diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2002-06-24 20:06:32 +0000 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2002-06-24 20:06:32 +0000 |
| commit | 03028d146e69c6aa9bad516ff7dc9db59581f534 (patch) | |
| tree | 4ea23ee2109cec9b14ba1301b9434e4e195feb1a | |
| parent | c5130bd707dc4a745aeafaead102366991cfe34d (diff) | |
| download | gnutls_0_4_x_release_patches.tar.gz | |
*** empty log message ***gnutls_0_4_x_release_patches
| -rw-r--r-- | NEWS | 18 | ||||
| -rw-r--r-- | configure.in | 97 | ||||
| -rw-r--r-- | lib/gnutls_pk.c | 47 |
3 files changed, 51 insertions, 111 deletions
@@ -1,18 +1,6 @@ -Version ?.?.? -- Added X.509 certificate tests in tests/ directory -- Removed stubs for SRP and Anonymous authentication. They served - no purpose since they are always included, unless it was requested - not to do so. -- Added gnutls_handshake_set_private_extensions() function. This - function can be used to enable private (gnutls specific) cipher suites - and compression algorithms. -- Added check for C99 macro support by the compiler. -- Added functions gnutls_b64_encode_fmt2() and gnutls_b64_decode_fmt2() -- Added the new libtasn1 library. -- Removed the gdbm backend. Applications are now responsible for the - session resuming backend. The gnutls-serv application contains an - simple example on how to use gdbm for resuming. -- Headers for the gnutls library are now installed in $(includedir)/gnutls +Version 0.4.4 (24/06/2002) +- Corrected bug in PKCS-1 RSA encryption which prevented gnutls to encrypt + using keys of some specific size. Version 0.4.3 (23/05/2002) - The gnutls-extra library now compiles fine, if the opencdk library is diff --git a/configure.in b/configure.in index c40cfb032f..7d96f17ea6 100644 --- a/configure.in +++ b/configure.in @@ -11,8 +11,8 @@ AC_DEFINE_UNQUOTED(T_OS, "$target_os") dnl Gnutls Version GNUTLS_MAJOR_VERSION=0 -GNUTLS_MINOR_VERSION=5 -GNUTLS_MICRO_VERSION=0 +GNUTLS_MINOR_VERSION=4 +GNUTLS_MICRO_VERSION=4 GNUTLS_VERSION=$GNUTLS_MAJOR_VERSION.$GNUTLS_MINOR_VERSION.$GNUTLS_MICRO_VERSION AC_DEFINE_UNQUOTED(GNUTLS_VERSION, "$GNUTLS_VERSION") @@ -23,7 +23,7 @@ AM_CONFIG_HEADER(config.h) dnl This is the library version GNUTLS_MOST_RECENT_INTERFACE=5 GNUTLS_CURRENT_INTERFACE_IMPLEMENTATION_NUMBER=$GNUTLS_MICRO_VERSION -GNUTLS_OLDEST_INTERFACE=5 +GNUTLS_OLDEST_INTERFACE=4 AC_SUBST(GNUTLS_MAJOR_VERSION) @@ -95,21 +95,6 @@ AC_MSG_RESULT([*** AC_C_CONST AC_C_INLINE -AC_MSG_CHECKING([whether C99 macros are supported]) -AC_TRY_COMPILE(,[ -#define test_mac(...) -int z,y,x; -test_mac(x,y,z); -return 0; -], -dnl ***** OK -AC_DEFINE(C99_MACROS) -AC_MSG_RESULT(yes), -dnl ***** NOT FOUND -AC_MSG_RESULT(no) -AC_MSG_WARN([C99 macros are not supported by your compiler. This may -affect performance.]) -) if test $ac_cv_c_compiler_gnu != no; then @@ -166,10 +151,6 @@ AC_CHECK_SIZEOF(unsigned int, 4) AC_CHECK_SIZEOF(unsigned short int, 2) AC_CHECK_SIZEOF(unsigned char, 1) -AC_CHECK_TYPES(ptrdiff_t,,, [ -# include <sys/types.h> -]) - AC_CHECK_TYPE(size_t, DEFINE_SIZE_T="#include <sys/types.h>" AC_SUBST( DEFINE_SIZE_T) @@ -252,11 +233,9 @@ AC_ARG_WITH( ext-libraries, [ --without-ext-libraries disable external librarie if test x$ac_ext_libraries != xno; then AC_MSG_RESULT(yes) - AC_CHECK_LIB(gdbm, gdbm_open, -AC_DEFINE(HAVE_LIBGDBM) -SERV_LIBS="-lgdbm", AC_MSG_WARN( + AC_CHECK_LIB(gdbm, gdbm_open,, AC_MSG_WARN( *** -*** GDBM was not found. This is only needed for the gnutls-serv application.)) +*** GDBM was not found. You will not be able to use the default gdbm session resumption backend.)) AC_CHECK_LIB(z, compress,,AC_MSG_WARN( *** *** ZLIB was not found. You will not be able to use ZLIB compression.)) @@ -293,47 +272,30 @@ AC_ARG_ENABLE( openpgp-authentication, [ --disable-openpgp-authentication disab ) if test x$ac_enable_openpgp != xno; then AC_MSG_RESULT(no) - AM_PATH_LIBOPENCDK( 0.2.0, AC_DEFINE(HAVE_LIBOPENCDK), + AM_PATH_LIBOPENCDK( 0.1.0, AC_DEFINE(HAVE_LIBOPENCDK), AC_MSG_WARN([[ *** -*** libopencdk 0.2.0 was not found. You will not be able to use OpenPGP keys with gnutls. +*** libopencdk was not found. You will not be able to use OpenPGP keys with gnutls. ]])) else AC_MSG_RESULT(yes) fi -AC_ARG_WITH(included-libtasn1, - [ --with-included-libtasn1 Use the included libtasn1], -libtasn1_enabled=yes, libtasn1_enabled=no) -dnl In maintainer mode we always use the included library -if test x$opt_maintainer_mode = xyes; then - libtasn1_enabled=yes -else - libtasn1_enabled=no -fi -AC_CHECK_LIB( tasn1, asn1_array2tree,:, - libtasn1_enabled=yes - AC_MSG_WARN( -*** -*** LibtASN1 was not found. Will use the included one.)) - AC_MSG_RESULT([*** *** Detecting options for shared libraries... ]) AM_PROG_LIBTOOL -LIBGNUTLS_LIBS="$LIBS -L${libdir} -lgnutls -ltasn1 $LIBGCRYPT_LIBS" +LIBGNUTLS_LIBS="$LIBS -L${libdir} -lgnutls $LIBGCRYPT_LIBS" LIBGNUTLS_CFLAGS="$LIBGCRYPT_CFLAGS -I${includedir}" AC_SUBST(LIBGNUTLS_LIBS) AC_SUBST(LIBGNUTLS_CFLAGS) -SERV_LIBS="$LIBS $SERV_LIBS" -AC_SUBST(SERV_LIBS) LIBGNUTLS_EXTRA_LIBS="-L${libdir} -lgnutls-extra -lgnutls $LIBOPENCDK_LIBS" LIBGNUTLS_EXTRA_CFLAGS="$LIBOPENCDK_CFLAGS -I${includedir}" @@ -356,32 +318,22 @@ AC_MSG_WARN(*** fi fi - -if test x"$libtasn1_enabled" = xyes; then - AC_CONFIG_SUBDIRS(libtasn1) - LIBASN1_DIR=libtasn1 - AC_SUBST(LIBASN1_DIR) - LIBASN1_LINK=../libtasn1/lib/libtasn1.la -else - LIBASN1_LINK=-ltasn1 -fi - -AC_SUBST(LIBASN1_LINK) - AC_CONFIG_FILES(lib/gnutls.h.in) -AC_CONFIG_COMMANDS([includes/gnutls/gnutls.h],[[ - test -f lib/gnutls.h.in || (echo "Could not generate includes/gnutls/gnutls.h" && exit 1) - cat lib/gnutls.h.in > includes/gnutls/gnutls.h - cat lib/gnutls_ui.h >> includes/gnutls/gnutls.h - echo "" >> includes/gnutls/gnutls.h - cat lib/gnutls_errors_int.h | grep -v _INT_ >> includes/gnutls/gnutls.h - echo "" >> includes/gnutls/gnutls.h - echo "#ifdef __cplusplus" >> includes/gnutls/gnutls.h - echo "}" >> includes/gnutls/gnutls.h - echo "#endif" >> includes/gnutls/gnutls.h - echo "#endif /* GNUTLS_H */" >> includes/gnutls/gnutls.h - echo "" >> includes/gnutls/gnutls.h +AC_CONFIG_COMMANDS([lib/gnutls.h],[[ + test -f lib/gnutls.h.in || (echo "Could not generate lib/gnutls.h" && exit 1) + cat lib/gnutls.h.in > lib/gnutls.h + cat lib/gnutls_ui.h >> lib/gnutls.h + echo "" >> lib/gnutls.h + cat lib/gnutls_errors_int.h | grep -v _INT_ >> lib/gnutls.h + echo "" >> lib/gnutls.h + cat lib/x509_asn1.h >> lib/gnutls.h + echo "" >> lib/gnutls.h + echo "#ifdef __cplusplus" >> lib/gnutls.h + echo "}" >> lib/gnutls.h + echo "#endif" >> lib/gnutls.h + echo "#endif /* GNUTLS_H */" >> lib/gnutls.h + echo "" >> lib/gnutls.h chmod +x lib/libgnutls-config chmod +x libextra/libgnutls-extra-config ]],[[]]) @@ -389,7 +341,8 @@ AC_CONFIG_COMMANDS([includes/gnutls/gnutls.h],[[ AC_CONFIG_FILES([Makefile src/Makefile libextra/Makefile lib/Makefile \ lib/libgnutls-config libextra/libgnutls-extra-config \ doc/Makefile src/x509/Makefile src/srp/Makefile src/openpgp/Makefile \ -doc/tex/Makefile doc/tex/cover.tex doc/scripts/Makefile \ -tests/Makefile includes/Makefile includes/gnutls/Makefile]) +doc/tex/Makefile doc/tex/cover.tex doc/scripts/Makefile ]) + AC_OUTPUT + diff --git a/lib/gnutls_pk.c b/lib/gnutls_pk.c index 28aa3da152..b9e0b59089 100644 --- a/lib/gnutls_pk.c +++ b/lib/gnutls_pk.c @@ -29,6 +29,7 @@ #include <gnutls_random.h> #include <gnutls_datum.h> #include <gnutls_global.h> +#include <x509_der.h> #include "debug.h" static int _gnutls_pk_encrypt(int algo, GNUTLS_MPI * resarr, GNUTLS_MPI data, GNUTLS_MPI * pkey, int pkey_len); @@ -131,7 +132,6 @@ int _gnutls_pkcs1_rsa_encrypt(gnutls_datum * ciphertext, } _gnutls_mpi_print(NULL, &psize, res); - if (psize < k) { /* padding psize */ pad = k - psize; @@ -139,7 +139,6 @@ int _gnutls_pkcs1_rsa_encrypt(gnutls_datum * ciphertext, } else if (psize==k) { pad = 0; } else { /* psize > k !!! */ - /* This is an impossible situation */ gnutls_assert(); return GNUTLS_E_INTERNAL_ERROR; } @@ -308,46 +307,46 @@ int _gnutls_rsa_verify( const gnutls_datum* vdata, const gnutls_datum *ciphertex /* encodes the Dss-Sig-Value structure */ static int encode_ber_rs( gnutls_datum* sig_value, GNUTLS_MPI r, GNUTLS_MPI s) { -ASN1_TYPE sig; +node_asn* sig; int result; opaque str[MAX_PARAMETER_SIZE]; size_t len = sizeof(str); size_t tot_len = 0; - if ((result=_gnutls_asn1_create_element( _gnutls_get_gnutls_asn(), "GNUTLS.DSASignatureValue", - &sig, "sig"))!=ASN1_SUCCESS) { + if ((result=asn1_create_structure( _gnutls_get_gnutls_asn(), "GNUTLS.DSASignatureValue", + &sig, "sig"))!=ASN_OK) { gnutls_assert(); return _gnutls_asn2err(result); } if ( _gnutls_mpi_print_lz( str, &len, r) < 0) { gnutls_assert(); - asn1_delete_structure(&sig); + asn1_delete_structure(sig); return GNUTLS_E_MPI_PRINT_FAILED; } tot_len += len; result = asn1_write_value( sig, "sig.r", str, len); - if (result != ASN1_SUCCESS) { + if (result != ASN_OK) { gnutls_assert(); - asn1_delete_structure(&sig); + asn1_delete_structure(sig); return _gnutls_asn2err(result); } len = sizeof(str) - 1; if ( _gnutls_mpi_print_lz( str, &len, s) < 0) { gnutls_assert(); - asn1_delete_structure(&sig); + asn1_delete_structure(sig); return GNUTLS_E_MPI_PRINT_FAILED; } tot_len += len; result = asn1_write_value( sig, "sig.s", str, len); - if (result != ASN1_SUCCESS) { + if (result != ASN_OK) { gnutls_assert(); - asn1_delete_structure(&sig); + asn1_delete_structure(sig); return _gnutls_asn2err(result); } @@ -355,17 +354,17 @@ size_t tot_len = 0; sig_value->data = gnutls_malloc( sig_value->size); if (sig_value->data==NULL) { gnutls_assert(); - asn1_delete_structure(&sig); + asn1_delete_structure(sig); } - result = asn1_der_coding( sig, "sig", sig_value->data, &sig_value->size, NULL); - if (result != ASN1_SUCCESS) { + result = asn1_create_der( sig, "sig", sig_value->data, &sig_value->size); + if (result != ASN_OK) { gnutls_assert(); - asn1_delete_structure(&sig); + asn1_delete_structure(sig); return _gnutls_asn2err(result); } - asn1_delete_structure(&sig); + asn1_delete_structure(sig); return 0; } @@ -417,20 +416,20 @@ int _gnutls_dsa_sign(gnutls_datum * signature, const gnutls_datum *hash, /* decodes the Dss-Sig-Value structure */ static int decode_ber_rs( const gnutls_datum* sig_value, GNUTLS_MPI* r, GNUTLS_MPI* s) { -ASN1_TYPE sig; +node_asn* sig; int result; opaque str[MAX_PARAMETER_SIZE]; - if ((result=_gnutls_asn1_create_element( _gnutls_get_gnutls_asn(), "GNUTLS.DSASignatureValue", &sig, "sig"))!=ASN1_SUCCESS) { + if ((result=asn1_create_structure( _gnutls_get_gnutls_asn(), "GNUTLS.DSASignatureValue", &sig, "sig"))!=ASN_OK) { gnutls_assert(); return _gnutls_asn2err(result); } - result = asn1_der_decoding( &sig, sig_value->data, sig_value->size, NULL); - if (result != ASN1_SUCCESS) { + result = asn1_get_der( sig, sig_value->data, sig_value->size); + if (result != ASN_OK) { gnutls_assert(); - asn1_delete_structure(&sig); + asn1_delete_structure(sig); return _gnutls_asn2err(result); } @@ -438,7 +437,7 @@ opaque str[MAX_PARAMETER_SIZE]; _gnutls_x509_read_int( sig, "sig.r", str, sizeof(str)-1, r); if (result < 0) { gnutls_assert(); - asn1_delete_structure(&sig); + asn1_delete_structure(sig); return result; } @@ -447,11 +446,11 @@ opaque str[MAX_PARAMETER_SIZE]; if (result < 0) { gnutls_assert(); _gnutls_mpi_release( s); - asn1_delete_structure(&sig); + asn1_delete_structure(sig); return result; } - asn1_delete_structure(&sig); + asn1_delete_structure(sig); return 0; } |