This is an automated email from git. It was generated because a ref
change was pushed to the "chrony/chrony.git" repository.

The branch, master has been updated
       via  5a39074e01a654570d3b581ae5feda9f010fd8f2 (commit)
       via  c8e57f43503c52d3b250490db64cde4e500099aa (commit)
       via  b1230efac33314fe68ad8d37837919ff6f756e7d (commit)
       via  4e1ce8898168626d4bb54e1ac3013dc3eb6b0ee0 (commit)
       via  790a336eb21b4bf7e321eb6ce6342fa26110c347 (commit)
       via  cc706b50b9f84715eba80ee99bbe3a166dad01c7 (commit)
       via  73042494bd4864f4379a5454a22c33a52a1f68f5 (commit)
       via  ec89739d50226a2959e7635e5c3df01e703e6869 (commit)
       via  4baf999cc30b992f5cf7de7dcb5ec08ac5e61af6 (commit)
       via  9afd19c29b3d8097a0a1b3df20e0bd1b1e0a6991 (commit)
       via  5dd173c05014fc0b31bb4f407ac20bea2b0dc8cf (commit)
       via  5caf0ad1877170bf4773c5757ccbef9fd97b5c81 (commit)
       via  17d2291a84b56904e473ae7ae0ff29831059abfb (commit)
       via  a6179261a7f2de08f9e0bd9ac2110cbe52a4fbf4 (commit)
       via  098e0c43fc395b33b92bf220478f4c4241253121 (commit)
      from  7b197953e8add5515b7e58c4638dc55aa4bb91b7 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 5a39074e01a654570d3b581ae5feda9f010fd8f2
Author: Miroslav Lichvar <mlich...@redhat.com>
Date:   Wed Oct 19 14:57:16 2022 +0200

    nts: fix number of extension fields after failed encryption
    
    If the authenticator SIV encryption fails (e.g. due to wrong nonce
    length), decrement the number of extension fields to keep the packet
    info consistent.

commit c8e57f43503c52d3b250490db64cde4e500099aa
Author: Miroslav Lichvar <mlich...@redhat.com>
Date:   Thu Oct 13 15:35:53 2022 +0200

    nts: change ntskeys format to support different algorithms
    
    Specify the AEAD ID for each key saved in the ntskeys file instead of
    one ID for all keys. Keep support for loading files in the old format.
    
    This will allow servers to save their keys after upgrading to a new
    version with AES-128-GCM-SIV support before the loaded AES-SIV-CMAC-256
    keys are rotated out.
    
    If an unsupported key is found, don't load any keys. Also, change the
    severity of the error message from debug to error.

commit b1230efac33314fe68ad8d37837919ff6f756e7d
Author: Miroslav Lichvar <mlich...@redhat.com>
Date:   Wed Oct 12 16:46:56 2022 +0200

    nts: add support for encrypting cookies with AES-128-GCM-SIV
    
    If AES-128-GCM-SIV is available on the server, use it for encryption of
    cookies. This makes them shorter by 4 bytes due to shorter nonce and it
    might also improve the server performance.
    
    After server upgrade and restart with ntsdumpdir, the switch will happen
    on the second rotation of the server key. Clients should accept shorter
    cookies without restarting NTS-KE. The first response will have extra
    padding in the authenticator field to make the length symmetric.

commit 4e1ce8898168626d4bb54e1ac3013dc3eb6b0ee0
Author: Miroslav Lichvar <mlich...@redhat.com>
Date:   Wed Oct 12 16:00:45 2022 +0200

    nts: make server key access more readable
    
    Get a pointer to the server key instead of repeated indexing.

commit 790a336eb21b4bf7e321eb6ce6342fa26110c347
Author: Miroslav Lichvar <mlich...@redhat.com>
Date:   Tue Oct 11 14:36:14 2022 +0200

    nts: add server support for authentication with AES-128-GCM-SIV
    
    Keep a server SIV instance for each available algorithm.
    
    Select AES-128-GCM-SIV if requested by NTS-KE client as the first
    supported algorithm.
    
    Instead of encoding the AEAD ID in the cookie, select the algorithm
    according to the length of decrypted keys. (This can work as a long as
    all supported algorithms use keys with different lengths.)

commit cc706b50b9f84715eba80ee99bbe3a166dad01c7
Author: Miroslav Lichvar <mlich...@redhat.com>
Date:   Mon Oct 10 16:35:20 2022 +0200

    nts: add client support for authentication with AES-128-GCM-SIV
    
    If AES-128-GCM-SIV is available on the client, add it to the requested
    algorithms in NTS-KE as the first (preferred) entry.
    
    If supported on the server, it will make the cookies shorter, which
    will get the length of NTP messages containing only one cookie below
    200 octets. This should make NTS more reliable in networks where longer
    NTP packets are filtered as a mitigation against amplification attacks
    exploiting the ntpd mode 6/7 protocol.

commit 73042494bd4864f4379a5454a22c33a52a1f68f5
Author: Miroslav Lichvar <mlich...@redhat.com>
Date:   Mon Oct 10 15:09:01 2022 +0200

    nts: add support for NTP authenticator field using AES-GCM-SIV
    
    Add support for SIV algorithms which have maximum nonce length shorter
    than 16 bytes.

commit ec89739d50226a2959e7635e5c3df01e703e6869
Author: Miroslav Lichvar <mlich...@redhat.com>
Date:   Tue Oct 11 12:32:04 2022 +0200

    nts: make sure encrypted S2C and C2S keys have equal length
    
    Don't allow a cookie to contain keys with different lengths to not break
    the assumption made in decoding, if there will ever be a case where this
    could be requested.

commit 4baf999cc30b992f5cf7de7dcb5ec08ac5e61af6
Author: Miroslav Lichvar <mlich...@redhat.com>
Date:   Tue Oct 11 10:35:19 2022 +0200

    nts: don't connect to server if missing AES-SIV-CMAC-256
    
    Avoid wasting server resources if the client doesn't support
    AES-SIV-CMAC-256 (the only algorithm required on servers).

commit 9afd19c29b3d8097a0a1b3df20e0bd1b1e0a6991
Author: Miroslav Lichvar <mlich...@redhat.com>
Date:   Mon Oct 10 12:43:40 2022 +0200

    nts: use signed lengths in NNA_DecryptAuthEF()
    
    Make the types consistent with the rest of the file.

commit 5dd173c05014fc0b31bb4f407ac20bea2b0dc8cf
Author: Miroslav Lichvar <mlich...@redhat.com>
Date:   Mon Oct 10 12:25:47 2022 +0200

    siv: add functions to return min and max nonce length
    
    While AES-SIV-CMAC allows nonces of any length, AES-GCM-SIV requires
    exactly 12 bytes, which is less than the unpadded minimum length of 16
    used in the NTS authenticator field. These functions will be needed to
    support both ciphers in the NTS code.

commit 5caf0ad1877170bf4773c5757ccbef9fd97b5c81
Author: Miroslav Lichvar <mlich...@redhat.com>
Date:   Mon Oct 3 17:28:39 2022 +0200

    siv: add support for AES-128-GCM-SIV in Nettle
    
    This is a newer nonce misuse-resistant cipher specified in RFC 8452,
    which is now supported in the development code of the Nettle library.
    
    The advantages over AES-SIV-CMAC-256 are shorter keys and better
    performance.

commit 17d2291a84b56904e473ae7ae0ff29831059abfb
Author: Miroslav Lichvar <mlich...@redhat.com>
Date:   Tue Oct 18 10:22:23 2022 +0200

    doc: improve ntsrotate description

commit a6179261a7f2de08f9e0bd9ac2110cbe52a4fbf4
Author: Miroslav Lichvar <mlich...@redhat.com>
Date:   Thu Oct 13 12:29:29 2022 +0200

    doc: fix wrong name of authselectmode directive

commit 098e0c43fc395b33b92bf220478f4c4241253121
Author: Miroslav Lichvar <mlich...@redhat.com>
Date:   Tue Sep 20 10:56:28 2022 +0200

    test: add float-cast-overflow to 003-sanitizers test

-----------------------------------------------------------------------

Summary of changes:
 configure                       |  11 ++-
 doc/chrony.conf.adoc            |   5 +-
 doc/chronyc.adoc                |   5 +-
 doc/faq.adoc                    |   2 +-
 nts_ke_client.c                 |  31 +++++--
 nts_ke_server.c                 | 197 ++++++++++++++++++++++++++--------------
 nts_ntp_auth.c                  |  20 ++--
 nts_ntp_auth.h                  |   2 +-
 nts_ntp_server.c                |  48 +++++++---
 siv.h                           |   4 +
 siv_gnutls.c                    |  16 ++++
 siv_nettle.c                    | 141 +++++++++++++++++++++++-----
 test/compilation/003-sanitizers |   2 +-
 test/unit/nts_ke_client.c       |   7 +-
 test/unit/nts_ke_server.c       |   3 +-
 test/unit/nts_ntp_auth.c        | 149 +++++++++++++++++-------------
 test/unit/nts_ntp_client.c      |  30 ++++--
 test/unit/nts_ntp_server.c      |   6 +-
 test/unit/siv.c                 | 110 +++++++++++++++++++++-
 19 files changed, 585 insertions(+), 204 deletions(-)


hooks/post-receive
-- 
chrony/chrony.git

-- 
To unsubscribe email chrony-dev-requ...@chrony.tuxfamily.org with "unsubscribe" 
in the subject.
For help email chrony-dev-requ...@chrony.tuxfamily.org with "help" in the 
subject.
Trouble?  Email listmas...@chrony.tuxfamily.org.

Reply via email to