From gnutls-devel at lists.gnutls.org Tue Oct 1 10:09:42 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 01 Oct 2024 08:09:42 +0000 Subject: [gnutls-devel] GnuTLS | Ignore unknown compression algs when using CLI (!1881) In-Reply-To: References: Message-ID: Merge request !1881 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1881 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel2 to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Reviewer: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1881 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Oct 1 10:09:44 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 01 Oct 2024 08:09:44 +0000 Subject: [gnutls-devel] GnuTLS | gnutls-cli skips the whole compressed certificate negotiation when unknown algo is provided among known (#1587) In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno with merge request !1881 (https://gitlab.com/gnutls/gnutls/-/merge_requests/1881) Issue #1587: https://gitlab.com/gnutls/gnutls/-/issues/1587 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1587 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Oct 1 10:09:25 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 01 Oct 2024 08:09:25 +0000 Subject: [gnutls-devel] GnuTLS | tests/key-material-set-dtls: retry send/recv on E_AGAIN/E_INTERRUPTED (!1880) In-Reply-To: References: Message-ID: Merge request !1880 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1880 Project:Branches: asosedkin/gnutls:tests-key-material-set-dtls-eagain to gnutls/gnutls:master Author: Alexander Sosedkin -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1880 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 2 20:04:04 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 02 Oct 2024 18:04:04 +0000 Subject: [gnutls-devel] GnuTLS | Fixed the check at src/benchmark-tls.c (!1875) In-Reply-To: References: Message-ID: David Meliksetyan commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1875#note_2140221739 Good evening! I'm sorry it took me so long to respond. I did some research and found out, that right now it's pretty much impossible to verify my account from my country. I assume it will be easier and faster, if you create a separate MR. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1875#note_2140221739 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Oct 5 23:00:03 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 05 Oct 2024 21:00:03 +0000 Subject: [gnutls-devel] GnuTLS | Solaris build requires -D_XOPEN_SOURCE=600 -std=gnu99 (#782) In-Reply-To: References: Message-ID: Alan Coopersmith commented: https://gitlab.com/gnutls/gnutls/-/issues/782#note_2144348466 EOL of Solaris is not planned until 2037, despite past press reports. Use of alloca on Solaris requires including the `` header to get the critical `#define alloca(x) __builtin_alloca(x)` bit to make the compiler generate the stack-allocation code. Nettle itself handles this via autoconf m4 trickery to insert the include of `` into `config.h`: https://gitlab.com/gnutls/nettle/-/blob/nettle_3.10_release_20240616/aclocal.m4#L184-216 In gnutls-3.8.4, the configure scripts on Solaris end up with an `alloca.h` header in `gl/alloca.h` that is generated by gnulib scripts. Adding an '#include ' to `lib/nettle/int/nettle-internal.h` solves this problem for me. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/782#note_2144348466 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Oct 5 23:05:22 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 05 Oct 2024 21:05:22 +0000 Subject: [gnutls-devel] GnuTLS | lib/nettle/int/nettle-internal.h: include alloca.h if configure found it (!1882) References: Message-ID: Alan Coopersmith created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1882 Project:Branches: alanc4/gnutls:alloca to gnutls/gnutls:master Author: Alan Coopersmith * lib/nettle/int/nettle-internal.h: include alloca.h if configure found it Needed for alloca definition on Solaris, to avoid build error with gcc 14: lib/nettle/int/nettle-internal.h:59:39: error: implicit declaration of function 'alloca' [-Wimplicit-function-declaration] 59 | #define TMP_ALLOC(name, size) (name = alloca(sizeof(*name) * (size))) | ^~~~~~ Closes #782 Signed-off-by: Alan Coopersmith ## Checklist * [ ] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1882 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Oct 7 21:49:30 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 07 Oct 2024 19:49:30 +0000 Subject: [gnutls-devel] GnuTLS | gnutls_record_send_file() (non-NULL offset) moves file descriptor offset while sending without KTLS (#1580) In-Reply-To: References: Message-ID: Brian Denton commented: https://gitlab.com/gnutls/gnutls/-/issues/1580#note_2147032848 I made a simple diff that "fixes" it. I haven't looked into the details of the gnutls build system so it's probably not what is wanted, but it's a start. [my-gnutls-diff.diff](/uploads/dfabb9efbee7d61cac1b52183eafe86e/my-gnutls-diff.diff) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1580#note_2147032848 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Oct 8 03:53:50 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 08 Oct 2024 01:53:50 +0000 Subject: [gnutls-devel] GnuTLS | Update liboqs version requirement to 0.11.0 to support final version of ML-KEM (!1883) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883 Project:Branches: dueno/gnutls:wip/dueno/liboqs-update to gnutls/gnutls:master Author: Daiki Ueno * groups: register SecP256r1MLKEM768 and X25519MLKEM768 * pk: plumb ML-KEM 768 in addition to Kyber 768 * liboqs: provide SHA2 stubs * liboqs: check library version at run-time * liboqs: require version 0.11.0 ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [x] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Oct 8 04:01:22 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 08 Oct 2024 02:01:22 +0000 Subject: [gnutls-devel] GnuTLS | lib/nettle/int/nettle-internal.h: include alloca.h if configure found it (!1882) In-Reply-To: References: Message-ID: Daiki Ueno started a new discussion on lib/nettle/int/nettle-internal.h: https://gitlab.com/gnutls/gnutls/-/merge_requests/1882#note_2147288173 > #define GNUTLS_NETTLE_INT_NETTLE_INTERNAL_H_INCLUDED > > #include > +#ifdef HAVE_ALLOCA_H I suppose we can include `` unconditionally, as a replacement header (from Gnulib) is always present if system doesn't have it. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1882#note_2147288173 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Oct 8 04:04:15 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 08 Oct 2024 02:04:15 +0000 Subject: [gnutls-devel] GnuTLS | lib/nettle/int/nettle-internal.h: include alloca.h if configure found it (!1882) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1882#note_2147289602 @alanc4 the CI is blocked by a user verification error. Would it be possible for you to resolve it by following this [instruction](https://docs.gitlab.com/ee/security/identity_verification.html)? Otherwise I can create a new merge request cherry-picking the commit for you. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1882#note_2147289602 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Oct 8 08:33:37 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 08 Oct 2024 06:33:37 +0000 Subject: [gnutls-devel] GnuTLS | Update liboqs version requirement to 0.11.0 to support final version of ML-KEM (!1883) In-Reply-To: References: Message-ID: Reassigned merge request 1883 https://gitlab.com/gnutls/gnutls/-/merge_requests/1883 Daiki Ueno was added as an assignee. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Oct 8 08:33:24 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 08 Oct 2024 06:33:24 +0000 Subject: [gnutls-devel] GnuTLS | Update liboqs version requirement to 0.11.0 to support final version of ML-KEM (!1883) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2147458994 @d-Dudas FYI, this includes SHA2 stubs. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2147458994 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Oct 8 08:33:54 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 08 Oct 2024 06:33:54 +0000 Subject: [gnutls-devel] GnuTLS | Update liboqs version requirement to 0.11.0 to support final version of ML-KEM (!1883) In-Reply-To: References: Message-ID: Alexander Sosedkin and Zolt?n Fridrich were added as reviewers. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Oct 8 18:49:33 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 08 Oct 2024 16:49:33 +0000 Subject: [gnutls-devel] GnuTLS | lib/nettle/int/nettle-internal.h: include alloca.h if configure found it (!1882) In-Reply-To: References: Message-ID: Alan Coopersmith commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1882#note_2148677529 I did the phone number verification, but don't see any way to restart the CI pipelines. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1882#note_2148677529 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Oct 8 21:24:26 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 08 Oct 2024 19:24:26 +0000 Subject: [gnutls-devel] GnuTLS | Update liboqs version requirement to 0.11.0 to support final version of ML-KEM (!1883) In-Reply-To: References: Message-ID: Geert Hendrickx commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2148883796 I tested interop of this branch with openssl+oqs-provider, Firefox, and Chrome. GROUP-X25519-KYBER768 works with all of them. GROUP-X25519-MLKEM768 fails with: - Firefox 132 beta: `Error code: SSL_ERROR_BAD_MAC_READ` - Chrome 130 beta: `ERR_SSL_PROTOCOL_ERROR` - openssl client to gnutls-serv: `error:0A000119:SSL routines::decryption failed or bad record mac` - gnutls-cli to openssl server: ``` |<1>| Discarded message[0] due to invalid decryption *** Fatal error: Decryption has failed. ``` and GROUP-SECP256R1-MLKEM768 fails with: - openssl client to gnutls-serv: `error:0A000417:SSL routines::ssl/tls alert illegal parameter` - gnutls-cli to openssl server: ``` *** Fatal error: A TLS fatal alert has been received. *** Received alert [47]: Illegal parameter ``` (X25519-MLKEM768 is different from X25519-KYBER768 in that the order of the key shares has been reversed.) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2148883796 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Oct 8 21:28:34 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 08 Oct 2024 19:28:34 +0000 Subject: [gnutls-devel] GnuTLS | Update liboqs version requirement to 0.11.0 to support final version of ML-KEM (!1883) In-Reply-To: References: Message-ID: Geert Hendrickx commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2148887756 You can reproduce this with google.com, which supports both X25519-KYBER768 and X25519-MLKEM768: ``` $ gnutls-cli --priority 'PFS:+GROUP-X25519-MLKEM768' google.com Processed 176 CA certificate(s). Resolving 'google.com:443'... Connecting to '2a00:1450:400c:c07::71:443'... *** Fatal error: A TLS fatal alert has been received. *** Received alert [50]: Decode error ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2148887756 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Oct 8 22:18:49 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 08 Oct 2024 20:18:49 +0000 Subject: [gnutls-devel] GnuTLS | Update liboqs version requirement to 0.11.0 to support final version of ML-KEM (!1883) In-Reply-To: References: Message-ID: Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1883 was reviewed by Geert Hendrickx -- Geert Hendrickx started a new discussion on lib/algorithms/groups.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2148944070 > + { .name = "SECP256R1-MLKEM768", > + .id = GNUTLS_GROUP_EXP_SECP256R1_MLKEM768, > + .curve = GNUTLS_ECC_CURVE_SECP521R1, ```suggestion:-0+0 .curve = GNUTLS_ECC_CURVE_SECP256R1, ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 9 11:43:19 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 09 Oct 2024 09:43:19 +0000 Subject: [gnutls-devel] GnuTLS | Update liboqs version requirement to 0.11.0 to support final version of ML-KEM (!1883) In-Reply-To: References: Message-ID: Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1883 was reviewed by Geert Hendrickx -- Geert Hendrickx started a new discussion on lib/algorithms/groups.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2149838759 > + { .name = "SECP256R1-MLKEM768", > + .id = GNUTLS_GROUP_EXP_SECP256R1_MLKEM768, > + .curve = GNUTLS_ECC_CURVE_SECP521R1, ```suggestion:-0+0 .curve = GNUTLS_ECC_CURVE_SECP256R1, ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 9 12:27:44 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 09 Oct 2024 10:27:44 +0000 Subject: [gnutls-devel] GnuTLS | Update liboqs version requirement to 0.11.0 to support final version of ML-KEM (!1883) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2149935069 Thanks @ghen2 for checking and pointing out the discrepancies in the implementation. I tried to rework the hybrid case to be more flexible, though still seeing errors against OpenSSL. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2149935069 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 9 12:51:12 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 09 Oct 2024 10:51:12 +0000 Subject: [gnutls-devel] GnuTLS | Update liboqs version requirement to 0.11.0 to support final version of ML-KEM (!1883) In-Reply-To: References: Message-ID: All discussions on merge request !1883 were resolved by Daiki Ueno https://gitlab.com/gnutls/gnutls/-/merge_requests/1883 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 9 12:54:30 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 09 Oct 2024 10:54:30 +0000 Subject: [gnutls-devel] GnuTLS | Update liboqs version requirement to 0.11.0 to support final version of ML-KEM (!1883) In-Reply-To: References: Message-ID: Geert Hendrickx commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2150000539 X25519MLKEM768 should be MLKEM first, whereas SecP256r1MLKEM768 should be P256 first. See [section 3. of draft-kwiatkowski-tls-ecdhe-mlkem](https://datatracker.ietf.org/doc/html/draft-kwiatkowski-tls-ecdhe-mlkem-02#name-negotiated-groups) for rationale. The pre-standard Kyber hybrid is unchanged (x25519 first). -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2150000539 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 9 18:32:46 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 09 Oct 2024 16:32:46 +0000 Subject: [gnutls-devel] GnuTLS | Update liboqs version requirement to 0.11.0 to support final version of ML-KEM (!1883) In-Reply-To: References: Message-ID: Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1883 was reviewed by Alexander Sosedkin -- Alexander Sosedkin started a new discussion on lib/algorithms/groups.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2150857662 > + pp->curve)) && > + (pp->pk == 0 || _gnutls_pk_exists(pp->pk))) > + groups[i++] = pp->id; is it desirable that it considers the linked group as supported if the linking group is supported? worrying about the case of enabling hybrids without enabling pure PQ ones. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 9 19:58:06 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 09 Oct 2024 17:58:06 +0000 Subject: [gnutls-devel] GnuTLS | lib/nettle/int/nettle-internal.h: include alloca.h if configure found it (!1882) In-Reply-To: References: Message-ID: Alan Coopersmith commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1882#note_2150975127 Please go ahead and submit your own merge request if the CI on this one is not sufficient. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1882#note_2150975127 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 9 20:18:45 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 09 Oct 2024 18:18:45 +0000 Subject: [gnutls-devel] GnuTLS | Update liboqs version requirement to 0.11.0 to support final version of ML-KEM (!1883) In-Reply-To: References: Message-ID: Geert Hendrickx commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2151001954 @dueno This fixes SECP256R1MLKEM768: ``` --- lib/algorithms/groups.c +++ lib/algorithms/groups.c @@ -37,6 +37,13 @@ .pk = GNUTLS_PK_EXP_KYBER768, }; +static const gnutls_group_entry_st group_mlkem768 = { + .name = "MLKEM768", + .id = GNUTLS_GROUP_INVALID, + .curve = GNUTLS_ECC_CURVE_INVALID, + .pk = GNUTLS_PK_MLKEM768, +}; + static const gnutls_group_entry_st group_x25519 = { .name = "X25519", .id = GNUTLS_GROUP_X25519, @@ -187,9 +194,9 @@ { .name = "SECP256R1-MLKEM768", .id = GNUTLS_GROUP_EXP_SECP256R1_MLKEM768, .curve = GNUTLS_ECC_CURVE_SECP256R1, - .pk = GNUTLS_PK_MLKEM768, + .pk = GNUTLS_PK_ECDSA, .tls_id = 0x11EB, - .next = &group_secp256r1 }, + .next = &group_mlkem768 }, { .name = "X25519-MLKEM768", .id = GNUTLS_GROUP_EXP_X25519_MLKEM768, .curve = GNUTLS_ECC_CURVE_X25519, ``` (tested against OpenSSL/oqs-provider) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2151001954 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 9 21:19:42 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 09 Oct 2024 19:19:42 +0000 Subject: [gnutls-devel] GnuTLS | Update liboqs version requirement to 0.11.0 to support final version of ML-KEM (!1883) In-Reply-To: References: Message-ID: Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1883 was reviewed by Geert Hendrickx -- Geert Hendrickx started a new discussion on lib/algorithms/groups.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2151076716 > + .pk = GNUTLS_PK_MLKEM768, > + .tls_id = 0x11EB, > + .next = &group_secp256r1 }, ```suggestion:-5+0 { .name = "SECP256R1-MLKEM768", .id = GNUTLS_GROUP_EXP_SECP256R1_MLKEM768, .curve = GNUTLS_ECC_CURVE_SECP256R1, .pk = GNUTLS_PK_ECDSA, .tls_id = 0x11EB, .next = &group_mlkem768 }, ``` SECP256R1-MLKEM768 should be the other way around (original order), see my other comment. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 10 00:21:31 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 09 Oct 2024 22:21:31 +0000 Subject: [gnutls-devel] GnuTLS | lib/nettle/int/nettle-internal.h: include alloca.h if configure found it (!1882) In-Reply-To: References: Message-ID: Merge request !1882 was approved by Daiki Ueno Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1882 Project:Branches: alanc4/gnutls:alloca to gnutls/gnutls:master Author: Alan Coopersmith Assignees: Reviewers: -- You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 10 00:21:45 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 09 Oct 2024 22:21:45 +0000 Subject: [gnutls-devel] GnuTLS | lib/nettle/int/nettle-internal.h: include alloca.h if configure found it (!1882) In-Reply-To: References: Message-ID: All discussions on merge request !1882 were resolved by Daiki Ueno https://gitlab.com/gnutls/gnutls/-/merge_requests/1882 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1882 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 10 00:21:57 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 09 Oct 2024 22:21:57 +0000 Subject: [gnutls-devel] GnuTLS | lib/nettle/int/nettle-internal.h: include alloca.h if configure found it (!1882) In-Reply-To: References: Message-ID: Merge request !1882 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1882 Project:Branches: alanc4/gnutls:alloca to gnutls/gnutls:master Author: Alan Coopersmith -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1882 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 10 00:22:04 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 09 Oct 2024 22:22:04 +0000 Subject: [gnutls-devel] GnuTLS | lib/nettle/int/nettle-internal.h: include alloca.h if configure found it (!1882) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1882#note_2151239305 Thank you! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1882#note_2151239305 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 10 00:21:58 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 09 Oct 2024 22:21:58 +0000 Subject: [gnutls-devel] GnuTLS | Solaris build requires -D_XOPEN_SOURCE=600 -std=gnu99 (#782) In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno with merge request !1882 (https://gitlab.com/gnutls/gnutls/-/merge_requests/1882) Issue #782: https://gitlab.com/gnutls/gnutls/-/issues/782 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/782 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 10 00:31:26 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 09 Oct 2024 22:31:26 +0000 Subject: [gnutls-devel] GnuTLS | Update liboqs version requirement to 0.11.0 to support final version of ML-KEM (!1883) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion on lib/algorithms/groups.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2151245897 > .tls_id = 0x104 }, > #endif > #ifdef HAVE_LIBOQS > + { .name = "SECP256R1-MLKEM768", > + .id = GNUTLS_GROUP_EXP_SECP256R1_MLKEM768, > + .curve = GNUTLS_ECC_CURVE_SECP256R1, > + .pk = GNUTLS_PK_MLKEM768, > + .tls_id = 0x11EB, > + .next = &group_secp256r1 }, Thank you; applied. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2151245897 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 10 00:31:02 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 09 Oct 2024 22:31:02 +0000 Subject: [gnutls-devel] GnuTLS | Update liboqs version requirement to 0.11.0 to support final version of ML-KEM (!1883) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion on lib/algorithms/groups.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2151245693 > - if ((p->curve == 0 || > - _gnutls_ecc_curve_is_supported(p->curve)) && > - (p->pk == 0 || _gnutls_pk_exists(p->pk)) && > - (p->pk2 == 0 || _gnutls_pk_exists(p->pk2))) > - groups[i++] = p->id;); > + const gnutls_group_entry_st *p; > + > + for (p = supported_groups; p->name != NULL; p++) { > + const gnutls_group_entry_st *pp; > + > + for (pp = p; pp != NULL; pp = pp->next) { > + if ((pp->curve == 0 || > + _gnutls_ecc_curve_is_supported( > + pp->curve)) && > + (pp->pk == 0 || _gnutls_pk_exists(pp->pk))) > + groups[i++] = pp->id; Good catch, changed the logic to require all linked groups to match. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2151245693 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 10 00:31:27 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 09 Oct 2024 22:31:27 +0000 Subject: [gnutls-devel] GnuTLS | Update liboqs version requirement to 0.11.0 to support final version of ML-KEM (!1883) In-Reply-To: References: Message-ID: All discussions on merge request !1883 were resolved by Daiki Ueno https://gitlab.com/gnutls/gnutls/-/merge_requests/1883 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 10 02:09:17 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 10 Oct 2024 00:09:17 +0000 Subject: [gnutls-devel] GnuTLS | Update liboqs version requirement to 0.11.0 to support final version of ML-KEM (!1883) In-Reply-To: References: Message-ID: Hubert Kario (@mention me if you need reply) was added as a reviewer. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 10 11:01:41 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 10 Oct 2024 09:01:41 +0000 Subject: [gnutls-devel] GnuTLS | Update liboqs version requirement to 0.11.0 to support final version of ML-KEM (!1883) In-Reply-To: References: Message-ID: Zolt?n Fridrich commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2152095255 I personally haven't found any problems. Looks good imo. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2152095255 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 10 11:01:52 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 10 Oct 2024 09:01:52 +0000 Subject: [gnutls-devel] GnuTLS | Update liboqs version requirement to 0.11.0 to support final version of ML-KEM (!1883) In-Reply-To: References: Message-ID: Merge request !1883 was approved by Zolt?n Fridrich Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883 Project:Branches: dueno/gnutls:wip/dueno/liboqs-update to gnutls/gnutls:master Author: Daiki Ueno Assignee: Daiki Ueno Reviewers: Hubert Kario (@mention me if you need reply), Alexander Sosedkin, and Zolt?n Fridrich -- You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 10 13:29:53 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 10 Oct 2024 11:29:53 +0000 Subject: [gnutls-devel] GnuTLS | compress_certificate: improve error checks (!1884) In-Reply-To: References: Message-ID: Reassigned merge request 1884 https://gitlab.com/gnutls/gnutls/-/merge_requests/1884 Zolt?n Fridrich was added as an assignee. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1884 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 10 13:29:57 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 10 Oct 2024 11:29:57 +0000 Subject: [gnutls-devel] GnuTLS | compress_certificate: improve error checks (!1884) References: Message-ID: Zolt?n Fridrich created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1884 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel2 to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Reviewers: Daiki Ueno, Alexander Sosedkin, and George Pantelakis Closes: #1584 #1585 #1586 Signed-off-by: Zoltan Fridrich ## Checklist * [ ] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1884 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 10 13:29:53 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 10 Oct 2024 11:29:53 +0000 Subject: [gnutls-devel] GnuTLS | compress_certificate: improve error checks (!1884) In-Reply-To: References: Message-ID: Daiki Ueno, Alexander Sosedkin, and George Pantelakis were added as reviewers. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1884 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 10 13:51:25 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 10 Oct 2024 11:51:25 +0000 Subject: [gnutls-devel] GnuTLS | compress_certificate: improve error checks (!1884) In-Reply-To: References: Message-ID: George Pantelakis commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1884#note_2152422022 LGTM -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1884#note_2152422022 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 10 13:59:04 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 10 Oct 2024 11:59:04 +0000 Subject: [gnutls-devel] GnuTLS | compress_certificate: improve error checks (!1884) In-Reply-To: References: Message-ID: George Pantelakis was removed from reviewers. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1884 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 10 15:17:17 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 10 Oct 2024 13:17:17 +0000 Subject: [gnutls-devel] GnuTLS | compress_certificate: improve error checks (!1884) In-Reply-To: References: Message-ID: Merge request !1884 was approved by Daiki Ueno Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1884 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel2 to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Reviewers: Daiki Ueno and Alexander Sosedkin -- You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 10 19:46:48 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 10 Oct 2024 17:46:48 +0000 Subject: [gnutls-devel] GnuTLS | Update liboqs version requirement to 0.11.0 to support final version of ML-KEM (!1883) In-Reply-To: References: Message-ID: Hubert Kario (@mention me if you need reply) started a new discussion on lib/ext/key_share.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2153213726 > return gnutls_assert_val( > GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER); > > - if (curve->size * 2 + 1 != data_size) > + if (curve->size * 2 + 1 > buffer->length) > return gnutls_assert_val( > GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER); > + _gnutls_buffer_pop_datum(buffer, &data, curve->size * 2 + 1); > > /* read the server's public key */ > - ret = _gnutls_ecc_ansi_x962_import(data, data_size, > + ret = _gnutls_ecc_ansi_x962_import(data.data, data.size, this doesn't do public key validation? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2153213726 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 10 19:47:38 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 10 Oct 2024 17:47:38 +0000 Subject: [gnutls-devel] GnuTLS | Update liboqs version requirement to 0.11.0 to support final version of ML-KEM (!1883) In-Reply-To: References: Message-ID: Hubert Kario (@mention me if you need reply) started a new discussion on lib/ext/key_share.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2153214532 > + > + case GNUTLS_PK_MLKEM768: > + case GNUTLS_PK_EXP_KYBER768: { > + gnutls_datum_t key; > + > + if (KYBER768_CIPHERTEXT_SIZE > buffer->length) > + return gnutls_assert_val( > + GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER); > + _gnutls_buffer_pop_datum(buffer, &data, > + KYBER768_CIPHERTEXT_SIZE); > + > + ret = _gnutls_pk_decaps( > + group->pk, &key, &data, > + &session->key.kshare.kem_params.raw_priv); > + if (ret < 0) > + return gnutls_assert_val(ret); the decapsulation can fail, I think we should then send an alert, shouldn't we? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2153214532 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 10 19:51:29 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 10 Oct 2024 17:51:29 +0000 Subject: [gnutls-devel] GnuTLS | Update liboqs version requirement to 0.11.0 to support final version of ML-KEM (!1883) In-Reply-To: References: Message-ID: Hubert Kario (@mention me if you need reply) commented on a discussion on lib/ext/key_share.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2153218521 > + > + case GNUTLS_PK_MLKEM768: > + case GNUTLS_PK_EXP_KYBER768: { > + gnutls_datum_t key; > + > + if (KYBER768_CIPHERTEXT_SIZE > buffer->length) > + return gnutls_assert_val( > + GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER); > + _gnutls_buffer_pop_datum(buffer, &data, > + KYBER768_CIPHERTEXT_SIZE); > + > + ret = _gnutls_pk_decaps( > + group->pk, &key, &data, > + &session->key.kshare.kem_params.raw_priv); > + if (ret < 0) > + return gnutls_assert_val(ret); And I think the same issue exists with encapsulation: it should also return an illegal_parameter -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2153218521 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 10 19:52:43 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 10 Oct 2024 17:52:43 +0000 Subject: [gnutls-devel] GnuTLS | Update liboqs version requirement to 0.11.0 to support final version of ML-KEM (!1883) In-Reply-To: References: Message-ID: Hubert Kario (@mention me if you need reply) commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2153219855 Side note: we already have a branch in tlslite-ng that supports both of the added groups, we could use that for interoperability testing. (I would have merged it already but I want to first create at least a rudimentary tlsfuzzer test script before doing that) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2153219855 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Oct 13 05:16:18 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 13 Oct 2024 03:16:18 +0000 Subject: [gnutls-devel] GnuTLS | Inconsistent Certificate Chain Length Limits in GnuTLS Leading to Validation Failures (#1590) References: Message-ID: yao jia created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1590 ## Description of the feature: In GnuTLS version 3.8.7, the library limits the handling of certificate chains by restricting the total number of certificates rather than assessing the effective length of the chain. This approach can cause validation failures when a server includes additional certificates that, while not directly necessary for establishing a valid certificate path, may serve as cross-intermediate certificates providing alternative paths. As shown in the attached certificate chain[17certs_chain.pem](/uploads/7b207c8c6dd89067b980a1f135695e24/17certs_chain.pem), I configured a chain with 17 certificates. The valid certificate path could only be constructed using the first, second, and seventeenth certificates, with the others being irrelevant. This indicates that the actual effective length of the certificate path is merely 3. Nonetheless, the validation failed under these conditions.![17invalid](/uploads/a3fb744a6f5e49d00e024b715f4dbf22/17invalid.png) Interestingly, when I removed one irrelevant certificate?reducing the total number of certificates in the chain to 16 while maintaining the actual certificate path length at 3 ? the validation succeeded.![16valid](/uploads/9864737dc6bd0e6042556ed1f237c81a/16valid.png) ## Applications that this feature may be relevant to: This feature is particularly relevant to secure data transmission applications, including web browsers, email clients, and any client-server applications that rely on TLS for secure communication. The issue may surface in environments where servers are configured with extensive certificate chains or intermediate certificates are plentiful, potentially leading to failure to establish secure connections. ## Is this feature implemented in other libraries (and which) Other cryptographic libraries such as OpenSSL and MbedTLS handle certificate chains differently, often allowing more flexibility in the chain length by focusing on the effective length of the chain rather than the total count of certificates. This approach can accommodate a broader range of server configurations and is less likely to reject a valid certificate chain solely based on the number of certificates presented. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1590 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Oct 13 05:17:26 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 13 Oct 2024 03:17:26 +0000 Subject: [gnutls-devel] GnuTLS | Inconsistent Certificate Chain Length Limits in GnuTLS Leading to Validation Failures (#1590) In-Reply-To: References: Message-ID: Issue was closed by yao jia Issue #1590: https://gitlab.com/gnutls/gnutls/-/issues/1590 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1590 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Oct 13 05:19:30 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 13 Oct 2024 03:19:30 +0000 Subject: [gnutls-devel] GnuTLS | Inconsistent Certificate Chain Length Limits in GnuTLS Leading to Validation Failures (#1590) In-Reply-To: References: Message-ID: Issue was reopened by yao jia Issue 1590: https://gitlab.com/gnutls/gnutls/-/issues/1590 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1590 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Oct 14 14:19:52 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 14 Oct 2024 12:19:52 +0000 Subject: [gnutls-devel] GnuTLS | Update liboqs version requirement to 0.11.0 to support final version of ML-KEM (!1883) In-Reply-To: References: Message-ID: Geert Hendrickx commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2157386739 This version properly interoperates with Firefox and OpenSSL with all 3 hybrid KEM's. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2157386739 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Oct 14 17:14:16 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 14 Oct 2024 15:14:16 +0000 Subject: [gnutls-devel] GnuTLS | Update liboqs version requirement to 0.11.0 to support final version of ML-KEM (!1883) In-Reply-To: References: Message-ID: Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1883 was reviewed by Geert Hendrickx -- Geert Hendrickx started a new discussion on lib/ext/supported_groups.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2157749867 > - } else if (IS_EC(group->pk)) { > + } else if (IS_EC(group->pk) || > + IS_KEM(group->pk)) { This only works for hybrids where the PQC KEM comes last, eg. for X25519-KYBER768 or SECP256R1-MLKEM768, but not for X25519-MLKEM768, where it comes first. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Oct 15 05:50:06 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 15 Oct 2024 03:50:06 +0000 Subject: [gnutls-devel] GnuTLS | Update liboqs version requirement to 0.11.0 to support final version of ML-KEM (!1883) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion on lib/ext/key_share.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2158509634 > return gnutls_assert_val( > GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER); > > - if (curve->size * 2 + 1 != data_size) > + if (curve->size * 2 + 1 > buffer->length) > return gnutls_assert_val( > GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER); > + _gnutls_buffer_pop_datum(buffer, &data, curve->size * 2 + 1); > > /* read the server's public key */ > - ret = _gnutls_ecc_ansi_x962_import(data, data_size, > + ret = _gnutls_ecc_ansi_x962_import(data.data, data.size, Not sure what kind of public key validation you mean, but: - `_gnutls_ecc_ansi_x962_import` checks if the point is in the uncompressed format - `_gnutls_pk_derive` (the function calculates a shared secret) performs the SP800-56A full public key validation -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2158509634 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Oct 15 05:55:04 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 15 Oct 2024 03:55:04 +0000 Subject: [gnutls-devel] GnuTLS | Update liboqs version requirement to 0.11.0 to support final version of ML-KEM (!1883) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion on lib/ext/key_share.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2158512299 > + > + case GNUTLS_PK_MLKEM768: > + case GNUTLS_PK_EXP_KYBER768: { > + gnutls_datum_t key; > + > + if (KYBER768_CIPHERTEXT_SIZE > buffer->length) > + return gnutls_assert_val( > + GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER); > + _gnutls_buffer_pop_datum(buffer, &data, > + KYBER768_CIPHERTEXT_SIZE); > + > + ret = _gnutls_pk_decaps( > + group->pk, &key, &data, > + &session->key.kshare.kem_params.raw_priv); > + if (ret < 0) > + return gnutls_assert_val(ret); The return value is automatically translated into an alert, using `gnutls_error_to_alert`, though it is possible that the error code returned from `_gnutls_pk_{encaps,decaps}` may turn into a different alert than illegal_parameter. I'll fix it to manually return `GNUTLS_E_ILLEGAL_PARAMETER`. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2158512299 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Oct 15 14:29:43 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 15 Oct 2024 12:29:43 +0000 Subject: [gnutls-devel] GnuTLS | Prohibit "duplexing the sponge" (#1592) References: Message-ID: Alexander Sosedkin created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1592 A caller might alternate calls to `gnutls_hash_squeeze` with calls to `gnutls_hash` and expect that to work. gnutls_hash_init(&h, GNUTLS_DIG_SHAKE_128); gnutls_hash(h, "aaa", 5); // definitely legal and repeatable gnutls_hash_squeeze(h, digest, 128); // definitely legal and repeatable gnutls_hash(h, "bbbb", 5); // <- sha3.c:76: _nettle_sha3_update: Assertion `pos < block_size' failed. (4294967167 < 168) gnutls_hash_squeeze(h, digest + 128, 128); // <- if alternating is well-defined, what would the result be? But I couldn't find neither test vectors nor well-defined explanations of what must happen for SHAKE in that case. Calling `gnutls_hash` after `gnutls_hash_squeeze` has been called at least once should be prohibited with a flag or something, and it should survive copying the handle. Additionally, the documentation for `gnutls_hash_squeeze` could benefit from a sentence telling API user to refrain form absorb-after-squeezing. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1592 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Oct 15 14:36:44 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 15 Oct 2024 12:36:44 +0000 Subject: [gnutls-devel] GnuTLS | Update liboqs version requirement to 0.11.0 to support final version of ML-KEM (!1883) In-Reply-To: References: Message-ID: Alicja Kario (@mention me if you need reply) commented on a discussion on lib/ext/key_share.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2159337983 > return gnutls_assert_val( > GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER); > > - if (curve->size * 2 + 1 != data_size) > + if (curve->size * 2 + 1 > buffer->length) > return gnutls_assert_val( > GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER); > + _gnutls_buffer_pop_datum(buffer, &data, curve->size * 2 + 1); > > /* read the server's public key */ > - ret = _gnutls_ecc_ansi_x962_import(data, data_size, > + ret = _gnutls_ecc_ansi_x962_import(data.data, data.size, yes, that's the one I meant, but I'm asking because I'm not sure if the those failures will result in `GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER` (and I suppose, an Alert being sent as a result of that) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2159337983 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Oct 15 14:37:09 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 15 Oct 2024 12:37:09 +0000 Subject: [gnutls-devel] GnuTLS | Update liboqs version requirement to 0.11.0 to support final version of ML-KEM (!1883) In-Reply-To: References: Message-ID: Alicja Kario (@mention me if you need reply) commented on a discussion on lib/ext/key_share.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2159339348 > + > + case GNUTLS_PK_MLKEM768: > + case GNUTLS_PK_EXP_KYBER768: { > + gnutls_datum_t key; > + > + if (KYBER768_CIPHERTEXT_SIZE > buffer->length) > + return gnutls_assert_val( > + GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER); > + _gnutls_buffer_pop_datum(buffer, &data, > + KYBER768_CIPHERTEXT_SIZE); > + > + ret = _gnutls_pk_decaps( > + group->pk, &key, &data, > + &session->key.kshare.kem_params.raw_priv); > + if (ret < 0) > + return gnutls_assert_val(ret); OK -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1883#note_2159339348 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: