summaryrefslogtreecommitdiff
path: root/lib/auth
Commit message (Collapse)AuthorAgeFilesLines
* avoid allocating a privkey param for the public key.Nikos Mavrogiannopoulos2012-01-111-16/+10
|
* _gnutls_proc_cert_client_certificate and ↵Nikos Mavrogiannopoulos2012-01-076-18/+16
| | | | _gnutls_proc_cert_server_certificate renamed to _gnutls_proc_certificate.
* GNUTLS_PK_ECC -> GNUTLS_PK_ECNikos Mavrogiannopoulos2012-01-022-5/+5
|
* cipher_suite_st is no longer used internally. We only use a point to 2 bytes.Nikos Mavrogiannopoulos2011-12-133-3/+3
|
* Diffie Hellman PKCS #3 parameters now contain the recommended private key size.Nikos Mavrogiannopoulos2011-12-125-13/+14
| | | | | By using the recommended key size the calculations for the server side are reduced, giving a 50% increase in DH calculations.
* Optimizations in DH parameter generation.Nikos Mavrogiannopoulos2011-12-124-7/+7
| | | | | | The larger prime is find first and the big loop needs to find a smaller prime, increasing performance. The _gnutls_rnd() function is now inline and GNUTLS_RND_NONCE doesn't update random generator state.
* updated client certificate signature algorithm indication, to allow holding ↵Nikos Mavrogiannopoulos2011-11-181-11/+11
| | | | 3 algorithms.
* Verify that received ECDH public key lies on the curve.Nikos Mavrogiannopoulos2011-11-051-10/+11
|
* Fix typo.Simon Josefsson2011-11-021-3/+2
|
* Added 3072 and 4096-bit groups from RFC5054.Nikos Mavrogiannopoulos2011-11-012-2/+125
|
* more builddir fixes by David Hoyt.Nikos Mavrogiannopoulos2011-10-221-0/+1
|
* Added -I$(builddir)/../../gl to CFLAGS.Nikos Mavrogiannopoulos2011-10-211-0/+1
|
* removed more extra.h leftovers.Nikos Mavrogiannopoulos2011-10-211-1/+1
|
* Added new signing callback in gnutls_privkey_t.Nikos Mavrogiannopoulos2011-10-071-0/+4
|
* Fix syntax-check warnings.Simon Josefsson2011-09-211-3/+2
|
* Corrected memory leak in privkey deinitialization. Reported by Dan Winship.Nikos Mavrogiannopoulos2011-09-181-0/+2
|
* Memory leak fixes in ECC ciphersuites and the trust_list.Nikos Mavrogiannopoulos2011-09-091-0/+6
|
* Removed the limitation of one name per certificate.Nikos Mavrogiannopoulos2011-08-192-4/+5
|
* gnutls_certificate_set_x509_key_file() and friends support server name ↵Nikos Mavrogiannopoulos2011-08-172-32/+79
| | | | | | | indication. If multiple certificates are set using this function the proper one will be selected during a handshake, with the limitation of a single name per certificate.
* better placement of ifdefs.Nikos Mavrogiannopoulos2011-08-051-3/+3
|
* Clarify license and copyright.Simon Josefsson2011-08-0324-74/+50
|
* documentation fixesNikos Mavrogiannopoulos2011-07-233-6/+6
|
* Upgraded to LGPLv3.Nikos Mavrogiannopoulos2011-06-2315-75/+45
|
* The attached patch ports gnutls to p11-kit.Stef Walter2011-06-071-1/+8
| | | | | p11-kit is added as a dependency. p11-kit itself has no dependencies outside of basic libc stuff. The source code for p11-kit is available both in git and tarball form. [3] If the gnutls dependency on p11-kit is disabled (via a configure option) then the PKCS#11 support is disabled. This is useful in bare bones embedded systems or places where very minimal dependencies are limited.
* Remove unused variablesStef Walter2011-06-062-4/+2
| | | | | | * GCC 4.6.0 prints a warning, and build failes with -Wunused Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* simplified _gnutls_selected_cert_supported_kx().Nikos Mavrogiannopoulos2011-06-031-1/+1
|
* gnutls/crypto.h no longer includes functions to register ciphers.Nikos Mavrogiannopoulos2011-06-024-7/+7
| | | | | | | | | | | | | | Thus the following functions - gnutls_crypto_bigint_register - gnutls_crypto_cipher_register - gnutls_crypto_digest_register - gnutls_crypto_mac_register - gnutls_crypto_pk_register - gnutls_crypto_rnd_register - gnutls_crypto_single_cipher_register - gnutls_crypto_single_digest_register - gnutls_crypto_single_mac_register are only available internally via crypto-backend.h.
* Take into account each and every advertized public key algorithm when ↵Nikos Mavrogiannopoulos2011-05-282-113/+149
| | | | selecting a certificate. Previously we were assuming only RSA or DSA, or ANY.
* gnutls_secure_malloc() is no longer used.Nikos Mavrogiannopoulos2011-05-281-1/+1
|
* deinitialize PSK key memory.Nikos Mavrogiannopoulos2011-05-282-2/+11
|
* explicitly request for client key in server side.Nikos Mavrogiannopoulos2011-05-281-20/+6
|
* Added ECDHE-PSK ciphersuites for TLS (RFC 5489).Nikos Mavrogiannopoulos2011-05-278-63/+217
|
* Added new headers.gnutls_2_99_2Nikos Mavrogiannopoulos2011-05-261-1/+1
|
* Added support for verifying server certificates with ECDSA.Nikos Mavrogiannopoulos2011-05-222-3/+23
|
* gnutls_pk_params_st is used internally to transfer public key parameters. ↵Nikos Mavrogiannopoulos2011-05-225-52/+33
| | | | This replaces the raw bigint_t arrays.
* Curve TLS ID is being stored in algorithms/ecc.c.Nikos Mavrogiannopoulos2011-05-211-2/+2
|
* gnutls_algorithms.c was split into manageable files in algorithms/.Nikos Mavrogiannopoulos2011-05-216-6/+6
|
* Added OIDs and definitions for ECDSA signature algorithm.Nikos Mavrogiannopoulos2011-05-211-3/+3
|
* Added support for ECDHE-RSA ciphersuites.Nikos Mavrogiannopoulos2011-05-214-39/+71
|
* client side ECC fixes.Nikos Mavrogiannopoulos2011-05-201-0/+2
|
* Account 'A' in calculations for point doubling.Nikos Mavrogiannopoulos2011-05-201-10/+11
|
* Initial ecc support. Adds support for anonymous ECDH ciphersuites.Nikos Mavrogiannopoulos2011-05-205-1/+398
|
* Added gnutls_global_set_audit_log_function() that allows associating TLS ↵Nikos Mavrogiannopoulos2011-05-073-5/+5
| | | | session with several important issues.
* Added gnutls_certificate_set_retrieve_function2() to replaceNikos Mavrogiannopoulos2011-04-212-8/+38
| | | | | | gnutls_certificate_set_retrieve_function(). The new one is a efficient for busy servers because it eliminates the need for the server to encode the certificate to DER format.
* Eliminated the need for sign_algo in gnutls_pcert_st. This meansNikos Mavrogiannopoulos2011-04-201-13/+1
| | | | | | that we don't follow RFC5246 by letter, but there wasn't any other implementation using the sign_algorithm part of the certificate selection, and this helps reduce complexity.
* Combined external abstract API with internal usage of gnutls_cert.Nikos Mavrogiannopoulos2011-04-176-171/+177
| | | | | | | This results to a gnutls_pcert_st struct exported in abstract.h. This change will allow a certificate retrieval callback that does not require gnutls to decode or encode the provided certificate.
* The auth_ and ext_ files were moved to respective directories.Nikos Mavrogiannopoulos2011-04-1621-0/+7216
View Lorry Controller Status