summaryrefslogtreecommitdiff
path: root/doc/tex
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@gnutls.org>2001-12-07 01:02:14 +0000
committerNikos Mavrogiannopoulos <nmav@gnutls.org>2001-12-07 01:02:14 +0000
commitfe9a5536f79d2d34dca6186ce6356b2c71355644 (patch)
tree29e11cb97686e58883653de14147686e830cd010 /doc/tex
parent3b205dfa87e946f28b255ac6b0dd49d08583cf77 (diff)
downloadgnutls-fe9a5536f79d2d34dca6186ce6356b2c71355644.tar.gz
GNUTLS_KX_RSA renamed to GNUTLS_KX_X509PKI_RSA (and the other X509 key
exchange methods). This will allow GNUTLS_KX_PGP_RSA etc.
Diffstat (limited to 'doc/tex')
-rw-r--r--doc/tex/ciphersuites.tex13
-rw-r--r--doc/tex/ex1.tex2
-rw-r--r--doc/tex/ex2.tex4
-rw-r--r--doc/tex/ex3.tex2
-rw-r--r--doc/tex/serv1.tex2
-rw-r--r--doc/tex/srp1.tex2
6 files changed, 9 insertions, 16 deletions
diff --git a/doc/tex/ciphersuites.tex b/doc/tex/ciphersuites.tex
index 53385cfc0a..d656df3648 100644
--- a/doc/tex/ciphersuites.tex
+++ b/doc/tex/ciphersuites.tex
@@ -1,9 +1,10 @@
\newpage
\section{TLS Cipher suites}
\par
-\tls 1.0 supports ciphersuites like {\bf TLS\_DHE\_RSA\_WITH\_3DES\_CBC\_SHA}.
+\tls 1.0 supports ciphersuites like {\bf TLS\_X509PKI\_DHE\_RSA\_WITH\_3DES\_CBC\_SHA}.
These ciphersuites contain three parameters:
\begin{itemize}
+\item The key authentication method (X.509 PKI in the example)
\item The key exchange algorithm (DHE\_RSA in the example)
\item The Symmetric encryption algorithm and mode (3DES\_CBC in this
example)
@@ -30,14 +31,6 @@ DHE\_DSS & The DSS\footnote{DSS stands for Digital Signature Standard} algorithm
parameters which are send to the peer. Currently \gnutls does not support this ciphersuite.
\\
\hline
-DH\_DSS & Static Diffie Hellman parameters signed by a DSS certificate.
-\gnutls does not support this ciphersuite.
-\\
-\hline
-DH\_RSA & Static Diffie Hellman parameters signed by an RSA certificate.
-\gnutls does not support this ciphersuite.
-\\
-\hline
\end{tabular}
\caption{Supported X.509 key exchange algorithms}
@@ -48,7 +41,7 @@ DH\_RSA & Static Diffie Hellman parameters signed by an RSA certificate.
\begin{tabular}{|l|p{9cm}|}
\hline
-DH\_ANON & This algorithm exchanges not signed diffie Hellman parameters. That way encryption may
+ANON\_DH & This algorithm exchanges not signed diffie Hellman parameters. That way encryption may
be performed but there is no indication of the identity of the peer. This kind of
authentication is vulnerable to man in the middle attack, but this protocol
can be used even if there is no prior communication or common trusted
diff --git a/doc/tex/ex1.tex b/doc/tex/ex1.tex
index 27fbcca778..619a2f4a38 100644
--- a/doc/tex/ex1.tex
+++ b/doc/tex/ex1.tex
@@ -17,7 +17,7 @@
#define MSG "GET / HTTP/1.0\r\n\r\n"
const int protocol_priority[] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 };
-const int kx_priority[] = { GNUTLS_KX_RSA, GNUTLS_KX_DHE_RSA, 0 };
+const int kx_priority[] = { GNUTLS_KX_X509PKI_RSA, GNUTLS_KX_X509PKI_DHE_RSA, 0 };
const int cipher_priority[] = { GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR, 0};
const int comp_priority[] = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_NULL, 0 };
const int mac_priority[] = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 };
diff --git a/doc/tex/ex2.tex b/doc/tex/ex2.tex
index 9aab9b0dd9..0550e7e002 100644
--- a/doc/tex/ex2.tex
+++ b/doc/tex/ex2.tex
@@ -25,7 +25,7 @@ int main()
char buffer[MAX_BUF + 1];
X509PKI_CLIENT_CREDENTIALS xcred;
const int protocol_priority[] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 };
- const int kx_priority[] = { GNUTLS_KX_RSA, 0 };
+ const int kx_priority[] = { GNUTLS_KX_X509PKI_RSA, 0 };
const int cipher_priority[] = { GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR, 0};
const int comp_priority[] = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_NULL, 0 };
const int mac_priority[] = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 };
@@ -75,7 +75,7 @@ int main()
*/
gnutls_compression_set_priority(state, comp_priority);
- /* use GNUTLS_KX_RSA
+ /* use GNUTLS_KX_X509PKI_RSA
*/
gnutls_kx_set_priority(state, kx_priority);
diff --git a/doc/tex/ex3.tex b/doc/tex/ex3.tex
index 01a3caf008..7709b39948 100644
--- a/doc/tex/ex3.tex
+++ b/doc/tex/ex3.tex
@@ -31,7 +31,7 @@ int print_info(GNUTLS_STATE state)
/* Check if we have been using ephemeral Diffie Hellman.
*/
- if (kx == GNUTLS_KX_DHE_RSA || kx == GNUTLS_KX_DHE_DSS) {
+ if (kx == GNUTLS_KX_X509PKI_DHE_RSA || kx == GNUTLS_KX_X509PKI_DHE_DSS) {
printf("\n- Ephemeral DH using prime of %d bits\n",
gnutls_x509pki_server_get_dh_bits( state));
}
diff --git a/doc/tex/serv1.tex b/doc/tex/serv1.tex
index 7d2ef42613..88fbd6dff7 100644
--- a/doc/tex/serv1.tex
+++ b/doc/tex/serv1.tex
@@ -38,7 +38,7 @@ GNUTLS_STATE initialize_state()
GNUTLS_STATE state;
int ret;
const int protocol_priority[] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 };
- const int kx_priority[] = { GNUTLS_KX_RSA, GNUTLS_KX_DHE_RSA, GNUTLS_KX_SRP, 0 };
+ const int kx_priority[] = { GNUTLS_KX_X509PKI_RSA, GNUTLS_KX_X509PKI_DHE_RSA, GNUTLS_KX_SRP, 0 };
const int cipher_priority[] = { GNUTLS_CIPHER_RIJNDAEL_CBC, GNUTLS_CIPHER_3DES_CBC, 0};
const int comp_priority[] = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_NULL, 0 };
const int mac_priority[] = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 };
diff --git a/doc/tex/srp1.tex b/doc/tex/srp1.tex
index 4c93016062..9043be15ff 100644
--- a/doc/tex/srp1.tex
+++ b/doc/tex/srp1.tex
@@ -72,7 +72,7 @@ int main()
*/
gnutls_compression_set_priority(state, comp_priority);
- /* use GNUTLS_KX_RSA
+ /* use GNUTLS_KX_SRP
*/
gnutls_kx_set_priority(state, kx_priority);