*** empty log message ***

author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2002-09-05 19:03:01 +0000
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2002-09-05 19:03:01 +0000
commit: f0706c4772bd6eca67cc90b33623655409fefb20 (patch)
tree: ad6522a397355a4be45b85f1640e00e0a96c286c
parent: 76afe325010c5a56b1b777ae9fdd697023722c55 (diff)
download: gnutls-f0706c4772bd6eca67cc90b33623655409fefb20.tar.gz
6 files changed, 266 insertions, 6 deletions
diff --git a/NEWS b/NEWS
index 896101083f..d1664ce59d 100644
--- a/NEWS
+++ b/NEWS
@@ -1,9 +1,11 @@
 Version 0.5.6
 - Corrected bugs in SRP implementation, which prevented gnutls 
-  to interoperate with other implementations.
+  to interoperate with other implementations. (interoperability testing
+  was done by David Taylor)
 - Corrected bug in cert_type extension.
 - Corrected extension type checks which used an 8 bit extension size,
   instead of 16 bits.
+- Removed the X.509 test suite.
 
 Version 0.5.5 (3/09/2002)
 - Updated the SRP implementation to the latest draft. The blowfish
diff --git a/doc/TODO b/doc/TODO
index d0a0c0778f..142c003629 100644
--- a/doc/TODO
+++ b/doc/TODO
@@ -4,13 +4,13 @@ in order to avoid having people working on the same thing.
 
 Current list:
 + Add ability to read PKCS-12 structures (certificate and private key)
+* Add support for the certificate authenticated SRP cipher suites
 * Add option to read the SRP parameters using a callback (server side)
 * Convert documentation to texinfo format
 * Merge common stuff in DHE and DHA key exchange
 * Add support for certificate CRLs in certificate verification
 * Audit the code
 * Add GPGSM certificate manager support
-- Add support for the certificate authenticated SRP cipher suites
 - Add Kerberos support
 
 (+) Means high priority 
diff --git a/doc/tex/Makefile.am b/doc/tex/Makefile.am
index e51a3c9a51..682c9d6783 100644
--- a/doc/tex/Makefile.am
+++ b/doc/tex/Makefile.am
@@ -1,6 +1,7 @@
 EXTRA_DIST = gnutls.tex gnutls.ps \
 	ex1.tex ex2.tex ex3.tex srp1.tex serv1.tex ex4.tex \
-	fdl.tex cover.tex.in gnutls-logo.ps layers.eps pgp-fig1.eps
+	fdl.tex cover.tex.in gnutls-logo.ps layers.eps pgp-fig1.eps \
+	x509-1.eps
 
 TEX_OBJECTS = gnutls.tex ../../lib/gnutls-api.tex serv1.tex ex1.tex ex2.tex ex3.tex fdl.tex \
 	macros.tex cover.tex ciphersuites.tex handshake.tex translayer.tex \
diff --git a/doc/tex/certificate.tex b/doc/tex/certificate.tex
index ec3ce0055a..6b955f6e1f 100644
--- a/doc/tex/certificate.tex
+++ b/doc/tex/certificate.tex
@@ -1,6 +1,6 @@
 \chapter{More on certificate authentication}
 
-\section{The X.509 trust model}
+\section{The X.509\index{X.509 certificates} trust model}
 \label{x509:trust}
 
 The X.509 protocols rely on a hierarchical trust model. In this trust model
@@ -10,7 +10,12 @@ authorities may certify other authorities to issue certificates as well,
 following a hierachical model. 
 One needs to trust one or more CAs for his secure
 communications. In that case only the certificates issued by the trusted
-authorities are acceptable. 
+authorities are acceptable. See figure \ref{fig:x509-1} for a typical example.
+
+\begin{figure}[hbtp]
+\includegraphics[height=9.5cm,width=9cm]{x509-1}
+\label{fig:x509-1}
+\end{figure}
 
 \par The use of X.509 certificates requires some functions which will 
 assist in parsing them. \gnutls{} includes functions which extract 
@@ -43,7 +48,7 @@ Note that \gnutls{} is not a generic purpose X.509 toolkit\footnote{Aegypten is
 in order to use the TLS ciphersuites which depend on X.509 certificates.
 
 
-\section{The OpenPGP trust model}
+\section{The OpenPGP\index{OpenPGP keys} trust model}
 \label{pgp:trust}
 
 The OpenPGP key authentication relies on a distributed trust model, called
diff --git a/doc/tex/x509-1.eps b/doc/tex/x509-1.eps
new file mode 100644
index 0000000000..5129adb383
--- /dev/null
+++ b/doc/tex/x509-1.eps
@@ -0,0 +1,251 @@
+%!PS-Adobe-2.0 EPSF-2.0
+%%Title: tree1
+%%Creator: Dia v0.90
+%%CreationDate: Thu Sep  5 21:44:57 2002
+%%For: a user
+%%Magnification: 1.0000
+%%Orientation: Portrait
+%%BoundingBox: 0 0 470 617
+%%Pages: 1
+%%EndComments
+%%BeginProlog
+/cp {closepath} bind def
+/c {curveto} bind def
+/f {fill} bind def
+/a {arc} bind def
+/ef {eofill} bind def
+/ex {exch} bind def
+/gr {grestore} bind def
+/gs {gsave} bind def
+/sa {save} bind def
+/rs {restore} bind def
+/l {lineto} bind def
+/m {moveto} bind def
+/rm {rmoveto} bind def
+/n {newpath} bind def
+/s {stroke} bind def
+/sh {show} bind def
+/slc {setlinecap} bind def
+/slj {setlinejoin} bind def
+/slw {setlinewidth} bind def
+/srgb {setrgbcolor} bind def
+/rot {rotate} bind def
+/sc {scale} bind def
+/sd {setdash} bind def
+/ff {findfont} bind def
+/sf {setfont} bind def
+/scf {scalefont} bind def
+/sw {stringwidth pop} bind def
+/tr {translate} bind def
+
+/ellipsedict 8 dict def
+ellipsedict /mtrx matrix put
+/ellipse
+{ ellipsedict begin
+   /endangle exch def
+   /startangle exch def
+   /yrad exch def
+   /xrad exch def
+   /y exch def
+   /x exch def   /savematrix mtrx currentmatrix def
+   x y tr xrad yrad sc
+   0 0 1 startangle endangle arc
+   savematrix setmatrix
+   end
+} def
+
+/mergeprocs {
+dup length
+3 -1 roll
+dup
+length
+dup
+5 1 roll
+3 -1 roll
+add
+array cvx
+dup
+3 -1 roll
+0 exch
+putinterval
+dup
+4 2 roll
+putinterval
+} bind def
+%%EndProlog
+
+%%BeginSetup
+%%EndSetup
+28.346000 -28.346000 scale
+-0.000000 -21.685957 translate
+
+0.100000 slw
+[] 0 sd
+1.000000 1.000000 1.000000 srgb
+n 2.600000 13.250000 0.300000 0.300000 0 360 ellipse f
+0.000000 0.000000 0.000000 srgb
+n 2.600000 13.250000 0.300000 0.300000 0 360 ellipse cp s
+n 1.400000 13.850000 m 3.800000 13.850000 l s
+n 2.600000 13.550000 m 2.600000 15.050000 l s
+n 2.600000 15.050000 m 1.400000 16.350000 l s
+n 2.600000 15.050000 m 3.800000 16.350000 l s
+ [ /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi
+ /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi
+ /A /l /i /c /e /B /o /b /xi /xi /R /t /space /C /I /W
+ /S /r /v /T /w /y /p /a /X /period /five /zero /nine /f /n /h
+ /s /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi
+ /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi
+ /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi
+ /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi
+ /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi
+ /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi
+ /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi
+ /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi
+ /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi
+ /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi
+ /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi
+ /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi /xi
+] /e0 exch def
+/Courier-Bold_e0 undefinefont
+/Courier-Bold_e0
+  /Courier-Bold findfont
+  dup length dict begin
+  {1 index /FID ne {def} {pop pop} ifelse} forall
+  /Encoding e0 def
+  currentdict end
+definefont pop
+/Courier-Bold_e0 ff 0.800000 scf sf
+( !"#$) sw
+2 div 2.600000 ex sub 17.555217 m ( !"#$)
+ gs 1 -1 sc sh gr
+0.100000 slw
+[] 0 sd
+1.000000 1.000000 1.000000 srgb
+n 7.200000 13.450000 0.300000 0.300000 0 360 ellipse f
+0.000000 0.000000 0.000000 srgb
+n 7.200000 13.450000 0.300000 0.300000 0 360 ellipse cp s
+n 6.000000 14.050000 m 8.400000 14.050000 l s
+n 7.200000 13.750000 m 7.200000 15.250000 l s
+n 7.200000 15.250000 m 6.000000 16.550000 l s
+n 7.200000 15.250000 m 8.400000 16.550000 l s
+/Courier-Bold_e0 ff 0.800000 scf sf
+(%&') sw
+2 div 7.200000 ex sub 17.755217 m (%&')
+ gs 1 -1 sc sh gr
+0.100000 slw
+[] 0 sd
+1.000000 1.000000 1.000000 srgb
+n 6.952400 3.067467 3.052400 1.017467 0 360 ellipse f
+0.000000 0.000000 0.000000 srgb
+n 6.952400 3.067467 3.052400 1.017467 0 360 ellipse cp s
+/Courier-Bold_e0 ff 0.800000 scf sf
+(*&&+,- ) sw
+2 div 6.952400 ex sub 3.272684 m (*&&+,- )
+ gs 1 -1 sc sh gr
+0.100000 slw
+[] 0 sd
+1.000000 1.000000 1.000000 srgb
+n 3.365200 8.200000 2.015200 1.000000 0 360 ellipse f
+0.000000 0.000000 0.000000 srgb
+n 3.365200 8.200000 2.015200 1.000000 0 360 ellipse cp s
+/Courier-Bold_e0 ff 0.800000 scf sf
+(- ,.) sw
+2 div 3.365200 ex sub 8.405217 m (- ,.)
+ gs 1 -1 sc sh gr
+0.100000 slw
+[] 0 sd
+1.000000 1.000000 1.000000 srgb
+n 11.671600 8.100000 2.471600 1.000000 0 360 ellipse f
+0.000000 0.000000 0.000000 srgb
+n 11.671600 8.100000 2.471600 1.000000 0 360 ellipse cp s
+/Courier-Bold_e0 ff 0.800000 scf sf
+(- ,..) sw
+2 div 11.671600 ex sub 8.305217 m (- ,..)
+ gs 1 -1 sc sh gr
+0.100000 slw
+[] 0 sd
+1.000000 1.000000 1.000000 srgb
+n 10.400000 11.650000 m 10.400000 13.450000 l 16.037600 13.450000 l 16.037600 11.650000 l f
+0.000000 0.000000 0.000000 srgb
+n 10.400000 11.650000 m 10.400000 13.450000 l 16.037600 13.450000 l 16.037600 11.650000 l cp s
+/Helvetica_e0 undefinefont
+/Helvetica_e0
+  /Helvetica findfont
+  dup length dict begin
+  {1 index /FID ne {def} {pop pop} ifelse} forall
+  /Encoding e0 def
+  currentdict end
+definefont pop
+/Helvetica_e0 ff 0.800000 scf sf
+(/$',0$12$1) sw
+2 div 13.218800 ex sub 12.762903 m (/$',0$12$1)
+ gs 1 -1 sc sh gr
+0.050000 slw
+n 10.900000 12.950000 m 15.537600 12.950000 l s
+0.100000 slw
+[] 0 sd
+[] 0 sd
+0 slc
+0 slj
+0 slc
+0 slj
+[] 0 sd
+n 0.050000 0.000000 m 16.500000 0.000000 l s
+0 slc
+0 slj
+[] 0 sd
+n 0.050000 19.950000 m 16.500000 19.950000 l s
+0 slc
+0 slj
+[] 0 sd
+n 0.050000 0.000000 m 0.050000 19.950000 l s
+0 slc
+0 slj
+[] 0 sd
+n 16.500000 0.000000 m 16.500000 19.950000 l s
+0.100000 slw
+0 slc
+[] 0 sd
+n 3.489200 7.200000 m 6.896800 4.050000 l s
+0 slj
+n 3.906952 6.473376 m 3.489200 7.200000 l 4.246356 6.840534 l f
+0.100000 slw
+0 slc
+[] 0 sd
+n 11.712000 7.100000 m 6.896800 4.050000 l s
+0 slj
+n 10.902394 6.883118 m 11.712000 7.100000 l 11.169943 6.460724 l f
+0.100000 slw
+0 slc
+[] 0 sd
+n 2.600000 12.350000 m 3.489200 9.200000 l s
+0 slj
+n 2.576738 11.512170 m 2.600000 12.350000 l 3.057933 11.648005 l f
+0.100000 slw
+0 slc
+[] 0 sd
+n 13.141200 11.650000 m 11.712000 9.100000 l s
+0 slj
+n 12.531985 11.074364 m 13.141200 11.650000 l 12.968150 10.829906 l f
+0.100000 slw
+0 slc
+[] 0 sd
+n 7.200000 12.550000 m 11.712000 9.100000 l s
+0 slj
+n 7.683658 11.865474 m 7.200000 12.550000 l 7.987363 12.262668 l f
+/Courier_e0 undefinefont
+/Courier_e0
+  /Courier findfont
+  dup length dict begin
+  {1 index /FID ne {def} {pop pop} ifelse} forall
+  /Encoding e0 def
+  currentdict end
+definefont pop
+/Courier_e0 ff 0.800000 scf sf
+(34&,+56"#7!,89:;<,-$1+"="#7+"&>) sw
+2 div 8.307760 ex sub 20.703100 m (34&,+56"#7!,89:;<,-$1+"="#7+"&>)
+ gs 1 -1 sc sh gr
+(67+?@) sw
+2 div 8.307760 ex sub 21.503100 m (67+?@)
+ gs 1 -1 sc sh gr
+showpage
diff --git a/lib/gnutls_global.h b/lib/gnutls_global.h
index 684a63e3e0..a877c90ff9 100644
--- a/lib/gnutls_global.h
+++ b/lib/gnutls_global.h
@@ -3,6 +3,7 @@
 
 #include <libtasn1.h>
 
+int gnutls_global_init( void);
 int gnutls_is_secure_memory(const void* mem);
 ASN1_TYPE _gnutls_get_gnutls_asn(void);
 ASN1_TYPE _gnutls_get_pkix(void);
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2002-09-05 19:03:01 +0000
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2002-09-05 19:03:01 +0000
commit	f0706c4772bd6eca67cc90b33623655409fefb20 (patch)
tree	ad6522a397355a4be45b85f1640e00e0a96c286c
parent	76afe325010c5a56b1b777ae9fdd697023722c55 (diff)
download	gnutls-f0706c4772bd6eca67cc90b33623655409fefb20.tar.gz