[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_13-65-g66c7e7d
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_13-65-g66c7e7d |
|
Date: |
Sun, 26 Feb 2012 14:29:25 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=66c7e7d87f4bbfc426b15e2c125a5ac25bbf5e59
The branch, master has been updated
via 66c7e7d87f4bbfc426b15e2c125a5ac25bbf5e59 (commit)
via dd3d82754187de0a54b1039dc1752a9b36c392fe (commit)
via 8676f824008d5cf44e321257b7057e41c1ccf1c1 (commit)
via 1c676f8bd7d45a34c4c5e73f4514ffd155ff4c2e (commit)
via 1a5907e0f50301fcb302311a8ab67557d544be0a (commit)
via df9185f827e0a3f616bf22e00f09c69aa3ed17f5 (commit)
from 2a1d17bd9f742005d92a7ae0277b29576b57ff07 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 66c7e7d87f4bbfc426b15e2c125a5ac25bbf5e59
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun Feb 26 15:33:32 2012 +0100
Updated cryptodev code.
Hash reset is being performed in a single ioctl() with update and TLS
versions (<1.1) that do not have explicit IV are correctly handled.
commit dd3d82754187de0a54b1039dc1752a9b36c392fe
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun Feb 26 15:04:23 2012 +0100
added all cases.
commit 8676f824008d5cf44e321257b7057e41c1ccf1c1
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun Feb 26 15:03:47 2012 +0100
removed debugging
commit 1c676f8bd7d45a34c4c5e73f4514ffd155ff4c2e
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun Feb 26 14:47:00 2012 +0100
simplified gcm registration in cryptodev.
commit 1a5907e0f50301fcb302311a8ab67557d544be0a
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun Feb 26 14:42:54 2012 +0100
doc updates
commit df9185f827e0a3f616bf22e00f09c69aa3ed17f5
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun Feb 26 14:35:43 2012 +0100
documented updates
-----------------------------------------------------------------------
Summary of changes:
NEWS | 5 ++-
lib/accelerated/cryptodev-gcm.c | 9 --------
lib/accelerated/cryptodev.c | 44 +++++++++++++++++++++++---------------
src/cli-args.def | 12 +++++-----
tests/mini-dtls-rehandshake.c | 4 ---
5 files changed, 36 insertions(+), 38 deletions(-)
diff --git a/NEWS b/NEWS
index f03470f..c002717 100644
--- a/NEWS
+++ b/NEWS
@@ -4,8 +4,9 @@ See the end for copying conditions.
* Version 3.0.15 (unreleased)
-** command line apps: Link with local libopts if the installed
-is an old one.
+** command line apps: Always link with local libopts.
+
+** libgnutls: Cryptodev updates and fixes.
** libgnutls: Corrected issue with select() that affected
FreeBSD. This prevented establishing DTLS sessions.
diff --git a/lib/accelerated/cryptodev-gcm.c b/lib/accelerated/cryptodev-gcm.c
index 1c59156..fcd75bb 100644
--- a/lib/accelerated/cryptodev-gcm.c
+++ b/lib/accelerated/cryptodev-gcm.c
@@ -138,7 +138,6 @@ aes_gcm_encrypt (void *_ctx, const void *src, size_t
src_size,
/* the GCM in kernel will place the tag after the
* encrypted data.
*/
-fprintf(stderr, "dst: %u, src: %u\n", (unsigned)dst_size, (unsigned)src_size);
if (dst_size < src_size + GCM_BLOCK_SIZE)
return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
@@ -299,14 +298,6 @@ _cryptodev_register_gcm_crypto (int cfd)
return 0;
}
-#else /* CIOCAUTHCRYPT */
-
-int
-_cryptodev_register_gcm_crypto (int cfd)
-{
- return 0;
-}
-
#endif /* CIOCAUTHCRYPT */
#endif /* ENABLE_CRYPTODEV */
diff --git a/lib/accelerated/cryptodev.c b/lib/accelerated/cryptodev.c
index 3170d42..6d8dd86 100644
--- a/lib/accelerated/cryptodev.c
+++ b/lib/accelerated/cryptodev.c
@@ -49,6 +49,8 @@ struct cryptodev_ctx
struct session_op sess;
struct crypt_op cryp;
uint8_t iv[EALG_MAX_BLOCK_LEN];
+ int reset;
+
int cfd;
};
@@ -113,38 +115,43 @@ cryptodev_setiv (void *_ctx, const void *iv, size_t
iv_size)
}
static int
-cryptodev_encrypt (void *_ctx, const void *plain, size_t plainsize,
- void *encr, size_t encrsize)
+cryptodev_encrypt (void *_ctx, const void *src, size_t src_size,
+ void *dst, size_t dst_size)
{
struct cryptodev_ctx *ctx = _ctx;
- ctx->cryp.len = plainsize;
- ctx->cryp.src = (void *) plain;
- ctx->cryp.dst = encr;
+ ctx->cryp.len = src_size;
+ ctx->cryp.src = (void *) src;
+ ctx->cryp.dst = dst;
ctx->cryp.op = COP_ENCRYPT;
+ ctx->cryp.flags = COP_FLAG_WRITE_IV;
if (ioctl (ctx->cfd, CIOCCRYPT, &ctx->cryp))
{
gnutls_assert ();
return GNUTLS_E_CRYPTODEV_IOCTL_ERROR;
}
+
return 0;
}
static int
-cryptodev_decrypt (void *_ctx, const void *encr, size_t encrsize,
- void *plain, size_t plainsize)
+cryptodev_decrypt (void *_ctx, const void *src, size_t src_size,
+ void *dst, size_t dst_size)
{
struct cryptodev_ctx *ctx = _ctx;
- ctx->cryp.len = encrsize;
- ctx->cryp.src = (void *) encr;
- ctx->cryp.dst = plain;
+ ctx->cryp.len = src_size;
+ ctx->cryp.src = (void *) src;
+ ctx->cryp.dst = dst;
ctx->cryp.op = COP_DECRYPT;
+ ctx->cryp.flags = COP_FLAG_WRITE_IV;
+
if (ioctl (ctx->cfd, CIOCCRYPT, &ctx->cryp))
{
gnutls_assert ();
return GNUTLS_E_CRYPTODEV_IOCTL_ERROR;
}
+
return 0;
}
@@ -222,7 +229,11 @@ register_crypto (int cfd)
}
+#ifdef CIOCAUTHCRYPT
return _cryptodev_register_gcm_crypto(cfd);
+#else
+ return 0;
+#endif
}
int
@@ -350,6 +361,11 @@ cryptodev_mac_hash (void *_ctx, const void *text, size_t
textsize)
ctx->cryp.dst = NULL;
ctx->cryp.op = COP_ENCRYPT;
ctx->cryp.flags = COP_FLAG_UPDATE;
+ if (ctx->reset)
+ {
+ ctx->cryp.flags |= COP_FLAG_RESET;
+ ctx->reset = 0;
+ }
if (ioctl (ctx->cfd, CIOCCRYPT, &ctx->cryp))
{
@@ -384,13 +400,7 @@ cryptodev_mac_reset (void *_ctx)
{
struct cryptodev_ctx *ctx = _ctx;
- ctx->cryp.len = 0;
- ctx->cryp.src = NULL;
- ctx->cryp.dst = NULL;
- ctx->cryp.op = COP_ENCRYPT;
- ctx->cryp.flags = COP_FLAG_RESET;
-
- ioctl (ctx->cfd, CIOCCRYPT, &ctx->cryp);
+ ctx->reset = 1;
}
static int
diff --git a/src/cli-args.def b/src/cli-args.def
index 33e9685..b032ad0 100644
--- a/src/cli-args.def
+++ b/src/cli-args.def
@@ -14,10 +14,10 @@ argument = "[hostname]";
flag = {
name = tofu;
- descrip = "Enable trust on first use (SSH-style) authentication";
+ descrip = "Enable trust on first use authentication";
disabled;
disable = "no";
- doc = "This option will, in addition to certificate authentication,
perform authentication based on previously seen public keys.";
+ doc = "This option will, in addition to certificate authentication,
perform authentication based on previously seen public keys, a model similar to
SSH authentication.";
};
flag = {
@@ -31,15 +31,15 @@ flag = {
flag = {
name = resume;
value = r;
- descrip = "Connect, establish a session, reconnect and resume";
- doc = "";
+ descrip = "Establish a session and resume";
+ doc = "Connect, establish a session, reconnect and resume.";
};
flag = {
name = rehandshake;
value = e;
- descrip = "Connect, establish a session and rehandshake immediately";
- doc = "";
+ descrip = "Establish a session and rehandshake";
+ doc = "Connect, establish a session and rehandshake immediately.";
};
flag = {
diff --git a/tests/mini-dtls-rehandshake.c b/tests/mini-dtls-rehandshake.c
index 50fe6e4..bc64e65 100644
--- a/tests/mini-dtls-rehandshake.c
+++ b/tests/mini-dtls-rehandshake.c
@@ -141,10 +141,6 @@ client (int fd, int server_init)
if (!server_init)
{
- do {
- ret = gnutls_record_send (session, MSG, strlen (MSG));
- } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
-
if (debug) success("Initiating client rehandshake\n");
do
{
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_3_0_13-65-g66c7e7d,
Nikos Mavrogiannopoulos <=