[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_8-41-g730a346
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_8-41-g730a346 |
|
Date: |
Thu, 08 Dec 2011 23:05:14 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=730a3462665dea6101b7a0a6b2ba655b604ab04c
The branch, master has been updated
via 730a3462665dea6101b7a0a6b2ba655b604ab04c (commit)
via 7682403b52c818f11e5bdc391e8ff34043dba67b (commit)
via 1754cc47ac4b474796a262ce5a5645626b2b4252 (commit)
via 4b39d65406cdca6b0323bf5d8b42819a31c16b73 (commit)
from 2a8cf749ad2e5bcc99f7e3283aea066dbf92bf2a (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 730a3462665dea6101b7a0a6b2ba655b604ab04c
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Fri Dec 9 00:07:04 2011 +0100
be less verbose.
commit 7682403b52c818f11e5bdc391e8ff34043dba67b
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Fri Dec 9 00:04:00 2011 +0100
documented fix
commit 1754cc47ac4b474796a262ce5a5645626b2b4252
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Fri Dec 9 00:02:55 2011 +0100
Added ECDHE-ECDSA test.
commit 4b39d65406cdca6b0323bf5d8b42819a31c16b73
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Fri Dec 9 00:02:06 2011 +0100
The timing resistant ecc_mulmod() is only used when signing using the ECDSA
private key. This improves performance in all other cases that do not require
timing resistance.
-----------------------------------------------------------------------
Summary of changes:
NEWS | 3 +
lib/nettle/Makefile.am | 2 +-
lib/nettle/ecc.h | 3 +-
lib/nettle/ecc_make_key.c | 20 +-
lib/nettle/ecc_mulmod.c | 277 ++++++++++++----------
lib/nettle/{ecc_mulmod.c => ecc_mulmod_timing.c} | 2 +-
lib/nettle/ecc_sign_hash.c | 2 +-
src/benchmark-tls.c | 44 +++-
tests/x509cert.c | 3 +-
9 files changed, 209 insertions(+), 147 deletions(-)
copy lib/nettle/{ecc_mulmod.c => ecc_mulmod_timing.c} (98%)
diff --git a/NEWS b/NEWS
index d0bbd9e..298d816 100644
--- a/NEWS
+++ b/NEWS
@@ -4,6 +4,9 @@ See the end for copying conditions.
* Version 3.0.9 (unreleased)
+** libgnutls: Optimizations in the elliptic curve code (timing
+attacks resistant code is only used in ECDSA private key operations).
+
** doc: man pages for API functions generation was fixed and are
now added again in the distribution.
diff --git a/lib/nettle/Makefile.am b/lib/nettle/Makefile.am
index 24552dc..e637bb1 100644
--- a/lib/nettle/Makefile.am
+++ b/lib/nettle/Makefile.am
@@ -37,4 +37,4 @@ libcrypto_la_SOURCES = pk.c mpi.c mac.c cipher.c rnd.c init.c
egd.c egd.h \
multi.c ecc_free.c ecc.h ecc_make_key.c ecc_shared_secret.c \
ecc_map.c ecc_mulmod.c ecc_points.c ecc_projective_dbl_point_3.c \
ecc_projective_add_point.c ecc_projective_check_point.c \
- ecc_sign_hash.c ecc_verify_hash.c gnettle.h
+ ecc_sign_hash.c ecc_verify_hash.c gnettle.h ecc_mulmod_timing.c
diff --git a/lib/nettle/ecc.h b/lib/nettle/ecc.h
index d5a5fa0..7e0ed01 100644
--- a/lib/nettle/ecc.h
+++ b/lib/nettle/ecc.h
@@ -84,7 +84,7 @@ void ecc_sizes(int *low, int *high);
int ecc_get_size(ecc_key *key);
int ecc_make_key(void *random_ctx, nettle_random_func random, ecc_key *key,
const ecc_set_type *dp);
-int ecc_make_key_ex(void *random_ctx, nettle_random_func random, ecc_key *key,
mpz_t prime, mpz_t order, mpz_t A, mpz_t B, mpz_t Gx, mpz_t Gy);
+int ecc_make_key_ex(void *random_ctx, nettle_random_func random, ecc_key *key,
mpz_t prime, mpz_t order, mpz_t A, mpz_t B, mpz_t Gx, mpz_t Gy, int timing_res);
void ecc_free(ecc_key *key);
int ecc_shared_secret(ecc_key *private_key, ecc_key *public_key,
@@ -111,6 +111,7 @@ int ecc_projective_add_point(ecc_point *P, ecc_point *Q,
ecc_point *R, mpz_t A,
/* R = kG */
int ecc_mulmod(mpz_t k, ecc_point *G, ecc_point *R, mpz_t a, mpz_t modulus,
int map);
+int ecc_mulmod_timing(mpz_t k, ecc_point *G, ecc_point *R, mpz_t a, mpz_t
modulus, int map);
/* map P to affine from projective */
int ecc_map(ecc_point *P, mpz_t modulus);
diff --git a/lib/nettle/ecc_make_key.c b/lib/nettle/ecc_make_key.c
index 4972eab..34b6d63 100644
--- a/lib/nettle/ecc_make_key.c
+++ b/lib/nettle/ecc_make_key.c
@@ -38,12 +38,14 @@
@param A The "a" parameter of the curve
@param Gx The x coordinate of the base point
@param Gy The y coordinate of the base point
+ @timing_res If non zero the function will try to return in constant
time.
@return 0 if successful, upon error all allocated memory will be freed
*/
int
ecc_make_key_ex (void *random_ctx, nettle_random_func random, ecc_key * key,
- mpz_t prime, mpz_t order, mpz_t A, mpz_t B, mpz_t Gx, mpz_t
Gy)
+ mpz_t prime, mpz_t order, mpz_t A, mpz_t B, mpz_t Gx, mpz_t
Gy,
+ int timing_res)
{
int err;
ecc_point *base;
@@ -99,12 +101,14 @@ ecc_make_key_ex (void *random_ctx, nettle_random_func
random, ecc_key * key,
mpz_mod (key->k, key->k, key->order);
}
/* make the public key */
- if ((err =
- ecc_mulmod (key->k, base, &key->pubkey, key->A, key->prime,
- 1)) != 0)
- {
- goto errkey;
- }
+ if (timing_res)
+ err = ecc_mulmod_timing (key->k, base, &key->pubkey, key->A, key->prime,
1);
+ else
+ err = ecc_mulmod (key->k, base, &key->pubkey, key->A, key->prime, 1);
+
+ if (err != 0)
+ goto errkey;
+
key->type = PK_PRIVATE;
/* free up ram */
@@ -142,7 +146,7 @@ ecc_make_key (void *random_ctx, nettle_random_func random,
ecc_key * key,
mpz_set_str (A, (char *) dp->A, 16);
mpz_set_str (B, (char *) dp->B, 16);
- err = ecc_make_key_ex (random_ctx, random, key, prime, order, A, B, Gx, Gy);
+ err = ecc_make_key_ex (random_ctx, random, key, prime, order, A, B, Gx, Gy,
0);
mp_clear_multi (&prime, &order, &A, &B, &Gx, &Gy, NULL);
cleanup:
diff --git a/lib/nettle/ecc_mulmod.c b/lib/nettle/ecc_mulmod.c
index 2f12759..2c1d46e 100644
--- a/lib/nettle/ecc_mulmod.c
+++ b/lib/nettle/ecc_mulmod.c
@@ -24,153 +24,170 @@
#include "ecc.h"
-/*
- @file ecc_mulmod_timing.c
- ECC Crypto, Tom St Denis
-*/
+/* size of sliding window, don't change this! */
+#define WINSIZE 4
-/*
- Perform a point multiplication (timing resistant)
+/**
+ Perform a point multiplication
@param k The scalar to multiply by
@param G The base point
@param R [out] Destination for kG
- @param a The a value of the curve
@param modulus The modulus of the field the ECC curve is in
@param map Boolean whether to map back to affine or not (1==map, 0 ==
leave in projective)
- @return 0 on success
+ @return CRYPT_OK on success
*/
int
ecc_mulmod (mpz_t k, ecc_point * G, ecc_point * R, mpz_t a, mpz_t modulus,
int map)
+
{
- ecc_point *tG, *M[3];
- int i, j, err;
- int bit_to_read;
- int mode;
+ ecc_point *tG, *M[8];
+ int i, j, err, bitidx;
+ int first, bitbuf, bitcpy, bitcnt, mode;
- if (k == NULL || G == NULL || R == NULL || modulus == NULL)
- return -1;
+ if (k == NULL || G == NULL || R == NULL || modulus == NULL)
+ return -1;
/* alloc ram for window temps */
- for (i = 0; i < 3; i++)
- {
- M[i] = ecc_new_point ();
- if (M[i] == NULL)
- {
- for (j = 0; j < i; j++)
- {
- ecc_del_point (M[j]);
- }
- return -1;
- }
- }
-
- /* make a copy of G incase R==G */
- tG = ecc_new_point ();
- if (tG == NULL)
- {
- err = -1;
- goto done;
- }
-
- /* tG = G and convert to montgomery */
- mpz_set (tG->x, G->x);
- mpz_set (tG->y, G->y);
- mpz_set (tG->z, G->z);
-
- /* calc the M tab */
- /* M[0] == G */
- mpz_set (M[0]->x, tG->x);
- mpz_set (M[0]->y, tG->y);
- mpz_set (M[0]->z, tG->z);
- /* M[1] == 2G */
- if ((err = ecc_projective_dbl_point (tG, M[1], a, modulus)) != 0)
- {
- goto done;
- }
-
- /* setup sliding window */
- mode = 0;
- bit_to_read = mpz_size (k) * GMP_NUMB_BITS - 1;
-
- /* perform ops */
- for (;;)
- {
- /* grab next digit as required */
- if (bit_to_read == -1)
- break;
- i = mpz_tstbit (k, bit_to_read--);
-
- if (mode == 0 && i == 0)
- {
- /* dummy operations */
- if ((err =
- ecc_projective_add_point (M[0], M[1], M[2], a,
- modulus)) != 0)
- {
- goto done;
- }
- if ((err =
- ecc_projective_dbl_point (M[1], M[2], a, modulus)) != 0)
- {
- goto done;
- }
- continue;
- }
-
- if (mode == 0 && i == 1)
- {
- mode = 1;
- /* dummy operations */
- if ((err =
- ecc_projective_add_point (M[0], M[1], M[2], a,
- modulus)) != 0)
- {
- goto done;
- }
- if ((err =
- ecc_projective_dbl_point (M[1], M[2], a, modulus)) != 0)
- {
- goto done;
- }
- continue;
- }
-
- if ((err =
- ecc_projective_add_point (M[0], M[1], M[i ^ 1], a,
- modulus)) != 0)
- {
+ for (i = 0; i < 8; i++) {
+ M[i] = ecc_new_point();
+ if (M[i] == NULL) {
+ for (j = 0; j < i; j++) {
+ ecc_del_point(M[j]);
+ }
+
+ return -1;
+ }
+ }
+
+ /* make a copy of G incase R==G */
+ tG = ecc_new_point();
+ if (tG == NULL)
+ {
+ err = -1;
+ goto done;
+ }
+
+ /* tG = G and convert to montgomery */
+ mpz_set (tG->x, G->x);
+ mpz_set (tG->y, G->y);
+ mpz_set (tG->z, G->z);
+
+ /* calc the M tab, which holds kG for k==8..15 */
+ /* M[0] == 8G */
+ if ((err = ecc_projective_dbl_point (tG, M[0], a, modulus)) != 0)
+ goto done;
+
+ if ((err = ecc_projective_dbl_point (M[0], M[0], a, modulus)) != 0)
+ goto done;
+
+ if ((err = ecc_projective_dbl_point (M[0], M[0], a, modulus)) != 0)
+ goto done;
+
+ /* now find (8+k)G for k=1..7 */
+ for (j = 9; j < 16; j++) {
+ if (ecc_projective_add_point(M[j-9], tG, M[j-8], a, modulus) != 0)
+ goto done;
+ }
+
+ /* setup sliding window */
+ mode = 0;
+ bitcnt = 1;
+ bitidx = mpz_size (k) * GMP_NUMB_BITS - 1;
+ bitcpy = bitbuf = 0;
+ first = 1;
+
+ /* perform ops */
+ for (;;) {
+ /* grab next digit as required */
+ if (bitidx == -1) {
+ break;
+ }
+
+ /* grab the next msb from the ltiplicand */
+ i = mpz_tstbit (k, bitidx--);
+
+ /* skip leading zero bits */
+ if (mode == 0 && i == 0) {
+ continue;
+ }
+
+ /* if the bit is zero and mode == 1 then we double */
+ if (mode == 1 && i == 0) {
+ if ((err = ecc_projective_dbl_point(R, R, a, modulus)) != 0)
goto done;
- }
- if ((err = ecc_projective_dbl_point (M[i], M[i], a, modulus)) != 0)
- {
- goto done;
- }
- }
-
- /* copy result out */
- mpz_set (R->x, M[0]->x);
- mpz_set (R->y, M[0]->y);
- mpz_set (R->z, M[0]->z);
-
- /* map R back from projective space */
- if (map)
- {
- err = ecc_map (R, modulus);
+ continue;
+ }
+
+ /* else we add it to the window */
+ bitbuf |= (i << (WINSIZE - ++bitcpy));
+ mode = 2;
+
+ if (bitcpy == WINSIZE) {
+ /* if this is the first window we do a simple copy */
+ if (first == 1) {
+ /* R = kG [k = first window] */
+ mpz_set(R->x, M[bitbuf-8]->x);
+ mpz_set(R->y, M[bitbuf-8]->y);
+ mpz_set(R->z, M[bitbuf-8]->z);
+ first = 0;
+ } else {
+ /* normal window */
+ /* ok window is filled so double as required and add */
+ /* double first */
+ for (j = 0; j < WINSIZE; j++) {
+ if ((err = ecc_projective_dbl_point(R, R, a, modulus)) != 0)
+ goto done;
+ }
+
+ /* then add, bitbuf will be 8..15 [8..2^WINSIZE] guaranteed */
+ if ((err = ecc_projective_add_point(R, M[bitbuf-8], R, a, modulus))
!= 0)
+ goto done;
+ }
+ /* empty window and reset */
+ bitcpy = bitbuf = 0;
+ mode = 1;
}
- else
- {
+ }
+
+ /* if bits remain then double/add */
+ if (mode == 2 && bitcpy > 0) {
+ /* double then add */
+ for (j = 0; j < bitcpy; j++) {
+ /* only double if we have had at least one add first */
+ if (first == 0) {
+ if ((err = ecc_projective_dbl_point(R, R, a, modulus)) != 0)
+ goto done;
+ }
+
+ bitbuf <<= 1;
+ if ((bitbuf & (1 << WINSIZE)) != 0) {
+ if (first == 1){
+ /* first add, so copy */
+ mpz_set(R->x, tG->x);
+ mpz_set(R->y, tG->y);
+ mpz_set(R->z, tG->z);
+ first = 0;
+ } else {
+ /* then add */
+ if ((err = ecc_projective_add_point(R, tG, R, a, modulus)) != 0)
+ goto done;
+ }
+ }
+ }
+ }
+
+ /* map R back from projective space */
+ if (map) {
+ err = ecc_map(R, modulus);
+ } else {
err = 0;
- }
+ }
done:
- ecc_del_point (tG);
- for (i = 0; i < 3; i++)
- {
- ecc_del_point (M[i]);
- }
- return err;
+ ecc_del_point(tG);
+ for (i = 0; i < 8; i++) {
+ ecc_del_point(M[i]);
+ }
+ return err;
}
-/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_mulmod_timing.c,v $ */
-/* $Revision: 1.13 $ */
-/* $Date: 2007/05/12 14:32:35 $ */
diff --git a/lib/nettle/ecc_mulmod.c b/lib/nettle/ecc_mulmod_timing.c
similarity index 98%
copy from lib/nettle/ecc_mulmod.c
copy to lib/nettle/ecc_mulmod_timing.c
index 2f12759..349fdd8 100644
--- a/lib/nettle/ecc_mulmod.c
+++ b/lib/nettle/ecc_mulmod_timing.c
@@ -40,7 +40,7 @@
@return 0 on success
*/
int
-ecc_mulmod (mpz_t k, ecc_point * G, ecc_point * R, mpz_t a, mpz_t modulus,
+ecc_mulmod_timing (mpz_t k, ecc_point * G, ecc_point * R, mpz_t a, mpz_t
modulus,
int map)
{
ecc_point *tG, *M[3];
diff --git a/lib/nettle/ecc_sign_hash.c b/lib/nettle/ecc_sign_hash.c
index 04c3f1d..674260f 100644
--- a/lib/nettle/ecc_sign_hash.c
+++ b/lib/nettle/ecc_sign_hash.c
@@ -72,7 +72,7 @@ ecc_sign_hash (const unsigned char *in, unsigned long inlen,
{
if ((err =
ecc_make_key_ex (random_ctx, random, &pubkey, key->prime,
- key->order, key->A, key->B, key->Gx, key->Gy)) !=
0)
+ key->order, key->A, key->B, key->Gx, key->Gy, 1))
!= 0)
{
goto errnokey;
}
diff --git a/src/benchmark-tls.c b/src/benchmark-tls.c
index dcfdbe6..b0597c5 100644
--- a/src/benchmark-tls.c
+++ b/src/benchmark-tls.c
@@ -42,6 +42,7 @@
#define PRIO_DH
"NONE:+VERS-TLS1.0:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+DHE-RSA"
#define PRIO_ECDH
"NONE:+VERS-TLS1.0:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+ECDHE-RSA:+CURVE-SECP224R1"
+#define PRIO_ECDHE_ECDSA
"NONE:+VERS-TLS1.0:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+ECDHE-ECDSA:+CURVE-SECP224R1"
#define PRIO_RSA
"NONE:+VERS-TLS1.0:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+RSA"
#define PRIO_AES_CBC_SHA1
"NONE:+VERS-TLS1.0:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-DH"
@@ -49,6 +50,8 @@
#define PRIO_AES_GCM
"NONE:+VERS-TLS1.2:+AES-128-GCM:+AEAD:+SIGN-ALL:+COMP-NULL:+ANON-DH"
#define PRIO_CAMELLIA_CBC_SHA1
"NONE:+VERS-TLS1.0:+CAMELLIA-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-DH"
+/* #define PARAMS_1024 */
+
#ifdef PARAMS_1024
const char *pkcs3 =
"-----BEGIN DH PARAMETERS-----\n"
@@ -168,16 +171,48 @@ static unsigned char server_key_pem[] =
"-----END RSA PRIVATE KEY-----\n";
#endif
+static unsigned char server_ecc_key_pem[] =
+ "-----BEGIN EC PRIVATE KEY-----\n"
+ "MGgCAQEEHHX3xeBOGgIxxtuhhpbwdwZnJztR7+uZTHnYuL+gBwYFK4EEACGhPAM6\n"
+ "AATS8yZ/9bStGhSoHEflSr5z+xHvoSWbJkx7bOPdT09EnSZoqy0Q4eSloNpJTqzY\n"
+ "fKL0vzzBLVlfSA==\n"
+ "-----END EC PRIVATE KEY-----\n";
+
+static unsigned char server_ecc_cert_pem[] =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIICsDCCAWigAwIBAgIETeC0kjANBgkqhkiG9w0BAQsFADAZMRcwFQYDVQQDEw5H\n"
+ "bnVUTFMgVGVzdCBDQTAeFw0xMTA1MjgwODM4NDNaFw0zODEwMTIwODM4NDZaMDEx\n"
+ "LzAtBgNVBAMTJkdudVRMUyBUZXN0IHNlcnZlciAoRUNEU0EgY2VydGlmaWNhdGUp\n"
+ "ME4wEAYHKoZIzj0CAQYFK4EEACEDOgAE0vMmf/W0rRoUqBxH5Uq+c/sR76ElmyZM\n"
+ "e2zj3U9PRJ0maKstEOHkpaDaSU6s2Hyi9L88wS1ZX0ijgY0wgYowDAYDVR0TAQH/\n"
+ "BAIwADAUBgNVHREEDTALgglsb2NhbGhvc3QwEwYDVR0lBAwwCgYIKwYBBQUHAwEw\n"
+ "DwYDVR0PAQH/BAUDAweAADAdBgNVHQ4EFgQUJ97Q83IFpLgqeOnT1rX/JzCvlTQw\n"
+ "HwYDVR0jBBgwFoAUTVa3agBY8WeS9KZ1VRuOUwED788wDQYJKoZIhvcNAQELBQAD\n"
+ "ggExAErP9z8CCwt7YwA+SHoulNjqcXsngeKAKN9fVgV/XuspG6L2nU1WZvCjjFj6\n"
+ "jggMbJSElyCuLZJKlTC/DihXUgRXyswOzg9qQ7dDv+V/Qi95XH5slXNzYxMQSdoA\n"
+ "IaULVVDZcMFMVSc+TyAchJ6XwUY9umiysz3lSOioMQCch4MA366ZNqqnq5OD4moH\n"
+ "1SUX8CbRjA6SLpvffexLTB2Af+mFi8ReTkXCwB1LGEH1HRp/XzBc+/F9mavy3g/6\n"
+ "Hnjf2E1h2GDYXcJCVfE+ArjNS+R94jJwRMFBvwD/x2hsvpSajDpO0+GIxlGGKdyh\n"
+ "7o4puz/BqHwSzX9h7I7RvFEogDUNUzLgHMdcjq5usnmQpdWNUP8Xs/WqLjML+/PT\n"
+ "+jyCwmll0lPlC2RqAx3pM1XrjjQ=\n"
+ "-----END CERTIFICATE-----\n";
const gnutls_datum_t server_cert = { server_cert_pem,
sizeof (server_cert_pem)
};
-
const gnutls_datum_t server_key = { server_key_pem,
sizeof (server_key_pem)
};
+const gnutls_datum_t server_ecc_cert = { server_ecc_cert_pem,
+ sizeof (server_ecc_cert_pem)
+};
+
+const gnutls_datum_t server_ecc_key = { server_ecc_key_pem,
+ sizeof (server_ecc_key_pem)
+};
+
char buffer[64 * 1024];
static void tls_log_func(int level, const char *str)
@@ -316,6 +351,8 @@ static void test_ciphersuite_kx(const char *cipher_prio)
gnutls_certificate_set_x509_key_mem (s_certcred, &server_cert, &server_key,
GNUTLS_X509_FMT_PEM);
+ gnutls_certificate_set_x509_key_mem (s_certcred, &server_ecc_cert,
&server_ecc_key,
+ GNUTLS_X509_FMT_PEM);
start_benchmark(&st);
@@ -402,14 +439,13 @@ void benchmark_tls(int debug_level)
test_ciphersuite(PRIO_CAMELLIA_CBC_SHA1, 4096);
test_ciphersuite(PRIO_CAMELLIA_CBC_SHA1, 8 * 1024);
test_ciphersuite(PRIO_CAMELLIA_CBC_SHA1, 15 * 1024);
- printf("\n");
- printf("Testing key exchanges:\n");
+ printf("\nTesting key exchanges:\n");
test_ciphersuite_kx(PRIO_DH);
test_ciphersuite_kx(PRIO_ECDH);
+ test_ciphersuite_kx(PRIO_ECDHE_ECDSA);
test_ciphersuite_kx(PRIO_RSA);
-
gnutls_global_deinit();
}
diff --git a/tests/x509cert.c b/tests/x509cert.c
index 78d0049..f591904 100644
--- a/tests/x509cert.c
+++ b/tests/x509cert.c
@@ -196,7 +196,8 @@ doit (void)
if (ret < 0)
fail("gnutls_certificate_get_isser");
- fprintf(stderr, "Issuer's DN: %s\n", dn);
+ if (debug)
+ fprintf(stderr, "Issuer's DN: %s\n", dn);
for (i=0;i<list_size;i++)
gnutls_x509_crt_deinit(list[i]);
gnutls_certificate_free_credentials(x509_cred);
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_3_0_8-41-g730a346,
Nikos Mavrogiannopoulos <=