gnutls:gnutls.git
7 years agodo not redefine the _gnutls_x86_cpuid_s symbol
Nikos Mavrogiannopoulos [Mon, 10 Feb 2014 09:43:52 +0000 (10:43 +0100)]
do not redefine the _gnutls_x86_cpuid_s symbol

7 years agoAdjusted the security levels of PFS, SECURE128 and SECURE192 keywords.
Nikos Mavrogiannopoulos [Fri, 7 Feb 2014 07:45:48 +0000 (08:45 +0100)]
Adjusted the security levels of PFS, SECURE128 and SECURE192 keywords.

7 years agoreduced security levels of SECURE128 and SECURE192 strings.
Nikos Mavrogiannopoulos [Fri, 7 Feb 2014 07:45:48 +0000 (08:45 +0100)]
reduced security levels of SECURE128 and SECURE192 strings.

7 years agoonly test libz if it is available
Nikos Mavrogiannopoulos [Thu, 6 Feb 2014 16:52:52 +0000 (17:52 +0100)]
only test libz if it is available

7 years agocheck errors from gnutls_priority_set_direct().
Nikos Mavrogiannopoulos [Thu, 6 Feb 2014 16:48:43 +0000 (17:48 +0100)]
check errors from gnutls_priority_set_direct().

7 years agodoc update
Nikos Mavrogiannopoulos [Thu, 6 Feb 2014 07:48:36 +0000 (08:48 +0100)]
doc update

7 years agoincreased the interval between reading /dev/urandom
Nikos Mavrogiannopoulos [Thu, 6 Feb 2014 07:48:21 +0000 (08:48 +0100)]
increased the interval between reading /dev/urandom

7 years agoSync with TP.
Nikos Mavrogiannopoulos [Wed, 5 Feb 2014 10:38:14 +0000 (11:38 +0100)]
Sync with TP.

7 years agoAdded --ask-pass certtool option to allow asking for passwords even when in batch...
Nikos Mavrogiannopoulos [Wed, 5 Feb 2014 09:24:15 +0000 (10:24 +0100)]
Added --ask-pass certtool option to allow asking for passwords even when in batch mode.

7 years agouse newlines in error printing
Nikos Mavrogiannopoulos [Wed, 5 Feb 2014 09:06:58 +0000 (10:06 +0100)]
use newlines in error printing

7 years agowhen using a PKCS #11 module for verification ensure that it has been marked a truste...
Nikos Mavrogiannopoulos [Mon, 3 Feb 2014 13:54:38 +0000 (14:54 +0100)]
when using a PKCS #11 module for verification ensure that it has been marked a trusted module in p11-kit.

7 years agoAdded flag GNUTLS_PKCS11_TOKEN_TRUSTED_UINT that can be used to obtain p11-kit's...
Nikos Mavrogiannopoulos [Mon, 3 Feb 2014 13:49:37 +0000 (14:49 +0100)]
Added flag GNUTLS_PKCS11_TOKEN_TRUSTED_UINT that can be used to obtain p11-kit's P11_KIT_MODULE_TRUSTED flag.

7 years agouse macros to set the level.
Nikos Mavrogiannopoulos [Mon, 3 Feb 2014 12:59:22 +0000 (13:59 +0100)]
use macros to set the level.

7 years agoupdated reference manual to remove individual indexes that were not working.
Nikos Mavrogiannopoulos [Sun, 2 Feb 2014 16:50:06 +0000 (17:50 +0100)]
updated reference manual to remove individual indexes that were not working.

7 years agocorrected test-ciphersuites.sh test
Nikos Mavrogiannopoulos [Sun, 2 Feb 2014 08:17:35 +0000 (09:17 +0100)]
corrected test-ciphersuites.sh test

7 years agoconsider the initial keyword set even when it's set to NONE.
Nikos Mavrogiannopoulos [Sun, 2 Feb 2014 07:59:21 +0000 (08:59 +0100)]
consider the initial keyword set even when it's set to NONE.

7 years agoWhen two initial keywords are specified then treat the second as having the '+' modifier.
Nikos Mavrogiannopoulos [Sun, 2 Feb 2014 07:50:14 +0000 (08:50 +0100)]
When two initial keywords are specified then treat the second as having the '+' modifier.

This will handle SECURE256:SECURE128 the same way as SECURE256:+SECURE128.

7 years agowhen setting multiple initial keywords in a priority string, the security level set...
Nikos Mavrogiannopoulos [Sat, 1 Feb 2014 20:17:58 +0000 (21:17 +0100)]
when setting multiple initial keywords in a priority string, the security level set is the one of the lowest security.

7 years agobetter wording
Nikos Mavrogiannopoulos [Sat, 1 Feb 2014 19:55:19 +0000 (20:55 +0100)]
better wording

7 years agocorrected bug in DH exponent size calculation.
Nikos Mavrogiannopoulos [Sat, 1 Feb 2014 19:49:37 +0000 (20:49 +0100)]
corrected bug in DH exponent size calculation.

7 years agotolerate servers that included the SUPPORTED ECC extension.
Nikos Mavrogiannopoulos [Sat, 1 Feb 2014 19:24:40 +0000 (20:24 +0100)]
tolerate servers that included the SUPPORTED ECC extension.

This is an extension that is defined to be sent by the client but there
are servers that include it as well. Most other implementations tolerate
this behavior so we do.

7 years agocorrected typo
Nikos Mavrogiannopoulos [Sat, 1 Feb 2014 19:22:23 +0000 (20:22 +0100)]
corrected typo

7 years agoreduced the TLS and DTLS version requirements for all ciphersuites that are not GCM.
Nikos Mavrogiannopoulos [Fri, 31 Jan 2014 21:27:33 +0000 (22:27 +0100)]
reduced the TLS and DTLS version requirements for all ciphersuites that are not GCM.

7 years agoreturn proper error on RSA key generation failure
Nikos Mavrogiannopoulos [Fri, 31 Jan 2014 14:16:02 +0000 (15:16 +0100)]
return proper error on RSA key generation failure

7 years agoallow a missing u
Nikos Mavrogiannopoulos [Fri, 31 Jan 2014 13:17:33 +0000 (14:17 +0100)]
allow a missing u

7 years agoAdded sanity check in hash_init() and mac_init().
Nikos Mavrogiannopoulos [Fri, 31 Jan 2014 13:04:58 +0000 (14:04 +0100)]
Added sanity check in hash_init() and mac_init().

7 years agouse some kind of key continuity in the nonce RNG.
Nikos Mavrogiannopoulos [Fri, 31 Jan 2014 13:01:41 +0000 (14:01 +0100)]
use some kind of key continuity in the nonce RNG.

7 years agodoc update
Nikos Mavrogiannopoulos [Thu, 30 Jan 2014 15:43:37 +0000 (16:43 +0100)]
doc update

7 years agowhen importing public keys set the correct algorithm.
Nikos Mavrogiannopoulos [Thu, 30 Jan 2014 15:37:52 +0000 (16:37 +0100)]
when importing public keys set the correct algorithm.

7 years agoallow for seeds larger to the MAX by one byte
Nikos Mavrogiannopoulos [Thu, 30 Jan 2014 14:54:10 +0000 (15:54 +0100)]
allow for seeds larger to the MAX by one byte

7 years agocorrected calculation
Nikos Mavrogiannopoulos [Thu, 30 Jan 2014 12:49:56 +0000 (13:49 +0100)]
corrected calculation

7 years agocorrected prototype
Nikos Mavrogiannopoulos [Thu, 30 Jan 2014 10:27:17 +0000 (11:27 +0100)]
corrected prototype

7 years agoAdded FIPS184-4 RSA key generation.
Nikos Mavrogiannopoulos [Wed, 29 Jan 2014 10:42:35 +0000 (11:42 +0100)]
Added FIPS184-4 RSA key generation.

7 years agorename function
Nikos Mavrogiannopoulos [Tue, 28 Jan 2014 14:11:56 +0000 (15:11 +0100)]
rename function

7 years agoAdded gnutls_db_get_cache_expiration()
Nikos Mavrogiannopoulos [Tue, 28 Jan 2014 14:07:49 +0000 (15:07 +0100)]
Added gnutls_db_get_cache_expiration()

7 years agoAdded Since flag.
Nikos Mavrogiannopoulos [Tue, 28 Jan 2014 10:48:42 +0000 (11:48 +0100)]
Added Since flag.

7 years agodoc update
Nikos Mavrogiannopoulos [Tue, 28 Jan 2014 10:48:07 +0000 (11:48 +0100)]
doc update

7 years agoremoved unused variables
Nikos Mavrogiannopoulos [Tue, 28 Jan 2014 10:37:43 +0000 (11:37 +0100)]
removed unused variables

7 years agoAdded gnutls_pubkey_verify_params() and gnutls_privkey_verify_params().
Nikos Mavrogiannopoulos [Tue, 28 Jan 2014 10:36:35 +0000 (11:36 +0100)]
Added gnutls_pubkey_verify_params() and gnutls_privkey_verify_params().

7 years agoAllow verification of public and private parameters.
Nikos Mavrogiannopoulos [Tue, 28 Jan 2014 10:31:34 +0000 (11:31 +0100)]
Allow verification of public and private parameters.

7 years agoHandle DSA and ECDSA the same when verifying keys.
Nikos Mavrogiannopoulos [Tue, 28 Jan 2014 10:16:14 +0000 (11:16 +0100)]
Handle DSA and ECDSA the same when verifying keys.

7 years agoAdded check for gnutls_db_check_entry_time().
Nikos Mavrogiannopoulos [Mon, 27 Jan 2014 15:04:02 +0000 (16:04 +0100)]
Added check for gnutls_db_check_entry_time().

7 years agodoc update
Nikos Mavrogiannopoulos [Mon, 27 Jan 2014 18:12:58 +0000 (19:12 +0100)]
doc update

7 years agocorrectly read the magic number and timestamp; report and patch by Jonathan Roudiere
Nikos Mavrogiannopoulos [Mon, 27 Jan 2014 14:44:43 +0000 (15:44 +0100)]
correctly read the magic number and timestamp; report and patch by Jonathan Roudiere

7 years agoupdated for new functions
Nikos Mavrogiannopoulos [Mon, 27 Jan 2014 14:33:37 +0000 (15:33 +0100)]
updated for new functions

7 years agoRenamed get_pk functions to export.
Nikos Mavrogiannopoulos [Mon, 27 Jan 2014 14:30:03 +0000 (15:30 +0100)]
Renamed get_pk functions to export.

gnutls_pubkey_export_ecc_x962 replaces gnutls_pubkey_get_pk_ecc_x962
gnutls_pubkey_export_ecc_raw replaces gnutls_pubkey_get_pk_ecc_raw
gnutls_pubkey_export_dsa_raw replaces gnutls_pubkey_get_pk_dsa_raw
gnutls_pubkey_export_rsa_raw replaces gnutls_pubkey_get_pk_rsa_raw

7 years agoAdded identifiers for DSA-SHA382 and DSA-SHA512
Nikos Mavrogiannopoulos [Mon, 27 Jan 2014 14:14:01 +0000 (15:14 +0100)]
Added identifiers for DSA-SHA382 and DSA-SHA512

7 years agoexported function needed for fips test
Nikos Mavrogiannopoulos [Mon, 27 Jan 2014 14:11:22 +0000 (15:11 +0100)]
exported function needed for fips test

7 years agocompile missing file
Nikos Mavrogiannopoulos [Mon, 27 Jan 2014 13:18:30 +0000 (14:18 +0100)]
compile missing file

7 years agoindented
Nikos Mavrogiannopoulos [Mon, 27 Jan 2014 13:11:38 +0000 (14:11 +0100)]
indented

7 years agoeliminated memory leak when generating a privvate key using gnutls_privkey_generate().
Nikos Mavrogiannopoulos [Mon, 27 Jan 2014 13:09:59 +0000 (14:09 +0100)]
eliminated memory leak when generating a privvate key using gnutls_privkey_generate().

7 years agoAdded functions to directly import parameters into a gnutls_privkey_t
Nikos Mavrogiannopoulos [Mon, 27 Jan 2014 12:37:17 +0000 (13:37 +0100)]
Added functions to directly import parameters into a gnutls_privkey_t

Added gnutls_privkey_import_ecc_raw, gnutls_privkey_import_dsa_raw,
gnutls_privkey_import_rsa_raw

7 years agocorrected usage of privkey
Nikos Mavrogiannopoulos [Mon, 27 Jan 2014 12:09:32 +0000 (13:09 +0100)]
corrected usage of privkey

7 years agochanged port number
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 20:37:23 +0000 (21:37 +0100)]
changed port number

7 years agooptimized string search in _oid2str table.
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 19:55:20 +0000 (20:55 +0100)]
optimized string search in _oid2str table.

7 years agocopyright update
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 19:03:57 +0000 (20:03 +0100)]
copyright update

7 years agofixed null pointer derefence when printing a name and an LDAP description isn't prese...
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 19:03:50 +0000 (20:03 +0100)]
fixed null pointer derefence when printing a name and an LDAP description isn't present for the OID

7 years agoadded gnutls_realloc_fast to false positives
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 18:56:10 +0000 (19:56 +0100)]
added gnutls_realloc_fast to false positives

Conflicts:
lib/libgnutls.map

7 years agoPrior to release verify that the exported functions in the .map file match the headers.
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 18:27:22 +0000 (19:27 +0100)]
Prior to release verify that the exported functions in the .map file match the headers.

7 years agoexported missing functions
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 18:27:09 +0000 (19:27 +0100)]
exported missing functions

7 years agoexported function
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 17:39:28 +0000 (18:39 +0100)]
exported function

7 years agoDo not compile the DRBG-AES-CTR when not in FIPS140 mode.
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 12:11:14 +0000 (13:11 +0100)]
Do not compile the DRBG-AES-CTR when not in FIPS140 mode.

7 years agoremoved non-working test for static linking.
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 12:08:55 +0000 (13:08 +0100)]
removed non-working test for static linking.

7 years agouse two separate mutexes for nonce and main rng.
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 11:59:56 +0000 (12:59 +0100)]
use two separate mutexes for nonce and main rng.

7 years agodoc update
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 10:23:51 +0000 (11:23 +0100)]
doc update

7 years agoincreased the number of bytes requested by the RNG
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 10:21:34 +0000 (11:21 +0100)]
increased the number of bytes requested by the RNG

7 years agoThe AES-CTR-based nonce random number generator was replaced with salsa20.
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 10:18:38 +0000 (11:18 +0100)]
The AES-CTR-based nonce random number generator was replaced with salsa20.

7 years agomore files to ignore
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 09:50:59 +0000 (10:50 +0100)]
more files to ignore

7 years agoUpdated the rest of the MPI function prototypes.
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 09:50:24 +0000 (10:50 +0100)]
Updated the rest of the MPI function prototypes.

7 years agoupdated the prototype of _gnutls_mpi_div
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 09:42:42 +0000 (10:42 +0100)]
updated the prototype of _gnutls_mpi_div

7 years agoupdated prototypes of _gnutls_mpi_sub_ui, _gnutls_mpi_add_ui, _gnutls_mpi_mul_ui
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 09:41:04 +0000 (10:41 +0100)]
updated prototypes of _gnutls_mpi_sub_ui, _gnutls_mpi_add_ui, _gnutls_mpi_mul_ui

7 years agoupdated prototype of _gnutls_mpi_powm
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 09:35:01 +0000 (10:35 +0100)]
updated prototype of _gnutls_mpi_powm

7 years agoupdated mpi_scan macros
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 09:28:31 +0000 (10:28 +0100)]
updated mpi_scan macros

7 years agoreduced warnings
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 09:11:57 +0000 (10:11 +0100)]
reduced warnings

7 years agoupdated prototypes of _gnutls_mpi_set, _gnutls_mpi_set_ui,, _gnutls_mpi_copy
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 08:31:42 +0000 (09:31 +0100)]
updated prototypes of _gnutls_mpi_set, _gnutls_mpi_set_ui,, _gnutls_mpi_copy

7 years agoupdated prototype of _gnutls_mpi_modm
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 08:16:36 +0000 (09:16 +0100)]
updated prototype of _gnutls_mpi_modm

7 years agoUpdated _gnutls_mpi_init prototype and added _gnutls_mpi_init_multi
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 08:06:14 +0000 (09:06 +0100)]
Updated _gnutls_mpi_init prototype and added _gnutls_mpi_init_multi

7 years agoreduced the number of system calls made during the random generator lock.
Nikos Mavrogiannopoulos [Sat, 25 Jan 2014 20:03:19 +0000 (21:03 +0100)]
reduced the number of system calls made during the random generator lock.

7 years agodo not set the SYSTEM priority string by default in examples (not yet).
Nikos Mavrogiannopoulos [Sat, 25 Jan 2014 09:24:16 +0000 (10:24 +0100)]
do not set the SYSTEM priority string by default in examples (not yet).

7 years agoupdated
Nikos Mavrogiannopoulos [Sat, 25 Jan 2014 09:16:26 +0000 (10:16 +0100)]
updated

7 years agouse RUSAGE_THREAD to obtain rusage stats to avoid becoming a bottleneck on processes...
Nikos Mavrogiannopoulos [Sat, 25 Jan 2014 09:16:06 +0000 (10:16 +0100)]
use RUSAGE_THREAD to obtain rusage stats to avoid becoming a bottleneck on processes with many threads.

7 years agocorrected push/pull function setting
Nikos Mavrogiannopoulos [Fri, 24 Jan 2014 18:44:58 +0000 (19:44 +0100)]
corrected push/pull function setting

7 years agosimplified _dsa_generate_dss_g()
Nikos Mavrogiannopoulos [Fri, 24 Jan 2014 15:17:42 +0000 (16:17 +0100)]
simplified _dsa_generate_dss_g()

7 years agodo not impose limits to index
Nikos Mavrogiannopoulos [Fri, 24 Jan 2014 15:02:06 +0000 (16:02 +0100)]
do not impose limits to index

7 years agoFixes in the Shawe-Taylor prime generation routine.
Nikos Mavrogiannopoulos [Fri, 24 Jan 2014 14:17:26 +0000 (15:17 +0100)]
Fixes in the Shawe-Taylor prime generation routine.

8 years agocleanups
Nikos Mavrogiannopoulos [Fri, 24 Jan 2014 08:28:24 +0000 (09:28 +0100)]
cleanups

8 years agoincreased seed length
Nikos Mavrogiannopoulos [Thu, 23 Jan 2014 16:04:08 +0000 (17:04 +0100)]
increased seed length

8 years agocleanups
Nikos Mavrogiannopoulos [Thu, 23 Jan 2014 15:56:05 +0000 (16:56 +0100)]
cleanups

8 years agoindented code
Nikos Mavrogiannopoulos [Thu, 23 Jan 2014 14:53:55 +0000 (15:53 +0100)]
indented code

8 years agoensure that _gnutls_pk_params_copy makes a full duplicate.
Nikos Mavrogiannopoulos [Thu, 23 Jan 2014 14:40:58 +0000 (15:40 +0100)]
ensure that _gnutls_pk_params_copy makes a full duplicate.

8 years agoAdded macros to allow specifying a subgroup for DSA.
Nikos Mavrogiannopoulos [Thu, 23 Jan 2014 14:26:00 +0000 (15:26 +0100)]
Added macros to allow specifying a subgroup for DSA.

8 years agocorrected FIPS140 generation of DSA2 keys.
Nikos Mavrogiannopoulos [Thu, 23 Jan 2014 13:58:01 +0000 (14:58 +0100)]
corrected FIPS140 generation of DSA2 keys.

8 years agoAdded new functions to obtain raw private key
Nikos Mavrogiannopoulos [Thu, 23 Jan 2014 13:53:03 +0000 (14:53 +0100)]
Added new functions to obtain raw private key

gnutls_privkey_get_pk_ecc_raw: Added
gnutls_privkey_get_pk_dsa_raw: Added
gnutls_privkey_get_pk_rsa_raw: Added

8 years agoexported more internal functions
Nikos Mavrogiannopoulos [Thu, 23 Jan 2014 12:56:40 +0000 (13:56 +0100)]
exported more internal functions

8 years agouse dsa_generate_dss_keypair when generating DSA keys.
Nikos Mavrogiannopoulos [Thu, 23 Jan 2014 12:54:40 +0000 (13:54 +0100)]
use dsa_generate_dss_keypair when generating DSA keys.

8 years agoSplit the generation of keypair from the generation of parameters.
Nikos Mavrogiannopoulos [Thu, 23 Jan 2014 12:53:49 +0000 (13:53 +0100)]
Split the generation of keypair from the generation of parameters.

8 years agoAdded _dsa_validate_dss_pq and _dsa_validate_dss_g, and other fixes in validation.
Nikos Mavrogiannopoulos [Thu, 23 Jan 2014 12:10:59 +0000 (13:10 +0100)]
Added _dsa_validate_dss_pq and _dsa_validate_dss_g, and other fixes in validation.

8 years agoindented files
Nikos Mavrogiannopoulos [Thu, 23 Jan 2014 11:14:21 +0000 (12:14 +0100)]
indented files

8 years agocorrected s check in _dsa_generate_dss_pq
Nikos Mavrogiannopoulos [Wed, 22 Jan 2014 14:41:50 +0000 (15:41 +0100)]
corrected s check in _dsa_generate_dss_pq

8 years agofixed copyright
Nikos Mavrogiannopoulos [Wed, 22 Jan 2014 12:34:57 +0000 (13:34 +0100)]
fixed copyright