LIBDL) instead of hardcoding -ldl.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 6 14:34:20 2017 +0200
cmocka: require 1.0.1
This prevents failures in test suite due to insufficient cmocka
library version.
Resolves #268
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 6 09:46:05 2017 +0200
tlslite-ng: updated to latest version
This addresses issues with RSA-PSS signing.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Avinash Sonawane <rootkea@gmail.com>
Date: Thu Aug 31 18:05:04 2017 +0530
cli-debug-args.def: Fix typo
Signed-off-by: Avinash Sonawane <rootkea@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 29 15:38:49 2017 +0200
latex: handle the deprecated function mark [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 29 13:56:58 2017 +0200
.gitlab-ci.yml: give more specific name to windows job artifacts [ci skip]
This allows a more descriptive name to any downloaded artifacts.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 28 15:16:58 2017 +0200
tools: removed re-using PIN message when in non-verbose mode
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 28 12:57:38 2017 +0200
p11tool: print public or private key algorithm
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 28 14:20:36 2017 +0200
gnutls_pkcs11_privkey_generate3: doc update [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Aug 26 17:27:09 2017 +0200
tests: check whether generated private keys are marked private
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Aug 26 17:16:26 2017 +0200
tests: added unit test of p11tool with --set-pin
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Aug 26 17:02:28 2017 +0200
tests: check whether generated or copied keys are marked as sensitive
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 25 15:58:14 2017 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 25 15:56:49 2017 +0200
p11tool: allow obtaining PIN from command line on operations
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 25 14:49:33 2017 +0200
certtool: eliminate global use of default_dig
Use instead the cinfo->hash field which is already used
by p11tool.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 25 12:01:37 2017 +0200
tests: krb5-test: disable valgrind mem leak checks for negative checks
Resolves #192
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 25 11:47:28 2017 +0200
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 25 11:41:47 2017 +0200
tests: check whether p11tool signing with RSA-PSS works
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 25 10:53:51 2017 +0200
p11tool: allow signing with RSA-PSS and specifying an explicit hash
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 25 10:41:27 2017 +0200
sign_params_to_flags: moved to certtool-common.c
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 25 10:33:27 2017 +0200
certtool: hash_to_id moved to certtool-common.c
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sat Aug 26 17:49:28 2017 +0200
Fix some typos [ci skip]
occurence -> occurrence
sucessful -> successful
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
Author: Tom Vrancken <dev@tomvrancken.nl>
Date: Fri Aug 25 19:54:58 2017 +0200
Fixed segmentation faults caused by accessing NULL pointers during mutex operations. This bug was triggered while setting priorities.
Signed-off-by: Tom Vrancken <email@tomvrancken.nl>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 25 16:15:24 2017 +0200
p11tool: explicitly mark generated keys as sensitive
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Sat Aug 26 00:16:03 2017 +0300
tests: windows: warning: function declaration isn't a prototype
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Fri Aug 25 23:45:44 2017 +0300
tests: warning: implicit declaration of function
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 24 17:03:17 2017 +0200
m4: updated ax_code_coverage.m4 [ci skip]
This version fixes a bug which prevented including the branch coverage
into output.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon Aug 21 15:19:25 2017 +0200
fuzzer: Enhance code coverage of gnutls_base64_encoder_fuzzer
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon Aug 21 15:16:55 2017 +0200
fuzzer: Add script 'view-coverage'
This helper script is for viewing the code coverage of
single (or combined) fuzzers running with all his corpora.
It helps optimizing the code coverage by hand-crafting corpora
and/or dictionaries.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon Aug 21 14:22:58 2017 +0200
fuzzer: Change CFLAGS -O0 to -O1 in fuzz/README.md
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon Aug 21 14:20:54 2017 +0200
fuzzer: Update corpora from oss-fuzz
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 24 15:29:19 2017 +0200
tlslite: updated to latest version
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 23 10:20:05 2017 +0200
certtool: do not ask about RSA encryption in non-RSA keys
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 22 16:17:54 2017 +0200
fuzz: work-around libtool file name
fuzzers utilize argv[0] to discover the name the reproducers are stored
in. However libtool creates a script which later runs the executable.
Try to detect that situation and use the right paths.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 22 08:48:03 2017 +0200
dh params: document DH param setting functions as deprecated
They are no longer useful after the RFC7919 DH parameter negotiation.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 15 10:03:54 2017 +0200
tests: introduced unit test of gnutls_memset()
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 22 07:27:03 2017 +0200
fuzz: removed -static ldflag completely
It is not necessary for building the fuzzer, and was causing
issues in MacOSX systems.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 21 09:47:59 2017 +0200
.gitlab-ci.yml: use the same flags in the tags and non-tags windows builds
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 21 09:46:07 2017 +0200
tests: p11-kit-trust is not compiled in windows
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 21 08:35:07 2017 +0200
fuzz: temporarily disable -static build of fuzz/ in MacOSX
This allows running the MacOSX CI tests on travis.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 21 08:26:57 2017 +0200
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 21 07:56:58 2017 +0200
tests: verify the output size of gnutls_x509_privkey_export
That is, make sure that gnutls_x509_privkey_export() and
gnutls_x509_privkey_export2() agrees with the strlen()
value on the data.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 20 20:46:31 2017 +0200
.travis.yml: print failed log files in fuzz after failure
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 20 19:43:52 2017 +0200
hooks.m4: reduce the gap between minor soversion of 3.5.x and 3.6.0
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 20 09:24:19 2017 +0200
tests: make mini-record more friendly for OSes with limited buffers
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 20 09:18:05 2017 +0200
pull/push backends: ECONNRESET is translated to GNUTLS_E_PREMATURE_TERMINATION
This returns a more reasonable error code on platforms where
this errno is set.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 20 09:05:02 2017 +0200
tests: gnutls_x509_privkey_import: address issue on error path
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 20 00:18:44 2017 +0200
sed: use it in a portable way in makefiles
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Aug 19 23:33:46 2017 +0200
configure: disable hardware acceleration on aarch64/ilp32 mode
Our included assembly code for aarch64 is not suitable for that
data mode.
Resolves #252
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Aug 19 13:39:28 2017 +0200
create_tls_random: avoid warning in fuzzying mode
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Aug 19 08:58:37 2017 +0200
configure.ac: removed conditional FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
Instead rely only on the definition, to make fuzzying mode to be
enabled even if --enable-fuzzer-target is not specified, but defined
b the compiler.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Aug 19 08:56:28 2017 +0200
rnd-fuzzer: use ifdef instead of conditional compilation
This allows compiling in fuzzying mode even when --enable-fuzzer-target
is not specified on configure, but the definition is present.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Aug 18 21:39:13 2017 +0200
fuzzer: Update base64 fuzzers + corpora
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Aug 18 21:32:28 2017 +0200
fuzzer: Fix include path in run-clang.sh [skip ci]
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 18 15:43:43 2017 +0200
gnutls_x509_privkey_export: use _gnutls_copy_string on PEM data
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 18 13:05:34 2017 +0200
Corrected argument names of functions to correspond to declaration
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 18 12:57:07 2017 +0200
lib: use casts and be explicit on intentional enumeration use
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 18 13:56:04 2017 +0200
gnutls-cli-debug: do not run non-FIPS cipher tests when in FIPS mode
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 18 12:52:20 2017 +0200
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 18 12:47:12 2017 +0200
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 18 11:51:53 2017 +0200
tests: added basic test for the operation of gnutls-cli-debug
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 18 11:44:55 2017 +0200
tests: verify the presence of GNUTLS_SFLAGS_RFC7919 flag in server and client mode
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 18 11:34:46 2017 +0200
gnutls-cli-debug: check whether RFC7919 is supported
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 18 11:31:52 2017 +0200
gnutls_session_get_flags: introduced GNUTLS_SFLAGS_RFC7919
This allows checking whether the DHE parameters used were negotiated
using RFC7919.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 18 11:22:11 2017 +0200
gnutls_auth_*: check cs parameter for validity prior to use
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 18 11:16:50 2017 +0200
certtool: simplified certificate PEM printing
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 18 11:14:16 2017 +0200
gnutls-cli: fixed bounds check on benchmark-tls
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 18 10:44:21 2017 +0200
lib: removed legacy debugging code
That code was code from the initial versions of gnutls. It was neither
used nor updated for long time.
Relates #248
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 18 10:35:03 2017 +0200
fuzz: added missing files into dist [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 18 10:06:36 2017 +0200
tests: added missing files in dist [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 18 10:05:36 2017 +0200
tests: do not suppress stderr errors on servers startup
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 17 17:41:34 2017 +0200
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 18 08:39:50 2017 +0200
abi-check: added check for 3.6.0 ABI compatibility
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 18 08:38:48 2017 +0200
gnutls_x509_crl_get_issuer_dn: removed unnecessary const
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 17 11:27:24 2017 +0200
certtool: fixed documentation of sign-params
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 17 10:50:56 2017 +0200
README.md: mention lockfile-progs dependency
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 17 10:02:47 2017 +0200
tests: tls-neg-ext4-key: explicitly restrict to TLS 1.2, 1.1 and 1.0
This allows testing all signature types used in the protocol.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 17 09:59:53 2017 +0200
sign APIs: introduce RSA-RAW signing algorithm
This ensures that there is a signing algorithm for all the operations
we support. Previously, we required GNUTLS_SIGN_UNKNOWN to be acceptable
by signing functions to accomodate for raw RSA operations. Now we make
that explicit and in the process clean-up the API.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 17 10:09:13 2017 +0200
removed devel/fuzz; functionality moved to fuzz/ [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Aug 11 21:42:02 2017 +0200
fuzzer: Add 'make -C fuzz coverage' [ci skip]
This reports how much code is covered by fuzzing.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 14 08:46:03 2017 +0200
_gnutls_recv_server_certificate_status: use the same type in subtracted values
This ensures that there are no issues with subtracting those values.
Note that the second is read from an uint24_t and thus it is always
positive regardless its type.
Resolves #245
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 14 08:42:51 2017 +0200
_gnutls_proc_srp_client_kx: use same type in subtracted values
This ensures that there are no issues with subtracting those values.
Note that the second is read from an uint16_t and thus it is always
positive regardless its type.
Resolves #244
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Aug 15 12:34:25 2017 +0200
fuzzer: Move regression corpora from tests/ to fuzz/
See fuzz/README.md for the corresponding paths.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon Aug 14 12:34:00 2017 +0200
fuzzer: Suppress leak in libgmp <= 6.1.2
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri Aug 11 18:31:35 2017 +0200
fuzzer: Suppress unsigned integer overflow in rnd-fuzzer.c
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Sat Aug 5 20:49:19 2017 +0200
fuzzer: Initial check in for improved fuzzing
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 9 08:24:59 2017 +0200
fuzzer: added a fuzzer target
This allows to compile the library with flags which will add predictable
random generation and eliminate some crypto checks, in order for the
library to be used for testing (fuzzying).
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 15 16:40:41 2017 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 15 16:39:36 2017 +0200
gnutls_x509_privkey_export: made a wrapper over gnutls_x509_privkey_export2()
In addition, improved function description.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 15 13:23:39 2017 +0200
gnutls-http-serv: use RSA-PSS key
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 15 13:11:03 2017 +0200
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 15 12:58:02 2017 +0200
tests: use certtool to check RSA-PSS to RSA conversion
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 15 12:07:01 2017 +0200
certtool: introduced --to-rsa option
This allows converting an RSA-PSS key to raw RSA.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 11 16:37:21 2017 +0200
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 11 12:30:17 2017 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 4 15:51:34 2017 +0200
tests: added unit tests for gnutls_privkey_import_ext4
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 4 15:00:46 2017 +0200
gnutls_privkey_import_ext4: introduced to allow signing with RSA-PSS or Ed25519 keys
That function allows a signing callback which passes the signature
algorithm, providing all the information to callback for signing.
It also introduces GNUTLS_PRIVKEY_INFO_HAVE_SIGN_ALGO flag which
allows the library to query the private key of the supported
signature algorithms.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 15 10:47:11 2017 +0200
reduce common asserts to assist in debugging the library
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 15 10:29:42 2017 +0200
doc: algorithms.texi: include list of groups but skip compression methods
Compression methods are no longer relevant or supported, and groups
replace the elliptic curves.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 15 10:27:19 2017 +0200
doc: improved elliptic curve and group documentation
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 14 19:02:45 2017 +0200
doc: mention the AES-DRBG random generator [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 11 12:40:14 2017 +0200
tests: improved detection of 64-bit systems
We now use the ${ac_cv_sizeof_unsigned_long_int} variable which
gives the numbers used in the host system, not the build one.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 10 10:51:26 2017 +0200
tests: updated for new x86 host
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 10 09:37:07 2017 +0200
.gitlab-ci.yml: replaced the f23 x86 build with a f26 x86 build
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 11 11:09:39 2017 +0200
fuzz: explicitly initialize and deinitialize the library [ci skip]
This enables the fuzzers to run even when statically linked.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 18 13:08:31 2017 +0200
handshake: eliminated unnecessary function wrappers
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 18 10:35:13 2017 +0200
gnutls_int.h: reduce memory occupied by ext_data
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 18 10:25:10 2017 +0200
gnutls_int.h: reduced the maximum number of epoch states we keep
There was no need to keep 16 epochs, as we typically we have only
one or two active.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 18 10:14:11 2017 +0200
gnutls_int.h: removed unused variable from state
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 14 11:30:51 2017 +0200
extensions: simplified requirements from send callback
The callback no longer needs to return the number of sent data;
they are now calculated by the caller.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 27 11:42:25 2017 +0200
ext/ecc: renamed Supported curves extension
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 27 11:01:08 2017 +0200
gnutls-serv: --require-client-cert no longer implies --verify-client-cert
That is, it is now possible to require a client certificate without
verifying it.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 10 10:35:22 2017 +0200
CONTRIBUTING.md: corrected typo [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 9 16:59:15 2017 +0200
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 9 10:30:04 2017 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 9 09:40:03 2017 +0200
CONTRIBUTING.md: added section on symbol versioning
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 4 11:06:18 2017 +0200
libgnutls.map: separated symbols introduced in 3.6.0
This separation assists tools like rpm which can detect
the right version of the library to use, by using the
symbol version.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 9 10:21:06 2017 +0200
tests: added reproducer for private key import leak
Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=561
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 9 13:18:33 2017 +0200
rnd: use time_t for prng_reseed_time
This ensures that all time comparisons are done
under the same type.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 9 10:20:36 2017 +0200
gnutls_x509_privkey_import_pkcs8: fixed memory leak on incorrect key import
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 9 09:58:17 2017 +0200
tests: added reproducer for memory leak in SRP server
Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2859
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 9 09:57:49 2017 +0200
gnutls_srp_verifier: corrected memory leak
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 9 09:52:37 2017 +0200
tests: added reproducer for memory leak in RSA-PSK
Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2863
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 9 09:52:21 2017 +0200
rsa-psk: corrected memory leak on invalid decrypt
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 9 10:44:56 2017 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 9 10:41:58 2017 +0200
p11tool: --generate-xxx options were replaced by generate-privkey
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon Aug 7 23:04:36 2017 +0200
Fix memleaks in gnutls_x509_trust_list_add_crls()
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon Aug 7 23:04:05 2017 +0200
Fix memleak in gnutls_x509_crl_list_import()
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 8 15:03:53 2017 +0200
publickey: fixed incorrect assignment
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 8 15:03:11 2017 +0200
mac: simplified iteration functions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 8 14:59:56 2017 +0200
corrected input to gnutls_sign_supports_pk_algorithm
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 8 14:59:44 2017 +0200
extensions: corrected flag check
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 8 15:50:44 2017 +0200
tests: updated for new rsa-pss key in doc/credentials
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 8 12:51:58 2017 +0200
cert selection: prioritize RSA-PSS certs over RSA
RSA and RSA-PSS can both be used for RSA-PSS operations, and
as such without prioritizing RSA-PSS certificates it is unknown
which certificate will be used for an RSA-PSS operation. The
reason we want to have only RSA-PSS keys used for RSA-PSS operations
is to cover the use case where a server uses a legacy RSA certificate
for clients that don't support RSA-PSS and an RSA-PSS certificate
for the rest, thus separating the keys used for these client
groups. That separation ensures that any issue on PKCS#1 1.5
(legacy RSA), would not affect sessions which use RSA-PSS.
Resolves #243
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 8 11:35:26 2017 +0200
gnutls_certificate_credentials_t: combine privkey into cert_st structure
This reduces the number of applications and allows for easier
use of the structure information, as they are now self-contained
for most uses.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 8 10:56:17 2017 +0200
tests: verify whether the RSA-PSS key is preferred on RSA-PSS sigs
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 8 09:27:57 2017 +0200
certtool: eliminated unused variable
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 7 16:32:17 2017 +0200
tests: added negative tests in provable-privkey
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 7 16:23:29 2017 +0200
gnutls_pk_params_st: separate flags/qbits and curve
Previously we were using the field flags to store the
size of q in case of GNUTLS_PK_DH, some key generation flags
in case of GNUTLS_PK_RSA, and the curve in case of elliptic
curve key. Separate this into multiple fields to reduce
confusion on the field.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 7 14:55:38 2017 +0200
tests: check whether validation parameters are lost on key re-import
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Aug 5 20:08:31 2017 +0200
certtool: improved documentation on --provable option
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Aug 5 19:52:40 2017 +0200
certtool: create mapping between --load-x and --info options
That allows using:
certtool --certificate-info --load-certificate FILE
and
certtool --certificate-info --infile FILE
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Aug 5 19:35:53 2017 +0200
certtool: removed definitions of non-existing functions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Aug 5 17:08:16 2017 +0200
tests: updated for the new provable private key format
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Aug 5 10:17:46 2017 +0200
gnutls_x509_privkey_verify_seed: improved error on missing validation parameters
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 1 16:17:45 2017 +0200
certtool: silence warnings related to --pkcs8
There is no reason to bug the user with such details by default.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 1 15:18:34 2017 +0200
certtool: better print provable key validation parameters
That is, include hash in the printable set, and keep spaces
from next fields.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 1 15:11:12 2017 +0200
certtool: provable private keys are always exported in PKCS#8 form
That allows the provable parameters to be included.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 1 14:43:04 2017 +0200
x509: no longer emit the previous custom format for provable parameters
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 1 14:30:06 2017 +0200
x509: store and read provable seed in PKCS#8 form of key
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 2 10:28:07 2017 +0200
Added information on OID registry
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 1 14:23:31 2017 +0200
pkix.asn: removed unused DomainParameters
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 1 11:29:26 2017 +0200
x509: separated PKIX1 attributes parsing code for cert request handling
This allows other code to utilize it.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 7 09:36:20 2017 +0200
_gnutls_fbase64_decode will always return non-zero
That is, document that fact and update its callers to remove
checks for zero.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 6 17:23:52 2017 +0200
_gnutls_base64_decode: reject all zero-length string encodings on decoding
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 6 11:34:39 2017 +0200
wrap_nettle_pk_fixup: added sanity check in RSA-PSS param checking
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 6 11:34:10 2017 +0200
_decode_pkcs8_rsa_key: signal error in RSA privkey decoding
Addresses oss-fuzz issue:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2865
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 6 11:28:15 2017 +0200
tests: added reproducer for private key crash
Found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2865
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 6 10:17:29 2017 +0200
tests: added unit test of gnutls_x509_crt_list_import
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Aug 5 09:35:14 2017 +0200
tests: added reproducer applications for psk and srp fuzzers
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 4 19:47:00 2017 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jul 30 02:57:03 2017 +0200
gnutls_server_fuzzer: added ed25519 key/cert
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 31 09:22:51 2017 +0200
removed references for "new" semantics of PEM base64 encode and decode
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 31 09:19:22 2017 +0200
base64: reverted the raw semantics from the PEM encoding/decoding functions
Keeping the complex semantics with NULL headers would most likely cause
issues in the future.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 31 09:15:20 2017 +0200
base64: test the new base64 encoding and decoding functions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 31 09:13:35 2017 +0200
base64: uniformly use GNUTLS_E_BASE64_DECODING_ERROR for decoding errors
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 31 09:08:24 2017 +0200
base64: introduced new functions for base64 encoding
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jul 30 19:05:23 2017 +0200
tests: gnutls_x509_privkey_import: enhanced to test DER key import
It seems that this function was not tested for multiple cases of
private keys in DER mode.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jul 30 03:43:42 2017 +0200
gnutls_x509_privkey_import: allow importing ed25519 PKCS#8 keys in DER form
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 28 14:00:27 2017 +0200
sign/digest: separate "brokenness" of signatures and hash algorithms
That is, allow digital signatures to be marked as broken irrespective
of their used hash, and restrict hash brokenness to preimage resistance.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 28 13:40:21 2017 +0200
sign: use C99 syntax for signature algorithm's table
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 28 13:22:51 2017 +0200
.gitlab-ci.yml: enable multiple undefined sub-sanitizers
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 4 16:40:29 2017 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 31 13:51:56 2017 +0200
p11tool: auto-generate the list of PKCS#11 mechanisms from p11-kit
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 28 12:11:06 2017 +0200
tests: added unit test for gnutls_x509_privkey_import
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 28 11:52:28 2017 +0200
tests: added TLS negotiation with various keys under PKCS#11
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 28 11:48:40 2017 +0200
x509_privkey: handle keys which can only have PKCS#8 form transparently
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 28 11:00:03 2017 +0200
tests: updated for errors returned due to early signature selection
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 28 10:30:25 2017 +0200
tests: added check for the negotiation of ext keys
That is, check whether we can negotiate TLS with ext abstract
key types, and whether the algorithms which cannot be used
with that key type, gracefully fail.
Relates #234
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 28 10:22:29 2017 +0200
privkey: reject signing with ext keys and GNUTLS_PK_RSA_PSS or GNUTLS_PK_EDDSA_ED25519
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 28 10:09:54 2017 +0200
_gnutls_check_key_cert_match: use the new API for signing
This ensures that the same signature algorithm is used for
signing and verification.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 28 10:02:59 2017 +0200
privkey: return less specific but more appropriate error on invalid pks for ext keys
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 28 09:27:03 2017 +0200
prior to negotiating a signature check compatibility with private key
That is, check if the private key can support the public key operation
needed for the signature. That in particular includes, excluding the
Ed25519 and RSA-PSS from being used with the 'EXT' keys as the
current API cannot handle them, and RSA-PSS from being used by PKCS#11
RSA keys which do not provide the CKM_RSA_PKCS_PSS mechanism.
Relates #234
Resolves #209
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 28 09:21:59 2017 +0200
pkcs11: mark RSA PKCS#11 key which can do RSA-PSS
Also refuse to sign with RSA-PSS if the mechanism is not supported.
Relates #208
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 11 11:55:52 2017 +0200
handshake: select a signature algorithm early
That is, select the signature algorithm at the point the certificate and
ciphersuites are decided. Also ensure that a compatible signature algorithm
with the ciphersuite and the key is selected.
That prevents situations where a ciphersuite and a certificate are
negotiated, but later on the handshake we figure that there are no
common signature algorithms.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 28 08:46:18 2017 +0200
tests: added basic unit test of gnutls_pkcs11_token_check_mechanism
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 27 18:07:54 2017 +0200
gnutls_pkcs11_token_check_mechanism: introduced function to check token for a particular mechanism
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 4 10:45:20 2017 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 4 10:21:06 2017 +0200
x509/output: print error on invalid public key parameters on certificate
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 4 10:05:29 2017 +0200
gnutls_pk_get_oid: return early on unknown algorithm
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 4 09:48:42 2017 +0200
tests: check whether the gnutls_x509_*_set_spki will reject invalid values
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 4 09:34:23 2017 +0200
tests: updated for gnutls_x509_spki_get_rsa_pss_params
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 4 09:29:12 2017 +0200
tests: added unit test of generation of legal and illegal rsa-pss parameters
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 4 09:25:31 2017 +0200
spki: combined all exported functions to a single set and get
This simplifies setting parameters for a particular key type,
as well as getting them. The advantage is that they are set
atomically, preventing an inadverterly half-filled structure.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 4 09:13:15 2017 +0200
certtool: set RSA-PSS parameters using GNUTLS_KEYGEN_SPKI kdata type
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 4 09:06:32 2017 +0200
introduced error code GNUTLS_E_PK_INVALID_PUBKEY_PARAMS
This is being use to indicate errors in the public key parameters
such as the RSA-PSS salt size or digest algorithm.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 3 16:46:32 2017 +0200
gnutls_x509_privkey_generate*: allow specifying the SPKI parameters for key generation
This in turn removes the need for reading the flag GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE
on the key generation process. The flag is now only used during key signing
which is also its documented purpose.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 3 16:29:18 2017 +0200
gnutls_x509_privkey_set_spki: check validity of parameters set
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 3 16:21:26 2017 +0200
gnutls_x509_cr*_set_spki: check for validity of parameters set
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 3 16:16:49 2017 +0200
_gnutls_x509_check_pubkey_params: removed unnecessary parameter
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 3 16:06:06 2017 +0200
tests: added check for import of RSA-PSS key with invalid salt
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 3 15:37:18 2017 +0200
gnutls_pubkey_import_x509: propagate errors from gnutls_x509_crt_get_pk_algorithm
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 3 15:16:08 2017 +0200
_rsa_pss_verify_digest: verify the validity of the salt_size length on verification
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 3 15:08:43 2017 +0200
gnutls_x509_privkey_import: immediately exit on GNUTLS_E_PK_INVALID_PRIVKEY
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 3 15:00:00 2017 +0200
wrap_nettle_pk_fixup: check RSA PSS parameters for validity on import
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 3 11:03:44 2017 +0200
gnutls_x509_*_set_spki: removed arbitrary restrictions to setting parameters
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 28 08:20:16 2017 +0200
tests: added unit test for the SPKI abstract functions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 27 11:24:40 2017 +0200
tests: chainverify: included negative and positive tests with RSA-PSS signed chains
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 27 15:03:00 2017 +0200
pct_test: use local SPKI structure to override parameters if not set
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 27 08:44:05 2017 +0200
fixup_spki_params: use GNUTLS_E_CONSTRAINT_ERROR for RSA-PSS violations
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 27 08:28:54 2017 +0200
_gnutls_x509_read_pkalgo_params: initialize params structure
That is the primary call on these parameters, thus it should
initialize the structure with something reasonable. That is
similar to behavior of _gnutls_x509_read_rsa_pss_params.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 27 08:14:37 2017 +0200
RSA-PSS parameter checking was moved to lower level functions
That way all PKI callers get protected by the checks.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 27 07:55:24 2017 +0200
signature security level check were moved to lower level functions
That way all callers (including PKI functions) get protected by
the available checks.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 27 07:19:36 2017 +0200
_wrap_nettle_pk_encrypt: return GNUTLS_E_INVALID_REQUEST on unsupported algorithms
That is a more specific error code than internal error.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 27 07:10:22 2017 +0200
certtool: print signature algorithm in cert verification output
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 26 17:51:00 2017 +0200
verify_crt: translate GNUTLS_E_CONSTRAINT_ERROR to verification status flag
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 26 17:50:33 2017 +0200
x509/sign: in debugging mode print the signature algorithm
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 26 17:34:14 2017 +0200
_gnutls_x509_validate_sign_params: use GNUTLS_E_CONSTRAINT_ERROR for mismatch of RSA-PSS parameters
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 26 17:28:00 2017 +0200
_gnutls_x509_read_rsa_pss_params: fail early on unknown hash algorithms
Also utilize GNUTLS_E_CONSTRAINT_ERROR for signaling differences
between the hash functions.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 26 16:55:02 2017 +0200
gnutls_pubkey_get_preferred_hash_algorithm: will take into account the RSA-PSS SPKI
In addition it will offer a SHA hash depending on the key size for
RSA public keys.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 26 16:45:00 2017 +0200
certtool: sign_params_to_flags: use strtok to parse input
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 26 15:41:51 2017 +0200
certtool: copy SPKI information from private key when available
That also addresses a bug due to which SPKI information was not set.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 26 15:54:07 2017 +0200
x509/output: Subject Public Key parameters are printed just before actual key
That allows to easier figure out algorithm and basic parameters, rather
than having them at the end of long key output.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 26 15:35:15 2017 +0200
gnutls_x509_crt_set_spki: be more verbose in parameter restrictions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 26 15:07:42 2017 +0200
_gnutls_privkey_update_spki_params: use GNUTLS_E_CONSTRAINT_ERROR on mismatch of hash
That is a more specific error code for hash mismatch between
public key information and signature. In addition only override
the salt size, if it is set to zero without the proper flags.
That prevents the update function from setting an invalid (lower)
than the expected size.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 26 15:00:17 2017 +0200
cert-tests: use .tmp suffix for all tests
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 26 14:43:15 2017 +0200
certtool: allow specifying RSA-PSS parameters for key generation
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 26 14:56:36 2017 +0200
_gnutls_x509_write_rsa_pss_params: refuse to write RSA-PSS parameters we cannot use
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 26 14:30:03 2017 +0200
certtool: group together common options
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 26 13:41:46 2017 +0200
tests: modified to account new errors
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 26 17:58:06 2017 +0200
gnutls_x509_*_get_signature_algorithm: simplified error handling
These functions were documented to return a negative error code
on failure, as well as GNUTLS_SIGN_UNKNOWN on unknown algorithms.
Simplify them by only returning GNUTLS_SIGN_UNKNOWN on all error
conditions.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 26 13:24:52 2017 +0200
_gnutls_x509_get_signature_algorithm: return negative error code on unknown algorithm
This allows internal callers to quickly fail on errors.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 26 13:40:31 2017 +0200
compare_sig_algorithm: modify to work even for certs with unsupported signature algorithm
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 26 09:20:22 2017 +0200
pubkey_verify_hashed_data: simplified and made static
That also removes its ability to operate with the 'unknown'
signature algorithm, and forces the TLS 1.0 key exchange to
supply the right algorithm or flags.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 26 09:16:03 2017 +0200
pubkey_verify_data: accept signature entry instead of PK and hash
That aligns better with current callers which know the signature
algorithm in use.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 27 17:00:00 2017 +0200
NEWS: documented the SPKI handling functions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 25 13:42:12 2017 +0200
tests: added RSA and RSA PSS key unit tests
That is test:
1. Whether RSA-PSS keys will refuse to sign with incompatible signature
2. Whether RSA-PSS public keys cannot be used for encryption
3. Whether RSA-PSS keys cannot be used for signing with PKCS#1 1.5
4. Whether an RSA key can be converted to an RSA-PSS one with the public APIs
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 25 16:52:18 2017 +0200
certtool: do not print error on missing RSA-PSS parameters on key
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 27 16:53:57 2017 +0200
Added convention for missing SubjectPublicKeyInfo params field
That is, when that field is missing, the spki_st structure field
pk will be set to GNUTLS_PK_UNKNOWN. In that case other fields
are undefined.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 25 14:01:48 2017 +0200
*set_spki(): return error on incompatible algorithms
In addition update the public key algorithm field in the
respective structure.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 25 16:33:26 2017 +0200
gnutls_x509_privkey_generate2: do not hardcode the RSA-PSS hash to SHA256
Instead use _gnutls_pk_bits_to_sha_hash() to set an appropriate hash
for the number of bits of the key. This matches better the "intention"
of RSA-PSS or tying the security parameter with the salt and hash.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 25 14:14:49 2017 +0200
_decode_pkcs8_rsa_pss_key: ensure we set the PSS PK identifier
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 25 13:38:34 2017 +0200
cleanup: removed duplicate parameter in gnutls_pubkey_st
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 25 13:28:44 2017 +0200
gnutls_x509_privkey_int: eliminated duplicate pk_algorithm field
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 25 13:34:50 2017 +0200
cleanup: removed unnecessary/duplicate parameters in _dsa_q_to_hash
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 25 13:18:05 2017 +0200
cleanup: removed unnecessary/duplicate parameters in functions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 25 13:12:19 2017 +0200
cleanup: removed unnecessary/duplicate parameters in functions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 25 12:01:52 2017 +0200
abstract.h: added functions to read and write SPKI information
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 25 11:48:58 2017 +0200
gnutls_x509_privkey_set_spki: introduced function to update SPKI on a key
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 24 16:35:50 2017 +0200
tests: added unit test for the SPKI related functions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 25 11:37:04 2017 +0200
x509.h: Renamed SPKI related functions
This better reflects their purpose as providers of information
for subject public key. In addition use 'const' for fields that
should be left intact.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 25 09:43:05 2017 +0200
tests: introduced RSA-PSS key exchange with a key fixed to rsa-pss with sha256
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 25 10:06:10 2017 +0200
_gnutls_pubkey_compatible_with_sig: enforce RSA-PSS requirements
That is require that parameters in an RSA-PSS key which has them
explicitly set, are respected with regards to signature algorithm
negotiation.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 25 09:39:32 2017 +0200
tests: eagain-common.h: remove superfluous information
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 12 08:49:30 2017 +0200
tests: renamed tests for uniformity
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 24 16:15:15 2017 +0200
tests: added unit test for RSA-PSS signing over PKCS#11
This requires a softhsm with support for RSA_PKCS_PSS mechanism.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 24 16:05:36 2017 +0200
gnutls_pubkey_verify*: use common function to set RSA-PSS parameters
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 24 11:21:34 2017 +0200
pkcs11: added support for signatures with RSA-PSS
Relates #209
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 25 10:16:40 2017 +0200
gnutls_pk_params_st: renamed sign field to spki
The name "sign" was ambiguous with regard to its intented
use, as it could refer to digital signature parameters
which was not exactly the case. That field contains parameters
present in the subject public key info (SPKI), which could
be used in a digital signature, but not necessarily.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 24 10:12:54 2017 +0200
Clarified the purpose of the spki params related functions
_gnutls_privkey_get_sign_params was renamed to _gnutls_privkey_get_spki_params,
_gnutls_privkey_update_sign_params to _gnutls_privkey_update_spki_params,
and the dig entry of gnutls_x509_spki_st was renamed to rsa_pss_dig.
The reason is that there could be a confusion on the purpose of
the 'dig' entry, as it could be assumed to be the signature's hash
algorithm in the general case. That could not be because the SPKI
parameters do not contain it for any other algorithm than RSA-PSS.
As such, make a logical separation from SPKI reading functions
with the signature reading functions and try to use the
gnutls_sign_entry_st when signature information is required.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 21 23:56:20 2017 +0200
Pass the signature algorithm lower in the verification stack
This will allow enhancing the back-ends (PKCS#11 and ext) for
signing with the new signature algorithms like RSA-PSS and Ed25519.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 3 07:46:11 2017 +0200
fuzz: introduced mem.h with common callbacks for mem access
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 3 07:38:13 2017 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 31 10:50:52 2017 +0200
fuzz: added SRP server and client fuzzers
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jul 30 03:01:08 2017 +0200
fuzz: introduced psk.h common header
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jul 30 02:48:11 2017 +0200
fuzz: added PSK server fuzzer
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jul 30 02:30:43 2017 +0200
fuzz: added PSK client fuzzer
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jul 30 02:12:19 2017 +0200
gnutls-cli: introduced options to save client and server traces
This allows to easier obtain traces for use in fuzzers.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jul 30 01:45:22 2017 +0200
fuzz: ported libidn2's main.c taking advantage of afl-clang-fast
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jul 30 01:55:43 2017 +0200
gnutls_system_recv_timeout: doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 2 20:52:57 2017 +0200
tlsfuzzer: enabled EC tests for x25519
That includes tests for default curve.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 21 15:18:38 2017 +0200
tlsfuzzer: enabled test for ECDHE without the supported groups/EC extension
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 2 17:25:17 2017 +0200
Set a default supported curve
RFC4492 and draft-ietf-tls-rfc4492bis-17 mention:
"A client that proposes ECC cipher suites may choose not to include these
extensions. In this case, the server is free to choose any one of
the elliptic curves or point formats listed in Section 5."
As such, we set a default curve to be used in the case the
server encounters a handshake with no supported groups/curves
extension.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 2 12:58:48 2017 +0200
tlsfuzzer: removed duplicate tests
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 2 12:55:24 2017 +0200
tlsfuzzer: fixed comment fields
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 11 08:02:56 2017 +0200
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 24 08:39:00 2017 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 18 08:13:00 2017 +0200
gnutls-cli: use FFDHE3072 parameters for benchmarking
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 1 10:21:37 2017 +0200
_gnutls_figure_dh_params: do not use have_ffdhe flag
This flag is intended to indicate whether the peer has advertized
at least one FFDHE group, and not whether we have negotiated FFDHE.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 10 12:23:55 2017 +0200
tests: added unit test for group listings in priority structure
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 10 12:05:01 2017 +0200
tests: updated cipher-listings.sh for the new groups listing
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 10 11:46:03 2017 +0200
doc: documented the use of RFC7919 and groups
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 3 10:44:14 2017 +0200
tlsfuzzer: enabled RFC7919 FFDHE tests
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 3 09:09:27 2017 +0200
tests: enhanced server key exchange tests with explicit DH param setting
That is, not only check the DH parameter setting using the known_dh_params()
functions, but also with the explicit setting --set_server_dh_params().
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 30 16:17:12 2017 +0200
tests: updated for post-RFC7919 behavior of library
That is, it is no longer necessary to set DH parameters on a
credentials structure, and thus previously expected to fail
connections may succeed even without DH parameters.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 30 15:54:27 2017 +0200
tests: added RFC7919 FFDHE unit tests
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 30 15:37:00 2017 +0200
cli,serv: do not print any information on compression
Compression is always NULL.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 30 15:32:58 2017 +0200
cli,serv: no longer print parameters when FFDHE groups are used
The negotiated RFC7919 group is now printed as part of the Description string,
and there is no reason to print more information on parameters defined by
the protocol.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 10 11:57:51 2017 +0200
gnutls-cli: print the supported groups instead of curves
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 10 12:02:13 2017 +0200
gnutls_priority_ecc_curve_list: avoid including groups into elliptic curves list
This provides a mostly-compatible behavior of gnutls_priority_ecc_curve_list()
in order to avoid keeping additional information for elliptic curves in the
priority cache. This approach will always return the supported curves, if the set
groups are prioritized with the elliptic curve variants set first. This
is the default in the built-in priorities, and to most common setups.
Items which are non-valid curves will not be returned.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 2 08:42:37 2017 +0200
handshake: moved group negotiation after ciphersuite selection
This allows to cope with situations where the peer prioritizes a
supported group which doesn't map to a supported ciphersuite.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 14 10:35:58 2017 +0200
security_parameters: ease access to group information by keeping pointer to it
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 14 10:15:23 2017 +0200
security_parameters: simplified contents by keeping pointer to cipher_suite_entry_st
That, in addition to simplifying the contents, it allows faster access
to ciphersuite's properties.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 27 15:36:04 2017 +0200
TLS: introduced support for RFC7919 groups
That replaces the EC curve extension negotiation with
the negotiated groups extensions, introduces handling
for groups as priority strings, as well as using and
checking of RFC7919 DH parameters once negotiated.
Resolves: #37
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 21 16:03:35 2017 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 21 14:21:32 2017 +0200
gnutls-cli: use gnutls_priority_set
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 21 14:20:26 2017 +0200
tests: modified gnutls_priority_set2() tests for gnutls_priority_set()
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 21 12:09:49 2017 +0200
gnutls_priority_set: use reference counting
That eliminates the need for gnutls_priority_set2() which is now
removed.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 21 11:43:27 2017 +0200
Introduced atomic.h to simplify handling of atomic integers
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 21 11:22:31 2017 +0200
Revert "Documented use gnutls_priority_set2()."
This reverts commit b4aed16ee30f76211c13b075149bb87c012f9bf6.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 21 10:54:13 2017 +0200
tlsfuzzer: enabled test-ecdsa-sig-flexibility.py
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 21 10:05:44 2017 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 20 14:48:33 2017 +0200
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 20 14:43:20 2017 +0200
algorithms/mac: marked RIPEMD160 as insecure for certificates
This is an algorithm which is not really used in Internet PKI
and due to that has seen no public cryptanalysis. As such
we disable it for certificate verification to prevent it from
being used as an attack vector.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 20 13:26:46 2017 +0200
tests: partially reverted SHA1 broken tests
SHA1 is now considered broken only for certificates, hence
OCSP or raw signing tests no longer need to use GNUTLS_VERIFY_ALLOW_BROKEN
in the cases where certificate verification is not performed.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 20 13:18:10 2017 +0200
x509/verify: reject SHA1 in signature algorithms for certificate verification
That is, we now use gnutls_sign_is_secure2() with GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS
flag for checking the validity of the signature algorithm, when
verifying signatures in certificates.
Resolves #229
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 20 13:16:07 2017 +0200
tests: added unit tests for gnutls_sign_is_secure2()
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 20 12:41:47 2017 +0200
gnutls_sign_is_secure2: introduced
This function exports the ability to check the validity of
a signature algorithm for signing certificates.
That also introduces the flag GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS
which when specified will cause the function to return whether
the algorithm is secure for signing certificates.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 20 12:40:34 2017 +0200
_gnutls_digest_is_secure_for_certs: introduced
This is a macro to allow checking the security of a hash algorithm
with respect to signing certificates.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 20 12:17:40 2017 +0200
mac: re-organized the hash algorithms table
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 20 16:28:15 2017 +0200
tests: added reproducer with ed25519 private key
Found with oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2689
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 20 16:43:18 2017 +0200
Ensure that public key parameters are initialized on import
Previously we depended on initialization during the _init()
call, however, there can be cases where this re-initialization
is needed (e.g., on multiple tries to load a key).
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 20 16:49:11 2017 +0200
_decode_pkcs8_eddsa_key: ensure that the key size read matches the curve size
That is, in the newly introduced ed25519 keys we didn't check
whether the input size in the PKCS#8 file matched the curve
size.
Found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2689
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 18 16:40:11 2017 +0200
tlsfuzzer: enabled SNI and other tests from master
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 20 08:22:10 2017 +0200
tests: updated to reflect the fact that invalid dns names are rejected
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 18 16:32:07 2017 +0200
server_name: several simplifications of the code base
The existing code was written with the intention of supporting multiple
server names, however that was never happened, and this extension is
currently only used for DNS server names. Remove unneeded extensibility.
In addition, removed conversion of client provided server name (DNS) to
IDNA. Clients not providing valid names are violating the spec and
that conversion step not only wastes resources, but increases
the attack surface of a server.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 18 16:11:05 2017 +0200
server_name: be strict in decoding errors
That is, return error when a malformed extension is seen.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 18 11:23:11 2017 +0200
tlsfuzzer: enabled RSA-PSS checks on certificate verify
Relates: #208
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 18 11:16:09 2017 +0200
tlsfuzzer: enabled test-extended-master-secret-extension.py
That allows testing the extended master secret behavior.
Resolves: #231
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 18 10:59:23 2017 +0200
ext_master_secret: return proper error code on decoding error
Proper meaning that it maps to the alert 'decode error' rather
than illegal parameter. According to tlsfuzzer the former is more
suitable.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 18 08:07:24 2017 +0200
gnutls-cli: re-use priorities for both client and server on benchmarks
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 17 19:14:33 2017 +0200
gnutls-cli: re-use priorities when measuring performance
This avoids measuring cache misses due to priority processing time.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 17 14:06:50 2017 +0200
tests: enhanced SSL3.0 openssl detection in testcompat-openssl
That disables SSL 3.0 testing in openssl versions which cannot negotiated
it (see https://bugzilla.redhat.com/show_bug.cgi?id=1471783 for rationale)
and corrects a typo in the variable name and printed message.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 17 11:57:41 2017 +0200
.gitlab-ci.yml: document that the x86 build is our openssl 1.0.x compat testing as well
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 17 11:08:07 2017 +0200
tests: disable ARCFOUR interop tests if openssl doesn't support the cipher
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 17 08:32:08 2017 +0200
tests: testcompat-openssl: 3DES is explicitly enabled for SSL 3.0
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jul 15 18:06:01 2017 +0200
Use gcc's attribute to mark fallthrough statements
gcc7 is more verbose on fallthrough warnings, and this patch set
cleans up the current state by making use of the attribute when
necessary.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jul 15 18:09:18 2017 +0200
configure: do not utilize the -Wno-format-truncation gcc warning
The warnings it produces have little value in our use of string functions.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jul 15 17:43:09 2017 +0200
.gitlab-ci.yml: switched to fedora 26 for CI builds
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 17 15:17:08 2017 +0200
tests: introduced tests on public key import-export
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 17 09:31:10 2017 +0200
tests: added sign/verification test using rfc8080 keys
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 17 10:20:41 2017 +0200
tests: verify that a server with an ed25519 key will fail when client does not advertise it
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 17 09:11:59 2017 +0200
tests: privkey-keygen: added unit test for Ed25519 keys
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 17 09:06:52 2017 +0200
privkey_sign_and_hash_data: in pre-hashed schemes, allow empty hash algorithm
In these schemes the hash algorithm is fixed in the signature algorithm
and thus the empty (unknown) value will act as a wildcard.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jul 15 20:10:24 2017 +0200
tests: added private key parameter verification in key-import-export checks
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jul 15 20:03:21 2017 +0200
nettle: wrap_nettle_pk_verify_priv_params: verify whether public key matches private
This enables gnutls_privkey_verify_params() for Ed25519 keys.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 14 20:52:49 2017 +0200
CONTRIBUTING.md: specified rules on boolean functions
Based on suggestion by Hubert Kario.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 14 14:08:20 2017 +0200
priority: enabled Ed25519 signature by default
As our implementation interoperates with boringssl's implementation
of Ed25519, we can now enable it.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 19 10:45:49 2017 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 7 09:50:29 2017 +0200
handshake: return better error code on unwanted algorithm
That is, when a signature algorithm is available which was not
asked by the peer, then return GNUTLS_E_UNWANTED_ALGORITHM
instead of the UNKNOWN_ALGORITHM.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 7 10:05:50 2017 +0200
tests: added check on Ed25519 chain verification
This chain was generated using certtool, and passed verification
with OpenSSL's implementation (commit: db0f35dda18403accabe98e7780f3dfc516f49de)
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 6 11:34:49 2017 +0200
gnutls-cli: added RSA-PSS signatures in benchmark
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 6 11:47:48 2017 +0200
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 6 11:47:09 2017 +0200
privkey_sign_and_hash_data: added sanity check on param validity
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 6 10:42:58 2017 +0200
gnutls-cli: added benchmark on X25519-Ed25519 key exchange
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 6 09:42:22 2017 +0200
tests: pkcs7: added ed25519 basic signing and verification checks
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 6 09:23:53 2017 +0200
privkey_sign_and_hash_data: handle prehashed signatures
This allows this function to handle ed25519, i.e., allows it
to operate for PKCS#7 signatures.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 6 09:21:48 2017 +0200
pkcs7: improved syntax in if-clause
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 5 10:14:43 2017 +0200
tests: enhanced OID tests for Ed25519 OIDs
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 2 11:27:34 2017 +0200
tests: key-import-export: added Ed25519 key import/export checks
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 2 09:52:51 2017 +0200
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 2 09:44:52 2017 +0200
tests: replaced rsa-pss/eddsa certtool options with --key-type
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 2 09:41:56 2017 +0200
certtool: introduced the --key-type option
This replaces the --rsa-pss and --eddsa options.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 30 13:02:06 2017 +0200
Renamed GNUTLS_PK_ECDHX to GNUTLS_PK_ECDH_X25519
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 30 12:53:40 2017 +0200
tests: parse and interpret an EdDSA public key
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 29 16:23:10 2017 +0200
tests: added TLS handshake test with EdDSA25519 certificates
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 29 16:22:27 2017 +0200
Allowed Ed25519 signing in TLS handshakes
This follows draft-ietf-tls-rfc4492bis-17
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 29 15:23:21 2017 +0200
tests: added tests on EdDSA signature validation using the sign/verify_data APIs
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 26 17:26:34 2017 +0200
tests: Added unit test on EdDSA key parsing
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 29 12:52:12 2017 +0200
tests: added Ed25519 key and certificate generation tests
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 26 15:20:38 2017 +0200
Added support for EdDSA (Ed25519) curve keys
This adds support for draft-ietf-curdle-pkix-04.
Resolves #25
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jul 15 18:52:33 2017 +0200
parse_pem_cert_mem: fixed issue resulting to accessing past the input data
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jul 15 17:54:01 2017 +0200
supported_exts.h: make sure that the generated function is static
That avoids compiler warnings due to missing prototype.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 14 15:12:11 2017 +0200
tlsfuzzer: enabled chacha20 tests
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 13 14:50:55 2017 +0200
updated tlsfuzzer
That fixes issue detecting connection termination from gnutls-serv
in chacha20 test.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 12 15:54:38 2017 +0200
tests: csr-invalid.der: modify the SPKI OID to use SECP384R1
That avoids false positives in error detection in 'crq' test due to
SECP224R1 not being supported in our CI platforms.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 12 16:04:49 2017 +0200
x509/output: do not attempt to print the key ID on unknown SPKI algorithms
On unknown algorithms, it is not always possible to parse the SPKI
field. Instead avoid printing errors.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 12 15:24:23 2017 +0200
.gitlab-ci.yml: corrected location of artifacts in aarch64 build
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 12 13:44:24 2017 +0200
tests: certtool-rsa-pss: use unique temp files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 11 10:28:16 2017 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 19 15:18:20 2017 +0200
_gnutls_buffer_append_data_prefix: cleanup
This eliminates a misleading code that assumed that the called functions
will return the appended size. Always return zero on success which is
what the existing callers assume.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 11 10:30:56 2017 +0200
.gitlab-ci.yml: removed unnecessary options from minimal build
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 3 09:52:21 2017 +0200
pubkey: print the failed signature algorithm when verification fails
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 3 09:58:35 2017 +0200
gnutls-cli: added option to allow verification with broken algorithms
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 3 10:06:22 2017 +0200
tls sessions will not fail of insecure algorithms which are explicitly enabled
That is, if DSA-SHA1 is allowed, do not propagate errors from
gnutls_pubkey_verify_data2() due to SHA1 considered insecure, but rather
ignore such errors.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 13 14:37:00 2017 +0200
tests: mini-record-2: made more robust
It will no longer close the session prior to peer processing
all messages. This prevents the peer stopping processing
prior to all messages being received.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 13 14:22:33 2017 +0200
tests: mini-record: made more robust
It will no longer use a stream socket as this can does not work
well with damaged records (they may end up merged).
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 13 13:21:29 2017 +0200
record: reject 0-byte long ciphertext
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 11 10:18:56 2017 +0200
record: added sanity checking in the record layer version copy
Previously we assumed that an active session had always a version
set, however there have been reports of evolution crashing in
that particular point. Although, this could have been due to
memory corruption, be careful and check for invalid input.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 3 11:51:20 2017 +0200
record: more precise calculation of max recv size
Previously we were using a rough calculation of the max recv size
based on maximum values. Now we calculate the exact maximum value once
the epoch is initialized and enforce it throughout the session.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 14 15:33:01 2017 +0200
decryption: use the same error code on all cases
This eases testing using tlsfuzzer.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 3 11:08:49 2017 +0200
gnutls-serv: allow receiving requests up to 16kb
This makes gnutls-serv useful for few tlsfuzzer test cases.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 3 11:19:44 2017 +0200
max_record_recv_size: removed call to gnutls_compression_get()
We no longer support compression.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 11 09:10:39 2017 +0200
Print the requested CA names when in debug mode
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 27 11:00:20 2017 +0200
gnutls-http-serv: do not set the obsolete PGP options
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 11 08:51:07 2017 +0200
doc: updated documentation on client authentication [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 10 09:53:55 2017 +0200
doc: explicitly state intended usage of priorities on server-side
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 4 09:26:57 2017 +0200
doc: use the default priorities in server example
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 26 14:04:37 2017 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 26 10:26:03 2017 +0200
tests: added unit tests for gnutls_priority_set*()
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 26 10:18:33 2017 +0200
Documented use gnutls_priority_set2().
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 26 10:02:22 2017 +0200
priorities: share priority structures across sessions
As the contents of the priority cache grows, it makes sense to shared
these structures across many sessions (in server side) rather than
copying them to a session. All overrides of the priority contents
were moved to session->internals. On client side where gnutls_priority_set_direct()
is more commonly used, ensure that the set priority is deinitialized.
That also introduces gnutls_priority_set2() which does not copy the priority
contents by default.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 27 11:19:37 2017 +0200
set_client_ciphersuite: use the new internal APIs
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jun 25 16:06:49 2017 +0200
.gitignore: ignore new tests
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jun 25 15:32:52 2017 +0200
tests: added unit testing for server/client cipher negotiation
This verifies that the expected algorithm (cipher) is negotiated.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jun 25 12:03:46 2017 +0200
tests: added unit testing for server ciphersuite/KX negotiation
This verifies whether the ciphersuite negotiation will detect and
reject incompatible data present in credentials.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 23 14:00:52 2017 +0200
doc: corrected typo
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 23 13:32:09 2017 +0200
Renamed fields of sign_algorithm_st
The new names better reflect the reality with signature algorithms
in TLS 1.3, and correct the initial naming error.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 23 13:24:48 2017 +0200
handshake: simplified signature algorithm list generation
Similarly to ciphersuites, that also utilizes a cache of signature algorithms
on the priority structure which is used to quickly generate the signature
algorithm list.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 23 11:55:23 2017 +0200
Eliminated access to obsolete priority cache fields
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 23 10:34:11 2017 +0200
handshake: simplified the client-side ciphersuite negotiation
This takes advantage of the ciphersuite cache in priorities structure
while keeping the same ciphersuite selection checks in place.
The previous ciphersuite selection checks kept:
* Removing SRP ciphersuites when no SRP credentials are set
* Removing ciphersuites when no corresponding to KX credentials were set
* SCSV addition in SSL 3.0 and fallback SCSV
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 21 11:54:39 2017 +0200
handshake: simplified the server-side ciphersuite negotiation
This eliminates all the back and forth loops in the previous code
while keeping the same ciphersuite selection checks in place.
The ciphersuite selection tests that were kept:
* Check if key exchange supports the server public key and key usage flags
* Check if DH or other parameters required for the ciphersuite are present
* Find appropriate certificate for the credentials and ciphersuite
* Check whether a curve is negotiated for the ECDH ciphersuites
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 21 10:25:32 2017 +0200
priority: include a cache of supported ciphersuites
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 21 09:31:31 2017 +0200
removed unused cipher-suite and KX related functions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 21 09:17:57 2017 +0200
algorithm/kx: sorted key exchange algorithms based on current trends
That optimizes linear search for the common options.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 23 11:07:11 2017 +0200
Removed unused functions
These were identified using callcatcher.
http://www.skynet.ie/~caolan/Packages/callcatcher.html
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 7 15:43:25 2017 +0200
fuzz: added make update command [ci skip]
This allows updating the fuzzer corpus from openssl using a single
command.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 7 15:11:13 2017 +0200
fuzz: added corpora from openssl [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 7 14:59:52 2017 +0200
fuzz: undid changes related to boringssl server/client corpus format [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 7 14:58:34 2017 +0200
fuzz: included verbatim corpus from boringssl
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 7 12:22:23 2017 +0200
fuzz: gnutls-client-fuzzer: read directly from memory [ci skip]
Also updated to read the prefixed boringssl corpus files.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 7 11:45:05 2017 +0200
fuzz: gnutls-server-fuzzer: read directly from memory [ci skip]
Also updated to read the prefixed boring ssl corpus files.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 5 20:14:54 2017 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jul 1 18:00:45 2017 +0200
priority_options.gperf: modified for gperf 3.1
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 4 16:12:26 2017 +0200
tlsfuzzer: enabled ALPN tests
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 5 21:44:19 2017 +0200
updated tlsfuzzer
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 4 16:15:08 2017 +0200
ext/alpn: added stricter checks on field lengths
That is, no longer tolerate empty fields, and error on invalid
lengths.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 4 15:35:25 2017 +0200
gnutls-serv: added the --alpn and --alpn-fatal options
This allows specifying ALPN protocols supported by server, allowing
to test the ALPN negotiation.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 4 11:42:59 2017 +0200
fuzz: updated server with multiple keys (ECDSA, RSA) and DH parameters [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jul 1 10:50:57 2017 +0200
OCSP: find_signercert: improved DER length calculation
Previously we were assuming a fixed amount of length bytes which
is not correct for all possible lengths. Use libtasn1 to decode
the length field.
Resolves: #223
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 30 10:04:01 2017 +0200
OCSP: check the subject public key identifier field to figure issuer
Normally when attempting to match the 'Responder Key ID' in an OCSP response
against the issuer certificate we check (according to RFC6960) against the
hash of the SPKI field. However, in few certificates (see commit:
"added ECDSA OCSP response verification"), that may not be the case. In that
certificate, that value matches the Subject Public Key identifier field
but not the hash.
To account for these certificates, we enhance the matching to also consider
the Subject Public Key identifier field.
Relates: #223
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 30 09:33:08 2017 +0200
OCSP: added more verbose debug logging on verification
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 29 21:17:34 2017 +0200
tests: added ECDSA OCSP response verification
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 30 10:43:20 2017 +0200
.travis.yml: do not fail on brew install failures
brew install seems to fail on several occasions when a newer package
is available than the installed. Ignore those errors rather than
failing build.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 29 14:34:20 2017 +0200
tests: added check on saving certs and OCSP responses
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 29 14:28:29 2017 +0200
gnutls-cli: save OCSP response at the time certificate is saved
That ensures that we always save the OCSP response, even when certificate
verification fails.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 6 14:26:07 2017 +0200
moved compression-related APIs to compat.h
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 6 08:56:09 2017 +0200
doc: removed any references to compression and documented change
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 5 16:20:25 2017 +0200
tests: removed tests related to zlib support
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 5 15:58:35 2017 +0200
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 5 15:36:18 2017 +0200
Removed support for compression mechanisms
They are not required for TLS 1.3, and are deprecated for TLS 1.2.
We eliminate them in order to reduce the complexity in the record
packet handling.
Resolves #212
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 20 13:59:54 2017 +0200
gnutls-cli: be less verbose in OCSP error messages
Previously we were reporting "No issuer found" if any certificate
in a chain could not be verified. That was confusing information
and not strictly necessary. No longer print that.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 20 13:57:15 2017 +0200
gnutls-cli: improved error message of OCSP failure
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 20 09:12:39 2017 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 19 20:50:22 2017 +0200
tests: ocsptool: added test of --verify-response with --load-chain
This utilizes the provided chain to find the signer of the
OCSP response.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 20 09:09:41 2017 +0200
ocsp: print response's signature algorithm in compact listing
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 20 09:06:01 2017 +0200
ocsptool: verify_response will print information on the response
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 20 08:59:45 2017 +0200
ocsptool: doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 20 08:31:41 2017 +0200
ocsptool: allow combining --load-trust with --verify-response
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 19 20:58:21 2017 +0200
ocsptool: --load-chain will sort the input chain
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 19 20:50:22 2017 +0200
ocsptool: introduced --verify-allow-broken option
This allows verification to succeed even when broken algorithms are
involved.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 19 20:47:10 2017 +0200
ocsptool: the --verify-response can be combined with --load-chain
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 19 20:27:24 2017 +0200
gnutls_certificate_verification_status_print: mention OCSP in error messages
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 16 14:36:43 2017 +0200
ocsptool: added --load-chain option
This option allows to directly verify all the members of a certificate
chain.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 19 08:20:47 2017 +0200
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jun 18 17:35:06 2017 +0200
tests: enabled X25519 interop tests with openssl 1.1.0
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jun 18 14:35:57 2017 +0200
NORMAL priority: no longer enable the smaller curves by default
They are not widely enabled by web servers, and they provide no
advantage over X25519.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jun 18 14:35:33 2017 +0200
NORMAL priority: enable X25519 curve
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jun 17 14:22:02 2017 +0200
pkcs11: cleanups in pkcs11_login()
Use pkcs11_rv_to_err() to return the right error code map after
PKCS#11 calls; separate checks for already log in status for SO and
user login.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jun 17 14:07:50 2017 +0200
tests: pkcs11-mock: reset state when requesting reauth
That is, for the MOCK_FLAG_SAFENET_ALWAYS_AUTH flag we ensure that
GetSessionInfo() will return the right state when authentication
is required for the first time.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 16 22:04:49 2017 +0200
pkcs11: improved handling of HSMs without CKU_CONTEXT_SPECIFIC support
That is, when the HSM returns CKR_USER_NOT_LOGGED_IN, switch
to CKU_USER, instead of relying to a fallback within pkcs11_login().
That simplifies login logic.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun May 28 11:07:50 2017 +0200
tests: added unit test for safenet protectserver HSM's PKCS#11 support
That is, detect whether the absence of C_Login will fallback to CKU_USER
after CKU_CONTEXT_SPECIFIC is tried.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 29 11:26:19 2017 +0200
pkcs11: simplified pkcs11_login()
By cleanups, as well as including the reauth flag in the flags option.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 29 11:11:24 2017 +0200
pkcs11: the GNUTLS_PKCS11_OBJ_FLAG_LOGIN will force a login
That is, even in tokens which do not have a CKF_LOGIN_REQUIRED flag
a login will be forced. This allows operation on the safenet HSMs
which do not set that flag.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 27 07:24:36 2017 +0200
Handle specially safenet HSMs which cannot handle CKU_CONTEXT_SPECIFIC
These HSMs do not support CKA_ALWAYS_AUTHENTICATE, nor understand CKU_CONTEXT_SPECIFIC,
but rather return CKR_USER_NOT_LOGGED_IN on the first private key operation.
Try to discover that state by calling C_Login when CKR_USER_NOT_LOGGED_IN
is seen, and retrying with CKU_USER after CKU_CONTEXT_SPECIFIC login fails.
See discussion in https://github.com/OpenSC/libp11/issues/160
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 16 12:06:36 2017 +0200
Added documentation to legacy openpgp functions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 16 10:58:23 2017 +0200
Removed unnecessary certificate type functionality
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 16 10:23:19 2017 +0200
NEWS: doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 16 10:21:52 2017 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 16 10:21:10 2017 +0200
doc: removed references to openpgp
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 16 10:14:58 2017 +0200
po: removed openpgp/output.c
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 16 09:55:44 2017 +0200
guile: removed openpgp related tests
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 16 09:30:41 2017 +0200
fuzz: removed the openpgp certificate fuzzer
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 16 09:03:05 2017 +0200
tools: removed options for openpgp support
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 16 08:50:32 2017 +0200
Removed support for openpgp certificates and keys
Resolves #178
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 16 08:38:42 2017 +0200
tests: removed openpgp related tests
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 7 11:58:25 2017 +0200
tests: added reproducer for assertion trigger
This relates to handshakes with support for RSA-PSS.
Found with oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2132
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Jun 8 15:42:30 2017 +0200
nettle: ported fix for assertion failure in pss_verify_mgf1
Backport the upstream fix from:
https://git.lysator.liu.se/nettle/nettle/commit/b1252fedf6ee1dbb8468d1d3f177711a16e83e52
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 8 17:33:21 2017 +0200
.gitlab-ci.yml: keep logs of tests in abi build
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 15 13:41:36 2017 +0200
doc: simplified the default client example
Removed optional paths.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 15 13:20:51 2017 +0200
tests: added reproducer for OCSP response found test cases
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 15 13:14:23 2017 +0200
fuzz: documented location for OCSP-related reproducers
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 15 12:43:48 2017 +0200
ocsp: added sanity check in returned length
This addresses:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1492
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 15 10:37:53 2017 +0200
doc: added/modernized text on AEAD ciphers [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 15 09:09:20 2017 +0200
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 15 09:06:49 2017 +0200
tests: improved duplicate extension test
Instead of sending two duplicate extensions of which one is invalid,
send two valid ones instead. That way, we avoid the possibility of false
positives due to the validation code of the extension contents.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 14 14:15:08 2017 +0200
tests: verify that duplicate extensions are rejected
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 14 13:09:44 2017 +0200
TLS extensions: added duplicate extension check on server side
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 14 11:15:54 2017 +0200
gnutls_init: better naming for internal function
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 13 08:08:56 2017 +0200
tests: added unit test for overriding TLS extensions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 14 11:11:34 2017 +0200
TLS extensions: mark each extension which cannot be overriden
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 14 11:02:49 2017 +0200
TLS extensions: combined the extension data and resumed data structures
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 12 17:31:19 2017 +0200
removed type extension_priv_data_t
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 13 08:02:04 2017 +0200
gnutls_int.h: groupped extension structures together
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 12 14:19:23 2017 +0200
TLS extensions: several simplifications
This allows extensions set by the application to override some
of the internal ones.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 14 15:53:13 2017 +0200
.gitlab-ci.yml: FreeBSD system is no longer available; disabling for CI [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 12 10:26:13 2017 +0200
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 9 18:53:48 2017 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 9 16:37:48 2017 +0200
doc: added reference to privkey export functions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 9 18:29:18 2017 +0200
tests: added basic unit tests for the export_*_raw2() functions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 9 18:17:34 2017 +0200
corrected typo in x962 functions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 9 16:21:31 2017 +0200
pkcs11: do not set leading zeros on integers
PKCS#11 defines integers as unsigned having most significant byte
first, e.g., 32768 = 0x80 0x00. This is interpreted literraly by
some HSMs which do not accept an integer with a leading zero.
Resolves: #215
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 9 16:20:05 2017 +0200
Introduced functions to export integers with no leading zero
That is introduced the flag GNUTLS_EXPORT_FLAG_NO_LZ and:
* gnutls_pubkey_export_rsa_raw2
* gnutls_pubkey_export_dsa_raw2
* gnutls_pubkey_export_ecc_raw2
* gnutls_privkey_export_rsa_raw2
* gnutls_privkey_export_dsa_raw2
* gnutls_privkey_export_ecc_raw2
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 8 15:03:17 2017 +0200
nettle: use older GMP macros for mpz_mod_2exp and mpz_div_2exp
These ensure that compilation will succeed even when building with gmp-mini.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 8 13:15:00 2017 +0200
_gnutls_ucs2_to_utf8: use void* as pointer type to avoid compiler assumptions on alignment [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 8 13:06:19 2017 +0200
ciphersuites: removed unused function
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 8 13:00:25 2017 +0200
nettle/cipher: document that ctx_ptr is 16-byte aligned, and use void* to avoid compiler assumptions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 8 12:53:44 2017 +0200
certtool: corrected typo in strcmp() use
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 8 11:15:02 2017 +0200
_gnutls_x509_privkey_reinit: ensure fields will not be re-used
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 8 09:25:32 2017 +0200
certtool: improved error message when public key cannot be figured [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 6 16:05:37 2017 +0200
updated auto-generated files for new signing API
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 6 16:00:41 2017 +0200
handshake: simplify handshake by using the new signing API
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 6 13:38:05 2017 +0200
tests: introduced unit tests of the new signing API
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 30 15:39:52 2017 +0200
abstract API: introduced new signing functions
That is, the gnutls_privkey_sign_data2() and gnutls_privkey_sign_hash2().
The new functions perform signing with input the signature algorithm instead
of the hash algorithm; that allows to use algorithms where the hash algorithm
is not used, or the public key algorithm may be different than the key's.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 7 11:18:07 2017 +0200
pkix: removed unused definition
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 6 16:04:53 2017 +0200
gnutls_privkey_st: removed unused element
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 6 10:34:33 2017 +0200
gnutls_session_get_desc: improved ciphersuite description
That is, separated the key exchange from the signature algorithm
used by the server, and list them in different fields.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 2 11:16:45 2017 +0200
tests: key-import-export: use cert-common.h
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 2 17:04:45 2017 +0200
tests: simplified CPPFLAGS of tests using internal gnutls funcs
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 6 12:54:24 2017 +0200
tests: key-exchange: added error checking in gnutls_certificate_set_x509_key_mem
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 6 10:58:33 2017 +0200
_gnutls_check_key_cert_match: account for RSA and RSA-PSS mismatches
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 6 09:49:09 2017 +0200
certtool: fix DER export with --p7-info
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 5 13:21:38 2017 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 5 10:01:07 2017 +0200
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 5 09:59:49 2017 +0200
psktool: minor documentation updates
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 5 09:52:53 2017 +0200
tests: added basic functionality check for psktool
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 5 09:50:07 2017 +0200
psktool: increased default key size to 256-bits
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 5 09:39:49 2017 +0200
psktool: do not assume any default key file
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Wed May 31 12:58:58 2017 -0400
clarify documentation and arguments for psktool
* psktool's -p argument should really be short for --pskfile, not
--passwd. there is no passwd involved.
* the example documentation switches names halfway through, which is
confusing.
* there is no prompt for a password. do not mention it in the
example.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 29 09:22:44 2017 +0200
tests: added unit test to verify that certificates with non-DER strict time fields are accepted
Also removed the old strict compliance DER test.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 29 09:15:27 2017 +0200
Tolerate DER time encoding errors
It seems that openssl generated certificates may contain invalid
formatted times, and gnutls will no longer parse them. Ignore such
formatting errors when DER decoding.
We should reconsider this in the future (#207)
Resolves #196
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 5 10:24:04 2017 +0200
tests: enhanced OID tests with OIDs for SHA3
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 5 10:21:54 2017 +0200
tests: enhanced OID tests with OIDs for RSA-PSS
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jun 4 13:56:04 2017 +0200
.gitlab-ci.yml: added aarch64 build based on Debian
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 31 14:55:19 2017 +0200
_gnutls_PRF: was made inline function
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 31 14:29:10 2017 +0200
tests: added low-level unit tests on TLS 1.0 and 1.2 PRFs
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 31 13:52:03 2017 +0200
prf: implement the TLS 1.0 and 1.2 PRFs using nettle
That simplifies the existing PRF code and moves it in the
crypto-backend component.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 31 12:00:26 2017 +0200
doc: refer to the site for commercial support options
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 31 11:29:08 2017 +0200
tests: mini-record-retvals: include AES-CBC tests
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 31 11:36:30 2017 +0200
tests: eliminated build warnings
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 31 08:55:54 2017 +0200
tests: combined tables of sign-verify tests
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 30 19:54:48 2017 +0200
Only accept known public key algorithms in the GNUTLS_PRIVKEY_EXT private keys
The reason is that this API, assumes very low level primitives which
are not available for the newer RSA-PSS private keys.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 30 19:42:36 2017 +0200
_gnutls_privkey_*_sign_params: added support for GNUTLS_PRIVKEY_EXT keys
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 30 19:25:11 2017 +0200
tests: added basic test on "external" keys with gnutls_privkey_import_ext2()
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 30 16:53:14 2017 +0200
gnutls_x509_privkey_sign_data: wrap over gnutls_privkey_sign_data()
That will allow this function to operate with the new key types.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 30 16:43:28 2017 +0200
tests: added unit tests for the gnutls_x509_* sign/verify APIs
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 29 15:23:21 2017 +0200
tests: added tests signature validation using the sign/verify_data APIs
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 30 16:24:05 2017 +0200
Separated use of GNUTLS_PRIVKEY_FLAG_PROVABLE and GNUTLS_PRIVKEY_SIGN_FLAG_REPRODUCIBLE
For simplicity, rename GNUTLS_PRIVKEY_SIGN_FLAG_REPRODUCIBLE to GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 30 16:19:25 2017 +0200
_gnutls_privkey_find_sign_params: renamed and simplified
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 30 15:40:40 2017 +0200
gnutls_privkey_sign_hash: removed duplicate code
The same code was available in _gnutls_privkey_find_sign_params().
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 30 10:47:12 2017 +0200
GNUTLS_E_INSUFFICIENT_SECURITY: moved to fatal errors
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 29 16:22:27 2017 +0200
tls-sig: re-organize and simplify the TLS signature generation and verification
That makes sure that the high level APIs are used when possible, and
separate the TLS 1.2 from other code paths. This will allow supporting
signature schemes like EdDSA and others.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 30 10:59:53 2017 +0200
tests: modify tests to allow signatures with SHA1
There were several tests that were utilizing SHA1 signatures but were
not failing due to the bug in gnutls_pubkey_verify_hash2().
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 31 10:12:31 2017 +0200
gnutls_pubkey_verify_hash2: do not allow GNUTLS_VERIFY_USE_TLS1_RSA with non-RSA keys
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 30 10:42:27 2017 +0200
gnutls_pubkey_verify_hash2: check for broken signature algorithms
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 30 10:13:16 2017 +0200
gnutls_pubkey_verify_data2: do not utilize GNUTLS_VERIFY_USE_RSA_PSS
This flag is not required for verification since the signature algorithm
is sufficient to detect RSA-PSS without requiring any flags.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 30 10:36:59 2017 +0200
tests: do not utilize GNUTLS_VERIFY_USE_RSA_PSS
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 29 08:55:47 2017 +0200
certtool: do not ask for password when exporting to PKCS#8 implicitly
Previously --generate-privkey wouldn't ask for password unless --pkcs8
was explicitly given. Keep that behavior, and do not ask for any password
even if we need to export to PKCS#8 for some key types. Always require
the --pkcs8 option to encrypt with password.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 29 08:43:14 2017 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 29 08:37:03 2017 +0200
doc: mention RSA-PSS-SHA* signature algorithms
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 29 08:33:44 2017 +0200
certtool: replaced rsa-pss-sign with sign-params option
This option could accomodate future enhancements/additions in
certificate signining.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 29 08:26:41 2017 +0200
certtool: better documentation on rsa-pss-sign
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 26 13:30:18 2017 +0200
replaced MAX_SIGNATURE_ALGORITHMS macro with MAX_ALGOS
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 26 13:19:08 2017 +0200
tests: added unit test for gnutls_sign_supports_pk_algorithm()
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 26 10:44:41 2017 +0200
tls-fuzzer: ignore the incomplete RSA-PSS tests
These tests fail because tls-fuzzer currently does not properly implement
RSA-PSS.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 26 10:06:34 2017 +0200
tests: verify that generated RSA-PSS keys can be read with certtool -k
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 26 10:01:04 2017 +0200
certtool: use PKCS#8 format for generated RSA-PSS keys
An RSA-PSS key has additional parameters which cannot be stored
in the "standard" PKCS#1 format. For that when asked to generate
an RSA-PSS key, we export to the PKCS#8 form.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 26 09:52:33 2017 +0200
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 26 08:57:11 2017 +0200
tests: x509sign-verify: include ECDSA and RSA-PSS key tests
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 26 08:22:07 2017 +0200
tlsfuzzer: the test-certificate-verify-malformed check now passes
Previously it was expecting a different alert code than gnutls returned.
Now gnutls returns the expected alert code (GNUTLS_A_DECRYPT_ERROR)
on malformed signatures.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 25 16:35:18 2017 +0200
alert: map GNUTLS_E_PK_SIG_VERIFY_FAILED to GNUTLS_A_DECRYPT_ERROR
This makes server respond with GNUTLS_A_DECRYPT_ERROR on malformed signatures,
which is the expected behavior. Hinted by Hubert Kario.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 25 16:18:25 2017 +0200
Increased the maximum number of signature algorithms
That allows including all the existing signatures including DSA.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 25 14:30:17 2017 +0200
x509sign-verify: corrected test to perform RSA tests on RSA keys
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 25 14:01:53 2017 +0200
tests: added tests for RSA-PSS key exchange under TLS 1.2
That includes tests with RSA and RSA-PSS server and client certificates.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 25 14:53:43 2017 +0200
publickey: map RSA ciphersuites to GNUTLS_PK_RSA_PSS
That is in addition to GNUTLS_PK_RSA
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Nov 30 06:40:39 2016 +0300
Rework KX -> PK mappings
GOST VKO and PSS keys would support several public keys, so change
the previous 1:1 kx->pk mapping into 1:many.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 25 12:45:08 2017 +0200
tests: added TLS 1.2 tests with RSA-PSS signatures on RSA certificates
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 25 11:50:38 2017 +0200
gnutls_privkey_sign_hash: use the GNUTLS_PRIVKEY_SIGN_FLAG_RSA_PSS flag
That is, the privkey_sign_hash() function was made static (no users other
than the same file), and gnutls_privkey_sign_hash will take into account
the GNUTLS_PRIVKEY_SIGN_FLAG_RSA_PSS, if specified.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 25 11:33:49 2017 +0200
tls-sig: sign with RSA-PSS when requested by negotiated signature algorithm
That is, when signing a TLS message, take into account the
negotiated signature algorithm, in addition to the hash algorithm
to decide which flags to pass to gnutls_privkey_sign_hash(). This
allows signing the handshake messages with RSA-PSS even when an RSA
key is present.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 25 11:19:12 2017 +0200
priority: enabled RSA-PSS signatures by default
They are prioritized low on the list to reduce compatibility
issues in case they are wrongly implemented in gnutls or in the
peer implementation. To be revised when more elaborate compatibility
tests are made.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 25 11:13:23 2017 +0200
ext/signature: accept compatible algorithms with PK
That is instead of using a 1-1 mapping of signature algorithms
to public key algorithms, use gnutls_sign_supports_pk_algorithm()
to determine whether algorithms match. That way we can allow
GNUTLS_SIGN_RSA_PSS_SHA256 under GNUTLS_PK_RSA and GNUTLS_PK_RSA_PSS
keys.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 25 11:12:33 2017 +0200
gnutls_pubkey_verify_hash2: corrected operation with RSA-PSS keys
That is, do not check the flag GNUTLS_VERIFY_USE_RSA_PSS, as we
already have enough information to determine whether an RSA-PSS
signature is used (the sign algorithm). Also return the code
GNUTLS_E_INCOMPATIBLE_SIG_WITH_KEY when a signature algorithm
incompatible with the public key is encountered.
In addition, fixed few misplacements of GNUTLS_PK_RSA_PSS in switch
cases.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 25 10:48:30 2017 +0200
Introduced gnutls_sign_supports_pk_algorithm()
This function allows to test whether a combination of public key
algorithm and signature algorithm are supported. This is introduced
for RSA-PSS signatures which can be generated by a GNUTLS_PK_RSA key
or by a GNUTLS_PK_RSA_PSS key.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Thu Mar 16 11:38:58 2017 +0100
x509: implement RSA-PSS signature scheme
This patch enables RSA-PSS signature scheme in the X.509 functions and
certtool.
When creating RSA-PSS signature, there are 3 different scenarios:
a. both a private key and a certificate are RSA-PSS
b. the private key is RSA, while the certificate is RSA-PSS
c. both the private key and the certificate are RSA
For (a) and (b), the RSA-PSS parameters are read from the certificate.
Any conflicts in parameters between the private key and the certificate
are reported as an error.
For (c), the sign functions, such as gnutls_x509_crt_privkey_sign() or
gnutls_privkey_sign_data(), shall be instructed to generate an RSA-PSS
signature. This can be done with the new flag
GNUTLS_PRIVKEY_SIGN_FLAG_RSA_PSS.
Verification is similar to signing, except for the case (c), use the
flag GNUTLS_VERIFY_USE_RSA_PSS instead of
GNUTLS_PRIVKEY_SIGN_FLAG_RSA_PSS.
From the command line, certtool has a couple of new options: --rsa-pss
and --rsa-pss-sign. The --rsa-pss option indicates that the generated
private key or certificate is restricted to RSA-PSS, while the
--rsa-pss-sign option indicates that the generated certificate is signed
with RSA-PSS.
For simplicity, there is no means of choosing arbitrary salt length.
When it is not given by a private key or a certificate, it is
automatically calculated from the underlying hash algorithm and the
RSA modulus bits.
[minor naming changes by nmav]
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 25 10:19:22 2017 +0200
fuzz: added RSA-PSS certificate
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Daiki Ueno <ueno@gnu.org>
Date: Fri Mar 31 14:36:46 2017 +0200
build: import files from Nettle for RSA-PSS
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 27 07:29:44 2017 +0200
libtasn1: updated to 4.11
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 25 15:10:17 2017 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 25 09:39:10 2017 +0200
tests: added unit tests for gnutls_de/encode_rs_value
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 25 08:38:43 2017 +0200
pk: exported gnutls_decode_rs_value() and gnutls_encode_rs_value()
These functions allow encoding to and from a Dss-Sig-Value.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 26 12:43:21 2017 +0200
tests: skip x86-specific tests when not in x86
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 26 10:56:30 2017 +0200
updated auto-generated files
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 26 10:18:09 2017 +0200
tests: tls-fuzzer: corrected unlocking at tls-fuzzer-cert.sh
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 26 10:42:28 2017 +0200
examples: made a comment that getpass() output needs to be sanitized
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 26 10:13:05 2017 +0200
certtool: avoid printing legacy options in --help
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 24 17:34:31 2017 +0200
Makefile: improved code coverage extraction from lcov output
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 24 15:48:31 2017 +0200
configure: warn when building as static library [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 24 14:01:56 2017 +0200
gnutls_ocsp_status_request_enable_client: removed support for problematic parameters
Removed support for responder_id and extensions parameters. These
had very difficult semantics to use and the underlying implementation
had encoding errors, meaning there was no interoperation with other
clients. Given that issue it means there are no applications depending on
these parameters; ignore these parameters completely and no longer send
either responder_id or extensions.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 24 11:48:24 2017 +0200
gnutls_ocsp_status_request_enable_client: documented requirements for parameters
That is, the fact that extensions and responder_id parameters must be
allocated, and are assigned to the session.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 24 11:38:16 2017 +0200
ext/status_request: Removed the parsing of responder IDs from client extension
These values were never used by gnutls, nor were accessible to applications,
and as such there is not reason to parse them.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 24 10:46:03 2017 +0200
ext/status_request: ensure response IDs are properly deinitialized
That is, do not attempt to loop through the array if there is no array
allocated.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 24 10:28:28 2017 +0200
tlsfuzzer: enabled ocsp stapling test
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 24 10:17:09 2017 +0200
tlsfuzzer: updated to latest version
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 23 09:26:10 2017 +0200
self-tests: limit compatibility API checks to vectors with plaintext
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 22 16:43:38 2017 +0200
tests: on cipher override do not run the compatibility checks
That is, because we introduce a cipher using the new AEAD API which
does not provide compatibility hooks.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 22 16:41:48 2017 +0200
self-tests: introduced flag GNUTLS_SELF_TEST_FLAG_NO_COMPAT
This allows skipping the compatibility APIs when running self tests.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 22 16:39:14 2017 +0200
self-tests: all parameter was replaced by flags
This allows to introduce more options than just check all
ciphers.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 22 14:41:56 2017 +0200
aarch64: fix AES-GCM in-place encryption and decryption
Resolves #204
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 22 11:54:25 2017 +0200
crypto: self-tests: enhance to include compatibility APIs
That is, run the compatibility gnutls_cipher_* APIs on self tests
for AEAD ciphers in addition to the AEAD API.
Relates #204
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 22 14:23:14 2017 +0200
crypto-api: refuse to run gnutls_cipher_init() in full AEAD modes
That is, there are AEAD modes like CCM that can only be used through
the AEAD API. Always refuse calls to gnutls_cipher_init() in these
modes.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 22 09:19:53 2017 +0200
doc: corrected error in gnutls_x509_privkey_sign_data parameters [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 20 20:41:30 2017 +0200
sysrng-linux: improved detection of getrandom()
The getrandom() call is defined in sys/random.h.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 20 20:34:40 2017 +0200
gnutls-cli: use 16k buffers in --benchmark-tls-ciphers
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 20 20:31:33 2017 +0200
gnutls-cli: cleaned up --benchmark-ciphers output
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 20 20:20:34 2017 +0200
gnutls-cli: no longer include arcfour in benchmarks
This cipher is considered broken and no longer included in
the default set of ciphers.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 20 08:51:55 2017 +0200
documented the make files-update make option
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 20 08:48:26 2017 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 20 08:26:47 2017 +0200
tests: added TLS server test for multi-key usage
That is, a server which utilizes both RSA and ECDSA keys.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 20 08:14:59 2017 +0200
p11tool: mark provider opts as deprecated
That is, to avoid listing that option in p11tool --help, as it is
only useful for debugging very low level interfaces with PKCS#11
parameter passing.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sat May 20 02:19:17 2017 +0300
gnutls-serv: allow user to specify multiple x509certile/x509keyfile
Instead of adding more and more variants like x509dsakeyfile or
x509ecckeyfile (counting eddsa and gost in future), allow user to
specify x509certfile/x509keyfile multiple times. Keep the old
options as compatibility options.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu May 18 23:55:57 2017 +0300
Fix two memory leaks in debug output of gnutls tools
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Nov 30 07:13:09 2016 +0300
Don't let GnuTLS headers in NETTLE_CFLAGS override local headers
Change order of CFLAGS so that local headers always come before ones in
$(NETTLE_CFLAGS).
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 12 17:58:55 2017 +0200
find_signer: eliminate memory leak
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Karl Tarbe <karl.tarbe@cyber.ee>
Date: Mon May 8 15:06:33 2017 +0300
tests: add test for signing with certificate list
Signing with one certificate, but includes the other certificates
inside the PKCS#7 structure.
Signed-off-by: Karl Tarbe <karl.tarbe@cyber.ee>
Author: Karl Tarbe <karl.tarbe@cyber.ee>
Date: Thu May 4 16:46:14 2017 +0300
certtool: allow multiple certificates in --p7-sign
Signed-off-by: Karl Tarbe <karl.tarbe@cyber.ee>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sun May 14 11:21:07 2017 +0200
Fix autoconf progress message concerning heartbeat [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 11 22:03:08 2017 +0200
doc: corrected typo [ci skip]
Reported by Andreas Metzler.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 11 22:01:10 2017 +0200
test: corrected typo preventing the run of openpgp test [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 10 17:43:32 2017 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 10 17:23:54 2017 +0200
pkcs11_override_cert_exts: do not use CKA_X_DISTRUSTED flag when retrieving
This flag was introduced in order for reducing the number of duplicate
stapled extensions returned by p11-kit. Unfortunately that fix was bogus
and in fact it resulted to p11-kit not returning any stapled extensions.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 10 17:08:11 2017 +0200
tests: added unit test for p11-kit trust store
This verifies whether an Example Root CA can be read together
with its stapled extensions.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 10 16:40:10 2017 +0200
p11tool: added the --provider-opts option
This option allows passing parameters to the PKCS#11 module
loading process, i.e., passed to gnutls_pkcs11_add_provider().
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 10 16:34:25 2017 +0200
pkcs11_add_provider: allow passing parameters to p11-kit trust module
When the @params argument of gnutls_pkcs11_add_provider() starts with
'p11-kit:' the specified provider is loaded as an unmanaged module
and the rest of parameters are being passed opaque to the module. This
allows loading for example the p11-kit trust module with a custom path
for the trust database.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 9 22:03:45 2017 +0200
tests: introduced checks in alternative chain discovery
These cope with alternative chain discovery in the case of insecure
algorithm found in the chain.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 9 21:24:36 2017 +0200
tests: modified pkcs1-pad to account for alt path search
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 8 06:43:28 2017 +0200
gnutls_x509_trust_list_verify_crt2: treat signers with insecure algorithms as unknown
The reason is that many servers utilize a legacy chain to improve compatibility
with old clients and that chain often contains insecure algorithm. In that case
try to construct alternative paths. To maintain compatibility with previous
versions, we ensure that the same error code (verification status) is returned
in these cases as before by sending the cached error if the alternative path fails
too.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 9 20:57:40 2017 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 9 20:57:00 2017 +0200
Makefile: files-update directive will update the auto-generated files in src/
This simplifies the update of files generated by autogen.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 8 07:02:16 2017 +0200
tests: added check for gnutls-cli's sni-hostname option
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 8 06:13:59 2017 +0200
gnutls-cli: introduced --sni-hostname option
This allows overriding the value set on the TLS server name indication
extension.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 10 10:39:22 2017 +0200
Makefile: added phony targets to .PHONY [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 9 14:51:44 2017 +0200
fuzz: doc update [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 8 06:27:21 2017 +0200
errors.h: _gnutls_cert_log will only print on non-null certificates
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nicolas Dufresne <nicolas.dufresne@collabora.com>
Date: Fri Apr 28 17:17:32 2017 -0400
rsa-psk: Use the correct username datum
In rsa-psk we properly request username for the case the
application uses a callback, but later we use the username
cached in the credentials structure. This will lead to empty
username issues.
Signed-off-by: Nicolas Dufresne <nicolas.dufresne@collabora.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 6 23:06:45 2017 +0200
tests: added check for PSK client callback in RSA-PSK
This check verifies whether gnutls_psk_client_credentials_function
is operational, and the parameters sent are taken into account
by the server.
Relates !364
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 6 22:47:32 2017 +0200
tests: simplified name of mini-rsa-psk check
In addition modernize the used APIs and added explicit check
on the received by the server username value.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 5 14:31:30 2017 +0200
tests: utilize the email_protection_key template option
This ensures that generated certificates and requests will
include that key purpose when the option is present.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 5 14:21:13 2017 +0200
certtool: introduced the email_protection_key option
This option was introduced in documentation for certtool without
an implementation of it. It is a shortcut for option
key_purpose_oid = 1.3.6.1.5.5.7.3.4
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Andreas Metzler <ametzler@debian.org>
Date: Mon May 1 19:20:38 2017 +0200
gnutls-cli: Use CRLF with --starttls-proto=smtp.
Closes https://gitlab.com/gnutls/gnutls/issues/200
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 1 01:43:40 2017 +0200
doc: remove libidn from instructions and add libidn2
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 1 00:59:12 2017 +0200
doc: update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 1 00:26:47 2017 +0200
added newline in debug messages [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 4 20:13:11 2017 +0200
Removed support for libidn1
Currently we support both IDNA2003 and IDNA2008. However, IDNA2003
is already obsolete by registrars and NICs, thus there is no reason
to continue supporting it. We switch to IDNA2008 exclusively using libidn2.
Resolves #194
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 1 12:44:46 2017 +0200
updated minitasn1
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 1 12:42:57 2017 +0200
gnutls.h: introduced GNUTLS_E_ASN1_TIME_ERROR
This corresponds to libtasn1 ASN1_TIME_ENCODING_ERROR and
indicates an error in the DER or BER encoding of time field.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 30 13:25:16 2017 +0200
gnutls_pkcs12_simple_parse: set to null vars after deinitialization
This avoids having the variables being deinitialized twice during
cleanup.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 30 12:52:51 2017 +0200
tests: enhance with checks to verify that textual IPs are not matched
That verifies that the hostname check verification function will
not succeed if given textual IPs, and the certificate contains
textual IPs in DNSname or in the CN fields.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 29 13:30:50 2017 +0200
gnutls_x509_crt_check_hostname2: no match dns fields against IPs
Previously we were checking textual IP address matching against
the DNS fields. This match was non-standard and was intended to
work around few broken servers. However that also led to not
evaluating and IP constraints for that IP. No longer follow that
broken behavior.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 30 12:45:19 2017 +0200
tests: check against symbols present only in IDNA2003
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 29 14:00:24 2017 +0200
gnutls_idna_map: fallback to IDNA2008 transitional encoding on failure
This aligns with the behavior of firefox, which maps to IDNA2008, and
fallbacks to IDNA2003 if that fails (e.g., mapping doesn't exist).
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 28 23:12:19 2017 +0200
fuzz: fix leaks in PKCS#12 fuzzer
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 28 22:46:48 2017 +0200
pkcs12: release CRL data on error path
This addresses issue:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1295
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 25 12:01:25 2017 +0200
doc: added gnutls_ext_flags_t enumeration
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 25 11:55:10 2017 +0200
_gnutls_base64_decode: corrected leak on decoding error
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 25 11:08:47 2017 +0200
tests: fixed expected error code in base64 check
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 25 15:15:27 2017 +0200
certtool: ensure no leaks on pkcs12_info() error paths
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 25 11:02:01 2017 +0200
tests: added reproducer for mem leak in PKCS#12 decoding
This relates to:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1173
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 25 10:59:58 2017 +0200
pkcs12: eliminate mem leaks in _pkcs12_decode_safe_contents
This makes sure we deinitialize previously available elements.
This addresses:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1173
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 25 10:48:46 2017 +0200
cleanups in _pkcs12_decode_safe_contents
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 25 10:36:22 2017 +0200
pkcs12: clean ups in PKCS#12 parsing
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 24 14:16:24 2017 +0200
Added explicit check for the bounds of the generated 'd'.
This is according to FIPS186-4 sec. B.3.1.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 24 13:06:45 2017 +0200
fips140-2: enhanced check of generated parameters
That is, replaced all assert() calls with if statements to allow
gracefull fail.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 24 13:11:04 2017 +0200
dsa-fips.h: include nettle/bignum.h to allow compilation under nettle-mini
Relates #197
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 25 09:50:08 2017 +0200
tests: added base64 reproducer of mem leak
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 24 13:28:39 2017 +0200
doc update [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 23 11:54:38 2017 +0200
gnutls.h: introduced flag GNUTLS_EXT_FLAG_OVERRIDE_INTERNAL [ci skip]
This flag is expected to be used by applications which handle
custom extensions that are not currently supported in gnutls, but
support for them may be added in the future.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 21 09:28:47 2017 +0200
_gnutls_base64_decode: addressed memory leak in decoding
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 21 09:19:56 2017 +0200
gnutls_pem_base64_decode: allow decoding raw base64 data
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 21 09:14:18 2017 +0200
tests: check whether gnutls_pem_base64_decode2 decodes with null argument
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 21 09:12:51 2017 +0200
Revert "gnutls_pem_base64_decode: allow decoding raw base64 data"
This reverts commit fa86fc6892d6551340f24da6a6af4f484a62b884.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 20 16:34:56 2017 +0200
doc: clarifications on custom thread override [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 20 14:03:39 2017 +0200
fuzz: added PEM base64 decoder and encoder fuzzers [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 19 20:04:59 2017 +0200
fuzz: openpgp fuzzer always succeeds when no support is present [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 14 01:18:56 2017 +0300
lib/system/fastopen: simplified TCP fast open for OSX
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon Apr 10 12:39:46 2017 +0200
lib/system/fastopen: Add TCP Fast Open for OSX
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 8 16:37:28 2017 +0200
doc: removed incorrect comment
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 8 17:02:35 2017 +0200
gnutls_dh_get_pubkey: fixed operation under PSK authentication
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 8 16:15:36 2017 +0200
tests: test gnutls_dh_get_pubkey in PSK auth
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 8 16:33:09 2017 +0200
tests: combined and enhanced DH params tests
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 8 16:25:49 2017 +0200
tests: added DH parameter check in X.509 auth
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 8 16:18:26 2017 +0200
tests: added basic test on gnutls_dh_params_cpy
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 8 16:14:06 2017 +0200
tests: test gnutls_dh_get_pubkey in anonymous auth
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 8 16:15:46 2017 +0200
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 8 15:50:16 2017 +0200
tests: added basic unit test on gnutls_random_art()
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 7 22:51:09 2017 +0200
doc: fixed documentation for various function parameters
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 7 22:37:54 2017 +0200
.gitlab-ci.yml: removed the coverage run under pkcs11 trust store
It was causing inaccurate total coverage numbers.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 7 16:56:06 2017 +0200
.gitlab-ci.yml: added runs under the PKCS#11 trust store in fedora
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 7 16:51:46 2017 +0200
tests: use gnutls_global_init instead of global_init
The reason is to force initialization of the PKCS#11 backend,
and thus support for any PKCS#11 trust store when setup.
This fixes running the test suite in Fedora.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 7 14:42:10 2017 +0200
tests: added checks with certificates that contain invalid time field
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 7 14:33:29 2017 +0200
x509/time: reject invalid dates in local mktime()
Resolves #135
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 7 14:25:34 2017 +0200
certtool: added newline in error message
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 7 14:09:31 2017 +0200
tests: added basic check for systemkey tool
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 7 14:05:45 2017 +0200
systemkey: improved error message on unsupported systems
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 7 14:00:41 2017 +0200
tests: enhanced tofu trustdb checks
Include checks which store and load commitments from the user's home
directory.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 7 10:35:33 2017 +0200
tests: do not run pkgconfig test in systems with invalid libidn flags
This prevents our test from failing, due to invalid flags found in
a dependency of ours.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 7 13:30:16 2017 +0200
doc: fixed tpmtool and psktool documentation
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 7 09:39:50 2017 +0200
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 7 09:38:45 2017 +0200
tests: added unit tests for the base64 raw decoding functions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 7 09:37:10 2017 +0200
gnutls_pem_base64_decode: allow decoding raw base64 data
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 7 09:26:01 2017 +0200
x509/output: do not print usage entry when there is none
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 7 09:21:19 2017 +0200
certtool: improved printing of the key PIN and key ID
That is, on private keys use the same format when printing
the public Key ID and public key PIN, as when printing it
in certificates.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 6 18:34:56 2017 +0200
.gitlab-ci.yml: fixed freebsd build project restriction
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 6 18:18:02 2017 +0200
certtool: print the key PIN on private and public keys
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 6 18:09:14 2017 +0200
gnutls_pem_base64_encode2: do raw base64 when msg is NULL
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 7 08:33:54 2017 +0200
.gitlab-ci.yml: simplified CI setup
This makes builds independent by reducing interactions between
artifacts of builds.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 6 11:53:33 2017 +0200
fuzz: do not enable the openpgp fuzzer when openpgp is disabled
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 5 14:50:43 2017 +0200
serv: fixed carriage return stripping in strip()
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 5 14:47:30 2017 +0200
Mark with (void) the remove() function and other unchecked functions
This allows static analysers to properly warn on unchecked return values.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 5 14:29:16 2017 +0200
gnutls-cli: fixed minor coverity identified issues
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 5 14:26:52 2017 +0200
certtool: fixed newline skip code in smime-to-p7 code
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 5 14:12:03 2017 +0200
tests: added unit test for the certtool smime conversion functionality
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 5 13:41:36 2017 +0200
certtool: fixed minor issues pointed out by coverity
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 5 13:38:06 2017 +0200
gnutls-cli: better resource management in benchmark cmd
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 5 13:30:22 2017 +0200
is_level_acceptable: ensure issuer is not dereferenced when null
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 5 13:25:08 2017 +0200
certtool: guard the value of tl before gnutls_pkcs7_verify
This utilizes assert() as it cannot be triggered in practice.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 5 13:20:44 2017 +0200
Avoid using ASN1_MAX_NAME_SIZE directly
Since ASN1_MAX_NAME_SIZE refers to a single element in the asn1
tree, it is not suitable to hold the maximum combined name. Instead
use a local definition of MAX_NAME_SIZE, which is a multiple of
the ASN1_MAX_NAME_SIZE.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 5 13:15:38 2017 +0200
gnutls_x509_crq_set_challenge_password: don't accept null password
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 5 13:13:26 2017 +0200
Mark with (void) the functions where the returned value is not checked intentionally
This allows static analysers to properly warn on unchecked return values.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 5 13:08:11 2017 +0200
removed duplicate code
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 5 12:47:03 2017 +0200
handshake/record: mark with comments all expected fall-through switches
This reduces warnings from static analysers like coverity and makes
explicit the intention.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 5 12:42:18 2017 +0200
gnutlsxx.cpp: fixed misleading indentation issues
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 5 12:39:23 2017 +0200
doc: document intended fallthrough
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 5 12:36:52 2017 +0200
tests: fixed possible buffer overflow to avoid spurious complaints
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 5 12:34:56 2017 +0200
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 5 11:54:45 2017 +0200
x509.h: added macro for inhibit any policy
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 5 11:50:29 2017 +0200
NEWS: updated
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 5 10:24:17 2017 +0200
doc: documented the inhibit any policy extension
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 5 11:08:09 2017 +0200
tests: added PKCS#12 unit test with AES file
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 4 16:36:48 2017 +0200
tests: added unit test for inhibit anypolicy generation
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 5 15:36:47 2017 +0200
supported_exts: inhibit anypolicy is listed as supported
Since we don't support certificate verification based on policies,
we make sure we do not reject any certificates based on the inhibit
any policy extension being present.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 4 16:27:34 2017 +0200
certtool: added template option inhibit_anypolicy_skip_certs
This option writes the inhibit anyPolicy option in a certificate.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 4 16:25:47 2017 +0200
x509: output the inhibit anyPolicy value
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 5 10:29:32 2017 +0200
documented the GNUTLS_X509_OID_POLICY_ANY macro
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 4 16:03:34 2017 +0200
x509: added function to set and retrieve inhibit anypolicy extension value
That is, introduced:
* gnutls_x509_crt_get_inhibit_anypolicy
* gnutls_x509_crt_set_inhibit_anypolicy
Resolves #180
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 4 15:53:05 2017 +0200
_gnutls_x509_write_uint32: ensure we prepend leading zero when writing
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 4 15:46:45 2017 +0200
Added helper functions to parse the inhibit anyPolicy X.509 extension
That introduces:
* gnutls_x509_ext_export_inhibit_anypolicy
* gnutls_x509_ext_import_inhibit_anypolicy
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 4 15:22:06 2017 +0200
tests: added unit test for PKCS#12 with file that uses PBES1 with no salt
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 6 05:14:25 2017 +0200
tests: added basic check for system trust store
This checks whether the gnutls_certificate_set_x509_system_trust()
and thus the trust list equivalent function operate as expected
and return a positive number of certificates. The test is ignored
in systems where these functions return GNUTLS_E_UNIMPLEMENTED_FEATURE.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: David Caldwell <david@porkrind.org>
Date: Tue Apr 4 21:29:55 2017 -0700
gnutls_x509_trust_list_add_system_trust: Add macOS keychain support
Also don't check for a default_trust_store_file in configure when building on
macOS (unless explicitly asked to with --with-default-trust-store-file=xxx),
because otherwise it finds /etc/ssl/cert.pem: This file is new (since
10.12.2?), which means libraries built on the newest OS version wouldn't work
the same way on an older versions (and vice versa). "/etc/ssl/cert.pem" also
doesn't seem to reflect additions and deletions from the user's or system's
trusted roots keychain (in my limited testing).
Signed-off-by: David Caldwell <david@porkrind.org>
Author: David Caldwell <david@porkrind.org>
Date: Wed Apr 5 11:15:45 2017 -0700
Rename uint64 to gnutls_uint64 to avoid conflict with macOS
Signed-off-by: David Caldwell <david@porkrind.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 5 10:11:01 2017 +0200
mpi: openpgp integer scanning was put into conditional
That is, no longer include that code when compiling without openpgp
support.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 29 12:38:34 2017 +0200
Moved all openpgp-related variables and definitions into ifdef blocks
This allows compilation with -Werror even if openpgp is disabled.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 29 09:55:36 2017 +0200
OpenPGP authentication is disabled by default
The flag --enable-openpgp-authenticationcan be used to revert
this change.
Resolves #178
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 5 08:50:53 2017 +0200
tools: remove outfile when exited on error
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 5 08:32:48 2017 +0200
certtool: added examples on verifying certificates
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 5 08:12:17 2017 +0200
certtool: improved documentation
Incorporated comments made in Lenka Horakova's thesis study.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 4 15:22:06 2017 +0200
tests: added unit test for PKCS#12 with file that uses PBES1 with no salt
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 4 11:28:27 2017 +0200
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 4 12:52:14 2017 +0200
tests: add unit test for PKCS#12 with file that uses SHA512 for MAC
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 4 12:11:27 2017 +0200
pkcs12: increased the maximum salt size
This accomodates for files which have salt sizes up to 256 bytes.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 4 12:01:15 2017 +0200
_gnutls_pkcs12_string_to_key: allow SHA384 and SHA512
The previous implementation of the function was restricted to SHA1 and
SHA256. Extended to allow SHA384 and SHA512 as well.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 4 11:25:22 2017 +0200
PKCS#12: added support for files with zero salt length in MAC
Resolves #191
Resolves #190
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 4 11:19:23 2017 +0200
tests: added unit test for PKCS#12 with file with no salt in MAC
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 3 09:44:43 2017 +0200
tests: verify that the encryption OID is printed
That is, verify whether certtool --p12-info will print the
actual encryption OID on unsupported files, rather than the
generic PBES2 algorithm.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 3 09:35:31 2017 +0200
gnutls_pkcs8_info: return the encryption algorithm OID on failure
When failing to import a structure due to an unsupported encryption
algorithm OID, return the unsupported OID instead of the generic
PBES2 OID.
Resolves: #193
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 4 10:26:43 2017 +0200
gnutls_transport_set_pull_timeout_function: doc update [ci skip]
Clarified when this function should be set. Based on suggestion by
Sean Greenslade.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sun Apr 2 17:56:15 2017 +0200
Use NORMAL priority for SSLv23_*_method.
Instead of enforcing TLS1.0/SSL3.0 use gnutls NORMAL priority for
SSLv23_*_methods.
http://bugs.debian.org/857436
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 2 15:14:41 2017 +0200
.gitlab-ci.yml: renamed dist build to doc-dist
This better describes the name of the build.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 2 15:12:44 2017 +0200
.gitlab-ci.yml: combined minimal and no-tools builds
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 2 15:07:05 2017 +0200
.gitlab-ci.yml: combined static analyser runs
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 1 23:40:12 2017 +0200
.gitlab-ci.yml: reduced builds and stages
That is an improvement to run the CI faster.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 30 20:56:01 2017 +0200
tests: added unit test for gnutls_priority_get_cipher_suite_index
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 31 20:33:49 2017 +0200
gnutls-cli: eliminate leak on --list option
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 29 18:52:48 2017 +0200
gnutls_priority_get_cipher_suite_index: fixed returned protocols
That is no longer return indexes for ciphersuites which would not have
been available due to TLS version mismatch in the priorities cache.
Resolves #146
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Matt Turner <mattst88@gmail.com>
Date: Fri Mar 31 13:45:04 2017 -0700
tests: Copy template out of ${srcdir}
Otherwise, out of tree builds will fail to copy the template.
Signed-off-by: Matt Turner <mattst88@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 31 20:56:04 2017 +0200
gnutls_cipher_get_tag_size: document behavior on non-AEAD ciphers
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 31 20:53:19 2017 +0200
doc: make a note that parts of the crypto API are in Core API
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 31 16:27:03 2017 +0200
tests: added checks with problematic PKCS#12 files
These check whether parsing of unsupported files (e.g., with RC2-128),
will succeed. This serves as functionality check for gnutls_pkcs8_info.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 31 16:17:07 2017 +0200
gnutls_pkcs8_info: do not free oid on GNUTLS_E_UNKNOWN_CIPHER_TYPE
The documented behavior of the function was to return a valid
OID in that case.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 30 19:58:22 2017 +0200
doc update [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 29 14:08:26 2017 +0200
Makefile.am: dropped .clcopying from dist files [ci skip]
It is no longer being used.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 29 10:40:31 2017 +0200
Simplified the generation of ChangeLog [ci skip]
Removed the dependency on git2cl and utilize git log directly.
git2cl seems to provide incorrect output.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 28 09:05:38 2017 +0200
tests: added global locks on tls-fuzzer tests
They both require access to the same port and thus cannot
be run in parallel.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 28 09:01:25 2017 +0200
cert: ensure that there are no leftovers in certificate msg
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 28 08:58:29 2017 +0200
testsuite: added tlsfuzzer certificate requiring tests
This enhances the testsuite by running all the tlsfuzzer
fuzzer tests which require certificates from server.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 28 08:40:32 2017 +0200
alert: return GNUTLS_A_BAD_CERTIFICATE on GNUTLS_E_PK_SIG_VERIFY_FAILED
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 28 09:28:44 2017 +0200
fuzz: updated pkcs12 corpus
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 27 17:40:23 2017 +0200
fuzz: added PKCS#12 file parser fuzzer
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 27 17:28:08 2017 +0200
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Mar 26 13:46:45 2017 +0200
ocsp-test: disable under windows
This test was failing because datefudge couldn't run under win32.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Mar 26 13:45:37 2017 +0200
Revert "ocsp-test: disable under windows"
This reverts commit 90d5ad5a42759957866ba1d9c96f5dccfd3ea1cc.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Mar 26 10:10:02 2017 +0200
.travis.yml: no longer install pkg-config
Travis build seem to fail for some reason since pkg-config is already
installed.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Mar 26 10:07:13 2017 +0200
ocsp-test: disable under windows
This test was failing because datefudge couldn't run under win32.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 25 21:48:46 2017 +0100
.gitlab-ci.yml: increase time of artifact expiration
This allows to re-run failed builds on the depending stages
during that time.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 25 21:44:53 2017 +0100
gnutls.pc: Removed P11_KIT_LIBS from Libs.private
It was already being included in Requires.private. Reported
by Andreas Metzler.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 23 08:03:52 2017 +0100
gnutls.pc: don't include zlib twice in private libs
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 23 11:39:34 2017 +0100
tests: create-chain.sh: do not explicitly set serial
We were previously exporting certificates with serial number being
zero, which is not allowed by RFC5280.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 23 11:34:07 2017 +0100
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 22 09:39:12 2017 +0100
tests: added mini-x509-ipaddr
This is a unit test for GNUTLS_DT_IP_ADDRESS as used in
gnutls_certificate_verify_peers().
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 22 09:00:09 2017 +0100
Introduced GNUTLS_DT_IP_ADDRESS
This allows verifying an IP address using gnutls_certificate_verify_peers()
or gnutls_x509_trust_list_verify_crt2().
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 21 12:19:35 2017 +0100
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 17 15:04:50 2017 +0100
tests: check whether we fallback to CN unconditionally
This is a unit test for:
"gnutls_x509_crt_check_hostname2: do not fallback to CN unconditionally"
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 17 15:01:12 2017 +0100
gnutls_x509_crt_check_hostname2: do not fallback to CN unconditionally
Do not fallback to checking the CN of a certificate for a hostname
if supported names such as IP addresses were found in gnutls_x509_crt_check_hostname2().
This behavioral change is in order to satisfy the RFC6125 requirement
of not falling back to CN in that case. Reported by Suphannee Sivakorn.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 17 14:50:10 2017 +0100
tests: added unit test of GNUTLS_VERIFY_DO_NOT_ALLOW_IP_MATCHES
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 17 14:43:36 2017 +0100
Introduced verification flag GNUTLS_VERIFY_DO_NOT_ALLOW_IP_MATCHES
This flag when provided to the gnutls_x509_crt_check_hostname2() function
(and its callers), will prevent IP matching of the subject alternative
name. This can be utilized by applications which directly check for
IP addresses using gnutls_x509_crt_check_ip().
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 17 14:37:21 2017 +0100
updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 16 11:38:19 2017 +0100
tests: added unit test for gnutls_x509_crt_check_ip
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 16 10:07:37 2017 +0100
Added gnutls_x509_crt_check_ip()
This function allows to directly verify IP addresses on a certificate.
That is a first step towards making gnutls_x509_crt_check_hostname2()
not verify IP addresses.
Based on discussion and suggestion by Suphannee Sivakorn. See
https://lists.gnupg.org/pipermail/gnutls-devel/2017-March/008368.html
Relates #185
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 21 14:07:22 2017 +0100
tests: added unit test of gnutls_pubkey_verify_data2 override flags
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 21 13:47:09 2017 +0100
tests: keygen -> privkey-keygen
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 21 13:20:02 2017 +0100
_gnutls_check_key_cert_match: allow broken sigs
That ensures that when loading a certificate pair with SHA1, when
SHA1 is disabled will not cause the server to fail to load.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 21 13:14:24 2017 +0100
.gitignore: more files to ignore
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 21 13:12:07 2017 +0100
Use a common function to decide acceptable signatures
That is, ensure that results from all verification functions,
including gnutls_pubkey_verify_data2(), will be consistent with
SHA1 and other algorithms deprecation.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 21 13:01:51 2017 +0100
check_ocsp_response: utilize the same flags as in certificate verification
That ensures that overrides like using broken algorithms are considered
in OCSP validation.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 21 14:34:37 2017 +0100
extensions: print the name/type of any unexpected extension
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 18 18:12:55 2017 +0100
tests: added script to check pkg-config operation
That is, whether the generated gnutls.pc will function for
compiling and linking.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 18 17:56:42 2017 +0100
gnutls.pc: don't pass the libtool vars to Libs.private
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 21 10:11:54 2017 +0100
tests: improved tls-rehandshake tests
Used common definitions from cert-common.h for certificates,
and improved error detection in tls-rehandshake-cert-2.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 21 09:42:59 2017 +0100
tests: check whether a rehandshake without a cert works
That is, check whether if on initial handshake the server requests
a certificate, but on the following rehandshake he doesn't, whether
the client behaves as expected. This tests:
1f685db853db6e48c77c6dbde0cdf716a7303baa
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 21 09:36:18 2017 +0100
handshake: reset cert request state on handshake init
That addresses a bug which on client side on case of an initial
handshake with a client certificate, we continue to send this
certificate even if on rehandshake we were not requested with on.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 21 07:59:37 2017 +0100
Revert "nettle/rnd: use gettime() instead of gnutls_time()"
This reverts commit c4842a21f65c7fc9a27932eb1792b1fc9e65f722.
The time() syscall is also implemented as syscall() and is in
fact performing better than gettime().
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 20 23:00:06 2017 +0100
README.md: corrected typo [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 20 16:31:42 2017 +0100
nettle/rnd: use gettime() instead of gnutls_time()
The gnulib gettime() maps to gettimeofday() or clock_gettime()
which are both implemented as fast system calls - see vdso(7)-
and as such are available without a switch to kernel mode.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 20 13:29:42 2017 +0100
doc: updated RNG documentation to reflect the previous changes
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 20 13:23:39 2017 +0100
nettle/rnd: re-seed both key and nonce levels based on time
The time(0) is quite cheap on modern operating systems, and thus we
can rely on it to provide improved assurance in the output randomness.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 20 13:13:11 2017 +0100
nettle/pk: use nonce level for RSA padding
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 18 19:26:02 2017 +0100
README.md: corrected link for coverage in master [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Martin Storsjo <martin@martin.st>
Date: Fri Mar 17 23:33:01 2017 +0200
Avoid deprecation warnings when including gnutls/abstract.h
Since ac3de8f5, when all openpgp functionality was deprecated, a
library user including gnutls/abstract.h gets warnings about
deprecated declarations, like this:
gnutls/openpgp.h:328:10: warning: ‘gnutls_openpgp_recv_key_func’ is deprecated [-Wdeprecated-declarations]
gnutls_openpgp_recv_key_func func) _GNUTLS_GCC_ATTR_DEPRECATED;
This warning is emitted since the gnutls_openpgp_set_recv_key_function
prototype uses the deprecated typedef gnutls_openpgp_recv_key_func.
By omitting the deprecation attribute from this individual
typedef, we avoid the spurious warnings in calling code which just
includes gnutls/abstract.h without actually using anything related
to openpgp.
Signed-off-by: Martin Storsjo <martin@martin.st>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 17 10:47:33 2017 +0100
gnutls.h: added definitions to obtain the maximum element in several enumerations
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 16 14:29:10 2017 +0100
tests: added basic unit tests for several string functions of libs
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 24 09:44:55 2017 +0100
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 13 22:51:57 2017 +0100
tests: certtool-crl-decoding: ignore lines warning about SHA1 deprecation
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 13 17:17:32 2017 +0100
tests: check the flag GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1
In addition verify whether the GNUTLS_VERIFY_ALLOW_BROKEN flag
works when MD5 is present.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 13 17:13:48 2017 +0100
Introduced flag GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1
This allows performing a verification with only SHA1 allowed
from the broken algorithms. This can be used to fine-tune
verification in case default verification fails, to detect
whether the failed algorithm was SHA1.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 13 17:06:47 2017 +0100
Introduced the %VERIFY_ALLOW_BROKEN priority string option
This allows enabling broken signature algorithms in certificate verification.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 13 17:00:22 2017 +0100
Allow reverting the SHA1 ban as a signature algorithm
This allows distributors to decide not to ban SHA1. This
option may be removed in the future.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 24 12:36:46 2017 +0100
p11tool: test-sign operation using SHA256 instead of SHA1
This avoids the errors returned from the verification functions due to
SHA1 usage.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 24 09:42:26 2017 +0100
tests: updated to account SHA1 move to broken set
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 24 08:35:34 2017 +0100
algorithms: tag SHA1 as insecure algorithm
Although SHA1 was considered to be risky to use the past few years,
there has been no demonstration of breakage. As of 2017-2-23 there has
been a demonstrated collision in SHA1, and even though the attack was
a costly one, it provided the incentive to should move SHA1 into
the broken hashes list together with MD5 and MD2.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 16 14:02:05 2017 +0100
README.md: updated coverage links [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 16 08:25:52 2017 +0100
tests: removed unneeded ifdef in tlsext-decoding.c
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 16 09:04:24 2017 +0100
doc: updated RNG design
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 15 14:21:43 2017 +0100
nettle/rnd: introduced time limit for key generator
That is, force re-key of the KEY and RANDOM PRNG after 2 hours
of operation, irrespective of the amount of data having been output.
At the same time, increase limits for key and nonce generators,
to prevent a large amount of system calls in busy servers.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 15 15:11:14 2017 +0100
_gnutls_pk_generate_keys: separate between ephemeral and long-term keys
That allows using the faster generator for ephemeral keys.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 15 14:46:54 2017 +0100
nettle/pk: use the nonce level for digital signatures
That is, we do not really require high quality secret data for the generation
of signatures. A better approach would be to switch to predictable signatures (RFC6979).
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 15 22:06:59 2017 +0100
.gitlab-ci.yml: limit submodule update to avoid fetch
This should reduce both the bandwidth and the time of the fetch.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Martin Storsjo <martin@martin.st>
Date: Wed Mar 15 23:32:12 2017 +0200
Fix a typo in a variable name in an m4 script
Signed-off-by: Martin Storsjo <martin@martin.st>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Tue Mar 14 19:27:49 2017 +0200
build: disable valgrind tests by default
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 15 05:17:37 2017 +0100
.gitlab-ci.yml: ubsan build utilizes -Werror for the library
That brings back the -Werror for building, after its removal from
clang-analyzer build.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 14 16:43:34 2017 +0100
.gitlab-ci.yml: remove -Werror compilation from scan-build
When we pass '--status-bugs' to the command in combination with
'-Werror' in CFLAGS it has the following side effects. In a failed
due to Werror build, scan-build fails to find any issues, and
marks the run as successfully completed. Hence, removes the -Werror
from clang-analyzer.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Mon Mar 13 20:47:02 2017 +0200
build: tests: resolve as-needed issue with seccomp
Incorrect ordering of -lseccomp:
<snip>
-Wl,--as-needed ../lib/.libs/libgnutls.so -lseccomp ./.libs/libutils.a
./.libs/libutils.a(seccomp.o): In function seccomp_init'
seccomp.c:(.text+0x2b): undefined reference to `seccomp_init'
<snip>
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 13 23:27:14 2017 +0100
fuzz: Corrected default options in fuzz scripts [ci skip]
This change assumes that afl-fuzz (and not libfuzzer) will be used
by default.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 13 20:13:49 2017 +0100
gnutls_pkcs11_privkey_init: document limitation on created object [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 13 15:21:40 2017 +0100
pkcs11: re-open privkey session handle on CKR_SESSION_HANDLE_INVALID
When initializing a private key operation, attempt to re-open the key
if CKR_SESSION_HANDLE_INVALID is received.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 13 15:15:31 2017 +0100
tests: pkcs11-mock lib: check object session sanity prior to using it
This avoids crashes when the object is used after a fork but prior
to the session being re-established.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 9 11:21:50 2017 +0100
tests: added an OCSP response parsing coverage test
This inputs a large set of valid and invalid OCSP files
in the OCSP parser with the intention to stress test its
error checking, and prevent regressions.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 9 08:14:32 2017 +0100
tests: added a certificate parsing coverage test
This inputs a large set of valid and invalid certificates in
the certificate parser with the intention to stress test its
error checking, and prevent regressions.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 13 09:39:03 2017 +0100
.gitignore: more files to ignore
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 13 09:33:29 2017 +0100
tests: added unit tests for gnutls_pkcs11_token_get_mechanism
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 13 09:28:25 2017 +0100
tests: included unit test for gnutls_pkcs11_obj_export
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 13 09:23:37 2017 +0100
tests: added unit test for gnutls_pkcs11_reinit()
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 13 09:17:42 2017 +0100
tests: added unit tests for gnutls_pkcs11_obj_get_info
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 13 09:17:07 2017 +0100
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 13 09:14:15 2017 +0100
gnutls_pkcs11_obj_get_info: don't include the terminator into output size
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Mon Mar 13 11:32:07 2017 +0200
tests: cert-tests: openpgp-certs: align test redirection
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Mon Mar 13 10:45:08 2017 +0200
tests: suppressions.valgrind: supress fillin_rpath
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Mon Mar 13 11:30:41 2017 +0200
tests: remove unused suppressions.valgrind
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Mar 12 14:48:19 2017 +0100
lib: unconditionally enable the self-check functions
These functions were previously made available only in FIPS140-2
mode. Enabling them unconditionally allows applications to directly
utilize that functionality for testing the gnutls library.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Mar 12 14:43:00 2017 +0100
tests: added unit test for gnutls_pkcs11_get_pin_function
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Mar 12 14:29:14 2017 +0100
tests: moved ocsp-tests to main directory
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 10 17:37:10 2017 +0100
pkcs11: re-open private key session inside a locked section
This prevents clashes when the same operation is carried in other
threads.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 10 17:12:50 2017 +0100
pkcs11: introduced locks to PKCS#11 private key structure
This allows to run PKCS#11 private key operations such as signing
and decryption in parallel.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 10 17:04:20 2017 +0100
tests: introduced check for parallel operation (signatures) in PKCS#11 mode
That is, verify that parallel signatures using a single gnutls_pkcs11_privkey_t
context work.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Sun Mar 12 15:05:41 2017 +0200
tests: scripts: suppress which errors
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 11 12:08:21 2017 +0100
pkcs11: during scan, leave the provider loop asap
This optimizes access when multiple provider modules are available,
by avoiding scanning irrelevant ones.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Alex Gaynor <alex.gaynor@gmail.com>
Date: Sat Mar 11 10:28:50 2017 -0500
Do not attempt to parse a 32-bit integer if a packet is not 4 bytes.
This addresses:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=824
Signed-off-by: Alex Gaynor <alex.gaynor@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 9 15:50:24 2017 +0100
fuzz: document how to run AFL [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 9 10:57:28 2017 +0100
fuzz: added initial corpus for the OCSP request parser
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 8 17:09:59 2017 +0100
fuzz: added initial corpus for OCSP response parser
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 8 17:01:59 2017 +0100
fuzz: added OCSP structure parsers
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 8 16:51:39 2017 +0100
fuzz: increased minimized set of X.509 certificates
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 9 12:57:41 2017 +0100
PKCS8/PKCS12: enforce a maximum number of iterations
This prevents denial of service through very large iteration
counts. Issue found via oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=434
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Alex Gaynor <alex.gaynor@gmail.com>
Date: Wed Mar 8 14:52:38 2017 -0500
Do not attempt to parse a 32-bit integer if a packet is not 4 bytes.
This addresses:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=737
Signed-off-by: Alex Gaynor <alex.gaynor@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 9 11:25:54 2017 +0100
Revert ".gitlab-ci.yml: include coverage statistics of FIPS140-2 code"
This reverts commit 603772688c4e37dae437b4cede12e25b9dd9f678.
The commit introduced a long wait for the coverage build without
and significant benefit (the extend of the FIPS140 code is limited
to have any impact on the overall coverage).
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 9 10:52:59 2017 +0100
sysrng-linux: define _rnd_get_system_entropy unconditionally
This fixes compilation in systems without getrandom().
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 8 16:00:02 2017 +0100
tests: dtls-stress: use X.509 certificates instead of openpgp
This will allow the test tool to operate even after openpgp certificates
are deprecated.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 7 22:52:31 2017 +0100
.gitlab-ci.yml: added build without openpgp support
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 8 11:32:31 2017 +0100
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 7 22:36:16 2017 +0100
Added openpgp stub file
That allows disabling openpgp authentication and at the same time
retaining ABI compatibility with versions including openpgp.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 8 15:00:06 2017 +0100
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 8 14:58:14 2017 +0100
tests: split PKCS#12 encoding from decoding tests
Enhanced PKCS#12 encoding tests, with the encoding of a file
which contains a cert, a key and a CRL.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 8 14:47:20 2017 +0100
tests: added PKCS#12 file decoding containing a CRL
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 8 14:40:15 2017 +0100
certtool: enhance to allow writing CRLs in PKCS#12 files
In addition fallback to DER when --load-crl fails importing a PEM
encoded CRL due to PEM issues.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 8 14:21:30 2017 +0100
tests: added CRL decoding unit tests using certtool
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 8 14:04:32 2017 +0100
tests: enhanced basic tests in CRL parsing
That tests gnutls_x509_crl_get_crt_serial().
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 8 13:50:55 2017 +0100
Rewritten gnutls_x509_rdn_get() and gnutls_x509_rdn_get2()
The new code re-uses the gnutls_x509_dn APIs instead of re-implementing.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 8 13:43:36 2017 +0100
tests: added checks for the old DN decoding functions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 7 22:39:20 2017 +0100
tests: do not run tests which require openpgp when it is disabled
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 7 22:47:55 2017 +0100
.gitlab-ci.yml: include coverage html output as artifact
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 8 13:22:59 2017 +0100
tests: x509-verify: print the keys on failure
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 8 13:17:15 2017 +0100
gnutls_privkey_export_x509: doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 8 13:07:08 2017 +0100
tests: split sign-verify test to RSA and ECDSA parts
This allows parallelist and also helps identifying easier the
culprit on an error.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 8 11:52:25 2017 +0100
tests: adjusted for the removal of HMAC-MD5
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 8 11:48:28 2017 +0100
priority: do not enable HMAC-MD5 by default
While HMAC-MD5 is not yet broken, it is not used by any non-broken
or non-NULL ciphersuites (is only used with NULL and RC4), and as there
is not plan to introduce new ciphersuites with that MAC algorithm, there
is no point to include it in the default set of allowed algorithms.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 7 23:10:43 2017 +0100
tests: converted FIPS140-2 mode checks in Makefiles to run-time in scripts
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 8 10:48:40 2017 +0100
gnutls.h: introduced GNUTLS_E_TLS_PACKET_DECODING_ERROR [ci skip]
This is an alias to GNUTLS_E_UNEXPECTED_PACKET_LENGTH. That
allows distinguishing the alert from GNUTLS_E_RECORD_OVERFLOW.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 7 21:53:51 2017 +0100
tests: crq: ignore lines for Security Level
This allows running the test under FIPS140-2 mode.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 7 21:39:12 2017 +0100
ax_code_coverage.m4: updated
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 6 23:21:33 2017 +0100
.gitlab-ci.yml: initialize submodules where needed (for tlsfuzzer run)
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 6 15:28:01 2017 +0100
.gitlab-ci.yml: include subdirs of suite/ in artifacts
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 6 23:11:39 2017 +0100
ext/signature: error on invalid extension format
That is, if an extension containing no signature algorithms is
encountered, treat that as an error. This is an RFC5246 requirement,
since the minimum "supported_signature_algorithms" length is 2.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 6 14:30:19 2017 +0100
_gnutls_proc_x509_server_crt: return GNUTLS_E_CERTIFICATE_ERROR on parsing error
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 6 14:21:45 2017 +0100
alert: GNUTLS_E_NO_CERTIFICATE_FOUND maps to GNUTLS_A_DECODE_ERROR
This is the closest to use alert when no certificate is found; at least
it is closer according to tlsfuzzer and rfc5246 text on insuficient_security
alert.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 6 13:51:33 2017 +0100
read_client_hello: use integer for extensions size
As we do not read the value directly, but rather assign to it
the remaining data, we ensure that there are no overflows if
we have additional data past the extensions field. The integer
can hold more than 2^24 which is the maximum handshake packet
size.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 3 16:33:57 2017 +0100
ext/signature: reject an extension with padded data
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 3 16:18:44 2017 +0100
ext/signature: reject an extension size of zero
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 3 15:58:19 2017 +0100
gnutls_record_recv: do not accept a client hello while handshake is in progress
That is, do not return GNUTLS_E_REHANDSHAKE, while we are within
a handshake process.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 3 15:16:59 2017 +0100
read_client_hello: fail early on illegally formatted message
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 2 17:57:57 2017 +0100
_gnutls_parse_extensions: do not fail on empty extensions field
On the other hand, fail if an empty extensions field is seen, but
the client hello contains data nevertheless, or if the extensions
field is padded with additional unaccounted data.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 2 17:53:55 2017 +0100
alert: GNUTLS_E_PK_INVALID_PUBKEY maps to GNUTLS_A_ILLEGAL_PARAMETER
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 2 17:48:31 2017 +0100
alerts: separated record overflow from decode error alerts
Introduced GNUTLS_E_RECORD_OVERFLOW.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 2 17:42:51 2017 +0100
auth: failures of _gnutls_mpi_init_scan_nz map to GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER
That ensures that the right alert is send when illegal
parameters are received (e.g., zero length).
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 7 11:49:45 2017 +0100
doc: updated tlsproxy to latest version
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 18 14:17:18 2016 +0200
testsuite: added tlsfuzzer
This enhances the testsuite by running all the tlsfuzzer
fuzzer tests which require no certificates from server.
https://github.com/tomato42/tlsfuzzer
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 7 07:55:10 2017 +0100
tests: converted compile-time checks for FIPS140 mode to run-time
This allows running the complete test suite even when the library
is compiled in FIPS140-2 mode, as long as the run-time is not at
this mode.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 7 07:39:20 2017 +0100
.gitlab-ci.yml: include coverage statistics of FIPS140-2 code
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 7 07:32:46 2017 +0100
.gitlab-ci.yml: include FIPS140-2 code into static analyzer runs
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 6 22:35:41 2017 +0100
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 1 10:22:04 2017 +0100
nettle/rnd-fips: combined the FIPS-compliant generators to two
This brings the FIPS generators in par with the non-FIPS chacha-based ones.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 1 10:18:14 2017 +0100
nettle/rnd: use two random generators instead of 3
That combines the levels GNUTLS_RND_RANDOM and GNUTLS_RND_KEY, while
at the same time makes sure that backtracking is impossible on the
GNUTLS_RND_KEY level, by reinitializing the RNG after a call requesting
data for the GNUTLS_RND_KEY level.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 1 10:04:18 2017 +0100
doc: updated the PRNG documentation to utilize two PRNG instances
Also move the random generator discussion to internals section.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 27 11:37:39 2017 +0100
doc: document the state of PRNG in GnuTLS 3.6.0
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 27 11:51:18 2017 +0100
nettle/pk: corrected call to gnutls_rnd() for rnd_nonce_func
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Feb 26 20:07:41 2017 +0100
tests: decoupled the random generator operational tests from the forking ones
That also corrects the fact that not all tests were run for all generators,
and allows to run the tests in parallel.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Feb 26 19:56:09 2017 +0100
nettle/rnd: specify different limits for rekey in PRNGs
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Feb 26 19:20:16 2017 +0100
nettle/pk: use the GNUTLS_RND_RANDOM level for DH/DSA params
This are not long term keys and do not require the key level.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Feb 26 19:16:32 2017 +0100
tests: added check to verify that including crypto.h is sufficient
That is, sufficient to use its functionality, and including additional
headers isn't necessary.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Feb 26 19:11:51 2017 +0100
crypto.h: include gnutls.h to obtain required types
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 23 10:44:43 2017 +0100
rnd: reduce calls to _rnd_get_system_entropy
That is, no longer obtain the initial nonces for the RNG
via _rnd_get_system_entropy() but instead use time-based ones
which are typically faster kernel calls. This reduces the number
of expensive system calls done during thread and
process initialization.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 21 11:48:08 2017 +0100
rnd: when reseeding the generators use the next best generator
That is, use the RANDOM level to obtain keys to reseed the
NONCE level, and the KEY level to reseed the RANDOM. The KEY
level is reseeded using the system random generator.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 21 11:11:31 2017 +0100
tests: verify whether crypto operations fail
That is verify whether a signature operation will fail if
the library is in error state.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 21 11:05:48 2017 +0100
Added _gnutls_lib_force_operational
This allows recovering from _gnutls_lib_simulate_error() which in
turn allows more advanced tests. Not documented, and intended to
be an internal symbol only.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 21 10:56:44 2017 +0100
pk: always use _gnutls_switch_lib_state
This avoids relying on abort() for RNG errors in PK wrappers.
We use instead the library state originally added for FIPS140-2
support, and if the state indicates failure the operation will
fail.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 21 10:43:56 2017 +0100
rnd: switched to 3 chacha-based PRNGs for all security levels
Chacha was selected because it is already present in TLS protocol
as algorithm, meaning that re-using would improve CPU caching,
and it is a comparable in performance algorithm to the existing
PRNG used for nonces (salsa20). The yarrow generator was removed
because we are primarily seeding from system devices which are
sufficiently trustworthy to offload us from coping with the
handling of multiple sources of input. As such it allows
us to switch to a simpler PRNG such as a stream cipher like Chacha.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Feb 19 10:40:44 2017 +0100
rnd: aligned type of data counter with input data type (size_t)
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Feb 19 09:57:39 2017 +0100
random: keep global list of initialized contexts
This allows to properly deinitialize all random generator
contexts on library deinitialization.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 18 21:47:33 2017 +0100
rnd: removed call of _rnd_system_entropy_deinit on deinit
This was already being done in _gnutls_rnd_deinit().
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 27 13:52:23 2017 +0100
Removed locks from internal rng
Also made the rng back-end to be thread-safe.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 27 10:21:56 2017 +0100
Use a thread local random generator.
This allows accessing the per-thread random generator in
a lock-free way, at the cost of additional memory per thread.
The default random generator imposes around 640 bytes per thread
on 64-bit architectures.
Resolves: #141
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 6 07:38:20 2017 +0100
Makefile.am: added missing file
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 6 06:58:29 2017 +0100
.gitlab-ci.yml: execute initialization stage unconditionally [ci skip]
This step is required both in tags and commit runs.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Mar 5 18:22:04 2017 +0100
datum.h: documented behavior of datum functions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Mar 5 18:17:36 2017 +0100
_gnutls_set_strdatum: always return an allocated string on success
That prevents returning NULL to functions which require a string.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Alex Gaynor <alex.gaynor@gmail.com>
Date: Sun Mar 5 02:21:30 2017 +0000
Enforce the max packet length for OpenPGP subpackets as well
This addresses:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=392
Signed-off-by: Alex Gaynor <alex.gaynor@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Mar 5 08:08:10 2017 +0100
doc: corrected typo [ci skip]
It was pointed out by morozov@eags.ru.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 3 09:31:37 2017 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 3 09:29:12 2017 +0100
tests: do not generate certificates with serial being zero
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 3 08:48:41 2017 +0100
tests: check whether a certificate with illegal version is rejected
That is, whether a certificate with version zero fails to import.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 3 08:38:01 2017 +0100
gnutls_x509_crt_set_version: do not allow writing illegal versions
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 3 08:28:47 2017 +0100
x509: reject illegal certificate versions
Resolves #182
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 3 08:44:41 2017 +0100
gnutls_x509_crt_set_serial: refuse to write all-zero serial number
This is prohibited by RFC5280.
Relates #181
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 3 08:27:23 2017 +0100
gnutls_x509_crt_set_serial: document the 20-byte limit for serial sizes
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 1 12:51:47 2017 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 1 11:59:50 2017 +0100
tests: chainverify: incorporated the tests for unknown critical extensions
These check whether unknown critical extensions are detected during verification,
and whether the flag GNUTLS_VERIFY_IGNORE_UNKNOWN_CRIT_EXTENSIONS, is honored
during verification.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 1 11:47:17 2017 +0100
x509.h: introduced flag GNUTLS_VERIFY_IGNORE_UNKNOWN_CRIT_EXTENSIONS
That flag signals the verification process, not to fail on unknown critical
extensions. This can be used when the critical extension checking in a chain
is handled externally.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 27 16:54:33 2017 +0100
tests: verify that critical extensions can be stored
That is, ensure that we don't repeat the regression of
certtool not processing free-form critical extensions when no
other free-form extensions are present.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 27 15:50:44 2017 +0100
tests: added verification for unknown critical extensions
This tests whether unknown critical extensions will cause a verification
failure.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 27 14:48:37 2017 +0100
x509/verify: refuse to verify certificates with unknown critical extensions
That is, introduced flag GNUTLS_CERT_UNKNOWN_CRIT_EXTENSIONS, which is
set when the chain under verification contains unsupported extensions marked
as critical.
Resolves: #177
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 1 10:17:41 2017 +0100
.gitlab-ci.yml: run tests under a FIPS140 mode simulation
That is, in FIPS140-2/Fedora/x86_64 build, run tests under a normal
run (when library is compiled with FIPS140-2 support but not enabled
on run time), and also run tests under a run-time that simulates
FIPS140-2 support.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 1 17:13:37 2017 +0100
crypto-self-tests: modified exported functions to work under fips140-2 mode
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 1 15:52:13 2017 +0100
tests: skip tests which cannot be run in FIPS140-2 mode
This allows the test suite to be run in FIPS140-2 mode.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 1 15:42:25 2017 +0100
_gnutls_pk_params_copy: copy the provable algorithm used
This is affected utilization of generated RSA keys under FIPS140-2 mode
which utilizes provable generation.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 1 14:31:30 2017 +0100
gnutls_session_ticket_key_generate: fixed operation under FIPS140-2 mode
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 1 14:05:31 2017 +0100
tests: priorities: enhanced for test to work under FIPS140-2 mode
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 1 13:46:43 2017 +0100
gnutls-cli: print the ciphers, MACs and KXs when priority string is given
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 1 13:39:39 2017 +0100
gnutls_priority_get_cipher_suite_index: do not return values for non-existent ciphers
That is, do return only the enabled algorithms in states like FIPS140-2,
rather than returning the set that would have been enabled if these
restrictions wouldn't be in place.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 28 15:46:07 2017 +0100
README.md: removed info that gnutls is a gnu project [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 28 15:33:45 2017 +0100
tests: doc update [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 1 07:58:04 2017 +0100
tests: added test cases with invalid openpgp certs
These certificates contain invalid secret key sub-packets.
These trigger invalid memory accesses:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=360
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=354
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 1 07:54:04 2017 +0100
opencdk: do not parse any secret keys in packet when reading a certificate
This reduces the attack surface on the parsers, and prevents any bugs
in the secret key parser to be exploitable by inserting secret key
sub-packets into an openpgp certificate.
This addresses:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=354
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=360
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 28 10:32:38 2017 +0100
tests: crt_apis: added tests for writing/reading unique IDs
That is check the functionality of:
- gnutls_x509_crt_get_subject_unique_id
- gnutls_x509_crt_get_issuer_unique_id
- gnutls_x509_crt_set_issuer_unique_id
- gnutls_x509_crt_set_subject_unique_id
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 28 10:59:28 2017 +0100
Added _gnutls_idna_email_reverse_map
This allows printing the reverse map of an IDNA-encoded email.
Modified x509/output to include this decoding for RFC822Name.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 28 10:47:03 2017 +0100
x509/output: Cleanup in IDNA name printing
That also removes the incorrect mapping to IDNA punycode when the
input is not printable.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 28 08:48:24 2017 +0100
tests: added test for interactive creation of a request
Relates #179
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 28 08:24:30 2017 +0100
certtool: removed limits in interactive input
That removes the limits when reading most of the interactive input.
The read_str() function due to its dependence on static variable remains
with a limit, but will output an error if the input string exceeds size.
Resolves #179
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 28 08:00:56 2017 +0100
certtool: increased buffer for reading from user
This allows reading longer than 128-byte fields interactively.
The new limit is 512-bytes.
Relates #179
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 27 08:23:47 2017 +0100
tests: added certificate generation with very long DNS and CN name
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 27 15:58:53 2017 +0100
gnutls_x509_crt_get_extension_info: fixed function to comply with documented approach
That is, do not include the trailing NULL byte size in the
size of the object identifier.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 27 16:47:55 2017 +0100
certtool: store critical extensions even if no other extension are present
That is, fix a bug which prevented critical extensions to be stored
if no other free-form extensions were specified.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 27 15:06:57 2017 +0100
x509/name_constraints: documented return values and corrected return type
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 24 09:24:19 2017 +0100
gnutls_ocsp_resp_verify_direct, gnutls_ocsp_resp_verify: defined flags argument
That was defined to be gnutls_certificate_verify_flags, and
it allows passing verification flags, such as flags to allow
broken algorithms.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 24 09:09:10 2017 +0100
is_level_acceptable: no longer checks for broken algorithms
This is done at is_broken_allowed(), and in fact checking them in
is_level_acceptable() creates a conflict when overrides like flag
GNUTLS_VERIFY_ALLOW_BROKEN is used.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 24 08:57:27 2017 +0100
gnutls_store_commitment: introduced flag GNUTLS_SCOMMIT_FLAG_ALLOW_BROKEN
This flag allows operation of the function even with broken algorithms.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 24 08:46:01 2017 +0100
verify: is_broken_allowed: account for "new" flag GNUTLS_VERIFY_ALLOW_BROKEN
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 24 09:53:26 2017 +0100
devel/fuzz: added necessary casts for compilation [ci skip]
Also added the IDNA targets to makefile's default target.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 24 07:56:50 2017 +0100
devel/fuzz: include string.h for strlen() [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 23 18:05:09 2017 +0100
devel/fuzz: IDNA fuzzers: removed printf [ci skip]
see request in:
https://github.com/google/oss-fuzz/issues/417
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 23 11:08:34 2017 +0100
tests: added test case with invalid openpgp cert
This triggers an invalid memory access:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=391
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 23 11:10:04 2017 +0100
opencdk: read_attribute: account buffer size
That ensures that there is no read past the end of buffer.
Resolves the oss-fuzz found bug:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=391
Relates: #159
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 23 13:35:42 2017 +0100
gnutls-cli-debug: fixed protocol to port discovery
That is, if --starttls-proto is provided the default port
selected will be converted to host byte order as expected.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 23 13:11:45 2017 +0100
pk.c: fixed memory leak on DSS signature decoding
Detected using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=676
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 23 13:07:47 2017 +0100
tests: added client reproducer for memory leak
That reproduces a memory leak detected in the client code path.
Detected using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=676
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 23 12:34:28 2017 +0100
tests: update to take into account the removal of random art
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 23 10:26:04 2017 +0100
x509/output: No longer include public key's random art
That is in order to reduce bloat in the output, which already
contains many identifiers for public key.
See mailing list discussion at:
https://lists.gnupg.org/pipermail/gnutls-devel/2017-February/008324.html
https://lists.gnupg.org/pipermail/gnutls-devel/2017-February/008329.html
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 22 17:02:33 2017 +0100
tests: updated to include the pin-sha256 in output
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 22 16:47:02 2017 +0100
tests: updated to take into account the pin-sha256 oneline output
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 22 11:11:06 2017 +0100
x509/output: print key PIN on oneline output
That is, instead of the public key ID. The key PIN due to HPKP
is now more widely used than hex-based key IDs.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 22 11:06:51 2017 +0100
x509/output: print the public key PIN of a certificate
That is, print the value used by the HPKP protocol as per
RFC7469.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 23 09:39:28 2017 +0100
certtool: don't warn when 'uri' is specified on template
Reported at:
https://bugzilla.redhat.com/show_bug.cgi?id=1425884
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 22 21:53:42 2017 +0100
.gitlab-ci.yml: ubsan build: fixed artifacts path
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 22 21:45:32 2017 +0100
tests: split starttls.sh into multiple scripts
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 22 21:29:22 2017 +0100
tests: pkcs11-import-with-pin: removed invalid conditional macro
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 22 17:38:07 2017 +0100
tests: added PKCS#11 test for pin input
This introduces a test on PIN input to retrieve an object using
pin-value and pin-source (file).
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 22 21:01:30 2017 +0100
SECURITY.md: updated after comments from Daniel Berrange [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 21 16:50:22 2017 +0100
Removed unnecessary entries in pkix.asn and gnutls.asn
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 21 14:20:17 2017 +0100
nettle/pk: corrected memcpy of Q in DSA params
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 20 08:02:02 2017 +0100
crypto.h: improved documentation of randomness levels
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 20 08:01:09 2017 +0100
nettle/pk: use the appropriate level of randomness for each operation
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 20 08:00:41 2017 +0100
srp: use nonce level for SRP password randomization
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 21 08:58:16 2017 +0100
doc: document the use of assert()
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 21 08:17:25 2017 +0100
doc: removed protocol/ directory
While it was used during the first years of development, today
it is way more easy to access protocol documents via the IETF
web site.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 21 08:13:56 2017 +0100
Added SECURITY.md, a description of the security issue handling process
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 20 18:57:56 2017 +0100
.gitlab-ci.yml: require clang analyzer build to be warning free
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 20 18:53:01 2017 +0100
configure: no longer use -Wframe-larger-than
We do not require a specific stack size, and there is legacy
code which utilizes large stack sizes. As such remove the
warnings to allow for a warning free compilation.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 20 18:50:40 2017 +0100
pkcs11: avoid calling memcpy will null options
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 20 16:41:46 2017 +0100
preinitialize variables to work-around warnings with clang
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 20 15:05:57 2017 +0100
eliminated dead code as indicated by clang scan-build
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 20 15:02:22 2017 +0100
pkcs7: corrected error checking in write_signer_id
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 20 14:18:25 2017 +0100
preinitialize variables to work-around warnings with clang's scan-build
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 20 14:03:40 2017 +0100
eliminated various clang warnings with non-null arguments
That is, use assert() to ensure that known to be non-null
variables will be used as input to functions requiring non-null.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 20 13:49:55 2017 +0100
make_printable_string: allow operation with null input
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 20 13:32:37 2017 +0100
.gitlab-ci.yml: replaced clang's build with clang analyser's scan-build
This introduces a static analyser pass in the CI.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 20 13:13:19 2017 +0100
.gitlab-ci.yml: added cppcheck run
This adds a basic static analysis of the source code.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 20 11:14:49 2017 +0100
opencdk/read-packet.c: corrected typo in type cast
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 20 11:13:08 2017 +0100
cdk_pkt_read: enforce packet limits
That ensures that there are no overflows in the subsequent
calculations.
Resolves the oss-fuzz found bug:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=420
Relates: #159
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 20 11:01:07 2017 +0100
tests: added test case with invalid openpgp cert
That triggers a heap buffer overflow:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=420
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Robert Scheck <robert@fedoraproject.org>
Date: Sun Feb 19 22:50:30 2017 +0100
Add LMTP, POP3, NNTP, Sieve and PostgreSQL support to gnutls-cli
Add LMTP (RFC 2033), POP3 (RFC 2595), NNTP (RFC 4642), Sieve (RFC 5804) and PostgreSQL support to gnutls-cli ("--starttls-proto").
Signed-off-by: Robert Scheck <robert@fedoraproject.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Feb 19 17:31:52 2017 +0100
README.md: added CII best practices badge [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Rical Jasan <ricaljasan@pacific.net>
Date: Fri Feb 17 21:22:19 2017 -0800
tests: Improve port-checking infrastructure.
The test suite unnecessarily failed on systems without netstat because
it was assumed to be present. Instead of simply checking for its
presence and indicating an unsupported test, however, the ss utility
can be used as a drop-in replacement. When netstat/net-tools is not
present, the ss utility from iproute2 still stands a fair chance of
existing, and they also have similar enough semantics that they can be
used interchangeably in the test suite.
The functions in tests/scripts/common.sh that used netstat
(wait_for_port, wait_for_free_port) now use new functions,
check_if_port_in_use and check_if_port_listening, to abstract the call
to netstat/ss. The eval'd variable GETPORT also used netstat, and has
been updated accordingly.
The new port-checking functions use another new function,
have_port_finder, which takes care of the details of selecting ss
(preferred) or netstat, or fails otherwise.
Signed-off-by: Rical Jasan <ricaljasan@pacific.net>
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Sun Feb 12 19:48:19 2017 +0200
build: doc: install images also into htmldir
images are required also by the html documentation.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 17 15:37:42 2017 +0100
.gitlab-ci.yml: corrected coverage build
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 18 07:23:18 2017 +0100
.gitlab-ci.yml: remove submodule update from main build
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 17 17:40:27 2017 +0100
updated auto-generated files
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 17 17:38:23 2017 +0100
Makefile: improved symbols extraction
That is, do not include non-function names.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 17 15:35:41 2017 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 17 15:31:02 2017 +0100
tests: ignore sanity checks in broken cert test
This allows the existing reproducers which contain certificates which
are rejected by sanity checks, to still be used to detect regressions.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 17 15:26:56 2017 +0100
Added gnutls_x509_crt_set_flags()
This functions allows specifying flags to the certificate object.
In particular it allows the single flag GNUTLS_X509_CRT_FLAG_IGNORE_SANITY
which allows to ignore sanity checks at the import of the certificate.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 17 15:20:44 2017 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 17 15:14:38 2017 +0100
Introduced GNUTLS_E_CERTIFICATE_TIME_ERROR error code
This error code indicates an issue in the time fields of certificate.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 17 11:49:48 2017 +0100
x509/output: properly indicate error in Time fields
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 17 11:33:56 2017 +0100
x509/time: refuse importing certificates with invalid Time fields
That will refuse to import certificates which their time field
is not in GMT, or contain fractional seconds.
Resolves: #169
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 17 11:26:33 2017 +0100
_gnutls_x509_generalTime2gtime: refuse to parse fractional seconds
Fractional seconds in GeneralizedTime are prohibited by RFC5280.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 17 11:25:15 2017 +0100
tests: enhanced test suite to include invalid X509v3 cert
That certificate contains a GeneralizedTime with fractional
seconds.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 17 15:10:40 2017 +0100
gnutls_x509_crt_list_import: fixed leak on import failure
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 17 10:39:21 2017 +0100
tests: enhanced test suite to include creation of invalid certificates
That is, check whether the creation of invalid V2 or V1 certificates
will be detected, and that the correct error codes are returned.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 17 10:06:58 2017 +0100
gnutls_x509_crt_sign2: refuse to sign invalid X.509 certificates
That is, do not sign X.509 certificates which have fields that
shouldn't be present on their corresponding version.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 17 10:04:52 2017 +0100
gnutls_x509_crt_import: reject X.509v1 certificates with invalid fields
Refuse to import X.509v1 certificates which have fields that didn't
exist in X.509v1 specification. That is the issuerUniqueID and
subjectUniqueID fields.
Resolves: #168
Resolves: #167
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 17 09:56:24 2017 +0100
tests: enhanced test suite to include invalid V1 certs
That is, added X.509v1 certificates with attributes that shouldn't
have been presented (valid for X.509v2 only).
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 15 18:42:22 2017 +0100
gnutls.pc: do not include libidn2 in Requires.private
The libidn2 versions available do not include libidn2.pc,
thus the inclusion was causing problems when using pkg-config.
Instead we include -lidn2 in Libs.private.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Feb 12 11:01:46 2017 +0100
.gitlab-ci.yml: Re-organized stages
The less CPU intensive tasks were moved to earlier stage, and the
CPU intensive tasks are only spawned only after basic syntax and
ABI checks have succeeded.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Feb 12 09:42:15 2017 +0100
gnutls.h: corrected typo [ci skip]
Author: Marcin Cieślak <saper@saper.info>
Date: Thu Feb 9 00:26:16 2017 +0000
<alloca.h> only if HAVE_ALLOCA_H
FreeBSD does know alloca() but has no such header
Signed-off-by: Marcin Cieślak <saper@SAPER.INFO>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Feb 5 11:41:41 2017 +0100
doc: document the intention of the priority string usage [ci skip]
This documents the gnutls_set_default_priority() function, and
how it is intended to be combined with an application that utilizes
priority strings.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Dec 24 15:51:17 2016 +0100
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 28 08:57:16 2016 +0100
tests: modified tests for the disablement of 3DES
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Dec 24 15:50:11 2016 +0100
Removed support for the 3DES cipher by default
That is a legacy cipher that is no longer needed to be
included as backup cipher.
Resolves #120
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 2 22:59:43 2017 +0100
x509: optimize subject alternative name access
That reads SAN and IAN early on import, significantly reducing
the running time of functions which iterate over the alternative
names of a certificate, e.g., gnutls_x509_crt_check_hostname().
Relates #165
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 4 14:28:30 2017 +0100
.travis.yml: list all logs on failure
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 4 14:01:36 2017 +0100
tests: enable all IDNA tests when compiled with libidn2
Keep IDNA2003-only tests on the ifdef HAVE_LIBIDN.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 4 07:50:03 2017 +0100
.travis.yml: updated instructions for travis builds
Removed unbound and other minor fixes.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 3 23:28:01 2017 +0100
extras/hex.h: do not use strlen as variable name
That is, do not utilize a standard C function name as variable name.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 3 23:11:27 2017 +0100
gnutls_pkcs11_obj_list_import_url4: always return an initialized pointer
When returning success, but no elements, gnutls_pkcs11_obj_list_import_url4,
could have returned zero number of elements with a pointer that was uninitialized.
Ensure that an initialized (i.e., null in that case), pointer is always returned.
Reported by Jeremy Harris.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 3 00:08:19 2017 +0100
.gitlab-ci.yml: use libidn2 on windows builds
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 2 11:26:18 2017 +0100
gnutls_heartbeat_allowed: corrected type on dummy wrapper
That is, when compiling without heartbeat support, compilation
could fail due to the dummy wrapper not returning the right
type.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 2 08:27:14 2017 +0100
Address test suite failure due to timezone differences.
Reported by Thorsten Glaser and Andreas Metzler.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 31 17:06:16 2017 +0100
doc update [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 31 07:38:50 2017 +0100
gnutls_heartbeat_allowed: corrected return type
This reflects better the fact that this function returns
a boolean.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jan 28 09:26:05 2017 +0100
_idn2_to_unicode_8z8z: do not err on mixed IDNA domains
That is allow domains of the form 'großes.xn--fa-hia.de'. The
drawback is that we may not err early on invalid formatted
names. We however delegate any such decisions to libidn2.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 27 10:07:28 2017 +0100
README.md: added link to travis build for 3.5.x [ci skip]
In addition to adding a link to travis build for 3.5.x branch removed
link on 3.4.x branch. It is no longer active.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 26 14:49:33 2017 +0100
heartbeat extension: doc update
Document how to calculate the total TLS data transmitted.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 26 13:21:39 2017 +0100
str-idna: improved error handling
In addition to detecting input with invalid characters in _idn2_to_unicode_8z8z(),
we also add support for case insensitive punycode header.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 25 15:45:57 2017 +0100
Updated auto-generated files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 25 03:35:54 2017 +0100
str-idna: cleanups in IDNA handling
Ensure safe operation even with broken libidn2, and make
sure that we properly allocate memory to caller, even on complex
library configuration.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 24 14:13:21 2017 +0100
fuzz: added run-afl helper script
This script which allows running the fuzzying tests
locally using american fuzzy lop.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 24 13:50:59 2017 +0100
fuzz: Added IDNA encoding/decoding fuzzying units
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 24 13:43:54 2017 +0100
Move IDNA functionality to str-idna.c from str-unicode.c
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 24 08:57:52 2017 +0100
tests: use the exported API for IDNA testing
In addition group together the tests which require libidn2 >= 0.14.
This allows the tests to succeed.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 24 08:55:06 2017 +0100
tools: depend on gnutls_idna_map() instead of using directly libidn/libidn2
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 24 08:50:54 2017 +0100
Exported gnutls_idna_map() and gnutls_idna_reverse_map()
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 24 07:56:12 2017 +0100
.gitlab-ci.yml: added run with IDNA2003
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 24 18:59:51 2017 +0100
tests: simplified str-idna
This separates the directions that are tested (utf-8 -> punycode
and vice versa).
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 24 07:52:23 2017 +0100
configure: added flag to force IDNA2003
That allows to compile with libidn even if libidn2 is present, and
can be used to check IDNA2003 support.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Sat Jan 21 23:14:46 2017 +0100
Add support for libidn2 (IDNA 2008 + TR46)
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 25 08:55:40 2017 +0100
pkcs7 decryption: addressed memory leak in PBES1-DES-CBC-MD5 handling
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 25 09:46:00 2017 +0100
minitasn1: updated to libtasn1 4.10
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 25 03:24:34 2017 +0100
configure: do not disable valgrind tests unless explicitly specified
... or unless we are in release build.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 24 16:28:41 2017 +0100
Makefile.am: increased the number of releases to perform ABI checks with
That is added 3.4.0, 3.4.17 and 3.5.8.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 20 16:55:26 2017 +0100
tests: verify that a written certificate will inherit its ID from privkey
That is, whether p11tool will do the right thing and figure the proper
ID to use for a certificate object, if the public key is available.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 20 16:33:03 2017 +0100
p11tool: re-use ID from corresponding objects when writing certificates
That is when writing a certificate which has a corresponding public key,
or private key in the token, ensure that we use the same ID for the
objects. That eases the work of someone writing objects to certificates,
and does not require him to manually detect the object IDs.
Resolves #160
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Fri Jan 20 19:18:09 2017 +0200
.gitlab-ci.yml: add Fedora/x86_64/no-tools
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Fri Jan 20 23:12:36 2017 +0200
valgrind: support separate builddir for suppressions.valgrind
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Fri Jan 20 21:14:22 2017 +0200
configure: remove void statement
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Fri Jan 20 23:39:41 2017 +0200
tests: skip tests that requires tools if tools are disabled
building with --disable-tools should not cause test failure.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 22 00:59:41 2017 +0100
doc: improved documentation on DH parameters [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 20 14:36:51 2017 +0100
Revert "tests: suite: pkcs11: skip if no softhsm"
This reverts commit 276a6ee44d80d4d3b144a78794020c177be8f0ea.
The reason is to avoid having changes in softhsm packaging, result
to skipping large parts of the test suite without someone noticing.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 19 09:28:08 2017 +0100
_decode_pkcs8_dsa_key: ensure that the P value is non-zero
When decoding a DSA private key, and constructing the public key
ensure that P is non-zero, and thus can be used as modulus.
Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=393
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 19 09:24:19 2017 +0100
tests: added private key causing FPE
Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=393
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 19 09:20:28 2017 +0100
_gnutls_decrypt_pbes1_des_md5_data: ensure that encrypted data size is a multiple of blocksize
That prevents incorrect data reaching nettle which has only
assertion checks (leading to an abort).
Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=389
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 19 09:14:29 2017 +0100
tests: added PKCS#8 key which causes undefined behavior on import
Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=389
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 19 09:08:49 2017 +0100
tests: added certificate which reproduces a leak in gnutls_x509_ext_import_aia
Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=385
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 19 09:08:04 2017 +0100
x509: eliminated memory leak on gnutls_x509_ext_import_aia
Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=385
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 17 15:08:29 2017 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 18 13:51:32 2017 +0100
tests: added check which ensures a client cannot receive during handshake
Relates #158
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 18 09:51:35 2017 +0100
tests: added check which ensures a client cannot transmit during handshake
Relates #158
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 17 15:28:05 2017 +0100
tests: cleanup error reporting in handshake-false-start
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 18 13:47:02 2017 +0100
Refuse to receive data during handshake
This prevents buggy applications from receiving non-authenticated data
that may have arrived during the handshake.
Relates #158
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 17 15:05:35 2017 +0100
Refuse to send data during handshake
That prevents buggy applications from transmitting sensitive data during
handshake.
Resolves #158
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 15 10:40:02 2017 +0100
Disable AVX support when it is not supported by the CPU
This mostly affects virtual systems. Reported by Frank Chen.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 17 13:34:33 2017 +0100
opencdk: improved error code checking in the stream reading functions
This amends 49be4f7b82eba2363bb8d4090950dad976a77a3a
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 16 17:09:36 2017 +0100
minitasn1: updated to latest git version
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 16 13:01:56 2017 +0100
doc: removed references to OpenPGP functions and enumerations
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 15 11:11:19 2017 +0100
doc: removed documentation related to OpenPGP and guile
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 6 08:26:17 2017 +0100
doc: removed documentation related to OpenPGP
Also added section explaining why OpenPGP is being deprecated.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 6 08:14:09 2017 +0100
openpgp.h: all openpgp functionality was marked as deprecated
This is to prevent new applications using that functionality.
As the OpenPGP certificate for HTTPS (or TLS in general) never got
any traction, GnuTLS is the only implementation supporting it,
and the quality of the OpenPGP supporting code is questionable,
we deprecate that code with the intention to drop it completely
when an opportunity is given.
Relates #102
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 9 08:36:02 2017 +0100
tests: added missing file
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 9 08:18:33 2017 +0100
CONTRIBUTING.md: Improve instructions on git-template [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Thu Jan 5 10:35:29 2017 +0200
tests: remove bash usage
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Thu Jan 5 14:01:30 2017 +0200
tests: suite: chain: support separate builddir
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Thu Jan 5 10:34:07 2017 +0200
tests: skip tests that requires tools if tools are disabled
building with --disable-tools should not cause test failure.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Tue Jan 3 16:46:46 2017 +0200
gitignore: update [ci skip]
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Tue Jan 3 16:45:19 2017 +0200
gitignore: sort()
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 4 15:22:13 2017 +0100
opencdk: added error checking in the stream reading functions
This addresses an out of memory error. Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=337
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 4 15:03:12 2017 +0100
tests: added test case with invalid openpgp cert
This triggers an out of memory error. Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=337
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 4 14:56:50 2017 +0100
opencdk: cdk_pk_get_keyid: fix stack overflow
Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=340
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 4 14:48:38 2017 +0100
tests: added test case with invalid openpgp cert
This triggers a memory error. Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=340
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 4 14:47:11 2017 +0100
tests: added test case with invalid openpgp cert
This triggers a memory error. Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=346
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 4 14:42:03 2017 +0100
opencdk: read_attribute: added more precise checks when reading stream
That addresses heap read overflows found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=338
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=346
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 4 14:34:05 2017 +0100
tests: added test case with invalid openpgp cert
This triggers a memory error. Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=338
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 4 14:31:26 2017 +0100
tests: openpgp-cert-parser: simplified
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 4 09:46:26 2017 +0100
auth rsa: eliminated memory leak on pkcs-1 formatting attack path
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 4 09:42:25 2017 +0100
tests: added reproducer for server issues
This allows to reproduce issues found on server side, by adding
a transcript in server-interesting. Currently it contains values
found using oss-fuzz.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 4 09:32:17 2017 +0100
_decode_pkcs8_dsa_key: fixed memory leak on error path
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 4 09:28:23 2017 +0100
decode_private_key_info: eliminate memory leaks on error path
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 4 09:26:07 2017 +0100
_gnutls_x509_read_dsa_params: update params structure parameters size on successful read
That will allow proper deinitialization of the parameters even if
the structure fill up doesn't succeed.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 4 09:18:03 2017 +0100
tests: added test with private key that causes memory leak
Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=371
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 4 09:10:54 2017 +0100
_gnutls_pkcs12_string_to_key: avoid division by zero when salt_size = 0
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 4 09:07:10 2017 +0100
tests: added test with PKCS#8 key that signals FPE
Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=376
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Sat Dec 31 05:07:47 2016 +0200
tests: skip tests that requires tools if tools are disabled
building with --disable-tools should not cause test failure.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Tue Jan 3 14:56:05 2017 +0200
tests: cert-tests: pkcs12 drop builddir usage
sync with other tests
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Tue Jan 3 14:40:36 2017 +0200
tests: suite: pkcs11: skip if no softhsm
similar to other tests
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 3 16:10:07 2017 +0100
gnutls_x509_ext_import_policies: fixed memory leak on error path
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 3 15:53:27 2017 +0100
tests: added test case with invalid X.509 cert
This triggers a memory leak. Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=294
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 3 15:49:37 2017 +0100
x509 output: fixed memory leak in AIA extension printing
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 3 15:46:41 2017 +0100
tests: added test case with invalid X.509 cert
Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=300
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 3 15:00:59 2017 +0100
doc: document how to enhance the testsuite with issues found
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 3 14:37:18 2017 +0100
status_request: eliminated leak on error path
Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=269
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 3 13:49:18 2017 +0100
proc_server_kx: eliminated leak on error path
Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=272
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 3 14:49:03 2017 +0100
tests: added reproducer for client issues
This allows to reproduce issues found on client handling, by adding
a transcript in client-interesting. Currently it contains values
found using oss-fuzz.
The client3.disabled transcript is disabled because it depends
on a fix in nettle.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 3 13:39:43 2017 +0100
tests: do not run key-tests under leak sanitizer
The reason is that we cannot distinguish between a memory leak on
application failure (which is followed by exit- thus should be ignored)
and an address sanitizer issue (which should never be ignored).
As such we disable leak detection with asan and rely on valgrind.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 3 13:20:16 2017 +0100
tests: illegal-rsa: don't hide stderr
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 2 10:47:24 2017 +0100
tests: added suite for checking PKCS#7 structure import
The initial (problematic) structures have been obtained from oss-fuzz
project.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 3 11:39:13 2017 +0100
fuzz: added basic Makefile to assist in reproducing [ci skip]
Also updated README.md
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 2 17:24:41 2017 +0100
Simplified contribution policy [ci skip]
Also added a template to assist in the required steps to contribute.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 2 17:05:29 2017 +0100
_gnutls_x509_get_signature: fix memory leak on error path
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 2 17:04:29 2017 +0100
tests: added test case with invalid X.509 certificate
This certificate causes a memory leak while printing.
Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=280
Relates #156
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 2 15:07:48 2017 +0100
valgrind: use different exit code to signify error
This allows the test suite to differentiate between valgrind and expected
errors from tools.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 2 15:01:26 2017 +0100
tests: cert-tests: force asan to return an error code other than one on failure
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 2 15:00:24 2017 +0100
gnutls_pkcs8_info: addressed memory leak on error path
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 2 14:55:14 2017 +0100
certtool: pkcs8_info_int: fix memory leak
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 2 13:44:46 2017 +0100
wrap_nettle_mpi_modm: bail on a modulus that is zero
Relates #156
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 2 13:32:41 2017 +0100
tests: added test for invalid private keys
Also force asan to return an error code other than one (the normally
expected for invalid keys).
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 2 12:02:53 2017 +0100
x509: address leak in print_altname - cert printing
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 2 12:03:35 2017 +0100
tests: added certificate to reproduce memory leak
Found by oss-fuzz project:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=299
Relates #156
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 2 11:05:21 2017 +0100
tests: added test case with invalid PKCS#8 data
Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=363
Relates #156
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 2 11:20:45 2017 +0100
nettle: added a safety net on wrap_nettle_cipher_setiv()
Return error if attempting to set invalid IV size.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 2 11:51:10 2017 +0100
pkcs7 decrypt: require a valid IV size on all ciphers
That is, do not accept the IV size present in the structure as valid
without checking.
Relates #156
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 2 13:26:29 2017 +0100
fuzz: added a PBES1 PKCS#8 private key file into corpus
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 2 13:23:01 2017 +0100
pkcs8: pkcs8_key_info() will correctly detect non-encrypted files
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 2 13:19:49 2017 +0100
certtool: don't print PKCS#8 information when outputting DER data
Author: Alex Gaynor <alex.gaynor@gmail.com>
Date: Sun Jan 1 09:15:09 2017 -0500
Corrected a leak in OpenPGP sub-packet parsing.
Signed-off-by: Alex Gaynor <alex.gaynor@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 2 10:13:48 2017 +0100
doc: fixed copyright date in gnutls.texi
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 2 08:43:47 2017 +0100
gnutls_rnd: document the available values of level [ci skip]
This enables using the function by only checking the man page.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 9 16:45:19 2016 +0100
pkcs11 verification: ensure that an issuer we retrieve is not blacklist
It may happen in p11-kit trust module that a trusted certificate is
both in the trusted set, and the blacklisted set. To avoid accepting
a certificate when in both sets, we always check whether a trusted
issuer certificate is in the blacklisted set.
Author: Alex Gaynor <alex.gaynor@gmail.com>
Date: Fri Dec 30 21:17:22 2016 -0500
Attempt to fix a leak in OpenPGP cert parsing.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Dec 31 14:57:57 2016 +0100
tests: enable all the ciphersuite in openssl cli for DSS checks
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Dec 31 11:48:44 2016 +0100
certtool: improved error reporting on file error
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Dec 31 13:27:10 2016 +0100
tests: don't check against 3DES if disabled in openssl
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Dec 31 13:25:23 2016 +0100
tests: do not pass the -dhparams to openssl 1.1.0; it doesn't work
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Dec 31 12:14:44 2016 +0100
tests: simplified DH params format
Also switch to RFC7919 DH params.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Dec 31 12:13:20 2016 +0100
tests: corrected type in openssl compat tests
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Dec 31 12:12:33 2016 +0100
tests: added common variable for DH parameters
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 28 10:36:37 2016 +0100
tests: fixed paths in compat tests
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 28 09:04:59 2016 +0100
tests: better termination checking in compat tests
This ensures that the exit code of all spawned processes is
checked.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Dec 31 10:12:34 2016 +0100
cfg.mk: exclude devel/ subdirectory from syntax checks
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 30 15:50:45 2016 +0100
certtool: properly report unencrypted PKCS#8 keys in --p8-info
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 30 15:41:53 2016 +0100
fuzz: added decrypted PKCS#8 keys
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 30 15:23:17 2016 +0100
fuzz: added PKCS#8 keys with low iteration count
This makes sure that the fuzzer will not timeout while
trying to decode keys.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 28 11:01:37 2016 +0100
submodules: use the github mirror of openssl
Author: Alex Gaynor <alex.gaynor@gmail.com>
Date: Mon Dec 26 13:15:25 2016 -0500
Do not infinite loop if an EOF occurs while skipping a PGP packet
Signed-off-by: Alex Gaynor <alex.gaynor@gmail.com>
Author: Alex Gaynor <alex.gaynor@gmail.com>
Date: Tue Dec 27 09:45:31 2016 -0500
Added a fuzzer for OpenPGP cert parsing
Signed-off-by: Alex Gaynor <alex.gaynor@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 28 09:59:34 2016 +0100
fuzz: document the convention for initial values
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 28 09:58:20 2016 +0100
fuzz: Added initial values for DN, PKCS8 and X.509 tests
Author: Alex Gaynor <alex.gaynor@gmail.com>
Date: Mon Dec 26 15:59:03 2016 +0000
Added a parser for PKCS7 importing and printing
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 19 08:38:41 2016 +0100
fuzz: added X.509 DN parser
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 19 08:35:45 2016 +0100
fuzz: added PKCS#8 private key parser
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 21 08:18:24 2016 +0100
configure: introduced --with-priority-string option
This allows specifying the priority string to be used with
gnutls_set_default_priority() on configure time.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 19 21:35:53 2016 +0100
priorities: reset the profile flags when appending new flags
That is, to avoid causing issues to applications calling gnutls_*priority_set()
multiple times with different parameters. In that case if multiple profiles are
used the outcome could be undefined. Now, the last call will prevail.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 19 21:39:02 2016 +0100
gnutls_session_set_verify_cert: doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 19 21:26:09 2016 +0100
Revert "priorities: set the additional verify flags instead of appending them"
This reverts commit aaf49747f981f6c17cdc9ea7495a8948a5015ae2.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 19 21:19:05 2016 +0100
doc update [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 19 19:01:31 2016 +0100
tests: added check for certtool loading CA certificates from PKCS#11
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 9 15:52:49 2016 +0100
certtool: document that --load-ca-certificate can be used with PKCS#11 URLs
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 9 15:44:20 2016 +0100
certtool: load_ca_cert() can load a CA from URLs
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 9 11:36:13 2016 +0100
certtool: unified the CA certificate loading process
That is, combined how CA certificates are loaded for --verify-chain,
--verify and --p7-verify. It is based on the trust list high level
functions, something that allows PKCS#11 URLs to be specified in
--load-ca-certificate.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 19 16:15:50 2016 +0100
doc update [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 9 16:21:30 2016 +0100
.gitlab-ci.yml: changed buildroot to fedora25
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 19 11:01:10 2016 +0100
tests: added check for multiple calls to gnutls_priority_set_direct()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 19 10:49:34 2016 +0100
priorities: set the additional verify flags instead of appending them
That is, to avoid causing issues to applications calling gnutls_*priority_set()
multiple times with different parameters. In that case if multiple profiles are
used the combo could be undefined.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 19 10:36:01 2016 +0100
verify: print certificate on sec param failure
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 15 15:08:31 2016 +0100
x509: corrected leak in certificate printing
The leak could be triggered if the certificate policies to be imported are
invalid.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 15 15:02:18 2016 +0100
gnutls_x509_ext_import_proxy: fix issue reading the policy language
If the language was set but the policy wasn't, that could lead to
a double free, as the value returned to the user was freed.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 15 14:50:36 2016 +0100
tests: added certificate which was causing issues in gnutls_x509_crt_print()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 15 14:47:13 2016 +0100
tests: improved certder to easily load certificates from a directory
That allows to place certificates in certs-interesting/ and these
will be loaded and checked upon the new "cert" test case.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 15 14:06:06 2016 +0100
doc update
Author: Alexander Kanavin <alex.kanavin@gmail.com>
Date: Wed Dec 14 17:42:45 2016 +0200
Do not add cli-args.h to cli-args.stamp Makefile target
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Author: Alex Gaynor <alex.gaynor@gmail.com>
Date: Thu Dec 15 08:08:45 2016 -0500
Describe the integration
Author: Alex Gaynor <alex.gaynor@gmail.com>
Date: Thu Dec 15 07:27:47 2016 -0500
Move to the devel dir
Author: Alex Gaynor <alex.gaynor@gmail.com>
Date: Tue Dec 13 20:14:33 2016 -0500
Added a server fuzzer
Author: Alex Gaynor <alex.gaynor@gmail.com>
Date: Mon Dec 12 08:09:49 2016 -0500
Migrated fuzzers from the oss-repo to here.
Also added a new private_key_parser fuzzer.
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Dec 14 18:07:05 2016 +0300
Drop _gnutls_epoch_get_compression
This function is unused since long ago, let's drop it.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Dec 14 17:51:56 2016 +0300
Rework setting next compression method
Only update compression method if all internal check succeed and next
epoch will use this it. Also while we are at at, actually check for
_gnutls_set_compression() return value.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Dec 14 17:51:56 2016 +0300
Rework setting next cipher suite
Only update cipher_suite if all internal check succeed and next epoch
will use this ciphe suite. Also while we are at at, actually check for
_gnutls_set_cipher_suite() return value.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Mon Nov 28 13:16:13 2016 +0300
Cache MAC algorithm used for PRF function
Instead of spreading checks all over the GnuTLS, cache used PRF after
setting the cipher suite and reference the value later. Like in
_gnutls_PRF_raw the GNUTLS_MAC_MD5_SHA1 means MD5+SHA1 combo.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Dec 14 04:11:11 2016 +0300
Use MAC_MD5_SHA1 instead of MAC_UNKNOWN to specify TLS 1.0 PRF
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Dec 14 03:52:06 2016 +0300
Rewrite SSL/TLS signature verification to use combined MD5+SHA1 digest
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Dec 14 03:52:06 2016 +0300
Rewrite SSL/TLS signing code to use combined MD5+SHA1 digest
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Dec 14 03:15:49 2016 +0300
Add special MD5+SHA1 digest to simplify TLS signature code
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 14 10:52:27 2016 +0100
_gnutls_pkcs_raw_decrypt_data: merge all errors during decryption to GNUTLS_E_DECRYPTION_FAILED
This makes the function's return values simpler to handle.
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Wed Dec 14 00:46:16 2016 +0300
configure.ac: remove autogen'erated files only if necessary
Currently autogen'erated files will be removed on each call to
configure. However this would break the build if one of previous
make invocations have created corresponding stamp files.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 14 09:50:24 2016 +0100
bumped versions and added news entry for 3.6.0 [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 14 09:46:18 2016 +0100
README.md: added information on the 3.5.x builds
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 13 11:41:12 2016 +0100
tests: added test for PKCS#8 encrypted key decoding
This also verifies that the return value when attempting to
decrypt without a password is GNUTLS_E_DECRYPTION_FAILED.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 13 11:27:38 2016 +0100
pkcs8: ensure that the correct error code is returned on decryption failure
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Dec 10 13:15:16 2016 +0100
doc update [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 9 15:44:47 2016 +0100
doc: updated to documentation of certtool [ci skip]
This corrects options which incorrectly mentioned they support URLs.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 9 11:54:30 2016 +0100
x509: better documented gnutls_trust_list_flags_t
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 9 15:06:55 2016 +0100
tests: disable ASAN leak checks on suite tests
These detect memory leaks in the tools in src/ which are
not critical nor there is serious reason to address.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 9 12:03:33 2016 +0100
tests: disable ASAN leak checks on certificate tests
These detect memory leaks in the tools in src/ which are
not critical nor there is serious reason to address.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 9 09:54:14 2016 +0100
tests: enhanced long-session-id test
This ensures that no leaks exist during exit (to avoid asan failures),
and that we test for the specific error code that gnutls_handshake()
is expected to return.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 9 09:52:20 2016 +0100
handshake: return GNUTLS_E_ILLEGAL_PARAMETER on invalid ID size
This is a more sensible error code to return on invalid packet.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 9 09:15:59 2016 +0100
tests: eliminate compilation warning in crq-basic [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 8 15:41:40 2016 +0100
.gitlab-ci.yml: do not enable IDN support in minimal build
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 2 14:57:41 2016 +0100
configure.ac: use AC_CONFIG_LINKS to copy autogenerated files
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 2 09:22:38 2016 +0100
Added autogen pre-generated files into repository
This allows building gnutls from git in systems without using
autogen.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 7 14:28:46 2016 +0100
configure: added option to enable maintainer mode
That makes normal builds, not regenerate Makefiles or configure,
allowing for faster CI builds on second stage.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 15 09:03:59 2016 +0100
.gitlab-ci.yml: split the CI run into stages
In addition avoid re-generating images for operating systems
on every build and use pre-built images, which are generated in
the gnutls-build-images sub-project. That allows for faster and
more reliable (independent of network) CI runs.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 1 21:40:14 2016 +0100
.gitlab-ci.yml: use local libopts on x86
This works around autogen failures on x86-64 centos7 CI hosts.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 8 16:35:24 2016 +0100
doc: updated documentation on multithreading [ci skip]
Resolves #154
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 8 16:27:36 2016 +0100
doc: list gnutls_init_flags_t [ci skip]
Suggested by Tyler Burns.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 8 15:54:07 2016 +0100
tests: make conditional (to HAVE_LIBIDN) any IDN related checks
This allows the test suite to successfully complete even when compiled
without libidn.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 8 15:44:28 2016 +0100
str: do not call gnutls_assert in inline function
This allows the build to succeed when compiled without libidn.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 8 13:09:35 2016 +0100
tests: disable leak checks in rsa-md5-collision.sh
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 8 14:04:07 2016 +0100
tests: split and enhanced UTF-8 name checks from hostname-check
That is, added checks to ensure that non-ASCII DNS names in certificates
fail, and that properly encoded IDNA2003 names, succeed.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 8 13:54:53 2016 +0100
tests: added check with failed verification on invalid UTF-8
That is, check whether raw UTF-8 in the certificate will fail
verification. Raw UTF-8 is prohibited by IETF PKIX (RFC5280) on a
certificate.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 8 13:40:41 2016 +0100
tests: updated cert with UTF8 names to contain proper IDNA2003 encoded names
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 8 13:28:00 2016 +0100
gnutls_x509_crt_check_email type changed to unsigned
This reflects the documented returned value type (bool), and
allows the compiler to warn on accidental checks for negative
value.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 8 13:20:05 2016 +0100
x509: do not attempt to ACE encode values stored in certificates
The email and hostname values are required to be in ASCII form by PKIX.
We instead ignore these names, if their values are outside the ASCII
printable character set.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 8 08:08:28 2016 +0100
.gitlab-ci.yml: removed libintl references
They are no longer shipped in the build systems.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 8 07:32:18 2016 +0100
tests: added missing test in dist
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 8 07:23:18 2016 +0100
tests: corrected typos in starttls.sh
This allows to detect chat in most systems.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 8 07:17:34 2016 +0100
bumped version
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 7 15:43:21 2016 +0100
tests: reduced the intermediate steps in rsa-md5-collision
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 7 13:24:34 2016 +0100
configure: break after finding the first libtspi
It may happen that multiple versions are available on a system,
and by using the first one we ensure, that we are using the
64-bit version on 64-bit system, instead of falling back to
the 32-bit.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 7 13:20:08 2016 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 7 10:56:30 2016 +0100
tests: added operational -sign/verify- tests in keygen app
This will check that a generated key is immediately usable for
operations.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 7 10:27:01 2016 +0100
gnutls_x509_privkey_cpy: use _gnutls_pk_params_copy
This ensures that all fields of parameters are copied. Inspired
by patch of Dmitry Eremin-Solenikov.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 7 10:30:13 2016 +0100
tests: enhanced keygen to include check of gnutls_x509_privkey_cpy
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 7 08:58:30 2016 +0100
tests: added tests for CRL generation APIs
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 7 09:05:01 2016 +0100
x509 crl: document the nextUpdate field limitation
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue Dec 6 22:41:28 2016 +0300
Don't trash DER CRQ output with text data
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 7 08:59:03 2016 +0100
x509 crl: Allow generation of CRLs not to specify a nextUpdate
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 6 20:03:31 2016 +0100
doc update [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 6 13:07:57 2016 +0100
tests: updated overhead calculation for new code
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 30 11:57:56 2016 +0100
DTLS: more precise overhead calculation
That takes into account space available due to padding, and
allows it to be included for use in the gnutls_get_data_mtu().
Resolves #140
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 30 09:54:45 2016 +0100
tests: added check for MTU calculation on DTLS 1.2
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 5 10:36:04 2016 +0100
src: clean all stamp files on 'make clean'
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 5 10:33:07 2016 +0100
configure: search 64-bit paths for libtspi before 32-bit paths
That is, because 64-bit systems may have both 64-bit and 32-bit paths
while 32-bit systems only the latter.
Author: James Bottomley <James.Bottomley@HansenPartnership.com>
Date: Sat Dec 3 14:36:40 2016 -0800
tpm: fix handling of keys requiring authorization
There are several problems with the key handling in the tpm code.
The first, and most serious, is that we should make sure we understand
the authorization requirements of a key *before* using it. The reason
for this is that the TPM has a dictionary attack defence and is
programmed to lock up after a certain number of authorization failures
(which can be very small). If we try first without authorization, we
may lock up the TPM. The fix for this is to check whether
authorization is required and supply it before using the key.
Secondly, if the key does require authorization but no password is
supplied we should return immediately, since we know the TPM will give
us an authorization error anyway.
Thirdly, we should unconditionally read the policy of the key rather
than checking if a policy exists: Policies are tied to key objects, so
if there is an old policy in s->tpm_key_policy, but we're creating a
new key, the key it belonged to will be closed, meaning the policy
will be invalid. Fix this by always setting the policy each time we
get a new key object.
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 4 09:56:13 2016 +0100
In import_tpm_key_cb() fix the wrong password loop
When calling import_tpm_key() once it initializes the key, but
a second call fails due to the key being already initialized. Ensure
that failure of import_tpm_key() leaves the key on a clear state.
Reported by James Bottomley <James.Bottomley@HansenPartnership.com>.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 4 18:48:55 2016 +0100
src gl: updated
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 2 15:59:17 2016 +0100
gl: removed iconv module
It is no longer used by the library.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 4 10:11:19 2016 +0100
configure.ac: detect trousers library on debian
Author: Andreas Metzler <ametzler@debian.org>
Date: Sat Dec 3 14:29:51 2016 +0100
Prevent unwanted linkage to -lhogweed
Specify action-if-found for AC_CHECK_LIB when checking for !SuiteB
curves to keep autoconf from adding -lhogweed to LIBS. This caused
linkage of e.g. openssl wrapper and C++ library to -lhogweed. The issue
only shows up if --disable-libdane is specified, since the dane autoconf
test resets LIBS.
Author: James Bottomley <James.Bottomley@HansenPartnership.com>
Date: Fri Dec 2 15:28:08 2016 -0800
Fix inability to find libtspi (trousers) on openSUSE
For distro reasons, the path on openSUSE is /lib[64]/libtspi.so.1
which the current code doesn't find. Fix this by having it search all
viable system library locations (/lib /lib64 /usr/lib and
/usr/lib/lib64)
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 2 16:27:58 2016 +0100
x509: fixed output of pubkey
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 1 16:41:55 2016 +0100
doc: document the fact that certificates and CRLs are unusable after generation
They must be exported and re-imported if intended to be used for
signing or verification.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 1 16:32:04 2016 +0100
doc: no longer list SHA1 as a safe choice in X.509 signing
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 1 16:19:31 2016 +0100
certtool: prevent-null termination of buffers allocated with fread_file()
We do not know whether their allocated size allows for that additional
null, and we do not need the null termination.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 1 08:40:13 2016 +0100
gnutls_x509_crl_verify: always return zero on success
Also document that in previous versions a positive number could
be returned on success. Reported by Adrien Beraud.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 1 14:09:15 2016 +0100
tests: corrected space-tab issue
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 1 10:04:45 2016 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 1 09:55:51 2016 +0100
Improved messages and violation handling in signature key usage checks
This will now tolerate violations in server certificate, if
%DEBUG_ALLOW_KEY_USAGE_VIOLATIONS is set.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 1 09:48:56 2016 +0100
Removed redundant certificate key usage checks.
There were redundant checks when a certificate was obtained, as
well as prior to performing operations with certificates/pubkeys.
Kept the checks prior to operations.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 1 09:45:26 2016 +0100
_gnutls_map_pk_get_pk -> _gnutls_map_kx_get_pk
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 30 14:18:51 2016 +0100
gnutls_kx_get: allow calling the function during handshake
Previous this function would return garbage during handshake, because
parameters were not considered established, however there are valid
uses of this function during it. For that reason this function is
modified to return a correct value even during handshake (after
a hello is being exchanged).
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 30 14:14:42 2016 +0100
_gnutls_check_key_usage: check for invalid key exchange algorithm
Reported by Dmitry Eremin-Solenikov.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 30 14:56:41 2016 +0100
tests: added checks on signature key usage violations
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 1 09:10:41 2016 +0100
.gitlab-ci.yml: added docker tag on mingw builds
That ensures that these builds are done on the gitlab.com runners
which run as privileged containers (and thus have access to mount).
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 30 09:20:26 2016 +0100
privkey: set the key parameters algorithm prior to returning success
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 30 09:15:06 2016 +0100
When decoding a public key ensure that algorithm is written in the params struct
Reported by Dmitry Eremin-Solenikov.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 30 08:54:09 2016 +0100
cfg.mk: disable checks for public submodule updates in CI
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 30 08:44:40 2016 +0100
.gitlab-ci.yml: do not require update to /proc/sys/fs/binfmt_misc to succeed
In some CI systems, it is not possible to write to this filesystem, and
they already have the wine executable registered. In the case we cannot
write proceed to running the check and hope for the best.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 29 16:00:30 2016 +0100
tests: use datefudge in rsa-md5-collision check
This makes sure that any failure detected is not because of
expired certificates, but because of MD5 being disabled.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 29 15:51:18 2016 +0100
tools: use stamp files to allow parallel build of autogen files
Autogen seems to output on the creates files gradually, something that
makes 'make' believe that the command is complete prior to the output
file being fully populated. The current approach uses stamp files to
ensure that no incomplete files are used for compilation.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 29 13:44:01 2016 +0100
guile: do not use +COMP-DEFLATE in priorities test
This allows the test to work even in the cases where gnutls
is compiled without zlib support.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 28 18:19:43 2016 +0100
moved all syntax check exceptions in cfg.mk
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 29 07:57:26 2016 +0100
.gitlab-ci.yml: added zlib dependency
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 28 12:48:25 2016 +0100
.gitlab-ci.yml: fixed artifacts paths for Debian build
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 28 10:26:14 2016 +0100
tests: str-unicode: check whether exceptions are tolerated on decryption
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 28 10:01:02 2016 +0100
tests: added exception and join control characters in str-unicode
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 28 09:38:38 2016 +0100
unistring: added property-join-control
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 25 17:49:10 2016 +0100
unistring: added default_ignorable_code_point and not_a_character tests
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 25 17:23:51 2016 +0100
unistring: added NFKC normalization
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 25 15:29:43 2016 +0100
unistring: included all possible categories for simplicity and extensibility
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 25 14:55:37 2016 +0100
tests: enhanced str-unicode with more char sets
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 25 14:20:11 2016 +0100
gnutls_utf8_password_normalize: perform more strict check on input characters
That is, ensure that the input characters are in the valid class of characters
for the PRECIS FreeformClass.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 25 13:11:44 2016 +0100
tests: fixed str-unicode tests with control characters
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 25 13:02:48 2016 +0100
gnutls_utf8_password_normalize: avoid use of strlen()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 28 11:03:28 2016 +0100
tests: added pkcs12 file with long password
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 25 16:09:20 2016 +0100
renamed system/iconv.c -> str-iconv.c
We no longer use the system's functionality for converting between
charsets (we use libunistring), hence it is no longer suitable for
the wrappers to stay in system/.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 25 11:58:14 2016 +0100
x509: when printing ACE DNSnames ensure the actual name is also printed
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 25 11:47:53 2016 +0100
tests: added unit tests of of _gnutls_idna_reverse_map
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 25 11:34:19 2016 +0100
introduced _gnutls_idna_reverse_map()
This function allows mapping ACE formatted domains to UTF-8.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 25 10:05:28 2016 +0100
Combined checks for printable characters
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 25 09:58:58 2016 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 23 08:44:59 2016 +0100
tests: updated crt_apis to include setting UTF-8 SAN
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 23 08:17:13 2016 +0100
tests: updated crq_apis to include setting UTF-8 SAN
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 25 09:48:56 2016 +0100
gnutls_idna_map: check for printable data prior to mapping
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 23 10:53:23 2016 +0100
gnutls_x509_aia_set: IDNA encode when needed
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 16 14:48:59 2016 +0100
When writing alternative names to certificates ensure we write in ACE format
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 25 10:39:10 2016 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 24 16:30:49 2016 +0100
tests: added pkcs7 verification with struct generated from openssl (with keyid)
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 24 15:44:35 2016 +0100
tests: added pkcs7 verification with struct generated from openssl
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 25 10:23:00 2016 +0100
doc: added certificate for ECC with any purpose
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 24 16:40:15 2016 +0100
pkcs7: return GNUTLS_E_PK_SIG_VERIFY_FAILED on hash mismatch
In addition introduce a new error code to warn about no embedded data.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 24 16:33:18 2016 +0100
pkcs7: only print signer's issuer DN when DN has contents
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 24 14:51:15 2016 +0100
pkcs7: added recursive discovery of structure's signer
This uses the PKCS#7 certificate list as a pool of certificates
to generate a certificate chain that leads to our root CAs.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 24 15:11:31 2016 +0100
pkcs7: on data verification failure log the signer
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 24 13:17:41 2016 +0100
tests: added complex verification example using PKCS#7
That uses multiple intermediate certificates from the PKCS#7 structure.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 24 14:32:28 2016 +0100
doc: updated gnutls_x509_trust_list_verify_crt2()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 24 13:14:16 2016 +0100
pkcs7: pass the verification flags down to gnutls_x509_trust_list_verify_crt2, in find_signer()
This allows for flags like GNUTLS_VERIFY_DISABLE_TIME_CHECKS to apply when
verifying PKCS#7 structures.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 24 09:54:17 2016 +0100
pkcs7: corrected iteration over stored certificates
This allows to use all possibly stored certificates on chain discovery,
not only the first.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 24 09:53:58 2016 +0100
pkcs7: added debug logging on verification discovery
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 24 14:54:46 2016 +0100
errors.h: added _gnutls_reason_log
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 24 09:49:13 2016 +0100
errors.h: added _gnutls_cert_log
This log function allows to easily log the name of a certificate.
Author: Andreas Schneider <asn@samba.org>
Date: Thu Nov 24 17:31:45 2016 +0100
certtool: One if check is enough
Signed-off-by: Andreas Schneider <asn@samba.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 24 08:37:47 2016 +0100
corrected log message [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 23 21:09:03 2016 +0100
gnutls_idna_map was prefixed with underscore to avoid clashes with exported symbols
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 23 14:37:47 2016 +0100
more files to ignore
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 23 14:30:48 2016 +0100
avoid the use of c_isascii() and use c_isprint()
That latter detects correctly the printable characters we are
interested in.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 21 15:45:22 2016 +0100
tests: added unit tests for gnutls_idna_map()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 23 13:12:08 2016 +0100
IDNA code re-organization
That introduces the internal function gnutls_idna_map(), which
utilizes libidn and libunistring to convert hostnames to IDNA ACE
form.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 22 16:57:01 2016 +0100
tests: updated outputs to reflect new fingerprint/keyid formats
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 22 16:56:41 2016 +0100
tests: made tmp files unique
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 22 16:43:25 2016 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 22 16:42:14 2016 +0100
Align the printing of a certificate's fingerprint with the key ID printing
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 22 16:35:58 2016 +0100
Print a key's or certificate's key ID with SHA256 in addition to SHA1
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 22 16:18:01 2016 +0100
certtool: address compiler warnings
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 22 09:31:19 2016 +0100
doc: document the RFC7613 normalization of passwords [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 21 21:16:28 2016 +0100
unistring: include only the required categories
In addition fix the license text of the included library.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 16 15:50:39 2016 +0100
server_name: log server name sent
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 16 16:47:15 2016 +0100
x509/output: improve log message on embedded null
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 21 12:00:28 2016 +0100
build-aux: added unused-parameter.h
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 21 11:36:43 2016 +0100
.gitlab-ci.yml: explicitly specify --with-included-unistring when needed
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 21 11:32:09 2016 +0100
hooks.m4: corrected typo
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 21 10:52:23 2016 +0100
.gitlab-ci.yml: ignore syntax-check issues caused by included unistring
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 21 10:11:32 2016 +0100
more files to ignore
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 21 09:38:38 2016 +0100
unconditionally include unistring code
That simplifies internationalization support, at the cost of
including a version of libunistring, which is used on systems
which do not ship it.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 21 09:20:36 2016 +0100
lib: added unistring sub-library
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 20 17:11:57 2016 +0100
updated auto-generated files for gnutls_utf8_password_normalize()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 20 17:08:55 2016 +0100
tests: enhanced str-unicode with GNUTLS_UTF8_IGNORE_ERRS flag
That is, enhanced to check the tolerable variant of gnutls_utf8_password_normalize()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 9 18:26:21 2016 +0100
.gitlab-ci.yml: added build without libunistring
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 14 10:42:32 2016 +0100
doc: mention the RFC7613 normalization and the libunistring dependency
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 20 17:03:02 2016 +0100
tolerate non-valid UTF8 passwords when decrypting
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 9 14:42:26 2016 +0100
tests: addressed compiler warnings
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 9 14:40:19 2016 +0100
_gnutls_utf8_to_ucs2: normalize to NFC UTF16 output
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 9 14:31:24 2016 +0100
openssl_hash_password: normalize the password prior to use
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 9 12:55:22 2016 +0100
TPM: normalize the password prior to use
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 9 10:53:40 2016 +0100
_gnutls_calc_srp_sha: normalize the password prior to use
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 9 10:50:42 2016 +0100
gnutls_x509_crq_set_challenge_password: normalize the password prior to use
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 9 10:48:04 2016 +0100
PKCS#7/8: normalize the password according to rfc7613
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 14 10:53:37 2016 +0100
gnutls.pc: use the LT version of the lib variables
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 8 15:24:26 2016 +0100
Use libunistring when present instead of iconv()
That allows us to rely to a single provider for unicode
functionality.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 8 15:24:00 2016 +0100
tests: added unit tests for gnutls_utf8_password_normalize()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 8 13:00:16 2016 +0100
Added function for UTF-8 normalization based on RFC7613
This introduces gnutls_utf8_password_normalize() and a dependency on libunistring.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 14 17:12:02 2016 +0100
tests: added test suite with PKCS#8 files that have invalid encryption
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 14 16:30:46 2016 +0100
PKCS#5,7 decryption: verify the correctness of padding
That is, for block ciphers (i.e., cbc), verify that all the padding bytes
match the expected contents according to RFC2898.
Relates #148
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 14 15:17:26 2016 +0100
PKCS#5,7 decryption: added sanity check on padding size
Relates #148
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 14 15:01:18 2016 +0100
PKCS#5,7 decryption: fail without leak on unknown MAC
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 14 14:54:00 2016 +0100
PKCS#5,7 decryption: fail early on invalid block sizes
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 14 14:47:13 2016 +0100
PKCS#5,7 decryption: enforce limits in the support parameter sizes
This allows to detect invalid parameters early rather than later.
Relates #148
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 14 14:03:58 2016 +0100
updated auto-generated files for new functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 14 10:03:29 2016 +0100
pkcs7 output: use the new functions for DN output
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 14 09:52:16 2016 +0100
tests: account for the strict RFC4514 compliance reversal
Test the new functions only for the strict RFC4514 compliance to
output strings, and test the old functions for the legacy format.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 11 19:05:27 2016 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 11 18:52:03 2016 +0100
x509 output: use the new functions for DN output
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 11 18:31:37 2016 +0100
cleanups in _gnutls_buffer_to_datum()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 11 18:42:59 2016 +0100
certtool: use the new APIs for DN extraction
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 14 13:31:34 2016 +0100
_gnutls_x509_get_dn: when no data ensure we return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
This aligns with the previous (prior to RFC4514 improvements) behavior of the function.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 11 16:20:01 2016 +0100
Introduced new functions to allow multiple DN parsing modes
The old DN parsing functions are changed to return the original
non-fully compliant with RFC4514 string format, while the new
ones return the compliant string by default. This allows applications
which relied on the previous format to continue functioning without
changes.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 9 17:19:48 2016 +0100
.gitlab-ci.yml: include root dir log files in all builds
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 14 11:06:26 2016 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 14 12:57:53 2016 +0100
gl: removed invalid module name
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 13 17:08:35 2016 +0100
tools: added explicit socket flag to skip TLS initialization
This allows proper error recovery when SOCKET_FLAG_RAW is specified
and initialize_session() fails.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 13 16:41:43 2016 +0100
gnutls-cli-debug: terminate sessions which cannot be re-used
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 13 16:15:42 2016 +0100
sockets: only use gnutls_bye on a valid socket session
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 10 06:39:32 2016 +0100
p11tool: --initialize will no longer reset user PIN
That is because it only resetted the user PIN and not the admin PIN,
while at the same time it had problems to cope with the case where
the URL changed between token initialization and PIN setting (which
is the case if --label is provided to --initialize).
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 10 06:34:50 2016 +0100
p11tool: added options to initialize a user and admin's PIN
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 11 09:01:39 2016 +0100
gnutls_store_pubkey: document the default hosts format
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 7 09:17:22 2016 +0100
_wrap_nettle_pk_verify: use FAIL_IF_LIB_ERROR prior to returning success
This will prevent verification to succeed if the system is in
error state.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 7 09:11:24 2016 +0100
fips140-2: moved PCT-test in wrap_nettle_generate_keys
This allows it to run in any potential scenario, i.e., any
call of _gnutls_pk_generate_keys().
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Nov 5 19:18:08 2016 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 6 10:03:35 2016 +0100
.gitlab-ci.yml: use included libtasn1 in CI systems which do not have 4.9
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 3 10:31:27 2016 +0200
bumped the version of the minimum required libtasn1
We now require the latest version that supports OIDs
with elements that are longer than 32-bits.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 11 11:16:12 2016 +0200
tests: added check for the decoding of certificates with long OIDs
That is, OIDs which have an element which exceeds 2^32.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 4 10:42:58 2016 +0100
symbol-check: do not compare against symbols not exported by us
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 4 09:49:41 2016 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 4 09:34:55 2016 +0100
tests: updated known ciphersuites test for CHACHA20-POLY1305 in the SECURE set
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 4 09:10:18 2016 +0100
priorities: added CHACHA20-POLY1305 to SECURE set
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 4 08:15:24 2016 +0100
released 3.5.6
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 4 07:58:48 2016 +0100
bumped versions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 4 07:56:33 2016 +0100
symbols.last: updated auto-generated file
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 19 10:27:26 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 31 10:18:09 2016 +0100
tests: added test to ensure that gnutls_rnd() is not called during initialization
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 24 08:30:06 2016 +0200
doc: explicitly state that rng self_test mustn't require rng initialization
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 17 14:10:08 2016 +0200
deprecated _gnutls_rnd() in favor of exported gnutls_rnd()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 14 14:16:51 2016 +0200
rng: split initialization in preinit and init
This makes gnutls to initialize its random generator on the
first call to gnutls_rnd(). That prevents blocking due to
getrandom() on a constructor; that change allows to use gnutls-linked
applications even in early boot in systems where getrandom() blocks
waiting for entropy.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 31 11:40:12 2016 +0100
_gnutls_rnd_check: call _rnd_system_entropy_check directly
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 2 18:07:13 2016 +0100
x509: removed unused IDNA file
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 2 13:24:59 2016 +0100
doc update [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 2 08:29:25 2016 +0100
handshake: log advertized version
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 2 08:13:38 2016 +0100
algorithms.h: removed exported prototype from internal header
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 1 18:39:38 2016 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 31 17:23:16 2016 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 31 16:59:20 2016 +0100
tests: added decoding of multi-value DN
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 31 14:21:37 2016 +0100
x509_dn: forbid non-supported escaped chars on DN encoding
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 31 14:07:13 2016 +0100
tests: enhanced RFC4514 with arbitrary escaped strings
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 31 14:07:27 2016 +0100
x509_dn: allow arbitrary escaped strings
In addition fail encoding on unescaped '+'. We do not support it
for DN encoding.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 21 14:46:49 2016 +0200
tests: modified to account for backwards-encoded DN (according to RFC4514)
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 31 13:18:17 2016 +0100
tests: removed old README file
The description in the file had no relevance to the existing tests.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 31 13:00:14 2016 +0100
gnutls_x509_crt_set_*dn, gnutls_x509_dn_set_str: honor the reverse property of RFC4514
When converting an RFC4514 string to a DN ensure that the elements
are encoded in reverse order, as required by the RFC.
Resolves #111
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 19 15:35:44 2016 +0200
Encode string DNs backwards according to RFC4514
This makes the output string from functions such as gnutls_x509_crt_get*dn()
to comply with RFC4514 requirements in DN element order.
Relates #111
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 31 14:41:10 2016 +0100
Updated issue templates [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 31 14:35:22 2016 +0100
Added issue templates [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Oct 29 23:45:18 2016 +0200
doc update [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Oct 29 23:31:00 2016 +0200
nettle: renamed system random generator-related files for clarity
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 17 14:34:10 2016 +0200
tests: introduced checks for gnutls_rnd() in multi-threaded scenario
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 17 14:33:53 2016 +0200
tests: introduced sanity checks in rng-fork
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 24 08:30:29 2016 +0200
drbg-aes-self-test: corrected free call
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 27 21:04:49 2016 +0200
tests: check for gnutls 3.3.x compatibility
That is, check whether the status request extension is not sent
by the server, if the server does not hold a status response. We
require that behavior to be backwards compatible with gnutls 3.3.x.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 26 17:51:11 2016 +0200
Reverted the behavior of sending a status request extension even without a response
That is, we no longer reply to a client's hello with a status request, with
a status request extension. Although that behavior which was introduced
in 6b76e0c899b1ff08df9bd9b41588f771f050be89 is legal, it creates incompatibility
issues with gnutls 3.3.x branch. That is because versions prior 3.3.26
translates the presence of the extension as a guarrantee that the status
response data will be sent. Even though, that is false assumption we
replicate the previous behavior to allow such clients to connect to
a gnutls 3.5.x server.
Relates !66
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Thu Oct 27 18:42:38 2016 +0300
tests: do not enable testpkcs11.sh twice
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sat Oct 22 14:24:16 2016 +0300
starttls: search for chat in sbin if it is not present in PATH
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri Oct 21 04:17:36 2016 +0300
Fix autoconf warnings in libopts.m4
Without this patch Autoconf will spam console with the following kind of
messages:
configure.ac:650: warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in body
../../lib/autoconf/lang.m4:193: AC_LANG_CONFTEST is expanded from...
../../lib/autoconf/general.m4:2740: _AC_RUN_IFELSE is expanded from...
../../lib/m4sugar/m4sh.m4:639: AS_IF is expanded from...
../../lib/autoconf/general.m4:2759: AC_RUN_IFELSE is expanded from...
../../lib/m4sugar/m4sh.m4:639: AS_IF is expanded from...
../../lib/autoconf/general.m4:2042: AC_CACHE_VAL is expanded from...
src/libopts/m4/libopts.m4:386: LIBOPTS_RUN_FOPEN_TEXT is expanded from...
src/libopts/m4/libopts.m4:425: INVOKE_LIBOPTS_MACROS is expanded from...
src/libopts/m4/libopts.m4:560: AM_COND_IF is expanded from...
src/libopts/m4/libopts.m4:581: LIBOPTS_CHECK is expanded from...
configure.ac:650: the top level
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sat Oct 22 02:18:40 2016 +0300
cfg.mk: fix m4 files removal
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 21 17:45:03 2016 +0200
tests: better check for gnutls_ecc_curve_get result
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 21 17:30:43 2016 +0200
Terminate handshake if only unknown or disabled signatures are advertized by the peer
That is, do not attempt to proceed assuming that the peer supports SHA-1.
Author: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Sat Oct 22 03:28:14 2016 +0300
Fix compilation of tests if nettle is not installed in standard path
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 25 08:03:32 2016 +0200
gnutls-cli-debug: corrected TLS1.2 detection
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 24 08:33:42 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Oct 22 09:41:45 2016 +0200
modified the gnutls_certificate_set_key* change
While the change was fully backwards compatible for applications that were
adding a single certificate, and applications that were checking for negative
errors codes, many applications do not. As this may cause incompatibility issues
with software properly utilizing the previously documented API, the change
is reverted, and applications need to explicitly enable a flag (GNUTLS_CERTIFICATE_API_V2)
in the credentials structure for the set_key functions to return an index.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 19 23:06:59 2016 +0200
tests: removed nohats.ca from testdane
The host seems to be unreliable.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 21 16:43:47 2016 +0200
.travis.yml: use as many jobs as CPUs in OSX
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 21 16:14:32 2016 +0200
.travis.yml: do not run the public submodule checks of maint.mk
These seem to be problematic to detect modification and are preventing
the CI from operating.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 21 13:16:50 2016 +0200
.travis.yml: simplified the submodule checkout
The default submodule initialization in travis caused the MacOSX builds to fail.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 21 13:15:19 2016 +0200
Added casts to prevent compiler warnings
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 21 13:14:57 2016 +0200
corrected typo
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 21 12:10:56 2016 +0200
README.md: corrected link to travius build
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 20 15:58:38 2016 +0200
.travis.yml: added support for compiling in macosx
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 21 11:02:30 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 21 11:01:43 2016 +0200
tests: added checks for the new GNUTLS_NO_TICKETS flag
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 21 10:26:13 2016 +0200
gnutls_init: added GNUTLS_NO_TICKETS flags
These flags allow the callers to disable the automatically enabled
session tickets. This could be done only with GNUTLS_NO_EXTENSIONS
which also disabled other useful extensions.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 20 09:26:10 2016 +0200
tests: added pkcs11-privkey-export
This checks whether the public parts of RSA private and public keys
can be properly extracted from a PKCS#11 module.
Author: Jakub Jelen <jjelen@redhat.com>
Date: Wed Oct 19 13:41:55 2016 +0200
Expose CKA_PUBLIC_EXPONENT and CKA_MODULUS for private keys too
Author: Jakub Jelen <jjelen@redhat.com>
Date: Wed Oct 19 09:17:52 2016 +0200
tests/pkcs11: Return also CKA_CLASS
Author: Jakub Jelen <jjelen@redhat.com>
Date: Tue Oct 18 15:28:39 2016 +0200
tests/pkcs11: Expose SUBJECT for certificates, PUBLIC_EXPONENT and MODULUS for public keys to widen compatibility
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 18 15:42:52 2016 +0200
doc update [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 18 13:45:34 2016 +0200
updated auto-generated files
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 18 09:24:02 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 18 10:13:56 2016 +0200
certtool: allow setting key purposes for non-CA certificates
That is, allow setting code signing, or time stamping key purpose
in certificates that are not marked as CA. The previous restriction
served no purpose.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 18 10:01:49 2016 +0200
certtool: introduce key purpose checks in p7 direct verification
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 18 09:22:59 2016 +0200
x509: introduced gnutls_x509_crt_check_key_purpose()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 17 15:07:03 2016 +0200
gnutls_x509_crt_verify_data2: introduce constraints checks on the provided certificate
That is check the provided certificate for validity in time and key usage.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 18 10:02:29 2016 +0200
tests: introduced verification constraints checks for PKCS#7 structures
That is, key purpose checks and more elaborate time checks.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 17 12:00:41 2016 +0200
gnutls-serv: use the included known DH parameters by default
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 17 11:54:51 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 14 12:02:31 2016 +0200
certtool: manpage update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 12 08:34:13 2016 +0200
getfuncs-map.pl: ignore the ffdhe exported parameters
That is ignore the new variables exported which are not functions, and
thus cannot be detected by getfuncs-map.pl.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 11 19:26:44 2016 +0200
updated auto-generated files
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 11 20:10:37 2016 +0200
tests: crl-test: use a unique temp file
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 11 20:01:27 2016 +0200
tests: added sanity check for included primes
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 11 19:36:26 2016 +0200
doc: discuss the set_known_dh_params and use it in the examples
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 11 19:25:52 2016 +0200
tests: check gnutls_psk_set_server_known_dh_params
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 11 19:22:25 2016 +0200
tests: check gnutls_anon_set_server_known_dh_params
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 11 19:12:16 2016 +0200
tests: check gnutls_certificate_set_known_dh_params
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 11 16:42:28 2016 +0200
DH: introduced gnutls_*_set_known_dh_params()
That is, the functions gnutls_certificate_set_known_dh_params(),
gnutls_anon_set_server_known_dh_params(),
gnutls_psk_set_server_known_dh_params().
These functions allow to statically set the DH parameters, based
on the RFC7919 FFDHE parameters. This can simplify server configuration
by allowing DH without loading parameters from file.
Relates #37
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 11 16:18:22 2016 +0200
certtool: --get-dh-params will output the FFDHE primes instead of the SRP primes
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 11 16:05:57 2016 +0200
DH: export the FFDHE Diffie-Hellman values
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 14 16:13:29 2016 +0200
.gitlab-ci.yml: use fedora's mingw-cmocka packages
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 14 16:12:44 2016 +0200
more files to ignore
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 14 15:04:41 2016 +0200
tests: added check for PKCS#7 catalog file parsing and data extracting
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 14 15:46:05 2016 +0200
tests: updated pkcs7 text outputs to account for certtool update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 14 14:55:57 2016 +0200
certtool: --p7-info will include the PKCS#7 encoded data in PEM format
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 14 14:50:25 2016 +0200
tests: replaced large test2.cat with a smaller file
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 14 13:13:26 2016 +0200
certtool: improve text on missing options for cert generation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 14 12:57:31 2016 +0200
Revert "certtool: improve text on missing options for cert generation"
This reverts commit 7daed1fd0602bce7495d252f1a9b638fc41e38d3.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 14 10:22:07 2016 +0200
handshake: set a maximum number of warning messages that can be received per handshake
That is to avoid DoS due to the assymetry of cost of sending an alert vs the cost
of processing.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 14 10:08:35 2016 +0200
record: disallow parsing of alert messages prior to session start
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 14 10:07:58 2016 +0200
tests: added check to verify that the server will bail out after receiving only alerts
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 14 09:59:22 2016 +0200
tests: added check to verify that the server will bail out after many alerts
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 13 17:01:16 2016 +0200
certtool: improve text on missing options for cert generation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 13 16:55:00 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 13 16:51:19 2016 +0200
tools: removed redudant messages on PIN re-use
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 13 16:48:52 2016 +0200
p11tool: avoid asking the security officer PIN twice on initialization
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 13 16:41:04 2016 +0200
p11tool: improved messages on token initialization
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 13 16:37:45 2016 +0200
p11tool: corrected check of PIN existance in token initialization
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 13 13:10:52 2016 +0200
doc: set a default handshake timeout on example server
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 13 13:09:35 2016 +0200
serv: set a timeout value in handshake
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 13 08:56:45 2016 +0200
tests: added check for Encrypt-then-MAC under DTLS
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 13 08:54:52 2016 +0200
tests: cleanups in tls-etm.c
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 12 13:36:01 2016 +0200
gnutls_pkcs7_get_embedded_data: added GNUTLS_PKCS7_EDATA_GET_RAW flag
This flag allows the export of the stored embedded data with any wrapping
encoding included. This in particular, it allows to read the data from the
microsoft catalog PKCS#7 structures, which store as embedded data elements
of a SEQUENCE, but only authenticate the inner parts without the bytes
forming the SEQUENCE header.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 11 21:33:24 2016 +0200
configure: automatically disable non-suiteb curves
That is, if the installed nettle doesn't provide the
nettle_secp_192r1 symbol.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Oct 9 20:41:18 2016 +0200
doc update
Author: Colin Walters <walters@verbum.org>
Date: Tue Oct 11 11:28:39 2016 -0400
priorities: Do read crypto policy files with mtime of zero
In a default Fedora Atomic Host installation,
`/etc/crypto-policies/backends/gnutls.config` is a symlink to the
default in `/usr/share/`. On an OSTree-managed system, files in
`/usr` have an mtime of zero (to help deduplication).
The simple fix here is to still try to read the first time, even if
the file has an mtime of zero.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 11 14:11:27 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 11 13:55:56 2016 +0200
certtool: corrected use of gnutls_pkcs7_get_embedded_data()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 11 13:06:48 2016 +0200
pkix.asn: simplified ASN.1 description by eliminating pkcs-7-ContentType
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 11 13:03:45 2016 +0200
updated auto-generated files
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 11 11:30:28 2016 +0200
certtool: print the enacapsulated content OID on verification
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 7 15:25:31 2016 +0200
tests: added checks for the decoding of various PKCS#7 structures
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 7 15:19:16 2016 +0200
pkcs7: print the eContent type in output functions if it does not match the defaults
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 7 12:06:37 2016 +0200
pkcs7: allow unknown and legacy signature data OIDs to be imported
This allows to decode very old PKCS#7 structures where the content is not
an octet string. In addition, it introduces gnutls_pkcs7_get_embedded_data_oid()
to obtain the OID of the signature data.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 7 19:07:41 2016 +0200
certtool: --p7-info can be combined with --p7-show-data to display embedded data
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 10 09:48:05 2016 +0200
lib: link with LTLIBDL instead of LIBDL
It fixes compilation issues on some systems.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Oct 9 20:01:06 2016 +0200
released 3.5.5
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Oct 9 19:27:39 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Oct 9 19:04:30 2016 +0200
doc: mention gnutls_session_ext_register and its supplemental data equivalent
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Oct 9 18:56:52 2016 +0200
bumped version
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Oct 9 14:21:09 2016 +0200
TLS extensions: only cache the extension IDs from exts that the server supports
That avoids imposing any artificial limits on the number of extensions that
a server can handle.
Resolves #136
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Oct 9 14:05:07 2016 +0200
tests: check the registration of multiple extensions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Oct 8 07:24:02 2016 +0200
doc: added gnutls_datum_t and giovec_t to indexes
Resolves #137
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 7 15:24:25 2016 +0200
pkcs7: removed any limits in hex encoding of attributes
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 7 16:10:19 2016 +0200
certtool: lift any limits in print_raw()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 7 14:17:52 2016 +0200
certtool: added safety net when generating a certificate request
That is, do not allow specifying --generate-request --load-pubkey without
specifying --load-privkey. Previously if --load-pubkey would have been
used, it would have been ignored, causing confusion to the users.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 6 08:50:39 2016 +0200
doc update [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 5 20:10:46 2016 +0200
Makefile.am: improved the files-update output
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 5 20:09:21 2016 +0200
updated auto-generated files
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 5 13:51:05 2016 +0200
_gnutls_utf8_to_ucs2: force NFC normalization form in windows
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 5 11:04:54 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 5 11:41:23 2016 +0200
tests: added checks for gnutls_session_supplemental_register
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 5 11:33:55 2016 +0200
Added session-specific supplemental data handling
This allows a caller to add supplemental data handling which will
only be made available for a specific session.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 5 10:43:29 2016 +0200
tests: added checks for gnutls_session_ext_register
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 30 18:53:09 2016 +0200
Added session-specific TLS extensions
This allows a caller to add extensions which will be made available
for a specific session.
Author: Ludovic Courtès <ludo@gnu.org>
Date: Wed Oct 5 14:30:33 2016 +0200
guile: Implement session record ports using the Guile 2.2 API.
This allows the Guile bindings to be built and used with
Guile >= 2.1.4, which introduced a new port API.
* guile/src/core.c (USING_GUILE_BEFORE_2_2): New macro.
(session_record_port_type) [!USING_GUILE_BEFORE_2_2]: New definition.
(read_from_session_record_port, write_to_session_record_port)
(make_session_record_port) [!USING_GUILE_BEFORE_2_2]: New functions.
Conditionalize the other same-named functions on
USING_GUILE_BEFORE_2_2.
(scm_init_gnutls_session_record_port_type): Use
'read_from_session_record_port' when !USING_GUILE_BEFORE_2_2.
Author: Ludovic Courtès <ludo@gnu.org>
Date: Wed Oct 5 14:30:32 2016 +0200
guile: Test 'set-session-transport-fd!'.
* guile/tests/session-record-port.scm: Use 'set-session-transport-fd!'
on the server side.
Author: Ludovic Courtès <ludo@gnu.org>
Date: Wed Oct 5 14:30:31 2016 +0200
guile: Guile 2.x 'uniform-vector-read!' replacement returns 0 upon EOF.
This problem was never hit in practice because our tests always got the
non-EOF case.
* guile/modules/gnutls/build/tests.scm (uniform-vector-read!) [guile-2]:
Return 0 upon EOF.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 5 10:01:20 2016 +0200
win32: install the .def files in libdir instead of bindir
Suggested by Eli Zaretskii.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 5 08:48:57 2016 +0200
certtool: include arpa/inet.h unconditionally
That is because we use inet_pton() which is either provided by the
OS, or by gnulib.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 5 08:46:08 2016 +0200
gnutls-cli: fix compilation warning in win32
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 5 08:44:05 2016 +0200
Fixed the version in libgnutls-openssl.def file
Previously the version set in that file would have
been (incorrectly) equal to the version of the main library.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 5 08:34:51 2016 +0200
tests: avoid using %zd for formatted output
It is not supported by windows.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 4 16:20:44 2016 +0200
tests: skip tests which depend on libidn functionality if build without libidn
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 4 15:55:08 2016 +0200
tests: fixed compilation of pkcs11-privkey-always-auth
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 4 15:10:22 2016 +0200
Fix build of system/keys-win.c with older mingw
Patch by Eli Zaretskii <eliz@gnu>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 3 14:48:49 2016 +0200
tests: introduced further parallelization in provable* tests
This runs independent verification steps in parallel, improving running time significantly.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 3 14:40:06 2016 +0200
tests: provable-dh-default check is too slow and is only run when the complete suite is requested
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 3 14:25:06 2016 +0200
tests: split provable-privkey into multiple checks
This allows the tests to be run in parallel.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 3 14:17:52 2016 +0200
tests: provable-dh was split into two programs
This allows the test to be run more efficiently when run
in parallel.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 30 16:48:54 2016 +0200
.gitlab-ci.yml: do not run the full test suite on valgrind test
This allows the CI test to run on reasonable time.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 30 14:16:01 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 26 13:00:36 2016 +0200
more files to ignore
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 30 13:08:53 2016 +0200
devel/openssl: updated to 1.1.0 release
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 29 15:41:23 2016 +0200
aarch64: added optimized AES-CCM mode
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 27 21:43:05 2016 +0200
Imported Andy Polyakov's implementation of AES-GCM in aarch64
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 26 11:55:37 2016 +0200
Imported Andy Polyakov's implementation of AES in aarch64
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 29 13:36:55 2016 +0200
Added HMAC-SHA* optimizations for aarch64
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 23 14:55:37 2016 +0200
Imported Andy Polyakov's implementations for SHA* in aarch64
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 3 12:53:43 2016 +0200
fix zero-termination in _gnutls_server_name_set_raw() for large server names
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 3 12:56:07 2016 +0200
_gnutls_check_id_for_change: added check for NULL username
This is not required, but may prevent from issues if code-reorganizations
which may set a NULL username, occur.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 3 12:58:17 2016 +0200
gnutls_*_crt_print: better error checking
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 3 10:29:29 2016 +0200
tests: added test for CKA_ALWAYS_AUTHENTICATE handling in PKCS#11
This checks whether GnuTLS properly calls login prior to any sign
operations when the object is marked as CKA_ALWAYS_AUTHENTICATE.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 3 11:11:55 2016 +0200
pkcs11: improved debugging output in pkcs11_login
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 3 10:22:44 2016 +0200
name constraints: removed unused variable
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 30 13:25:41 2016 +0200
tools: clarify errors when reading files
Previously certtool and ocsptool would report:
```
$ certtool --generate-request --load-privkey=foo --outfile=bar
Generating a PKCS #10 certificate request...
reading --load-privkey: foo
```
And that doesn't make apparent what the issue was. Modified
to print:
```
error reading --load-privkey: foo
```
Report and initial patch by Thibault Nélis.
Resolves !97
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 28 07:41:13 2016 +0200
p11tool: doc update [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 27 23:42:01 2016 +0200
Removed C99 constructions in for-loops
These constructions although valid for C99 they are
being rejected by various compilers. Get rid of them.
Author: Daiki Ueno <ueno@gnu.org>
Date: Tue Sep 27 11:04:16 2016 +0200
certtool: print correct size of EC keys
Previously certtool complained about key size if --curve is given:
$ certtool --generate-privkey --ecc --curve secp256r1 --outfile key.pem
Generating a -2147483646 bit EC/ECDSA private key...
Note that ECDSA keys with size less than 256 are not widely supported.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 27 09:51:56 2016 +0200
p11tool: documented the p11-kit relevancy of distrust and stapled
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 27 09:39:09 2016 +0200
pkcs11: forbid PKCS#11 extensions to be used in other than trust modules
That is, only use the CKA_X_DISTRUSTED and the extension override in
p11-kit trust modules, to avoid conflicts with potentially other
PKCS#11 extensions.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 27 11:46:24 2016 +0200
.gitlab-ci.yml: enabled valgrind tests build
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 27 11:44:16 2016 +0200
tests: allow handshake-large-packet to run under valgrind
That is, initialize the allocated buffers with a known value.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 26 14:24:31 2016 +0200
p11tool: introduced the --mark-distrusted and --distrusted options
This allows to mark objects as distrusted, as well as list all
distrusted certificates (blacklisted) for a p11-kit trust module as:
p11tool --list-all-certs --distrusted
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 26 14:23:24 2016 +0200
pkcs11: introduced flag GNUTLS_PKCS11_OBJ_FLAG_MARK_DISTRUSTED
This allows to mark objects as distrusted, as well as to be
able to list distrusted objects.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 26 14:00:32 2016 +0200
pkcs11: only staple extensions from a trust module when they are from a non-distrusted certificate
That is, make sure that the API for stapling extensions is only used
for non-distrusted (blacklisted) certificates. The reason is to avoid
duplicate extension entries from the p11-kit trust database. These
come from blacklisted certificates, and we have no reason to support
stapled extensions with blacklisted certificates.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 26 13:47:19 2016 +0200
p11tool: allow to export a certificate with its stapled extensions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 26 08:12:52 2016 +0200
gnutls_oid_to_ecc_curve: fix null pointer dereference
This addresses issue where an unknown curve would cause a
null pointer dereference. This was introduced with the addition
of X25519. Reported by Theofilos Petsios.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 23 16:01:07 2016 +0200
Only send the status request extension on cert authentication
That is, do not both asking for it, or replying to it, if we are
not using any certificates.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 22 14:49:57 2016 +0200
gdoc: improved the detection and display of escaped characters (@%)
This allows to properly display strings like %COMPAT and @SYSTEM
in the manual and the manpages.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 22 13:46:19 2016 +0200
doc: gnutls_priority_init: fixed %COMPAT [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 22 12:08:45 2016 +0200
.gitlab-ci.yml: corrected debian build's dependency
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 22 11:07:45 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 21 17:59:18 2016 +0200
On client side allow signing with the signature algorithm of our cert
That allows to sign for example with DSA-SHA1 as client even if we do not
allow DSA-SHA1 as signature algorithm for server's certificate. This allows
to use a deprecated certificate without enabling deprecated algorithms
globally.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 22 11:01:22 2016 +0200
_gnutls_session_get_sign_algo: always return GNUTLS_SIGN_UNKNOWN on failure
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 22 10:35:13 2016 +0200
tests: added check for server-side ECDSA keys
These tests check whether a server ECDSA key will be rejected by
the client in case the client has no ECDSA signature algorithms
available.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 22 09:54:12 2016 +0200
tests: added check for client-side DSA key
This checks whether a client can use and send a DSA key, even
if DSA is not enabled (which should prohibit the server from providing
a DSA certificate).
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 22 09:21:06 2016 +0200
certtool: do not require a certificate to generate a PKCS#12 file
That is, allow generating PKCS#12 files with private keys only as well.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 20 09:00:23 2016 +0200
.gitlab-ci.yml: added debian build
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 20 14:31:12 2016 +0200
README.md: depend on softhsm2 and net-tools on debian
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 19 15:36:21 2016 +0200
tests: mini-server-name: skip invalid UTF-8 check if compiled without libidn
This allows the test suite to run in systems without libidn. Reported
by Thomas Klausner.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 19 14:55:24 2016 +0200
tests: added the macros test_fail() and test_success()
These macros allow test programs which run multiple checks,
to report the name of the check failed. Modified mini-server-name
and x509-dn-decode to use the macro.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 19 18:55:59 2016 +0200
cfg.mk: removed invalid rule in web target
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 19 14:24:10 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 19 14:12:56 2016 +0200
added debugging message when session fails due to handshake hash buffer
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 19 08:02:14 2016 +0200
tests: check whether large packets are allowed on the handshake
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 19 08:01:24 2016 +0200
Do not allow sending overflowed extensions field
That is, restrict the extensions to a 2^16 total size.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 19 07:42:41 2016 +0200
tests: minor improvements in mini-extension
This will improve recovery from error conditions.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 16 13:12:50 2016 +0200
Increased the maximum size allowed for handshake messages to 128kb
This would allow the library to cope with larger packets, as well
as TLS 1.3 hellos. Suggested by Hubert Kario.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 17 12:52:41 2016 +0200
tests: added check for insecure key
That is, a check which verified whether a connection to a server with
a very small key will fail the certificate verification check.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 17 11:43:45 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 17 11:31:29 2016 +0200
Introduced separate error codes for invalid private and public keys
This allows functions like decryption and verification to report
the specific issue they encountered on public key error.
The new codes are GNUTLS_E_PK_INVALID_PUBKEY and GNUTLS_E_PK_INVALID_PRIVKEY
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 15 16:50:26 2016 +0200
.gitlab-ci.yml: no longer require gnutls-devel
This package is no longer needed to run abi-check.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 15 16:49:37 2016 +0200
Makefile: abi-check no longer require gnutls headers to be installed
This addresses the issue of requiring gnutls-devel in the CI system
to run abi-check.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 13 15:17:29 2016 +0200
doc: remove the conditional self_test functions
Also prevent them by re-entering the documented functions list
by restricting the header files that contribute functions to the
known list defined by $(HEADER_FILES).
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 13 10:37:54 2016 +0200
Makefile.am: introduced 'make files-update' rule
This rule updates the makefiles in doc/ and the kept symbol list.
This allows for easier automation of the symbol change 'make dist'
breakages.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 13 10:33:00 2016 +0200
manpages: delete comparison temp file
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 13 10:30:09 2016 +0200
Makefile.am: symbol changes were made more elaborate
During make dist, the makefile will report the appropriate
symbol change message with instructions and fail.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 13 10:02:48 2016 +0200
updated doc and symbol files for gnutls_certificate_set_ocsp_status_request_function2
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 13 10:00:42 2016 +0200
Makefile.am: print the symbols.last diff on make dist
This allows to manually verify the contents before overriding
the old file.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 12 17:23:07 2016 +0200
doc: allow creation of gnutls.epub without running epub-fix
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 12 15:50:52 2016 +0200
.gitlab-ci.yml: use nproc as argument to 'make -j'
That way, we use as many make processes, as the number of
CPUs in the CI system.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 12 15:31:13 2016 +0200
.gitlab-ci.yml: added build which runs 'make dist'
This tests whether the manpages, info, html, pdf and epub
manual are properly generated, and whether any new functions
were included into makefiles.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 12 15:30:07 2016 +0200
doc: fixed the epub documentation generation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 13 20:18:03 2016 +0200
gnutls_certificate_set_ocsp_status_request_file: mention version it was enhanced
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 13 20:11:28 2016 +0200
doc: corrected typo
Author: Alex Monk <krenair@gmail.com>
Date: Mon Sep 12 18:24:49 2016 +0100
Add ECDHE-* to the priority string docs for key exchange algorithms
GNUTLS_KX_ECDHE_PSK was added in 2.99.3 (released 2011-06-18)
The other two were added in 2.99.2 (released 2011-05-26)
Signed-off-by: Alex Monk <krenair@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 13 08:54:42 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 13 08:49:10 2016 +0200
.gitlab-ci.yml: added check for position dependent code
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 13 08:46:51 2016 +0200
Makefile.am: added check for position dependent code
This check will verify that the generated library doesn't contain
position dependent code. It depends on elf utilities.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 13 08:38:36 2016 +0200
openssl asm: reverted to AESNI-x86 code to gnutls 3.4.x code
The newer code was creating position dependent code.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 12 11:59:37 2016 +0200
tests: added checks to verify server understanding of UTF8 hostnames
This verifies whether a server can understand and serve requests
which contain UTF-8 server names.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 12 11:51:07 2016 +0200
tests: set_key: fixed the time override
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 12 11:23:25 2016 +0200
tests: set_key: enabled failure_mode test
Also eliminated memory leaks related to it.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 10 10:50:43 2016 +0200
Added IDNA support in server side
Any server names provided to server side by the gnutls_certificate_set_*
functions, are converted to IDNA format for comparison with client provided
values.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 12 10:52:18 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 12 10:48:10 2016 +0200
.gitlab-ci.yml: restrict the freebsd builds to local branches only
Author: Alex Monk <krenair@gmail.com>
Date: Sun Sep 11 22:10:14 2016 +0100
Add SIGN-ECDSA-SHA* to the priority strings docs
There were added in version 2.99.2, 2011-05-26
Signed-off-by: Alex Monk <krenair@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 12 10:22:37 2016 +0200
gnutls_certificate_set_*key: ensure proper cleanup on key mismatch failures
That is, ensure that we keep no local references that are shared with
the caller, and that we properly free all initialized values.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 12 10:23:48 2016 +0200
tests: check key mismatch on gnutls_certificate_set_*key
That is, check whether these functions can successfully
recover from such condition, without leaks or double freeing.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 8 15:32:06 2016 +0200
tests: added unit testing for gnutls_certificate_set_ocsp_status_request_function2
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 8 15:14:37 2016 +0200
tests: added unit tests for gnutls_certificate_set_x509_key()
In addition these tests verify that the expected index is returned
and that can be used with gnutls_certificate_get_crt_raw() afterwards.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 8 15:03:00 2016 +0200
tests: enhanced set_x509_key tests to include index verification
That is, verify that correct indexes are returned, and these
can be used with gnutls_certificate_get_crt_raw() afterwards.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 8 13:48:30 2016 +0200
tests: enhanced set_x509_key_file tests to include index verification
That is, verify that correct indexes are returned, and these
can be used with gnutls_certificate_get_crt_raw() afterwards.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 7 17:55:38 2016 +0200
tests: more checks for functionality of gnutls_certificate_set_ocsp_status_request_file
This introduces checks for the cases where gnutls_certificate_set_ocsp_status_request_file()
is called with multiple indexes, to set an OCSP response for different
certificates. The tests then verify whether the expected OCSP response
is received.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 7 14:49:35 2016 +0200
Added gnutls_certificate_set_ocsp_status_request_function2
That introduces a new function to allow setting an OCSP status
request handling function per certificate. Furthermore it repurposes
the flag parameters to an index option on gnutls_certificate_set_ocsp_status_request_file.
The changes above allow setting a different OCSP status response
file per certificate, and a different function. The indexes they
rely on to associate with existing certs are the indexes returned
by the gnutls_certificate_set_key() and friends functions.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 7 13:38:19 2016 +0200
All the key and chain set functions return an index
When setting key and certificate material to a gnutls_certificate_credentials_t
structure, the corresponding set functions will return an index.
That index could be used later either on the get functions, or
when setting corresponding data (e.g., an OCSP response).
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 7 13:29:54 2016 +0200
doc: clarifications in gnutls_certificate_set_ocsp_status_request_function()
Author: Andreas Metzler <ametzler@debian.org>
Date: Sun Sep 11 16:00:57 2016 +0200
Typo fixes found by lintian.
incosistent, ommited
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 11 20:24:43 2016 +0200
.gitlab-ci.yml: added code-coverage output to clang build
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 11 19:40:25 2016 +0200
.gitlab-ci.yml: the code-coverage command will always succeed
This works around random failures while calculating the code coverage.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 11 19:37:45 2016 +0200
.gitlab-ci.yml: moved commonly installed packages into the before_script field
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 11 12:57:04 2016 +0200
.gitlab-ci.yml: added syntax check build
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 11 12:51:11 2016 +0200
cfg.mk: revived 'make release'
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 11 12:21:59 2016 +0200
several spacing fixes to keep syntax-check happy
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 11 11:51:37 2016 +0200
avoid the usage of '-a' and '-o' bash options
This keeps syntax-check happy.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 11 11:44:58 2016 +0200
avoid the usage of strncpy
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 11 11:40:51 2016 +0200
removed signal.h from files that wasn't used at
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 11 11:38:35 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 11 11:38:08 2016 +0200
gnutls_x509_cidr_to_rfc5280: removed double semi-colon
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 11 11:37:32 2016 +0200
removed c-ctype.h from files that wasn't used at
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 11 11:36:27 2016 +0200
configure.ac: quote parameters when needed
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 11 11:35:51 2016 +0200
removed assert.h from files that wasn't used at
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 11 11:34:53 2016 +0200
POTFILES: added libdane files
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 11 11:25:15 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 11 11:23:15 2016 +0200
tests/tools: avoid non-null check before free()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 10 23:02:13 2016 +0200
latex manual: added backwards compatibility options
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 10 11:04:51 2016 +0200
.gitlab-ci.yml: windows DLL builds now include all required dependencies
Also improved naming conventions for builds
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 10 07:49:59 2016 +0200
inet_ntop4: casted signed/unsigned comparison
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 10 07:48:22 2016 +0200
system.h: undefine macros before defining them
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 10 07:44:21 2016 +0200
_gnutls_fbase64_decode: use memsub macro instead of casts
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 9 15:04:52 2016 +0200
gnutls-cli: use gnutls_set_default_priority if no priorities are given
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 9 15:01:05 2016 +0200
gnutls-serv: removed '...' from documentation
That caused caused problems in generated manpage.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 9 13:59:05 2016 +0200
configure: better document the random generator variant used
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 8 07:30:33 2016 +0200
released 3.5.4
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 7 22:44:08 2016 +0200
.gitlab-ci.yml: corrected wrong operation in minimal build
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 7 22:25:47 2016 +0200
updated auto-generated files
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 7 22:20:10 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 7 13:17:56 2016 +0200
bumped versions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 7 13:16:41 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 7 09:30:18 2016 +0200
tests: do not run pkcs12-utf8 under windows
This test required to pass UTF8 data under command line, and that
doesn't seem to work under windows.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 7 08:45:24 2016 +0200
_gnutls_ucs2_to_utf8: corrected use of WideCharToMultiByte in windows
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 6 18:45:17 2016 +0200
tests: added debugging info in conv-utf8
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 6 16:45:19 2016 +0200
tests: don't build cmocka tests with libutils - they conflict
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 6 15:58:59 2016 +0200
.gitlab-ci.yml: keep config.log in windows builds
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 6 15:14:01 2016 +0200
.gitlab-ci.yml: corrected typo for libidn installation in windows64
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 6 14:52:54 2016 +0200
.gitlab-ci.yml: install our internal cmocka for windows
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 6 13:18:10 2016 +0200
tests: added unit tests of _gnutls_utf8_to_ucs2 and _gnutls_ucs2_to_utf8
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 6 11:40:36 2016 +0200
libgnutls.map: export _gnutls_utf8_to_ucs2 and _gnutls_ucs2_to_utf8 for testing
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 26 14:49:07 2016 +0200
pkcs12: enhanced to allow encrypting using UCS2 passwords
That is use _gnutls_utf8_to_ucs2() to convert the provided
password to UCS2.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 26 15:56:19 2016 +0200
_gnutls_ucs2_to_utf8: fixed null termination check in windows code
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 26 14:48:24 2016 +0200
Added _gnutls_utf8_to_ucs2()
This function allows to convert between UTF8 to UCS2 big-endian.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 26 14:23:13 2016 +0200
tests: added tests for PKCS#12 decoding with UTF8 passwords
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 26 14:34:07 2016 +0200
pkcs7 encryption: corrected memory leaks
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 6 14:54:30 2016 +0200
Makefile: local-code-coverage-output always succeeds
Author: Martin Ukrop <mukrop@redhat.com>
Date: Fri Sep 2 10:30:54 2016 +0200
x509: Adjust IP name constraints behavior
- Modified IPv4/IPv6 interaction in name constraints -- IPv4 and IPv6 no have empty intersection (previously: were treated independently).
- Current behavior is more conservative -- in case of IPv4 constraint cert, subcerts will not be able to have IPv6 addresses.
- Tests updated accordingly.
- Behavior now matches NSS.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 6 09:05:59 2016 +0200
tests: added checks to verify behavior in writing pkcs11 objects
That is, verify that private keys are marked as private by default,
and public objects are marked as non-private by default.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 6 09:00:20 2016 +0200
p11tool: eliminated memory leak in --list options
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 6 08:49:01 2016 +0200
p11tool: do not mark written objects as private by default
That is, when --mark-private or --no-mark-private are not specified,
set non-private for public objects and private for private ones.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 5 18:16:57 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 5 18:15:25 2016 +0200
minitasn1: updated to latest git version
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 5 18:08:50 2016 +0200
_gnutls_encode_ber_rs_raw: simplified
That is, use a single allocation for temporary data.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 5 13:05:17 2016 +0200
.gitlab-ci.yml: use fedora24 with address sanitizer
The fix in fbb9618b25b77c65e24a6ce224d53bc9a0b81457 addresses
the problems with asan in fedora24.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 5 13:01:31 2016 +0200
tests: use LSAN_OPTIONS instead of ASAN_OPTIONS
New versions of address sanitizer do not parse this file
otherwise.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 5 09:48:24 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 5 09:41:30 2016 +0200
tests: corrected detection of 64-bit systems in softhsm.h
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 5 09:37:51 2016 +0200
tests: added check for PKCS#11 signature validity
That is, tests whether our generated DSASignatureValue with PKCS#11
contains r, s values that are non-negative, i.e., are zero padded
when necessary. This utilizes _gnutls_decode_ber_rs_raw().
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 5 09:29:24 2016 +0200
Introduced helper function _gnutls_decode_ber_rs_raw()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 3 11:39:57 2016 +0200
_gnutls_encode_ber_rs_raw: zero-pad values when necessary
This addresses issue when encoding values obtained via
PKCS#11 which may not be necessarily padded.
Resolves #122
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 3 10:23:49 2016 +0200
tests: template-test: use uniform way to detect 32-bit systems
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 1 12:35:55 2016 +0200
.gitlab-ci.yml: use the gitlab.com shared runners
This removes the need to administer custom runners (except for
the FreeBSD runner which cannot run under Linux), makes the
testing on other platforms such as Debian simpler, and allows
merge requests to pass through the CI.
Author: David Woodhouse <dwmw2@infradead.org>
Date: Tue Aug 30 15:26:27 2016 +0100
Import DTLS sliding window validation from OpenConnect ESP code
In this implementation, the end of the sliding window is always advanced
to the latest received packet, and we accept up to 64 packets before
that one. We no longer refuse to accept packets because they are
*too* far ahead of what we've already seen.
Some of the test cases are fixed up accordingly.
This matches the code in OpenConnect esp-seqno.c at commit 314ac65.
Author: Jussi Kukkonen <jussi.kukkonen@intel.com>
Date: Wed Aug 31 11:04:06 2016 +0300
tools: Use correct include dir with minitasn
This allows compiling certtool without libtasn headers.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 29 14:16:16 2016 +0200
nettle: removed unused variable in windows rng
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 29 13:52:24 2016 +0200
tests: don't run danetool.sh when not compiled with dane support
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 29 13:48:04 2016 +0200
tests: mini-dtls-record: modified expected order to account for new SW behavior
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 29 13:02:54 2016 +0200
dtls: ensure that the DTLS window doesn't get stalled
That is ensure that it is forwarded at least one place if more than 16
packets have been received since the first one.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 29 13:25:23 2016 +0200
tests: enhance the DTLS window unit test to account for lost packets
This adds tests for cases where many lost packets are encountered,
such as 50% of the packets received, as well as 3 consequent packets
being lost.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 26 16:52:19 2016 +0200
README.md: added coverage report [ci skip]
Author: David Woodhouse <dwmw2@infradead.org>
Date: Sun Aug 28 21:42:34 2016 +0100
gnutls_pkcs12_simple_parse: set the key value to null on failure
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 28 00:55:30 2016 +0200
tests: added basic operational check of gnutls_ocsp_resp_get_single()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 28 00:40:49 2016 +0200
gnutls_ocsp_resp_get_single: reorganized function to eliminate memory leaks
Simplified and optimized the function operation, by removing
unecessary memory allocations, as well as eliminate memory leaks
on certain error cases.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Aug 27 17:00:22 2016 +0200
ocsp: corrected the comparison of the serial size in OCSP response
Previously the OCSP certificate check wouldn't verify the serial length
and could succeed in cases it shouldn't.
Reported by Stefan Buehler.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 26 11:35:50 2016 +0200
tools: eliminated memory leaks in deinitialization
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 26 11:28:51 2016 +0200
tools: allow socket_bye() to be used for non-polite terminations
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 26 11:14:19 2016 +0200
tests: added suppressions.valgrind in ocsp-tests
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 25 15:48:03 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 25 15:46:06 2016 +0200
tests: added check for the decoding of pbes1-des-md5 key
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 25 17:27:16 2016 +0200
pkcs8: cleaned up PKCS#8 decoding from common code with PKCS#7
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 25 15:40:28 2016 +0200
pkcs8: added support for decryption with PBES1-DES-CBC-MD5
While this is a legacy (and insecure) cipher combination it is the
default output of openssl up until the 1.0.2 version. We introduce
this option to allow decrypting private keys from these versions of
openssl.
Author: raspa0 <raspa0@protonmail.com>
Date: Thu Aug 25 10:58:22 2016 +0200
fix memleak in pkcs11_get_random
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 25 09:57:55 2016 +0200
ocsptool: reduce memory leaks on execution
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 24 14:09:13 2016 +0200
tests: enable ocsp-must-staple-connection check
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 24 16:17:20 2016 +0200
doc: be more explicit about the usage of gnutls_global_init/deinit [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 24 14:41:33 2016 +0200
tests: don't use piped tee in pkcs8-decode
It would prevent error codes from being detected in the tests.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 24 14:04:52 2016 +0200
ocsptool: corrected bug in session establishment
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 24 13:57:00 2016 +0200
tests: ocsp-tls-connection: no longer check for netcat; it was not needed
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 24 13:39:43 2016 +0200
tests: added decoding of key with pbes2 and SHA256 PRF
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 24 13:32:04 2016 +0200
Added support for decrypting PKCS#8 files which use HMAC-SHA256 as PRF
This improves compatibility with new openssl versions.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 24 10:49:13 2016 +0200
Ported openssl format fix from openconnect
Patch by David Woodhouse
Author: raspa0 <raspa0@protonmail.com>
Date: Wed Aug 24 06:15:03 2016 +0000
src/pkcs11.c: fix mech_list out-of-bounds check
Author: Philippe Proulx <eeppeliteloop@gmail.com>
Date: Mon Aug 15 01:13:16 2016 -0400
gnutls_record_recv(): doc: push -> pull
Signed-off-by: Philippe Proulx <eeppeliteloop@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 22 16:32:34 2016 +0200
rnd-linux: added check for SYS_getrandom being defined
This allows to compile the getrandom() code in old Linux systems
which do not have the system call defined.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 22 16:29:09 2016 +0200
libdane: include minitasn1 headers
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 22 17:11:53 2016 +0200
gnutls-cli: do not exit if fast open is not supported
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 22 13:21:07 2016 +0200
gnutls-cli: added bufferring in starttls read of packets
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 22 13:34:44 2016 +0200
tests: added basic test of STARTTLS over FTP for gnutls-cli
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 22 09:03:41 2016 +0200
tests: added basic starttls functionality testing on gnutls-cli
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 22 09:13:50 2016 +0200
gnutls-cli: exit with error code 2 on starttls errors
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 22 08:57:23 2016 +0200
tests: fixed fastopen.sh to operate from cmd
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 22 08:47:57 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 22 08:46:04 2016 +0200
gnutls-cli: fixed the behavior when --starttls or --starttls-proto is given
The change of moving the handshake process as part of the socket establishment
broke the starttls functionality in gnutls-cli. This change fixes that functionality.
Reported by Andreas Metzler.
Author: SUMIT AGGARWAL <aggarwal.s@samsung.com>
Date: Fri Aug 19 11:58:39 2016 +0200
Fix HANDLE_LEAK and memory leak issues.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 22 08:18:15 2016 +0200
gnutls-cli: print 'Handshake was completed'
The change of moving the handshake process as part of the socket
establishment, prevented the text 'Handshake was completed' from
being printed as part of a successful handshake. That message was
used by applications like gnus which use gnutls-cli. This patch
reverts that change and prints that message on successful handshakes.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 10 14:43:03 2016 +0200
tests: openpgp-certs tests were moved to cert-tests
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 10 14:07:03 2016 +0200
gnutls_key_generate: fail if the state of the library is invalid
Suggested by Stephan Mueller.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 10 13:35:33 2016 +0200
tests: mini-dtls-hello-verify: ignore SIGPIPE to avoid unexpected crashes
Resolves: #119
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 9 12:00:57 2016 +0200
gnutls_safe_renegotiation_status: changed return type to unsigned
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 9 11:12:16 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 9 10:54:09 2016 +0200
tests: removed unused variables from tests
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 9 10:45:00 2016 +0200
doc update
Author: Martin Ukrop <mukrop@redhat.com>
Date: Thu Jun 23 12:11:18 2016 +0200
tests: Add tests for X509 IP constraints
- Add dedicated test file name-constraints-ip for IP tests.
- Test the following:
* Generation and saving of valid name constraints.
* Trying to save invalid IP constraints.
* Reading the saved constraints.
* constraints_check() calls for both IPv4 and IPv6.
* IP constraints intersection (simple, empty, mediocre, complicated).
* IPv4/IPv6 constraints interaction and various corner cases.
- IPs/CIDRs are printed in logs in case of failure.
- Add 2 new chain tests (positive, negative).
- Add generated test executable to ignored files.
Signed-off-by: Martin Ukrop <mukrop@redhat.com>
Author: Martin Ukrop <mukrop@redhat.com>
Date: Wed Jun 29 11:25:59 2016 +0200
x509: Add support for IP constraints
- IP constraints are now checked against the subject alternative
name field.
- Implemented IP name constraints merging.
- Added IP constraints validity checking during loading and getting
the name constraints object from the user.
- Add a convenience function name_constraints_node_new that allocates
a name constraints node and sets its fields. Use this new function
where applicable.
- Add documentation for is_nc_empty, _gnutls_name_constraints_node_free,
_gnutls_name_constraints_intersect.
- Small improvements elsewhere (polishing).
Signed-off-by: Martin Ukrop <mukrop@redhat.com>
Author: Martin Ukrop <mukrop@redhat.com>
Date: Wed Aug 3 19:40:55 2016 +0200
tests: Add more IP conversion unit tests
- Renamed ip-in-cidr test to ip-utils.
- Added built binary to .gitignore.
- Added new tests for gnutls_x509_cidr_to_rfc5280.
Signed-off-by: Martin Ukrop <mukrop@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 2 15:28:52 2016 +0200
tests: added unit test for ip_in_cidr function
Author: Martin Ukrop <mukrop@redhat.com>
Date: Wed Jun 29 11:23:40 2016 +0200
x509: Separate out IP handling functions
- Moved IP/CIDR to string conversion functions into separate
header and export privately for the use in tests.
- Placed ip_in_cidr() into separate header for easy testing
- Add publicly available function to convert text CIDR to RFC5280
format for the use in name constraints extension.
- certtool: Use GnuTLS exported CIDR functions instead of local ones.
- Export mask_to_prefix, mask_ip for internal GnuTLS use.
- Introduce new error value (malformed cidr) and add to description
functions in errors.c.
Signed-off-by: Martin Ukrop <mukrop@redhat.com>
Author: Martin Ukrop <mukrop@redhat.com>
Date: Thu Jun 23 12:33:15 2016 +0200
tests: Add corner case tests for name constraints, improve doc
- Added corner case test suite for DNS name constraints.
- Documentation update in chain tests.
Signed-off-by: Martin Ukrop <mukrop@redhat.com>
Author: Martin Ukrop <mukrop@redhat.com>
Date: Fri Jul 8 11:59:47 2016 +0200
Add more ignored files
* .tmp and .swp for text editor files
* Makefile.user created by Qt Creator
* gl/tests/ctype.h as it is generated from ctype.h.in
Signed-off-by: Martin Ukrop <mukrop@redhat.com>
Author: Stefan Sørensen <stefan.sorensen@spectralink.com>
Date: Mon Aug 8 13:31:18 2016 +0200
Change ca3 and related certificate to include an intermediate CA in the chain.
Also update a bunch of test-cases to support chains with an intermediate CA.
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 9 10:14:08 2016 +0200
Revert "tests: check gnutls_certificate_get_x509_crt with more than one certificates"
This reverts commit f7d884720b128ef86f6b9dc9fc498be89faf1732.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 9 09:35:03 2016 +0200
tests: do not run srp test when no SRP support is compiled in
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 8 11:49:04 2016 +0200
tests: moved child status error checking code in utils.h
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 9 07:46:42 2016 +0200
latex: updated sources for new functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 9 07:28:27 2016 +0200
updated auto-generated files
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 9 07:23:36 2016 +0200
released 3.5.3
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 8 16:30:10 2016 +0200
gnutls_transport_set_fastopen: added flags options
This will allow minor modifications to the semantics of the function
in the future, without introducing a new API.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 8 16:22:42 2016 +0200
doc update
Author: Stefan Sørensen <stefan.sorensen@spectralink.com>
Date: Mon Aug 8 13:31:15 2016 +0200
Fix gnutls_pkcs12_simple_parse to always extract the complete chain
gnutls_pkcs12_simple_parse was only collecting extra certificates that was
possible elements of the certificate chain when the extra_certs argument was
not NULL. Fix by allways collecting all the certificates, any unneeded
certificates are released before returning if extra_certs is NULL anyway.
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 8 16:08:29 2016 +0200
tests: check gnutls_certificate_get_x509_crt with more than one certificates
This would detect the issue in the "Fix invalid pointer operation in gnutls_certificate_get_x509_crt"
Author: Stefan Sørensen <stefan.sorensen@spectralink.com>
Date: Mon Aug 8 13:31:17 2016 +0200
tests: Use common ca3 test certificates in x509cert, x509dn and x509self tests.
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Author: Stefan Sørensen <stefan.sorensen@spectralink.com>
Date: Mon Aug 8 13:31:16 2016 +0200
tests: Remove zero-termination of gnutls_datum encapsulated certificates
This allows for memcmp comparison with certificates after processing.
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Author: Stefan Sørensen <stefan.sorensen@spectralink.com>
Date: Mon Aug 8 13:31:14 2016 +0200
Fix invalid pointer operation in gnutls_certificate_get_x509_crt
The access to the allocated crt_list variable was missing a pointer
dereference, leading to memory corruption for any certificate list with more
than one element.
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 7 12:56:21 2016 +0200
tests: added check for errors when importing illegal RSA keys
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 7 12:45:03 2016 +0200
x509: call the fixup functions after loading private keys
That way we can better report errors which relate to illegal
parameters being detected.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 7 12:06:39 2016 +0200
nettle: use rsa_*_key_prepare on key import
Previously we calculated the size of the key directly, but
by using the rsa_*_key_prepare we benefit from any checks that
may be introduced in the future. Specifically any checks for invalid
public keys (e.g., keys that may crash the underlying gmp functions).
This patch avoids calling rsa_private_key_prepare every time we construct
a nettle private key struct, because this function requires a bigint
multiplication. We call that function once on private key import.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 7 11:53:19 2016 +0200
tests: added missing backslash in key-tests Makefile
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 8 08:25:31 2016 +0200
Revert "nettle: use rsa_*_key_prepare"
This reverts commit c801a15bca9ea8f3f7abd4be48bebd36c54eeba2.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 7 11:41:47 2016 +0200
gnutls.h: moved all compatibility defines outside the enum
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 7 11:31:36 2016 +0200
prepared for release 3.5.3
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 5 15:55:47 2016 +0200
tests: use gnutls_record_set_timeout instead of kill child processes
That way we avoid issues like #118 which are caused by killing the child
process, and we also avoid deadlocks by making sure that recv will terminate
after a long delay.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 5 15:52:17 2016 +0200
tests: mini-record modify in a way to be more fail safe
That is, do not kill the child, but instead switch the roles of
child and parent, and add a timeout on recv to avoid infinite delays.
Relates: #118
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 5 15:20:48 2016 +0200
pkcs11: is_object_pkcs11_url -> is_pkcs11_url_object
Renamed function for clarity.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 5 09:46:14 2016 +0200
tests: ignore sigpipe in mini-record
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 5 09:30:14 2016 +0200
gnutls_fips140_mode_enabled: changed return type to unsigned
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 4 13:58:54 2016 +0200
doc: updated contribution guide with more info on test suite [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 4 10:22:50 2016 +0200
gnutls_pkcs11_privkey_status: return type changed to unsigned
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 4 09:57:04 2016 +0200
doc: added section on SCTP protocol [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 2 13:46:05 2016 +0200
tests: client-fastopen: removed seccomp conditional
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 2 13:34:18 2016 +0200
fastopen: improved error checking at connect()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 1 10:48:46 2016 +0200
nettle: use rsa_*_key_prepare
Previously we calculated the size of the key directly, but
by using the rsa_*_key_prepare we benefit from any checks that
may be introduced in the future. Specifically any checks for invalid
public keys (e.g., keys that may crash the underlying gmp functions).
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 29 15:00:06 2016 +0200
gnutls_transport_set_fastopen: doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 29 13:47:27 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 29 12:19:25 2016 +0200
getrandom: use SYS_getrandom instead of __NR_getrandom
These are identical definitions, but according to syscall()
SYS_getrandom is the expected value.
Author: Martin Ukrop <mukrop@redhat.com>
Date: Wed Jul 27 15:41:08 2016 +0200
x059: Fix asymmetry in name constraints intersection
- In _gnutls_name_constraints_intersect, if *_nc had a node of some type not present in _nc2, this was preserved. However, if it was vice versa (_nc2 having a type not present in *_nc), this node was discarded.
- This is now fixed.
- Removed redundant return value check that was accidentally left when refactoring from set_datum to explicit NULL setting.
Signed-off-by: Martin Ukrop <mukrop@redhat.com>
Author: Martin Ukrop <mukrop@redhat.com>
Date: Tue Jul 26 17:44:53 2016 +0200
tests: Add and improve chain tests
- Add a new chaintest testing the symmetry of merging name constraints of different types.
- Rename old name_constraints_but_no_name test to match other name constraints tests.
- Improve chain description of older name constraints tests.
Signed-off-by: Martin Ukrop <mukrop@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 28 14:34:15 2016 +0200
doc update [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 28 13:41:11 2016 +0200
configure: do not generate makefiles in removed dirs
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 28 13:37:31 2016 +0200
tests: updated paths for new location of p12 files
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 28 13:34:34 2016 +0200
tests: safe renegotiation tests are run from top dir
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 28 13:30:18 2016 +0200
tests: srp tests moved outside subdir
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 28 13:24:55 2016 +0200
tests: moved sha2 tests into cert-tests/
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 28 13:20:25 2016 +0200
tests: moved ecdsa tests to key-tests/
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 28 13:13:39 2016 +0200
tests: moved dsa tests into key-tests/
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 28 13:08:57 2016 +0200
tests: moved pkcs8 tests to key-tests/
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 28 13:04:31 2016 +0200
tests: key-tests: moved data files into data/ subdir
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 28 12:59:33 2016 +0200
tests: moved pkcs12 tests into cert-certs/ subdir
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 28 11:23:43 2016 +0200
more files to ignore
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Thu Jul 28 09:55:27 2016 +0200
Require compiler to support C99
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 28 13:59:26 2016 +0200
doc update
Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date: Sat Jul 9 13:03:55 2016 +0200
Add test for gnutls_x509_crt_list_import2 with flag GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED.
Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date: Sat Jul 9 12:24:33 2016 +0200
gnutls_x509_crl_list_import2 was ignoring the passed flags if all CTLs in the list fit within the initially allocated memory.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 28 10:51:40 2016 +0200
gnutls_certificate_get_peers may return an unsorted list
Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date: Sat Jul 9 11:53:52 2016 +0200
gnutls_x509_crt_list_import2 was ignoring the passed flags if all certificates in the list fit within the initially allocated memory.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 28 10:37:00 2016 +0200
x509: parse_tlsfeatures: move limit check at the point of addition
This prevents appending failures when verifying chains on certificates
which use the maximum allowed number of features. Suggested by Tim
Kosse.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 28 10:33:06 2016 +0200
tests: removed irrelevant comment
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 28 10:31:25 2016 +0200
correct the sign type of integers in debug message
Suggested by Tim Kosse
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 28 10:29:18 2016 +0200
verify_crt: simplified error setting
based on suggestion by Tim Kosse.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 28 10:12:46 2016 +0200
verify_crt: removed text on parameter no longer being present
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 27 23:36:20 2016 +0200
x509: avoid using int declaration within a for-loop
This addresses compilation problem with old compilers,
and brings consistency as this type of declaration is not
used in gnutls' code.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 27 23:32:28 2016 +0200
gnutls_global_init/deinit: don't use any locking during constructor
This ensures that there is no deadlock on unexpected errors, such
as missing symbols (e.g., on lazy linking). Reported by Ludovic Courtès.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 27 23:27:07 2016 +0200
rnd-linux: use better define check for linux systems
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 27 13:10:28 2016 +0200
gnutls_prf: document when its output matches gnutls_prf_rfc5705
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 27 11:05:59 2016 +0200
doc: gnutls_session_set_id: added since
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 27 10:38:47 2016 +0200
.gitlab-ci.yml: keep the guile logs as artifacts on test suite failure
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 27 09:20:52 2016 +0200
doc update
Author: David Walker <david.walker@vcatechnology.com>
Date: Wed Jul 20 12:43:26 2016 +0100
Add extra dependency flags
This fixes the build when the dependencies are split up during a cross-compile
Resolves: #113
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 26 15:14:33 2016 +0200
moved system-keys-win.c and system-key-dummy.c under system/
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 25 15:47:19 2016 +0200
split system.c to various files under system/
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 25 16:26:39 2016 +0200
gnutls.h: giovec_t is a typedef to iovec where that is available
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 26 13:37:43 2016 +0200
tests: added unit test for linux _rnd_get_system_entropy
This tests whether the function can operate as expected while being
interrupted by signals.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 26 12:03:54 2016 +0200
getrandom: loop around getrandom to get the requested number of bytes
This simplifies and enhanced the previous error handling code.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 26 11:45:30 2016 +0200
README.ci-runners: document asan and ubsan tags
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 26 15:17:35 2016 +0200
tests: removed pkcs1-padding from subdirs
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 26 15:10:49 2016 +0200
.gitignore: more tests files to ignore
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 26 14:59:34 2016 +0200
configure.ac: don't generate makefiles of moved tests
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 26 14:57:44 2016 +0200
tests: pkcs1-pad: moved to cert-tests
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 26 14:55:25 2016 +0200
tests: userid test moved to cert-tests/
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 26 14:51:59 2016 +0200
tests: rsa-md5-collision: run from top-level
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 26 14:29:45 2016 +0200
doc: updated documentation for gnutls_transport_set_int*
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 26 13:59:04 2016 +0200
doc: added section on reducing round-trips
That discusses TCP fast open with gnutls_transport_set_fastopen(), and false start.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 26 11:38:32 2016 +0200
tests: added test of gnutls_transport_set_fastopen
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon Jul 25 13:05:30 2016 +0200
tests: added test of TCP fast open using gnutls-cli and gnutls-serv
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon Jul 25 13:08:28 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 26 10:33:24 2016 +0200
tools: TLS handling has been incorporated into socket_open()
This is of particular usage to the server IP address loop, since
we can detect fast open errors and retry handshake to the next IP
address.
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon Jul 25 13:04:11 2016 +0200
gnutls-cli: added example usage of TCP fastopen
It is enabled with the new --fastopen option.
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Mon Jul 25 13:00:12 2016 +0200
Support TCP Fast Open
This introduces a new function gnutls_transport_set_fastopen().
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Signed-off-by: Tim Ruehsen <tim.ruehsen@gmx.de>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 26 11:09:56 2016 +0200
.gitlab-ci.yml: added asan tag for builds which require asan
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 26 11:08:12 2016 +0200
tests: pkcs11-privkey-fork: added explicit pkcs11 deinitialization
Also ignore known leaks for p11-kit.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 25 11:43:08 2016 +0200
mention ubsan in README [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 21 20:14:39 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 22 14:11:25 2016 +0200
tests: added checks for OCSP response file support
That is, check the usability of the APIs for setting and using
an ocsp response. This improves and makes more generic the
test suite API and test_cli_serv() in particular.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 22 15:36:55 2016 +0200
dtls: added a null pointer check in record_overhead
According to my reading this check is unnecessary as in
no case a null pointer can be encountered. However gcc6
warns about a null pointer derefence and thus adding it,
to be safe.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 22 14:43:49 2016 +0200
gnutls_x509_crt_check_hostname*: use unsigned a return value
This is to prevent issues to callers who may check for negative
error values.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 22 11:17:08 2016 +0200
doc update [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 22 11:08:32 2016 +0200
introduced: GNUTLS_E_UNAVAILABLE_DURING_HANDSHAKE
This error code is returned when the session resumption parameters
are requested during a handshake. That is, to increase the clarity
when requesting these parameters while false start is active and
the handshake is not complete even if gnutls_handshake() has returned.
Relates #114
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 21 18:58:24 2016 +0200
tests: added check of the return values of resumption data functions during false start
Relates #114
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 22 10:57:37 2016 +0200
doc: mention that the session data functions will fail prior to handshake completion
Author: Martin Ukrop <mukrop@redhat.com>
Date: Wed Jul 20 14:52:00 2016 +0200
x509: Fix DNS name constraints checking
- If the intersection of name constraints of the given type was empty, the results allowed all names instead of none.
- Fixed by adding an universal excluded name constraint in case the intersection for the particular type is empty.
- Moved the logic of creating a name constraint node copy from _gnutls_name_constraints_intersect to name_constraints_intersect_nodes (previously name_constraints_match), as intersecting IP addresses will require further processing (not just taking one of the compared nodes as was the implementation till now).
- GNUTLS_SAN_MAX added in order to comfortably iterate over SAN type enum.
Author: Martin Ukrop <mukrop@redhat.com>
Date: Wed Jul 20 14:29:40 2016 +0200
tests: Add DNS name constraints tests
- One chaintest with empty permitted intersection.
- Merge testset with 2 permitted constraints with empty intersection (intersected list is completely empty).
- Merge testset with 3 permitted constraints, 2 of which have empty intersection.
- Merge testset with 2 permitted constraints with empty intersection and one constraints of different type that remains (intersected list is not empty).
- Enhance failing function with suite number for easier comprehension.
Author: Martin Ukrop <mukrop@redhat.com>
Date: Wed Jul 20 14:28:20 2016 +0200
tests: Tidy up old X509 name constraints tests
- Use convenience functions for error checking and failure reporting.
- Drop explicit (de)initialization (prevents some not reed reachable memory due to PKCS11 subsystem not being deinitialized in the destructor).
- Use variables to count set permitted/excluded constraints instead of hard-coded numbers.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 21 16:07:56 2016 +0200
doc: clarify return codes in verification functions [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 21 16:02:42 2016 +0200
gnutls_certificate_verify_peers2: document that hostname comparison follows RFC6125
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 21 11:53:46 2016 +0200
rnd-getentropy: better handling of error printing with errno
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 21 11:51:05 2016 +0200
rnd-linux: make getrandom back-end robust against EINTR failures
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 20 13:36:38 2016 +0200
gnutls_init: doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 20 13:31:18 2016 +0200
tests: verify that GNUTLS_NONBLOCK is available as a definition
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 20 13:23:16 2016 +0200
gnutls.h: define elements of gnutls_init_flags_t
That is, define all the elements that were available prior
the move from #define to enum, to allow code relying on
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 20 13:07:44 2016 +0200
gnutls.h: documented the version various gnutls_init flags were introduced
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 20 11:27:35 2016 +0200
Moved the gnutls_x509_dn API functions to x509_dn.c
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 19 15:12:13 2016 +0200
tests: enhanced DN decoding tests with complex encoding
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 19 14:43:52 2016 +0200
RFC4514 DN decoding: allow decoding of raw ('#') items
In addition allow escaping prefix or suffix spaces as well as
the hash.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 19 14:21:16 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 19 14:10:08 2016 +0200
tests: enhanced DN decoding tests with encoding
This adds unit tests for gnutls_x509_dn_set_str().
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 19 14:09:06 2016 +0200
Added gnutls_x509_dn_set_str()
This allows initializing a gnutls_x509_dn_t structure via a DN string.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 19 13:45:08 2016 +0200
tests: utils: use vasprintf() where available
This allows printing long strings.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 19 13:35:13 2016 +0200
tests: added checks for the RFC4514 decoding via gnutls_x509_dn_get_str()
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Jul 19 12:08:23 2016 +0200
Remove redundant if expression from tests/mini-loss-time.c
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Tue Jul 19 11:08:10 2016 +0200
Fix tests/slow/cipher-openssl-compat.c for OpenSSL 1.1.0
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 18 18:02:25 2016 +0200
cfg.mk: no longer save config.rpath
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 18 16:36:27 2016 +0200
removed auto-generated files from the repository
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jul 17 09:37:22 2016 +0200
tests: removed an skipped failures due to bugs in softhsm 2.0.0
These are no longer an issue as the CI has been updated to softhsm
2.1.0, which addresses them, and they prevented catching the
GNUTLS-SA-2016-2 regression.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jul 16 18:12:27 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jul 16 17:19:02 2016 +0200
Dropped support for EGD random generator
This removes rarely tested code for systems which no longer exist
and simplifies code for Linux random generator.
Resolves #112
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 15 21:55:04 2016 +0200
configure: prevent a version of getentropy() in a linux libc to be used
For now, we auto-detect and switch between getrandom() and /dev/urandom
when the former is not available. With the complexity of dealing with
libc's that have the feature but kernel not supporting it, or vice versa
it is best keep things simple.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 15 21:38:02 2016 +0200
rnd-linux: added sanity check in getrandom output
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 15 18:57:01 2016 +0200
nettle: split the rnd-common to rnd-windows, rnd-getentropy, and rnd-linux
That is, to the windows random generator as well as the getentropy()
generator in BSDs, as well as the getrandom(), /dev/urandom,
and EGD generators on Linux systems.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 15 18:51:14 2016 +0200
rnd-common: added faster detection of getrandom based on GRND_NONBLOCK
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 15 15:31:16 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 15 14:58:07 2016 +0200
urandom: use st_ino and st_rdev to determine device uniqueness
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 15 14:34:38 2016 +0200
Added auto-detection of getrandom() system call in Linux systems
In addition use getrandom() via the syscall interface if it doesn't
exist in Libc. The reason for the latter is that getrandom() support
for glibc is in limbo for several years, and for auto-detection is that
even if it is going to be present in libc we will not be able to guarrantee
that the system call is available just because it is present in glibc.
For that we detect on initialization whether getrandom() can obtain
random data, and if yes, we continue using that.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 15 13:58:16 2016 +0200
tests: seccomp examples: use cert-common.h
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 14 10:00:19 2016 +0200
tests: enhanced arbitrary extension tests with octet_string encoding
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 14 09:43:28 2016 +0200
certtool: added the ability to encode arbitrary extensions
That is, added the ability to encode as an octet string any
specified extension data.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 14 09:21:16 2016 +0200
.gitlab-ci.yml: added expiration time of a week for failure artifacts
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 11 16:36:39 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 11 16:31:47 2016 +0200
tests: added basic testing of gnutls_x509_crq_set_extension_by_oid()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 11 16:13:12 2016 +0200
tests: added checks on certificate and request generation with arbitrary extensions
This tests the add_extension and add_critical_extension options of certtool.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 11 11:43:10 2016 +0200
certtool: added options to set arbitrary extensions to certificates and requests
This allows setting arbitrary extensions using the following new template options:
add_extension = "5.6.7.8 0x0001020304050607AAABCD"
add_critical_extension = "9.10.11.12.13.14.15.16.17.1.5 0xCAFE"
The "0x" prefix can be omitted.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 11 11:41:14 2016 +0200
added gnutls_x509_crq_set_extension_by_oid()
This is a function to add an arbitrary extension into a
certificate request.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 13 13:20:10 2016 +0200
doc: mention the need of libtasn1-tools in Fedora based systems [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 13 12:11:57 2016 +0200
doc update [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 11 10:54:09 2016 +0200
doc: mention libcmocka dependency
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jul 9 14:52:42 2016 +0200
tests: added unit testing for DTLS sliding window implementation
This was taken from the unit testing of AF_KTLS.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 10 23:14:03 2016 +0200
dtls: imported Fridolin's DTLS sliding window implementation
This simplifies the current code, and reduces the memory needed.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 10 22:42:21 2016 +0200
dtls: moved DTLS window handling to separate file
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 12 18:37:53 2016 +0200
ex-client-x509: removed unused call to gnutls_session_set_ptr()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 12 14:48:14 2016 +0200
libtasn1: updated to allow large OIDs to be used even on 32-bit systems
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 11 17:44:28 2016 +0200
doc: updated contribution guide
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 11 17:43:04 2016 +0200
doc: updated contribution guide
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 11 17:19:16 2016 +0200
tests: link the resume tests to gnulib due to their missing memmem()
This fixes compilation of gnutls in solaris. Reported by Dagobert Michelsen.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 8 14:26:38 2016 +0200
NEWS: corrected release date [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 7 22:55:48 2016 +0200
.gitlab-ci.yml: keep the artifacts on failure
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 7 21:00:56 2016 +0200
write_nss_key_log: write the premaster secret while it is still valid
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 7 20:55:03 2016 +0200
updated libtasn1
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 6 08:43:58 2016 +0200
released 3.5.2
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 5 18:40:32 2016 +0200
cfg.mk: reduced the generated changelog size
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 5 18:37:15 2016 +0200
bumped version
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 5 12:03:51 2016 +0200
tests: ignore any memory leaks from libcrypto
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 5 11:33:54 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 1 13:51:18 2016 +0200
asm: updated openssl and the asm sources for AES-GCM from openssl 1.0.2h
This improves the performance of AES-GCM significantly by taking
advantage of AVX and MOVBE instructions where available. This
utilizes Andy Polyakov's code under BSD license.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 5 11:44:59 2016 +0200
tests: when testing with openssl disallow any CPU optimizations
This ensures that we test our optimized code (which is mostly
openssl based), with code that is not identical.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 1 14:29:40 2016 +0200
tests: added openssl compatibility tests for AES-GCM cipher
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 5 11:41:20 2016 +0200
dane: corrected the license of libdane files
The license was always LGPL version 2.1, and these
files mentioned LGPL version 3. Reported by Thomas
Petazzoni.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 4 17:29:30 2016 +0200
tests: ignore leaks due to p11-kit in test suite
This addresses issue in "pkcs11-privkey-fork" which failed
when compiled under asan due to leaks in p11-kit after fork.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 4 15:28:27 2016 +0200
tests: added check to ensure that pkcs11 objects will be reopened on fork
This checks whether C_Initialize() and C_OpenSession() will be called
again when using a PKCS#11 module.
Resolves #95
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 4 15:19:32 2016 +0200
pkcs11: on object import always check for a support public key algorithm
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 1 15:29:58 2016 +0200
gnutls_aead_cipher_decrypt: corrected the return value of ptext_len
That is, do not account the tag_size into the plaintext.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 30 15:29:44 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 30 15:22:22 2016 +0200
configure: check for libdl irrespective of FIPS140 configuration
This allows to link to libdl for the tests that require it.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 30 13:44:57 2016 +0200
tests: account pkcs11/pkcs11-mock-ext.h in Makefile
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 30 13:41:51 2016 +0200
tests: link pkcs11-import-url-privkey with libdl
That is because it uses dlopen().
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 30 10:47:02 2016 +0200
more files to ignore
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 30 09:34:33 2016 +0200
tests: avoid compiler warning from pkcs11-pubkey-import
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 30 09:30:47 2016 +0200
tests: added check to verify the tolerance of broken C_GetAttributes
That is, test gnutls_pkcs11_obj_list_import_url4() when importing
private keys from tokens that return CKR_OK on sensitive objects,
and tokens that return CKR_ATTRIBUTE_SENSTIVE.
Relates #108
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 30 09:11:40 2016 +0200
pkcs11_get_attribute_avalue: correctly handle a -1 value length from C_GetAttributeValue
That is, work-around modules which do not return an error on sensitive
objects.
Relates #108
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 29 18:52:22 2016 +0200
pkcs11_get_attribute_avalue: do not assign values on failure
When C_GetAttributeValue() returns size but does not return data
then pkcs11_get_attribute_avalue() would set the return data pointer
to a free'd value. This is against the convention expected by callers,
i.e, set data to NULL. Reported by Anthony Alba in #108.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 29 17:25:06 2016 +0200
tests: use datefudge in name-constraints test
This avoids the expiration of the used certificate to affect the test.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 28 09:17:13 2016 +0200
tests: link libpkcs11mock1 with gnulib
This allows it to use gnulib for strndup where it is needed.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 28 09:15:55 2016 +0200
p11tool: do not return from void functions
This fixes a compilation issue with solaris compiler. Reported
by Peter Eriksson.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 24 11:01:35 2016 +0200
doc: mention the boolean functions in the gnutls API
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 24 10:55:37 2016 +0200
tests: removed remainders of pkcs11 tests from suite/
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 24 08:37:03 2016 +0200
gnutls_pkcs11_crt_is_known: changed to unsigned type
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 23 23:24:19 2016 +0200
tests: pkcs11-is-known: check that no flags enforce compare
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 23 23:13:50 2016 +0200
gnutls_pkcs11_crt_is_known: always assume GNUTLS_PKCS11_OBJ_FLAG_COMPARE unless GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED is given
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 23 23:06:29 2016 +0200
tests: moved pkcs11-softhsm test suite into pkcs11/
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 23 22:40:26 2016 +0200
find_cert_cb: minor cleanups in find_cert_cb
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 23 22:25:06 2016 +0200
tests: added more unit tests for gnutls_pkcs11_crt_is_known()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 22 18:04:45 2016 +0200
dn2: updated to account for serial number being printed
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 22 18:01:15 2016 +0200
tests: corrected create-chain.sh to remove the ocsp_signing_key from generated certs
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 22 18:00:03 2016 +0200
tests: replaced tls feature extension checks
The previous checks had incorrect key purpose check on the final
(root) certificate.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 22 17:31:30 2016 +0200
enhanced debugging messages for cert verification
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 22 17:09:54 2016 +0200
x509: print serial number in compact output
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 22 16:49:42 2016 +0200
tests: include softhsm.h into dist files
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 22 15:27:05 2016 +0200
pkcs11: correctly encode the serial number when searching for certificate
In gnutls_pkcs11_crt_is_known() corrected the encoding of the
serial number to TLV DER from LV DER. This is the encoding we
use when storing that number.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 22 15:50:51 2016 +0200
pkcs11: correctly account check_found_cert()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 22 13:50:48 2016 +0200
gnutls-cli-debug: replaced draft-ietf-tls-chacha20-poly1305-04 with RFC7905
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 20 12:07:03 2016 +0200
gnutls-cli: benchmark the memcpy performance to compare with ciphers
Also ensure that we use different memory areas for each operation
to avoid measuring better performance due to caching.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 16 11:53:55 2016 +0200
doc update [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jun 19 15:48:21 2016 +0200
doc: corrected typo
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jun 19 13:06:15 2016 +0200
Sync with TP.
Author: Andreas Metzler <ametzler@debian.org>
Date: Sat Jun 18 18:36:13 2016 +0200
Typo fixes (found by lintian): extention, reencode
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 16 11:51:42 2016 +0200
tests: added check for handshake packet reconstruction
This tests whether a split handshake packet is properly reconstructed
if the parts are switched.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 16 11:37:30 2016 +0200
dtls: corrected reconstruction of handshake packets received out of order
That is, when the handshake packet is split into multiple different
chunks and received out of order, make sure that reconstruction occurs
properly. Reported by Guillaume Roguez.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 16 10:08:34 2016 +0200
Corrected the writing of serial number in PKCS#11 modules
That is previously the serial number was written in raw format, but
in PKCS#11 the serial number must be set encoded as integer. Report
and fix by Stanislav Zidek.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 15 13:50:54 2016 +0200
ext: ecc: replaced SUPPORTED ECC POINT FORMATS with better formatted name
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 15 09:21:10 2016 +0200
tests: disable SRP-base64 encode/decoded tests when SRP is disabled
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 14 19:46:55 2016 +0200
.gitlab-ci.yml: restrict windows build checks to tests/ subdir [ci skip]
That is because there is an issue with the gnulib self tests when
run under windows.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 14 16:43:50 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 14 16:35:55 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 14 16:32:21 2016 +0200
released 3.5.1
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 14 16:31:35 2016 +0200
tests: added missing files
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 14 15:24:48 2016 +0200
updated auto-generated files
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 14 15:23:04 2016 +0200
tests: fixed the path of cert-tests files and added missing files in Makefile.am
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 14 15:17:33 2016 +0200
more files to ignore
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 1 10:21:54 2016 +0200
tests: verify the resilience of the TLSFeature handling functions on large number of features
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 1 10:02:56 2016 +0200
tlsfeature: impose a maximum number of supported TLS features
This avoids many allocations and simplifies handling of the features.
The currently set maximum number of TLS features aligns with the
maximum number of supported TLS extensions.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 1 09:51:01 2016 +0200
tests: added unit test for gnutls_x509_tlsfeatures_check_crt
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 31 16:07:44 2016 +0200
During PKIX chain verification check the TLSFeatures compliance
This verifies whether a chain complies with RFC7366 p.4.2.2 requirements.
That is whether the issuer's features are a superset of the certificate
under verification.
This enhances gnutls_x509_crt_get_tlsfeatures() to allow appending
of TLSFeatures, and introduces gnutls_x509_tlsfeatures_check_crt().
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 31 15:10:27 2016 +0200
verify_crt: moved all verification state into a common structure
This allows for easier extension of state.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 31 09:28:28 2016 +0200
tests: added chain verification with TLS features
That adds checks for the RFC7633 requirements for intermediate
and CA certificates (p. 4.2.2).
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 14 14:37:49 2016 +0200
bumped version
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 14 14:37:12 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 14 14:01:56 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 14 13:49:28 2016 +0200
tests: verify the operation of honor_crq_ext template option
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 14 13:41:24 2016 +0200
tests: common.sh will export the required TZ for datefudge tests
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 14 13:24:03 2016 +0200
tools: avoid using deprecated types
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 14 13:23:03 2016 +0200
certtool: allow copying specific certificate request extensions to certificate
This introduces the honor_crq_extension multi-line template option.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 14 13:13:32 2016 +0200
tests: added check on gnutls_x509_crt_set_crq_extension_by_oid()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 14 11:19:50 2016 +0200
Added gnutls_x509_crt_set_crq_extension_by_oid()
This allows copying specific OIDs from a certificate
request to the certificate.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 14 09:59:20 2016 +0200
tests: moved check for datefudge in scripts/common.sh
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 14 09:55:04 2016 +0200
tests: cert-tests: moved all data files in separate subdir
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 14 09:36:29 2016 +0200
tests: cert-tests: moved templates into subdir
Author: Daniel P. Berrange <berrange@redhat.com>
Date: Fri Jun 10 13:41:22 2016 +0100
tests: test trailing comma in system priorities
Add tests which verify behaviour when the list of system
priorities has a trailing ','. Avoid crash in test suite
if the test unexpectedly succeeds when expected_str is
NULL.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 10 13:56:23 2016 +0200
tests: added check of DTLS rehandshake for upgrade
That is check whether anon -> cert renegotiation works.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 10 13:43:36 2016 +0200
tests: added check of DTLS rehandshake when using PKIX certs
This complements the existing DTLS rehandshake test using anonymous
ciphersuites.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 9 18:55:02 2016 +0200
tests: document some details in system-prio-file [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 9 17:40:49 2016 +0200
doc: mention the usage of the _gnutls_resolve_priorities function in testsuite
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 9 17:38:29 2016 +0200
doc: mention the fallback keyword support in manual
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 9 17:36:12 2016 +0200
tests: added checks for system priority file fallback mechanism
Author: Daniel P. Berrange <berrange@redhat.com>
Date: Fri Jun 3 16:57:02 2016 +0100
gnutls_priority_init: multiple @KEYWORD lookups with fallback
The support for using "@KEYWORD" as a priority string is very
useful to separate selection of priorities from application
specific code or config files. It is, however, not general
enough to fully serve all reasonable use cases.
For example, consider an application sets
gnutls_priority_set_direct(session, "@SYSTEM", NULL);
The system administrator can modify the global priorities
file to change what "@SYSTEM" resolves to for all apps using
GNUTLS. As soon as one application wishes to have a slightly
different configuration from others on the host, you have to
go back and start modifying application specific configuration
files once more. This is bad for the system administrator as
it means there's no longer one single place where they can
see the priority configuration for all apps.
They may try to get around this problem by configuring the
app to use a different keyword, instead of a full priority
string, eg "@LIBVIRT". So the global priorities file can
now define entries for both "SYSTEM" and "LIBVIRT". This
has still placed a burden on the administrator change the
config in two places - both libvirt config files and the
global priorities file.
What is more desirable is if applications were able to provide
a list of keywords that would be tried in order, picking the
first that existed. For example, libvirt could be written to
request the following by default
gnutls_priority_set_direct(session, "@LIBVIRT,SYSTEM", NULL);
With this, gnutls would first try to find the "LIBVIRT" keyword
in the global configuration file, and if that is not present,
then it would fallback to trying to find the "SYSTEM" keyword.
This provides nice "out of the box" behaviour for system
administrators, whereby the app would be using "SYSTEM" initially
and if the admin wishes to give the app a custom configuration,
they can simply modify the global priorities file to add in the
application specific keyword "LIBVIRT". There is never a need
for the sysadmin to modify any application specific configuration
files any more. It is exclusively controlled in one place via the
global priorities file.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 9 17:20:22 2016 +0200
tests: enhanced system priority file testing
This checks whether appending to system priority options work.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 9 17:21:57 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 9 17:01:06 2016 +0200
doc: remove all references to openpgp auth example
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 9 16:48:14 2016 +0200
doc update
Author: Daniel P. Berrange <berrange@redhat.com>
Date: Fri Jun 3 14:59:11 2016 +0100
_gnutls_resolve_priorities: always try to re-read sys priority file
Previously if the system priority file was edited, that would
take effect on the very next TLS session an application created.
As of:
commit 006b89d4464ae1bb6d545ea5716998654124df45
Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Fri Apr 1 10:46:12 2016 +0200
priorities: preload the system priorities on library loading time
It is required to restart every application after changing the
system priority file to get changes to take effect.
Further, for applications running in a chroot, it will no longer
honour a system priority file that may exist inside the chroot,
always using the originally cached data from outside the chroot.
This patch changes the caching so that we always try to reload
the cache of system priorities. A mtime check is used to avoid
actually re-reading the file unless its content has obviously
changed. If the file no longer exists, the cache will not be
invalidated. This ensures that the current priority file is
always honoured, whether inside a chroot or not, while at the
same time allowing apps to work in a chroot when no system
priority file is present.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 8 19:38:07 2016 +0200
doc: remove references to GNUTLS_KEYLOGFILE
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 6 19:33:34 2016 +0200
tests: renamed rehandshake checks for clarity
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 6 18:47:28 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 6 18:43:12 2016 +0200
keylogfile: only consider the SSLKEYLOGFILE variable
In addition do not check the environment in the constructor
but instead use static variables to save the key file name.
The GNUTLS_KEYLOGFILE environment variable is no longer used
since there is no reason to have a separate one.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 6 18:39:18 2016 +0200
lib: eliminated the use of deprecated variables
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jun 4 11:42:21 2016 +0200
doc: removed OpenPGP examples
Relates #102
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jun 4 11:36:34 2016 +0200
pkcs12: corrected return type of gnutls_pkcs12_bag_get_type()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 3 17:07:28 2016 +0200
tests: move pkcs11-cert-import-url4-exts with the other pkcs11 tests
This prevents a build failure in windows.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 3 15:01:59 2016 +0200
doc clarify the version since when GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT is accepted
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 3 14:53:04 2016 +0200
tests: corrected typo in crl-test
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 3 14:24:32 2016 +0200
tests: check gnutls_pkcs11_obj_list_import_url4() with GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 3 14:50:45 2016 +0200
gnutls_pkcs11_obj_list_import_url4: accepts the GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT flag
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 3 14:41:25 2016 +0200
gnutls_pkcs11_obj_list_import_url3: rewritten to use gnutls_pkcs11_obj_list_import_url4
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 3 14:29:45 2016 +0200
pkcs11: use ctx as variable name for ck_object_handle_t for clarity
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 3 13:47:44 2016 +0200
pkcs11: doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 2 14:37:11 2016 +0200
doc update [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 2 14:28:52 2016 +0200
_gnutls_check_key_purpose: in CA certificates treat the SGC key purpose as GNUTLS_KP_TLS_WWW_SERVER
This is a hack for certain very old CA certificates lurking around which instead
of having the GNUTLS_KP_TLS_WWW_SERVER have some old OIDs for that purpose. Consider
these OIDs equivalent to GNUTLS_KP_TLS_WWW_SERVER in marked as CA certificates.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 2 09:22:26 2016 +0200
gnutls-cli: --save-ocsp will work even if verification fails
That is, allow saving the response even if the OCSP response caused
a verification error. That way the response can be examined for possible
issues.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 2 09:20:13 2016 +0200
ocsp: attempt harder to figure an OCSP staple issuer
That is, check initially against the trust list set on the credentials,
and if verification is not possible attempt with all certificates in
the chain as possible issuers. The reason of this enhancement is the
few servers have an OCSP response signed not by their direct CA but
rather by one of the higher level CAs.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 1 14:10:59 2016 +0200
tests: added comprehensive OCSP test suite with MUST-staple PKIX extension
This includes the tests:
- Server with valid certificate - no staple
- Server with valid certificate - valid staple
- Server with valid certificate - invalid staple
- Server with valid certificate - unrelated cert staple
- Server with valid certificate - expired staple
- Server with valid certificate - old staple
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 1 10:09:54 2016 +0200
tests: utils: added c_print()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 1 10:33:15 2016 +0200
ext: status_request: added more descriptive name
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 1 14:15:49 2016 +0200
ocsp: fail certificate verification on expired or too old revocation data info
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 1 14:13:52 2016 +0200
ocsp: Introduced GNUTLS_CERT_INVALID_OCSP_STATUS
This verification status flag indicates an OCSP status response
being stapled but it being invalid for some reason (e.g., unable
to parse or doesn't contain the expected certificate).
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 1 14:38:32 2016 +0200
doc: improved OCSP description and mention RFC7633
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 31 16:52:06 2016 +0200
tests: added basic check for gnutls_url_is_supported
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 31 16:47:34 2016 +0200
gnutls_url_is_supported: type changed to unsigned
In addition function documentation was updated.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 31 16:42:22 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 31 16:37:34 2016 +0200
pubkey_to_bits: return type was changed to unsigned
This function did not return signed data, so the "int" return
type was confusing.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 31 16:16:38 2016 +0200
crypto-selftests: removed unneeded cast
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 31 13:49:13 2016 +0200
several sign-related API changes
This replaces the usage of "int" in functions which could only
have accepted an "unsigned" value. Also functions which return
unsigned values are explicitly tagged as such. The ABI remains
the same with these changes.
This allows easier catching of sign/unsigned related errors from
the calling applications.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 31 11:40:00 2016 +0200
x509: simplified _gnutls_x509_get_tbs()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 31 10:08:14 2016 +0200
x509: replace the bool type with the unsigned type
This allows to rely on gcc warnings for improper checks and
conversions. Unfortunately gcc does warn on invalid checks for
the bool type (e.g., b<0).
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 31 10:00:18 2016 +0200
configure: enable the type-limits gcc warnings
In addition remove the unsafe-loop-optimizations warning
as they were not helpful.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 31 08:59:47 2016 +0200
certtool: doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 30 22:28:23 2016 +0200
DCO: added Tim Kosse [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 30 15:19:15 2016 +0200
tools: modify canonicalize_host to not depend on in6_addr
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 30 15:17:06 2016 +0200
tests: added unit tests for gnutls_x509_tlsfeatures_t handling funcs
This includes DER import/export as well as feature appending.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 30 14:19:20 2016 +0200
tests: tlsfeature-test will ignore the 'Algorithm Security Level' line in comparisons
That is to allow depending on the certificate output validation without
relying on "moving" parameters such as the Algorithm Security Level.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 30 13:47:14 2016 +0200
tests: verify whether the TLSFeatures extension is copied
Verify whether the TLSFeatures extension is copied from the certificate
request to the generated certificate.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 30 13:34:17 2016 +0200
doc: updated since version of tlsfeature functionality and documented new functions
Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date: Fri Jan 15 14:45:03 2016 +0100
tests: add testcase to check for missing status request
That is verify whether the OCSP MUST-staple extension, as can be
deduced from RFC7633, is accounted during handshake.
Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date: Fri Jan 15 14:45:42 2016 +0100
Reset extensions_sent_size only at start of handshake
That is, do not reset it when completing it so that we can
use the negotiated extensions even after the handshake is
complete.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date: Sun Dec 20 15:09:24 2015 +0100
Account the TLSFeature certificate extension in certificate verification
That is, account for the OCSP-Must staple extension. If we have sent an OCSP
status request and have not gotten anything, but the certificate has the
Status Request TLSFeature extension present, fail to verify the certificate.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 30 12:57:55 2016 +0200
tools: allow specifying a hostname with a port attached
That is: gnutls-cli www.example.com:443 is equivalent to
gnutls-cli www.example.com -p 443
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 30 12:35:45 2016 +0200
tests: check the generation and printing of TLS feature PKIX extension
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 30 11:23:39 2016 +0200
doc: document tls_feature option in the sample template
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 30 10:55:46 2016 +0200
TLS extensions: use more human-friendly names
This is required to provide better output to gnutls_ext_get_name()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 30 10:50:38 2016 +0200
exported function to convert TLS extension numbers to strings
The exported function is gnutls_ext_get_name()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 30 10:45:46 2016 +0200
x509/output: print the extension name of TLSFeatures
Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date: Thu Jan 7 11:27:13 2016 +0100
Implement setting the TLS features extension on certificates via certtool's template file.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 30 10:20:00 2016 +0200
libgnutls.map: exported the tlsfeatures-related functions
Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date: Fri Jan 15 11:34:31 2016 +0100
Add functions to get/set the tlsfeatures to certificate requests.
Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date: Mon May 30 09:57:42 2016 +0200
Added gnutls_x509_crt_set_tlsfeatures
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date: Mon May 30 09:52:15 2016 +0200
Added functions to add features and convert tlsfeatures back to DER
That adds:
gnutls_x509_ext_export_tlsfeatures
gnutls_x509_tlsfeatures_add
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date: Fri Jan 15 13:48:10 2016 +0100
Move call to terminate() until after printing the error message.
Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date: Fri Jan 15 12:04:00 2016 +0100
Fix the description of two testcases.
Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date: Mon May 30 09:45:29 2016 +0200
Added functions to parse the TLSFeatures X.509 extension.
In addition provide function to enumerate the features it lists,
and output information with the output functions.
This adds:
gnutls_x509_tlsfeatures_init
gnutls_x509_tlsfeatures_deinit
gnutls_x509_tlsfeatures_get
gnutls_x509_ext_import_tlsfeatures
gnutls_x509_crt_get_tlsfeatures
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Andreas Metzler <ametzler@debian.org>
Date: Sun May 29 11:53:22 2016 +0200
Typo fix: auxilary -> auxiliary [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 28 22:26:48 2016 +0200
tests: added DTLS 0.9 check with AES-128-GCM
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 28 19:57:09 2016 +0200
gl: secure_getenv() will behave as getenv on windows
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 28 19:32:12 2016 +0200
tests: corrected definition of CryptSignHash in mock crypt32
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 28 09:55:53 2016 +0200
Rely on gnulib's secure_getenv()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 28 09:55:07 2016 +0200
x86-common: use secure_getenv()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 27 22:48:48 2016 +0200
configure.ac: check for secure_getenv where available and always enable system extensions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 27 22:34:53 2016 +0200
tests: keylog-env will check for SSLKEYLOGFILE as well
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 27 22:26:02 2016 +0200
env: use secure_getenv when reading environment variables
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 27 22:21:50 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 27 22:19:40 2016 +0200
Append keys on keylogfile
Also consider the SSLKEYLOGFILE variable, since the format is
identical and we are always appending keys.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 26 11:05:40 2016 +0200
tests: ssl2-hello check is made conditional
It is only run if ENABLE_SSL2 is defined.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 26 11:04:27 2016 +0200
.gitignore: more files to ignore
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 26 11:02:34 2016 +0200
tests: added SSL2.0 client hello parsing check
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 26 10:58:19 2016 +0200
tests: added small text clarifying the purpose of the cert-common.h header
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 24 13:45:32 2016 +0200
tests: add an upper limit in the run of compat tests
This allows the test suite to recover from the case of DTLS implementations
that do not properly retransmit and block on lost packets.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 24 13:27:12 2016 +0200
doc: advise against using the TPM-specific API
It is restricted to TPM 1.2, and there are fine PKCS#11 wrappers that
will provide identifical functionality.
Relates #101
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 24 10:08:14 2016 +0200
.gitlab-ci.yml: corrected typo preventing the no-SSL 3.0 test part to be properly run
Also test the --disable-ssl2-support option.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 24 09:58:12 2016 +0200
Amend the "Allow for conditional compilation of SSL 3.0 protocol patch"
That is fix bug introduced by an incorrect #ifdef, and unconditionally
provide access to certificate callbacks.
This amends 89faab9e9e9123f39e8c0c6f8da1f67de423254a
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 24 09:17:53 2016 +0200
doc: updated text on priority strings
Refer to RFC7685 for the TLS padding extension (%DUMBFW),
and mention the default behavior for the TLS client hello record version.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 23 11:33:53 2016 +0200
pkcs11: added sanity check to find_obj_url_cb() for object validity
Also avoid unnecessary recursion.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 21 06:24:47 2016 +0200
tests: run compatibility checks in parallel for various modifiers
That is, the various %NO_ETM, %COMPAT, ... modifiers are checked
in parallel in the testcompat suite, reducing the overall running
time significantly.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 21 05:39:21 2016 +0200
tests: enhance TLS version checks with DTLS
That is we check whether DTLS-1.0 and DTLS-1.2 can be negotiated
using the NORMAL priority string. We also add a custom check for
DTLS-0.9 as this is not fully supported for negotiation.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 20 17:44:46 2016 +0200
tests: use /bin/bash in tests which require common.sh
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 20 15:04:22 2016 +0200
.gitlab-ci.yml: minimal build disables SSL2 client hello
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 20 15:03:41 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 20 15:01:49 2016 +0200
Allow for conditional compilation of SSL 2.0 client hello support
This allows to completely remove SSL 2.0 support by calling configure
with the '--disable-ssl2-support' option.
Relates #97
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 20 14:54:38 2016 +0200
Amend: Allow for conditional compilation of SSL 3.0 protocol
This patch makes conditional several more SSL 3.0-only parts of codebase.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 20 14:47:27 2016 +0200
CONTRIBUTING.md: link to milestones instead of all issues
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 20 14:42:12 2016 +0200
tests: mini-x509-cas: use cert-common.h
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 20 14:41:08 2016 +0200
CONTRIBUTING.md: doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 20 12:07:57 2016 +0200
tests: do not use pkglib to generate libpkcs11mock1.so
This resulted in the test library being installed. Install we use noinst
for the library, but pass -rpath to LDFLAGS as a hack to for libtool
to generate the shared version.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 19 12:08:13 2016 +0200
configure.ac: increased stack size usage to reduce warnings
Also remove gcc flags from the banned list that no longer pose
and issue.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 20 07:45:46 2016 +0200
announce.txt: updated list email address
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 19 10:56:52 2016 +0200
priority: CCM ciphersuites was promoted over the CBC ones
Also make explicit the prioritization rules for the default set
of ciphers.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 19 09:24:13 2016 +0200
gnutls-cli: allow operation with stdin input
That is once commands from stdin are given, they are not only sent to server,
but we also wait for a response prior to exiting.
Resolves #96
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 18 14:00:06 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 18 22:24:33 2016 +0200
tests: ocsp-tls-connection: use /bin/bash since we rely on the $RANDOM variable
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 18 22:20:47 2016 +0200
tests: use _putenv() for setting environment on windows
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 18 21:15:38 2016 +0200
tests: added check to verify that keylog file is being written
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 18 16:38:13 2016 +0200
doc: documented the GNUTLS_KEYLOGFILE environment variable
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 18 16:31:28 2016 +0200
Write session keys into a file when GNUTLS_KEYLOGFILE is exported
That is the file pointed from the variable is written to, and contain
the session parameters in the following format (identical to NSS key
log format):
CLIENT_RANDOM <space> <64 bytes of hex encoded client_random> <space> <96 bytes of hex encoded master secret>
and for the old RSA ciphersuites also in the format:
RSA <space> <16 bytes of hex encoded encrypted pre master secret> <space> <96 bytes of hex encoded master secret>
Resolves #64
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 18 13:39:06 2016 +0200
systemkey: corrected help output
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 18 13:36:11 2016 +0200
doc: document the systems supported via systemkeys API
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 17 14:13:26 2016 +0200
doc update [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 17 10:35:39 2016 +0200
gnutls-cli: corrected check for OCSP verification success
Author: Thomas Klute <thomas2.klute@uni-dortmund.de>
Date: Fri Apr 29 02:50:31 2016 +0200
Test case for gnutls-cli --ocsp
This new test case checks if gnutls-cli accepts OCSP responses for a
valid and a revoked server certificate when establishing TLS
connections. Uses the OpenSSL OCSP responder.
Signed-off-by: Thomas Klute <thomas2.klute@uni-dortmund.de>
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 17 09:23:22 2016 +0200
INSTALL.md: no longer reference libgcrypt
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 17 09:16:32 2016 +0200
doc: updated README files
This makes the names a bit more reasonable, drops the very generic
INSTALL file, and also allows the github repository to print the
correct README file.
README -> INSTALL.md
README-alpha.md -> README.md
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 17 08:56:59 2016 +0200
tests: renamed cert-callback checks for simplicity
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 17 08:55:50 2016 +0200
tests: added check with the legacy cert verification callback
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 17 08:54:43 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 17 08:43:58 2016 +0200
tests: cert-callbacks check now checks the server-side callback operation as well
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 16 18:08:27 2016 +0200
tests: dtls-stress: fix debug argument accounting
It was not being considered when it was not the last argument.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 16 18:05:34 2016 +0200
tests: re-disabled dtls-nb check; it had random failures
This was disabled for quite long time already, and needs to
be investigated.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 16 13:47:23 2016 +0200
tests: added DTLS test suite when in session resumption
While there is already a test suite for DTLS lost packets/rearranges
it does not cover the session resumption flights. This patch
enhances the test suite with these checks.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun May 15 10:44:42 2016 +0200
dtls-stress: added session resumption option
This allows to perform tests on DTLS resumed sessions for
retransmitions due to lost packets.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun May 15 11:34:32 2016 +0200
tests: dtls: removed excessive debugging output from test
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun May 15 11:08:57 2016 +0200
tests: dtls-stress: corrected parsing of -d option
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun May 15 10:49:42 2016 +0200
record.c: removed superfluous debugging
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun May 15 10:40:38 2016 +0200
gnutls_assert_val: corrected regression from 78ee98e06c7862df38131b12083adc1a0c5eea4a
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun May 15 09:30:02 2016 +0200
gnutls_assert_val: was modified to be in line with gnutls_assert()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 14 13:03:27 2016 +0200
.gitlab-ci.yml: added new build target without SSL 3.0
Also disable SSL3.0 in the minimal library compilation.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 14 11:58:27 2016 +0200
.gitignore: more files to ignore
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 14 11:57:47 2016 +0200
tests: added key exchange checks for all DTLS protocols
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 14 11:48:45 2016 +0200
doc: prefer the usage of VERS-ALL in documentation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 14 11:47:18 2016 +0200
ext master secret: don't enable when SSL 3.0 is the only protocol
That is on server side only. On client side this logic was already
present.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 14 11:18:44 2016 +0200
tests: separated the key exchange checks
That is introduce separate checks for each key exchange on every TLS version.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 14 11:12:56 2016 +0200
doc: mention the TLS 1.2 restriction of sign algo functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 14 10:28:49 2016 +0200
Allow for conditional compilation of SSL 3.0 protocol
This allows to completely remove SSL 3.0 support by calling configure
with the '--disable-ssl3' option.
Resolves #93
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 14 08:03:48 2016 +0200
Makefile.am: include renamed files into distribution
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 14 00:39:23 2016 +0200
README-alpha.md: refer to CONTRIBUTING.md [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 14 00:38:59 2016 +0200
LICENSE: mention that documentation is under GNU FDL
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 14 00:35:45 2016 +0200
Leave only LICENSE in the root directory and move licenses to doc/
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 14 00:13:44 2016 +0200
Added a LICENSE file [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 14 00:31:43 2016 +0200
Moved coding style and contribution guide to CONTRIBUTION.md
This aligns with gitlab's web interface.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 13 20:39:11 2016 +0200
tests: include unistd.h in tests which call _exit()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 13 13:41:53 2016 +0200
tests: simplified server launching process
Also attempt to use a new port on every started server and
added a waiting period for the port to become re-usable.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 13 11:28:51 2016 +0200
tests: avoid calling exit() from signal handlers
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 13 11:16:58 2016 +0200
memmem.m4: don't call exit() from signal handler
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 12 11:24:03 2016 +0200
tests: enhance SNI checking with invalid UTF8 and embedded NULL case
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 12 11:22:51 2016 +0200
Introduce _gnutls_server_name_set_raw
This is an internal function intended for testing, which performs
the same as gnutls_server_name_set() but without any UTF8 conversions
or other checks in the input. It is intended to be used with raw data.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 12 11:21:16 2016 +0200
errors: include GNUTLS_E_IDNA_ERROR to the list
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 12 10:58:58 2016 +0200
server_name: only save the supported server names in the session
Invalid server names with embedded nulls and unsupported types
are not saved.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 12 10:37:56 2016 +0200
gnutls_server_name_get: mention GNUTLS_E_IDNA_ERROR being returned
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 12 09:24:23 2016 +0200
doc: clarify that 'hmac' in the name of functions is only for legacy reasons
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 11 13:23:33 2016 +0200
tests: introduce delay between server restarts in testsrn.sh
This is to reduce test suite random failures on CI.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 11 09:31:28 2016 +0200
tests: CRL test will separate stderr output from stdout
This addresses CI failures due to "Merge mismatch for function" messages
from gcov being inserted into stdout output and messing the base64 encoding.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 11 09:28:55 2016 +0200
Revert "tests: CRL test will not push stderr into output files"
This reverts commit bf1ee75f78cd81ea8309bdfb50f63ed0ab61a23a.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 11 09:27:32 2016 +0200
gnutls_pkcs7_print: avoid warning for signed/unsigned comparison by making everything signed
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 11 08:17:37 2016 +0200
tests: CRL test will not push stderr into output files
This addresses CI failures due to "Merge mismatch for function" messages
from gcov being inserted into output and messing the base64 encoding.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 10 22:46:34 2016 +0200
pack_srp_auth_info: corrected check for uninitialized username
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 10 22:48:56 2016 +0200
call_get_cert_callback: removed dead code
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 10 22:11:52 2016 +0200
pkcs11: added error check in _gnutls_buffer_append_data()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 10 22:08:23 2016 +0200
gnutls_pubkey_verify_data2: simplified return logic
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 10 22:02:54 2016 +0200
gnutls_pkcs7_print: corrected type of unsigned count variable
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 10 21:55:07 2016 +0200
_gnutls_krb5_der_to_principal: fixed invalid deinitialization on cleanup
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 10 20:57:08 2016 +0200
tests: don't run hash-large on freebsd
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 10 20:06:03 2016 +0200
tests: fix mmap usage of hash-large to correctly detect failures
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 10 15:23:11 2016 +0200
doc: updated documentation for gnutls_x509_crt_get_*_dn
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 10 15:20:09 2016 +0200
certtool: handle empty CNs on verification
That is, handle GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE if returned
from gnutls_x509_crt_get_dn() on the end certificate.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 10 15:17:18 2016 +0200
Revert "x509: allow empty DNs on parsing for subject DNs"
This reverts commit 1641ea943079765d601cf418dc2c89c1c93f0ecf.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 10 11:40:43 2016 +0200
cert cred: add the CN to the list of known hostnames only if no dns_names
That is, follow rfc6125 and support CN as a fallback only.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 10 11:23:02 2016 +0200
tests: enhanced set_x509*_key to verify that connections succeed with creds
That is the tests no only verify that credentials are set as expected
but also whether sessions are established with the credentials provided.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 10 11:15:53 2016 +0200
gnutls_certificate_set_key: import the DNS names of the certificates
That is, only when no (NULL) names are provided.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 10 11:12:33 2016 +0200
reset the global time func on init/deinit
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 10 11:05:03 2016 +0200
auth/cert: log the server name requested by client
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 10 11:00:02 2016 +0200
improved output of gnutls_assert()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 10 10:44:57 2016 +0200
x509: allow empty DNs on parsing for subject DNs
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Mon May 9 20:57:36 2016 +0300
build: tests/windows/cng-windows.c: fix implicit decleration of exit
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 10 09:15:29 2016 +0200
.gitlab-ci.yml: enable openssl compat library in minimal build
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 10 09:12:51 2016 +0200
openssl_compat: removed unneeded headers
These headers have been renamed, but they were not necessary for
this module's compilation. Report/Patch by Andreas Metzler.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 9 21:47:14 2016 +0200
.gitlab-ci.yml: added build for windows DLLs
This creates the windows DLLs on every tagged release.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 9 08:03:24 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 9 07:52:14 2016 +0200
bumped soversion
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 9 07:51:05 2016 +0200
updated auto-generated files
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 7 13:34:34 2016 +0200
x509: use the modified flag in gnutls_x509_crt_t
That will avoid re-encoding or decoding in common operations.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat May 7 13:18:20 2016 +0200
x509: added flag to indicate modification in gnutls_x509_crt_t
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 6 16:55:48 2016 +0200
gnutls_x509_crt_equals*: modified to allow operation with certificates that are not imported
This allows it operating with certificates that are generated from scratch.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 6 16:04:31 2016 +0200
tests: added checks for certificate generation APIs
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 6 15:40:14 2016 +0200
doc: fixed documentation of gnutls_x509_crt_set_subject_alternative_name
The previous version could not be parsed by gdoc.
Author: Hubert Kario <hkario@redhat.com>
Date: Fri May 6 11:12:29 2016 +0200
gnutls-serv: sending alerts on mismatched SNI names
Extend serv utility to be able to send alerts when the name advertised
by client does not match the name expected by server.
Author: Hubert Kario <hkario@redhat.com>
Date: Fri May 6 11:05:10 2016 +0200
Add support for sending unrecognized name alerts
To better test support for server_name extension in TLS, it's
necessary to be able to differentiate between name being rejected
because it is unknown to the server and it being malformed.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 6 11:41:12 2016 +0200
doc: TODO list references to gitlab
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 5 11:10:38 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 5 11:01:29 2016 +0200
priorities: when without AES acceleration prefer stream ciphers (i.e., CHACHA20)
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 5 22:49:50 2016 +0200
doc: updated documentation on rehandshake and GNUTLS_ALLOW_ID_CHANGE [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 4 09:13:50 2016 +0200
tests: use the 'b' modifier for writing binary data in set_x509_key_file_der
This allows the test to operate properly on windows systems.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 4 08:07:37 2016 +0200
tests: avoid the usage of tmpnam()
Use a simpler version which is confined within the testsuite
build directories.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 4 07:48:37 2016 +0200
tests: disable checks with tmpnam() on windows
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 3 20:14:37 2016 +0200
tests: fixed 64-bit check for time_t in mini-x509
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 3 15:26:52 2016 +0200
tests: added check for gnutls_certificate_set_x509_simple_pkcs12_file
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 3 15:12:47 2016 +0200
.gitignore: more files to ignore
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 3 15:12:00 2016 +0200
tests: added check of gnutls_certificate_set_x509_key_file2 with DER input
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 3 14:54:31 2016 +0200
tests: enhanced set_x509_key_file check
That now verifies that the input is the same as the data stored
in the credentials as well checks for valid operation.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 3 14:29:35 2016 +0200
tests: mini-x509: include the legacy verification functions into the check
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 3 14:28:44 2016 +0200
tests: added check for gnutls_certificate_set_key()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 3 14:24:08 2016 +0200
gnutls_certificate_set_key: duplicate the provided memory
That is, do not assume that a heap allocated value is provided.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 3 11:54:04 2016 +0200
.gitlab-ci.yml: enabled coverage run in the x86 build
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 3 11:49:09 2016 +0200
tests: do not block server errors in testdsa from being printed out
Also added a delay prior to launching next server instance.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 3 11:43:48 2016 +0200
.gitignore: more test files to ignore
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 3 11:26:04 2016 +0200
pkcs11: find_ext_cb: eliminated memory leak
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 3 10:56:44 2016 +0200
pkcs11: find_cert_cb: do not use C_FindObjectsInit() when another is already running
While some modules implicitly terminated the previous run, this is not
something that PKCS#11 modules are expected to typically do.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 3 09:28:36 2016 +0200
pkcs11: the flag GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT will be respected by imported certificates
That is, certificates imported with gnutls_pkcs11_obj_import_url() or
gnutls_x509_crt_import_url() will be able to be extracted with their
extensions overriden. Previously that was available only on gnutls_pkcs11_get_raw_issuer()
and friends.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 2 15:36:56 2016 +0200
tests: added a basic PKCS#11 mock module
This is used to test gnutls_pkcs11_obj_get_exts(), gnutls_x509_crt_import_url(),
and gnutls_pkcs11_get_raw_issuer() with the GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT
flag.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 2 13:13:10 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 2 13:12:00 2016 +0200
_gnutls_x509_crt_cpy: optimized and simplified
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 2 12:53:54 2016 +0200
exported gnutls_x509_crt_equals() and gnutls_x509_crt_equals2()
These functions provide a way to compare parsed certificates. They
were used internally and they are quite useful to be made available.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 2 15:36:37 2016 +0200
gnutls_pkcs11_obj_get_exts: updated documentation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 2 12:09:03 2016 +0200
gnutls_x509_crt_import_url: updated documentation for new function name
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 2 12:05:48 2016 +0200
gnutls_pkcs11_add_provider: clarified params description
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 2 08:38:32 2016 +0200
tests: added checks on PKCS#1 digest info encoding/decoding
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 2 08:37:45 2016 +0200
gnutls_decode_ber_digest_info: return more precise error code on unknown hash
That is instead of returning GNUTLS_E_UNKNOWN_ALGORITHM on unknown hash,
return GNUTLS_E_UNKNOWN_HASH_ALGORITHM.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 2 08:35:58 2016 +0200
errors.h: removed terminating colon on gnutls_assert() output
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun May 1 12:13:26 2016 +0200
doc: updated PKCS #11 documentation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 30 18:09:18 2016 +0200
gnutls_certificate_get_crt_raw: doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 30 18:06:51 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 30 17:50:45 2016 +0200
doc: mention the version after which gnutls_pem_base64_en/decode2() are available
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 30 08:26:37 2016 +0200
tests: use one-time files in crl
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 30 07:14:13 2016 +0200
tests: check whether the randomly generate port is used
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 30 07:05:46 2016 +0200
.gitlab-ci.yml: enabled the code coverage checks in the valgrind and ubsan targets
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 29 19:38:44 2016 +0200
tests: enhanced the key-import-export tests
This check now includes the abstract privkey import/export interfaces.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 29 19:38:01 2016 +0200
corrected import issue in gnutls_privkey_import_ecc_raw
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 29 19:31:48 2016 +0200
x509/privkey: in raw import functions set the parameter's algorithm type
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 29 19:03:11 2016 +0200
srp base64: return proper gnutls errors codes on error rather than -1
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 29 19:02:45 2016 +0200
tests: added checks for base64 functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 29 18:04:50 2016 +0200
.gitlab-ci.yml: added code coverage run
This enhances a test to print the code coverage of the test suite,
which in turn is being used/reported by gitlab CI interface.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 29 14:53:40 2016 +0200
ax_code_coverage.m4: updated to latest version
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 29 13:12:36 2016 +0200
libtasn1: updated to latest version
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 29 12:57:23 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 29 12:56:24 2016 +0200
errors.h: gnutls_assert() will log the function name in addition to filename/line
This is quite necessary after the filenames were simplified and we have
filenames with identical names in the directory structure.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 29 12:34:43 2016 +0200
tests: added check for SRP ID change during rehandshake
The tests make sure that username changes are allowed if the
flag GNUTLS_ALLOW_ID_CHANGE is specified, and prohibited otherwise.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 29 11:47:58 2016 +0200
tests: added check for PSK ID change during rehandshake
The tests make sure that username changes are allowed if the
flag GNUTLS_ALLOW_ID_CHANGE is specified, and prohibited otherwise.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 29 10:23:45 2016 +0200
handshake: enhance same certificate checks to apply to PSK/SRP username
That is, unless GNUTLS_ALLOW_ID_CHANGE is specified, during a rehandshake
clients will not be allowed to present another certificate than the original,
or change their username for PSK or SRP ciphersuites.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 29 09:39:13 2016 +0200
tests: added 'PFS' and 'SUITEB128' into the list of checked priority strings
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 29 09:29:45 2016 +0200
tests: fail() function will also print function and line information
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 29 09:36:02 2016 +0200
_gnutls_hex2bin: refuse to decode odd-sized hex data
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 29 09:32:52 2016 +0200
tests: added unit tests on the HEX encoding/decoding functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 28 18:08:56 2016 +0200
certtool: eliminated memory leaks in DH parameter printing/generation.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 28 17:42:49 2016 +0200
certtool: combined all the seed decoding methods to a single one
That not only simplifies the code, but also allows decoding hex strings
which contain not hex chars (and that allows decoding hex of the form XX:XX:XX)
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 28 17:31:24 2016 +0200
Revert "tests: ensure the seed is provided in plain hex"
This reverts commit 0ea7206e12f52f6ed50c4a76ea0a23f5470115b2.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 28 16:41:26 2016 +0200
tests: check certtool dh-parameter generation with --provable option
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 28 16:38:16 2016 +0200
tests: ensure the seed is provided in plain hex
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 28 16:34:29 2016 +0200
certtool: allow specifying seed size when generating provable DH parameters
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 28 14:34:17 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 28 14:26:19 2016 +0200
tests: simplified custom-urls check
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 28 14:22:44 2016 +0200
tests: added check on whether builtin URLs cannot be overriden
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 28 14:09:44 2016 +0200
keys: custom URLs take precedence over pre-defined URLs
This allows applications to define the own 'system:' or 'pkcs11:'
URLs.
Resolves #89
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 28 16:45:44 2016 +0200
x25519: ensure that a valid private key is present on key derivation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 28 10:33:47 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 28 10:32:51 2016 +0200
tests: added check for GNUTLS_FORCE_CLIENT_CERT init flag
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 28 10:31:50 2016 +0200
instead of assigning a variable per flag use the init flags directly
That is store the flags provided in gnutls_init() in the session structure
and use these flags directly when required.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 28 09:28:54 2016 +0200
added flag in session to force sending a client certificate
This handles the use case of a client connecting to a server
which incorrectly lists the CA certificates it supports. Without
that change the only option was to avoid using the "automatic"
client certificate functions, but rather utilize callbacks.
With that approach this use case is handled by the "automatic"
certificate selection functions.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 28 13:28:50 2016 +0200
.gitlab-ci.yml: do not load submodules on CI since they are not used
This reduces the CI running time.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 28 09:27:24 2016 +0200
tests: check client behavior of sending CA certificates
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 27 08:18:45 2016 +0200
doc: removed news about feature already backported in 3.4.6
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 27 08:17:45 2016 +0200
examples: introduced basic error checking in more examples
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 27 07:55:50 2016 +0200
examples: simplified the basic client example
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 27 07:50:20 2016 +0200
examples: introduced basic error checking in main client examples
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 27 07:38:47 2016 +0200
examples: corrected the required version of example
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 26 15:03:08 2016 +0200
tests: enhanced dane testing with offline verification checks
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 26 14:34:26 2016 +0200
dane: verification will not fail if a CA entry is encountered but cannot be verified
That addresses the issue of verifying a single certificate against a list
of TLSA entries that contain an entry with CA usage (cert usage 0). With
the previous behavior verification would have failed, while now this
entry will be skipped.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 26 13:54:17 2016 +0200
doc: improved documentation on certificate and DANE verification functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 26 13:35:35 2016 +0200
dane: updated documentation of dane_verify_crt_raw
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 26 13:00:46 2016 +0200
doc: added clarifications on documentation for dane_state_t
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 26 12:56:35 2016 +0200
manpages: include the dane functions into the distributed pages
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 24 15:35:20 2016 +0200
ecdhe: eliminated unneeded checks for zero of public parameters
There were not required by either draft-ietf-tls-rfc4492bis-07
or rfc7748.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 24 15:22:55 2016 +0200
doc: added example client application utilizing the 3.1.x APIs
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 24 15:13:42 2016 +0200
examples: added explicit 3.5.0 dependency in ex-client-x509
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 24 15:11:00 2016 +0200
examples: added error checks and updated verify_certificate_chain()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 24 14:30:07 2016 +0200
.gitlab-ci.yml: made the linux tag explicit for our runners
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 24 14:15:04 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 24 14:13:11 2016 +0200
doc: document curve X25519
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 24 14:12:46 2016 +0200
doc: clarify what catch all means in all scenarios
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 24 11:07:46 2016 +0200
gnutls-cli-debug: added tests for supported curves
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 23 15:20:21 2016 +0200
tests: include self tests with CURVE-X25519
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 22 13:17:38 2016 +0200
gnutls-cli: enhanced KX benchmark with X25519
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 22 12:25:59 2016 +0200
handshake: added support for ECDH with curve X25519
This follows draft-ietf-tls-rfc4492bis-07 and rfc7748
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 24 12:11:48 2016 +0200
tests: updated the openssl compat check to make explicit the used curves
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 24 11:12:29 2016 +0200
ecdhe: print the received curve from the server on debug mode
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 24 10:54:54 2016 +0200
gnutls-cli-debug: added CHACHA20-POLY1305 detection
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 23 22:25:35 2016 +0200
tests: on out of memory conditions do not fail the hash-large test
This test may require a large amount of memory which some CI systems
cannot provide. When an out-of-memory-error is detected skip the test
instead of failing.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 23 15:15:50 2016 +0200
session: removed unused parameters from RSA-EXPORT era
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 23 14:52:03 2016 +0200
README-alpha.md: updated badges with the new gitlab URLs
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 22 09:26:55 2016 +0200
doc: document the TPM 1.2 limitation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 21 16:50:46 2016 +0200
doc: tpm: include short instructions on initializing the TPM chip
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 20 16:19:32 2016 +0200
tests: hash-large: use private mmap()
This reduces the memory usage of the test significantly on Linux.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 20 12:04:09 2016 +0200
tests: use mmap() for large memory allocations in systems that support it
That allows the hash-large test to run on systems which its calloc()
is attempting to allocate an impossible amount of memory.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 20 11:28:21 2016 +0200
tests: use /bin/bash for tests that use bashisms
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 20 11:02:10 2016 +0200
tests: don't run danetool.sh if danetool is not present
That prevents test suite failure in systems without libunbound.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 20 10:08:23 2016 +0200
gnutls_int.h: allow compiling with system (gnutls) headers
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 20 13:44:59 2016 +0200
.gitlab-ci.yml: added build rule on freebsd
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 19 23:11:13 2016 +0200
certtool: document sha3 functions in manpage [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 19 23:06:24 2016 +0200
doc: added missing @end example in danetool documentation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 19 22:50:52 2016 +0200
doc: updated documentation on false start
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 19 22:37:22 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 19 19:25:08 2016 +0200
gnutls-cli-debug: enable socket verbosity when --verbose is given
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 19 19:23:23 2016 +0200
tools: explicitly initialize socket struct to zero
That resolves issue where verbose was enabled by default.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 19 19:18:05 2016 +0200
tools: avoid extracting the value of the app-proto alias
Instead always extract the starttls-proto value, as it seems
that libopts doesn't report any value for the former. This
corrects the starttls capability of danetool and gnutls-cli-debug.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 19 19:12:51 2016 +0200
tools: document the starttls capability
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 19 09:20:04 2016 +0200
tests: do not run danetool.sh on windows
The test fails due to CRLF.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 18 16:24:34 2016 +0200
tools: avoid relying on static buffers for service name
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 18 16:16:59 2016 +0200
tests: added basic check on danetool --tlsa-rr option
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 18 16:03:37 2016 +0200
danetool: Allow specifying a service name into port option
This makes the tool similar to gnutls-cli.
Author: Kevin Cernekee <cernekee@gmail.com>
Date: Mon Apr 18 15:15:32 2016 +0200
Fix library build on Chrome Native Client (NaCl)
Some supported toolchains define DT_UNKNOWN but do not
define _DIRENT_HAVE_D_TYPE (and do not have the d_type field).
On other platforms GnuTLS may need to second-guess what the
library is reporting, but on NaCl this is unsafe.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 18 12:03:05 2016 +0200
gnutls-serv: don't send closure messages in failed handshakes
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 18 11:46:39 2016 +0200
client key exchange: fail if the client KX message is padded with additional bytes
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 18 11:18:04 2016 +0200
_wrap_nettle_pk_derive: reject values of public key that are over the prime
That is do not canonicalise the value we get from the network, but
rather check it for validity. This saves a modular reduction on handshake
and performs a sanity check on the peer's (client) parameters.
Reported by Hubert Kario.
Resolves #84
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 15 10:17:32 2016 +0200
tests: suite: disable any openssl cpu optimizations
This prevents from valgrind failures on softhsm usage due to
any new instruction optimizations which are not supported by
valgrind.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 15 10:14:22 2016 +0200
doc: further updated documentation on false start [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 14 19:32:22 2016 +0200
doc: updated documentation on false start
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 14 19:23:13 2016 +0200
tests: enhanced the false start checks
These now check whether sending and receiving is performed
as expected after handshake, DTLS, as well as test explicit handshake
called by the application.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 14 19:20:36 2016 +0200
Updated false start support to be transparent to applications.
That is, an additional flag GNUTLS_ENABLE_FALSE_START is introduced
for gnutls_init(), and that enables support for false start. At
this point false start will be performed by the handshake if possible,
and gnutls_record_recv() will handle handshake completion.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 14 11:11:01 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 14 11:02:59 2016 +0200
doc: updated docs related to private key generation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 14 10:54:49 2016 +0200
certtool: do not allow combining --provable with --ecc in key generation
There is no such support in the library.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 14 10:33:55 2016 +0200
updated auto-generated files for new APIs
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 14 10:28:36 2016 +0200
doc: added tlsproxy example reference into documentation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 13 15:55:56 2016 +0200
tests: pem-decoding: fixed issue preventing out-of-tree checks
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 13 15:48:58 2016 +0200
tests: pem-decoding: use unique temp files
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 13 14:06:02 2016 +0200
tests: enhanced mini-x509-kx with ECDHE-ECDSA ciphersuite testing
Also renamed it to cert-key-exchange for easier tracking.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 13 13:59:02 2016 +0200
handshake: do not overwrite the server's signature algorithm
That is, correct a bug under which a client sending a certificate
would overwrite the server's idea about the used signature algorithm.
Reported by Hubert Kario.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 13 13:50:59 2016 +0200
tests: enhanced mini-x509-kx with client auth scenarios
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 13 13:39:38 2016 +0200
tests: verify that the output of gnutls_sign_algorithm_get() is the expected one
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 13 13:06:23 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 13 11:43:56 2016 +0200
ocsp: increased the preallocated space in check_ocsp_purpose to account for null terminator
This relates to gnutls_x509_crt_get_key_purpose_oid() change to
return null-terminated OIDs.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 13 11:28:13 2016 +0200
tests: enhanced and simplified SHA3 tests
Included checks about SHA3-224 and SHA3-384.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 13 11:05:19 2016 +0200
tests: added check of GOST cert decoding/printing
This verifies whether our printing functions print the
OID on unknown/unsupported algorithms.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 13 11:04:12 2016 +0200
x509 output: print the OID of certificates/CRLs/CRQs with unknown algorithms
That is, if any unknown signature or subject public key algorithm is
encountered the OID will be printed instead.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 13 10:27:14 2016 +0200
tests: added basic tests for CSR parsing
This mainly includes tests on the new gnutls_x509_crq_get_signature_oid()
and gnutls_x509_crt_get_algorithm_oid().
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 13 10:16:29 2016 +0200
tests: added basic tests on CRL parsing
That includes testing on the new gnutls_x509_crl_get_signature_oid()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 13 09:51:46 2016 +0200
tests: added basic functionality tests for gnutls_x509_crt_get_*_oid
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 13 09:43:31 2016 +0200
Added gnutls_x509_crl_get_signature_oid
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 13 09:39:21 2016 +0200
Added gnutls_x509_crq_get_signature_oid and gnutls_x509_crq_get_pk_oid
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 13 09:17:08 2016 +0200
Added gnutls_x509_crt_get_signature_oid and gnutls_x509_crt_get_pk_oid
These functions can directly provide the textual object identifier
of their corresponding fields.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 13 09:03:56 2016 +0200
gnutls_x509_crt_get_key_purpose_oid: copy the OID as a null-terminated string
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 13 08:53:23 2016 +0200
sign: corrected digest in SHA3-224 OID mapping
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 12 22:53:57 2016 +0200
configure: corrected regression which prevented the build of tests/suite
This regression was introduced at 8b97662c40c67a6d4087ce6e1f0c6fb6ea4a8b2c
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 12 22:25:06 2016 +0200
gnutls_x509_ext_import_policies: initialize value to avoid compiler warnings
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 12 22:21:02 2016 +0200
README: removed inexistent package
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 12 22:16:22 2016 +0200
common.mk: corrected typo on LDFLAGS for coverage
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 12 19:25:18 2016 +0200
danetool: corrected typo in manual [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 12 16:07:41 2016 +0200
gnutls_packet_get: avoid null pointer dereference on NULL input
That is, still allow the function to handle a NULL packet
input but reset the data contents.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 12 16:04:24 2016 +0200
gnutls_x509_privkey_verify_seed: corrected typo that made the function always return true
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 12 16:02:20 2016 +0200
_gnutls_asn2err: declared as constant function
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 12 15:37:38 2016 +0200
load_dir_certs: use readdir() in all platforms
According to glibc documentation readdir_r() is deprecated
and the use of readdir() is recommended. As such we switch to
it on all platforms.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 12 15:26:42 2016 +0200
tests: combined the resume checks for Anonymous and PSK ciphersuites
In addition enhanced it to check the resumption on the certificate
ciphersuites as well.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 12 14:21:04 2016 +0200
configure: Add a code coverage option
Configure with:
./configure --enable-code-coverage
Show coverage output with:
make && make check && make code-coverage-capture
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 12 14:17:26 2016 +0200
Makefile.am: moved common rules (AM_CFLAGS) to common.mk
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 12 12:12:40 2016 +0200
gnutls_ocsp_resp_get_single: fail if thisUpdate is not available or unparsable
That is because this field is not optional, and a failure on its
parsing is always fatal. Reported by Yuan Jochen Kang.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 12 12:08:35 2016 +0200
gnutls_x509_privkey_import2: document an intentional fall through
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 11 16:48:46 2016 +0200
README: add abi-compliance-checker into install instructions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 11 08:49:11 2016 +0200
gnutls_x509_crt_get_key_usage: ensure that its returned value is properly handled
Reported by Yuan Jochen Kang.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 10 10:54:29 2016 +0200
tests: do not enable valgrind in non-git builds
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 9 13:38:47 2016 +0200
hash: corrected the textual description of hashes
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 9 13:34:39 2016 +0200
corrected SHA3-224 OID
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 9 13:31:54 2016 +0200
x509 output: don't warn about insecure algorithm when unknown
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 9 12:43:22 2016 +0200
tests: remove any system specific code of ecore
This was causing issues with certain builds and
was not used for the purpose of testing.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 9 11:51:34 2016 +0200
tests: disable unsupported curves from compatibility checks
This allows running make check even when compiling with disable-suiteb-curves.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 9 11:49:07 2016 +0200
tests: removed unused scripts
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 9 11:46:27 2016 +0200
.gitlab-ci.yml: combined C99 and undefined sanitizer builds
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 9 09:46:06 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 9 09:43:49 2016 +0200
crywrap: was removed from gnutls tools
Its inclusion did not increase the attention paid to this
tool, not provided any significant advantage to gnutls' users
thus it was unbundled from the main library. The tool can be found at
https://github.com/nmav/crywrap
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 9 08:17:53 2016 +0200
minitasn1: updated to latest git version
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 8 19:46:36 2016 +0200
doc: Replace references to select with poll and other fixes
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 8 19:40:28 2016 +0200
doc: replace inaccurate sentence with reference to gnutls_record_discard_queued [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 8 15:40:06 2016 +0200
gnutls_record_get_direction: doc update [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 8 14:13:26 2016 +0200
tests: reduce the number of loops in x509sign-verify2
This enables running the test in reasonable time under valgrind.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 8 13:36:44 2016 +0200
pkix.asn: corrected byKey definition
OCSP is defined in an EXPLICIT tags module, and as such
we must tag explicitly all of its tags.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 5 13:22:29 2016 +0200
tests: check the generation of IP name constraints with certtool
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 5 13:21:53 2016 +0200
certtool: allow generating IP name constraints
Relates #83
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 5 13:16:07 2016 +0200
_gnutls_parse_general_name2: allow parsing empty names
This allows parsing empty general names such as an empty DNSname
used in name constraints.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 5 11:54:50 2016 +0200
name constraints: enforce the rules for IP constraints when adding
This will prevent gnutls from generating badly formed certificates.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 5 10:36:05 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 5 10:33:18 2016 +0200
.gitignore: more files to ignore
Author: Daiki Ueno <ueno@gnu.org>
Date: Wed Mar 16 14:21:41 2016 +0900
name constraints: compute permitted set strictly
RFC 5280 6.1.4. states that the permitted_subtrees variable is
constructed as an intersection of its previous value.
Co-authored-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 5 09:08:14 2016 +0200
.gitlab-ci.yml: added C99 target for the library
This compiles the library using gcc options for the C99
standard.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 5 08:44:34 2016 +0200
README: updated libtasn1 URL [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 3 09:46:24 2016 +0200
x86-common: increase the size of _gnutls_x86_cpuid_s to match the size of assembly files
This resolves issue on certain platforms (e.g., windows) where ld would simply fail,
instead of allocate the largest size of the variable.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 2 12:56:45 2016 +0200
ocsptool: use HTTP/1.0 for requests
This avoids issue with servers serving chunk encoding which
ocsptool doesn't support. Reported by Thomas Klute.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 2 12:02:08 2016 +0200
gnutls_init(): refer to gnutls_init_flags_t for the documentation of available flags
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 2 11:16:19 2016 +0200
README.CODING_STYLE: set C99 as the C dialect of choice
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 1 11:10:56 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 1 11:08:38 2016 +0200
tests: added check for system priority file loading and parsing
This checks whether the file is properly loaded and its contents
are parsed as expected.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 1 10:46:12 2016 +0200
priorities: preload the system priorities on library loading time
This allows to rely on the system priorities even in the case of
applications that chroot(). This also introduces the environment
variable GNUTLS_SYSTEM_PRIORITY_FILE which can be used to override
the global priority file.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 31 17:25:45 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 31 17:24:37 2016 +0200
tests: added check of verification using MD5 with and without --verify-allow-broken
This tests certtool and whether it fails verification of MD5 chains
with no --verify-allow-broken, or whether it succeeds if given.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 31 17:15:34 2016 +0200
tests: added PKCS #7 signing/verification test with broken sigs (MD5)
This tests whether we can sign structures using broken algorithms (MD5),
and verify structures signed with broken algoritms if --verify-allow-broken
is given to certtool.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 31 16:58:37 2016 +0200
certtool: added flag to allow verification using broken algorithms
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 31 09:46:44 2016 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 31 10:29:59 2016 +0200
tests: check whether resumption data from resumed session work
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 31 09:40:09 2016 +0200
session resumption: lift the limitation of calling gnutls_session_get_data*() on non-resumed sessions
This allows of obtaining the session data required for proper session resumption
from any available session. This brings the API in par with expectations of its
users.
Resolves #79
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 31 09:45:43 2016 +0200
dtls: added missing dtls.h to state.c
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 30 12:24:09 2016 +0200
tests: added check for gnutls_record_set_state() under DTLS
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 30 11:37:49 2016 +0200
dtls: reset the record number sliding window on gnutls_record_set_state()
This addresses issue where gnutls_record_set_state() was called with a
new state but the sliding window information was not updated, thus
blocking any incoming packets.
Resolves #82
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 30 10:13:18 2016 +0200
x509/output: simplified cidr_to_string()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 29 16:14:15 2016 +0200
.gitignore: more files to ignore
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 29 16:11:36 2016 +0200
tests: check gnutls_record_get_state() with DTLS
Since in DTLS we relied on a sliding window to keep track of the
sequence numbers we didn't provide a sensible value to application
via gnutls_record_get_state(). This test makes sure that we report
the "correct" value when asked. Correct being the next number after
the last received packet.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 29 15:52:59 2016 +0200
DTLS: save last valid record sequence number
This will allow to report a valid number to gnutls_record_get_state() callers
in case of DTLS. Reported by Fridolin Pokorny.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 29 15:34:37 2016 +0200
tests: delete outfile in certtool-long-cn
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 29 15:33:27 2016 +0200
tests: verify the output of name constraints IP decoding
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 29 15:04:11 2016 +0200
x509/output: print RFC5280 CIDRs in name constraints
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 29 14:11:56 2016 +0200
tests: check the sequence numbers produced by gnutls_record_get_state()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 29 14:08:58 2016 +0200
gnutls_record_get_state: Allow for NULL parameters
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 24 07:13:59 2016 +0100
ocsptool: eliminated memory leaks in verify-response option
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 24 07:12:34 2016 +0100
ocsptool: don't exit with error code on verification failures when --ignore-errors is given
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 23 23:15:24 2016 +0100
tests: added OCSP related checks
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 23 23:14:01 2016 +0100
ocsptool: exit with error on verification failures
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 23 23:00:53 2016 +0100
ocsp: gnutls_ocsp_resp_verify_direct will skip additional checks for certificates matching issuer
That eliminates issue with ocsptool rejecting OCSP responses signed
by the same CA that signed the certificate. Reported by Thomas Klute.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 23 22:46:16 2016 +0100
ocsptool: Allow saving responses even if verification fails
In addition do not enter a spurious newline to responses.
Author: Maya Rashish <coypu@sdf.org>
Date: Wed Mar 23 18:04:07 2016 +0200
Avoid using strerror in dtls stress test
Using it results in build failure on NetBSD:
undefined reference to `rpl_strerror'
Author: Maya Rashish <coypu@sdf.org>
Date: Wed Mar 23 16:08:02 2016 +0200
Add missing header to testsuite
This causes a problem for NetBSD+clang tests, because SIGTERM and
kill are undefined.
Resolves #80
Signed-off-by: Maya Rashish <coypu@sdf.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 23 10:39:59 2016 +0100
session tickets: avoid GCM for session tickets and rely on CBC and HMAC
The latter is more resilient against non-key renewal.
Author: Jaak Ristioja <jaak.ristioja@cyber.ee>
Date: Mon Feb 15 12:14:52 2016 +0200
Broke apart _gnutls_recv_int() to the packet and non-packet cases.
Only gnutls_record_recv_packet() called _gnutls_recv_int() with
(packet != NULL). I refactored this logic directly downstream into
gnutls_record_recv_packet(). The _gnutls_recv_int() function now only
handles non-packet specific logic. The check_session_status() function
was created to deduplicate common code which would otherwise have
ended up in both functions.
The rationale behind this change is to optimize what were previously
calls of _gnutls_recv_int(). First of all _gnutls_recv_int() now has
only 6 parameters, which according to the x86_64 System V Application
Binary Interface should now fit into CPU registers and no longer use
the stack. Secondly this change avoids a number of branching checks
for both packet and non-packet cases.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 21 11:29:08 2016 +0100
gnutls-cli: corrected usage of gnutls_session_get_data()
This is no longer called on resumed sessions, allowing more than
one resumption in servers which use tickets and don't resend the ticket
on subsequent connections.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 18 13:10:40 2016 +0100
testcompat-openssl: enable TLS 1.2 tests with openssl 1.0.1+
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 18 11:21:35 2016 +0100
tests: verify that the post-client-hello callback has access to ALPN data
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 18 10:35:46 2016 +0100
.gitlab-ci.yml: don't use git submodule update, not needed for our testsuite
Author: Yuriy M. Kaminskiy <yumkam@gmail.com>
Date: Tue Mar 15 18:21:32 2016 +0300
alpn: ALPN state is per-connection, it should not be saved with session data
In addition the extension was moved to the mandatory to parse to ensure it
is always parsed when sessions are resumed.
rfc7301:
Unlike many other TLS extensions, this extension does not establish
properties of the session, only of the connection. When session
resumption or session tickets [RFC5077] are used, the previous
contents of this extension are irrelevant, and only the values in the
new handshake messages are considered.
Signed-off-by: Yuriy M. Kaminskiy <yumkam@gmail.com>
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 18 09:44:40 2016 +0100
tests: added checks for session resumption and ALPN
This checks whether the ALPN extension is re-read on
resumption and is negotiated.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 16 10:00:17 2016 +0100
x86-common: CPUID override will only work if CPU has already the capability present
This resolves test suite failure on CPUs with limited capabilities.
Reported by Andreas Metzler.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 11 17:35:12 2016 +0100
Introduced GNUTLS_E_ASN1_EMBEDDED_NULL_IN_STRING
This error code is returned when an embedded NULL is detected in
a string.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 16 21:03:54 2016 +0100
gnutls_server_name_set: accept non-null terminated hostnames
The introduction of IDNA support introduced a regression and this
function does not operate correctly when given non-null terminated
strings. Reported by Tim Ruehsen.
Relates #78
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 16 20:57:31 2016 +0100
tests: added check for non-null terminated server name
This checks whether a non-null terminated server name, but with
correct length is correctly accepted by gnutls_server_name_set().
Relates #78
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 15 12:00:39 2016 +0100
tests: template-test was updated for OCSP key purpose reordering
Author: Ludovic Courtès <ludo@gnu.org>
Date: Mon Mar 14 10:44:08 2016 +0100
guile: doc: Mention bytevectors.
* doc/gnutls-guile.texi (Representation of Binary Data): Mention bytevectors.
(Input and Output): Likewise.
Author: Ludovic Courtès <ludo@gnu.org>
Date: Mon Mar 14 10:44:07 2016 +0100
guile: doc: Explain "Application Data" packets and 'session-record-port'.
* doc/gnutls-guile.texi (Input and Output): Mention "Application Data"
packets and buffering.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 15 11:20:16 2016 +0100
certtool: do not require a CA for OCSP signing
This follows the recommendations in RFC6960 in 4.2.2.2
which allow a CA to delegate OCSP signing to another certificate
without requiring it to be a CA.
Reported by Thomas Klute.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 14 14:06:01 2016 +0100
doc: updated text for gnutls_ocsp_status_request_is_checked()
Relates #75
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 14 13:56:17 2016 +0100
doc: clarified expectations on gnutls_datum_t
Relates #77
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Mar 13 20:55:02 2016 +0100
doc update: gnutls_handshake_set_false_start_function() [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Mar 13 11:39:22 2016 +0100
abi-check: corrected type of gnutls_x509_crl_get_issuer_dn
That will avoid any accidental ABI breakage on that symbol.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 11 14:45:02 2016 +0100
.gitlab-ci.yml: added abi-checker rule
This allows to test ABI incompatibilities as soon as possible.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 11 14:36:39 2016 +0100
Makefile: made abi-checks self-contained
That is, they no longer assume a given directory structure to exist
outside git. It now includes a static dump of the symbols in 3.4.0
for x86_64 and we compare with it.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 11 11:52:17 2016 +0100
certtool: better error handling in file_size()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 11 11:47:12 2016 +0100
gnutls-cli: fix invalid initialization in cert_verify_ocsp()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 11 11:45:23 2016 +0100
gnutls-serv: human_addr always returns a non-null argument
This addresses issue with libc's which don't support printf() with
a NULL argument.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 8 15:10:07 2016 +0100
tests: testpkcs11: the test will always fail in code path failures
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 8 10:12:22 2016 +0100
README: list the main branches build status [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 7 11:50:34 2016 +0100
gnutls_system_recv_timeout: restore poll on EINTR
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 7 10:47:43 2016 +0100
doc: corrected typo [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 7 10:42:14 2016 +0100
gnutls_ocsp_status_request_is_checked: document the version the flag was introduced at
Relates: #75
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 7 10:25:57 2016 +0100
doc: generate manpages for all functions
That addresses issue where certain manpages were created empty.
See https://bugzilla.redhat.com/show_bug.cgi?id=1306800
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 7 10:11:37 2016 +0100
doc: mention gnutls_certificate_set_x509_trust_dir()
It was not mentioned in the "Client or server certificate verification"
section.
Resolves #76
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 7 09:30:44 2016 +0100
tests: mini-loss-time: improved timeout detection
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 4 10:16:51 2016 +0100
corrected typo in comment [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 1 16:23:55 2016 +0100
configure: silence clang's warnings
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 3 14:24:13 2016 +0100
tests: added check for version negotiation default prio string
That verifies whether the support versions are negotiated.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 3 09:05:32 2016 +0100
tests: include test-hash-large into dist
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 3 08:50:48 2016 +0100
Sync with TP [ci skip]
Author: Ludovic Courtès <ludo@gnu.org>
Date: Wed Mar 2 09:59:19 2016 +0100
Update NEWS.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 1 14:50:42 2016 +0100
Disable weak symbols for _gnutls_global_init_skip() under windows
That is to avoid an issue with running gnutls under windows;
that renders GNUTLS_SKIP_GLOBAL_INIT a no-op under windows.
Relates #74
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 1 13:19:29 2016 +0100
.gitlab-ci.yml: asan, clang and valgrind builds were made arch-independent
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 29 20:49:09 2016 +0100
tests: pkcs12: allow multiple in-place builds
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 29 19:41:33 2016 +0100
tests: pkcs1-pad,rsa-md5-collision: allow multiple in-place builds
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 29 17:12:49 2016 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 29 17:06:12 2016 +0100
gnutls-cli: fail if gnutls is not compiled with DANE support and --dane is provided
Suggested by Bjorn Jacke.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 29 13:23:25 2016 +0100
tests: always used the slow (portable) version of get16bits
This prevents issues with misaligned addresses and undefined sanitizer.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 29 12:46:47 2016 +0100
timespec_sub_ms: fixed operation in 32-bit systems
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 29 10:23:20 2016 +0100
.gitlab-ci.yml: don't use the internal libtasn1 when compiling with libubsan
This prevents build failures due to issues in libtasn1
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 29 10:22:13 2016 +0100
tests: Fixes to prevent undefined behavior (found with libubsan)
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 29 10:18:58 2016 +0100
pkcs11: Fixes to prevent undefined behavior (found with libubsan)
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 29 09:58:40 2016 +0100
cipher.c: Fixes to prevent undefined behavior (found with libubsan)
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 29 09:57:40 2016 +0100
ecc: optimized extension parsing
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 29 09:48:12 2016 +0100
opencdk: Fixes to prevent undefined behavior (found with libubsan)
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 29 09:48:02 2016 +0100
gnutls.h: Fixes to prevent undefined behavior (found with libubsan)
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 29 09:43:32 2016 +0100
x509: Fixes to prevent undefined behavior (found with libubsan)
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 29 09:27:23 2016 +0100
x509: cleanup in privkey.c
Author: Andreas Metzler <ametzler@debian.org>
Date: Sun Feb 28 15:35:01 2016 +0100
Let p11tool --provider option accept filenames.
Drop 'file-exists = yes;' to allow specifying either an absolute pathname
or a file in P11_MODULE_PATH.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Feb 28 13:01:11 2016 +0100
.gitlab-ci.yml: abort on ubsan errors
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Feb 28 12:12:09 2016 +0100
p11tool: addressed memory leaks
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Feb 28 10:45:02 2016 +0100
tests: use 'datefudge -s' to avoid loops
This avoids repeated loops of the same test as well as
random failures in the test suite.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 27 22:37:21 2016 +0100
tests: krb5-test: increased the number of loops
This should prevent random failures in the test suite.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 27 22:23:34 2016 +0100
.gitlab-ci.yml: asan and ubsan include the suite/
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 23 10:35:14 2016 +0100
.gitignore: more files to ignore
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 23 10:33:18 2016 +0100
doc: documented false start functionality
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 23 10:23:57 2016 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 23 10:14:53 2016 +0100
tests: Added checks for false start operation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 23 09:40:26 2016 +0100
Added gnutls_handshake_set_false_start_function()
This function allows to use TLS False-start, by using the provided
function to send data just after finished message.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 27 21:54:51 2016 +0100
tests: enable softhsmv2 test suite by default
Also do not fatally fail with known softhsmv2 bugs.
Author: Jan Vcelak <jan.vcelak@nic.cz>
Date: Fri Feb 26 16:17:48 2016 +0100
pkcs11: tests for RSA, ECC, DSA private key import
Signed-off-by: Jan Vcelak <jan.vcelak@nic.cz>
Author: Jan Vcelak <jan.vcelak@nic.cz>
Date: Fri Feb 26 16:17:47 2016 +0100
pkcs11: tests for DSA key generating
Signed-off-by: Jan Vcelak <jan.vcelak@nic.cz>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 27 17:56:36 2016 +0100
added getpid() to the list of system calls used
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 26 14:41:12 2016 +0100
.gitlab-ci.yml: added compilation rule with libubsan
Author: Jan Vcelak <jan.vcelak@nic.cz>
Date: Thu Feb 25 16:43:36 2016 +0100
gnutls_x509_privkey_import: add missing algorithm setting for DSA keys
The algorithm number was set only in the private key structure, not in
the nested structure with parameters. This made certain operations to
fail (e.g., copying the key into a PKCS #11 token).
Signed-off-by: Jan Vcelak <jan.vcelak@nic.cz>
Author: Jan Vcelak <jan.vcelak@nic.cz>
Date: Thu Feb 25 15:21:30 2016 +0100
pkcs11: implement correct DSA key pair generating
Signed-off-by: Jan Vcelak <jan.vcelak@nic.cz>
Author: Jan Vcelak <jan.vcelak@nic.cz>
Date: Thu Feb 25 15:21:29 2016 +0100
pkcs11: add interface for C_GenerateKey
Signed-off-by: Jan Vcelak <jan.vcelak@nic.cz>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 26 12:00:55 2016 +0100
better match with unknown_tls_aid
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 26 11:54:05 2016 +0100
x509: moved time-specific functions to time.c
Author: Sebastian Dröge <sebastian@centricular.com>
Date: Wed Feb 24 12:42:26 2016 +0200
configure: Android is ELF too
Without this, compiling Android for x86 or x86-64 fails because the assembly
optimizations are not compiled in.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 25 15:45:04 2016 +0100
mentioned the public git URL for cloning [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 24 15:12:23 2016 +0100
doc update [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 24 14:55:19 2016 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 24 14:53:59 2016 +0100
tests: check functions which export session parameters
That is gnutls_session_get_random() and gnutls_session_get_master_secret().
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 24 14:43:17 2016 +0100
Added gnutls_session_get_master_secret
This provides the ability to export all session parameters in various
formats.
Resolves #64
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 22 15:51:11 2016 +0100
tests: gnutls_session_get_flags() is checked for extended master secret
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 22 15:49:25 2016 +0100
tests: check gnutls_session_get_flags() for EtM
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 22 15:46:33 2016 +0100
tests: check gnutls_session_get_flags() for safe renegotiation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 22 15:26:46 2016 +0100
Added gnutls_session_get_flags()
This function would allow to simplify handling of future
flags which we may want to indicate, and would not require
API additions for new flags.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 22 11:57:30 2016 +0100
Revert ".gitlab-ci.yml: disable guile tests"
This reverts commit 50ce516eebaf011f041002ecbfdb61b113159282.
Author: Ludovic Courtès <ludo@gnu.org>
Date: Sun Feb 21 18:58:35 2016 +0100
guile: Fix out-of-tree builds.
This fixes a regression introduced in 3045a96.
* guile/Makefile.am (.in.scm): Make the parent directory of $@.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 18 17:04:24 2016 +0100
Improved documentation in _gnutls_sort_clist
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 18 16:43:51 2016 +0100
gnutls_x509_crt_list_import: corrected memory leak
This was triggered if GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED was specified
and a failure occurred.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 18 15:59:31 2016 +0100
_gnutls_sort_clist: fixed issues when used with func option
This function would incorrectly call func() on elements that were
included in the list, and would not call func() if the size of the
final chain was one.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 18 15:10:54 2016 +0100
tests: added tests for gnutls_pcert_list_import_x509_raw()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 18 14:29:20 2016 +0100
ext master secret: ensure we disable ext master secret if requested
That is, on rehandshakes, as on the standard handshakes it is disabled
by default.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 18 14:18:04 2016 +0100
tests: verify that we do not allow rehandshakes without ext master
That is, if we have an initial session which uses the extended master
secret do not allow subsequent rehandshakes to skip it.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 18 11:53:20 2016 +0100
tests: sha3-test: use different dates for generation and validation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 18 10:55:32 2016 +0100
certtool: eliminated memory leaks
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 18 10:28:33 2016 +0100
bumped the version of max algorithm num to account for new signing algorithms
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 18 09:17:17 2016 +0100
src: added systemkey-args to BUILT_SOURCES
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 17 15:19:08 2016 +0100
tests: simplified sha3-test
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 17 05:43:24 2016 +0100
cross.mk: updated for gnutls 3.4.9, nettle 3.2, gmp 6.1.0 and p11-kit 0.23.2 [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 16 16:46:54 2016 +0100
.gitlab-ci.yml: disable guile tests
This prevents the test suite from failing.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 16 16:40:09 2016 +0100
doc update [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 11 16:18:00 2016 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 11 16:13:12 2016 +0100
tests: resume: check whether the server does not resume in ext master secret mismatch
Relates #69
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 11 16:10:31 2016 +0100
Ensure that session resumption does not occur when ext master secret status changes
That is we make sure the server doesn't resume when:
1. Original session had extended master secret but not advertised in resumed
2. Original session did not have extended master secret but is advertised in resumed
Relates #69
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 11 14:45:40 2016 +0100
tests: resume: simplified structure assignment using C99 syntax
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 15 10:52:55 2016 +0100
tests: added certification generation tests with SHA-3 tests
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 15 10:37:57 2016 +0100
Added NIST's OIDs for SHA3 signature algorithms
This allows to generate certificates signed with SHA3.
Author: Ludovic Courtès <ludo@gnu.org>
Date: Thu Feb 11 23:04:38 2016 +0100
guile: Work around lack of 'eval-when' on 1.8.
* guile/modules/gnutls.in (eval-when) [!guile-2]: New macro.
Author: Ludovic Courtès <ludo@gnu.org>
Date: Thu Feb 11 23:04:37 2016 +0100
guile: Install modules in versioned directory by default.
* configure.ac: Change default 'GUILE_SITE' value to include
$guile_effective_version.
Author: Ludovic Courtès <ludo@gnu.org>
Date: Thu Feb 11 23:04:36 2016 +0100
guile: build: Make silent rules actually quiet.
* guile/Makefile.am (.in.scm): Use $(AM_V_GEN) and $(AM_V_at).
* guile/src/Makefile.am (enums.h, enum-map.i.c)
(smobs.h, smob-types.i.c, %.x): Likewise.
Author: Ludovic Courtès <ludo@gnu.org>
Date: Thu Feb 11 23:04:35 2016 +0100
guile: Build and install .go files on Guile 2.x.
* configure.ac: Check for 'guild' and substitute 'GUILD'. Define
'HAVE_GUILD'. Substitute 'guileobjectdir'. Don't output
guile/modules/Makefile and guile/tests/Makefile.
* guile/modules/Makefile.am, guile/tests/Makefile.am: Remove. Move
contents to...
* guile/Makefile.am: ... here.
(SUBDIRS): Remove 'modules' and 'tests'.
Author: Ludovic Courtès <ludo@gnu.org>
Date: Thu Feb 11 23:04:34 2016 +0100
guile: doc: Change prompt in examples.
* doc/gnutls-guile.texi (Guile Preparations): Use the prompt found in
2.0. Change "libguile-gnutls-v-0" to "guile-gnutls-v-2".
Author: Ludovic Courtès <ludo@gnu.org>
Date: Thu Feb 11 23:04:33 2016 +0100
guile: tests: Add Guile 2.2 compatibility layer.
This allows tests to run with Guile 2.1/2.2.
* guile/modules/gnutls/build/tests.scm (define-replacement) [guile-2]:
New macro.
(uniform-vector-read!, uniform-vector-write) [guile-2]: New procedures.
* doc/gnutls-guile.texi (Guile Preparations): Mention 2.2.
Author: Ludovic Courtès <ludo@gnu.org>
Date: Thu Feb 11 23:04:32 2016 +0100
guile: tests: Make sure no processes are left behind.
Before that, child processes would be left behind and become zombies.
* guile/tests/anonymous-auth.scm, guile/tests/openpgp-auth.scm,
guile/tests/session-record-port.scm, guile/tests/x509-auth.scm:
Add (waitpid pid) call on the server side.
Author: Ludovic Courtès <ludo@gnu.org>
Date: Thu Feb 11 23:04:31 2016 +0100
guile: tests: Add 'with-child-process'.
This makes sure that child processes always exit no matter what.
* guile/modules/gnutls/build/tests.scm (define-syntax-rule) [!guile-2]:
New macro.
(call-with-child-process): New procedure.
(with-child-process): New macro.
* guile/tests/anonymous-auth.scm, guile/tests/openpgp-auth.scm,
guile/tests/session-record-port.scm, guile/tests/x509-auth.scm: Use it
instead of an explicit 'primitive-fork' call.
* guile/.dir-locals.el: New file.
* guile/Makefile.am (EXTRA_DIST): New variable.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 15 09:52:10 2016 +0100
tests: mini-loss-time: ensure client timeouts after the server is
This addresses issue with the server detecting the client disconnection
prior to its timeout. Reported by Steven Chamberlain, Andreas Metzler.
Author: Jaak Ristioja <jaak.ristioja@cyber.ee>
Date: Fri Feb 12 16:59:31 2016 +0200
Removed the invariant htype parameter of _gnutls_recv_int()
All uses of _gnutls_recv_int() passed -1 as the htype argument of type
gnutls_handshake_description_t, which had been used for SSLv2 client
hellos. Introduced in 2001 with dc1122e7b6.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Feb 14 18:41:01 2016 +0100
provable RSA key generation: adjust the seed size based on N size
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Feb 14 18:18:38 2016 +0100
provable RSA key generation: allow non-2048 and non-3072 keys
That is enforce the 2048 and 3072-bit limit to FIPS when in FIPS140-2
mode.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 13 18:21:08 2016 +0100
DH/DSA: allow the generation of larger than 15360 bit parameters
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 13 14:50:19 2016 +0100
tests: eliminated mem leak in hash-large
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 12 15:16:55 2016 +0100
tests: check whether large buffer hashes and MAC work as expected
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 12 10:48:12 2016 +0100
nettle: use the correct type for hash and MAC functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 6 22:44:37 2016 +0100
provable prime generation: arbitrary seed lengths are accepted in non-FIPS mode
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 11 12:10:57 2016 +0100
gnutls-cli: improved indentation in benchmark output
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 11 11:43:27 2016 +0100
certtool: removed unused variable
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 11 11:00:15 2016 +0100
certtool: the --generate-dh-params option can be combined with --provable
This however, will generate provable DSA parameters and import them
as DH parameters.
Resolves #72
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 11 10:42:34 2016 +0100
certtool: the --dh-info option will retrieve DH parameters from DSA keys
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 11 10:34:52 2016 +0100
tests: added check for gnutls_dh_params_import_dsa
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 11 10:05:58 2016 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 11 10:05:13 2016 +0100
Added gnutls_dh_params_import_dsa() which allows to import DSA parameters into DH ones
This simplifies importing DSA private keys into DH parameters.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 10 14:29:47 2016 +0100
tests: set_pkcs12_cred: existing tests are disabled when in FIPS140-2 mode
The tests require access to the RC4 cipher which is not available.
Author: Attila Molnar <attilamolnar@hush.com>
Date: Wed Feb 10 10:55:15 2016 +0100
Fix memory leak in gnutls_certificate_set_ocsp_status_request_file()
Signed-off-by: Attila Molnar <attilamolnar@hush.com>
Author: Attila Molnar <attilamolnar@hush.com>
Date: Sat Feb 6 18:16:59 2016 +0100
doc: Update description of credential alloc/dealloc functions
Get rid of "This structure is complex enough to manipulate directly..."
text which suggests that these functions are optional, "helper" functions
when in fact their usage is required for encapsulation reasons.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 10 10:11:00 2016 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 8 11:23:33 2016 +0100
ALPN: added the GNUTLS_ALPN_SERVER_PRECEDENCE flag
This allows the server to set precedence on the protocols
it supports, rather than following the client's order.
Resolves #71
Author: Andreas Metzler <ametzler@debian.org>
Date: Tue Feb 9 13:37:49 2016 +0100
improve doc on special keywords in priority string
Special keywords in priority strings like %COMPAT may not be prefixed
with +, - or !, "NORMAL:+%COMPAT is invalid.
Author: Attila Molnar <attilamolnar@hush.com>
Date: Sat Feb 6 18:01:33 2016 +0100
doc: Fix some typos
Author: Attila Molnar <attilamolnar@hush.com>
Date: Sat Feb 6 17:50:05 2016 +0100
Remove remaining RSA-EXPORT support leftovers from doc and messages
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 3 09:20:05 2016 +0100
tests: pkcs11-pubkey-import-ecdsa will only work under softhsmv2
Author: Andreas Metzler <ametzler@debian.org>
Date: Sun Jan 31 17:59:37 2016 +0100
Fix some more typos.
certifcate, funtion, withing, missmatch
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jan 30 12:18:55 2016 +0100
tests: updated check to account for revert in 7d3caedb8df9d04eee9513cb5b3b417ae29927f5
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jan 30 12:15:07 2016 +0100
Revert "tests: updated to account for cert generation after 2adb9b2bfb31afebbdd9f990e2b74c9a3d4e5c57 fix"
This reverts commit 735dbde324be6c8785a3dea5f09c82b6a8ad298b.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jan 30 11:15:13 2016 +0100
Revert "Fix out-of-bounds read in gnutls_x509_ext_export_key_usage"
This was not really an out-of-bounds check. Added documentation
to make that clear.
This reverts commit ffbc9aaea7dcf29c03784d128b83f0682357858d.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 28 13:14:14 2016 +0100
certtool: corrected email escaping in texinfo
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 28 10:45:17 2016 +0100
Replaced select() system call with poll() on POSIX systems
This allows to use the default gnutls functions with file descriptors
over the maximum supported by select.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 25 11:08:21 2016 +0100
tests: windows: fixed check-output call
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 22 16:34:29 2016 +0100
tests: added dummy functions used by CAPI32 implementation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 22 16:33:48 2016 +0100
tests: better checking for failure in windows cng check
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 22 12:59:47 2016 +0100
system-key-win: call CertFreeCertificateContext()
Author: Bjørn Christensen <bhc@insight.dk>
Date: Fri Jan 22 11:52:21 2016 +0100
system-key-win: added interface to CAPI, old style crypto api on windows
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 21 14:45:56 2016 +0100
certtool: corrected texinfo output for krb5_principal
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 21 12:58:56 2016 +0100
tests: priorities: account for the addition of CHACHA20-POLY1305
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 21 12:00:33 2016 +0100
CHACHA20_POLY1305 was added to the default priority strings
That is the NORMAL and PERFORMANCE priority strings now will
enable CHACHA20-POLY1305 by default.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 18 18:38:36 2016 +0100
gnutls_global_init: log gnutls' version on initialization
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 18 15:56:02 2016 +0100
doc: corrected typo [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jan 16 20:54:20 2016 +0100
README: added trousers to list of dependencies [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jan 16 20:43:42 2016 +0100
tests: added check for KRB5Principal output
Resolves #67
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 14 17:16:00 2016 +0100
README.md -> README-alpha.md
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 14 17:09:23 2016 +0100
updated copyright info
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 14 17:04:54 2016 +0100
README: auto-generated from README-install.md
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 14 14:50:34 2016 +0100
gnutls_int.h: increased MAX_SERVER_NAME_SIZE to 256 bytes
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 13 13:14:55 2016 +0100
gnutls_pubkey_import_x509_raw: fixed memory leak
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 8 16:26:21 2016 +0100
tests: added check for the krb5_principal template option
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 11 15:11:41 2016 +0100
certtool: introduced the krb5_principal template option
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 11 15:09:23 2016 +0100
x509: introduced GNUTLS_SAN_OTHERNAME_KRB5PRINCIPAL
That allows to print and write KRB5PrincipalName othernames
in subject alternative name.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 11 15:19:24 2016 +0100
x509: place newline when printing unsupported othernames
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 10 16:05:41 2016 +0100
x509: moved virtual subject alternative name othername support to virt-san.c
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 10 14:46:16 2016 +0100
gnutls_x509_crt_set_subject_alt_name: documented the version after which GNUTLS_SAN_OTHERNAME_XMPP is available
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 10 14:45:03 2016 +0100
tests: added check for XMPP othername generation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 10 14:39:14 2016 +0100
certtool: allow writing xmpp_name
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 10 14:30:56 2016 +0100
Allow assigning 'virtual' SAN types via *_set_subject_alt_name()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 10 13:47:38 2016 +0100
NEWS: document newly added functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 10 08:17:51 2016 +0100
alpn: when parsing the list of protocols return at the first mutually common
That resolves an issue where the server wouldn't select the first mutually supported.
Resolves #63
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 10 08:17:07 2016 +0100
tests: mini-alpn: corrected protocol selection order
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 10 08:04:29 2016 +0100
tests: alpn: enhance the testing of ALPN negotiation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jan 9 21:42:11 2016 +0100
alpn: document how the selected protocol is selected [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jan 9 21:20:00 2016 +0100
tests: verify that the selected ALPN protocol is the first advertised
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 8 16:52:44 2016 +0100
gnutls_aead_cipher_decrypt: removed misleading text
Reported by Fridolin Pokorny.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 8 12:16:29 2016 +0100
tests: added check for certtool's othername writing functionality
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 8 11:16:58 2016 +0100
certtool: added ability to generate othernames via template files
Relates #62
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 8 12:05:18 2016 +0100
x509: added flags to enable the encoding of othername data
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 8 11:05:36 2016 +0100
x509: introduced functions to set an othername alternative name
That is, added, gnutls_x509_crt_set_subject_alt_othername,
gnutls_x509_crt_set_issuer_alt_othername, gnutls_x509_crq_set_subject_alt_othername
Relates #62
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 7 14:35:59 2016 +0100
trust_list_get_issuer_by_dn: fixed check for DN or SPKI
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 7 14:02:24 2016 +0100
configure: no longer distribute lzip tarballs
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 7 14:14:21 2016 +0100
symbols.last: don't include internal symbols into exported list
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 5 11:21:43 2016 +0100
tests: updated to account for cert generation after 2adb9b2bfb31afebbdd9f990e2b74c9a3d4e5c57 fix
Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date: Mon Jan 4 16:40:26 2016 +0100
Fix out-of-bounds read in gnutls_x509_ext_export_key_usage
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 31 20:16:37 2015 +0200
.gitlab-ci.yml: optimized build process
That is, in slow asan and valgrind builds don't check the full test suite.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 31 14:35:45 2015 +0200
gnutls_pkcs11_copy_x509_privkey2: corrected the writing of ECC private key
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 31 13:38:34 2015 +0200
tests: pkcs11-pubkey-import will check both RSA and ECDSA keys
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 31 13:35:30 2015 +0200
gnutls_pkcs11_copy_x509_privkey2: corrected the type of the written object
Previously only RSA objects were correctly written.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 31 13:10:37 2015 +0200
tests: added ECDSA key in cert-common.h
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 31 12:20:41 2015 +0200
pkcs11: moved default RSA public exponent out of stack
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 31 12:17:21 2015 +0200
pkcs11: import public keys from any available object
That is, load public keys from the public key object, or
the certificate object if they are present. That affects
non-RSA public keys which do not contain all required fields
on the private key object.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 31 01:02:30 2015 +0200
session DB: made the magic number depending on gnutls' version
That will make sure that sessions not stored by this version of
gnutls will not be resumed by another (which may be incompatible).
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 31 00:46:12 2015 +0200
ui.c -> fingerprint.c
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 31 00:45:43 2015 +0200
split OCSP functionality from ui.c
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 31 00:39:19 2015 +0200
split anon credentials functionality from ui.c
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 31 00:38:31 2015 +0200
split psk functionality from ui.c
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 31 00:37:22 2015 +0200
split session info functions from ui.c
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 31 00:34:25 2015 +0200
split certificate credentials functions from ui.c
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 31 00:32:20 2015 +0200
split dh API functions from ui.c
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 31 00:28:46 2015 +0200
split randomart functionality from ui.c
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 30 23:18:32 2015 +0200
helper.c -> file.c
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 30 11:26:30 2015 +0200
certtool: doc update [skip ci]
Author: Andreas Metzler <ametzler@debian.org>
Date: Sat Dec 26 18:24:56 2015 +0100
Fix some typos [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 24 11:54:21 2015 +0200
NEWS: doc update [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 24 11:44:00 2015 +0200
respect the max-record extension under DTLS
This resolves issue with max-record being negotiated but
ignored. Resolves #61
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 24 11:42:58 2015 +0200
tests: added check for max-record extension in TLS
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 24 11:18:57 2015 +0200
tests: check whether the max-record extension is usable with DTLS
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 24 11:13:28 2015 +0200
dtls: print the MTU in debugging messages
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 22 17:14:02 2015 +0200
updated documentation on supported algorithms [ci skip]
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 22 11:30:52 2015 +0200
Added SHA384 to the list of TLS support MAC algorithms
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 21 12:46:09 2015 +0200
documented the gitlab ci runner tags
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 20 11:11:38 2015 +0200
tests: added timeout in long-running checks
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 20 11:01:48 2015 +0200
certtool: eliminated various memory leaks
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 20 10:48:27 2015 +0200
certtool: prevented memory leak in pkcs8-info cmd
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Dec 19 16:58:03 2015 +0200
certtool: do not use signal() under win32
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Fri Dec 18 17:34:01 2015 +0200
build: configure.ac: manpages cleanups
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Fri Dec 18 12:14:08 2015 +0200
build: allow installing man(1) even with --disable-doc
Currently these man pages are installed only if --enable-doc
is provided, while these are not actually docs, do not require any
special dependency, nor consume large space.
This adds --enable-manpages to enable/disable manpages installation, and
install the man(1) regardless of --disable-doc.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 18 14:32:25 2015 +0100
certtool: ignore sigpipe
This signal was observed under certain cirquimstances
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 18 14:29:05 2015 +0100
certtool: don't close stdout on exit
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 18 14:24:23 2015 +0100
pkcs7: eliminated leak in gnutls_pkcs7_print
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 18 13:56:31 2015 +0100
gnutls_pubkey_import_privkey: document that this operation is not possible in certain keys
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 18 11:40:59 2015 +0100
doc: replace writev with sendmsg in the list of system calls
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 18 10:23:22 2015 +0100
tests: don't run the no-signal test in systems which MSG_NOSIGNAL is not available
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 18 10:15:10 2015 +0100
Reduce the number of used syscalls by using sendmsg() instead of writev()
We relied on sendmsg() anyway for the MSG_NO_SIGNAL version of the calls,
thus it is a good idea to avoid calling writev() and use sendmsg(). That
way we reduce the number of calls required for seccomp.
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Thu Dec 17 19:57:53 2015 +0200
doc: manpages: remove generated tpmtool.1 page
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Thu Dec 17 19:57:52 2015 +0200
.gitignore: add m4/extern-inline.m4
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 17 14:19:04 2015 +0100
tests: added check to verify that the PKCS#7 embedded data are recovered as expected
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 17 14:18:17 2015 +0100
certtool: introduced the --p7-show-data option
This option allows printing the embedded data in a PKCS#7 signed
structure.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 17 14:17:23 2015 +0100
gnutls_pkcs7_get_embedded_data: added function
This function allows extracting the embedded data from a PKCS#7 signed
structure.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 16 16:13:41 2015 +0100
tests: updated pkcs7-gen to account for content-type attribute
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 16 14:52:39 2015 +0100
tests: check whether the content-type attribute is set if we sign using time
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 16 14:28:23 2015 +0100
pkcs7: set by default the content type attribute
That is a requirement of rfc5652. Relates #59
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 16 14:02:56 2015 +0100
pkcs7: use the PK_PKIX1_RSA_OID when writing RSA signature OIDs for PKCS#7 structures
That is because there are implementations which cannot cope with the
normal RSA signature OIDs. Relates #59
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 16 10:10:20 2015 +0100
pkcs7: Disable the optional fields prior to generating the PKCS#7 structure
This resolves issue with our PKCS#7 structures not being parsed by
MacOSX' tools. Relates #59
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 15 22:28:55 2015 +0100
certtool: corrected invalid free
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 15 22:27:50 2015 +0100
certtool: warn if an ECDSA key is marked for encryption
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 15 20:36:29 2015 +0100
build: fix make distclean by including src/gl only once
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 15 13:52:20 2015 +0100
make sure gnutls_assert is present at the cases where GNUTLS_E_INTERNAL_ERROR is returned
Author: Gustavo Zacarias <gustavo@zacarias.com.ar>
Date: Mon Dec 14 15:20:25 2015 -0300
configure: really make --disable-crywrap work
The crywrap variable is set regardless of the state of enable_crywrap,
hence --disable-crywrap never works.
Just put the tests for crywrap deps inside the enable_crywrap
conditional.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 15 11:29:09 2015 +0100
certtool: the --p7-time option was made an enable/disable option
It remains disabled by default.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 14 15:19:59 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 14 15:03:23 2015 +0100
tests: check whether server returns the correct error code if presented with invalid versions
That is gnutls_handshake() will return GNUTLS_E_UNSUPPORTED_VERSION_PACKET in
server side, if the client presents a very old TLS version which is not supported.
Relates #42
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 14 14:34:04 2015 +0100
handshake: when receiving a TLS version which is too low fail
That is, don't treat all unsupported version as being to high. Treat
versions which are not known and lower than the highest as a protocol
error.
Resolves #42
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 13 12:34:47 2015 +0100
.gitlab-ci.yml: valgrind build was moved at the end as it is the slowest build
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 13 12:24:44 2015 +0100
certtool: the --p7-include-cert option is enabled by default
This allows to generate PKCS#7 structures by default that can be
read by iOS.
Author: sskaje <sskaje@gmail.com>
Date: Sun Dec 13 16:31:19 2015 +0800
#56 Feature: certtool --p7-sign support GNUTLS_PKCS7_INCLUDE_CERT
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 10 09:35:59 2015 +0100
gnutls-cli-debug: rephrased inappropriate fallback test description to match the rest
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 8 10:59:02 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 8 10:52:43 2015 +0100
Do not allow importing public keys from PKCS #11 private keys for DSA and ECDSA
This prevents the reading of the public key when non-RSA keys are available. This
is a much cleaner approach than 5a4e692511dc3a829eda0d7c5a87e56cbc2055f0.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 8 10:48:13 2015 +0100
Revert "Do not allow importing public keys from PKCS #11 private keys for DSA and ECDSA"
This reverts commit 5a4e692511dc3a829eda0d7c5a87e56cbc2055f0.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 8 10:44:30 2015 +0100
tests: check whether a peer changing certificate is detected
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 8 10:20:34 2015 +0100
tests: doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 8 10:17:49 2015 +0100
Do not allow certificate change during a rehandshake
That is require that the certificate of the peer remains the same
and return GNUTLS_E_SESSION_CERTIFICATE_CHANGED otherwise. To revert
to the previous behavior the GNUTLS_ALLOW_CERT_CHANGE flag was introduced.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 6 12:00:46 2015 +0100
tests: check whether gnutls_pubkey_import_privkey() operates well for PKCS#11 RSA keys
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 6 11:35:57 2015 +0100
Do not allow importing public keys from PKCS #11 private keys for DSA and ECDSA
That is, because they do not contain all the required parameters for a direct
import. Reported by Jan Vcelak.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 6 10:58:45 2015 +0100
pkcs11: avoid setting a variable which isn't used
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 6 10:57:48 2015 +0100
MAX_PK_PARAM_SIZE was moved to gnutls_int.h
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 6 10:54:37 2015 +0100
pkcs11: deinitialize gnutls_pkcs11_obj_t's pubkey on deinit
Author: Jan Vcelak <jan.vcelak@nic.cz>
Date: Sun Dec 6 00:46:39 2015 +0100
pkcs11: fix passing of incorrect variable in privkey_get_pubkey
The code worked for RSA because the content of the variables matched.
But it doesn't match for ECC.
CKM_RSA_PKCS_KEY_PAIR_GEN (0x0) == CKK_RSA (0x0)
CKM_ECDSA_KEY_PAIR_GEN (0x1040) != CKK_ECDSA (0x3)
Signed-off-by: Jan Vcelak <jan.vcelak@nic.cz>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 2 18:40:28 2015 +0100
gnutls-cli: don't use RSA ciphersuites to test chacha20 as they are not defined
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 2 16:15:03 2015 +0100
documented bug in gnutls_x509_crt_get_*_unique_id()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 1 10:40:23 2015 +0100
tools: don't compile tpmtool if PKCS11 is disabled
That is because GnuTLS' TPM code makes use of the PKCS11 PIN callbacks.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 30 10:34:03 2015 +0100
Amend "When decoding extensions do not ignore decoding errors"
Do not treat an error the fact that no extensions field is present.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 30 09:49:08 2015 +0100
allow specifying NULL buffer in gnutls_x509_crt_get_*_unique_id()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 26 12:46:02 2015 +0100
NEWS: removed functions that were part of 3.4.x releases
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 29 10:37:53 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 29 10:30:01 2015 +0100
tests: added check for TLS extension decoding error propagation
Relates #40
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 29 09:24:12 2015 +0100
When decoding extensions do not ignore decoding errors
That is, move from a parsing error tolerance to a more strict
decoding approach.
Relates #40
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Nov 28 10:43:31 2015 +0100
.gitignore: more files to ignore
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Nov 28 10:11:52 2015 +0100
ocsp_output: when next update is not present don't print error message
That is because this field is optional.
Resolves #53
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 26 11:23:15 2015 +0100
tests: override-ciphers will not run mac tests on windows
There is some issue with symbols for self tests not being exported.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 26 09:37:02 2015 +0100
.gitlab-ci.yml: removed separate builddir build from x86-64 targets to reduce builds
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 26 09:32:25 2015 +0100
tests: updates for certtool test to run under windows
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 26 09:25:48 2015 +0100
.gitlab-ci.yml: minimal library no longer requires x86-64 for compilation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 25 19:24:15 2015 +0100
.gitlab-ci.yml: in windows build skip the gnulib tests
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 25 11:57:31 2015 +0100
.gitlab-ci.yml: added windows build
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 25 11:56:49 2015 +0100
tests: changes for running tests under windows
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 25 11:56:06 2015 +0100
tests: cipher-test will forward the prog exit code as the script exit code
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 25 11:25:07 2015 +0100
README: added information for windows build
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 25 10:53:51 2015 +0100
libopts: use the O_BINARY flag in windows for files
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 25 10:49:30 2015 +0100
libopts: updated to 5.18.6
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 25 10:25:08 2015 +0100
use consistent terms in system.c and system-keys-win.c
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 25 10:21:46 2015 +0100
tests: added basic functionality testing for system-keys in windows
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 25 09:49:03 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 25 09:46:26 2015 +0100
Added gnutls_encode_ber_digest_info and gnutls_decode_ber_digest_info
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 24 13:27:13 2015 +0100
cross.mk: allow building with mingw64
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 24 13:09:40 2015 +0100
tests: use gnulib where needed
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 24 13:04:28 2015 +0100
cross.mk: updated windows cross compile makefile
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 24 13:03:15 2015 +0100
tests: disable global-init-override test in windows
Gcc does not support weak symbols on this platform.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 24 12:54:32 2015 +0100
tools: don't call endservent in windows
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 22 13:27:14 2015 +0100
added cast to silence gcc warning
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Nov 21 13:33:42 2015 +0100
tests: added check for multiple extension registering
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Nov 21 13:25:20 2015 +0100
statically initialize extensions instead of using the lib constructor
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Nov 21 13:09:19 2015 +0100
marked all extensions structures as constant
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Nov 21 11:33:45 2015 +0100
system-keys-win: allow reinitialization of the library after a deinitialization
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Nov 21 01:05:37 2015 +0100
getfuncs.pl: don't consider functions with _gnutls prefix
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Nov 21 00:52:51 2015 +0100
gnutls_global_init_skip: prefixed with an underscore
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 20 13:57:09 2015 +0100
.gitlab-ci.yml: added clang compilation target
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 20 10:11:29 2015 +0100
certtool: check fread_file() for errors in all situations
This caused certtool to crash on invalid input on stdin.
Reported by Christoph Biedl.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 19 11:46:39 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 18 21:44:54 2015 +0100
gnutls_certificate_set_flags: Added since
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 18 20:16:38 2015 +0100
tests: check gnutls_certificate_flags
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 18 20:13:07 2015 +0100
Added gnutls_certificate_flags() and GNUTLS_CERTIFICATE_SKIP_KEY_CERT_MATCH
That allows a user of the credentials to disable the certificate matching
action. That is, to disable the calls to sign and verify on initialization.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 18 16:39:36 2015 +0100
link with libdl when trousers is enabled; reported by Andreas Schneider
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 18 16:30:24 2015 +0100
enhanced cipher selftests with variable key sizes on arcfour
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 18 15:55:19 2015 +0100
Do not enforce a maximum key size on ARCFOUR
That makes the library consistent with the behavior of previous versions (3.3.x)
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 18 10:22:31 2015 +0100
gnutls-cli-debug: make TLS 1.6 fallback check more reliable
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 18 09:24:18 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 17 07:09:05 2015 +0100
README: added non-interactive versions of commands
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 16 18:52:48 2015 +0100
.gitlab-ci.yml: disable non-suiteb curves in all systems as we have multiple which are fedoras
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 16 17:28:49 2015 +0100
tests: corrected copyright info
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 16 16:32:04 2015 +0100
documented GNUTLS_SKIP_GLOBAL_INIT macro
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 16 16:30:37 2015 +0100
tests: added check for overriding global initialization
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 16 16:25:31 2015 +0100
Added GNUTLS_SKIP_GLOBAL_INIT macro to allow programs skip implicit global initialization
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 16 15:02:48 2015 +0100
tests: utils.c: simplify windows check
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 16 12:40:14 2015 +0100
.gitlab-ci.yml: added build and check in FIPS140-2 mode
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 15 20:35:18 2015 +0100
tests: made seccomp tests more reliable by waiting for each side to terminate
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 15 17:06:18 2015 +0100
doc: document how to use gnutls with seccomp
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 15 16:32:47 2015 +0100
.gitlab-ci.yml: reorganized and added a simple build and check on x86-64 rule
The latter also enables the seccomp checks.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 15 15:51:14 2015 +0100
tests: check operation of TLS and DTLS under seccomp when configured with --enable-seccomp-tests
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 13 16:39:24 2015 +0100
gnutls_x509_crt_set_subject/issuer_unique_id: added Since in doc
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 13 14:40:20 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 13 11:00:10 2015 +0100
Added documentation on PKCS #7 signing
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 12 16:38:02 2015 +0100
updated chacha20 ciphers to conform to latest draft
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 12 15:03:10 2015 +0100
tests: suite: more shell scripts were given the .sh suffix and simplified makefile
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 12 12:04:04 2015 +0100
tests: verify that unique IDs are generated as expected
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 12 12:03:14 2015 +0100
certtool: Allow writing unique IDs in generated certificates
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 12 11:43:52 2015 +0100
Added gnutls_x509_crt_set_issuer_unique_id() and gnutls_x509_crt_set_subject_unique_id()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 12 11:10:08 2015 +0100
properly indent unique IDs
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 12 09:48:27 2015 +0100
tests: added check with the various X.509 key exchanges
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 12 09:29:43 2015 +0100
tests: check rehandshake from anon to DHE
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 11 11:37:30 2015 +0100
documented the GNUTLS_NO_EXPLICIT_INIT environment variable
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 11 11:29:21 2015 +0100
crypto-api: doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 11 11:15:51 2015 +0100
Allow switching a ciphersuite to DHE and ECDHE on a rehandshake
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 11 10:49:31 2015 +0100
tests: added check for ciphersuite switch from anonymous to certificate
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 10 13:31:16 2015 +0100
.gitlab-ci.yml: disable guile in asan builds
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 10 10:34:56 2015 +0100
tests: suite: don't run shell scripts with valgrind
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 10 10:24:44 2015 +0100
tests: testsrn: output errors on stderr
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 10 10:13:35 2015 +0100
deinitialize all handshake keys when handshake is over
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 9 23:53:25 2015 +0100
testdane: improved error detection in sites
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 9 23:34:03 2015 +0100
tests: suite: eliminate many leaks in the tests and run them under valgrind
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 9 23:27:47 2015 +0100
certtool: eliminate leaks in _verify_x509_mem()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 9 23:04:48 2015 +0100
tests: openpgp-certs: use valgrind
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 9 23:04:03 2015 +0100
openpgp: eliminate leaks in gnutls_openpgp_keyring_import()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 9 22:48:47 2015 +0100
tests: eliminate leaks in mini-eagain2.c
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 9 22:48:25 2015 +0100
certtool: eliminate memory leaks in certificate generation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 9 22:45:44 2015 +0100
tests: key-tests: use valgrind
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 9 22:45:13 2015 +0100
gnutls_x509_crt_set_pubkey: clarify usage
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 9 21:54:54 2015 +0100
pkcs12: correctly set salt size in gnutls_pkcs12_mac_info
Also eliminate leaks in PKCS #12 parsing.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 9 21:54:09 2015 +0100
tests: run the PKCS #12 tests under valgrind
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 9 18:43:03 2015 +0100
certtool: make sure that pkcs12 structures are deinitialized
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 9 16:01:55 2015 +0100
tests: provable-privkey: fixed DSA test on FIPS140 enabled systems
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 9 15:51:17 2015 +0100
nettle: be more specific in seed size mismatches
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 9 15:43:20 2015 +0100
crypto-backend: ensure there are no leaks on deinitialization
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 9 14:29:48 2015 +0100
Require TLS 1.2 for all the ciphersuites which are defined for it only
This solves an interoperability issue with openssl. Reported by Viktor Dukhovni.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 8 09:30:39 2015 +0100
p11tool: introduced --only-urls option
This option allows printing a compact listing containing only of URLs.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Nov 7 21:51:56 2015 +0100
Modified the CHACHA20 cipher to conform to draft-ietf-tls-chacha20-poly1305-02
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 6 15:02:51 2015 +0100
.gitlab-ci.yml: use static libasan
This prevents issues with tests which use LD_PRELOAD.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 6 10:40:39 2015 +0100
.gitlab-ci.yml: disable non-suiteb curves on build on Fedora system
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 5 11:11:29 2015 +0100
tools: better ftp auth tls negotiation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 4 09:49:47 2015 +0100
tests: added check for gnutls_priority_set_default
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 3 10:46:17 2015 +0100
tools: only check for status code in FTP starttls negotiation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 3 10:45:44 2015 +0100
tools: print more info in starttls negotiation when --verbose is given
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 3 09:40:39 2015 +0100
gnutls.pc: don't use the libtool version of the link options
Reported by Dan Kegel.
Resolves #49
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 1 01:53:43 2015 +0100
tests: simplified mini-dtls-hello-verify-48
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 30 13:38:36 2015 +0100
tests: added check for blocking on invalid DTLS cookie
Relates to #48
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 29 09:28:59 2015 +0100
removed inacurate text
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 23 15:46:33 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 23 15:44:27 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 23 14:17:23 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 22 13:04:32 2015 +0200
doc: document the sign function requirements in gnutls_privkey_import_ext
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 21 19:57:39 2015 +0200
Mention key protection through isolation in crypto backend section
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 21 19:48:22 2015 +0200
doc: updated supplemental data documentation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 21 09:13:56 2015 +0200
tests: testdane will not check hosts which are unreachable
Author: Andreas Metzler <ametzler@debian.org>
Date: Tue Oct 20 19:02:25 2015 +0200
Documentation update
The new simple verification functions were backported to 3.4.6, correct
"Since:" to reflect this.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 20 09:40:56 2015 +0200
doc: documented future level
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 20 09:24:36 2015 +0200
pkcs11.h: relocated gnutls_pkcs11_copy_pubkey to allow discovery by buggy doc scripts
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 20 09:16:20 2015 +0200
bumped version to distinguish from 3.4 branch
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 20 09:03:25 2015 +0200
ext master secret: extension is marked as mandatory
This forces the extension to be sent even where resuming sessions.
Resolves #45
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 20 08:44:04 2015 +0200
tests: Check whether a resumed session contains the ext master secret extension
Relates #45
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Oct 17 09:22:28 2015 +0200
alpn: avoid warning on signed/unsigned
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Oct 17 09:20:52 2015 +0200
README: updated CI link
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Oct 17 09:12:09 2015 +0200
doc: set a path which includes new binaries when running autogen
That makes sure that autogen will discover the binaries to obtain the
--help output.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Oct 17 08:57:02 2015 +0200
gnutls-cli-debug: updated doc
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 16 22:58:54 2015 +0200
tools: when the starttls-proto is specified automatically detect the port if not given
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 16 15:05:09 2015 +0200
tests: verify that public keys are properly written
Also disable parts of the suite that softhsm2 cannot properly work with,
to allow running parts of the suite even with broken softhsm.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 16 15:39:05 2015 +0200
cleanup in gnutls_pubkey_import_rsa_raw
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 16 15:33:21 2015 +0200
pkcs11_read_pubkey: make input type more clear
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 16 14:13:47 2015 +0200
p11tool: Allow writing a PKCS #11 pubkey object
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 16 13:16:36 2015 +0200
tools: allow importing a pubkey from a certificate
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 16 13:03:57 2015 +0200
pkcs11: introduced gnutls_pkcs11_copy_pubkey
That allows copying a public key to a PKCS #11 module.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 15 21:23:44 2015 +0200
.gitlab-ci.yml: combined the slow build with the separate build dir
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 15 21:16:52 2015 +0200
Disable the NULL cipher on runtime when FIPS140 mode is enabled instead of statically
That way the NULL cipher can be used when not in FIPS140 mode.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 15 21:09:06 2015 +0200
re-enable NULL ciphersuites
They were accidentally disabled by b237b37d4d17ee4f98629aae9d72aec87f434cb8
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 15 18:35:44 2015 +0200
tests: check whether the RSA-EXPORT and ARCFOUR-40 legacy strings are accepted
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 15 18:20:38 2015 +0200
Tolerate priority strings with names of legacy ciphers and key exchanges
That enables better backwards compatibility with old applications
which disable or enable algorithms which no longer are supported.
Relates #44
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Oct 15 16:21:43 2015 +0200
pkcs11: write CKA_ISSUER and CKA_SERIAL_NUMBER when writing on a certificate
That allows NSS to read and use the written certificate.
Relates #43
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Oct 13 04:01:04 2015 +0200
tests: enhanced sec-params check to account for future sec-param
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 12 22:11:16 2015 +0200
certtool: recognize the future sec-param
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 12 22:10:25 2015 +0200
Introduced the security parameter future (256) and switched ultra to 192 bits
For ultra, this was its documented strength, and now follows RFC3766 recommendations
for sizes.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 12 21:54:09 2015 +0200
certtool: be more specific on the help message for --sec-param when --bits are given
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 12 14:54:04 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 12 14:15:28 2015 +0200
tests: added test case for record timeout values
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 12 13:52:03 2015 +0200
Introduced GNUTLS_INDEFINITE_TIMEOUT
This allows to specify an indefinite timeout to gnutls_record_set_timeout().
In addition this flag is accepted by gnutls_handshake_set_timeout() and
cancels out a previously set timeout.
Resolves #41
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Oct 7 10:38:25 2015 +0200
tests: better detection of softhsm library
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 5 14:31:53 2015 +0200
added text on _gnutls_dh_compute_key
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Oct 5 17:11:37 2015 +0200
gnutls_record_recv: simplified text on GNUTLS_E_REHANDSHAKE
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 22 14:31:00 2015 +0200
certtool: print 16-bytes of hex values per line
Also avoid a colon on the end of the line.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Sep 22 08:31:04 2015 +0200
fips140: set the key via a configure argument
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 19 12:37:51 2015 +0200
tests: disable cipher-test on windows platform; they don't seem to work
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 21 14:47:41 2015 +0200
README.md: added build instructions for Fedora/RHEL
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 21 14:25:12 2015 +0200
priorities: sort algorithms by security strength unless performance is requested
That is prioritize 256-bit ciphers over 128-bit ciphers. This would protect
secrecy of current data even after a PQ future.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 19 12:12:18 2015 +0200
.gitlab-ci.yml: reduce the number of CPUs used in slow on make check
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 19 11:36:48 2015 +0200
use time_t for internal type to avoid warnings on signed/unsigned comparison
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 19 11:30:39 2015 +0200
DSA FIPS186-4 key generation: print the required seed length on mismatch
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 19 11:22:04 2015 +0200
certtool: added more friendly error on seed_size mismatch
That prints more useful information when generating provable private keys.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 19 11:14:29 2015 +0200
tests: use the corrected seed for default provable private key
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 19 06:52:13 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 19 06:50:45 2015 +0200
certtool: switched the default level to HIGH for key generation
That requires 3072 bits for RSA and DSA keys.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 18 23:49:46 2015 +0200
tools: added xmpp into the starttls-proto options
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 18 15:57:14 2015 +0200
tools: added ldap into the starttls-proto options
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 17 14:52:27 2015 +0200
system.c: simplify gnutls_system_recv_timeout
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 17 13:15:54 2015 +0200
gnutls-cli-debug: use RFC7627 instead of draft-ietf-tls-session-hash
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 17 10:45:30 2015 +0200
updated documentation on gnutls_vdata_types_t based on DKG's suggestions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Sep 17 10:10:47 2015 +0200
doc update
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Wed Sep 16 19:59:12 2015 -0400
improve docs for gnutls_certificate_verify_peers*()
The gnutls_certificate_verify_peers{,2,3}() functions all return
GNUTLS_E_SUCCESS (0) even in situations when the peer's certificate
was not verified. This is explained in the first paragraphs
("i.e. failure to trust a certificate does not imply a negative return
value"), but the Returns: line isn't comparably clear.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 14 21:36:24 2015 +0200
certtool: increased seed size to allow for DSA seeds
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Sep 14 21:32:05 2015 +0200
_gnutls_hex2bin: avoid overrun in the provided buffer
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 13 19:29:41 2015 +0200
certtool: don't output PKCS #8 on key-info option
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 13 13:57:26 2015 +0200
better error checking in seed decoding
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 13 13:52:30 2015 +0200
gnutls_x509_privkey_verify_seed: fail on keys without seed information
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 13 13:39:13 2015 +0200
certtool: on provable keys always print the legacy format
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 13 13:27:12 2015 +0200
Use separate PEM headers for provable private keys
Also introduce GNUTLS_PRIVKEY_FLAG_EXPORT_COMPAT to allow exporting
provable private keys in the old compatibility format.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 13 11:06:39 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 13 11:06:00 2015 +0200
certtool: provable key generation was moved to a separate flag that can be combined with --generate-privkey
Also enhanced the test suite with DSA provable key generation/verification.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 13 10:57:39 2015 +0200
Allow verifying and generating provable DSA keys
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 13 09:51:25 2015 +0200
tests: added checks for provable key generation and verification
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 13 09:36:46 2015 +0200
certtool: added provable key verification
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 13 09:32:32 2015 +0200
Made the new key generation API flexible to allow extensions in the future
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 13 09:06:12 2015 +0200
Added API to verify private keys generated with seed
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Sep 13 09:01:41 2015 +0200
gnutls_asn1_tab: updated auto-generated file
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 12 16:20:13 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 12 16:18:10 2015 +0200
certtool: allow the generation of "provable" private keys
Relates to #34
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 12 15:47:38 2015 +0200
Added API to generate private keys from a given seed
Currently it is restricted to RSA and FIPS 186-4 key generation with SHA384.
Relates to #34
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 12 14:47:02 2015 +0200
properly generate asn1_tab.c
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 11 15:44:06 2015 +0200
Don't use formatted output for fixed strings
Resolves #35
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Sep 9 22:24:27 2015 +0200
README.md: updated information
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Sep 5 06:20:58 2015 +0200
renamed the auto-verification functions
The names are more consistent with the rest of the library.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Sep 4 14:05:02 2015 +0200
pkcs11: when storing public keys, make sure they are marked as not private
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 31 14:22:02 2015 +0200
README.md: mention the testsuite
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 30 23:41:11 2015 +0200
README.md: print build status
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 30 23:31:06 2015 +0200
README.md: refer to files using markdown
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 30 23:26:27 2015 +0200
Updated coding style
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 28 16:54:47 2015 +0200
gnutls-cli-debug: corrected typo in inappropriate fallback check
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 28 16:51:35 2015 +0200
.gitlab-ci.yml: use the same number of CPUs in all the checks
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 28 12:05:02 2015 +0200
gnutls-cli-debug: added check for inappropriate fallback support
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 27 22:12:55 2015 +0200
Introduced GNUTLS_E_CERTIFICATE_VERIFICATION_ERROR to be returned by the auto-verification functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 26 19:39:22 2015 +0200
nettle: simplified SHA3 checks for nettle
nettle 3.1 doesn't have the functions nettle for
runtime version checking.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 26 19:34:59 2015 +0200
export _gnutls_digest_exists for self tests
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 26 11:51:09 2015 +0200
x509: tolerate missing subject or issuer fields
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 26 11:42:01 2015 +0200
certtool: added support for sha3
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 26 11:37:13 2015 +0200
gnutls_oid_to_digest(): don't return supported but disabled algorithms
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 26 11:02:39 2015 +0200
Added support for the SHA3 digest algorithm
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 26 09:13:52 2015 +0200
corrected typo in ex-server-anon
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 24 14:13:24 2015 +0200
Define more precisely the auto verification function semantics.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 24 13:59:21 2015 +0200
Allow overriding the verification flags from the auto-verification functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 24 13:43:09 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 24 13:39:33 2015 +0200
Document the new verification functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 24 13:19:51 2015 +0200
examples: simplify the X.509 client example by using the new verification API
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 24 13:13:57 2015 +0200
tests: check the auto-verification functionality
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 24 12:00:10 2015 +0200
Added simpler verification functions for clients
The major use-case for the TLS protocol is verification of PKIX
certificates. However, certificate verification support while is
similar for almost all projects it requires around 100 lines of code
(a callback) to be duplicated to all applications. That patch
set gets rid of the callback and simplifies certificate verification
support, by introducing a very simple API; one that would accept
the session and the hostname only.
Resolves #27
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 24 11:10:26 2015 +0200
tests: added test for gnutls_session_set_verify_function
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 24 11:03:09 2015 +0200
Added gnutls_session_set_verify_function
That allows to set a verification callback per session rather
than only globally on the credentials structure.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 23 22:54:22 2015 +0200
getfuncs.pl: ignore defines in headers
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 23 22:33:59 2015 +0200
Makefiles: updated for new filenames
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 23 19:28:09 2015 +0200
Moved pk_* functions to pk.c
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 23 19:19:45 2015 +0200
Removed the 'gnutls_' prefix from files to simplify file naming
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 23 18:44:26 2015 +0200
Moved the PRF functions to prf.c
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 23 14:19:17 2015 +0200
hex decoding: more reasonable error codes
That is, return GNUTLS_E_PARSING_ERROR instead of base64 decoding
error, and document that fact.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 21 15:10:46 2015 +0200
tests: Added resumption tests for PSK ciphersuites
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 21 14:35:09 2015 +0200
Set the extended master secret status based on resumption data only
That is, don't require a new negotiation with extensions.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 21 14:23:38 2015 +0200
tests: corrected resumption tests to disable tickets when needed
That is, perform the tests that require no tickets, with tickets disabled.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 21 14:06:51 2015 +0200
session packing: corrected issue in PSK session unpack
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 21 13:54:41 2015 +0200
PSK: save the username in client side in the auth structure
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 21 13:26:08 2015 +0200
_gnutls_hash() returns error code if any.
Ideally we would like to eliminate any return codes from that
function. However, since that's on exported API we cannot easily
do without breaking the ABI. Reported by Benedikt Klotz.
Resolves #28
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 21 13:15:11 2015 +0200
x509: when appending CRLs to a trust list ensure that we don't have duplicates
That is, overwrite CRLs if they have been obsoleted.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 21 11:34:39 2015 +0200
certtool: allow exporting very long CRLs
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 14 12:15:16 2015 +0200
tests: verify that a key usage violation is detected
That is that the certificate key usage flags are respected
by either the client side or the server side.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 14 12:14:55 2015 +0200
Enable key usage checks in the client side of RSA ciphersuites
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 14 12:14:08 2015 +0200
priorities: Added internal option to allow key usage violations in server side
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 14 11:55:04 2015 +0200
fix typo in comment
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 14 11:27:50 2015 +0200
Re-enable the certificate key usage checks for compliance with ciphersuite
There is a new attack on the TLS protocol which relies on using certificates
for ECDSA as certificates for ECDH ciphersuites. That attack while it doesn't
affect gnutls, which doesn't support static ECDH, assumes that implementations
ignore the key usage bits in the certificate. We have done it since 3.1.0 for
compatibility reasons (see http://www.gnutls.org/faq.html#key-usage-violation),
but that clearly opens the door for real attacks in the future.
For this reason the key usage bits will no longer be ignored.
Resolves #24
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 13 12:10:59 2015 +0200
tests: verify whether CRL date setting works as expected
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 13 12:05:35 2015 +0200
certtool: Allow specifying CRL dates as fixed dates
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 13 11:48:15 2015 +0200
tests: verify CRL appending effectiveness
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 13 11:45:50 2015 +0200
gnutls_x509_crl_set_authority_key_id, gnutls_x509_crl_set_number allow overwritting
That allows them to overwrite values which were previously set (e.g.,
on an imported CRL).
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 13 11:36:17 2015 +0200
certtool: allow appending certificates to a CRL
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 12 23:03:20 2015 +0200
certtool: removed limit on maximum imported certificates in the -i option
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 12 22:49:15 2015 +0200
tests: check whether the CRL generation code works as expected
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 12 22:48:45 2015 +0200
certtool: eliminated memory leaks due to new cert loading code
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Aug 12 22:22:55 2015 +0200
certtool: lifted limits on file size to load
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 10 16:43:28 2015 +0200
before dist ensure that included libopts matches autogen
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 10 16:12:05 2015 +0200
configure: use ':' instead of /bin/true for programs not found
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 9 21:20:33 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Aug 9 20:58:40 2015 +0200
tests: include all cert-tests into dist
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 7 16:59:18 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 7 16:13:12 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 7 16:04:12 2015 +0200
tests: check gnutls_check_version_numeric()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 7 15:45:21 2015 +0200
gnutls.h: added macro gnutls_check_version_numeric
This simplifies version checking, and allows the compiler to optimize
out. It can only accept numerals.
Patch by David Woodhouse.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 7 15:19:33 2015 +0200
use pure and const gcc attributes in headers
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Aug 7 14:14:44 2015 +0200
mention version macro
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Aug 6 10:37:15 2015 +0200
p11tool: test-sign will not fail if a pubkey is not found
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 4 20:32:25 2015 +0200
key decoding: set key to null for consistency
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 4 14:08:37 2015 +0200
key decoding: simplify decoding logic by removing the fallback
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 4 13:56:41 2015 +0200
key decoding: corrected regression with PKCS #8 key decoding
Reported by Daniel Berrange.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Aug 4 13:55:56 2015 +0200
tests: added check for decoding of a PKCS #8 key as fallback
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Aug 3 14:17:16 2015 +0200
pkcs11: set the CKA_TOKEN attribute on generated public keys
That also introduces the GNUTLS_PKCS11_OBJ_FLAG_NO_STORE_PUBKEY flag,
to simulate the previous behavior.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Aug 1 17:03:33 2015 +0200
tests: added check for the fallback SCSV
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Aug 1 17:02:00 2015 +0200
handshake: check inappropriate fallback against the configured max version
That allows to operate on a server which is explicitly configured to
utilize earlier than TLS 1.2 versions.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Aug 1 17:01:36 2015 +0200
corrected GNUTLS_E_INAPPROPRIATE_FALLBACK error code
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Aug 1 16:44:13 2015 +0200
DCO: added Alessandro Ghedini
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Aug 1 14:21:59 2015 +0200
copy_ciphersuites: use definition for reserved ciphersuites
Author: Alessandro Ghedini <alessandro@ghedini.me>
Date: Sat Aug 1 00:38:10 2015 +0200
handshake: add FALLBACK_SCSV priority option
This allows clients to enable the TLS_FALLBACK_SCSV mechanism during
the handshake, as defined in RFC7507.
Author: Alessandro Ghedini <alessandro@ghedini.me>
Date: Sat Aug 1 00:04:16 2015 +0200
handshake: check for TLS_FALLBACK_SCSV
If TLS_FALLBACK_SCSV was sent by the client during the handshake, and
the advertised protocol version is lower than GNUTLS_TLS_VERSION_MAX,
send the "Inappropriate fallback" fatal alert and abort the handshake.
This mechanism was defined in RFC7507.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Aug 1 09:10:53 2015 +0200
cfg.mk: fix order of arguments in gnulib-tool
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Aug 1 08:38:50 2015 +0200
use gettext-h gnulib module
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Aug 1 00:12:25 2015 +0200
tests: added missing certtool-long-cn
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 31 22:42:42 2015 +0200
safe renegotiation: simulate receiving the extension on receival of SCSV
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 31 22:00:53 2015 +0200
made data2hex() safer, and eliminated mem leak
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 20 22:17:17 2015 +0200
tests: added check for proper handling of very long CNs
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 31 21:26:25 2015 +0200
updated the required gettext version to match the macros from gnulib
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 31 16:03:25 2015 +0200
safe renegotiation: handle case where client didn't send any extension
That was affected by the "don't try to send extensions we didn't receive".
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 31 15:02:01 2015 +0200
tpm: avoid warning
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 31 14:57:33 2015 +0200
As server don't try to send extensions we didn't receive.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 31 14:33:00 2015 +0200
tests: added check for server sending (or not) status request messages
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 31 14:30:00 2015 +0200
fips140: corrected hex decoding
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 21 11:48:51 2015 +0200
bumped version
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 21 11:45:51 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 21 10:30:20 2015 +0200
verify-tofu: use nettle's base64 functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 21 10:24:39 2015 +0200
gnulib: removed base64 implementation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 21 10:20:40 2015 +0200
openpgp: use nettle's base64 functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 21 10:11:48 2015 +0200
x509_b64: switch to nettle's base64 functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 21 08:57:52 2015 +0200
tests: added check for PSK file parsing
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 21 08:37:34 2015 +0200
fips: use gnutls_hex_decode for MAC decoding
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 21 08:36:32 2015 +0200
tpm: use gnutls_hex_decode for uuid decoding
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 21 08:36:14 2015 +0200
psk: use gnutls_hex_decode2 for key decoding
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 21 08:35:47 2015 +0200
system-keys-win: use gnutls_hex_decode for ID decoding
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 21 08:35:11 2015 +0200
openpgp: use gnutls_hex_decode for keyid decoding
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 21 08:34:52 2015 +0200
DN decoding: use gnutls_hex_encode
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 21 08:19:17 2015 +0200
Introduced gnutls_hex_encode2() and gnutls_hex_decode2()
These also use safer hex decoding functions which don't skip
invalid input.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 20 22:37:40 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 20 22:09:28 2015 +0200
x509: simplified data to hex conversion in unknown DN names
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 20 21:26:36 2015 +0200
gnutls_prf_rfc5705: Allow for non-null context and zero context length
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 13 20:19:28 2015 +0200
bumped version
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 20 15:42:21 2015 +0200
tests: added cross-check between gnutls_prf_rfc5705() and gnutls_prf()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 20 15:07:05 2015 +0200
removed legacy libgcrypt flags
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 20 14:59:37 2015 +0200
gnutls_prf_rfc5705: optimize in the common use case, by avoiding malloc
Also don't handle specially the case of non-NULL context and context_size of zero.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 20 14:03:34 2015 +0200
ignore more files
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 20 14:03:22 2015 +0200
p11tool: fix documentation for --generate-ecc and generate-dsa
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 20 10:49:48 2015 +0200
gnutls_prf_rfc5705: mention the version it was introduced at
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 20 10:39:37 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 20 10:35:08 2015 +0200
tests: added check for gnutls_prf() and gnutls_prf_rfc5705
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 20 10:03:37 2015 +0200
gnutls_prf_rfc5705: added
That includes support for RFC5705 when the context field is used.
Initial patch by Rick van Rein.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 17 11:38:17 2015 +0200
doc update: explain more about PKCS #11 and fork
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 14 09:55:50 2015 +0200
configure: print the trousers lib only when set
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jul 14 09:44:30 2015 +0200
tpmtool: Added --test-sign parameter
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 13 20:04:41 2015 +0200
Deinitialize the TPM subsystem only when trousers support is enabled
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jul 13 16:25:16 2015 +0200
TPM: don't link to trousers, use dlopen()
That introduces --with-trousers-lib which can be used to specify the
library to dlopen().
Resolves #18
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jul 12 15:21:13 2015 +0200
updated auto-generated files
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jul 12 15:15:00 2015 +0200
bumped version
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jul 11 12:05:56 2015 +0200
pkcs11: mention the version GNUTLS_PKCS11_TOKEN_MODNAME is available from
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 10 21:20:23 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 10 21:17:48 2015 +0200
PSK: set the hint in DHE-PSK and ECDHE-PSK ciphersuites
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 10 19:17:23 2015 +0200
tests: updated pskself to check the hint in all PSK ciphersuites
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 10 16:57:19 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 10 16:55:48 2015 +0200
p11tool: be more compact in token URL printing
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 10 16:52:57 2015 +0200
p11tool: group the provided options for readability
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 10 16:31:02 2015 +0200
p11tool: keep backwards compatibility by introducing --list-token-urls
That is, the output of --list-tokens remains the same.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 10 16:25:48 2015 +0200
p11tool: print the module name of a token in verbose mode
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 10 16:24:11 2015 +0200
Added GNUTLS_PKCS11_TOKEN_MODNAME for gnutls_pkcs11_token_get_info
That allows to obtain the shared module name of a token URL.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 10 13:36:51 2015 +0200
pkcs11.h: doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jul 10 13:12:00 2015 +0200
p11tool: less verbose output in --list-tokens unless --verbose is specified
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 9 14:10:23 2015 +0200
tests: added suppression for bash mem leak
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 9 22:50:11 2015 +0200
tests: don't run certtool-utf8 when libidn is 1.30 or less
This avoids test suite failures due to libidn.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 9 13:45:58 2015 +0200
gnutls-cli: doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jul 9 13:26:14 2015 +0200
dumbfw: don't append a size prefix in the pad
Reported by Hannes Mehnert.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 8 09:47:52 2015 +0200
gl: use /bin/true to run valgrind during configure
Bash has memory leaks, which prevents the valgrind check to
operate using the SHELL variable.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 8 09:38:37 2015 +0200
tests: added check for invalid UTF8 encoded string
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 8 09:19:00 2015 +0200
Revert "libidn support is disabled by default"
This reverts commit 5fdffb2c177cb990480fb8b93c9257ccc5dfcaad.
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Thu Jul 2 14:28:32 2015 -0400
certtool --outder should not emit signature verification status
When emitting binary-formatted output, send signature verification
status to stderr, since it is not binary-formatted output.
A simpler version of this patch would be to always send signature
verification to stderr, but that would change the text-formatted
output.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 1 21:13:23 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 1 15:25:30 2015 +0200
DSA: the numeric number of bits returned from public key should depend on P not Y
That allows to do the proper evaluation to check certificate strength.
Reported by Hubert Kario.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 1 15:36:20 2015 +0200
tests: check whether we print the prime size in DSA keys
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 1 11:15:38 2015 +0200
name constraints: simplified gnutls_x509_name_constraints_check_crt()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 1 11:08:11 2015 +0200
tests: verify that unsupported name constraints are properly handled
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jul 1 11:01:20 2015 +0200
name constraints: don't reject certificates if a CA has the URI or IPADDRESS constraints
Don't reject certificates if a CA has the URI or IPADDRESS constraints, and
the end certificate doesn't have an IPaddress name or a URI set.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 29 19:52:15 2015 +0200
Sync with TP.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jun 28 13:09:42 2015 +0200
libidn support is disabled by default
That is until the issues with libidn get resolves.
Relates #10
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jun 27 08:05:10 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jun 27 07:57:21 2015 +0200
tests: added a test for the fork detection interface
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jun 27 07:51:05 2015 +0200
tests: resume-dtls: increased timeouts
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 26 16:31:21 2015 +0200
Don't use pthread_atfork(), it is not safe to use with dlopen()
http://austingroupbugs.net/view.php?id=851
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 26 14:47:39 2015 +0200
atfork: added underscore to gnutls_forkid
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 26 09:08:20 2015 +0200
simplified fork detection
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 26 08:07:01 2015 +0200
enhanced header matching code for private keys to skip unrelated data
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 26 08:00:24 2015 +0200
tests: added private key import checks
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 25 15:08:54 2015 +0200
gnutls_x509_privkey_import: optimized private key loading
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 25 15:01:17 2015 +0200
gnutls_x509_privkey_import2: better behavior when provided with an unencrypted file
That is, it will attempt to decode it first as plain file prior to
trying all encrypted options.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 25 14:47:52 2015 +0200
tests: added check to verify that gnutls_x509_privkey_import2 works for plain keys
That is, when a password is provided and the key is non encrypted.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 25 11:08:19 2015 +0200
_gnutls_get_asn_mpis() will release any data on failure
Resolves #15
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Sun Jun 21 20:42:12 2015 +0300
tests: tab indent + minor style changes
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 23 11:53:23 2015 +0200
tests: modified test-ciphersuite-names to work with cpp 5.1.1
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 22 23:49:32 2015 +0200
tests: test-ciphersuite-names: create any needed dirs
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 22 21:24:55 2015 +0200
tests: moved test-ciphersuites.sh one level up
That simplifies running the script outside make check.
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Sun Jun 21 20:43:34 2015 +0300
tests: suite: ciphersuite: fixups
fix separate builddir issue, without modifying locations, quite ugly.
re-indent using tab.
fix shebang.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Sun Jun 21 03:00:05 2015 +0300
tests: enforce UTC timezone in datefudge tests
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Sun Jun 21 03:00:04 2015 +0300
tests: misc: shell cleanup
leftovers minor sync.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Sun Jun 21 03:00:03 2015 +0300
tests: suite: cleanup shell usage
Add quotes for most usages of variables.
Added ${} for variables.
Cleanup indentation to be consistent with other tests.
Fix separate builddir issues.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Sun Jun 21 03:00:02 2015 +0300
tests: misc: cleanup shell usage
Add quotes for most usages of variables.
Added ${} for variables.
Cleanup indentation to be consistent with other tests.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jun 20 18:38:24 2015 +0200
tests: fixed includes
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jun 20 12:27:54 2015 +0200
move all gettext definitions in gnutls_str.h
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jun 20 12:23:40 2015 +0200
cross.mk: updated for 3.4.2
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jun 20 12:18:26 2015 +0200
gnutls_str: include gettext.h when dgettext is available
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jun 20 12:09:14 2015 +0200
tests: don't depend on gnulib
That dependency unfortunately causes many portability problems
on platforms where it should have worked out of the box.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jun 20 10:43:12 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jun 20 10:31:27 2015 +0200
use the same shebang for perl
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 19 22:55:04 2015 +0200
tests: added a verify-chain test case
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 19 21:53:27 2015 +0200
tests: don't quote provider in common.sh
That caused testpkcs11 to fail.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 18 22:50:18 2015 +0200
tests: don't enforce alignment rules for caller buffers
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Wed Jun 17 14:05:54 2015 +0300
tests: cert-tests: cleanup shell usage
Add quotes for most usages of variables.
Added ${} for variables.
Cleanup trailing spaces.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 18 16:20:50 2015 +0200
Added gitlab-ci.yml
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 18 15:52:39 2015 +0200
reduced the exported functions to the minimum needed
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 18 15:49:39 2015 +0200
_gnutls_ext_register was made static
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 18 15:49:06 2015 +0200
libgnutls.map: use a 3.4 related name for private functions
This eliminates any collisions with functions from 3.3.x
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Thu Jun 18 09:41:54 2015 +0300
tests: nist-pkits: cleanup shell/perl usage
Add quotes for most usages of variables.
Added ${} for variables.
Consistent indent.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 18 14:15:18 2015 +0200
tests: force link with nettle of mini-alignment
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 18 14:11:08 2015 +0200
tests: Check the OID functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 18 14:01:42 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 18 13:59:57 2015 +0200
Exported functions to convert from and to OIDs
Author: Saurav Babu <saurav.babu@samsung.com>
Date: Thu Jun 18 12:50:32 2015 +0530
gnutls-cli: Fixed Possible Memory Leak
This patch fixes possible memory leak in psk_callback() function, rawkey
is allocated memory by gnutls_malloc() and is not freed when
gnutls_hex_decode() returns with error
Signed-off-by: Saurav Babu <saurav.babu@samsung.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 18 11:19:37 2015 +0200
pkcs7: corrected write_signer_id() when GNUTLS_PKCS7_WRITE_SPKI was used
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Thu Jun 18 09:41:55 2015 +0300
tests: openpgp-certs: cleanup shell usage
Add quotes for most usages of variables.
Added ${} for variables.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Thu Jun 18 09:41:53 2015 +0300
tests: key-tests: cleanup shell usage
Add quotes for most usages of variables.
Added ${} for variables.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Thu Jun 18 09:41:52 2015 +0300
tests: ecdsa: cleanup shell usage
Add quotes for most usages of variables.
Added ${} for variables.
Cleanup trailing spaces.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Thu Jun 18 00:57:04 2015 +0300
tests: dsa: cleanup shell usage
Add quotes for most usages of variables.
Added ${} for variables.
Cleanup trailing spaces.
Removal of unneeded ';'.
Minor fix in tests/scripts/common.sh at trap to pass message and avoid
killing.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 18 10:51:09 2015 +0200
indentation fix
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 18 10:46:13 2015 +0200
Always align in 16-byte boundary our input to crypto
That allows faster operations in almost all instruction sets.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 18 10:44:45 2015 +0200
tests: added check for memory alignment
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 17 22:26:51 2015 +0200
tests: only run test with long dates in 64-bit systems
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 17 17:17:10 2015 +0200
tests: regenerate the results in template-test using UTC times
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 17 16:48:36 2015 +0200
ensure that gnutls_pubkey_verify_data2 returns 0 on success
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 17 16:40:15 2015 +0200
Added gnutls_pkcs7_get_signature_count
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Wed Jun 17 11:59:55 2015 +0300
tests: suite: run testpkcs11 if PKCS#11 is enabled
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Wed Jun 17 11:59:56 2015 +0300
tests: remove bash usage
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 17 11:34:46 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 17 11:19:10 2015 +0200
tests: verify that we generate dates with UTCTime prior to 2050
Also that we generate dates with GeneralizedTime format after 2050.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 17 11:12:03 2015 +0200
When writing the Time ASN.1 structure follow the RFC5280 recommendations
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 17 11:03:29 2015 +0200
Set time in PKCS #7 structures properly (in UTCTime format).
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 17 10:42:54 2015 +0200
doc update
Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date: Tue Jun 16 23:48:58 2015 +0300
tests: cert-tests: pkcs7: support separate builddir
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 16 22:00:41 2015 +0200
account new symbols
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 16 22:00:01 2015 +0200
updated makefiles for the new functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 16 21:53:29 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 16 21:47:37 2015 +0200
use common base for pkcs7 files
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 16 21:41:42 2015 +0200
added missing symbol
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 16 21:34:30 2015 +0200
released 3.4.2
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 16 17:18:51 2015 +0200
certtool: made explicit the inclusion of time in PKCS #7 signatures
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 16 17:15:04 2015 +0200
pkcs7: write the DER encoded time
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 16 16:56:30 2015 +0200
certtool: include the signature time in PKCS #7 signatures
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 16 16:55:40 2015 +0200
pkcs7: corrected usage of GNUTLS_PKCS7_INCLUDE_TIME flag
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 16 13:31:54 2015 +0200
tests: minor updates in pkcs7 output checks to match new certtool
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 16 13:31:30 2015 +0200
certtool: rely on gnutls_pkcs7_print() even more
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 16 13:27:43 2015 +0200
pkcs7: print certificates and CRLs in FULL mode
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 16 12:29:53 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 16 12:29:38 2015 +0200
certtool: use gnutls_pkcs7_print() - partially
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 16 12:18:55 2015 +0200
Added gnutls_pkcs7_print()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 15 11:36:58 2015 +0200
bumped version
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 11 10:34:55 2015 +0200
tests: added signature/verification stress test
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jun 11 10:11:35 2015 +0200
tests: check also individual ciphers for interoperability
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 8 11:38:54 2015 +0200
fips140: better debug messages when verifying MAC
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jun 5 11:19:13 2015 +0200
tpmtool: added newline in error messages
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 3 16:10:30 2015 +0200
fips140: added check for reseed detection
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 3 15:48:23 2015 +0200
tests: check random generator for long outputs as well
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 3 15:42:42 2015 +0200
fips140: when GNUTLS_SKIP_FIPS_INTEGRITY_CHECKS is setup do not perform integrity tests
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 3 15:38:09 2015 +0200
fips140: reset the reseed counter only on reseed
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 3 15:37:39 2015 +0200
fips140: when reseeding only reseed the required context not all
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 3 14:37:11 2015 +0200
fips140: added more checks on the reseed and generate function
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 3 14:36:35 2015 +0200
fips140: enforce the max_number_of_bits_per_request
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 3 16:36:32 2015 +0200
tests: do not include times in the PKCS #7 checks as they depend on local timezone
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 3 13:28:59 2015 +0200
pkcs7: addressed memory leaks
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 3 11:42:30 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 3 11:38:55 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 3 11:35:04 2015 +0200
tests: Added PKCS #7 attribute generation check
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 3 10:44:25 2015 +0200
tests: updated for new certtool output
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 3 10:40:54 2015 +0200
certtool: print signed and unsigned PKCS #7 attributes
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jun 3 10:24:05 2015 +0200
Added code to parse and set PKCS #7 attributes
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 2 16:34:45 2015 +0200
tests: added PKCS #7 verification check with MD5
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 2 16:31:49 2015 +0200
use the same flags in all verification functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 2 16:05:46 2015 +0200
_decode_pkcs7_signed_data: fixed mem leaks
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 2 15:58:14 2015 +0200
Initialization of gnutls_x509_dn_t was modified to allow deinitialization after failure
Part2: made gnutls_x509_crt_get_subject() and gnutls_x509_crt_get_issuer()
return a constant value and avoid leaks.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 2 14:40:56 2015 +0200
doc: Separated the PKCS #7 in manual
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 2 14:35:26 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 2 14:26:20 2015 +0200
tests: check PKCS #7 structure signature generation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 2 14:16:58 2015 +0200
tests: check PKCS #7 bundle generation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 2 14:08:13 2015 +0200
certtool: added --p7-generate, --p7-sign and --p7-detached-sign
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 2 12:58:34 2015 +0200
Added gnutls_pkcs7_sign()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 2 11:13:41 2015 +0200
Added gnutls_pkcs7_get_crl_raw2
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 2 11:00:39 2015 +0200
certtool: print the signing time when available
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 2 11:00:26 2015 +0200
pkcs7 verification: parse the signing time
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 2 09:54:38 2015 +0200
on PKCS #7 verification check the the content type matches the signed data
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 2 09:22:36 2015 +0200
certtool: print more info about the PKCS #7 struct
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 2 09:15:53 2015 +0200
certtool: allow verification against a direct PKCS #7 signer
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 2 09:05:27 2015 +0200
tests: added checks with PKCS #7 detached data
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 2 09:03:34 2015 +0200
pkcs7 verification: return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE when no encapsulated data exist
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jun 2 08:57:34 2015 +0200
certtool: allow verifying PKCS #7 with detached data
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 1 21:37:44 2015 +0200
certtool: improved PKCS #7 verification output
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 1 21:33:02 2015 +0200
tests: check the key purpose in PKCS #7 verification
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 1 20:07:57 2015 +0200
tests: added PKCS #7 test with more than 1 certs
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 1 18:56:51 2015 +0200
certtool: allow verification of PKCS #7 structures
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 1 18:55:37 2015 +0200
Initialization of gnutls_x509_dn_t was modified to allow deinitialization after failure
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 1 15:19:03 2015 +0200
Added PKCS #7 signature(s) verification
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 1 15:13:10 2015 +0200
Added gnutls_pkcs11_get_raw_issuer_by_subject_key_id and gnutls_x509_trust_list_get_issuer_by_subject_key_id
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 1 14:34:57 2015 +0200
tests: added check for gnutls_x509_dn_get_str
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 1 14:26:19 2015 +0200
added gnutls_x509_dn_get_str
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 1 11:52:58 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 1 11:51:32 2015 +0200
Added gnutls_x509_crt_verify_data2() and kept gnutls_privkey_sign_data()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 1 10:43:46 2015 +0200
verify PKCS #7 signed data
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 29 14:41:13 2015 +0200
updated PKCS #7 code to cache signed_data
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jun 1 21:48:48 2015 +0200
When manual PKCS #11 configuration is requested don't initialize other providers
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun May 31 08:51:26 2015 +0200
certtool: deinitialize PKCS #7 resources
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun May 31 08:50:09 2015 +0200
tests: Added tests for PKCS7 cert extraction
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 29 16:37:36 2015 +0200
Revert "updated gnulib"
This reverts commit c040ce6dd05b48b971d8dcc8fc8f23957ed15f9c.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 29 14:39:58 2015 +0200
silence format-signness warnings in gcc5
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 29 14:34:53 2015 +0200
updated gnulib
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 26 22:12:19 2015 +0200
Check the OID size for match when comparing for the OCSP nonce extension
Reported by Hanno Böck.
Author: Armin Burgmeier <armin@arbur.net>
Date: Sat May 23 23:30:18 2015 -0400
gnutls_dh_get_prime_bits: return 0 if DH is not used
Before, the number of bits of a zero-length number was attempted to be
extracted, resulting in an error. The changed behaviour is consistent with
the documentation which explicitly states that 0 should be returned if no DH
key exchange was performed.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 22 09:08:00 2015 +0200
gnutls_dh_get_group: mention that the values may include a leading zero
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 21 11:55:06 2015 +0200
gnutls_dh_set_prime_bits: warn when overriding the DH max prime size with 1007 bits or less
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 21 10:52:37 2015 +0200
cleanup unused variable
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 21 10:51:17 2015 +0200
corrected allocation check
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 21 10:46:26 2015 +0200
removed useless check
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 21 10:43:06 2015 +0200
document intentional fallthrough in switch
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 21 10:41:11 2015 +0200
ecc ext: check return code of _gnutls_buffer_append_data
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun May 17 21:11:14 2015 +0200
tests: enhance the no-signal check to include proper data sending
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun May 17 20:59:14 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun May 17 20:57:48 2015 +0200
tests: check the operation of GNUTLS_NO_SIGNAL
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun May 17 20:33:48 2015 +0200
Allow the usage of MSG_NOSIGNAL in send functions
That introduces the GNUTLS_NO_SIGNAL flag for gnutls_init(),
which is available in systems that support the MSG_NOSIGNAL
flag to send(). That eases the usage of the library within
other libraries.
Resolves #11
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 15 12:03:23 2015 +0200
include nettle/memxor when needed
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri May 15 12:02:56 2015 +0200
gnutls-serv: send alert when wrong data have been received from client
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 14 15:32:09 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu May 14 14:00:11 2015 +0200
camellia256-gcm: corrected regression
Reported by Manuel Pegourie-Gonnard.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon May 11 18:41:09 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 6 15:22:05 2015 +0200
doc: added section about subject alternative names
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 6 11:17:09 2015 +0200
handshake_start_time was moved out of the DTLS-specific variables
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 6 11:13:05 2015 +0200
apply default timeout for DTLS in gnutls_handshake_set_timeout
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 6 10:03:16 2015 +0200
tests: do not perform internationalized name checks without libidn
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed May 6 09:52:39 2015 +0200
tests: updated sign-md5-rep to reduce false failures
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 5 16:40:37 2015 +0200
tests: eliminate mem leaks in mini-loss-time
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 5 15:55:19 2015 +0200
tests: testdane: remove dane.nox.su from the list of known to be good hosts
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 5 14:43:42 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 5 14:41:55 2015 +0200
tests: mini-loss-time enhanced to check proper timeouts in both client and server
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 5 14:35:45 2015 +0200
dtls: combined the total timeouts of DTLS and TLS handshake
That also makes the waits for packets more robust against blocking.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 5 09:36:17 2015 +0200
define GNUTLS_SUPPLEMENTAL_USER_MAPPING_DATA
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue May 5 07:57:16 2015 +0200
doc: updated text to account for pkcs11-url standardization
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun May 3 19:43:40 2015 +0200
tests: mini-dtls-mtu: compile in windows
Author: Jaak Ristioja <jaak.ristioja@cyber.ee>
Date: Mon May 4 10:53:10 2015 +0300
doc: Fixed typo in heartbeat documentation.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun May 3 19:39:52 2015 +0200
cross.mk: updated for 3.4.1
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun May 3 19:36:02 2015 +0200
updated abi base for 3.4
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun May 3 19:24:23 2015 +0200
NEWS: updated
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun May 3 19:09:19 2015 +0200
released 3.4.1
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 30 18:48:57 2015 +0200
doc: updated gnutls_dtls_set_timeouts
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 30 16:40:24 2015 +0200
doc: fixed example with DTLS timeouts
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 30 16:32:40 2015 +0200
use macro for DTLS default timeout
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 30 16:28:24 2015 +0200
gnutls_handshake_set_timeout will properly work with DTLS
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 30 14:09:22 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 30 14:53:17 2015 +0200
document the need for gnutls_transport_set_pull_timeout_function
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 30 14:06:09 2015 +0200
doc: updated async operation text
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 30 13:53:19 2015 +0200
disable default handshake timeout
It caused issues with non-blocking TLS clients and servers
which may not want to block while the pull timeout function
waits.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 30 13:38:26 2015 +0200
tests: added check to verify that pull timeout is not called on non-blocking sessions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 30 13:22:34 2015 +0200
GNUTLS_NONBLOCK can be used for non-DTLS sessions as well
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 29 14:44:30 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 29 14:44:30 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 28 16:12:13 2015 +0200
tests: key generation test was moved to main checks
This will allow to catch memory leaks with valgrind.
Author: Jan Vcelak <jan.vcelak@nic.cz>
Date: Tue Apr 28 13:50:40 2015 +0200
fix memory leak in ECDSA key parameters verification
Signed-off-by: Jan Vcelak <jan.vcelak@nic.cz>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 28 14:30:35 2015 +0200
updated minitasn1
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 28 14:29:41 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 28 14:26:57 2015 +0200
Handle DNS name constraints with leading dot
Patch by Fotis Loukos.
Resolves 3
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 28 09:02:12 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 27 09:16:42 2015 +0200
updated text for gnutls_pkcs11_init
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 27 09:08:10 2015 +0200
updated pkcs11 loading documentation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 26 08:31:12 2015 +0200
tests: mini-etm: use TLS as the transport layer
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 26 08:29:19 2015 +0200
tests: added comment for sign-md5-rep
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 26 08:11:17 2015 +0200
more files to ignore
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 26 00:04:13 2015 +0200
Sync with TP.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 25 21:23:38 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 25 20:00:04 2015 +0200
tests: added reproducer for the MD5 acceptance issue
Reported by Karthikeyan Bhargavan.
http://lists.gnutls.org/pipermail/gnutls-devel/2015-April/007572.html
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 25 19:34:34 2015 +0200
before falling back to SHA1 as signature algorithm in TLS 1.2 check if it is enabled
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 25 19:14:07 2015 +0200
_gnutls_session_sign_algo_enabled: do not consider any values from the extension data to decide acceptable algorithms
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 25 09:28:57 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 25 09:13:04 2015 +0200
tests: added unit tests for gnutls_certificate_client_get_request_status
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 25 09:12:04 2015 +0200
set the value used by gnutls_certificate_client_get_request_status prior to selecting certificate
That allows gnutls_certificate_client_get_request_status() to be properly operating
from the callback. Reported by Anton Lavrentiev.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 25 09:10:15 2015 +0200
updated doc for retrieve function
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 24 16:04:44 2015 +0200
updated PKCS #11 URL references to rfc7512
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 22 14:00:45 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 22 13:54:18 2015 +0200
tests: added check for gnutls_credentials_get
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 22 13:49:10 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 22 13:41:17 2015 +0200
fixed doc: reported by Anton Lavrentiev
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 22 11:33:34 2015 +0200
doc: corrected typo
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 21 22:08:56 2015 +0200
tests: resume-dtls: remove global variables
Author: Andreas Metzler <ametzler@debian.org>
Date: Tue Apr 21 19:18:00 2015 +0200
List all certificate type priority strings.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 19 21:23:21 2015 +0200
tls-rsa: keep a common code path when doing RSA decryption
Suggested by Nimrod Aviram.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 21 15:20:38 2015 +0200
tests: initialize status where needed
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 21 15:18:11 2015 +0200
tests: cleanup openpgp-auth2
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 21 15:17:38 2015 +0200
tests: cleanup mini-dtls-rehandshake
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 21 13:46:36 2015 +0200
tests: resume: check for signals
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 21 10:42:50 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 21 10:40:41 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 21 10:36:07 2015 +0200
tests: reduced compiler warnings
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 21 10:07:30 2015 +0200
tests: verify the return value of gnutls_certificate_get_ours when no cert is sent
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 21 10:07:11 2015 +0200
tests: close unused file descriptors in resume checks
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 20 23:39:08 2015 +0200
libopts: fixed the reading of the --enable-local-libopts flag
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 20 17:51:20 2015 +0200
gnutls-cli: when no certificate is sent, notify the user
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 20 17:45:33 2015 +0200
tests: added check with X.509 certificates and callbacks
That corresponds to functionality checked in openpgp-callback.c
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 20 17:38:10 2015 +0200
tests: added check for gnutls_certificate_get_ours() when used in combination with callbacks
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 20 16:46:34 2015 +0200
tests: improved x509dn check
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 20 16:43:51 2015 +0200
gnutls_certificate_get_ours: will return the certificate even if a callback was used
This corrects a bug where this function would not work, when
gnutls_certificate_set_retrieve_function2() was used.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 20 16:31:55 2015 +0200
gnutls-cli: when a certificate is specified require the corresponding private key
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 20 16:25:21 2015 +0200
ensure that the X.509 version number is one byte only
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 20 14:04:37 2015 +0200
Check for invalid length in the X.509 version field
If such an invalid length is detected, reject the certificate.
Reported by Hanno Böck.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 20 13:57:31 2015 +0200
ocsp: initialize certs to NULL
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 20 12:45:56 2015 +0200
gnutls-serv: print when the peer's certificate is not verified
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 19 09:42:05 2015 +0200
Sync with TP.
Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date: Sat Apr 18 11:38:57 2015 +0200
ncrypt.h lacks some defines with some versions of MinGW.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 19 09:19:22 2015 +0200
updated auto-generated files
Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date: Sat Apr 18 11:38:56 2015 +0200
Fix a preprocessor warning about mismatched quotes.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date: Sat Apr 18 11:38:55 2015 +0200
Set _WIN32_WINNT to 0x600, at least with some MinGW versions ncrypt.h checks this define to be at least 0x600.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date: Sat Apr 18 11:38:54 2015 +0200
Fix include order, include gnutls_int.h before gnutls.h, otherwise undefined external references to gnutls_free and gnutls_strdup are the result when statically linking against GnuTLS built by MinGW.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 16 19:36:32 2015 +0300
gnutls-cli: removed CCM from the ciphers tested with the old API
That prevents a crash of the benchmark. Reported by James Cloos.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 16 19:24:46 2015 +0300
refuse to use the old cipher API with AEAD-only ciphers
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 16 00:16:22 2015 +0300
tests: ignore sigpipe in resume and termination tests
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 15 20:05:59 2015 +0300
doc: added error check in example
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 15 20:03:06 2015 +0300
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 15 16:00:53 2015 +0300
doc: removed stray @end
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 15 11:53:39 2015 +0300
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 15 11:49:26 2015 +0300
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 15 11:48:21 2015 +0300
x509: when printing the keyid of a certificate use the curve name for randomart
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 15 11:47:39 2015 +0300
gnutls_x509_crt_get_pk_* are based on gnutls_pubkey_export_*
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 15 11:45:08 2015 +0300
gnutls_pubkey_export_* are tolerable in null input
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 15 11:41:54 2015 +0300
Added gnutls_x509_crt_get_pk_ecc_raw()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 15 11:24:01 2015 +0300
randomart: corrected usage of snprintf
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 14 22:11:14 2015 +0300
certtool: when generating an ECDSA key use the curve name in random art
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 14 22:08:18 2015 +0300
randomart: only print key size if it is non-zero
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 14 22:01:29 2015 +0300
cross.mk: updated for 3.4.0
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 14 21:33:19 2015 +0300
Remove SOCK_CLOEXEC from socket() call.
That allows compilation in systems where this
flag doesn't exist.
Resolves #7
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 14 16:06:39 2015 +0300
document the recommended re-handshake process
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 9 16:00:43 2015 +0200
remove duplicate entries from manpages Makefile
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 8 17:08:07 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 8 17:07:11 2015 +0200
tests: enhanced cert tests with SHA256 key IDs
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 8 16:56:44 2015 +0200
certtool: modified to allow different key ID algorithms
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 8 16:48:46 2015 +0200
Added flags which modify the algorithm used for key ID calculation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 8 16:33:47 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 8 16:18:37 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 8 16:16:42 2015 +0200
gnutls_record_discard_queued() is both for TLS and DTLS
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 8 08:59:54 2015 +0200
document the new crypto register functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 8 08:53:39 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 8 08:49:45 2015 +0200
doc: avoid spaces in showfunc
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 8 08:15:24 2015 +0200
tests: added files into dist
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 8 08:08:14 2015 +0200
configure: ask for nettle 3.1
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 8 08:06:52 2015 +0200
released 3.4.0
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 7 23:28:06 2015 +0200
gnutls-cli: document the method to override the detected ciphers
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 7 23:21:23 2015 +0200
fixed AESNI CCM encryption
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 7 23:14:48 2015 +0200
cleanups in CCM-aesni
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 7 22:28:29 2015 +0200
tests: test CCM-8 against polarssl
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 7 22:21:45 2015 +0200
gnutls-cli-debug: test for AES-CCM
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 7 22:10:43 2015 +0200
doc: added 'git submodule update' to clone steps
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 7 22:00:17 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 7 21:38:11 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 7 20:24:10 2015 +0200
removed unused functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 7 16:03:16 2015 +0200
extend the fallback to setkey in addition to init
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 7 15:50:23 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 7 15:48:41 2015 +0200
tests: verify the behavior of GNUTLS_E_NEED_FALLBACK
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 7 15:39:18 2015 +0200
introduced GNUTLS_E_NEED_FALLBACK to allow falling back from registered ciphers
That allows a registered cipher to indicate that it cannot operate
(e.g., due to memory constraints, or internal limits), and gnutls should
proceed with the default algorithms.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 7 10:53:54 2015 +0200
ciphersuites: moved CCM ciphersuites in the appropriate ifdefs
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 7 10:51:25 2015 +0200
tests: ciphersuite test will ignore the invalid names of TLS_DHE_PSK_WITH_AES_128_CCM_8
That is because the names in rfc6655 are for some reason different
than the expected.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 7 10:47:00 2015 +0200
document CCM and CCM-8
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 7 10:44:02 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 7 10:42:36 2015 +0200
tests: added CCM and CCM_8 into ciphersuite tests
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Apr 7 10:31:23 2015 +0200
Added CCM-8 ciphersuites
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 6 19:14:31 2015 +0200
updated announce text
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 6 10:49:15 2015 +0200
symbols: added the new supplemental functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Apr 6 10:08:16 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Apr 5 20:43:18 2015 +0200
tests: delay tests that depend on timing when they fail
That often prevents failures on busy systems.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 4 18:31:28 2015 +0200
don't enforce iv_size > block_size; it is no longer true for all ciphers
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 4 15:10:26 2015 +0200
simplified calc_enc_length_stream
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 4 14:49:03 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 4 14:29:58 2015 +0200
tests: updated supplemental API
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 4 12:42:21 2015 +0200
gnutls_ext_register will fail on double registration
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 4 12:37:38 2015 +0200
gnutls_supplemental_register will fail on double registration
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 4 12:05:40 2015 +0200
symbols: added new exported functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 4 12:04:34 2015 +0200
doc: updated makefiles to include new functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 4 12:03:37 2015 +0200
libgnutls.map: remove gnutls_record_set_max_empty_records
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 4 11:54:03 2015 +0200
account for the renamed gnutls_supplemental_recv/send
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 4 11:50:54 2015 +0200
document the export supplemental data API
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 4 11:45:28 2015 +0200
gnutls_do_recv/send_supplemental -> gnutls_supplemental_recv/send
Also added the gnutls_ prefix to new types.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 4 11:34:55 2015 +0200
Added documentation for gnutls_do_send/recv_supplemental
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 4 10:30:56 2015 +0200
doc updates
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 4 09:43:16 2015 +0200
the base64 xxx_alloc functions were renamed to xxx2
That brings them in par with the rest of the allocation
functions.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 4 09:36:34 2015 +0200
p11tool: use the key usage flags to set PKCS #11 properties
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 4 09:31:00 2015 +0200
pkcs11: use key_usage to set the appropriate flags
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 4 08:53:33 2015 +0200
cleanups in supplemental data support
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Apr 4 07:36:47 2015 +0200
DH: do not warn on zero q_bits
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 3 22:52:17 2015 +0200
NEWS: rearrange entries
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Apr 3 22:35:24 2015 +0200
certtool: certtool --generate-dh-params will account for --outder
Resolves #5
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 2 15:30:20 2015 +0200
chacha20-poly1305: ciphersuite numbers correspond to the latest draft
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 2 15:27:51 2015 +0200
p11tool: improved output message
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Apr 2 12:54:45 2015 +0200
removed unecessary warning
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 1 19:08:33 2015 +0200
doc update: account for new functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 1 18:42:13 2015 +0200
p11tool: better output text
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 1 18:40:47 2015 +0200
pkcs11: added GNUTLS_PKCS11_OBJ_FLAG_EXPECT_PUBKEY
Also enforce the expected flags despite any given flags
in the URL.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 1 18:29:08 2015 +0200
p11tool: added the --test-sign parameter
That allows to check an existing key for signing/verification.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 1 16:52:48 2015 +0200
gnutls_priv/pubkey_import_url replace: gnutls_privkey_import_pkcs11_url and gnutls_pubkey_import_pkcs11_url
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 1 16:02:02 2015 +0200
certtool: corrected import of pubkey in DER format
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 1 10:50:08 2015 +0200
tests: added check for EtM negotiation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 1 10:42:28 2015 +0200
only send EtM extension if we have CBC ciphersuites
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 1 10:04:54 2015 +0200
mention gnutls_privkey_sign_raw_data in upgrade section
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 1 09:55:09 2015 +0200
gnutls_privkey_sign_raw_data: converted to macro over gnutls_privkey_sign_hash
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Apr 1 10:00:31 2015 +0200
tests: added check for the legacy gnutls_privkey_sign_raw_data
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 31 11:16:45 2015 +0200
avoid compilation warnings in self checks (take 2)
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 31 11:15:04 2015 +0200
Revert "selftests: avoid compilatio warnings"
This reverts commit 196477d68f32b30d0de8e203a5c1c405af429603.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 31 08:50:45 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 31 08:48:37 2015 +0200
tests: check whether PKCS #11 ID set on copy/generation is correct
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 31 08:29:33 2015 +0200
p11tool: allow setting the CKA_ID on object initialization/generation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 31 08:22:58 2015 +0200
exported new functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 31 08:19:18 2015 +0200
pkcs11: enhanced key generation functions to allow specifying a CKA_ID
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 31 08:14:27 2015 +0200
selftests: avoid compilatio warnings
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 30 16:12:27 2015 +0200
enhanced copy functions to allow specifying a CKA_ID
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 30 09:57:41 2015 +0200
tests: mini-server-name: ignore sigpipe
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 30 07:48:15 2015 +0200
tests: added more libidn-related valgrind suppressions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 30 07:05:27 2015 +0200
doc: increase border spacing in HTML tables
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 30 06:59:19 2015 +0200
doc: list chacha20-poly1305 to the list of ciphers
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 30 06:47:51 2015 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 30 06:37:52 2015 +0200
manpages: automatically adjust the copyright year on generated pages
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 30 06:34:37 2015 +0200
tests: added check for gnutls_server_name_get and gnutls_server_name_set
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Mar 29 10:54:11 2015 +0200
test-ciphers.js: improved ciphersuite checks
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Mar 29 10:49:23 2015 +0200
corrected GNUTLS_ECDHE_ECDSA_CHACHA20_POLY1305
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Mar 29 10:27:57 2015 +0200
updated test-ciphersuite.sh for new types
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 28 23:18:06 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 28 22:41:03 2015 +0100
Better fix for the double free in dist point parsing
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 28 22:31:09 2015 +0100
updated minitasn1
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 28 19:34:29 2015 +0100
gnutls_pkcs11_copy_x509_privkey: increase size for attributes
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 28 19:21:48 2015 +0100
moved chacha20-poly1305 ciphersuites to the 0xCD space
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 28 13:45:23 2015 +0100
doc update: replace cryptographic algorithm by encryption algorithm
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 28 12:43:58 2015 +0100
gnutls_subject_alt_names_set and gnutls_x509_aki_set_cert_issuer will set null-terminated strings
Author: Jiří Klimeš <jklimes@redhat.com>
Date: Fri Mar 27 19:55:40 2015 +0100
doc: be consistent in the function descriptions
Signed-off-by: Jiří Klimeš <jklimes@redhat.com>
Author: Jiří Klimeš <jklimes@redhat.com>
Date: Fri Mar 27 20:00:45 2015 +0100
doc: correct the description of crypto API functions
Signed-off-by: Jiří Klimeš <jklimes@redhat.com>
Author: Jiří Klimeš <jklimes@redhat.com>
Date: Fri Mar 27 12:58:34 2015 +0100
Fix a few compiler warnings about unused variables
[-Wunused-variable]
Signed-off-by: Jiří Klimeš <jklimes@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 28 12:00:36 2015 +0100
fixed CHACHA20-POLY1305 in DTLS
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 28 11:08:28 2015 +0100
gnutls-cli: added chacha-poly1305 into benchmarks
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 28 10:57:54 2015 +0100
when calculating record overhead account for chacha20 which doesn't send the nonce on the wire
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 28 10:54:02 2015 +0100
tests: include chacha20 into transfer tests
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 28 10:40:47 2015 +0100
Added the CHACHA20-POLY1305 ciphersuites (with random IDs)
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 28 09:59:38 2015 +0100
added chacha20-poly1305 as cipher
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 28 09:09:02 2015 +0100
tests: check retvals in block ciphers
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 28 09:06:16 2015 +0100
do not penalize CBC ciphers with the maximum send data size
That reduced the maximum send size for CBC ciphers from 16384
to 16384-(block size), which was unnecessary and was causing issues:
https://bugs.winehq.org/show_bug.cgi?id=37500
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 28 08:18:32 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 28 08:18:17 2015 +0100
gnutls_record_set_max_empty_records: removed
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 23 22:55:29 2015 +0100
eliminated double-free in the parsing of dist points
Reported by Robert Święcki.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 23 22:29:23 2015 +0100
Added a tight loop around the legacy push function
That reduces the need for more expensive outer loops.
Originally suggested by Anton Lavrentiev.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 23 19:19:49 2015 +0100
updated gnulib
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 27 14:01:20 2015 +0100
p11tool: more precise documentation of --set-id parameter
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 27 11:05:08 2015 +0100
depend on nettle 3.1 or later
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 27 10:42:48 2015 +0100
tests: updated email check for renamed --verify-email option
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 27 10:32:29 2015 +0100
gnutls_pkcs11_privkey_generate2: increased the size of ck_attributes
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 27 10:31:03 2015 +0100
pkcs11: check gnutls_rnd() for error condition
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 27 10:27:10 2015 +0100
gnutls_pkcs11_privkey_generate2: set a CKA_ID on key generation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 27 10:25:59 2015 +0100
p11tool: reduced debugging output
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 27 09:47:40 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 27 09:47:12 2015 +0100
certtool: --purpose, --hostname were renamed to --verify-purpose, --verify-hostname
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 26 16:46:43 2015 +0100
p11tool: added --mark-no-sign and --mark-no-decrypt options
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 26 16:34:46 2015 +0100
pkcs11: added flags to mark keys as not-being signable or decryptable
That adds GNUTLS_PKCS11_OBJ_FLAG_MARK_NO_DECRYPT and GNUTLS_PKCS11_OBJ_FLAG_MARK_NO_SIGN
which can be set during generation or write of keys.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 26 16:21:28 2015 +0100
pkcs11: set the CKA_SIGN and CKA_DECRYPT flags when writing a private key
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 26 13:16:52 2015 +0100
tests: cleanups in resume-dtls
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 26 11:26:14 2015 +0100
ext: server_name: move name length check prior to IDN convertion
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 26 11:04:37 2015 +0100
When an application calls gnutls_server_name_set() with a name of zero size disable the extension
Resolves #2
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 26 09:25:10 2015 +0100
gnutls_x509_crt_check_hostname2: check CN for match only if certificate would have been acceptable for GNUTLS_KP_TLS_WWW_SERVER
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 26 09:20:34 2015 +0100
Apply DNS name constraints on CN field only on certificates acceptable for TLS WWW SERVER purpose
Suggested by Fotis Loukos.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 25 17:10:06 2015 +0100
tests: mini-loss-time is less prone to timeouts
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 25 15:56:32 2015 +0100
tests: added valgrind suppressions in cert-tests for libidn
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 25 15:52:15 2015 +0100
certtool: eliminated memory leaks on verification
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 25 10:39:35 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 25 10:21:31 2015 +0100
tests: Added email verification tests with certtool
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 25 10:05:33 2015 +0100
certtool: added the --email option, to use in verification
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 25 10:04:56 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 25 09:42:16 2015 +0100
Added gnutls_x509_crt_check_email(), gnutls_openpgp_crt_check_email() and GNUTLS_DT_RFC822NAME
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 25 09:02:53 2015 +0100
tests: verify that we accept a certificate with no name even if its CA has nameconstraints
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 25 08:38:47 2015 +0100
name constraints: when no name of the type is found, accept the certificate
This follows RFC5280 advice closely. Reported by Fotis Loukos.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 24 10:49:32 2015 +0100
tests: increase the timeout in resume-dtls
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 24 10:09:43 2015 +0100
gnutls_pkcs11_obj_export3: allow operation when raw.data is NULL and we have a public key
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 24 09:58:17 2015 +0100
pkcs11: simplified export of objects
That also allows to export public keys, even when a CKA_VALUE
with the public key is not present. For that we use the key
parameters, which we encode into a key. Issue reported by
Frank Leavis.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 24 08:37:35 2015 +0100
gnulib: removed u64 module
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 24 08:36:33 2015 +0100
drop support for gnulib's u64
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 23 13:09:08 2015 +0100
tests: check legacy RC4 in testcompat
That would prevent losing compatibility without detecting it.
That is currently the case since it is no longer enabled by default.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 23 10:28:28 2015 +0100
tests: added check to verify the correctness of the record function return values
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 21 11:14:15 2015 +0100
tools: enable compilation with all options disabled
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 21 11:13:58 2015 +0100
enable compilation with several options disabled
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 21 10:38:28 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 20 14:04:26 2015 +0100
doc: avoid mentioning pointers when not needed
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 20 13:46:24 2015 +0100
increase the maximum stack frame the compiler will warn for
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 20 13:22:43 2015 +0100
doc: avoid using structure for opaque types
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 20 09:42:28 2015 +0100
tests: include gnutls_ext_s/get_data into tests of mini-extension
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 20 09:41:59 2015 +0100
updated documentation on non-return value of gnutls_ext_set_data
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 20 09:35:51 2015 +0100
tests: fixed buffers in mini-dtls0-9
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 20 09:32:19 2015 +0100
avoid overflow when receiving DTLS 0.9 CCS
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 20 08:35:48 2015 +0100
added gnutls_ext_set_data() and gnutls_ext_get_data()
As a side effect the type which holds private data was reduced
from union to void * pointer. That simplifies the exported API
without reducing the options in the internal API.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 19 22:04:48 2015 +0100
more files to ignore
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 19 22:03:22 2015 +0100
set GNUTLS_DTLS_VERSION_MIN to be DTLS0.9
That allows standard DTLS ciphersuites to be used with DTLS0.9
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 19 21:59:06 2015 +0100
tests: added test for DTLS 0.9
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 19 21:30:42 2015 +0100
tests: updated mini-extension
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 19 21:29:34 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 19 21:27:35 2015 +0100
mention the new functionality briefly in documentation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 19 21:23:29 2015 +0100
mention that the registration functions are not thread safe
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 19 21:22:29 2015 +0100
store a copy of the extensions name
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 19 21:21:00 2015 +0100
deinitialize supplemental data on deinit
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 19 21:15:24 2015 +0100
removed unused epoch change callback
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 19 21:12:27 2015 +0100
deinitialize supplemental data on deinit
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 19 21:06:14 2015 +0100
reduce warnings
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 19 21:00:26 2015 +0100
added documentation for the new functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 19 20:47:51 2015 +0100
tests: remove warnings in mini-supplementaldata.c
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 19 20:46:57 2015 +0100
updated types
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 19 20:41:03 2015 +0100
more files to ignore
Author: Thierry Quemerais <tquemerais@awox.com>
Date: Thu Mar 19 20:40:25 2015 +0100
Added a way to add custom supplemental data from public API.
Signed-off-by: Thierry Quemerais <tquemerais@awox.com>
Author: Thierry Quemerais <tquemerais@awox.com>
Date: Thu Mar 19 16:24:15 2015 +0100
Fixed extension test.
Signed-off-by: Thierry Quemerais <tquemerais@awox.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 19 20:35:22 2015 +0100
renamed gnutls_buffer_st -> gnutls_buffer_t
Author: Thierry Quemerais <tquemerais@awox.com>
Date: Thu Mar 19 20:15:11 2015 +0100
Added a way to add custom extensions from public API.
Signed-off-by: Thierry Quemerais <tquemerais@awox.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 19 20:11:18 2015 +0100
more files to ignore
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 19 11:43:52 2015 +0100
gnutls_x509_crt_import_pkcs11_url moved to pkcs11.h as it was always defined there
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 19 11:06:28 2015 +0100
inet_ntop replacement: include sys/socket.h
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 19 11:03:24 2015 +0100
inet_ntop replacement: do not depend on socklen_t
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 18 22:48:06 2015 +0100
tests: link cipher tests directly with nettle when needed
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 18 22:39:19 2015 +0100
tests: mini-dtls-record: increase timeouts to avoid failure of test due to slow system
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 18 19:46:00 2015 +0100
tests: mini-dtls-record: removed the need for 64-bit number
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 18 19:34:14 2015 +0100
tests: increase verbosity of mini-dtls-record
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 18 14:05:51 2015 +0100
document the cipher override API
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 18 13:47:03 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 18 13:42:55 2015 +0100
added test suite for overriden digests and MACs
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 18 13:04:43 2015 +0100
Added API to register MAC and digest algorithms.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 18 11:46:06 2015 +0100
added test suite for overriden ciphers
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 18 11:44:26 2015 +0100
Added API to register AEAD and legacy ciphers.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 18 11:30:44 2015 +0100
cryptodev: provide the new AEAD API
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 18 10:34:47 2015 +0100
Added environment variable which can override automatic global initialization
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 18 10:09:34 2015 +0100
removed unused functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 18 10:07:09 2015 +0100
configure: fail compilation if the minimum required libtasn1 is not present
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 18 09:53:06 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 16 13:52:05 2015 +0100
tests: long-session-id uses the test framework
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 17 09:29:52 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 17 09:23:51 2015 +0100
depend on p11-kit 0.23.1 to conform to draft-pechanec-pkcs11uri-21
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 16 13:23:20 2015 +0100
tests: fixed shadowed variable in mini-dtls-record
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 16 11:38:56 2015 +0100
tests: use nanosleep for sleeping
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 14 08:41:33 2015 +0100
README-alpha: move valgrind to testing tools
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 14 08:40:29 2015 +0100
updated README-alpha
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 13 16:30:55 2015 +0100
Fixed handling of supplemental data with types > 255.
Patch by Thierry Quemerais.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 13 16:20:54 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 13 16:12:17 2015 +0100
gnutls_priority_init: document that priorities can be NULL
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 13 13:30:12 2015 +0100
testpkcs11: disallow softhsm 2.0.0b1 from being used to test PKCS #11
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 13 13:24:18 2015 +0100
tests: mini-eagain2: call gnutls_handshake_set_timeout() at the proper time
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 13 10:10:23 2015 +0100
added libasan as dependency
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 13 09:52:15 2015 +0100
corrected self test for 3DES
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 12 06:58:02 2015 +0100
pkcs11: correctly set the size of type
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 11 22:51:25 2015 +0100
pkcs11: combined the fill for object attributes set
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 11 22:35:53 2015 +0100
pkcs11: only set ID and label when both size and data are set
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 11 16:14:32 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 11 16:10:46 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 11 16:10:36 2015 +0100
p11tool: exit with non-zero reason if no objects are found
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 11 16:02:44 2015 +0100
tests: added checks for p11tool --set-id and --set-label
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 11 16:02:21 2015 +0100
p11tool: added --set-id and --set-label options
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 11 14:49:04 2015 +0100
added gnutls_pkcs11_obj_set_info()
This function allows setting information such as the CKA_ID
and the CKA_LABEL of an object.
Resolves #1
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 11 09:30:37 2015 +0100
Added check for GNUTLS-SA-2015-1
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 9 22:31:38 2015 +0100
tests: removed test with invalid DER encoding in chainverify
These certificates are now rejected earlier.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 9 22:31:03 2015 +0100
tests: added a check for certificates with invalid DER encodings
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 9 22:19:33 2015 +0100
x509: use libtasn1's strict DER decoding rules in network obtained structures
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 9 21:57:25 2015 +0100
depend on libtasn1 4.3
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 9 21:54:13 2015 +0100
minitasn1: updated to libtasn1 4.3
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 9 19:09:34 2015 +0100
rearranged internal documentation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 9 12:38:52 2015 +0100
tools: added ftp as a starttls protocol
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 9 12:38:01 2015 +0100
gnutls-cli: starttls and starttls-proto can't mix
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 7 19:58:00 2015 +0100
expand on SECURE256 being an alias to SECURE192
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 7 13:10:53 2015 +0100
tests: do not run polarssl interop test on VIA
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 7 13:08:47 2015 +0100
use common license in all testcompat scripts
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 7 11:47:19 2015 +0100
removed unused function
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Mar 7 09:56:10 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 6 18:02:28 2015 +0100
README-alpha is README.md on repository
It contains information for developers.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 6 18:00:41 2015 +0100
Revert "auto-generate README from README.md"
This reverts commit aff4b2151b42c6a59e490c3714d3e1e64d2921dd.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 6 17:36:15 2015 +0100
cleaned up licensing
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 6 17:32:10 2015 +0100
auto-generate README from README.md
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 6 17:17:53 2015 +0100
Revert "added README.md as link to README"
This reverts commit 041d4f947eb6937d4af62eb35055668825c36833.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 6 17:17:26 2015 +0100
added README.md as link to README
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 6 17:15:41 2015 +0100
Revert "renamed README files"
This reverts commit 05b4fa46667d3f5972f6de6ac61ff959382c67a5.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 6 17:14:50 2015 +0100
renamed README files
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 6 17:12:09 2015 +0100
README: converted to mark-down
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 6 15:58:37 2015 +0100
gnutls-cli-debug: corrected check of certificate chain order
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 6 15:52:01 2015 +0100
tests: added small test to verify that GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED succeeds with a single cert
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 6 15:42:40 2015 +0100
gnutls-cli-debug: disable unsupported TLS protocols as soon
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 6 15:30:42 2015 +0100
cli sockets: check for a digit prior using atoi
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 6 15:14:14 2015 +0100
gnutls-cli-debug: a cert list of size 1 is always sorted
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 6 15:11:35 2015 +0100
gnutls-cli-debug: do not warn multiple times about unknown protocols
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Mar 6 10:52:32 2015 +0100
updated documentation on FIPS140-2
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 5 22:30:31 2015 +0100
tests: speed up testcompat check by remove less important options
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 5 22:27:51 2015 +0100
tests: updated paths for softhsm detection
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 5 22:16:34 2015 +0100
README: mention nodejs
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 5 21:04:58 2015 +0100
configure: check for /usr/share/dns/root.key as well for dns root key
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 5 21:03:20 2015 +0100
README: mention dependency on dns-root-data
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 5 19:03:34 2015 +0100
tests: don't perform the overflow check in 32-bit systems
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 5 18:46:44 2015 +0100
tests: date parsing test was modified to work in 32-bit systems
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 5 18:59:25 2015 +0100
certtool: in 32-bit systems use PRIu64 to print 64-bit values
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 5 18:56:34 2015 +0100
certtool: exit when there is an overflow in parsing days
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 5 11:40:17 2015 +0100
README: mention that openssl and polarssl will be used for interop testing
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 5 10:40:20 2015 +0100
Revert "tests: increased the retries with datefudge cert generation"
This reverts commit a381fd148d2e181e19aad9ab9a9c5993080ce869.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 5 10:40:10 2015 +0100
Revert "tests: template-test: added a baseline check to detect slow systems"
This reverts commit b7ef1265810ec55d0912db2e3fa4204d8c412377.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 5 09:25:58 2015 +0100
tests: template-test: added a baseline check to detect slow systems
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Mar 5 08:09:54 2015 +0100
tests: increased the retries with datefudge cert generation
There are slow systems that are not always capable of generating the
certificate within a single second.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 4 23:25:56 2015 +0100
add bison as a dependency
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 4 22:45:09 2015 +0100
build documentation last
That allows the examples to depend on libgnu_gpl.la
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 4 20:50:37 2015 +0100
list unbound dependency for DANE
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 4 20:44:29 2015 +0100
tests: removed dane hosts which don't behave well
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 4 20:37:32 2015 +0100
updated instructions for installed packages
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 4 17:24:20 2015 +0100
latex doc: updated copyright dates
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 4 17:23:32 2015 +0100
updated copyright date
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 4 14:59:58 2015 +0100
use asn1_decode_simple_ber if available
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 4 11:25:30 2015 +0100
corrected typo
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 4 10:47:30 2015 +0100
mention libidn
Author: Ilya V. Matveychikov <i.matveychikov@securitycode.ru>
Date: Wed Mar 4 03:25:42 2015 +0300
asn1random.pl: generate simple tags only
Do not emit tags with numbers greater than or equal 31 as they must be
encoded an octet sequence (ref X.690-0207 # 8.1.2.4)
Signed-off-by: Ilya V. Matveychikov <i.matveychikov@securitycode.ru>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 4 10:07:01 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 20 22:24:23 2015 +0100
tests: added checks for invalid X.509 certificate signatures
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 4 08:20:35 2015 +0100
added the change of priority string NORMAL in documentation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Mar 4 08:15:16 2015 +0100
document the usage of a PKCS #11 trust module for verification
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 3 19:44:38 2015 +0100
tests: updated the suite to account for the removal of DSA by default
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 3 18:52:22 2015 +0100
tests: updated the suite to account for the removal of DSA by default
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 3 18:51:22 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 3 17:44:00 2015 +0100
cross-implementation test suite was relicensed to 3-clause BSD
That way the suite can be used by projects with other licenses.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 3 09:34:26 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Mar 3 09:31:16 2015 +0100
DSA signatures and DHE-DSS are disabled by default
DSA was an algorithm that was never deployed on the Internet
and had, until very recently, several limitations such as
restriction of its keys to 1024 bits, SHA1-only etc. Given
that there are literally 0 internet (HTTPS) certificates using
DSA, there is no point to enable it by default and increase
our attack surface.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Mar 2 08:12:28 2015 +0100
gnutls-cli: include AES_128_CCM in benchmark-ciphers
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 28 12:55:09 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 28 12:22:10 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 28 09:43:16 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 28 09:33:12 2015 +0100
bundle inet_ntop in systems that don't have it
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 27 16:31:50 2015 +0100
updated auto-generated files
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 27 16:26:34 2015 +0100
removed gnutls_pubkey_get_verify_algorithm from abstract.h
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 26 13:03:35 2015 +0100
corrected typo in gnutls_handshake(), spotted by Andris Mednis
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 24 10:28:26 2015 +0100
doc update: document that session_get_data() must be used in non-resumed sessions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Feb 23 13:50:00 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Feb 22 11:47:25 2015 +0100
added comments
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Feb 22 11:39:49 2015 +0100
Use p11_kit_uri_get_pin_value() if available in p11-kit
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 21 12:00:13 2015 +0100
fixed handling of GNUTLS_E_INT_CHECK_AGAIN
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 21 11:50:40 2015 +0100
removed unnecessary check and optimized function
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 21 11:46:13 2015 +0100
corrected check which prevented client to sent an unacceptable for the version ciphersuite
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 21 11:40:50 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 21 11:38:49 2015 +0100
tests: mini-key-material: avoid memory leak
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 21 11:35:04 2015 +0100
tests: require DTLS 1.2 when using GCM
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 21 11:32:36 2015 +0100
handle GNUTLS_E_INT_CHECK_AGAIN
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 21 11:28:57 2015 +0100
check the negotiated TLS/DTLS version prior to offering a ciphersuite a server
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 21 10:57:14 2015 +0100
remove unnecessary assert
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 21 10:53:25 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 21 10:51:49 2015 +0100
tests: modified tests with obsolete APIs with their replacement API
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 21 07:35:21 2015 +0100
doc: added deprecated functions into upgrade plan
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 21 07:35:01 2015 +0100
tests: added checks for gnutls_x509_crt_get_signature_algorithm and gnutls_x509_crt_get_preferred_hash_algorithm
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 21 07:25:24 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 21 07:24:13 2015 +0100
removed gnutls_pubkey_get_verify_algorithm() and unnecessary internal APIs
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 21 07:13:37 2015 +0100
removed gnutls_x509_crt_get_verify_algorithm()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 21 07:07:54 2015 +0100
removed gnutls_pubkey_verify_hash() and gnutls_pubkey_verify_data()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 20 23:47:25 2015 +0100
certtool: use unsigned for bits
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 20 23:46:35 2015 +0100
certtool/p11tool: avoid cast to function call
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 20 23:42:47 2015 +0100
certtool: allow specifying a purpose and a hostname for chain verification
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 20 22:17:15 2015 +0100
tests: added check for invalid X.509 certificate
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 20 17:09:57 2015 +0100
tests: added check for gnutls_record_get_state()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 20 17:09:34 2015 +0100
removed unused constants
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 20 16:58:41 2015 +0100
memcpy fix in gnutls_record_get_state
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 20 16:23:33 2015 +0100
removed ltmain.sh from root
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 20 11:18:45 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 20 11:16:44 2015 +0100
Added gnutls_record_get_state() and gnutls_record_set_state()
These functions allow to export the key material and sequence numbers.
That allows offloading the sending and receiving of individual records.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 20 11:13:55 2015 +0100
fixed sequence number copy
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 20 10:56:54 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 20 10:56:35 2015 +0100
gnutls_handshake_set_hook_function: will provide the raw handshake data
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 18 23:04:24 2015 +0100
use explicit casts to unsigned int in the CURVE_TO_BITS et al
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 18 22:55:38 2015 +0100
use cast in _gnutls_hash_fast
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Feb 17 14:20:10 2015 +0100
when importing a certificate ensure that the signature parameters match
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Feb 14 18:02:01 2015 +0100
Allow AESNI GCM accelaration in x86
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Feb 6 20:22:42 2015 +0100
gnutls-cli: added --save-cert option
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 5 05:39:13 2015 +0100
added missing prototypes
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Feb 4 10:14:55 2015 +0100
handle differently OCSP responses that are revoked and of unknown status
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Feb 1 13:35:40 2015 +0100
compilation fix with return on void function; reported by David Marx
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 29 14:31:08 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 29 14:21:18 2015 +0100
set the appropriate direction when _gnutls_io_write_flush() is called
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 28 10:32:16 2015 +0100
tests: added check for operation under different threads and DTLS
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 28 10:22:37 2015 +0100
tests: added check for operation under different processes and DTLS
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 28 09:57:13 2015 +0100
Revert "doc update"
This reverts commit eabf1f27d255577bad60d302abf46a969848fcd7.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 28 09:56:56 2015 +0100
Revert "Added gnutls_record_is_async()"
This reverts commit 2232822aabe473d124f924d64ff52981d685fd41.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 28 09:56:21 2015 +0100
documented using a session with fork or multiple threads
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 27 13:07:19 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 27 13:06:10 2015 +0100
Added gnutls_record_is_async()
That function indicates whether gnutls_record_recv() and
gnutls_record_send() can be used independently and in
parallel.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 25 10:17:06 2015 +0100
print errno in a more uniform way
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 25 08:28:13 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 25 08:27:08 2015 +0100
exported gnutls_system_recv_timeout()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 25 08:15:01 2015 +0100
simplified _gnutls_writev() by requiring the total length
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 20 09:39:44 2015 +0100
opencdk: small fixed to reduce warnings
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 19 15:36:22 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 19 15:32:09 2015 +0100
don't be so verbose about the OCSP nonce; it is universally unsupported
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Sat Jan 17 14:32:35 2015 +0100
OCSP check the whole cert chain
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 19 09:29:31 2015 +0100
on certificate import check whether the two signature algorithms match
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jan 17 09:49:17 2015 +0100
cross.mk: use 3.3.12
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jan 17 09:01:37 2015 +0100
doc update
Author: Luke Dashjr <luke-jr+git@utopios.org>
Date: Mon Jan 12 19:32:38 2015 +0000
Added configure option --disable-tools
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 16 15:54:53 2015 +0100
corrected typos
Reported by Guido Kroon.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 16 14:16:58 2015 +0100
Added the notion of obsolete versions
That prevents using these versions as record version numbers, unless
they are the only protocol supported. This avoids the issues with
servers that have banned SSL 3.0 record versions.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 16 10:16:47 2015 +0100
ocsptool: follow the documented process for gnutls_x509_crt_get_authority_info_access
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 16 10:15:08 2015 +0100
gnutls_x509_crt_get_authority_info_access: doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 15 15:49:53 2015 +0100
ocsptool-common: iterate through all AIA items prior to decidig the OCSP server
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 14 08:11:17 2015 +0100
use a FIPS key that agree's with fedora's fipshmac
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Jan 14 22:51:55 2015 +0100
DCO: Added Luke Dashjr
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 13 22:47:59 2015 +0100
simplified text for inline-commands-prefix
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 12 23:14:35 2015 +0100
gnutls-cli: added --starttls-proto option
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 12 17:28:50 2015 +0100
pkcs11: cleanup the name of types
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 12 17:19:48 2015 +0100
tests: updates in softhsm detection
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 12 17:12:56 2015 +0100
pkcs11: when importing a public key, import it's data as well (version 2 fix)
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 12 17:02:03 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 12 11:50:53 2015 +0100
testpkcs11: do not ignore the failure to write a trusted CA
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 12 11:17:24 2015 +0100
removed gnutls_pubkey_get_pk_* from the exported function list
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 12 10:33:21 2015 +0100
tests: key-import-export: enhanced to test gnutls_pubkey_*_ecc_x962
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 12 10:32:13 2015 +0100
gnutls_pubkey_t: allow the import of another parameter set without a leak
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 12 10:19:47 2015 +0100
removed ABI-compatibility functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 9 13:59:34 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 11 22:41:01 2015 +0100
testpkcs11: modified to support both softhsmv1 and v2
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 11 22:15:10 2015 +0100
pkcs11: when importing a public key, import it's data as well
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 11 18:00:38 2015 +0100
tests: enhanced key-import-export to check output of pubkeys
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 11 16:25:01 2015 +0100
tests: eliminated leaks
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 11 16:16:49 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 11 16:06:26 2015 +0100
tests: added checks for private key import/export functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jan 10 21:56:21 2015 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jan 10 12:13:29 2015 +0100
tests: Added test case for openpgp keys loaded by callback
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jan 10 12:12:25 2015 +0100
When setting up TLS with cert-type OpenPGP from a client,
the server verifies if it supports the extension’s contents
in _gnutls_session_cert_type_supported(). This function
checks for cred->get_cert_callback but not cred->get_cert_callback2.
As a result, servers setup for OpenPGP certificate credential
callback with gnutls_certificate_set_retrieve_function2() are
unable to use the OpenPGP certificate type.
The solution is to consider cred->get_cert_callback2 alongside
cred->get_cert_callback in _gnutls_session_cert_type_supported().
Patch by Rick van Rein.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Jan 10 11:56:48 2015 +0100
gnutls_privkey_import_openpgp_raw: do not release the cached value
Author: Ludovic Courtès <ludo@gnu.org>
Date: Thu Jan 8 10:18:07 2015 +0100
guile: Call 'load-extension' both during expansion and at run time.
Fixes <https://bugzilla.redhat.com/show_bug.cgi?id=1177847>.
* guile/modules/gnutls.in: Wrap '%libdir' definition and
'load-extension' call in 'eval-when'.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 8 09:35:59 2015 +0100
When receiving a TLS record with multiple handshake packets, parse them in one go
That resolves:
https://savannah.gnu.org/support/?108712
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Jan 8 09:25:15 2015 +0100
tests: updated mini-dtls-record-asym
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 6 21:36:33 2015 +0100
tests: better documentation of mini-dtls-record-asym purpose
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 6 21:27:14 2015 +0100
tests: moved udp_socketpair to utils
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 6 21:22:02 2015 +0100
tests: corrected asymmetric MTU test for DTLS and added caching
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 6 17:32:44 2015 +0100
Added test case for DTLS handshake packet reconstruction when it exceeds MTU
https://savannah.gnu.org/support/?108712
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 6 17:18:57 2015 +0100
simplified _gnutls_dgram_read()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 6 13:39:19 2015 +0100
danetool: only compile when dane is enabled
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 6 10:17:14 2015 +0100
in DTLS don't combine multiple packets which exceed MTU
Resolves: https://savannah.gnu.org/support/?108715
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 6 10:01:47 2015 +0100
Added more precise check of push functions availability
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 6 09:59:33 2015 +0100
Revert "in DTLS don't use writev() when multiple packets which exceed MTU are queued"
This reverts commit 43082a67c7514d65301d157fb567a133138a85ab.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Jan 6 09:59:25 2015 +0100
Revert "Give precedence to vector push function"
This reverts commit cb4ea413569803cbbf291abb27d30d14bfa971c5.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 5 15:08:28 2015 +0100
Give precedence to vector push function
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 5 15:08:28 2015 +0100
in DTLS don't use writev() when multiple packets which exceed MTU are queued
That change requires the system_write() to be registered unconditionally,
even when writev() is available.
Resolves: https://savannah.gnu.org/support/?108715
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 5 16:28:58 2015 +0100
tests: added check to ensure that DTLS handshake packets will not exceed MTU
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 5 16:21:57 2015 +0100
certtool: warn when setting a certificate's expiration longer than the CA's expiration
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 5 15:01:22 2015 +0100
testpkcs11: detect softhsm2
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Jan 5 14:40:51 2015 +0100
tests: account for disabling of ARCFOUR where needed
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 4 23:19:33 2015 +0100
certtool: modified check for READ_NUMERIC
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 4 22:46:16 2015 +0100
certtool: use 64-bit type for CRL serial number
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 4 22:43:00 2015 +0100
certtool: check for overflows when reading serial numbers
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 4 20:44:21 2015 +0100
certtool: use int64_t as type for integers read
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 4 20:30:39 2015 +0100
gnutls-cli-debug: more precise handling of SMTP protocol
Patch by Andreas Metzler.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Jan 4 11:11:51 2015 +0100
updated gnulib
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Jan 2 12:49:55 2015 +0200
gnutls-cli-debug: corrected the skip of ignored checks
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 31 22:50:17 2014 +0200
use explicit casts in the dummy ip conversion functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 31 22:41:24 2014 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 31 22:40:55 2014 +0200
ARCFOUR-128 is disabled by default
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 31 22:38:51 2014 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 31 16:53:57 2014 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 31 12:48:06 2014 +0200
system-keys-win: use LoadLibraryA to load ncrypt.dll
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 31 12:23:04 2014 +0200
Updated abi-compliance-checker for 3.4 API
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 31 12:17:51 2014 +0200
updated export symbols list (due to ABI breakage)
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 31 12:15:16 2014 +0200
doc: updated auto-generated files
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 31 12:09:41 2014 +0200
generate manpages for urls.h and system-keys.h
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 31 12:07:37 2014 +0200
tests: added check for gnutls_x509_trust_list_get_issuer_by_dn()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 31 12:00:11 2014 +0200
updated libgnutls.map for new functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 31 11:49:40 2014 +0200
doc: updated auto-generated files and added urls.h
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 31 11:17:55 2014 +0200
tests: added checks for the new --key-id and --fingerprint certtool options
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 31 11:11:40 2014 +0200
certtool: Added --fingerprint and --key-id options
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 31 10:00:11 2014 +0200
certtool: --pubkey-info will load a public key from stdin
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 31 09:40:03 2014 +0200
include netinet/in.h if present to access ipv6 related structures
Based on patch by Rumko.
https://savannah.gnu.org/support/?108713
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 31 09:34:24 2014 +0200
VERS-ALL adds all protocols if used with '+'
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 31 09:14:15 2014 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 31 09:04:27 2014 +0200
priority strings VERS-TLS-ALL and VERS-DTLS-ALL are restricted to the corresponding protocols
That introduces VERS-ALL which behaves as VERS-TLS-ALL previously.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 31 08:49:13 2014 +0200
gnutls.h: made DTLS protocol version numbering distinct
Author: Matthias-Christian Ott <ott@mirix.org>
Date: Tue Dec 30 11:58:43 2014 +0200
Don't call _gnutls_cipher_encrypt2 with textlen = 0 in _gnutls_auth_cipher_encrypt2_tag
If the plaintext is shorter than the block size of the used cipher,
_gnutls_auth_cipher_encrypt2_tag calls _gnutls_cipher_encrypt2 with
textlen = 0. By definition _gnutls_cipher_encrypt2 does nothing in this
case and thus does not need to be called.
Author: Matthias-Christian Ott <ott@mirix.org>
Date: Tue Dec 30 11:57:36 2014 +0200
Handle zero length plaintext for VIA PadLock functions
If the plaintext is shorter than the block size of the used cipher,
_gnutls_auth_cipher_encrypt2_tag calls _gnutls_cipher_encrypt2 with
textlen = 0. padlock_ecb_encrypt and padlock_cbc_encrypt assume that the
plaintext length (last parameter) is greater than zero and segfault
otherwise. The assembler code for both functions is automatically
generated and imported from OpenSSL, so to ease maintenance the length
should be validated in the functions that call padlock_ecb_encrypt or
padlock_cbc_encrypt.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 28 13:29:57 2014 +0200
use backslashes in windows path
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 28 11:14:47 2014 +0200
tests: enhanced openpgp-keyring test
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 28 11:13:10 2014 +0200
openpgp: properly print names in oneline output as well
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 28 11:11:18 2014 +0200
updates in openpgp DSA key printing
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 28 10:59:23 2014 +0200
properly print openpgp names
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 28 10:47:37 2014 +0200
opencdk: print all warnings on compilation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 28 10:47:20 2014 +0200
opencdk: eliminated warning from armor.c
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 28 10:45:30 2014 +0200
removed cache support for opencdk's keydb
It's implementation looked buggy.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Dec 27 22:41:53 2014 +0200
updated guile comments
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 25 00:16:17 2014 +0200
tools: use OCSP functions only when OCSP is enabled
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 24 19:08:54 2014 +0200
Corrected encoding and decoding of ANSI X9.62
That affects gnutls_pubkey_export_ecc_x962() and
gnutls_pubkey_import_ecc_x962().
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 24 18:34:04 2014 +0200
tools: document the available curves
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 24 08:54:19 2014 +0200
PKCS #11 tests: ported to softhsmv2
The C programs still rely on softhsmv1 since there
are issues with softhsmv2 and CKA_TRUSTED.
https://bugzilla.redhat.com/show_bug.cgi?id=1177086
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 23 18:33:22 2014 +0200
updated documentation of gnutls_memcmp()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 23 13:41:35 2014 +0200
use everywhere the new name of gnutls_x509_crt_import_pkcs11_url
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 23 13:29:13 2014 +0200
better cleanup in gnutls_pkcs11_privkey_import_url and allow reuse
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 23 12:54:23 2014 +0200
completely separated the two gnulibs to avoid conflicts
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 23 12:40:17 2014 +0200
updated gnulib
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 23 12:28:03 2014 +0200
dropped the sanitize URL approach
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 23 12:24:35 2014 +0200
Instead of sanitizing URLs, use hints to support incomplete PKCS#11 URIs
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 23 12:04:45 2014 +0200
gnutls_x509_crt_import_url replaces gnutls_x509_crt_import_pkcs11_url
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 23 08:52:24 2014 +0200
use p11_kit_uri_get_pin_source instead of p11_kit_uri_get_pinfile
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 22 12:16:05 2014 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 22 11:59:41 2014 +0200
ex-pkcs11-list.c: updated for new API
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 22 11:43:49 2014 +0200
combined gnutls_pkcs11_obj_attr_t with gnutls_pkcs11_obj_flags
That was done in an API-backwards compatible way. That
introduces gnutls_pkcs11_obj_list_import_url3() and
gnutls_pkcs11_obj_list_import_url4().
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 21 20:33:22 2014 +0200
first attempt to unify obj_attrs with obj_flags
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 21 19:33:53 2014 +0200
tests: pkcs11-is-known checks whether the import of PKCS #11 objects as trusted certs works
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 21 13:16:17 2014 +0200
Added softhsm.h to share code in softhsm detection
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Dec 21 13:00:53 2014 +0200
Directly import PKCS #11 object URLs as trusted certificates
That is, don't treat them as trusted modules, because they aren't
a token URL, but rather a direct reference to specific objects.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Dec 20 20:37:35 2014 +0200
PSK: added sanity check on PSK key size set
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 19 12:56:11 2014 +0200
gnutls-cli-debug: removed ARCFOUR-40 from the ciphers to use
It is no longer supported.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 19 12:07:17 2014 +0200
_gnutls_buffer_append_data returns zero on success
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 19 10:40:58 2014 +0200
corrected documentation for the cork/uncork functions
Reported by Jaak Ristioja.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 19 10:35:10 2014 +0200
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 19 10:25:40 2014 +0200
Added more precise version check in _gnutls_version_lowest
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 19 08:56:44 2014 +0200
corrected documentation of gnutls_cork()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 17 14:50:52 2014 +0200
Added 32-bit overflow protection in _gnutls_buffer_append_data()
Author: Jaak Ristioja <jaak.ristioja@cyber.ee>
Date: Wed Dec 17 13:55:10 2014 +0200
Remove redundant condition in align_allocd_with_data().
At all call-sites of align_allocd_with_data() dest->data is non-NULL.
Signed-off-by: Jaak Ristioja <jaak.ristioja@cyber.ee>
Author: Jaak Ristioja <jaak.ristioja@cyber.ee>
Date: Wed Dec 17 13:55:09 2014 +0200
Deduplicated some code in _gnutls_buffer_append_data().
Signed-off-by: Jaak Ristioja <jaak.ristioja@cyber.ee>
Author: Jaak Ristioja <jaak.ristioja@cyber.ee>
Date: Wed Dec 17 13:55:07 2014 +0200
Explicitly marked some variables const in _gnutls_buffer_append_data().
Signed-off-by: Jaak Ristioja <jaak.ristioja@cyber.ee>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 17 14:37:31 2014 +0200
DCO: added Jaak Ristioja
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 16 22:36:17 2014 +0200
test-ciphers: do not fail on processor which don't have the AES-NI instructions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 16 15:39:24 2014 +0100
_gnutls_buffer_*: moved common operations to function
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 16 15:35:10 2014 +0100
_gnutls_buffer_append_data: moved common code outside the if-clause
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 12 18:42:04 2014 +0100
tests: disable SSL 3.0 checks with polarssl
It seems that SSL 3.0 is disabled in Debian's polarssl.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 12 18:41:50 2014 +0100
testdane: removed www.vulcano.cl from good hosts
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 4 14:26:05 2014 +0100
tests: enhanced x509cert-tl
Verify gnutls_x509_trust_list_verify_crt2() in combination with
gnutls_x509_trust_list_add_named_crt().
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 4 14:21:46 2014 +0100
use gnutls_x509_trust_list_verify_named_crt in gnutls_x509_trust_list_verify_crt2
Author: Ludovic Courtès <ludo@gnu.org>
Date: Fri Dec 12 14:24:14 2014 +0100
Update 'NEWS'.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 12 09:35:29 2014 +0100
gnutls_rnd: doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 12 08:48:24 2014 +0100
gnutls_pkcs12_simple_parse: doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 12 08:26:53 2014 +0100
improved documentation on dane
Author: Ludovic Courtès <ludo@gnu.org>
Date: Thu Dec 11 19:06:18 2014 +0100
guile: Open binary file in binary mode, for the sake of MinGW.
Reported by Eli Zaretskii <eliz@gnu.org>.
* guile/tests/openpgp-keyring.scm: Use 'open-file' with "rb" instead of
'open-input-file'.
Author: Ludovic Courtès <ludo@gnu.org>
Date: Thu Dec 11 19:04:17 2014 +0100
guile: Link with '-no-undefined'.
Fixes builds on MinGW.
Reported by Eli Zaretskii <eliz@gnu.org>.
* guile/src/Makefile.am (guile_gnutls_v_2_la_LDFLAGS): Add
-no-undefined.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 11 19:03:28 2014 +0100
p11tool: use Sleep() in windows
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 11 19:01:16 2014 +0100
certtool: ensure that default_serial_int is 64-bits or more
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 11 18:59:27 2014 +0100
use select() instead of alarm for better portability
Based on patch by Eli Zaretskii.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 11 18:53:21 2014 +0100
cross.mk: updated for 3.3.11
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 11 10:15:54 2014 +0100
Allow a random generator with the same priority to re-register
That corrects an issue where the library is deinitialized, and
reinitialization wouldn't register the same rnd module.
Reported by Stanislav Zidek.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 11 09:27:58 2014 +0100
tests: x509cert: verify that length returned from gnutls_x509_crt_get_dn matches strlen
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 11 06:08:33 2014 +0100
testcompat: corrected usage of null cipher
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 10 15:40:49 2014 +0100
added the .check function in FIPS140-2 code
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Dec 8 23:30:07 2014 +0100
corrected typo
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Dec 6 10:48:52 2014 +0100
configure: added option --without-idn
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Dec 6 10:46:24 2014 +0100
accelerated: added required casts
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Dec 6 10:40:48 2014 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Dec 6 10:40:09 2014 +0100
the priority string EXPORT is no more
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Dec 6 10:27:00 2014 +0100
aesni-ccm: removed unused struct entries
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Dec 6 09:41:08 2014 +0100
added AESNI accelerated CCM
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Dec 6 09:33:20 2014 +0100
more nettle3 related changes
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 5 19:58:42 2014 +0100
dane: use the new _gnutls_buffer_to_datum
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 5 10:36:34 2014 +0100
tests: corrected the expected lengths in ocsp
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 5 10:31:41 2014 +0100
_gnutls_buffer_to_datum: includes code for exporting strings
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 5 10:04:50 2014 +0100
when the trusted list contains a non-CA certificate warn via the audit log
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 5 09:52:40 2014 +0100
modified the CCM ciphersuite's name to match the one in the IANA registry
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 5 09:52:14 2014 +0100
ciphersuite test: enhanced check for correct ciphersuites
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 5 09:35:46 2014 +0100
ciphersuites tests: add missing includes
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Dec 5 09:00:04 2014 +0100
ciphersuite tests: define HAVE_CONFIG_H
Author: Ludovic Courtès <ludo@gnu.org>
Date: Thu Dec 4 22:15:57 2014 +0100
guile: Build with warnings.
* guile/src/Makefile.am (AM_CFLAGS) [HAVE_GCC]: Add -Wall -Wextra
-Wno-unused-parameter.
Author: Ludovic Courtès <ludo@gnu.org>
Date: Thu Dec 4 22:14:57 2014 +0100
guile: Remove the deprecated priority API.
* guile/modules/gnutls/build/priorities.scm: Remove.
* guile/src/make-session-priorities.scm: Remove.
* guile/modules/Makefile.am (EXTRA_DIST): Adjust accordingly.
* guile/src/Makefile.am (EXTRA_DIST): Likewise.
(GENERATED_BINDINGS): Remove 'priorities.i.c'.
(priorities.i.c): Remove target.
* guile/src/core.c: Don't include it.
(scm_gnutls_set_default_priority_x): Remove.
* guile/modules/gnutls.in (gnutls): Adjust export list.
* guile/tests/session-record-port.scm: Use 'set-session-priorities!'.
* guile/tests/x509-auth.scm: Likewise.
Author: Ludovic Courtès <ludo@gnu.org>
Date: Thu Dec 4 22:15:16 2014 +0100
guile: Remove RSA parameters and related procedures.
* guile/modules/gnutls/build/smobs.scm (%rsa-parameters-smob): Remove.
(%gnutls-smobs): Remove it.
* guile/src/core.c (scm_gnutls_make_rsa_parameters,
scm_gnutls_pkcs1_import_rsa_parameters,
scm_gnutls_pkcs1_export_rsa_parameters,
scm_gnutls_set_certificate_credentials_rsa_export_params_x): Remove.
* guile/modules/gnutls.in: Adjust export list.
* guile/tests/openpgp-auth.scm (import-rsa-params): Remove.
Remove references to it and to
'set-certificate-credentials-rsa-export-parameters!'.
* guile/tests/x509-auth.scm: Likewise.
* doc/gnutls-guile.texi (Representation of Binary Data): Remove
references to RSA parameters. Adjust example accordingly.
(OpenPGP Authentication Guile Example): Likewise.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 4 16:05:58 2014 +0100
updated TODO list
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Dec 4 14:39:03 2014 +0100
removed several of the unneeded exported internal symbols
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 3 10:53:25 2014 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 3 10:39:51 2014 +0100
doc: corrected typo
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 28 20:21:52 2014 +0100
use unsigned long in gcm_cast_st
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 26 15:43:55 2014 +0100
corrected issue in AES-256-GCM
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 26 15:20:07 2014 +0100
tests: enhanced cipher check to include all ciphers.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 26 14:56:27 2014 +0100
simplified abstractions over nettle based on Niels' comments.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 26 11:21:29 2014 +0100
API doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 26 11:20:26 2014 +0100
Added test vectors for CCM mode
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 26 10:27:23 2014 +0100
CCM: corrected AEAD decryption
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 25 20:27:05 2014 +0100
CCM mode moved to the lowest priority
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 25 19:42:10 2014 +0100
aes-gcm-aead.h: generalized
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 25 17:57:15 2014 +0100
gnutls-cli: added benchmark for CCM
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 25 17:46:55 2014 +0100
tests: updated for AES-128-CCM ciphersuites
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 25 17:27:03 2014 +0100
use the new AEAD API in gnutls_cipher.c
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 25 17:04:25 2014 +0100
Added definitions for CCM ciphersuites
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 24 16:02:25 2014 +0100
Modified crypto backend to accomodate for the CCM ciphersuites
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 24 10:54:55 2014 +0100
More nettle2 updates (in FIPS140-2 mode)
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 23 22:58:41 2014 +0100
ported to nettle 3.0
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 3 10:10:05 2014 +0100
reduced current soversion
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 3 10:06:32 2014 +0100
documented the removal of deprecated functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 3 09:53:52 2014 +0100
corrected comparison
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 3 09:49:24 2014 +0100
removed the old gnutls_retr_st compatibility functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 3 09:45:19 2014 +0100
Removed binary compatibility with RSA-EXPORT using applications
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 3 09:41:33 2014 +0100
removed the old priority functions
That is:
gnutls_cipher_set_priority
gnutls_mac_set_priority
gnutls_compression_set_priority
gnutls_kx_set_priority
gnutls_protocol_set_priority
gnutls_certificate_type_set_priority
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 3 09:37:55 2014 +0100
removed gnutls_x509_crt_verify_hash() and gnutls_x509_crt_verify_data()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 3 09:35:26 2014 +0100
gnutls_sign_callback_set() and gnutls_sign_callback_get() were removed
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 3 09:32:21 2014 +0100
renumbered fields in gnutls.h
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Dec 3 09:28:10 2014 +0100
increased gnutls' soversion
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Dec 2 10:50:45 2014 +0100
if the rnd structure doesn't provide check, _gnutls_rnd_check() will succeed
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 30 22:17:31 2014 +0100
tests: Added check for verification using CRLs
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 30 21:44:10 2014 +0100
Reorganized, and eliminated memory leak in _gnutls_x509_crt_check_revocation()
Reported by Tim Rühsen.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Nov 29 15:27:34 2014 +0100
systemkey: updated for new gnutls_system_key_iter_get_info
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 28 16:16:19 2014 +0100
gnutls_system_key_iter_get_info() allows restricting results to a specific certificate type
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 28 16:12:31 2014 +0100
removed unneeded variable
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 28 14:39:58 2014 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 28 13:18:49 2014 +0100
doc: added recommendation to use the higher level functions to load keys
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 28 10:40:34 2014 +0100
certtool: avoid gcc warnings
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 25 11:47:56 2014 +0100
gnutls-cli-debug: Added check for whether %NO_EXTENSIONS is required
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 28 10:32:22 2014 +0100
gnutls_session_get_desc: allow proper printing of the NULL KX
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 28 09:30:04 2014 +0100
gnutls_session_get_desc will return NULL if initial negotiation is not complete
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 27 23:17:29 2014 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 27 23:16:04 2014 +0100
tests: small fix in mini-chain-unsorted
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 27 22:39:08 2014 +0100
GNUTLS_E_CERTIFICATE_LIST_UNSORTED can be returned from gnutls_pcert_import_x509_list
That is when it cannot sort the list and GNUTLS_X509_CRT_LIST_SORT is specified.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 27 16:28:10 2014 +0100
gnutls_pcert_import_x509_list: only sort the lists it can sort
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 27 16:12:33 2014 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 27 16:10:44 2014 +0100
simplified windows URLs
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 27 16:08:46 2014 +0100
system-keys-win: include urls.h
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 27 16:06:46 2014 +0100
tests: added mini-chain-unsorted
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 27 15:06:11 2014 +0100
Added flag GNUTLS_X509_CRT_LIST_SORT for gnutls_x509_crt_list_import*
That also allows automatically sorting input chains to the
gnutls_certificate_credentials_t structure.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 25 21:53:03 2014 +0100
tests: Added check for memory leaks when a file cannot be loaded.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 25 21:52:23 2014 +0100
gnutls_certificate_set_x509_key_*: eliminated memory leak when certificate could not be parsed
Reported by Georg Richter.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 25 20:33:15 2014 +0100
libdane: undef gnutls_assert() before redefining it
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 24 22:39:23 2014 +0100
gnutls-cli-debug: do not print error on unknown protocols
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 24 20:22:35 2014 +0100
tests: added leak check for gnutls_set_x509_key_mem2()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 24 19:16:42 2014 +0100
documented the limitations of the loading functions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 24 18:54:28 2014 +0100
corrected memleak in read_key_mem()
Patch by Georg Richter.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 24 13:27:09 2014 +0100
gnutls-cli-debug: Added check for sorted certificate chain
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 24 10:40:24 2014 +0100
do not allow the resumption of a session which switches the state of ext_master_secret
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 23 22:23:55 2014 +0100
tests: run rfc2253-escape-test under valgrind
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 23 19:43:44 2014 +0100
tests: enhanced custom-url check
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 23 19:43:01 2014 +0100
sanitize URLs at the proper place
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 23 19:42:43 2014 +0100
corrected freeing of custom URL
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 23 13:03:50 2014 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 23 12:43:27 2014 +0100
Added memxor_different_alignment into suppressions
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 23 12:36:22 2014 +0100
Allow the construction of chains with custom URLs
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 23 11:04:47 2014 +0100
updated ignored files
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 23 11:04:15 2014 +0100
renamed systemkey-tool to systemkey, and don't install it by default
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 23 10:51:30 2014 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 23 10:49:59 2014 +0100
tests: added check for registration of custom URLs
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 23 10:49:32 2014 +0100
export gnutls_register_custom_url
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 23 10:48:56 2014 +0100
correctly handle non-pkcs11 URLs in read_cert_url
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 23 09:30:29 2014 +0100
more files to ignore
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 23 09:11:38 2014 +0100
Added the ability to register application specific URLs for keys and certs
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 23 08:47:41 2014 +0100
system-keys-win: use macros for the URL
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Nov 22 10:49:52 2014 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 21 20:42:21 2014 +0100
tests: added test for GNUTLS_E_GOT_APPLICATION_DATA on rehandshake
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 21 20:18:08 2014 +0100
treat GNUTLS_E_GOT_APPLICATION_DATA as non-fatal if initial negotiation is complete
This corrects a regression introduced in b5a0de2e6da98866cafb770c3141b7353d030ab2
Reported by Dan Winship. https://savannah.gnu.org/support/?108690
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 21 16:48:45 2014 +0100
removed old news
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 21 16:10:33 2014 +0100
The record version in the client Hello will be set to the lowest supported protocol
There should have been no harm in keeping it SSL 3.0 but
unfortunately in draft-thomson-sslv3-diediedie-00
it has been marked as MUST NOT do that. That will be fixed in a later
revision but since then there are servers not accepting SSL 3.0
as a valid record version (note that this is about the record
version, which describes the format of the packet, nothing to
do with the negotiated version).
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 21 15:41:25 2014 +0100
Revert "The priority modifier %LATEST_RECORD_VERSION is now the default"
This reverts commit 66c419cc6336ea9a2747574588ffee77458b838f.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 21 15:02:40 2014 +0100
deinitialize the OCSP response der data
That also makes sure that reinitialization of ASN1 structures
are done when it is required only.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 21 14:48:50 2014 +0100
gnutls_priority_string_list: allow printing the special keywords as well.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 21 14:18:15 2014 +0100
simplified code involving getrandom() and getentropy()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 20 10:36:23 2014 +0100
configure: detect android system and define a variable
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 20 10:35:26 2014 +0100
separated system-keys implementations
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 20 22:52:43 2014 +0100
removed redundant local
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 20 00:15:02 2014 +0100
tests: added check for the abbreviated URLs which don't contain object information
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 20 00:13:45 2014 +0100
prior to importing objects with URLs sanitize them
That allows to use out of band information to complete missing
parts in URLs (e.g., object-type=cert, when there is a certificate).
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 19 23:53:50 2014 +0100
compilation fixes
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 19 11:28:38 2014 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 7 16:14:08 2014 +0100
Added API to read/write/delete key-cert pairs (limited to windows for now)
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 17 20:26:26 2014 +0100
NORMAL priority: prioritize the less than 256-bits curves at the lowest level
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 17 18:21:48 2014 +0100
certtool: Allow to set the nonRepudiation, keyAgreement and dataEncipherment flags
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 17 18:09:36 2014 +0100
list the OIDs in the certtool cfg file documentation
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun Nov 16 18:27:01 2014 +0100
properly reset the zombie mode in FIPS mode
This amends 9158f590f4a18c84fc9eb41877b29d73b30af879
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Nov 15 10:06:12 2014 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 14 22:17:42 2014 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 14 22:16:09 2014 +0100
partially reverted 999d221fd2241ff73f884bf33d8cbe6eb8299184
That change allows to use the intermediate certificates in chains
as OCSP anchors.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 14 21:21:53 2014 +0100
certtool: print message when the system trust is used
Author: David Weber <dave@veryflatcat.com>
Date: Fri Nov 14 14:49:24 2014 +0200
Fixed SRTP profile configuration in cli.c and serv.c.
I have tested the fix in 3.3.10. This commit is UNTESTED as i am unable
to compile gnutls (./configure complains about gl_INIT and ggl_INIT).
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 14 20:13:36 2014 +0100
tests: ocsp: added the signature in check
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 14 20:10:06 2014 +0100
only print about additional certificates if they are present
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 14 17:22:07 2014 +0100
ocsp: fix DN decoding in gnutls_ocsp_resp_get_responder_raw_id
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 14 11:42:42 2014 +0100
tests: ocsp: added check with a long response
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 14 16:17:58 2014 +0100
use the original DER/BER data when verifying an OCSP response
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 14 11:55:21 2014 +0100
_pkcs1_rsa_verify_sig() simplify hashing
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 14 11:42:15 2014 +0100
ocsp: eliminated duplicate code
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 14 11:05:18 2014 +0100
clarified the multiple paths printing of the verify options
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 14 10:53:31 2014 +0100
gnutls-cli: allow printing the certificates in OCSP responses when --print-cert is specified
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 14 10:47:55 2014 +0100
updated OCSP verification code to better use the trust list, and the KeyHash
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 14 09:34:13 2014 +0100
OCSP printing: Add header in front of certificates
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 14 09:32:40 2014 +0100
added gnutls_pkcs11_get_raw_issuer_by_dn and gnutls_x509_trust_list_get_issuer_by_dn
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 14 07:57:19 2014 +0100
gnutls-cli-debug: check for OCSP status response
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 14 07:45:49 2014 +0100
corrected crq test case; reported by Andreas Metzler
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 13 20:56:27 2014 +0100
set the GNUTLS_PIN_CONTEXT_SPECIFIC flag on PIN callback
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 13 16:31:21 2014 +0100
replaced gnutls_ocsp_resp_get_responder_by_key with gnutls_ocsp_resp_get_responder_raw_id
In addition reverted gnutls_ocsp_resp_get_responder() to the old
buggy behavior of returning 0 if the element was missing.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 13 16:05:44 2014 +0100
certtool: make sure that GNUTLS_PKCS_PLAIN is set when no password should be asked
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 13 16:05:21 2014 +0100
gnutls_x509_privkey_import2: will not use a callback if GNUTLS_PKCS_PLAIN is specified
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 13 15:55:50 2014 +0100
the FIPS140-2 testing mode is disabled after self-checks
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 13 15:50:05 2014 +0100
updated OCSP tests to account for the new key ID
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 13 15:43:04 2014 +0100
doc update and gnutls_ocsp_resp_get_responder() will always initialized output data
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 13 15:38:34 2014 +0100
_rnd_get_event: use memset to avoid valgrind complaints
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 13 15:34:23 2014 +0100
gnutls-cli: print the OCSP response in verbose mode
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 13 15:30:55 2014 +0100
corrected documentation of OCSP response verification
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 13 14:39:41 2014 +0100
Added gnutls_ocsp_resp_get_responder_by_key()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 13 14:39:07 2014 +0100
dn parsing: return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE when DN is not available
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 13 14:12:15 2014 +0100
gnutls-cli: added option to save the OCSP response
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 13 12:06:32 2014 +0100
added the notion of preferred sign algorithm in a private key
This can be set for keys imported with gnutls_privkey_import_ext3()
with the info callback. It is only considered for client side keys
in TLS sessions.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 13 10:18:03 2014 +0100
Added priority string %NO_SESSION_HASH to prevent advertising the extended master secret extension
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 13 10:06:51 2014 +0100
certificate status requestion response is optional according to RFC6066
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 13 09:52:43 2014 +0100
Added flag GNUTLS_OCSP_SR_IS_AVAIL for gnutls_ocsp_status_request_is_checked
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 13 09:27:38 2014 +0100
rnd: removed the packed attribute from event_st
That prevents a SIGBUS on solaris sparc systems.
Reported by Thomas Thorberger.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 13 09:18:31 2014 +0100
The priority modifier %LATEST_RECORD_VERSION is now the default
This works-around issue with servers that forbit the SSL 3.0
version number from the first packet of the record protocol.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Nov 13 09:16:29 2014 +0100
added check for servers that disallow the SSL 3.0 record version
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 12 19:44:18 2014 +0100
gnutls-cli: print whether status request has been checked
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 12 16:14:55 2014 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed Nov 12 15:44:53 2014 +0100
Enable PIN support to gnutls_x509_privkey_t
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 11 15:16:12 2014 +0100
_gnutls_ucs2_to_utf8() can handle little endian strings.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 11 11:25:57 2014 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 11 11:25:44 2014 +0100
Added gnutls_memcmp() and exported it.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 11 10:47:56 2014 +0100
indentation fix
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue Nov 11 10:40:21 2014 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 7 16:05:10 2014 +0100
added gnutls_pkcs12_bag_set_privkey()
Conflicts:
lib/libgnutls.map
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 10 12:59:39 2014 +0100
dropped unused copy_func
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon Nov 10 11:38:58 2014 +0100
silence warning
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 31 10:08:00 2014 +0100
Added check with the invalid crq sent by Sean Burford
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Oct 31 10:00:32 2014 +0100
when exporting curve coordinates to X9.63 format, perform additional sanity checks on input
Reported by Sean Burford.
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Nov 8 09:06:36 2014 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Nov 8 08:38:44 2014 +0100
doc update
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Nov 8 08:36:16 2014 +0100
exported gnutls_memset()
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat Nov 8 08:35:01 2014 +0100
doc: updated text on session tickets
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 7 21:46:58 2014 +0100
tools: include arpa/inet.h in socket.c
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 7 19:18:22 2014 +0100
doc: use the same port for DTLS client and server
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 7 19:01:57 2014 +0100
pkcs11: pass the correct user type to protected authentication login
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 7 10:22:11 2014 +0100
doc: corrected values for INSECURE level
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 7 08:55:40 2014 +0100
pkcs11: support the CKA_EXTRACTABLE and CKA_NEVER_EXTRACTABLE flags
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 7 08:44:46 2014 +0100
pkcs11: added the flag GNUTLS_PKCS11_OBJ_FLAG_MARK_ALWAYS_AUTH
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 7 07:54:41 2014 +0100
pkcs11: perform reauth at the appropriate state
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri Nov 7 07:49:54 2014 +0100
pkcs11_login: set the correct user type on reauthentication
Generated by dwww version 1.16 on Tue Dec 16 05:37:29 CET 2025.