Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | x509: Initialize signature params when parsing attribute certificates | Tobias Brunner | 2017-11-15 | 1 | -1/+1 |
| | |||||
* | pkcs8: Add explicit comment for RSASSA-PSS fall-through | Tobias Brunner | 2017-11-15 | 1 | -0/+1 |
| | |||||
* | Treat RSASSA-PSS keys like rsaEncryption RSA keys | Tobias Brunner | 2017-11-08 | 3 | -1/+20 |
| | | | | | | | | | | In theory we should treat any parameters and the identifier itself as restriction to only use the key to create signatures accordingly (e.g. only use RSA with PSS padding or even use specific hash algorithms). But that's currently tricky as we'd have to store and pass this information along with our private keys (i.e. use PKCS#8 to store them and change the builder calls to pass along the identifier and parameters). That would require quite some work. | ||||
* | openssl: Add support for signature schemes with parameters | Tobias Brunner | 2017-11-08 | 2 | -47/+34 |
| | |||||
* | x509: Add support for signature schemes with parameters | Tobias Brunner | 2017-11-08 | 5 | -143/+220 |
| | | | | | Also adds support for specifying the hash algorithm for attribute certificate signatures. | ||||
* | certificate: Return signature scheme and parameters from issued_by() method | Tobias Brunner | 2017-11-08 | 13 | -44/+75 |
| | | | | | This also required some include restructuring (avoid including library.h in headers) to avoid unresolvable circular dependencies. | ||||
* | gcrypt: Add support for static salts when signing with RSA-PSS | Tobias Brunner | 2017-11-08 | 1 | -6/+17 |
| | |||||
* | gmp: Add support for static salts when signing with RSA-PSS | Tobias Brunner | 2017-11-08 | 1 | -2/+6 |
| | |||||
* | mgf1: Add support for SHA-224/384 based MGF1 | Tobias Brunner | 2017-11-08 | 2 | -1/+11 |
| | |||||
* | gmp: Use helper to determine XOF type | Tobias Brunner | 2017-11-08 | 2 | -28/+10 |
| | |||||
* | gcrypt: Add support for RSA-PSS signatures | Tobias Brunner | 2017-11-08 | 3 | -31/+127 |
| | | | | | | | | For salt lengths other than 20 this requires 0bd8137e68c2 ("cipher: Add option to specify salt length for PSS verification."), which was included in libgcrypt 1.7.0 (for Ubuntu requires 17.04). As that makes it pretty much useless for us (SHA-1 is a MUST NOT), we require that version to even provide the feature. | ||||
* | gcrypt: Register supported RSA signature/verification schemes | Tobias Brunner | 2017-11-08 | 1 | -0/+16 |
| | |||||
* | gmp: Add support for RSASSA-PSS signature verification | Tobias Brunner | 2017-11-08 | 2 | -2/+140 |
| | |||||
* | gmp: Add support for RSASSA-PSS signature creation | Tobias Brunner | 2017-11-08 | 2 | -0/+130 |
| | |||||
* | openssl: Add support for verifying RSASSA-PSS signatures | Tobias Brunner | 2017-11-08 | 2 | -3/+142 |
| | |||||
* | openssl: Add support for creating RSASSA-PSS signatures | Tobias Brunner | 2017-11-08 | 2 | -5/+132 |
| | |||||
* | openssl: Add helper to determine EVP_MD from hash_algorithm_t | Tobias Brunner | 2017-11-08 | 2 | -9/+27 |
| | |||||
* | gcrypt: Determine missing RSA private key parameters | Tobias Brunner | 2017-11-08 | 1 | -4/+133 |
| | | | | | We only need n, e, and d. The primes p and q and the coefficient for the Chinese remainder algorithm can be determined from these. | ||||
* | gmp: Determine missing RSA private key parameters | Tobias Brunner | 2017-11-08 | 1 | -4/+109 |
| | | | | | We only need n, e, and d. The parameters for the Chinese remainder algorithm and even p and q can be determined from these. | ||||
* | openssl: Add functions to determine missing RSA private key parameters | Tobias Brunner | 2017-11-08 | 1 | -9/+223 |
| | | | | | We only need n, e, and d. The parameters for the Chinese remainder algorithm and even p and q can be determined from these. | ||||
* | private-key: Add optional parameters argument to sign() method | Tobias Brunner | 2017-11-08 | 16 | -29/+26 |
| | |||||
* | public-key: Add optional parameters argument to verify() method | Tobias Brunner | 2017-11-08 | 17 | -19/+25 |
| | |||||
* | pkcs11: Call C_Finalize() to cancel jobs waiting in C_WaitForSlotEvent() | Tobias Brunner | 2017-11-02 | 1 | -9/+14 |
| | | | | | | | | | | | | | | | | This is not ideal as the call to C_Finalize() should be the last one via the PKCS#11 API. Since the order in which jobs are canceled is undefined we can't be sure there is no other thread still using the library (it could even be the canceled job that still handles a previous slot event). According to PKCS#11 the behavior of C_Finalize() is undefined while other threads still make calls over the API. However, canceling the thread, as done previously, could also be problematic as PKCS#11 libraries could hold locks while in the C_WaitForSlotEvent() call, which might not get released properly when the thread is just canceled, and which then might cause later calls to other API functions to block. Fixes #2437. | ||||
* | openssl: Also load EC keys from an ENGINE | Tobias Brunner | 2017-11-02 | 5 | -155/+168 |
| | |||||
* | openssl: Fix call of X509_CRL_get0_signature() with OpenSSL 1.1.0 | Tobias Brunner | 2017-10-10 | 1 | -3/+3 |
| | | | | | | | The order of arguments in X509_CRL_get0_signature() is not the same as that of X509_get0_signature(). Fixes: 989ba4b6cd16 ("openssl: Update CRL API to OpenSSL 1.1.0") | ||||
* | bliss: Fix compile error of unit tests due to uninitialized variable | Tobias Brunner | 2017-09-18 | 1 | -1/+1 |
| | |||||
* | Define MODP_CUSTOM constructors as variadic functions | Tobias Brunner | 2017-09-18 | 8 | -22/+28 |
| | | | | | | They now match the dh_constructor_t signature. This is a follow up for the changes merged with b668bf3f9ec1 and should fix use of MODP_CUSTOM on Apple's ARM64 platform. | ||||
* | plugin-loader: Correctly read dlopen_use_rtld_now option | Tobias Brunner | 2017-09-18 | 1 | -1/+1 |
| | | | | Fixes: 305c4aa82cb0 ("plugin-loader: Optionally use RTLD_NOW with dlopen()") | ||||
* | openssl: Add support for delta CRLs | Tobias Brunner | 2017-09-18 | 2 | -19/+74 |
| | |||||
* | certificates: Use shared destructor for x509_cdp_t | Tobias Brunner | 2017-09-18 | 3 | -33/+6 |
| | |||||
* | plugin-loader: Move indent variables into !USE_FUZZING block | Tobias Brunner | 2017-08-15 | 1 | -2/+2 |
| | | | | This avoids compile errors on Travis. | ||||
* | gmp: Fix RSA signature verification for m >= n | Tobias Brunner | 2017-08-14 | 1 | -3/+9 |
| | | | | | | | | By definition, m must be <= n-1, we didn't enforce that and because mpz_export() returns NULL if the passed value is zero a crash could have been triggered with m == n. Fixes CVE-2017-11185. | ||||
* | sha2: Write final hash directly to output buffer | Tobias Brunner | 2017-08-07 | 1 | -56/+26 |
| | | | | | | This avoids having the last output in internal memory that's not wiped. References #2388. | ||||
* | curl: Enable following redirects | Tobias Brunner | 2017-07-27 | 1 | -0/+9 |
| | | | | | | | The maximum number of redirects can be limited. The functionality can also be disabled. Fixes #2366. | ||||
* | imv-swima: Implemented SW event processing | Andreas Steffen | 2017-07-08 | 1 | -2/+12 |
| | |||||
* | x509: Correctly encode nonce in OCSP request | Tobias Brunner | 2017-07-07 | 1 | -1/+2 |
| | | | | | The nonce value is encoded as OCTET STRING, however, the extension values themselves must also be encoded as OCTET STRING. | ||||
* | configure: Enable coverage for all plugins via PLUGIN_CFLAGS | Tobias Brunner | 2017-06-20 | 3 | -6/+3 |
| | |||||
* | openssl: Properly handle flags in key usage extension | Tobias Brunner | 2017-06-14 | 1 | -8/+6 |
| | |||||
* | x509: nameConstraints sequence does not require a loop | Andreas Steffen | 2017-05-29 | 1 | -2/+1 |
| | | | | Fixes: CVE-2017-9023 | ||||
* | asn1-parser: Fix CHOICE parsing | Andreas Steffen | 2017-05-29 | 1 | -53/+59 |
| | | | | Fixes: CVE-2017-9023 | ||||
* | gmp: Make sure the modulus is odd and the exponent not zero | Tobias Brunner | 2017-05-29 | 1 | -1/+6 |
| | | | | | | | | | Unlike mpz_powm() its secure replacement mpz_powm_sec() has the additional requirement that the exponent must be > 0 and the modulus has to be odd. Otherwise, it will crash with a floating-point exception. Fixes: CVE-2017-9022 Fixes: 3e35a6e7a1b0 ("Use side-channel secured mpz_powm_sec of libgmp 5, if available") | ||||
* | linked-list: Change return value of find_first() and signature of its callback | Tobias Brunner | 2017-05-26 | 1 | -18/+20 |
| | | | | This avoids the unportable five pointer hack. | ||||
* | Change interface for enumerator_create_filter() callback | Tobias Brunner | 2017-05-26 | 5 | -102/+145 |
| | | | | | This avoids the unportable 5 pointer hack, but requires enumerating in the callback. | ||||
* | Migrate all enumerators to venumerate() interface change | Tobias Brunner | 2017-05-26 | 7 | -50/+74 |
| | |||||
* | x509: Fix leak when parsing CDPs if an invalid one follows valid ones | Tobias Brunner | 2017-05-23 | 1 | -2/+2 |
| | |||||
* | pem: Ensure a value before checking Proc-Type in PEM header | Tobias Brunner | 2017-05-23 | 1 | -1/+1 |
| | |||||
* | plugin-loader: Disable some logging output when building fuzz targets | Tobias Brunner | 2017-05-23 | 1 | -4/+19 |
| | | | | | This avoids evaluating %N. An alternative would be to define a printf-hook for plugin features. | ||||
* | x509: Manually print CRL/OCSP URIs when fuzzing | Tobias Brunner | 2017-05-23 | 1 | -8/+25 |
| | | | | This avoids a warning about the custom %Y printf specifier. | ||||
* | plugin-constructors: Add script to generate constructor registration | Tobias Brunner | 2017-05-23 | 1 | -0/+60 |
| | | | | Using a Python script so this works in cross-compilation situations. | ||||
* | plugin-loader: Add facility to register plugin constructors | Tobias Brunner | 2017-05-23 | 2 | -3/+69 |
| | | | | | | | | | | | | | | Enabled when building monolithically and statically. This should allow us to work around the -whole-archive issue with libtool. If the libraries register the plugin constructors they provide they reference the constructors and will therefore prevent the linker from removing these seemingly unused symbols from the final executable. For use cases where dlsym() can be used, e.g. because the static libraries are manually linked with -whole-archive (Linux) or -force-load (Apple), this can be disabled by passing ss_cv_static_plugin_constructors=no to the configure script. |