[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_0-106-g08d1b02
From: |
Nikos Mavrogiannopoulos |
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_0-106-g08d1b02 |
Date: |
Tue, 23 Aug 2011 16:13:01 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=08d1b02784517fbe5353e2732cd1937ae9b35bb7
The branch, master has been updated
via 08d1b02784517fbe5353e2732cd1937ae9b35bb7 (commit)
from 1e5ae673bb3dcadc4897a08009ffff947988d9b5 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
doc/cha-auth.texi | 2 +-
doc/cha-bib.texi | 4 ++++
doc/cha-cert-auth.texi | 21 ++++++++++++++-------
doc/cha-gtls-app.texi | 6 +++---
doc/cha-intro-tls.texi | 9 +++++----
doc/latex/gnutls.bib | 9 +++++++++
doc/latex/gnutls.tex | 2 +-
7 files changed, 37 insertions(+), 16 deletions(-)
diff --git a/doc/cha-auth.texi b/doc/cha-auth.texi
index 0b20115..c7d4dfe 100644
--- a/doc/cha-auth.texi
+++ b/doc/cha-auth.texi
@@ -137,7 +137,7 @@ and require Diffie-Hellman parameters to be generated and
associated with a cred
structure, by the server (see @ref{Parameter generation}).
@float Table,tab:key-exchange
address@hidden @columnfractions .3 .7
address@hidden @columnfractions .2 .7
@headitem Key exchange @tab Description
diff --git a/doc/cha-bib.texi b/doc/cha-bib.texi
index ef51fbb..a27509b 100644
--- a/doc/cha-bib.texi
+++ b/doc/cha-bib.texi
@@ -164,6 +164,10 @@ November 2007, available from
@url{http://www.ietf.org/rfc/rfc5056}.
J. Altman, N. Williams, L. Zhu, "Channel Bindings for TLS", July 2010,
available from @url{http://www.ietf.org/rfc/rfc5929}.
address@hidden @anchor{PKCS11URI}[PKCS11URI]
+J. Pechanec, D. Moffat, "The PKCS#11 URI Scheme", August 2011,
+Work in progress, available from
@url{http://tools.ietf.org/html/draft-pechanec-pkcs11uri-05}.
+
@item @anchor{ANDERSON}[ANDERSON]
R. J. Anderson, "Security Engineering: A Guide to Building Dependable
Distributed Systems",
John Wiley \& Sons, Inc., 2001.
diff --git a/doc/cha-cert-auth.texi b/doc/cha-cert-auth.texi
index c1c0ddf..1d5357a 100644
--- a/doc/cha-cert-auth.texi
+++ b/doc/cha-cert-auth.texi
@@ -45,7 +45,7 @@ certificate holder, the signer, a unique serial number,
expiration
dates and some other fields @xcite{PKIX} as shown in @ref{tab:x509}.
@float Table,tab:x509
address@hidden @columnfractions .3 .7
address@hidden @columnfractions .2 .7
@headitem Field @tab Description
@@ -93,7 +93,7 @@ belongs to a CA etc. All the supported @acronym{X.509}
version 3
extensions are shown in @ref{tab:x509-ext}.
@float Table,tab:x509-ext
address@hidden @columnfractions .3 .2 .5
address@hidden @columnfractions .3 .2 .4
@headitem Extension @tab OID @tab Description
@@ -178,7 +178,7 @@ are equivalent and will verify the peer's certificate chain
in a TLS session.
@float Table,tab:cert-verify
address@hidden @columnfractions .55 .45
address@hidden @columnfractions .46 .44
@headitem Flag @tab Description
@@ -215,7 +215,7 @@ flags are part of the enumeration
@code{gnutls_certificate_verify_flags} and are explained in
@ref{tab:cert-flags}.
@float Table,tab:cert-flags
address@hidden @columnfractions .5 .5
address@hidden @columnfractions .5 .4
@headitem Flag @tab Description
@item address@hidden @tab
@@ -485,10 +485,11 @@ when accessing a protected object, such as a private key,
as well as probe
the user to insert the token. All the initialization functions are below.
@showfuncdesc{gnutls_pkcs11_init}
address@hidden
+
@showfuncdesc{gnutls_pkcs11_set_token_function}
@showfuncdesc{gnutls_pkcs11_set_pin_function}
@showfuncdesc{gnutls_pkcs11_add_provider}
address@hidden
Note that due to limitations of @acronym{PKCS} #11 there are issues when
multiple libraries
are sharing a module. To avoid this problem GnuTLS uses @acronym{p11-kit}
@@ -498,7 +499,7 @@ multiple users.
@subsection Reading objects
All @acronym{PKCS} #11 objects are referenced by @acronym{GnuTLS} functions by
-URLs as described in @code{draft-pechanec-pkcs11uri-05}.
+URLs as described in @xcite{PKCS11URI}.
This allows for a consistent naming of objects across systems and applications
in the same system. For example a public
key on a smart card may be referenced as:
@@ -579,9 +580,10 @@ to prevent its extraction. An object can be marked as
private using the flag
@address@hidden@address@hidden@-PRIVATE}, to require PIN to be
entered before accessing the object (for operations or otherwise).
address@hidden
@showfuncdesc{gnutls_pkcs11_copy_x509_privkey}
+
@showfuncdesc{gnutls_pkcs11_copy_x509_crt}
address@hidden
@subsection Using a @acronym{PKCS} #11 token with TLS
@@ -642,6 +644,7 @@ sequence.
@showfuncB{gnutls_pubkey_init,gnutls_pubkey_deinit}
@showfuncdesc{gnutls_pubkey_import_x509}
+
@showfuncdesc{gnutls_pubkey_import_openpgp}
@showfuncdesc{gnutls_pubkey_import_pkcs11}
@showfuncdesc{gnutls_pubkey_import_pkcs11_url}
@@ -653,6 +656,7 @@ Additional functions are available that will return
information over a public key.
@showfuncdesc{gnutls_pubkey_get_pk_algorithm}
+
@showfuncdesc{gnutls_pubkey_get_preferred_hash_algorithm}
@showfuncdesc{gnutls_pubkey_get_key_id}
@@ -667,6 +671,7 @@ are not extractable.
@showfuncB{gnutls_privkey_init,gnutls_privkey_deinit}
@showfuncdesc{gnutls_privkey_import_x509}
+
@showfuncdesc{gnutls_privkey_import_openpgp}
@showfuncdesc{gnutls_privkey_import_pkcs11}
@@ -681,6 +686,7 @@ The abstract key types can be used to access signing and
signature verification operations with the underlying keys.
@showfuncdesc{gnutls_pubkey_verify_data2}
+
@showfuncdesc{gnutls_pubkey_verify_hash}
@showfuncdesc{gnutls_privkey_sign_data}
@showfuncdesc{gnutls_privkey_sign_hash}
@@ -691,6 +697,7 @@ keys with structures is also possible using the
key abstractions.
@showfuncdesc{gnutls_x509_crq_set_pubkey}
+
@showfuncdesc{gnutls_x509_crt_set_pubkey}
@showfuncdesc{gnutls_x509_crt_privkey_sign}
@showfuncdesc{gnutls_x509_crl_privkey_sign}
diff --git a/doc/cha-gtls-app.texi b/doc/cha-gtls-app.texi
index 8d18e41..814d722 100644
--- a/doc/cha-gtls-app.texi
+++ b/doc/cha-gtls-app.texi
@@ -285,7 +285,7 @@ later on.
@showfuncD{gnutls_priority_set_direct,gnutls_priority_init,gnutls_priority_deinit,gnutls_priority_set}
@float Table,tab:prio-keywords
address@hidden @columnfractions .30 .70
address@hidden @columnfractions .20 .70
@headitem Keyword @tab Description
@item PERFORMANCE @tab
All the "secure" ciphersuites are enabled,
@@ -353,7 +353,7 @@ appended with an algorithm will add this algorithm.
@float Table,tab:prio-algorithms
address@hidden @columnfractions .30 .70
address@hidden @columnfractions .20 .70
@headitem Type @tab Keywords
@item Ciphers @tab
AES-128-CBC, AES-256-CBC, AES-128-GCM, CAMELLIA-128-CBC,
@@ -394,7 +394,7 @@ CURVE-SECP224R1, CURVE-SECP256R1, CURVE-SECP384R1,
CURVE-SECP521R1. Catch all is
@float Table,tab:prio-special
address@hidden @columnfractions .50 .50
address@hidden @columnfractions .45 .45
@headitem Keyword @tab Description
@item %COMPAT @tab
diff --git a/doc/cha-intro-tls.texi b/doc/cha-intro-tls.texi
index 623ba07..f71b305 100644
--- a/doc/cha-intro-tls.texi
+++ b/doc/cha-intro-tls.texi
@@ -124,7 +124,7 @@ The supported in @acronym{GnuTLS} ciphers and MAC
algorithms are shown in @ref{t
@ref{tab:macs}.
@float Table,tab:ciphers
address@hidden @columnfractions .30 .70
address@hidden @columnfractions .20 .70
@headitem Algorithm @tab Description
@item 3DES_CBC @tab
This is the DES block cipher algorithm used with triple
@@ -158,7 +158,7 @@ CRYPTREC projects.
@float Table,tab:macs
address@hidden @columnfractions .30 .70
address@hidden @columnfractions .20 .70
@headitem Algorithm @tab Description
@item MAC_MD5 @tab
This is a cryptographic hash algorithm designed by Ron Rivest. Outputs
@@ -524,7 +524,8 @@ resume functions, @ref{resume}.
@showfuncdesc{gnutls_session_ticket_enable_client}
@subsection Safe renegotiation
address@hidden renegotiation
address@hidden Renegotiation
address@hidden Safe renegotiation
TLS gives the option to two communicating parties to renegotiate
and update their security parameters. One useful example of this feature
@@ -626,7 +627,7 @@ can be used both by clients and servers.
@node Selecting cryptographic key sizes
@section Selecting cryptographic key sizes
address@hidden key sizes
address@hidden Key sizes
In TLS, since a lot of algorithms are involved, it is not easy to set
a consistent security level. For this reason in @ref{tab:key-sizes} we
diff --git a/doc/latex/gnutls.bib b/doc/latex/gnutls.bib
index 11ec38c..7d07e89 100644
--- a/doc/latex/gnutls.bib
+++ b/doc/latex/gnutls.bib
@@ -297,3 +297,12 @@
publisher = {John Wiley \& Sons, Inc.},
address = {New York, NY, USA},
}
+
address@hidden,
+ author="Jan Pechanec and Darren J. Moffat",
+ title="{The PKCS 11 URI Scheme}",
+ month="August",
+ year=2011,
+ note = "Work in progress, available from
\url{http://tools.ietf.org/html/draft-pechanec-pkcs11uri-05}",
+ url = "http://tools.ietf.org/html/draft-pechanec-pkcs11uri-05"
+}
diff --git a/doc/latex/gnutls.tex b/doc/latex/gnutls.tex
index b05264b..7be1cc6 100644
--- a/doc/latex/gnutls.tex
+++ b/doc/latex/gnutls.tex
@@ -1,7 +1,7 @@
\documentclass[fontsize=10pt,twoside,openright]{scrbook}
\bibliographystyle{plain}
-\usepackage[paperwidth=18.91cm,paperheight=24.589cm,twoside,bindingoffset=9mm,outer=2.2cm,inner=1cm,top=2.6cm,bottom=2.5cm]{geometry}
+\usepackage[paperwidth=18.91cm,paperheight=24.589cm,twoside,bindingoffset=11mm,outer=2.2cm,inner=1.2cm,top=2.6cm,bottom=2.5cm]{geometry}
\usepackage{fancyhdr}
\usepackage{graphicx}
\usepackage{makeidx}
hooks/post-receive
--
GNU gnutls
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_3_0_0-106-g08d1b02,
Nikos Mavrogiannopoulos <=