On Tue, 2006-11-07 at 14:51 +0800, Irene (Shi Ying) Huang wrote: > Hi, Brian & all > > Export control has been done for GNUTLS together with gnome-2-14, the EC > form can be found here :) > http://jds.ireland/vermillion/legal/export-control/gnome-2-14-form.txt. > This one is for gnutls 1.2.10. > > Checking the release notes of all the following releases, we found that > only support for DHE-PSK cipher suites is added. DHE-PSK is > "Authentication using the PSK protocol and Di??????e Hellman key exchange. > This method o???????ers perfect forward secrecy." I reckon that we may have to > fill out something like a short export control short form > (http://its.central/Forms/general/swclass.form.short.html) for this. But > we may like to hear about your opinions first. >
> --Irene GnuTLS is a gnu open-source project which provides a secure layer over a reliable transport layer. The TLS protocol provides communications privacy over the Internet. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery. It was Evolution first introduced GnuTLS to Solaris, and now both gaim and vino depend on it. Recently, GnuTLS in gnu community is upgraded from 1.2 to 1.4. To keep consistent with the community, we should upgrade it on nevada. The upper version mainly adds support for TLS Pre-Shared Key (TLS-PSK) ciphersuites. Pre-Shared Key is a mechanism of keys management with several key-exchange algorithms( PSK Key Exchange, DHE_PSK Key Exchange, RSA_PSK Key Exchange ). The purposes are to avoid the need for public key operations and make key management more convenient. This upgrade doesn't add any cryption algorithm. Jeff Cai > ?????? 2006-10-31????????????? 16:30 -0600??????Brian > Cameron????????????????????? > > Jedy: > > > > Yes, these changes do sound like they could have encryption impact. I > > would recommend that you review the GnuTLS code against the existing > > Export Control License for GnuTLS, which I believe is here: > > > > http://jds.ireland/cinnabar/legal/export-control/forms/evo14x_export_form.txt > > > > Please let us know if the Export Control License needs to be updated. > > Note that section B requires that you specify which protocols are > > supported so if new protocols were added, then this needs to be updated. > > > > I'd recommend sending ef-core at sun.com if you need help filing out the > > export control form, or if you have questions about how certain > > algorithms should be reported. I'd recommend doing some research first > > so you understand as much as possible before contacting them. They > > tend to get annoyed if you are responsible for code that has encryption > > and seem unfamiliar with what your code does. > > > > Brian > > > > > > > The version of gnutls which we currently use is 1.2.10, an the latest > > > stable version is 1.4.4. Here is a list of important updates about > > > encryption I found from its NEWS. > > > > > > > > > * Version 1.3.0 (2005-11-15) > > > > > > ** Support for TLS Pre-Shared Key (TLS-PSK) ciphersuites have been > > > added. > > > This add several new APIs, see below. Read the updated manual for > > > more information. A new self test "pskself" has been added, that will > > > test this functionality. > > > More information about TLS-PSK, please refer to > > > http://www.ietf.org/rfc/rfc4279.txt > > > > > > ** Removed the RIPEMD ciphersuites. > > > Mor information about RIPEMD, please refer to > > > http://wiki.tcl.tk/10919 > > > > > > > > > * Version 1.3.1 (released 2005-12-08) > > > > > > ** Support for DHE-PSK cipher suites has been added. > > > This method offers perfect forward secrecy. > > > > > > > > > * Version 1.4.0 (released 2006-05-15) > > > > > > ** Remove GnuTLS 0.8.x compatibility functions. > > > > > > > > > > > > There are a lot of API/ABI changes too, so a list of full updates > > > between 1.2.9 and 1.4.4 is attached. > > > > > > Do there changes affect the way > > > encryption is handled/managed? Any idea? > > > > > > Regards, > > > > > > Jedy Wang > > > On Thu, 2006-10-26 at 12:04 -0500, Brian Cameron wrote: > > >> Jedy: > > >> > > >> You mention that this new program we are removing interacts with keys. > > >> How does this affect export control license forms, if at all? > > >> > > >> Whenever we make modifications to our builds that affects the way > > >> encryption is handled/managed, we should highlight the details and > > >> discuss on this list. Any change to modules like GnuTLS, > > >> gnome-keyring, and any other desktop modules that we know have > > >> encryption logic should be carefully looked at and we should have a > > >> clear understanding of the encryption impact. Could you describe? > > >> in more detail what affect (if any) this change makes to encryption. > > >> > > >> In the desktop stack, the three modules with identified encryption > > >> logic are: gnome-keyring, GnuTLS, and D-Bus. That's all I am aware > > >> of. Is anybody else aware of any other uses of encryption in the > > >> JDS stack? > > >> > > >> Note that areas where encryption is managed by the server (evolution > > >> IMAP/POP passwords, etc.) do not need to be mentioned. Nor does > > >> NSS/NSPR used by mozilla/firefox, or PAM used by GDM/xscreensaver since > > >> these (like PKCS) are managed by the Solaris ON team and not by the > > >> desktop team. However any plugins into these frameworks (such as PAM > > >> plugins, SASL modules, etc.) that are delivered by the JDS stack should > > >> be mentioned (I don't believe there are any, but just trying to be > > >> clear). > > >> > > >> Note that in our JDS builds we rip out the gnome-keyring encryption > > >> logic and replace it with calls to PKCS. Therefore we don't have > > >> export license control issues with gnome-keyring directly and instead > > >> depend on license control for the PKCS library. That said, we still > > >> need to review changes to gnome-keyring to ensure there isn't any new > > >> encryption logic that likewise needs to be modified to use PKCS. > > >> > > >> GnuTLS does contain encryption code and needs to be the most carefully > > >> looked at module in this regards. If things change (like, say, support > > >> of higher bit encryption rates or new/changed/extended encryption > > >> protocols) then we should be aware. > > >> > > >> D-Bus uses SHA-1 hashing, which isn't strictly encryption. D-Bus also > > >> supports SASL, so users can plug-in their own authentication > > >> mechanisms to be used for D-Bus connection authentication. D-Bus > > >> does not include any SASL modules. We probably should modify D-Bus > > >> to use the similar function in libmd.so (provided by ON) to avoid > > >> multiple implementation of SHA-1 on the system. Anybody want to > > >> help with this? > > >> > > >> ORBit2 also supports authentication mechanisms that are similar > > >> to xauth. I don't believe there is any encryption logic here, but > > >> probably good to keep an eye on code, in general, that does any > > >> sort of authentication handshaking like this. > > >> > > >> Should we make the above sort of statement a bit more clear in our > > >> JDS code review process? That security/encryption changes should > > >> be reviewed a bit more closely. In fact, I'd also suggest that > > >> bumping the version # modules known to contain encryption logic > > >> (GnuTLS, gnome-keyring, D-Bus) should also be given a bit more careful > > >> review than we do for other modules. > > >> > > >> Brian > > >> > > >> > > >>>> I think you need to be more detailed about what that tool does, and > > >>>> why there > > >>>> are no current dependencies on it. Saying that 'Evolution doesn't need > > >>>> it' is > > >>>> insufficient. > > >>> > > >>> psktool Simple PSK password tool > > >>> Very simple program that generates random keys for use with > > >>> TLS-PSK. The keys are stored in hexadecimal format in a file. > > >>> > > >>> Because it's not included in the old version of gnutls which we shipped > > >>> before so no one uses it right now. > > >>> > > >>> Regards, > > >>> > > >>> Jedy Wang > > >>>> Glynn > > >> > > >> ------------------------------------------------------------------------ > > >> > > >> GNU TLS NEWS -- History of user-visible changes. -*- > > >> outline -*- > > >> Copyright (C) 2004, 2005, 2006 Simon Josefsson > > >> Copyright (C) 2000, 2001, 2002, 2003, 2004 Nikos Mavroyanopoulos > > >> See the end for copying conditions. > > >> > > >> * Version 1.4.4 (released 2006-09-12) > > >> > > >> ** Relax the test that caught signatures that exploit the variant of > > >> ** Bleichenbacher's Crypto 06 rump session attack on our > > >> ** verification logic flaw. > > >> In particular, we now permit the digestAlgorithm.parameters field to > > >> be present but empty, whereas in 1.4.3 we actually checked that the > > >> field was absent. > > >> > > >> ** Revert the removal of debug information for the GNUTLS-SA-2006-3 > > >> problem. > > >> The messages are only printed in debug mode, which is not recommended > > >> for normal use, and thus logging this situation cannot be abused as an > > >> oracle in typical recommended situations. > > >> > > >> ** API and ABI modifications: > > >> No changes since last version. > > >> > > >> * Version 1.4.3 (released 2006-09-08) > > >> > > >> ** Fix PKCS#1 verification to avoid a variant of Bleichenbacher's > > >> ** Crypto 06 rump session attack. > > >> In particular, we check that the digestAlgorithm.parameters field is > > >> empty, to avoid that it can contain "garbage" that may be used to > > >> alter the numeric properties of the signature. See > > >> <http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html> (which is > > >> not exactly the same as the problem we fix here). Reported by Yutaka > > >> OIWA <y.oiwa at aist.go.jp>. > > >> > > >> See GNUTLS-SA-2006-4 on http://www.gnutls.org/security.html for more > > >> up to date information. > > >> > > >> ** Fix PKCS#1 decryption to avoid Bleichenbacher's Crypto 98 attack. > > >> See <http://www.bell-labs.com/user/bleichen/papers/pkcs.ps.gz>. > > >> Reported by Werner Koch <wk at gnupg.org>. > > >> > > >> See GNUTLS-SA-2006-3 on http://www.gnutls.org/security.html for more > > >> up to date information. > > >> > > >> ** Fix crash in gnutls_x509_crt_sign2 if passed a NULL issuer_key. > > >> > > >> ** API and ABI modifications: > > >> No changes since last version. > > >> > > >> * Version 1.4.2 (released 2006-08-12) > > >> > > >> ** Fix a crash (strcmp() on a NULL value) in the certificate > > >> verification logic. > > >> This can happen if you call gnutls_certificate_verify_peers2 and have > > >> a certain mix of local CA certificates and the peer send special > > >> certificates, that together trigger certain behaviour. It is not > > >> known at this point whether the crash can be triggered without the > > >> special local CA certificate, and thus turn this into a remote crash > > >> of clients that verify server certificates when they talk to a server > > >> with the special server certificate. See GNUTLS-SA-2006-2 on > > >> http://www.gnu.org/software/gnutls/security.html for more up to date > > >> information. Reported by satyakumar <satyam_kkd at hyd.hellosoft.com>. > > >> > > >> ** Change SRP and Cert-Type extensions to match IANA registry. > > >> > > >> ** OpenCDK updated to 0.5.9 to fix some problems with OpenPGP support. > > >> > > >> ** Make --without-included-libtasn1 work. > > >> Reported by Daniel Black <dragonheart at gentoo.org>. > > >> > > >> ** API and ABI modifications: > > >> No changes since last version. > > >> > > >> * Version 1.4.1 (released 2006-06-14) > > >> > > >> ** Replaced inactive ifdefs to enable openpgp support in test programs. > > >> > > >> ** Fixed bug in OpenPGP authentication handshake. > > >> > > >> ** Fixed typographical in man pages. > > >> > > >> ** Build fixes of the manual. > > >> > > >> ** Added Swedish translation. > > >> > > >> ** API and ABI modifications: > > >> No changes since last version. > > >> > > >> * Version 1.4.0 (released 2006-05-15) > > >> > > >> ** Remove GnuTLS 0.8.x compatibility functions. > > >> > > >> ** The libgcrypt RNG is initialized in gnutls_global_init(). > > >> > > >> ** TLS/IA API changes from Emile van Bergen. > > >> A dummy credential structure is not needed now, if you wish to use the > > >> low-level TLS/IA API, simply call gnutls_ia_enable to enable TLS/IA on > > >> a session. > > >> > > >> ** The self-tests are now run under valgrind, if it is installed. > > >> > > >> ** Libtasn1 is updated to 0.3.4, and that version is now required. > > >> > > >> ** The command line tools now use getaddrinfo and support IPv6. > > >> > > >> ** API and ABI modifications: > > >> _gnutls_x509_get_raw_crt_activation_time, > > >> _gnutls_x509_get_raw_crt_expiration_time: Removed. > > >> gnutls_ia_require_inner_phase: Removed, replaced by gnutls_ia_enable. > > >> gnutls_ia_enable: Added. > > >> > > >> * Version 1.3.5 (released 2006-03-08) > > >> > > >> ** Error messages are now translated using GNU Gettext. > > >> > > >> ** The function gnutls_x509_crt_to_xml now return an internal error. > > >> This means that the code to convert X.509 certificates to XML format > > >> does not work any more. The reason is that the function called > > >> libtasn1 internal functions. It seems unclean for libtasn1 to export > > >> the APIs needed here. Instead it would be better to implement XML > > >> support inside libtasn1 properly. If you need this functionality > > >> strongly, please consider looking into implementing this suggested > > >> approach instead. As a workaround, you may also modify lib/x509/xml.c > > >> (change '#if 1' to '#if 0') and build using --with-included-libtasn1. > > >> > > >> ** Libraries are now built with libtool's -no-undefined. > > >> This helps producing libraries for Windows using mingw32. > > >> > > >> ** Doc fixes to explain that gnutls_record_send can block. > > >> > > >> ** Libtasn1 0.3.1 or later is now required. > > >> The include copy has been updated too. > > >> > > >> ** gnutls-cli can now recognize services and port numbers with the -p > > >> option. > > >> > > >> ** API and ABI modifications: > > >> No changes since last version. > > >> > > >> * Version 1.3.4 (released 2006-02-09) > > >> > > >> ** Fix read of out bounds bug in DER parser. > > >> Reported by Evgeny Legerov <admin at gleg.net>, and debugging help from > > >> Protover SSL. Libtasn1 0.2.18 is now required, which contains the > > >> previous bug fix. The included libtasn1 version in GnuTLS has been > > >> updated. > > >> > > >> ** Fixed bug in non-blocking gnutls_bye(). gnutls_record_send() will no > > >> longer invalidate a session if the underlying send fails, but it will > > >> prevent future writes. That is to allow reading the already received > > >> data. > > >> Patches and bug reports by Yoann Vandoorselaere <yoann at > > >> prelude-ids.org> > > >> > > >> ** Corrected bugs in gnutls_certificate_set_x509_crl() and > > >> gnutls_certificate_set_x509_trust(), that caused memory corruption if > > >> more than one certificates were added. Report and patch by Max > > >> Kellermann. > > >> > > >> ** Fix build problems of OpenCDK on AIX. > > >> Thanks to "Heiden, John" <JHeiden at UTNet.UToledo.Edu>. > > >> > > >> ** API and ABI modifications: > > >> No changes since last version. > > >> > > >> * Version 1.3.3 (released 2006-01-12) > > >> > > >> ** New API to access the TLS master secret. > > >> When possible, you should use the TLS PRF functions instead. > > >> Suggested by Jouni Malinen <jkmaline at cc.hut.fi>. > > >> > > >> ** Improved handling when multiple libraries use GnuTLS at the same time. > > >> Now gnutls_global_init() can be called multiple times, and > > >> gnutls_global_deinit() will only deallocate the structure when it has > > >> been called as many times as gnutls_global_init() was called. > > >> > > >> ** Added a self test of TLS resume functionality. > > >> > > >> ** Fix crash in TLS resume code, caused by TLS/IA changes. > > >> > > >> ** Documentation fixes about thread unsafety, prompted by > > >> ** discussion with bryanh at giraffe-data.com (Bryan Henderson). > > >> In particular, gnutls_global_init() and gnutls_global_deinit() are not > > >> thread safe. Careful callers may want to protect the call using a > > >> mutex. The problem could also be ignored, which would cause a memory > > >> leak under rare conditions when two threads invoke the function > > >> roughly at the same time. > > >> > > >> ** Add 'const' keywords in various places, from Frediano ZIGLIO. > > >> > > >> ** The code was indented again, including the external header files. > > >> > > >> ** API and ABI modifications: > > >> New functions to retrieve the master secret value: > > >> gnutls_session_get_master_secret > > >> > > >> Add a 'const' keyword to existing API: > > >> gnutls_x509_crq_get_challenge_password > > >> > > >> * Version 1.3.2 (released 2005-12-15) > > >> > > >> ** GnuTLS now support TLS Inner application (TLS/IA). > > >> This is per draft-funk-tls-inner-application-extension-01. This > > >> functionality is added to libgnutls-extra, so it is licensed under the > > >> GNU General Public License. > > >> > > >> ** New APIs to access the TLS Pseudo-Random-Function (PRF). > > >> The PRF is used by some protocols building on TLS, such as EAP-PEAP > > >> and EAP-TTLS. One function to access the raw PRF and one to access > > >> the PRF seeded with the client/server random fields are provided. > > >> Suggested by Jouni Malinen <jkmaline at cc.hut.fi>. > > >> > > >> ** New APIs to acceess the client and server random fields in a session. > > >> These fields can be useful by protocols using TLS. Note that these > > >> fields are typically used as input to the TLS PRF, and if this is your > > >> intended use, you should use the TLS PRF API that use the > > >> client/server random field directly. Suggested by Jouni Malinen > > >> <jkmaline at cc.hut.fi>. > > >> > > >> ** Internal type cleanups. > > >> The uint8, uint16, uint32 types have been replaced by uint8_t, > > >> uint16_t, uint32_t. Gnulib is used to guarantee the presence of > > >> correct types on platforms that lack them. The uint type have been > > >> replaced by unsigned. > > >> > > >> ** API and ABI modifications: > > >> New functions to invoke the TLS Pseudo-Random-Function (PRF): > > >> gnutls_prf > > >> gnutls_prf_raw > > >> > > >> New functions to retrieve the session's client and server random values: > > >> gnutls_session_get_server_random > > >> gnutls_session_get_client_random > > >> > > >> New function, to perform TLS/IA handshake: > > >> gnutls_ia_handshake > > >> > > >> New function to decide whether to do a TLS/IA handshake: > > >> gnutls_ia_handshake_p > > >> > > >> New functions to allocate a TLS/IA credential: > > >> gnutls_ia_allocate_client_credentials > > >> gnutls_ia_free_client_credentials > > >> gnutls_ia_allocate_server_credentials > > >> gnutls_ia_free_server_credentials > > >> > > >> New functions to handle the AVP callback: > > >> gnutls_ia_set_client_avp_function > > >> gnutls_ia_set_client_avp_ptr > > >> gnutls_ia_get_client_avp_ptr > > >> gnutls_ia_set_server_avp_function > > >> gnutls_ia_set_server_avp_ptr > > >> gnutls_ia_get_server_avp_ptr > > >> > > >> New functions, to toggle TLS/IA application phases: > > >> gnutls_ia_require_inner_phase > > >> > > >> New function to mix session keys with inner secret: > > >> gnutls_ia_permute_inner_secret > > >> > > >> Low-level API (used internally by gnutls_ia_handshake): > > >> gnutls_ia_endphase_send > > >> gnutls_ia_send > > >> gnutls_ia_recv > > >> > > >> New functions that can be used after successful TLS/IA negotiation: > > >> gnutls_ia_generate_challenge > > >> gnutls_ia_extract_inner_secret > > >> > > >> Enum type with TLS/IA modes: > > >> gnutls_ia_mode_t > > >> > > >> Enum type with TLS/IA packet types: > > >> gnutls_ia_apptype_t > > >> > > >> Enum values for TLS/IA alerts: > > >> GNUTLS_A_INNER_APPLICATION_FAILURE > > >> GNUTLS_A_INNER_APPLICATION_VERIFICATION > > >> > > >> New error codes, to signal when an application phase has finished: > > >> GNUTLS_E_WARNING_IA_IPHF_RECEIVED > > >> GNUTLS_E_WARNING_IA_FPHF_RECEIVED > > >> > > >> New error code to signal TLS/IA verify failure: > > >> GNUTLS_E_IA_VERIFY_FAILED > > >> > > >> * Version 1.3.1 (released 2005-12-08) > > >> > > >> ** Support for DHE-PSK cipher suites has been added. > > >> This method offers perfect forward secrecy. > > >> > > >> ** Fix gnutls-cli STARTTLS hang when SIGINT is sent too quickly, thanks > > >> to > > >> Otto Maddox <ottomaddox at fastmail.fm> and Nozomu Ando <nand at > > >> mac.com>. > > >> > > >> ** Corrected a bug in certtool for 64 bit machines. Reported > > >> by Max Kellermann <max at duempel.org>. > > >> > > >> ** New function to set a X.509 private key and certificate pairs, and/or > > >> CRLs, from an PKCS#12 file, suggested by Emile van Bergen > > >> <emile at e-advies.nl>. > > >> > > >> The integrity of the PKCS#12 file is protected through a password > > >> based MAC; public-key based signatures for integrity protection are > > >> not supported. PKCS#12 bags may be encrypted using password derived > > >> symmetric keys, public-key based encryption is not supported. The > > >> PKCS#8 keys may be encrypted using passwords. The API use the same > > >> password for all operations. We believe that any more flexibility > > >> create too much complexity that would hurt overall security, but may > > >> add more PKCS#12 related APIs if real-world experience indicate > > >> otherwise. > > >> > > >> ** gnutls_x509_privkey_import_pkcs8 now accept unencrypted PEM PKCS#8 > > >> keys, > > >> reported by Emile van Bergen <emile at e-advies.nl>. > > >> This will enable "certtool -k -8" to parse those keys. > > >> > > >> ** Certtool now generate keys in unencrypted PKCS#8 format for empty > > >> passwords. > > >> Use "certtool -p -8" and press press enter at the prompt. Earlier, > > >> certtool would have encrypted the key using an empty password. > > >> > > >> ** Certtool now accept --password for --key-info and encrypted PKCS#8 > > >> keys. > > >> Earlier it would have prompted the user for it, even if --password was > > >> supplied. > > >> > > >> ** Added self test of PKCS#8 parsing. > > >> Unencrypted and encrypted (pbeWithSHAAnd3-KeyTripleDES-CBC and > > >> pbeWithSHAAnd40BitRC2-CBC) formats are tested. The test is in > > >> tests/pkcs8. > > >> > > >> ** API and ABI modifications: > > >> New function to set X.509 credentials from a PKCS#12 file: > > >> gnutls_certificate_set_x509_simple_pkcs12_file > > >> > > >> New gnutls_kx_algorithm_t enum type: > > >> GNUTLS_KX_DHE_PSK > > >> > > >> New API to return session data (basically same as > > >> gnutls_session_get_data): > > >> gnutls_session_get_data2 > > >> > > >> New API to set PSK Diffie-Hellman parameters: > > >> gnutls_psk_set_server_dh_params > > >> > > >> * Version 1.3.0 (2005-11-15) > > >> > > >> ** Support for TLS Pre-Shared Key (TLS-PSK) ciphersuites have been added. > > >> This add several new APIs, see below. Read the updated manual for > > >> more information. A new self test "pskself" has been added, that will > > >> test this functionality. > > >> > > >> ** The session resumption data are now system independent. > > >> > > >> ** The code has been re-indented to conform to the GNU coding style. > > >> > > >> ** Removed the RIPEMD ciphersuites. > > >> > > >> ** Added a discussion of the internals of gnutls in manual. > > >> > > >> ** Fixes for Tru64 UNIX 4.0D that lack MAP_FAILED, from Albert Chin. > > >> > > >> ** Remove trailing comma in enums, for IBM C v6, from Albert Chin. > > >> > > >> ** Make sure config.h is included first in a few files, from Albert Chin. > > >> > > >> ** Don't use C++ comments ("//") as they are invalid, from Albert Chin. > > >> > > >> ** Don't install SRP programs and man pages if > > >> --disable-srp-authentication, > > >> from Albert Chin. > > >> > > >> ** API and ABI modifications: > > >> New gnutls_kx_algorithm_t key exchange type: GNUTLS_KX_PSK > > >> > > >> New gnutls_credentials_type_t credential type: > > >> GNUTLS_CRD_PSK > > >> > > >> New credential types: > > >> gnutls_psk_server_credentials_t > > >> gnutls_psk_client_credentials_t > > >> > > >> New functions to allocate PSK credentials: > > >> gnutls_psk_allocate_client_credentials > > >> gnutls_psk_free_client_credentials > > >> gnutls_psk_free_server_credentials > > >> gnutls_psk_allocate_server_credentials > > >> > > >> New enum type for PSK key flags: > > >> gnutls_psk_key_flags > > >> > > >> New function prototypes for credential callback: > > >> gnutls_psk_client_credentials_function > > >> gnutls_psk_server_credentials_function > > >> > > >> New function to set PSK username and key: > > >> gnutls_psk_set_client_credentials > > >> > > >> New function to set PSK passwd file: > > >> gnutls_psk_set_server_credentials_file > > >> > > >> New function to extract PSK user in server: > > >> gnutls_psk_server_get_username > > >> > > >> New functions to set PSK callback: > > >> gnutls_psk_set_server_credentials_function > > >> gnutls_psk_set_client_credentials_function > > >> > > >> Use size_t instead of int for output size parameter: > > >> gnutls_srp_base64_encode > > >> gnutls_srp_base64_decode > > >> ----------------------------------------------------- > > >> * Version 1.2.9 (2005-11-07) > > >> - Documentation was updated and improved. > > >> - RSA-MD2 is now supported for verifying digital signatures. > > >> - Due to cryptographic advances, verifying untrusted X.509 > > >> certificates signed with RSA-MD2 or RSA-MD5 will now fail with a > > >> GNUTLS_CERT_INSECURE_ALGORITHM verification output. For > > >> applications that must remain interoperable, you can use the > > >> GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2 or GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5 > > >> flags when verifying certificates. Naturally, this is not > > >> recommended default behaviour for applications. To enable the > > >> broken algorithms, call gnutls_certificate_set_verify_flags with the > > >> proper flag, to change the verification mode used by > > >> gnutls_certificate_verify_peers2. > > >> - Make it possible to send empty data through gnutls_record_send, > > >> to align with the send(2) API. > > >> - Some changes in the certificate receiving part of handshake to prevent > > >> some possible errors with non-blocking servers. > > >> - Added numeric version symbols to permit simple CPP-based feature > > >> tests, suggested by Daniel Stenberg <daniel at haxx.se>. > > >> - The (experimental) low-level crypto alternative to libgcrypt used > > >> earlier (Nettle) has been replaced with crypto code from gnulib. > > >> This leads to easier re-use of these components in other projects, > > >> leading to more review and simpler maintenance. The new configure > > >> parameter --with-builtin-crypto replace the old --with-nettle, and > > >> must be used if you wish to enable this functionality. See README > > >> under "Experimental" for more information. Internally, GnuTLS has > > >> been updated to use the new "Generic Crypto" API in gl/gc.h. The > > >> API is similar to the old crypto/gc.h, because the gnulib code were > > >> based on GnuTLS's gc.h. > > >> - Fix compiler warning in the "anonself" self test. > > >> - API and ABI modifications: > > >> gnutls_x509_crt_list_verify: Added 'const' to prototype in > > >> <gnutls/x509.h>. > > >> This doesn't reflect a change in behaviour, > > >> so we don't break backwards compatibility. > > >> GNUTLS_MAC_MD2: New gnutls_mac_algorithm_t value. > > >> GNUTLS_DIG_MD2: New gnutls_digest_algorithm_t value. > > >> GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2, > > >> GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5: New gnutls_certificate_verify_flags > > >> values. > > >> Use when calling > > >> gnutls_x509_crt_list_verify, > > >> gnutls_x509_crt_verify, or > > >> gnutls_certificate_set_verify_flags. > > >> GNUTLS_CERT_INSECURE_ALGORITHM: New gnutls_certificate_status_t value, > > >> used when broken signature algorithms > > >> is used (currently RSA-MD2/MD5). > > >> LIBGNUTLS_VERSION_MAJOR, > > >> LIBGNUTLS_VERSION_MINOR, > > >> LIBGNUTLS_VERSION_PATCH, > > >> LIBGNUTLS_VERSION_NUMBER: New CPP symbols, indicating the GnuTLS > > >> version number, can be used for feature existence > > >> tests. > > >> > > > -- Sun Microsystem Jeff Cai
