delta/gnutls.git/lib/includes, branch tmp-remove-debugging-code gitlab.com: gnutls/gnutls.git sign APIs: introduce RSA-RAW signing algorithm 2017-08-17T08:43:29+00:00 Nikos Mavrogiannopoulos nmav@redhat.com 2017-08-17T07:59:53+00:00 01c95e4df8d3132642ab3b2f57d8ba97509976ad This ensures that there is a signing algorithm for all the operations we support. Previously, we required GNUTLS_SIGN_UNKNOWN to be acceptable by signing functions to accomodate for raw RSA operations. Now we make that explicit and in the process clean-up the API. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> 
This ensures that there is a signing algorithm for all the operations
we support. Previously, we required GNUTLS_SIGN_UNKNOWN to be acceptable
by signing functions to accomodate for raw RSA operations. Now we make
that explicit and in the process clean-up the API.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
gnutls_privkey_import_ext4: introduced to allow signing with RSA-PSS or Ed25519 keys 2017-08-15T12:05:17+00:00 Nikos Mavrogiannopoulos nmav@redhat.com 2017-08-04T13:00:46+00:00 50bce8588102ac729d80e804c879c9debd78861a That function allows a signing callback which passes the signature algorithm, providing all the information to callback for signing. It also introduces GNUTLS_PRIVKEY_INFO_HAVE_SIGN_ALGO flag which allows the library to query the private key of the supported signature algorithms. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> 
That function allows a signing callback which passes the signature
algorithm, providing all the information to callback for signing.
It also introduces GNUTLS_PRIVKEY_INFO_HAVE_SIGN_ALGO flag which
allows the library to query the private key of the supported
signature algorithms.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
extensions: simplified requirements from send callback 2017-08-11T06:18:07+00:00 Nikos Mavrogiannopoulos nmav@redhat.com 2017-07-14T09:30:51+00:00 0b572406fa500a57c3e0a4abb74ef6ff0dca91fd The callback no longer needs to return the number of sent data; they are now calculated by the caller. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> 
The callback no longer needs to return the number of sent data;
they are now calculated by the caller.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
gnutls_x509_privkey_verify_seed: improved error on missing validation parameters 2017-08-07T12:51:19+00:00 Nikos Mavrogiannopoulos nmav@gnutls.org 2017-08-05T08:17:46+00:00 b548f73d6774dce378e5bfd50f8c16bd5d96e458 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
base64: introduced new functions for base64 encoding 2017-08-04T14:53:54+00:00 Nikos Mavrogiannopoulos nmav@gnutls.org 2017-07-31T07:08:24+00:00 cfb7b5aed687c04d7b6ed82cf734bf08fb4d190f Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
gnutls_pkcs11_token_check_mechanism: introduced function to check token for a particular mechanism 2017-08-04T11:54:42+00:00 Nikos Mavrogiannopoulos nmav@redhat.com 2017-07-27T16:07:54+00:00 98aef258ac83312449d59adf8e75932df4c7e9be Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
spki: combined all exported functions to a single set and get 2017-08-04T10:04:52+00:00 Nikos Mavrogiannopoulos nmav@redhat.com 2017-08-04T07:25:31+00:00 84b5e9971c2335b28348039c051572d9eea79389 This simplifies setting parameters for a particular key type, as well as getting them. The advantage is that they are set atomically, preventing an inadverterly half-filled structure. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> 
This simplifies setting parameters for a particular key type,
as well as getting them. The advantage is that they are set
atomically, preventing an inadverterly half-filled structure.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
introduced error code GNUTLS_E_PK_INVALID_PUBKEY_PARAMS 2017-08-04T09:08:51+00:00 Nikos Mavrogiannopoulos nmav@redhat.com 2017-08-04T07:06:32+00:00 68fc06c0a963fe1cd3e907dec1e2571c457f953a This is being use to indicate errors in the public key parameters such as the RSA-PSS salt size or digest algorithm. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> 
This is being use to indicate errors in the public key parameters
such as the RSA-PSS salt size or digest algorithm.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
gnutls_x509_privkey_generate*: allow specifying the SPKI parameters for key generation 2017-08-04T09:08:51+00:00 Nikos Mavrogiannopoulos nmav@redhat.com 2017-08-03T14:46:32+00:00 f10289f6d8c04111d3a7777f4ed9710a8114ef2f This in turn removes the need for reading the flag GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE on the key generation process. The flag is now only used during key signing which is also its documented purpose. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> 
This in turn removes the need for reading the flag GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE
on the key generation process. The flag is now only used during key signing
which is also its documented purpose.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Added convention for missing SubjectPublicKeyInfo params field 2017-08-03T09:57:52+00:00 Nikos Mavrogiannopoulos nmav@redhat.com 2017-07-27T14:53:57+00:00 4256ef71a7842830f7a27061c31c36554a6b97cc That is, when that field is missing, the spki_st structure field pk will be set to GNUTLS_PK_UNKNOWN. In that case other fields are undefined. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> 
That is, when that field is missing, the spki_st structure field
pk will be set to GNUTLS_PK_UNKNOWN. In that case other fields
are undefined.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>