gnutls:gnutls.git
11 years agoupdated
Nikos Mavrogiannopoulos [Thu, 2 Jun 2011 02:19:08 +0000 (04:19 +0200)]
updated

11 years agotypos and date fix in license.
Nikos Mavrogiannopoulos [Wed, 1 Jun 2011 15:27:10 +0000 (17:27 +0200)]
typos and date fix in license.

11 years agoAdded benchmark on GCM ciphersuites and arcfour for comparison.
Nikos Mavrogiannopoulos [Wed, 1 Jun 2011 14:52:09 +0000 (16:52 +0200)]
Added benchmark on GCM ciphersuites and arcfour for comparison.

11 years agocorrected typo.
Nikos Mavrogiannopoulos [Wed, 1 Jun 2011 14:46:55 +0000 (16:46 +0200)]
corrected typo.

11 years agoindented code
Nikos Mavrogiannopoulos [Wed, 1 Jun 2011 14:45:55 +0000 (16:45 +0200)]
indented code

11 years agoproperly initialize benchmarks.
Nikos Mavrogiannopoulos [Wed, 1 Jun 2011 14:42:02 +0000 (16:42 +0200)]
properly initialize benchmarks.

11 years agobumped version.
Nikos Mavrogiannopoulos [Wed, 1 Jun 2011 14:33:42 +0000 (16:33 +0200)]
bumped version.

11 years agoCorrections in encryption and decryption of incomplete blocks.
Nikos Mavrogiannopoulos [Wed, 1 Jun 2011 14:33:28 +0000 (16:33 +0200)]
Corrections in encryption and decryption of incomplete blocks.

11 years agoUse nettle's memxor or gnulib's if it doesn't exist.
Nikos Mavrogiannopoulos [Wed, 1 Jun 2011 12:36:44 +0000 (14:36 +0200)]
Use nettle's memxor or gnulib's if it doesn't exist.

11 years agoAdded AES-GCM optimizations using the PCLMULQDQ instruction. Uses Andy Polyakov's...
Nikos Mavrogiannopoulos [Wed, 1 Jun 2011 12:33:12 +0000 (14:33 +0200)]
Added AES-GCM optimizations using the PCLMULQDQ instruction. Uses Andy Polyakov's assembly code.

11 years agodocumented usage of gnutls_cipher_add_auth().
Nikos Mavrogiannopoulos [Wed, 1 Jun 2011 12:04:11 +0000 (14:04 +0200)]
documented usage of gnutls_cipher_add_auth().

11 years agoupdates.
Nikos Mavrogiannopoulos [Tue, 31 May 2011 22:04:47 +0000 (00:04 +0200)]
updates.

11 years agoPrevent including installed gnutls' headers.
Roman Bogorodskiy [Tue, 31 May 2011 19:56:27 +0000 (21:56 +0200)]
Prevent including installed gnutls' headers.

11 years agoAdd missing <netinet/in.h> to get sockaddr_in.
Roman Bogorodskiy [Tue, 31 May 2011 19:54:48 +0000 (21:54 +0200)]
Add missing <netinet/in.h> to get sockaddr_in.

11 years agoCompatibility text updated.
Nikos Mavrogiannopoulos [Tue, 31 May 2011 09:29:15 +0000 (11:29 +0200)]
Compatibility text updated.

11 years agoAdded new AES code by Andy.
Nikos Mavrogiannopoulos [Sun, 29 May 2011 21:34:55 +0000 (23:34 +0200)]
Added new AES code by Andy.

11 years agoAdded missing file.
Nikos Mavrogiannopoulos [Sun, 29 May 2011 10:39:46 +0000 (12:39 +0200)]
Added missing file.

11 years agomore files to ignore
Nikos Mavrogiannopoulos [Sun, 29 May 2011 10:39:44 +0000 (12:39 +0200)]
more files to ignore

11 years agoAdded FSF copyright to public domain files.
Nikos Mavrogiannopoulos [Sun, 29 May 2011 10:35:57 +0000 (12:35 +0200)]
Added FSF copyright to public domain files.

11 years agoUse cpuid.h if it exists, to use the x86 CPUID instruction.
Nikos Mavrogiannopoulos [Sun, 29 May 2011 10:01:16 +0000 (12:01 +0200)]
Use cpuid.h if it exists, to use the x86 CPUID instruction.

11 years agoAdded Dash.
Nikos Mavrogiannopoulos [Sat, 28 May 2011 23:40:16 +0000 (01:40 +0200)]
Added Dash.

11 years agosimplified _gnutls_supported_compression_methods().
Nikos Mavrogiannopoulos [Sat, 28 May 2011 21:54:33 +0000 (23:54 +0200)]
simplified _gnutls_supported_compression_methods().

11 years agoCorrectly set compression method when resuming sessions.
Nikos Mavrogiannopoulos [Sat, 28 May 2011 21:44:58 +0000 (23:44 +0200)]
Correctly set compression method when resuming sessions.
Reported by Dash Shendy.

11 years agodigest_length() uses int as input.
Nikos Mavrogiannopoulos [Sat, 28 May 2011 18:26:45 +0000 (20:26 +0200)]
digest_length() uses int as input.

11 years agoFix warnings with GCC 4.5.2
Stef Walter [Sat, 28 May 2011 16:31:35 +0000 (18:31 +0200)]
Fix warnings with GCC 4.5.2

11 years agoCorrected EXTRA_DIST
Nikos Mavrogiannopoulos [Sat, 28 May 2011 11:49:45 +0000 (13:49 +0200)]
Corrected EXTRA_DIST

11 years agoupdated keys.
Nikos Mavrogiannopoulos [Sat, 28 May 2011 10:24:06 +0000 (12:24 +0200)]
updated keys.

11 years agoTake into account each and every advertized public key algorithm when selecting a...
Nikos Mavrogiannopoulos [Sat, 28 May 2011 10:09:41 +0000 (12:09 +0200)]
Take into account each and every advertized public key algorithm when selecting a certificate. Previously we were assuming only RSA or DSA, or ANY.

11 years agoAdded feature to specify ecc private keys and certificates.
Nikos Mavrogiannopoulos [Sat, 28 May 2011 09:45:24 +0000 (11:45 +0200)]
Added feature to specify ecc private keys and certificates.

11 years agoCorrected ECC ciphersuite detection.
Nikos Mavrogiannopoulos [Sat, 28 May 2011 09:45:01 +0000 (11:45 +0200)]
Corrected ECC ciphersuite detection.

11 years agoLaxed verification checks for DSA to allow SHA256 in place of SHA224.
Nikos Mavrogiannopoulos [Sat, 28 May 2011 09:42:43 +0000 (11:42 +0200)]
Laxed verification checks for DSA to allow SHA256 in place of SHA224.
Added new certificate sets in doc/credentials/x509/.

11 years agoECDHE and ECDSA were added to deafult priorities.
Nikos Mavrogiannopoulos [Sat, 28 May 2011 09:41:34 +0000 (11:41 +0200)]
ECDHE and ECDSA were added to deafult priorities.

11 years agognutls_secure_malloc() is no longer used.
Nikos Mavrogiannopoulos [Sat, 28 May 2011 07:41:22 +0000 (09:41 +0200)]
gnutls_secure_malloc() is no longer used.

11 years agodeinitialize PSK key memory.
Nikos Mavrogiannopoulos [Fri, 27 May 2011 22:09:20 +0000 (00:09 +0200)]
deinitialize PSK key memory.

11 years agoexplicitly request for client key in server side.
Nikos Mavrogiannopoulos [Fri, 27 May 2011 22:00:06 +0000 (00:00 +0200)]
explicitly request for client key in server side.

11 years agoAdded ECDHE-PSK ciphersuites for TLS (RFC 5489).
Nikos Mavrogiannopoulos [Fri, 27 May 2011 21:53:38 +0000 (23:53 +0200)]
Added ECDHE-PSK ciphersuites for TLS (RFC 5489).

11 years agoCorrections.
Nikos Mavrogiannopoulos [Fri, 27 May 2011 16:09:26 +0000 (18:09 +0200)]
Corrections.

11 years agoignore tex files.
Nikos Mavrogiannopoulos [Fri, 27 May 2011 15:24:15 +0000 (17:24 +0200)]
ignore tex files.

11 years agoDo not list all licenses in the manual of gnutls. Just the license of the manual...
Nikos Mavrogiannopoulos [Fri, 27 May 2011 15:23:17 +0000 (17:23 +0200)]
Do not list all licenses in the manual of gnutls. Just the license of the manual is enough.

11 years agoguile bindings added as a separate document.
Nikos Mavrogiannopoulos [Fri, 27 May 2011 15:18:56 +0000 (17:18 +0200)]
guile bindings added as a separate document.

11 years agoreorganization. Removed guile bindings.
Nikos Mavrogiannopoulos [Fri, 27 May 2011 15:11:57 +0000 (17:11 +0200)]
reorganization. Removed guile bindings.

11 years agoreorganization and added section on parameter generation.
Nikos Mavrogiannopoulos [Fri, 27 May 2011 12:48:03 +0000 (14:48 +0200)]
reorganization and added section on parameter generation.

11 years agoAdded new headers. gnutls_2_99_2
Nikos Mavrogiannopoulos [Thu, 26 May 2011 16:55:06 +0000 (18:55 +0200)]
Added new headers.

11 years agodocument elliptic curves addition.
Nikos Mavrogiannopoulos [Thu, 26 May 2011 16:52:54 +0000 (18:52 +0200)]
document elliptic curves addition.

11 years agolibgcrypt support was removed.
Nikos Mavrogiannopoulos [Thu, 26 May 2011 16:50:08 +0000 (18:50 +0200)]
libgcrypt support was removed.

11 years agolisted newly added functions.
Nikos Mavrogiannopoulos [Thu, 26 May 2011 16:45:07 +0000 (18:45 +0200)]
listed newly added functions.

11 years agoUse nettle's functions for integer import/export.
Nikos Mavrogiannopoulos [Thu, 26 May 2011 12:10:01 +0000 (14:10 +0200)]
Use nettle's functions for integer import/export.

11 years agomore updates for ECDSA ciphersuites.
Nikos Mavrogiannopoulos [Thu, 26 May 2011 16:33:17 +0000 (18:33 +0200)]
more updates for ECDSA ciphersuites.

11 years agoreduced debugging.
Nikos Mavrogiannopoulos [Thu, 26 May 2011 16:31:02 +0000 (18:31 +0200)]
reduced debugging.

11 years agoChanges to allow ECDH-DSA with client mode certificates.
Nikos Mavrogiannopoulos [Thu, 26 May 2011 15:47:11 +0000 (17:47 +0200)]
Changes to allow ECDH-DSA with client mode certificates.

11 years agoAdded server and client mode tests for ECDH-ECDSA.
Nikos Mavrogiannopoulos [Thu, 26 May 2011 15:46:36 +0000 (17:46 +0200)]
Added server and client mode tests for ECDH-ECDSA.

11 years agoAdded gnutls_global_set_time_function() to allow overriding
Nikos Mavrogiannopoulos [Thu, 26 May 2011 06:07:22 +0000 (08:07 +0200)]
Added gnutls_global_set_time_function() to allow overriding
the default system time() function.

11 years agoFix example in the documentation.
Giuseppe Scrivano [Wed, 25 May 2011 16:33:08 +0000 (18:33 +0200)]
Fix example in the documentation.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
11 years agoupdated documentation on PSK.
Nikos Mavrogiannopoulos [Wed, 25 May 2011 21:31:30 +0000 (23:31 +0200)]
updated documentation on PSK.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
11 years agoIf Q=-P return the point at infinity.
Nikos Mavrogiannopoulos [Wed, 25 May 2011 21:27:51 +0000 (23:27 +0200)]
If Q=-P return the point at infinity.

11 years agoAdded elliptic curves chain certificate.
Nikos Mavrogiannopoulos [Wed, 25 May 2011 18:04:59 +0000 (20:04 +0200)]
Added elliptic curves chain certificate.

11 years agodo not try to write to a socket when no data.
Nikos Mavrogiannopoulos [Tue, 24 May 2011 22:20:26 +0000 (00:20 +0200)]
do not try to write to a socket when no data.

11 years agoincreased log level
Nikos Mavrogiannopoulos [Tue, 24 May 2011 15:50:33 +0000 (17:50 +0200)]
increased log level

11 years ago_gnutls_handshake_hash_buffer_clear was replaced by _gnutls_buffer_clear();
Nikos Mavrogiannopoulos [Tue, 24 May 2011 15:42:22 +0000 (17:42 +0200)]
_gnutls_handshake_hash_buffer_clear was replaced by  _gnutls_buffer_clear();

11 years agoOnly warn on invalid security level hashes.
Nikos Mavrogiannopoulos [Mon, 23 May 2011 20:57:59 +0000 (22:57 +0200)]
Only warn on invalid security level hashes.

11 years agoSHA256 is the default hash algorithm in certtool.
Nikos Mavrogiannopoulos [Mon, 23 May 2011 20:57:26 +0000 (22:57 +0200)]
SHA256 is the default hash algorithm in certtool.

11 years agoSeveral updates to allow generation and signing of an ECC certificate.
Nikos Mavrogiannopoulos [Mon, 23 May 2011 20:42:35 +0000 (22:42 +0200)]
Several updates to allow generation and signing of an ECC certificate.

11 years agoupdated certtool info.
Nikos Mavrogiannopoulos [Mon, 23 May 2011 20:17:17 +0000 (22:17 +0200)]
updated certtool info.

11 years agocorrected bug in ciphersuite name searching.
Nikos Mavrogiannopoulos [Mon, 23 May 2011 10:54:16 +0000 (12:54 +0200)]
corrected bug in ciphersuite name searching.

11 years agoDiscussed the newly added ciphersuites.
Nikos Mavrogiannopoulos [Sun, 22 May 2011 20:39:10 +0000 (22:39 +0200)]
Discussed the newly added ciphersuites.

11 years agoAdded algorithms/ to function index.
Nikos Mavrogiannopoulos [Sun, 22 May 2011 20:31:03 +0000 (22:31 +0200)]
Added algorithms/ to function index.

11 years agoAdded ECC ciphersuites from rfc5289.
Nikos Mavrogiannopoulos [Sun, 22 May 2011 20:27:59 +0000 (22:27 +0200)]
Added ECC ciphersuites from rfc5289.

11 years agoPrint the private key after generation. Print ECC keys.
Nikos Mavrogiannopoulos [Sun, 22 May 2011 20:16:47 +0000 (22:16 +0200)]
Print the private key after generation. Print ECC keys.

11 years agoAdded gnutls_x509_privkey_import_ecc_raw() and gnutls_x509_privkey_export_ecc_raw().
Nikos Mavrogiannopoulos [Sun, 22 May 2011 20:15:42 +0000 (22:15 +0200)]
Added gnutls_x509_privkey_import_ecc_raw() and gnutls_x509_privkey_export_ecc_raw().

11 years agoDecode PEM ECC private keys.
Nikos Mavrogiannopoulos [Sun, 22 May 2011 18:18:12 +0000 (20:18 +0200)]
Decode PEM ECC private keys.

11 years agoupdates to allow the generation of an ECC private key.
Nikos Mavrogiannopoulos [Sun, 22 May 2011 18:09:08 +0000 (20:09 +0200)]
updates to allow the generation of an ECC private key.

11 years agodo not crash on null message.
Nikos Mavrogiannopoulos [Sun, 22 May 2011 18:08:45 +0000 (20:08 +0200)]
do not crash on null message.

11 years agoupdated
Nikos Mavrogiannopoulos [Sun, 22 May 2011 17:39:56 +0000 (19:39 +0200)]
updated

11 years agoAdded support for verifying server certificates with ECDSA.
Nikos Mavrogiannopoulos [Sun, 22 May 2011 17:36:28 +0000 (19:36 +0200)]
Added support for verifying server certificates with ECDSA.

11 years agoOnly reply with ECC Packet format extension if we have negotiated ECC.
Nikos Mavrogiannopoulos [Sun, 22 May 2011 15:56:54 +0000 (17:56 +0200)]
Only reply with ECC Packet format extension if we have negotiated ECC.

11 years agoleak fix and updates for new formats.
Nikos Mavrogiannopoulos [Sun, 22 May 2011 15:40:40 +0000 (17:40 +0200)]
leak fix and updates for new formats.

11 years agoAdded ECDHE-RSA tests.
Nikos Mavrogiannopoulos [Sun, 22 May 2011 15:39:59 +0000 (17:39 +0200)]
Added ECDHE-RSA tests.

11 years agoalways put leading zero to output keys
Nikos Mavrogiannopoulos [Sun, 22 May 2011 15:20:24 +0000 (17:20 +0200)]
always put leading zero to output keys

11 years agoprint the bits together with the security level.
Nikos Mavrogiannopoulos [Sun, 22 May 2011 15:20:06 +0000 (17:20 +0200)]
print the bits together with the security level.

11 years agoleaks fixes.
Nikos Mavrogiannopoulos [Sun, 22 May 2011 15:11:43 +0000 (17:11 +0200)]
leaks fixes.

11 years agocorrected file descriptor leak.
Nikos Mavrogiannopoulos [Sun, 22 May 2011 15:09:43 +0000 (17:09 +0200)]
corrected file descriptor leak.

11 years agognutls_algorithms.h -> algorithms.h
Nikos Mavrogiannopoulos [Sun, 22 May 2011 14:28:39 +0000 (16:28 +0200)]
gnutls_algorithms.h -> algorithms.h

11 years agocorrected ECC public key encoding/decoding.
Nikos Mavrogiannopoulos [Sun, 22 May 2011 14:27:27 +0000 (16:27 +0200)]
corrected ECC public key encoding/decoding.

11 years agoCorrected bug in public key import.
Nikos Mavrogiannopoulos [Sun, 22 May 2011 14:26:12 +0000 (16:26 +0200)]
Corrected bug in public key import.
print information on ECC public keys.

11 years agoNo need to keep Z in parameters since the pubkey can always be converted to an affine...
Nikos Mavrogiannopoulos [Sun, 22 May 2011 14:09:14 +0000 (16:09 +0200)]
No need to keep Z in parameters since the pubkey can always be converted to an affine point.

11 years agoprint information on ECC certificates.
Nikos Mavrogiannopoulos [Sun, 22 May 2011 13:59:58 +0000 (15:59 +0200)]
print information on ECC certificates.

11 years agognutls_pk_params_st is used internally to transfer public key parameters. This replac...
Nikos Mavrogiannopoulos [Sun, 22 May 2011 09:55:33 +0000 (11:55 +0200)]
gnutls_pk_params_st is used internally to transfer public key parameters. This replaces the raw bigint_t arrays.

11 years agoCurve TLS ID is being stored in algorithms/ecc.c.
Nikos Mavrogiannopoulos [Sat, 21 May 2011 17:08:55 +0000 (19:08 +0200)]
Curve TLS ID is being stored in algorithms/ecc.c.

11 years agognutls_algorithms.c was split into manageable files in algorithms/.
Nikos Mavrogiannopoulos [Sat, 21 May 2011 16:55:31 +0000 (18:55 +0200)]
gnutls_algorithms.c was split into manageable files in algorithms/.

11 years agouse the _gnutls_session_is_ecc() to check for ECDH.
Nikos Mavrogiannopoulos [Sat, 21 May 2011 15:07:40 +0000 (17:07 +0200)]
use the _gnutls_session_is_ecc() to check for ECDH.

11 years agoAdded OIDs and definitions for ECDSA signature algorithm.
Nikos Mavrogiannopoulos [Sat, 21 May 2011 11:11:34 +0000 (13:11 +0200)]
Added OIDs and definitions for ECDSA signature algorithm.

11 years agoPrint purpose of testing.
Nikos Mavrogiannopoulos [Sat, 21 May 2011 10:34:29 +0000 (12:34 +0200)]
Print purpose of testing.

11 years agocompare ECDH and DH on the same security level.
Nikos Mavrogiannopoulos [Sat, 21 May 2011 10:29:57 +0000 (12:29 +0200)]
compare ECDH and DH on the same security level.

11 years agoAdded ability to specify curves as priority strings.
Nikos Mavrogiannopoulos [Sat, 21 May 2011 10:29:37 +0000 (12:29 +0200)]
Added ability to specify curves as priority strings.

11 years agoremoved ecc_is_valid_idx() prototype
Nikos Mavrogiannopoulos [Sat, 21 May 2011 09:36:16 +0000 (11:36 +0200)]
removed ecc_is_valid_idx() prototype

11 years agoDropped ltc_ from function and type names.
Nikos Mavrogiannopoulos [Sat, 21 May 2011 08:44:44 +0000 (10:44 +0200)]
Dropped ltc_ from function and type names.

11 years agocorrected memory leak.
Nikos Mavrogiannopoulos [Sat, 21 May 2011 07:59:35 +0000 (09:59 +0200)]
corrected memory leak.

11 years agouse new nettle's name for gcm_aes_auth().
Nikos Mavrogiannopoulos [Sat, 21 May 2011 07:37:58 +0000 (09:37 +0200)]
use new nettle's name for gcm_aes_auth().

11 years agoOverride gnulib code with fix for memxor and valgrind.
Simon Josefsson [Sat, 21 May 2011 07:40:20 +0000 (09:40 +0200)]
Override gnulib code with fix for memxor and valgrind.

11 years agoAdded support for ECDHE-RSA ciphersuites.
Nikos Mavrogiannopoulos [Sat, 21 May 2011 07:23:48 +0000 (09:23 +0200)]
Added support for ECDHE-RSA ciphersuites.