ChangeLog 30.2 KB
Newer Older
Niels Möller's avatar
Niels Möller committed
1
2
3
4
5
2010-03-24  Niels Mller  <nisse@lysator.liu.se>

	* tools/sign.c (spki_sign_digest): Check return value from
	rsa_md5_sign_digest and rsa_sha1_sign_digest.

6
7
8
9
10
11
2008-08-26  Niels Mller  <nisse@lysator.liu.se>

	* Makefile.in (tags-here): Put TAGS file in the source directory.
	* testsuite/Makefile.in (tags): Likewise.
	* tools/Makefile.in (tags): Likewise.

Niels Möller's avatar
Niels Möller committed
12
13
14
15
2007-09-18  Niels Mller  <nisse@lysator.liu.se>

	* tools/Makefile.in: Added dummy check target.

Niels Möller's avatar
Niels Möller committed
16
17
18
19
2007-09-11  Niels Mller  <nisse@lysator.liu.se>

	* tools/Makefile.in: Fixed linking with getopt.

Niels Möller's avatar
Niels Möller committed
20
21
22
23
24
2007-05-14  Niels Mller  <niels@s3.kth.se>

	* testsuite/Makefile.in (TEST_OBJS): Link with -lhogweed.
	* tools/Makefile.in (PROGRAM_LIBS): Likewise.

25
26
2007-05-08  Niels Mller  <nisse@lysator.liu.se>

Niels Möller's avatar
Niels Möller committed
27
28
29
30
31
32
	* tools/Makefile.in (clean): Fixed deletion of object files.

	* testsuite/Makefile.in (clean): Fixed deletion of object files.
	Delete test files.
	(TARGETS): Define properly.

33
34
	* Makefile.in (distclean-here): Remove dependency files *.d.

Niels Möller's avatar
Niels Möller committed
35
36
37
38
39
40
41
42
43
44
45
46
2007-05-03  Niels Mller  <nisse@lysator.liu.se>

	* COPYING.LIB: New file.

	* Makefile.in: Use -Inettle_builddir and -Lnettle_builddir.
	(DISTFILES): Added config.sub.

2007-04-26  Niels Mller  <nisse@lysator.liu.se>

	* Makefile.in (DISTFILES): Removed texinfo.tex (copy and paste
	error).

47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
2007-04-05  Niels Mller  <nisse@lysator.liu.se>

	* Makefile.in: Use symlinks nettle and nettle_builddir in the
	build directory to locate nettle files.

	* Moved in CVS tree. Converted to plain autoconf.
	
2005-11-25  Niels Mller  <nisse@lysator.liu.se>

	* configure.ac: Use -Wno-pointer-sign when compiling with gcc-4.x.

2004-11-18  Niels Mller  <nisse@lysator.liu.se>

	* testsuite/Makefile.am (CLEANFILES): Delete test.canonical.

	* testsuite/delegate-test: Don't use cmp -, use a temporary file
	instead. 
	* testsuite/reduce-test: Likewise.

2004-11-16  Niels Mller  <nisse@lysator.liu.se>

	* Deleted getopt.c, getopt.h and getopt1.c from the CVS tree. Link
	them from shared copies in lsh/misc instead.

2004-03-20  Niels Mller  <nisse@lysator.liu.se>

	* configure.ac: Use AC_CONFIG_AUX_DIR([.]).

2004-03-01  Niels Mller  <niels@s3.kth.se>

	* configure.ac: Check for gmtime_r.

	* certificate.c (spki_date_from_time_t): Use gmtime, if gmtime_r
	isn't available.

2004-02-15  Niels Mller  <nisse@lysator.liu.se>

	* configure.ac: No spaces after -I and -L flags.

2004-01-31  Niels Mller  <nisse@lysator.liu.se>

	* tag.c: Comment fixes.
	(spki_tag_compile): In the SPKI_TAG_LIST case, check for
	spki_tag_compile_list returning NULL.
	(spki_tag_list_alloc): Minor reorganization of failure case.

2004-01-08  Niels Mller  <nisse@lysator.liu.se>

	* Makefile.am (AM_CPPFLAGS): Added -I../nettle. Needed to find the
	nettle-types.h include file when building outside of the source
	directory.
	* testsuite/Makefile.am (AM_CPPFLAGS): Added -I../../nettle.
	* tools/Makefile.am (AM_CPPFLAGS): Likewise.

2003-05-18  Niels Mller  <nisse@cuckoo.hack.org>

	* Changed include file ordering, to follow the same conventions as
	lsh and nettle: .c-files include config.h first, then system
	files, and finally spki files. .h-files never include config.h,
	and they include system files before spki files. 

	* configure.ac: Use LSH_FUNC_ALLOCA.

2003-04-11  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/Makefile.am (distclean-local, CLEANFILES): Delete
	files and directories used by the tests.

2003-04-08  Niels Mller  <niels@s3.kth.se>

	* testsuite/delegate-test: Use $srcdir when referring to the test
	keys. 
	* testsuite/make-signature-test: Likewise.

2003-03-11  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/Makefile.am (TS_SH): Added reduce-test.

	* testsuite/reduce-test: Use advanced syntax for the input.

	* testsuite/reduce-test: New testcase.

	* certificate.c (parse_sequence): Changed return type to int.
	Instead use a new struct spki_5_tuple_list ** argument for
	returning the list. The pint is to support sequences of the form
	(sequence (public-key ...)) that implies a subject, but result in
	an empty 5-tuple list.
	(spki_parse_sequence): Likewise.
	(spki_parse_sequence_no_signatures): Likewise.
	* testsuite/cdsa-reduce-test.c (test_main): Adapted to new
	spki_parse_sequence_no_signatures.
	* tools/spki-delegate.c (process_sequence): Adapted to new
	spki_parse_sequence.
	* tools/spki-reduce.c (process_sequence): Likewise.

	* certificate.c (parse_sequence): New helper function, dealing
	with both the signature and non signature cases.
	(spki_parse_sequence, spki_parse_sequence_no_signatures): Wrappers
	around parse_sequence.

	* index.html: Updated JSDSI link.

	* testsuite/Makefile.am (EXTRA_DIST): Added the setup-env script.

2003-03-10  Niels Mller  <nisse@cuckoo.hack.org>

	* index.css: Stylesheet for index.html.

2003-03-10  Niels Mller  <niels@s3.kth.se>

	* testsuite/delegate-test (check_sexp): Use full path to
	sexp-conv. 

2003-03-10  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/Makefile.am (EXTRA_DIST): Added key-1.pub, key2 and
	key2.pub. 

	* testsuite/key-2.pub, testsuite/key-2: One more test key.

	* testsuite/delegate-test: Include delegation flag in the ACL.
	Test certificate creation. Test spki-reduce.

	* tag.c (spki_tag_format): Fixed formatting functions, and updated
	it to use current sexp_format features. Seems to work now.

	* certificate.c (spki_parse_sequence): Must call spki_parse_type
	to enter hash expression. Fixed missing assignment to ISSUER.
	(spki_acl_format): Include tag expression in output.

	* parse.c (spki_parse_hash): Check that the expression type is
	right.

	* tools/misc.c (read_file, read_file_by_name): Interchanged return
	value and *buffer argument, now returns a char * and uses an
	unsigned * argument for the length. Updated callers.

	* tools/Makefile.am (noinst_PROGRAMS): Added spki-delegate and
	spki-reduce. 

	* tools/spki-reduce.c: New program.

	* tools/spki-delegate.c: Implemented creation of acls and chained
	certificates. The latter not yet tested, though.

	* certificate.c (spki_parse_sequence_no_signatures): Use const for
	the subject argument. Call spki_principal_normalize before
	returning. 
	(spki_hash_verify): New function.
	(spki_parse_sequence): Implemented signature checks.

	* testsuite/cdsa-reduce-test.c (test_main): const-declare subject. 

	* testsuite/Makefile.am (TS_SH): Added delegate-test.

	* testsuite/delegate-test: New testcase.

	* testsuite/setup-env: New script.

	* testsuite/Makefile.am (EXTRA_DIST): Added key-1.

2003-03-09  Niels Mller  <nisse@cuckoo.hack.org>

	* tools/Makefile.am (noinst_PROGRAMS): Added spki-delegate.
	(EXTRA_DIST): Added sign.h.

	* tools/spki-delegate.c: New program.

	* testsuite/Makefile.am (TS_SH): Added make-signature-test.

	* testsuite/key-1, testsuite/key-1.pub: Key used by testsuite.

	* testsuite/make-signature-test: New testcase.

	* tools/Makefile.am (spki_make_signature_SOURCES): Need to link
	with sign.o.

	* tools/spki-make-signature.c (main): Code moved to sign.c. Use
	the new function spki_sign_digest.

	* tools/sign.c, tools/sign.h: New files.

	* names.c (spki_type_names): Use const for spki_type_names.

2003-02-24  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/Makefile.am (EXTRA_DIST): Use dist_cdsa, and include
	.dist_cdsa. 

	* testsuite/.dist_cdsa (dist_cdsa): New file, listing distribution
	files. 

2003-02-23  Niels Moller  <nisse@carduelis>

	* configure.ac: Use LSH_GCC_ATTRIBUTES.

2003-02-19  Niels Mller  <nisse@cuckoo.hack.org>

 	* acinclude.m4: Deleted file from cvs, use a link to lsh's
	acinclude.m4 instead.

2003-02-17  Niels Mller  <nisse@cuckoo.hack.org>

	* tools/Makefile.am (EXTRA_DIST): Added getopt.c and getopt1.c. 

2003-02-16  Niels Mller  <nisse@cuckoo.hack.org>

	* tools/Makefile.am (LDADD): Added getopt.o and getopt1.o
	(EXTRA_DIST): Added getopt.h.

2003-02-13  Niels Mller  <niels@s3.kth.se>

	* README: Wrote down an SPKI overview and some ideas on how to
	organize the information in the file system.

2003-02-12  Niels Mller  <niels@s3.kth.se>

	* testsuite/check-signature-test (test_valid, test_invalid):
	Optionally take three arguments, where the second is the data
	being signed. Added two new tests, with correct and incorrect
	input for the RSA signature verification.

	* tools/spki-check-signature.c (parse_options): New function.
	(main): By default, read and hash stdin, and compare with the hash
	in the signature. New option --no-data to omit this check.

	* tools/spki-make-signature.c (die, xalloc): Moved functions to
	misc.c. 

	* tools/Makefile.am (LDADD): Added misc.o
	(EXTRA_DIST): List misc.c and mish.h.

	* tools/misc.c: Renamed io.c to misc.c. New function xalloc.
	Changed function hash_file, updated callers.

	* tools/Makefile.am (spki_make_signature_SOURCES): Added io.h.

2003-02-11  Niels Mller  <nisse@cuckoo.hack.org>

	* Makefile.am (libspki_a_SOURCES): Added names.c.
	Removed $(srcdir) prefix from targets.

	* tools/Makefile.am (noinst_PROGRAMS): Added spki-make-signature.

	* tools/spki-make-signature.c: New program.

	* tools/io.c: New file.
	(hash_file, read_file, read_file_by_name, write_file): New
	functions. 

	* tools/getopt1.c, tools/getopt.h, tools/getopt.c: New files.

	* testsuite/check-signature-test: New rsa tests, replacing the
	broken ones from the spki draft.

	* spki-types.in: Added private-key.

	* process-types: For the names file, output only the intializer,
	not the declaration header.

	* parse.c (spki_parse_fail): Made function non-static.

	* certificate.h (struct spki_type_name): New struct.

	* parse-transport.c (spki_transport_iterator_first): New file, new
	function. 

	* names.c: New file, including spki-type-names.h.

2003-02-06  Niels Mller  <niels@s3.kth.se>

	* testsuite/Makefile.am (DISTCLEANFILES): Delete test.in.

2003-02-05  Niels Mller  <nisse@lysator.liu.se>

	* testsuite/check-signature-test: Made function definitions
	sh-compatible.  

	* process-types (length): New function. Solaris' expr seems not to
	understand length.

	* acinclude.m4, configure.ac: Copied handling of --with-lib-path,
	--with-include-path, and -R flags, from Nettle.

2003-01-30  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/Makefile.am (TS_SH): Added check-signature-test.

	* testsuite/check-signature-test: Commented out the first rsa
	signature test. Appearantly, the sample signature in the spki
	draft doesn't get the pkcs#1 padding right. For the tests with
	truncated hashes, fixed the base64 code to be valid, with no
	leftover bits.

2003-01-29  Niels Mller  <niels@s3.kth.se>

	* verify.c (spki_verify): Don't call spki_parse_type for the
	signature. 

	* testsuite/check-signature-test: Write input to test.in.

2003-01-29  Niels Mller  <nisse@cuckoo.hack.org>

	* configure.ac (AC_OUTPUT): Generate tools/Makefile.

	* Makefile.am (SUBDIRS): Added tools subdirectory.

	* testsuite/check-signature-test: New testcase. Not yet enabled by
	default. 

	* tools/spki-check-signature.c: New program.

	* verify.c (spki_verify): Take a struct spki_hash_value as
	argument. 

2003-01-28  Niels Mller  <nisse@cuckoo.hack.org>

	* parse.h (struct spki_hash_value): New struct.

	* parse.c (spki_parse_hash): New function.
	(spki_parse_principal): Use it.

2003-01-27  Niels Mller  <nisse@cuckoo.hack.org>

	* spki-types.in: New keywords rsa-pkcs1-md5, rsa-pkcs1-sha1,
	dsa-sha1. 

	* certificate.c (spki_parse_sequence): New function (#if:ed out
	for now).

	* certificate.h: Include "spki-types.h". This should be the only
	file including that. Removed the include in parse.h.

	* verify.c (spki_verify): New file, new function.

2003-01-23  Niels Mller  <nisse@cuckoo.hack.org>

	* parse.c (spki_parse_string): Made non-static.

2003-01-22  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/testutils.c (read_acl): Use spki_acl_process.

	* testsuite/lookup-acl-test.c (test_main): Updated to use
	spki_5_tuple_list. 

	* testsuite/cdsa-reduce-test.c (filter_by_tag): Rewritten to be
	used with spki_5_tuple_list_filter.
	(filter_by_subject): Likewise.
	(filter_by_date): Likewise.
	(test_main): Updated to use spki_5_tuple_list.

	* reduce.c (reduce_with_list): Now results in zero or more
	certificates, that are consed onto the "known" list.
	(spki_5_tuple_reduce): Adapted to use spki_5_tuple_list.

	* parse.c (spki_parse_acl): Moved function. Was
	certificate.c:spki_acl_parse. 

	* certificate.c (spki_5_tuple_init): Initialize refs to zero.
	(spki_5_tuple_cons_new): New function.
	(spki_5_tuple_list_release): New function. Replaces
	spki_5_tuple_free_chain. 
	(spki_5_tuple_list_nappend): New function.
	(spki_5_tuple_list_nreverse): New function.
	(spki_5_tuple_list_filter): New function.
	(spki_5_tuple_by_subject_next): Renamed function. Was
	spki_5_tuple_by_subject. Added spki_5_tuple_list ** argument, used
	as an iterator.
	(spki_acl_by_subject_first): Added iterator argument.
	(spki_5_tuple_by_authorization_next): Renamed, was acl_by_auth.
	Made non-static.
	(spki_acl_by_authorization_first): Added iterator argument.
	(spki_acl_process): New function, replacing spki_acl_parse.
	(format_valid): Use const argument.
	(spki_acl_format): Use a spki_5_tuple_list argument.
	(spki_parse_sequence_no_signatures): Renamed function, was
	spki_process_sequence_no_signatures. Now returns a
	spki_5_tuple_list. 

	* certificate.h (struct spki_5_tuple): Deleted attribute next.
	Added a reference counter.
	(struct spki_5_tuple_list): New struct.
	(struct spki_acl_db): Renamed attribute first_acl to acl. Now
	points at a spki_5_tuple_list.

2003-01-20  Niels Mller  <niels@s3.kth.se>

	* Makefile.am (EXTRA_DIST): Distribute process-types.

2003-01-16  Niels Mller  <niels@s3.kth.se>

	* Makefile.am (libspki_a_SOURCES): Added header files, to get them
	included in the dist.

2003-01-14  Niels Mller  <niels@s3.kth.se>

	* testsuite/Makefile.am (EXTRA_DIST): Fixed file list. Also
	include *.in and *.out from the cdsa-cases subdirectory.
	(EXTRA_DIST): Added an explicit list of the files in cdsa-cases.
	Really ugly.

2003-01-14  Niels Mller  <nisse@lysator.liu.se>

	* .bootstrap: Must invoke autoheader before automake.

2003-01-10  Niels Mller  <niels@s3.kth.se>

	* parse.c (spki_parse_principal): Deleted the final calls to
	spki_parse_end.
	(spki_parse_subject, spki_parse_issuer): Call spki_parse_end.

	* certificate.c (spki_tag_free): New function.
	(spki_5_tuple_free_chain): ...Use it.

2003-01-09  Niels Mller  <nisse@cuckoo.hack.org>

	* certificate.c (spki_acl_parse): Use spki_check_type.
	(spki_process_sequence_no_signatures): Likewise.

	* parse.c (spki_check_type): New function. Now used in most places
	that check the type of an expression and then enters it.

2003-01-08  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/lookup-acl-test.c (test_main): Added some tests for
	spki_acl_by_subject_first and spki_acl_by_subject_next.

	* testsuite/cdsa-reduce-test.c (filter_by_subject): Use
	spki_parse_subject. 

	* parse.c (spki_parse_principal): Parse just the contents of the
	key or hash expression, not the containing subject or issuer
	expression. 
	(spki_parse_subject, spki_parse_issuer): New functions.
	(spki_parse_acl_entry): Use spki_parse_subject.
	(spki_parse_cert): Use spki_parse_subject and spki_parse_issuer.

	* certificate.h (struct spki_principal): New field verifier, for
	use by the application.

	* certificate.c (spki_principal_add_key): Initialize verifier
	field. 
	(spki_principal_add_md5, spki_principal_add_sha1): Likewise.
	(spki_5_tuple_by_subject): Moved function from reduce.c, and made
	non-static. 
	(spki_acl_by_subject_first): New function.
	(spki_acl_by_subject_next): New function.

	* reduce.c (spki_5_tuple_by_subject): Moved function to
	certificate.c. 

2003-01-02  Niels Mller  <nisse@cuckoo.hack.org>

	* tag.c (spki_tag_compile): For the unsupported tag type "range",
	return NULL instead of abort().

2002-12-04  Niels Mller  <niels@s3.kth.se>

	* testsuite/cdsa-reduce-test.c (read_file): Check return value of
	fopen. 

	* tag.c (list_intersect): Must call spki_tag_dup on the tags, when
	copying the tail fo the list.

2002-12-04  Niels Mller  <nisse@cuckoo.hack.org>

	* tag.c (atom_prefix): Fixed assertion.
	(spki_tag_intersect): The ordering of a and b (with a having the
	"widest" type) was wrong.

	* reduce.c (spki_5_tuple_by_subject): Use spki_principal_normalize
	for comparisons. 

	* parse.c (spki_parse_fail): New function. Changed all parser
	functons to use it when they fail.
	(spki_parse_principal): Changed to parse a complete subject or
	issuer subexpression.
	(spki_parse_acl_entry): Use new spki_parse_principal.
	(spki_parse_cert): Likewise.
	(spki_parse_tag): Don't assert that expression is of the right
	type, simply call spki_parse_fail.

	* certificate.c (spki_principal_normalize): New function, to be
	used when comparing principals.
	(spki_5_tuple_fix_aliases): #if:ed out this function, as it didn't
	seem robust enough. Also #if:ed out all uses.

	* testsuite/Makefile.am (TS_PROGS): Added cdsa-reduce-test.

	* testsuite/cdsa-reduce-test.c (filter_by_tag, filter_by_subject)
	(filter_by_date): New functions.
	(test_main): Process the red-test filter expressions. Omit some
	tests that seem broken, or use features that we haven't
	implemented yet. Don't ASSERT that the resulting 5-tuple list is
	non-empty, some test cases result in empty lists.

2002-12-03  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/cdsa-reduce-test.c: New test program, using cdsa tests.

	* testsuite/cdsa-cases: New directory with test cases snarfed from
	cdsa. 

2002-11-27  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/lookup-acl-test.c (test_main): Updated for new acl
	syntax. 
	* testsuite/read-acl-test.c (test_main): Likewise.

	* testsuite/read-cert-test.c (test_main): Need to initialize the
	cert. 

	* tag.c (list_format, spki_tag_format): New functions.

	* certificate.c (spki_acl_clear): New function.
	(spki_principal_add_keyspki_principal_add_md5,
	spki_principal_add_sha1): Initialize alias field. 
	(HASH_MATCH): New macro.
	(spki_principal_fix_aliases): New function.
	(spki_principal_by_key): Setup alias pointers if we add a key for
	which a hash is already known.
	(spki_principal_free_chain): New function.
	(spki_5_tuple_init): New function.
	(spki_5_tuple_fix_aliases): New function.
	(spki_acl_parse): Call spki_5_tuple_fix_aliases before returning.
	(format_valid, spki_acl_format): New functions.
	(spki_process_sequence_no_signatures): Bug fix in looping over the
	sequence. Call spki_5_tuple_fix_aliases before returning.
	(spki_date_since_ever): Represent a time far ago.
	(spki_date_for_ever): Represent a time far into the future.

	* certificate.h (struct spki_principal): New field, alias.
	(spki_date_since_ever, spki_date_for_ever): New constant globals. 
	(SPKI_DATE_CMP): New macro.

	* Makefile.am (libspki_a_SOURCES): Added reduce.c.

	* reduce.c: New file.
	(spki_5_tuple_reduce): New function.

	* parse.c (spki_iterator_first_sexp): New function, an alternative
	initializer.
	(spki_parse_acl_entry): Deleted initialization, the caller should
	initialize the 5-tuple. Updated the syntax to include a real
	subject expression.
	(spki_parse_cert): Deleted initialization, the caller should
	initialize the 5-tuple. Fixed syntax check of subject expressions. 

2002-11-27  Niels Mller  <niels@s3.kth.se>

	* index.html: New file.

2002-11-22  Niels Mller  <nisse@cuckoo.hack.org>

	* tag.c (enum spki_tag_type): Reordered types, ordered from more
	inclusive to less inclusive.
	(spki_tag_intersect): New function.

2002-11-22  Niels Mller  <niels@s3.kth.se>

	* testsuite/tag-test.c (test_main): Enabled more tests, for
	set/set inclusions.

	* testsuite/lookup-acl-test.c (test_main): Adapted to changed
	spki_acl_by_authorization_first and
	spki_acl_by_authorization_next. 

	* testsuite/testutils.c (make_tag, release_tag): New functions.

	* certificate.h (struct spki_acl_db): Use nettle_realloc_func for
	custom allocation.

	* certificate.c (spki_realloc): Deleted function.
	(spki_acl_init): Use nettle_realloc.
	(acl_by_auth): Take a struct spki_tag argument.
	(spki_acl_by_authorization_next): Likewise.
	(spki_acl_by_authorization_first): Likewise.
	(spki_5_tuple_free_chain): Use spki_tag_release.

	* parse.c (spki_check_type): Deleted function.
	(spki_next_subexpr): Deleted function.
	(spki_parse_tag): Use spki_tag_compile to convert tag to internal
	representation. 

	* tag.c (string_equal, string_prefix): New functions.
	(tag_list, tag_atom, tag_range): New functions, isolating type
	casts. Replaced typecasts in the rest of the code with function
	calls.
	(spki_tag_set_new): Normalize sets with a single element. 
	(spki_tag_compile): Get the tag expressions in a list in the right
	order. 
	(spki_tag_from_sexp): New function.
	(atom_prefix): New function.
	(atom_equal): Change dto use new string type.
	(set_includes, list_includes, spki_tag_includes): Rewrote to work
	with the tree representation of tags, rather than with plain strings.

	* tag.c (struct spki_tag_range): Removed const.
	(spki_tag_compile): Removed const.
	(spki_tag_compile): Cast &spki_tag_any to a non-const pointer when
	returning it. 
	(spki_cons_nreverse): New function.
	(spki_tag_set_new): New function, normalizing sets inside sets.
	Also reordered functions, putting operations on strings and lists
	first. 

2002-11-22  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/tag-test.c (test_main): Added more tests.

	* tag.c (struct spki_tag, struct spki_cons, struct spki_string):
	New structs, used for representing a tag. Strings and tags are
	reference counted. Added a set of contructors and book-keeping
	functions. 
	(enum spki_range_type): New enum.
	(spki_tag_classify): An list must start with a string.
	(spki_tag_compile): New function.
	(spki_tag_release): New function.

	* tag.c (set_includes): Fixed recovery if matching fails in the
	middle of one of the elements.
	(spki_tag_includes): For SPKI_TAG_ANY, advance past the (*)
	expression.

2002-11-21  Niels Mller  <niels@s3.kth.se>

	* testsuite/testutils.h: Include tag.h.

	* testsuite/Makefile.am (TS_PROGS): Added tag-test.

	* testsuite/tag-test.c: Test cases for operations on tags.

2002-11-21  Niels Mller  <nisse@cuckoo.hack.org>

	* tag.c (tag_magic): Deleted function.
	(spki_tag_classify): New function.
	(spki_tag_intersect): Started work on intersections, far from
	finished. 

2002-11-20  Niels Mller  <nisse@cuckoo.hack.org>

	* certificate.c (spki_process_sequence_no_signatures): Process
	public-key expressions.

	* parse.c (spki_parse_prevexpr): Renamed and made non-static (was
	spki_last_expression). 

2002-11-19  Niels Mller  <nisse@cuckoo.hack.org>

	* Makefile.am (libspki_a_SOURCES): Added tag.c.

	* certificate.c (acl_by_auth, spki_acl_by_authorization_next) 
	(spki_acl_by_authorization_first): New functions.

	* tag.c, tag.h: New files.

	* testsuite/Makefile.am (TS_PROGS): Added lookup-acl-test.

	* testsuite/lookup-acl-test.c: New test program, for the
	spki_acl_by_authorization functions.

	* testsuite/testutils.c (read_acl): New function.
	* testsuite/read-acl-test.c (test_main): Use it.

2002-11-18  Niels Mller  <niels@s3.kth.se>

	* testsuite/testutils.h: Don't include spki-types.h.

	* testsuite/Makefile.am (AM_CPPFLAGS): Fixed obscure bug, we must
	use AM_CPPFLAGS, not AM_CFLAGS, to get include directories in the
	right order.

	* process-types: The gperf file should not include spki-types.h.

	* certificate.c (spki_check_type): Deleted function.
	(spki_acl_parse): Use new parsing conventions.
	(spki_process_sequence_no_signatures): Likewise.
	* testsuite/read-acl-test.c (test_main): Likewise.
	* testsuite/read-cert-test.c (read_cert): Likewise.

	* parse.h (struct spki_iterator): New struct for keeping track of
	parsing state. Rewrote parsing functions to use it.
	* parse.c (spki_iterator_first): New function.

	* testsuite/testutils.h: Include more header files.

	* testsuite/read-cert-test.c (read_cert): New function.

	* certificate.c (spki_cert_parse_body): Deleted function (replaced
	by code in parse.c).
	(spki_5_tuple_free_chain): New function.
	(spki_process_sequence_no_signatures): New function.

	* parse.c (spki_parse_cert): New function.

	* spki-types.in: Added do, sequence and signature.

	* Makefile.am (spki-gperf.h, spki-type-names.h, spki-types.h):
	Changed $(srcdir) handling again.

	* parse.c (spki_parse_acl_entry): New function.

	* certificate.c (parse_acl_entry): Deleted function (moved to
	parse.c).
	(spki_acl_parse): Rewrote to use spki_parse_acl_entry.

	* certificate.h (SPKI_MALLOC, SPKI_FREE, SPKI_NEW): New macros,
	moved from certificate.c.

2002-11-18  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/Makefile.am (TS_PROGS): Added date-test.

	* testsuite/testutils.h: Include string.h.

	* testsuite/read-cert-test.c (test_main): Check the validity
	information. 

	* testsuite/date-test.c: New file, testing spki_date functions.

	* spki-types.in: Added not-before and not-after.

	* certificate.h (struct spki_struct): New struct, containing a
	date string. 
	(struct spki_5_tuple): Use struct spki_date instead of time_t.

	* certificate.c (parse_valid): Deleted placeholder functiom.
	(parse_version): Deleted function, moved to parse.c.
	(parse_acl_entry): Use spki_parse_valid and spki_parse_version.
	(spki_cert_parse_body): Likewise.

	* parse.c (spki_parse_date): New function.
	(spki_parse_valid): New function.
	(spki_parse_version): New function.

	* certificate.c (spki_date_from_time_t): New function.
	(spki_date_cmp_time_t): New function.

2002-11-17  Niels Mller  <nisse@cuckoo.hack.org>

	* configure.ac: Removed RCS id line.

	* certificate.c (spki_dup): Made function non-static.
	(parse_tag_body): Deleted function.
	(parse_acl_entry): Follow new parser function conventions. Use
	spki_parse_tag, spki_parse_skip and spki_parse_end.
	(spki_acl_parse): Adapt to new conventions.
	(parse_skip_optional): Deleted function.
	(spki_cert_parse_body): Use spki_parse_tag.

	* parse.c (spki_parse_skip): New function, replacing
	certificate.c:parse_skip_optional. 
	(spki_parse_tag): New function, replacing
	certificate.c:parse_tag_body. 

	* Makefile.am (libspki_a_SOURCES): Added parse.c.

	* configure.ac: Check for gcc's __attribute__, and use AH_BOTTOM
	to define UNUSED, NORETURN and PRINTF_STYLE.

	* process-types: Renamed SPKI_TYPE_UNKNOWN to
	SPKI_TYPE_SYNTAX_ERROR. 

	* parse.h: New file.

	* parse.c: New file.
	(spki_intern): Moved function here, from certificate.c.
	(spki_parse_type): Likewise, and renamed from spki_get_type.
	(spki_parse_end): New function.
	(spki_parse_principal): New function, replacing...
	* certificate.c (parse_principal): ... deleted function.
	(parse_tag): Deleted function.
	(parse_tag, parse_acl_entry): Rewrite to use spki_parse_principal.
	(spki_cert_parse_body): Likewise.
	
2002-11-16  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/principal-test.c: Use testutils.h
	* testsuite/read-acl-test.c: Likewise.

	* testsuite/Makefile.am (TS_PROGS): Added read-cert-test.
	(LDADD): Added testutils.o.

	* testsuite/testutils.c, testsuite/testutils.h: New files.

	* testsuite/read-cert-test.c: New test case.

	* certificate.c (spki_get_type): Return SPKI_TYPE_END_OF_EXPR at
	end of expression.
	(parse_tag, parse_tag_body): Split parse_tag into two functions.
	(parse_valid): Placeholder for real function.
	(parse_version): New function.
	(parse_skip_optional): New function.
	(spki_cert_parse_body): New function.
	(spki_cert_parse): New function.

	* process-types: New pseudo-type SPKI_TYPE_END_OF_EXPR.

	* spki-types.in: Added cert, dispaly, issuer, issuer-info,
	subject-info. 

	* testsuite/Makefile.am (check): Set LD_LIBRARY_PATH when running
	tests. 

	* configure.ac: Check for GMP, and fail if it's not present.

2002-11-15  Niels Mller  <niels@s3.kth.se>

	* testsuite/Makefile.am (AM_LDFLAGS): Need -L../../nettle.
	(TS_PROGS): Added read-acl-test.

	* testsuite/read-acl-test.c: New test case.

	* testsuite/principal-test.c: Renamed file, was subject-test.c. 

	* certificate.c (hash_data): New function.
	(spki_principal_add_key): Made static. Use hash_data, and set the
	flags.
	(spki_principal_add_md5): New function.
	(spki_principal_add_sha1): New function.
	(spki_principal_by_key): Compare hashes. Create new principal if
	no old one matches.
	(spki_principal_by_md5): Check flag to see if md5 hash of each
	principal on the list is known.
	(spki_principal_by_sha1): Likewise, for sha1.
	(spki_check_type): Advance iterator past the matched type.
	(parse_principal): Handle hashes.
	(parse_tag): New function.
	(parse_acl_entry): Unlike certificates, subexpressions must come
	in order, and there's no <subject>-expression.
	(spki_acl_parse): Fixed version check.

	* certificate.h (struct spki_hashes): New struct.
	(enum spki_principal_flags): New enum.
	(struct spki_principal): Use flags to keep track of which hash
	values are known.
	(enum spki_5_tuple_flags): Renamed, was spki_flags.

	* spki-types.in: Added "comment" and "valid".

2002-11-14  Niels Mller  <niels@s3.kth.se>

	* spki-types.in: Added types public-key, md5 and sha1.

	* certificate.c (spki_principal_add_key): Deleted code for
	dynamic allocation of hash digests.
	(spki_principal_by_md5): New function.
	(spki_principal_by_sha1): New function.
	(parse_principal): Implemented handling of public key and hash
	expressions.

	* certificate.h (struct spki_principal): Store hashes directly in
	the struct, without pointers.

	* Makefile.am (bootstrap): New target.
	(spki-types.h, spki-type-names.h, spki-gperf.h): Create files in
	the source tree. 

2002-11-14  Niels Mller  <nisse@cuckoo.hack.org>

	* certificate.h (struct spki_5_tuple): Renamed (was spki_acl), and
	added issuer field.

2002-11-13  Niels Mller  <nisse@cuckoo.hack.org>

	* certificate.c: Include automatically generated files.
	(spki_intern): New function.
	(spki_get_type): New function.
	(spki_check_type): New function.
	(parse_principal): Placeholder for needed function.
	(parse_acl_entry): New function.
	(spki_acl_parse): Use parse_acl_entry.

	* Makefile.am: Added rules for process-types and related files.

	* spki-types.in: New file, containing listing spki's magic words.

	* process-types: New file, similar to lsh's process_atoms.

2002-11-13  Niels Mller  <niels@s3.kth.se>

	* certificate.c (spki_acl_parse): New function (not done yet).

	* certificate.h, certificate.c: Fixed terminology, refer to keys
	as "principals", not "subjects". 

	* Makefile.am (AM_CPPFLAGS): Use $(srcdir).
	* testsuite/Makefile.am (AM_CFLAGS): Use $(top_srcdir).

	* .bootstrap: Run autoheader before autoconf.

2002-11-13  Niels Mller  <nisse@cuckoo.hack.org>

	* testsuite/subject-test.c: First test case.

	* testsuite/run-tests: Copied from lsh:s testsuite.

	* certificate.c: Implemented basic handling of keys.