From 2539b4476fded160cdf5516d5e416d4489bf0802 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Fri, 6 Jan 2017 08:26:17 +0100 Subject: doc: removed documentation related to OpenPGP Also added section explaining why OpenPGP is being deprecated. Signed-off-by: Nikos Mavrogiannopoulos --- doc/Makefile.am | 20 +- doc/cha-cert-auth.texi | 145 ++------------ doc/cha-functions.texi | 11 -- doc/cha-gtls-app.texi | 10 +- doc/cha-tokens.texi | 10 +- doc/gnutls-pgp.dia | Bin 1872 -> 0 bytes doc/gnutls-pgp.eps | 505 ------------------------------------------------- doc/gnutls-pgp.pdf | Bin 8006 -> 0 bytes doc/gnutls-pgp.png | Bin 19611 -> 0 bytes doc/latex/Makefile.am | 18 +- 10 files changed, 32 insertions(+), 687 deletions(-) delete mode 100644 doc/gnutls-pgp.dia delete mode 100644 doc/gnutls-pgp.eps delete mode 100644 doc/gnutls-pgp.pdf delete mode 100644 doc/gnutls-pgp.png diff --git a/doc/Makefile.am b/doc/Makefile.am index b606394487..6013d2e6b9 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -166,7 +166,6 @@ gnutls_TEXINFOS += gnutls-layers.dia gnutls-layers.eps \ gnutls-layers.png gnutls_TEXINFOS += gnutls-crypto-layers.dia gnutls-crypto-layers.eps \ gnutls-crypto-layers.png -gnutls_TEXINFOS += gnutls-pgp.dia gnutls-pgp.eps gnutls-pgp.png gnutls_TEXINFOS += gnutls-x509.dia gnutls-x509.eps gnutls-x509.png gnutls_TEXINFOS += gnutls-logo.eps gnutls-logo.png gnutls_TEXINFOS += pkcs11-vision.dia pkcs11-vision.eps pkcs11-vision.png @@ -185,7 +184,7 @@ gnutls_TEXINFOS += gnutls-modauth.dia gnutls-modauth.eps \ imagesdir = $(infodir) images_DATA = \ gnutls-handshake-state.png \ - gnutls-layers.png gnutls-modauth.png gnutls-pgp.png \ + gnutls-layers.png gnutls-modauth.png \ gnutls-client-server-use-case.png \ gnutls-handshake-sequence.png gnutls-internals.png \ gnutls-logo.png gnutls-x509.png \ @@ -225,7 +224,7 @@ gnutls-api.texi: $(top_srcdir)/lib/includes/gnutls/gnutls.h.in done mv -f $@-tmp $@ -socket-api.texi: $(top_srcdir)/lib/includes/gnutls/socket.h +pgp-api.texi: $(top_srcdir)/lib/includes/gnutls/openpgp.h echo "" > $@-tmp for i in `$(top_srcdir)/doc/scripts/getfuncs.pl < $< |sort|uniq`; do \ echo $(ECHO_N) "Creating documentation for $$i... " && \ @@ -236,7 +235,7 @@ socket-api.texi: $(top_srcdir)/lib/includes/gnutls/socket.h done mv -f $@-tmp $@ -dane-api.texi: $(top_srcdir)/libdane/includes/gnutls/dane.h +socket-api.texi: $(top_srcdir)/lib/includes/gnutls/socket.h echo "" > $@-tmp for i in `$(top_srcdir)/doc/scripts/getfuncs.pl < $< |sort|uniq`; do \ echo $(ECHO_N) "Creating documentation for $$i... " && \ @@ -247,31 +246,30 @@ dane-api.texi: $(top_srcdir)/libdane/includes/gnutls/dane.h done mv -f $@-tmp $@ -x509-api.texi: $(top_srcdir)/lib/includes/gnutls/x509.h $(top_srcdir)/lib/includes/gnutls/x509-ext.h +dane-api.texi: $(top_srcdir)/libdane/includes/gnutls/dane.h echo "" > $@-tmp - cat $^ > $@-tmp2 - for i in `$(top_srcdir)/doc/scripts/getfuncs.pl < $@-tmp2 |sort |uniq`; do \ + for i in `$(top_srcdir)/doc/scripts/getfuncs.pl < $< |sort|uniq`; do \ echo $(ECHO_N) "Creating documentation for $$i... " && \ $(srcdir)/scripts/gdoc -texinfo \ -function $$i \ $(C_SOURCE_FILES) >> $@-tmp 2>/dev/null && \ echo "ok"; \ done - rm -f $@-tmp2 mv -f $@-tmp $@ -pgp-api.texi: $(top_srcdir)/lib/includes/gnutls/openpgp.h +x509-api.texi: $(top_srcdir)/lib/includes/gnutls/x509.h $(top_srcdir)/lib/includes/gnutls/x509-ext.h echo "" > $@-tmp - for i in `$(top_srcdir)/doc/scripts/getfuncs.pl < $< |sort|uniq`; do \ + cat $^ > $@-tmp2 + for i in `$(top_srcdir)/doc/scripts/getfuncs.pl < $@-tmp2 |sort |uniq`; do \ echo $(ECHO_N) "Creating documentation for $$i... " && \ $(srcdir)/scripts/gdoc -texinfo \ -function $$i \ $(C_SOURCE_FILES) >> $@-tmp 2>/dev/null && \ echo "ok"; \ done + rm -f $@-tmp2 mv -f $@-tmp $@ - pkcs12-api.texi: $(top_srcdir)/lib/includes/gnutls/pkcs12.h echo "" > $@-tmp for i in `$(top_srcdir)/doc/scripts/getfuncs.pl < $< |sort|uniq`; do \ diff --git a/doc/cha-cert-auth.texi b/doc/cha-cert-auth.texi index 60faccb28b..6145fdf851 100644 --- a/doc/cha-cert-auth.texi +++ b/doc/cha-cert-auth.texi @@ -4,9 +4,8 @@ The most known authentication method of @acronym{TLS} are certificates. The PKIX @xcite{PKIX} public key infrastructure is daily used by anyone -using a browser today. @acronym{GnuTLS} supports both -@acronym{X.509} certificates @xcite{PKIX} and @acronym{OpenPGP} -certificates using a common API. +using a browser today. @acronym{GnuTLS} provides a simple API to +use the @acronym{X.509} certificates @xcite{PKIX}. The key exchange algorithms supported by certificate authentication are shown in @ref{tab:key-exchange}. @@ -465,137 +464,17 @@ other verification functions which do not allow setting a purpose, would operate @subsection @acronym{OpenPGP} certificates @cindex OpenPGP certificates -The @acronym{OpenPGP} key authentication relies on a distributed trust -model, called the ``web of trust''. The ``web of trust'' uses a -decentralized system of trusted introducers, which are the same as a -CA. @acronym{OpenPGP} allows anyone to sign anyone else's public -key. When Alice signs Bob's key, she is introducing Bob's key to -anyone who trusts Alice. If someone trusts Alice to introduce keys, -then Alice is a trusted introducer in the mind of that observer. -For example in @ref{fig-openpgp}, David trusts Alice to be an introducer and Alice -signed Bob's key thus Dave trusts Bob's key to be the real one. - -@float Figure,fig-openpgp -@image{gnutls-pgp,8cm} -@caption{An example of the OpenPGP trust model.} -@end float - -There are some key points that are important in that model. In the -example Alice has to sign Bob's key, only if she is sure that the key -belongs to Bob. Otherwise she may also make Dave falsely believe that -this is Bob's key. Dave has also the responsibility to know who to -trust. This model is similar to real life relations. - -Just see how Charlie behaves in the previous example. Although he has -signed Bob's key - because he knows, somehow, that it belongs to Bob - -he does not trust Bob to be an introducer. Charlie decided to trust -only Kevin, for some reason. A reason could be that Bob is lazy -enough, and signs other people's keys without being sure that they -belong to the actual owner. - -@float Table,tab:openpgp-certificate -@multitable @columnfractions .2 .7 - -@headitem Field @tab Description - -@item version @tab -The field that indicates the version of the OpenPGP structure. - -@item user ID @tab -An RFC 2822 string that identifies the owner of the key. There may be -multiple user identifiers in a key. - -@item public key @tab -The main public key of the certificate. - -@item expiration @tab -The expiration time of the main public key. - -@item public subkey @tab -An additional public key of the certificate. There may be multiple subkeys -in a certificate. - -@item public subkey expiration @tab -The expiration time of the subkey. - -@end multitable -@caption{OpenPGP certificate fields.} -@end float - - -@subsubsection @acronym{OpenPGP} certificate structure - -In @acronym{GnuTLS} the @acronym{OpenPGP} certificate structures -@xcite{RFC2440} are handled using the @code{gnutls_openpgp_crt_t} type. -A typical certificate contains the user ID, which is an RFC 2822 -mail and name address, a public key, possibly a number of additional -public keys (called subkeys), and a number of signatures. The various -fields are shown in @ref{tab:openpgp-certificate}. - -The additional subkeys may provide key for various different purposes, -e.g. one key to encrypt mail, and another to sign a TLS key exchange. -Each subkey is identified by a unique key ID. -The keys that are to be used in a TLS key exchange that requires -signatures are called authentication keys in the OpenPGP jargon. -The mapping of TLS key exchange methods to public keys is shown in -@ref{tab:openpgp-key-exchange}. - -@float Table,tab:openpgp-key-exchange -@multitable @columnfractions .2 .7 - -@headitem Key exchange @tab Public key requirements - -@item RSA @tab -An RSA public key that allows encryption. - -@item DHE_@-RSA @tab -An RSA public key that is marked for authentication. - -@item ECDHE_@-RSA @tab -An RSA public key that is marked for authentication. - -@item DHE_@-DSS @tab -A DSA public key that is marked for authentication. - -@end multitable -@caption{The types of (sub)keys required for the various TLS key exchange methods.} -@end float - -The corresponding private keys are stored in the -@code{gnutls_openpgp_privkey_t} type. All the prototypes for the key -handling functions can be found in @file{gnutls/openpgp.h}. - -@subsubsection Verifying an @acronym{OpenPGP} certificate - -The verification functions of @acronym{OpenPGP} keys, included in -@acronym{GnuTLS}, are simple ones, and do not use the features of the -``web of trust''. For that reason, if the verification needs are -complex, the assistance of external tools like @acronym{GnuPG} and -GPGME@footnote{@url{http://www.gnupg.org/related_software/gpgme/}} is -recommended. - -In GnuTLS there is a verification function for OpenPGP certificates, -the @funcref{gnutls_openpgp_crt_verify_ring}. This checks an -@acronym{OpenPGP} key against a given set of public keys (keyring) and -returns the key status. The key verification status is the same as in -@acronym{X.509} certificates, although the meaning and interpretation -are different. For example an @acronym{OpenPGP} key may be valid, if -the self signature is ok, even if no signers were found. The meaning -of verification status flags is the same as in the @acronym{X.509} certificates -(see @ref{gnutls_certificate_verify_flags}). - -@showfuncdesc{gnutls_openpgp_crt_verify_ring} - -@showfuncdesc{gnutls_openpgp_crt_verify_self} - -@subsubsection Verifying a certificate in the context of a TLS session - -Similarly with X.509 certificates, one needs to specify -the OpenPGP keyring file in the credentials structure. The certificates -in this file will be used by @funcref{gnutls_certificate_verify_peers3} -to verify the signatures in the certificate sent by the peer. +Previous versions of GnuTLS supported limited @acronym{OpenPGP} key +authentication. That functionality has been deprecated and although +is still made available, it is no longer recommended to use. +The reason is that, supporting alternative authentication +methods, when X.509 and PKIX were new and not well established, seemed like a +good idea, in today's internet X.509 is unquestionably the main +container for certificates. As such supporting more options with no clear +use-cases, is a distraction that consumes considerable resources for +improving and testing. For that we have decided to mark this functionality +as deprecated, and will be dropped in one of the next GnuTLS major releases. -@showfuncdesc{gnutls_certificate_set_openpgp_keyring_file} @node Advanced certificate verification @subsection Advanced certificate verification diff --git a/doc/cha-functions.texi b/doc/cha-functions.texi index 0a87cfbb65..072de10d7c 100644 --- a/doc/cha-functions.texi +++ b/doc/cha-functions.texi @@ -8,7 +8,6 @@ * X509 certificate API:: * PKCS 7 API:: * OCSP API:: -* OpenPGP API:: * PKCS 12 API:: * PKCS 11 API:: * TPM API:: @@ -61,16 +60,6 @@ checking. Their prototypes lie in @file{gnutls/ocsp.h}. @include ocsp-api.texi -@node OpenPGP API -@section @acronym{OpenPGP} API -@cindex OpenPGP API - -The following functions are to be used for @acronym{OpenPGP} -certificate handling. Their prototypes lie in -@file{gnutls/openpgp.h}. - -@include pgp-api.texi - @node PKCS 12 API @section PKCS 12 API diff --git a/doc/cha-gtls-app.texi b/doc/cha-gtls-app.texi index cb75e4be70..d8bf9adec5 100644 --- a/doc/cha-gtls-app.texi +++ b/doc/cha-gtls-app.texi @@ -553,8 +553,6 @@ already. @showfuncC{gnutls_certificate_set_x509_key_file2,gnutls_certificate_set_x509_key_mem2,gnutls_certificate_set_x509_key} -@showfuncC{gnutls_certificate_set_openpgp_key_file,gnutls_certificate_set_openpgp_key_mem,gnutls_certificate_set_openpgp_key} - It is recommended to use the higher level functions such as @funcref{gnutls_certificate_set_x509_key_file2} which accept not only file names but URLs that specify objects stored in token, or system certificates and keys (see @ref{Application-specific keys}). For these cases, another important @@ -597,7 +595,7 @@ typedef struct gnutls_pcert_st } gnutls_pcert_st; @end verbatim -@showfuncE{gnutls_pcert_import_x509,gnutls_pcert_import_openpgp,gnutls_pcert_import_x509_raw,gnutls_pcert_import_openpgp_raw,gnutls_pcert_deinit} +@showfuncC{gnutls_pcert_import_x509,gnutls_pcert_import_x509_raw,gnutls_pcert_deinit} In a handshake, the negotiated cipher suite depends on the certificate's parameters, so some key exchange methods might not be @@ -633,12 +631,12 @@ signed by server's acceptable signers. Certificate verification is possible by loading the trusted authorities into the credentials structure by using -the following functions, applicable to X.509 and OpenPGP certificates. +the following functions, applicable to X.509 certificates. In modern systems it is recommended to utilize @funcref{gnutls_certificate_set_x509_system_trust} which will load the trusted authorities from the system store. @showfuncdesc{gnutls_certificate_set_x509_system_trust} -@showfuncC{gnutls_certificate_set_x509_trust_file,gnutls_certificate_set_x509_trust_dir,gnutls_certificate_set_openpgp_keyring_file} +@showfuncB{gnutls_certificate_set_x509_trust_file,gnutls_certificate_set_x509_trust_dir} The peer's certificate will be automatically verified if @funcref{gnutls_session_set_verify_cert} is called prior to handshake. @@ -1227,7 +1225,7 @@ CURVE-SECP521R1, and CURVE-X25519. Catch all which enables all curves from NORMAL priority is CURVE-ALL. @item Certificate type @tab -CTYPE-OPENPGP, CTYPE-X509. Catch all is CTYPE-ALL. +The options CTYPE-OPENPGP (deprecated), and CTYPE-X509 are available. Catch all is CTYPE-ALL. @end multitable @caption{The supported algorithm keywords in priority strings.} diff --git a/doc/cha-tokens.texi b/doc/cha-tokens.texi index dd8158ae67..a5c647d0d3 100644 --- a/doc/cha-tokens.texi +++ b/doc/cha-tokens.texi @@ -86,7 +86,7 @@ an existing structure like @code{gnutls_x509_crt_t}, or through an ASN.1 encoding of the X.509 @code{SubjectPublicKeyInfo} sequence. -@showfuncC{gnutls_pubkey_import_x509,gnutls_pubkey_import_openpgp,gnutls_pubkey_import_pkcs11} +@showfuncB{gnutls_pubkey_import_x509,gnutls_pubkey_import_pkcs11} @showfuncD{gnutls_pubkey_import_url,gnutls_pubkey_import_privkey,gnutls_pubkey_import,gnutls_pubkey_export} @@ -95,7 +95,7 @@ sequence. Other helper functions that allow directly importing from raw X.509 or OpenPGP structures are shown below. -@showfuncB{gnutls_pubkey_import_x509_raw,gnutls_pubkey_import_openpgp_raw} +@showfuncA{gnutls_pubkey_import_x509_raw} An important function is @funcref{gnutls_pubkey_import_url} which will import public keys from URLs that identify objects stored in tokens (see @ref{Smart cards and HSMs} and @ref{Trusted Platform Module}). @@ -128,17 +128,15 @@ but unlike public keys it cannot be exported. That is to allow abstraction over keys stored in hardware that makes available only operations. -@showfuncC{gnutls_privkey_import_x509,gnutls_privkey_import_openpgp,gnutls_privkey_import_pkcs11} +@showfuncB{gnutls_privkey_import_x509,gnutls_privkey_import_pkcs11} Other helper functions that allow directly importing from raw X.509 or OpenPGP structures are shown below. Again, as with public keys, private keys can be imported from a hardware module using URLs. -@showfuncB{gnutls_privkey_import_x509_raw,gnutls_privkey_import_openpgp_raw} - @showfuncdesc{gnutls_privkey_import_url} -@showfuncC{gnutls_privkey_get_pk_algorithm,gnutls_privkey_get_type,gnutls_privkey_status} +@showfuncD{gnutls_privkey_import_x509_raw,gnutls_privkey_get_pk_algorithm,gnutls_privkey_get_type,gnutls_privkey_status} In order to support cryptographic operations using an external API, the following function is provided. diff --git a/doc/gnutls-pgp.dia b/doc/gnutls-pgp.dia deleted file mode 100644 index d53584c65f..0000000000 Binary files a/doc/gnutls-pgp.dia and /dev/null differ diff --git a/doc/gnutls-pgp.eps b/doc/gnutls-pgp.eps deleted file mode 100644 index 13a885943c..0000000000 --- a/doc/gnutls-pgp.eps +++ /dev/null @@ -1,505 +0,0 @@ -%!PS-Adobe-2.0 EPSF-2.0 -%%Title: /home/nmav/cvs/gnutls/doc/gnutls-pgp.dia -%%Creator: Dia v0.97.1 -%%CreationDate: Sat Aug 27 23:00:38 2011 -%%For: nmav -%%Orientation: Portrait -%%Magnification: 1.0000 -%%BoundingBox: 0 0 444 362 -%%BeginSetup -%%EndSetup -%%EndComments -%%BeginProlog -[ /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef -/.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef -/.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef -/.notdef /.notdef /space /exclam /quotedbl /numbersign /dollar /percent /ampersand /quoteright -/parenleft /parenright /asterisk /plus /comma /hyphen /period /slash /zero /one -/two /three /four /five /six /seven /eight /nine /colon /semicolon -/less /equal /greater /question /at /A /B /C /D /E -/F /G /H /I /J /K /L /M /N /O -/P /Q /R /S /T /U /V /W /X /Y -/Z /bracketleft /backslash /bracketright /asciicircum /underscore /quoteleft /a /b /c -/d /e /f /g /h /i /j /k /l /m -/n /o /p /q /r /s /t /u /v /w -/x /y /z /braceleft /bar /braceright /asciitilde /.notdef /.notdef /.notdef -/.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef -/.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef -/.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef -/space /exclamdown /cent /sterling /currency /yen /brokenbar /section /dieresis /copyright -/ordfeminine /guillemotleft /logicalnot /hyphen /registered /macron /degree /plusminus /twosuperior /threesuperior -/acute /mu /paragraph /periodcentered /cedilla /onesuperior /ordmasculine /guillemotright /onequarter /onehalf -/threequarters /questiondown /Agrave /Aacute /Acircumflex /Atilde /Adieresis /Aring /AE /Ccedilla -/Egrave /Eacute /Ecircumflex /Edieresis /Igrave /Iacute /Icircumflex /Idieresis /Eth /Ntilde -/Ograve /Oacute /Ocircumflex /Otilde /Odieresis /multiply /Oslash /Ugrave /Uacute /Ucircumflex -/Udieresis /Yacute /Thorn /germandbls /agrave /aacute /acircumflex /atilde /adieresis /aring -/ae /ccedilla /egrave /eacute /ecircumflex /edieresis /igrave /iacute /icircumflex /idieresis -/eth /ntilde /ograve /oacute /ocircumflex /otilde /odieresis /divide /oslash /ugrave -/uacute /ucircumflex /udieresis /yacute /thorn /ydieresis] /isolatin1encoding exch def -/cp {closepath} bind def -/c {curveto} bind def -/f {fill} bind def -/a {arc} bind def -/ef {eofill} bind def -/ex {exch} bind def -/gr {grestore} bind def -/gs {gsave} bind def -/sa {save} bind def -/rs {restore} bind def -/l {lineto} bind def -/m {moveto} bind def -/rm {rmoveto} bind def -/n {newpath} bind def -/s {stroke} bind def -/sh {show} bind def -/slc {setlinecap} bind def -/slj {setlinejoin} bind def -/slw {setlinewidth} bind def -/srgb {setrgbcolor} bind def -/rot {rotate} bind def -/sc {scale} bind def -/sd {setdash} bind def -/ff {findfont} bind def -/sf {setfont} bind def -/scf {scalefont} bind def -/sw {stringwidth pop} bind def -/tr {translate} bind def - -/ellipsedict 8 dict def -ellipsedict /mtrx matrix put -/ellipse -{ ellipsedict begin - /endangle exch def - /startangle exch def - /yrad exch def - /xrad exch def - /y exch def - /x exch def /savematrix mtrx currentmatrix def - x y tr xrad yrad sc - 0 0 1 startangle endangle arc - savematrix setmatrix - end -} def - -/mergeprocs { -dup length -3 -1 roll -dup -length -dup -5 1 roll -3 -1 roll -add -array cvx -dup -3 -1 roll -0 exch -putinterval -dup -4 2 roll -putinterval -} bind def -/Times-Roman-latin1 - /Times-Roman findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/Times-Italic-latin1 - /Times-Italic findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/Times-Bold-latin1 - /Times-Bold findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/Times-BoldItalic-latin1 - /Times-BoldItalic findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/AvantGarde-Gothic-latin1 - /AvantGarde-Gothic findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/AvantGarde-BookOblique-latin1 - /AvantGarde-BookOblique findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/AvantGarde-Demi-latin1 - /AvantGarde-Demi findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/AvantGarde-DemiOblique-latin1 - /AvantGarde-DemiOblique findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/Bookman-Light-latin1 - /Bookman-Light findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/Bookman-LightItalic-latin1 - /Bookman-LightItalic findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/Bookman-Demi-latin1 - /Bookman-Demi findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/Bookman-DemiItalic-latin1 - /Bookman-DemiItalic findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/Courier-latin1 - /Courier findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/Courier-Oblique-latin1 - /Courier-Oblique findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/Courier-Bold-latin1 - /Courier-Bold findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/Courier-BoldOblique-latin1 - /Courier-BoldOblique findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/Helvetica-latin1 - /Helvetica findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/Helvetica-Oblique-latin1 - /Helvetica-Oblique findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/Helvetica-Bold-latin1 - /Helvetica-Bold findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/Helvetica-BoldOblique-latin1 - /Helvetica-BoldOblique findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/Helvetica-Narrow-latin1 - /Helvetica-Narrow findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/Helvetica-Narrow-Oblique-latin1 - /Helvetica-Narrow-Oblique findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/Helvetica-Narrow-Bold-latin1 - /Helvetica-Narrow-Bold findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/Helvetica-Narrow-BoldOblique-latin1 - /Helvetica-Narrow-BoldOblique findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/NewCenturySchlbk-Roman-latin1 - /NewCenturySchlbk-Roman findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/NewCenturySchlbk-Italic-latin1 - /NewCenturySchlbk-Italic findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/NewCenturySchlbk-Bold-latin1 - /NewCenturySchlbk-Bold findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/NewCenturySchlbk-BoldItalic-latin1 - /NewCenturySchlbk-BoldItalic findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/Palatino-Roman-latin1 - /Palatino-Roman findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/Palatino-Italic-latin1 - /Palatino-Italic findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/Palatino-Bold-latin1 - /Palatino-Bold findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/Palatino-BoldItalic-latin1 - /Palatino-BoldItalic findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/Symbol-latin1 - /Symbol findfont -definefont pop -/ZapfChancery-MediumItalic-latin1 - /ZapfChancery-MediumItalic findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -/ZapfDingbats-latin1 - /ZapfDingbats findfont - dup length dict begin - {1 index /FID ne {def} {pop pop} ifelse} forall - /Encoding isolatin1encoding def - currentdict end -definefont pop -28.346000 -28.346000 scale --0.450000 -13.600000 translate -%%EndProlog - - -0.100000 slw -[] 0 sd -1.000000 1.000000 1.000000 srgb -n 4.025000 2.750000 1.925000 1.000000 0 360 ellipse f -0.000000 0.000000 0.000000 srgb -n 4.025000 2.750000 1.925000 1.000000 0 360 ellipse cp s -/Courier-Bold-latin1 ff 0.560000 scf sf -(Alice) dup sw 2 div 4.025000 ex sub 2.682500 m - gs 1 -1 sc sh gr -0.100000 slw -[] 0 sd -1.000000 1.000000 1.000000 srgb -n 2.575000 11.000000 1.625000 1.000000 0 360 ellipse f -0.000000 0.000000 0.000000 srgb -n 2.575000 11.000000 1.625000 1.000000 0 360 ellipse cp s -/Courier-Bold-latin1 ff 0.560000 scf sf -(Bob) dup sw 2 div 2.575000 ex sub 10.932500 m - gs 1 -1 sc sh gr -0.100000 slw -0 slc -[] 0 sd -n 2.611500 4.307109 m 2.604400 10.000000 l s -0 slj -n 2.861500 4.307421 m 2.612498 3.507110 l 2.361500 4.306798 l ef -0.100000 slw -[] 0 sd -0 slj -n 2.861500 4.307421 m 2.612498 3.507110 l 2.361500 4.306798 l cp s -/Helvetica-latin1 ff 0.560000 scf sf -0.100000 slw -0 slc -[] 0 sd -n 3.784081 9.442957 m 3.850000 3.750000 l s -0 slj -n 3.534098 9.440062 m 3.774819 10.242903 l 4.034065 9.445852 l ef -0.100000 slw -[] 0 sd -0 slj -n 3.534098 9.440062 m 3.774819 10.242903 l 4.034065 9.445852 l cp s -0.100000 slw -[] 0 sd -1.000000 1.000000 1.000000 srgb -n 8.075000 7.050000 1.625000 1.000000 0 360 ellipse f -0.000000 0.000000 0.000000 srgb -n 8.075000 7.050000 1.625000 1.000000 0 360 ellipse cp s -/Courier-Bold-latin1 ff 0.560000 scf sf -(Dave) dup sw 2 div 8.075000 ex sub 6.982500 m - gs 1 -1 sc sh gr -0.100000 slw -[] 0 sd -[] 0 sd -0 slc -0 slj -0.100000 slw -0 slc -0 slj -[] 0 sd -n 0.500000 0.900000 m 16.050000 0.900000 l s -0 slc -0 slj -[] 0 sd -n 0.500000 13.550000 m 16.050000 13.550000 l s -0 slc -0 slj -[] 0 sd -n 0.500000 0.900000 m 0.500000 13.550000 l s -0 slc -0 slj -[] 0 sd -n 16.050000 0.900000 m 16.050000 13.550000 l s -0.100000 slw -0 slc -[] 0 sd -n 5.467027 4.447835 m 7.076560 6.342890 l s -0 slj -n 5.657574 4.285996 m 4.949144 3.838082 l 5.276479 4.609673 l ef -0.100000 slw -[] 0 sd -0 slj -n 5.657574 4.285996 m 4.949144 3.838082 l 5.276479 4.609673 l cp s -/Helvetica-latin1 ff 0.560000 scf sf -0.100000 slw -[] 0 sd -[0.400000] 0 sd -0 slc -n 8.589200 6.050000 m 5.745285 3.993798 l s -0.100000 slw -[] 0 sd -0 slj -0 slc -n 6.404219 4.161719 m 5.609442 3.895580 l 6.111262 4.566905 l s -/Courier-latin1 ff 0.560000 scf sf -({Trust}) 7.031400 4.773680 m - gs 1 -1 sc sh gr -0.100000 slw -[] 0 sd -1.000000 1.000000 1.000000 srgb -n 12.797500 10.950000 2.547500 1.000000 0 360 ellipse f -0.000000 0.000000 0.000000 srgb -n 12.797500 10.950000 2.547500 1.000000 0 360 ellipse cp s -/Courier-Bold-latin1 ff 0.560000 scf sf -(Charlie) dup sw 2 div 12.797500 ex sub 10.882500 m - gs 1 -1 sc sh gr -0.100000 slw -[] 0 sd -1.000000 1.000000 1.000000 srgb -n 13.325000 2.950000 1.925000 1.000000 0 360 ellipse f -0.000000 0.000000 0.000000 srgb -n 13.325000 2.950000 1.925000 1.000000 0 360 ellipse cp s -/Courier-Bold-latin1 ff 0.560000 scf sf -(Kevin) dup sw 2 div 13.325000 ex sub 2.882500 m - gs 1 -1 sc sh gr -0.100000 slw -0 slc -[] 0 sd -n 9.949857 5.900506 m 13.150000 3.950000 l s -0 slj -n 9.819744 5.687033 m 9.266745 6.316867 l 10.079970 6.113979 l ef -0.100000 slw -[] 0 sd -0 slj -n 9.819744 5.687033 m 9.266745 6.316867 l 10.079970 6.113979 l cp s -/Helvetica-latin1 ff 0.560000 scf sf -0.100000 slw -[] 0 sd -[0.400000] 0 sd -0 slc -n 12.797500 9.950000 m 13.220701 4.334057 l s -0.100000 slw -[] 0 sd -0 slj -0 slc -n 13.422476 4.983424 m 13.233298 4.166900 l 12.923889 4.945852 l s -/Courier-latin1 ff 0.560000 scf sf -({Trust}) 11.600000 8.600000 m - gs 1 -1 sc sh gr -0.100000 slw -0 slc -[] 0 sd -n 5.108770 10.992907 m 10.250000 10.950000 l s -0 slj -n 5.106684 10.742915 m 4.308798 10.999583 l 5.110857 11.242898 l ef -0.100000 slw -[] 0 sd -0 slj -n 5.106684 10.742915 m 4.308798 10.999583 l 5.110857 11.242898 l cp s -/Helvetica-latin1 ff 0.560000 scf sf -0.100000 slw -0 slc -[] 0 sd -n 13.654446 4.836032 m 14.598900 10.242900 l s -0 slj -n 13.900717 4.793014 m 13.516789 4.047965 l 13.408175 4.879050 l ef -0.100000 slw -[] 0 sd -0 slj -n 13.900717 4.793014 m 13.516789 4.047965 l 13.408175 4.879050 l cp s -showpage diff --git a/doc/gnutls-pgp.pdf b/doc/gnutls-pgp.pdf deleted file mode 100644 index 50b23ccf47..0000000000 Binary files a/doc/gnutls-pgp.pdf and /dev/null differ diff --git a/doc/gnutls-pgp.png b/doc/gnutls-pgp.png deleted file mode 100644 index fd53b2e270..0000000000 Binary files a/doc/gnutls-pgp.png and /dev/null differ diff --git a/doc/latex/Makefile.am b/doc/latex/Makefile.am index a21086b62e..2ae3dff025 100644 --- a/doc/latex/Makefile.am +++ b/doc/latex/Makefile.am @@ -155,24 +155,12 @@ dane-api.tex: $(srcdir)/../../libdane/*.c rm -f $@-tmp mv -f $@-tmp2 $@ -pgp-api.tex: $(srcdir)/../../lib/openpgp/*.c - echo "" > $@-tmp - for i in $^; do \ - echo -n "Creating documentation for file $$i... " && \ - $(srcdir)/../scripts/gdoc -tex $$i >> $@-tmp && \ - echo "ok"; \ - done - $(srcdir)/../scripts/sort1.pl < $@-tmp > $@-tmp2 - $(srcdir)/../scripts/split.pl functions < $@-tmp - rm -f $@-tmp - mv -f $@-tmp2 $@ - -SOURCE_GEN_FILES = pgp-api.tex x509-api.tex gnutls-api.tex gnutls-enums.tex dane-api.tex +SOURCE_GEN_FILES = x509-api.tex gnutls-api.tex gnutls-enums.tex dane-api.tex PDF_FILES = gnutls-client-server-use-case.pdf gnutls-crypto-layers.pdf \ gnutls-handshake-sequence.pdf gnutls-handshake-state.pdf \ gnutls-internals.pdf gnutls-layers.pdf gnutls-logo.pdf \ - gnutls-modauth.pdf gnutls-pgp.pdf gnutls-x509.pdf pkcs11-vision.pdf + gnutls-modauth.pdf gnutls-x509.pdf pkcs11-vision.pdf gnutls.pdf: $(SOURCE_GEN_FILES) $(TEX_OBJECTS) $(GEN_TEX_OBJECTS) $(MAKE) -C .. errcodes printlist alert-printlist @@ -187,7 +175,7 @@ gnutls.pdf: $(SOURCE_GEN_FILES) $(TEX_OBJECTS) $(GEN_TEX_OBJECTS) PNG_FILES = gnutls-client-server-use-case.png gnutls-crypto-layers.png \ gnutls-handshake-sequence.png gnutls-handshake-state.png \ gnutls-internals.png gnutls-layers.png gnutls-logo.png \ - gnutls-modauth.png gnutls-pgp.png gnutls-x509.png pkcs11-vision.png + gnutls-modauth.png gnutls-x509.png pkcs11-vision.png epub.html: $(SOURCE_GEN_FILES) $(TEX_OBJECTS) $(GEN_TEX_OBJECTS) $(MAKE) -C .. errcodes printlist alert-printlist -- cgit v1.2.1