summaryrefslogtreecommitdiff
path: root/lib/includes
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@gnutls.org>2013-11-08 22:14:07 +0100
committerNikos Mavrogiannopoulos <nmav@gnutls.org>2013-11-08 22:17:10 +0100
commit76c93d23c073ef8b885503b7d28a31ffe2add6d8 (patch)
tree1dd2d22a197bc40c5330e516969a7cb1ae9bc96f /lib/includes
parent559a144f6bbcbb611453f82e655dd7438c14d1a7 (diff)
downloadgnutls-76c93d23c073ef8b885503b7d28a31ffe2add6d8.tar.gz
reindented code
Diffstat (limited to 'lib/includes')
-rw-r--r--lib/includes/gnutls/abstract.h709
-rw-r--r--lib/includes/gnutls/compat.h523
-rw-r--r--lib/includes/gnutls/crypto.h132
-rw-r--r--lib/includes/gnutls/dtls.h63
-rw-r--r--lib/includes/gnutls/gnutlsxx.h790
-rw-r--r--lib/includes/gnutls/ocsp.h287
-rw-r--r--lib/includes/gnutls/openpgp.h553
-rw-r--r--lib/includes/gnutls/pkcs11.h419
-rw-r--r--lib/includes/gnutls/pkcs12.h173
-rw-r--r--lib/includes/gnutls/tpm.h49
-rw-r--r--lib/includes/gnutls/x509.h1865
-rw-r--r--lib/includes/gnutls/xssl.h116
12 files changed, 2979 insertions, 2700 deletions
diff --git a/lib/includes/gnutls/abstract.h b/lib/includes/gnutls/abstract.h
index d030f0cce5..33767bc249 100644
--- a/lib/includes/gnutls/abstract.h
+++ b/lib/includes/gnutls/abstract.h
@@ -30,8 +30,7 @@
#include <gnutls/tpm.h>
#ifdef __cplusplus
-extern "C"
-{
+extern "C" {
#endif
/* Public key operations */
@@ -47,177 +46,209 @@ extern "C"
*
* Enumeration of different certificate import flags.
*/
- typedef enum gnutls_pubkey_flags
- {
- GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA = 1,
- GNUTLS_PUBKEY_DISABLE_CALLBACKS = 1<<2,
- GNUTLS_PUBKEY_GET_OPENPGP_FINGERPRINT = 1<<3,
- } gnutls_pubkey_flags_t;
-
-typedef int (*gnutls_privkey_sign_func) (gnutls_privkey_t key,
- void *userdata,
- const gnutls_datum_t * raw_data,
- gnutls_datum_t * signature);
-typedef int (*gnutls_privkey_decrypt_func) (gnutls_privkey_t key,
- void *userdata,
- const gnutls_datum_t * ciphertext,
- gnutls_datum_t * plaintext);
-
-typedef void (*gnutls_privkey_deinit_func) (gnutls_privkey_t key,
- void *userdata);
-
-int gnutls_pubkey_init (gnutls_pubkey_t * key);
-void gnutls_pubkey_deinit (gnutls_pubkey_t key);
-
-void gnutls_pubkey_set_pin_function (gnutls_pubkey_t key,
- gnutls_pin_callback_t fn, void *userdata);
-
-int gnutls_pubkey_get_pk_algorithm (gnutls_pubkey_t key, unsigned int *bits);
-
-int gnutls_pubkey_import_x509 (gnutls_pubkey_t key, gnutls_x509_crt_t crt,
- unsigned int flags);
-int gnutls_pubkey_import_x509_crq (gnutls_pubkey_t key, gnutls_x509_crq_t crq,
- unsigned int flags);
-int gnutls_pubkey_import_pkcs11 (gnutls_pubkey_t key,
- gnutls_pkcs11_obj_t obj, unsigned int flags);
-int gnutls_pubkey_import_openpgp (gnutls_pubkey_t key,
- gnutls_openpgp_crt_t crt,
- unsigned int flags);
-
-int gnutls_pubkey_import_openpgp_raw (gnutls_pubkey_t pkey,
- const gnutls_datum_t * data,
- gnutls_openpgp_crt_fmt_t format,
- const gnutls_openpgp_keyid_t keyid,
- unsigned int flags);
-int gnutls_pubkey_import_x509_raw (gnutls_pubkey_t pkey,
- const gnutls_datum_t * data,
- gnutls_x509_crt_fmt_t format,
- unsigned int flags);
-
-int
-gnutls_pubkey_import_privkey (gnutls_pubkey_t key, gnutls_privkey_t pkey,
- unsigned int usage, unsigned int flags);
-
-int
-gnutls_pubkey_import_tpm_url (gnutls_pubkey_t pkey,
- const char* url,
- const char *srk_password,
- unsigned int flags);
-
-int
-gnutls_pubkey_import_url (gnutls_pubkey_t key, const char *url,
- unsigned int flags);
-
-int
-gnutls_pubkey_import_tpm_raw (gnutls_pubkey_t pkey,
- const gnutls_datum_t * fdata,
- gnutls_tpmkey_fmt_t format,
- const char *srk_password,
- unsigned int flags);
-
-int gnutls_pubkey_get_preferred_hash_algorithm (gnutls_pubkey_t key,
- gnutls_digest_algorithm_t *
- hash, unsigned int *mand);
-
-int gnutls_pubkey_get_pk_rsa_raw (gnutls_pubkey_t key,
- gnutls_datum_t * m, gnutls_datum_t * e);
-int gnutls_pubkey_get_pk_dsa_raw (gnutls_pubkey_t key,
- gnutls_datum_t * p, gnutls_datum_t * q,
- gnutls_datum_t * g, gnutls_datum_t * y);
-int gnutls_pubkey_get_pk_ecc_raw (gnutls_pubkey_t key, gnutls_ecc_curve_t *curve,
- gnutls_datum_t * x, gnutls_datum_t * y);
-int gnutls_pubkey_get_pk_ecc_x962 (gnutls_pubkey_t key, gnutls_datum_t* parameters,
- gnutls_datum_t * ecpoint);
-
-int gnutls_pubkey_export (gnutls_pubkey_t key,
- gnutls_x509_crt_fmt_t format,
- void *output_data, size_t * output_data_size);
-
-int gnutls_pubkey_export2 (gnutls_pubkey_t key,
- gnutls_x509_crt_fmt_t format,
- gnutls_datum_t * out);
-
-int gnutls_pubkey_get_key_id (gnutls_pubkey_t key, unsigned int flags,
- unsigned char *output_data,
- size_t * output_data_size);
-
-int
-gnutls_pubkey_get_openpgp_key_id (gnutls_pubkey_t key, unsigned int flags,
- unsigned char *output_data,
- size_t * output_data_size,
- unsigned int *subkey);
-
-int gnutls_pubkey_get_key_usage (gnutls_pubkey_t key, unsigned int *usage);
-int gnutls_pubkey_set_key_usage (gnutls_pubkey_t key, unsigned int usage);
-
-int gnutls_pubkey_import (gnutls_pubkey_t key,
- const gnutls_datum_t * data,
- gnutls_x509_crt_fmt_t format);
-
-
-int gnutls_pubkey_import_pkcs11_url (gnutls_pubkey_t key, const char *url,
- unsigned int flags
- /* GNUTLS_PKCS11_OBJ_FLAG_* */ );
-int gnutls_pubkey_import_dsa_raw (gnutls_pubkey_t key,
- const gnutls_datum_t * p,
- const gnutls_datum_t * q,
- const gnutls_datum_t * g,
- const gnutls_datum_t * y);
-int gnutls_pubkey_import_rsa_raw (gnutls_pubkey_t key,
- const gnutls_datum_t * m,
- const gnutls_datum_t * e);
-
-int
-gnutls_pubkey_import_ecc_x962 (gnutls_pubkey_t key,
- const gnutls_datum_t * parameters,
- const gnutls_datum_t * ecpoint);
-
-int
-gnutls_pubkey_import_ecc_raw (gnutls_pubkey_t key,
- gnutls_ecc_curve_t curve,
- const gnutls_datum_t * x,
- const gnutls_datum_t * y);
-
-int
-gnutls_pubkey_encrypt_data (gnutls_pubkey_t key, unsigned int flags,
- const gnutls_datum_t * plaintext,
- gnutls_datum_t * ciphertext);
-
-int gnutls_x509_crt_set_pubkey (gnutls_x509_crt_t crt, gnutls_pubkey_t key);
-
-int gnutls_x509_crq_set_pubkey (gnutls_x509_crq_t crq, gnutls_pubkey_t key);
-
-int
-gnutls_pubkey_verify_hash2 (gnutls_pubkey_t key,
- gnutls_sign_algorithm_t algo,
- unsigned int flags,
- const gnutls_datum_t * hash,
- const gnutls_datum_t * signature);
-
-int
-gnutls_pubkey_get_verify_algorithm (gnutls_pubkey_t key,
- const gnutls_datum_t * signature,
- gnutls_digest_algorithm_t * hash);
-
-int
-gnutls_pubkey_verify_data2 (gnutls_pubkey_t pubkey,
- gnutls_sign_algorithm_t algo,
- unsigned int flags,
- const gnutls_datum_t * data,
- const gnutls_datum_t * signature);
+ typedef enum gnutls_pubkey_flags {
+ GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA = 1,
+ GNUTLS_PUBKEY_DISABLE_CALLBACKS = 1 << 2,
+ GNUTLS_PUBKEY_GET_OPENPGP_FINGERPRINT = 1 << 3,
+ } gnutls_pubkey_flags_t;
+
+ typedef int (*gnutls_privkey_sign_func) (gnutls_privkey_t key,
+ void *userdata,
+ const gnutls_datum_t *
+ raw_data,
+ gnutls_datum_t *
+ signature);
+ typedef int (*gnutls_privkey_decrypt_func) (gnutls_privkey_t key,
+ void *userdata,
+ const gnutls_datum_t *
+ ciphertext,
+ gnutls_datum_t *
+ plaintext);
+
+ typedef void (*gnutls_privkey_deinit_func) (gnutls_privkey_t key,
+ void *userdata);
+
+ int gnutls_pubkey_init(gnutls_pubkey_t * key);
+ void gnutls_pubkey_deinit(gnutls_pubkey_t key);
+
+ void gnutls_pubkey_set_pin_function(gnutls_pubkey_t key,
+ gnutls_pin_callback_t fn,
+ void *userdata);
+
+ int gnutls_pubkey_get_pk_algorithm(gnutls_pubkey_t key,
+ unsigned int *bits);
+
+ int gnutls_pubkey_import_x509(gnutls_pubkey_t key,
+ gnutls_x509_crt_t crt,
+ unsigned int flags);
+ int gnutls_pubkey_import_x509_crq(gnutls_pubkey_t key,
+ gnutls_x509_crq_t crq,
+ unsigned int flags);
+ int gnutls_pubkey_import_pkcs11(gnutls_pubkey_t key,
+ gnutls_pkcs11_obj_t obj,
+ unsigned int flags);
+ int gnutls_pubkey_import_openpgp(gnutls_pubkey_t key,
+ gnutls_openpgp_crt_t crt,
+ unsigned int flags);
+
+ int gnutls_pubkey_import_openpgp_raw(gnutls_pubkey_t pkey,
+ const gnutls_datum_t * data,
+ gnutls_openpgp_crt_fmt_t
+ format,
+ const gnutls_openpgp_keyid_t
+ keyid, unsigned int flags);
+ int gnutls_pubkey_import_x509_raw(gnutls_pubkey_t pkey,
+ const gnutls_datum_t * data,
+ gnutls_x509_crt_fmt_t format,
+ unsigned int flags);
+
+ int
+ gnutls_pubkey_import_privkey(gnutls_pubkey_t key,
+ gnutls_privkey_t pkey,
+ unsigned int usage,
+ unsigned int flags);
+
+ int
+ gnutls_pubkey_import_tpm_url(gnutls_pubkey_t pkey,
+ const char *url,
+ const char *srk_password,
+ unsigned int flags);
+
+ int
+ gnutls_pubkey_import_url(gnutls_pubkey_t key, const char *url,
+ unsigned int flags);
+
+ int
+ gnutls_pubkey_import_tpm_raw(gnutls_pubkey_t pkey,
+ const gnutls_datum_t * fdata,
+ gnutls_tpmkey_fmt_t format,
+ const char *srk_password,
+ unsigned int flags);
+
+ int gnutls_pubkey_get_preferred_hash_algorithm(gnutls_pubkey_t key,
+ gnutls_digest_algorithm_t
+ * hash,
+ unsigned int *mand);
+
+ int gnutls_pubkey_get_pk_rsa_raw(gnutls_pubkey_t key,
+ gnutls_datum_t * m,
+ gnutls_datum_t * e);
+ int gnutls_pubkey_get_pk_dsa_raw(gnutls_pubkey_t key,
+ gnutls_datum_t * p,
+ gnutls_datum_t * q,
+ gnutls_datum_t * g,
+ gnutls_datum_t * y);
+ int gnutls_pubkey_get_pk_ecc_raw(gnutls_pubkey_t key,
+ gnutls_ecc_curve_t * curve,
+ gnutls_datum_t * x,
+ gnutls_datum_t * y);
+ int gnutls_pubkey_get_pk_ecc_x962(gnutls_pubkey_t key,
+ gnutls_datum_t * parameters,
+ gnutls_datum_t * ecpoint);
+
+ int gnutls_pubkey_export(gnutls_pubkey_t key,
+ gnutls_x509_crt_fmt_t format,
+ void *output_data,
+ size_t * output_data_size);
+
+ int gnutls_pubkey_export2(gnutls_pubkey_t key,
+ gnutls_x509_crt_fmt_t format,
+ gnutls_datum_t * out);
+
+ int gnutls_pubkey_get_key_id(gnutls_pubkey_t key,
+ unsigned int flags,
+ unsigned char *output_data,
+ size_t * output_data_size);
+
+ int
+ gnutls_pubkey_get_openpgp_key_id(gnutls_pubkey_t key,
+ unsigned int flags,
+ unsigned char *output_data,
+ size_t * output_data_size,
+ unsigned int *subkey);
+
+ int gnutls_pubkey_get_key_usage(gnutls_pubkey_t key,
+ unsigned int *usage);
+ int gnutls_pubkey_set_key_usage(gnutls_pubkey_t key,
+ unsigned int usage);
+
+ int gnutls_pubkey_import(gnutls_pubkey_t key,
+ const gnutls_datum_t * data,
+ gnutls_x509_crt_fmt_t format);
+
+
+ int gnutls_pubkey_import_pkcs11_url(gnutls_pubkey_t key,
+ const char *url,
+ unsigned int flags
+ /* GNUTLS_PKCS11_OBJ_FLAG_* */
+ );
+ int gnutls_pubkey_import_dsa_raw(gnutls_pubkey_t key,
+ const gnutls_datum_t * p,
+ const gnutls_datum_t * q,
+ const gnutls_datum_t * g,
+ const gnutls_datum_t * y);
+ int gnutls_pubkey_import_rsa_raw(gnutls_pubkey_t key,
+ const gnutls_datum_t * m,
+ const gnutls_datum_t * e);
+
+ int
+ gnutls_pubkey_import_ecc_x962(gnutls_pubkey_t key,
+ const gnutls_datum_t * parameters,
+ const gnutls_datum_t * ecpoint);
+
+ int
+ gnutls_pubkey_import_ecc_raw(gnutls_pubkey_t key,
+ gnutls_ecc_curve_t curve,
+ const gnutls_datum_t * x,
+ const gnutls_datum_t * y);
+
+ int
+ gnutls_pubkey_encrypt_data(gnutls_pubkey_t key,
+ unsigned int flags,
+ const gnutls_datum_t * plaintext,
+ gnutls_datum_t * ciphertext);
+
+ int gnutls_x509_crt_set_pubkey(gnutls_x509_crt_t crt,
+ gnutls_pubkey_t key);
+
+ int gnutls_x509_crq_set_pubkey(gnutls_x509_crq_t crq,
+ gnutls_pubkey_t key);
+
+ int
+ gnutls_pubkey_verify_hash2(gnutls_pubkey_t key,
+ gnutls_sign_algorithm_t algo,
+ unsigned int flags,
+ const gnutls_datum_t * hash,
+ const gnutls_datum_t * signature);
+
+ int
+ gnutls_pubkey_get_verify_algorithm(gnutls_pubkey_t key,
+ const gnutls_datum_t *
+ signature,
+ gnutls_digest_algorithm_t *
+ hash);
+
+ int
+ gnutls_pubkey_verify_data2(gnutls_pubkey_t pubkey,
+ gnutls_sign_algorithm_t algo,
+ unsigned int flags,
+ const gnutls_datum_t * data,
+ const gnutls_datum_t * signature);
/* Private key operations */
-int gnutls_privkey_init (gnutls_privkey_t * key);
-void gnutls_privkey_deinit (gnutls_privkey_t key);
+ int gnutls_privkey_init(gnutls_privkey_t * key);
+ void gnutls_privkey_deinit(gnutls_privkey_t key);
-void gnutls_privkey_set_pin_function (gnutls_privkey_t key,
- gnutls_pin_callback_t fn, void *userdata);
+ void gnutls_privkey_set_pin_function(gnutls_privkey_t key,
+ gnutls_pin_callback_t fn,
+ void *userdata);
-int gnutls_privkey_get_pk_algorithm (gnutls_privkey_t key,
- unsigned int *bits);
-gnutls_privkey_type_t gnutls_privkey_get_type (gnutls_privkey_t key);
-int gnutls_privkey_status (gnutls_privkey_t key);
+ int gnutls_privkey_get_pk_algorithm(gnutls_privkey_t key,
+ unsigned int *bits);
+ gnutls_privkey_type_t gnutls_privkey_get_type(gnutls_privkey_t
+ key);
+ int gnutls_privkey_status(gnutls_privkey_t key);
/**
* gnutls_privkey_flags:
@@ -230,102 +261,109 @@ int gnutls_privkey_status (gnutls_privkey_t key);
*
* Enumeration of different certificate import flags.
*/
- typedef enum gnutls_privkey_flags
- {
- GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE = 1,
- GNUTLS_PRIVKEY_IMPORT_COPY = 1<<1,
- GNUTLS_PRIVKEY_DISABLE_CALLBACKS = 1<<2,
- GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA = 1<<4,
- } gnutls_privkey_flags_t;
-
-int gnutls_privkey_import_pkcs11 (gnutls_privkey_t pkey,
- gnutls_pkcs11_privkey_t key,
- unsigned int flags);
-int gnutls_privkey_import_x509 (gnutls_privkey_t pkey,
- gnutls_x509_privkey_t key,
- unsigned int flags);
-int gnutls_privkey_import_openpgp (gnutls_privkey_t pkey,
- gnutls_openpgp_privkey_t key,
- unsigned int flags);
-
-int gnutls_privkey_import_openpgp_raw (gnutls_privkey_t pkey,
- const gnutls_datum_t * data,
- gnutls_openpgp_crt_fmt_t format,
- const gnutls_openpgp_keyid_t keyid,
- const char* password);
-
-int gnutls_privkey_import_x509_raw (gnutls_privkey_t pkey,
- const gnutls_datum_t * data,
- gnutls_x509_crt_fmt_t format,
- const char* password, unsigned int flags);
-
-int
-gnutls_privkey_import_tpm_raw (gnutls_privkey_t pkey,
- const gnutls_datum_t * fdata,
- gnutls_tpmkey_fmt_t format,
- const char *srk_password,
- const char *key_password, unsigned int flags);
-
-int
-gnutls_privkey_import_tpm_url (gnutls_privkey_t pkey,
- const char* url, const char *srk_password, const char *key_password,
- unsigned int flags);
-
-int gnutls_privkey_import_url (gnutls_privkey_t key, const char *url, unsigned int flags);
-
-int gnutls_privkey_import_pkcs11_url (gnutls_privkey_t key, const char *url);
-
-int
-gnutls_privkey_import_ext (gnutls_privkey_t pkey,
- gnutls_pk_algorithm_t pk,
- void* userdata,
- gnutls_privkey_sign_func sign_func,
- gnutls_privkey_decrypt_func decrypt_func,
- unsigned int flags);
-
-int
-gnutls_privkey_import_ext2 (gnutls_privkey_t pkey,
- gnutls_pk_algorithm_t pk,
- void* userdata,
- gnutls_privkey_sign_func sign_func,
- gnutls_privkey_decrypt_func decrypt_func,
- gnutls_privkey_deinit_func deinit_func,
- unsigned int flags);
-
-int gnutls_privkey_sign_data (gnutls_privkey_t signer,
- gnutls_digest_algorithm_t hash,
- unsigned int flags,
- const gnutls_datum_t * data,
- gnutls_datum_t * signature);
-
-int gnutls_privkey_sign_hash (gnutls_privkey_t signer,
- gnutls_digest_algorithm_t hash_algo,
- unsigned int flags,
- const gnutls_datum_t * hash_data,
- gnutls_datum_t * signature);
-
-
-int gnutls_privkey_decrypt_data (gnutls_privkey_t key,
- unsigned int flags,
- const gnutls_datum_t * ciphertext,
- gnutls_datum_t * plaintext);
-
-int gnutls_x509_crt_privkey_sign (gnutls_x509_crt_t crt,
- gnutls_x509_crt_t issuer,
- gnutls_privkey_t issuer_key,
- gnutls_digest_algorithm_t dig,
- unsigned int flags);
-
-int gnutls_x509_crl_privkey_sign (gnutls_x509_crl_t crl,
- gnutls_x509_crt_t issuer,
- gnutls_privkey_t issuer_key,
- gnutls_digest_algorithm_t dig,
- unsigned int flags);
-
-int gnutls_x509_crq_privkey_sign (gnutls_x509_crq_t crq,
- gnutls_privkey_t key,
- gnutls_digest_algorithm_t dig,
- unsigned int flags);
+ typedef enum gnutls_privkey_flags {
+ GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE = 1,
+ GNUTLS_PRIVKEY_IMPORT_COPY = 1 << 1,
+ GNUTLS_PRIVKEY_DISABLE_CALLBACKS = 1 << 2,
+ GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA = 1 << 4,
+ } gnutls_privkey_flags_t;
+
+ int gnutls_privkey_import_pkcs11(gnutls_privkey_t pkey,
+ gnutls_pkcs11_privkey_t key,
+ unsigned int flags);
+ int gnutls_privkey_import_x509(gnutls_privkey_t pkey,
+ gnutls_x509_privkey_t key,
+ unsigned int flags);
+ int gnutls_privkey_import_openpgp(gnutls_privkey_t pkey,
+ gnutls_openpgp_privkey_t key,
+ unsigned int flags);
+
+ int gnutls_privkey_import_openpgp_raw(gnutls_privkey_t pkey,
+ const gnutls_datum_t * data,
+ gnutls_openpgp_crt_fmt_t
+ format,
+ const gnutls_openpgp_keyid_t
+ keyid, const char *password);
+
+ int gnutls_privkey_import_x509_raw(gnutls_privkey_t pkey,
+ const gnutls_datum_t * data,
+ gnutls_x509_crt_fmt_t format,
+ const char *password,
+ unsigned int flags);
+
+ int
+ gnutls_privkey_import_tpm_raw(gnutls_privkey_t pkey,
+ const gnutls_datum_t * fdata,
+ gnutls_tpmkey_fmt_t format,
+ const char *srk_password,
+ const char *key_password,
+ unsigned int flags);
+
+ int
+ gnutls_privkey_import_tpm_url(gnutls_privkey_t pkey,
+ const char *url,
+ const char *srk_password,
+ const char *key_password,
+ unsigned int flags);
+
+ int gnutls_privkey_import_url(gnutls_privkey_t key,
+ const char *url, unsigned int flags);
+
+ int gnutls_privkey_import_pkcs11_url(gnutls_privkey_t key,
+ const char *url);
+
+ int
+ gnutls_privkey_import_ext(gnutls_privkey_t pkey,
+ gnutls_pk_algorithm_t pk,
+ void *userdata,
+ gnutls_privkey_sign_func sign_func,
+ gnutls_privkey_decrypt_func
+ decrypt_func, unsigned int flags);
+
+ int
+ gnutls_privkey_import_ext2(gnutls_privkey_t pkey,
+ gnutls_pk_algorithm_t pk,
+ void *userdata,
+ gnutls_privkey_sign_func sign_func,
+ gnutls_privkey_decrypt_func
+ decrypt_func,
+ gnutls_privkey_deinit_func deinit_func,
+ unsigned int flags);
+
+ int gnutls_privkey_sign_data(gnutls_privkey_t signer,
+ gnutls_digest_algorithm_t hash,
+ unsigned int flags,
+ const gnutls_datum_t * data,
+ gnutls_datum_t * signature);
+
+ int gnutls_privkey_sign_hash(gnutls_privkey_t signer,
+ gnutls_digest_algorithm_t hash_algo,
+ unsigned int flags,
+ const gnutls_datum_t * hash_data,
+ gnutls_datum_t * signature);
+
+
+ int gnutls_privkey_decrypt_data(gnutls_privkey_t key,
+ unsigned int flags,
+ const gnutls_datum_t * ciphertext,
+ gnutls_datum_t * plaintext);
+
+ int gnutls_x509_crt_privkey_sign(gnutls_x509_crt_t crt,
+ gnutls_x509_crt_t issuer,
+ gnutls_privkey_t issuer_key,
+ gnutls_digest_algorithm_t dig,
+ unsigned int flags);
+
+ int gnutls_x509_crl_privkey_sign(gnutls_x509_crl_t crl,
+ gnutls_x509_crt_t issuer,
+ gnutls_privkey_t issuer_key,
+ gnutls_digest_algorithm_t dig,
+ unsigned int flags);
+
+ int gnutls_x509_crq_privkey_sign(gnutls_x509_crq_t crq,
+ gnutls_privkey_t key,
+ gnutls_digest_algorithm_t dig,
+ unsigned int flags);
/**
* gnutls_pcert_st:
@@ -335,88 +373,101 @@ int gnutls_x509_crq_privkey_sign (gnutls_x509_crq_t crq,
*
* A parsed certificate.
*/
-typedef struct gnutls_pcert_st
-{
- gnutls_pubkey_t pubkey;
- gnutls_datum_t cert;
- gnutls_certificate_type_t type;
-} gnutls_pcert_st;
+ typedef struct gnutls_pcert_st {
+ gnutls_pubkey_t pubkey;
+ gnutls_datum_t cert;
+ gnutls_certificate_type_t type;
+ } gnutls_pcert_st;
/* Do not initialize the "cert" element of
* the certificate */
#define GNUTLS_PCERT_NO_CERT 1
-int gnutls_pcert_import_x509 (gnutls_pcert_st* pcert,
- gnutls_x509_crt_t crt, unsigned int flags);
+ int gnutls_pcert_import_x509(gnutls_pcert_st * pcert,
+ gnutls_x509_crt_t crt,
+ unsigned int flags);
-int
-gnutls_pcert_list_import_x509_raw (gnutls_pcert_st * pcerts,
- unsigned int *pcert_max,
- const gnutls_datum_t * data,
- gnutls_x509_crt_fmt_t format, unsigned int flags);
+ int
+ gnutls_pcert_list_import_x509_raw(gnutls_pcert_st * pcerts,
+ unsigned int *pcert_max,
+ const gnutls_datum_t * data,
+ gnutls_x509_crt_fmt_t format,
+ unsigned int flags);
-int gnutls_pcert_import_x509_raw (gnutls_pcert_st* pcert,
- const gnutls_datum_t* cert,
- gnutls_x509_crt_fmt_t format, unsigned int flags);
+ int gnutls_pcert_import_x509_raw(gnutls_pcert_st * pcert,
+ const gnutls_datum_t * cert,
+ gnutls_x509_crt_fmt_t format,
+ unsigned int flags);
-int gnutls_pcert_import_openpgp_raw (gnutls_pcert_st* pcert,
- const gnutls_datum_t* cert,
- gnutls_openpgp_crt_fmt_t format,
- gnutls_openpgp_keyid_t keyid, unsigned int flags);
+ int gnutls_pcert_import_openpgp_raw(gnutls_pcert_st * pcert,
+ const gnutls_datum_t * cert,
+ gnutls_openpgp_crt_fmt_t
+ format,
+ gnutls_openpgp_keyid_t keyid,
+ unsigned int flags);
-int gnutls_pcert_import_openpgp (gnutls_pcert_st* pcert,
- gnutls_openpgp_crt_t crt, unsigned int flags);
+ int gnutls_pcert_import_openpgp(gnutls_pcert_st * pcert,
+ gnutls_openpgp_crt_t crt,
+ unsigned int flags);
-void gnutls_pcert_deinit (gnutls_pcert_st* pcert);
+ void gnutls_pcert_deinit(gnutls_pcert_st * pcert);
/* For certificate credentials */
- /* This is the same as gnutls_certificate_retrieve_function()
- * but retrieves a gnutls_pcert_st which requires much less processing
- * within the library.
- */
- typedef int gnutls_certificate_retrieve_function2 (gnutls_session_t,
- const gnutls_datum_t *
- req_ca_rdn,
- int nreqs,
- const
- gnutls_pk_algorithm_t
- * pk_algos,
- int pk_algos_length,
- gnutls_pcert_st **,
- unsigned int *pcert_length,
- gnutls_privkey_t *privkey);
-
-
-void gnutls_certificate_set_retrieve_function2 (
- gnutls_certificate_credentials_t cred,
- gnutls_certificate_retrieve_function2 * func);
-
-int
-gnutls_certificate_set_key (gnutls_certificate_credentials_t res,
- const char** names,
- int names_size,
- gnutls_pcert_st * pcert_list,
- int pcert_list_size,
- gnutls_privkey_t key);
+ /* This is the same as gnutls_certificate_retrieve_function()
+ * but retrieves a gnutls_pcert_st which requires much less processing
+ * within the library.
+ */
+ typedef int gnutls_certificate_retrieve_function2(gnutls_session_t,
+ const
+ gnutls_datum_t *
+ req_ca_rdn,
+ int nreqs, const
+ gnutls_pk_algorithm_t
+ * pk_algos,
+ int
+ pk_algos_length,
+ gnutls_pcert_st
+ **,
+ unsigned int
+ *pcert_length,
+ gnutls_privkey_t
+ * privkey);
+
+
+ void gnutls_certificate_set_retrieve_function2
+ (gnutls_certificate_credentials_t cred,
+ gnutls_certificate_retrieve_function2 * func);
+
+ int
+ gnutls_certificate_set_key(gnutls_certificate_credentials_t res,
+ const char **names,
+ int names_size,
+ gnutls_pcert_st * pcert_list,
+ int pcert_list_size,
+ gnutls_privkey_t key);
#include <gnutls/compat.h>
-int gnutls_pubkey_verify_data (gnutls_pubkey_t pubkey,
- unsigned int flags,
- const gnutls_datum_t * data,
- const gnutls_datum_t * signature) _GNUTLS_GCC_ATTR_DEPRECATED;
-
-int gnutls_pubkey_verify_hash (gnutls_pubkey_t key, unsigned int flags,
- const gnutls_datum_t * hash,
- const gnutls_datum_t * signature) _GNUTLS_GCC_ATTR_DEPRECATED;
-
-int
-gnutls_pubkey_print (gnutls_pubkey_t pubkey,
- gnutls_certificate_print_formats_t format,
- gnutls_datum_t * out);
+ int gnutls_pubkey_verify_data(gnutls_pubkey_t pubkey,
+ unsigned int flags,
+ const gnutls_datum_t * data,
+ const gnutls_datum_t *
+ signature)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+
+ int gnutls_pubkey_verify_hash(gnutls_pubkey_t key,
+ unsigned int flags,
+ const gnutls_datum_t * hash,
+ const gnutls_datum_t *
+ signature)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+
+ int
+ gnutls_pubkey_print(gnutls_pubkey_t pubkey,
+ gnutls_certificate_print_formats_t format,
+ gnutls_datum_t * out);
#ifdef __cplusplus
}
#endif
-
#endif
diff --git a/lib/includes/gnutls/compat.h b/lib/includes/gnutls/compat.h
index 2e829fc9f3..4a330e5bfb 100644
--- a/lib/includes/gnutls/compat.h
+++ b/lib/includes/gnutls/compat.h
@@ -26,8 +26,7 @@
#define _GNUTLS_COMPAT_H
#ifdef __cplusplus
-extern "C"
-{
+extern "C" {
#endif
#ifdef __GNUC__
@@ -40,50 +39,84 @@ extern "C"
#endif
#endif
-#endif /* __GNUC__ */
+#endif /* __GNUC__ */
#ifndef _GNUTLS_GCC_ATTR_DEPRECATED
#define _GNUTLS_GCC_ATTR_DEPRECATED
#endif
/* gnutls_connection_end_t was made redundant in 2.99.0 */
-typedef unsigned int gnutls_connection_end_t _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef unsigned int gnutls_connection_end_t
+ _GNUTLS_GCC_ATTR_DEPRECATED;
/* Stuff deprected in 2.x */
-typedef gnutls_cipher_algorithm_t gnutls_cipher_algorithm _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_kx_algorithm_t gnutls_kx_algorithm _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_mac_algorithm_t gnutls_mac_algorithm _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_digest_algorithm_t gnutls_digest_algorithm _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_compression_method_t gnutls_compression_method _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_connection_end_t gnutls_connection_end _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_x509_crt_fmt_t gnutls_x509_crt_fmt _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_pk_algorithm_t gnutls_pk_algorithm _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_sign_algorithm_t gnutls_sign_algorithm _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_close_request_t gnutls_close_request _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_certificate_request_t gnutls_certificate_request _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_certificate_status_t gnutls_certificate_status _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_session_t gnutls_session _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_alert_level_t gnutls_alert_level _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_alert_description_t gnutls_alert_description _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_x509_subject_alt_name_t gnutls_x509_subject_alt_name _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_openpgp_privkey_t gnutls_openpgp_privkey _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_openpgp_keyring_t gnutls_openpgp_keyring _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_x509_crt_t gnutls_x509_crt _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_x509_privkey_t gnutls_x509_privkey _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_x509_crl_t gnutls_x509_crl _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_x509_crq_t gnutls_x509_crq _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_certificate_credentials_t gnutls_certificate_credentials _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_anon_server_credentials_t gnutls_anon_server_credentials _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_anon_client_credentials_t gnutls_anon_client_credentials _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_srp_client_credentials_t gnutls_srp_client_credentials _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_srp_server_credentials_t gnutls_srp_server_credentials _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_dh_params_t gnutls_dh_params _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_rsa_params_t gnutls_rsa_params _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_params_type_t gnutls_params_type _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_credentials_type_t gnutls_credentials_type _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_certificate_type_t gnutls_certificate_type _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_datum_t gnutls_datum _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_transport_ptr_t gnutls_transport_ptr _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_cipher_algorithm_t gnutls_cipher_algorithm
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_kx_algorithm_t gnutls_kx_algorithm
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_mac_algorithm_t gnutls_mac_algorithm
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_digest_algorithm_t gnutls_digest_algorithm
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_compression_method_t gnutls_compression_method
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_connection_end_t gnutls_connection_end
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_x509_crt_fmt_t gnutls_x509_crt_fmt
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_pk_algorithm_t gnutls_pk_algorithm
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_sign_algorithm_t gnutls_sign_algorithm
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_close_request_t gnutls_close_request
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_certificate_request_t gnutls_certificate_request
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_certificate_status_t gnutls_certificate_status
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_session_t gnutls_session
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_alert_level_t gnutls_alert_level
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_alert_description_t gnutls_alert_description
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_x509_subject_alt_name_t gnutls_x509_subject_alt_name
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_openpgp_privkey_t gnutls_openpgp_privkey
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_openpgp_keyring_t gnutls_openpgp_keyring
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_x509_crt_t gnutls_x509_crt
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_x509_privkey_t gnutls_x509_privkey
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_x509_crl_t gnutls_x509_crl
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_x509_crq_t gnutls_x509_crq
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_certificate_credentials_t
+ gnutls_certificate_credentials _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_anon_server_credentials_t
+ gnutls_anon_server_credentials _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_anon_client_credentials_t
+ gnutls_anon_client_credentials _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_srp_client_credentials_t
+ gnutls_srp_client_credentials _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_srp_server_credentials_t
+ gnutls_srp_server_credentials _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_dh_params_t gnutls_dh_params
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_rsa_params_t gnutls_rsa_params
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_params_type_t gnutls_params_type
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_credentials_type_t gnutls_credentials_type
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_certificate_type_t gnutls_certificate_type
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_datum_t gnutls_datum _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_transport_ptr_t gnutls_transport_ptr
+ _GNUTLS_GCC_ATTR_DEPRECATED;
/* Old SRP alerts removed in 2.1.x because the TLS-SRP RFC was
modified to use the PSK alert. */
@@ -94,8 +127,10 @@ typedef gnutls_transport_ptr_t gnutls_transport_ptr _GNUTLS_GCC_ATTR_DEPRECATED;
#define GNUTLS_OPENPGP_KEY GNUTLS_OPENPGP_CERT
#define GNUTLS_OPENPGP_KEY_FINGERPRINT GNUTLS_OPENPGP_CERT_FINGERPRINT
#define gnutls_openpgp_send_key gnutls_openpgp_send_cert
-typedef gnutls_openpgp_crt_status_t gnutls_openpgp_key_status_t _GNUTLS_GCC_ATTR_DEPRECATED;
-typedef gnutls_openpgp_crt_t gnutls_openpgp_key_t _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_openpgp_crt_status_t gnutls_openpgp_key_status_t
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef gnutls_openpgp_crt_t gnutls_openpgp_key_t
+ _GNUTLS_GCC_ATTR_DEPRECATED;
#define gnutls_openpgp_key_init gnutls_openpgp_crt_init
#define gnutls_openpgp_key_deinit gnutls_openpgp_crt_deinit
#define gnutls_openpgp_key_import gnutls_openpgp_crt_import
@@ -130,211 +165,239 @@ typedef gnutls_openpgp_crt_t gnutls_openpgp_key_t _GNUTLS_GCC_ATTR_DEPRECATED;
/* The gnutls_retr_st was deprecated by gnutls_certificate_retrieve_function()
* and gnutls_retr2_st.
*/
-typedef struct gnutls_retr_st
-{
- gnutls_certificate_type_t type;
- union
- {
- gnutls_x509_crt_t *x509;
- gnutls_openpgp_crt_t pgp;
- } cert;
- unsigned int ncerts; /* one for pgp keys */
-
- union
- {
- gnutls_x509_privkey_t x509;
- gnutls_openpgp_privkey_t pgp;
- } key;
-
- unsigned int deinit_all; /* if non zero all keys will be deinited */
-} gnutls_retr_st;
-
-typedef int gnutls_certificate_client_retrieve_function (gnutls_session_t,
- const
- gnutls_datum_t *
- req_ca_rdn,
- int nreqs,
- const
- gnutls_pk_algorithm_t
- * pk_algos,
- int
- pk_algos_length,
- gnutls_retr_st *);
-typedef int gnutls_certificate_server_retrieve_function (gnutls_session_t,
- gnutls_retr_st *);
-
-void gnutls_certificate_client_set_retrieve_function
- (gnutls_certificate_credentials_t cred,
- gnutls_certificate_client_retrieve_function *
- func) _GNUTLS_GCC_ATTR_DEPRECATED;
-void
- gnutls_certificate_server_set_retrieve_function
- (gnutls_certificate_credentials_t cred,
- gnutls_certificate_server_retrieve_function *
- func) _GNUTLS_GCC_ATTR_DEPRECATED;
-
- /* External signing callback. No longer supported because it
- * was deprecated by the PKCS #11 API or gnutls_privkey_import_ext. */
-typedef int (*gnutls_sign_func) (gnutls_session_t session,
- void *userdata,
- gnutls_certificate_type_t cert_type,
- const gnutls_datum_t * cert,
- const gnutls_datum_t * hash,
- gnutls_datum_t * signature);
-
-void
-gnutls_sign_callback_set (gnutls_session_t session,
- gnutls_sign_func sign_func, void *userdata)
- _GNUTLS_GCC_ATTR_DEPRECATED;
-gnutls_sign_func
-gnutls_sign_callback_get (gnutls_session_t session, void **userdata)
- _GNUTLS_GCC_ATTR_DEPRECATED;
+ typedef struct gnutls_retr_st {
+ gnutls_certificate_type_t type;
+ union {
+ gnutls_x509_crt_t *x509;
+ gnutls_openpgp_crt_t pgp;
+ } cert;
+ unsigned int ncerts; /* one for pgp keys */
+
+ union {
+ gnutls_x509_privkey_t x509;
+ gnutls_openpgp_privkey_t pgp;
+ } key;
+
+ unsigned int deinit_all; /* if non zero all keys will be deinited */
+ } gnutls_retr_st;
+
+ typedef int
+ gnutls_certificate_client_retrieve_function(gnutls_session_t,
+ const
+ gnutls_datum_t *
+ req_ca_rdn,
+ int nreqs, const
+ gnutls_pk_algorithm_t
+ * pk_algos, int
+ pk_algos_length,
+ gnutls_retr_st *);
+ typedef int
+ gnutls_certificate_server_retrieve_function(gnutls_session_t,
+ gnutls_retr_st *);
+
+ void gnutls_certificate_client_set_retrieve_function
+ (gnutls_certificate_credentials_t cred,
+ gnutls_certificate_client_retrieve_function *
+ func) _GNUTLS_GCC_ATTR_DEPRECATED;
+ void
+ gnutls_certificate_server_set_retrieve_function
+ (gnutls_certificate_credentials_t cred,
+ gnutls_certificate_server_retrieve_function *
+ func) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+ /* External signing callback. No longer supported because it
+ * was deprecated by the PKCS #11 API or gnutls_privkey_import_ext. */
+ typedef int (*gnutls_sign_func) (gnutls_session_t session,
+ void *userdata,
+ gnutls_certificate_type_t
+ cert_type,
+ const gnutls_datum_t * cert,
+ const gnutls_datum_t * hash,
+ gnutls_datum_t * signature);
+
+ void
+ gnutls_sign_callback_set(gnutls_session_t session,
+ gnutls_sign_func sign_func,
+ void *userdata)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ gnutls_sign_func
+ gnutls_sign_callback_get(gnutls_session_t session,
+ void **userdata)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
/* This is a very dangerous and error-prone function.
* Use gnutls_privkey_sign_hash() instead.
*/
- int gnutls_x509_privkey_sign_hash (gnutls_x509_privkey_t key,
- const gnutls_datum_t * hash,
- gnutls_datum_t * signature)
- _GNUTLS_GCC_ATTR_DEPRECATED;
+ int gnutls_x509_privkey_sign_hash(gnutls_x509_privkey_t key,
+ const gnutls_datum_t * hash,
+ gnutls_datum_t * signature)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
- int gnutls_openpgp_privkey_sign_hash (gnutls_openpgp_privkey_t key,
- const gnutls_datum_t * hash,
- gnutls_datum_t * signature)
- _GNUTLS_GCC_ATTR_DEPRECATED;
+ int gnutls_openpgp_privkey_sign_hash(gnutls_openpgp_privkey_t key,
+ const gnutls_datum_t * hash,
+ gnutls_datum_t * signature)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
/* we support the gnutls_privkey_sign_data() instead.
*/
- int gnutls_x509_privkey_sign_data (gnutls_x509_privkey_t key,
- gnutls_digest_algorithm_t digest,
- unsigned int flags,
- const gnutls_datum_t * data,
- void *signature,
- size_t * signature_size)
- _GNUTLS_GCC_ATTR_DEPRECATED;
-
- /* gnutls_pubkey_verify_data() */
- int gnutls_x509_crt_verify_data (gnutls_x509_crt_t crt,
- unsigned int flags,
- const gnutls_datum_t * data,
- const gnutls_datum_t * signature)
- _GNUTLS_GCC_ATTR_DEPRECATED;
-
-
- /* gnutls_pubkey_verify_hash() */
- int gnutls_x509_crt_verify_hash (gnutls_x509_crt_t crt,
- unsigned int flags,
- const gnutls_datum_t * hash,
- const gnutls_datum_t * signature)
- _GNUTLS_GCC_ATTR_DEPRECATED;
-
- /* gnutls_pubkey_get_verify_algorithm() */
- int gnutls_x509_crt_get_verify_algorithm (gnutls_x509_crt_t crt,
- const gnutls_datum_t * signature,
- gnutls_digest_algorithm_t * hash)
- _GNUTLS_GCC_ATTR_DEPRECATED;
-
- /* gnutls_pubkey_get_preferred_hash_algorithm() */
- int gnutls_x509_crt_get_preferred_hash_algorithm (gnutls_x509_crt_t crt,
- gnutls_digest_algorithm_t
- * hash,
- unsigned int *mand)
- _GNUTLS_GCC_ATTR_DEPRECATED;
-
- /* gnutls_x509_crq_privkey_sign() */
- int gnutls_x509_crq_sign (gnutls_x509_crq_t crq, gnutls_x509_privkey_t key)
- _GNUTLS_GCC_ATTR_DEPRECATED;
-
-
-
- /* gnutls_x509_crl_privkey_sign */
- int gnutls_x509_crl_sign (gnutls_x509_crl_t crl,
- gnutls_x509_crt_t issuer,
- gnutls_x509_privkey_t issuer_key)
- _GNUTLS_GCC_ATTR_DEPRECATED;
-
- /* functions to set priority of cipher suites
- */
- int gnutls_cipher_set_priority (gnutls_session_t session, const int *list)
- _GNUTLS_GCC_ATTR_DEPRECATED;
- int gnutls_mac_set_priority (gnutls_session_t session, const int *list)
- _GNUTLS_GCC_ATTR_DEPRECATED;
- int gnutls_compression_set_priority (gnutls_session_t session,
- const int *list)
- _GNUTLS_GCC_ATTR_DEPRECATED;
- int gnutls_kx_set_priority (gnutls_session_t session, const int *list)
- _GNUTLS_GCC_ATTR_DEPRECATED;
- int gnutls_protocol_set_priority (gnutls_session_t session,
- const int *list)
- _GNUTLS_GCC_ATTR_DEPRECATED;
- int gnutls_certificate_type_set_priority (gnutls_session_t session,
- const int *list)
- _GNUTLS_GCC_ATTR_DEPRECATED;
+ int gnutls_x509_privkey_sign_data(gnutls_x509_privkey_t key,
+ gnutls_digest_algorithm_t digest,
+ unsigned int flags,
+ const gnutls_datum_t * data,
+ void *signature,
+ size_t * signature_size)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+
+ /* gnutls_pubkey_verify_data() */
+ int gnutls_x509_crt_verify_data(gnutls_x509_crt_t crt,
+ unsigned int flags,
+ const gnutls_datum_t * data,
+ const gnutls_datum_t * signature)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+
+
+ /* gnutls_pubkey_verify_hash() */
+ int gnutls_x509_crt_verify_hash(gnutls_x509_crt_t crt,
+ unsigned int flags,
+ const gnutls_datum_t * hash,
+ const gnutls_datum_t * signature)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+
+ /* gnutls_pubkey_get_verify_algorithm() */
+ int gnutls_x509_crt_get_verify_algorithm(gnutls_x509_crt_t crt,
+ const gnutls_datum_t *
+ signature,
+ gnutls_digest_algorithm_t
+ * hash)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+
+ /* gnutls_pubkey_get_preferred_hash_algorithm() */
+ int gnutls_x509_crt_get_preferred_hash_algorithm(gnutls_x509_crt_t
+ crt,
+ gnutls_digest_algorithm_t
+ * hash,
+ unsigned int
+ *mand)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+
+ /* gnutls_x509_crq_privkey_sign() */
+ int gnutls_x509_crq_sign(gnutls_x509_crq_t crq,
+ gnutls_x509_privkey_t key)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+
+
+
+ /* gnutls_x509_crl_privkey_sign */
+ int gnutls_x509_crl_sign(gnutls_x509_crl_t crl,
+ gnutls_x509_crt_t issuer,
+ gnutls_x509_privkey_t issuer_key)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+
+ /* functions to set priority of cipher suites
+ */
+ int gnutls_cipher_set_priority(gnutls_session_t session,
+ const int *list)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ int gnutls_mac_set_priority(gnutls_session_t session,
+ const int *list)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ int gnutls_compression_set_priority(gnutls_session_t session,
+ const int *list)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ int gnutls_kx_set_priority(gnutls_session_t session,
+ const int *list)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ int gnutls_protocol_set_priority(gnutls_session_t session,
+ const int *list)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ int gnutls_certificate_type_set_priority(gnutls_session_t session,
+ const int *list)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
/* RSA params
*/
- int gnutls_rsa_params_init (gnutls_rsa_params_t * rsa_params) _GNUTLS_GCC_ATTR_DEPRECATED;
- void gnutls_rsa_params_deinit (gnutls_rsa_params_t rsa_params) _GNUTLS_GCC_ATTR_DEPRECATED;
- int gnutls_rsa_params_cpy (gnutls_rsa_params_t dst,
- gnutls_rsa_params_t src) _GNUTLS_GCC_ATTR_DEPRECATED;
- int gnutls_rsa_params_import_raw (gnutls_rsa_params_t rsa_params,
- const gnutls_datum_t * m,
- const gnutls_datum_t * e,
- const gnutls_datum_t * d,
- const gnutls_datum_t * p,
- const gnutls_datum_t * q,
- const gnutls_datum_t * u);
- int gnutls_rsa_params_generate2 (gnutls_rsa_params_t params,
- unsigned int bits) _GNUTLS_GCC_ATTR_DEPRECATED;
- int gnutls_rsa_params_export_raw (gnutls_rsa_params_t rsa,
- gnutls_datum_t * m, gnutls_datum_t * e,
- gnutls_datum_t * d, gnutls_datum_t * p,
- gnutls_datum_t * q, gnutls_datum_t * u,
- unsigned int *bits) _GNUTLS_GCC_ATTR_DEPRECATED;
- int gnutls_rsa_params_export_pkcs1 (gnutls_rsa_params_t params,
- gnutls_x509_crt_fmt_t format,
- unsigned char *params_data,
- size_t * params_data_size) _GNUTLS_GCC_ATTR_DEPRECATED;
- int gnutls_rsa_params_import_pkcs1 (gnutls_rsa_params_t params,
- const gnutls_datum_t * pkcs1_params,
- gnutls_x509_crt_fmt_t format) _GNUTLS_GCC_ATTR_DEPRECATED;
-
- int gnutls_rsa_export_get_pubkey (gnutls_session_t session,
- gnutls_datum_t * exponent,
- gnutls_datum_t * modulus) _GNUTLS_GCC_ATTR_DEPRECATED;
- int gnutls_rsa_export_get_modulus_bits (gnutls_session_t session) _GNUTLS_GCC_ATTR_DEPRECATED;
- int gnutls_set_default_export_priority (gnutls_session_t session) _GNUTLS_GCC_ATTR_DEPRECATED;
-
- void
- gnutls_certificate_set_rsa_export_params (gnutls_certificate_credentials_t
- res,
- gnutls_rsa_params_t rsa_params) _GNUTLS_GCC_ATTR_DEPRECATED;
-
- /* use gnutls_privkey_sign_hash() with the GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA flag */
- int gnutls_privkey_sign_raw_data (gnutls_privkey_t key,
- unsigned flags,
- const gnutls_datum_t * data,
- gnutls_datum_t * signature) _GNUTLS_GCC_ATTR_DEPRECATED;
+ int gnutls_rsa_params_init(gnutls_rsa_params_t *
+ rsa_params) _GNUTLS_GCC_ATTR_DEPRECATED;
+ void gnutls_rsa_params_deinit(gnutls_rsa_params_t rsa_params)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ int gnutls_rsa_params_cpy(gnutls_rsa_params_t dst,
+ gnutls_rsa_params_t src)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ int gnutls_rsa_params_import_raw(gnutls_rsa_params_t rsa_params,
+ const gnutls_datum_t * m,
+ const gnutls_datum_t * e,
+ const gnutls_datum_t * d,
+ const gnutls_datum_t * p,
+ const gnutls_datum_t * q,
+ const gnutls_datum_t * u);
+ int gnutls_rsa_params_generate2(gnutls_rsa_params_t params,
+ unsigned int bits)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ int gnutls_rsa_params_export_raw(gnutls_rsa_params_t rsa,
+ gnutls_datum_t * m,
+ gnutls_datum_t * e,
+ gnutls_datum_t * d,
+ gnutls_datum_t * p,
+ gnutls_datum_t * q,
+ gnutls_datum_t * u,
+ unsigned int *bits)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ int gnutls_rsa_params_export_pkcs1(gnutls_rsa_params_t params,
+ gnutls_x509_crt_fmt_t format,
+ unsigned char *params_data,
+ size_t *
+ params_data_size)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ int gnutls_rsa_params_import_pkcs1(gnutls_rsa_params_t params,
+ const gnutls_datum_t *
+ pkcs1_params,
+ gnutls_x509_crt_fmt_t format)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+
+ int gnutls_rsa_export_get_pubkey(gnutls_session_t session,
+ gnutls_datum_t * exponent,
+ gnutls_datum_t *
+ modulus)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ int gnutls_rsa_export_get_modulus_bits(gnutls_session_t session)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ int gnutls_set_default_export_priority(gnutls_session_t session)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+
+ void
+ gnutls_certificate_set_rsa_export_params
+ (gnutls_certificate_credentials_t res,
+ gnutls_rsa_params_t rsa_params) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+ /* use gnutls_privkey_sign_hash() with the GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA flag */
+ int gnutls_privkey_sign_raw_data(gnutls_privkey_t key,
+ unsigned flags,
+ const gnutls_datum_t * data,
+ gnutls_datum_t *
+ signature)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
#ifdef _ISOC99_SOURCE
/* we provide older functions for compatibility as inline functions that
* depend on gnutls_session_get_random. */
-
-static inline const void *gnutls_session_get_server_random (gnutls_session_t session) _GNUTLS_GCC_ATTR_DEPRECATED;
-static inline const void *gnutls_session_get_server_random (gnutls_session_t session)
-{
- gnutls_datum_t rnd;
- gnutls_session_get_random(session, NULL, &rnd);/*doc-skip*/
- return rnd.data;
-}
-static inline const void *gnutls_session_get_client_random (gnutls_session_t session) _GNUTLS_GCC_ATTR_DEPRECATED;
-static inline const void *gnutls_session_get_client_random (gnutls_session_t session)
-{
- gnutls_datum_t rnd;
- gnutls_session_get_random(session, &rnd, NULL);/*doc-skip*/
- return rnd.data;
-}
+ static inline const void
+ *gnutls_session_get_server_random(gnutls_session_t session)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ static inline const void
+ *gnutls_session_get_server_random(gnutls_session_t session) {
+ gnutls_datum_t rnd;
+ gnutls_session_get_random(session, NULL, &rnd); /*doc-skip */
+ return rnd.data;
+ } static inline const void
+ *gnutls_session_get_client_random(gnutls_session_t session)
+ _GNUTLS_GCC_ATTR_DEPRECATED;
+ static inline const void
+ *gnutls_session_get_client_random(gnutls_session_t session) {
+ gnutls_datum_t rnd;
+ gnutls_session_get_random(session, &rnd, NULL); /*doc-skip */
+ return rnd.data;
+ }
#endif
@@ -342,4 +405,4 @@ static inline const void *gnutls_session_get_client_random (gnutls_session_t ses
}
#endif
-#endif /* _GNUTLS_COMPAT_H */
+#endif /* _GNUTLS_COMPAT_H */
diff --git a/lib/includes/gnutls/crypto.h b/lib/includes/gnutls/crypto.h
index 44d77f9339..6ab571472d 100644
--- a/lib/includes/gnutls/crypto.h
+++ b/lib/includes/gnutls/crypto.h
@@ -24,61 +24,71 @@
#define GNUTLS_CRYPTO_H
#ifdef __cplusplus
-extern "C"
-{
+extern "C" {
#endif
- typedef struct api_cipher_hd_st *gnutls_cipher_hd_t;
-
- int gnutls_cipher_init (gnutls_cipher_hd_t * handle,
- gnutls_cipher_algorithm_t cipher,
- const gnutls_datum_t * key,
- const gnutls_datum_t * iv);
- int gnutls_cipher_encrypt (const gnutls_cipher_hd_t handle,
- void *text, size_t textlen);
- int gnutls_cipher_decrypt (const gnutls_cipher_hd_t handle,
- void *ciphertext, size_t ciphertextlen);
- int gnutls_cipher_decrypt2 (gnutls_cipher_hd_t handle,
- const void *ciphertext, size_t ciphertextlen,
- void *text, size_t textlen);
- int gnutls_cipher_encrypt2 (gnutls_cipher_hd_t handle, const void *text,
- size_t textlen, void *ciphertext,
- size_t ciphertextlen);
-
- void gnutls_cipher_set_iv (gnutls_cipher_hd_t handle, void *iv, size_t ivlen);
-
- int gnutls_cipher_tag( gnutls_cipher_hd_t handle, void* tag, size_t tag_size);
- int gnutls_cipher_add_auth( gnutls_cipher_hd_t handle, const void* text, size_t text_size);
-
- void gnutls_cipher_deinit (gnutls_cipher_hd_t handle);
- int gnutls_cipher_get_block_size (gnutls_cipher_algorithm_t algorithm);
- int gnutls_cipher_get_iv_size (gnutls_cipher_algorithm_t algorithm);
- int gnutls_cipher_get_tag_size (gnutls_cipher_algorithm_t algorithm);
-
- typedef struct hash_hd_st *gnutls_hash_hd_t;
- typedef struct hmac_hd_st *gnutls_hmac_hd_t;
-
- size_t gnutls_mac_get_nonce_size (gnutls_mac_algorithm_t algorithm);
- int gnutls_hmac_init (gnutls_hmac_hd_t * dig,
- gnutls_mac_algorithm_t algorithm, const void *key,
- size_t keylen);
- void gnutls_hmac_set_nonce (gnutls_hmac_hd_t handle, const void *nonce, size_t nonce_len);
- int gnutls_hmac (gnutls_hmac_hd_t handle, const void *text, size_t textlen);
- void gnutls_hmac_output (gnutls_hmac_hd_t handle, void *digest);
- void gnutls_hmac_deinit (gnutls_hmac_hd_t handle, void *digest);
- int gnutls_hmac_get_len (gnutls_mac_algorithm_t algorithm);
- int gnutls_hmac_fast (gnutls_mac_algorithm_t algorithm, const void *key,
- size_t keylen, const void *text, size_t textlen,
- void *digest);
-
- int gnutls_hash_init (gnutls_hash_hd_t * dig,
- gnutls_digest_algorithm_t algorithm);
- int gnutls_hash (gnutls_hash_hd_t handle, const void *text, size_t textlen);
- void gnutls_hash_output (gnutls_hash_hd_t handle, void *digest);
- void gnutls_hash_deinit (gnutls_hash_hd_t handle, void *digest);
- int gnutls_hash_get_len (gnutls_digest_algorithm_t algorithm);
- int gnutls_hash_fast (gnutls_digest_algorithm_t algorithm,
- const void *text, size_t textlen, void *digest);
+ typedef struct api_cipher_hd_st *gnutls_cipher_hd_t;
+
+ int gnutls_cipher_init(gnutls_cipher_hd_t * handle,
+ gnutls_cipher_algorithm_t cipher,
+ const gnutls_datum_t * key,
+ const gnutls_datum_t * iv);
+ int gnutls_cipher_encrypt(const gnutls_cipher_hd_t handle,
+ void *text, size_t textlen);
+ int gnutls_cipher_decrypt(const gnutls_cipher_hd_t handle,
+ void *ciphertext, size_t ciphertextlen);
+ int gnutls_cipher_decrypt2(gnutls_cipher_hd_t handle,
+ const void *ciphertext,
+ size_t ciphertextlen, void *text,
+ size_t textlen);
+ int gnutls_cipher_encrypt2(gnutls_cipher_hd_t handle,
+ const void *text, size_t textlen,
+ void *ciphertext, size_t ciphertextlen);
+
+ void gnutls_cipher_set_iv(gnutls_cipher_hd_t handle, void *iv,
+ size_t ivlen);
+
+ int gnutls_cipher_tag(gnutls_cipher_hd_t handle, void *tag,
+ size_t tag_size);
+ int gnutls_cipher_add_auth(gnutls_cipher_hd_t handle,
+ const void *text, size_t text_size);
+
+ void gnutls_cipher_deinit(gnutls_cipher_hd_t handle);
+ int gnutls_cipher_get_block_size(gnutls_cipher_algorithm_t
+ algorithm);
+ int gnutls_cipher_get_iv_size(gnutls_cipher_algorithm_t algorithm);
+ int gnutls_cipher_get_tag_size(gnutls_cipher_algorithm_t
+ algorithm);
+
+ typedef struct hash_hd_st *gnutls_hash_hd_t;
+ typedef struct hmac_hd_st *gnutls_hmac_hd_t;
+
+ size_t gnutls_mac_get_nonce_size(gnutls_mac_algorithm_t algorithm);
+ int gnutls_hmac_init(gnutls_hmac_hd_t * dig,
+ gnutls_mac_algorithm_t algorithm,
+ const void *key, size_t keylen);
+ void gnutls_hmac_set_nonce(gnutls_hmac_hd_t handle,
+ const void *nonce, size_t nonce_len);
+ int gnutls_hmac(gnutls_hmac_hd_t handle, const void *text,
+ size_t textlen);
+ void gnutls_hmac_output(gnutls_hmac_hd_t handle, void *digest);
+ void gnutls_hmac_deinit(gnutls_hmac_hd_t handle, void *digest);
+ int gnutls_hmac_get_len(gnutls_mac_algorithm_t algorithm);
+ int gnutls_hmac_fast(gnutls_mac_algorithm_t algorithm,
+ const void *key, size_t keylen,
+ const void *text, size_t textlen,
+ void *digest);
+
+ int gnutls_hash_init(gnutls_hash_hd_t * dig,
+ gnutls_digest_algorithm_t algorithm);
+ int gnutls_hash(gnutls_hash_hd_t handle, const void *text,
+ size_t textlen);
+ void gnutls_hash_output(gnutls_hash_hd_t handle, void *digest);
+ void gnutls_hash_deinit(gnutls_hash_hd_t handle, void *digest);
+ int gnutls_hash_get_len(gnutls_digest_algorithm_t algorithm);
+ int gnutls_hash_fast(gnutls_digest_algorithm_t algorithm,
+ const void *text, size_t textlen,
+ void *digest);
/* register ciphers */
@@ -93,19 +103,17 @@ extern "C"
*
* Enumeration of random quality levels.
*/
- typedef enum gnutls_rnd_level
- {
- GNUTLS_RND_NONCE = 0,
- GNUTLS_RND_RANDOM = 1,
- GNUTLS_RND_KEY = 2
- } gnutls_rnd_level_t;
+ typedef enum gnutls_rnd_level {
+ GNUTLS_RND_NONCE = 0,
+ GNUTLS_RND_RANDOM = 1,
+ GNUTLS_RND_KEY = 2
+ } gnutls_rnd_level_t;
- int gnutls_rnd (gnutls_rnd_level_t level, void *data, size_t len);
+ int gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t len);
- void gnutls_rnd_refresh (void);
+ void gnutls_rnd_refresh(void);
#ifdef __cplusplus
}
#endif
-
#endif
diff --git a/lib/includes/gnutls/dtls.h b/lib/includes/gnutls/dtls.h
index ec5782ab86..c773a664dd 100644
--- a/lib/includes/gnutls/dtls.h
+++ b/lib/includes/gnutls/dtls.h
@@ -30,23 +30,24 @@
#include <gnutls/gnutls.h>
#ifdef __cplusplus
-extern "C"
-{
+extern "C" {
#endif
#define GNUTLS_COOKIE_KEY_SIZE 16
-void gnutls_dtls_set_timeouts (gnutls_session_t session,
- unsigned int retrans_timeout,
- unsigned int total_timeout);
+ void gnutls_dtls_set_timeouts(gnutls_session_t session,
+ unsigned int retrans_timeout,
+ unsigned int total_timeout);
-unsigned int gnutls_dtls_get_mtu (gnutls_session_t session);
-unsigned int gnutls_dtls_get_data_mtu (gnutls_session_t session);
+ unsigned int gnutls_dtls_get_mtu(gnutls_session_t session);
+ unsigned int gnutls_dtls_get_data_mtu(gnutls_session_t session);
-void gnutls_dtls_set_mtu (gnutls_session_t session, unsigned int mtu);
-int gnutls_dtls_set_data_mtu (gnutls_session_t session, unsigned int mtu);
+ void gnutls_dtls_set_mtu(gnutls_session_t session,
+ unsigned int mtu);
+ int gnutls_dtls_set_data_mtu(gnutls_session_t session,
+ unsigned int mtu);
-unsigned int gnutls_dtls_get_timeout (gnutls_session_t session);
+ unsigned int gnutls_dtls_get_timeout(gnutls_session_t session);
/**
* gnutls_dtls_prestate_st:
@@ -59,31 +60,31 @@ unsigned int gnutls_dtls_get_timeout (gnutls_session_t session);
* gnutls_dtls_cookie_send(), gnutls_dtls_cookie_verify() and
* gnutls_dtls_prestate_set().
*/
- typedef struct
- {
- unsigned int record_seq;
- unsigned int hsk_read_seq;
- unsigned int hsk_write_seq;
- } gnutls_dtls_prestate_st;
+ typedef struct {
+ unsigned int record_seq;
+ unsigned int hsk_read_seq;
+ unsigned int hsk_write_seq;
+ } gnutls_dtls_prestate_st;
- int gnutls_dtls_cookie_send (gnutls_datum_t* key,
- void* client_data, size_t client_data_size,
- gnutls_dtls_prestate_st* prestate,
- gnutls_transport_ptr_t ptr,
- gnutls_push_func push_func);
+ int gnutls_dtls_cookie_send(gnutls_datum_t * key,
+ void *client_data,
+ size_t client_data_size,
+ gnutls_dtls_prestate_st * prestate,
+ gnutls_transport_ptr_t ptr,
+ gnutls_push_func push_func);
- int gnutls_dtls_cookie_verify (gnutls_datum_t* key,
- void* client_data, size_t client_data_size,
- void* _msg, size_t msg_size,
- gnutls_dtls_prestate_st* prestate);
+ int gnutls_dtls_cookie_verify(gnutls_datum_t * key,
+ void *client_data,
+ size_t client_data_size, void *_msg,
+ size_t msg_size,
+ gnutls_dtls_prestate_st * prestate);
- void gnutls_dtls_prestate_set (gnutls_session_t session,
- gnutls_dtls_prestate_st* prestate);
+ void gnutls_dtls_prestate_set(gnutls_session_t session,
+ gnutls_dtls_prestate_st * prestate);
+
+ unsigned int gnutls_record_get_discarded(gnutls_session_t session);
- unsigned int gnutls_record_get_discarded (gnutls_session_t session);
-
#ifdef __cplusplus
}
#endif
-
-#endif /* GNUTLS_DTLS_H */
+#endif /* GNUTLS_DTLS_H */
diff --git a/lib/includes/gnutls/gnutlsxx.h b/lib/includes/gnutls/gnutlsxx.h
index 2603b7dac6..1ed83fbd44 100644
--- a/lib/includes/gnutls/gnutlsxx.h
+++ b/lib/includes/gnutls/gnutlsxx.h
@@ -27,400 +27,400 @@
#include <vector>
#include <gnutls/gnutls.h>
-namespace gnutls
-{
-
- class noncopyable
- {
- protected:
- noncopyable ()
- {
- }
- ~noncopyable ()
- {
- }
-
- private:
- // These are non-implemented.
- noncopyable (const noncopyable &);
- noncopyable & operator= (const noncopyable &);
- };
-
-
- class exception:public std::exception
- {
- public:
- exception (int x);
- const char *what () const throw ();
- int get_code ();
- protected:
- int retcode;
- };
-
-
- class dh_params:private noncopyable
- {
- public:
- dh_params ();
- ~dh_params ();
- void import_raw (const gnutls_datum_t & prime,
- const gnutls_datum_t & generator);
- void import_pkcs3 (const gnutls_datum_t & pkcs3_params,
- gnutls_x509_crt_fmt_t format);
- void generate (unsigned int bits);
-
- void export_pkcs3 (gnutls_x509_crt_fmt_t format,
- unsigned char *params_data, size_t * params_data_size);
- void export_raw (gnutls_datum_t & prime, gnutls_datum_t & generator);
-
- gnutls_dh_params_t get_params_t () const;
- dh_params & operator= (const dh_params & src);
- protected:
- gnutls_dh_params_t params;
- };
-
-
- class rsa_params:private noncopyable
- {
- public:
- rsa_params ();
- ~rsa_params ();
- void import_raw (const gnutls_datum_t & m,
- const gnutls_datum_t & e,
- const gnutls_datum_t & d,
- const gnutls_datum_t & p,
- const gnutls_datum_t & q, const gnutls_datum_t & u);
- void import_pkcs1 (const gnutls_datum_t & pkcs1_params,
- gnutls_x509_crt_fmt_t format);
- void generate (unsigned int bits);
-
- void export_pkcs1 (gnutls_x509_crt_fmt_t format,
- unsigned char *params_data, size_t * params_data_size);
- void export_raw (gnutls_datum_t & m, gnutls_datum_t & e,
- gnutls_datum_t & d, gnutls_datum_t & p,
- gnutls_datum_t & q, gnutls_datum_t & u);
- gnutls_rsa_params_t get_params_t () const;
- rsa_params & operator= (const rsa_params & src);
-
- protected:
- gnutls_rsa_params_t params;
- };
-
- class session:private noncopyable
- {
- protected:
- gnutls_session_t s;
- public:
- session (unsigned int);
- virtual ~ session ();
-
- int bye (gnutls_close_request_t how);
- int handshake ();
-
- gnutls_alert_description_t get_alert () const;
-
- int send_alert (gnutls_alert_level_t level,
- gnutls_alert_description_t desc);
- int send_appropriate_alert (int err);
-
- gnutls_cipher_algorithm_t get_cipher () const;
- gnutls_kx_algorithm_t get_kx () const;
- gnutls_mac_algorithm_t get_mac () const;
- gnutls_compression_method_t get_compression () const;
- gnutls_certificate_type_t get_certificate_type () const;
-
- // for the handshake
- void set_private_extensions (bool allow);
-
- gnutls_handshake_description_t get_handshake_last_out () const;
- gnutls_handshake_description_t get_handshake_last_in () const;
-
- ssize_t send (const void *data, size_t sizeofdata);
- ssize_t recv (void *data, size_t sizeofdata);
-
- bool get_record_direction () const;
-
- // maximum packet size
- size_t get_max_size () const;
- void set_max_size (size_t size);
-
- size_t check_pending () const;
-
- void prf (size_t label_size, const char *label,
- int server_random_first,
- size_t extra_size, const char *extra,
- size_t outsize, char *out);
-
- void prf_raw (size_t label_size, const char *label,
- size_t seed_size, const char *seed,
- size_t outsize, char *out);
-
- /* if you just want some defaults, use the following.
- */
- void set_priority (const char *prio, const char **err_pos);
- void set_priority (gnutls_priority_t p);
-
- gnutls_protocol_t get_protocol_version () const;
-
- // for resuming sessions
- void set_data (const void *session_data, size_t session_data_size);
- void get_data (void *session_data, size_t * session_data_size) const;
- void get_data (gnutls_session_t session, gnutls_datum_t & data) const;
- void get_id (void *session_id, size_t * session_id_size) const;
-
- bool is_resumed () const;
-
- void set_max_handshake_packet_length (size_t max);
-
- void clear_credentials ();
- void set_credentials (class credentials & cred);
-
- void set_transport_ptr (gnutls_transport_ptr_t ptr);
- void set_transport_ptr (gnutls_transport_ptr_t recv_ptr,
- gnutls_transport_ptr_t send_ptr);
- gnutls_transport_ptr_t get_transport_ptr () const;
- void get_transport_ptr (gnutls_transport_ptr_t & recv_ptr,
- gnutls_transport_ptr_t & send_ptr) const;
-
- void set_transport_lowat (size_t num);
- void set_transport_push_function (gnutls_push_func push_func);
- void set_transport_vec_push_function (gnutls_vec_push_func vec_push_func);
- void set_transport_pull_function (gnutls_pull_func pull_func);
-
- void set_user_ptr (void *ptr);
- void *get_user_ptr () const;
-
- void send_openpgp_cert (gnutls_openpgp_crt_status_t status);
-
- gnutls_credentials_type_t get_auth_type () const;
- gnutls_credentials_type_t get_server_auth_type () const;
- gnutls_credentials_type_t get_client_auth_type () const;
-
- // informational stuff
- void set_dh_prime_bits (unsigned int bits);
- unsigned int get_dh_secret_bits () const;
- unsigned int get_dh_peers_public_bits () const;
- unsigned int get_dh_prime_bits () const;
- void get_dh_group (gnutls_datum_t & gen, gnutls_datum_t & prime) const;
- void get_dh_pubkey (gnutls_datum_t & raw_key) const;
- void get_rsa_export_pubkey (gnutls_datum_t & exponent,
- gnutls_datum_t & modulus) const;
- unsigned int get_rsa_export_modulus_bits () const;
-
- void get_our_certificate (gnutls_datum_t & cert) const;
- bool get_peers_certificate (std::vector < gnutls_datum_t >
- &out_certs) const;
- bool get_peers_certificate (const gnutls_datum_t ** certs,
- unsigned int *certs_size) const;
-
- time_t get_peers_certificate_activation_time () const;
- time_t get_peers_certificate_expiration_time () const;
- void verify_peers_certificate (unsigned int &status) const;
-
- };
+namespace gnutls {
+
+ class noncopyable {
+ protected:
+ noncopyable() {
+ } ~noncopyable() {
+ } private:
+ // These are non-implemented.
+ noncopyable(const noncopyable &);
+ noncopyable & operator=(const noncopyable &);
+ };
+
+
+ class exception:public std::exception {
+ public:
+ exception(int x);
+ const char *what() const throw();
+ int get_code();
+ protected:
+ int retcode;
+ };
+
+
+ class dh_params:private noncopyable {
+ public:
+ dh_params();
+ ~dh_params();
+ void import_raw(const gnutls_datum_t & prime,
+ const gnutls_datum_t & generator);
+ void import_pkcs3(const gnutls_datum_t & pkcs3_params,
+ gnutls_x509_crt_fmt_t format);
+ void generate(unsigned int bits);
+
+ void export_pkcs3(gnutls_x509_crt_fmt_t format,
+ unsigned char *params_data,
+ size_t * params_data_size);
+ void export_raw(gnutls_datum_t & prime,
+ gnutls_datum_t & generator);
+
+ gnutls_dh_params_t get_params_t() const;
+ dh_params & operator=(const dh_params & src);
+ protected:
+ gnutls_dh_params_t params;
+ };
+
+
+ class rsa_params:private noncopyable {
+ public:
+ rsa_params();
+ ~rsa_params();
+ void import_raw(const gnutls_datum_t & m,
+ const gnutls_datum_t & e,
+ const gnutls_datum_t & d,
+ const gnutls_datum_t & p,
+ const gnutls_datum_t & q,
+ const gnutls_datum_t & u);
+ void import_pkcs1(const gnutls_datum_t & pkcs1_params,
+ gnutls_x509_crt_fmt_t format);
+ void generate(unsigned int bits);
+
+ void export_pkcs1(gnutls_x509_crt_fmt_t format,
+ unsigned char *params_data,
+ size_t * params_data_size);
+ void export_raw(gnutls_datum_t & m, gnutls_datum_t & e,
+ gnutls_datum_t & d, gnutls_datum_t & p,
+ gnutls_datum_t & q, gnutls_datum_t & u);
+ gnutls_rsa_params_t get_params_t() const;
+ rsa_params & operator=(const rsa_params & src);
+
+ protected:
+ gnutls_rsa_params_t params;
+ };
+
+ class session:private noncopyable {
+ protected:
+ gnutls_session_t s;
+ public:
+ session(unsigned int);
+ virtual ~ session();
+
+ int bye(gnutls_close_request_t how);
+ int handshake();
+
+ gnutls_alert_description_t get_alert() const;
+
+ int send_alert(gnutls_alert_level_t level,
+ gnutls_alert_description_t desc);
+ int send_appropriate_alert(int err);
+
+ gnutls_cipher_algorithm_t get_cipher() const;
+ gnutls_kx_algorithm_t get_kx() const;
+ gnutls_mac_algorithm_t get_mac() const;
+ gnutls_compression_method_t get_compression() const;
+ gnutls_certificate_type_t get_certificate_type() const;
+
+ // for the handshake
+ void set_private_extensions(bool allow);
+
+ gnutls_handshake_description_t get_handshake_last_out()
+ const;
+ gnutls_handshake_description_t get_handshake_last_in()
+ const;
+
+ ssize_t send(const void *data, size_t sizeofdata);
+ ssize_t recv(void *data, size_t sizeofdata);
+
+ bool get_record_direction() const;
+
+ // maximum packet size
+ size_t get_max_size() const;
+ void set_max_size(size_t size);
+
+ size_t check_pending() const;
+
+ void prf(size_t label_size, const char *label,
+ int server_random_first,
+ size_t extra_size, const char *extra,
+ size_t outsize, char *out);
+
+ void prf_raw(size_t label_size, const char *label,
+ size_t seed_size, const char *seed,
+ size_t outsize, char *out);
+
+ /* if you just want some defaults, use the following.
+ */
+ void set_priority(const char *prio, const char **err_pos);
+ void set_priority(gnutls_priority_t p);
+
+ gnutls_protocol_t get_protocol_version() const;
+
+ // for resuming sessions
+ void set_data(const void *session_data,
+ size_t session_data_size);
+ void get_data(void *session_data,
+ size_t * session_data_size) const;
+ void get_data(gnutls_session_t session,
+ gnutls_datum_t & data) const;
+ void get_id(void *session_id,
+ size_t * session_id_size) const;
+
+ bool is_resumed() const;
+
+ void set_max_handshake_packet_length(size_t max);
+
+ void clear_credentials();
+ void set_credentials(class credentials & cred);
+
+ void set_transport_ptr(gnutls_transport_ptr_t ptr);
+ void set_transport_ptr(gnutls_transport_ptr_t recv_ptr,
+ gnutls_transport_ptr_t send_ptr);
+ gnutls_transport_ptr_t get_transport_ptr() const;
+ void get_transport_ptr(gnutls_transport_ptr_t & recv_ptr,
+ gnutls_transport_ptr_t & send_ptr)
+ const;
+
+ void set_transport_lowat(size_t num);
+ void set_transport_push_function(gnutls_push_func
+ push_func);
+ void set_transport_vec_push_function(gnutls_vec_push_func
+ vec_push_func);
+ void set_transport_pull_function(gnutls_pull_func
+ pull_func);
+
+ void set_user_ptr(void *ptr);
+ void *get_user_ptr() const;
+
+ void send_openpgp_cert(gnutls_openpgp_crt_status_t status);
+
+ gnutls_credentials_type_t get_auth_type() const;
+ gnutls_credentials_type_t get_server_auth_type() const;
+ gnutls_credentials_type_t get_client_auth_type() const;
+
+ // informational stuff
+ void set_dh_prime_bits(unsigned int bits);
+ unsigned int get_dh_secret_bits() const;
+ unsigned int get_dh_peers_public_bits() const;
+ unsigned int get_dh_prime_bits() const;
+ void get_dh_group(gnutls_datum_t & gen,
+ gnutls_datum_t & prime) const;
+ void get_dh_pubkey(gnutls_datum_t & raw_key) const;
+ void get_rsa_export_pubkey(gnutls_datum_t & exponent,
+ gnutls_datum_t & modulus) const;
+ unsigned int get_rsa_export_modulus_bits() const;
+
+ void get_our_certificate(gnutls_datum_t & cert) const;
+ bool get_peers_certificate(std::vector < gnutls_datum_t >
+ &out_certs) const;
+ bool get_peers_certificate(const gnutls_datum_t ** certs,
+ unsigned int *certs_size) const;
+
+ time_t get_peers_certificate_activation_time() const;
+ time_t get_peers_certificate_expiration_time() const;
+ void verify_peers_certificate(unsigned int &status) const;
+
+ };
// interface for databases
- class DB:private noncopyable
- {
- public:
- virtual ~ DB () = 0;
- virtual bool store (const gnutls_datum_t & key,
- const gnutls_datum_t & data) = 0;
- virtual bool retrieve (const gnutls_datum_t & key,
- gnutls_datum_t & data) = 0;
- virtual bool remove (const gnutls_datum_t & key) = 0;
- };
-
- class server_session:public session
- {
- public:
- server_session ();
- ~server_session ();
- void db_remove () const;
-
- void set_db_cache_expiration (unsigned int seconds);
- void set_db (const DB & db);
-
- // returns true if session is expired
- bool db_check_entry (gnutls_datum_t & session_data) const;
-
- // server side only
- const char *get_srp_username () const;
- const char *get_psk_username () const;
-
- void get_server_name (void *data, size_t * data_length,
- unsigned int *type, unsigned int indx) const;
-
- int rehandshake ();
- void set_certificate_request (gnutls_certificate_request_t);
- };
-
- class client_session:public session
- {
- public:
- client_session ();
- ~client_session ();
-
- void set_server_name (gnutls_server_name_type_t type,
- const void *name, size_t name_length);
-
- bool get_request_status ();
- };
-
-
- class credentials:private noncopyable
- {
- public:
- virtual ~ credentials ()
- {
- }
- gnutls_credentials_type_t get_type () const;
- protected:
- friend class session;
- credentials (gnutls_credentials_type_t t);
- void *ptr () const;
- void set_ptr (void *ptr);
- gnutls_credentials_type_t type;
- private:
- void *cred;
- };
-
- class certificate_credentials:public credentials
- {
- public:
- ~certificate_credentials ();
- certificate_credentials ();
-
- void free_keys ();
- void free_cas ();
- void free_ca_names ();
- void free_crls ();
-
- void set_dh_params (const dh_params & params);
- void set_rsa_export_params (const rsa_params & params);
- void set_verify_flags (unsigned int flags);
- void set_verify_limits (unsigned int max_bits, unsigned int max_depth);
-
- void set_x509_trust_file (const char *cafile, gnutls_x509_crt_fmt_t type);
- void set_x509_trust (const gnutls_datum_t & CA,
- gnutls_x509_crt_fmt_t type);
- // FIXME: use classes instead of gnutls_x509_crt_t
- void set_x509_trust (gnutls_x509_crt_t * ca_list, int ca_list_size);
-
- void set_x509_crl_file (const char *crlfile, gnutls_x509_crt_fmt_t type);
- void set_x509_crl (const gnutls_datum_t & CRL,
- gnutls_x509_crt_fmt_t type);
- void set_x509_crl (gnutls_x509_crl_t * crl_list, int crl_list_size);
-
- void set_x509_key_file (const char *certfile, const char *KEYFILE,
- gnutls_x509_crt_fmt_t type);
- void set_x509_key (const gnutls_datum_t & CERT,
- const gnutls_datum_t & KEY,
- gnutls_x509_crt_fmt_t type);
- // FIXME: use classes
- void set_x509_key (gnutls_x509_crt_t * cert_list, int cert_list_size,
- gnutls_x509_privkey_t key);
-
-
- void set_simple_pkcs12_file (const char *pkcs12file,
- gnutls_x509_crt_fmt_t type,
- const char *password);
-
- void set_retrieve_function (gnutls_certificate_retrieve_function * func);
-
- protected:
- gnutls_certificate_credentials_t cred;
- };
-
- class certificate_server_credentials:public certificate_credentials
- {
- public:
- void set_params_function (gnutls_params_function * func);
- };
-
- class certificate_client_credentials:public certificate_credentials
- {
- public:
- };
-
-
-
-
- class anon_server_credentials:public credentials
- {
- public:
- anon_server_credentials ();
- ~anon_server_credentials ();
- void set_dh_params (const dh_params & params);
- void set_params_function (gnutls_params_function * func);
- protected:
- gnutls_anon_server_credentials_t cred;
- };
-
- class anon_client_credentials:public credentials
- {
- public:
- anon_client_credentials ();
- ~anon_client_credentials ();
- protected:
- gnutls_anon_client_credentials_t cred;
- };
-
-
- class srp_server_credentials:public credentials
- {
- public:
- srp_server_credentials ();
- ~srp_server_credentials ();
- void set_credentials_file (const char *password_file,
- const char *password_conf_file);
- void set_credentials_function (gnutls_srp_server_credentials_function *
- func);
- protected:
- gnutls_srp_server_credentials_t cred;
- };
-
- class srp_client_credentials:public credentials
- {
- public:
- srp_client_credentials ();
- ~srp_client_credentials ();
- void set_credentials (const char *username, const char *password);
- void set_credentials_function (gnutls_srp_client_credentials_function *
- func);
- protected:
- gnutls_srp_client_credentials_t cred;
- };
-
-
- class psk_server_credentials:public credentials
- {
- public:
- psk_server_credentials ();
- ~psk_server_credentials ();
- void set_credentials_file (const char *password_file);
- void set_credentials_function (gnutls_psk_server_credentials_function *
- func);
- void set_dh_params (const dh_params & params);
- void set_params_function (gnutls_params_function * func);
- protected:
- gnutls_psk_server_credentials_t cred;
- };
-
- class psk_client_credentials:public credentials
- {
- public:
- psk_client_credentials ();
- ~psk_client_credentials ();
- void set_credentials (const char *username, const gnutls_datum_t & key,
- gnutls_psk_key_flags flags);
- void set_credentials_function (gnutls_psk_client_credentials_function *
- func);
- protected:
- gnutls_psk_client_credentials_t cred;
- };
-
-
-} /* namespace */
-
-#endif /* GNUTLSXX_H */
+ class DB:private noncopyable {
+ public:
+ virtual ~ DB() = 0;
+ virtual bool store(const gnutls_datum_t & key,
+ const gnutls_datum_t & data) = 0;
+ virtual bool retrieve(const gnutls_datum_t & key,
+ gnutls_datum_t & data) = 0;
+ virtual bool remove(const gnutls_datum_t & key) = 0;
+ };
+
+ class server_session:public session {
+ public:
+ server_session();
+ ~server_session();
+ void db_remove() const;
+
+ void set_db_cache_expiration(unsigned int seconds);
+ void set_db(const DB & db);
+
+ // returns true if session is expired
+ bool db_check_entry(gnutls_datum_t & session_data) const;
+
+ // server side only
+ const char *get_srp_username() const;
+ const char *get_psk_username() const;
+
+ void get_server_name(void *data, size_t * data_length,
+ unsigned int *type,
+ unsigned int indx) const;
+
+ int rehandshake();
+ void set_certificate_request(gnutls_certificate_request_t);
+ };
+
+ class client_session:public session {
+ public:
+ client_session();
+ ~client_session();
+
+ void set_server_name(gnutls_server_name_type_t type,
+ const void *name, size_t name_length);
+
+ bool get_request_status();
+ };
+
+
+ class credentials:private noncopyable {
+ public:
+ virtual ~ credentials() {
+ } gnutls_credentials_type_t get_type() const;
+ protected:
+ friend class session;
+ credentials(gnutls_credentials_type_t t);
+ void *ptr() const;
+ void set_ptr(void *ptr);
+ gnutls_credentials_type_t type;
+ private:
+ void *cred;
+ };
+
+ class certificate_credentials:public credentials {
+ public:
+ ~certificate_credentials();
+ certificate_credentials();
+
+ void free_keys();
+ void free_cas();
+ void free_ca_names();
+ void free_crls();
+
+ void set_dh_params(const dh_params & params);
+ void set_rsa_export_params(const rsa_params & params);
+ void set_verify_flags(unsigned int flags);
+ void set_verify_limits(unsigned int max_bits,
+ unsigned int max_depth);
+
+ void set_x509_trust_file(const char *cafile,
+ gnutls_x509_crt_fmt_t type);
+ void set_x509_trust(const gnutls_datum_t & CA,
+ gnutls_x509_crt_fmt_t type);
+ // FIXME: use classes instead of gnutls_x509_crt_t
+ void set_x509_trust(gnutls_x509_crt_t * ca_list,
+ int ca_list_size);
+
+ void set_x509_crl_file(const char *crlfile,
+ gnutls_x509_crt_fmt_t type);
+ void set_x509_crl(const gnutls_datum_t & CRL,
+ gnutls_x509_crt_fmt_t type);
+ void set_x509_crl(gnutls_x509_crl_t * crl_list,
+ int crl_list_size);
+
+ void set_x509_key_file(const char *certfile,
+ const char *KEYFILE,
+ gnutls_x509_crt_fmt_t type);
+ void set_x509_key(const gnutls_datum_t & CERT,
+ const gnutls_datum_t & KEY,
+ gnutls_x509_crt_fmt_t type);
+ // FIXME: use classes
+ void set_x509_key(gnutls_x509_crt_t * cert_list,
+ int cert_list_size,
+ gnutls_x509_privkey_t key);
+
+
+ void set_simple_pkcs12_file(const char *pkcs12file,
+ gnutls_x509_crt_fmt_t type,
+ const char *password);
+
+ void set_retrieve_function
+ (gnutls_certificate_retrieve_function * func);
+
+ protected:
+ gnutls_certificate_credentials_t cred;
+ };
+
+ class certificate_server_credentials:public certificate_credentials {
+ public:
+ void set_params_function(gnutls_params_function * func);
+ };
+
+ class certificate_client_credentials:public certificate_credentials {
+ public:
+ };
+
+
+
+
+ class anon_server_credentials:public credentials {
+ public:
+ anon_server_credentials();
+ ~anon_server_credentials();
+ void set_dh_params(const dh_params & params);
+ void set_params_function(gnutls_params_function * func);
+ protected:
+ gnutls_anon_server_credentials_t cred;
+ };
+
+ class anon_client_credentials:public credentials {
+ public:
+ anon_client_credentials();
+ ~anon_client_credentials();
+ protected:
+ gnutls_anon_client_credentials_t cred;
+ };
+
+
+ class srp_server_credentials:public credentials {
+ public:
+ srp_server_credentials();
+ ~srp_server_credentials();
+ void set_credentials_file(const char *password_file,
+ const char *password_conf_file);
+ void set_credentials_function
+ (gnutls_srp_server_credentials_function * func);
+ protected:
+ gnutls_srp_server_credentials_t cred;
+ };
+
+ class srp_client_credentials:public credentials {
+ public:
+ srp_client_credentials();
+ ~srp_client_credentials();
+ void set_credentials(const char *username,
+ const char *password);
+ void set_credentials_function
+ (gnutls_srp_client_credentials_function * func);
+ protected:
+ gnutls_srp_client_credentials_t cred;
+ };
+
+
+ class psk_server_credentials:public credentials {
+ public:
+ psk_server_credentials();
+ ~psk_server_credentials();
+ void set_credentials_file(const char *password_file);
+ void set_credentials_function
+ (gnutls_psk_server_credentials_function * func);
+ void set_dh_params(const dh_params & params);
+ void set_params_function(gnutls_params_function * func);
+ protected:
+ gnutls_psk_server_credentials_t cred;
+ };
+
+ class psk_client_credentials:public credentials {
+ public:
+ psk_client_credentials();
+ ~psk_client_credentials();
+ void set_credentials(const char *username,
+ const gnutls_datum_t & key,
+ gnutls_psk_key_flags flags);
+ void set_credentials_function
+ (gnutls_psk_client_credentials_function * func);
+ protected:
+ gnutls_psk_client_credentials_t cred;
+ };
+
+
+} /* namespace */
+
+#endif /* GNUTLSXX_H */
diff --git a/lib/includes/gnutls/ocsp.h b/lib/includes/gnutls/ocsp.h
index 99046ad276..e7f412251a 100644
--- a/lib/includes/gnutls/ocsp.h
+++ b/lib/includes/gnutls/ocsp.h
@@ -30,8 +30,7 @@
#include <gnutls/x509.h>
#ifdef __cplusplus
-extern "C"
-{
+extern "C" {
#endif
#define GNUTLS_OCSP_NONCE "1.3.6.1.5.5.7.48.1.2"
@@ -43,11 +42,10 @@ extern "C"
*
* Enumeration of different OCSP printing variants.
*/
-typedef enum gnutls_ocsp_print_formats_t
- {
- GNUTLS_OCSP_PRINT_FULL = 0,
- GNUTLS_OCSP_PRINT_COMPACT = 1,
- } gnutls_ocsp_print_formats_t;
+ typedef enum gnutls_ocsp_print_formats_t {
+ GNUTLS_OCSP_PRINT_FULL = 0,
+ GNUTLS_OCSP_PRINT_COMPACT = 1,
+ } gnutls_ocsp_print_formats_t;
/**
* gnutls_ocsp_resp_status_t:
@@ -60,15 +58,14 @@ typedef enum gnutls_ocsp_print_formats_t
*
* Enumeration of different OCSP response status codes.
*/
-typedef enum gnutls_ocsp_resp_status_t
- {
- GNUTLS_OCSP_RESP_SUCCESSFUL = 0,
- GNUTLS_OCSP_RESP_MALFORMEDREQUEST = 1,
- GNUTLS_OCSP_RESP_INTERNALERROR = 2,
- GNUTLS_OCSP_RESP_TRYLATER = 3,
- GNUTLS_OCSP_RESP_SIGREQUIRED = 5,
- GNUTLS_OCSP_RESP_UNAUTHORIZED = 6
- } gnutls_ocsp_resp_status_t;
+ typedef enum gnutls_ocsp_resp_status_t {
+ GNUTLS_OCSP_RESP_SUCCESSFUL = 0,
+ GNUTLS_OCSP_RESP_MALFORMEDREQUEST = 1,
+ GNUTLS_OCSP_RESP_INTERNALERROR = 2,
+ GNUTLS_OCSP_RESP_TRYLATER = 3,
+ GNUTLS_OCSP_RESP_SIGREQUIRED = 5,
+ GNUTLS_OCSP_RESP_UNAUTHORIZED = 6
+ } gnutls_ocsp_resp_status_t;
/**
* gnutls_ocsp_cert_status_t:
@@ -79,12 +76,11 @@ typedef enum gnutls_ocsp_resp_status_t
*
* Enumeration of different OCSP response certificate status codes.
*/
-typedef enum gnutls_ocsp_cert_status_t
- {
- GNUTLS_OCSP_CERT_GOOD = 0,
- GNUTLS_OCSP_CERT_REVOKED = 1,
- GNUTLS_OCSP_CERT_UNKNOWN = 2
- } gnutls_ocsp_cert_status_t;
+ typedef enum gnutls_ocsp_cert_status_t {
+ GNUTLS_OCSP_CERT_GOOD = 0,
+ GNUTLS_OCSP_CERT_REVOKED = 1,
+ GNUTLS_OCSP_CERT_UNKNOWN = 2
+ } gnutls_ocsp_cert_status_t;
/**
* gnutls_x509_crl_reason_t:
@@ -103,19 +99,18 @@ typedef enum gnutls_ocsp_cert_status_t
* corresponds to the CRLReason ASN.1 enumeration type, and not the
* ReasonFlags ASN.1 bit string.
*/
-typedef enum gnutls_x509_crl_reason_t
- {
- GNUTLS_X509_CRLREASON_UNSPECIFIED = 0,
- GNUTLS_X509_CRLREASON_KEYCOMPROMISE = 1,
- GNUTLS_X509_CRLREASON_CACOMPROMISE = 2,
- GNUTLS_X509_CRLREASON_AFFILIATIONCHANGED = 3,
- GNUTLS_X509_CRLREASON_SUPERSEDED = 4,
- GNUTLS_X509_CRLREASON_CESSATIONOFOPERATION = 5,
- GNUTLS_X509_CRLREASON_CERTIFICATEHOLD = 6,
- GNUTLS_X509_CRLREASON_REMOVEFROMCRL = 8,
- GNUTLS_X509_CRLREASON_PRIVILEGEWITHDRAWN = 9,
- GNUTLS_X509_CRLREASON_AACOMPROMISE = 10
- } gnutls_x509_crl_reason_t;
+ typedef enum gnutls_x509_crl_reason_t {
+ GNUTLS_X509_CRLREASON_UNSPECIFIED = 0,
+ GNUTLS_X509_CRLREASON_KEYCOMPROMISE = 1,
+ GNUTLS_X509_CRLREASON_CACOMPROMISE = 2,
+ GNUTLS_X509_CRLREASON_AFFILIATIONCHANGED = 3,
+ GNUTLS_X509_CRLREASON_SUPERSEDED = 4,
+ GNUTLS_X509_CRLREASON_CESSATIONOFOPERATION = 5,
+ GNUTLS_X509_CRLREASON_CERTIFICATEHOLD = 6,
+ GNUTLS_X509_CRLREASON_REMOVEFROMCRL = 8,
+ GNUTLS_X509_CRLREASON_PRIVILEGEWITHDRAWN = 9,
+ GNUTLS_X509_CRLREASON_AACOMPROMISE = 10
+ } gnutls_x509_crl_reason_t;
/**
* gnutls_ocsp_verify_reason_t:
@@ -130,130 +125,134 @@ typedef enum gnutls_x509_crl_reason_t
* Enumeration of OCSP verify status codes, used by
* gnutls_ocsp_resp_verify() and gnutls_ocsp_resp_verify_direct().
*/
-typedef enum gnutls_ocsp_verify_reason_t
- {
- GNUTLS_OCSP_VERIFY_SIGNER_NOT_FOUND = 1,
- GNUTLS_OCSP_VERIFY_SIGNER_KEYUSAGE_ERROR = 2,
- GNUTLS_OCSP_VERIFY_UNTRUSTED_SIGNER = 4,
- GNUTLS_OCSP_VERIFY_INSECURE_ALGORITHM = 8,
- GNUTLS_OCSP_VERIFY_SIGNATURE_FAILURE = 16,
- GNUTLS_OCSP_VERIFY_CERT_NOT_ACTIVATED = 32,
- GNUTLS_OCSP_VERIFY_CERT_EXPIRED = 64
- } gnutls_ocsp_verify_reason_t;
+ typedef enum gnutls_ocsp_verify_reason_t {
+ GNUTLS_OCSP_VERIFY_SIGNER_NOT_FOUND = 1,
+ GNUTLS_OCSP_VERIFY_SIGNER_KEYUSAGE_ERROR = 2,
+ GNUTLS_OCSP_VERIFY_UNTRUSTED_SIGNER = 4,
+ GNUTLS_OCSP_VERIFY_INSECURE_ALGORITHM = 8,
+ GNUTLS_OCSP_VERIFY_SIGNATURE_FAILURE = 16,
+ GNUTLS_OCSP_VERIFY_CERT_NOT_ACTIVATED = 32,
+ GNUTLS_OCSP_VERIFY_CERT_EXPIRED = 64
+ } gnutls_ocsp_verify_reason_t;
- struct gnutls_ocsp_req_int;
- typedef struct gnutls_ocsp_req_int *gnutls_ocsp_req_t;
+ struct gnutls_ocsp_req_int;
+ typedef struct gnutls_ocsp_req_int *gnutls_ocsp_req_t;
- int gnutls_ocsp_req_init (gnutls_ocsp_req_t * req);
- void gnutls_ocsp_req_deinit (gnutls_ocsp_req_t req);
+ int gnutls_ocsp_req_init(gnutls_ocsp_req_t * req);
+ void gnutls_ocsp_req_deinit(gnutls_ocsp_req_t req);
- int gnutls_ocsp_req_import (gnutls_ocsp_req_t req,
- const gnutls_datum_t * data);
- int gnutls_ocsp_req_export (gnutls_ocsp_req_t req, gnutls_datum_t * data);
- int gnutls_ocsp_req_print (gnutls_ocsp_req_t req,
- gnutls_ocsp_print_formats_t format,
- gnutls_datum_t * out);
+ int gnutls_ocsp_req_import(gnutls_ocsp_req_t req,
+ const gnutls_datum_t * data);
+ int gnutls_ocsp_req_export(gnutls_ocsp_req_t req,
+ gnutls_datum_t * data);
+ int gnutls_ocsp_req_print(gnutls_ocsp_req_t req,
+ gnutls_ocsp_print_formats_t format,
+ gnutls_datum_t * out);
- int gnutls_ocsp_req_get_version (gnutls_ocsp_req_t req);
+ int gnutls_ocsp_req_get_version(gnutls_ocsp_req_t req);
- int gnutls_ocsp_req_get_cert_id (gnutls_ocsp_req_t req,
- unsigned indx,
- gnutls_digest_algorithm_t *digest,
- gnutls_datum_t *issuer_name_hash,
- gnutls_datum_t *issuer_key_hash,
- gnutls_datum_t *serial_number);
- int gnutls_ocsp_req_add_cert_id (gnutls_ocsp_req_t req,
- gnutls_digest_algorithm_t digest,
- const gnutls_datum_t *issuer_name_hash,
- const gnutls_datum_t *issuer_key_hash,
- const gnutls_datum_t *serial_number);
- int gnutls_ocsp_req_add_cert (gnutls_ocsp_req_t req,
- gnutls_digest_algorithm_t digest,
- gnutls_x509_crt_t issuer,
- gnutls_x509_crt_t cert);
+ int gnutls_ocsp_req_get_cert_id(gnutls_ocsp_req_t req,
+ unsigned indx,
+ gnutls_digest_algorithm_t * digest,
+ gnutls_datum_t * issuer_name_hash,
+ gnutls_datum_t * issuer_key_hash,
+ gnutls_datum_t * serial_number);
+ int gnutls_ocsp_req_add_cert_id(gnutls_ocsp_req_t req,
+ gnutls_digest_algorithm_t digest,
+ const gnutls_datum_t *
+ issuer_name_hash,
+ const gnutls_datum_t *
+ issuer_key_hash,
+ const gnutls_datum_t *
+ serial_number);
+ int gnutls_ocsp_req_add_cert(gnutls_ocsp_req_t req,
+ gnutls_digest_algorithm_t digest,
+ gnutls_x509_crt_t issuer,
+ gnutls_x509_crt_t cert);
- int gnutls_ocsp_req_get_extension (gnutls_ocsp_req_t req,
- unsigned indx,
- gnutls_datum_t *oid,
- unsigned int *critical,
- gnutls_datum_t *data);
- int gnutls_ocsp_req_set_extension (gnutls_ocsp_req_t req,
- const char *oid,
- unsigned int critical,
- const gnutls_datum_t *data);
+ int gnutls_ocsp_req_get_extension(gnutls_ocsp_req_t req,
+ unsigned indx,
+ gnutls_datum_t * oid,
+ unsigned int *critical,
+ gnutls_datum_t * data);
+ int gnutls_ocsp_req_set_extension(gnutls_ocsp_req_t req,
+ const char *oid,
+ unsigned int critical,
+ const gnutls_datum_t * data);
- int gnutls_ocsp_req_get_nonce (gnutls_ocsp_req_t req,
- unsigned int *critical,
- gnutls_datum_t *nonce);
- int gnutls_ocsp_req_set_nonce (gnutls_ocsp_req_t req,
- unsigned int critical,
- const gnutls_datum_t *nonce);
- int gnutls_ocsp_req_randomize_nonce (gnutls_ocsp_req_t req);
+ int gnutls_ocsp_req_get_nonce(gnutls_ocsp_req_t req,
+ unsigned int *critical,
+ gnutls_datum_t * nonce);
+ int gnutls_ocsp_req_set_nonce(gnutls_ocsp_req_t req,
+ unsigned int critical,
+ const gnutls_datum_t * nonce);
+ int gnutls_ocsp_req_randomize_nonce(gnutls_ocsp_req_t req);
- struct gnutls_ocsp_resp_int;
- typedef struct gnutls_ocsp_resp_int *gnutls_ocsp_resp_t;
+ struct gnutls_ocsp_resp_int;
+ typedef struct gnutls_ocsp_resp_int *gnutls_ocsp_resp_t;
- int gnutls_ocsp_resp_init (gnutls_ocsp_resp_t * resp);
- void gnutls_ocsp_resp_deinit (gnutls_ocsp_resp_t resp);
+ int gnutls_ocsp_resp_init(gnutls_ocsp_resp_t * resp);
+ void gnutls_ocsp_resp_deinit(gnutls_ocsp_resp_t resp);
- int gnutls_ocsp_resp_import (gnutls_ocsp_resp_t resp,
- const gnutls_datum_t * data);
- int gnutls_ocsp_resp_export (gnutls_ocsp_resp_t resp,
- gnutls_datum_t * data);
- int gnutls_ocsp_resp_print (gnutls_ocsp_resp_t resp,
- gnutls_ocsp_print_formats_t format,
- gnutls_datum_t * out);
+ int gnutls_ocsp_resp_import(gnutls_ocsp_resp_t resp,
+ const gnutls_datum_t * data);
+ int gnutls_ocsp_resp_export(gnutls_ocsp_resp_t resp,
+ gnutls_datum_t * data);
+ int gnutls_ocsp_resp_print(gnutls_ocsp_resp_t resp,
+ gnutls_ocsp_print_formats_t format,
+ gnutls_datum_t * out);
- int gnutls_ocsp_resp_get_status (gnutls_ocsp_resp_t resp);
- int gnutls_ocsp_resp_get_response (gnutls_ocsp_resp_t resp,
- gnutls_datum_t *response_type_oid,
- gnutls_datum_t *response);
+ int gnutls_ocsp_resp_get_status(gnutls_ocsp_resp_t resp);
+ int gnutls_ocsp_resp_get_response(gnutls_ocsp_resp_t resp,
+ gnutls_datum_t *
+ response_type_oid,
+ gnutls_datum_t * response);
- int gnutls_ocsp_resp_get_version (gnutls_ocsp_resp_t resp);
- int gnutls_ocsp_resp_get_responder (gnutls_ocsp_resp_t resp,
- gnutls_datum_t *dn);
- time_t gnutls_ocsp_resp_get_produced (gnutls_ocsp_resp_t resp);
- int gnutls_ocsp_resp_get_single (gnutls_ocsp_resp_t resp,
- unsigned indx,
- gnutls_digest_algorithm_t *digest,
- gnutls_datum_t *issuer_name_hash,
- gnutls_datum_t *issuer_key_hash,
- gnutls_datum_t *serial_number,
- unsigned int *cert_status,
- time_t *this_update,
- time_t *next_update,
- time_t *revocation_time,
- unsigned int *revocation_reason);
- int gnutls_ocsp_resp_get_extension (gnutls_ocsp_resp_t resp,
- unsigned indx,
- gnutls_datum_t *oid,
- unsigned int *critical,
- gnutls_datum_t *data);
- int gnutls_ocsp_resp_get_nonce (gnutls_ocsp_resp_t resp,
- unsigned int *critical,
- gnutls_datum_t *nonce);
- int gnutls_ocsp_resp_get_signature_algorithm (gnutls_ocsp_resp_t resp);
- int gnutls_ocsp_resp_get_signature (gnutls_ocsp_resp_t resp,
- gnutls_datum_t *sig);
- int gnutls_ocsp_resp_get_certs (gnutls_ocsp_resp_t resp,
- gnutls_x509_crt_t ** certs,
- size_t *ncerts);
+ int gnutls_ocsp_resp_get_version(gnutls_ocsp_resp_t resp);
+ int gnutls_ocsp_resp_get_responder(gnutls_ocsp_resp_t resp,
+ gnutls_datum_t * dn);
+ time_t gnutls_ocsp_resp_get_produced(gnutls_ocsp_resp_t resp);
+ int gnutls_ocsp_resp_get_single(gnutls_ocsp_resp_t resp,
+ unsigned indx,
+ gnutls_digest_algorithm_t * digest,
+ gnutls_datum_t * issuer_name_hash,
+ gnutls_datum_t * issuer_key_hash,
+ gnutls_datum_t * serial_number,
+ unsigned int *cert_status,
+ time_t * this_update,
+ time_t * next_update,
+ time_t * revocation_time,
+ unsigned int *revocation_reason);
+ int gnutls_ocsp_resp_get_extension(gnutls_ocsp_resp_t resp,
+ unsigned indx,
+ gnutls_datum_t * oid,
+ unsigned int *critical,
+ gnutls_datum_t * data);
+ int gnutls_ocsp_resp_get_nonce(gnutls_ocsp_resp_t resp,
+ unsigned int *critical,
+ gnutls_datum_t * nonce);
+ int gnutls_ocsp_resp_get_signature_algorithm(gnutls_ocsp_resp_t
+ resp);
+ int gnutls_ocsp_resp_get_signature(gnutls_ocsp_resp_t resp,
+ gnutls_datum_t * sig);
+ int gnutls_ocsp_resp_get_certs(gnutls_ocsp_resp_t resp,
+ gnutls_x509_crt_t ** certs,
+ size_t * ncerts);
- int gnutls_ocsp_resp_verify_direct (gnutls_ocsp_resp_t resp,
- gnutls_x509_crt_t issuer,
- unsigned int *verify,
- unsigned int flags);
- int gnutls_ocsp_resp_verify (gnutls_ocsp_resp_t resp,
- gnutls_x509_trust_list_t trustlist,
- unsigned int *verify,
- unsigned int flags);
+ int gnutls_ocsp_resp_verify_direct(gnutls_ocsp_resp_t resp,
+ gnutls_x509_crt_t issuer,
+ unsigned int *verify,
+ unsigned int flags);
+ int gnutls_ocsp_resp_verify(gnutls_ocsp_resp_t resp,
+ gnutls_x509_trust_list_t trustlist,
+ unsigned int *verify,
+ unsigned int flags);
- int gnutls_ocsp_resp_check_crt (gnutls_ocsp_resp_t resp,
- unsigned int indx,
- gnutls_x509_crt_t crt);
+ int gnutls_ocsp_resp_check_crt(gnutls_ocsp_resp_t resp,
+ unsigned int indx,
+ gnutls_x509_crt_t crt);
#ifdef __cplusplus
}
#endif
-
-#endif /* GNUTLS_OCSP_H */
+#endif /* GNUTLS_OCSP_H */
diff --git a/lib/includes/gnutls/openpgp.h b/lib/includes/gnutls/openpgp.h
index e87e2d307f..abb0ed348b 100644
--- a/lib/includes/gnutls/openpgp.h
+++ b/lib/includes/gnutls/openpgp.h
@@ -31,8 +31,7 @@
#include <limits.h>
#ifdef __cplusplus
-extern "C"
-{
+extern "C" {
#endif
/* Openpgp certificate stuff
@@ -45,257 +44,270 @@ extern "C"
*
* Enumeration of different OpenPGP key formats.
*/
- typedef enum gnutls_openpgp_crt_fmt
- {
- GNUTLS_OPENPGP_FMT_RAW,
- GNUTLS_OPENPGP_FMT_BASE64
- } gnutls_openpgp_crt_fmt_t;
+ typedef enum gnutls_openpgp_crt_fmt {
+ GNUTLS_OPENPGP_FMT_RAW,
+ GNUTLS_OPENPGP_FMT_BASE64
+ } gnutls_openpgp_crt_fmt_t;
#define GNUTLS_OPENPGP_KEYID_SIZE 8
#define GNUTLS_OPENPGP_V4_FINGERPRINT_SIZE 20
- typedef unsigned char gnutls_openpgp_keyid_t[GNUTLS_OPENPGP_KEYID_SIZE];
+ typedef unsigned char
+ gnutls_openpgp_keyid_t[GNUTLS_OPENPGP_KEYID_SIZE];
/* gnutls_openpgp_cert_t should be defined in gnutls.h
*/
- /* initializes the memory for gnutls_openpgp_crt_t struct */
- int gnutls_openpgp_crt_init (gnutls_openpgp_crt_t * key);
- /* frees all memory */
- void gnutls_openpgp_crt_deinit (gnutls_openpgp_crt_t key);
-
- int gnutls_openpgp_crt_import (gnutls_openpgp_crt_t key,
- const gnutls_datum_t * data,
- gnutls_openpgp_crt_fmt_t format);
- int gnutls_openpgp_crt_export (gnutls_openpgp_crt_t key,
- gnutls_openpgp_crt_fmt_t format,
- void *output_data,
- size_t * output_data_size);
- int gnutls_openpgp_crt_export2 (gnutls_openpgp_crt_t key,
- gnutls_openpgp_crt_fmt_t format,
- gnutls_datum_t * out);
-
- int gnutls_openpgp_crt_print (gnutls_openpgp_crt_t cert,
- gnutls_certificate_print_formats_t format,
- gnutls_datum_t * out);
+ /* initializes the memory for gnutls_openpgp_crt_t struct */
+ int gnutls_openpgp_crt_init(gnutls_openpgp_crt_t * key);
+ /* frees all memory */
+ void gnutls_openpgp_crt_deinit(gnutls_openpgp_crt_t key);
+
+ int gnutls_openpgp_crt_import(gnutls_openpgp_crt_t key,
+ const gnutls_datum_t * data,
+ gnutls_openpgp_crt_fmt_t format);
+ int gnutls_openpgp_crt_export(gnutls_openpgp_crt_t key,
+ gnutls_openpgp_crt_fmt_t format,
+ void *output_data,
+ size_t * output_data_size);
+ int gnutls_openpgp_crt_export2(gnutls_openpgp_crt_t key,
+ gnutls_openpgp_crt_fmt_t format,
+ gnutls_datum_t * out);
+
+ int gnutls_openpgp_crt_print(gnutls_openpgp_crt_t cert,
+ gnutls_certificate_print_formats_t
+ format, gnutls_datum_t * out);
/* The key_usage flags are defined in gnutls.h. They are
* the GNUTLS_KEY_* definitions.
*/
#define GNUTLS_OPENPGP_MASTER_KEYID_IDX INT_MAX
- int gnutls_openpgp_crt_get_key_usage (gnutls_openpgp_crt_t key,
- unsigned int *key_usage);
- int gnutls_openpgp_crt_get_fingerprint (gnutls_openpgp_crt_t key, void *fpr,
- size_t * fprlen);
- int gnutls_openpgp_crt_get_subkey_fingerprint (gnutls_openpgp_crt_t key,
- unsigned int idx,
- void *fpr, size_t * fprlen);
-
- int gnutls_openpgp_crt_get_name (gnutls_openpgp_crt_t key,
- int idx, char *buf, size_t * sizeof_buf);
-
- gnutls_pk_algorithm_t
- gnutls_openpgp_crt_get_pk_algorithm (gnutls_openpgp_crt_t key,
- unsigned int *bits);
-
- int gnutls_openpgp_crt_get_version (gnutls_openpgp_crt_t key);
-
- time_t gnutls_openpgp_crt_get_creation_time (gnutls_openpgp_crt_t key);
- time_t gnutls_openpgp_crt_get_expiration_time (gnutls_openpgp_crt_t key);
-
- int gnutls_openpgp_crt_get_key_id (gnutls_openpgp_crt_t key,
- gnutls_openpgp_keyid_t keyid);
-
- int gnutls_openpgp_crt_check_hostname (gnutls_openpgp_crt_t key,
- const char *hostname);
-
- int gnutls_openpgp_crt_get_revoked_status (gnutls_openpgp_crt_t key);
-
- int gnutls_openpgp_crt_get_subkey_count (gnutls_openpgp_crt_t key);
- int gnutls_openpgp_crt_get_subkey_idx (gnutls_openpgp_crt_t key,
- const gnutls_openpgp_keyid_t keyid);
- int gnutls_openpgp_crt_get_subkey_revoked_status (gnutls_openpgp_crt_t key,
- unsigned int idx);
- gnutls_pk_algorithm_t
- gnutls_openpgp_crt_get_subkey_pk_algorithm (gnutls_openpgp_crt_t key,
- unsigned int idx,
- unsigned int *bits);
- time_t gnutls_openpgp_crt_get_subkey_creation_time (gnutls_openpgp_crt_t
- key, unsigned int idx);
- time_t gnutls_openpgp_crt_get_subkey_expiration_time (gnutls_openpgp_crt_t
- key,
- unsigned int idx);
- int gnutls_openpgp_crt_get_subkey_id (gnutls_openpgp_crt_t key,
- unsigned int idx,
- gnutls_openpgp_keyid_t keyid);
- int gnutls_openpgp_crt_get_subkey_usage (gnutls_openpgp_crt_t key,
- unsigned int idx,
- unsigned int *key_usage);
-
- int gnutls_openpgp_crt_get_subkey_pk_dsa_raw (gnutls_openpgp_crt_t crt,
- unsigned int idx,
- gnutls_datum_t * p,
- gnutls_datum_t * q,
- gnutls_datum_t * g,
- gnutls_datum_t * y);
- int gnutls_openpgp_crt_get_subkey_pk_rsa_raw (gnutls_openpgp_crt_t crt,
- unsigned int idx,
- gnutls_datum_t * m,
- gnutls_datum_t * e);
- int gnutls_openpgp_crt_get_pk_dsa_raw (gnutls_openpgp_crt_t crt,
- gnutls_datum_t * p,
- gnutls_datum_t * q,
- gnutls_datum_t * g,
- gnutls_datum_t * y);
- int gnutls_openpgp_crt_get_pk_rsa_raw (gnutls_openpgp_crt_t crt,
- gnutls_datum_t * m,
- gnutls_datum_t * e);
-
- int gnutls_openpgp_crt_get_preferred_key_id (gnutls_openpgp_crt_t key,
- gnutls_openpgp_keyid_t keyid);
- int
- gnutls_openpgp_crt_set_preferred_key_id (gnutls_openpgp_crt_t key,
- const gnutls_openpgp_keyid_t
- keyid);
+ int gnutls_openpgp_crt_get_key_usage(gnutls_openpgp_crt_t key,
+ unsigned int *key_usage);
+ int gnutls_openpgp_crt_get_fingerprint(gnutls_openpgp_crt_t key,
+ void *fpr, size_t * fprlen);
+ int gnutls_openpgp_crt_get_subkey_fingerprint(gnutls_openpgp_crt_t
+ key,
+ unsigned int idx,
+ void *fpr,
+ size_t * fprlen);
+
+ int gnutls_openpgp_crt_get_name(gnutls_openpgp_crt_t key,
+ int idx, char *buf,
+ size_t * sizeof_buf);
+
+ gnutls_pk_algorithm_t
+ gnutls_openpgp_crt_get_pk_algorithm(gnutls_openpgp_crt_t key,
+ unsigned int *bits);
+
+ int gnutls_openpgp_crt_get_version(gnutls_openpgp_crt_t key);
+
+ time_t gnutls_openpgp_crt_get_creation_time(gnutls_openpgp_crt_t
+ key);
+ time_t gnutls_openpgp_crt_get_expiration_time(gnutls_openpgp_crt_t
+ key);
+
+ int gnutls_openpgp_crt_get_key_id(gnutls_openpgp_crt_t key,
+ gnutls_openpgp_keyid_t keyid);
+
+ int gnutls_openpgp_crt_check_hostname(gnutls_openpgp_crt_t key,
+ const char *hostname);
+
+ int gnutls_openpgp_crt_get_revoked_status(gnutls_openpgp_crt_t
+ key);
+
+ int gnutls_openpgp_crt_get_subkey_count(gnutls_openpgp_crt_t key);
+ int gnutls_openpgp_crt_get_subkey_idx(gnutls_openpgp_crt_t key,
+ const gnutls_openpgp_keyid_t
+ keyid);
+ int gnutls_openpgp_crt_get_subkey_revoked_status
+ (gnutls_openpgp_crt_t key, unsigned int idx);
+ gnutls_pk_algorithm_t
+ gnutls_openpgp_crt_get_subkey_pk_algorithm(gnutls_openpgp_crt_t
+ key,
+ unsigned int idx,
+ unsigned int *bits);
+ time_t
+ gnutls_openpgp_crt_get_subkey_creation_time
+ (gnutls_openpgp_crt_t key, unsigned int idx);
+ time_t
+ gnutls_openpgp_crt_get_subkey_expiration_time
+ (gnutls_openpgp_crt_t key, unsigned int idx);
+ int gnutls_openpgp_crt_get_subkey_id(gnutls_openpgp_crt_t key,
+ unsigned int idx,
+ gnutls_openpgp_keyid_t keyid);
+ int gnutls_openpgp_crt_get_subkey_usage(gnutls_openpgp_crt_t key,
+ unsigned int idx,
+ unsigned int *key_usage);
+
+ int gnutls_openpgp_crt_get_subkey_pk_dsa_raw(gnutls_openpgp_crt_t
+ crt, unsigned int idx,
+ gnutls_datum_t * p,
+ gnutls_datum_t * q,
+ gnutls_datum_t * g,
+ gnutls_datum_t * y);
+ int gnutls_openpgp_crt_get_subkey_pk_rsa_raw(gnutls_openpgp_crt_t
+ crt, unsigned int idx,
+ gnutls_datum_t * m,
+ gnutls_datum_t * e);
+ int gnutls_openpgp_crt_get_pk_dsa_raw(gnutls_openpgp_crt_t crt,
+ gnutls_datum_t * p,
+ gnutls_datum_t * q,
+ gnutls_datum_t * g,
+ gnutls_datum_t * y);
+ int gnutls_openpgp_crt_get_pk_rsa_raw(gnutls_openpgp_crt_t crt,
+ gnutls_datum_t * m,
+ gnutls_datum_t * e);
+
+ int gnutls_openpgp_crt_get_preferred_key_id(gnutls_openpgp_crt_t
+ key,
+ gnutls_openpgp_keyid_t
+ keyid);
+ int
+ gnutls_openpgp_crt_set_preferred_key_id(gnutls_openpgp_crt_t key,
+ const
+ gnutls_openpgp_keyid_t
+ keyid);
/* privkey stuff.
*/
- int gnutls_openpgp_privkey_init (gnutls_openpgp_privkey_t * key);
- void gnutls_openpgp_privkey_deinit (gnutls_openpgp_privkey_t key);
- gnutls_pk_algorithm_t
- gnutls_openpgp_privkey_get_pk_algorithm (gnutls_openpgp_privkey_t key,
- unsigned int *bits);
-
- gnutls_sec_param_t
- gnutls_openpgp_privkey_sec_param (gnutls_openpgp_privkey_t key);
- int gnutls_openpgp_privkey_import (gnutls_openpgp_privkey_t key,
- const gnutls_datum_t * data,
- gnutls_openpgp_crt_fmt_t format,
- const char *password,
- unsigned int flags);
-
- int gnutls_openpgp_privkey_get_fingerprint (gnutls_openpgp_privkey_t key,
- void *fpr, size_t * fprlen);
- int gnutls_openpgp_privkey_get_subkey_fingerprint (gnutls_openpgp_privkey_t
- key, unsigned int idx,
- void *fpr,
- size_t * fprlen);
- int gnutls_openpgp_privkey_get_key_id (gnutls_openpgp_privkey_t key,
- gnutls_openpgp_keyid_t keyid);
- int gnutls_openpgp_privkey_get_subkey_count (gnutls_openpgp_privkey_t key);
- int gnutls_openpgp_privkey_get_subkey_idx (gnutls_openpgp_privkey_t key,
- const gnutls_openpgp_keyid_t
- keyid);
-
- int
- gnutls_openpgp_privkey_get_subkey_revoked_status (gnutls_openpgp_privkey_t
- key, unsigned int idx);
-
- int gnutls_openpgp_privkey_get_revoked_status (gnutls_openpgp_privkey_t
- key);
-
- gnutls_pk_algorithm_t
- gnutls_openpgp_privkey_get_subkey_pk_algorithm (gnutls_openpgp_privkey_t
- key, unsigned int idx,
- unsigned int *bits);
-
- time_t
- gnutls_openpgp_privkey_get_subkey_expiration_time
- (gnutls_openpgp_privkey_t key, unsigned int idx);
-
- int gnutls_openpgp_privkey_get_subkey_id (gnutls_openpgp_privkey_t key,
- unsigned int idx,
- gnutls_openpgp_keyid_t keyid);
-
- time_t
- gnutls_openpgp_privkey_get_subkey_creation_time (gnutls_openpgp_privkey_t
- key, unsigned int idx);
-
- int
- gnutls_openpgp_privkey_export_subkey_dsa_raw (gnutls_openpgp_privkey_t
- pkey, unsigned int idx,
- gnutls_datum_t * p,
- gnutls_datum_t * q,
- gnutls_datum_t * g,
- gnutls_datum_t * y,
- gnutls_datum_t * x);
- int gnutls_openpgp_privkey_export_subkey_rsa_raw (gnutls_openpgp_privkey_t
- pkey, unsigned int idx,
- gnutls_datum_t * m,
- gnutls_datum_t * e,
- gnutls_datum_t * d,
- gnutls_datum_t * p,
- gnutls_datum_t * q,
- gnutls_datum_t * u);
-
- int gnutls_openpgp_privkey_export_dsa_raw (gnutls_openpgp_privkey_t pkey,
- gnutls_datum_t * p,
- gnutls_datum_t * q,
- gnutls_datum_t * g,
- gnutls_datum_t * y,
- gnutls_datum_t * x);
- int gnutls_openpgp_privkey_export_rsa_raw (gnutls_openpgp_privkey_t pkey,
- gnutls_datum_t * m,
- gnutls_datum_t * e,
- gnutls_datum_t * d,
- gnutls_datum_t * p,
- gnutls_datum_t * q,
- gnutls_datum_t * u);
-
- int gnutls_openpgp_privkey_export (gnutls_openpgp_privkey_t key,
- gnutls_openpgp_crt_fmt_t format,
- const char *password,
- unsigned int flags,
- void *output_data,
- size_t * output_data_size);
- int gnutls_openpgp_privkey_export2 (gnutls_openpgp_privkey_t key,
- gnutls_openpgp_crt_fmt_t format,
- const char *password,
- unsigned int flags,
- gnutls_datum_t * out);
-
- int
- gnutls_openpgp_privkey_set_preferred_key_id (gnutls_openpgp_privkey_t key,
- const gnutls_openpgp_keyid_t
- keyid);
- int gnutls_openpgp_privkey_get_preferred_key_id (gnutls_openpgp_privkey_t
- key,
- gnutls_openpgp_keyid_t
- keyid);
-
- int gnutls_openpgp_crt_get_auth_subkey (gnutls_openpgp_crt_t crt,
- gnutls_openpgp_keyid_t keyid,
- unsigned int flag);
+ int gnutls_openpgp_privkey_init(gnutls_openpgp_privkey_t * key);
+ void gnutls_openpgp_privkey_deinit(gnutls_openpgp_privkey_t key);
+ gnutls_pk_algorithm_t
+ gnutls_openpgp_privkey_get_pk_algorithm
+ (gnutls_openpgp_privkey_t key, unsigned int *bits);
+
+ gnutls_sec_param_t
+ gnutls_openpgp_privkey_sec_param(gnutls_openpgp_privkey_t key);
+ int gnutls_openpgp_privkey_import(gnutls_openpgp_privkey_t key,
+ const gnutls_datum_t * data,
+ gnutls_openpgp_crt_fmt_t format,
+ const char *password,
+ unsigned int flags);
+
+ int gnutls_openpgp_privkey_get_fingerprint(gnutls_openpgp_privkey_t
+ key, void *fpr,
+ size_t * fprlen);
+ int gnutls_openpgp_privkey_get_subkey_fingerprint
+ (gnutls_openpgp_privkey_t key, unsigned int idx, void *fpr,
+ size_t * fprlen);
+ int gnutls_openpgp_privkey_get_key_id(gnutls_openpgp_privkey_t key,
+ gnutls_openpgp_keyid_t
+ keyid);
+ int gnutls_openpgp_privkey_get_subkey_count
+ (gnutls_openpgp_privkey_t key);
+ int gnutls_openpgp_privkey_get_subkey_idx(gnutls_openpgp_privkey_t
+ key,
+ const
+ gnutls_openpgp_keyid_t
+ keyid);
+
+ int
+ gnutls_openpgp_privkey_get_subkey_revoked_status
+ (gnutls_openpgp_privkey_t key, unsigned int idx);
+
+ int gnutls_openpgp_privkey_get_revoked_status
+ (gnutls_openpgp_privkey_t key);
+
+ gnutls_pk_algorithm_t
+ gnutls_openpgp_privkey_get_subkey_pk_algorithm
+ (gnutls_openpgp_privkey_t key, unsigned int idx,
+ unsigned int *bits);
+
+ time_t
+ gnutls_openpgp_privkey_get_subkey_expiration_time
+ (gnutls_openpgp_privkey_t key, unsigned int idx);
+
+ int gnutls_openpgp_privkey_get_subkey_id(gnutls_openpgp_privkey_t
+ key, unsigned int idx,
+ gnutls_openpgp_keyid_t
+ keyid);
+
+ time_t
+ gnutls_openpgp_privkey_get_subkey_creation_time
+ (gnutls_openpgp_privkey_t key, unsigned int idx);
+
+ int
+ gnutls_openpgp_privkey_export_subkey_dsa_raw
+ (gnutls_openpgp_privkey_t pkey, unsigned int idx,
+ gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * g,
+ gnutls_datum_t * y, gnutls_datum_t * x);
+ int gnutls_openpgp_privkey_export_subkey_rsa_raw
+ (gnutls_openpgp_privkey_t pkey, unsigned int idx,
+ gnutls_datum_t * m, gnutls_datum_t * e, gnutls_datum_t * d,
+ gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * u);
+
+ int gnutls_openpgp_privkey_export_dsa_raw(gnutls_openpgp_privkey_t
+ pkey, gnutls_datum_t * p,
+ gnutls_datum_t * q,
+ gnutls_datum_t * g,
+ gnutls_datum_t * y,
+ gnutls_datum_t * x);
+ int gnutls_openpgp_privkey_export_rsa_raw(gnutls_openpgp_privkey_t
+ pkey, gnutls_datum_t * m,
+ gnutls_datum_t * e,
+ gnutls_datum_t * d,
+ gnutls_datum_t * p,
+ gnutls_datum_t * q,
+ gnutls_datum_t * u);
+
+ int gnutls_openpgp_privkey_export(gnutls_openpgp_privkey_t key,
+ gnutls_openpgp_crt_fmt_t format,
+ const char *password,
+ unsigned int flags,
+ void *output_data,
+ size_t * output_data_size);
+ int gnutls_openpgp_privkey_export2(gnutls_openpgp_privkey_t key,
+ gnutls_openpgp_crt_fmt_t format,
+ const char *password,
+ unsigned int flags,
+ gnutls_datum_t * out);
+
+ int
+ gnutls_openpgp_privkey_set_preferred_key_id
+ (gnutls_openpgp_privkey_t key,
+ const gnutls_openpgp_keyid_t keyid);
+ int gnutls_openpgp_privkey_get_preferred_key_id
+ (gnutls_openpgp_privkey_t key, gnutls_openpgp_keyid_t keyid);
+
+ int gnutls_openpgp_crt_get_auth_subkey(gnutls_openpgp_crt_t crt,
+ gnutls_openpgp_keyid_t
+ keyid, unsigned int flag);
/* Keyring stuff.
*/
- int gnutls_openpgp_keyring_init (gnutls_openpgp_keyring_t * keyring);
- void gnutls_openpgp_keyring_deinit (gnutls_openpgp_keyring_t keyring);
+ int gnutls_openpgp_keyring_init(gnutls_openpgp_keyring_t *
+ keyring);
+ void gnutls_openpgp_keyring_deinit(gnutls_openpgp_keyring_t
+ keyring);
- int gnutls_openpgp_keyring_import (gnutls_openpgp_keyring_t keyring,
- const gnutls_datum_t * data,
- gnutls_openpgp_crt_fmt_t format);
+ int gnutls_openpgp_keyring_import(gnutls_openpgp_keyring_t keyring,
+ const gnutls_datum_t * data,
+ gnutls_openpgp_crt_fmt_t format);
- int gnutls_openpgp_keyring_check_id (gnutls_openpgp_keyring_t ring,
- const gnutls_openpgp_keyid_t keyid,
- unsigned int flags);
+ int gnutls_openpgp_keyring_check_id(gnutls_openpgp_keyring_t ring,
+ const gnutls_openpgp_keyid_t
+ keyid, unsigned int flags);
- int gnutls_openpgp_crt_verify_ring (gnutls_openpgp_crt_t key,
- gnutls_openpgp_keyring_t keyring,
- unsigned int flags, unsigned int *verify
- /* the output of the verification */ );
+ int gnutls_openpgp_crt_verify_ring(gnutls_openpgp_crt_t key,
+ gnutls_openpgp_keyring_t
+ keyring, unsigned int flags,
+ unsigned int *verify
+ /* the output of the verification */
+ );
- int gnutls_openpgp_crt_verify_self (gnutls_openpgp_crt_t key,
- unsigned int flags,
- unsigned int *verify);
+ int gnutls_openpgp_crt_verify_self(gnutls_openpgp_crt_t key,
+ unsigned int flags,
+ unsigned int *verify);
- int gnutls_openpgp_keyring_get_crt (gnutls_openpgp_keyring_t ring,
- unsigned int idx,
- gnutls_openpgp_crt_t * cert);
+ int gnutls_openpgp_keyring_get_crt(gnutls_openpgp_keyring_t ring,
+ unsigned int idx,
+ gnutls_openpgp_crt_t * cert);
- int gnutls_openpgp_keyring_get_crt_count (gnutls_openpgp_keyring_t ring);
+ int gnutls_openpgp_keyring_get_crt_count(gnutls_openpgp_keyring_t
+ ring);
@@ -316,59 +328,56 @@ extern "C"
* Returns: On success, %GNUTLS_E_SUCCESS (zero) is returned,
* otherwise an error code is returned.
*/
- typedef int (*gnutls_openpgp_recv_key_func) (gnutls_session_t session,
- const unsigned char *keyfpr,
- unsigned int keyfpr_length,
- gnutls_datum_t * key);
+ typedef int (*gnutls_openpgp_recv_key_func) (gnutls_session_t
+ session,
+ const unsigned char
+ *keyfpr,
+ unsigned int
+ keyfpr_length,
+ gnutls_datum_t * key);
- void
- gnutls_openpgp_set_recv_key_function (gnutls_session_t session,
- gnutls_openpgp_recv_key_func func);
+ void
+ gnutls_openpgp_set_recv_key_function(gnutls_session_t session,
+ gnutls_openpgp_recv_key_func
+ func);
/* certificate authentication stuff.
*/
- int gnutls_certificate_set_openpgp_key (gnutls_certificate_credentials_t res,
- gnutls_openpgp_crt_t crt,
- gnutls_openpgp_privkey_t pkey);
-
- int
- gnutls_certificate_set_openpgp_key_file (gnutls_certificate_credentials_t
- res, const char *certfile,
- const char *keyfile,
- gnutls_openpgp_crt_fmt_t format);
- int gnutls_certificate_set_openpgp_key_mem (gnutls_certificate_credentials_t
- res,
- const gnutls_datum_t * cert,
- const gnutls_datum_t * key,
- gnutls_openpgp_crt_fmt_t
- format);
-
- int
- gnutls_certificate_set_openpgp_key_file2 (gnutls_certificate_credentials_t
- res, const char *certfile,
- const char *keyfile,
- const char *subkey_id,
- gnutls_openpgp_crt_fmt_t
- format);
- int
- gnutls_certificate_set_openpgp_key_mem2 (gnutls_certificate_credentials_t
- res, const gnutls_datum_t * cert,
- const gnutls_datum_t * key,
- const char *subkey_id,
- gnutls_openpgp_crt_fmt_t format);
-
- int gnutls_certificate_set_openpgp_keyring_mem (
- gnutls_certificate_credentials_t c, const unsigned char *data,
- size_t dlen, gnutls_openpgp_crt_fmt_t format);
-
- int gnutls_certificate_set_openpgp_keyring_file (
- gnutls_certificate_credentials_t c, const char *file,
- gnutls_openpgp_crt_fmt_t format);
+ int gnutls_certificate_set_openpgp_key
+ (gnutls_certificate_credentials_t res,
+ gnutls_openpgp_crt_t crt, gnutls_openpgp_privkey_t pkey);
+
+ int
+ gnutls_certificate_set_openpgp_key_file
+ (gnutls_certificate_credentials_t res, const char *certfile,
+ const char *keyfile, gnutls_openpgp_crt_fmt_t format);
+ int gnutls_certificate_set_openpgp_key_mem
+ (gnutls_certificate_credentials_t res,
+ const gnutls_datum_t * cert, const gnutls_datum_t * key,
+ gnutls_openpgp_crt_fmt_t format);
+
+ int
+ gnutls_certificate_set_openpgp_key_file2
+ (gnutls_certificate_credentials_t res, const char *certfile,
+ const char *keyfile, const char *subkey_id,
+ gnutls_openpgp_crt_fmt_t format);
+ int
+ gnutls_certificate_set_openpgp_key_mem2
+ (gnutls_certificate_credentials_t res,
+ const gnutls_datum_t * cert, const gnutls_datum_t * key,
+ const char *subkey_id, gnutls_openpgp_crt_fmt_t format);
+
+ int gnutls_certificate_set_openpgp_keyring_mem
+ (gnutls_certificate_credentials_t c, const unsigned char *data,
+ size_t dlen, gnutls_openpgp_crt_fmt_t format);
+
+ int gnutls_certificate_set_openpgp_keyring_file
+ (gnutls_certificate_credentials_t c, const char *file,
+ gnutls_openpgp_crt_fmt_t format);
#ifdef __cplusplus
}
#endif
-
-#endif /* GNUTLS_OPENPGP_H */
+#endif /* GNUTLS_OPENPGP_H */
diff --git a/lib/includes/gnutls/pkcs11.h b/lib/includes/gnutls/pkcs11.h
index d3e641b7f1..13015c0bef 100644
--- a/lib/includes/gnutls/pkcs11.h
+++ b/lib/includes/gnutls/pkcs11.h
@@ -29,8 +29,7 @@
#include <gnutls/x509.h>
#ifdef __cplusplus
-extern "C"
-{
+extern "C" {
#endif
#define GNUTLS_PKCS11_MAX_PIN_LEN 32
@@ -53,46 +52,51 @@ extern "C"
*
* Since: 2.12.0
**/
-typedef int (*gnutls_pkcs11_token_callback_t) (void *const userdata,
- const char *const label,
- unsigned retry);
+ typedef int (*gnutls_pkcs11_token_callback_t) (void *const
+ userdata,
+ const char *const
+ label,
+ unsigned retry);
-struct gnutls_pkcs11_obj_st;
-typedef struct gnutls_pkcs11_obj_st *gnutls_pkcs11_obj_t;
+ struct gnutls_pkcs11_obj_st;
+ typedef struct gnutls_pkcs11_obj_st *gnutls_pkcs11_obj_t;
-#define GNUTLS_PKCS11_FLAG_MANUAL 0 /* Manual loading of libraries */
-#define GNUTLS_PKCS11_FLAG_AUTO 1 /* Automatically load libraries by reading /etc/gnutls/pkcs11.conf */
+#define GNUTLS_PKCS11_FLAG_MANUAL 0 /* Manual loading of libraries */
+#define GNUTLS_PKCS11_FLAG_AUTO 1 /* Automatically load libraries by reading /etc/gnutls/pkcs11.conf */
/* pkcs11.conf format:
* load = /lib/xxx-pkcs11.so
* load = /lib/yyy-pkcs11.so
*/
-int gnutls_pkcs11_init (unsigned int flags, const char *deprecated_config_file);
-int gnutls_pkcs11_reinit (void);
-void gnutls_pkcs11_deinit (void);
-void gnutls_pkcs11_set_token_function (gnutls_pkcs11_token_callback_t fn,
- void *userdata);
-
-void gnutls_pkcs11_set_pin_function (gnutls_pin_callback_t fn,
- void *userdata);
-
-gnutls_pin_callback_t gnutls_pkcs11_get_pin_function (void **userdata);
-
-int gnutls_pkcs11_add_provider (const char *name, const char *params);
-int gnutls_pkcs11_obj_init (gnutls_pkcs11_obj_t * obj);
-void gnutls_pkcs11_obj_set_pin_function (gnutls_pkcs11_obj_t obj,
- gnutls_pin_callback_t fn,
- void *userdata);
-
-#define GNUTLS_PKCS11_OBJ_FLAG_LOGIN (1<<0) /* force login in the token for the operation */
-#define GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED (1<<1) /* object marked as trusted */
-#define GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE (1<<2) /* object marked as sensitive (unexportable) */
-#define GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO (1<<3) /* force login as a security officer in the token for the operation */
-#define GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE (1<<4) /* marked as private (requires PIN to access) */
-#define GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE (1<<5) /* marked as not private */
+ int gnutls_pkcs11_init(unsigned int flags,
+ const char *deprecated_config_file);
+ int gnutls_pkcs11_reinit(void);
+ void gnutls_pkcs11_deinit(void);
+ void gnutls_pkcs11_set_token_function
+ (gnutls_pkcs11_token_callback_t fn, void *userdata);
+
+ void gnutls_pkcs11_set_pin_function(gnutls_pin_callback_t fn,
+ void *userdata);
+
+ gnutls_pin_callback_t gnutls_pkcs11_get_pin_function(void
+ **userdata);
+
+ int gnutls_pkcs11_add_provider(const char *name,
+ const char *params);
+ int gnutls_pkcs11_obj_init(gnutls_pkcs11_obj_t * obj);
+ void gnutls_pkcs11_obj_set_pin_function(gnutls_pkcs11_obj_t obj,
+ gnutls_pin_callback_t fn,
+ void *userdata);
+
+#define GNUTLS_PKCS11_OBJ_FLAG_LOGIN (1<<0) /* force login in the token for the operation */
+#define GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED (1<<1) /* object marked as trusted */
+#define GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE (1<<2) /* object marked as sensitive (unexportable) */
+#define GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO (1<<3) /* force login as a security officer in the token for the operation */
+#define GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE (1<<4) /* marked as private (requires PIN to access) */
+#define GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE (1<<5) /* marked as not private */
/**
* gnutls_pkcs11_url_type_t:
@@ -102,41 +106,51 @@ void gnutls_pkcs11_obj_set_pin_function (gnutls_pkcs11_obj_t obj,
*
* Enumeration of different URL extraction flags.
*/
-typedef enum
- {
- GNUTLS_PKCS11_URL_GENERIC, /* URL specifies the object on token level */
- GNUTLS_PKCS11_URL_LIB, /* URL specifies the object on module level */
- GNUTLS_PKCS11_URL_LIB_VERSION /* URL specifies the object on module and version level */
- } gnutls_pkcs11_url_type_t;
-
-int gnutls_pkcs11_obj_import_url (gnutls_pkcs11_obj_t obj,
- const char *url,
- unsigned int flags
- /* GNUTLS_PKCS11_OBJ_FLAG_* */ );
-int gnutls_pkcs11_obj_export_url (gnutls_pkcs11_obj_t obj,
- gnutls_pkcs11_url_type_t detailed,
- char **url);
-void gnutls_pkcs11_obj_deinit (gnutls_pkcs11_obj_t obj);
-
-int gnutls_pkcs11_obj_export (gnutls_pkcs11_obj_t obj,
- void *output_data, size_t * output_data_size);
-int gnutls_pkcs11_obj_export2 (gnutls_pkcs11_obj_t obj,
- gnutls_datum_t *out);
-
-int gnutls_pkcs11_copy_x509_crt (const char *token_url, gnutls_x509_crt_t crt,
- const char *label, unsigned int flags
- /* GNUTLS_PKCS11_OBJ_FLAG_* */ );
-int gnutls_pkcs11_copy_x509_privkey (const char *token_url, gnutls_x509_privkey_t key,
- const char *label, unsigned int key_usage /*GNUTLS_KEY_* */, unsigned int flags
- /* GNUTLS_PKCS11_OBJ_FLAG_* */ );
-int gnutls_pkcs11_delete_url (const char *object_url, unsigned int flags
- /* GNUTLS_PKCS11_OBJ_FLAG_* */ );
-
-int gnutls_pkcs11_copy_secret_key (const char *token_url,
- gnutls_datum_t * key, const char *label,
- unsigned int key_usage /* GNUTLS_KEY_* */ ,
- unsigned int flags
- /* GNUTLS_PKCS11_OBJ_FLAG_* */ );
+ typedef enum {
+ GNUTLS_PKCS11_URL_GENERIC, /* URL specifies the object on token level */
+ GNUTLS_PKCS11_URL_LIB, /* URL specifies the object on module level */
+ GNUTLS_PKCS11_URL_LIB_VERSION /* URL specifies the object on module and version level */
+ } gnutls_pkcs11_url_type_t;
+
+ int gnutls_pkcs11_obj_import_url(gnutls_pkcs11_obj_t obj,
+ const char *url,
+ unsigned int flags
+ /* GNUTLS_PKCS11_OBJ_FLAG_* */ );
+ int gnutls_pkcs11_obj_export_url(gnutls_pkcs11_obj_t obj,
+ gnutls_pkcs11_url_type_t detailed,
+ char **url);
+ void gnutls_pkcs11_obj_deinit(gnutls_pkcs11_obj_t obj);
+
+ int gnutls_pkcs11_obj_export(gnutls_pkcs11_obj_t obj,
+ void *output_data,
+ size_t * output_data_size);
+ int gnutls_pkcs11_obj_export2(gnutls_pkcs11_obj_t obj,
+ gnutls_datum_t * out);
+
+ int gnutls_pkcs11_copy_x509_crt(const char *token_url,
+ gnutls_x509_crt_t crt,
+ const char *label,
+ unsigned int flags
+ /* GNUTLS_PKCS11_OBJ_FLAG_* */ );
+ int gnutls_pkcs11_copy_x509_privkey(const char *token_url,
+ gnutls_x509_privkey_t key,
+ const char *label,
+ unsigned int key_usage
+ /*GNUTLS_KEY_* */ ,
+ unsigned int flags
+ /* GNUTLS_PKCS11_OBJ_FLAG_* */
+ );
+ int gnutls_pkcs11_delete_url(const char *object_url,
+ unsigned int flags
+ /* GNUTLS_PKCS11_OBJ_FLAG_* */ );
+
+ int gnutls_pkcs11_copy_secret_key(const char *token_url,
+ gnutls_datum_t * key,
+ const char *label,
+ unsigned int key_usage
+ /* GNUTLS_KEY_* */ ,
+ unsigned int flags
+ /* GNUTLS_PKCS11_OBJ_FLAG_* */ );
/**
* gnutls_pkcs11_obj_info_t:
@@ -153,24 +167,23 @@ int gnutls_pkcs11_copy_secret_key (const char *token_url,
*
* Enumeration of several object information types.
*/
-typedef enum
- {
- GNUTLS_PKCS11_OBJ_ID_HEX = 1,
- GNUTLS_PKCS11_OBJ_LABEL,
- GNUTLS_PKCS11_OBJ_TOKEN_LABEL,
- GNUTLS_PKCS11_OBJ_TOKEN_SERIAL,
- GNUTLS_PKCS11_OBJ_TOKEN_MANUFACTURER,
- GNUTLS_PKCS11_OBJ_TOKEN_MODEL,
- GNUTLS_PKCS11_OBJ_ID,
- /* the pkcs11 provider library info */
- GNUTLS_PKCS11_OBJ_LIBRARY_VERSION,
- GNUTLS_PKCS11_OBJ_LIBRARY_DESCRIPTION,
- GNUTLS_PKCS11_OBJ_LIBRARY_MANUFACTURER
- } gnutls_pkcs11_obj_info_t;
-
-int gnutls_pkcs11_obj_get_info (gnutls_pkcs11_obj_t crt,
- gnutls_pkcs11_obj_info_t itype, void *output,
- size_t * output_size);
+ typedef enum {
+ GNUTLS_PKCS11_OBJ_ID_HEX = 1,
+ GNUTLS_PKCS11_OBJ_LABEL,
+ GNUTLS_PKCS11_OBJ_TOKEN_LABEL,
+ GNUTLS_PKCS11_OBJ_TOKEN_SERIAL,
+ GNUTLS_PKCS11_OBJ_TOKEN_MANUFACTURER,
+ GNUTLS_PKCS11_OBJ_TOKEN_MODEL,
+ GNUTLS_PKCS11_OBJ_ID,
+ /* the pkcs11 provider library info */
+ GNUTLS_PKCS11_OBJ_LIBRARY_VERSION,
+ GNUTLS_PKCS11_OBJ_LIBRARY_DESCRIPTION,
+ GNUTLS_PKCS11_OBJ_LIBRARY_MANUFACTURER
+ } gnutls_pkcs11_obj_info_t;
+
+ int gnutls_pkcs11_obj_get_info(gnutls_pkcs11_obj_t crt,
+ gnutls_pkcs11_obj_info_t itype,
+ void *output, size_t * output_size);
/**
* gnutls_pkcs11_obj_attr_t:
@@ -184,16 +197,15 @@ int gnutls_pkcs11_obj_get_info (gnutls_pkcs11_obj_t crt,
*
* Enumeration of several attributes for object enumeration.
*/
-typedef enum
- {
- GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL = 1, /* all certificates */
- GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED, /* certificates marked as trusted */
- GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY, /* certificates with corresponding private key */
- GNUTLS_PKCS11_OBJ_ATTR_PUBKEY, /* public keys */
- GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY, /* private keys */
- GNUTLS_PKCS11_OBJ_ATTR_ALL, /* everything! */
- GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED_CA, /* CAs */
- } gnutls_pkcs11_obj_attr_t;
+ typedef enum {
+ GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL = 1, /* all certificates */
+ GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED, /* certificates marked as trusted */
+ GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY, /* certificates with corresponding private key */
+ GNUTLS_PKCS11_OBJ_ATTR_PUBKEY, /* public keys */
+ GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY, /* private keys */
+ GNUTLS_PKCS11_OBJ_ATTR_ALL, /* everything! */
+ GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED_CA, /* CAs */
+ } gnutls_pkcs11_obj_attr_t;
/**
* gnutls_pkcs11_token_info_t:
@@ -204,13 +216,12 @@ typedef enum
*
* Enumeration of types for retrieving token information.
*/
-typedef enum
- {
- GNUTLS_PKCS11_TOKEN_LABEL,
- GNUTLS_PKCS11_TOKEN_SERIAL,
- GNUTLS_PKCS11_TOKEN_MANUFACTURER,
- GNUTLS_PKCS11_TOKEN_MODEL
- } gnutls_pkcs11_token_info_t;
+ typedef enum {
+ GNUTLS_PKCS11_TOKEN_LABEL,
+ GNUTLS_PKCS11_TOKEN_SERIAL,
+ GNUTLS_PKCS11_TOKEN_MANUFACTURER,
+ GNUTLS_PKCS11_TOKEN_MODEL
+ } gnutls_pkcs11_token_info_t;
/**
* gnutls_pkcs11_obj_type_t:
@@ -223,108 +234,120 @@ typedef enum
*
* Enumeration of object types.
*/
-typedef enum
- {
- GNUTLS_PKCS11_OBJ_UNKNOWN,
- GNUTLS_PKCS11_OBJ_X509_CRT,
- GNUTLS_PKCS11_OBJ_PUBKEY,
- GNUTLS_PKCS11_OBJ_PRIVKEY,
- GNUTLS_PKCS11_OBJ_SECRET_KEY,
- GNUTLS_PKCS11_OBJ_DATA
- } gnutls_pkcs11_obj_type_t;
-
-int
-gnutls_pkcs11_token_init (const char *token_url,
- const char *so_pin, const char *label);
-
-int
-gnutls_pkcs11_token_get_mechanism (const char *url, unsigned int idx,
- unsigned long *mechanism);
-
-int gnutls_pkcs11_token_set_pin (const char *token_url,
- const char *oldpin,
- const char *newpin,
- unsigned int flags /*gnutls_pin_flag_t */
- );
-
-int gnutls_pkcs11_token_get_url (unsigned int seq,
- gnutls_pkcs11_url_type_t detailed,
- char **url);
-int gnutls_pkcs11_token_get_info (const char *url,
- gnutls_pkcs11_token_info_t ttype,
- void *output, size_t * output_size);
+ typedef enum {
+ GNUTLS_PKCS11_OBJ_UNKNOWN,
+ GNUTLS_PKCS11_OBJ_X509_CRT,
+ GNUTLS_PKCS11_OBJ_PUBKEY,
+ GNUTLS_PKCS11_OBJ_PRIVKEY,
+ GNUTLS_PKCS11_OBJ_SECRET_KEY,
+ GNUTLS_PKCS11_OBJ_DATA
+ } gnutls_pkcs11_obj_type_t;
+
+ int
+ gnutls_pkcs11_token_init(const char *token_url,
+ const char *so_pin, const char *label);
+
+ int
+ gnutls_pkcs11_token_get_mechanism(const char *url,
+ unsigned int idx,
+ unsigned long *mechanism);
+
+ int gnutls_pkcs11_token_set_pin(const char *token_url, const char *oldpin, const char *newpin, unsigned int flags /*gnutls_pin_flag_t */
+ );
+
+ int gnutls_pkcs11_token_get_url(unsigned int seq,
+ gnutls_pkcs11_url_type_t detailed,
+ char **url);
+ int gnutls_pkcs11_token_get_info(const char *url,
+ gnutls_pkcs11_token_info_t ttype,
+ void *output,
+ size_t * output_size);
#define GNUTLS_PKCS11_TOKEN_HW 1
-int gnutls_pkcs11_token_get_flags (const char *url, unsigned int *flags);
-
-int gnutls_pkcs11_obj_list_import_url (gnutls_pkcs11_obj_t * p_list,
- unsigned int *const n_list,
- const char *url,
- gnutls_pkcs11_obj_attr_t attrs,
- unsigned int flags
- /* GNUTLS_PKCS11_OBJ_FLAG_* */ );
-
-int
-gnutls_pkcs11_obj_list_import_url2 (gnutls_pkcs11_obj_t ** p_list,
- unsigned int *n_list,
- const char *url,
- gnutls_pkcs11_obj_attr_t attrs,
- unsigned int flags
- /* GNUTLS_PKCS11_OBJ_FLAG_* */ );
-
-int gnutls_x509_crt_import_pkcs11 (gnutls_x509_crt_t crt,
- gnutls_pkcs11_obj_t pkcs11_crt);
-int gnutls_x509_crt_import_pkcs11_url (gnutls_x509_crt_t crt, const char *url,
- unsigned int flags
- /* GNUTLS_PKCS11_OBJ_FLAG_* */ );
-
-gnutls_pkcs11_obj_type_t gnutls_pkcs11_obj_get_type (gnutls_pkcs11_obj_t obj);
-const char *gnutls_pkcs11_type_get_name (gnutls_pkcs11_obj_type_t type);
-
-int gnutls_x509_crt_list_import_pkcs11 (gnutls_x509_crt_t * certs,
- unsigned int cert_max,
- gnutls_pkcs11_obj_t * const objs,
- unsigned int flags /* must be zero */);
+ int gnutls_pkcs11_token_get_flags(const char *url,
+ unsigned int *flags);
+
+ int gnutls_pkcs11_obj_list_import_url(gnutls_pkcs11_obj_t * p_list,
+ unsigned int *const n_list,
+ const char *url,
+ gnutls_pkcs11_obj_attr_t
+ attrs, unsigned int flags
+ /* GNUTLS_PKCS11_OBJ_FLAG_* */
+ );
+
+ int
+ gnutls_pkcs11_obj_list_import_url2(gnutls_pkcs11_obj_t ** p_list,
+ unsigned int *n_list,
+ const char *url,
+ gnutls_pkcs11_obj_attr_t attrs,
+ unsigned int flags
+ /* GNUTLS_PKCS11_OBJ_FLAG_* */
+ );
+
+ int gnutls_x509_crt_import_pkcs11(gnutls_x509_crt_t crt,
+ gnutls_pkcs11_obj_t pkcs11_crt);
+ int gnutls_x509_crt_import_pkcs11_url(gnutls_x509_crt_t crt,
+ const char *url,
+ unsigned int flags
+ /* GNUTLS_PKCS11_OBJ_FLAG_* */
+ );
+
+ gnutls_pkcs11_obj_type_t
+ gnutls_pkcs11_obj_get_type(gnutls_pkcs11_obj_t obj);
+ const char *gnutls_pkcs11_type_get_name(gnutls_pkcs11_obj_type_t
+ type);
+
+ int gnutls_x509_crt_list_import_pkcs11(gnutls_x509_crt_t * certs,
+ unsigned int cert_max,
+ gnutls_pkcs11_obj_t *
+ const objs,
+ unsigned int flags
+ /* must be zero */ );
/* private key functions...*/
-int gnutls_pkcs11_privkey_init (gnutls_pkcs11_privkey_t * key);
-void gnutls_pkcs11_privkey_set_pin_function (gnutls_pkcs11_privkey_t key,
- gnutls_pin_callback_t fn,
- void *userdata);
-void gnutls_pkcs11_privkey_deinit (gnutls_pkcs11_privkey_t key);
-int gnutls_pkcs11_privkey_get_pk_algorithm (gnutls_pkcs11_privkey_t key,
- unsigned int *bits);
-int gnutls_pkcs11_privkey_get_info (gnutls_pkcs11_privkey_t pkey,
- gnutls_pkcs11_obj_info_t itype,
- void *output, size_t * output_size);
-
-int gnutls_pkcs11_privkey_import_url (gnutls_pkcs11_privkey_t pkey,
- const char *url, unsigned int flags);
-
-int gnutls_pkcs11_privkey_export_url (gnutls_pkcs11_privkey_t key,
- gnutls_pkcs11_url_type_t detailed,
- char **url);
-int gnutls_pkcs11_privkey_status (gnutls_pkcs11_privkey_t key);
-
-int gnutls_pkcs11_privkey_generate (const char* url,
- gnutls_pk_algorithm_t pk,
- unsigned int bits,
- const char* label, unsigned int flags);
-
-int
-gnutls_pkcs11_privkey_generate2 (const char* url, gnutls_pk_algorithm_t pk,
- unsigned int bits, const char* label,
- gnutls_x509_crt_fmt_t fmt,
- gnutls_datum_t * pubkey,
- unsigned int flags);
-
-int
-gnutls_pkcs11_token_get_random (const char* token_url,
- void* data,
- size_t len);
+ int gnutls_pkcs11_privkey_init(gnutls_pkcs11_privkey_t * key);
+ void gnutls_pkcs11_privkey_set_pin_function(gnutls_pkcs11_privkey_t
+ key,
+ gnutls_pin_callback_t
+ fn, void *userdata);
+ void gnutls_pkcs11_privkey_deinit(gnutls_pkcs11_privkey_t key);
+ int gnutls_pkcs11_privkey_get_pk_algorithm(gnutls_pkcs11_privkey_t
+ key,
+ unsigned int *bits);
+ int gnutls_pkcs11_privkey_get_info(gnutls_pkcs11_privkey_t pkey,
+ gnutls_pkcs11_obj_info_t itype,
+ void *output,
+ size_t * output_size);
+
+ int gnutls_pkcs11_privkey_import_url(gnutls_pkcs11_privkey_t pkey,
+ const char *url,
+ unsigned int flags);
+
+ int gnutls_pkcs11_privkey_export_url(gnutls_pkcs11_privkey_t key,
+ gnutls_pkcs11_url_type_t
+ detailed, char **url);
+ int gnutls_pkcs11_privkey_status(gnutls_pkcs11_privkey_t key);
+
+ int gnutls_pkcs11_privkey_generate(const char *url,
+ gnutls_pk_algorithm_t pk,
+ unsigned int bits,
+ const char *label,
+ unsigned int flags);
+
+ int
+ gnutls_pkcs11_privkey_generate2(const char *url,
+ gnutls_pk_algorithm_t pk,
+ unsigned int bits,
+ const char *label,
+ gnutls_x509_crt_fmt_t fmt,
+ gnutls_datum_t * pubkey,
+ unsigned int flags);
+
+ int
+ gnutls_pkcs11_token_get_random(const char *token_url,
+ void *data, size_t len);
#ifdef __cplusplus
}
#endif
-
#endif
diff --git a/lib/includes/gnutls/pkcs12.h b/lib/includes/gnutls/pkcs12.h
index ef8f209679..ad1410d434 100644
--- a/lib/includes/gnutls/pkcs12.h
+++ b/lib/includes/gnutls/pkcs12.h
@@ -26,51 +26,57 @@
#include <gnutls/x509.h>
#ifdef __cplusplus
-extern "C"
-{
+extern "C" {
#endif
- /* PKCS12 structures handling
- */
- struct gnutls_pkcs12_int;
- typedef struct gnutls_pkcs12_int *gnutls_pkcs12_t;
-
- struct gnutls_pkcs12_bag_int;
- typedef struct gnutls_pkcs12_bag_int *gnutls_pkcs12_bag_t;
-
- int gnutls_pkcs12_init (gnutls_pkcs12_t * pkcs12);
- void gnutls_pkcs12_deinit (gnutls_pkcs12_t pkcs12);
- int gnutls_pkcs12_import (gnutls_pkcs12_t pkcs12,
- const gnutls_datum_t * data,
- gnutls_x509_crt_fmt_t format, unsigned int flags);
- int gnutls_pkcs12_export (gnutls_pkcs12_t pkcs12,
- gnutls_x509_crt_fmt_t format,
- void *output_data, size_t * output_data_size);
- int gnutls_pkcs12_export2 (gnutls_pkcs12_t pkcs12,
- gnutls_x509_crt_fmt_t format,
- gnutls_datum_t *out);
-
- int gnutls_pkcs12_get_bag (gnutls_pkcs12_t pkcs12,
- int indx, gnutls_pkcs12_bag_t bag);
- int gnutls_pkcs12_set_bag (gnutls_pkcs12_t pkcs12, gnutls_pkcs12_bag_t bag);
-
- int gnutls_pkcs12_generate_mac (gnutls_pkcs12_t pkcs12, const char *pass);
- int gnutls_pkcs12_verify_mac (gnutls_pkcs12_t pkcs12, const char *pass);
-
- int gnutls_pkcs12_bag_decrypt (gnutls_pkcs12_bag_t bag, const char *pass);
- int gnutls_pkcs12_bag_encrypt (gnutls_pkcs12_bag_t bag, const char *pass,
- unsigned int flags);
+ /* PKCS12 structures handling
+ */
+ struct gnutls_pkcs12_int;
+ typedef struct gnutls_pkcs12_int *gnutls_pkcs12_t;
+
+ struct gnutls_pkcs12_bag_int;
+ typedef struct gnutls_pkcs12_bag_int *gnutls_pkcs12_bag_t;
+
+ int gnutls_pkcs12_init(gnutls_pkcs12_t * pkcs12);
+ void gnutls_pkcs12_deinit(gnutls_pkcs12_t pkcs12);
+ int gnutls_pkcs12_import(gnutls_pkcs12_t pkcs12,
+ const gnutls_datum_t * data,
+ gnutls_x509_crt_fmt_t format,
+ unsigned int flags);
+ int gnutls_pkcs12_export(gnutls_pkcs12_t pkcs12,
+ gnutls_x509_crt_fmt_t format,
+ void *output_data,
+ size_t * output_data_size);
+ int gnutls_pkcs12_export2(gnutls_pkcs12_t pkcs12,
+ gnutls_x509_crt_fmt_t format,
+ gnutls_datum_t * out);
+
+ int gnutls_pkcs12_get_bag(gnutls_pkcs12_t pkcs12,
+ int indx, gnutls_pkcs12_bag_t bag);
+ int gnutls_pkcs12_set_bag(gnutls_pkcs12_t pkcs12,
+ gnutls_pkcs12_bag_t bag);
+
+ int gnutls_pkcs12_generate_mac(gnutls_pkcs12_t pkcs12,
+ const char *pass);
+ int gnutls_pkcs12_verify_mac(gnutls_pkcs12_t pkcs12,
+ const char *pass);
+
+ int gnutls_pkcs12_bag_decrypt(gnutls_pkcs12_bag_t bag,
+ const char *pass);
+ int gnutls_pkcs12_bag_encrypt(gnutls_pkcs12_bag_t bag,
+ const char *pass,
+ unsigned int flags);
#define GNUTLS_PKCS12_SP_INCLUDE_SELF_SIGNED 1
- int gnutls_pkcs12_simple_parse (gnutls_pkcs12_t p12,
- const char *password,
- gnutls_x509_privkey_t * key,
- gnutls_x509_crt_t ** chain,
- unsigned int * chain_len,
- gnutls_x509_crt_t ** extra_certs,
- unsigned int * extra_certs_len,
- gnutls_x509_crl_t * crl,
- unsigned int flags);
+ int gnutls_pkcs12_simple_parse(gnutls_pkcs12_t p12,
+ const char *password,
+ gnutls_x509_privkey_t * key,
+ gnutls_x509_crt_t ** chain,
+ unsigned int *chain_len,
+ gnutls_x509_crt_t ** extra_certs,
+ unsigned int *extra_certs_len,
+ gnutls_x509_crl_t * crl,
+ unsigned int flags);
/**
* gnutls_pkcs12_bag_type_t:
@@ -85,50 +91,49 @@ extern "C"
*
* Enumeration of different PKCS 12 bag types.
*/
- typedef enum gnutls_pkcs12_bag_type_t
- {
- GNUTLS_BAG_EMPTY = 0,
- GNUTLS_BAG_PKCS8_ENCRYPTED_KEY = 1,
- GNUTLS_BAG_PKCS8_KEY = 2,
- GNUTLS_BAG_CERTIFICATE = 3,
- GNUTLS_BAG_CRL = 4,
- GNUTLS_BAG_SECRET = 5, /* Secret data. Underspecified in pkcs-12,
- * gnutls extension. We use the PKCS-9
- * random nonce ID 1.2.840.113549.1.9.25.3
- * to store randomly generated keys.
- */
- GNUTLS_BAG_ENCRYPTED = 10,
- GNUTLS_BAG_UNKNOWN = 20
- } gnutls_pkcs12_bag_type_t;
-
- gnutls_pkcs12_bag_type_t
- gnutls_pkcs12_bag_get_type (gnutls_pkcs12_bag_t bag, int indx);
- int gnutls_pkcs12_bag_get_data (gnutls_pkcs12_bag_t bag, int indx,
- gnutls_datum_t * data);
- int gnutls_pkcs12_bag_set_data (gnutls_pkcs12_bag_t bag,
- gnutls_pkcs12_bag_type_t type,
- const gnutls_datum_t * data);
- int gnutls_pkcs12_bag_set_crl (gnutls_pkcs12_bag_t bag,
- gnutls_x509_crl_t crl);
- int gnutls_pkcs12_bag_set_crt (gnutls_pkcs12_bag_t bag,
- gnutls_x509_crt_t crt);
-
- int gnutls_pkcs12_bag_init (gnutls_pkcs12_bag_t * bag);
- void gnutls_pkcs12_bag_deinit (gnutls_pkcs12_bag_t bag);
- int gnutls_pkcs12_bag_get_count (gnutls_pkcs12_bag_t bag);
-
- int gnutls_pkcs12_bag_get_key_id (gnutls_pkcs12_bag_t bag, int indx,
- gnutls_datum_t * id);
- int gnutls_pkcs12_bag_set_key_id (gnutls_pkcs12_bag_t bag, int indx,
- const gnutls_datum_t * id);
-
- int gnutls_pkcs12_bag_get_friendly_name (gnutls_pkcs12_bag_t bag, int indx,
- char **name);
- int gnutls_pkcs12_bag_set_friendly_name (gnutls_pkcs12_bag_t bag, int indx,
- const char *name);
+ typedef enum gnutls_pkcs12_bag_type_t {
+ GNUTLS_BAG_EMPTY = 0,
+ GNUTLS_BAG_PKCS8_ENCRYPTED_KEY = 1,
+ GNUTLS_BAG_PKCS8_KEY = 2,
+ GNUTLS_BAG_CERTIFICATE = 3,
+ GNUTLS_BAG_CRL = 4,
+ GNUTLS_BAG_SECRET = 5, /* Secret data. Underspecified in pkcs-12,
+ * gnutls extension. We use the PKCS-9
+ * random nonce ID 1.2.840.113549.1.9.25.3
+ * to store randomly generated keys.
+ */
+ GNUTLS_BAG_ENCRYPTED = 10,
+ GNUTLS_BAG_UNKNOWN = 20
+ } gnutls_pkcs12_bag_type_t;
+
+ gnutls_pkcs12_bag_type_t
+ gnutls_pkcs12_bag_get_type(gnutls_pkcs12_bag_t bag, int indx);
+ int gnutls_pkcs12_bag_get_data(gnutls_pkcs12_bag_t bag, int indx,
+ gnutls_datum_t * data);
+ int gnutls_pkcs12_bag_set_data(gnutls_pkcs12_bag_t bag,
+ gnutls_pkcs12_bag_type_t type,
+ const gnutls_datum_t * data);
+ int gnutls_pkcs12_bag_set_crl(gnutls_pkcs12_bag_t bag,
+ gnutls_x509_crl_t crl);
+ int gnutls_pkcs12_bag_set_crt(gnutls_pkcs12_bag_t bag,
+ gnutls_x509_crt_t crt);
+
+ int gnutls_pkcs12_bag_init(gnutls_pkcs12_bag_t * bag);
+ void gnutls_pkcs12_bag_deinit(gnutls_pkcs12_bag_t bag);
+ int gnutls_pkcs12_bag_get_count(gnutls_pkcs12_bag_t bag);
+
+ int gnutls_pkcs12_bag_get_key_id(gnutls_pkcs12_bag_t bag, int indx,
+ gnutls_datum_t * id);
+ int gnutls_pkcs12_bag_set_key_id(gnutls_pkcs12_bag_t bag, int indx,
+ const gnutls_datum_t * id);
+
+ int gnutls_pkcs12_bag_get_friendly_name(gnutls_pkcs12_bag_t bag,
+ int indx, char **name);
+ int gnutls_pkcs12_bag_set_friendly_name(gnutls_pkcs12_bag_t bag,
+ int indx,
+ const char *name);
#ifdef __cplusplus
}
#endif
-
-#endif /* GNUTLS_PKCS12_H */
+#endif /* GNUTLS_PKCS12_H */
diff --git a/lib/includes/gnutls/tpm.h b/lib/includes/gnutls/tpm.h
index 4d59d2e504..cf2c0dd566 100644
--- a/lib/includes/gnutls/tpm.h
+++ b/lib/includes/gnutls/tpm.h
@@ -27,12 +27,11 @@
#include <gnutls/x509.h>
#ifdef __cplusplus
-extern "C"
-{
+extern "C" {
#endif
-struct tpm_key_list_st;
-typedef struct tpm_key_list_st *gnutls_tpm_key_list_t;
+ struct tpm_key_list_st;
+ typedef struct tpm_key_list_st *gnutls_tpm_key_list_t;
#define GNUTLS_TPM_KEY_SIGNING (1<<1)
#define GNUTLS_TPM_REGISTER_KEY (1<<2)
@@ -46,31 +45,33 @@ typedef struct tpm_key_list_st *gnutls_tpm_key_list_t;
*
* Enumeration of different certificate encoding formats.
*/
- typedef enum
- {
- GNUTLS_TPMKEY_FMT_RAW = 0,
- GNUTLS_TPMKEY_FMT_DER = GNUTLS_TPMKEY_FMT_RAW,
- GNUTLS_TPMKEY_FMT_CTK_PEM = 1
- } gnutls_tpmkey_fmt_t;
+ typedef enum {
+ GNUTLS_TPMKEY_FMT_RAW = 0,
+ GNUTLS_TPMKEY_FMT_DER = GNUTLS_TPMKEY_FMT_RAW,
+ GNUTLS_TPMKEY_FMT_CTK_PEM = 1
+ } gnutls_tpmkey_fmt_t;
-int
-gnutls_tpm_privkey_generate (gnutls_pk_algorithm_t pk, unsigned int bits,
- const char* srk_password,
- const char* key_password,
- gnutls_tpmkey_fmt_t format,
- gnutls_x509_crt_fmt_t pub_format,
- gnutls_datum_t* privkey,
- gnutls_datum_t* pubkey,
- unsigned int flags);
+ int
+ gnutls_tpm_privkey_generate(gnutls_pk_algorithm_t pk,
+ unsigned int bits,
+ const char *srk_password,
+ const char *key_password,
+ gnutls_tpmkey_fmt_t format,
+ gnutls_x509_crt_fmt_t pub_format,
+ gnutls_datum_t * privkey,
+ gnutls_datum_t * pubkey,
+ unsigned int flags);
-void gnutls_tpm_key_list_deinit (gnutls_tpm_key_list_t list);
-int gnutls_tpm_key_list_get_url (gnutls_tpm_key_list_t list, unsigned int idx, char** url, unsigned int flags);
-int gnutls_tpm_get_registered (gnutls_tpm_key_list_t *list);
-int gnutls_tpm_privkey_delete (const char* url, const char* srk_password);
+ void gnutls_tpm_key_list_deinit(gnutls_tpm_key_list_t list);
+ int gnutls_tpm_key_list_get_url(gnutls_tpm_key_list_t list,
+ unsigned int idx, char **url,
+ unsigned int flags);
+ int gnutls_tpm_get_registered(gnutls_tpm_key_list_t * list);
+ int gnutls_tpm_privkey_delete(const char *url,
+ const char *srk_password);
#ifdef __cplusplus
}
#endif
-
#endif
diff --git a/lib/includes/gnutls/x509.h b/lib/includes/gnutls/x509.h
index 3e2bf2b570..c06ff4735e 100644
--- a/lib/includes/gnutls/x509.h
+++ b/lib/includes/gnutls/x509.h
@@ -30,8 +30,7 @@
#include <gnutls/gnutls.h>
#ifdef __cplusplus
-extern "C"
-{
+extern "C" {
#endif
/* Some OIDs usually found in Distinguished names, or
@@ -100,94 +99,118 @@ extern "C"
*
* Enumeration of different certificate import flags.
*/
- typedef enum gnutls_certificate_import_flags
- {
- GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED = 1,
- GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED = 2
- } gnutls_certificate_import_flags;
-
- int gnutls_x509_crt_init (gnutls_x509_crt_t * cert);
- void gnutls_x509_crt_deinit (gnutls_x509_crt_t cert);
- int gnutls_x509_crt_import (gnutls_x509_crt_t cert,
- const gnutls_datum_t * data,
- gnutls_x509_crt_fmt_t format);
- int gnutls_x509_crt_list_import2 (gnutls_x509_crt_t ** certs,
- unsigned int * size,
- const gnutls_datum_t * data,
- gnutls_x509_crt_fmt_t format, unsigned int flags);
- int gnutls_x509_crt_list_import (gnutls_x509_crt_t * certs,
- unsigned int *cert_max,
- const gnutls_datum_t * data,
- gnutls_x509_crt_fmt_t format,
- unsigned int flags);
- int gnutls_x509_crt_export (gnutls_x509_crt_t cert,
- gnutls_x509_crt_fmt_t format,
- void *output_data, size_t * output_data_size);
- int gnutls_x509_crt_export2 (gnutls_x509_crt_t cert,
- gnutls_x509_crt_fmt_t format,
- gnutls_datum_t* out);
- int gnutls_x509_crt_get_private_key_usage_period (gnutls_x509_crt_t cert, time_t* activation, time_t* expiration,
- unsigned int *critical);
-
- int gnutls_x509_crt_get_issuer_dn (gnutls_x509_crt_t cert, char *buf,
- size_t * buf_size);
- int gnutls_x509_crt_get_issuer_dn2 (gnutls_x509_crt_t cert, gnutls_datum_t* dn);
- int gnutls_x509_crt_get_issuer_dn_oid (gnutls_x509_crt_t cert, int indx,
- void *oid, size_t * oid_size);
- int gnutls_x509_crt_get_issuer_dn_by_oid (gnutls_x509_crt_t cert,
- const char *oid, int indx,
- unsigned int raw_flag,
- void *buf, size_t * buf_size);
- int gnutls_x509_crt_get_dn (gnutls_x509_crt_t cert, char *buf,
- size_t * buf_size);
- int gnutls_x509_crt_get_dn2 (gnutls_x509_crt_t cert, gnutls_datum_t* dn);
- int gnutls_x509_crt_get_dn_oid (gnutls_x509_crt_t cert, int indx,
- void *oid, size_t * oid_size);
- int gnutls_x509_crt_get_dn_by_oid (gnutls_x509_crt_t cert,
- const char *oid, int indx,
- unsigned int raw_flag, void *buf,
- size_t * buf_size);
- int gnutls_x509_crt_check_hostname (gnutls_x509_crt_t cert,
- const char *hostname);
-
- int gnutls_x509_crt_get_signature_algorithm (gnutls_x509_crt_t cert);
- int gnutls_x509_crt_get_signature (gnutls_x509_crt_t cert,
- char *sig, size_t * sizeof_sig);
- int gnutls_x509_crt_get_version (gnutls_x509_crt_t cert);
- int gnutls_x509_crt_get_key_id (gnutls_x509_crt_t crt,
- unsigned int flags,
- unsigned char *output_data,
- size_t * output_data_size);
-
- int gnutls_x509_crt_set_private_key_usage_period (gnutls_x509_crt_t crt,
- time_t activation,
- time_t expiration);
- int gnutls_x509_crt_set_authority_key_id (gnutls_x509_crt_t cert,
- const void *id, size_t id_size);
- int gnutls_x509_crt_get_authority_key_id (gnutls_x509_crt_t cert,
- void *id, size_t * id_size,
- unsigned int *critical);
- int gnutls_x509_crt_get_authority_key_gn_serial (gnutls_x509_crt_t cert,
- unsigned int seq,
- void *alt,
- size_t * alt_size,
- unsigned int *alt_type,
- void* serial,
- size_t *serial_size,
- unsigned int *critical);
-
- int gnutls_x509_crt_get_subject_key_id (gnutls_x509_crt_t cert,
- void *ret, size_t * ret_size,
- unsigned int *critical);
-
- int gnutls_x509_crt_get_subject_unique_id (gnutls_x509_crt_t crt, char *buf,
- size_t * buf_size);
-
- int gnutls_x509_crt_get_issuer_unique_id (gnutls_x509_crt_t crt, char *buf,
- size_t * buf_size);
-
- void gnutls_x509_crt_set_pin_function (gnutls_x509_crt_t crt,
- gnutls_pin_callback_t fn, void *userdata);
+ typedef enum gnutls_certificate_import_flags {
+ GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED = 1,
+ GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED = 2
+ } gnutls_certificate_import_flags;
+
+ int gnutls_x509_crt_init(gnutls_x509_crt_t * cert);
+ void gnutls_x509_crt_deinit(gnutls_x509_crt_t cert);
+ int gnutls_x509_crt_import(gnutls_x509_crt_t cert,
+ const gnutls_datum_t * data,
+ gnutls_x509_crt_fmt_t format);
+ int gnutls_x509_crt_list_import2(gnutls_x509_crt_t ** certs,
+ unsigned int *size,
+ const gnutls_datum_t * data,
+ gnutls_x509_crt_fmt_t format,
+ unsigned int flags);
+ int gnutls_x509_crt_list_import(gnutls_x509_crt_t * certs,
+ unsigned int *cert_max,
+ const gnutls_datum_t * data,
+ gnutls_x509_crt_fmt_t format,
+ unsigned int flags);
+ int gnutls_x509_crt_export(gnutls_x509_crt_t cert,
+ gnutls_x509_crt_fmt_t format,
+ void *output_data,
+ size_t * output_data_size);
+ int gnutls_x509_crt_export2(gnutls_x509_crt_t cert,
+ gnutls_x509_crt_fmt_t format,
+ gnutls_datum_t * out);
+ int gnutls_x509_crt_get_private_key_usage_period(gnutls_x509_crt_t
+ cert,
+ time_t *
+ activation,
+ time_t *
+ expiration,
+ unsigned int
+ *critical);
+
+ int gnutls_x509_crt_get_issuer_dn(gnutls_x509_crt_t cert,
+ char *buf, size_t * buf_size);
+ int gnutls_x509_crt_get_issuer_dn2(gnutls_x509_crt_t cert,
+ gnutls_datum_t * dn);
+ int gnutls_x509_crt_get_issuer_dn_oid(gnutls_x509_crt_t cert,
+ int indx, void *oid,
+ size_t * oid_size);
+ int gnutls_x509_crt_get_issuer_dn_by_oid(gnutls_x509_crt_t cert,
+ const char *oid, int indx,
+ unsigned int raw_flag,
+ void *buf,
+ size_t * buf_size);
+ int gnutls_x509_crt_get_dn(gnutls_x509_crt_t cert, char *buf,
+ size_t * buf_size);
+ int gnutls_x509_crt_get_dn2(gnutls_x509_crt_t cert,
+ gnutls_datum_t * dn);
+ int gnutls_x509_crt_get_dn_oid(gnutls_x509_crt_t cert, int indx,
+ void *oid, size_t * oid_size);
+ int gnutls_x509_crt_get_dn_by_oid(gnutls_x509_crt_t cert,
+ const char *oid, int indx,
+ unsigned int raw_flag, void *buf,
+ size_t * buf_size);
+ int gnutls_x509_crt_check_hostname(gnutls_x509_crt_t cert,
+ const char *hostname);
+
+ int gnutls_x509_crt_get_signature_algorithm(gnutls_x509_crt_t
+ cert);
+ int gnutls_x509_crt_get_signature(gnutls_x509_crt_t cert,
+ char *sig, size_t * sizeof_sig);
+ int gnutls_x509_crt_get_version(gnutls_x509_crt_t cert);
+ int gnutls_x509_crt_get_key_id(gnutls_x509_crt_t crt,
+ unsigned int flags,
+ unsigned char *output_data,
+ size_t * output_data_size);
+
+ int gnutls_x509_crt_set_private_key_usage_period(gnutls_x509_crt_t
+ crt,
+ time_t activation,
+ time_t
+ expiration);
+ int gnutls_x509_crt_set_authority_key_id(gnutls_x509_crt_t cert,
+ const void *id,
+ size_t id_size);
+ int gnutls_x509_crt_get_authority_key_id(gnutls_x509_crt_t cert,
+ void *id,
+ size_t * id_size,
+ unsigned int *critical);
+ int gnutls_x509_crt_get_authority_key_gn_serial(gnutls_x509_crt_t
+ cert,
+ unsigned int seq,
+ void *alt,
+ size_t * alt_size,
+ unsigned int
+ *alt_type,
+ void *serial,
+ size_t *
+ serial_size,
+ unsigned int
+ *critical);
+
+ int gnutls_x509_crt_get_subject_key_id(gnutls_x509_crt_t cert,
+ void *ret,
+ size_t * ret_size,
+ unsigned int *critical);
+
+ int gnutls_x509_crt_get_subject_unique_id(gnutls_x509_crt_t crt,
+ char *buf,
+ size_t * buf_size);
+
+ int gnutls_x509_crt_get_issuer_unique_id(gnutls_x509_crt_t crt,
+ char *buf,
+ size_t * buf_size);
+
+ void gnutls_x509_crt_set_pin_function(gnutls_x509_crt_t crt,
+ gnutls_pin_callback_t fn,
+ void *userdata);
/**
* gnutls_info_access_what_t:
@@ -200,22 +223,24 @@ extern "C"
* Enumeration of types for the @what parameter of
* gnutls_x509_crt_get_authority_info_access().
*/
- typedef enum gnutls_info_access_what_t
- {
- GNUTLS_IA_ACCESSMETHOD_OID = 1,
- GNUTLS_IA_ACCESSLOCATION_GENERALNAME_TYPE = 2,
- /* use 100-108 for the generalName types, populate as needed */
- GNUTLS_IA_URI = 106,
- /* quick-access variants that match both OID and name type. */
- GNUTLS_IA_OCSP_URI = 10006,
- GNUTLS_IA_CAISSUERS_URI = 10106
- } gnutls_info_access_what_t;
-
- int gnutls_x509_crt_get_authority_info_access (gnutls_x509_crt_t crt,
- unsigned int seq,
- int what,
- gnutls_datum_t * data,
- unsigned int *critical);
+ typedef enum gnutls_info_access_what_t {
+ GNUTLS_IA_ACCESSMETHOD_OID = 1,
+ GNUTLS_IA_ACCESSLOCATION_GENERALNAME_TYPE = 2,
+ /* use 100-108 for the generalName types, populate as needed */
+ GNUTLS_IA_URI = 106,
+ /* quick-access variants that match both OID and name type. */
+ GNUTLS_IA_OCSP_URI = 10006,
+ GNUTLS_IA_CAISSUERS_URI = 10106
+ } gnutls_info_access_what_t;
+
+ int gnutls_x509_crt_get_authority_info_access(gnutls_x509_crt_t
+ crt,
+ unsigned int seq,
+ int what,
+ gnutls_datum_t *
+ data,
+ unsigned int
+ *critical);
#define GNUTLS_CRL_REASON_SUPERSEEDED GNUTLS_CRL_REASON_SUPERSEDED,
/**
@@ -232,110 +257,125 @@ extern "C"
*
* Enumeration of types for the CRL revocation reasons.
*/
- typedef enum gnutls_x509_crl_reason_flags_t
- {
- GNUTLS_CRL_REASON_UNSPECIFIED=0,
- GNUTLS_CRL_REASON_PRIVILEGE_WITHDRAWN=1,
- GNUTLS_CRL_REASON_CERTIFICATE_HOLD=2,
- GNUTLS_CRL_REASON_CESSATION_OF_OPERATION=4,
- GNUTLS_CRL_REASON_SUPERSEDED=8,
- GNUTLS_CRL_REASON_AFFILIATION_CHANGED=16,
- GNUTLS_CRL_REASON_CA_COMPROMISE=32,
- GNUTLS_CRL_REASON_KEY_COMPROMISE=64,
- GNUTLS_CRL_REASON_UNUSED=128,
- GNUTLS_CRL_REASON_AA_COMPROMISE=32768
- } gnutls_x509_crl_reason_flags_t;
-
- int gnutls_x509_crt_get_crl_dist_points (gnutls_x509_crt_t cert,
- unsigned int seq, void *ret,
- size_t * ret_size,
- unsigned int *reason_flags,
- unsigned int *critical);
- int gnutls_x509_crt_set_crl_dist_points2 (gnutls_x509_crt_t crt,
- gnutls_x509_subject_alt_name_t
- type, const void *data,
- unsigned int data_size,
- unsigned int reason_flags);
- int gnutls_x509_crt_set_crl_dist_points (gnutls_x509_crt_t crt,
- gnutls_x509_subject_alt_name_t
- type, const void *data_string,
- unsigned int reason_flags);
- int gnutls_x509_crt_cpy_crl_dist_points (gnutls_x509_crt_t dst,
- gnutls_x509_crt_t src);
-
- int gnutls_x509_crl_sign2 (gnutls_x509_crl_t crl,
- gnutls_x509_crt_t issuer,
- gnutls_x509_privkey_t issuer_key,
- gnutls_digest_algorithm_t dig,
- unsigned int flags);
-
- time_t gnutls_x509_crt_get_activation_time (gnutls_x509_crt_t cert);
- time_t gnutls_x509_crt_get_expiration_time (gnutls_x509_crt_t cert);
- int gnutls_x509_crt_get_serial (gnutls_x509_crt_t cert, void *result,
- size_t * result_size);
-
- int gnutls_x509_crt_get_pk_algorithm (gnutls_x509_crt_t cert,
- unsigned int *bits);
- int gnutls_x509_crt_get_pk_rsa_raw (gnutls_x509_crt_t crt,
- gnutls_datum_t * m, gnutls_datum_t * e);
- int gnutls_x509_crt_get_pk_dsa_raw (gnutls_x509_crt_t crt,
- gnutls_datum_t * p,
- gnutls_datum_t * q,
- gnutls_datum_t * g, gnutls_datum_t * y);
-
- int gnutls_x509_crt_get_subject_alt_name (gnutls_x509_crt_t cert,
- unsigned int seq, void *san,
- size_t * san_size,
- unsigned int *critical);
- int gnutls_x509_crt_get_subject_alt_name2 (gnutls_x509_crt_t cert,
- unsigned int seq, void *san,
- size_t * san_size,
- unsigned int *san_type,
- unsigned int *critical);
-
- int gnutls_x509_crt_get_subject_alt_othername_oid (gnutls_x509_crt_t cert,
- unsigned int seq,
- void *oid,
- size_t * oid_size);
-
- int gnutls_x509_crt_get_issuer_alt_name (gnutls_x509_crt_t cert,
- unsigned int seq, void *ian,
- size_t * ian_size,
- unsigned int *critical);
- int gnutls_x509_crt_get_issuer_alt_name2 (gnutls_x509_crt_t cert,
- unsigned int seq, void *ian,
- size_t * ian_size,
- unsigned int *ian_type,
- unsigned int *critical);
-
- int gnutls_x509_crt_get_issuer_alt_othername_oid (gnutls_x509_crt_t cert,
- unsigned int seq,
- void *ret,
- size_t * ret_size);
-
- int gnutls_x509_crt_get_ca_status (gnutls_x509_crt_t cert,
- unsigned int *critical);
- int gnutls_x509_crt_get_basic_constraints (gnutls_x509_crt_t cert,
- unsigned int *critical,
- unsigned int *ca, int *pathlen);
+ typedef enum gnutls_x509_crl_reason_flags_t {
+ GNUTLS_CRL_REASON_UNSPECIFIED = 0,
+ GNUTLS_CRL_REASON_PRIVILEGE_WITHDRAWN = 1,
+ GNUTLS_CRL_REASON_CERTIFICATE_HOLD = 2,
+ GNUTLS_CRL_REASON_CESSATION_OF_OPERATION = 4,
+ GNUTLS_CRL_REASON_SUPERSEDED = 8,
+ GNUTLS_CRL_REASON_AFFILIATION_CHANGED = 16,
+ GNUTLS_CRL_REASON_CA_COMPROMISE = 32,
+ GNUTLS_CRL_REASON_KEY_COMPROMISE = 64,
+ GNUTLS_CRL_REASON_UNUSED = 128,
+ GNUTLS_CRL_REASON_AA_COMPROMISE = 32768
+ } gnutls_x509_crl_reason_flags_t;
+
+ int gnutls_x509_crt_get_crl_dist_points(gnutls_x509_crt_t cert,
+ unsigned int seq,
+ void *ret,
+ size_t * ret_size,
+ unsigned int *reason_flags,
+ unsigned int *critical);
+ int gnutls_x509_crt_set_crl_dist_points2(gnutls_x509_crt_t crt,
+ gnutls_x509_subject_alt_name_t
+ type, const void *data,
+ unsigned int data_size,
+ unsigned int
+ reason_flags);
+ int gnutls_x509_crt_set_crl_dist_points(gnutls_x509_crt_t crt,
+ gnutls_x509_subject_alt_name_t
+ type,
+ const void *data_string,
+ unsigned int reason_flags);
+ int gnutls_x509_crt_cpy_crl_dist_points(gnutls_x509_crt_t dst,
+ gnutls_x509_crt_t src);
+
+ int gnutls_x509_crl_sign2(gnutls_x509_crl_t crl,
+ gnutls_x509_crt_t issuer,
+ gnutls_x509_privkey_t issuer_key,
+ gnutls_digest_algorithm_t dig,
+ unsigned int flags);
+
+ time_t gnutls_x509_crt_get_activation_time(gnutls_x509_crt_t cert);
+ time_t gnutls_x509_crt_get_expiration_time(gnutls_x509_crt_t cert);
+ int gnutls_x509_crt_get_serial(gnutls_x509_crt_t cert,
+ void *result, size_t * result_size);
+
+ int gnutls_x509_crt_get_pk_algorithm(gnutls_x509_crt_t cert,
+ unsigned int *bits);
+ int gnutls_x509_crt_get_pk_rsa_raw(gnutls_x509_crt_t crt,
+ gnutls_datum_t * m,
+ gnutls_datum_t * e);
+ int gnutls_x509_crt_get_pk_dsa_raw(gnutls_x509_crt_t crt,
+ gnutls_datum_t * p,
+ gnutls_datum_t * q,
+ gnutls_datum_t * g,
+ gnutls_datum_t * y);
+
+ int gnutls_x509_crt_get_subject_alt_name(gnutls_x509_crt_t cert,
+ unsigned int seq,
+ void *san,
+ size_t * san_size,
+ unsigned int *critical);
+ int gnutls_x509_crt_get_subject_alt_name2(gnutls_x509_crt_t cert,
+ unsigned int seq,
+ void *san,
+ size_t * san_size,
+ unsigned int *san_type,
+ unsigned int *critical);
+
+ int gnutls_x509_crt_get_subject_alt_othername_oid(gnutls_x509_crt_t
+ cert,
+ unsigned int seq,
+ void *oid,
+ size_t *
+ oid_size);
+
+ int gnutls_x509_crt_get_issuer_alt_name(gnutls_x509_crt_t cert,
+ unsigned int seq,
+ void *ian,
+ size_t * ian_size,
+ unsigned int *critical);
+ int gnutls_x509_crt_get_issuer_alt_name2(gnutls_x509_crt_t cert,
+ unsigned int seq,
+ void *ian,
+ size_t * ian_size,
+ unsigned int *ian_type,
+ unsigned int *critical);
+
+ int gnutls_x509_crt_get_issuer_alt_othername_oid(gnutls_x509_crt_t
+ cert,
+ unsigned int seq,
+ void *ret,
+ size_t *
+ ret_size);
+
+ int gnutls_x509_crt_get_ca_status(gnutls_x509_crt_t cert,
+ unsigned int *critical);
+ int gnutls_x509_crt_get_basic_constraints(gnutls_x509_crt_t cert,
+ unsigned int *critical,
+ unsigned int *ca,
+ int *pathlen);
/* The key_usage flags are defined in gnutls.h. They are the
* GNUTLS_KEY_* definitions.
*/
- int gnutls_x509_crt_get_key_usage (gnutls_x509_crt_t cert,
- unsigned int *key_usage,
- unsigned int *critical);
- int gnutls_x509_crt_set_key_usage (gnutls_x509_crt_t crt,
- unsigned int usage);
- int gnutls_x509_crt_set_authority_info_access (gnutls_x509_crt_t crt,
- int what,
- gnutls_datum_t * data);
-
- int gnutls_x509_crt_get_proxy (gnutls_x509_crt_t cert,
- unsigned int *critical,
- int *pathlen,
- char **policyLanguage,
- char **policy, size_t * sizeof_policy);
+ int gnutls_x509_crt_get_key_usage(gnutls_x509_crt_t cert,
+ unsigned int *key_usage,
+ unsigned int *critical);
+ int gnutls_x509_crt_set_key_usage(gnutls_x509_crt_t crt,
+ unsigned int usage);
+ int gnutls_x509_crt_set_authority_info_access(gnutls_x509_crt_t
+ crt, int what,
+ gnutls_datum_t *
+ data);
+
+ int gnutls_x509_crt_get_proxy(gnutls_x509_crt_t cert,
+ unsigned int *critical,
+ int *pathlen,
+ char **policyLanguage,
+ char **policy,
+ size_t * sizeof_policy);
#define GNUTLS_MAX_QUALIFIERS 8
@@ -347,310 +387,349 @@ extern "C"
*
* Enumeration of types for the X.509 qualifiers, of the certificate policy extension.
*/
- typedef enum gnutls_x509_qualifier_t
- {
- GNUTLS_X509_QUALIFIER_UNKNOWN = 0, GNUTLS_X509_QUALIFIER_URI,
- GNUTLS_X509_QUALIFIER_NOTICE
- } gnutls_x509_qualifier_t;
-
- typedef struct gnutls_x509_policy_st
- {
- char* oid;
- unsigned int qualifiers;
- struct {
- gnutls_x509_qualifier_t type;
- char* data;
- unsigned int size;
- } qualifier[GNUTLS_MAX_QUALIFIERS];
- } gnutls_x509_policy_st;
-
- void gnutls_x509_policy_release(struct gnutls_x509_policy_st* policy);
- int gnutls_x509_crt_get_policy (gnutls_x509_crt_t crt, int indx,
- struct gnutls_x509_policy_st* policy,
- unsigned int * critical);
- int gnutls_x509_crt_set_policy (gnutls_x509_crt_t crt, struct gnutls_x509_policy_st* policy,
- unsigned int critical);
-
- int gnutls_x509_dn_oid_known (const char *oid);
+ typedef enum gnutls_x509_qualifier_t {
+ GNUTLS_X509_QUALIFIER_UNKNOWN =
+ 0, GNUTLS_X509_QUALIFIER_URI,
+ GNUTLS_X509_QUALIFIER_NOTICE
+ } gnutls_x509_qualifier_t;
+
+ typedef struct gnutls_x509_policy_st {
+ char *oid;
+ unsigned int qualifiers;
+ struct {
+ gnutls_x509_qualifier_t type;
+ char *data;
+ unsigned int size;
+ } qualifier[GNUTLS_MAX_QUALIFIERS];
+ } gnutls_x509_policy_st;
+
+ void gnutls_x509_policy_release(struct gnutls_x509_policy_st
+ *policy);
+ int gnutls_x509_crt_get_policy(gnutls_x509_crt_t crt, int indx,
+ struct gnutls_x509_policy_st
+ *policy, unsigned int *critical);
+ int gnutls_x509_crt_set_policy(gnutls_x509_crt_t crt,
+ struct gnutls_x509_policy_st
+ *policy, unsigned int critical);
+
+ int gnutls_x509_dn_oid_known(const char *oid);
#define GNUTLS_X509_DN_OID_RETURN_OID 1
- const char* gnutls_x509_dn_oid_name (const char *oid, unsigned int flags);
-
- /* Read extensions by OID. */
- int gnutls_x509_crt_get_extension_oid (gnutls_x509_crt_t cert, int indx,
- void *oid, size_t * oid_size);
- int gnutls_x509_crt_get_extension_by_oid (gnutls_x509_crt_t cert,
- const char *oid, int indx,
- void *buf, size_t * buf_size,
- unsigned int *critical);
-
- /* Read extensions by sequence number. */
- int gnutls_x509_crt_get_extension_info (gnutls_x509_crt_t cert, int indx,
- void *oid, size_t * oid_size,
- unsigned int *critical);
- int gnutls_x509_crt_get_extension_data (gnutls_x509_crt_t cert, int indx,
- void *data, size_t * sizeof_data);
-
- int gnutls_x509_crt_set_extension_by_oid (gnutls_x509_crt_t crt,
- const char *oid,
- const void *buf,
- size_t sizeof_buf,
- unsigned int critical);
+ const char *gnutls_x509_dn_oid_name(const char *oid,
+ unsigned int flags);
+
+ /* Read extensions by OID. */
+ int gnutls_x509_crt_get_extension_oid(gnutls_x509_crt_t cert,
+ int indx, void *oid,
+ size_t * oid_size);
+ int gnutls_x509_crt_get_extension_by_oid(gnutls_x509_crt_t cert,
+ const char *oid, int indx,
+ void *buf,
+ size_t * buf_size,
+ unsigned int *critical);
+
+ /* Read extensions by sequence number. */
+ int gnutls_x509_crt_get_extension_info(gnutls_x509_crt_t cert,
+ int indx, void *oid,
+ size_t * oid_size,
+ unsigned int *critical);
+ int gnutls_x509_crt_get_extension_data(gnutls_x509_crt_t cert,
+ int indx, void *data,
+ size_t * sizeof_data);
+
+ int gnutls_x509_crt_set_extension_by_oid(gnutls_x509_crt_t crt,
+ const char *oid,
+ const void *buf,
+ size_t sizeof_buf,
+ unsigned int critical);
/* X.509 Certificate writing.
*/
- int gnutls_x509_crt_set_dn (gnutls_x509_crt_t crt, const char *dn, const char** err);
-
- int gnutls_x509_crt_set_dn_by_oid (gnutls_x509_crt_t crt,
- const char *oid,
- unsigned int raw_flag,
- const void *name,
- unsigned int sizeof_name);
- int gnutls_x509_crt_set_issuer_dn_by_oid (gnutls_x509_crt_t crt,
- const char *oid,
- unsigned int raw_flag,
- const void *name,
- unsigned int sizeof_name);
- int gnutls_x509_crt_set_issuer_dn (gnutls_x509_crt_t crt, const char *dn, const char** err);
-
- int gnutls_x509_crt_set_version (gnutls_x509_crt_t crt,
- unsigned int version);
- int gnutls_x509_crt_set_key (gnutls_x509_crt_t crt,
- gnutls_x509_privkey_t key);
- int gnutls_x509_crt_set_ca_status (gnutls_x509_crt_t crt, unsigned int ca);
- int gnutls_x509_crt_set_basic_constraints (gnutls_x509_crt_t crt,
- unsigned int ca,
- int pathLenConstraint);
- int gnutls_x509_crt_set_subject_alternative_name (gnutls_x509_crt_t crt,
- gnutls_x509_subject_alt_name_t
- type,
- const char *data_string);
- int gnutls_x509_crt_set_subject_alt_name (gnutls_x509_crt_t crt,
- gnutls_x509_subject_alt_name_t
- type, const void *data,
- unsigned int data_size,
- unsigned int flags);
- int gnutls_x509_crt_sign (gnutls_x509_crt_t crt, gnutls_x509_crt_t issuer,
- gnutls_x509_privkey_t issuer_key);
- int gnutls_x509_crt_sign2 (gnutls_x509_crt_t crt, gnutls_x509_crt_t issuer,
- gnutls_x509_privkey_t issuer_key,
- gnutls_digest_algorithm_t dig,
- unsigned int flags);
- int gnutls_x509_crt_set_activation_time (gnutls_x509_crt_t cert,
- time_t act_time);
- int gnutls_x509_crt_set_expiration_time (gnutls_x509_crt_t cert,
- time_t exp_time);
- int gnutls_x509_crt_set_serial (gnutls_x509_crt_t cert, const void *serial,
- size_t serial_size);
-
- int gnutls_x509_crt_set_subject_key_id (gnutls_x509_crt_t cert,
- const void *id, size_t id_size);
-
- int gnutls_x509_crt_set_proxy_dn (gnutls_x509_crt_t crt,
- gnutls_x509_crt_t eecrt,
- unsigned int raw_flag,
- const void *name,
- unsigned int sizeof_name);
- int gnutls_x509_crt_set_proxy (gnutls_x509_crt_t crt,
- int pathLenConstraint,
- const char *policyLanguage,
- const char *policy, size_t sizeof_policy);
-
- int gnutls_x509_crt_print (gnutls_x509_crt_t cert,
- gnutls_certificate_print_formats_t format,
- gnutls_datum_t * out);
- int gnutls_x509_crl_print (gnutls_x509_crl_t crl,
- gnutls_certificate_print_formats_t format,
- gnutls_datum_t * out);
-
- /* Access to internal Certificate fields.
- */
- int gnutls_x509_crt_get_raw_issuer_dn (gnutls_x509_crt_t cert,
- gnutls_datum_t * start);
- int gnutls_x509_crt_get_raw_dn (gnutls_x509_crt_t cert,
- gnutls_datum_t * start);
+ int gnutls_x509_crt_set_dn(gnutls_x509_crt_t crt, const char *dn,
+ const char **err);
+
+ int gnutls_x509_crt_set_dn_by_oid(gnutls_x509_crt_t crt,
+ const char *oid,
+ unsigned int raw_flag,
+ const void *name,
+ unsigned int sizeof_name);
+ int gnutls_x509_crt_set_issuer_dn_by_oid(gnutls_x509_crt_t crt,
+ const char *oid,
+ unsigned int raw_flag,
+ const void *name,
+ unsigned int sizeof_name);
+ int gnutls_x509_crt_set_issuer_dn(gnutls_x509_crt_t crt,
+ const char *dn,
+ const char **err);
+
+ int gnutls_x509_crt_set_version(gnutls_x509_crt_t crt,
+ unsigned int version);
+ int gnutls_x509_crt_set_key(gnutls_x509_crt_t crt,
+ gnutls_x509_privkey_t key);
+ int gnutls_x509_crt_set_ca_status(gnutls_x509_crt_t crt,
+ unsigned int ca);
+ int gnutls_x509_crt_set_basic_constraints(gnutls_x509_crt_t crt,
+ unsigned int ca,
+ int pathLenConstraint);
+ int gnutls_x509_crt_set_subject_alternative_name(gnutls_x509_crt_t
+ crt,
+ gnutls_x509_subject_alt_name_t
+ type,
+ const char
+ *data_string);
+ int gnutls_x509_crt_set_subject_alt_name(gnutls_x509_crt_t crt,
+ gnutls_x509_subject_alt_name_t
+ type, const void *data,
+ unsigned int data_size,
+ unsigned int flags);
+ int gnutls_x509_crt_sign(gnutls_x509_crt_t crt,
+ gnutls_x509_crt_t issuer,
+ gnutls_x509_privkey_t issuer_key);
+ int gnutls_x509_crt_sign2(gnutls_x509_crt_t crt,
+ gnutls_x509_crt_t issuer,
+ gnutls_x509_privkey_t issuer_key,
+ gnutls_digest_algorithm_t dig,
+ unsigned int flags);
+ int gnutls_x509_crt_set_activation_time(gnutls_x509_crt_t cert,
+ time_t act_time);
+ int gnutls_x509_crt_set_expiration_time(gnutls_x509_crt_t cert,
+ time_t exp_time);
+ int gnutls_x509_crt_set_serial(gnutls_x509_crt_t cert,
+ const void *serial,
+ size_t serial_size);
+
+ int gnutls_x509_crt_set_subject_key_id(gnutls_x509_crt_t cert,
+ const void *id,
+ size_t id_size);
+
+ int gnutls_x509_crt_set_proxy_dn(gnutls_x509_crt_t crt,
+ gnutls_x509_crt_t eecrt,
+ unsigned int raw_flag,
+ const void *name,
+ unsigned int sizeof_name);
+ int gnutls_x509_crt_set_proxy(gnutls_x509_crt_t crt,
+ int pathLenConstraint,
+ const char *policyLanguage,
+ const char *policy,
+ size_t sizeof_policy);
+
+ int gnutls_x509_crt_print(gnutls_x509_crt_t cert,
+ gnutls_certificate_print_formats_t
+ format, gnutls_datum_t * out);
+ int gnutls_x509_crl_print(gnutls_x509_crl_t crl,
+ gnutls_certificate_print_formats_t
+ format, gnutls_datum_t * out);
+
+ /* Access to internal Certificate fields.
+ */
+ int gnutls_x509_crt_get_raw_issuer_dn(gnutls_x509_crt_t cert,
+ gnutls_datum_t * start);
+ int gnutls_x509_crt_get_raw_dn(gnutls_x509_crt_t cert,
+ gnutls_datum_t * start);
/* RDN handling.
*/
- int gnutls_x509_rdn_get (const gnutls_datum_t * idn,
- char *buf, size_t * sizeof_buf);
- int gnutls_x509_rdn_get_oid (const gnutls_datum_t * idn,
- int indx, void *buf, size_t * sizeof_buf);
+ int gnutls_x509_rdn_get(const gnutls_datum_t * idn,
+ char *buf, size_t * sizeof_buf);
+ int gnutls_x509_rdn_get_oid(const gnutls_datum_t * idn,
+ int indx, void *buf,
+ size_t * sizeof_buf);
- int gnutls_x509_rdn_get_by_oid (const gnutls_datum_t * idn,
- const char *oid, int indx,
- unsigned int raw_flag, void *buf,
- size_t * sizeof_buf);
+ int gnutls_x509_rdn_get_by_oid(const gnutls_datum_t * idn,
+ const char *oid, int indx,
+ unsigned int raw_flag, void *buf,
+ size_t * sizeof_buf);
- typedef void *gnutls_x509_dn_t;
+ typedef void *gnutls_x509_dn_t;
- typedef struct gnutls_x509_ava_st
- {
- gnutls_datum_t oid;
- gnutls_datum_t value;
- unsigned long value_tag;
- } gnutls_x509_ava_st;
+ typedef struct gnutls_x509_ava_st {
+ gnutls_datum_t oid;
+ gnutls_datum_t value;
+ unsigned long value_tag;
+ } gnutls_x509_ava_st;
- int gnutls_x509_crt_get_subject (gnutls_x509_crt_t cert,
- gnutls_x509_dn_t * dn);
- int gnutls_x509_crt_get_issuer (gnutls_x509_crt_t cert,
- gnutls_x509_dn_t * dn);
- int gnutls_x509_dn_get_rdn_ava (gnutls_x509_dn_t dn, int irdn,
- int iava, gnutls_x509_ava_st * ava);
+ int gnutls_x509_crt_get_subject(gnutls_x509_crt_t cert,
+ gnutls_x509_dn_t * dn);
+ int gnutls_x509_crt_get_issuer(gnutls_x509_crt_t cert,
+ gnutls_x509_dn_t * dn);
+ int gnutls_x509_dn_get_rdn_ava(gnutls_x509_dn_t dn, int irdn,
+ int iava, gnutls_x509_ava_st * ava);
- int gnutls_x509_dn_init (gnutls_x509_dn_t * dn);
+ int gnutls_x509_dn_init(gnutls_x509_dn_t * dn);
- int gnutls_x509_dn_import (gnutls_x509_dn_t dn,
- const gnutls_datum_t * data);
+ int gnutls_x509_dn_import(gnutls_x509_dn_t dn,
+ const gnutls_datum_t * data);
- int gnutls_x509_dn_export (gnutls_x509_dn_t dn,
- gnutls_x509_crt_fmt_t format, void *output_data,
- size_t * output_data_size);
- int gnutls_x509_dn_export2 (gnutls_x509_dn_t dn,
- gnutls_x509_crt_fmt_t format,
- gnutls_datum_t * out);
+ int gnutls_x509_dn_export(gnutls_x509_dn_t dn,
+ gnutls_x509_crt_fmt_t format,
+ void *output_data,
+ size_t * output_data_size);
+ int gnutls_x509_dn_export2(gnutls_x509_dn_t dn,
+ gnutls_x509_crt_fmt_t format,
+ gnutls_datum_t * out);
- void gnutls_x509_dn_deinit (gnutls_x509_dn_t dn);
+ void gnutls_x509_dn_deinit(gnutls_x509_dn_t dn);
/* CRL handling functions.
*/
- int gnutls_x509_crl_init (gnutls_x509_crl_t * crl);
- void gnutls_x509_crl_deinit (gnutls_x509_crl_t crl);
-
- int gnutls_x509_crl_import (gnutls_x509_crl_t crl,
- const gnutls_datum_t * data,
- gnutls_x509_crt_fmt_t format);
- int gnutls_x509_crl_export (gnutls_x509_crl_t crl,
- gnutls_x509_crt_fmt_t format,
- void *output_data, size_t * output_data_size);
- int gnutls_x509_crl_export2 (gnutls_x509_crl_t crl,
- gnutls_x509_crt_fmt_t format,
- gnutls_datum_t *out);
-
- int
- gnutls_x509_crl_get_raw_issuer_dn (gnutls_x509_crl_t crl,
- gnutls_datum_t * dn);
-
- int gnutls_x509_crl_get_issuer_dn (gnutls_x509_crl_t crl,
- char *buf, size_t * sizeof_buf);
- int gnutls_x509_crl_get_issuer_dn2 (gnutls_x509_crl_t crl, gnutls_datum_t* dn);
- int gnutls_x509_crl_get_issuer_dn_by_oid (gnutls_x509_crl_t crl,
- const char *oid, int indx,
- unsigned int raw_flag,
- void *buf, size_t * sizeof_buf);
- int gnutls_x509_crl_get_dn_oid (gnutls_x509_crl_t crl, int indx,
- void *oid, size_t * sizeof_oid);
-
- int gnutls_x509_crl_get_signature_algorithm (gnutls_x509_crl_t crl);
- int gnutls_x509_crl_get_signature (gnutls_x509_crl_t crl,
- char *sig, size_t * sizeof_sig);
- int gnutls_x509_crl_get_version (gnutls_x509_crl_t crl);
-
- time_t gnutls_x509_crl_get_this_update (gnutls_x509_crl_t crl);
- time_t gnutls_x509_crl_get_next_update (gnutls_x509_crl_t crl);
-
- int gnutls_x509_crl_get_crt_count (gnutls_x509_crl_t crl);
- int gnutls_x509_crl_get_crt_serial (gnutls_x509_crl_t crl, int indx,
- unsigned char *serial,
- size_t * serial_size, time_t * t);
+ int gnutls_x509_crl_init(gnutls_x509_crl_t * crl);
+ void gnutls_x509_crl_deinit(gnutls_x509_crl_t crl);
+
+ int gnutls_x509_crl_import(gnutls_x509_crl_t crl,
+ const gnutls_datum_t * data,
+ gnutls_x509_crt_fmt_t format);
+ int gnutls_x509_crl_export(gnutls_x509_crl_t crl,
+ gnutls_x509_crt_fmt_t format,
+ void *output_data,
+ size_t * output_data_size);
+ int gnutls_x509_crl_export2(gnutls_x509_crl_t crl,
+ gnutls_x509_crt_fmt_t format,
+ gnutls_datum_t * out);
+
+ int
+ gnutls_x509_crl_get_raw_issuer_dn(gnutls_x509_crl_t crl,
+ gnutls_datum_t * dn);
+
+ int gnutls_x509_crl_get_issuer_dn(gnutls_x509_crl_t crl,
+ char *buf, size_t * sizeof_buf);
+ int gnutls_x509_crl_get_issuer_dn2(gnutls_x509_crl_t crl,
+ gnutls_datum_t * dn);
+ int gnutls_x509_crl_get_issuer_dn_by_oid(gnutls_x509_crl_t crl,
+ const char *oid, int indx,
+ unsigned int raw_flag,
+ void *buf,
+ size_t * sizeof_buf);
+ int gnutls_x509_crl_get_dn_oid(gnutls_x509_crl_t crl, int indx,
+ void *oid, size_t * sizeof_oid);
+
+ int gnutls_x509_crl_get_signature_algorithm(gnutls_x509_crl_t crl);
+ int gnutls_x509_crl_get_signature(gnutls_x509_crl_t crl,
+ char *sig, size_t * sizeof_sig);
+ int gnutls_x509_crl_get_version(gnutls_x509_crl_t crl);
+
+ time_t gnutls_x509_crl_get_this_update(gnutls_x509_crl_t crl);
+ time_t gnutls_x509_crl_get_next_update(gnutls_x509_crl_t crl);
+
+ int gnutls_x509_crl_get_crt_count(gnutls_x509_crl_t crl);
+ int gnutls_x509_crl_get_crt_serial(gnutls_x509_crl_t crl, int indx,
+ unsigned char *serial,
+ size_t * serial_size,
+ time_t * t);
#define gnutls_x509_crl_get_certificate_count gnutls_x509_crl_get_crt_count
#define gnutls_x509_crl_get_certificate gnutls_x509_crl_get_crt_serial
- int gnutls_x509_crl_check_issuer (gnutls_x509_crl_t crl,
- gnutls_x509_crt_t issuer);
+ int gnutls_x509_crl_check_issuer(gnutls_x509_crl_t crl,
+ gnutls_x509_crt_t issuer);
- int gnutls_x509_crl_list_import2 (gnutls_x509_crl_t ** crls,
- unsigned int * size,
- const gnutls_datum_t * data,
- gnutls_x509_crt_fmt_t format, unsigned int flags);
+ int gnutls_x509_crl_list_import2(gnutls_x509_crl_t ** crls,
+ unsigned int *size,
+ const gnutls_datum_t * data,
+ gnutls_x509_crt_fmt_t format,
+ unsigned int flags);
- int gnutls_x509_crl_list_import (gnutls_x509_crl_t * crls,
- unsigned int *crl_max,
- const gnutls_datum_t * data,
- gnutls_x509_crt_fmt_t format,
- unsigned int flags);
+ int gnutls_x509_crl_list_import(gnutls_x509_crl_t * crls,
+ unsigned int *crl_max,
+ const gnutls_datum_t * data,
+ gnutls_x509_crt_fmt_t format,
+ unsigned int flags);
/* CRL writing.
*/
- int gnutls_x509_crl_set_version (gnutls_x509_crl_t crl,
- unsigned int version);
- int gnutls_x509_crl_set_this_update (gnutls_x509_crl_t crl,
- time_t act_time);
- int gnutls_x509_crl_set_next_update (gnutls_x509_crl_t crl,
- time_t exp_time);
- int gnutls_x509_crl_set_crt_serial (gnutls_x509_crl_t crl,
- const void *serial,
- size_t serial_size,
- time_t revocation_time);
- int gnutls_x509_crl_set_crt (gnutls_x509_crl_t crl,
- gnutls_x509_crt_t crt, time_t revocation_time);
-
- int gnutls_x509_crl_get_authority_key_id (gnutls_x509_crl_t crl, void *id,
- size_t * id_size,
- unsigned int *critical);
- int gnutls_x509_crl_get_authority_key_gn_serial (gnutls_x509_crl_t crl,
- unsigned int seq,
- void *alt,
- size_t * alt_size,
- unsigned int *alt_type,
- void* serial,
- size_t *serial_size,
- unsigned int *critical);
-
- int gnutls_x509_crl_get_number (gnutls_x509_crl_t crl, void *ret,
- size_t * ret_size, unsigned int *critical);
-
- int gnutls_x509_crl_get_extension_oid (gnutls_x509_crl_t crl, int indx,
- void *oid, size_t * sizeof_oid);
-
- int gnutls_x509_crl_get_extension_info (gnutls_x509_crl_t crl, int indx,
- void *oid, size_t * sizeof_oid,
- unsigned int *critical);
-
- int gnutls_x509_crl_get_extension_data (gnutls_x509_crl_t crl, int indx,
- void *data, size_t * sizeof_data);
-
- int gnutls_x509_crl_set_authority_key_id (gnutls_x509_crl_t crl,
- const void *id, size_t id_size);
-
- int gnutls_x509_crl_set_number (gnutls_x509_crl_t crl,
- const void *nr, size_t nr_size);
+ int gnutls_x509_crl_set_version(gnutls_x509_crl_t crl,
+ unsigned int version);
+ int gnutls_x509_crl_set_this_update(gnutls_x509_crl_t crl,
+ time_t act_time);
+ int gnutls_x509_crl_set_next_update(gnutls_x509_crl_t crl,
+ time_t exp_time);
+ int gnutls_x509_crl_set_crt_serial(gnutls_x509_crl_t crl,
+ const void *serial,
+ size_t serial_size,
+ time_t revocation_time);
+ int gnutls_x509_crl_set_crt(gnutls_x509_crl_t crl,
+ gnutls_x509_crt_t crt,
+ time_t revocation_time);
+
+ int gnutls_x509_crl_get_authority_key_id(gnutls_x509_crl_t crl,
+ void *id,
+ size_t * id_size,
+ unsigned int *critical);
+ int gnutls_x509_crl_get_authority_key_gn_serial(gnutls_x509_crl_t
+ crl,
+ unsigned int seq,
+ void *alt,
+ size_t * alt_size,
+ unsigned int
+ *alt_type,
+ void *serial,
+ size_t *
+ serial_size,
+ unsigned int
+ *critical);
+
+ int gnutls_x509_crl_get_number(gnutls_x509_crl_t crl, void *ret,
+ size_t * ret_size,
+ unsigned int *critical);
+
+ int gnutls_x509_crl_get_extension_oid(gnutls_x509_crl_t crl,
+ int indx, void *oid,
+ size_t * sizeof_oid);
+
+ int gnutls_x509_crl_get_extension_info(gnutls_x509_crl_t crl,
+ int indx, void *oid,
+ size_t * sizeof_oid,
+ unsigned int *critical);
+
+ int gnutls_x509_crl_get_extension_data(gnutls_x509_crl_t crl,
+ int indx, void *data,
+ size_t * sizeof_data);
+
+ int gnutls_x509_crl_set_authority_key_id(gnutls_x509_crl_t crl,
+ const void *id,
+ size_t id_size);
+
+ int gnutls_x509_crl_set_number(gnutls_x509_crl_t crl,
+ const void *nr, size_t nr_size);
/* PKCS7 structures handling
*/
- struct gnutls_pkcs7_int;
- typedef struct gnutls_pkcs7_int *gnutls_pkcs7_t;
-
- int gnutls_pkcs7_init (gnutls_pkcs7_t * pkcs7);
- void gnutls_pkcs7_deinit (gnutls_pkcs7_t pkcs7);
- int gnutls_pkcs7_import (gnutls_pkcs7_t pkcs7,
- const gnutls_datum_t * data,
- gnutls_x509_crt_fmt_t format);
- int gnutls_pkcs7_export (gnutls_pkcs7_t pkcs7,
- gnutls_x509_crt_fmt_t format,
- void *output_data, size_t * output_data_size);
- int gnutls_pkcs7_export2 (gnutls_pkcs7_t pkcs7,
- gnutls_x509_crt_fmt_t format,
- gnutls_datum_t *out);
-
- int gnutls_pkcs7_get_crt_count (gnutls_pkcs7_t pkcs7);
- int gnutls_pkcs7_get_crt_raw (gnutls_pkcs7_t pkcs7, int indx,
- void *certificate, size_t * certificate_size);
-
- int gnutls_pkcs7_set_crt_raw (gnutls_pkcs7_t pkcs7,
- const gnutls_datum_t * crt);
- int gnutls_pkcs7_set_crt (gnutls_pkcs7_t pkcs7, gnutls_x509_crt_t crt);
- int gnutls_pkcs7_delete_crt (gnutls_pkcs7_t pkcs7, int indx);
-
- int gnutls_pkcs7_get_crl_raw (gnutls_pkcs7_t pkcs7,
- int indx, void *crl, size_t * crl_size);
- int gnutls_pkcs7_get_crl_count (gnutls_pkcs7_t pkcs7);
-
- int gnutls_pkcs7_set_crl_raw (gnutls_pkcs7_t pkcs7,
- const gnutls_datum_t * crl);
- int gnutls_pkcs7_set_crl (gnutls_pkcs7_t pkcs7, gnutls_x509_crl_t crl);
- int gnutls_pkcs7_delete_crl (gnutls_pkcs7_t pkcs7, int indx);
+ struct gnutls_pkcs7_int;
+ typedef struct gnutls_pkcs7_int *gnutls_pkcs7_t;
+
+ int gnutls_pkcs7_init(gnutls_pkcs7_t * pkcs7);
+ void gnutls_pkcs7_deinit(gnutls_pkcs7_t pkcs7);
+ int gnutls_pkcs7_import(gnutls_pkcs7_t pkcs7,
+ const gnutls_datum_t * data,
+ gnutls_x509_crt_fmt_t format);
+ int gnutls_pkcs7_export(gnutls_pkcs7_t pkcs7,
+ gnutls_x509_crt_fmt_t format,
+ void *output_data,
+ size_t * output_data_size);
+ int gnutls_pkcs7_export2(gnutls_pkcs7_t pkcs7,
+ gnutls_x509_crt_fmt_t format,
+ gnutls_datum_t * out);
+
+ int gnutls_pkcs7_get_crt_count(gnutls_pkcs7_t pkcs7);
+ int gnutls_pkcs7_get_crt_raw(gnutls_pkcs7_t pkcs7, int indx,
+ void *certificate,
+ size_t * certificate_size);
+
+ int gnutls_pkcs7_set_crt_raw(gnutls_pkcs7_t pkcs7,
+ const gnutls_datum_t * crt);
+ int gnutls_pkcs7_set_crt(gnutls_pkcs7_t pkcs7,
+ gnutls_x509_crt_t crt);
+ int gnutls_pkcs7_delete_crt(gnutls_pkcs7_t pkcs7, int indx);
+
+ int gnutls_pkcs7_get_crl_raw(gnutls_pkcs7_t pkcs7,
+ int indx, void *crl,
+ size_t * crl_size);
+ int gnutls_pkcs7_get_crl_count(gnutls_pkcs7_t pkcs7);
+
+ int gnutls_pkcs7_set_crl_raw(gnutls_pkcs7_t pkcs7,
+ const gnutls_datum_t * crl);
+ int gnutls_pkcs7_set_crl(gnutls_pkcs7_t pkcs7,
+ gnutls_x509_crl_t crl);
+ int gnutls_pkcs7_delete_crl(gnutls_pkcs7_t pkcs7, int indx);
/* X.509 Certificate verification functions.
*/
@@ -694,57 +773,58 @@ extern "C"
*
* Enumeration of different certificate verify flags.
*/
- typedef enum gnutls_certificate_verify_flags
- {
- GNUTLS_VERIFY_DISABLE_CA_SIGN = 1<<0,
- GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT = 1<<1,
- GNUTLS_VERIFY_DO_NOT_ALLOW_SAME = 1<<2,
- GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT = 1<<3,
- GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2 = 1<<4,
- GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5 = 1<<5,
- GNUTLS_VERIFY_DISABLE_TIME_CHECKS = 1<<6,
- GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS = 1<<7,
- GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT = 1<<8,
- GNUTLS_VERIFY_DISABLE_CRL_CHECKS = 1<<9,
- GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN = 1<<10,
- GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN = 1<<11,
- } gnutls_certificate_verify_flags;
-
- int gnutls_x509_crt_check_issuer (gnutls_x509_crt_t cert,
- gnutls_x509_crt_t issuer);
-
- int gnutls_x509_crt_list_verify (const gnutls_x509_crt_t * cert_list,
- int cert_list_length,
- const gnutls_x509_crt_t * CA_list,
- int CA_list_length,
- const gnutls_x509_crl_t * CRL_list,
- int CRL_list_length,
- unsigned int flags, unsigned int *verify);
-
- int gnutls_x509_crt_verify (gnutls_x509_crt_t cert,
- const gnutls_x509_crt_t * CA_list,
- int CA_list_length, unsigned int flags,
- unsigned int *verify);
- int gnutls_x509_crl_verify (gnutls_x509_crl_t crl,
- const gnutls_x509_crt_t * CA_list,
- int CA_list_length, unsigned int flags,
- unsigned int *verify);
-
- int gnutls_x509_crt_check_revocation (gnutls_x509_crt_t cert,
- const gnutls_x509_crl_t *
- crl_list, int crl_list_length);
-
- int gnutls_x509_crt_get_fingerprint (gnutls_x509_crt_t cert,
- gnutls_digest_algorithm_t algo,
- void *buf, size_t * buf_size);
-
- int gnutls_x509_crt_get_key_purpose_oid (gnutls_x509_crt_t cert,
- int indx, void *oid,
- size_t * oid_size,
- unsigned int *critical);
- int gnutls_x509_crt_set_key_purpose_oid (gnutls_x509_crt_t cert,
- const void *oid,
- unsigned int critical);
+ typedef enum gnutls_certificate_verify_flags {
+ GNUTLS_VERIFY_DISABLE_CA_SIGN = 1 << 0,
+ GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT = 1 << 1,
+ GNUTLS_VERIFY_DO_NOT_ALLOW_SAME = 1 << 2,
+ GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT = 1 << 3,
+ GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2 = 1 << 4,
+ GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5 = 1 << 5,
+ GNUTLS_VERIFY_DISABLE_TIME_CHECKS = 1 << 6,
+ GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS = 1 << 7,
+ GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT = 1 << 8,
+ GNUTLS_VERIFY_DISABLE_CRL_CHECKS = 1 << 9,
+ GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN = 1 << 10,
+ GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN = 1 << 11,
+ } gnutls_certificate_verify_flags;
+
+ int gnutls_x509_crt_check_issuer(gnutls_x509_crt_t cert,
+ gnutls_x509_crt_t issuer);
+
+ int gnutls_x509_crt_list_verify(const gnutls_x509_crt_t *
+ cert_list, int cert_list_length,
+ const gnutls_x509_crt_t * CA_list,
+ int CA_list_length,
+ const gnutls_x509_crl_t * CRL_list,
+ int CRL_list_length,
+ unsigned int flags,
+ unsigned int *verify);
+
+ int gnutls_x509_crt_verify(gnutls_x509_crt_t cert,
+ const gnutls_x509_crt_t * CA_list,
+ int CA_list_length, unsigned int flags,
+ unsigned int *verify);
+ int gnutls_x509_crl_verify(gnutls_x509_crl_t crl,
+ const gnutls_x509_crt_t * CA_list,
+ int CA_list_length, unsigned int flags,
+ unsigned int *verify);
+
+ int gnutls_x509_crt_check_revocation(gnutls_x509_crt_t cert,
+ const gnutls_x509_crl_t *
+ crl_list,
+ int crl_list_length);
+
+ int gnutls_x509_crt_get_fingerprint(gnutls_x509_crt_t cert,
+ gnutls_digest_algorithm_t algo,
+ void *buf, size_t * buf_size);
+
+ int gnutls_x509_crt_get_key_purpose_oid(gnutls_x509_crt_t cert,
+ int indx, void *oid,
+ size_t * oid_size,
+ unsigned int *critical);
+ int gnutls_x509_crt_set_key_purpose_oid(gnutls_x509_crt_t cert,
+ const void *oid,
+ unsigned int critical);
/* Private key handling.
*/
@@ -771,351 +851,398 @@ extern "C"
*
* Enumeration of different PKCS encryption flags.
*/
- typedef enum gnutls_pkcs_encrypt_flags_t
- {
- GNUTLS_PKCS_PLAIN = 1,
- GNUTLS_PKCS_USE_PKCS12_3DES = 2,
- GNUTLS_PKCS_USE_PKCS12_ARCFOUR = 4,
- GNUTLS_PKCS_USE_PKCS12_RC2_40 = 8,
- GNUTLS_PKCS_USE_PBES2_3DES = 16,
- GNUTLS_PKCS_USE_PBES2_AES_128 = 32,
- GNUTLS_PKCS_USE_PBES2_AES_192 = 64,
- GNUTLS_PKCS_USE_PBES2_AES_256 = 128,
- GNUTLS_PKCS_NULL_PASSWORD = 256
- } gnutls_pkcs_encrypt_flags_t;
-
- int gnutls_x509_privkey_init (gnutls_x509_privkey_t * key);
- void gnutls_x509_privkey_deinit (gnutls_x509_privkey_t key);
- gnutls_sec_param_t gnutls_x509_privkey_sec_param (gnutls_x509_privkey_t
- key);
- int gnutls_x509_privkey_cpy (gnutls_x509_privkey_t dst,
- gnutls_x509_privkey_t src);
- int gnutls_x509_privkey_import (gnutls_x509_privkey_t key,
- const gnutls_datum_t * data,
- gnutls_x509_crt_fmt_t format);
- int gnutls_x509_privkey_import_pkcs8 (gnutls_x509_privkey_t key,
- const gnutls_datum_t * data,
- gnutls_x509_crt_fmt_t format,
- const char *password,
- unsigned int flags);
- int gnutls_x509_privkey_import_openssl (gnutls_x509_privkey_t key,
- const gnutls_datum_t *data,
- const char* password);
-
- int gnutls_x509_privkey_import2 (gnutls_x509_privkey_t key,
- const gnutls_datum_t * data,
- gnutls_x509_crt_fmt_t format,
- const char* password, unsigned int flags);
-
- int gnutls_x509_privkey_import_rsa_raw (gnutls_x509_privkey_t key,
- const gnutls_datum_t * m,
- const gnutls_datum_t * e,
- const gnutls_datum_t * d,
- const gnutls_datum_t * p,
- const gnutls_datum_t * q,
- const gnutls_datum_t * u);
- int gnutls_x509_privkey_import_rsa_raw2 (gnutls_x509_privkey_t key,
- const gnutls_datum_t * m,
- const gnutls_datum_t * e,
- const gnutls_datum_t * d,
- const gnutls_datum_t * p,
- const gnutls_datum_t * q,
- const gnutls_datum_t * u,
- const gnutls_datum_t * e1,
- const gnutls_datum_t * e2);
- int gnutls_x509_privkey_import_ecc_raw (gnutls_x509_privkey_t key,
- gnutls_ecc_curve_t curve,
- const gnutls_datum_t * x,
- const gnutls_datum_t * y,
- const gnutls_datum_t * k);
-
- int gnutls_x509_privkey_fix (gnutls_x509_privkey_t key);
-
- int gnutls_x509_privkey_export_dsa_raw (gnutls_x509_privkey_t key,
- gnutls_datum_t * p,
- gnutls_datum_t * q,
- gnutls_datum_t * g,
- gnutls_datum_t * y,
- gnutls_datum_t * x);
- int gnutls_x509_privkey_import_dsa_raw (gnutls_x509_privkey_t key,
- const gnutls_datum_t * p,
- const gnutls_datum_t * q,
- const gnutls_datum_t * g,
- const gnutls_datum_t * y,
- const gnutls_datum_t * x);
-
- int gnutls_x509_privkey_get_pk_algorithm (gnutls_x509_privkey_t key);
- int gnutls_x509_privkey_get_pk_algorithm2 (gnutls_x509_privkey_t key, unsigned int *bits);
- int gnutls_x509_privkey_get_key_id (gnutls_x509_privkey_t key,
- unsigned int flags,
- unsigned char *output_data,
- size_t * output_data_size);
-
- int gnutls_x509_privkey_generate (gnutls_x509_privkey_t key,
- gnutls_pk_algorithm_t algo,
- unsigned int bits, unsigned int flags);
- int gnutls_x509_privkey_verify_params (gnutls_x509_privkey_t key);
-
- int gnutls_x509_privkey_export (gnutls_x509_privkey_t key,
- gnutls_x509_crt_fmt_t format,
- void *output_data,
- size_t * output_data_size);
- int gnutls_x509_privkey_export2 (gnutls_x509_privkey_t key,
- gnutls_x509_crt_fmt_t format,
- gnutls_datum_t * out);
- int gnutls_x509_privkey_export_pkcs8 (gnutls_x509_privkey_t key,
- gnutls_x509_crt_fmt_t format,
- const char *password,
- unsigned int flags,
- void *output_data,
- size_t * output_data_size);
- int gnutls_x509_privkey_export2_pkcs8 (gnutls_x509_privkey_t key,
- gnutls_x509_crt_fmt_t format,
- const char *password,
- unsigned int flags,
- gnutls_datum_t * out);
- int gnutls_x509_privkey_export_rsa_raw2 (gnutls_x509_privkey_t key,
- gnutls_datum_t * m,
- gnutls_datum_t * e,
- gnutls_datum_t * d,
- gnutls_datum_t * p,
- gnutls_datum_t * q,
- gnutls_datum_t * u,
- gnutls_datum_t * e1,
- gnutls_datum_t * e2);
- int gnutls_x509_privkey_export_rsa_raw (gnutls_x509_privkey_t key,
- gnutls_datum_t * m,
- gnutls_datum_t * e,
- gnutls_datum_t * d,
- gnutls_datum_t * p,
- gnutls_datum_t * q,
- gnutls_datum_t * u);
- int gnutls_x509_privkey_export_ecc_raw (gnutls_x509_privkey_t key,
- gnutls_ecc_curve_t *curve,
- gnutls_datum_t * x, gnutls_datum_t * y,
- gnutls_datum_t* k);
+ typedef enum gnutls_pkcs_encrypt_flags_t {
+ GNUTLS_PKCS_PLAIN = 1,
+ GNUTLS_PKCS_USE_PKCS12_3DES = 2,
+ GNUTLS_PKCS_USE_PKCS12_ARCFOUR = 4,
+ GNUTLS_PKCS_USE_PKCS12_RC2_40 = 8,
+ GNUTLS_PKCS_USE_PBES2_3DES = 16,
+ GNUTLS_PKCS_USE_PBES2_AES_128 = 32,
+ GNUTLS_PKCS_USE_PBES2_AES_192 = 64,
+ GNUTLS_PKCS_USE_PBES2_AES_256 = 128,
+ GNUTLS_PKCS_NULL_PASSWORD = 256
+ } gnutls_pkcs_encrypt_flags_t;
+
+ int gnutls_x509_privkey_init(gnutls_x509_privkey_t * key);
+ void gnutls_x509_privkey_deinit(gnutls_x509_privkey_t key);
+ gnutls_sec_param_t
+ gnutls_x509_privkey_sec_param(gnutls_x509_privkey_t key);
+ int gnutls_x509_privkey_cpy(gnutls_x509_privkey_t dst,
+ gnutls_x509_privkey_t src);
+ int gnutls_x509_privkey_import(gnutls_x509_privkey_t key,
+ const gnutls_datum_t * data,
+ gnutls_x509_crt_fmt_t format);
+ int gnutls_x509_privkey_import_pkcs8(gnutls_x509_privkey_t key,
+ const gnutls_datum_t * data,
+ gnutls_x509_crt_fmt_t format,
+ const char *password,
+ unsigned int flags);
+ int gnutls_x509_privkey_import_openssl(gnutls_x509_privkey_t key,
+ const gnutls_datum_t * data,
+ const char *password);
+
+ int gnutls_x509_privkey_import2(gnutls_x509_privkey_t key,
+ const gnutls_datum_t * data,
+ gnutls_x509_crt_fmt_t format,
+ const char *password,
+ unsigned int flags);
+
+ int gnutls_x509_privkey_import_rsa_raw(gnutls_x509_privkey_t key,
+ const gnutls_datum_t * m,
+ const gnutls_datum_t * e,
+ const gnutls_datum_t * d,
+ const gnutls_datum_t * p,
+ const gnutls_datum_t * q,
+ const gnutls_datum_t * u);
+ int gnutls_x509_privkey_import_rsa_raw2(gnutls_x509_privkey_t key,
+ const gnutls_datum_t * m,
+ const gnutls_datum_t * e,
+ const gnutls_datum_t * d,
+ const gnutls_datum_t * p,
+ const gnutls_datum_t * q,
+ const gnutls_datum_t * u,
+ const gnutls_datum_t * e1,
+ const gnutls_datum_t * e2);
+ int gnutls_x509_privkey_import_ecc_raw(gnutls_x509_privkey_t key,
+ gnutls_ecc_curve_t curve,
+ const gnutls_datum_t * x,
+ const gnutls_datum_t * y,
+ const gnutls_datum_t * k);
+
+ int gnutls_x509_privkey_fix(gnutls_x509_privkey_t key);
+
+ int gnutls_x509_privkey_export_dsa_raw(gnutls_x509_privkey_t key,
+ gnutls_datum_t * p,
+ gnutls_datum_t * q,
+ gnutls_datum_t * g,
+ gnutls_datum_t * y,
+ gnutls_datum_t * x);
+ int gnutls_x509_privkey_import_dsa_raw(gnutls_x509_privkey_t key,
+ const gnutls_datum_t * p,
+ const gnutls_datum_t * q,
+ const gnutls_datum_t * g,
+ const gnutls_datum_t * y,
+ const gnutls_datum_t * x);
+
+ int gnutls_x509_privkey_get_pk_algorithm(gnutls_x509_privkey_t
+ key);
+ int gnutls_x509_privkey_get_pk_algorithm2(gnutls_x509_privkey_t
+ key, unsigned int *bits);
+ int gnutls_x509_privkey_get_key_id(gnutls_x509_privkey_t key,
+ unsigned int flags,
+ unsigned char *output_data,
+ size_t * output_data_size);
+
+ int gnutls_x509_privkey_generate(gnutls_x509_privkey_t key,
+ gnutls_pk_algorithm_t algo,
+ unsigned int bits,
+ unsigned int flags);
+ int gnutls_x509_privkey_verify_params(gnutls_x509_privkey_t key);
+
+ int gnutls_x509_privkey_export(gnutls_x509_privkey_t key,
+ gnutls_x509_crt_fmt_t format,
+ void *output_data,
+ size_t * output_data_size);
+ int gnutls_x509_privkey_export2(gnutls_x509_privkey_t key,
+ gnutls_x509_crt_fmt_t format,
+ gnutls_datum_t * out);
+ int gnutls_x509_privkey_export_pkcs8(gnutls_x509_privkey_t key,
+ gnutls_x509_crt_fmt_t format,
+ const char *password,
+ unsigned int flags,
+ void *output_data,
+ size_t * output_data_size);
+ int gnutls_x509_privkey_export2_pkcs8(gnutls_x509_privkey_t key,
+ gnutls_x509_crt_fmt_t format,
+ const char *password,
+ unsigned int flags,
+ gnutls_datum_t * out);
+ int gnutls_x509_privkey_export_rsa_raw2(gnutls_x509_privkey_t key,
+ gnutls_datum_t * m,
+ gnutls_datum_t * e,
+ gnutls_datum_t * d,
+ gnutls_datum_t * p,
+ gnutls_datum_t * q,
+ gnutls_datum_t * u,
+ gnutls_datum_t * e1,
+ gnutls_datum_t * e2);
+ int gnutls_x509_privkey_export_rsa_raw(gnutls_x509_privkey_t key,
+ gnutls_datum_t * m,
+ gnutls_datum_t * e,
+ gnutls_datum_t * d,
+ gnutls_datum_t * p,
+ gnutls_datum_t * q,
+ gnutls_datum_t * u);
+ int gnutls_x509_privkey_export_ecc_raw(gnutls_x509_privkey_t key,
+ gnutls_ecc_curve_t * curve,
+ gnutls_datum_t * x,
+ gnutls_datum_t * y,
+ gnutls_datum_t * k);
/* Certificate request stuff.
*/
- int gnutls_x509_crq_sign2 (gnutls_x509_crq_t crq,
- gnutls_x509_privkey_t key,
- gnutls_digest_algorithm_t dig,
- unsigned int flags);
-
- int gnutls_x509_crq_print (gnutls_x509_crq_t crq,
- gnutls_certificate_print_formats_t format,
- gnutls_datum_t * out);
-
- int gnutls_x509_crq_verify (gnutls_x509_crq_t crq, unsigned int flags);
-
- int gnutls_x509_crq_init (gnutls_x509_crq_t * crq);
- void gnutls_x509_crq_deinit (gnutls_x509_crq_t crq);
- int gnutls_x509_crq_import (gnutls_x509_crq_t crq,
- const gnutls_datum_t * data,
- gnutls_x509_crt_fmt_t format);
-
- int gnutls_x509_crq_get_private_key_usage_period (gnutls_x509_crq_t cert, time_t* activation, time_t* expiration,
- unsigned int *critical);
-
- int gnutls_x509_crq_get_dn (gnutls_x509_crq_t crq, char *buf,
- size_t * sizeof_buf);
- int gnutls_x509_crq_get_dn2 (gnutls_x509_crq_t crq, gnutls_datum_t* dn);
- int gnutls_x509_crq_get_dn_oid (gnutls_x509_crq_t crq, int indx,
- void *oid, size_t * sizeof_oid);
- int gnutls_x509_crq_get_dn_by_oid (gnutls_x509_crq_t crq,
- const char *oid, int indx,
- unsigned int raw_flag, void *buf,
- size_t * sizeof_buf);
- int gnutls_x509_crq_set_dn (gnutls_x509_crq_t crq, const char *dn, const char** err);
- int gnutls_x509_crq_set_dn_by_oid (gnutls_x509_crq_t crq,
- const char *oid,
- unsigned int raw_flag,
- const void *data,
- unsigned int sizeof_data);
- int gnutls_x509_crq_set_version (gnutls_x509_crq_t crq,
- unsigned int version);
- int gnutls_x509_crq_get_version (gnutls_x509_crq_t crq);
- int gnutls_x509_crq_set_key (gnutls_x509_crq_t crq,
- gnutls_x509_privkey_t key);
-
- int gnutls_x509_crq_set_challenge_password (gnutls_x509_crq_t crq,
- const char *pass);
- int gnutls_x509_crq_get_challenge_password (gnutls_x509_crq_t crq,
- char *pass,
- size_t * sizeof_pass);
-
- int gnutls_x509_crq_set_attribute_by_oid (gnutls_x509_crq_t crq,
- const char *oid, void *buf,
- size_t sizeof_buf);
- int gnutls_x509_crq_get_attribute_by_oid (gnutls_x509_crq_t crq,
- const char *oid, int indx,
- void *buf, size_t * sizeof_buf);
-
- int gnutls_x509_crq_export (gnutls_x509_crq_t crq,
- gnutls_x509_crt_fmt_t format,
- void *output_data, size_t * output_data_size);
- int gnutls_x509_crq_export2 (gnutls_x509_crq_t crq,
- gnutls_x509_crt_fmt_t format,
- gnutls_datum_t * out);
-
- int gnutls_x509_crt_set_crq (gnutls_x509_crt_t crt, gnutls_x509_crq_t crq);
- int gnutls_x509_crt_set_crq_extensions (gnutls_x509_crt_t crt,
- gnutls_x509_crq_t crq);
-
- int gnutls_x509_crq_set_private_key_usage_period (gnutls_x509_crq_t crq,
- time_t activation,
- time_t expiration);
- int gnutls_x509_crq_set_key_rsa_raw (gnutls_x509_crq_t crq,
- const gnutls_datum_t * m,
- const gnutls_datum_t * e);
- int gnutls_x509_crq_set_subject_alt_name (gnutls_x509_crq_t crq,
- gnutls_x509_subject_alt_name_t nt,
- const void *data,
- unsigned int data_size,
- unsigned int flags);
-
- int gnutls_x509_crq_set_key_usage (gnutls_x509_crq_t crq,
- unsigned int usage);
- int gnutls_x509_crq_set_basic_constraints (gnutls_x509_crq_t crq,
- unsigned int ca,
- int pathLenConstraint);
- int gnutls_x509_crq_set_key_purpose_oid (gnutls_x509_crq_t crq,
- const void *oid,
- unsigned int critical);
- int gnutls_x509_crq_get_key_purpose_oid (gnutls_x509_crq_t crq, int indx,
- void *oid, size_t * sizeof_oid,
- unsigned int *critical);
-
- int gnutls_x509_crq_get_extension_data (gnutls_x509_crq_t crq, int indx,
- void *data, size_t * sizeof_data);
- int gnutls_x509_crq_get_extension_info (gnutls_x509_crq_t crq, int indx,
- void *oid, size_t * sizeof_oid,
- unsigned int *critical);
- int gnutls_x509_crq_get_attribute_data (gnutls_x509_crq_t crq, int indx,
- void *data, size_t * sizeof_data);
- int gnutls_x509_crq_get_attribute_info (gnutls_x509_crq_t crq, int indx,
- void *oid, size_t * sizeof_oid);
- int gnutls_x509_crq_get_pk_algorithm (gnutls_x509_crq_t crq,
- unsigned int *bits);
-
- int gnutls_x509_crq_get_key_id (gnutls_x509_crq_t crq, unsigned int flags,
- unsigned char *output_data,
- size_t * output_data_size);
- int gnutls_x509_crq_get_key_rsa_raw (gnutls_x509_crq_t crq,
- gnutls_datum_t * m,
- gnutls_datum_t * e);
-
- int gnutls_x509_crq_get_key_usage (gnutls_x509_crq_t crq,
- unsigned int *key_usage,
- unsigned int *critical);
- int gnutls_x509_crq_get_basic_constraints (gnutls_x509_crq_t crq,
- unsigned int *critical,
- unsigned int *ca, int *pathlen);
- int gnutls_x509_crq_get_subject_alt_name (gnutls_x509_crq_t crq,
- unsigned int seq, void *ret,
- size_t * ret_size,
- unsigned int *ret_type,
- unsigned int *critical);
- int gnutls_x509_crq_get_subject_alt_othername_oid (gnutls_x509_crq_t crq,
- unsigned int seq,
- void *ret,
- size_t * ret_size);
-
- int gnutls_x509_crq_get_extension_by_oid (gnutls_x509_crq_t crq,
- const char *oid, int indx,
- void *buf, size_t * sizeof_buf,
- unsigned int *critical);
-
- typedef struct gnutls_x509_trust_list_st *gnutls_x509_trust_list_t;
-
- int
- gnutls_x509_trust_list_init (gnutls_x509_trust_list_t * list, unsigned int size);
-
- void
- gnutls_x509_trust_list_deinit (gnutls_x509_trust_list_t list, unsigned int all);
-
- int gnutls_x509_trust_list_get_issuer(gnutls_x509_trust_list_t list,
- gnutls_x509_crt_t cert, gnutls_x509_crt_t* issuer, unsigned int flags);
-
- int
- gnutls_x509_trust_list_add_cas (gnutls_x509_trust_list_t list,
- const gnutls_x509_crt_t * clist, int clist_size, unsigned int flags);
- int gnutls_x509_trust_list_remove_cas(gnutls_x509_trust_list_t list,
- const gnutls_x509_crt_t * clist,
- int clist_size);
-
- int gnutls_x509_trust_list_add_named_crt (gnutls_x509_trust_list_t list,
- gnutls_x509_crt_t cert, const void* name, size_t name_size, unsigned int flags);
+ int gnutls_x509_crq_sign2(gnutls_x509_crq_t crq,
+ gnutls_x509_privkey_t key,
+ gnutls_digest_algorithm_t dig,
+ unsigned int flags);
+
+ int gnutls_x509_crq_print(gnutls_x509_crq_t crq,
+ gnutls_certificate_print_formats_t
+ format, gnutls_datum_t * out);
+
+ int gnutls_x509_crq_verify(gnutls_x509_crq_t crq,
+ unsigned int flags);
+
+ int gnutls_x509_crq_init(gnutls_x509_crq_t * crq);
+ void gnutls_x509_crq_deinit(gnutls_x509_crq_t crq);
+ int gnutls_x509_crq_import(gnutls_x509_crq_t crq,
+ const gnutls_datum_t * data,
+ gnutls_x509_crt_fmt_t format);
+
+ int gnutls_x509_crq_get_private_key_usage_period(gnutls_x509_crq_t
+ cert,
+ time_t *
+ activation,
+ time_t *
+ expiration,
+ unsigned int
+ *critical);
+
+ int gnutls_x509_crq_get_dn(gnutls_x509_crq_t crq, char *buf,
+ size_t * sizeof_buf);
+ int gnutls_x509_crq_get_dn2(gnutls_x509_crq_t crq,
+ gnutls_datum_t * dn);
+ int gnutls_x509_crq_get_dn_oid(gnutls_x509_crq_t crq, int indx,
+ void *oid, size_t * sizeof_oid);
+ int gnutls_x509_crq_get_dn_by_oid(gnutls_x509_crq_t crq,
+ const char *oid, int indx,
+ unsigned int raw_flag, void *buf,
+ size_t * sizeof_buf);
+ int gnutls_x509_crq_set_dn(gnutls_x509_crq_t crq, const char *dn,
+ const char **err);
+ int gnutls_x509_crq_set_dn_by_oid(gnutls_x509_crq_t crq,
+ const char *oid,
+ unsigned int raw_flag,
+ const void *data,
+ unsigned int sizeof_data);
+ int gnutls_x509_crq_set_version(gnutls_x509_crq_t crq,
+ unsigned int version);
+ int gnutls_x509_crq_get_version(gnutls_x509_crq_t crq);
+ int gnutls_x509_crq_set_key(gnutls_x509_crq_t crq,
+ gnutls_x509_privkey_t key);
+
+ int gnutls_x509_crq_set_challenge_password(gnutls_x509_crq_t crq,
+ const char *pass);
+ int gnutls_x509_crq_get_challenge_password(gnutls_x509_crq_t crq,
+ char *pass,
+ size_t * sizeof_pass);
+
+ int gnutls_x509_crq_set_attribute_by_oid(gnutls_x509_crq_t crq,
+ const char *oid,
+ void *buf,
+ size_t sizeof_buf);
+ int gnutls_x509_crq_get_attribute_by_oid(gnutls_x509_crq_t crq,
+ const char *oid, int indx,
+ void *buf,
+ size_t * sizeof_buf);
+
+ int gnutls_x509_crq_export(gnutls_x509_crq_t crq,
+ gnutls_x509_crt_fmt_t format,
+ void *output_data,
+ size_t * output_data_size);
+ int gnutls_x509_crq_export2(gnutls_x509_crq_t crq,
+ gnutls_x509_crt_fmt_t format,
+ gnutls_datum_t * out);
+
+ int gnutls_x509_crt_set_crq(gnutls_x509_crt_t crt,
+ gnutls_x509_crq_t crq);
+ int gnutls_x509_crt_set_crq_extensions(gnutls_x509_crt_t crt,
+ gnutls_x509_crq_t crq);
+
+ int gnutls_x509_crq_set_private_key_usage_period(gnutls_x509_crq_t
+ crq,
+ time_t activation,
+ time_t
+ expiration);
+ int gnutls_x509_crq_set_key_rsa_raw(gnutls_x509_crq_t crq,
+ const gnutls_datum_t * m,
+ const gnutls_datum_t * e);
+ int gnutls_x509_crq_set_subject_alt_name(gnutls_x509_crq_t crq,
+ gnutls_x509_subject_alt_name_t
+ nt, const void *data,
+ unsigned int data_size,
+ unsigned int flags);
+
+ int gnutls_x509_crq_set_key_usage(gnutls_x509_crq_t crq,
+ unsigned int usage);
+ int gnutls_x509_crq_set_basic_constraints(gnutls_x509_crq_t crq,
+ unsigned int ca,
+ int pathLenConstraint);
+ int gnutls_x509_crq_set_key_purpose_oid(gnutls_x509_crq_t crq,
+ const void *oid,
+ unsigned int critical);
+ int gnutls_x509_crq_get_key_purpose_oid(gnutls_x509_crq_t crq,
+ int indx, void *oid,
+ size_t * sizeof_oid,
+ unsigned int *critical);
+
+ int gnutls_x509_crq_get_extension_data(gnutls_x509_crq_t crq,
+ int indx, void *data,
+ size_t * sizeof_data);
+ int gnutls_x509_crq_get_extension_info(gnutls_x509_crq_t crq,
+ int indx, void *oid,
+ size_t * sizeof_oid,
+ unsigned int *critical);
+ int gnutls_x509_crq_get_attribute_data(gnutls_x509_crq_t crq,
+ int indx, void *data,
+ size_t * sizeof_data);
+ int gnutls_x509_crq_get_attribute_info(gnutls_x509_crq_t crq,
+ int indx, void *oid,
+ size_t * sizeof_oid);
+ int gnutls_x509_crq_get_pk_algorithm(gnutls_x509_crq_t crq,
+ unsigned int *bits);
+
+ int gnutls_x509_crq_get_key_id(gnutls_x509_crq_t crq,
+ unsigned int flags,
+ unsigned char *output_data,
+ size_t * output_data_size);
+ int gnutls_x509_crq_get_key_rsa_raw(gnutls_x509_crq_t crq,
+ gnutls_datum_t * m,
+ gnutls_datum_t * e);
+
+ int gnutls_x509_crq_get_key_usage(gnutls_x509_crq_t crq,
+ unsigned int *key_usage,
+ unsigned int *critical);
+ int gnutls_x509_crq_get_basic_constraints(gnutls_x509_crq_t crq,
+ unsigned int *critical,
+ unsigned int *ca,
+ int *pathlen);
+ int gnutls_x509_crq_get_subject_alt_name(gnutls_x509_crq_t crq,
+ unsigned int seq,
+ void *ret,
+ size_t * ret_size,
+ unsigned int *ret_type,
+ unsigned int *critical);
+ int gnutls_x509_crq_get_subject_alt_othername_oid(gnutls_x509_crq_t
+ crq,
+ unsigned int seq,
+ void *ret,
+ size_t *
+ ret_size);
+
+ int gnutls_x509_crq_get_extension_by_oid(gnutls_x509_crq_t crq,
+ const char *oid, int indx,
+ void *buf,
+ size_t * sizeof_buf,
+ unsigned int *critical);
+
+ typedef struct gnutls_x509_trust_list_st *gnutls_x509_trust_list_t;
+
+ int
+ gnutls_x509_trust_list_init(gnutls_x509_trust_list_t * list,
+ unsigned int size);
+
+ void
+ gnutls_x509_trust_list_deinit(gnutls_x509_trust_list_t list,
+ unsigned int all);
+
+ int gnutls_x509_trust_list_get_issuer(gnutls_x509_trust_list_t
+ list, gnutls_x509_crt_t cert,
+ gnutls_x509_crt_t * issuer,
+ unsigned int flags);
+
+ int
+ gnutls_x509_trust_list_add_cas(gnutls_x509_trust_list_t list,
+ const gnutls_x509_crt_t * clist,
+ int clist_size,
+ unsigned int flags);
+ int gnutls_x509_trust_list_remove_cas(gnutls_x509_trust_list_t
+ list,
+ const gnutls_x509_crt_t *
+ clist, int clist_size);
+
+ int gnutls_x509_trust_list_add_named_crt(gnutls_x509_trust_list_t
+ list,
+ gnutls_x509_crt_t cert,
+ const void *name,
+ size_t name_size,
+ unsigned int flags);
#define GNUTLS_TL_VERIFY_CRL 1
- int
- gnutls_x509_trust_list_add_crls (gnutls_x509_trust_list_t list,
- const gnutls_x509_crl_t * crl_list, int crl_size, unsigned int flags,
- unsigned int verification_flags);
-
- typedef int gnutls_verify_output_function (
- gnutls_x509_crt_t cert,
- gnutls_x509_crt_t issuer, /* The issuer if verification failed
- * because of him. might be null.
- */
- gnutls_x509_crl_t crl, /* The CRL that caused verification failure
- * if any. Might be null.
- */
- unsigned int verification_output);
-
- int gnutls_x509_trust_list_verify_named_crt (
- gnutls_x509_trust_list_t list,
- gnutls_x509_crt_t cert,
- const void * name, size_t name_size,
- unsigned int flags,
- unsigned int *verify,
- gnutls_verify_output_function func);
-
- int
- gnutls_x509_trust_list_verify_crt (
- gnutls_x509_trust_list_t list,
- gnutls_x509_crt_t *cert_list,
- unsigned int cert_list_size,
- unsigned int flags,
- unsigned int *verify,
- gnutls_verify_output_function func);
-
- /* trust list convenience functions */
-int
-gnutls_x509_trust_list_add_trust_mem(gnutls_x509_trust_list_t list,
- const gnutls_datum_t * cas,
- const gnutls_datum_t * crls,
- gnutls_x509_crt_fmt_t type,
- unsigned int tl_flags,
- unsigned int tl_vflags);
-
-int
-gnutls_x509_trust_list_add_trust_file(gnutls_x509_trust_list_t list,
- const char* ca_file,
- const char* crl_file,
- gnutls_x509_crt_fmt_t type,
- unsigned int tl_flags,
- unsigned int tl_vflags);
-
-int
-gnutls_x509_trust_list_remove_trust_file(gnutls_x509_trust_list_t list,
- const char* ca_file,
- gnutls_x509_crt_fmt_t type);
-
-int
-gnutls_x509_trust_list_remove_trust_mem(gnutls_x509_trust_list_t list,
- const gnutls_datum_t * cas,
- gnutls_x509_crt_fmt_t type);
-
-int
-gnutls_x509_trust_list_add_system_trust(gnutls_x509_trust_list_t list,
- unsigned int tl_flags, unsigned int tl_vflags);
-
-void gnutls_certificate_set_trust_list (gnutls_certificate_credentials_t res,
- gnutls_x509_trust_list_t tlist, unsigned flags);
+ int
+ gnutls_x509_trust_list_add_crls(gnutls_x509_trust_list_t list,
+ const gnutls_x509_crl_t *
+ crl_list, int crl_size,
+ unsigned int flags,
+ unsigned int verification_flags);
+
+ typedef int gnutls_verify_output_function(gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, /* The issuer if verification failed
+ * because of him. might be null.
+ */
+ gnutls_x509_crl_t crl, /* The CRL that caused verification failure
+ * if any. Might be null.
+ */
+ unsigned int
+ verification_output);
+
+ int gnutls_x509_trust_list_verify_named_crt
+ (gnutls_x509_trust_list_t list, gnutls_x509_crt_t cert,
+ const void *name, size_t name_size, unsigned int flags,
+ unsigned int *verify, gnutls_verify_output_function func);
+
+ int
+ gnutls_x509_trust_list_verify_crt(gnutls_x509_trust_list_t list,
+ gnutls_x509_crt_t * cert_list,
+ unsigned int cert_list_size,
+ unsigned int flags,
+ unsigned int *verify,
+ gnutls_verify_output_function
+ func);
+
+ /* trust list convenience functions */
+ int
+ gnutls_x509_trust_list_add_trust_mem(gnutls_x509_trust_list_t
+ list,
+ const gnutls_datum_t * cas,
+ const gnutls_datum_t * crls,
+ gnutls_x509_crt_fmt_t type,
+ unsigned int tl_flags,
+ unsigned int tl_vflags);
+
+ int
+ gnutls_x509_trust_list_add_trust_file(gnutls_x509_trust_list_t
+ list, const char *ca_file,
+ const char *crl_file,
+ gnutls_x509_crt_fmt_t type,
+ unsigned int tl_flags,
+ unsigned int tl_vflags);
+
+ int
+ gnutls_x509_trust_list_remove_trust_file(gnutls_x509_trust_list_t
+ list,
+ const char *ca_file,
+ gnutls_x509_crt_fmt_t
+ type);
+
+ int
+ gnutls_x509_trust_list_remove_trust_mem(gnutls_x509_trust_list_t
+ list,
+ const gnutls_datum_t *
+ cas,
+ gnutls_x509_crt_fmt_t
+ type);
+
+ int
+ gnutls_x509_trust_list_add_system_trust(gnutls_x509_trust_list_t
+ list,
+ unsigned int tl_flags,
+ unsigned int tl_vflags);
+
+ void gnutls_certificate_set_trust_list
+ (gnutls_certificate_credentials_t res,
+ gnutls_x509_trust_list_t tlist, unsigned flags);
#ifdef __cplusplus
}
#endif
-
-#endif /* GNUTLS_X509_H */
+#endif /* GNUTLS_X509_H */
diff --git a/lib/includes/gnutls/xssl.h b/lib/includes/gnutls/xssl.h
index 0afe88dc26..578eca6e08 100644
--- a/lib/includes/gnutls/xssl.h
+++ b/lib/includes/gnutls/xssl.h
@@ -27,95 +27,87 @@
typedef struct xssl_st *xssl_t;
typedef struct xssl_cred_st *xssl_cred_t;
-ssize_t xssl_printf (xssl_t sb, const char *fmt, ...)
+ssize_t xssl_printf(xssl_t sb, const char *fmt, ...)
#ifdef __GNUC__
- __attribute__ ((format (printf, 2, 3)))
+ __attribute__ ((format(printf, 2, 3)))
#endif
-;
+ ;
-ssize_t xssl_write (xssl_t sb, const void *data,
- size_t data_size);
+ssize_t xssl_write(xssl_t sb, const void *data, size_t data_size);
-ssize_t xssl_flush (xssl_t sb);
+ssize_t xssl_flush(xssl_t sb);
-ssize_t xssl_read(xssl_t sb, void* data, size_t data_size);
+ssize_t xssl_read(xssl_t sb, void *data, size_t data_size);
ssize_t
-xssl_getdelim (xssl_t sbuf, char **lineptr, size_t *n, int delimiter);
+xssl_getdelim(xssl_t sbuf, char **lineptr, size_t * n, int delimiter);
#define xssl_getline(sbuf, ptr, n) xssl_getdelim(sbuf, ptr, n, '\n')
void xssl_deinit(xssl_t sb);
#define GNUTLS_SBUF_WRITE_FLUSHES (1<<0)
-int xssl_sinit (xssl_t * isb, gnutls_session_t session,
- unsigned int flags);
+int xssl_sinit(xssl_t * isb, gnutls_session_t session, unsigned int flags);
gnutls_session_t xssl_get_session(xssl_t sb);
-int xssl_client_init (xssl_t * isb, const char* hostname,
- const char* service,
- gnutls_transport_ptr fd,
- const char* priority, xssl_cred_t cred,
- unsigned int *status,
- unsigned int flags);
+int xssl_client_init(xssl_t * isb, const char *hostname,
+ const char *service,
+ gnutls_transport_ptr fd,
+ const char *priority, xssl_cred_t cred,
+ unsigned int *status, unsigned int flags);
-int xssl_server_init (xssl_t * isb,
- gnutls_transport_ptr fd,
- const char* priority, xssl_cred_t cred,
- unsigned int *status,
- unsigned int flags);
+int xssl_server_init(xssl_t * isb,
+ gnutls_transport_ptr fd,
+ const char *priority, xssl_cred_t cred,
+ unsigned int *status, unsigned int flags);
/* High level credential structures */
-typedef enum
-{
- GNUTLS_VMETHOD_NO_AUTH = 0,
- GNUTLS_VMETHOD_TOFU = 1<<0,
- GNUTLS_VMETHOD_GIVEN_CAS = 1<<1,
- GNUTLS_VMETHOD_SYSTEM_CAS = 1<<2
+typedef enum {
+ GNUTLS_VMETHOD_NO_AUTH = 0,
+ GNUTLS_VMETHOD_TOFU = 1 << 0,
+ GNUTLS_VMETHOD_GIVEN_CAS = 1 << 1,
+ GNUTLS_VMETHOD_SYSTEM_CAS = 1 << 2
} gnutls_vmethod_t;
-typedef enum
-{
- GNUTLS_CINPUT_TYPE_FILE = 0,
- GNUTLS_CINPUT_TYPE_MEM = 1,
- GNUTLS_CINPUT_TYPE_PIN_FUNC = 2,
+typedef enum {
+ GNUTLS_CINPUT_TYPE_FILE = 0,
+ GNUTLS_CINPUT_TYPE_MEM = 1,
+ GNUTLS_CINPUT_TYPE_PIN_FUNC = 2,
} gnutls_cinput_type_t;
-typedef enum
-{
- GNUTLS_CINPUT_CAS = 1, /* i1 contains the CAs */
- GNUTLS_CINPUT_CRLS = 2,/* i1 contains the CRLs */
- GNUTLS_CINPUT_TOFU_DB = 3, /* i1 contains the DB filename */
- GNUTLS_CINPUT_KEYPAIR = 4, /* i1 contains the certificate, i2 the key
- * or i1.pin_fn contains the pin function,
- * and i2.udata the user pointer */
+typedef enum {
+ GNUTLS_CINPUT_CAS = 1, /* i1 contains the CAs */
+ GNUTLS_CINPUT_CRLS = 2, /* i1 contains the CRLs */
+ GNUTLS_CINPUT_TOFU_DB = 3, /* i1 contains the DB filename */
+ GNUTLS_CINPUT_KEYPAIR = 4, /* i1 contains the certificate, i2 the key
+ * or i1.pin_fn contains the pin function,
+ * and i2.udata the user pointer */
} gnutls_cinput_contents_t;
typedef struct gnutls_cinput_st {
- gnutls_cinput_type_t type;
- gnutls_cinput_contents_t contents;
- gnutls_x509_crt_fmt_t fmt; /* if applicable */
-
- union {
- gnutls_pin_callback_t pin_fn;
- const char* file;
- gnutls_datum_t mem;
- } i1;
-
- union {
- void* udata;
- const char* file;
- gnutls_datum_t mem;
- } i2;
-
- unsigned long future_pad[8];
+ gnutls_cinput_type_t type;
+ gnutls_cinput_contents_t contents;
+ gnutls_x509_crt_fmt_t fmt; /* if applicable */
+
+ union {
+ gnutls_pin_callback_t pin_fn;
+ const char *file;
+ gnutls_datum_t mem;
+ } i1;
+
+ union {
+ void *udata;
+ const char *file;
+ gnutls_datum_t mem;
+ } i2;
+
+ unsigned long future_pad[8];
} gnutls_cinput_st;
-int xssl_cred_init (xssl_cred_t *c, unsigned vflags,
- gnutls_cinput_st* aux,
- unsigned aux_size);
-void xssl_cred_deinit (xssl_cred_t cred);
+int xssl_cred_init(xssl_cred_t * c, unsigned vflags,
+ gnutls_cinput_st * aux, unsigned aux_size);
+void xssl_cred_deinit(xssl_cred_t cred);
-#endif /* GNUTLS_SBUF_H */
+#endif /* GNUTLS_SBUF_H */
View Lorry Controller Status