[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_2_99_1-98-gece04d6
From: |
Nikos Mavrogiannopoulos |
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_2_99_1-98-gece04d6 |
Date: |
Wed, 25 May 2011 21:35:22 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=ece04d625ec441abebd535fc8a96a6e80e9da754
The branch, master has been updated
via ece04d625ec441abebd535fc8a96a6e80e9da754 (commit)
via e93bf40128090de59917f45b460753c2cbdcd409 (commit)
via 6b3e506317a0733d70160777c1bbdbbaa86ed7eb (commit)
via fa18b3573dcedddb1857a3e9ec72d0002ef3de20 (commit)
via 0deeccea4f87796474d75c6ce0f617aa864c438c (commit)
via b8ee577afce90c3b2b5f039350f0e4b44d05e9c5 (commit)
via baaf2332ebce8176ec3d5fa54f1580fd5294a7fb (commit)
from c0aae931debb4b059647d5c90a7f903b804f74af (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit ece04d625ec441abebd535fc8a96a6e80e9da754
Author: Giuseppe Scrivano <address@hidden>
Date: Wed May 25 18:33:08 2011 +0200
Fix example in the documentation.
Signed-off-by: Nikos Mavrogiannopoulos <address@hidden>
commit e93bf40128090de59917f45b460753c2cbdcd409
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed May 25 23:31:30 2011 +0200
updated documentation on PSK.
Signed-off-by: Nikos Mavrogiannopoulos <address@hidden>
commit 6b3e506317a0733d70160777c1bbdbbaa86ed7eb
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed May 25 23:27:51 2011 +0200
If Q=-P return the point at infinity.
commit fa18b3573dcedddb1857a3e9ec72d0002ef3de20
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed May 25 20:04:59 2011 +0200
Added elliptic curves chain certificate.
commit 0deeccea4f87796474d75c6ce0f617aa864c438c
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed May 25 00:20:26 2011 +0200
do not try to write to a socket when no data.
commit b8ee577afce90c3b2b5f039350f0e4b44d05e9c5
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Tue May 24 17:50:33 2011 +0200
increased log level
commit baaf2332ebce8176ec3d5fa54f1580fd5294a7fb
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Tue May 24 17:42:22 2011 +0200
_gnutls_handshake_hash_buffer_clear was replaced by _gnutls_buffer_clear();
-----------------------------------------------------------------------
Summary of changes:
doc/cha-programs.texi | 12 +++++-----
lib/gnutls_buffers.c | 6 +++++
lib/gnutls_buffers.h | 3 --
lib/gnutls_handshake.c | 2 +-
lib/nettle/ecc_projective_add_point.c | 33 ++++++++++++++++++++-------
tests/chainverify.c | 39 +++++++++++++++++++++++++++++++++
tests/openpgpself.c | 2 +-
7 files changed, 77 insertions(+), 20 deletions(-)
diff --git a/doc/cha-programs.texi b/doc/cha-programs.texi
index 8b9aea5..dfca748 100644
--- a/doc/cha-programs.texi
+++ b/doc/cha-programs.texi
@@ -404,7 +404,7 @@ To connect to a server using PSK authentication, you may
use something
like:
@smallexample
-$ gnutls-cli -p 5556 test.gnutls.org --pskusername jas --pskkey
9e32cf7786321a828ef7668f09fb35db --priority NORMAL:+PSK:-RSA:-DHE-RSA -d 4711
+$ gnutls-cli -p 5556 test.gnutls.org --pskusername jas --pskkey
9e32cf7786321a828ef7668f09fb35db --priority NORMAL:+DHE-PSK:+PSK:-RSA:-DHE-RSA
-d 4711
@end smallexample
@menu
@@ -422,10 +422,10 @@ should be as simple as connecting to the server:
$ ./gnutls-cli -p 5556 localhost
Resolving 'localhost'...
Connecting to '127.0.0.1:5556'...
-- PSK client callback. PSK hint 'psk_identity_hint'
+- PSK client callback.
Enter PSK identity: psk_identity
Enter password:
-- PSK authentication. PSK hint 'psk_identity_hint'
+- PSK authentication.
- Version: TLS1.1
- Key Exchange: PSK
- Cipher: AES-128-CBC
@@ -446,10 +446,10 @@ password, you can also give the PSK username and key
directly on the
command line:
@smallexample
-$ ./gnutls-cli -p 5556 localhost --pskusername psk_identity --pskkey
88f3824b3e5659f52d00e959bacab954b6540344
+$ ./gnutls-cli -p 5556 localhost --pskusername psk_identity --pskkey
88f3824b3e5659f52d00e959bacab954b6540344 --priority NORMAL:+DHE-PSK:+PSK
Resolving 'localhost'...
Connecting to '127.0.0.1:5556'...
-- PSK authentication. PSK hint 'psk_identity_hint'
+- PSK authentication.
- Version: TLS1.1
- Key Exchange: PSK
- Cipher: AES-128-CBC
@@ -760,7 +760,7 @@ password file (@pxref{Invoking psktool}). In the example
below, I
type @code{password} at the prompt.
@smallexample
-$ ./psktool -u psk_identity -p psks.txt -n psk_identity_hint
+$ ./psktool -u psk_identity -p psks.txt
Enter password:
Key stored to psks.txt
$ cat psks.txt
diff --git a/lib/gnutls_buffers.c b/lib/gnutls_buffers.c
index 3a7cca2..1ca46ee 100644
--- a/lib/gnutls_buffers.c
+++ b/lib/gnutls_buffers.c
@@ -554,6 +554,12 @@ _gnutls_io_write_flush (gnutls_session_t session)
}
}
+ if (tosend == 0)
+ {
+ gnutls_assert();
+ return 0;
+ }
+
ret = _gnutls_writev (session, iovec, i);
if (ret >= 0)
{
diff --git a/lib/gnutls_buffers.h b/lib/gnutls_buffers.h
index bc432bd..8eb3ac4 100644
--- a/lib/gnutls_buffers.h
+++ b/lib/gnutls_buffers.h
@@ -52,9 +52,6 @@ int _gnutls_handshake_hash_buffer_put (gnutls_session_t
session, opaque * data,
int _gnutls_handshake_hash_buffer_get_ptr (gnutls_session_t session,
opaque ** data_ptr, size_t * length);
-#define _gnutls_handshake_hash_buffer_clear(session)
_gnutls_buffer_clear(&session->internals.handshake_hash_buffer)
-
-
/* Does not free the buffer
*/
static inline void
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c
index d42d415..babf71e 100644
--- a/lib/gnutls_handshake.c
+++ b/lib/gnutls_handshake.c
@@ -104,7 +104,7 @@ _gnutls_handshake_hash_buffers_clear (gnutls_session_t
session)
session->security_parameters.handshake_mac_handle_type = 0;
session->internals.handshake_mac_handle_init = 0;
- _gnutls_handshake_hash_buffer_clear (session);
+ _gnutls_buffer_clear(&session->internals.handshake_hash_buffer);
}
/* this will copy the required values for resuming to
diff --git a/lib/nettle/ecc_projective_add_point.c
b/lib/nettle/ecc_projective_add_point.c
index daf77ba..35d12bc 100644
--- a/lib/nettle/ecc_projective_add_point.c
+++ b/lib/nettle/ecc_projective_add_point.c
@@ -26,13 +26,13 @@
@param P The point to add
@param Q The point to add
@param R [out] The destination of the double
+ @param a Curve's a value
@param modulus The modulus of the field the ECC curve is in
- @param mp The "b" value from montgomery_setup()
@return 0 on success
*/
int
ecc_projective_add_point (ecc_point * P, ecc_point * Q, ecc_point * R,
- mpz_t A, mpz_t modulus)
+ mpz_t a, mpz_t modulus)
{
mpz_t t1, t2, x, y, z;
int err;
@@ -47,17 +47,32 @@ ecc_projective_add_point (ecc_point * P, ecc_point * Q,
ecc_point * R,
return err;
}
- /* should we dbl instead? */
- mpz_sub (t1, modulus, Q->y);
-
+ /* Check if P == Q and do doubling in that case
+ * If Q == -P then P+Q=point at infinity
+ */
if ((mpz_cmp (P->x, Q->x) == 0) &&
- (Q->z != NULL && mpz_cmp (P->z, Q->z) == 0) &&
- (mpz_cmp (P->y, Q->y) == 0 || mpz_cmp (P->y, t1) == 0))
+ (mpz_cmp (P->z, Q->z) == 0))
{
- mp_clear_multi (&t1, &t2, &x, &y, &z, NULL);
- return ecc_projective_dbl_point (P, R, A, modulus);
+ /* x and z coordinates match. Check if P->y = Q->y, or P->y = -Q->y
+ */
+ if (mpz_cmp (P->y, Q->y) == 0)
+ {
+ mp_clear_multi (&t1, &t2, &x, &y, &z, NULL);
+ return ecc_projective_dbl_point (P, R, a, modulus);
+ }
+
+ mpz_sub (t1, modulus, Q->y);
+ if (mpz_cmp (P->y, t1) == 0)
+ {
+ mp_clear_multi (&t1, &t2, &x, &y, &z, NULL);
+ mpz_set_ui(R->x, 1);
+ mpz_set_ui(R->y, 1);
+ mpz_set_ui(R->z, 0);
+ return 0;
+ }
}
+
mpz_set (x, P->x);
mpz_set (y, P->y);
mpz_set (z, P->z);
diff --git a/tests/chainverify.c b/tests/chainverify.c
index 8cd5244..65c4bcf 100644
--- a/tests/chainverify.c
+++ b/tests/chainverify.c
@@ -675,6 +675,43 @@ static const char *cacertrsamd5[] = {
NULL
};
+/* Test Certicom cert with ECC-SHA256 signature. */
+static const char *ecc_cert[] = {
+ /* chain[0] (ECC cert) */
+"-----BEGIN CERTIFICATE-----\n"
+"MIICbzCCAhSgAwIBAgIIZLkW6EZO5PQwCgYIKoZIzj0EAwIwgZsxFDASBgNVBAsT\n"
+"C1NBTVBMRSBPTkxZMRcwFQYDVQQKEw5DZXJ0aWNvbSBDb3JwLjEQMA4GA1UEBxMH\n"
+"VG9yb250bzEQMA4GA1UEBBMHT250YXJpbzE5MDcGA1UEAxMwdGxzLnNlY2cub3Jn\n"
+"IEVDQyBzZWNwMjU2cjEgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MQswCQYDVQQGEwJD\n"
+"QTAeFw0wOTA1MDcwMDAwMDBaFw0xNTA1MDEwMDAwMDBaMIGYMRQwEgYDVQQLEwtT\n"
+"QU1QTEUgT05MWTEXMBUGA1UEChMOQ2VydGljb20gQ29ycC4xEDAOBgNVBAcTB1Rv\n"
+"cm9udG8xEDAOBgNVBAgTB09udGFyaW8xNjA0BgNVBAMTLXRscy5zZWNnLm9yZyBF\n"
+"Q0Mgc2VjcDI1NnIxIFNlcnZlciBDZXJ0aWZpY2F0ZTELMAkGA1UEBhMCQ0EwWTAT\n"
+"BgcqhkjOPQIBBggqhkjOPQMBBwNCAATf63kPhr3D6a2scrHWVr0oOXQMnBDT6Jv/\n"
+"ifqzt4/xTbXsZNEyD96nyh82sk0tM+FVfBlsIwGc7vqBfyq0mC/Io0MwQTAOBgNV\n"
+"HQ8BAf8EBAMCA4gwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwEwFwYDVR0RBBAwDoIM\n"
+"dGxzLnNlY2cub3JnMAoGCCqGSM49BAMCA0kAMEYCIQDfacZHsdsj6SXQ2hyJS4Do\n"
+"SMclqGLo2Sop7hfAeEJA+wIhAOMo7eLya44SIcuzrLBpg29g5ZzYOeuEzRcg9mch\n"
+"AB1w\n"
+"-----END CERTIFICATE-----\n",
+"-----BEGIN CERTIFICATE-----\n"
+"MIICTjCCAfagAwIBAgIICvq6Bj3Av6EwCQYHKoZIzj0EATCBmzEUMBIGA1UECxML\n"
+"U0FNUExFIE9OTFkxFzAVBgNVBAoTDkNlcnRpY29tIENvcnAuMRAwDgYDVQQHEwdU\n"
+"b3JvbnRvMRAwDgYDVQQEEwdPbnRhcmlvMTkwNwYDVQQDEzB0bHMuc2VjZy5vcmcg\n"
+"RUNDIHNlY3AyNTZyMSBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxCzAJBgNVBAYTAkNB\n"
+"MB4XDTA2MDUwMTAwMDAwMFoXDTE1MDUwMTAwMDAwMFowgZsxFDASBgNVBAsTC1NB\n"
+"TVBMRSBPTkxZMRcwFQYDVQQKEw5DZXJ0aWNvbSBDb3JwLjEQMA4GA1UEBxMHVG9y\n"
+"b250bzEQMA4GA1UEBBMHT250YXJpbzE5MDcGA1UEAxMwdGxzLnNlY2cub3JnIEVD\n"
+"QyBzZWNwMjU2cjEgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MQswCQYDVQQGEwJDQTBZ\n"
+"MBMGByqGSM49AgEGCCqGSM49AwEHA0IABB2oofFVa6akTK6hpaJLs+6skdhn0sQp\n"
+"uJwVwG99T0VZY8v7q6NMIWrpYQFmOxQyVVNlxWWyr2cLYJTyqx/zuDejIzAhMA4G\n"
+"A1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MAkGByqGSM49BAEDRwAwRAIg\n"
+"W2KAhfAKWFoh47A7muk8K10cGqOKRtb9lCgdOltj19oCIG+ZJQv5m+RnL4X2Ti0y\n"
+"ZJzOOuzBQVGiUFwZdn1dLv4X\n"
+"-----END CERTIFICATE-----\n",
+ NULL
+};
+
static struct
{
const char *name;
@@ -744,6 +781,8 @@ static struct
GNUTLS_CERT_SIGNER_NOT_FOUND | GNUTLS_CERT_INVALID },
{ "cacertrsamd5 short-cut ok", cacertrsamd5, &cacertrsamd5[1],
0, 0 },
+ { "ecc cert ok", ecc_cert, &ecc_cert[1],
+ 0, 0 },
{ NULL, NULL, NULL, 0, 0}
};
/* *INDENT-ON* */
diff --git a/tests/openpgpself.c b/tests/openpgpself.c
index 388385c..5d36c30 100644
--- a/tests/openpgpself.c
+++ b/tests/openpgpself.c
@@ -144,7 +144,7 @@ client (void)
gnutls_global_set_log_function (tls_log_func);
if (debug)
- gnutls_global_set_log_level (5);
+ gnutls_global_set_log_level (9);
gnutls_certificate_allocate_credentials (&xcred);
hooks/post-receive
--
GNU gnutls
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_2_99_1-98-gece04d6,
Nikos Mavrogiannopoulos <=