Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | avoid allocating a privkey param for the public key. | Nikos Mavrogiannopoulos | 2012-01-11 | 1 | -16/+10 |
| | |||||
* | _gnutls_proc_cert_client_certificate and ↵ | Nikos Mavrogiannopoulos | 2012-01-07 | 6 | -18/+16 |
| | | | | _gnutls_proc_cert_server_certificate renamed to _gnutls_proc_certificate. | ||||
* | GNUTLS_PK_ECC -> GNUTLS_PK_EC | Nikos Mavrogiannopoulos | 2012-01-02 | 2 | -5/+5 |
| | |||||
* | cipher_suite_st is no longer used internally. We only use a point to 2 bytes. | Nikos Mavrogiannopoulos | 2011-12-13 | 3 | -3/+3 |
| | |||||
* | Diffie Hellman PKCS #3 parameters now contain the recommended private key size. | Nikos Mavrogiannopoulos | 2011-12-12 | 5 | -13/+14 |
| | | | | | By using the recommended key size the calculations for the server side are reduced, giving a 50% increase in DH calculations. | ||||
* | Optimizations in DH parameter generation. | Nikos Mavrogiannopoulos | 2011-12-12 | 4 | -7/+7 |
| | | | | | | The larger prime is find first and the big loop needs to find a smaller prime, increasing performance. The _gnutls_rnd() function is now inline and GNUTLS_RND_NONCE doesn't update random generator state. | ||||
* | updated client certificate signature algorithm indication, to allow holding ↵ | Nikos Mavrogiannopoulos | 2011-11-18 | 1 | -11/+11 |
| | | | | 3 algorithms. | ||||
* | Verify that received ECDH public key lies on the curve. | Nikos Mavrogiannopoulos | 2011-11-05 | 1 | -10/+11 |
| | |||||
* | Fix typo. | Simon Josefsson | 2011-11-02 | 1 | -3/+2 |
| | |||||
* | Added 3072 and 4096-bit groups from RFC5054. | Nikos Mavrogiannopoulos | 2011-11-01 | 2 | -2/+125 |
| | |||||
* | more builddir fixes by David Hoyt. | Nikos Mavrogiannopoulos | 2011-10-22 | 1 | -0/+1 |
| | |||||
* | Added -I$(builddir)/../../gl to CFLAGS. | Nikos Mavrogiannopoulos | 2011-10-21 | 1 | -0/+1 |
| | |||||
* | removed more extra.h leftovers. | Nikos Mavrogiannopoulos | 2011-10-21 | 1 | -1/+1 |
| | |||||
* | Added new signing callback in gnutls_privkey_t. | Nikos Mavrogiannopoulos | 2011-10-07 | 1 | -0/+4 |
| | |||||
* | Fix syntax-check warnings. | Simon Josefsson | 2011-09-21 | 1 | -3/+2 |
| | |||||
* | Corrected memory leak in privkey deinitialization. Reported by Dan Winship. | Nikos Mavrogiannopoulos | 2011-09-18 | 1 | -0/+2 |
| | |||||
* | Memory leak fixes in ECC ciphersuites and the trust_list. | Nikos Mavrogiannopoulos | 2011-09-09 | 1 | -0/+6 |
| | |||||
* | Removed the limitation of one name per certificate. | Nikos Mavrogiannopoulos | 2011-08-19 | 2 | -4/+5 |
| | |||||
* | gnutls_certificate_set_x509_key_file() and friends support server name ↵ | Nikos Mavrogiannopoulos | 2011-08-17 | 2 | -32/+79 |
| | | | | | | | indication. If multiple certificates are set using this function the proper one will be selected during a handshake, with the limitation of a single name per certificate. | ||||
* | better placement of ifdefs. | Nikos Mavrogiannopoulos | 2011-08-05 | 1 | -3/+3 |
| | |||||
* | Clarify license and copyright. | Simon Josefsson | 2011-08-03 | 24 | -74/+50 |
| | |||||
* | documentation fixes | Nikos Mavrogiannopoulos | 2011-07-23 | 3 | -6/+6 |
| | |||||
* | Upgraded to LGPLv3. | Nikos Mavrogiannopoulos | 2011-06-23 | 15 | -75/+45 |
| | |||||
* | The attached patch ports gnutls to p11-kit. | Stef Walter | 2011-06-07 | 1 | -1/+8 |
| | | | | | p11-kit is added as a dependency. p11-kit itself has no dependencies outside of basic libc stuff. The source code for p11-kit is available both in git and tarball form. [3] If the gnutls dependency on p11-kit is disabled (via a configure option) then the PKCS#11 support is disabled. This is useful in bare bones embedded systems or places where very minimal dependencies are limited. | ||||
* | Remove unused variables | Stef Walter | 2011-06-06 | 2 | -4/+2 |
| | | | | | | * GCC 4.6.0 prints a warning, and build failes with -Wunused Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||||
* | simplified _gnutls_selected_cert_supported_kx(). | Nikos Mavrogiannopoulos | 2011-06-03 | 1 | -1/+1 |
| | |||||
* | gnutls/crypto.h no longer includes functions to register ciphers. | Nikos Mavrogiannopoulos | 2011-06-02 | 4 | -7/+7 |
| | | | | | | | | | | | | | | Thus the following functions - gnutls_crypto_bigint_register - gnutls_crypto_cipher_register - gnutls_crypto_digest_register - gnutls_crypto_mac_register - gnutls_crypto_pk_register - gnutls_crypto_rnd_register - gnutls_crypto_single_cipher_register - gnutls_crypto_single_digest_register - gnutls_crypto_single_mac_register are only available internally via crypto-backend.h. | ||||
* | Take into account each and every advertized public key algorithm when ↵ | Nikos Mavrogiannopoulos | 2011-05-28 | 2 | -113/+149 |
| | | | | selecting a certificate. Previously we were assuming only RSA or DSA, or ANY. | ||||
* | gnutls_secure_malloc() is no longer used. | Nikos Mavrogiannopoulos | 2011-05-28 | 1 | -1/+1 |
| | |||||
* | deinitialize PSK key memory. | Nikos Mavrogiannopoulos | 2011-05-28 | 2 | -2/+11 |
| | |||||
* | explicitly request for client key in server side. | Nikos Mavrogiannopoulos | 2011-05-28 | 1 | -20/+6 |
| | |||||
* | Added ECDHE-PSK ciphersuites for TLS (RFC 5489). | Nikos Mavrogiannopoulos | 2011-05-27 | 8 | -63/+217 |
| | |||||
* | Added new headers.gnutls_2_99_2 | Nikos Mavrogiannopoulos | 2011-05-26 | 1 | -1/+1 |
| | |||||
* | Added support for verifying server certificates with ECDSA. | Nikos Mavrogiannopoulos | 2011-05-22 | 2 | -3/+23 |
| | |||||
* | gnutls_pk_params_st is used internally to transfer public key parameters. ↵ | Nikos Mavrogiannopoulos | 2011-05-22 | 5 | -52/+33 |
| | | | | This replaces the raw bigint_t arrays. | ||||
* | Curve TLS ID is being stored in algorithms/ecc.c. | Nikos Mavrogiannopoulos | 2011-05-21 | 1 | -2/+2 |
| | |||||
* | gnutls_algorithms.c was split into manageable files in algorithms/. | Nikos Mavrogiannopoulos | 2011-05-21 | 6 | -6/+6 |
| | |||||
* | Added OIDs and definitions for ECDSA signature algorithm. | Nikos Mavrogiannopoulos | 2011-05-21 | 1 | -3/+3 |
| | |||||
* | Added support for ECDHE-RSA ciphersuites. | Nikos Mavrogiannopoulos | 2011-05-21 | 4 | -39/+71 |
| | |||||
* | client side ECC fixes. | Nikos Mavrogiannopoulos | 2011-05-20 | 1 | -0/+2 |
| | |||||
* | Account 'A' in calculations for point doubling. | Nikos Mavrogiannopoulos | 2011-05-20 | 1 | -10/+11 |
| | |||||
* | Initial ecc support. Adds support for anonymous ECDH ciphersuites. | Nikos Mavrogiannopoulos | 2011-05-20 | 5 | -1/+398 |
| | |||||
* | Added gnutls_global_set_audit_log_function() that allows associating TLS ↵ | Nikos Mavrogiannopoulos | 2011-05-07 | 3 | -5/+5 |
| | | | | session with several important issues. | ||||
* | Added gnutls_certificate_set_retrieve_function2() to replace | Nikos Mavrogiannopoulos | 2011-04-21 | 2 | -8/+38 |
| | | | | | | gnutls_certificate_set_retrieve_function(). The new one is a efficient for busy servers because it eliminates the need for the server to encode the certificate to DER format. | ||||
* | Eliminated the need for sign_algo in gnutls_pcert_st. This means | Nikos Mavrogiannopoulos | 2011-04-20 | 1 | -13/+1 |
| | | | | | | that we don't follow RFC5246 by letter, but there wasn't any other implementation using the sign_algorithm part of the certificate selection, and this helps reduce complexity. | ||||
* | Combined external abstract API with internal usage of gnutls_cert. | Nikos Mavrogiannopoulos | 2011-04-17 | 6 | -171/+177 |
| | | | | | | | This results to a gnutls_pcert_st struct exported in abstract.h. This change will allow a certificate retrieval callback that does not require gnutls to decode or encode the provided certificate. | ||||
* | The auth_ and ext_ files were moved to respective directories. | Nikos Mavrogiannopoulos | 2011-04-16 | 21 | -0/+7216 |