diff options
| author | Ander Juaristi <a@juaristi.eus> | 2021-11-15 20:03:12 +0100 |
|---|---|---|
| committer | Ander Juaristi <a@juaristi.eus> | 2021-12-04 17:23:46 +0100 |
| commit | 242abb6945cbb56c4a41c393d0253ea5b9d3a36a (patch) | |
| tree | 6764dbd36ac55dda6c50283737a4a922f8d57163 /lib/includes | |
| parent | 3d24dbe6038141e0e63317772fa270c38e2881e8 (diff) | |
| download | gnutls-242abb6945cbb56c4a41c393d0253ea5b9d3a36a.tar.gz | |
x509 CT: implement new public API
This commit implements import and export functions for the X.509
Certificate Transparency Signed Certificate Timestamp (SCT) extension
(RFC 6962).
A new constant GNUTLS_X509EXT_OID_CT_SCT is introduced
with the value "1.3.6.1.4.1.11129.2.4.2".
The following new public API functions are introduced:
- gnutls_x509_ext_ct_scts_init
- gnutls_x509_ext_ct_scts_deinit
- gnutls_x509_ext_ct_import_scts
- gnutls_x509_ext_ct_export_scts
- gnutls_x509_ct_sct_get_version
- gnutls_x509_ct_sct_get
Signed-off-by: Ander Juaristi <a@juaristi.eus>
Diffstat (limited to 'lib/includes')
| -rw-r--r-- | lib/includes/gnutls/x509-ext.h | 16 | ||||
| -rw-r--r-- | lib/includes/gnutls/x509.h | 1 |
2 files changed, 17 insertions, 0 deletions
diff --git a/lib/includes/gnutls/x509-ext.h b/lib/includes/gnutls/x509-ext.h index b288c31a19..459c1e8b14 100644 --- a/lib/includes/gnutls/x509-ext.h +++ b/lib/includes/gnutls/x509-ext.h @@ -199,6 +199,22 @@ int gnutls_x509_ext_export_tlsfeatures(gnutls_x509_tlsfeatures_t f, int gnutls_x509_tlsfeatures_add(gnutls_x509_tlsfeatures_t f, unsigned int feature); +typedef struct gnutls_x509_ct_scts_st *gnutls_x509_ct_scts_t; + +int gnutls_x509_ext_ct_scts_init(gnutls_x509_ct_scts_t * scts); +void gnutls_x509_ext_ct_scts_deinit(gnutls_x509_ct_scts_t scts); +int gnutls_x509_ext_ct_import_scts(const gnutls_datum_t * ext, + gnutls_x509_ct_scts_t scts, unsigned int flags); +int gnutls_x509_ext_ct_export_scts(const gnutls_x509_ct_scts_t scts, gnutls_datum_t * ext); +int gnutls_x509_ct_sct_get_version(const gnutls_x509_ct_scts_t scts, unsigned idx, + unsigned int *version_out); +int gnutls_x509_ct_sct_get(const gnutls_x509_ct_scts_t scts, + unsigned idx, + time_t *timestamp, + gnutls_datum_t *logid, + gnutls_sign_algorithm_t *sigalg, + gnutls_datum_t *signature); + /* *INDENT-OFF* */ #ifdef __cplusplus } diff --git a/lib/includes/gnutls/x509.h b/lib/includes/gnutls/x509.h index 7953a30460..5ac601a0a9 100644 --- a/lib/includes/gnutls/x509.h +++ b/lib/includes/gnutls/x509.h @@ -107,6 +107,7 @@ extern "C" { #define GNUTLS_X509EXT_OID_AUTHORITY_INFO_ACCESS "1.3.6.1.5.5.7.1.1" #define GNUTLS_X509EXT_OID_PROXY_CRT_INFO "1.3.6.1.5.5.7.1.14" #define GNUTLS_X509EXT_OID_TLSFEATURES "1.3.6.1.5.5.7.1.24" +#define GNUTLS_X509EXT_OID_CT_SCT_V1 "1.3.6.1.4.1.11129.2.4.2" #define GNUTLS_X509_OID_POLICY_ANY "2.5.29.54" |