diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2001-12-07 01:02:14 +0000 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2001-12-07 01:02:14 +0000 |
commit | fe9a5536f79d2d34dca6186ce6356b2c71355644 (patch) | |
tree | 29e11cb97686e58883653de14147686e830cd010 /doc/tex | |
parent | 3b205dfa87e946f28b255ac6b0dd49d08583cf77 (diff) | |
download | gnutls-fe9a5536f79d2d34dca6186ce6356b2c71355644.tar.gz |
GNUTLS_KX_RSA renamed to GNUTLS_KX_X509PKI_RSA (and the other X509 key
exchange methods). This will allow GNUTLS_KX_PGP_RSA etc.
Diffstat (limited to 'doc/tex')
-rw-r--r-- | doc/tex/ciphersuites.tex | 13 | ||||
-rw-r--r-- | doc/tex/ex1.tex | 2 | ||||
-rw-r--r-- | doc/tex/ex2.tex | 4 | ||||
-rw-r--r-- | doc/tex/ex3.tex | 2 | ||||
-rw-r--r-- | doc/tex/serv1.tex | 2 | ||||
-rw-r--r-- | doc/tex/srp1.tex | 2 |
6 files changed, 9 insertions, 16 deletions
diff --git a/doc/tex/ciphersuites.tex b/doc/tex/ciphersuites.tex index 53385cfc0a..d656df3648 100644 --- a/doc/tex/ciphersuites.tex +++ b/doc/tex/ciphersuites.tex @@ -1,9 +1,10 @@ \newpage \section{TLS Cipher suites} \par -\tls 1.0 supports ciphersuites like {\bf TLS\_DHE\_RSA\_WITH\_3DES\_CBC\_SHA}. +\tls 1.0 supports ciphersuites like {\bf TLS\_X509PKI\_DHE\_RSA\_WITH\_3DES\_CBC\_SHA}. These ciphersuites contain three parameters: \begin{itemize} +\item The key authentication method (X.509 PKI in the example) \item The key exchange algorithm (DHE\_RSA in the example) \item The Symmetric encryption algorithm and mode (3DES\_CBC in this example) @@ -30,14 +31,6 @@ DHE\_DSS & The DSS\footnote{DSS stands for Digital Signature Standard} algorithm parameters which are send to the peer. Currently \gnutls does not support this ciphersuite. \\ \hline -DH\_DSS & Static Diffie Hellman parameters signed by a DSS certificate. -\gnutls does not support this ciphersuite. -\\ -\hline -DH\_RSA & Static Diffie Hellman parameters signed by an RSA certificate. -\gnutls does not support this ciphersuite. -\\ -\hline \end{tabular} \caption{Supported X.509 key exchange algorithms} @@ -48,7 +41,7 @@ DH\_RSA & Static Diffie Hellman parameters signed by an RSA certificate. \begin{tabular}{|l|p{9cm}|} \hline -DH\_ANON & This algorithm exchanges not signed diffie Hellman parameters. That way encryption may +ANON\_DH & This algorithm exchanges not signed diffie Hellman parameters. That way encryption may be performed but there is no indication of the identity of the peer. This kind of authentication is vulnerable to man in the middle attack, but this protocol can be used even if there is no prior communication or common trusted diff --git a/doc/tex/ex1.tex b/doc/tex/ex1.tex index 27fbcca778..619a2f4a38 100644 --- a/doc/tex/ex1.tex +++ b/doc/tex/ex1.tex @@ -17,7 +17,7 @@ #define MSG "GET / HTTP/1.0\r\n\r\n" const int protocol_priority[] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 }; -const int kx_priority[] = { GNUTLS_KX_RSA, GNUTLS_KX_DHE_RSA, 0 }; +const int kx_priority[] = { GNUTLS_KX_X509PKI_RSA, GNUTLS_KX_X509PKI_DHE_RSA, 0 }; const int cipher_priority[] = { GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR, 0}; const int comp_priority[] = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_NULL, 0 }; const int mac_priority[] = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 }; diff --git a/doc/tex/ex2.tex b/doc/tex/ex2.tex index 9aab9b0dd9..0550e7e002 100644 --- a/doc/tex/ex2.tex +++ b/doc/tex/ex2.tex @@ -25,7 +25,7 @@ int main() char buffer[MAX_BUF + 1]; X509PKI_CLIENT_CREDENTIALS xcred; const int protocol_priority[] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 }; - const int kx_priority[] = { GNUTLS_KX_RSA, 0 }; + const int kx_priority[] = { GNUTLS_KX_X509PKI_RSA, 0 }; const int cipher_priority[] = { GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR, 0}; const int comp_priority[] = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_NULL, 0 }; const int mac_priority[] = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 }; @@ -75,7 +75,7 @@ int main() */ gnutls_compression_set_priority(state, comp_priority); - /* use GNUTLS_KX_RSA + /* use GNUTLS_KX_X509PKI_RSA */ gnutls_kx_set_priority(state, kx_priority); diff --git a/doc/tex/ex3.tex b/doc/tex/ex3.tex index 01a3caf008..7709b39948 100644 --- a/doc/tex/ex3.tex +++ b/doc/tex/ex3.tex @@ -31,7 +31,7 @@ int print_info(GNUTLS_STATE state) /* Check if we have been using ephemeral Diffie Hellman. */ - if (kx == GNUTLS_KX_DHE_RSA || kx == GNUTLS_KX_DHE_DSS) { + if (kx == GNUTLS_KX_X509PKI_DHE_RSA || kx == GNUTLS_KX_X509PKI_DHE_DSS) { printf("\n- Ephemeral DH using prime of %d bits\n", gnutls_x509pki_server_get_dh_bits( state)); } diff --git a/doc/tex/serv1.tex b/doc/tex/serv1.tex index 7d2ef42613..88fbd6dff7 100644 --- a/doc/tex/serv1.tex +++ b/doc/tex/serv1.tex @@ -38,7 +38,7 @@ GNUTLS_STATE initialize_state() GNUTLS_STATE state; int ret; const int protocol_priority[] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 }; - const int kx_priority[] = { GNUTLS_KX_RSA, GNUTLS_KX_DHE_RSA, GNUTLS_KX_SRP, 0 }; + const int kx_priority[] = { GNUTLS_KX_X509PKI_RSA, GNUTLS_KX_X509PKI_DHE_RSA, GNUTLS_KX_SRP, 0 }; const int cipher_priority[] = { GNUTLS_CIPHER_RIJNDAEL_CBC, GNUTLS_CIPHER_3DES_CBC, 0}; const int comp_priority[] = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_NULL, 0 }; const int mac_priority[] = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 }; diff --git a/doc/tex/srp1.tex b/doc/tex/srp1.tex index 4c93016062..9043be15ff 100644 --- a/doc/tex/srp1.tex +++ b/doc/tex/srp1.tex @@ -72,7 +72,7 @@ int main() */ gnutls_compression_set_priority(state, comp_priority); - /* use GNUTLS_KX_RSA + /* use GNUTLS_KX_SRP */ gnutls_kx_set_priority(state, kx_priority); |