Nikos Mavrogiannopoulos [Mon, 10 Feb 2014 09:43:52 +0000 (10:43 +0100)]
do not redefine the _gnutls_x86_cpuid_s symbol
Nikos Mavrogiannopoulos [Fri, 7 Feb 2014 07:45:48 +0000 (08:45 +0100)]
Adjusted the security levels of PFS, SECURE128 and SECURE192 keywords.
Nikos Mavrogiannopoulos [Fri, 7 Feb 2014 07:45:48 +0000 (08:45 +0100)]
reduced security levels of SECURE128 and SECURE192 strings.
Nikos Mavrogiannopoulos [Thu, 6 Feb 2014 16:52:52 +0000 (17:52 +0100)]
only test libz if it is available
Nikos Mavrogiannopoulos [Thu, 6 Feb 2014 16:48:43 +0000 (17:48 +0100)]
check errors from gnutls_priority_set_direct().
Nikos Mavrogiannopoulos [Thu, 6 Feb 2014 07:48:36 +0000 (08:48 +0100)]
doc update
Nikos Mavrogiannopoulos [Thu, 6 Feb 2014 07:48:21 +0000 (08:48 +0100)]
increased the interval between reading /dev/urandom
Nikos Mavrogiannopoulos [Wed, 5 Feb 2014 10:38:14 +0000 (11:38 +0100)]
Sync with TP.
Nikos Mavrogiannopoulos [Wed, 5 Feb 2014 09:24:15 +0000 (10:24 +0100)]
Added --ask-pass certtool option to allow asking for passwords even when in batch mode.
Nikos Mavrogiannopoulos [Wed, 5 Feb 2014 09:06:58 +0000 (10:06 +0100)]
use newlines in error printing
Nikos Mavrogiannopoulos [Mon, 3 Feb 2014 13:54:38 +0000 (14:54 +0100)]
when using a PKCS #11 module for verification ensure that it has been marked a trusted module in p11-kit.
Nikos Mavrogiannopoulos [Mon, 3 Feb 2014 13:49:37 +0000 (14:49 +0100)]
Added flag GNUTLS_PKCS11_TOKEN_TRUSTED_UINT that can be used to obtain p11-kit's P11_KIT_MODULE_TRUSTED flag.
Nikos Mavrogiannopoulos [Mon, 3 Feb 2014 12:59:22 +0000 (13:59 +0100)]
use macros to set the level.
Nikos Mavrogiannopoulos [Sun, 2 Feb 2014 16:50:06 +0000 (17:50 +0100)]
updated reference manual to remove individual indexes that were not working.
Nikos Mavrogiannopoulos [Sun, 2 Feb 2014 08:17:35 +0000 (09:17 +0100)]
corrected test-ciphersuites.sh test
Nikos Mavrogiannopoulos [Sun, 2 Feb 2014 07:59:21 +0000 (08:59 +0100)]
consider the initial keyword set even when it's set to NONE.
Nikos Mavrogiannopoulos [Sun, 2 Feb 2014 07:50:14 +0000 (08:50 +0100)]
When two initial keywords are specified then treat the second as having the '+' modifier.
This will handle SECURE256:SECURE128 the same way as SECURE256:+SECURE128.
Nikos Mavrogiannopoulos [Sat, 1 Feb 2014 20:17:58 +0000 (21:17 +0100)]
when setting multiple initial keywords in a priority string, the security level set is the one of the lowest security.
Nikos Mavrogiannopoulos [Sat, 1 Feb 2014 19:55:19 +0000 (20:55 +0100)]
better wording
Nikos Mavrogiannopoulos [Sat, 1 Feb 2014 19:49:37 +0000 (20:49 +0100)]
corrected bug in DH exponent size calculation.
Nikos Mavrogiannopoulos [Sat, 1 Feb 2014 19:24:40 +0000 (20:24 +0100)]
tolerate servers that included the SUPPORTED ECC extension.
This is an extension that is defined to be sent by the client but there
are servers that include it as well. Most other implementations tolerate
this behavior so we do.
Nikos Mavrogiannopoulos [Sat, 1 Feb 2014 19:22:23 +0000 (20:22 +0100)]
corrected typo
Nikos Mavrogiannopoulos [Fri, 31 Jan 2014 21:27:33 +0000 (22:27 +0100)]
reduced the TLS and DTLS version requirements for all ciphersuites that are not GCM.
Nikos Mavrogiannopoulos [Fri, 31 Jan 2014 14:16:02 +0000 (15:16 +0100)]
return proper error on RSA key generation failure
Nikos Mavrogiannopoulos [Fri, 31 Jan 2014 13:17:33 +0000 (14:17 +0100)]
allow a missing u
Nikos Mavrogiannopoulos [Fri, 31 Jan 2014 13:04:58 +0000 (14:04 +0100)]
Added sanity check in hash_init() and mac_init().
Nikos Mavrogiannopoulos [Fri, 31 Jan 2014 13:01:41 +0000 (14:01 +0100)]
use some kind of key continuity in the nonce RNG.
Nikos Mavrogiannopoulos [Thu, 30 Jan 2014 15:43:37 +0000 (16:43 +0100)]
doc update
Nikos Mavrogiannopoulos [Thu, 30 Jan 2014 15:37:52 +0000 (16:37 +0100)]
when importing public keys set the correct algorithm.
Nikos Mavrogiannopoulos [Thu, 30 Jan 2014 14:54:10 +0000 (15:54 +0100)]
allow for seeds larger to the MAX by one byte
Nikos Mavrogiannopoulos [Thu, 30 Jan 2014 12:49:56 +0000 (13:49 +0100)]
corrected calculation
Nikos Mavrogiannopoulos [Thu, 30 Jan 2014 10:27:17 +0000 (11:27 +0100)]
corrected prototype
Nikos Mavrogiannopoulos [Wed, 29 Jan 2014 10:42:35 +0000 (11:42 +0100)]
Added FIPS184-4 RSA key generation.
Nikos Mavrogiannopoulos [Tue, 28 Jan 2014 14:11:56 +0000 (15:11 +0100)]
rename function
Nikos Mavrogiannopoulos [Tue, 28 Jan 2014 14:07:49 +0000 (15:07 +0100)]
Added gnutls_db_get_cache_expiration()
Nikos Mavrogiannopoulos [Tue, 28 Jan 2014 10:48:42 +0000 (11:48 +0100)]
Added Since flag.
Nikos Mavrogiannopoulos [Tue, 28 Jan 2014 10:48:07 +0000 (11:48 +0100)]
doc update
Nikos Mavrogiannopoulos [Tue, 28 Jan 2014 10:37:43 +0000 (11:37 +0100)]
removed unused variables
Nikos Mavrogiannopoulos [Tue, 28 Jan 2014 10:36:35 +0000 (11:36 +0100)]
Added gnutls_pubkey_verify_params() and gnutls_privkey_verify_params().
Nikos Mavrogiannopoulos [Tue, 28 Jan 2014 10:31:34 +0000 (11:31 +0100)]
Allow verification of public and private parameters.
Nikos Mavrogiannopoulos [Tue, 28 Jan 2014 10:16:14 +0000 (11:16 +0100)]
Handle DSA and ECDSA the same when verifying keys.
Nikos Mavrogiannopoulos [Mon, 27 Jan 2014 15:04:02 +0000 (16:04 +0100)]
Added check for gnutls_db_check_entry_time().
Nikos Mavrogiannopoulos [Mon, 27 Jan 2014 18:12:58 +0000 (19:12 +0100)]
doc update
Nikos Mavrogiannopoulos [Mon, 27 Jan 2014 14:44:43 +0000 (15:44 +0100)]
correctly read the magic number and timestamp; report and patch by Jonathan Roudiere
Nikos Mavrogiannopoulos [Mon, 27 Jan 2014 14:33:37 +0000 (15:33 +0100)]
updated for new functions
Nikos Mavrogiannopoulos [Mon, 27 Jan 2014 14:30:03 +0000 (15:30 +0100)]
Renamed get_pk functions to export.
gnutls_pubkey_export_ecc_x962 replaces gnutls_pubkey_get_pk_ecc_x962
gnutls_pubkey_export_ecc_raw replaces gnutls_pubkey_get_pk_ecc_raw
gnutls_pubkey_export_dsa_raw replaces gnutls_pubkey_get_pk_dsa_raw
gnutls_pubkey_export_rsa_raw replaces gnutls_pubkey_get_pk_rsa_raw
Nikos Mavrogiannopoulos [Mon, 27 Jan 2014 14:14:01 +0000 (15:14 +0100)]
Added identifiers for DSA-SHA382 and DSA-SHA512
Nikos Mavrogiannopoulos [Mon, 27 Jan 2014 14:11:22 +0000 (15:11 +0100)]
exported function needed for fips test
Nikos Mavrogiannopoulos [Mon, 27 Jan 2014 13:18:30 +0000 (14:18 +0100)]
compile missing file
Nikos Mavrogiannopoulos [Mon, 27 Jan 2014 13:11:38 +0000 (14:11 +0100)]
indented
Nikos Mavrogiannopoulos [Mon, 27 Jan 2014 13:09:59 +0000 (14:09 +0100)]
eliminated memory leak when generating a privvate key using gnutls_privkey_generate().
Nikos Mavrogiannopoulos [Mon, 27 Jan 2014 12:37:17 +0000 (13:37 +0100)]
Added functions to directly import parameters into a gnutls_privkey_t
Added gnutls_privkey_import_ecc_raw, gnutls_privkey_import_dsa_raw,
gnutls_privkey_import_rsa_raw
Nikos Mavrogiannopoulos [Mon, 27 Jan 2014 12:09:32 +0000 (13:09 +0100)]
corrected usage of privkey
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 20:37:23 +0000 (21:37 +0100)]
changed port number
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 19:55:20 +0000 (20:55 +0100)]
optimized string search in _oid2str table.
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 19:03:57 +0000 (20:03 +0100)]
copyright update
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 19:03:50 +0000 (20:03 +0100)]
fixed null pointer derefence when printing a name and an LDAP description isn't present for the OID
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 18:56:10 +0000 (19:56 +0100)]
added gnutls_realloc_fast to false positives
Conflicts:
lib/libgnutls.map
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 18:27:22 +0000 (19:27 +0100)]
Prior to release verify that the exported functions in the .map file match the headers.
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 18:27:09 +0000 (19:27 +0100)]
exported missing functions
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 17:39:28 +0000 (18:39 +0100)]
exported function
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 12:11:14 +0000 (13:11 +0100)]
Do not compile the DRBG-AES-CTR when not in FIPS140 mode.
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 12:08:55 +0000 (13:08 +0100)]
removed non-working test for static linking.
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 11:59:56 +0000 (12:59 +0100)]
use two separate mutexes for nonce and main rng.
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 10:23:51 +0000 (11:23 +0100)]
doc update
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 10:21:34 +0000 (11:21 +0100)]
increased the number of bytes requested by the RNG
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 10:18:38 +0000 (11:18 +0100)]
The AES-CTR-based nonce random number generator was replaced with salsa20.
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 09:50:59 +0000 (10:50 +0100)]
more files to ignore
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 09:50:24 +0000 (10:50 +0100)]
Updated the rest of the MPI function prototypes.
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 09:42:42 +0000 (10:42 +0100)]
updated the prototype of _gnutls_mpi_div
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 09:41:04 +0000 (10:41 +0100)]
updated prototypes of _gnutls_mpi_sub_ui, _gnutls_mpi_add_ui, _gnutls_mpi_mul_ui
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 09:35:01 +0000 (10:35 +0100)]
updated prototype of _gnutls_mpi_powm
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 09:28:31 +0000 (10:28 +0100)]
updated mpi_scan macros
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 09:11:57 +0000 (10:11 +0100)]
reduced warnings
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 08:31:42 +0000 (09:31 +0100)]
updated prototypes of _gnutls_mpi_set, _gnutls_mpi_set_ui,, _gnutls_mpi_copy
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 08:16:36 +0000 (09:16 +0100)]
updated prototype of _gnutls_mpi_modm
Nikos Mavrogiannopoulos [Sun, 26 Jan 2014 08:06:14 +0000 (09:06 +0100)]
Updated _gnutls_mpi_init prototype and added _gnutls_mpi_init_multi
Nikos Mavrogiannopoulos [Sat, 25 Jan 2014 20:03:19 +0000 (21:03 +0100)]
reduced the number of system calls made during the random generator lock.
Nikos Mavrogiannopoulos [Sat, 25 Jan 2014 09:24:16 +0000 (10:24 +0100)]
do not set the SYSTEM priority string by default in examples (not yet).
Nikos Mavrogiannopoulos [Sat, 25 Jan 2014 09:16:26 +0000 (10:16 +0100)]
updated
Nikos Mavrogiannopoulos [Sat, 25 Jan 2014 09:16:06 +0000 (10:16 +0100)]
use RUSAGE_THREAD to obtain rusage stats to avoid becoming a bottleneck on processes with many threads.
Nikos Mavrogiannopoulos [Fri, 24 Jan 2014 18:44:58 +0000 (19:44 +0100)]
corrected push/pull function setting
Nikos Mavrogiannopoulos [Fri, 24 Jan 2014 15:17:42 +0000 (16:17 +0100)]
simplified _dsa_generate_dss_g()
Nikos Mavrogiannopoulos [Fri, 24 Jan 2014 15:02:06 +0000 (16:02 +0100)]
do not impose limits to index
Nikos Mavrogiannopoulos [Fri, 24 Jan 2014 14:17:26 +0000 (15:17 +0100)]
Fixes in the Shawe-Taylor prime generation routine.
Nikos Mavrogiannopoulos [Fri, 24 Jan 2014 08:28:24 +0000 (09:28 +0100)]
cleanups
Nikos Mavrogiannopoulos [Thu, 23 Jan 2014 16:04:08 +0000 (17:04 +0100)]
increased seed length
Nikos Mavrogiannopoulos [Thu, 23 Jan 2014 15:56:05 +0000 (16:56 +0100)]
cleanups
Nikos Mavrogiannopoulos [Thu, 23 Jan 2014 14:53:55 +0000 (15:53 +0100)]
indented code
Nikos Mavrogiannopoulos [Thu, 23 Jan 2014 14:40:58 +0000 (15:40 +0100)]
ensure that _gnutls_pk_params_copy makes a full duplicate.
Nikos Mavrogiannopoulos [Thu, 23 Jan 2014 14:26:00 +0000 (15:26 +0100)]
Added macros to allow specifying a subgroup for DSA.
Nikos Mavrogiannopoulos [Thu, 23 Jan 2014 13:58:01 +0000 (14:58 +0100)]
corrected FIPS140 generation of DSA2 keys.
Nikos Mavrogiannopoulos [Thu, 23 Jan 2014 13:53:03 +0000 (14:53 +0100)]
Added new functions to obtain raw private key
gnutls_privkey_get_pk_ecc_raw: Added
gnutls_privkey_get_pk_dsa_raw: Added
gnutls_privkey_get_pk_rsa_raw: Added
Nikos Mavrogiannopoulos [Thu, 23 Jan 2014 12:56:40 +0000 (13:56 +0100)]
exported more internal functions
Nikos Mavrogiannopoulos [Thu, 23 Jan 2014 12:54:40 +0000 (13:54 +0100)]
use dsa_generate_dss_keypair when generating DSA keys.
Nikos Mavrogiannopoulos [Thu, 23 Jan 2014 12:53:49 +0000 (13:53 +0100)]
Split the generation of keypair from the generation of parameters.
Nikos Mavrogiannopoulos [Thu, 23 Jan 2014 12:10:59 +0000 (13:10 +0100)]
Added _dsa_validate_dss_pq and _dsa_validate_dss_g, and other fixes in validation.
Nikos Mavrogiannopoulos [Thu, 23 Jan 2014 11:14:21 +0000 (12:14 +0100)]
indented files
Nikos Mavrogiannopoulos [Wed, 22 Jan 2014 14:41:50 +0000 (15:41 +0100)]
corrected s check in _dsa_generate_dss_pq
Nikos Mavrogiannopoulos [Wed, 22 Jan 2014 12:34:57 +0000 (13:34 +0100)]
fixed copyright