diff options
author | Daiki Ueno <ueno@gnu.org> | 2023-04-24 12:39:42 +0900 |
---|---|---|
committer | Daiki Ueno <ueno@gnu.org> | 2023-04-24 12:45:46 +0900 |
commit | aa5950abab56b011331ad4331409b6ff8efb8aeb (patch) | |
tree | ad363fb38e8b65c942876641cda9c76caa13b498 /lib/includes | |
parent | 0fe9cb6842d63761718046cc7dd7eb437e6c5163 (diff) | |
download | gnutls-aa5950abab56b011331ad4331409b6ff8efb8aeb.tar.gz |
build: re-indent code
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Diffstat (limited to 'lib/includes')
-rw-r--r-- | lib/includes/gnutls/abstract.h | 746 | ||||
-rw-r--r-- | lib/includes/gnutls/compat.h | 221 | ||||
-rw-r--r-- | lib/includes/gnutls/crypto.h | 285 | ||||
-rw-r--r-- | lib/includes/gnutls/dtls.h | 20 | ||||
-rw-r--r-- | lib/includes/gnutls/gnutls.h.in | 1811 | ||||
-rw-r--r-- | lib/includes/gnutls/gnutlsxx.h | 2257 | ||||
-rw-r--r-- | lib/includes/gnutls/ocsp.h | 131 | ||||
-rw-r--r-- | lib/includes/gnutls/openpgp.h | 491 | ||||
-rw-r--r-- | lib/includes/gnutls/pkcs11.h | 335 | ||||
-rw-r--r-- | lib/includes/gnutls/pkcs12.h | 79 | ||||
-rw-r--r-- | lib/includes/gnutls/pkcs7.h | 72 | ||||
-rw-r--r-- | lib/includes/gnutls/self-test.h | 12 | ||||
-rw-r--r-- | lib/includes/gnutls/socket.h | 11 | ||||
-rw-r--r-- | lib/includes/gnutls/system-keys.h | 20 | ||||
-rw-r--r-- | lib/includes/gnutls/tpm.h | 38 | ||||
-rw-r--r-- | lib/includes/gnutls/urls.h | 18 | ||||
-rw-r--r-- | lib/includes/gnutls/x509-ext.h | 134 | ||||
-rw-r--r-- | lib/includes/gnutls/x509.h | 1422 |
18 files changed, 3861 insertions, 4242 deletions
diff --git a/lib/includes/gnutls/abstract.h b/lib/includes/gnutls/abstract.h index b3c6ed969b..641d72012d 100644 --- a/lib/includes/gnutls/abstract.h +++ b/lib/includes/gnutls/abstract.h @@ -22,13 +22,13 @@ */ #ifndef GNUTLS_ABSTRACT_H -# define GNUTLS_ABSTRACT_H +#define GNUTLS_ABSTRACT_H -# include <gnutls/gnutls.h> -# include <gnutls/x509.h> -# include <gnutls/pkcs11.h> -# include <gnutls/openpgp.h> -# include <gnutls/tpm.h> +#include <gnutls/gnutls.h> +#include <gnutls/x509.h> +#include <gnutls/pkcs11.h> +#include <gnutls/openpgp.h> +#include <gnutls/tpm.h> #ifdef __cplusplus extern "C" { @@ -36,7 +36,7 @@ extern "C" { /* Public key operations */ -# define GNUTLS_PUBKEY_VERIFY_FLAG_TLS_RSA GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA +#define GNUTLS_PUBKEY_VERIFY_FLAG_TLS_RSA GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA /** * gnutls_pubkey_flags: * @GNUTLS_PUBKEY_DISABLE_CALLBACKS: The following flag disables call to PIN callbacks. Only @@ -60,21 +60,19 @@ typedef enum gnutls_abstract_export_flags { GNUTLS_EXPORT_FLAG_NO_LZ = 1 } gnutls_abstract_export_flags_t; -# define GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA GNUTLS_VERIFY_USE_TLS1_RSA +#define GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA GNUTLS_VERIFY_USE_TLS1_RSA -typedef int (*gnutls_privkey_sign_func)(gnutls_privkey_t key, - void *userdata, - const gnutls_datum_t * raw_data, - gnutls_datum_t * signature); +typedef int (*gnutls_privkey_sign_func)(gnutls_privkey_t key, void *userdata, + const gnutls_datum_t *raw_data, + gnutls_datum_t *signature); -typedef int (*gnutls_privkey_decrypt_func)(gnutls_privkey_t key, - void *userdata, - const gnutls_datum_t * ciphertext, - gnutls_datum_t * plaintext); +typedef int (*gnutls_privkey_decrypt_func)(gnutls_privkey_t key, void *userdata, + const gnutls_datum_t *ciphertext, + gnutls_datum_t *plaintext); typedef int (*gnutls_privkey_decrypt_func2)(gnutls_privkey_t key, void *userdata, - const gnutls_datum_t * ciphertext, + const gnutls_datum_t *ciphertext, unsigned char *plaintext, size_t plaintext_size); @@ -86,10 +84,9 @@ typedef int (*gnutls_privkey_decrypt_func2)(gnutls_privkey_t key, */ typedef int (*gnutls_privkey_sign_hash_func)(gnutls_privkey_t key, gnutls_sign_algorithm_t algo, - void *userdata, - unsigned int flags, - const gnutls_datum_t * hash, - gnutls_datum_t * signature); + void *userdata, unsigned int flags, + const gnutls_datum_t *hash, + gnutls_datum_t *signature); /* to be called to sign data. The input data will be * the data to be signed (and hashed), with the provided @@ -98,34 +95,33 @@ typedef int (*gnutls_privkey_sign_hash_func)(gnutls_privkey_t key, */ typedef int (*gnutls_privkey_sign_data_func)(gnutls_privkey_t key, gnutls_sign_algorithm_t algo, - void *userdata, - unsigned int flags, - const gnutls_datum_t * data, - gnutls_datum_t * signature); + void *userdata, unsigned int flags, + const gnutls_datum_t *data, + gnutls_datum_t *signature); typedef void (*gnutls_privkey_deinit_func)(gnutls_privkey_t key, void *userdata); -# define GNUTLS_SIGN_ALGO_TO_FLAGS(sig) (unsigned int)((sig)<<20) -# define GNUTLS_FLAGS_TO_SIGN_ALGO(flags) (unsigned int)((flags)>>20) +#define GNUTLS_SIGN_ALGO_TO_FLAGS(sig) (unsigned int)((sig) << 20) +#define GNUTLS_FLAGS_TO_SIGN_ALGO(flags) (unsigned int)((flags) >> 20) /* Should return the public key algorithm (gnutls_pk_algorithm_t) */ -# define GNUTLS_PRIVKEY_INFO_PK_ALGO 1 +#define GNUTLS_PRIVKEY_INFO_PK_ALGO 1 /* Should return the preferred signature algorithm (gnutls_sign_algorithm_t) or 0. */ -# define GNUTLS_PRIVKEY_INFO_SIGN_ALGO (1<<1) +#define GNUTLS_PRIVKEY_INFO_SIGN_ALGO (1 << 1) /* Should return true (1) or false (0) if the provided sign algorithm * (obtained with GNUTLS_FLAGS_TO_SIGN_ALGO) is supported. */ -# define GNUTLS_PRIVKEY_INFO_HAVE_SIGN_ALGO (1<<2) +#define GNUTLS_PRIVKEY_INFO_HAVE_SIGN_ALGO (1 << 2) /* Should return the number of bits of the public key algorithm (required for RSA-PSS) * It is the value that should be returned by gnutls_pubkey_get_pk_algorithm() */ -# define GNUTLS_PRIVKEY_INFO_PK_ALGO_BITS (1<<3) +#define GNUTLS_PRIVKEY_INFO_PK_ALGO_BITS (1 << 3) /* returns information on the public key associated with userdata */ typedef int (*gnutls_privkey_info_func)(gnutls_privkey_t key, unsigned int flags, void *userdata); -int gnutls_pubkey_init(gnutls_pubkey_t * key); +int gnutls_pubkey_init(gnutls_pubkey_t *key); void gnutls_pubkey_deinit(gnutls_pubkey_t key); int gnutls_pubkey_verify_params(gnutls_pubkey_t key); @@ -135,209 +131,173 @@ void gnutls_pubkey_set_pin_function(gnutls_pubkey_t key, int gnutls_pubkey_get_pk_algorithm(gnutls_pubkey_t key, unsigned int *bits); -int -gnutls_pubkey_set_spki(gnutls_pubkey_t key, - const gnutls_x509_spki_t spki, unsigned int flags); +int gnutls_pubkey_set_spki(gnutls_pubkey_t key, const gnutls_x509_spki_t spki, + unsigned int flags); -int -gnutls_pubkey_get_spki(gnutls_pubkey_t key, - const gnutls_x509_spki_t spki, unsigned int flags); +int gnutls_pubkey_get_spki(gnutls_pubkey_t key, const gnutls_x509_spki_t spki, + unsigned int flags); -int gnutls_pubkey_import_x509(gnutls_pubkey_t key, - gnutls_x509_crt_t crt, unsigned int flags); -int gnutls_pubkey_import_x509_crq(gnutls_pubkey_t key, - gnutls_x509_crq_t crq, unsigned int flags); -int gnutls_pubkey_import_pkcs11(gnutls_pubkey_t key, - gnutls_pkcs11_obj_t obj, unsigned int flags); -int gnutls_pubkey_import_openpgp(gnutls_pubkey_t key, - gnutls_openpgp_crt_t crt, unsigned int flags); +int gnutls_pubkey_import_x509(gnutls_pubkey_t key, gnutls_x509_crt_t crt, + unsigned int flags); +int gnutls_pubkey_import_x509_crq(gnutls_pubkey_t key, gnutls_x509_crq_t crq, + unsigned int flags); +int gnutls_pubkey_import_pkcs11(gnutls_pubkey_t key, gnutls_pkcs11_obj_t obj, + unsigned int flags); +int gnutls_pubkey_import_openpgp(gnutls_pubkey_t key, gnutls_openpgp_crt_t crt, + unsigned int flags); int gnutls_pubkey_import_openpgp_raw(gnutls_pubkey_t pkey, - const gnutls_datum_t * data, - gnutls_openpgp_crt_fmt_t - format, - const gnutls_openpgp_keyid_t - keyid, unsigned int flags); + const gnutls_datum_t *data, + gnutls_openpgp_crt_fmt_t format, + const gnutls_openpgp_keyid_t keyid, + unsigned int flags); int gnutls_pubkey_import_x509_raw(gnutls_pubkey_t pkey, - const gnutls_datum_t * data, + const gnutls_datum_t *data, gnutls_x509_crt_fmt_t format, unsigned int flags); -int -gnutls_pubkey_import_privkey(gnutls_pubkey_t key, - gnutls_privkey_t pkey, - unsigned int usage, unsigned int flags); +int gnutls_pubkey_import_privkey(gnutls_pubkey_t key, gnutls_privkey_t pkey, + unsigned int usage, unsigned int flags); -int -gnutls_pubkey_import_tpm_url(gnutls_pubkey_t pkey, - const char *url, - const char *srk_password, unsigned int flags); +int gnutls_pubkey_import_tpm_url(gnutls_pubkey_t pkey, const char *url, + const char *srk_password, unsigned int flags); -int -gnutls_pubkey_import_url(gnutls_pubkey_t key, const char *url, - unsigned int flags); +int gnutls_pubkey_import_url(gnutls_pubkey_t key, const char *url, + unsigned int flags); -int -gnutls_pubkey_import_tpm_raw(gnutls_pubkey_t pkey, - const gnutls_datum_t * fdata, - gnutls_tpmkey_fmt_t format, - const char *srk_password, unsigned int flags); +int gnutls_pubkey_import_tpm_raw(gnutls_pubkey_t pkey, + const gnutls_datum_t *fdata, + gnutls_tpmkey_fmt_t format, + const char *srk_password, unsigned int flags); int gnutls_pubkey_get_preferred_hash_algorithm(gnutls_pubkey_t key, - gnutls_digest_algorithm_t - * hash, unsigned int *mand); + gnutls_digest_algorithm_t *hash, + unsigned int *mand); -# define gnutls_pubkey_get_pk_rsa_raw gnutls_pubkey_export_rsa_raw -int gnutls_pubkey_export_rsa_raw(gnutls_pubkey_t key, - gnutls_datum_t * m, gnutls_datum_t * e); +#define gnutls_pubkey_get_pk_rsa_raw gnutls_pubkey_export_rsa_raw +int gnutls_pubkey_export_rsa_raw(gnutls_pubkey_t key, gnutls_datum_t *m, + gnutls_datum_t *e); -int gnutls_pubkey_export_rsa_raw2(gnutls_pubkey_t key, - gnutls_datum_t * m, gnutls_datum_t * e, - unsigned flags); +int gnutls_pubkey_export_rsa_raw2(gnutls_pubkey_t key, gnutls_datum_t *m, + gnutls_datum_t *e, unsigned flags); -# define gnutls_pubkey_get_pk_dsa_raw gnutls_pubkey_export_dsa_raw -int gnutls_pubkey_export_dsa_raw(gnutls_pubkey_t key, - gnutls_datum_t * p, - gnutls_datum_t * q, - gnutls_datum_t * g, gnutls_datum_t * y); +#define gnutls_pubkey_get_pk_dsa_raw gnutls_pubkey_export_dsa_raw +int gnutls_pubkey_export_dsa_raw(gnutls_pubkey_t key, gnutls_datum_t *p, + gnutls_datum_t *q, gnutls_datum_t *g, + gnutls_datum_t *y); -int gnutls_pubkey_export_dsa_raw2(gnutls_pubkey_t key, - gnutls_datum_t * p, - gnutls_datum_t * q, - gnutls_datum_t * g, gnutls_datum_t * y, - unsigned flags); +int gnutls_pubkey_export_dsa_raw2(gnutls_pubkey_t key, gnutls_datum_t *p, + gnutls_datum_t *q, gnutls_datum_t *g, + gnutls_datum_t *y, unsigned flags); int gnutls_pubkey_export_ecc_raw2(gnutls_pubkey_t key, - gnutls_ecc_curve_t * curve, - gnutls_datum_t * x, gnutls_datum_t * y, - unsigned flags); + gnutls_ecc_curve_t *curve, gnutls_datum_t *x, + gnutls_datum_t *y, unsigned flags); int gnutls_pubkey_export_gost_raw2(gnutls_pubkey_t key, - gnutls_ecc_curve_t * curve, - gnutls_digest_algorithm_t * digest, - gnutls_gost_paramset_t * paramset, - gnutls_datum_t * x, gnutls_datum_t * y, + gnutls_ecc_curve_t *curve, + gnutls_digest_algorithm_t *digest, + gnutls_gost_paramset_t *paramset, + gnutls_datum_t *x, gnutls_datum_t *y, unsigned int flags); -# define gnutls_pubkey_get_pk_ecc_raw gnutls_pubkey_export_ecc_raw -int gnutls_pubkey_export_ecc_raw(gnutls_pubkey_t key, - gnutls_ecc_curve_t * curve, - gnutls_datum_t * x, gnutls_datum_t * y); +#define gnutls_pubkey_get_pk_ecc_raw gnutls_pubkey_export_ecc_raw +int gnutls_pubkey_export_ecc_raw(gnutls_pubkey_t key, gnutls_ecc_curve_t *curve, + gnutls_datum_t *x, gnutls_datum_t *y); -# define gnutls_pubkey_get_pk_ecc_x962 gnutls_pubkey_export_ecc_x962 +#define gnutls_pubkey_get_pk_ecc_x962 gnutls_pubkey_export_ecc_x962 int gnutls_pubkey_export_ecc_x962(gnutls_pubkey_t key, - gnutls_datum_t * parameters, - gnutls_datum_t * ecpoint); + gnutls_datum_t *parameters, + gnutls_datum_t *ecpoint); -int gnutls_pubkey_export(gnutls_pubkey_t key, - gnutls_x509_crt_fmt_t format, +int gnutls_pubkey_export(gnutls_pubkey_t key, gnutls_x509_crt_fmt_t format, void *output_data, size_t *output_data_size); -int gnutls_pubkey_export2(gnutls_pubkey_t key, - gnutls_x509_crt_fmt_t format, gnutls_datum_t * out); +int gnutls_pubkey_export2(gnutls_pubkey_t key, gnutls_x509_crt_fmt_t format, + gnutls_datum_t *out); -int gnutls_pubkey_get_key_id(gnutls_pubkey_t key, - unsigned int flags, +int gnutls_pubkey_get_key_id(gnutls_pubkey_t key, unsigned int flags, unsigned char *output_data, size_t *output_data_size); -int -gnutls_pubkey_get_openpgp_key_id(gnutls_pubkey_t key, - unsigned int flags, - unsigned char *output_data, - size_t *output_data_size, - unsigned int *subkey); +int gnutls_pubkey_get_openpgp_key_id(gnutls_pubkey_t key, unsigned int flags, + unsigned char *output_data, + size_t *output_data_size, + unsigned int *subkey); int gnutls_pubkey_get_key_usage(gnutls_pubkey_t key, unsigned int *usage); int gnutls_pubkey_set_key_usage(gnutls_pubkey_t key, unsigned int usage); -int gnutls_pubkey_import(gnutls_pubkey_t key, - const gnutls_datum_t * data, +int gnutls_pubkey_import(gnutls_pubkey_t key, const gnutls_datum_t *data, gnutls_x509_crt_fmt_t format); -# define gnutls_pubkey_import_pkcs11_url(key, url, flags) gnutls_pubkey_import_url(key, url, flags) - -int gnutls_pubkey_import_dsa_raw(gnutls_pubkey_t key, - const gnutls_datum_t * p, - const gnutls_datum_t * q, - const gnutls_datum_t * g, - const gnutls_datum_t * y); -int gnutls_pubkey_import_rsa_raw(gnutls_pubkey_t key, - const gnutls_datum_t * m, - const gnutls_datum_t * e); - -int -gnutls_pubkey_import_ecc_x962(gnutls_pubkey_t key, - const gnutls_datum_t * parameters, - const gnutls_datum_t * ecpoint); - -int -gnutls_pubkey_import_ecc_raw(gnutls_pubkey_t key, - gnutls_ecc_curve_t curve, - const gnutls_datum_t * x, - const gnutls_datum_t * y); - -int -gnutls_pubkey_import_gost_raw(gnutls_pubkey_t key, - gnutls_ecc_curve_t curve, - gnutls_digest_algorithm_t digest, - gnutls_gost_paramset_t paramset, - const gnutls_datum_t * x, - const gnutls_datum_t * y); - -int -gnutls_pubkey_encrypt_data(gnutls_pubkey_t key, - unsigned int flags, - const gnutls_datum_t * plaintext, - gnutls_datum_t * ciphertext); +#define gnutls_pubkey_import_pkcs11_url(key, url, flags) \ + gnutls_pubkey_import_url(key, url, flags) + +int gnutls_pubkey_import_dsa_raw(gnutls_pubkey_t key, const gnutls_datum_t *p, + const gnutls_datum_t *q, + const gnutls_datum_t *g, + const gnutls_datum_t *y); +int gnutls_pubkey_import_rsa_raw(gnutls_pubkey_t key, const gnutls_datum_t *m, + const gnutls_datum_t *e); + +int gnutls_pubkey_import_ecc_x962(gnutls_pubkey_t key, + const gnutls_datum_t *parameters, + const gnutls_datum_t *ecpoint); + +int gnutls_pubkey_import_ecc_raw(gnutls_pubkey_t key, gnutls_ecc_curve_t curve, + const gnutls_datum_t *x, + const gnutls_datum_t *y); + +int gnutls_pubkey_import_gost_raw(gnutls_pubkey_t key, gnutls_ecc_curve_t curve, + gnutls_digest_algorithm_t digest, + gnutls_gost_paramset_t paramset, + const gnutls_datum_t *x, + const gnutls_datum_t *y); + +int gnutls_pubkey_encrypt_data(gnutls_pubkey_t key, unsigned int flags, + const gnutls_datum_t *plaintext, + gnutls_datum_t *ciphertext); int gnutls_x509_crt_set_pubkey(gnutls_x509_crt_t crt, gnutls_pubkey_t key); int gnutls_x509_crq_set_pubkey(gnutls_x509_crq_t crq, gnutls_pubkey_t key); -int -gnutls_pubkey_verify_hash2(gnutls_pubkey_t key, - gnutls_sign_algorithm_t algo, - unsigned int flags, - const gnutls_datum_t * hash, - const gnutls_datum_t * signature); +int gnutls_pubkey_verify_hash2(gnutls_pubkey_t key, + gnutls_sign_algorithm_t algo, unsigned int flags, + const gnutls_datum_t *hash, + const gnutls_datum_t *signature); -int -gnutls_pubkey_verify_data2(gnutls_pubkey_t pubkey, - gnutls_sign_algorithm_t algo, - unsigned int flags, - const gnutls_datum_t * data, - const gnutls_datum_t * signature); +int gnutls_pubkey_verify_data2(gnutls_pubkey_t pubkey, + gnutls_sign_algorithm_t algo, unsigned int flags, + const gnutls_datum_t *data, + const gnutls_datum_t *signature); /* Private key operations */ -int gnutls_privkey_init(gnutls_privkey_t * key); +int gnutls_privkey_init(gnutls_privkey_t *key); void gnutls_privkey_deinit(gnutls_privkey_t key); /* macros to allow specifying a subgroup and group size in gnutls_privkey_generate() * and gnutls_x509_privkey_generate() */ -# define GNUTLS_SUBGROUP_TO_BITS(group, subgroup) (unsigned int)((subgroup<<16)|(group)) -# define GNUTLS_BITS_TO_SUBGROUP(bits) ((bits >> 16) & 0xFFFF) -# define GNUTLS_BITS_TO_GROUP(bits) (bits & 0xFFFF) -# define GNUTLS_BITS_HAVE_SUBGROUP(bits) ((bits) & 0xFFFF0000) - -int -gnutls_privkey_generate(gnutls_privkey_t key, - gnutls_pk_algorithm_t algo, unsigned int bits, - unsigned int flags); -int -gnutls_privkey_generate2(gnutls_privkey_t pkey, - gnutls_pk_algorithm_t algo, unsigned int bits, - unsigned int flags, const gnutls_keygen_data_st * data, - unsigned data_size); - -int -gnutls_privkey_set_spki(gnutls_privkey_t key, - const gnutls_x509_spki_t spki, unsigned int flags); - -int -gnutls_privkey_get_spki(gnutls_privkey_t key, - const gnutls_x509_spki_t spki, unsigned int flags); +#define GNUTLS_SUBGROUP_TO_BITS(group, subgroup) \ + (unsigned int)((subgroup << 16) | (group)) +#define GNUTLS_BITS_TO_SUBGROUP(bits) ((bits >> 16) & 0xFFFF) +#define GNUTLS_BITS_TO_GROUP(bits) (bits & 0xFFFF) +#define GNUTLS_BITS_HAVE_SUBGROUP(bits) ((bits)&0xFFFF0000) + +int gnutls_privkey_generate(gnutls_privkey_t key, gnutls_pk_algorithm_t algo, + unsigned int bits, unsigned int flags); +int gnutls_privkey_generate2(gnutls_privkey_t pkey, gnutls_pk_algorithm_t algo, + unsigned int bits, unsigned int flags, + const gnutls_keygen_data_st *data, + unsigned data_size); + +int gnutls_privkey_set_spki(gnutls_privkey_t key, const gnutls_x509_spki_t spki, + unsigned int flags); + +int gnutls_privkey_get_spki(gnutls_privkey_t key, const gnutls_x509_spki_t spki, + unsigned int flags); int gnutls_privkey_verify_seed(gnutls_privkey_t key, gnutls_digest_algorithm_t, const void *seed, size_t seed_size); @@ -398,208 +358,174 @@ typedef enum gnutls_privkey_flags { int gnutls_privkey_import_pkcs11(gnutls_privkey_t pkey, gnutls_pkcs11_privkey_t key, unsigned int flags); -int gnutls_privkey_import_x509(gnutls_privkey_t pkey, - gnutls_x509_privkey_t key, unsigned int flags); +int gnutls_privkey_import_x509(gnutls_privkey_t pkey, gnutls_x509_privkey_t key, + unsigned int flags); int gnutls_privkey_import_openpgp(gnutls_privkey_t pkey, gnutls_openpgp_privkey_t key, unsigned int flags); int gnutls_privkey_export_x509(gnutls_privkey_t pkey, - gnutls_x509_privkey_t * key); + gnutls_x509_privkey_t *key); int gnutls_privkey_export_openpgp(gnutls_privkey_t pkey, - gnutls_openpgp_privkey_t * key); -int -gnutls_privkey_export_pkcs11(gnutls_privkey_t pkey, - gnutls_pkcs11_privkey_t * key); + gnutls_openpgp_privkey_t *key); +int gnutls_privkey_export_pkcs11(gnutls_privkey_t pkey, + gnutls_pkcs11_privkey_t *key); int gnutls_privkey_import_openpgp_raw(gnutls_privkey_t pkey, - const gnutls_datum_t * data, - gnutls_openpgp_crt_fmt_t - format, - const gnutls_openpgp_keyid_t - keyid, const char *password); + const gnutls_datum_t *data, + gnutls_openpgp_crt_fmt_t format, + const gnutls_openpgp_keyid_t keyid, + const char *password); int gnutls_privkey_import_x509_raw(gnutls_privkey_t pkey, - const gnutls_datum_t * data, + const gnutls_datum_t *data, gnutls_x509_crt_fmt_t format, const char *password, unsigned int flags); -int -gnutls_privkey_import_tpm_raw(gnutls_privkey_t pkey, - const gnutls_datum_t * fdata, - gnutls_tpmkey_fmt_t format, - const char *srk_password, - const char *key_password, unsigned int flags); +int gnutls_privkey_import_tpm_raw(gnutls_privkey_t pkey, + const gnutls_datum_t *fdata, + gnutls_tpmkey_fmt_t format, + const char *srk_password, + const char *key_password, unsigned int flags); -int -gnutls_privkey_import_tpm_url(gnutls_privkey_t pkey, - const char *url, - const char *srk_password, - const char *key_password, unsigned int flags); +int gnutls_privkey_import_tpm_url(gnutls_privkey_t pkey, const char *url, + const char *srk_password, + const char *key_password, unsigned int flags); -int gnutls_privkey_import_url(gnutls_privkey_t key, - const char *url, unsigned int flags); +int gnutls_privkey_import_url(gnutls_privkey_t key, const char *url, + unsigned int flags); -# if 0 +#if 0 /* for documentation purposes */ int gnutls_privkey_import_pkcs11_url(gnutls_privkey_t key, const char *url); -# endif - -# define gnutls_privkey_import_pkcs11_url(key, url) gnutls_privkey_import_url(key, url, 0) - -int -gnutls_privkey_import_ext(gnutls_privkey_t pkey, - gnutls_pk_algorithm_t pk, - void *userdata, - gnutls_privkey_sign_func sign_func, - gnutls_privkey_decrypt_func - decrypt_func, unsigned int flags); - -int -gnutls_privkey_import_ext2(gnutls_privkey_t pkey, - gnutls_pk_algorithm_t pk, - void *userdata, - gnutls_privkey_sign_func sign_func, - gnutls_privkey_decrypt_func - decrypt_func, - gnutls_privkey_deinit_func deinit_func, - unsigned int flags); - -int -gnutls_privkey_import_ext3(gnutls_privkey_t pkey, - void *userdata, - gnutls_privkey_sign_func sign_func, - gnutls_privkey_decrypt_func decrypt_func, - gnutls_privkey_deinit_func deinit_func, - gnutls_privkey_info_func info_func, - unsigned int flags); - -int -gnutls_privkey_import_ext4(gnutls_privkey_t pkey, - void *userdata, - gnutls_privkey_sign_data_func sign_data_func, - gnutls_privkey_sign_hash_func sign_hash_func, - gnutls_privkey_decrypt_func decrypt_func, - gnutls_privkey_deinit_func deinit_func, - gnutls_privkey_info_func info_func, - unsigned int flags); +#endif -int gnutls_privkey_import_dsa_raw(gnutls_privkey_t key, - const gnutls_datum_t * p, - const gnutls_datum_t * q, - const gnutls_datum_t * g, - const gnutls_datum_t * y, - const gnutls_datum_t * x); - -int gnutls_privkey_import_rsa_raw(gnutls_privkey_t key, - const gnutls_datum_t * m, - const gnutls_datum_t * e, - const gnutls_datum_t * d, - const gnutls_datum_t * p, - const gnutls_datum_t * q, - const gnutls_datum_t * u, - const gnutls_datum_t * e1, - const gnutls_datum_t * e2); +#define gnutls_privkey_import_pkcs11_url(key, url) \ + gnutls_privkey_import_url(key, url, 0) + +int gnutls_privkey_import_ext(gnutls_privkey_t pkey, gnutls_pk_algorithm_t pk, + void *userdata, + gnutls_privkey_sign_func sign_func, + gnutls_privkey_decrypt_func decrypt_func, + unsigned int flags); + +int gnutls_privkey_import_ext2(gnutls_privkey_t pkey, gnutls_pk_algorithm_t pk, + void *userdata, + gnutls_privkey_sign_func sign_func, + gnutls_privkey_decrypt_func decrypt_func, + gnutls_privkey_deinit_func deinit_func, + unsigned int flags); + +int gnutls_privkey_import_ext3(gnutls_privkey_t pkey, void *userdata, + gnutls_privkey_sign_func sign_func, + gnutls_privkey_decrypt_func decrypt_func, + gnutls_privkey_deinit_func deinit_func, + gnutls_privkey_info_func info_func, + unsigned int flags); + +int gnutls_privkey_import_ext4(gnutls_privkey_t pkey, void *userdata, + gnutls_privkey_sign_data_func sign_data_func, + gnutls_privkey_sign_hash_func sign_hash_func, + gnutls_privkey_decrypt_func decrypt_func, + gnutls_privkey_deinit_func deinit_func, + gnutls_privkey_info_func info_func, + unsigned int flags); + +int gnutls_privkey_import_dsa_raw(gnutls_privkey_t key, const gnutls_datum_t *p, + const gnutls_datum_t *q, + const gnutls_datum_t *g, + const gnutls_datum_t *y, + const gnutls_datum_t *x); + +int gnutls_privkey_import_rsa_raw( + gnutls_privkey_t key, const gnutls_datum_t *m, const gnutls_datum_t *e, + const gnutls_datum_t *d, const gnutls_datum_t *p, + const gnutls_datum_t *q, const gnutls_datum_t *u, + const gnutls_datum_t *e1, const gnutls_datum_t *e2); int gnutls_privkey_import_ecc_raw(gnutls_privkey_t key, gnutls_ecc_curve_t curve, - const gnutls_datum_t * x, - const gnutls_datum_t * y, - const gnutls_datum_t * k); + const gnutls_datum_t *x, + const gnutls_datum_t *y, + const gnutls_datum_t *k); int gnutls_privkey_import_gost_raw(gnutls_privkey_t key, gnutls_ecc_curve_t curve, gnutls_digest_algorithm_t digest, gnutls_gost_paramset_t paramset, - const gnutls_datum_t * x, - const gnutls_datum_t * y, - const gnutls_datum_t * k); + const gnutls_datum_t *x, + const gnutls_datum_t *y, + const gnutls_datum_t *k); int gnutls_privkey_sign_data(gnutls_privkey_t signer, - gnutls_digest_algorithm_t hash, - unsigned int flags, - const gnutls_datum_t * data, - gnutls_datum_t * signature); + gnutls_digest_algorithm_t hash, unsigned int flags, + const gnutls_datum_t *data, + gnutls_datum_t *signature); int gnutls_privkey_sign_data2(gnutls_privkey_t signer, - gnutls_sign_algorithm_t algo, - unsigned int flags, - const gnutls_datum_t * data, - gnutls_datum_t * signature); + gnutls_sign_algorithm_t algo, unsigned int flags, + const gnutls_datum_t *data, + gnutls_datum_t *signature); -# define gnutls_privkey_sign_raw_data(key, flags, data, sig) \ - gnutls_privkey_sign_hash ( key, 0, GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA, data, sig) +#define gnutls_privkey_sign_raw_data(key, flags, data, sig) \ + gnutls_privkey_sign_hash(key, 0, GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA, \ + data, sig) int gnutls_privkey_sign_hash(gnutls_privkey_t signer, gnutls_digest_algorithm_t hash_algo, unsigned int flags, - const gnutls_datum_t * hash_data, - gnutls_datum_t * signature); + const gnutls_datum_t *hash_data, + gnutls_datum_t *signature); int gnutls_privkey_sign_hash2(gnutls_privkey_t signer, - gnutls_sign_algorithm_t algo, - unsigned int flags, - const gnutls_datum_t * hash_data, - gnutls_datum_t * signature); - -int gnutls_privkey_decrypt_data(gnutls_privkey_t key, - unsigned int flags, - const gnutls_datum_t * ciphertext, - gnutls_datum_t * plaintext); - -int gnutls_privkey_decrypt_data2(gnutls_privkey_t key, - unsigned int flags, - const gnutls_datum_t * ciphertext, + gnutls_sign_algorithm_t algo, unsigned int flags, + const gnutls_datum_t *hash_data, + gnutls_datum_t *signature); + +int gnutls_privkey_decrypt_data(gnutls_privkey_t key, unsigned int flags, + const gnutls_datum_t *ciphertext, + gnutls_datum_t *plaintext); + +int gnutls_privkey_decrypt_data2(gnutls_privkey_t key, unsigned int flags, + const gnutls_datum_t *ciphertext, unsigned char *plaintext, size_t plaintext_size); -int -gnutls_privkey_export_rsa_raw(gnutls_privkey_t key, - gnutls_datum_t * m, gnutls_datum_t * e, - gnutls_datum_t * d, gnutls_datum_t * p, - gnutls_datum_t * q, gnutls_datum_t * u, - gnutls_datum_t * e1, gnutls_datum_t * e2); - -int -gnutls_privkey_export_rsa_raw2(gnutls_privkey_t key, - gnutls_datum_t * m, gnutls_datum_t * e, - gnutls_datum_t * d, gnutls_datum_t * p, - gnutls_datum_t * q, gnutls_datum_t * u, - gnutls_datum_t * e1, - gnutls_datum_t * e2, unsigned flags); - -int -gnutls_privkey_export_dsa_raw(gnutls_privkey_t key, - gnutls_datum_t * p, gnutls_datum_t * q, - gnutls_datum_t * g, gnutls_datum_t * y, - gnutls_datum_t * x); - -int -gnutls_privkey_export_dsa_raw2(gnutls_privkey_t key, - gnutls_datum_t * p, gnutls_datum_t * q, - gnutls_datum_t * g, gnutls_datum_t * y, - gnutls_datum_t * x, unsigned flags); - -int -gnutls_privkey_export_ecc_raw(gnutls_privkey_t key, - gnutls_ecc_curve_t * curve, - gnutls_datum_t * x, - gnutls_datum_t * y, gnutls_datum_t * k); - -int -gnutls_privkey_export_ecc_raw2(gnutls_privkey_t key, - gnutls_ecc_curve_t * curve, - gnutls_datum_t * x, - gnutls_datum_t * y, - gnutls_datum_t * k, unsigned flags); - -int -gnutls_privkey_export_gost_raw2(gnutls_privkey_t key, - gnutls_ecc_curve_t * curve, - gnutls_digest_algorithm_t * digest, - gnutls_gost_paramset_t * paramset, - gnutls_datum_t * x, - gnutls_datum_t * y, - gnutls_datum_t * k, unsigned flags); +int gnutls_privkey_export_rsa_raw(gnutls_privkey_t key, gnutls_datum_t *m, + gnutls_datum_t *e, gnutls_datum_t *d, + gnutls_datum_t *p, gnutls_datum_t *q, + gnutls_datum_t *u, gnutls_datum_t *e1, + gnutls_datum_t *e2); + +int gnutls_privkey_export_rsa_raw2(gnutls_privkey_t key, gnutls_datum_t *m, + gnutls_datum_t *e, gnutls_datum_t *d, + gnutls_datum_t *p, gnutls_datum_t *q, + gnutls_datum_t *u, gnutls_datum_t *e1, + gnutls_datum_t *e2, unsigned flags); + +int gnutls_privkey_export_dsa_raw(gnutls_privkey_t key, gnutls_datum_t *p, + gnutls_datum_t *q, gnutls_datum_t *g, + gnutls_datum_t *y, gnutls_datum_t *x); + +int gnutls_privkey_export_dsa_raw2(gnutls_privkey_t key, gnutls_datum_t *p, + gnutls_datum_t *q, gnutls_datum_t *g, + gnutls_datum_t *y, gnutls_datum_t *x, + unsigned flags); + +int gnutls_privkey_export_ecc_raw(gnutls_privkey_t key, + gnutls_ecc_curve_t *curve, gnutls_datum_t *x, + gnutls_datum_t *y, gnutls_datum_t *k); + +int gnutls_privkey_export_ecc_raw2(gnutls_privkey_t key, + gnutls_ecc_curve_t *curve, gnutls_datum_t *x, + gnutls_datum_t *y, gnutls_datum_t *k, + unsigned flags); + +int gnutls_privkey_export_gost_raw2(gnutls_privkey_t key, + gnutls_ecc_curve_t *curve, + gnutls_digest_algorithm_t *digest, + gnutls_gost_paramset_t *paramset, + gnutls_datum_t *x, gnutls_datum_t *y, + gnutls_datum_t *k, unsigned flags); int gnutls_x509_crt_privkey_sign(gnutls_x509_crt_t crt, gnutls_x509_crt_t issuer, @@ -613,8 +539,7 @@ int gnutls_x509_crl_privkey_sign(gnutls_x509_crl_t crl, gnutls_digest_algorithm_t dig, unsigned int flags); -int gnutls_x509_crq_privkey_sign(gnutls_x509_crq_t crq, - gnutls_privkey_t key, +int gnutls_x509_crq_privkey_sign(gnutls_x509_crq_t crq, gnutls_privkey_t key, gnutls_digest_algorithm_t dig, unsigned int flags); @@ -633,25 +558,24 @@ typedef struct gnutls_pcert_st { } gnutls_pcert_st; /* This flag is unused/ignored */ -# define GNUTLS_PCERT_NO_CERT 1 +#define GNUTLS_PCERT_NO_CERT 1 -int gnutls_pcert_import_x509(gnutls_pcert_st * pcert, - gnutls_x509_crt_t crt, unsigned int flags); +int gnutls_pcert_import_x509(gnutls_pcert_st *pcert, gnutls_x509_crt_t crt, + unsigned int flags); -int gnutls_pcert_import_x509_list(gnutls_pcert_st * pcert, - gnutls_x509_crt_t * crt, unsigned *ncrt, +int gnutls_pcert_import_x509_list(gnutls_pcert_st *pcert, + gnutls_x509_crt_t *crt, unsigned *ncrt, unsigned int flags); -int gnutls_pcert_export_x509(gnutls_pcert_st * pcert, gnutls_x509_crt_t * crt); +int gnutls_pcert_export_x509(gnutls_pcert_st *pcert, gnutls_x509_crt_t *crt); -int -gnutls_pcert_list_import_x509_raw(gnutls_pcert_st * pcerts, - unsigned int *pcert_max, - const gnutls_datum_t * data, - gnutls_x509_crt_fmt_t format, - unsigned int flags); +int gnutls_pcert_list_import_x509_raw(gnutls_pcert_st *pcerts, + unsigned int *pcert_max, + const gnutls_datum_t *data, + gnutls_x509_crt_fmt_t format, + unsigned int flags); -int gnutls_pcert_list_import_x509_file(gnutls_pcert_st * pcert_list, +int gnutls_pcert_list_import_x509_file(gnutls_pcert_st *pcert_list, unsigned *pcert_list_size, const char *file, gnutls_x509_crt_fmt_t format, @@ -659,54 +583,50 @@ int gnutls_pcert_list_import_x509_file(gnutls_pcert_st * pcert_list, void *pin_fn_userdata, unsigned int flags); -int gnutls_pcert_import_x509_raw(gnutls_pcert_st * pcert, - const gnutls_datum_t * cert, +int gnutls_pcert_import_x509_raw(gnutls_pcert_st *pcert, + const gnutls_datum_t *cert, gnutls_x509_crt_fmt_t format, unsigned int flags); -int gnutls_pcert_import_openpgp_raw(gnutls_pcert_st * pcert, - const gnutls_datum_t * cert, - gnutls_openpgp_crt_fmt_t - format, +int gnutls_pcert_import_openpgp_raw(gnutls_pcert_st *pcert, + const gnutls_datum_t *cert, + gnutls_openpgp_crt_fmt_t format, gnutls_openpgp_keyid_t keyid, unsigned int flags); -int gnutls_pcert_import_openpgp(gnutls_pcert_st * pcert, +int gnutls_pcert_import_openpgp(gnutls_pcert_st *pcert, gnutls_openpgp_crt_t crt, unsigned int flags); -int gnutls_pcert_export_openpgp(gnutls_pcert_st * pcert, - gnutls_openpgp_crt_t * crt); +int gnutls_pcert_export_openpgp(gnutls_pcert_st *pcert, + gnutls_openpgp_crt_t *crt); -void gnutls_pcert_deinit(gnutls_pcert_st * pcert); +void gnutls_pcert_deinit(gnutls_pcert_st *pcert); -int gnutls_pcert_import_rawpk(gnutls_pcert_st * pcert, - gnutls_pubkey_t key, unsigned int flags); +int gnutls_pcert_import_rawpk(gnutls_pcert_st *pcert, gnutls_pubkey_t key, + unsigned int flags); -int gnutls_pcert_import_rawpk_raw(gnutls_pcert_st * pcert, - const gnutls_datum_t * rawpubkey, +int gnutls_pcert_import_rawpk_raw(gnutls_pcert_st *pcert, + const gnutls_datum_t *rawpubkey, gnutls_x509_crt_fmt_t format, unsigned int key_usage, unsigned int flags); /* For certificate credentials */ - /* This is the same as gnutls_certificate_retrieve_function() +/* This is the same as gnutls_certificate_retrieve_function() * but retrieves a gnutls_pcert_st which requires much less processing * within the library. */ -typedef int gnutls_certificate_retrieve_function2(gnutls_session_t, - const gnutls_datum_t * - req_ca_rdn, int nreqs, - const gnutls_pk_algorithm_t * - pk_algos, int pk_algos_length, - gnutls_pcert_st **, - unsigned int *pcert_length, - gnutls_privkey_t * privkey); - -void gnutls_certificate_set_retrieve_function2 - (gnutls_certificate_credentials_t cred, - gnutls_certificate_retrieve_function2 * func); +typedef int gnutls_certificate_retrieve_function2( + gnutls_session_t, const gnutls_datum_t *req_ca_rdn, int nreqs, + const gnutls_pk_algorithm_t *pk_algos, int pk_algos_length, + gnutls_pcert_st **, unsigned int *pcert_length, + gnutls_privkey_t *privkey); + +void gnutls_certificate_set_retrieve_function2( + gnutls_certificate_credentials_t cred, + gnutls_certificate_retrieve_function2 *func); struct gnutls_cert_retr_st { - unsigned version; /* set to 1 */ + unsigned version; /* set to 1 */ gnutls_certificate_credentials_t cred; const gnutls_datum_t *req_ca_rdn; unsigned nreqs; @@ -719,35 +639,29 @@ struct gnutls_cert_retr_st { /* When the callback sets this value, gnutls will deinitialize the given * values after use */ -# define GNUTLS_CERT_RETR_DEINIT_ALL 1 - -typedef int gnutls_certificate_retrieve_function3(gnutls_session_t, const struct - gnutls_cert_retr_st *info, - gnutls_pcert_st ** certs, - unsigned int *certs_length, - gnutls_ocsp_data_st ** ocsp, - unsigned int *ocsp_length, - gnutls_privkey_t * privkey, - unsigned int *flags); - -void gnutls_certificate_set_retrieve_function3 - (gnutls_certificate_credentials_t cred, - gnutls_certificate_retrieve_function3 * func); - -int -gnutls_certificate_set_key(gnutls_certificate_credentials_t res, - const char **names, - int names_size, - gnutls_pcert_st * pcert_list, - int pcert_list_size, gnutls_privkey_t key); - -int -gnutls_pubkey_print(gnutls_pubkey_t pubkey, - gnutls_certificate_print_formats_t format, - gnutls_datum_t * out); +#define GNUTLS_CERT_RETR_DEINIT_ALL 1 + +typedef int gnutls_certificate_retrieve_function3( + gnutls_session_t, const struct gnutls_cert_retr_st *info, + gnutls_pcert_st **certs, unsigned int *certs_length, + gnutls_ocsp_data_st **ocsp, unsigned int *ocsp_length, + gnutls_privkey_t *privkey, unsigned int *flags); + +void gnutls_certificate_set_retrieve_function3( + gnutls_certificate_credentials_t cred, + gnutls_certificate_retrieve_function3 *func); + +int gnutls_certificate_set_key(gnutls_certificate_credentials_t res, + const char **names, int names_size, + gnutls_pcert_st *pcert_list, int pcert_list_size, + gnutls_privkey_t key); + +int gnutls_pubkey_print(gnutls_pubkey_t pubkey, + gnutls_certificate_print_formats_t format, + gnutls_datum_t *out); #ifdef __cplusplus } #endif -#endif /* GNUTLS_ABSTRACT_H */ +#endif /* GNUTLS_ABSTRACT_H */ diff --git a/lib/includes/gnutls/compat.h b/lib/includes/gnutls/compat.h index 3454b9f31e..3a1e5a6ca8 100644 --- a/lib/includes/gnutls/compat.h +++ b/lib/includes/gnutls/compat.h @@ -23,211 +23,206 @@ /* Typedefs for more compatibility with older GnuTLS. */ #ifndef GNUTLS_COMPAT_H -# define GNUTLS_COMPAT_H +#define GNUTLS_COMPAT_H #ifdef __cplusplus extern "C" { #endif -# ifdef __GNUC__ +#ifdef __GNUC__ -# define _GNUTLS_GCC_VERSION (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__) +#define _GNUTLS_GCC_VERSION \ + (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__) -# if !defined GNUTLS_INTERNAL_BUILD -# if _GNUTLS_GCC_VERSION >= 30100 -# define _GNUTLS_GCC_ATTR_DEPRECATED __attribute__ ((__deprecated__)) -# endif -# endif +#if !defined GNUTLS_INTERNAL_BUILD +#if _GNUTLS_GCC_VERSION >= 30100 +#define _GNUTLS_GCC_ATTR_DEPRECATED __attribute__((__deprecated__)) +#endif +#endif -# endif /* __GNUC__ */ +#endif /* __GNUC__ */ -# ifndef _GNUTLS_GCC_ATTR_DEPRECATED -# define _GNUTLS_GCC_ATTR_DEPRECATED -# endif +#ifndef _GNUTLS_GCC_ATTR_DEPRECATED +#define _GNUTLS_GCC_ATTR_DEPRECATED +#endif /* gnutls_connection_end_t was made redundant in 2.99.0 */ typedef unsigned int gnutls_connection_end_t _GNUTLS_GCC_ATTR_DEPRECATED; /* Stuff deprecated in 2.x */ typedef gnutls_cipher_algorithm_t gnutls_cipher_algorithm - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; typedef gnutls_kx_algorithm_t gnutls_kx_algorithm _GNUTLS_GCC_ATTR_DEPRECATED; typedef gnutls_mac_algorithm_t gnutls_mac_algorithm _GNUTLS_GCC_ATTR_DEPRECATED; typedef gnutls_digest_algorithm_t gnutls_digest_algorithm - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; typedef gnutls_compression_method_t gnutls_compression_method - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; typedef gnutls_connection_end_t gnutls_connection_end - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; typedef gnutls_x509_crt_fmt_t gnutls_x509_crt_fmt _GNUTLS_GCC_ATTR_DEPRECATED; typedef gnutls_pk_algorithm_t gnutls_pk_algorithm _GNUTLS_GCC_ATTR_DEPRECATED; typedef gnutls_sign_algorithm_t gnutls_sign_algorithm - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; typedef gnutls_close_request_t gnutls_close_request _GNUTLS_GCC_ATTR_DEPRECATED; typedef gnutls_certificate_request_t gnutls_certificate_request - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; typedef gnutls_certificate_status_t gnutls_certificate_status - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; typedef gnutls_session_t gnutls_session _GNUTLS_GCC_ATTR_DEPRECATED; typedef gnutls_alert_level_t gnutls_alert_level _GNUTLS_GCC_ATTR_DEPRECATED; typedef gnutls_alert_description_t gnutls_alert_description - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; typedef gnutls_x509_subject_alt_name_t gnutls_x509_subject_alt_name - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; typedef gnutls_openpgp_privkey_t gnutls_openpgp_privkey - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; typedef gnutls_openpgp_keyring_t gnutls_openpgp_keyring - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; typedef gnutls_x509_crt_t gnutls_x509_crt _GNUTLS_GCC_ATTR_DEPRECATED; typedef gnutls_x509_privkey_t gnutls_x509_privkey _GNUTLS_GCC_ATTR_DEPRECATED; typedef gnutls_x509_crl_t gnutls_x509_crl _GNUTLS_GCC_ATTR_DEPRECATED; typedef gnutls_x509_crq_t gnutls_x509_crq _GNUTLS_GCC_ATTR_DEPRECATED; -typedef gnutls_certificate_credentials_t - gnutls_certificate_credentials _GNUTLS_GCC_ATTR_DEPRECATED; -typedef gnutls_anon_server_credentials_t - gnutls_anon_server_credentials _GNUTLS_GCC_ATTR_DEPRECATED; -typedef gnutls_anon_client_credentials_t - gnutls_anon_client_credentials _GNUTLS_GCC_ATTR_DEPRECATED; -typedef gnutls_srp_client_credentials_t - gnutls_srp_client_credentials _GNUTLS_GCC_ATTR_DEPRECATED; -typedef gnutls_srp_server_credentials_t - gnutls_srp_server_credentials _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_certificate_credentials_t gnutls_certificate_credentials + _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_anon_server_credentials_t gnutls_anon_server_credentials + _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_anon_client_credentials_t gnutls_anon_client_credentials + _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_srp_client_credentials_t gnutls_srp_client_credentials + _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_srp_server_credentials_t gnutls_srp_server_credentials + _GNUTLS_GCC_ATTR_DEPRECATED; typedef gnutls_dh_params_t gnutls_dh_params _GNUTLS_GCC_ATTR_DEPRECATED; typedef gnutls_rsa_params_t gnutls_rsa_params _GNUTLS_GCC_ATTR_DEPRECATED; typedef gnutls_params_type_t gnutls_params_type _GNUTLS_GCC_ATTR_DEPRECATED; typedef gnutls_credentials_type_t gnutls_credentials_type - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; typedef gnutls_certificate_type_t gnutls_certificate_type - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; typedef gnutls_datum_t gnutls_datum _GNUTLS_GCC_ATTR_DEPRECATED; typedef gnutls_transport_ptr_t gnutls_transport_ptr _GNUTLS_GCC_ATTR_DEPRECATED; /* Old verification flags */ -# define GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT (0) +#define GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT (0) /* Old SRP alerts removed in 2.1.x because the TLS-SRP RFC was modified to use the PSK alert. */ -# define GNUTLS_A_MISSING_SRP_USERNAME GNUTLS_A_UNKNOWN_PSK_IDENTITY -# define GNUTLS_A_UNKNOWN_SRP_USERNAME GNUTLS_A_UNKNOWN_PSK_IDENTITY +#define GNUTLS_A_MISSING_SRP_USERNAME GNUTLS_A_UNKNOWN_PSK_IDENTITY +#define GNUTLS_A_UNKNOWN_SRP_USERNAME GNUTLS_A_UNKNOWN_PSK_IDENTITY /* OpenPGP stuff renamed in 2.1.x. */ -# define GNUTLS_OPENPGP_KEY GNUTLS_OPENPGP_CERT -# define GNUTLS_OPENPGP_KEY_FINGERPRINT GNUTLS_OPENPGP_CERT_FINGERPRINT -# define gnutls_openpgp_send_key gnutls_openpgp_send_cert +#define GNUTLS_OPENPGP_KEY GNUTLS_OPENPGP_CERT +#define GNUTLS_OPENPGP_KEY_FINGERPRINT GNUTLS_OPENPGP_CERT_FINGERPRINT +#define gnutls_openpgp_send_key gnutls_openpgp_send_cert typedef gnutls_openpgp_crt_status_t gnutls_openpgp_key_status_t - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; typedef gnutls_openpgp_crt_t gnutls_openpgp_key_t _GNUTLS_GCC_ATTR_DEPRECATED; -# define gnutls_openpgp_key_init gnutls_openpgp_crt_init -# define gnutls_openpgp_key_deinit gnutls_openpgp_crt_deinit -# define gnutls_openpgp_key_import gnutls_openpgp_crt_import -# define gnutls_openpgp_key_export gnutls_openpgp_crt_export -# define gnutls_openpgp_key_get_key_usage gnutls_openpgp_crt_get_key_usage -# define gnutls_openpgp_key_get_fingerprint gnutls_openpgp_crt_get_fingerprint -# define gnutls_openpgp_key_get_pk_algorithm gnutls_openpgp_crt_get_pk_algorithm -# define gnutls_openpgp_key_get_name gnutls_openpgp_crt_get_name -# define gnutls_openpgp_key_get_version gnutls_openpgp_crt_get_version -# define gnutls_openpgp_key_get_creation_time gnutls_openpgp_crt_get_creation_time -# define gnutls_openpgp_key_get_expiration_time gnutls_openpgp_crt_get_expiration_time -# define gnutls_openpgp_key_get_id gnutls_openpgp_crt_get_id -# define gnutls_openpgp_key_check_hostname gnutls_openpgp_crt_check_hostname +#define gnutls_openpgp_key_init gnutls_openpgp_crt_init +#define gnutls_openpgp_key_deinit gnutls_openpgp_crt_deinit +#define gnutls_openpgp_key_import gnutls_openpgp_crt_import +#define gnutls_openpgp_key_export gnutls_openpgp_crt_export +#define gnutls_openpgp_key_get_key_usage gnutls_openpgp_crt_get_key_usage +#define gnutls_openpgp_key_get_fingerprint gnutls_openpgp_crt_get_fingerprint +#define gnutls_openpgp_key_get_pk_algorithm gnutls_openpgp_crt_get_pk_algorithm +#define gnutls_openpgp_key_get_name gnutls_openpgp_crt_get_name +#define gnutls_openpgp_key_get_version gnutls_openpgp_crt_get_version +#define gnutls_openpgp_key_get_creation_time \ + gnutls_openpgp_crt_get_creation_time +#define gnutls_openpgp_key_get_expiration_time \ + gnutls_openpgp_crt_get_expiration_time +#define gnutls_openpgp_key_get_id gnutls_openpgp_crt_get_id +#define gnutls_openpgp_key_check_hostname gnutls_openpgp_crt_check_hostname /* OpenPGP stuff renamed in 2.3.x. */ -# define gnutls_openpgp_crt_get_id gnutls_openpgp_crt_get_key_id +#define gnutls_openpgp_crt_get_id gnutls_openpgp_crt_get_key_id /* New better names renamed in 2.3.x, add these for backwards compatibility with old poor names.*/ -# define GNUTLS_X509_CRT_FULL GNUTLS_CRT_PRINT_FULL -# define GNUTLS_X509_CRT_ONELINE GNUTLS_CRT_PRINT_ONELINE -# define GNUTLS_X509_CRT_UNSIGNED_FULL GNUTLS_CRT_PRINT_UNSIGNED_FULL +#define GNUTLS_X509_CRT_FULL GNUTLS_CRT_PRINT_FULL +#define GNUTLS_X509_CRT_ONELINE GNUTLS_CRT_PRINT_ONELINE +#define GNUTLS_X509_CRT_UNSIGNED_FULL GNUTLS_CRT_PRINT_UNSIGNED_FULL /* Namespace problems. */ -# define LIBGNUTLS_VERSION GNUTLS_VERSION -# define LIBGNUTLS_VERSION_MAJOR GNUTLS_VERSION_MAJOR -# define LIBGNUTLS_VERSION_MINOR GNUTLS_VERSION_MINOR -# define LIBGNUTLS_VERSION_PATCH GNUTLS_VERSION_PATCH -# define LIBGNUTLS_VERSION_NUMBER GNUTLS_VERSION_NUMBER -# define LIBGNUTLS_EXTRA_VERSION GNUTLS_VERSION +#define LIBGNUTLS_VERSION GNUTLS_VERSION +#define LIBGNUTLS_VERSION_MAJOR GNUTLS_VERSION_MAJOR +#define LIBGNUTLS_VERSION_MINOR GNUTLS_VERSION_MINOR +#define LIBGNUTLS_VERSION_PATCH GNUTLS_VERSION_PATCH +#define LIBGNUTLS_VERSION_NUMBER GNUTLS_VERSION_NUMBER +#define LIBGNUTLS_EXTRA_VERSION GNUTLS_VERSION /* This is a very dangerous and error-prone function. * Use gnutls_privkey_sign_hash() instead. */ -int gnutls_x509_privkey_sign_hash(gnutls_x509_privkey_t key, - const gnutls_datum_t * hash, - gnutls_datum_t * signature) - _GNUTLS_GCC_ATTR_DEPRECATED; - -int gnutls_openpgp_privkey_sign_hash(gnutls_openpgp_privkey_t key, - const gnutls_datum_t * hash, - gnutls_datum_t * signature) - _GNUTLS_GCC_ATTR_DEPRECATED; - - /* gnutls_pubkey_get_preferred_hash_algorithm() */ -int gnutls_x509_crt_get_preferred_hash_algorithm(gnutls_x509_crt_t - crt, - gnutls_digest_algorithm_t - * hash, unsigned int - *mand) - _GNUTLS_GCC_ATTR_DEPRECATED; - - /* use gnutls_privkey_sign_hash() with the GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA flag */ - -# ifdef _ISOC99_SOURCE +int gnutls_x509_privkey_sign_hash( + gnutls_x509_privkey_t key, const gnutls_datum_t *hash, + gnutls_datum_t *signature) _GNUTLS_GCC_ATTR_DEPRECATED; + +int gnutls_openpgp_privkey_sign_hash( + gnutls_openpgp_privkey_t key, const gnutls_datum_t *hash, + gnutls_datum_t *signature) _GNUTLS_GCC_ATTR_DEPRECATED; + +/* gnutls_pubkey_get_preferred_hash_algorithm() */ +int gnutls_x509_crt_get_preferred_hash_algorithm( + gnutls_x509_crt_t crt, gnutls_digest_algorithm_t *hash, + unsigned int *mand) _GNUTLS_GCC_ATTR_DEPRECATED; + +/* use gnutls_privkey_sign_hash() with the GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA flag */ + +#ifdef _ISOC99_SOURCE /* we provide older functions for compatibility as inline functions that * depend on gnutls_session_get_random. */ -static inline const void -*gnutls_session_get_server_random(gnutls_session_t session) - _GNUTLS_GCC_ATTR_DEPRECATED; -static inline const void -*gnutls_session_get_server_random(gnutls_session_t session) +static inline const void *gnutls_session_get_server_random( + gnutls_session_t session) _GNUTLS_GCC_ATTR_DEPRECATED; +static inline const void * +gnutls_session_get_server_random(gnutls_session_t session) { gnutls_datum_t rnd; - gnutls_session_get_random(session, NULL, &rnd); /*doc-skip */ + gnutls_session_get_random(session, NULL, &rnd); /*doc-skip */ return rnd.data; } -static inline const void -*gnutls_session_get_client_random(gnutls_session_t session) - _GNUTLS_GCC_ATTR_DEPRECATED; -static inline const void -*gnutls_session_get_client_random(gnutls_session_t session) +static inline const void *gnutls_session_get_client_random( + gnutls_session_t session) _GNUTLS_GCC_ATTR_DEPRECATED; +static inline const void * +gnutls_session_get_client_random(gnutls_session_t session) { gnutls_datum_t rnd; - gnutls_session_get_random(session, &rnd, NULL); /*doc-skip */ + gnutls_session_get_random(session, &rnd, NULL); /*doc-skip */ return rnd.data; } -# endif +#endif -void -gnutls_global_set_mem_functions(gnutls_alloc_function alloc_func, - gnutls_alloc_function secure_alloc_func, - gnutls_is_secure_function is_secure_func, - gnutls_realloc_function realloc_func, - gnutls_free_function free_func) -_GNUTLS_GCC_ATTR_DEPRECATED; +void gnutls_global_set_mem_functions(gnutls_alloc_function alloc_func, + gnutls_alloc_function secure_alloc_func, + gnutls_is_secure_function is_secure_func, + gnutls_realloc_function realloc_func, + gnutls_free_function free_func) + _GNUTLS_GCC_ATTR_DEPRECATED; /* defined in old headers - unused nevertheless */ -# define GNUTLS_SUPPLEMENTAL_USER_MAPPING_DATA 0 +#define GNUTLS_SUPPLEMENTAL_USER_MAPPING_DATA 0 /* old compression related functions */ gnutls_compression_method_t gnutls_compression_get(gnutls_session_t session) _GNUTLS_GCC_ATTR_DEPRECATED; const char *gnutls_compression_get_name(gnutls_compression_method_t algorithm) -__GNUTLS_CONST__ _GNUTLS_GCC_ATTR_DEPRECATED; + __GNUTLS_CONST__ _GNUTLS_GCC_ATTR_DEPRECATED; gnutls_compression_method_t gnutls_compression_get_id(const char *name) -__GNUTLS_CONST__ _GNUTLS_GCC_ATTR_DEPRECATED; + __GNUTLS_CONST__ _GNUTLS_GCC_ATTR_DEPRECATED; -const gnutls_compression_method_t *gnutls_compression_list(void) -__GNUTLS_PURE__ _GNUTLS_GCC_ATTR_DEPRECATED; +const gnutls_compression_method_t * +gnutls_compression_list(void) __GNUTLS_PURE__ _GNUTLS_GCC_ATTR_DEPRECATED; int gnutls_priority_compression_list(gnutls_priority_t pcache, const unsigned int **list) - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; #ifdef __cplusplus } #endif -#endif /* GNUTLS_COMPAT_H */ +#endif /* GNUTLS_COMPAT_H */ diff --git a/lib/includes/gnutls/crypto.h b/lib/includes/gnutls/crypto.h index b830baf643..2325825caf 100644 --- a/lib/includes/gnutls/crypto.h +++ b/lib/includes/gnutls/crypto.h @@ -21,9 +21,9 @@ */ #ifndef GNUTLS_CRYPTO_H -# define GNUTLS_CRYPTO_H +#define GNUTLS_CRYPTO_H -# include <gnutls/gnutls.h> +#include <gnutls/gnutls.h> #ifdef __cplusplus extern "C" { @@ -31,19 +31,18 @@ extern "C" { typedef struct api_cipher_hd_st *gnutls_cipher_hd_t; -int gnutls_cipher_init(gnutls_cipher_hd_t * handle, +int gnutls_cipher_init(gnutls_cipher_hd_t *handle, gnutls_cipher_algorithm_t cipher, - const gnutls_datum_t * key, const gnutls_datum_t * iv); -int gnutls_cipher_encrypt(const gnutls_cipher_hd_t handle, - void *text, size_t textlen); -int gnutls_cipher_decrypt(const gnutls_cipher_hd_t handle, - void *ciphertext, size_t ciphertextlen); -int gnutls_cipher_decrypt2(gnutls_cipher_hd_t handle, - const void *ciphertext, + const gnutls_datum_t *key, const gnutls_datum_t *iv); +int gnutls_cipher_encrypt(const gnutls_cipher_hd_t handle, void *text, + size_t textlen); +int gnutls_cipher_decrypt(const gnutls_cipher_hd_t handle, void *ciphertext, + size_t ciphertextlen); +int gnutls_cipher_decrypt2(gnutls_cipher_hd_t handle, const void *ciphertext, size_t ciphertextlen, void *text, size_t textlen); -int gnutls_cipher_encrypt2(gnutls_cipher_hd_t handle, - const void *text, size_t textlen, - void *ciphertext, size_t ciphertextlen); +int gnutls_cipher_encrypt2(gnutls_cipher_hd_t handle, const void *text, + size_t textlen, void *ciphertext, + size_t ciphertextlen); /** * gnutls_cipher_flags_t: @@ -58,74 +57,68 @@ typedef enum gnutls_cipher_flags_t { GNUTLS_CIPHER_PADDING_PKCS7 = 1 } gnutls_cipher_flags_t; -int gnutls_cipher_encrypt3(gnutls_cipher_hd_t handle, - const void *ptext, size_t ptext_len, - void *ctext, size_t *ctext_len, unsigned flags); -int gnutls_cipher_decrypt3(gnutls_cipher_hd_t handle, - const void *ctext, size_t ctext_len, - void *ptext, size_t *ptext_len, unsigned flags); +int gnutls_cipher_encrypt3(gnutls_cipher_hd_t handle, const void *ptext, + size_t ptext_len, void *ctext, size_t *ctext_len, + unsigned flags); +int gnutls_cipher_decrypt3(gnutls_cipher_hd_t handle, const void *ctext, + size_t ctext_len, void *ptext, size_t *ptext_len, + unsigned flags); void gnutls_cipher_set_iv(gnutls_cipher_hd_t handle, void *iv, size_t ivlen); int gnutls_cipher_tag(gnutls_cipher_hd_t handle, void *tag, size_t tag_size); -int gnutls_cipher_add_auth(gnutls_cipher_hd_t handle, - const void *text, size_t text_size); +int gnutls_cipher_add_auth(gnutls_cipher_hd_t handle, const void *text, + size_t text_size); void gnutls_cipher_deinit(gnutls_cipher_hd_t handle); unsigned gnutls_cipher_get_block_size(gnutls_cipher_algorithm_t algorithm) - __GNUTLS_CONST__; -unsigned gnutls_cipher_get_iv_size(gnutls_cipher_algorithm_t algorithm) - __GNUTLS_CONST__; + __GNUTLS_CONST__; +unsigned +gnutls_cipher_get_iv_size(gnutls_cipher_algorithm_t algorithm) __GNUTLS_CONST__; unsigned gnutls_cipher_get_tag_size(gnutls_cipher_algorithm_t algorithm) - __GNUTLS_CONST__; + __GNUTLS_CONST__; /* AEAD API */ typedef struct api_aead_cipher_hd_st *gnutls_aead_cipher_hd_t; -int gnutls_aead_cipher_init(gnutls_aead_cipher_hd_t * handle, +int gnutls_aead_cipher_init(gnutls_aead_cipher_hd_t *handle, gnutls_cipher_algorithm_t cipher, - const gnutls_datum_t * key); + const gnutls_datum_t *key); int gnutls_aead_cipher_set_key(gnutls_aead_cipher_hd_t handle, - const gnutls_datum_t * key); - -int -gnutls_aead_cipher_decrypt(gnutls_aead_cipher_hd_t handle, - const void *nonce, size_t nonce_len, - const void *auth, size_t auth_len, - size_t tag_size, - const void *ctext, size_t ctext_len, - void *ptext, size_t *ptext_len); -int -gnutls_aead_cipher_encrypt(gnutls_aead_cipher_hd_t handle, - const void *nonce, size_t nonce_len, - const void *auth, size_t auth_len, - size_t tag_size, - const void *ptext, size_t ptext_len, - void *ctext, size_t *ctext_len); - -int -gnutls_aead_cipher_encryptv(gnutls_aead_cipher_hd_t handle, - const void *nonce, size_t nonce_len, - const giovec_t * auth_iov, int auth_iovcnt, - size_t tag_size, - const giovec_t * iov, int iovcnt, - void *ctext, size_t *ctext_len); - -int -gnutls_aead_cipher_encryptv2(gnutls_aead_cipher_hd_t handle, - const void *nonce, size_t nonce_len, - const giovec_t * auth_iov, int auth_iovcnt, - const giovec_t * iov, int iovcnt, - void *tag, size_t *tag_size); - -int -gnutls_aead_cipher_decryptv2(gnutls_aead_cipher_hd_t handle, - const void *nonce, size_t nonce_len, - const giovec_t * auth_iov, int auth_iovcnt, - const giovec_t * iov, int iovcnt, - void *tag, size_t tag_size); + const gnutls_datum_t *key); + +int gnutls_aead_cipher_decrypt(gnutls_aead_cipher_hd_t handle, + const void *nonce, size_t nonce_len, + const void *auth, size_t auth_len, + size_t tag_size, const void *ctext, + size_t ctext_len, void *ptext, + size_t *ptext_len); +int gnutls_aead_cipher_encrypt(gnutls_aead_cipher_hd_t handle, + const void *nonce, size_t nonce_len, + const void *auth, size_t auth_len, + size_t tag_size, const void *ptext, + size_t ptext_len, void *ctext, + size_t *ctext_len); + +int gnutls_aead_cipher_encryptv(gnutls_aead_cipher_hd_t handle, + const void *nonce, size_t nonce_len, + const giovec_t *auth_iov, int auth_iovcnt, + size_t tag_size, const giovec_t *iov, + int iovcnt, void *ctext, size_t *ctext_len); + +int gnutls_aead_cipher_encryptv2(gnutls_aead_cipher_hd_t handle, + const void *nonce, size_t nonce_len, + const giovec_t *auth_iov, int auth_iovcnt, + const giovec_t *iov, int iovcnt, void *tag, + size_t *tag_size); + +int gnutls_aead_cipher_decryptv2(gnutls_aead_cipher_hd_t handle, + const void *nonce, size_t nonce_len, + const giovec_t *auth_iov, int auth_iovcnt, + const giovec_t *iov, int iovcnt, void *tag, + size_t tag_size); void gnutls_aead_cipher_deinit(gnutls_aead_cipher_hd_t handle); @@ -134,9 +127,9 @@ void gnutls_aead_cipher_deinit(gnutls_aead_cipher_hd_t handle); typedef struct hash_hd_st *gnutls_hash_hd_t; typedef struct hmac_hd_st *gnutls_hmac_hd_t; -size_t gnutls_mac_get_nonce_size(gnutls_mac_algorithm_t algorithm) - __GNUTLS_CONST__; -int gnutls_hmac_init(gnutls_hmac_hd_t * dig, gnutls_mac_algorithm_t algorithm, +size_t +gnutls_mac_get_nonce_size(gnutls_mac_algorithm_t algorithm) __GNUTLS_CONST__; +int gnutls_hmac_init(gnutls_hmac_hd_t *dig, gnutls_mac_algorithm_t algorithm, const void *key, size_t keylen); void gnutls_hmac_set_nonce(gnutls_hmac_hd_t handle, const void *nonce, size_t nonce_len); @@ -144,39 +137,35 @@ int gnutls_hmac(gnutls_hmac_hd_t handle, const void *text, size_t textlen); void gnutls_hmac_output(gnutls_hmac_hd_t handle, void *digest); void gnutls_hmac_deinit(gnutls_hmac_hd_t handle, void *digest); unsigned gnutls_hmac_get_len(gnutls_mac_algorithm_t algorithm) __GNUTLS_CONST__; -unsigned gnutls_hmac_get_key_size(gnutls_mac_algorithm_t algorithm) - __GNUTLS_CONST__; +unsigned +gnutls_hmac_get_key_size(gnutls_mac_algorithm_t algorithm) __GNUTLS_CONST__; int gnutls_hmac_fast(gnutls_mac_algorithm_t algorithm, const void *key, size_t keylen, const void *text, size_t textlen, void *digest); gnutls_hmac_hd_t gnutls_hmac_copy(gnutls_hmac_hd_t handle); -int gnutls_hash_init(gnutls_hash_hd_t * dig, +int gnutls_hash_init(gnutls_hash_hd_t *dig, gnutls_digest_algorithm_t algorithm); int gnutls_hash(gnutls_hash_hd_t handle, const void *text, size_t textlen); void gnutls_hash_output(gnutls_hash_hd_t handle, void *digest); void gnutls_hash_deinit(gnutls_hash_hd_t handle, void *digest); -unsigned gnutls_hash_get_len(gnutls_digest_algorithm_t algorithm) - __GNUTLS_CONST__; +unsigned +gnutls_hash_get_len(gnutls_digest_algorithm_t algorithm) __GNUTLS_CONST__; int gnutls_hash_fast(gnutls_digest_algorithm_t algorithm, const void *text, size_t textlen, void *digest); gnutls_hash_hd_t gnutls_hash_copy(gnutls_hash_hd_t handle); /* KDF API */ -int gnutls_hkdf_extract(gnutls_mac_algorithm_t mac, - const gnutls_datum_t * key, - const gnutls_datum_t * salt, void *output); +int gnutls_hkdf_extract(gnutls_mac_algorithm_t mac, const gnutls_datum_t *key, + const gnutls_datum_t *salt, void *output); -int gnutls_hkdf_expand(gnutls_mac_algorithm_t mac, - const gnutls_datum_t * key, - const gnutls_datum_t * info, - void *output, size_t length); +int gnutls_hkdf_expand(gnutls_mac_algorithm_t mac, const gnutls_datum_t *key, + const gnutls_datum_t *info, void *output, size_t length); -int gnutls_pbkdf2(gnutls_mac_algorithm_t mac, - const gnutls_datum_t * key, - const gnutls_datum_t * salt, - unsigned iter_count, void *output, size_t length); +int gnutls_pbkdf2(gnutls_mac_algorithm_t mac, const gnutls_datum_t *key, + const gnutls_datum_t *salt, unsigned iter_count, void *output, + size_t length); /* register ciphers */ @@ -224,43 +213,29 @@ typedef int (*gnutls_cipher_auth_func)(void *ctx, const void *data, size_t datasize); typedef void (*gnutls_cipher_tag_func)(void *ctx, void *tag, size_t tagsize); -typedef int (*gnutls_cipher_aead_encrypt_func)(void *ctx, - const void *nonce, - size_t noncesize, - const void *auth, - size_t authsize, size_t tag_size, - const void *plain, - size_t plainsize, void *encr, - size_t encrsize); -typedef int (*gnutls_cipher_aead_decrypt_func)(void *ctx, const void *nonce, - size_t noncesize, - const void *auth, - size_t authsize, size_t tag_size, - const void *encr, - size_t encrsize, void *plain, - size_t plainsize); +typedef int (*gnutls_cipher_aead_encrypt_func)( + void *ctx, const void *nonce, size_t noncesize, const void *auth, + size_t authsize, size_t tag_size, const void *plain, size_t plainsize, + void *encr, size_t encrsize); +typedef int (*gnutls_cipher_aead_decrypt_func)( + void *ctx, const void *nonce, size_t noncesize, const void *auth, + size_t authsize, size_t tag_size, const void *encr, size_t encrsize, + void *plain, size_t plainsize); typedef void (*gnutls_cipher_deinit_func)(void *ctx); -int -gnutls_crypto_register_cipher(gnutls_cipher_algorithm_t algorithm, - int priority, - gnutls_cipher_init_func init, - gnutls_cipher_setkey_func setkey, - gnutls_cipher_setiv_func setiv, - gnutls_cipher_encrypt_func encrypt, - gnutls_cipher_decrypt_func decrypt, - gnutls_cipher_deinit_func deinit) -_GNUTLS_GCC_ATTR_DEPRECATED; - -int -gnutls_crypto_register_aead_cipher(gnutls_cipher_algorithm_t algorithm, - int priority, - gnutls_cipher_init_func init, - gnutls_cipher_setkey_func setkey, - gnutls_cipher_aead_encrypt_func aead_encrypt, - gnutls_cipher_aead_decrypt_func aead_decrypt, - gnutls_cipher_deinit_func deinit) -_GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_crypto_register_cipher( + gnutls_cipher_algorithm_t algorithm, int priority, + gnutls_cipher_init_func init, gnutls_cipher_setkey_func setkey, + gnutls_cipher_setiv_func setiv, gnutls_cipher_encrypt_func encrypt, + gnutls_cipher_decrypt_func decrypt, + gnutls_cipher_deinit_func deinit) _GNUTLS_GCC_ATTR_DEPRECATED; + +int gnutls_crypto_register_aead_cipher( + gnutls_cipher_algorithm_t algorithm, int priority, + gnutls_cipher_init_func init, gnutls_cipher_setkey_func setkey, + gnutls_cipher_aead_encrypt_func aead_encrypt, + gnutls_cipher_aead_decrypt_func aead_decrypt, + gnutls_cipher_deinit_func deinit) _GNUTLS_GCC_ATTR_DEPRECATED; typedef int (*gnutls_mac_init_func)(gnutls_mac_algorithm_t, void **ctx); typedef int (*gnutls_mac_setkey_func)(void *ctx, const void *key, @@ -278,17 +253,12 @@ typedef int (*gnutls_mac_fast_func)(gnutls_mac_algorithm_t, const void *nonce, size_t textsize, void *digest); typedef void *(*gnutls_mac_copy_func)(const void *ctx); -int -gnutls_crypto_register_mac(gnutls_mac_algorithm_t mac, - int priority, - gnutls_mac_init_func init, - gnutls_mac_setkey_func setkey, - gnutls_mac_setnonce_func setnonce, - gnutls_mac_hash_func hash, - gnutls_mac_output_func output, - gnutls_mac_deinit_func deinit, - gnutls_mac_fast_func hash_fast) -_GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_crypto_register_mac( + gnutls_mac_algorithm_t mac, int priority, gnutls_mac_init_func init, + gnutls_mac_setkey_func setkey, gnutls_mac_setnonce_func setnonce, + gnutls_mac_hash_func hash, gnutls_mac_output_func output, + gnutls_mac_deinit_func deinit, + gnutls_mac_fast_func hash_fast) _GNUTLS_GCC_ATTR_DEPRECATED; typedef int (*gnutls_digest_init_func)(gnutls_digest_algorithm_t, void **ctx); typedef int (*gnutls_digest_hash_func)(void *ctx, const void *text, @@ -301,40 +271,35 @@ typedef int (*gnutls_digest_fast_func)(gnutls_digest_algorithm_t, void *digest); typedef void *(*gnutls_digest_copy_func)(const void *ctx); -int -gnutls_crypto_register_digest(gnutls_digest_algorithm_t digest, - int priority, - gnutls_digest_init_func init, - gnutls_digest_hash_func hash, - gnutls_digest_output_func output, - gnutls_digest_deinit_func deinit, - gnutls_digest_fast_func hash_fast) -_GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_crypto_register_digest( + gnutls_digest_algorithm_t digest, int priority, + gnutls_digest_init_func init, gnutls_digest_hash_func hash, + gnutls_digest_output_func output, gnutls_digest_deinit_func deinit, + gnutls_digest_fast_func hash_fast) _GNUTLS_GCC_ATTR_DEPRECATED; /* RSA-PKCS#1 1.5 helper functions */ -int -gnutls_encode_ber_digest_info(gnutls_digest_algorithm_t hash, - const gnutls_datum_t * digest, - gnutls_datum_t * output); - -int -gnutls_decode_ber_digest_info(const gnutls_datum_t * info, - gnutls_digest_algorithm_t * hash, - unsigned char *digest, unsigned int *digest_size); - -int gnutls_decode_rs_value(const gnutls_datum_t * sig_value, gnutls_datum_t * r, - gnutls_datum_t * s); -int gnutls_encode_rs_value(gnutls_datum_t * sig_value, const gnutls_datum_t * r, - const gnutls_datum_t * s); - -int gnutls_encode_gost_rs_value(gnutls_datum_t * sig_value, - const gnutls_datum_t * r, - const gnutls_datum_t * s); -int gnutls_decode_gost_rs_value(const gnutls_datum_t * sig_value, - gnutls_datum_t * r, gnutls_datum_t * s); +int gnutls_encode_ber_digest_info(gnutls_digest_algorithm_t hash, + const gnutls_datum_t *digest, + gnutls_datum_t *output); + +int gnutls_decode_ber_digest_info(const gnutls_datum_t *info, + gnutls_digest_algorithm_t *hash, + unsigned char *digest, + unsigned int *digest_size); + +int gnutls_decode_rs_value(const gnutls_datum_t *sig_value, gnutls_datum_t *r, + gnutls_datum_t *s); +int gnutls_encode_rs_value(gnutls_datum_t *sig_value, const gnutls_datum_t *r, + const gnutls_datum_t *s); + +int gnutls_encode_gost_rs_value(gnutls_datum_t *sig_value, + const gnutls_datum_t *r, + const gnutls_datum_t *s); +int gnutls_decode_gost_rs_value(const gnutls_datum_t *sig_value, + gnutls_datum_t *r, gnutls_datum_t *s); #ifdef __cplusplus } #endif -#endif /* GNUTLS_CRYPTO_H */ +#endif /* GNUTLS_CRYPTO_H */ diff --git a/lib/includes/gnutls/dtls.h b/lib/includes/gnutls/dtls.h index 2526e98142..b4860953d3 100644 --- a/lib/includes/gnutls/dtls.h +++ b/lib/includes/gnutls/dtls.h @@ -25,15 +25,15 @@ */ #ifndef GNUTLS_DTLS_H -# define GNUTLS_DTLS_H +#define GNUTLS_DTLS_H -# include <gnutls/gnutls.h> +#include <gnutls/gnutls.h> #ifdef __cplusplus extern "C" { #endif -# define GNUTLS_COOKIE_KEY_SIZE 16 +#define GNUTLS_COOKIE_KEY_SIZE 16 void gnutls_dtls_set_timeouts(gnutls_session_t session, unsigned int retrans_timeout, @@ -64,21 +64,19 @@ typedef struct { unsigned int hsk_write_seq; } gnutls_dtls_prestate_st; -int gnutls_dtls_cookie_send(gnutls_datum_t * key, - void *client_data, +int gnutls_dtls_cookie_send(gnutls_datum_t *key, void *client_data, size_t client_data_size, - gnutls_dtls_prestate_st * prestate, + gnutls_dtls_prestate_st *prestate, gnutls_transport_ptr_t ptr, gnutls_push_func push_func); -int gnutls_dtls_cookie_verify(gnutls_datum_t * key, - void *client_data, +int gnutls_dtls_cookie_verify(gnutls_datum_t *key, void *client_data, size_t client_data_size, void *_msg, size_t msg_size, - gnutls_dtls_prestate_st * prestate); + gnutls_dtls_prestate_st *prestate); void gnutls_dtls_prestate_set(gnutls_session_t session, - gnutls_dtls_prestate_st * prestate); + gnutls_dtls_prestate_st *prestate); unsigned int gnutls_record_get_discarded(gnutls_session_t session); @@ -86,4 +84,4 @@ unsigned int gnutls_record_get_discarded(gnutls_session_t session); } #endif -#endif /* GNUTLS_DTLS_H */ +#endif /* GNUTLS_DTLS_H */ diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in index 388b453f2b..f4c003dcde 100644 --- a/lib/includes/gnutls/gnutls.h.in +++ b/lib/includes/gnutls/gnutls.h.in @@ -34,22 +34,22 @@ */ #ifndef GNUTLS_GNUTLS_H -# define GNUTLS_GNUTLS_H +#define GNUTLS_GNUTLS_H /* Get ssize_t. */ -# include <sys/types.h> +#include <sys/types.h> /* Get size_t. */ -# include <stddef.h> +#include <stddef.h> /* Get time_t. */ -# include <time.h> +#include <time.h> #ifdef __cplusplus extern "C" { #endif -# define GNUTLS_VERSION "@VERSION@" +#define GNUTLS_VERSION "@VERSION@" /* clang-format off */ #define GNUTLS_VERSION_MAJOR @MAJOR_VERSION@ @@ -59,29 +59,33 @@ extern "C" { #define GNUTLS_VERSION_NUMBER @NUMBER_VERSION@ /* clang-format on */ -# define GNUTLS_CIPHER_RIJNDAEL_128_CBC GNUTLS_CIPHER_AES_128_CBC -# define GNUTLS_CIPHER_RIJNDAEL_256_CBC GNUTLS_CIPHER_AES_256_CBC -# define GNUTLS_CIPHER_RIJNDAEL_CBC GNUTLS_CIPHER_AES_128_CBC -# define GNUTLS_CIPHER_ARCFOUR GNUTLS_CIPHER_ARCFOUR_128 - -# if !defined(GNUTLS_INTERNAL_BUILD) && defined(_WIN32) -# define _SYM_EXPORT __declspec(dllimport) -# else -# define _SYM_EXPORT -# endif - -# ifdef __GNUC__ -# define __GNUTLS_CONST__ __attribute__((const)) -# define __GNUTLS_PURE__ __attribute__((pure)) -# else -# define __GNUTLS_CONST__ -# define __GNUTLS_PURE__ -# endif +#define GNUTLS_CIPHER_RIJNDAEL_128_CBC GNUTLS_CIPHER_AES_128_CBC +#define GNUTLS_CIPHER_RIJNDAEL_256_CBC GNUTLS_CIPHER_AES_256_CBC +#define GNUTLS_CIPHER_RIJNDAEL_CBC GNUTLS_CIPHER_AES_128_CBC +#define GNUTLS_CIPHER_ARCFOUR GNUTLS_CIPHER_ARCFOUR_128 + +#if !defined(GNUTLS_INTERNAL_BUILD) && defined(_WIN32) +#define _SYM_EXPORT __declspec(dllimport) +#else +#define _SYM_EXPORT +#endif + +#ifdef __GNUC__ +#define __GNUTLS_CONST__ __attribute__((const)) +#define __GNUTLS_PURE__ __attribute__((pure)) +#else +#define __GNUTLS_CONST__ +#define __GNUTLS_PURE__ +#endif /* Use the following definition globally in your program to disable * implicit initialization of gnutls. */ -# define GNUTLS_SKIP_GLOBAL_INIT int _gnutls_global_init_skip(void); \ - int _gnutls_global_init_skip(void) {return 1;} +#define GNUTLS_SKIP_GLOBAL_INIT \ + int _gnutls_global_init_skip(void); \ + int _gnutls_global_init_skip(void) \ + { \ + return 1; \ + } /** * gnutls_cipher_algorithm_t: @@ -278,8 +282,8 @@ typedef enum { GNUTLS_CRD_IA } gnutls_credentials_type_t; -# define GNUTLS_MAC_SHA GNUTLS_MAC_SHA1 -# define GNUTLS_DIG_SHA GNUTLS_DIG_SHA1 +#define GNUTLS_MAC_SHA GNUTLS_MAC_SHA1 +#define GNUTLS_DIG_SHA GNUTLS_DIG_SHA1 /** * gnutls_mac_algorithm_t: @@ -329,17 +333,17 @@ typedef enum { GNUTLS_MAC_SHA384 = 7, GNUTLS_MAC_SHA512 = 8, GNUTLS_MAC_SHA224 = 9, - GNUTLS_MAC_SHA3_224 = 10, /* reserved: no implementation */ - GNUTLS_MAC_SHA3_256 = 11, /* reserved: no implementation */ - GNUTLS_MAC_SHA3_384 = 12, /* reserved: no implementation */ - GNUTLS_MAC_SHA3_512 = 13, /* reserved: no implementation */ - GNUTLS_MAC_MD5_SHA1 = 14, /* reserved: no implementation */ + GNUTLS_MAC_SHA3_224 = 10, /* reserved: no implementation */ + GNUTLS_MAC_SHA3_256 = 11, /* reserved: no implementation */ + GNUTLS_MAC_SHA3_384 = 12, /* reserved: no implementation */ + GNUTLS_MAC_SHA3_512 = 13, /* reserved: no implementation */ + GNUTLS_MAC_MD5_SHA1 = 14, /* reserved: no implementation */ GNUTLS_MAC_GOSTR_94 = 15, GNUTLS_MAC_STREEBOG_256 = 16, GNUTLS_MAC_STREEBOG_512 = 17, /* If you add anything here, make sure you align with gnutls_digest_algorithm_t. */ - GNUTLS_MAC_AEAD = 200, /* indicates that MAC is on the cipher */ + GNUTLS_MAC_AEAD = 200, /* indicates that MAC is on the cipher */ GNUTLS_MAC_UMAC_96 = 201, GNUTLS_MAC_UMAC_128 = 202, GNUTLS_MAC_AES_CMAC_128 = 203, @@ -400,15 +404,15 @@ typedef enum { GNUTLS_DIG_STREEBOG_512 = GNUTLS_MAC_STREEBOG_512, GNUTLS_DIG_SHAKE_128 = GNUTLS_MAC_SHAKE_128, GNUTLS_DIG_SHAKE_256 = GNUTLS_MAC_SHAKE_256 - /* If you add anything here, make sure you align with + /* If you add anything here, make sure you align with gnutls_mac_algorithm_t. */ } gnutls_digest_algorithm_t; - /* exported for other gnutls headers. This is the maximum number of +/* exported for other gnutls headers. This is the maximum number of * algorithms (ciphers, kx or macs). */ -# define GNUTLS_MAX_ALGORITHM_NUM 128 -# define GNUTLS_MAX_SESSION_ID_SIZE 32 +#define GNUTLS_MAX_ALGORITHM_NUM 128 +#define GNUTLS_MAX_SESSION_ID_SIZE 32 /** * gnutls_compression_method_t: @@ -524,19 +528,19 @@ typedef enum { /* compatibility defines (previous versions of gnutls * used defines instead of enumerated values). */ -# define GNUTLS_SERVER (1) -# define GNUTLS_CLIENT (1<<1) -# define GNUTLS_DATAGRAM (1<<2) -# define GNUTLS_NONBLOCK (1<<3) -# define GNUTLS_NO_DEFAULT_EXTENSIONS (1<<4) -# define GNUTLS_NO_REPLAY_PROTECTION (1<<5) -# define GNUTLS_NO_SIGNAL (1<<6) -# define GNUTLS_ALLOW_ID_CHANGE (1<<7) -# define GNUTLS_ENABLE_FALSE_START (1<<8) -# define GNUTLS_FORCE_CLIENT_CERT (1<<9) -# define GNUTLS_NO_TICKETS (1<<10) -# define GNUTLS_ENABLE_CERT_TYPE_NEG 0 - // Here for compatibility reasons +#define GNUTLS_SERVER (1) +#define GNUTLS_CLIENT (1 << 1) +#define GNUTLS_DATAGRAM (1 << 2) +#define GNUTLS_NONBLOCK (1 << 3) +#define GNUTLS_NO_DEFAULT_EXTENSIONS (1 << 4) +#define GNUTLS_NO_REPLAY_PROTECTION (1 << 5) +#define GNUTLS_NO_SIGNAL (1 << 6) +#define GNUTLS_ALLOW_ID_CHANGE (1 << 7) +#define GNUTLS_ENABLE_FALSE_START (1 << 8) +#define GNUTLS_FORCE_CLIENT_CERT (1 << 9) +#define GNUTLS_NO_TICKETS (1 << 10) +#define GNUTLS_ENABLE_CERT_TYPE_NEG 0 +// Here for compatibility reasons /** * gnutls_alert_level_t: @@ -678,10 +682,10 @@ typedef enum { GNUTLS_HANDSHAKE_HELLO_RETRY_REQUEST = 1025, } gnutls_handshake_description_t; -# define GNUTLS_HANDSHAKE_ANY ((unsigned int)-1) +#define GNUTLS_HANDSHAKE_ANY ((unsigned int)-1) -const char -*gnutls_handshake_description_get_name(gnutls_handshake_description_t type); +const char * +gnutls_handshake_description_get_name(gnutls_handshake_description_t type); /** * gnutls_certificate_status_t: @@ -800,15 +804,15 @@ typedef enum { GNUTLS_TLS1_3 = 5, GNUTLS_DTLS0_9 = 200, - GNUTLS_DTLS1_0 = 201, /* 201 */ + GNUTLS_DTLS1_0 = 201, /* 201 */ GNUTLS_DTLS1_2 = 202, GNUTLS_DTLS_VERSION_MIN = GNUTLS_DTLS0_9, GNUTLS_DTLS_VERSION_MAX = GNUTLS_DTLS1_2, GNUTLS_TLS_VERSION_MAX = GNUTLS_TLS1_3, - GNUTLS_VERSION_UNKNOWN = 0xff /* change it to 0xffff */ + GNUTLS_VERSION_UNKNOWN = 0xff /* change it to 0xffff */ } gnutls_protocol_t; -# define GNUTLS_CRT_RAW GNUTLS_CRT_RAWPK +#define GNUTLS_CRT_RAW GNUTLS_CRT_RAWPK /** * gnutls_certificate_type_t: @@ -857,10 +861,10 @@ typedef enum gnutls_certificate_print_formats { GNUTLS_CRT_PRINT_FULL_NUMBERS = 4 } gnutls_certificate_print_formats_t; -# define GNUTLS_PK_ECC GNUTLS_PK_ECDSA -# define GNUTLS_PK_EC GNUTLS_PK_ECDSA +#define GNUTLS_PK_ECC GNUTLS_PK_ECDSA +#define GNUTLS_PK_EC GNUTLS_PK_ECDSA -# define GNUTLS_PK_ECDHX GNUTLS_PK_ECDH_X25519 +#define GNUTLS_PK_ECDHX GNUTLS_PK_ECDH_X25519 /** * gnutls_pk_algorithm_t: * @GNUTLS_PK_UNKNOWN: Unknown public-key algorithm. @@ -1125,9 +1129,10 @@ typedef enum { /* macros to allow specifying a specific curve in gnutls_privkey_generate() * and gnutls_x509_privkey_generate() */ -# define GNUTLS_CURVE_TO_BITS(curve) (unsigned int)(((unsigned int)1<<31)|((unsigned int)(curve))) -# define GNUTLS_BITS_TO_CURVE(bits) (((unsigned int)(bits)) & 0x7FFFFFFF) -# define GNUTLS_BITS_ARE_CURVE(bits) (((unsigned int)(bits)) & 0x80000000) +#define GNUTLS_CURVE_TO_BITS(curve) \ + (unsigned int)(((unsigned int)1 << 31) | ((unsigned int)(curve))) +#define GNUTLS_BITS_TO_CURVE(bits) (((unsigned int)(bits)) & 0x7FFFFFFF) +#define GNUTLS_BITS_ARE_CURVE(bits) (((unsigned int)(bits)) & 0x80000000) /** * gnutls_sec_param_t: @@ -1161,7 +1166,7 @@ typedef enum { } gnutls_sec_param_t; /* old name */ -# define GNUTLS_SEC_PARAM_NORMAL GNUTLS_SEC_PARAM_MEDIUM +#define GNUTLS_SEC_PARAM_NORMAL GNUTLS_SEC_PARAM_MEDIUM /** * gnutls_channel_binding_t: @@ -1226,7 +1231,7 @@ typedef struct gnutls_session_int *gnutls_session_t; struct gnutls_dh_params_int; typedef struct gnutls_dh_params_int *gnutls_dh_params_t; - /* XXX ugly. */ +/* XXX ugly. */ struct gnutls_x509_privkey_int; typedef struct gnutls_x509_privkey_int *gnutls_rsa_params_t; @@ -1257,9 +1262,9 @@ typedef int gnutls_params_function(gnutls_session_t, gnutls_params_type_t, /* internal functions */ -int gnutls_init(gnutls_session_t * session, unsigned int flags); +int gnutls_init(gnutls_session_t *session, unsigned int flags); void gnutls_deinit(gnutls_session_t session); -# define _gnutls_deinit(x) gnutls_deinit(x) +#define _gnutls_deinit(x) gnutls_deinit(x) int gnutls_bye(gnutls_session_t session, gnutls_close_request_t how); @@ -1267,17 +1272,16 @@ int gnutls_handshake(gnutls_session_t session); int gnutls_reauth(gnutls_session_t session, unsigned int flags); -# define GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT ((unsigned int)-1) -# define GNUTLS_INDEFINITE_TIMEOUT ((unsigned int)-2) +#define GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT ((unsigned int)-1) +#define GNUTLS_INDEFINITE_TIMEOUT ((unsigned int)-2) void gnutls_handshake_set_timeout(gnutls_session_t session, unsigned int ms); int gnutls_rehandshake(gnutls_session_t session); -# define GNUTLS_KU_PEER 1 +#define GNUTLS_KU_PEER 1 int gnutls_session_key_update(gnutls_session_t session, unsigned flags); gnutls_alert_description_t gnutls_alert_get(gnutls_session_t session); -int gnutls_alert_send(gnutls_session_t session, - gnutls_alert_level_t level, +int gnutls_alert_send(gnutls_session_t session, gnutls_alert_level_t level, gnutls_alert_description_t desc); int gnutls_alert_send_appropriate(gnutls_session_t session, int err); const char *gnutls_alert_get_name(gnutls_alert_description_t alert); @@ -1292,8 +1296,8 @@ unsigned int gnutls_sec_param_to_symmetric_bits(gnutls_sec_param_t param) __GNUTLS_CONST__; /* Elliptic curves */ -const char *gnutls_ecc_curve_get_name(gnutls_ecc_curve_t curve) - __GNUTLS_CONST__; +const char * +gnutls_ecc_curve_get_name(gnutls_ecc_curve_t curve) __GNUTLS_CONST__; const char *gnutls_ecc_curve_get_oid(gnutls_ecc_curve_t curve) __GNUTLS_CONST__; const char *gnutls_group_get_name(gnutls_group_t group) __GNUTLS_CONST__; @@ -1319,53 +1323,51 @@ gnutls_certificate_type_get2(gnutls_session_t session, int gnutls_sign_algorithm_get(gnutls_session_t session); int gnutls_sign_algorithm_get_client(gnutls_session_t session); -int gnutls_sign_algorithm_get_requested(gnutls_session_t session, - size_t indx, - gnutls_sign_algorithm_t * algo); +int gnutls_sign_algorithm_get_requested(gnutls_session_t session, size_t indx, + gnutls_sign_algorithm_t *algo); /* the name of the specified algorithms */ -const char *gnutls_cipher_get_name(gnutls_cipher_algorithm_t algorithm) - __GNUTLS_CONST__; -const char *gnutls_mac_get_name(gnutls_mac_algorithm_t algorithm) - __GNUTLS_CONST__; - -const char *gnutls_digest_get_name(gnutls_digest_algorithm_t algorithm) - __GNUTLS_CONST__; -const char *gnutls_digest_get_oid(gnutls_digest_algorithm_t algorithm) - __GNUTLS_CONST__; - -const char *gnutls_kx_get_name(gnutls_kx_algorithm_t algorithm) - __GNUTLS_CONST__; +const char * +gnutls_cipher_get_name(gnutls_cipher_algorithm_t algorithm) __GNUTLS_CONST__; +const char * +gnutls_mac_get_name(gnutls_mac_algorithm_t algorithm) __GNUTLS_CONST__; + +const char * +gnutls_digest_get_name(gnutls_digest_algorithm_t algorithm) __GNUTLS_CONST__; +const char * +gnutls_digest_get_oid(gnutls_digest_algorithm_t algorithm) __GNUTLS_CONST__; + +const char * +gnutls_kx_get_name(gnutls_kx_algorithm_t algorithm) __GNUTLS_CONST__; const char *gnutls_certificate_type_get_name(gnutls_certificate_type_t type) - __GNUTLS_CONST__; -const char *gnutls_pk_get_name(gnutls_pk_algorithm_t algorithm) - __GNUTLS_CONST__; + __GNUTLS_CONST__; +const char * +gnutls_pk_get_name(gnutls_pk_algorithm_t algorithm) __GNUTLS_CONST__; const char *gnutls_pk_get_oid(gnutls_pk_algorithm_t algorithm) __GNUTLS_CONST__; -const char *gnutls_sign_get_name(gnutls_sign_algorithm_t algorithm) - __GNUTLS_CONST__; +const char * +gnutls_sign_get_name(gnutls_sign_algorithm_t algorithm) __GNUTLS_CONST__; const char *gnutls_sign_get_oid(gnutls_sign_algorithm_t sign) __GNUTLS_CONST__; -const char *gnutls_gost_paramset_get_name(gnutls_gost_paramset_t param) - __GNUTLS_CONST__; -const char *gnutls_gost_paramset_get_oid(gnutls_gost_paramset_t param) - __GNUTLS_CONST__; +const char * +gnutls_gost_paramset_get_name(gnutls_gost_paramset_t param) __GNUTLS_CONST__; +const char * +gnutls_gost_paramset_get_oid(gnutls_gost_paramset_t param) __GNUTLS_CONST__; +size_t gnutls_cipher_get_key_size(gnutls_cipher_algorithm_t algorithm) + __GNUTLS_CONST__; size_t -gnutls_cipher_get_key_size(gnutls_cipher_algorithm_t algorithm) -__GNUTLS_CONST__; -size_t gnutls_mac_get_key_size(gnutls_mac_algorithm_t algorithm) - __GNUTLS_CONST__; +gnutls_mac_get_key_size(gnutls_mac_algorithm_t algorithm) __GNUTLS_CONST__; -unsigned gnutls_sign_is_secure(gnutls_sign_algorithm_t algorithm) - __GNUTLS_CONST__; +unsigned +gnutls_sign_is_secure(gnutls_sign_algorithm_t algorithm) __GNUTLS_CONST__; /* It is possible that a signature algorithm is ok to use for short-lived * data (e.g., to sign a TLS session), but not for data that are long-lived * like certificates. This flag is about checking the security of the algorithm * for long-lived data. */ -# define GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS 1 +#define GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS 1 unsigned gnutls_sign_is_secure2(gnutls_sign_algorithm_t algorithm, unsigned int flags) __GNUTLS_CONST__; @@ -1381,11 +1383,11 @@ unsigned gnutls_sign_supports_pk_algorithm(gnutls_sign_algorithm_t sign, gnutls_pk_algorithm_t pk) __GNUTLS_CONST__; -# define gnutls_sign_algorithm_get_name gnutls_sign_get_name +#define gnutls_sign_algorithm_get_name gnutls_sign_get_name gnutls_mac_algorithm_t gnutls_mac_get_id(const char *name) __GNUTLS_CONST__; -gnutls_digest_algorithm_t gnutls_digest_get_id(const char *name) - __GNUTLS_CONST__; +gnutls_digest_algorithm_t +gnutls_digest_get_id(const char *name) __GNUTLS_CONST__; gnutls_cipher_algorithm_t gnutls_cipher_get_id(const char *name) __GNUTLS_CONST__; @@ -1397,8 +1399,8 @@ gnutls_certificate_type_get_id(const char *name) __GNUTLS_CONST__; gnutls_pk_algorithm_t gnutls_pk_get_id(const char *name) __GNUTLS_CONST__; gnutls_sign_algorithm_t gnutls_sign_get_id(const char *name) __GNUTLS_CONST__; gnutls_ecc_curve_t gnutls_ecc_curve_get_id(const char *name) __GNUTLS_CONST__; -gnutls_pk_algorithm_t gnutls_ecc_curve_get_pk(gnutls_ecc_curve_t curve) - __GNUTLS_CONST__; +gnutls_pk_algorithm_t +gnutls_ecc_curve_get_pk(gnutls_ecc_curve_t curve) __GNUTLS_CONST__; gnutls_group_t gnutls_group_get_id(const char *name); gnutls_digest_algorithm_t @@ -1410,26 +1412,25 @@ gnutls_ecc_curve_t gnutls_oid_to_ecc_curve(const char *oid) __GNUTLS_CONST__; gnutls_gost_paramset_t gnutls_oid_to_gost_paramset(const char *oid) __GNUTLS_CONST__; - /* list supported algorithms */ +/* list supported algorithms */ const gnutls_ecc_curve_t *gnutls_ecc_curve_list(void) __GNUTLS_PURE__; const gnutls_group_t *gnutls_group_list(void) __GNUTLS_PURE__; const gnutls_cipher_algorithm_t *gnutls_cipher_list(void) __GNUTLS_PURE__; const gnutls_mac_algorithm_t *gnutls_mac_list(void) __GNUTLS_PURE__; const gnutls_digest_algorithm_t *gnutls_digest_list(void) __GNUTLS_PURE__; const gnutls_protocol_t *gnutls_protocol_list(void) __GNUTLS_PURE__; -const gnutls_certificate_type_t *gnutls_certificate_type_list(void) - __GNUTLS_PURE__; +const gnutls_certificate_type_t * +gnutls_certificate_type_list(void) __GNUTLS_PURE__; const gnutls_kx_algorithm_t *gnutls_kx_list(void) __GNUTLS_PURE__; const gnutls_pk_algorithm_t *gnutls_pk_list(void) __GNUTLS_PURE__; const gnutls_sign_algorithm_t *gnutls_sign_list(void) __GNUTLS_PURE__; -const char *gnutls_cipher_suite_info(size_t idx, - unsigned char *cs_id, - gnutls_kx_algorithm_t * kx, - gnutls_cipher_algorithm_t * cipher, - gnutls_mac_algorithm_t * mac, - gnutls_protocol_t * min_version); - - /* functions for run-time enablement of algorithms */ +const char *gnutls_cipher_suite_info(size_t idx, unsigned char *cs_id, + gnutls_kx_algorithm_t *kx, + gnutls_cipher_algorithm_t *cipher, + gnutls_mac_algorithm_t *mac, + gnutls_protocol_t *min_version); + +/* functions for run-time enablement of algorithms */ int gnutls_ecc_curve_set_enabled(gnutls_ecc_curve_t curve, unsigned int enabled); int gnutls_sign_set_secure(gnutls_sign_algorithm_t sign, unsigned int secure); @@ -1440,7 +1441,7 @@ int gnutls_digest_set_secure(gnutls_digest_algorithm_t dig, int gnutls_protocol_set_enabled(gnutls_protocol_t version, unsigned int enabled); - /* error functions */ +/* error functions */ int gnutls_error_is_fatal(int error) __GNUTLS_CONST__; int gnutls_error_to_alert(int err, int *level); @@ -1453,7 +1454,7 @@ const char *gnutls_strerror_name(int error) __GNUTLS_CONST__; void gnutls_handshake_set_private_extensions(gnutls_session_t session, int allow); int gnutls_handshake_set_random(gnutls_session_t session, - const gnutls_datum_t * random); + const gnutls_datum_t *random); gnutls_handshake_description_t gnutls_handshake_get_last_out(gnutls_session_t session); @@ -1462,7 +1463,7 @@ gnutls_handshake_get_last_in(gnutls_session_t session); /* Record layer functions. */ -# define GNUTLS_HEARTBEAT_WAIT 1 +#define GNUTLS_HEARTBEAT_WAIT 1 int gnutls_heartbeat_ping(gnutls_session_t session, size_t data_size, unsigned int max_tries, unsigned int flags); int gnutls_heartbeat_pong(gnutls_session_t session, unsigned int flags); @@ -1471,69 +1472,63 @@ void gnutls_record_set_timeout(gnutls_session_t session, unsigned int ms); void gnutls_record_disable_padding(gnutls_session_t session); void gnutls_record_cork(gnutls_session_t session); -# define GNUTLS_RECORD_WAIT 1 +#define GNUTLS_RECORD_WAIT 1 int gnutls_record_uncork(gnutls_session_t session, unsigned int flags); size_t gnutls_record_discard_queued(gnutls_session_t session); -int -gnutls_record_get_state(gnutls_session_t session, - unsigned read, - gnutls_datum_t * mac_key, - gnutls_datum_t * IV, - gnutls_datum_t * cipher_key, - unsigned char seq_number[8]); +int gnutls_record_get_state(gnutls_session_t session, unsigned read, + gnutls_datum_t *mac_key, gnutls_datum_t *IV, + gnutls_datum_t *cipher_key, + unsigned char seq_number[8]); -int -gnutls_record_set_state(gnutls_session_t session, - unsigned read, const unsigned char seq_number[8]); +int gnutls_record_set_state(gnutls_session_t session, unsigned read, + const unsigned char seq_number[8]); typedef struct { size_t low; size_t high; } gnutls_range_st; -int gnutls_range_split(gnutls_session_t session, - const gnutls_range_st * orig, - gnutls_range_st * small_range, - gnutls_range_st * rem_range); +int gnutls_range_split(gnutls_session_t session, const gnutls_range_st *orig, + gnutls_range_st *small_range, + gnutls_range_st *rem_range); ssize_t gnutls_record_send(gnutls_session_t session, const void *data, size_t data_size); ssize_t gnutls_record_send2(gnutls_session_t session, const void *data, size_t data_size, size_t pad, unsigned flags); -ssize_t gnutls_record_send_range(gnutls_session_t session, - const void *data, size_t data_size, - const gnutls_range_st * range); -ssize_t gnutls_record_send_file(gnutls_session_t session, int fd, - off_t * offset, size_t count); +ssize_t gnutls_record_send_range(gnutls_session_t session, const void *data, + size_t data_size, + const gnutls_range_st *range); +ssize_t gnutls_record_send_file(gnutls_session_t session, int fd, off_t *offset, + size_t count); ssize_t gnutls_record_recv(gnutls_session_t session, void *data, size_t data_size); typedef struct mbuffer_st *gnutls_packet_t; -ssize_t -gnutls_record_recv_packet(gnutls_session_t session, gnutls_packet_t * packet); +ssize_t gnutls_record_recv_packet(gnutls_session_t session, + gnutls_packet_t *packet); -void gnutls_packet_get(gnutls_packet_t packet, gnutls_datum_t * data, +void gnutls_packet_get(gnutls_packet_t packet, gnutls_datum_t *data, unsigned char *sequence); void gnutls_packet_deinit(gnutls_packet_t packet); -# define gnutls_read gnutls_record_recv -# define gnutls_write gnutls_record_send +#define gnutls_read gnutls_record_recv +#define gnutls_write gnutls_record_send ssize_t gnutls_record_recv_seq(gnutls_session_t session, void *data, size_t data_size, unsigned char *seq); size_t gnutls_record_overhead_size(gnutls_session_t session); -size_t -gnutls_est_record_overhead_size(gnutls_protocol_t version, - gnutls_cipher_algorithm_t cipher, - gnutls_mac_algorithm_t mac, - gnutls_compression_method_t comp, - unsigned int flags) __GNUTLS_CONST__; +size_t gnutls_est_record_overhead_size(gnutls_protocol_t version, + gnutls_cipher_algorithm_t cipher, + gnutls_mac_algorithm_t mac, + gnutls_compression_method_t comp, + unsigned int flags) __GNUTLS_CONST__; void gnutls_session_enable_compatibility_mode(gnutls_session_t session); -# define gnutls_record_set_max_empty_records(session, x) +#define gnutls_record_set_max_empty_records(session, x) unsigned gnutls_record_can_use_length_hiding(gnutls_session_t session); @@ -1556,22 +1551,18 @@ ssize_t gnutls_record_recv_early_data(gnutls_session_t session, void *data, void gnutls_session_force_valid(gnutls_session_t session); -int gnutls_prf(gnutls_session_t session, - size_t label_size, const char *label, - int server_random_first, - size_t extra_size, const char *extra, size_t outsize, char *out); -int gnutls_prf_rfc5705(gnutls_session_t session, - size_t label_size, const char *label, - size_t context_size, const char *context, - size_t outsize, char *out); -int gnutls_prf_early(gnutls_session_t session, - size_t label_size, const char *label, - size_t context_size, const char *context, - size_t outsize, char *out); - -int gnutls_prf_raw(gnutls_session_t session, - size_t label_size, const char *label, - size_t seed_size, const char *seed, +int gnutls_prf(gnutls_session_t session, size_t label_size, const char *label, + int server_random_first, size_t extra_size, const char *extra, + size_t outsize, char *out); +int gnutls_prf_rfc5705(gnutls_session_t session, size_t label_size, + const char *label, size_t context_size, + const char *context, size_t outsize, char *out); +int gnutls_prf_early(gnutls_session_t session, size_t label_size, + const char *label, size_t context_size, + const char *context, size_t outsize, char *out); + +int gnutls_prf_raw(gnutls_session_t session, size_t label_size, + const char *label, size_t seed_size, const char *seed, size_t outsize, char *out); /** @@ -1585,28 +1576,28 @@ typedef enum { } gnutls_server_name_type_t; int gnutls_server_name_set(gnutls_session_t session, - gnutls_server_name_type_t type, - const void *name, size_t name_length); + gnutls_server_name_type_t type, const void *name, + size_t name_length); -int gnutls_server_name_get(gnutls_session_t session, - void *data, size_t *data_length, - unsigned int *type, unsigned int indx); +int gnutls_server_name_get(gnutls_session_t session, void *data, + size_t *data_length, unsigned int *type, + unsigned int indx); unsigned int gnutls_heartbeat_get_timeout(gnutls_session_t session); void gnutls_heartbeat_set_timeouts(gnutls_session_t session, unsigned int retrans_timeout, unsigned int total_timeout); -# define GNUTLS_HB_PEER_ALLOWED_TO_SEND (1) -# define GNUTLS_HB_PEER_NOT_ALLOWED_TO_SEND (1<<1) +#define GNUTLS_HB_PEER_ALLOWED_TO_SEND (1) +#define GNUTLS_HB_PEER_NOT_ALLOWED_TO_SEND (1 << 1) - /* Heartbeat */ +/* Heartbeat */ void gnutls_heartbeat_enable(gnutls_session_t session, unsigned int type); -# define GNUTLS_HB_LOCAL_ALLOWED_TO_SEND (1<<2) +#define GNUTLS_HB_LOCAL_ALLOWED_TO_SEND (1 << 2) unsigned gnutls_heartbeat_allowed(gnutls_session_t session, unsigned int type); - /* Safe renegotiation */ +/* Safe renegotiation */ unsigned gnutls_safe_renegotiation_status(gnutls_session_t session); unsigned gnutls_session_ext_master_secret_status(gnutls_session_t session); unsigned gnutls_session_etm_status(gnutls_session_t session); @@ -1657,19 +1648,19 @@ typedef enum { GNUTLS_SUPPLEMENTAL_UNKNOWN = 0, } gnutls_supplemental_data_format_type_t; -const char -*gnutls_supplemental_get_name(gnutls_supplemental_data_format_type_t type); +const char * +gnutls_supplemental_get_name(gnutls_supplemental_data_format_type_t type); - /* SessionTicket, RFC 5077. */ -int gnutls_session_ticket_key_generate(gnutls_datum_t * key); +/* SessionTicket, RFC 5077. */ +int gnutls_session_ticket_key_generate(gnutls_datum_t *key); int gnutls_session_ticket_enable_client(gnutls_session_t session); int gnutls_session_ticket_enable_server(gnutls_session_t session, - const gnutls_datum_t * key); + const gnutls_datum_t *key); int gnutls_session_ticket_send(gnutls_session_t session, unsigned nr, unsigned flags); - /* SRTP, RFC 5764 */ +/* SRTP, RFC 5764 */ /** * gnutls_srtp_profile_t: @@ -1696,28 +1687,27 @@ int gnutls_srtp_set_profile(gnutls_session_t session, int gnutls_srtp_set_profile_direct(gnutls_session_t session, const char *profiles, const char **err_pos); int gnutls_srtp_get_selected_profile(gnutls_session_t session, - gnutls_srtp_profile_t * profile); + gnutls_srtp_profile_t *profile); const char *gnutls_srtp_get_profile_name(gnutls_srtp_profile_t profile); int gnutls_srtp_get_profile_id(const char *name, - gnutls_srtp_profile_t * profile); -int gnutls_srtp_get_keys(gnutls_session_t session, - void *key_material, + gnutls_srtp_profile_t *profile); +int gnutls_srtp_get_keys(gnutls_session_t session, void *key_material, unsigned int key_material_size, - gnutls_datum_t * client_key, - gnutls_datum_t * client_salt, - gnutls_datum_t * server_key, - gnutls_datum_t * server_salt); + gnutls_datum_t *client_key, + gnutls_datum_t *client_salt, + gnutls_datum_t *server_key, + gnutls_datum_t *server_salt); -int gnutls_srtp_set_mki(gnutls_session_t session, const gnutls_datum_t * mki); -int gnutls_srtp_get_mki(gnutls_session_t session, gnutls_datum_t * mki); +int gnutls_srtp_set_mki(gnutls_session_t session, const gnutls_datum_t *mki); +int gnutls_srtp_get_mki(gnutls_session_t session, gnutls_datum_t *mki); /* COMPRESS_CERTIFICATE extension, RFC8879 */ gnutls_compression_method_t gnutls_compress_certificate_get_selected_method(gnutls_session_t session); -int gnutls_compress_certificate_set_methods(gnutls_session_t session, - const gnutls_compression_method_t * - methods, size_t methods_len); +int gnutls_compress_certificate_set_methods( + gnutls_session_t session, const gnutls_compression_method_t *methods, + size_t methods_len); /* ALPN TLS extension */ @@ -1735,19 +1725,19 @@ typedef enum { GNUTLS_ALPN_SERVER_PRECEDENCE = (1 << 1) } gnutls_alpn_flags_t; -# define GNUTLS_ALPN_MAND GNUTLS_ALPN_MANDATORY +#define GNUTLS_ALPN_MAND GNUTLS_ALPN_MANDATORY int gnutls_alpn_get_selected_protocol(gnutls_session_t session, - gnutls_datum_t * protocol); + gnutls_datum_t *protocol); int gnutls_alpn_set_protocols(gnutls_session_t session, - const gnutls_datum_t * protocols, + const gnutls_datum_t *protocols, unsigned protocols_size, unsigned flags); -int gnutls_key_generate(gnutls_datum_t * key, unsigned int key_size); +int gnutls_key_generate(gnutls_datum_t *key, unsigned int key_size); -# define GNUTLS_PRIORITY_INIT_DEF_APPEND 1 -int gnutls_priority_init(gnutls_priority_t * priority_cache, +#define GNUTLS_PRIORITY_INIT_DEF_APPEND 1 +int gnutls_priority_init(gnutls_priority_t *priority_cache, const char *priorities, const char **err_pos); -int gnutls_priority_init2(gnutls_priority_t * priority_cache, +int gnutls_priority_init2(gnutls_priority_t *priority_cache, const char *priorities, const char **err_pos, unsigned flags); void gnutls_priority_deinit(gnutls_priority_t priority_cache); @@ -1755,14 +1745,14 @@ int gnutls_priority_get_cipher_suite_index(gnutls_priority_t pcache, unsigned int idx, unsigned int *sidx); -# define GNUTLS_PRIORITY_LIST_INIT_KEYWORDS 1 -# define GNUTLS_PRIORITY_LIST_SPECIAL 2 +#define GNUTLS_PRIORITY_LIST_INIT_KEYWORDS 1 +#define GNUTLS_PRIORITY_LIST_SPECIAL 2 const char *gnutls_priority_string_list(unsigned iter, unsigned int flags); int gnutls_priority_set(gnutls_session_t session, gnutls_priority_t priority); -int gnutls_priority_set_direct(gnutls_session_t session, - const char *priorities, const char **err_pos); +int gnutls_priority_set_direct(gnutls_session_t session, const char *priorities, + const char **err_pos); int gnutls_priority_certificate_type_list(gnutls_priority_t pcache, const unsigned int **list); @@ -1775,8 +1765,8 @@ int gnutls_priority_protocol_list(gnutls_priority_t pcache, const unsigned int **list); int gnutls_priority_ecc_curve_list(gnutls_priority_t pcache, const unsigned int **list); -int -gnutls_priority_group_list(gnutls_priority_t pcache, const unsigned int **list); +int gnutls_priority_group_list(gnutls_priority_t pcache, + const unsigned int **list); int gnutls_priority_kx_list(gnutls_priority_t pcache, const unsigned int **list); @@ -1793,40 +1783,37 @@ int gnutls_set_default_priority_append(gnutls_session_t session, const char **err_pos, unsigned flags); /* Returns the name of a cipher suite */ -const char *gnutls_cipher_suite_get_name(gnutls_kx_algorithm_t kx_algorithm, - gnutls_cipher_algorithm_t - cipher_algorithm, - gnutls_mac_algorithm_t mac_algorithm) - __GNUTLS_CONST__; +const char *gnutls_cipher_suite_get_name( + gnutls_kx_algorithm_t kx_algorithm, + gnutls_cipher_algorithm_t cipher_algorithm, + gnutls_mac_algorithm_t mac_algorithm) __GNUTLS_CONST__; const char *gnutls_ciphersuite_get(gnutls_session_t session) __GNUTLS_CONST__; /* get the currently used protocol version */ gnutls_protocol_t gnutls_protocol_get_version(gnutls_session_t session); -const char *gnutls_protocol_get_name(gnutls_protocol_t version) - __GNUTLS_CONST__; +const char * +gnutls_protocol_get_name(gnutls_protocol_t version) __GNUTLS_CONST__; /* get/set session */ -int gnutls_session_set_data(gnutls_session_t session, - const void *session_data, size_t session_data_size); +int gnutls_session_set_data(gnutls_session_t session, const void *session_data, + size_t session_data_size); int gnutls_session_get_data(gnutls_session_t session, void *session_data, size_t *session_data_size); -int gnutls_session_get_data2(gnutls_session_t session, gnutls_datum_t * data); -void gnutls_session_get_random(gnutls_session_t session, - gnutls_datum_t * client, - gnutls_datum_t * server); +int gnutls_session_get_data2(gnutls_session_t session, gnutls_datum_t *data); +void gnutls_session_get_random(gnutls_session_t session, gnutls_datum_t *client, + gnutls_datum_t *server); void gnutls_session_get_master_secret(gnutls_session_t session, - gnutls_datum_t * secret); + gnutls_datum_t *secret); char *gnutls_session_get_desc(gnutls_session_t session); typedef int gnutls_certificate_verify_function(gnutls_session_t); -void gnutls_session_set_verify_function(gnutls_session_t session, - gnutls_certificate_verify_function * - func); +void gnutls_session_set_verify_function( + gnutls_session_t session, gnutls_certificate_verify_function *func); /** * gnutls_vdata_types_t: @@ -1867,35 +1854,33 @@ typedef struct { void gnutls_session_set_verify_cert(gnutls_session_t session, const char *hostname, unsigned flags); -void -gnutls_session_set_verify_cert2(gnutls_session_t session, - gnutls_typed_vdata_st * data, - unsigned elements, unsigned flags); +void gnutls_session_set_verify_cert2(gnutls_session_t session, + gnutls_typed_vdata_st *data, + unsigned elements, unsigned flags); unsigned int gnutls_session_get_verify_cert_status(gnutls_session_t); -int gnutls_session_set_premaster(gnutls_session_t session, - unsigned int entity, +int gnutls_session_set_premaster(gnutls_session_t session, unsigned int entity, gnutls_protocol_t version, gnutls_kx_algorithm_t kx, gnutls_cipher_algorithm_t cipher, gnutls_mac_algorithm_t mac, gnutls_compression_method_t comp, - const gnutls_datum_t * master, - const gnutls_datum_t * session_id); + const gnutls_datum_t *master, + const gnutls_datum_t *session_id); /* returns the session ID */ -# define GNUTLS_MAX_SESSION_ID 32 +#define GNUTLS_MAX_SESSION_ID 32 int gnutls_session_get_id(gnutls_session_t session, void *session_id, size_t *session_id_size); int gnutls_session_get_id2(gnutls_session_t session, - gnutls_datum_t * session_id); + gnutls_datum_t *session_id); -int gnutls_session_set_id(gnutls_session_t session, const gnutls_datum_t * sid); +int gnutls_session_set_id(gnutls_session_t session, const gnutls_datum_t *sid); int gnutls_session_channel_binding(gnutls_session_t session, gnutls_channel_binding_t cbtype, - gnutls_datum_t * cb); + gnutls_datum_t *cb); /* checks if this session is a resumed one */ @@ -1905,7 +1890,7 @@ int gnutls_session_resumption_requested(gnutls_session_t session); typedef int (*gnutls_db_store_func)(void *, gnutls_datum_t key, gnutls_datum_t data); typedef int (*gnutls_db_remove_func)(void *, gnutls_datum_t key); -typedef gnutls_datum_t(*gnutls_db_retr_func) (void *, gnutls_datum_t key); +typedef gnutls_datum_t (*gnutls_db_retr_func)(void *, gnutls_datum_t key); void gnutls_db_set_cache_expiration(gnutls_session_t session, int seconds); unsigned gnutls_db_get_default_cache_expiration(void); @@ -1921,12 +1906,12 @@ void gnutls_db_set_ptr(gnutls_session_t session, void *ptr); void *gnutls_db_get_ptr(gnutls_session_t session); int gnutls_db_check_entry(gnutls_session_t session, gnutls_datum_t session_entry); -time_t gnutls_db_check_entry_time(gnutls_datum_t * entry); -time_t gnutls_db_check_entry_expire_time(gnutls_datum_t * entry); +time_t gnutls_db_check_entry_time(gnutls_datum_t *entry); +time_t gnutls_db_check_entry_expire_time(gnutls_datum_t *entry); -# define GNUTLS_HOOK_POST (1) -# define GNUTLS_HOOK_PRE (0) -# define GNUTLS_HOOK_BOTH (-1) +#define GNUTLS_HOOK_POST (1) +#define GNUTLS_HOOK_PRE (0) +#define GNUTLS_HOOK_BOTH (-1) /** * gnutls_handshake_hook_func: @@ -1941,21 +1926,18 @@ time_t gnutls_db_check_entry_expire_time(gnutls_datum_t * entry); * * Returns: Non zero on error. */ -typedef int (*gnutls_handshake_hook_func)(gnutls_session_t, - unsigned int htype, - unsigned when, - unsigned int incoming, - const gnutls_datum_t * msg); +typedef int (*gnutls_handshake_hook_func)(gnutls_session_t, unsigned int htype, + unsigned when, unsigned int incoming, + const gnutls_datum_t *msg); void gnutls_handshake_set_hook_function(gnutls_session_t session, unsigned int htype, int when, gnutls_handshake_hook_func func); -# define gnutls_handshake_post_client_hello_func gnutls_handshake_simple_hook_func +#define gnutls_handshake_post_client_hello_func \ + gnutls_handshake_simple_hook_func typedef int (*gnutls_handshake_simple_hook_func)(gnutls_session_t); -void -gnutls_handshake_set_post_client_hello_function(gnutls_session_t session, - gnutls_handshake_simple_hook_func - func); +void gnutls_handshake_set_post_client_hello_function( + gnutls_session_t session, gnutls_handshake_simple_hook_func func); void gnutls_handshake_set_max_packet_length(gnutls_session_t session, size_t max); @@ -1969,10 +1951,10 @@ const char *gnutls_check_version(const char *req_version) __GNUTLS_CONST__; * Used as: * if (gnutls_check_version_numerc(3,3,16)) { */ -# define gnutls_check_version_numeric(a,b,c) \ - ((GNUTLS_VERSION_MAJOR >= (a)) && \ - ((GNUTLS_VERSION_NUMBER >= ( ((a) << 16) + ((b) << 8) + (c) )) || \ - gnutls_check_version(#a "." #b "." #c))) +#define gnutls_check_version_numeric(a, b, c) \ + ((GNUTLS_VERSION_MAJOR >= (a)) && \ + ((GNUTLS_VERSION_NUMBER >= (((a) << 16) + ((b) << 8) + (c))) || \ + gnutls_check_version(#a "." #b "." #c))) /* Functions for setting/clearing credentials */ @@ -1984,7 +1966,7 @@ int gnutls_credentials_set(gnutls_session_t session, gnutls_credentials_type_t type, void *cred); int gnutls_credentials_get(gnutls_session_t session, gnutls_credentials_type_t type, void **cred); -# define gnutls_cred_set gnutls_credentials_set +#define gnutls_cred_set gnutls_credentials_set /* x.509 types */ @@ -2013,49 +1995,47 @@ typedef struct gnutls_openpgp_keyring_int *gnutls_openpgp_keyring_t; struct gnutls_certificate_credentials_st; typedef struct gnutls_certificate_credentials_st -*gnutls_certificate_credentials_t; + *gnutls_certificate_credentials_t; typedef gnutls_certificate_credentials_t gnutls_certificate_server_credentials; typedef gnutls_certificate_credentials_t gnutls_certificate_client_credentials; typedef struct gnutls_anon_server_credentials_st -*gnutls_anon_server_credentials_t; + *gnutls_anon_server_credentials_t; typedef struct gnutls_anon_client_credentials_st -*gnutls_anon_client_credentials_t; + *gnutls_anon_client_credentials_t; void gnutls_anon_free_server_credentials(gnutls_anon_server_credentials_t sc); -int -gnutls_anon_allocate_server_credentials(gnutls_anon_server_credentials_t * sc); +int gnutls_anon_allocate_server_credentials( + gnutls_anon_server_credentials_t *sc); void gnutls_anon_set_server_dh_params(gnutls_anon_server_credentials_t res, gnutls_dh_params_t dh_params); -int -gnutls_anon_set_server_known_dh_params(gnutls_anon_server_credentials_t res, - gnutls_sec_param_t sec_param); +int gnutls_anon_set_server_known_dh_params(gnutls_anon_server_credentials_t res, + gnutls_sec_param_t sec_param); -void -gnutls_anon_set_server_params_function(gnutls_anon_server_credentials_t - res, gnutls_params_function * func); +void gnutls_anon_set_server_params_function( + gnutls_anon_server_credentials_t res, gnutls_params_function *func); void gnutls_anon_free_client_credentials(gnutls_anon_client_credentials_t sc); -int -gnutls_anon_allocate_client_credentials(gnutls_anon_client_credentials_t * sc); +int gnutls_anon_allocate_client_credentials( + gnutls_anon_client_credentials_t *sc); /* CERTFILE is an x509 certificate in PEM form. * KEYFILE is a pkcs-1 private key in PEM form (for RSA keys). */ void gnutls_certificate_free_credentials(gnutls_certificate_credentials_t sc); -int -gnutls_certificate_allocate_credentials(gnutls_certificate_credentials_t * res); +int gnutls_certificate_allocate_credentials( + gnutls_certificate_credentials_t *res); -int -gnutls_certificate_get_issuer(gnutls_certificate_credentials_t sc, - gnutls_x509_crt_t cert, - gnutls_x509_crt_t * issuer, unsigned int flags); +int gnutls_certificate_get_issuer(gnutls_certificate_credentials_t sc, + gnutls_x509_crt_t cert, + gnutls_x509_crt_t *issuer, + unsigned int flags); int gnutls_certificate_get_crt_raw(gnutls_certificate_credentials_t sc, unsigned idx1, unsigned idx2, - gnutls_datum_t * cert); + gnutls_datum_t *cert); void gnutls_certificate_free_keys(gnutls_certificate_credentials_t sc); void gnutls_certificate_free_cas(gnutls_certificate_credentials_t sc); @@ -2067,8 +2047,8 @@ void gnutls_certificate_set_dh_params(gnutls_certificate_credentials_t res, int gnutls_certificate_set_known_dh_params(gnutls_certificate_credentials_t res, gnutls_sec_param_t sec_param); -void gnutls_certificate_set_verify_flags(gnutls_certificate_credentials_t - res, unsigned int flags); +void gnutls_certificate_set_verify_flags(gnutls_certificate_credentials_t res, + unsigned int flags); unsigned int gnutls_certificate_get_verify_flags(gnutls_certificate_credentials_t res); @@ -2093,116 +2073,111 @@ typedef enum gnutls_certificate_flags { void gnutls_certificate_set_flags(gnutls_certificate_credentials_t, unsigned flags); -void gnutls_certificate_set_verify_limits(gnutls_certificate_credentials_t - res, unsigned int max_bits, +void gnutls_certificate_set_verify_limits(gnutls_certificate_credentials_t res, + unsigned int max_bits, unsigned int max_depth); -int -gnutls_certificate_set_x509_system_trust(gnutls_certificate_credentials_t cred); +int gnutls_certificate_set_x509_system_trust( + gnutls_certificate_credentials_t cred); -int -gnutls_certificate_set_x509_trust_file(gnutls_certificate_credentials_t - cred, const char *cafile, - gnutls_x509_crt_fmt_t type); -int -gnutls_certificate_set_x509_trust_dir(gnutls_certificate_credentials_t cred, - const char *ca_dir, - gnutls_x509_crt_fmt_t type); +int gnutls_certificate_set_x509_trust_file(gnutls_certificate_credentials_t cred, + const char *cafile, + gnutls_x509_crt_fmt_t type); +int gnutls_certificate_set_x509_trust_dir(gnutls_certificate_credentials_t cred, + const char *ca_dir, + gnutls_x509_crt_fmt_t type); -int gnutls_certificate_set_x509_trust_mem(gnutls_certificate_credentials_t - res, const gnutls_datum_t * ca, +int gnutls_certificate_set_x509_trust_mem(gnutls_certificate_credentials_t res, + const gnutls_datum_t *ca, gnutls_x509_crt_fmt_t type); -int -gnutls_certificate_set_x509_crl_file(gnutls_certificate_credentials_t - res, const char *crlfile, - gnutls_x509_crt_fmt_t type); -int gnutls_certificate_set_x509_crl_mem(gnutls_certificate_credentials_t - res, const gnutls_datum_t * CRL, +int gnutls_certificate_set_x509_crl_file(gnutls_certificate_credentials_t res, + const char *crlfile, + gnutls_x509_crt_fmt_t type); +int gnutls_certificate_set_x509_crl_mem(gnutls_certificate_credentials_t res, + const gnutls_datum_t *CRL, gnutls_x509_crt_fmt_t type); -int -gnutls_certificate_set_x509_key_file(gnutls_certificate_credentials_t - res, const char *certfile, - const char *keyfile, - gnutls_x509_crt_fmt_t type); - -int -gnutls_certificate_set_x509_key_file2(gnutls_certificate_credentials_t - res, const char *certfile, - const char *keyfile, - gnutls_x509_crt_fmt_t type, - const char *pass, unsigned int flags); - -int gnutls_certificate_set_x509_key_mem(gnutls_certificate_credentials_t - res, const gnutls_datum_t * cert, - const gnutls_datum_t * key, +int gnutls_certificate_set_x509_key_file(gnutls_certificate_credentials_t res, + const char *certfile, + const char *keyfile, + gnutls_x509_crt_fmt_t type); + +int gnutls_certificate_set_x509_key_file2(gnutls_certificate_credentials_t res, + const char *certfile, + const char *keyfile, + gnutls_x509_crt_fmt_t type, + const char *pass, unsigned int flags); + +int gnutls_certificate_set_x509_key_mem(gnutls_certificate_credentials_t res, + const gnutls_datum_t *cert, + const gnutls_datum_t *key, gnutls_x509_crt_fmt_t type); -int gnutls_certificate_set_x509_key_mem2(gnutls_certificate_credentials_t - res, const gnutls_datum_t * cert, - const gnutls_datum_t * key, +int gnutls_certificate_set_x509_key_mem2(gnutls_certificate_credentials_t res, + const gnutls_datum_t *cert, + const gnutls_datum_t *key, gnutls_x509_crt_fmt_t type, const char *pass, unsigned int flags); void gnutls_certificate_send_x509_rdn_sequence(gnutls_session_t session, int status); -int gnutls_certificate_set_x509_simple_pkcs12_file - (gnutls_certificate_credentials_t res, const char *pkcs12file, - gnutls_x509_crt_fmt_t type, const char *password); -int gnutls_certificate_set_x509_simple_pkcs12_mem - (gnutls_certificate_credentials_t res, const gnutls_datum_t * p12blob, - gnutls_x509_crt_fmt_t type, const char *password); +int gnutls_certificate_set_x509_simple_pkcs12_file( + gnutls_certificate_credentials_t res, const char *pkcs12file, + gnutls_x509_crt_fmt_t type, const char *password); +int gnutls_certificate_set_x509_simple_pkcs12_mem( + gnutls_certificate_credentials_t res, const gnutls_datum_t *p12blob, + gnutls_x509_crt_fmt_t type, const char *password); /* New functions to allow setting already parsed X.509 stuff. */ int gnutls_certificate_set_x509_key(gnutls_certificate_credentials_t res, - gnutls_x509_crt_t * cert_list, + gnutls_x509_crt_t *cert_list, int cert_list_size, gnutls_x509_privkey_t key); int gnutls_certificate_set_x509_trust(gnutls_certificate_credentials_t res, - gnutls_x509_crt_t * ca_list, + gnutls_x509_crt_t *ca_list, int ca_list_size); int gnutls_certificate_set_x509_crl(gnutls_certificate_credentials_t res, - gnutls_x509_crl_t * crl_list, + gnutls_x509_crl_t *crl_list, int crl_list_size); int gnutls_certificate_get_x509_key(gnutls_certificate_credentials_t res, - unsigned index, - gnutls_x509_privkey_t * key); + unsigned index, gnutls_x509_privkey_t *key); int gnutls_certificate_get_x509_crt(gnutls_certificate_credentials_t res, unsigned index, - gnutls_x509_crt_t ** crt_list, + gnutls_x509_crt_t **crt_list, unsigned *crt_list_size); - /* OCSP status request extension, RFC 6066 */ -typedef int (*gnutls_status_request_ocsp_func) - (gnutls_session_t session, void *ptr, gnutls_datum_t * ocsp_response); +/* OCSP status request extension, RFC 6066 */ +typedef int (*gnutls_status_request_ocsp_func)(gnutls_session_t session, + void *ptr, + gnutls_datum_t *ocsp_response); -void gnutls_certificate_set_ocsp_status_request_function - (gnutls_certificate_credentials_t res, - gnutls_status_request_ocsp_func ocsp_func, void *ptr); +void gnutls_certificate_set_ocsp_status_request_function( + gnutls_certificate_credentials_t res, + gnutls_status_request_ocsp_func ocsp_func, void *ptr); -int gnutls_certificate_set_ocsp_status_request_function2 - (gnutls_certificate_credentials_t res, unsigned idx, - gnutls_status_request_ocsp_func ocsp_func, void *ptr); +int gnutls_certificate_set_ocsp_status_request_function2( + gnutls_certificate_credentials_t res, unsigned idx, + gnutls_status_request_ocsp_func ocsp_func, void *ptr); -int gnutls_certificate_set_ocsp_status_request_file - (gnutls_certificate_credentials_t res, const char *response_file, - unsigned idx); +int gnutls_certificate_set_ocsp_status_request_file( + gnutls_certificate_credentials_t res, const char *response_file, + unsigned idx); -int gnutls_certificate_set_ocsp_status_request_file2 - (gnutls_certificate_credentials_t res, const char *response_file, - unsigned idx, gnutls_x509_crt_fmt_t fmt); +int gnutls_certificate_set_ocsp_status_request_file2( + gnutls_certificate_credentials_t res, const char *response_file, + unsigned idx, gnutls_x509_crt_fmt_t fmt); -int gnutls_certificate_set_ocsp_status_request_mem - (gnutls_certificate_credentials_t res, const gnutls_datum_t * resp, - unsigned idx, gnutls_x509_crt_fmt_t fmt); +int gnutls_certificate_set_ocsp_status_request_mem( + gnutls_certificate_credentials_t res, const gnutls_datum_t *resp, + unsigned idx, gnutls_x509_crt_fmt_t fmt); typedef struct gnutls_ocsp_data_st { - unsigned int version; /* must be zero */ + unsigned int version; /* must be zero */ gnutls_datum_t response; time_t exptime; unsigned char padding[32]; @@ -2212,44 +2187,32 @@ time_t gnutls_certificate_get_ocsp_expiration(gnutls_certificate_credentials_t sc, unsigned idx, int oidx, unsigned flags); -int gnutls_ocsp_status_request_enable_client(gnutls_session_t session, - gnutls_datum_t * responder_id, - size_t responder_id_size, - gnutls_datum_t * - request_extensions); +int gnutls_ocsp_status_request_enable_client( + gnutls_session_t session, gnutls_datum_t *responder_id, + size_t responder_id_size, gnutls_datum_t *request_extensions); int gnutls_ocsp_status_request_get(gnutls_session_t session, - gnutls_datum_t * response); + gnutls_datum_t *response); -# define GNUTLS_OCSP_SR_IS_AVAIL 1 +#define GNUTLS_OCSP_SR_IS_AVAIL 1 unsigned gnutls_ocsp_status_request_is_checked(gnutls_session_t session, unsigned int flags); -int -gnutls_ocsp_status_request_get2(gnutls_session_t session, - unsigned idx, gnutls_datum_t * response); +int gnutls_ocsp_status_request_get2(gnutls_session_t session, unsigned idx, + gnutls_datum_t *response); /* RAW public key functions (RFC7250) */ -int gnutls_certificate_set_rawpk_key_mem(gnutls_certificate_credentials_t cred, - const gnutls_datum_t * spki, - const gnutls_datum_t * pkey, - gnutls_x509_crt_fmt_t format, - const char *pass, - unsigned int key_usage, - const char **names, - unsigned int names_length, - unsigned int flags); - -int gnutls_certificate_set_rawpk_key_file(gnutls_certificate_credentials_t cred, - const char *rawpkfile, - const char *privkeyfile, - gnutls_x509_crt_fmt_t format, - const char *pass, - unsigned int key_usage, - const char **names, - unsigned int names_length, - unsigned int privkey_flags, - unsigned int pkcs11_flags); +int gnutls_certificate_set_rawpk_key_mem( + gnutls_certificate_credentials_t cred, const gnutls_datum_t *spki, + const gnutls_datum_t *pkey, gnutls_x509_crt_fmt_t format, + const char *pass, unsigned int key_usage, const char **names, + unsigned int names_length, unsigned int flags); + +int gnutls_certificate_set_rawpk_key_file( + gnutls_certificate_credentials_t cred, const char *rawpkfile, + const char *privkeyfile, gnutls_x509_crt_fmt_t format, const char *pass, + unsigned int key_usage, const char **names, unsigned int names_length, + unsigned int privkey_flags, unsigned int pkcs11_flags); /* global state functions */ @@ -2267,15 +2230,14 @@ const gnutls_library_config_st *gnutls_get_library_config(void); * * Returns: Number of seconds since the epoch, or (time_t)-1 on errors. */ -typedef time_t(*gnutls_time_func) (time_t * t); +typedef time_t (*gnutls_time_func)(time_t *t); typedef int (*mutex_init_func)(void **mutex); typedef int (*mutex_lock_func)(void **mutex); typedef int (*mutex_unlock_func)(void **mutex); typedef int (*mutex_deinit_func)(void **mutex); -void gnutls_global_set_mutex(mutex_init_func init, - mutex_deinit_func deinit, +void gnutls_global_set_mutex(mutex_init_func init, mutex_deinit_func deinit, mutex_lock_func lock, mutex_unlock_func unlock); typedef void *(*gnutls_alloc_function)(size_t); @@ -2292,9 +2254,9 @@ extern _SYM_EXPORT gnutls_realloc_function gnutls_realloc; extern _SYM_EXPORT gnutls_calloc_function gnutls_calloc; extern _SYM_EXPORT gnutls_free_function gnutls_free; -# ifdef GNUTLS_INTERNAL_BUILD -# define gnutls_free(a) gnutls_free((void *) (a)), a=NULL -# endif +#ifdef GNUTLS_INTERNAL_BUILD +#define gnutls_free(a) gnutls_free((void *)(a)), a = NULL +#endif extern _SYM_EXPORT char *(*gnutls_strdup)(const char *); @@ -2322,33 +2284,32 @@ void gnutls_global_set_log_level(int level); * Returns: Non zero on error. * Since: 3.6.13 */ -typedef int (*gnutls_keylog_func)(gnutls_session_t session, - const char *label, - const gnutls_datum_t * secret); -gnutls_keylog_func gnutls_session_get_keylog_function(const gnutls_session_t - session); +typedef int (*gnutls_keylog_func)(gnutls_session_t session, const char *label, + const gnutls_datum_t *secret); +gnutls_keylog_func +gnutls_session_get_keylog_function(const gnutls_session_t session); void gnutls_session_set_keylog_function(gnutls_session_t session, gnutls_keylog_func func); /* Diffie-Hellman parameter handling. */ -int gnutls_dh_params_init(gnutls_dh_params_t * dh_params); +int gnutls_dh_params_init(gnutls_dh_params_t *dh_params); void gnutls_dh_params_deinit(gnutls_dh_params_t dh_params); int gnutls_dh_params_import_raw(gnutls_dh_params_t dh_params, - const gnutls_datum_t * prime, - const gnutls_datum_t * generator); + const gnutls_datum_t *prime, + const gnutls_datum_t *generator); int gnutls_dh_params_import_dsa(gnutls_dh_params_t dh_params, gnutls_x509_privkey_t key); int gnutls_dh_params_import_raw2(gnutls_dh_params_t dh_params, - const gnutls_datum_t * prime, - const gnutls_datum_t * generator, + const gnutls_datum_t *prime, + const gnutls_datum_t *generator, unsigned key_bits); int gnutls_dh_params_import_raw3(gnutls_dh_params_t dh_params, - const gnutls_datum_t * prime, - const gnutls_datum_t * q, - const gnutls_datum_t * generator); + const gnutls_datum_t *prime, + const gnutls_datum_t *q, + const gnutls_datum_t *generator); int gnutls_dh_params_import_pkcs3(gnutls_dh_params_t params, - const gnutls_datum_t * pkcs3_params, + const gnutls_datum_t *pkcs3_params, gnutls_x509_crt_fmt_t format); int gnutls_dh_params_generate2(gnutls_dh_params_t params, unsigned int bits); int gnutls_dh_params_export_pkcs3(gnutls_dh_params_t params, @@ -2357,38 +2318,39 @@ int gnutls_dh_params_export_pkcs3(gnutls_dh_params_t params, size_t *params_data_size); int gnutls_dh_params_export2_pkcs3(gnutls_dh_params_t params, gnutls_x509_crt_fmt_t format, - gnutls_datum_t * out); + gnutls_datum_t *out); int gnutls_dh_params_export_raw(gnutls_dh_params_t params, - gnutls_datum_t * prime, - gnutls_datum_t * generator, unsigned int *bits); + gnutls_datum_t *prime, + gnutls_datum_t *generator, unsigned int *bits); int gnutls_dh_params_cpy(gnutls_dh_params_t dst, gnutls_dh_params_t src); /* Session stuff */ /* clang-format off */ @DEFINE_IOVEC_T@ -/* clang-format on */ + /* clang-format on */ -typedef ssize_t(*gnutls_pull_func) (gnutls_transport_ptr_t, void *, size_t); -typedef ssize_t(*gnutls_push_func) (gnutls_transport_ptr_t, const void *, + typedef ssize_t (*gnutls_pull_func)(gnutls_transport_ptr_t, void *, + size_t); +typedef ssize_t (*gnutls_push_func)(gnutls_transport_ptr_t, const void *, size_t); int gnutls_system_recv_timeout(gnutls_transport_ptr_t ptr, unsigned int ms); typedef int (*gnutls_pull_timeout_func)(gnutls_transport_ptr_t, unsigned int ms); -typedef ssize_t(*gnutls_vec_push_func) (gnutls_transport_ptr_t, - const giovec_t * iov, int iovcnt); +typedef ssize_t (*gnutls_vec_push_func)(gnutls_transport_ptr_t, + const giovec_t *iov, int iovcnt); typedef int (*gnutls_errno_func)(gnutls_transport_ptr_t); -# if 0 +#if 0 /* This will be defined as macro. */ void gnutls_transport_set_int(gnutls_session_t session, int r); -# endif +#endif void gnutls_transport_set_int2(gnutls_session_t session, int r, int s); -# define gnutls_transport_set_int(s, i) gnutls_transport_set_int2(s, i, i) +#define gnutls_transport_set_int(s, i) gnutls_transport_set_int2(s, i, i) void gnutls_transport_get_int2(gnutls_session_t session, int *r, int *s); int gnutls_transport_get_int(gnutls_session_t session); @@ -2401,8 +2363,8 @@ void gnutls_transport_set_ptr2(gnutls_session_t session, gnutls_transport_ptr_t gnutls_transport_get_ptr(gnutls_session_t session); void gnutls_transport_get_ptr2(gnutls_session_t session, - gnutls_transport_ptr_t * recv_ptr, - gnutls_transport_ptr_t * send_ptr); + gnutls_transport_ptr_t *recv_ptr, + gnutls_transport_ptr_t *send_ptr); void gnutls_transport_set_vec_push_function(gnutls_session_t session, gnutls_vec_push_func vec_func); @@ -2430,7 +2392,7 @@ void gnutls_openpgp_send_cert(gnutls_session_t session, /* This function returns the hash of the given data. */ int gnutls_fingerprint(gnutls_digest_algorithm_t algo, - const gnutls_datum_t * data, void *result, + const gnutls_datum_t *data, void *result, size_t *result_size); /** @@ -2443,48 +2405,43 @@ typedef enum gnutls_random_art { GNUTLS_RANDOM_ART_OPENSSH = 1 } gnutls_random_art_t; -int gnutls_random_art(gnutls_random_art_t type, - const char *key_type, unsigned int key_size, - void *fpr, size_t fpr_size, gnutls_datum_t * art); +int gnutls_random_art(gnutls_random_art_t type, const char *key_type, + unsigned int key_size, void *fpr, size_t fpr_size, + gnutls_datum_t *art); /* IDNA */ -# define GNUTLS_IDNA_FORCE_2008 (1<<1) -int gnutls_idna_map(const char *input, unsigned ilen, gnutls_datum_t * out, +#define GNUTLS_IDNA_FORCE_2008 (1 << 1) +int gnutls_idna_map(const char *input, unsigned ilen, gnutls_datum_t *out, unsigned flags); int gnutls_idna_reverse_map(const char *input, unsigned ilen, - gnutls_datum_t * out, unsigned flags); + gnutls_datum_t *out, unsigned flags); /* SRP */ -typedef struct gnutls_srp_server_credentials_st -*gnutls_srp_server_credentials_t; -typedef struct gnutls_srp_client_credentials_st -*gnutls_srp_client_credentials_t; +typedef struct gnutls_srp_server_credentials_st *gnutls_srp_server_credentials_t; +typedef struct gnutls_srp_client_credentials_st *gnutls_srp_client_credentials_t; void gnutls_srp_free_client_credentials(gnutls_srp_client_credentials_t sc); -int -gnutls_srp_allocate_client_credentials(gnutls_srp_client_credentials_t * sc); +int gnutls_srp_allocate_client_credentials(gnutls_srp_client_credentials_t *sc); int gnutls_srp_set_client_credentials(gnutls_srp_client_credentials_t res, const char *username, const char *password); void gnutls_srp_free_server_credentials(gnutls_srp_server_credentials_t sc); -int -gnutls_srp_allocate_server_credentials(gnutls_srp_server_credentials_t * sc); -int gnutls_srp_set_server_credentials_file(gnutls_srp_server_credentials_t - res, const char *password_file, +int gnutls_srp_allocate_server_credentials(gnutls_srp_server_credentials_t *sc); +int gnutls_srp_set_server_credentials_file(gnutls_srp_server_credentials_t res, + const char *password_file, const char *password_conf_file); const char *gnutls_srp_server_get_username(gnutls_session_t session); void gnutls_srp_set_prime_bits(gnutls_session_t session, unsigned int bits); -int gnutls_srp_verifier(const char *username, - const char *password, - const gnutls_datum_t * salt, - const gnutls_datum_t * generator, - const gnutls_datum_t * prime, gnutls_datum_t * res); +int gnutls_srp_verifier(const char *username, const char *password, + const gnutls_datum_t *salt, + const gnutls_datum_t *generator, + const gnutls_datum_t *prime, gnutls_datum_t *res); /* The static parameters defined in draft-ietf-tls-srp-05 * Those should be used as input to gnutls_srp_verifier(). @@ -2537,50 +2494,40 @@ extern _SYM_EXPORT const unsigned int gnutls_ffdhe_2048_key_bits; typedef int gnutls_srp_server_credentials_function(gnutls_session_t, const char *username, - gnutls_datum_t * salt, - gnutls_datum_t * - verifier, - gnutls_datum_t * - generator, - gnutls_datum_t * prime); -void -gnutls_srp_set_server_credentials_function(gnutls_srp_server_credentials_t - cred, - gnutls_srp_server_credentials_function - * func); - -typedef int gnutls_srp_client_credentials_function(gnutls_session_t, - char **, char **); -void -gnutls_srp_set_client_credentials_function(gnutls_srp_client_credentials_t - cred, - gnutls_srp_client_credentials_function - * func); - -int gnutls_srp_base64_encode(const gnutls_datum_t * data, char *result, + gnutls_datum_t *salt, + gnutls_datum_t *verifier, + gnutls_datum_t *generator, + gnutls_datum_t *prime); +void gnutls_srp_set_server_credentials_function( + gnutls_srp_server_credentials_t cred, + gnutls_srp_server_credentials_function *func); + +typedef int gnutls_srp_client_credentials_function(gnutls_session_t, char **, + char **); +void gnutls_srp_set_client_credentials_function( + gnutls_srp_client_credentials_t cred, + gnutls_srp_client_credentials_function *func); + +int gnutls_srp_base64_encode(const gnutls_datum_t *data, char *result, size_t *result_size); -int gnutls_srp_base64_encode2(const gnutls_datum_t * data, - gnutls_datum_t * result); +int gnutls_srp_base64_encode2(const gnutls_datum_t *data, + gnutls_datum_t *result); -int gnutls_srp_base64_decode(const gnutls_datum_t * b64_data, char *result, +int gnutls_srp_base64_decode(const gnutls_datum_t *b64_data, char *result, size_t *result_size); -int gnutls_srp_base64_decode2(const gnutls_datum_t * b64_data, - gnutls_datum_t * result); +int gnutls_srp_base64_decode2(const gnutls_datum_t *b64_data, + gnutls_datum_t *result); -# define gnutls_srp_base64_encode_alloc gnutls_srp_base64_encode2 -# define gnutls_srp_base64_decode_alloc gnutls_srp_base64_decode2 +#define gnutls_srp_base64_encode_alloc gnutls_srp_base64_encode2 +#define gnutls_srp_base64_decode_alloc gnutls_srp_base64_decode2 -void -gnutls_srp_set_server_fake_salt_seed(gnutls_srp_server_credentials_t - sc, - const gnutls_datum_t * seed, - unsigned int salt_length); +void gnutls_srp_set_server_fake_salt_seed(gnutls_srp_server_credentials_t sc, + const gnutls_datum_t *seed, + unsigned int salt_length); /* PSK stuff */ -typedef struct gnutls_psk_server_credentials_st -*gnutls_psk_server_credentials_t; -typedef struct gnutls_psk_client_credentials_st -*gnutls_psk_client_credentials_t; +typedef struct gnutls_psk_server_credentials_st *gnutls_psk_server_credentials_t; +typedef struct gnutls_psk_client_credentials_st *gnutls_psk_client_credentials_t; /** * gnutls_psk_key_flags: @@ -2595,84 +2542,70 @@ typedef enum gnutls_psk_key_flags { } gnutls_psk_key_flags; void gnutls_psk_free_client_credentials(gnutls_psk_client_credentials_t sc); -int -gnutls_psk_allocate_client_credentials(gnutls_psk_client_credentials_t * sc); +int gnutls_psk_allocate_client_credentials(gnutls_psk_client_credentials_t *sc); int gnutls_psk_set_client_credentials(gnutls_psk_client_credentials_t res, const char *username, - const gnutls_datum_t * key, + const gnutls_datum_t *key, gnutls_psk_key_flags flags); int gnutls_psk_set_client_credentials2(gnutls_psk_client_credentials_t res, - const gnutls_datum_t * username, - const gnutls_datum_t * key, + const gnutls_datum_t *username, + const gnutls_datum_t *key, gnutls_psk_key_flags flags); void gnutls_psk_free_server_credentials(gnutls_psk_server_credentials_t sc); -int -gnutls_psk_allocate_server_credentials(gnutls_psk_server_credentials_t * sc); -int gnutls_psk_set_server_credentials_file(gnutls_psk_server_credentials_t - res, const char *password_file); +int gnutls_psk_allocate_server_credentials(gnutls_psk_server_credentials_t *sc); +int gnutls_psk_set_server_credentials_file(gnutls_psk_server_credentials_t res, + const char *password_file); -int -gnutls_psk_set_server_credentials_hint(gnutls_psk_server_credentials_t - res, const char *hint); +int gnutls_psk_set_server_credentials_hint(gnutls_psk_server_credentials_t res, + const char *hint); const char *gnutls_psk_server_get_username(gnutls_session_t session); int gnutls_psk_server_get_username2(gnutls_session_t session, - gnutls_datum_t * out); + gnutls_datum_t *out); const char *gnutls_psk_client_get_hint(gnutls_session_t session); typedef int gnutls_psk_server_credentials_function(gnutls_session_t, const char *username, - gnutls_datum_t * key); -typedef int gnutls_psk_server_credentials_function2(gnutls_session_t, - const gnutls_datum_t * - username, - gnutls_datum_t * key); -void gnutls_psk_set_server_credentials_function(gnutls_psk_server_credentials_t - cred, - gnutls_psk_server_credentials_function - * func); -void gnutls_psk_set_server_credentials_function2(gnutls_psk_server_credentials_t - cred, - gnutls_psk_server_credentials_function2 - * func); + gnutls_datum_t *key); +typedef int gnutls_psk_server_credentials_function2( + gnutls_session_t, const gnutls_datum_t *username, gnutls_datum_t *key); +void gnutls_psk_set_server_credentials_function( + gnutls_psk_server_credentials_t cred, + gnutls_psk_server_credentials_function *func); +void gnutls_psk_set_server_credentials_function2( + gnutls_psk_server_credentials_t cred, + gnutls_psk_server_credentials_function2 *func); typedef int gnutls_psk_client_credentials_function(gnutls_session_t, char **username, - gnutls_datum_t * key); + gnutls_datum_t *key); typedef int gnutls_psk_client_credentials_function2(gnutls_session_t, - gnutls_datum_t * username, - gnutls_datum_t * key); -void -gnutls_psk_set_client_credentials_function(gnutls_psk_client_credentials_t - cred, - gnutls_psk_client_credentials_function - * func); -void -gnutls_psk_set_client_credentials_function2(gnutls_psk_client_credentials_t - cred, - gnutls_psk_client_credentials_function2 - * func); - -int gnutls_hex_encode(const gnutls_datum_t * data, char *result, + gnutls_datum_t *username, + gnutls_datum_t *key); +void gnutls_psk_set_client_credentials_function( + gnutls_psk_client_credentials_t cred, + gnutls_psk_client_credentials_function *func); +void gnutls_psk_set_client_credentials_function2( + gnutls_psk_client_credentials_t cred, + gnutls_psk_client_credentials_function2 *func); + +int gnutls_hex_encode(const gnutls_datum_t *data, char *result, size_t *result_size); -int gnutls_hex_decode(const gnutls_datum_t * hex_data, void *result, +int gnutls_hex_decode(const gnutls_datum_t *hex_data, void *result, size_t *result_size); -int gnutls_hex_encode2(const gnutls_datum_t * data, gnutls_datum_t * result); -int gnutls_hex_decode2(const gnutls_datum_t * data, gnutls_datum_t * result); +int gnutls_hex_encode2(const gnutls_datum_t *data, gnutls_datum_t *result); +int gnutls_hex_decode2(const gnutls_datum_t *data, gnutls_datum_t *result); -void -gnutls_psk_set_server_dh_params(gnutls_psk_server_credentials_t res, - gnutls_dh_params_t dh_params); +void gnutls_psk_set_server_dh_params(gnutls_psk_server_credentials_t res, + gnutls_dh_params_t dh_params); -int -gnutls_psk_set_server_known_dh_params(gnutls_psk_server_credentials_t res, - gnutls_sec_param_t sec_param); +int gnutls_psk_set_server_known_dh_params(gnutls_psk_server_credentials_t res, + gnutls_sec_param_t sec_param); -void -gnutls_psk_set_server_params_function(gnutls_psk_server_credentials_t - res, gnutls_params_function * func); +void gnutls_psk_set_server_params_function(gnutls_psk_server_credentials_t res, + gnutls_params_function *func); /** * gnutls_x509_subject_alt_name_t: @@ -2739,7 +2672,7 @@ typedef struct gnutls_retr2_st { gnutls_x509_crt_t *x509; gnutls_openpgp_crt_t pgp; } cert; - unsigned int ncerts; /* one for pgp keys */ + unsigned int ncerts; /* one for pgp keys */ union { gnutls_x509_privkey_t x509; @@ -2747,72 +2680,60 @@ typedef struct gnutls_retr2_st { gnutls_pkcs11_privkey_t pkcs11; } key; - unsigned int deinit_all; /* if non zero all keys will be deinited */ + unsigned int deinit_all; /* if non zero all keys will be deinited */ } gnutls_retr2_st; - /* Functions that allow auth_info_t structures handling +/* Functions that allow auth_info_t structures handling */ gnutls_credentials_type_t gnutls_auth_get_type(gnutls_session_t session); gnutls_credentials_type_t gnutls_auth_server_get_type(gnutls_session_t session); gnutls_credentials_type_t gnutls_auth_client_get_type(gnutls_session_t session); - /* DH */ +/* DH */ void gnutls_dh_set_prime_bits(gnutls_session_t session, unsigned int bits); int gnutls_dh_get_secret_bits(gnutls_session_t session); int gnutls_dh_get_peers_public_bits(gnutls_session_t session); int gnutls_dh_get_prime_bits(gnutls_session_t session); -int gnutls_dh_get_group(gnutls_session_t session, gnutls_datum_t * raw_gen, - gnutls_datum_t * raw_prime); -int gnutls_dh_get_pubkey(gnutls_session_t session, gnutls_datum_t * raw_key); +int gnutls_dh_get_group(gnutls_session_t session, gnutls_datum_t *raw_gen, + gnutls_datum_t *raw_prime); +int gnutls_dh_get_pubkey(gnutls_session_t session, gnutls_datum_t *raw_key); - /* X509PKI */ +/* X509PKI */ - /* These are set on the credentials structure. +/* These are set on the credentials structure. */ - /* use gnutls_certificate_set_retrieve_function2() in abstract.h +/* use gnutls_certificate_set_retrieve_function2() in abstract.h * instead. It's much more efficient. */ -typedef int gnutls_certificate_retrieve_function(gnutls_session_t, - const - gnutls_datum_t * - req_ca_rdn, - int nreqs, - const - gnutls_pk_algorithm_t - * pk_algos, - int - pk_algos_length, - gnutls_retr2_st *); - -void -gnutls_certificate_set_retrieve_function(gnutls_certificate_credentials_t - cred, - gnutls_certificate_retrieve_function - * func); - -void -gnutls_certificate_set_verify_function(gnutls_certificate_credentials_t - cred, - gnutls_certificate_verify_function - * func); - -void -gnutls_certificate_server_set_request(gnutls_session_t session, - gnutls_certificate_request_t req); - - /* get data from the session +typedef int gnutls_certificate_retrieve_function( + gnutls_session_t, const gnutls_datum_t *req_ca_rdn, int nreqs, + const gnutls_pk_algorithm_t *pk_algos, int pk_algos_length, + gnutls_retr2_st *); + +void gnutls_certificate_set_retrieve_function( + gnutls_certificate_credentials_t cred, + gnutls_certificate_retrieve_function *func); + +void gnutls_certificate_set_verify_function( + gnutls_certificate_credentials_t cred, + gnutls_certificate_verify_function *func); + +void gnutls_certificate_server_set_request(gnutls_session_t session, + gnutls_certificate_request_t req); + +/* get data from the session */ -const gnutls_datum_t *gnutls_certificate_get_peers(gnutls_session_t session, unsigned int - *list_size); +const gnutls_datum_t *gnutls_certificate_get_peers(gnutls_session_t session, + unsigned int *list_size); const gnutls_datum_t *gnutls_certificate_get_ours(gnutls_session_t session); int gnutls_certificate_get_peers_subkey_id(gnutls_session_t session, - gnutls_datum_t * id); + gnutls_datum_t *id); time_t gnutls_certificate_activation_time_peers(gnutls_session_t session); time_t gnutls_certificate_expiration_time_peers(gnutls_session_t session); @@ -2824,131 +2745,113 @@ int gnutls_certificate_verify_peers3(gnutls_session_t session, const char *hostname, unsigned int *status); -int -gnutls_certificate_verify_peers(gnutls_session_t session, - gnutls_typed_vdata_st * data, - unsigned int elements, unsigned int *status); +int gnutls_certificate_verify_peers(gnutls_session_t session, + gnutls_typed_vdata_st *data, + unsigned int elements, + unsigned int *status); int gnutls_certificate_verification_status_print(unsigned int status, - gnutls_certificate_type_t - type, - gnutls_datum_t * out, + gnutls_certificate_type_t type, + gnutls_datum_t *out, unsigned int flags); -int gnutls_pem_base64_encode(const char *msg, const gnutls_datum_t * data, +int gnutls_pem_base64_encode(const char *msg, const gnutls_datum_t *data, char *result, size_t *result_size); -int gnutls_pem_base64_decode(const char *header, - const gnutls_datum_t * b64_data, +int gnutls_pem_base64_decode(const char *header, const gnutls_datum_t *b64_data, unsigned char *result, size_t *result_size); -int gnutls_pem_base64_encode2(const char *msg, - const gnutls_datum_t * data, - gnutls_datum_t * result); +int gnutls_pem_base64_encode2(const char *msg, const gnutls_datum_t *data, + gnutls_datum_t *result); int gnutls_pem_base64_decode2(const char *header, - const gnutls_datum_t * b64_data, - gnutls_datum_t * result); + const gnutls_datum_t *b64_data, + gnutls_datum_t *result); -int gnutls_base64_encode2(const gnutls_datum_t * data, gnutls_datum_t * result); -int gnutls_base64_decode2(const gnutls_datum_t * b64_data, - gnutls_datum_t * result); +int gnutls_base64_encode2(const gnutls_datum_t *data, gnutls_datum_t *result); +int gnutls_base64_decode2(const gnutls_datum_t *b64_data, + gnutls_datum_t *result); -# define gnutls_pem_base64_encode_alloc gnutls_pem_base64_encode2 -# define gnutls_pem_base64_decode_alloc gnutls_pem_base64_decode2 +#define gnutls_pem_base64_encode_alloc gnutls_pem_base64_encode2 +#define gnutls_pem_base64_decode_alloc gnutls_pem_base64_decode2 - /* key_usage will be an OR of the following values: +/* key_usage will be an OR of the following values: */ - /* when the key is to be used for signing: */ -# define GNUTLS_KEY_DIGITAL_SIGNATURE 128 -# define GNUTLS_KEY_NON_REPUDIATION 64 - /* when the key is to be used for encryption: */ -# define GNUTLS_KEY_KEY_ENCIPHERMENT 32 -# define GNUTLS_KEY_DATA_ENCIPHERMENT 16 -# define GNUTLS_KEY_KEY_AGREEMENT 8 -# define GNUTLS_KEY_KEY_CERT_SIGN 4 -# define GNUTLS_KEY_CRL_SIGN 2 -# define GNUTLS_KEY_ENCIPHER_ONLY 1 -# define GNUTLS_KEY_DECIPHER_ONLY 32768 - -void -gnutls_certificate_set_params_function(gnutls_certificate_credentials_t - res, gnutls_params_function * func); +/* when the key is to be used for signing: */ +#define GNUTLS_KEY_DIGITAL_SIGNATURE 128 +#define GNUTLS_KEY_NON_REPUDIATION 64 +/* when the key is to be used for encryption: */ +#define GNUTLS_KEY_KEY_ENCIPHERMENT 32 +#define GNUTLS_KEY_DATA_ENCIPHERMENT 16 +#define GNUTLS_KEY_KEY_AGREEMENT 8 +#define GNUTLS_KEY_KEY_CERT_SIGN 4 +#define GNUTLS_KEY_CRL_SIGN 2 +#define GNUTLS_KEY_ENCIPHER_ONLY 1 +#define GNUTLS_KEY_DECIPHER_ONLY 32768 + +void gnutls_certificate_set_params_function( + gnutls_certificate_credentials_t res, gnutls_params_function *func); void gnutls_anon_set_params_function(gnutls_anon_server_credentials_t res, - gnutls_params_function * func); + gnutls_params_function *func); void gnutls_psk_set_params_function(gnutls_psk_server_credentials_t res, - gnutls_params_function * func); + gnutls_params_function *func); -int gnutls_hex2bin(const char *hex_data, size_t hex_size, - void *bin_data, size_t *bin_size); +int gnutls_hex2bin(const char *hex_data, size_t hex_size, void *bin_data, + size_t *bin_size); - /* Trust on first use (or ssh like) functions */ +/* Trust on first use (or ssh like) functions */ - /* stores the provided information to a database +/* stores the provided information to a database */ -typedef int (*gnutls_tdb_store_func)(const char *db_name, - const char *host, - const char *service, - time_t expiration, - const gnutls_datum_t * pubkey); - -typedef int (*gnutls_tdb_store_commitment_func)(const char *db_name, - const char *host, - const char *service, - time_t expiration, - gnutls_digest_algorithm_t - hash_algo, - const gnutls_datum_t * hash); - - /* searches for the provided host/service pair that match the +typedef int (*gnutls_tdb_store_func)(const char *db_name, const char *host, + const char *service, time_t expiration, + const gnutls_datum_t *pubkey); + +typedef int (*gnutls_tdb_store_commitment_func)( + const char *db_name, const char *host, const char *service, + time_t expiration, gnutls_digest_algorithm_t hash_algo, + const gnutls_datum_t *hash); + +/* searches for the provided host/service pair that match the * provided public key in the database. */ -typedef int (*gnutls_tdb_verify_func)(const char *db_name, - const char *host, +typedef int (*gnutls_tdb_verify_func)(const char *db_name, const char *host, const char *service, - const gnutls_datum_t * pubkey); + const gnutls_datum_t *pubkey); struct gnutls_tdb_int; typedef struct gnutls_tdb_int *gnutls_tdb_t; -int gnutls_tdb_init(gnutls_tdb_t * tdb); +int gnutls_tdb_init(gnutls_tdb_t *tdb); void gnutls_tdb_set_store_func(gnutls_tdb_t tdb, gnutls_tdb_store_func store); -void gnutls_tdb_set_store_commitment_func(gnutls_tdb_t tdb, - gnutls_tdb_store_commitment_func - cstore); +void gnutls_tdb_set_store_commitment_func( + gnutls_tdb_t tdb, gnutls_tdb_store_commitment_func cstore); void gnutls_tdb_set_verify_func(gnutls_tdb_t tdb, gnutls_tdb_verify_func verify); void gnutls_tdb_deinit(gnutls_tdb_t tdb); -int gnutls_verify_stored_pubkey(const char *db_name, - gnutls_tdb_t tdb, - const char *host, - const char *service, +int gnutls_verify_stored_pubkey(const char *db_name, gnutls_tdb_t tdb, + const char *host, const char *service, gnutls_certificate_type_t cert_type, - const gnutls_datum_t * cert, - unsigned int flags); - -# define GNUTLS_SCOMMIT_FLAG_ALLOW_BROKEN 1 -int gnutls_store_commitment(const char *db_name, - gnutls_tdb_t tdb, - const char *host, - const char *service, + const gnutls_datum_t *cert, unsigned int flags); + +#define GNUTLS_SCOMMIT_FLAG_ALLOW_BROKEN 1 +int gnutls_store_commitment(const char *db_name, gnutls_tdb_t tdb, + const char *host, const char *service, gnutls_digest_algorithm_t hash_algo, - const gnutls_datum_t * hash, - time_t expiration, unsigned int flags); + const gnutls_datum_t *hash, time_t expiration, + unsigned int flags); -int gnutls_store_pubkey(const char *db_name, - gnutls_tdb_t tdb, - const char *host, +int gnutls_store_pubkey(const char *db_name, gnutls_tdb_t tdb, const char *host, const char *service, gnutls_certificate_type_t cert_type, - const gnutls_datum_t * cert, - time_t expiration, unsigned int flags); + const gnutls_datum_t *cert, time_t expiration, + unsigned int flags); - /* Other helper functions */ -int gnutls_load_file(const char *filename, gnutls_datum_t * data); +/* Other helper functions */ +int gnutls_load_file(const char *filename, gnutls_datum_t *data); unsigned gnutls_url_is_supported(const char *url); - /* PIN callback */ +/* PIN callback */ /** * gnutls_pin_flag_t: @@ -2970,12 +2873,12 @@ typedef enum { GNUTLS_PIN_WRONG = (1 << 5) } gnutls_pin_flag_t; -# define GNUTLS_PKCS11_PIN_USER GNUTLS_PIN_USER -# define GNUTLS_PKCS11_PIN_SO GNUTLS_PIN_SO -# define GNUTLS_PKCS11_PIN_FINAL_TRY GNUTLS_PIN_FINAL_TRY -# define GNUTLS_PKCS11_PIN_COUNT_LOW GNUTLS_PIN_COUNT_LOW -# define GNUTLS_PKCS11_PIN_CONTEXT_SPECIFIC GNUTLS_PIN_CONTEXT_SPECIFIC -# define GNUTLS_PKCS11_PIN_WRONG GNUTLS_PIN_WRONG +#define GNUTLS_PKCS11_PIN_USER GNUTLS_PIN_USER +#define GNUTLS_PKCS11_PIN_SO GNUTLS_PIN_SO +#define GNUTLS_PKCS11_PIN_FINAL_TRY GNUTLS_PIN_FINAL_TRY +#define GNUTLS_PKCS11_PIN_COUNT_LOW GNUTLS_PIN_COUNT_LOW +#define GNUTLS_PKCS11_PIN_CONTEXT_SPECIFIC GNUTLS_PIN_CONTEXT_SPECIFIC +#define GNUTLS_PKCS11_PIN_WRONG GNUTLS_PIN_WRONG /** * gnutls_pin_callback_t: @@ -3013,8 +2916,8 @@ typedef enum { typedef int (*gnutls_pin_callback_t)(void *userdata, int attempt, const char *token_url, const char *token_label, - unsigned int flags, - char *pin, size_t pin_max); + unsigned int flags, char *pin, + size_t pin_max); void gnutls_certificate_set_pin_function(gnutls_certificate_credentials_t, gnutls_pin_callback_t fn, @@ -3026,9 +2929,9 @@ typedef struct gnutls_buffer_st *gnutls_buffer_t; int gnutls_buffer_append_data(gnutls_buffer_t, const void *data, size_t data_size); -# define GNUTLS_UTF8_IGNORE_ERRS 1 +#define GNUTLS_UTF8_IGNORE_ERRS 1 int gnutls_utf8_password_normalize(const unsigned char *password, - unsigned password_len, gnutls_datum_t * out, + unsigned password_len, gnutls_datum_t *out, unsigned flags); /* Public extensions related functions */ @@ -3054,15 +2957,15 @@ typedef int (*gnutls_ext_pack_func)(gnutls_ext_priv_data_t data, gnutls_buffer_t packed_data); typedef int (*gnutls_ext_unpack_func)(gnutls_buffer_t packed_data, - gnutls_ext_priv_data_t * data); + gnutls_ext_priv_data_t *data); -# define GNUTLS_EXT_RAW_FLAG_TLS_CLIENT_HELLO 1 -# define GNUTLS_EXT_RAW_FLAG_DTLS_CLIENT_HELLO (1<<1) +#define GNUTLS_EXT_RAW_FLAG_TLS_CLIENT_HELLO 1 +#define GNUTLS_EXT_RAW_FLAG_DTLS_CLIENT_HELLO (1 << 1) typedef int (*gnutls_ext_raw_process_func)(void *ctx, unsigned tls_id, const unsigned char *data, unsigned data_size); int gnutls_ext_raw_parse(void *ctx, gnutls_ext_raw_process_func cb, - const gnutls_datum_t * data, unsigned int flags); + const gnutls_datum_t *data, unsigned int flags); /** * gnutls_ext_parse_type_t: @@ -3105,7 +3008,7 @@ typedef enum { GNUTLS_EXT_FLAG_CLIENT_HELLO = (1 << 1), GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO = (1 << 2), GNUTLS_EXT_FLAG_TLS13_SERVER_HELLO = (1 << 3), - GNUTLS_EXT_FLAG_EE = (1 << 4), /* ENCRYPTED */ + GNUTLS_EXT_FLAG_EE = (1 << 4), /* ENCRYPTED */ GNUTLS_EXT_FLAG_HRR = (1 << 5), GNUTLS_EXT_FLAG_IGNORE_CLIENT_REQUEST = (1 << 6), GNUTLS_EXT_FLAG_TLS = (1 << 7), @@ -3148,13 +3051,11 @@ int gnutls_supplemental_register(const char *name, gnutls_supp_recv_func supp_recv_func, gnutls_supp_send_func supp_send_func); -int gnutls_session_supplemental_register(gnutls_session_t session, - const char *name, - gnutls_supplemental_data_format_type_t - type, - gnutls_supp_recv_func supp_recv_func, - gnutls_supp_send_func supp_send_func, - unsigned int flags); +int gnutls_session_supplemental_register( + gnutls_session_t session, const char *name, + gnutls_supplemental_data_format_type_t type, + gnutls_supp_recv_func supp_recv_func, + gnutls_supp_send_func supp_send_func, unsigned int flags); void gnutls_supplemental_recv(gnutls_session_t session, unsigned do_recv_supplemental); @@ -3166,7 +3067,7 @@ void gnutls_supplemental_send(gnutls_session_t session, typedef struct gnutls_anti_replay_st *gnutls_anti_replay_t; -int gnutls_anti_replay_init(gnutls_anti_replay_t * anti_replay); +int gnutls_anti_replay_init(gnutls_anti_replay_t *anti_replay); void gnutls_anti_replay_deinit(gnutls_anti_replay_t anti_replay); void gnutls_anti_replay_set_window(gnutls_anti_replay_t anti_replay, unsigned int window); @@ -3174,8 +3075,8 @@ void gnutls_anti_replay_enable(gnutls_session_t session, gnutls_anti_replay_t anti_replay); typedef int (*gnutls_db_add_func)(void *, time_t exp_time, - const gnutls_datum_t * key, - const gnutls_datum_t * data); + const gnutls_datum_t *key, + const gnutls_datum_t *data); void gnutls_anti_replay_set_add_function(gnutls_anti_replay_t, gnutls_db_add_func add_func); @@ -3218,19 +3119,16 @@ typedef enum { * Since: 3.7.0 */ typedef int (*gnutls_handshake_read_func)(gnutls_session_t session, - gnutls_record_encryption_level_t - level, + gnutls_record_encryption_level_t level, gnutls_handshake_description_t htype, const void *data, size_t data_size); -void -gnutls_handshake_set_read_function(gnutls_session_t session, - gnutls_handshake_read_func func); +void gnutls_handshake_set_read_function(gnutls_session_t session, + gnutls_handshake_read_func func); -int -gnutls_handshake_write(gnutls_session_t session, - gnutls_record_encryption_level_t level, - const void *data, size_t data_size); +int gnutls_handshake_write(gnutls_session_t session, + gnutls_record_encryption_level_t level, + const void *data, size_t data_size); /** * gnutls_handshake_secret_func: @@ -3246,15 +3144,12 @@ gnutls_handshake_write(gnutls_session_t session, * Returns: Non zero on error. * Since: 3.7.0 */ -typedef int (*gnutls_handshake_secret_func)(gnutls_session_t session, - gnutls_record_encryption_level_t - level, const void *secret_read, - const void *secret_write, - size_t secret_size); +typedef int (*gnutls_handshake_secret_func)( + gnutls_session_t session, gnutls_record_encryption_level_t level, + const void *secret_read, const void *secret_write, size_t secret_size); -void -gnutls_handshake_set_secret_function(gnutls_session_t session, - gnutls_handshake_secret_func func); +void gnutls_handshake_set_secret_function(gnutls_session_t session, + gnutls_handshake_secret_func func); /** * gnutls_alert_read_func: @@ -3274,9 +3169,8 @@ typedef int (*gnutls_alert_read_func)(gnutls_session_t session, gnutls_alert_level_t alert_level, gnutls_alert_description_t alert_desc); -void -gnutls_alert_set_read_function(gnutls_session_t session, - gnutls_alert_read_func func); +void gnutls_alert_set_read_function(gnutls_session_t session, + gnutls_alert_read_func func); /* FIPS140-2 related functions */ unsigned gnutls_fips140_mode_enabled(void); @@ -3305,23 +3199,29 @@ typedef enum gnutls_fips_mode_t { GNUTLS_FIPS140_LOG = 4 } gnutls_fips_mode_t; -# define GNUTLS_FIPS140_SET_MODE_THREAD 1 +#define GNUTLS_FIPS140_SET_MODE_THREAD 1 void gnutls_fips140_set_mode(gnutls_fips_mode_t mode, unsigned flags); -# define GNUTLS_FIPS140_SET_LAX_MODE() do { \ - if (gnutls_fips140_mode_enabled()) \ - gnutls_fips140_set_mode(GNUTLS_FIPS140_LAX, GNUTLS_FIPS140_SET_MODE_THREAD); \ - } while(0) - -# define GNUTLS_FIPS140_SET_STRICT_MODE() do { \ - if (gnutls_fips140_mode_enabled()) \ - gnutls_fips140_set_mode(GNUTLS_FIPS140_STRICT, GNUTLS_FIPS140_SET_MODE_THREAD); \ - } while(0) +#define GNUTLS_FIPS140_SET_LAX_MODE() \ + do { \ + if (gnutls_fips140_mode_enabled()) \ + gnutls_fips140_set_mode( \ + GNUTLS_FIPS140_LAX, \ + GNUTLS_FIPS140_SET_MODE_THREAD); \ + } while (0) + +#define GNUTLS_FIPS140_SET_STRICT_MODE() \ + do { \ + if (gnutls_fips140_mode_enabled()) \ + gnutls_fips140_set_mode( \ + GNUTLS_FIPS140_STRICT, \ + GNUTLS_FIPS140_SET_MODE_THREAD); \ + } while (0) typedef struct gnutls_fips140_context_st *gnutls_fips140_context_t; -int gnutls_fips140_context_init(gnutls_fips140_context_t * context); +int gnutls_fips140_context_init(gnutls_fips140_context_t *context); void gnutls_fips140_context_deinit(gnutls_fips140_context_t context); /** @@ -3380,264 +3280,269 @@ typedef enum { gnutls_transport_ktls_enable_flags_t gnutls_transport_is_ktls_enabled(gnutls_session_t session); - /* Gnutls error codes. The mapping to a TLS alert is also shown in +/* Gnutls error codes. The mapping to a TLS alert is also shown in * comments. */ -# define GNUTLS_E_SUCCESS 0 -# define GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM -3 -# define GNUTLS_E_UNKNOWN_CIPHER_TYPE -6 -# define GNUTLS_E_LARGE_PACKET -7 -# define GNUTLS_E_UNSUPPORTED_VERSION_PACKET -8 /* GNUTLS_A_PROTOCOL_VERSION */ -# define GNUTLS_E_TLS_PACKET_DECODING_ERROR GNUTLS_E_UNEXPECTED_PACKET_LENGTH -# define GNUTLS_E_UNEXPECTED_PACKET_LENGTH -9 /* GNUTLS_A_DECODE_ERROR */ -# define GNUTLS_E_INVALID_SESSION -10 -# define GNUTLS_E_FATAL_ALERT_RECEIVED -12 -# define GNUTLS_E_UNEXPECTED_PACKET -15 /* GNUTLS_A_UNEXPECTED_MESSAGE */ -# define GNUTLS_E_WARNING_ALERT_RECEIVED -16 -# define GNUTLS_E_ERROR_IN_FINISHED_PACKET -18 -# define GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET -19 -# define GNUTLS_E_UNKNOWN_CIPHER_SUITE -21 - /* GNUTLS_A_HANDSHAKE_FAILURE */ -# define GNUTLS_E_UNWANTED_ALGORITHM -22 -# define GNUTLS_E_MPI_SCAN_FAILED -23 -# define GNUTLS_E_DECRYPTION_FAILED -24 /* GNUTLS_A_DECRYPTION_FAILED, GNUTLS_A_BAD_RECORD_MAC */ -# define GNUTLS_E_MEMORY_ERROR -25 -# define GNUTLS_E_DECOMPRESSION_FAILED -26 /* GNUTLS_A_DECOMPRESSION_FAILURE */ -# define GNUTLS_E_COMPRESSION_FAILED -27 -# define GNUTLS_E_AGAIN -28 -# define GNUTLS_E_EXPIRED -29 -# define GNUTLS_E_DB_ERROR -30 -# define GNUTLS_E_SRP_PWD_ERROR GNUTLS_E_KEYFILE_ERROR -# define GNUTLS_E_KEYFILE_ERROR -31 -# define GNUTLS_E_INSUFFICIENT_CREDENTIALS -32 -# define GNUTLS_E_INSUFICIENT_CREDENTIALS GNUTLS_E_INSUFFICIENT_CREDENTIALS /* for backwards compatibility only */ -# define GNUTLS_E_INSUFFICIENT_CRED GNUTLS_E_INSUFFICIENT_CREDENTIALS -# define GNUTLS_E_INSUFICIENT_CRED GNUTLS_E_INSUFFICIENT_CREDENTIALS /* for backwards compatibility only */ - -# define GNUTLS_E_HASH_FAILED -33 -# define GNUTLS_E_BASE64_DECODING_ERROR -34 - -# define GNUTLS_E_MPI_PRINT_FAILED -35 -# define GNUTLS_E_REHANDSHAKE -37 /* GNUTLS_A_NO_RENEGOTIATION */ -# define GNUTLS_E_GOT_APPLICATION_DATA -38 -# define GNUTLS_E_RECORD_LIMIT_REACHED -39 -# define GNUTLS_E_ENCRYPTION_FAILED -40 - -# define GNUTLS_E_PK_ENCRYPTION_FAILED -44 -# define GNUTLS_E_PK_DECRYPTION_FAILED -45 -# define GNUTLS_E_PK_SIGN_FAILED -46 -# define GNUTLS_E_X509_UNSUPPORTED_CRITICAL_EXTENSION -47 -# define GNUTLS_E_KEY_USAGE_VIOLATION -48 -# define GNUTLS_E_NO_CERTIFICATE_FOUND -49 /* GNUTLS_A_BAD_CERTIFICATE */ -# define GNUTLS_E_INVALID_REQUEST -50 -# define GNUTLS_E_SHORT_MEMORY_BUFFER -51 -# define GNUTLS_E_INTERRUPTED -52 -# define GNUTLS_E_PUSH_ERROR -53 -# define GNUTLS_E_PULL_ERROR -54 -# define GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER -55/* GNUTLS_A_ILLEGAL_PARAMETER */ -# define GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE -56 -# define GNUTLS_E_PKCS1_WRONG_PAD -57 -# define GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION -58 -# define GNUTLS_E_INTERNAL_ERROR -59 -# define GNUTLS_E_DH_PRIME_UNACCEPTABLE -63 -# define GNUTLS_E_FILE_ERROR -64 -# define GNUTLS_E_TOO_MANY_EMPTY_PACKETS -78 -# define GNUTLS_E_UNKNOWN_PK_ALGORITHM -80 -# define GNUTLS_E_TOO_MANY_HANDSHAKE_PACKETS -81 -# define GNUTLS_E_RECEIVED_DISALLOWED_NAME -82 /* GNUTLS_A_ILLEGAL_PARAMETER */ -# define GNUTLS_E_CERTIFICATE_REQUIRED -112 /* GNUTLS_A_CERTIFICATE_REQUIRED */ - - /* returned if you need to generate temporary RSA +#define GNUTLS_E_SUCCESS 0 +#define GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM -3 +#define GNUTLS_E_UNKNOWN_CIPHER_TYPE -6 +#define GNUTLS_E_LARGE_PACKET -7 +#define GNUTLS_E_UNSUPPORTED_VERSION_PACKET -8 /* GNUTLS_A_PROTOCOL_VERSION */ +#define GNUTLS_E_TLS_PACKET_DECODING_ERROR GNUTLS_E_UNEXPECTED_PACKET_LENGTH +#define GNUTLS_E_UNEXPECTED_PACKET_LENGTH -9 /* GNUTLS_A_DECODE_ERROR */ +#define GNUTLS_E_INVALID_SESSION -10 +#define GNUTLS_E_FATAL_ALERT_RECEIVED -12 +#define GNUTLS_E_UNEXPECTED_PACKET -15 /* GNUTLS_A_UNEXPECTED_MESSAGE */ +#define GNUTLS_E_WARNING_ALERT_RECEIVED -16 +#define GNUTLS_E_ERROR_IN_FINISHED_PACKET -18 +#define GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET -19 +#define GNUTLS_E_UNKNOWN_CIPHER_SUITE -21 +/* GNUTLS_A_HANDSHAKE_FAILURE */ +#define GNUTLS_E_UNWANTED_ALGORITHM -22 +#define GNUTLS_E_MPI_SCAN_FAILED -23 +#define GNUTLS_E_DECRYPTION_FAILED \ + -24 /* GNUTLS_A_DECRYPTION_FAILED, GNUTLS_A_BAD_RECORD_MAC */ +#define GNUTLS_E_MEMORY_ERROR -25 +#define GNUTLS_E_DECOMPRESSION_FAILED -26 /* GNUTLS_A_DECOMPRESSION_FAILURE */ +#define GNUTLS_E_COMPRESSION_FAILED -27 +#define GNUTLS_E_AGAIN -28 +#define GNUTLS_E_EXPIRED -29 +#define GNUTLS_E_DB_ERROR -30 +#define GNUTLS_E_SRP_PWD_ERROR GNUTLS_E_KEYFILE_ERROR +#define GNUTLS_E_KEYFILE_ERROR -31 +#define GNUTLS_E_INSUFFICIENT_CREDENTIALS -32 +#define GNUTLS_E_INSUFICIENT_CREDENTIALS \ + GNUTLS_E_INSUFFICIENT_CREDENTIALS /* for backwards compatibility only */ +#define GNUTLS_E_INSUFFICIENT_CRED GNUTLS_E_INSUFFICIENT_CREDENTIALS +#define GNUTLS_E_INSUFICIENT_CRED \ + GNUTLS_E_INSUFFICIENT_CREDENTIALS /* for backwards compatibility only */ + +#define GNUTLS_E_HASH_FAILED -33 +#define GNUTLS_E_BASE64_DECODING_ERROR -34 + +#define GNUTLS_E_MPI_PRINT_FAILED -35 +#define GNUTLS_E_REHANDSHAKE -37 /* GNUTLS_A_NO_RENEGOTIATION */ +#define GNUTLS_E_GOT_APPLICATION_DATA -38 +#define GNUTLS_E_RECORD_LIMIT_REACHED -39 +#define GNUTLS_E_ENCRYPTION_FAILED -40 + +#define GNUTLS_E_PK_ENCRYPTION_FAILED -44 +#define GNUTLS_E_PK_DECRYPTION_FAILED -45 +#define GNUTLS_E_PK_SIGN_FAILED -46 +#define GNUTLS_E_X509_UNSUPPORTED_CRITICAL_EXTENSION -47 +#define GNUTLS_E_KEY_USAGE_VIOLATION -48 +#define GNUTLS_E_NO_CERTIFICATE_FOUND -49 /* GNUTLS_A_BAD_CERTIFICATE */ +#define GNUTLS_E_INVALID_REQUEST -50 +#define GNUTLS_E_SHORT_MEMORY_BUFFER -51 +#define GNUTLS_E_INTERRUPTED -52 +#define GNUTLS_E_PUSH_ERROR -53 +#define GNUTLS_E_PULL_ERROR -54 +#define GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER -55 /* GNUTLS_A_ILLEGAL_PARAMETER */ +#define GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE -56 +#define GNUTLS_E_PKCS1_WRONG_PAD -57 +#define GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION -58 +#define GNUTLS_E_INTERNAL_ERROR -59 +#define GNUTLS_E_DH_PRIME_UNACCEPTABLE -63 +#define GNUTLS_E_FILE_ERROR -64 +#define GNUTLS_E_TOO_MANY_EMPTY_PACKETS -78 +#define GNUTLS_E_UNKNOWN_PK_ALGORITHM -80 +#define GNUTLS_E_TOO_MANY_HANDSHAKE_PACKETS -81 +#define GNUTLS_E_RECEIVED_DISALLOWED_NAME -82 /* GNUTLS_A_ILLEGAL_PARAMETER */ +#define GNUTLS_E_CERTIFICATE_REQUIRED -112 /* GNUTLS_A_CERTIFICATE_REQUIRED */ + +/* returned if you need to generate temporary RSA * parameters. These are needed for export cipher suites. */ -# define GNUTLS_E_NO_TEMPORARY_RSA_PARAMS -84 +#define GNUTLS_E_NO_TEMPORARY_RSA_PARAMS -84 -# define GNUTLS_E_NO_COMPRESSION_ALGORITHMS -86 -# define GNUTLS_E_NO_CIPHER_SUITES -87 +#define GNUTLS_E_NO_COMPRESSION_ALGORITHMS -86 +#define GNUTLS_E_NO_CIPHER_SUITES -87 -# define GNUTLS_E_OPENPGP_GETKEY_FAILED -88 -# define GNUTLS_E_PK_SIG_VERIFY_FAILED -89 +#define GNUTLS_E_OPENPGP_GETKEY_FAILED -88 +#define GNUTLS_E_PK_SIG_VERIFY_FAILED -89 -# define GNUTLS_E_ILLEGAL_SRP_USERNAME -90 -# define GNUTLS_E_SRP_PWD_PARSING_ERROR GNUTLS_E_KEYFILE_PARSING_ERROR -# define GNUTLS_E_KEYFILE_PARSING_ERROR -91 -# define GNUTLS_E_NO_TEMPORARY_DH_PARAMS -93 +#define GNUTLS_E_ILLEGAL_SRP_USERNAME -90 +#define GNUTLS_E_SRP_PWD_PARSING_ERROR GNUTLS_E_KEYFILE_PARSING_ERROR +#define GNUTLS_E_KEYFILE_PARSING_ERROR -91 +#define GNUTLS_E_NO_TEMPORARY_DH_PARAMS -93 - /* For certificate and key stuff +/* For certificate and key stuff */ -# define GNUTLS_E_ASN1_ELEMENT_NOT_FOUND -67 -# define GNUTLS_E_ASN1_IDENTIFIER_NOT_FOUND -68 -# define GNUTLS_E_ASN1_DER_ERROR -69 -# define GNUTLS_E_ASN1_VALUE_NOT_FOUND -70 -# define GNUTLS_E_ASN1_GENERIC_ERROR -71 -# define GNUTLS_E_ASN1_VALUE_NOT_VALID -72 -# define GNUTLS_E_ASN1_TAG_ERROR -73 -# define GNUTLS_E_ASN1_TAG_IMPLICIT -74 -# define GNUTLS_E_ASN1_TYPE_ANY_ERROR -75 -# define GNUTLS_E_ASN1_SYNTAX_ERROR -76 -# define GNUTLS_E_ASN1_DER_OVERFLOW -77 -# define GNUTLS_E_OPENPGP_UID_REVOKED -79 -# define GNUTLS_E_CERTIFICATE_ERROR -43 -# define GNUTLS_E_X509_CERTIFICATE_ERROR GNUTLS_E_CERTIFICATE_ERROR -# define GNUTLS_E_CERTIFICATE_KEY_MISMATCH -60 -# define GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE -61 /* GNUTLS_A_UNSUPPORTED_CERTIFICATE */ -# define GNUTLS_E_X509_UNKNOWN_SAN -62 -# define GNUTLS_E_OPENPGP_FINGERPRINT_UNSUPPORTED -94 -# define GNUTLS_E_X509_UNSUPPORTED_ATTRIBUTE -95 -# define GNUTLS_E_UNKNOWN_HASH_ALGORITHM -96 -# define GNUTLS_E_UNKNOWN_PKCS_CONTENT_TYPE -97 -# define GNUTLS_E_UNKNOWN_PKCS_BAG_TYPE -98 -# define GNUTLS_E_INVALID_PASSWORD -99 -# define GNUTLS_E_MAC_VERIFY_FAILED -100/* for PKCS #12 MAC */ -# define GNUTLS_E_CONSTRAINT_ERROR -101 - -# define GNUTLS_E_WARNING_IA_IPHF_RECEIVED -102 -# define GNUTLS_E_WARNING_IA_FPHF_RECEIVED -103 - -# define GNUTLS_E_IA_VERIFY_FAILED -104 -# define GNUTLS_E_UNKNOWN_ALGORITHM -105 -# define GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM -106 -# define GNUTLS_E_SAFE_RENEGOTIATION_FAILED -107 -# define GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED -108 -# define GNUTLS_E_UNKNOWN_SRP_USERNAME -109 -# define GNUTLS_E_PREMATURE_TERMINATION -110 - -# define GNUTLS_E_MALFORMED_CIDR -111 - -# define GNUTLS_E_BASE64_ENCODING_ERROR -201 -# define GNUTLS_E_INCOMPATIBLE_GCRYPT_LIBRARY -202 /* obsolete */ -# define GNUTLS_E_INCOMPATIBLE_CRYPTO_LIBRARY -202 -# define GNUTLS_E_INCOMPATIBLE_LIBTASN1_LIBRARY -203 - -# define GNUTLS_E_OPENPGP_KEYRING_ERROR -204 -# define GNUTLS_E_X509_UNSUPPORTED_OID -205 - -# define GNUTLS_E_RANDOM_FAILED -206 -# define GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR -207 - -# define GNUTLS_E_OPENPGP_SUBKEY_ERROR -208 - -# define GNUTLS_E_CRYPTO_ALREADY_REGISTERED GNUTLS_E_ALREADY_REGISTERED -# define GNUTLS_E_ALREADY_REGISTERED -209 - -# define GNUTLS_E_HANDSHAKE_TOO_LARGE -210 - -# define GNUTLS_E_CRYPTODEV_IOCTL_ERROR -211 -# define GNUTLS_E_CRYPTODEV_DEVICE_ERROR -212 - -# define GNUTLS_E_CHANNEL_BINDING_NOT_AVAILABLE -213 -# define GNUTLS_E_BAD_COOKIE -214 -# define GNUTLS_E_OPENPGP_PREFERRED_KEY_ERROR -215 -# define GNUTLS_E_INCOMPAT_DSA_KEY_WITH_TLS_PROTOCOL -216 -# define GNUTLS_E_INSUFFICIENT_SECURITY -217 - -# define GNUTLS_E_HEARTBEAT_PONG_RECEIVED -292 -# define GNUTLS_E_HEARTBEAT_PING_RECEIVED -293 - -# define GNUTLS_E_UNRECOGNIZED_NAME -294 +#define GNUTLS_E_ASN1_ELEMENT_NOT_FOUND -67 +#define GNUTLS_E_ASN1_IDENTIFIER_NOT_FOUND -68 +#define GNUTLS_E_ASN1_DER_ERROR -69 +#define GNUTLS_E_ASN1_VALUE_NOT_FOUND -70 +#define GNUTLS_E_ASN1_GENERIC_ERROR -71 +#define GNUTLS_E_ASN1_VALUE_NOT_VALID -72 +#define GNUTLS_E_ASN1_TAG_ERROR -73 +#define GNUTLS_E_ASN1_TAG_IMPLICIT -74 +#define GNUTLS_E_ASN1_TYPE_ANY_ERROR -75 +#define GNUTLS_E_ASN1_SYNTAX_ERROR -76 +#define GNUTLS_E_ASN1_DER_OVERFLOW -77 +#define GNUTLS_E_OPENPGP_UID_REVOKED -79 +#define GNUTLS_E_CERTIFICATE_ERROR -43 +#define GNUTLS_E_X509_CERTIFICATE_ERROR GNUTLS_E_CERTIFICATE_ERROR +#define GNUTLS_E_CERTIFICATE_KEY_MISMATCH -60 +#define GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE \ + -61 /* GNUTLS_A_UNSUPPORTED_CERTIFICATE */ +#define GNUTLS_E_X509_UNKNOWN_SAN -62 +#define GNUTLS_E_OPENPGP_FINGERPRINT_UNSUPPORTED -94 +#define GNUTLS_E_X509_UNSUPPORTED_ATTRIBUTE -95 +#define GNUTLS_E_UNKNOWN_HASH_ALGORITHM -96 +#define GNUTLS_E_UNKNOWN_PKCS_CONTENT_TYPE -97 +#define GNUTLS_E_UNKNOWN_PKCS_BAG_TYPE -98 +#define GNUTLS_E_INVALID_PASSWORD -99 +#define GNUTLS_E_MAC_VERIFY_FAILED -100 /* for PKCS #12 MAC */ +#define GNUTLS_E_CONSTRAINT_ERROR -101 + +#define GNUTLS_E_WARNING_IA_IPHF_RECEIVED -102 +#define GNUTLS_E_WARNING_IA_FPHF_RECEIVED -103 + +#define GNUTLS_E_IA_VERIFY_FAILED -104 +#define GNUTLS_E_UNKNOWN_ALGORITHM -105 +#define GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM -106 +#define GNUTLS_E_SAFE_RENEGOTIATION_FAILED -107 +#define GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED -108 +#define GNUTLS_E_UNKNOWN_SRP_USERNAME -109 +#define GNUTLS_E_PREMATURE_TERMINATION -110 + +#define GNUTLS_E_MALFORMED_CIDR -111 + +#define GNUTLS_E_BASE64_ENCODING_ERROR -201 +#define GNUTLS_E_INCOMPATIBLE_GCRYPT_LIBRARY -202 /* obsolete */ +#define GNUTLS_E_INCOMPATIBLE_CRYPTO_LIBRARY -202 +#define GNUTLS_E_INCOMPATIBLE_LIBTASN1_LIBRARY -203 + +#define GNUTLS_E_OPENPGP_KEYRING_ERROR -204 +#define GNUTLS_E_X509_UNSUPPORTED_OID -205 + +#define GNUTLS_E_RANDOM_FAILED -206 +#define GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR -207 + +#define GNUTLS_E_OPENPGP_SUBKEY_ERROR -208 + +#define GNUTLS_E_CRYPTO_ALREADY_REGISTERED GNUTLS_E_ALREADY_REGISTERED +#define GNUTLS_E_ALREADY_REGISTERED -209 + +#define GNUTLS_E_HANDSHAKE_TOO_LARGE -210 + +#define GNUTLS_E_CRYPTODEV_IOCTL_ERROR -211 +#define GNUTLS_E_CRYPTODEV_DEVICE_ERROR -212 + +#define GNUTLS_E_CHANNEL_BINDING_NOT_AVAILABLE -213 +#define GNUTLS_E_BAD_COOKIE -214 +#define GNUTLS_E_OPENPGP_PREFERRED_KEY_ERROR -215 +#define GNUTLS_E_INCOMPAT_DSA_KEY_WITH_TLS_PROTOCOL -216 +#define GNUTLS_E_INSUFFICIENT_SECURITY -217 + +#define GNUTLS_E_HEARTBEAT_PONG_RECEIVED -292 +#define GNUTLS_E_HEARTBEAT_PING_RECEIVED -293 + +#define GNUTLS_E_UNRECOGNIZED_NAME -294 /* PKCS11 related */ -# define GNUTLS_E_PKCS11_ERROR -300 -# define GNUTLS_E_PKCS11_LOAD_ERROR -301 -# define GNUTLS_E_PARSING_ERROR -302 -# define GNUTLS_E_PKCS11_PIN_ERROR -303 - -# define GNUTLS_E_PKCS11_SLOT_ERROR -305 -# define GNUTLS_E_LOCKING_ERROR -306 -# define GNUTLS_E_PKCS11_ATTRIBUTE_ERROR -307 -# define GNUTLS_E_PKCS11_DEVICE_ERROR -308 -# define GNUTLS_E_PKCS11_DATA_ERROR -309 -# define GNUTLS_E_PKCS11_UNSUPPORTED_FEATURE_ERROR -310 -# define GNUTLS_E_PKCS11_KEY_ERROR -311 -# define GNUTLS_E_PKCS11_PIN_EXPIRED -312 -# define GNUTLS_E_PKCS11_PIN_LOCKED -313 -# define GNUTLS_E_PKCS11_SESSION_ERROR -314 -# define GNUTLS_E_PKCS11_SIGNATURE_ERROR -315 -# define GNUTLS_E_PKCS11_TOKEN_ERROR -316 -# define GNUTLS_E_PKCS11_USER_ERROR -317 - -# define GNUTLS_E_CRYPTO_INIT_FAILED -318 -# define GNUTLS_E_TIMEDOUT -319 -# define GNUTLS_E_USER_ERROR -320 -# define GNUTLS_E_ECC_NO_SUPPORTED_CURVES -321 -# define GNUTLS_E_ECC_UNSUPPORTED_CURVE -322 -# define GNUTLS_E_PKCS11_REQUESTED_OBJECT_NOT_AVAILBLE -323 -# define GNUTLS_E_CERTIFICATE_LIST_UNSORTED -324 -# define GNUTLS_E_ILLEGAL_PARAMETER -325/* GNUTLS_A_ILLEGAL_PARAMETER */ -# define GNUTLS_E_NO_PRIORITIES_WERE_SET -326 -# define GNUTLS_E_X509_UNSUPPORTED_EXTENSION -327 -# define GNUTLS_E_SESSION_EOF -328 - -# define GNUTLS_E_TPM_ERROR -329 -# define GNUTLS_E_TPM_KEY_PASSWORD_ERROR -330 -# define GNUTLS_E_TPM_SRK_PASSWORD_ERROR -331 -# define GNUTLS_E_TPM_SESSION_ERROR -332 -# define GNUTLS_E_TPM_KEY_NOT_FOUND -333 -# define GNUTLS_E_TPM_UNINITIALIZED -334 -# define GNUTLS_E_TPM_NO_LIB -335 - -# define GNUTLS_E_NO_CERTIFICATE_STATUS -340 -# define GNUTLS_E_OCSP_RESPONSE_ERROR -341 -# define GNUTLS_E_RANDOM_DEVICE_ERROR -342 -# define GNUTLS_E_AUTH_ERROR -343 -# define GNUTLS_E_NO_APPLICATION_PROTOCOL -344 -# define GNUTLS_E_SOCKETS_INIT_ERROR -345 -# define GNUTLS_E_KEY_IMPORT_FAILED -346 -# define GNUTLS_E_INAPPROPRIATE_FALLBACK -347 /*GNUTLS_A_INAPPROPRIATE_FALLBACK */ -# define GNUTLS_E_CERTIFICATE_VERIFICATION_ERROR -348 -# define GNUTLS_E_PRIVKEY_VERIFICATION_ERROR -349 -# define GNUTLS_E_UNEXPECTED_EXTENSIONS_LENGTH -350 /*GNUTLS_A_DECODE_ERROR */ -# define GNUTLS_E_ASN1_EMBEDDED_NULL_IN_STRING -351 - -# define GNUTLS_E_SELF_TEST_ERROR -400 -# define GNUTLS_E_NO_SELF_TEST -401 -# define GNUTLS_E_LIB_IN_ERROR_STATE -402 -# define GNUTLS_E_PK_GENERATION_ERROR -403 -# define GNUTLS_E_IDNA_ERROR -404 - -# define GNUTLS_E_NEED_FALLBACK -405 -# define GNUTLS_E_SESSION_USER_ID_CHANGED -406 -# define GNUTLS_E_HANDSHAKE_DURING_FALSE_START -407 -# define GNUTLS_E_UNAVAILABLE_DURING_HANDSHAKE -408 -# define GNUTLS_E_PK_INVALID_PUBKEY -409 -# define GNUTLS_E_PK_INVALID_PRIVKEY -410 -# define GNUTLS_E_NOT_YET_ACTIVATED -411 -# define GNUTLS_E_INVALID_UTF8_STRING -412 -# define GNUTLS_E_NO_EMBEDDED_DATA -413 -# define GNUTLS_E_INVALID_UTF8_EMAIL -414 -# define GNUTLS_E_INVALID_PASSWORD_STRING -415 -# define GNUTLS_E_CERTIFICATE_TIME_ERROR -416 -# define GNUTLS_E_RECORD_OVERFLOW -417 /* GNUTLS_A_RECORD_OVERFLOW */ -# define GNUTLS_E_ASN1_TIME_ERROR -418 -# define GNUTLS_E_INCOMPATIBLE_SIG_WITH_KEY -419 -# define GNUTLS_E_PK_INVALID_PUBKEY_PARAMS -420 -# define GNUTLS_E_PK_NO_VALIDATION_PARAMS -421 -# define GNUTLS_E_OCSP_MISMATCH_WITH_CERTS -422 - -# define GNUTLS_E_NO_COMMON_KEY_SHARE -423 -# define GNUTLS_E_REAUTH_REQUEST -424 -# define GNUTLS_E_TOO_MANY_MATCHES -425 -# define GNUTLS_E_CRL_VERIFICATION_ERROR -426 -# define GNUTLS_E_MISSING_EXTENSION -427 -# define GNUTLS_E_DB_ENTRY_EXISTS -428 -# define GNUTLS_E_EARLY_DATA_REJECTED -429 -# define GNUTLS_E_X509_DUPLICATE_EXTENSION -430 - -# define GNUTLS_E_UNIMPLEMENTED_FEATURE -1250 +#define GNUTLS_E_PKCS11_ERROR -300 +#define GNUTLS_E_PKCS11_LOAD_ERROR -301 +#define GNUTLS_E_PARSING_ERROR -302 +#define GNUTLS_E_PKCS11_PIN_ERROR -303 + +#define GNUTLS_E_PKCS11_SLOT_ERROR -305 +#define GNUTLS_E_LOCKING_ERROR -306 +#define GNUTLS_E_PKCS11_ATTRIBUTE_ERROR -307 +#define GNUTLS_E_PKCS11_DEVICE_ERROR -308 +#define GNUTLS_E_PKCS11_DATA_ERROR -309 +#define GNUTLS_E_PKCS11_UNSUPPORTED_FEATURE_ERROR -310 +#define GNUTLS_E_PKCS11_KEY_ERROR -311 +#define GNUTLS_E_PKCS11_PIN_EXPIRED -312 +#define GNUTLS_E_PKCS11_PIN_LOCKED -313 +#define GNUTLS_E_PKCS11_SESSION_ERROR -314 +#define GNUTLS_E_PKCS11_SIGNATURE_ERROR -315 +#define GNUTLS_E_PKCS11_TOKEN_ERROR -316 +#define GNUTLS_E_PKCS11_USER_ERROR -317 + +#define GNUTLS_E_CRYPTO_INIT_FAILED -318 +#define GNUTLS_E_TIMEDOUT -319 +#define GNUTLS_E_USER_ERROR -320 +#define GNUTLS_E_ECC_NO_SUPPORTED_CURVES -321 +#define GNUTLS_E_ECC_UNSUPPORTED_CURVE -322 +#define GNUTLS_E_PKCS11_REQUESTED_OBJECT_NOT_AVAILBLE -323 +#define GNUTLS_E_CERTIFICATE_LIST_UNSORTED -324 +#define GNUTLS_E_ILLEGAL_PARAMETER -325 /* GNUTLS_A_ILLEGAL_PARAMETER */ +#define GNUTLS_E_NO_PRIORITIES_WERE_SET -326 +#define GNUTLS_E_X509_UNSUPPORTED_EXTENSION -327 +#define GNUTLS_E_SESSION_EOF -328 + +#define GNUTLS_E_TPM_ERROR -329 +#define GNUTLS_E_TPM_KEY_PASSWORD_ERROR -330 +#define GNUTLS_E_TPM_SRK_PASSWORD_ERROR -331 +#define GNUTLS_E_TPM_SESSION_ERROR -332 +#define GNUTLS_E_TPM_KEY_NOT_FOUND -333 +#define GNUTLS_E_TPM_UNINITIALIZED -334 +#define GNUTLS_E_TPM_NO_LIB -335 + +#define GNUTLS_E_NO_CERTIFICATE_STATUS -340 +#define GNUTLS_E_OCSP_RESPONSE_ERROR -341 +#define GNUTLS_E_RANDOM_DEVICE_ERROR -342 +#define GNUTLS_E_AUTH_ERROR -343 +#define GNUTLS_E_NO_APPLICATION_PROTOCOL -344 +#define GNUTLS_E_SOCKETS_INIT_ERROR -345 +#define GNUTLS_E_KEY_IMPORT_FAILED -346 +#define GNUTLS_E_INAPPROPRIATE_FALLBACK \ + -347 /*GNUTLS_A_INAPPROPRIATE_FALLBACK */ +#define GNUTLS_E_CERTIFICATE_VERIFICATION_ERROR -348 +#define GNUTLS_E_PRIVKEY_VERIFICATION_ERROR -349 +#define GNUTLS_E_UNEXPECTED_EXTENSIONS_LENGTH -350 /*GNUTLS_A_DECODE_ERROR */ +#define GNUTLS_E_ASN1_EMBEDDED_NULL_IN_STRING -351 + +#define GNUTLS_E_SELF_TEST_ERROR -400 +#define GNUTLS_E_NO_SELF_TEST -401 +#define GNUTLS_E_LIB_IN_ERROR_STATE -402 +#define GNUTLS_E_PK_GENERATION_ERROR -403 +#define GNUTLS_E_IDNA_ERROR -404 + +#define GNUTLS_E_NEED_FALLBACK -405 +#define GNUTLS_E_SESSION_USER_ID_CHANGED -406 +#define GNUTLS_E_HANDSHAKE_DURING_FALSE_START -407 +#define GNUTLS_E_UNAVAILABLE_DURING_HANDSHAKE -408 +#define GNUTLS_E_PK_INVALID_PUBKEY -409 +#define GNUTLS_E_PK_INVALID_PRIVKEY -410 +#define GNUTLS_E_NOT_YET_ACTIVATED -411 +#define GNUTLS_E_INVALID_UTF8_STRING -412 +#define GNUTLS_E_NO_EMBEDDED_DATA -413 +#define GNUTLS_E_INVALID_UTF8_EMAIL -414 +#define GNUTLS_E_INVALID_PASSWORD_STRING -415 +#define GNUTLS_E_CERTIFICATE_TIME_ERROR -416 +#define GNUTLS_E_RECORD_OVERFLOW -417 /* GNUTLS_A_RECORD_OVERFLOW */ +#define GNUTLS_E_ASN1_TIME_ERROR -418 +#define GNUTLS_E_INCOMPATIBLE_SIG_WITH_KEY -419 +#define GNUTLS_E_PK_INVALID_PUBKEY_PARAMS -420 +#define GNUTLS_E_PK_NO_VALIDATION_PARAMS -421 +#define GNUTLS_E_OCSP_MISMATCH_WITH_CERTS -422 + +#define GNUTLS_E_NO_COMMON_KEY_SHARE -423 +#define GNUTLS_E_REAUTH_REQUEST -424 +#define GNUTLS_E_TOO_MANY_MATCHES -425 +#define GNUTLS_E_CRL_VERIFICATION_ERROR -426 +#define GNUTLS_E_MISSING_EXTENSION -427 +#define GNUTLS_E_DB_ENTRY_EXISTS -428 +#define GNUTLS_E_EARLY_DATA_REJECTED -429 +#define GNUTLS_E_X509_DUPLICATE_EXTENSION -430 + +#define GNUTLS_E_UNIMPLEMENTED_FEATURE -1250 /* Internal errors of the library; will never be returned * to a calling application */ -# define GNUTLS_E_INT_RET_0 -1251 -# define GNUTLS_E_INT_CHECK_AGAIN -1252 +#define GNUTLS_E_INT_RET_0 -1251 +#define GNUTLS_E_INT_CHECK_AGAIN -1252 -# define GNUTLS_E_APPLICATION_ERROR_MAX -65000 -# define GNUTLS_E_APPLICATION_ERROR_MIN -65500 +#define GNUTLS_E_APPLICATION_ERROR_MAX -65000 +#define GNUTLS_E_APPLICATION_ERROR_MIN -65500 #ifdef __cplusplus } #endif -# include <gnutls/compat.h> +#include <gnutls/compat.h> -#endif /* GNUTLS_GNUTLS_H */ +#endif /* GNUTLS_GNUTLS_H */ diff --git a/lib/includes/gnutls/gnutlsxx.h b/lib/includes/gnutls/gnutlsxx.h index 5c50ad08c9..673cf532b2 100644 --- a/lib/includes/gnutls/gnutlsxx.h +++ b/lib/includes/gnutls/gnutlsxx.h @@ -21,1152 +21,1247 @@ */ #ifndef GNUTLS_GNUTLSXX_H -# define GNUTLS_GNUTLSXX_H - -# include <exception> -# include <vector> -# include <gnutls/gnutls.h> - -namespace gnutls { - - class noncopyable { - protected: - noncopyable() { - } - ~noncopyable() { - } - private: - /* These are non-implemented. - */ - noncopyable(const noncopyable &); - noncopyable & operator=(const noncopyable &); - }; - - class exception:public std::exception { - public: - explicit exception(int x); - const char *what() const throw(); - int get_code(); - protected: - int retcode; - }; - - class dh_params:private noncopyable { - public: - dh_params(); - ~dh_params(); - void import_raw(const gnutls_datum_t & prime, - const gnutls_datum_t & generator); - void import_pkcs3(const gnutls_datum_t & pkcs3_params, - gnutls_x509_crt_fmt_t format); - void generate(unsigned int bits); - - void export_pkcs3(gnutls_x509_crt_fmt_t format, - unsigned char *params_data, - size_t *params_data_size); - void export_raw(gnutls_datum_t & prime, - gnutls_datum_t & generator); - - gnutls_dh_params_t get_params_t() const; - dh_params & operator=(const dh_params & src); - protected: - gnutls_dh_params_t params; - }; - - class rsa_params:private noncopyable { - public: - rsa_params(); - ~rsa_params(); - void import_raw(const gnutls_datum_t & m, - const gnutls_datum_t & e, - const gnutls_datum_t & d, - const gnutls_datum_t & p, - const gnutls_datum_t & q, - const gnutls_datum_t & u); - void import_pkcs1(const gnutls_datum_t & pkcs1_params, - gnutls_x509_crt_fmt_t format); - void generate(unsigned int bits); - - void export_pkcs1(gnutls_x509_crt_fmt_t format, - unsigned char *params_data, - size_t *params_data_size); - void export_raw(gnutls_datum_t & m, gnutls_datum_t & e, - gnutls_datum_t & d, gnutls_datum_t & p, - gnutls_datum_t & q, gnutls_datum_t & u); - gnutls_rsa_params_t get_params_t() const; - rsa_params & operator=(const rsa_params & src); - - protected: - gnutls_rsa_params_t params; - }; - - class session:private noncopyable { - protected: - gnutls_session_t s; - public: - explicit session(unsigned int); - virtual ~ session(); - - gnutls_session_t ptr(); - int bye(gnutls_close_request_t how); - int handshake(); - - gnutls_alert_description_t get_alert() const; - - int send_alert(gnutls_alert_level_t level, - gnutls_alert_description_t desc); - int send_appropriate_alert(int err); - - gnutls_cipher_algorithm_t get_cipher() const; - gnutls_kx_algorithm_t get_kx() const; - gnutls_mac_algorithm_t get_mac() const; - gnutls_compression_method_t get_compression() const; - gnutls_certificate_type_t get_certificate_type() const; - - /* for the handshake - */ - void set_private_extensions(bool allow); +#define GNUTLS_GNUTLSXX_H - gnutls_handshake_description_t get_handshake_last_out() const; - gnutls_handshake_description_t get_handshake_last_in() const; +#include <exception> +#include <vector> +#include <gnutls/gnutls.h> - ssize_t send(const void *data, size_t sizeofdata); - ssize_t recv(void *data, size_t sizeofdata); +namespace gnutls +{ - bool get_record_direction() const; +class noncopyable { + protected: + noncopyable() + { + } + ~noncopyable() + { + } - /* maximum packet size + private: + /* These are non-implemented. + */ + noncopyable(const noncopyable &); + noncopyable &operator=(const noncopyable &); +}; + +class exception : public std::exception { + public: + explicit exception(int x); + const char *what() const throw(); + int get_code(); + + protected: + int retcode; +}; + +class dh_params : private noncopyable { + public: + dh_params(); + ~dh_params(); + void import_raw(const gnutls_datum_t &prime, + const gnutls_datum_t &generator); + void import_pkcs3(const gnutls_datum_t &pkcs3_params, + gnutls_x509_crt_fmt_t format); + void generate(unsigned int bits); + + void export_pkcs3(gnutls_x509_crt_fmt_t format, + unsigned char *params_data, size_t *params_data_size); + void export_raw(gnutls_datum_t &prime, gnutls_datum_t &generator); + + gnutls_dh_params_t get_params_t() const; + dh_params &operator=(const dh_params &src); + + protected: + gnutls_dh_params_t params; +}; + +class rsa_params : private noncopyable { + public: + rsa_params(); + ~rsa_params(); + void import_raw(const gnutls_datum_t &m, const gnutls_datum_t &e, + const gnutls_datum_t &d, const gnutls_datum_t &p, + const gnutls_datum_t &q, const gnutls_datum_t &u); + void import_pkcs1(const gnutls_datum_t &pkcs1_params, + gnutls_x509_crt_fmt_t format); + void generate(unsigned int bits); + + void export_pkcs1(gnutls_x509_crt_fmt_t format, + unsigned char *params_data, size_t *params_data_size); + void export_raw(gnutls_datum_t &m, gnutls_datum_t &e, gnutls_datum_t &d, + gnutls_datum_t &p, gnutls_datum_t &q, + gnutls_datum_t &u); + gnutls_rsa_params_t get_params_t() const; + rsa_params &operator=(const rsa_params &src); + + protected: + gnutls_rsa_params_t params; +}; + +class session : private noncopyable { + protected: + gnutls_session_t s; + + public: + explicit session(unsigned int); + virtual ~session(); + + gnutls_session_t ptr(); + int bye(gnutls_close_request_t how); + int handshake(); + + gnutls_alert_description_t get_alert() const; + + int send_alert(gnutls_alert_level_t level, + gnutls_alert_description_t desc); + int send_appropriate_alert(int err); + + gnutls_cipher_algorithm_t get_cipher() const; + gnutls_kx_algorithm_t get_kx() const; + gnutls_mac_algorithm_t get_mac() const; + gnutls_compression_method_t get_compression() const; + gnutls_certificate_type_t get_certificate_type() const; + + /* for the handshake */ - size_t get_max_size() const; - void set_max_size(size_t size); + void set_private_extensions(bool allow); - size_t check_pending() const; + gnutls_handshake_description_t get_handshake_last_out() const; + gnutls_handshake_description_t get_handshake_last_in() const; - void prf(size_t label_size, const char *label, - int server_random_first, - size_t extra_size, const char *extra, - size_t outsize, char *out); + ssize_t send(const void *data, size_t sizeofdata); + ssize_t recv(void *data, size_t sizeofdata); - void prf_raw(size_t label_size, const char *label, - size_t seed_size, const char *seed, - size_t outsize, char *out); + bool get_record_direction() const; - /* if you just want some defaults, use the following. + /* maximum packet size */ - void set_priority(const char *prio, const char **err_pos); - void set_priority(gnutls_priority_t p); + size_t get_max_size() const; + void set_max_size(size_t size); - gnutls_protocol_t get_protocol_version() const; + size_t check_pending() const; - /* for resuming sessions - */ - void set_data(const void *session_data, - size_t session_data_size); - void get_data(void *session_data, - size_t *session_data_size) const; - void get_data(gnutls_session_t session, - gnutls_datum_t & data) const; - void get_id(void *session_id, size_t *session_id_size) const; - - bool is_resumed() const; - - void set_max_handshake_packet_length(size_t max); - - void clear_credentials(); - void set_credentials(const class credentials & cred); - - void set_transport_ptr(gnutls_transport_ptr_t ptr); - void set_transport_ptr(gnutls_transport_ptr_t recv_ptr, - gnutls_transport_ptr_t send_ptr); - gnutls_transport_ptr_t get_transport_ptr() const; - void get_transport_ptr(gnutls_transport_ptr_t & recv_ptr, - gnutls_transport_ptr_t & send_ptr) const; - - void set_transport_lowat(size_t num); - void set_transport_push_function(gnutls_push_func push_func); - void set_transport_vec_push_function(gnutls_vec_push_func - vec_push_func); - void set_transport_pull_function(gnutls_pull_func pull_func); - void set_transport_pull_timeout_function - (gnutls_pull_timeout_func pull_timeout_func); - - void set_user_ptr(void *ptr); - void *get_user_ptr() const; - - void send_openpgp_cert(gnutls_openpgp_crt_status_t status); - - gnutls_credentials_type_t get_auth_type() const; - gnutls_credentials_type_t get_server_auth_type() const; - gnutls_credentials_type_t get_client_auth_type() const; - - /* informational stuff - */ - void set_dh_prime_bits(unsigned int bits); - unsigned int get_dh_secret_bits() const; - unsigned int get_dh_peers_public_bits() const; - unsigned int get_dh_prime_bits() const; - void get_dh_group(gnutls_datum_t & gen, - gnutls_datum_t & prime) const; - void get_dh_pubkey(gnutls_datum_t & raw_key) const; - void get_rsa_export_pubkey(gnutls_datum_t & exponent, - gnutls_datum_t & modulus) const; - unsigned int get_rsa_export_modulus_bits() const; - - void get_our_certificate(gnutls_datum_t & cert) const; - bool get_peers_certificate(std::vector < gnutls_datum_t > - &out_certs) const; - bool get_peers_certificate(const gnutls_datum_t ** certs, - unsigned int *certs_size) const; - - time_t get_peers_certificate_activation_time() const; - time_t get_peers_certificate_expiration_time() const; - void verify_peers_certificate(unsigned int &status) const; - }; + void prf(size_t label_size, const char *label, int server_random_first, + size_t extra_size, const char *extra, size_t outsize, + char *out); -/* interface for databases - */ - class DB:private noncopyable { - public: - virtual ~ DB() = 0; - virtual bool store(const gnutls_datum_t & key, - const gnutls_datum_t & data) = 0; - virtual bool retrieve(const gnutls_datum_t & key, - gnutls_datum_t & data) = 0; - virtual bool remove(const gnutls_datum_t & key) = 0; - }; - - class server_session:public session { - public: - server_session(); - explicit server_session(int flags); - ~server_session(); - void db_remove() const; - - void set_db_cache_expiration(unsigned int seconds); - void set_db(const DB & db); - - /* returns true if session is expired - */ - bool db_check_entry(const gnutls_datum_t & session_data) const; + void prf_raw(size_t label_size, const char *label, size_t seed_size, + const char *seed, size_t outsize, char *out); - /* server side only + /* if you just want some defaults, use the following. */ - const char *get_srp_username() const; - const char *get_psk_username() const; + void set_priority(const char *prio, const char **err_pos); + void set_priority(gnutls_priority_t p); - void get_server_name(void *data, size_t *data_length, - unsigned int *type, - unsigned int indx) const; - - int rehandshake(); - void set_certificate_request(gnutls_certificate_request_t); - }; - - class client_session:public session { - public: - client_session(); - explicit client_session(int flags); - ~client_session(); - - void set_verify_cert(const char *hostname, unsigned flags); - void set_server_name(gnutls_server_name_type_t type, - const void *name, size_t name_length); - - bool get_request_status(); - }; - - class credentials:private noncopyable { - public: - virtual ~ credentials() { - } gnutls_credentials_type_t get_type() const; - protected: - friend class session; - explicit credentials(gnutls_credentials_type_t t); - void *ptr() const; - void set_ptr(void *ptr); - gnutls_credentials_type_t type; - private: - void *cred; - }; - - class certificate_credentials:public credentials { - public: - ~certificate_credentials(); - certificate_credentials(); - - void free_keys(); - void free_cas(); - void free_ca_names(); - void free_crls(); - - void set_dh_params(const dh_params & params); - void set_rsa_export_params(const rsa_params & params); - void set_verify_flags(unsigned int flags); - void set_verify_limits(unsigned int max_bits, - unsigned int max_depth); - - void set_x509_trust_file(const char *cafile, - gnutls_x509_crt_fmt_t type); - void set_x509_trust(const gnutls_datum_t & CA, - gnutls_x509_crt_fmt_t type); - - void set_x509_trust(gnutls_x509_crt_t * ca_list, - int ca_list_size); - - void set_x509_crl_file(const char *crlfile, - gnutls_x509_crt_fmt_t type); - void set_x509_crl(const gnutls_datum_t & CRL, - gnutls_x509_crt_fmt_t type); - void set_x509_crl(gnutls_x509_crl_t * crl_list, - int crl_list_size); - - void set_x509_key_file(const char *certfile, - const char *KEYFILE, - gnutls_x509_crt_fmt_t type); - void set_x509_key(const gnutls_datum_t & CERT, - const gnutls_datum_t & KEY, - gnutls_x509_crt_fmt_t type); - - void set_x509_key(gnutls_x509_crt_t * cert_list, - int cert_list_size, - gnutls_x509_privkey_t key); - - void set_simple_pkcs12_file(const char *pkcs12file, - gnutls_x509_crt_fmt_t type, - const char *password); - - void set_retrieve_function(gnutls_certificate_retrieve_function - * func); - - protected: - gnutls_certificate_credentials_t cred; - }; - - class certificate_server_credentials:public certificate_credentials { - public: - void set_params_function(gnutls_params_function * func); - }; - - class certificate_client_credentials:public certificate_credentials { - public: - }; - - class anon_server_credentials:public credentials { - public: - anon_server_credentials(); - ~anon_server_credentials(); - void set_dh_params(const dh_params & params); - void set_params_function(gnutls_params_function * func); - protected: - gnutls_anon_server_credentials_t cred; - }; - - class anon_client_credentials:public credentials { - public: - anon_client_credentials(); - ~anon_client_credentials(); - protected: - gnutls_anon_client_credentials_t cred; - }; - - class srp_server_credentials:public credentials { - public: - srp_server_credentials(); - ~srp_server_credentials(); - void set_credentials_file(const char *password_file, - const char *password_conf_file); - void set_credentials_function - (gnutls_srp_server_credentials_function * func); - protected: - gnutls_srp_server_credentials_t cred; - }; - - class srp_client_credentials:public credentials { - public: - srp_client_credentials(); - ~srp_client_credentials(); - void set_credentials(const char *username, - const char *password); - void set_credentials_function - (gnutls_srp_client_credentials_function * func); - protected: - gnutls_srp_client_credentials_t cred; - }; - - class psk_server_credentials:public credentials { - public: - psk_server_credentials(); - ~psk_server_credentials(); - void set_credentials_file(const char *password_file); - void set_credentials_function - (gnutls_psk_server_credentials_function * func); - void set_dh_params(const dh_params & params); - void set_params_function(gnutls_params_function * func); - protected: - gnutls_psk_server_credentials_t cred; - }; - - class psk_client_credentials:public credentials { - public: - psk_client_credentials(); - ~psk_client_credentials(); - void set_credentials(const char *username, - const gnutls_datum_t & key, - gnutls_psk_key_flags flags); - void set_credentials_function - (gnutls_psk_client_credentials_function * func); - protected: - gnutls_psk_client_credentials_t cred; - }; + gnutls_protocol_t get_protocol_version() const; -/* By default, we provide the function definitions, which allows users - of the library to use the C++ header and link against the C - library. However, if GNUTLS_GNUTLSXX_NO_HEADERONLY is defined, then - the definitions are not necessary, as the user is expected to link - to the C++ library. (Which is provided for backwards-compatibility.) - - All applications using GnuTLS of version less than 3.8.0 use the - C++ library. Applications using GnuTLS 3.8.0 or above will use by - default the C library with the C++ "header-only" header, but they - still have the option to link to the C++ library instead if they - wish, and if so, they must also define - GNUTLS_GNUTLSXX_NO_HEADERONLY in their compilation step. - */ -# ifndef GNUTLS_GNUTLSXX_NO_HEADERONLY + /* for resuming sessions + */ + void set_data(const void *session_data, size_t session_data_size); + void get_data(void *session_data, size_t *session_data_size) const; + void get_data(gnutls_session_t session, gnutls_datum_t &data) const; + void get_id(void *session_id, size_t *session_id_size) const; - inline static int RETWRAP(int ret) { - if (ret < 0) - throw(exception(ret)); - return ret; - } + bool is_resumed() const; - session::session(unsigned int flags) { - RETWRAP(gnutls_init(&s, flags)); - } + void set_max_handshake_packet_length(size_t max); - session::~session() { - gnutls_deinit(s); - } + void clear_credentials(); + void set_credentials(const class credentials &cred); - gnutls_session_t session::ptr() { - return s; - } + void set_transport_ptr(gnutls_transport_ptr_t ptr); + void set_transport_ptr(gnutls_transport_ptr_t recv_ptr, + gnutls_transport_ptr_t send_ptr); + gnutls_transport_ptr_t get_transport_ptr() const; + void get_transport_ptr(gnutls_transport_ptr_t &recv_ptr, + gnutls_transport_ptr_t &send_ptr) const; - int session::bye(gnutls_close_request_t how) { - return RETWRAP(gnutls_bye(s, how)); - } + void set_transport_lowat(size_t num); + void set_transport_push_function(gnutls_push_func push_func); + void + set_transport_vec_push_function(gnutls_vec_push_func vec_push_func); + void set_transport_pull_function(gnutls_pull_func pull_func); + void set_transport_pull_timeout_function( + gnutls_pull_timeout_func pull_timeout_func); - int session::handshake() { - return RETWRAP(gnutls_handshake(s)); - } + void set_user_ptr(void *ptr); + void *get_user_ptr() const; - server_session::server_session():session(GNUTLS_SERVER) { - } + void send_openpgp_cert(gnutls_openpgp_crt_status_t status); - server_session::server_session(int flags):session(GNUTLS_SERVER | - (flags & - ~GNUTLS_CLIENT)) { - } + gnutls_credentials_type_t get_auth_type() const; + gnutls_credentials_type_t get_server_auth_type() const; + gnutls_credentials_type_t get_client_auth_type() const; - server_session::~server_session() { - } + /* informational stuff + */ + void set_dh_prime_bits(unsigned int bits); + unsigned int get_dh_secret_bits() const; + unsigned int get_dh_peers_public_bits() const; + unsigned int get_dh_prime_bits() const; + void get_dh_group(gnutls_datum_t &gen, gnutls_datum_t &prime) const; + void get_dh_pubkey(gnutls_datum_t &raw_key) const; + void get_rsa_export_pubkey(gnutls_datum_t &exponent, + gnutls_datum_t &modulus) const; + unsigned int get_rsa_export_modulus_bits() const; + + void get_our_certificate(gnutls_datum_t &cert) const; + bool + get_peers_certificate(std::vector<gnutls_datum_t> &out_certs) const; + bool get_peers_certificate(const gnutls_datum_t **certs, + unsigned int *certs_size) const; + + time_t get_peers_certificate_activation_time() const; + time_t get_peers_certificate_expiration_time() const; + void verify_peers_certificate(unsigned int &status) const; +}; - int server_session::rehandshake() { - return RETWRAP(gnutls_rehandshake(s)); - } +/* interface for databases + */ +class DB : private noncopyable { + public: + virtual ~DB() = 0; + virtual bool store(const gnutls_datum_t &key, + const gnutls_datum_t &data) = 0; + virtual bool retrieve(const gnutls_datum_t &key, + gnutls_datum_t &data) = 0; + virtual bool remove(const gnutls_datum_t &key) = 0; +}; + +class server_session : public session { + public: + server_session(); + explicit server_session(int flags); + ~server_session(); + void db_remove() const; + + void set_db_cache_expiration(unsigned int seconds); + void set_db(const DB &db); + + /* returns true if session is expired + */ + bool db_check_entry(const gnutls_datum_t &session_data) const; - gnutls_alert_description_t session::get_alert() const { - return gnutls_alert_get(s); - } - int session::send_alert(gnutls_alert_level_t level, - gnutls_alert_description_t desc) { - return RETWRAP(gnutls_alert_send(s, level, desc)); - } + /* server side only + */ + const char *get_srp_username() const; + const char *get_psk_username() const; - int session::send_appropriate_alert(int err) { - return RETWRAP(gnutls_alert_send_appropriate(s, err)); - } + void get_server_name(void *data, size_t *data_length, + unsigned int *type, unsigned int indx) const; - gnutls_cipher_algorithm_t session::get_cipher() const { - return gnutls_cipher_get(s); - } - gnutls_kx_algorithm_t session::get_kx() const { - return gnutls_kx_get(s); - } - gnutls_mac_algorithm_t session::get_mac() const { - return gnutls_mac_get(s); - } - gnutls_compression_method_t session::get_compression() const { - return gnutls_compression_get(s); - } - gnutls_certificate_type_t session::get_certificate_type() const { - return gnutls_certificate_type_get(s); - } - void session::set_private_extensions(bool allow) { - gnutls_handshake_set_private_extensions(s, (int)allow); - } + int rehandshake(); + void set_certificate_request(gnutls_certificate_request_t); +}; - gnutls_handshake_description_t session::get_handshake_last_out() const { - return gnutls_handshake_get_last_out(s); - } - gnutls_handshake_description_t session::get_handshake_last_in() const { - return gnutls_handshake_get_last_in(s); - } - ssize_t session::send(const void *data, size_t sizeofdata) { - return RETWRAP(gnutls_record_send(s, data, sizeofdata)); - } +class client_session : public session { + public: + client_session(); + explicit client_session(int flags); + ~client_session(); - ssize_t session::recv(void *data, size_t sizeofdata) { - return RETWRAP(gnutls_record_recv(s, data, sizeofdata)); - } + void set_verify_cert(const char *hostname, unsigned flags); + void set_server_name(gnutls_server_name_type_t type, const void *name, + size_t name_length); - bool session::get_record_direction() const { - return gnutls_record_get_direction(s); - } - /* maximum packet size - */ size_t session::get_max_size() const { - return gnutls_record_get_max_size(s); - } - void session::set_max_size(size_t size) { - RETWRAP(gnutls_record_set_max_size(s, size)); - } + bool get_request_status(); +}; - size_t session::check_pending() const { - return gnutls_record_check_pending(s); - } - void session::prf(size_t label_size, const char *label, - int server_random_first, - size_t extra_size, const char *extra, - size_t outsize, char *out) { - RETWRAP(gnutls_prf(s, label_size, label, server_random_first, - extra_size, extra, outsize, out)); +class credentials : private noncopyable { + public: + virtual ~credentials() + { } + gnutls_credentials_type_t get_type() const; + + protected: + friend class session; + explicit credentials(gnutls_credentials_type_t t); + void *ptr() const; + void set_ptr(void *ptr); + gnutls_credentials_type_t type; + + private: + void *cred; +}; + +class certificate_credentials : public credentials { + public: + ~certificate_credentials(); + certificate_credentials(); + + void free_keys(); + void free_cas(); + void free_ca_names(); + void free_crls(); + + void set_dh_params(const dh_params ¶ms); + void set_rsa_export_params(const rsa_params ¶ms); + void set_verify_flags(unsigned int flags); + void set_verify_limits(unsigned int max_bits, unsigned int max_depth); + + void set_x509_trust_file(const char *cafile, + gnutls_x509_crt_fmt_t type); + void set_x509_trust(const gnutls_datum_t &CA, + gnutls_x509_crt_fmt_t type); + + void set_x509_trust(gnutls_x509_crt_t *ca_list, int ca_list_size); + + void set_x509_crl_file(const char *crlfile, gnutls_x509_crt_fmt_t type); + void set_x509_crl(const gnutls_datum_t &CRL, + gnutls_x509_crt_fmt_t type); + void set_x509_crl(gnutls_x509_crl_t *crl_list, int crl_list_size); + + void set_x509_key_file(const char *certfile, const char *KEYFILE, + gnutls_x509_crt_fmt_t type); + void set_x509_key(const gnutls_datum_t &CERT, const gnutls_datum_t &KEY, + gnutls_x509_crt_fmt_t type); + + void set_x509_key(gnutls_x509_crt_t *cert_list, int cert_list_size, + gnutls_x509_privkey_t key); + + void set_simple_pkcs12_file(const char *pkcs12file, + gnutls_x509_crt_fmt_t type, + const char *password); + + void set_retrieve_function(gnutls_certificate_retrieve_function *func); + + protected: + gnutls_certificate_credentials_t cred; +}; + +class certificate_server_credentials : public certificate_credentials { + public: + void set_params_function(gnutls_params_function *func); +}; + +class certificate_client_credentials : public certificate_credentials { + public: +}; + +class anon_server_credentials : public credentials { + public: + anon_server_credentials(); + ~anon_server_credentials(); + void set_dh_params(const dh_params ¶ms); + void set_params_function(gnutls_params_function *func); + + protected: + gnutls_anon_server_credentials_t cred; +}; + +class anon_client_credentials : public credentials { + public: + anon_client_credentials(); + ~anon_client_credentials(); + + protected: + gnutls_anon_client_credentials_t cred; +}; + +class srp_server_credentials : public credentials { + public: + srp_server_credentials(); + ~srp_server_credentials(); + void set_credentials_file(const char *password_file, + const char *password_conf_file); + void + set_credentials_function(gnutls_srp_server_credentials_function *func); + + protected: + gnutls_srp_server_credentials_t cred; +}; + +class srp_client_credentials : public credentials { + public: + srp_client_credentials(); + ~srp_client_credentials(); + void set_credentials(const char *username, const char *password); + void + set_credentials_function(gnutls_srp_client_credentials_function *func); + + protected: + gnutls_srp_client_credentials_t cred; +}; + +class psk_server_credentials : public credentials { + public: + psk_server_credentials(); + ~psk_server_credentials(); + void set_credentials_file(const char *password_file); + void + set_credentials_function(gnutls_psk_server_credentials_function *func); + void set_dh_params(const dh_params ¶ms); + void set_params_function(gnutls_params_function *func); + + protected: + gnutls_psk_server_credentials_t cred; +}; + +class psk_client_credentials : public credentials { + public: + psk_client_credentials(); + ~psk_client_credentials(); + void set_credentials(const char *username, const gnutls_datum_t &key, + gnutls_psk_key_flags flags); + void + set_credentials_function(gnutls_psk_client_credentials_function *func); + + protected: + gnutls_psk_client_credentials_t cred; +}; - void session::prf_raw(size_t label_size, const char *label, - size_t seed_size, const char *seed, - size_t outsize, char *out) { - RETWRAP(gnutls_prf_raw - (s, label_size, label, seed_size, seed, outsize, out)); - } +/* By default, we provide the function definitions, which allows users + of the library to use the C++ header and link against the C + library. However, if GNUTLS_GNUTLSXX_NO_HEADERONLY is defined, then + the definitions are not necessary, as the user is expected to link + to the C++ library. (Which is provided for backwards-compatibility.) - /* if you just want some defaults, use the following. + All applications using GnuTLS of version less than 3.8.0 use the + C++ library. Applications using GnuTLS 3.8.0 or above will use by + default the C library with the C++ "header-only" header, but they + still have the option to link to the C++ library instead if they + wish, and if so, they must also define + GNUTLS_GNUTLSXX_NO_HEADERONLY in their compilation step. + */ +#ifndef GNUTLS_GNUTLSXX_NO_HEADERONLY + +inline static int RETWRAP(int ret) +{ + if (ret < 0) + throw(exception(ret)); + return ret; +} + +session::session(unsigned int flags) +{ + RETWRAP(gnutls_init(&s, flags)); +} + +session::~session() +{ + gnutls_deinit(s); +} + +gnutls_session_t session::ptr() +{ + return s; +} + +int session::bye(gnutls_close_request_t how) +{ + return RETWRAP(gnutls_bye(s, how)); +} + +int session::handshake() +{ + return RETWRAP(gnutls_handshake(s)); +} + +server_session::server_session() + : session(GNUTLS_SERVER) +{ +} + +server_session::server_session(int flags) + : session(GNUTLS_SERVER | (flags & ~GNUTLS_CLIENT)) +{ +} + +server_session::~server_session() +{ +} + +int server_session::rehandshake() +{ + return RETWRAP(gnutls_rehandshake(s)); +} + +gnutls_alert_description_t session::get_alert() const +{ + return gnutls_alert_get(s); +} +int session::send_alert(gnutls_alert_level_t level, + gnutls_alert_description_t desc) +{ + return RETWRAP(gnutls_alert_send(s, level, desc)); +} + +int session::send_appropriate_alert(int err) +{ + return RETWRAP(gnutls_alert_send_appropriate(s, err)); +} + +gnutls_cipher_algorithm_t session::get_cipher() const +{ + return gnutls_cipher_get(s); +} +gnutls_kx_algorithm_t session::get_kx() const +{ + return gnutls_kx_get(s); +} +gnutls_mac_algorithm_t session::get_mac() const +{ + return gnutls_mac_get(s); +} +gnutls_compression_method_t session::get_compression() const +{ + return gnutls_compression_get(s); +} +gnutls_certificate_type_t session::get_certificate_type() const +{ + return gnutls_certificate_type_get(s); +} +void session::set_private_extensions(bool allow) +{ + gnutls_handshake_set_private_extensions(s, (int)allow); +} + +gnutls_handshake_description_t session::get_handshake_last_out() const +{ + return gnutls_handshake_get_last_out(s); +} +gnutls_handshake_description_t session::get_handshake_last_in() const +{ + return gnutls_handshake_get_last_in(s); +} +ssize_t session::send(const void *data, size_t sizeofdata) +{ + return RETWRAP(gnutls_record_send(s, data, sizeofdata)); +} + +ssize_t session::recv(void *data, size_t sizeofdata) +{ + return RETWRAP(gnutls_record_recv(s, data, sizeofdata)); +} + +bool session::get_record_direction() const +{ + return gnutls_record_get_direction(s); +} +/* maximum packet size */ - void session::set_priority(const char *prio, const char **err_pos) { - RETWRAP(gnutls_priority_set_direct(s, prio, err_pos)); - } - - void session::set_priority(gnutls_priority_t p) { - RETWRAP(gnutls_priority_set(s, p)); - } - - gnutls_protocol_t session::get_protocol_version() const { - return gnutls_protocol_get_version(s); - } - void session::set_data(const void *session_data, - size_t session_data_size) { - RETWRAP(gnutls_session_set_data - (s, session_data, session_data_size)); - } - - void session::get_data(void *session_data, size_t *session_data_size) const { - RETWRAP(gnutls_session_get_data - (s, session_data, session_data_size)); - } void session::get_data(gnutls_session_t session, - gnutls_datum_t & data) const { - RETWRAP(gnutls_session_get_data2(s, &data)); - - } void session::get_id(void *session_id, size_t *session_id_size) const { - RETWRAP(gnutls_session_get_id(s, session_id, session_id_size)); - } bool session::is_resumed() const { - int ret = gnutls_session_is_resumed(s); - - return (ret != 0); - } - bool session::get_peers_certificate(std::vector < gnutls_datum_t > - &out_certs) const { - const gnutls_datum_t *certs; - unsigned int certs_size; - - certs = gnutls_certificate_get_peers(s, &certs_size); - - if (certs == NULL) - return false; - - for (unsigned int i = 0; i < certs_size; i++) - out_certs.push_back(certs[i]); - - return true; - } - bool session::get_peers_certificate(const gnutls_datum_t ** certs, - unsigned int *certs_size) const { - *certs = gnutls_certificate_get_peers(s, certs_size); - - if (*certs == NULL) - return false; - return true; - } - void session::get_our_certificate(gnutls_datum_t & cert) const { - const gnutls_datum_t *d; - - d = gnutls_certificate_get_ours(s); - if (d == NULL) - throw(exception(GNUTLS_E_INVALID_REQUEST)); - - cert = *d; - } - time_t session::get_peers_certificate_activation_time() const { - return gnutls_certificate_activation_time_peers(s); - } - time_t session::get_peers_certificate_expiration_time() const { - return gnutls_certificate_expiration_time_peers(s); - } - void session::verify_peers_certificate(unsigned int &status) const { - RETWRAP(gnutls_certificate_verify_peers2(s, &status)); - } client_session::client_session():session(GNUTLS_CLIENT) { - } - - client_session::client_session(int flags):session(GNUTLS_CLIENT | - (flags & - ~GNUTLS_SERVER)) { - } - - client_session::~client_session() { - } +size_t session::get_max_size() const +{ + return gnutls_record_get_max_size(s); +} +void session::set_max_size(size_t size) +{ + RETWRAP(gnutls_record_set_max_size(s, size)); +} + +size_t session::check_pending() const +{ + return gnutls_record_check_pending(s); +} +void session::prf(size_t label_size, const char *label, int server_random_first, + size_t extra_size, const char *extra, size_t outsize, + char *out) +{ + RETWRAP(gnutls_prf(s, label_size, label, server_random_first, + extra_size, extra, outsize, out)); +} + +void session::prf_raw(size_t label_size, const char *label, size_t seed_size, + const char *seed, size_t outsize, char *out) +{ + RETWRAP(gnutls_prf_raw(s, label_size, label, seed_size, seed, outsize, + out)); +} + +/* if you just want some defaults, use the following. + */ +void session::set_priority(const char *prio, const char **err_pos) +{ + RETWRAP(gnutls_priority_set_direct(s, prio, err_pos)); +} + +void session::set_priority(gnutls_priority_t p) +{ + RETWRAP(gnutls_priority_set(s, p)); +} + +gnutls_protocol_t session::get_protocol_version() const +{ + return gnutls_protocol_get_version(s); +} +void session::set_data(const void *session_data, size_t session_data_size) +{ + RETWRAP(gnutls_session_set_data(s, session_data, session_data_size)); +} + +void session::get_data(void *session_data, size_t *session_data_size) const +{ + RETWRAP(gnutls_session_get_data(s, session_data, session_data_size)); +} +void session::get_data(gnutls_session_t session, gnutls_datum_t &data) const +{ + RETWRAP(gnutls_session_get_data2(s, &data)); +} +void session::get_id(void *session_id, size_t *session_id_size) const +{ + RETWRAP(gnutls_session_get_id(s, session_id, session_id_size)); +} +bool session::is_resumed() const +{ + int ret = gnutls_session_is_resumed(s); + + return (ret != 0); +} +bool session::get_peers_certificate(std::vector<gnutls_datum_t> &out_certs) const +{ + const gnutls_datum_t *certs; + unsigned int certs_size; + + certs = gnutls_certificate_get_peers(s, &certs_size); + + if (certs == NULL) + return false; + + for (unsigned int i = 0; i < certs_size; i++) + out_certs.push_back(certs[i]); + + return true; +} +bool session::get_peers_certificate(const gnutls_datum_t **certs, + unsigned int *certs_size) const +{ + *certs = gnutls_certificate_get_peers(s, certs_size); + + if (*certs == NULL) + return false; + return true; +} +void session::get_our_certificate(gnutls_datum_t &cert) const +{ + const gnutls_datum_t *d; + + d = gnutls_certificate_get_ours(s); + if (d == NULL) + throw(exception(GNUTLS_E_INVALID_REQUEST)); + + cert = *d; +} +time_t session::get_peers_certificate_activation_time() const +{ + return gnutls_certificate_activation_time_peers(s); +} +time_t session::get_peers_certificate_expiration_time() const +{ + return gnutls_certificate_expiration_time_peers(s); +} +void session::verify_peers_certificate(unsigned int &status) const +{ + RETWRAP(gnutls_certificate_verify_peers2(s, &status)); +} +client_session::client_session() + : session(GNUTLS_CLIENT) +{ +} + +client_session::client_session(int flags) + : session(GNUTLS_CLIENT | (flags & ~GNUTLS_SERVER)) +{ +} + +client_session::~client_session() +{ +} // client session - void client_session::set_verify_cert(const char *hostname, - unsigned flags) { - gnutls_session_set_verify_cert(s, hostname, flags); - } - - void client_session::set_server_name(gnutls_server_name_type_t type, - const void *name, - size_t name_length) { - RETWRAP(gnutls_server_name_set(s, type, name, name_length)); - } - - bool client_session::get_request_status() { - return RETWRAP(gnutls_certificate_client_get_request_status(s)); - } +void client_session::set_verify_cert(const char *hostname, unsigned flags) +{ + gnutls_session_set_verify_cert(s, hostname, flags); +} + +void client_session::set_server_name(gnutls_server_name_type_t type, + const void *name, size_t name_length) +{ + RETWRAP(gnutls_server_name_set(s, type, name, name_length)); +} + +bool client_session::get_request_status() +{ + return RETWRAP(gnutls_certificate_client_get_request_status(s)); +} // server_session - void server_session::get_server_name(void *data, size_t *data_length, - unsigned int *type, - unsigned int indx) const { - RETWRAP(gnutls_server_name_get - (s, data, data_length, type, indx)); - } +void server_session::get_server_name(void *data, size_t *data_length, + unsigned int *type, + unsigned int indx) const +{ + RETWRAP(gnutls_server_name_get(s, data, data_length, type, indx)); +} // internal DB stuff - static int store_function(void *_db, gnutls_datum_t key, - gnutls_datum_t data) { - try { - DB *db = static_cast < DB * >(_db); - - if (db->store(key, data) == false) - return -1; - } - catch( ...) { - return -1; - } - - return 0; - } +static int store_function(void *_db, gnutls_datum_t key, gnutls_datum_t data) +{ + try { + DB *db = static_cast<DB *>(_db); - const static gnutls_datum_t null_datum = { NULL, 0 }; - - static gnutls_datum_t retrieve_function(void *_db, gnutls_datum_t key) { - gnutls_datum_t data; - - try { - DB *db = static_cast < DB * >(_db); - - if (db->retrieve(key, data) == false) - return null_datum; - - } - catch( ...) { - return null_datum; - } - - return data; - } - - static int remove_function(void *_db, gnutls_datum_t key) { - try { - DB *db = static_cast < DB * >(_db); - - if (db->remove(key) == false) - return -1; - } - catch( ...) { + if (db->store(key, data) == false) return -1; - } - - return 0; - } - - void server_session::set_db(const DB & db) { - gnutls_db_set_ptr(s, const_cast < DB * >(&db)); - gnutls_db_set_store_function(s, store_function); - gnutls_db_set_retrieve_function(s, retrieve_function); - gnutls_db_set_remove_function(s, remove_function); - } - - void server_session::set_db_cache_expiration(unsigned int seconds) { - gnutls_db_set_cache_expiration(s, seconds); - } - - void server_session::db_remove() const { - gnutls_db_remove_session(s); - } bool server_session:: - db_check_entry(const gnutls_datum_t & session_data) const { - int ret = gnutls_db_check_entry(s, session_data); - - if (ret != 0) - return true; - return false; - } - void session::set_max_handshake_packet_length(size_t max) { - gnutls_handshake_set_max_packet_length(s, max); - } - - void session::clear_credentials() { - gnutls_credentials_clear(s); - } - - void session::set_credentials(const credentials & cred) { - RETWRAP(gnutls_credentials_set(s, cred.get_type(), cred.ptr())); - } - - const char *server_session::get_srp_username() const { - return gnutls_srp_server_get_username(s); - } - const char *server_session::get_psk_username() const { - return gnutls_psk_server_get_username(s); - } - void session::set_transport_ptr(gnutls_transport_ptr_t ptr) { - gnutls_transport_set_ptr(s, ptr); - } - - void session::set_transport_ptr(gnutls_transport_ptr_t recv_ptr, - gnutls_transport_ptr_t send_ptr) { - gnutls_transport_set_ptr2(s, recv_ptr, send_ptr); - } - - gnutls_transport_ptr_t session::get_transport_ptr() const { - return gnutls_transport_get_ptr(s); - } - void session::get_transport_ptr(gnutls_transport_ptr_t & recv_ptr, - gnutls_transport_ptr_t & send_ptr) - const { - gnutls_transport_get_ptr2(s, &recv_ptr, &send_ptr); - } void session::set_transport_lowat(size_t num) { - throw(exception(GNUTLS_E_UNIMPLEMENTED_FEATURE)); - } - - void session::set_transport_push_function(gnutls_push_func push_func) { - gnutls_transport_set_push_function(s, push_func); - } - - void session:: - set_transport_vec_push_function(gnutls_vec_push_func vec_push_func) - { - gnutls_transport_set_vec_push_function(s, vec_push_func); - } - - void session::set_transport_pull_function(gnutls_pull_func pull_func) { - gnutls_transport_set_pull_function(s, pull_func); - } - - void session:: - set_transport_pull_timeout_function(gnutls_pull_timeout_func - pull_timeout_func) { - gnutls_transport_set_pull_timeout_function(s, - pull_timeout_func); - } - - void session::set_user_ptr(void *ptr) { - gnutls_session_set_ptr(s, ptr); - } - - void *session::get_user_ptr() const { - return gnutls_session_get_ptr(s); - } - void session::send_openpgp_cert(gnutls_openpgp_crt_status_t status) { - gnutls_openpgp_send_cert(s, status); - } - - void session::set_dh_prime_bits(unsigned int bits) { - gnutls_dh_set_prime_bits(s, bits); - } - - unsigned int session::get_dh_secret_bits() const { - return RETWRAP(gnutls_dh_get_secret_bits(s)); - } - unsigned int session::get_dh_peers_public_bits() const { - return RETWRAP(gnutls_dh_get_peers_public_bits(s)); - } - unsigned int session::get_dh_prime_bits() const { - return RETWRAP(gnutls_dh_get_prime_bits(s)); - } - void session::get_dh_group(gnutls_datum_t & gen, gnutls_datum_t & prime) const { - RETWRAP(gnutls_dh_get_group(s, &gen, &prime)); - } void session::get_dh_pubkey(gnutls_datum_t & raw_key) const { - RETWRAP(gnutls_dh_get_pubkey(s, &raw_key)); - } void server_session:: - set_certificate_request(gnutls_certificate_request_t req) { - gnutls_certificate_server_set_request(s, req); - } - - gnutls_credentials_type_t session::get_auth_type() const { - return gnutls_auth_get_type(s); - } - gnutls_credentials_type_t session::get_server_auth_type() const { - return gnutls_auth_server_get_type(s); - } - gnutls_credentials_type_t session::get_client_auth_type() const { - return gnutls_auth_client_get_type(s); - } - certificate_credentials::~certificate_credentials() { - gnutls_certificate_free_credentials(cred); - } - - certificate_credentials::certificate_credentials():credentials - (GNUTLS_CRD_CERTIFICATE) - { - RETWRAP(gnutls_certificate_allocate_credentials(&cred)); - set_ptr(cred); - } - - void certificate_server_credentials:: - set_params_function(gnutls_params_function * func) { - gnutls_certificate_set_params_function(cred, func); - } - - anon_server_credentials::anon_server_credentials():credentials - (GNUTLS_CRD_ANON) - { - RETWRAP(gnutls_anon_allocate_server_credentials(&cred)); - set_ptr(cred); - } - - anon_server_credentials::~anon_server_credentials() { - gnutls_anon_free_server_credentials(cred); - } - - void anon_server_credentials::set_dh_params(const dh_params & params) { - gnutls_anon_set_server_dh_params(cred, params.get_params_t()); + } catch (...) { + return -1; } - void anon_server_credentials:: - set_params_function(gnutls_params_function * func) { - gnutls_anon_set_server_params_function(cred, func); - } - - anon_client_credentials::anon_client_credentials():credentials - (GNUTLS_CRD_ANON) - { - RETWRAP(gnutls_anon_allocate_client_credentials(&cred)); - set_ptr(cred); - } - - anon_client_credentials::~anon_client_credentials() { - gnutls_anon_free_client_credentials(cred); - } + return 0; +} - void certificate_credentials::free_keys() { - gnutls_certificate_free_keys(cred); - } +const static gnutls_datum_t null_datum = { NULL, 0 }; - void certificate_credentials::free_cas() { - gnutls_certificate_free_cas(cred); - } +static gnutls_datum_t retrieve_function(void *_db, gnutls_datum_t key) +{ + gnutls_datum_t data; - void certificate_credentials::free_ca_names() { - gnutls_certificate_free_ca_names(cred); - } + try { + DB *db = static_cast<DB *>(_db); - void certificate_credentials::free_crls() { - gnutls_certificate_free_crls(cred); - } - - void certificate_credentials::set_dh_params(const dh_params & params) { - gnutls_certificate_set_dh_params(cred, params.get_params_t()); - } - - void certificate_credentials::set_verify_flags(unsigned int flags) { - gnutls_certificate_set_verify_flags(cred, flags); - } - - void certificate_credentials::set_verify_limits(unsigned int max_bits, - unsigned int max_depth) - { - gnutls_certificate_set_verify_limits(cred, max_bits, max_depth); - } - - void certificate_credentials::set_x509_trust_file(const char *cafile, - gnutls_x509_crt_fmt_t - type) { - RETWRAP(gnutls_certificate_set_x509_trust_file - (cred, cafile, type)); - } - - void certificate_credentials::set_x509_trust(const gnutls_datum_t & CA, - gnutls_x509_crt_fmt_t type) - { - RETWRAP(gnutls_certificate_set_x509_trust_mem(cred, &CA, type)); - } - - void certificate_credentials::set_x509_crl_file(const char *crlfile, - gnutls_x509_crt_fmt_t - type) { - RETWRAP(gnutls_certificate_set_x509_crl_file - (cred, crlfile, type)); - } - - void certificate_credentials::set_x509_crl(const gnutls_datum_t & CRL, - gnutls_x509_crt_fmt_t type) { - RETWRAP(gnutls_certificate_set_x509_crl_mem(cred, &CRL, type)); - } - - void certificate_credentials::set_x509_key_file(const char *certfile, - const char *keyfile, - gnutls_x509_crt_fmt_t - type) { - RETWRAP(gnutls_certificate_set_x509_key_file - (cred, certfile, keyfile, type)); - } + if (db->retrieve(key, data) == false) + return null_datum; - void certificate_credentials::set_x509_key(const gnutls_datum_t & CERT, - const gnutls_datum_t & KEY, - gnutls_x509_crt_fmt_t type) { - RETWRAP(gnutls_certificate_set_x509_key_mem - (cred, &CERT, &KEY, type)); + } catch (...) { + return null_datum; } - void certificate_credentials:: - set_simple_pkcs12_file(const char *pkcs12file, - gnutls_x509_crt_fmt_t type, - const char *password) { - RETWRAP(gnutls_certificate_set_x509_simple_pkcs12_file - (cred, pkcs12file, type, password)); - } + return data; +} - void certificate_credentials::set_x509_key(gnutls_x509_crt_t * - cert_list, - int cert_list_size, - gnutls_x509_privkey_t key) { - RETWRAP(gnutls_certificate_set_x509_key - (cred, cert_list, cert_list_size, key)); - } +static int remove_function(void *_db, gnutls_datum_t key) +{ + try { + DB *db = static_cast<DB *>(_db); - void certificate_credentials::set_x509_trust(gnutls_x509_crt_t * - ca_list, int ca_list_size) - { - RETWRAP(gnutls_certificate_set_x509_trust - (cred, ca_list, ca_list_size)); - } - - void certificate_credentials::set_x509_crl(gnutls_x509_crl_t * crl_list, - int crl_list_size) { - RETWRAP(gnutls_certificate_set_x509_crl - (cred, crl_list, crl_list_size)); - } - - void certificate_credentials:: - set_retrieve_function(gnutls_certificate_retrieve_function * func) { - gnutls_certificate_set_retrieve_function(cred, func); - } + if (db->remove(key) == false) + return -1; + } catch (...) { + return -1; + } + + return 0; +} + +void server_session::set_db(const DB &db) +{ + gnutls_db_set_ptr(s, const_cast<DB *>(&db)); + gnutls_db_set_store_function(s, store_function); + gnutls_db_set_retrieve_function(s, retrieve_function); + gnutls_db_set_remove_function(s, remove_function); +} + +void server_session::set_db_cache_expiration(unsigned int seconds) +{ + gnutls_db_set_cache_expiration(s, seconds); +} + +void server_session::db_remove() const +{ + gnutls_db_remove_session(s); +} +bool server_session::db_check_entry(const gnutls_datum_t &session_data) const +{ + int ret = gnutls_db_check_entry(s, session_data); + + if (ret != 0) + return true; + return false; +} +void session::set_max_handshake_packet_length(size_t max) +{ + gnutls_handshake_set_max_packet_length(s, max); +} + +void session::clear_credentials() +{ + gnutls_credentials_clear(s); +} + +void session::set_credentials(const credentials &cred) +{ + RETWRAP(gnutls_credentials_set(s, cred.get_type(), cred.ptr())); +} + +const char *server_session::get_srp_username() const +{ + return gnutls_srp_server_get_username(s); +} +const char *server_session::get_psk_username() const +{ + return gnutls_psk_server_get_username(s); +} +void session::set_transport_ptr(gnutls_transport_ptr_t ptr) +{ + gnutls_transport_set_ptr(s, ptr); +} + +void session::set_transport_ptr(gnutls_transport_ptr_t recv_ptr, + gnutls_transport_ptr_t send_ptr) +{ + gnutls_transport_set_ptr2(s, recv_ptr, send_ptr); +} + +gnutls_transport_ptr_t session::get_transport_ptr() const +{ + return gnutls_transport_get_ptr(s); +} +void session::get_transport_ptr(gnutls_transport_ptr_t &recv_ptr, + gnutls_transport_ptr_t &send_ptr) const +{ + gnutls_transport_get_ptr2(s, &recv_ptr, &send_ptr); +} +void session::set_transport_lowat(size_t num) +{ + throw(exception(GNUTLS_E_UNIMPLEMENTED_FEATURE)); +} + +void session::set_transport_push_function(gnutls_push_func push_func) +{ + gnutls_transport_set_push_function(s, push_func); +} + +void session::set_transport_vec_push_function(gnutls_vec_push_func vec_push_func) +{ + gnutls_transport_set_vec_push_function(s, vec_push_func); +} + +void session::set_transport_pull_function(gnutls_pull_func pull_func) +{ + gnutls_transport_set_pull_function(s, pull_func); +} + +void session::set_transport_pull_timeout_function( + gnutls_pull_timeout_func pull_timeout_func) +{ + gnutls_transport_set_pull_timeout_function(s, pull_timeout_func); +} + +void session::set_user_ptr(void *ptr) +{ + gnutls_session_set_ptr(s, ptr); +} + +void *session::get_user_ptr() const +{ + return gnutls_session_get_ptr(s); +} +void session::send_openpgp_cert(gnutls_openpgp_crt_status_t status) +{ + gnutls_openpgp_send_cert(s, status); +} + +void session::set_dh_prime_bits(unsigned int bits) +{ + gnutls_dh_set_prime_bits(s, bits); +} + +unsigned int session::get_dh_secret_bits() const +{ + return RETWRAP(gnutls_dh_get_secret_bits(s)); +} +unsigned int session::get_dh_peers_public_bits() const +{ + return RETWRAP(gnutls_dh_get_peers_public_bits(s)); +} +unsigned int session::get_dh_prime_bits() const +{ + return RETWRAP(gnutls_dh_get_prime_bits(s)); +} +void session::get_dh_group(gnutls_datum_t &gen, gnutls_datum_t &prime) const +{ + RETWRAP(gnutls_dh_get_group(s, &gen, &prime)); +} +void session::get_dh_pubkey(gnutls_datum_t &raw_key) const +{ + RETWRAP(gnutls_dh_get_pubkey(s, &raw_key)); +} +void server_session::set_certificate_request(gnutls_certificate_request_t req) +{ + gnutls_certificate_server_set_request(s, req); +} + +gnutls_credentials_type_t session::get_auth_type() const +{ + return gnutls_auth_get_type(s); +} +gnutls_credentials_type_t session::get_server_auth_type() const +{ + return gnutls_auth_server_get_type(s); +} +gnutls_credentials_type_t session::get_client_auth_type() const +{ + return gnutls_auth_client_get_type(s); +} +certificate_credentials::~certificate_credentials() +{ + gnutls_certificate_free_credentials(cred); +} + +certificate_credentials::certificate_credentials() + : credentials(GNUTLS_CRD_CERTIFICATE) +{ + RETWRAP(gnutls_certificate_allocate_credentials(&cred)); + set_ptr(cred); +} + +void certificate_server_credentials::set_params_function( + gnutls_params_function *func) +{ + gnutls_certificate_set_params_function(cred, func); +} + +anon_server_credentials::anon_server_credentials() + : credentials(GNUTLS_CRD_ANON) +{ + RETWRAP(gnutls_anon_allocate_server_credentials(&cred)); + set_ptr(cred); +} + +anon_server_credentials::~anon_server_credentials() +{ + gnutls_anon_free_server_credentials(cred); +} + +void anon_server_credentials::set_dh_params(const dh_params ¶ms) +{ + gnutls_anon_set_server_dh_params(cred, params.get_params_t()); +} + +void anon_server_credentials::set_params_function(gnutls_params_function *func) +{ + gnutls_anon_set_server_params_function(cred, func); +} + +anon_client_credentials::anon_client_credentials() + : credentials(GNUTLS_CRD_ANON) +{ + RETWRAP(gnutls_anon_allocate_client_credentials(&cred)); + set_ptr(cred); +} + +anon_client_credentials::~anon_client_credentials() +{ + gnutls_anon_free_client_credentials(cred); +} + +void certificate_credentials::free_keys() +{ + gnutls_certificate_free_keys(cred); +} + +void certificate_credentials::free_cas() +{ + gnutls_certificate_free_cas(cred); +} + +void certificate_credentials::free_ca_names() +{ + gnutls_certificate_free_ca_names(cred); +} + +void certificate_credentials::free_crls() +{ + gnutls_certificate_free_crls(cred); +} + +void certificate_credentials::set_dh_params(const dh_params ¶ms) +{ + gnutls_certificate_set_dh_params(cred, params.get_params_t()); +} + +void certificate_credentials::set_verify_flags(unsigned int flags) +{ + gnutls_certificate_set_verify_flags(cred, flags); +} + +void certificate_credentials::set_verify_limits(unsigned int max_bits, + unsigned int max_depth) +{ + gnutls_certificate_set_verify_limits(cred, max_bits, max_depth); +} + +void certificate_credentials::set_x509_trust_file(const char *cafile, + gnutls_x509_crt_fmt_t type) +{ + RETWRAP(gnutls_certificate_set_x509_trust_file(cred, cafile, type)); +} + +void certificate_credentials::set_x509_trust(const gnutls_datum_t &CA, + gnutls_x509_crt_fmt_t type) +{ + RETWRAP(gnutls_certificate_set_x509_trust_mem(cred, &CA, type)); +} + +void certificate_credentials::set_x509_crl_file(const char *crlfile, + gnutls_x509_crt_fmt_t type) +{ + RETWRAP(gnutls_certificate_set_x509_crl_file(cred, crlfile, type)); +} + +void certificate_credentials::set_x509_crl(const gnutls_datum_t &CRL, + gnutls_x509_crt_fmt_t type) +{ + RETWRAP(gnutls_certificate_set_x509_crl_mem(cred, &CRL, type)); +} + +void certificate_credentials::set_x509_key_file(const char *certfile, + const char *keyfile, + gnutls_x509_crt_fmt_t type) +{ + RETWRAP(gnutls_certificate_set_x509_key_file(cred, certfile, keyfile, + type)); +} + +void certificate_credentials::set_x509_key(const gnutls_datum_t &CERT, + const gnutls_datum_t &KEY, + gnutls_x509_crt_fmt_t type) +{ + RETWRAP(gnutls_certificate_set_x509_key_mem(cred, &CERT, &KEY, type)); +} + +void certificate_credentials::set_simple_pkcs12_file(const char *pkcs12file, + gnutls_x509_crt_fmt_t type, + const char *password) +{ + RETWRAP(gnutls_certificate_set_x509_simple_pkcs12_file(cred, pkcs12file, + type, password)); +} + +void certificate_credentials::set_x509_key(gnutls_x509_crt_t *cert_list, + int cert_list_size, + gnutls_x509_privkey_t key) +{ + RETWRAP(gnutls_certificate_set_x509_key(cred, cert_list, cert_list_size, + key)); +} + +void certificate_credentials::set_x509_trust(gnutls_x509_crt_t *ca_list, + int ca_list_size) +{ + RETWRAP(gnutls_certificate_set_x509_trust(cred, ca_list, ca_list_size)); +} + +void certificate_credentials::set_x509_crl(gnutls_x509_crl_t *crl_list, + int crl_list_size) +{ + RETWRAP(gnutls_certificate_set_x509_crl(cred, crl_list, crl_list_size)); +} + +void certificate_credentials::set_retrieve_function( + gnutls_certificate_retrieve_function *func) +{ + gnutls_certificate_set_retrieve_function(cred, func); +} // SRP - srp_server_credentials::srp_server_credentials():credentials(GNUTLS_CRD_SRP) - { - RETWRAP(gnutls_srp_allocate_server_credentials(&cred)); - set_ptr(cred); - } - - srp_server_credentials::~srp_server_credentials() { - gnutls_srp_free_server_credentials(cred); - } - - srp_client_credentials::srp_client_credentials():credentials(GNUTLS_CRD_SRP) - { - RETWRAP(gnutls_srp_allocate_client_credentials(&cred)); - set_ptr(cred); - } - - srp_client_credentials::~srp_client_credentials() { - gnutls_srp_free_client_credentials(cred); - } - - void srp_client_credentials::set_credentials(const char *username, - const char *password) { - RETWRAP(gnutls_srp_set_client_credentials - (cred, username, password)); - } - - void srp_server_credentials:: - set_credentials_file(const char *password_file, - const char *password_conf_file) { - RETWRAP(gnutls_srp_set_server_credentials_file - (cred, password_file, password_conf_file)); - } - - void srp_server_credentials:: - set_credentials_function(gnutls_srp_server_credentials_function * - func) { - gnutls_srp_set_server_credentials_function(cred, func); - } - - void srp_client_credentials:: - set_credentials_function(gnutls_srp_client_credentials_function * - func) { - gnutls_srp_set_client_credentials_function(cred, func); - } +srp_server_credentials::srp_server_credentials() + : credentials(GNUTLS_CRD_SRP) +{ + RETWRAP(gnutls_srp_allocate_server_credentials(&cred)); + set_ptr(cred); +} + +srp_server_credentials::~srp_server_credentials() +{ + gnutls_srp_free_server_credentials(cred); +} + +srp_client_credentials::srp_client_credentials() + : credentials(GNUTLS_CRD_SRP) +{ + RETWRAP(gnutls_srp_allocate_client_credentials(&cred)); + set_ptr(cred); +} + +srp_client_credentials::~srp_client_credentials() +{ + gnutls_srp_free_client_credentials(cred); +} + +void srp_client_credentials::set_credentials(const char *username, + const char *password) +{ + RETWRAP(gnutls_srp_set_client_credentials(cred, username, password)); +} + +void srp_server_credentials::set_credentials_file( + const char *password_file, const char *password_conf_file) +{ + RETWRAP(gnutls_srp_set_server_credentials_file(cred, password_file, + password_conf_file)); +} + +void srp_server_credentials::set_credentials_function( + gnutls_srp_server_credentials_function *func) +{ + gnutls_srp_set_server_credentials_function(cred, func); +} + +void srp_client_credentials::set_credentials_function( + gnutls_srp_client_credentials_function *func) +{ + gnutls_srp_set_client_credentials_function(cred, func); +} // PSK - psk_server_credentials::psk_server_credentials():credentials(GNUTLS_CRD_PSK) - { - RETWRAP(gnutls_psk_allocate_server_credentials(&cred)); - set_ptr(cred); - } - - psk_server_credentials::~psk_server_credentials() { - gnutls_psk_free_server_credentials(cred); - } - - void psk_server_credentials:: - set_credentials_file(const char *password_file) { - RETWRAP(gnutls_psk_set_server_credentials_file - (cred, password_file)); - } - - void psk_server_credentials:: - set_credentials_function(gnutls_psk_server_credentials_function * - func) { - gnutls_psk_set_server_credentials_function(cred, func); - } - - void psk_server_credentials::set_dh_params(const dh_params & params) { - gnutls_psk_set_server_dh_params(cred, params.get_params_t()); - } - - void psk_server_credentials:: - set_params_function(gnutls_params_function * func) { - gnutls_psk_set_server_params_function(cred, func); - } - - psk_client_credentials::psk_client_credentials():credentials(GNUTLS_CRD_PSK) - { - RETWRAP(gnutls_psk_allocate_client_credentials(&cred)); - set_ptr(cred); - } - - psk_client_credentials::~psk_client_credentials() { - gnutls_psk_free_client_credentials(cred); - } - - void psk_client_credentials::set_credentials(const char *username, - const gnutls_datum_t & key, - gnutls_psk_key_flags flags) - { - RETWRAP(gnutls_psk_set_client_credentials - (cred, username, &key, flags)); - } - - void psk_client_credentials:: - set_credentials_function(gnutls_psk_client_credentials_function * - func) { - gnutls_psk_set_client_credentials_function(cred, func); - } - - credentials::credentials(gnutls_credentials_type_t t):type(t), cred(NULL) - { - } - - gnutls_credentials_type_t credentials::get_type() const { - return type; - } - void *credentials::ptr() const { - return cred; - } - void credentials::set_ptr(void *ptr) { - cred = ptr; - } - - exception::exception(int x) { - retcode = x; - } - - int exception::get_code() { - return retcode; - } - - const char *exception::what() const throw() { - return gnutls_strerror(retcode); - } - - dh_params::dh_params() { - RETWRAP(gnutls_dh_params_init(¶ms)); - } - - dh_params::~dh_params() { - gnutls_dh_params_deinit(params); - } - - void dh_params::import_raw(const gnutls_datum_t & prime, - const gnutls_datum_t & generator) { - RETWRAP(gnutls_dh_params_import_raw - (params, &prime, &generator)); - } - - void dh_params::import_pkcs3(const gnutls_datum_t & pkcs3_params, - gnutls_x509_crt_fmt_t format) { - RETWRAP(gnutls_dh_params_import_pkcs3 - (params, &pkcs3_params, format)); - } - - void dh_params::generate(unsigned int bits) { - RETWRAP(gnutls_dh_params_generate2(params, bits)); - } - - void dh_params::export_pkcs3(gnutls_x509_crt_fmt_t format, - unsigned char *params_data, - size_t *params_data_size) { - RETWRAP(gnutls_dh_params_export_pkcs3 - (params, format, params_data, params_data_size)); - } - - void dh_params::export_raw(gnutls_datum_t & prime, - gnutls_datum_t & generator) { - RETWRAP(gnutls_dh_params_export_raw - (params, &prime, &generator, NULL)); - } - - gnutls_dh_params_t dh_params::get_params_t() const { - return params; +psk_server_credentials::psk_server_credentials() + : credentials(GNUTLS_CRD_PSK) +{ + RETWRAP(gnutls_psk_allocate_server_credentials(&cred)); + set_ptr(cred); +} + +psk_server_credentials::~psk_server_credentials() +{ + gnutls_psk_free_server_credentials(cred); +} + +void psk_server_credentials::set_credentials_file(const char *password_file) +{ + RETWRAP(gnutls_psk_set_server_credentials_file(cred, password_file)); +} + +void psk_server_credentials::set_credentials_function( + gnutls_psk_server_credentials_function *func) +{ + gnutls_psk_set_server_credentials_function(cred, func); +} + +void psk_server_credentials::set_dh_params(const dh_params ¶ms) +{ + gnutls_psk_set_server_dh_params(cred, params.get_params_t()); +} + +void psk_server_credentials::set_params_function(gnutls_params_function *func) +{ + gnutls_psk_set_server_params_function(cred, func); +} + +psk_client_credentials::psk_client_credentials() + : credentials(GNUTLS_CRD_PSK) +{ + RETWRAP(gnutls_psk_allocate_client_credentials(&cred)); + set_ptr(cred); +} + +psk_client_credentials::~psk_client_credentials() +{ + gnutls_psk_free_client_credentials(cred); +} + +void psk_client_credentials::set_credentials(const char *username, + const gnutls_datum_t &key, + gnutls_psk_key_flags flags) +{ + RETWRAP(gnutls_psk_set_client_credentials(cred, username, &key, flags)); +} + +void psk_client_credentials::set_credentials_function( + gnutls_psk_client_credentials_function *func) +{ + gnutls_psk_set_client_credentials_function(cred, func); +} + +credentials::credentials(gnutls_credentials_type_t t) + : type(t) + , cred(NULL) +{ +} + +gnutls_credentials_type_t credentials::get_type() const +{ + return type; +} +void *credentials::ptr() const +{ + return cred; +} +void credentials::set_ptr(void *ptr) +{ + cred = ptr; +} + +exception::exception(int x) +{ + retcode = x; +} + +int exception::get_code() +{ + return retcode; +} + +const char *exception::what() const throw() +{ + return gnutls_strerror(retcode); +} + +dh_params::dh_params() +{ + RETWRAP(gnutls_dh_params_init(¶ms)); +} + +dh_params::~dh_params() +{ + gnutls_dh_params_deinit(params); +} + +void dh_params::import_raw(const gnutls_datum_t &prime, + const gnutls_datum_t &generator) +{ + RETWRAP(gnutls_dh_params_import_raw(params, &prime, &generator)); +} + +void dh_params::import_pkcs3(const gnutls_datum_t &pkcs3_params, + gnutls_x509_crt_fmt_t format) +{ + RETWRAP(gnutls_dh_params_import_pkcs3(params, &pkcs3_params, format)); +} + +void dh_params::generate(unsigned int bits) +{ + RETWRAP(gnutls_dh_params_generate2(params, bits)); +} + +void dh_params::export_pkcs3(gnutls_x509_crt_fmt_t format, + unsigned char *params_data, + size_t *params_data_size) +{ + RETWRAP(gnutls_dh_params_export_pkcs3(params, format, params_data, + params_data_size)); +} + +void dh_params::export_raw(gnutls_datum_t &prime, gnutls_datum_t &generator) +{ + RETWRAP(gnutls_dh_params_export_raw(params, &prime, &generator, NULL)); +} + +gnutls_dh_params_t dh_params::get_params_t() const +{ + return params; +} +dh_params &dh_params::operator=(const dh_params &src) +{ + dh_params *dst = new dh_params; + int ret; + + ret = gnutls_dh_params_cpy(dst->params, src.params); + + if (ret < 0) { + delete dst; + throw(exception(ret)); } - dh_params & dh_params::operator=(const dh_params & src) { - dh_params *dst = new dh_params; - int ret; - ret = gnutls_dh_params_cpy(dst->params, src.params); + std::swap(this->params, dst->params); + delete dst; - if (ret < 0) { - delete dst; - throw(exception(ret)); - } - - std::swap(this->params, dst->params); - delete dst; - - return *this; - } + return *this; +} -# endif /* GNUTLS_GNUTLSXX_NO_HEADERONLY */ +#endif /* GNUTLS_GNUTLSXX_NO_HEADERONLY */ -} /* namespace gnutls */ +} /* namespace gnutls */ -#endif /* GNUTLS_GNUTLSXX_H */ +#endif /* GNUTLS_GNUTLSXX_H */ diff --git a/lib/includes/gnutls/ocsp.h b/lib/includes/gnutls/ocsp.h index 1e05469852..9e271476cf 100644 --- a/lib/includes/gnutls/ocsp.h +++ b/lib/includes/gnutls/ocsp.h @@ -24,16 +24,16 @@ */ #ifndef GNUTLS_OCSP_H -# define GNUTLS_OCSP_H +#define GNUTLS_OCSP_H -# include <gnutls/gnutls.h> -# include <gnutls/x509.h> +#include <gnutls/gnutls.h> +#include <gnutls/x509.h> #ifdef __cplusplus extern "C" { #endif -# define GNUTLS_OCSP_NONCE "1.3.6.1.5.5.7.48.1.2" +#define GNUTLS_OCSP_NONCE "1.3.6.1.5.5.7.48.1.2" /** * gnutls_ocsp_print_formats_t: @@ -142,114 +142,101 @@ struct gnutls_ocsp_req_int; typedef struct gnutls_ocsp_req_int *gnutls_ocsp_req_t; typedef const struct gnutls_ocsp_req_int *gnutls_ocsp_req_const_t; -int gnutls_ocsp_req_init(gnutls_ocsp_req_t * req); +int gnutls_ocsp_req_init(gnutls_ocsp_req_t *req); void gnutls_ocsp_req_deinit(gnutls_ocsp_req_t req); -int gnutls_ocsp_req_import(gnutls_ocsp_req_t req, const gnutls_datum_t * data); -int gnutls_ocsp_req_export(gnutls_ocsp_req_const_t req, gnutls_datum_t * data); +int gnutls_ocsp_req_import(gnutls_ocsp_req_t req, const gnutls_datum_t *data); +int gnutls_ocsp_req_export(gnutls_ocsp_req_const_t req, gnutls_datum_t *data); int gnutls_ocsp_req_print(gnutls_ocsp_req_const_t req, gnutls_ocsp_print_formats_t format, - gnutls_datum_t * out); + gnutls_datum_t *out); int gnutls_ocsp_req_get_version(gnutls_ocsp_req_const_t req); -int gnutls_ocsp_req_get_cert_id(gnutls_ocsp_req_const_t req, - unsigned indx, - gnutls_digest_algorithm_t * digest, - gnutls_datum_t * issuer_name_hash, - gnutls_datum_t * issuer_key_hash, - gnutls_datum_t * serial_number); +int gnutls_ocsp_req_get_cert_id(gnutls_ocsp_req_const_t req, unsigned indx, + gnutls_digest_algorithm_t *digest, + gnutls_datum_t *issuer_name_hash, + gnutls_datum_t *issuer_key_hash, + gnutls_datum_t *serial_number); int gnutls_ocsp_req_add_cert_id(gnutls_ocsp_req_t req, gnutls_digest_algorithm_t digest, - const gnutls_datum_t * - issuer_name_hash, - const gnutls_datum_t * - issuer_key_hash, - const gnutls_datum_t * serial_number); + const gnutls_datum_t *issuer_name_hash, + const gnutls_datum_t *issuer_key_hash, + const gnutls_datum_t *serial_number); int gnutls_ocsp_req_add_cert(gnutls_ocsp_req_t req, gnutls_digest_algorithm_t digest, gnutls_x509_crt_t issuer, gnutls_x509_crt_t cert); -int gnutls_ocsp_req_get_extension(gnutls_ocsp_req_const_t req, - unsigned indx, - gnutls_datum_t * oid, - unsigned int *critical, - gnutls_datum_t * data); -int gnutls_ocsp_req_set_extension(gnutls_ocsp_req_t req, - const char *oid, +int gnutls_ocsp_req_get_extension(gnutls_ocsp_req_const_t req, unsigned indx, + gnutls_datum_t *oid, unsigned int *critical, + gnutls_datum_t *data); +int gnutls_ocsp_req_set_extension(gnutls_ocsp_req_t req, const char *oid, unsigned int critical, - const gnutls_datum_t * data); + const gnutls_datum_t *data); int gnutls_ocsp_req_get_nonce(gnutls_ocsp_req_const_t req, - unsigned int *critical, gnutls_datum_t * nonce); -int gnutls_ocsp_req_set_nonce(gnutls_ocsp_req_t req, - unsigned int critical, - const gnutls_datum_t * nonce); + unsigned int *critical, gnutls_datum_t *nonce); +int gnutls_ocsp_req_set_nonce(gnutls_ocsp_req_t req, unsigned int critical, + const gnutls_datum_t *nonce); int gnutls_ocsp_req_randomize_nonce(gnutls_ocsp_req_t req); struct gnutls_ocsp_resp_int; typedef struct gnutls_ocsp_resp_int *gnutls_ocsp_resp_t; typedef const struct gnutls_ocsp_resp_int *gnutls_ocsp_resp_const_t; -int gnutls_ocsp_resp_init(gnutls_ocsp_resp_t * resp); +int gnutls_ocsp_resp_init(gnutls_ocsp_resp_t *resp); void gnutls_ocsp_resp_deinit(gnutls_ocsp_resp_t resp); int gnutls_ocsp_resp_import(gnutls_ocsp_resp_t resp, - const gnutls_datum_t * data); + const gnutls_datum_t *data); int gnutls_ocsp_resp_import2(gnutls_ocsp_resp_t resp, - const gnutls_datum_t * data, + const gnutls_datum_t *data, gnutls_x509_crt_fmt_t fmt); int gnutls_ocsp_resp_export(gnutls_ocsp_resp_const_t resp, - gnutls_datum_t * data); + gnutls_datum_t *data); int gnutls_ocsp_resp_export2(gnutls_ocsp_resp_const_t resp, - gnutls_datum_t * data, gnutls_x509_crt_fmt_t fmt); + gnutls_datum_t *data, gnutls_x509_crt_fmt_t fmt); int gnutls_ocsp_resp_print(gnutls_ocsp_resp_const_t resp, gnutls_ocsp_print_formats_t format, - gnutls_datum_t * out); + gnutls_datum_t *out); int gnutls_ocsp_resp_get_status(gnutls_ocsp_resp_const_t resp); int gnutls_ocsp_resp_get_response(gnutls_ocsp_resp_const_t resp, - gnutls_datum_t * - response_type_oid, gnutls_datum_t * response); + gnutls_datum_t *response_type_oid, + gnutls_datum_t *response); int gnutls_ocsp_resp_get_version(gnutls_ocsp_resp_const_t resp); int gnutls_ocsp_resp_get_responder(gnutls_ocsp_resp_const_t resp, - gnutls_datum_t * dn); + gnutls_datum_t *dn); int gnutls_ocsp_resp_get_responder2(gnutls_ocsp_resp_const_t resp, - gnutls_datum_t * dn, unsigned flags); + gnutls_datum_t *dn, unsigned flags); /* the raw key ID of the responder */ -# define GNUTLS_OCSP_RESP_ID_KEY 1 +#define GNUTLS_OCSP_RESP_ID_KEY 1 /* the raw DN of the responder */ -# define GNUTLS_OCSP_RESP_ID_DN 2 -int -gnutls_ocsp_resp_get_responder_raw_id(gnutls_ocsp_resp_const_t resp, - unsigned type, gnutls_datum_t * raw); +#define GNUTLS_OCSP_RESP_ID_DN 2 +int gnutls_ocsp_resp_get_responder_raw_id(gnutls_ocsp_resp_const_t resp, + unsigned type, gnutls_datum_t *raw); time_t gnutls_ocsp_resp_get_produced(gnutls_ocsp_resp_const_t resp); -int gnutls_ocsp_resp_get_single(gnutls_ocsp_resp_const_t resp, - unsigned indx, - gnutls_digest_algorithm_t * digest, - gnutls_datum_t * issuer_name_hash, - gnutls_datum_t * issuer_key_hash, - gnutls_datum_t * serial_number, - unsigned int *cert_status, - time_t * this_update, - time_t * next_update, - time_t * revocation_time, +int gnutls_ocsp_resp_get_single(gnutls_ocsp_resp_const_t resp, unsigned indx, + gnutls_digest_algorithm_t *digest, + gnutls_datum_t *issuer_name_hash, + gnutls_datum_t *issuer_key_hash, + gnutls_datum_t *serial_number, + unsigned int *cert_status, time_t *this_update, + time_t *next_update, time_t *revocation_time, unsigned int *revocation_reason); -int gnutls_ocsp_resp_get_extension(gnutls_ocsp_resp_const_t resp, - unsigned indx, - gnutls_datum_t * oid, - unsigned int *critical, - gnutls_datum_t * data); +int gnutls_ocsp_resp_get_extension(gnutls_ocsp_resp_const_t resp, unsigned indx, + gnutls_datum_t *oid, unsigned int *critical, + gnutls_datum_t *data); int gnutls_ocsp_resp_get_nonce(gnutls_ocsp_resp_const_t resp, - unsigned int *critical, gnutls_datum_t * nonce); + unsigned int *critical, gnutls_datum_t *nonce); int gnutls_ocsp_resp_get_signature_algorithm(gnutls_ocsp_resp_const_t resp); int gnutls_ocsp_resp_get_signature(gnutls_ocsp_resp_const_t resp, - gnutls_datum_t * sig); + gnutls_datum_t *sig); int gnutls_ocsp_resp_get_certs(gnutls_ocsp_resp_const_t resp, - gnutls_x509_crt_t ** certs, size_t *ncerts); + gnutls_x509_crt_t **certs, size_t *ncerts); int gnutls_ocsp_resp_verify_direct(gnutls_ocsp_resp_const_t resp, gnutls_x509_crt_t issuer, @@ -258,17 +245,17 @@ int gnutls_ocsp_resp_verify(gnutls_ocsp_resp_const_t resp, gnutls_x509_trust_list_t trustlist, unsigned int *verify, unsigned int flags); -int gnutls_ocsp_resp_check_crt(gnutls_ocsp_resp_const_t resp, - unsigned int indx, gnutls_x509_crt_t crt); +int gnutls_ocsp_resp_check_crt(gnutls_ocsp_resp_const_t resp, unsigned int indx, + gnutls_x509_crt_t crt); -int -gnutls_ocsp_resp_list_import2(gnutls_ocsp_resp_t ** ocsps, - unsigned int *size, - const gnutls_datum_t * resp_data, - gnutls_x509_crt_fmt_t format, unsigned int flags); +int gnutls_ocsp_resp_list_import2(gnutls_ocsp_resp_t **ocsps, + unsigned int *size, + const gnutls_datum_t *resp_data, + gnutls_x509_crt_fmt_t format, + unsigned int flags); #ifdef __cplusplus } #endif -#endif /* GNUTLS_OCSP_H */ +#endif /* GNUTLS_OCSP_H */ diff --git a/lib/includes/gnutls/openpgp.h b/lib/includes/gnutls/openpgp.h index 1e1b1a2f3b..37ef588d16 100644 --- a/lib/includes/gnutls/openpgp.h +++ b/lib/includes/gnutls/openpgp.h @@ -25,10 +25,10 @@ */ #ifndef GNUTLS_OPENPGP_H -# define GNUTLS_OPENPGP_H +#define GNUTLS_OPENPGP_H -# include <gnutls/gnutls.h> -# include <limits.h> +#include <gnutls/gnutls.h> +#include <limits.h> #ifdef __cplusplus extern "C" { @@ -49,302 +49,248 @@ typedef enum gnutls_openpgp_crt_fmt { GNUTLS_OPENPGP_FMT_BASE64 } gnutls_openpgp_crt_fmt_t; -# define GNUTLS_OPENPGP_KEYID_SIZE 8 -# define GNUTLS_OPENPGP_V4_FINGERPRINT_SIZE 20 -typedef unsigned char - gnutls_openpgp_keyid_t[GNUTLS_OPENPGP_KEYID_SIZE]; +#define GNUTLS_OPENPGP_KEYID_SIZE 8 +#define GNUTLS_OPENPGP_V4_FINGERPRINT_SIZE 20 +typedef unsigned char gnutls_openpgp_keyid_t[GNUTLS_OPENPGP_KEYID_SIZE]; /* gnutls_openpgp_cert_t should be defined in gnutls.h */ - /* initializes the memory for gnutls_openpgp_crt_t struct */ -int gnutls_openpgp_crt_init(gnutls_openpgp_crt_t * - key) _GNUTLS_GCC_ATTR_DEPRECATED; - /* frees all memory */ +/* initializes the memory for gnutls_openpgp_crt_t struct */ +int gnutls_openpgp_crt_init(gnutls_openpgp_crt_t *key) + _GNUTLS_GCC_ATTR_DEPRECATED; +/* frees all memory */ void gnutls_openpgp_crt_deinit(gnutls_openpgp_crt_t key) - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; -int gnutls_openpgp_crt_import(gnutls_openpgp_crt_t key, - const gnutls_datum_t * data, - gnutls_openpgp_crt_fmt_t format) - _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_openpgp_crt_import( + gnutls_openpgp_crt_t key, const gnutls_datum_t *data, + gnutls_openpgp_crt_fmt_t format) _GNUTLS_GCC_ATTR_DEPRECATED; int gnutls_openpgp_crt_export(gnutls_openpgp_crt_t key, gnutls_openpgp_crt_fmt_t format, - void *output_data, - size_t *output_data_size) - _GNUTLS_GCC_ATTR_DEPRECATED; + void *output_data, size_t *output_data_size) + _GNUTLS_GCC_ATTR_DEPRECATED; int gnutls_openpgp_crt_export2(gnutls_openpgp_crt_t key, gnutls_openpgp_crt_fmt_t format, - gnutls_datum_t * - out) _GNUTLS_GCC_ATTR_DEPRECATED; + gnutls_datum_t *out) _GNUTLS_GCC_ATTR_DEPRECATED; int gnutls_openpgp_crt_print(gnutls_openpgp_crt_t cert, - gnutls_certificate_print_formats_t - format, - gnutls_datum_t * out) _GNUTLS_GCC_ATTR_DEPRECATED; + gnutls_certificate_print_formats_t format, + gnutls_datum_t *out) _GNUTLS_GCC_ATTR_DEPRECATED; /* The key_usage flags are defined in gnutls.h. They are * the GNUTLS_KEY_* definitions. */ -# define GNUTLS_OPENPGP_MASTER_KEYID_IDX INT_MAX +#define GNUTLS_OPENPGP_MASTER_KEYID_IDX INT_MAX int gnutls_openpgp_crt_get_key_usage(gnutls_openpgp_crt_t key, unsigned int *key_usage) - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; int gnutls_openpgp_crt_get_fingerprint(gnutls_openpgp_crt_t key, void *fpr, size_t *fprlen) - _GNUTLS_GCC_ATTR_DEPRECATED; -int gnutls_openpgp_crt_get_subkey_fingerprint(gnutls_openpgp_crt_t key, - unsigned int idx, void *fpr, - size_t *fprlen) - _GNUTLS_GCC_ATTR_DEPRECATED; - -int gnutls_openpgp_crt_get_name(gnutls_openpgp_crt_t key, - int idx, char *buf, + _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_openpgp_crt_get_subkey_fingerprint( + gnutls_openpgp_crt_t key, unsigned int idx, void *fpr, + size_t *fprlen) _GNUTLS_GCC_ATTR_DEPRECATED; + +int gnutls_openpgp_crt_get_name(gnutls_openpgp_crt_t key, int idx, char *buf, size_t *sizeof_buf) _GNUTLS_GCC_ATTR_DEPRECATED; -gnutls_pk_algorithm_t -gnutls_openpgp_crt_get_pk_algorithm(gnutls_openpgp_crt_t key, - unsigned int *bits) -_GNUTLS_GCC_ATTR_DEPRECATED; +gnutls_pk_algorithm_t gnutls_openpgp_crt_get_pk_algorithm( + gnutls_openpgp_crt_t key, + unsigned int *bits) _GNUTLS_GCC_ATTR_DEPRECATED; int gnutls_openpgp_crt_get_version(gnutls_openpgp_crt_t key) - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; time_t gnutls_openpgp_crt_get_creation_time(gnutls_openpgp_crt_t key) - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; time_t gnutls_openpgp_crt_get_expiration_time(gnutls_openpgp_crt_t key) - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; int gnutls_openpgp_crt_get_key_id(gnutls_openpgp_crt_t key, gnutls_openpgp_keyid_t keyid) - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; int gnutls_openpgp_crt_check_hostname(gnutls_openpgp_crt_t key, const char *hostname) - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; int gnutls_openpgp_crt_check_hostname2(gnutls_openpgp_crt_t key, - const char *hostname, - unsigned int flags) - _GNUTLS_GCC_ATTR_DEPRECATED; + const char *hostname, unsigned int flags) + _GNUTLS_GCC_ATTR_DEPRECATED; int gnutls_openpgp_crt_check_email(gnutls_openpgp_crt_t key, const char *email, unsigned flags) _GNUTLS_GCC_ATTR_DEPRECATED; int gnutls_openpgp_crt_get_revoked_status(gnutls_openpgp_crt_t key) - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; int gnutls_openpgp_crt_get_subkey_count(gnutls_openpgp_crt_t key) - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; int gnutls_openpgp_crt_get_subkey_idx(gnutls_openpgp_crt_t key, const gnutls_openpgp_keyid_t keyid) - _GNUTLS_GCC_ATTR_DEPRECATED; -int gnutls_openpgp_crt_get_subkey_revoked_status(gnutls_openpgp_crt_t key, - unsigned int idx) - _GNUTLS_GCC_ATTR_DEPRECATED; -gnutls_pk_algorithm_t -gnutls_openpgp_crt_get_subkey_pk_algorithm(gnutls_openpgp_crt_t key, - unsigned int idx, - unsigned int *bits) -_GNUTLS_GCC_ATTR_DEPRECATED; -time_t gnutls_openpgp_crt_get_subkey_creation_time(gnutls_openpgp_crt_t key, - unsigned int idx) - _GNUTLS_GCC_ATTR_DEPRECATED; -time_t gnutls_openpgp_crt_get_subkey_expiration_time(gnutls_openpgp_crt_t key, - unsigned int idx) - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_openpgp_crt_get_subkey_revoked_status( + gnutls_openpgp_crt_t key, unsigned int idx) _GNUTLS_GCC_ATTR_DEPRECATED; +gnutls_pk_algorithm_t gnutls_openpgp_crt_get_subkey_pk_algorithm( + gnutls_openpgp_crt_t key, unsigned int idx, + unsigned int *bits) _GNUTLS_GCC_ATTR_DEPRECATED; +time_t gnutls_openpgp_crt_get_subkey_creation_time( + gnutls_openpgp_crt_t key, unsigned int idx) _GNUTLS_GCC_ATTR_DEPRECATED; +time_t gnutls_openpgp_crt_get_subkey_expiration_time( + gnutls_openpgp_crt_t key, unsigned int idx) _GNUTLS_GCC_ATTR_DEPRECATED; int gnutls_openpgp_crt_get_subkey_id(gnutls_openpgp_crt_t key, unsigned int idx, gnutls_openpgp_keyid_t keyid) - _GNUTLS_GCC_ATTR_DEPRECATED; -int gnutls_openpgp_crt_get_subkey_usage(gnutls_openpgp_crt_t key, - unsigned int idx, - unsigned int *key_usage) - _GNUTLS_GCC_ATTR_DEPRECATED; - -int gnutls_openpgp_crt_get_subkey_pk_dsa_raw(gnutls_openpgp_crt_t - crt, unsigned int idx, - gnutls_datum_t * p, - gnutls_datum_t * q, - gnutls_datum_t * g, - gnutls_datum_t * - y) _GNUTLS_GCC_ATTR_DEPRECATED; -int gnutls_openpgp_crt_get_subkey_pk_rsa_raw(gnutls_openpgp_crt_t crt, - unsigned int idx, - gnutls_datum_t * m, - gnutls_datum_t * - e) _GNUTLS_GCC_ATTR_DEPRECATED; -int gnutls_openpgp_crt_get_pk_dsa_raw(gnutls_openpgp_crt_t crt, - gnutls_datum_t * p, gnutls_datum_t * q, - gnutls_datum_t * g, - gnutls_datum_t * - y) _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_openpgp_crt_get_subkey_usage( + gnutls_openpgp_crt_t key, unsigned int idx, + unsigned int *key_usage) _GNUTLS_GCC_ATTR_DEPRECATED; + +int gnutls_openpgp_crt_get_subkey_pk_dsa_raw( + gnutls_openpgp_crt_t crt, unsigned int idx, gnutls_datum_t *p, + gnutls_datum_t *q, gnutls_datum_t *g, + gnutls_datum_t *y) _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_openpgp_crt_get_subkey_pk_rsa_raw( + gnutls_openpgp_crt_t crt, unsigned int idx, gnutls_datum_t *m, + gnutls_datum_t *e) _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_openpgp_crt_get_pk_dsa_raw( + gnutls_openpgp_crt_t crt, gnutls_datum_t *p, gnutls_datum_t *q, + gnutls_datum_t *g, gnutls_datum_t *y) _GNUTLS_GCC_ATTR_DEPRECATED; int gnutls_openpgp_crt_get_pk_rsa_raw(gnutls_openpgp_crt_t crt, - gnutls_datum_t * m, - gnutls_datum_t * - e) _GNUTLS_GCC_ATTR_DEPRECATED; + gnutls_datum_t *m, gnutls_datum_t *e) + _GNUTLS_GCC_ATTR_DEPRECATED; -int gnutls_openpgp_crt_get_preferred_key_id(gnutls_openpgp_crt_t - key, +int gnutls_openpgp_crt_get_preferred_key_id(gnutls_openpgp_crt_t key, gnutls_openpgp_keyid_t keyid) - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; int gnutls_openpgp_crt_set_preferred_key_id(gnutls_openpgp_crt_t key, const gnutls_openpgp_keyid_t keyid) - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; /* privkey stuff. */ -int gnutls_openpgp_privkey_init(gnutls_openpgp_privkey_t * - key) _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_openpgp_privkey_init(gnutls_openpgp_privkey_t *key) + _GNUTLS_GCC_ATTR_DEPRECATED; void gnutls_openpgp_privkey_deinit(gnutls_openpgp_privkey_t key) - _GNUTLS_GCC_ATTR_DEPRECATED; -gnutls_pk_algorithm_t -gnutls_openpgp_privkey_get_pk_algorithm(gnutls_openpgp_privkey_t key, - unsigned int *bits) -_GNUTLS_GCC_ATTR_DEPRECATED; - -gnutls_sec_param_t -gnutls_openpgp_privkey_sec_param(gnutls_openpgp_privkey_t key) -_GNUTLS_GCC_ATTR_DEPRECATED; -int gnutls_openpgp_privkey_import(gnutls_openpgp_privkey_t key, - const gnutls_datum_t * data, - gnutls_openpgp_crt_fmt_t format, - const char *password, - unsigned int flags) - _GNUTLS_GCC_ATTR_DEPRECATED; - -int gnutls_openpgp_privkey_get_fingerprint(gnutls_openpgp_privkey_t - key, void *fpr, - size_t *fprlen) - _GNUTLS_GCC_ATTR_DEPRECATED; -int gnutls_openpgp_privkey_get_subkey_fingerprint(gnutls_openpgp_privkey_t key, - unsigned int idx, void *fpr, - size_t *fprlen) - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; +gnutls_pk_algorithm_t gnutls_openpgp_privkey_get_pk_algorithm( + gnutls_openpgp_privkey_t key, + unsigned int *bits) _GNUTLS_GCC_ATTR_DEPRECATED; + +gnutls_sec_param_t gnutls_openpgp_privkey_sec_param( + gnutls_openpgp_privkey_t key) _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_openpgp_privkey_import( + gnutls_openpgp_privkey_t key, const gnutls_datum_t *data, + gnutls_openpgp_crt_fmt_t format, const char *password, + unsigned int flags) _GNUTLS_GCC_ATTR_DEPRECATED; + +int gnutls_openpgp_privkey_get_fingerprint(gnutls_openpgp_privkey_t key, + void *fpr, size_t *fprlen) + _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_openpgp_privkey_get_subkey_fingerprint( + gnutls_openpgp_privkey_t key, unsigned int idx, void *fpr, + size_t *fprlen) _GNUTLS_GCC_ATTR_DEPRECATED; int gnutls_openpgp_privkey_get_key_id(gnutls_openpgp_privkey_t key, gnutls_openpgp_keyid_t keyid) - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; int gnutls_openpgp_privkey_get_subkey_count(gnutls_openpgp_privkey_t key) - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; int gnutls_openpgp_privkey_get_subkey_idx(gnutls_openpgp_privkey_t key, const gnutls_openpgp_keyid_t keyid) - _GNUTLS_GCC_ATTR_DEPRECATED; - -int gnutls_openpgp_privkey_get_subkey_revoked_status - (gnutls_openpgp_privkey_t key, - unsigned int idx) _GNUTLS_GCC_ATTR_DEPRECATED; - -int gnutls_openpgp_privkey_get_revoked_status - (gnutls_openpgp_privkey_t key) _GNUTLS_GCC_ATTR_DEPRECATED; - -gnutls_pk_algorithm_t - gnutls_openpgp_privkey_get_subkey_pk_algorithm - (gnutls_openpgp_privkey_t key, unsigned int idx, - unsigned int *bits) _GNUTLS_GCC_ATTR_DEPRECATED; - -time_t - gnutls_openpgp_privkey_get_subkey_expiration_time - (gnutls_openpgp_privkey_t key, - unsigned int idx) _GNUTLS_GCC_ATTR_DEPRECATED; - -int gnutls_openpgp_privkey_get_subkey_id(gnutls_openpgp_privkey_t - key, unsigned int idx, - gnutls_openpgp_keyid_t keyid) - _GNUTLS_GCC_ATTR_DEPRECATED; - -time_t - gnutls_openpgp_privkey_get_subkey_creation_time - (gnutls_openpgp_privkey_t key, - unsigned int idx) _GNUTLS_GCC_ATTR_DEPRECATED; - -int gnutls_openpgp_privkey_export_subkey_dsa_raw - (gnutls_openpgp_privkey_t pkey, unsigned int idx, - gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * g, - gnutls_datum_t * y, gnutls_datum_t * x) _GNUTLS_GCC_ATTR_DEPRECATED; -int gnutls_openpgp_privkey_export_subkey_rsa_raw - (gnutls_openpgp_privkey_t pkey, unsigned int idx, - gnutls_datum_t * m, gnutls_datum_t * e, gnutls_datum_t * d, - gnutls_datum_t * p, gnutls_datum_t * q, - gnutls_datum_t * u) _GNUTLS_GCC_ATTR_DEPRECATED; - -int gnutls_openpgp_privkey_export_dsa_raw(gnutls_openpgp_privkey_t - pkey, gnutls_datum_t * p, - gnutls_datum_t * q, - gnutls_datum_t * g, - gnutls_datum_t * y, - gnutls_datum_t * - x) _GNUTLS_GCC_ATTR_DEPRECATED; -int gnutls_openpgp_privkey_export_rsa_raw(gnutls_openpgp_privkey_t pkey, - gnutls_datum_t * m, - gnutls_datum_t * e, - gnutls_datum_t * d, - gnutls_datum_t * p, - gnutls_datum_t * q, - gnutls_datum_t * - u) _GNUTLS_GCC_ATTR_DEPRECATED; - -int gnutls_openpgp_privkey_export(gnutls_openpgp_privkey_t key, - gnutls_openpgp_crt_fmt_t format, - const char *password, - unsigned int flags, - void *output_data, - size_t *output_data_size) - _GNUTLS_GCC_ATTR_DEPRECATED; -int gnutls_openpgp_privkey_export2(gnutls_openpgp_privkey_t key, - gnutls_openpgp_crt_fmt_t format, - const char *password, unsigned int flags, - gnutls_datum_t * - out) _GNUTLS_GCC_ATTR_DEPRECATED; - -int gnutls_openpgp_privkey_set_preferred_key_id - (gnutls_openpgp_privkey_t key, - const gnutls_openpgp_keyid_t keyid) _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; + +int gnutls_openpgp_privkey_get_subkey_revoked_status( + gnutls_openpgp_privkey_t key, + unsigned int idx) _GNUTLS_GCC_ATTR_DEPRECATED; + +int gnutls_openpgp_privkey_get_revoked_status(gnutls_openpgp_privkey_t key) + _GNUTLS_GCC_ATTR_DEPRECATED; + +gnutls_pk_algorithm_t gnutls_openpgp_privkey_get_subkey_pk_algorithm( + gnutls_openpgp_privkey_t key, unsigned int idx, + unsigned int *bits) _GNUTLS_GCC_ATTR_DEPRECATED; + +time_t gnutls_openpgp_privkey_get_subkey_expiration_time( + gnutls_openpgp_privkey_t key, + unsigned int idx) _GNUTLS_GCC_ATTR_DEPRECATED; + +int gnutls_openpgp_privkey_get_subkey_id( + gnutls_openpgp_privkey_t key, unsigned int idx, + gnutls_openpgp_keyid_t keyid) _GNUTLS_GCC_ATTR_DEPRECATED; + +time_t gnutls_openpgp_privkey_get_subkey_creation_time( + gnutls_openpgp_privkey_t key, + unsigned int idx) _GNUTLS_GCC_ATTR_DEPRECATED; + +int gnutls_openpgp_privkey_export_subkey_dsa_raw( + gnutls_openpgp_privkey_t pkey, unsigned int idx, gnutls_datum_t *p, + gnutls_datum_t *q, gnutls_datum_t *g, gnutls_datum_t *y, + gnutls_datum_t *x) _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_openpgp_privkey_export_subkey_rsa_raw( + gnutls_openpgp_privkey_t pkey, unsigned int idx, gnutls_datum_t *m, + gnutls_datum_t *e, gnutls_datum_t *d, gnutls_datum_t *p, + gnutls_datum_t *q, gnutls_datum_t *u) _GNUTLS_GCC_ATTR_DEPRECATED; + +int gnutls_openpgp_privkey_export_dsa_raw( + gnutls_openpgp_privkey_t pkey, gnutls_datum_t *p, gnutls_datum_t *q, + gnutls_datum_t *g, gnutls_datum_t *y, + gnutls_datum_t *x) _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_openpgp_privkey_export_rsa_raw( + gnutls_openpgp_privkey_t pkey, gnutls_datum_t *m, gnutls_datum_t *e, + gnutls_datum_t *d, gnutls_datum_t *p, gnutls_datum_t *q, + gnutls_datum_t *u) _GNUTLS_GCC_ATTR_DEPRECATED; + +int gnutls_openpgp_privkey_export( + gnutls_openpgp_privkey_t key, gnutls_openpgp_crt_fmt_t format, + const char *password, unsigned int flags, void *output_data, + size_t *output_data_size) _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_openpgp_privkey_export2( + gnutls_openpgp_privkey_t key, gnutls_openpgp_crt_fmt_t format, + const char *password, unsigned int flags, + gnutls_datum_t *out) _GNUTLS_GCC_ATTR_DEPRECATED; + +int gnutls_openpgp_privkey_set_preferred_key_id( + gnutls_openpgp_privkey_t key, + const gnutls_openpgp_keyid_t keyid) _GNUTLS_GCC_ATTR_DEPRECATED; int gnutls_openpgp_privkey_get_preferred_key_id(gnutls_openpgp_privkey_t key, gnutls_openpgp_keyid_t keyid) - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; -int gnutls_openpgp_crt_get_auth_subkey(gnutls_openpgp_crt_t crt, - gnutls_openpgp_keyid_t - keyid, - unsigned int flag) - _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_openpgp_crt_get_auth_subkey( + gnutls_openpgp_crt_t crt, gnutls_openpgp_keyid_t keyid, + unsigned int flag) _GNUTLS_GCC_ATTR_DEPRECATED; /* Keyring stuff. */ -int gnutls_openpgp_keyring_init(gnutls_openpgp_keyring_t * - keyring) _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_openpgp_keyring_init(gnutls_openpgp_keyring_t *keyring) + _GNUTLS_GCC_ATTR_DEPRECATED; void gnutls_openpgp_keyring_deinit(gnutls_openpgp_keyring_t keyring) - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; -int gnutls_openpgp_keyring_import(gnutls_openpgp_keyring_t keyring, - const gnutls_datum_t * data, - gnutls_openpgp_crt_fmt_t format) - _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_openpgp_keyring_import( + gnutls_openpgp_keyring_t keyring, const gnutls_datum_t *data, + gnutls_openpgp_crt_fmt_t format) _GNUTLS_GCC_ATTR_DEPRECATED; -int gnutls_openpgp_keyring_check_id(gnutls_openpgp_keyring_t ring, - const gnutls_openpgp_keyid_t - keyid, - unsigned int flags) - _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_openpgp_keyring_check_id( + gnutls_openpgp_keyring_t ring, const gnutls_openpgp_keyid_t keyid, + unsigned int flags) _GNUTLS_GCC_ATTR_DEPRECATED; int gnutls_openpgp_crt_verify_ring(gnutls_openpgp_crt_t key, - gnutls_openpgp_keyring_t - keyring, unsigned int flags, - unsigned int *verify + gnutls_openpgp_keyring_t keyring, + unsigned int flags, unsigned int *verify /* the output of the verification */ -) _GNUTLS_GCC_ATTR_DEPRECATED; + ) _GNUTLS_GCC_ATTR_DEPRECATED; -int gnutls_openpgp_crt_verify_self(gnutls_openpgp_crt_t key, - unsigned int flags, +int gnutls_openpgp_crt_verify_self(gnutls_openpgp_crt_t key, unsigned int flags, unsigned int *verify) - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; int gnutls_openpgp_keyring_get_crt(gnutls_openpgp_keyring_t ring, - unsigned int idx, - gnutls_openpgp_crt_t * - cert) _GNUTLS_GCC_ATTR_DEPRECATED; + unsigned int idx, gnutls_openpgp_crt_t *cert) + _GNUTLS_GCC_ATTR_DEPRECATED; int gnutls_openpgp_keyring_get_crt_count(gnutls_openpgp_keyring_t ring) - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; /** * gnutls_openpgp_recv_key_func: @@ -363,67 +309,58 @@ int gnutls_openpgp_keyring_get_crt_count(gnutls_openpgp_keyring_t ring) * Returns: On success, %GNUTLS_E_SUCCESS (zero) is returned, * otherwise an error code is returned. */ -typedef int (*gnutls_openpgp_recv_key_func)(gnutls_session_t - session, - const unsigned char - *keyfpr, - unsigned int - keyfpr_length, - gnutls_datum_t * key); - -void -gnutls_openpgp_set_recv_key_function(gnutls_session_t session, - gnutls_openpgp_recv_key_func func) -_GNUTLS_GCC_ATTR_DEPRECATED; +typedef int (*gnutls_openpgp_recv_key_func)(gnutls_session_t session, + const unsigned char *keyfpr, + unsigned int keyfpr_length, + gnutls_datum_t *key); + +void gnutls_openpgp_set_recv_key_function(gnutls_session_t session, + gnutls_openpgp_recv_key_func func) + _GNUTLS_GCC_ATTR_DEPRECATED; /* certificate authentication stuff. */ -int gnutls_certificate_set_openpgp_key - (gnutls_certificate_credentials_t res, - gnutls_openpgp_crt_t crt, - gnutls_openpgp_privkey_t pkey) _GNUTLS_GCC_ATTR_DEPRECATED; - -int -gnutls_certificate_get_openpgp_key(gnutls_certificate_credentials_t res, - unsigned index, - gnutls_openpgp_privkey_t * - key) _GNUTLS_GCC_ATTR_DEPRECATED; -int gnutls_certificate_get_openpgp_crt(gnutls_certificate_credentials_t res, - unsigned index, - gnutls_openpgp_crt_t ** crt_list, - unsigned *crt_list_size) - _GNUTLS_GCC_ATTR_DEPRECATED; - -int gnutls_certificate_set_openpgp_key_file - (gnutls_certificate_credentials_t res, const char *certfile, - const char *keyfile, - gnutls_openpgp_crt_fmt_t format) _GNUTLS_GCC_ATTR_DEPRECATED; -int gnutls_certificate_set_openpgp_key_mem(gnutls_certificate_credentials_t res, - const gnutls_datum_t * cert, - const gnutls_datum_t * key, - gnutls_openpgp_crt_fmt_t format) - _GNUTLS_GCC_ATTR_DEPRECATED; - -int gnutls_certificate_set_openpgp_key_file2 - (gnutls_certificate_credentials_t res, const char *certfile, - const char *keyfile, const char *subkey_id, - gnutls_openpgp_crt_fmt_t format) _GNUTLS_GCC_ATTR_DEPRECATED; -int gnutls_certificate_set_openpgp_key_mem2 - (gnutls_certificate_credentials_t res, - const gnutls_datum_t * cert, const gnutls_datum_t * key, - const char *subkey_id, - gnutls_openpgp_crt_fmt_t format) _GNUTLS_GCC_ATTR_DEPRECATED; - -int gnutls_certificate_set_openpgp_keyring_mem - (gnutls_certificate_credentials_t c, const unsigned char *data, - size_t dlen, gnutls_openpgp_crt_fmt_t format) _GNUTLS_GCC_ATTR_DEPRECATED; - -int gnutls_certificate_set_openpgp_keyring_file - (gnutls_certificate_credentials_t c, const char *file, - gnutls_openpgp_crt_fmt_t format) _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_certificate_set_openpgp_key( + gnutls_certificate_credentials_t res, gnutls_openpgp_crt_t crt, + gnutls_openpgp_privkey_t pkey) _GNUTLS_GCC_ATTR_DEPRECATED; + +int gnutls_certificate_get_openpgp_key( + gnutls_certificate_credentials_t res, unsigned index, + gnutls_openpgp_privkey_t *key) _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_certificate_get_openpgp_crt( + gnutls_certificate_credentials_t res, unsigned index, + gnutls_openpgp_crt_t **crt_list, + unsigned *crt_list_size) _GNUTLS_GCC_ATTR_DEPRECATED; + +int gnutls_certificate_set_openpgp_key_file( + gnutls_certificate_credentials_t res, const char *certfile, + const char *keyfile, + gnutls_openpgp_crt_fmt_t format) _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_certificate_set_openpgp_key_mem( + gnutls_certificate_credentials_t res, const gnutls_datum_t *cert, + const gnutls_datum_t *key, + gnutls_openpgp_crt_fmt_t format) _GNUTLS_GCC_ATTR_DEPRECATED; + +int gnutls_certificate_set_openpgp_key_file2( + gnutls_certificate_credentials_t res, const char *certfile, + const char *keyfile, const char *subkey_id, + gnutls_openpgp_crt_fmt_t format) _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_certificate_set_openpgp_key_mem2( + gnutls_certificate_credentials_t res, const gnutls_datum_t *cert, + const gnutls_datum_t *key, const char *subkey_id, + gnutls_openpgp_crt_fmt_t format) _GNUTLS_GCC_ATTR_DEPRECATED; + +int gnutls_certificate_set_openpgp_keyring_mem( + gnutls_certificate_credentials_t c, const unsigned char *data, + size_t dlen, + gnutls_openpgp_crt_fmt_t format) _GNUTLS_GCC_ATTR_DEPRECATED; + +int gnutls_certificate_set_openpgp_keyring_file( + gnutls_certificate_credentials_t c, const char *file, + gnutls_openpgp_crt_fmt_t format) _GNUTLS_GCC_ATTR_DEPRECATED; #ifdef __cplusplus } #endif -#endif /* GNUTLS_OPENPGP_H */ +#endif /* GNUTLS_OPENPGP_H */ diff --git a/lib/includes/gnutls/pkcs11.h b/lib/includes/gnutls/pkcs11.h index 4e6606eb59..825f5de59e 100644 --- a/lib/includes/gnutls/pkcs11.h +++ b/lib/includes/gnutls/pkcs11.h @@ -22,17 +22,17 @@ */ #ifndef GNUTLS_PKCS11_H -# define GNUTLS_PKCS11_H +#define GNUTLS_PKCS11_H -# include <stdarg.h> -# include <gnutls/gnutls.h> -# include <gnutls/x509.h> +#include <stdarg.h> +#include <gnutls/gnutls.h> +#include <gnutls/x509.h> #ifdef __cplusplus extern "C" { #endif -# define GNUTLS_PKCS11_MAX_PIN_LEN 256 +#define GNUTLS_PKCS11_MAX_PIN_LEN 256 /** * gnutls_pkcs11_token_callback_t: @@ -52,17 +52,19 @@ extern "C" { * * Since: 2.12.0 **/ -typedef int (*gnutls_pkcs11_token_callback_t)(void *const - userdata, - const char *const - label, unsigned retry); +typedef int (*gnutls_pkcs11_token_callback_t)(void *const userdata, + const char *const label, + unsigned retry); struct gnutls_pkcs11_obj_st; typedef struct gnutls_pkcs11_obj_st *gnutls_pkcs11_obj_t; -# define GNUTLS_PKCS11_FLAG_MANUAL 0 /* Manual loading of libraries */ -# define GNUTLS_PKCS11_FLAG_AUTO 1 /* Automatically load libraries by reading /etc/gnutls/pkcs11.conf */ -# define GNUTLS_PKCS11_FLAG_AUTO_TRUSTED (1<<1) /* Automatically load trusted libraries by reading /etc/gnutls/pkcs11.conf */ +#define GNUTLS_PKCS11_FLAG_MANUAL 0 /* Manual loading of libraries */ +#define GNUTLS_PKCS11_FLAG_AUTO \ + 1 /* Automatically load libraries by reading /etc/gnutls/pkcs11.conf */ +#define GNUTLS_PKCS11_FLAG_AUTO_TRUSTED \ + (1 \ + << 1) /* Automatically load trusted libraries by reading /etc/gnutls/pkcs11.conf */ /* pkcs11.conf format: * load = /lib/xxx-pkcs11.so @@ -72,16 +74,15 @@ typedef struct gnutls_pkcs11_obj_st *gnutls_pkcs11_obj_t; int gnutls_pkcs11_init(unsigned int flags, const char *deprecated_config_file); int gnutls_pkcs11_reinit(void); void gnutls_pkcs11_deinit(void); -void gnutls_pkcs11_set_token_function - (gnutls_pkcs11_token_callback_t fn, void *userdata); +void gnutls_pkcs11_set_token_function(gnutls_pkcs11_token_callback_t fn, + void *userdata); void gnutls_pkcs11_set_pin_function(gnutls_pin_callback_t fn, void *userdata); -gnutls_pin_callback_t gnutls_pkcs11_get_pin_function(void - **userdata); +gnutls_pin_callback_t gnutls_pkcs11_get_pin_function(void **userdata); int gnutls_pkcs11_add_provider(const char *name, const char *params); -int gnutls_pkcs11_obj_init(gnutls_pkcs11_obj_t * obj); +int gnutls_pkcs11_obj_init(gnutls_pkcs11_obj_t *obj); void gnutls_pkcs11_obj_set_pin_function(gnutls_pkcs11_obj_t obj, gnutls_pin_callback_t fn, void *userdata); @@ -127,10 +128,10 @@ typedef enum gnutls_pkcs11_obj_flags { GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE = (1 << 5), GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_ANY = (1 << 6), GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED = - GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED, + GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED, GNUTLS_PKCS11_OBJ_FLAG_MARK_DISTRUSTED = (1 << 8), GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED = - GNUTLS_PKCS11_OBJ_FLAG_MARK_DISTRUSTED, + GNUTLS_PKCS11_OBJ_FLAG_MARK_DISTRUSTED, GNUTLS_PKCS11_OBJ_FLAG_COMPARE = (1 << 9), GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE = (1 << 10), GNUTLS_PKCS11_OBJ_FLAG_MARK_CA = (1 << 11), @@ -149,7 +150,7 @@ typedef enum gnutls_pkcs11_obj_flags { /* flags 1<<29 and later are reserved - see pkcs11_int.h */ } gnutls_pkcs11_obj_flags; -# define gnutls_pkcs11_obj_attr_t gnutls_pkcs11_obj_flags +#define gnutls_pkcs11_obj_attr_t gnutls_pkcs11_obj_flags /** * gnutls_pkcs11_url_type_t: @@ -160,46 +161,43 @@ typedef enum gnutls_pkcs11_obj_flags { * Enumeration of different URL extraction flags. */ typedef enum { - GNUTLS_PKCS11_URL_GENERIC, /* URL specifies the object on token level */ - GNUTLS_PKCS11_URL_LIB, /* URL specifies the object on module level */ - GNUTLS_PKCS11_URL_LIB_VERSION /* URL specifies the object on module and version level */ + GNUTLS_PKCS11_URL_GENERIC, /* URL specifies the object on token level */ + GNUTLS_PKCS11_URL_LIB, /* URL specifies the object on module level */ + GNUTLS_PKCS11_URL_LIB_VERSION /* URL specifies the object on module and version level */ } gnutls_pkcs11_url_type_t; -int gnutls_pkcs11_obj_import_url(gnutls_pkcs11_obj_t obj, - const char *url, unsigned int flags - /* GNUTLS_PKCS11_OBJ_FLAG_* */ ); +int gnutls_pkcs11_obj_import_url(gnutls_pkcs11_obj_t obj, const char *url, + unsigned int flags + /* GNUTLS_PKCS11_OBJ_FLAG_* */); int gnutls_pkcs11_obj_export_url(gnutls_pkcs11_obj_t obj, gnutls_pkcs11_url_type_t detailed, char **url); void gnutls_pkcs11_obj_deinit(gnutls_pkcs11_obj_t obj); -int gnutls_pkcs11_obj_export(gnutls_pkcs11_obj_t obj, - void *output_data, size_t *output_data_size); -int gnutls_pkcs11_obj_export2(gnutls_pkcs11_obj_t obj, gnutls_datum_t * out); +int gnutls_pkcs11_obj_export(gnutls_pkcs11_obj_t obj, void *output_data, + size_t *output_data_size); +int gnutls_pkcs11_obj_export2(gnutls_pkcs11_obj_t obj, gnutls_datum_t *out); int gnutls_pkcs11_obj_export3(gnutls_pkcs11_obj_t obj, - gnutls_x509_crt_fmt_t fmt, gnutls_datum_t * out); + gnutls_x509_crt_fmt_t fmt, gnutls_datum_t *out); int gnutls_pkcs11_get_raw_issuer(const char *url, gnutls_x509_crt_t cert, - gnutls_datum_t * issuer, + gnutls_datum_t *issuer, gnutls_x509_crt_fmt_t fmt, unsigned int flags); int gnutls_pkcs11_get_raw_issuer_by_dn(const char *url, - const gnutls_datum_t * dn, - gnutls_datum_t * issuer, + const gnutls_datum_t *dn, + gnutls_datum_t *issuer, gnutls_x509_crt_fmt_t fmt, unsigned int flags); -int gnutls_pkcs11_get_raw_issuer_by_subject_key_id(const char *url, - const gnutls_datum_t * dn, - const gnutls_datum_t * spki, - gnutls_datum_t * issuer, - gnutls_x509_crt_fmt_t fmt, - unsigned int flags); +int gnutls_pkcs11_get_raw_issuer_by_subject_key_id( + const char *url, const gnutls_datum_t *dn, const gnutls_datum_t *spki, + gnutls_datum_t *issuer, gnutls_x509_crt_fmt_t fmt, unsigned int flags); unsigned gnutls_pkcs11_crt_is_known(const char *url, gnutls_x509_crt_t cert, unsigned int flags); -# if 0 +#if 0 /* for documentation */ int gnutls_pkcs11_copy_x509_crt(const char *token_url, gnutls_x509_crt_t crt, @@ -219,44 +217,41 @@ int gnutls_pkcs11_privkey_generate(const char *url, gnutls_pk_algorithm_t pk, unsigned int bits, const char *label, unsigned int flags); -# endif +#endif -int -gnutls_pkcs11_copy_pubkey(const char *token_url, - gnutls_pubkey_t crt, const char *label, - const gnutls_datum_t * cid, - unsigned int key_usage, unsigned int flags); +int gnutls_pkcs11_copy_pubkey(const char *token_url, gnutls_pubkey_t crt, + const char *label, const gnutls_datum_t *cid, + unsigned int key_usage, unsigned int flags); -# define gnutls_pkcs11_copy_x509_crt(url, crt, label, flags) \ +#define gnutls_pkcs11_copy_x509_crt(url, crt, label, flags) \ gnutls_pkcs11_copy_x509_crt2(url, crt, label, NULL, flags) -int gnutls_pkcs11_copy_x509_crt2(const char *token_url, - gnutls_x509_crt_t crt, - const char *label, - const gnutls_datum_t * id, unsigned int flags - /* GNUTLS_PKCS11_OBJ_FLAG_* */ ); +int gnutls_pkcs11_copy_x509_crt2(const char *token_url, gnutls_x509_crt_t crt, + const char *label, const gnutls_datum_t *id, + unsigned int flags + /* GNUTLS_PKCS11_OBJ_FLAG_* */); -# define gnutls_pkcs11_copy_x509_privkey(url, key, label, usage, flags) \ +#define gnutls_pkcs11_copy_x509_privkey(url, key, label, usage, flags) \ gnutls_pkcs11_copy_x509_privkey2(url, key, label, NULL, usage, flags) int gnutls_pkcs11_copy_x509_privkey2(const char *token_url, gnutls_x509_privkey_t key, const char *label, - const gnutls_datum_t * cid, + const gnutls_datum_t *cid, unsigned int key_usage - /*GNUTLS_KEY_* */ , + /*GNUTLS_KEY_* */, unsigned int flags /* GNUTLS_PKCS11_OBJ_FLAG_* */ - ); +); int gnutls_pkcs11_delete_url(const char *object_url, unsigned int flags - /* GNUTLS_PKCS11_OBJ_FLAG_* */ ); + /* GNUTLS_PKCS11_OBJ_FLAG_* */); -int gnutls_pkcs11_copy_secret_key(const char *token_url, - gnutls_datum_t * key, - const char *label, unsigned int key_usage - /* GNUTLS_KEY_* */ , +int gnutls_pkcs11_copy_secret_key(const char *token_url, gnutls_datum_t *key, + const char *label, + unsigned int key_usage + /* GNUTLS_KEY_* */, unsigned int flags - /* GNUTLS_PKCS11_OBJ_FLAG_* */ ); + /* GNUTLS_PKCS11_OBJ_FLAG_* */); /** * gnutls_pkcs11_obj_info_t: @@ -287,27 +282,29 @@ typedef enum { GNUTLS_PKCS11_OBJ_LIBRARY_MANUFACTURER } gnutls_pkcs11_obj_info_t; -int -gnutls_pkcs11_obj_get_ptr(gnutls_pkcs11_obj_t obj, void **ptr, - void **session, void **ohandle, - unsigned long *slot_id, unsigned int flags); +int gnutls_pkcs11_obj_get_ptr(gnutls_pkcs11_obj_t obj, void **ptr, + void **session, void **ohandle, + unsigned long *slot_id, unsigned int flags); int gnutls_pkcs11_obj_get_info(gnutls_pkcs11_obj_t obj, - gnutls_pkcs11_obj_info_t itype, - void *output, size_t *output_size); + gnutls_pkcs11_obj_info_t itype, void *output, + size_t *output_size); int gnutls_pkcs11_obj_set_info(gnutls_pkcs11_obj_t obj, - gnutls_pkcs11_obj_info_t itype, - const void *data, size_t data_size, - unsigned flags); - -# define GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL GNUTLS_PKCS11_OBJ_FLAG_CRT -# define GNUTLS_PKCS11_OBJ_ATTR_MATCH 0 /* always match the given URL */ -# define GNUTLS_PKCS11_OBJ_ATTR_ALL 0 /* match everything! */ -# define GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED (GNUTLS_PKCS11_OBJ_FLAG_CRT|GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED) -# define GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY (GNUTLS_PKCS11_OBJ_FLAG_CRT|GNUTLS_PKCS11_OBJ_FLAG_WITH_PRIVKEY) -# define GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED_CA (GNUTLS_PKCS11_OBJ_FLAG_CRT|GNUTLS_PKCS11_OBJ_FLAG_MARK_CA|GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED) -# define GNUTLS_PKCS11_OBJ_ATTR_PUBKEY GNUTLS_PKCS11_OBJ_FLAG_PUBKEY -# define GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY GNUTLS_PKCS11_OBJ_FLAG_PRIVKEY + gnutls_pkcs11_obj_info_t itype, const void *data, + size_t data_size, unsigned flags); + +#define GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL GNUTLS_PKCS11_OBJ_FLAG_CRT +#define GNUTLS_PKCS11_OBJ_ATTR_MATCH 0 /* always match the given URL */ +#define GNUTLS_PKCS11_OBJ_ATTR_ALL 0 /* match everything! */ +#define GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED \ + (GNUTLS_PKCS11_OBJ_FLAG_CRT | GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED) +#define GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY \ + (GNUTLS_PKCS11_OBJ_FLAG_CRT | GNUTLS_PKCS11_OBJ_FLAG_WITH_PRIVKEY) +#define GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED_CA \ + (GNUTLS_PKCS11_OBJ_FLAG_CRT | GNUTLS_PKCS11_OBJ_FLAG_MARK_CA | \ + GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED) +#define GNUTLS_PKCS11_OBJ_ATTR_PUBKEY GNUTLS_PKCS11_OBJ_FLAG_PUBKEY +#define GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY GNUTLS_PKCS11_OBJ_FLAG_PRIVKEY /** * gnutls_pkcs11_token_info_t: @@ -350,65 +347,67 @@ typedef enum { GNUTLS_PKCS11_OBJ_X509_CRT_EXTENSION } gnutls_pkcs11_obj_type_t; -int -gnutls_pkcs11_token_init(const char *token_url, - const char *so_pin, const char *label); +int gnutls_pkcs11_token_init(const char *token_url, const char *so_pin, + const char *label); -int -gnutls_pkcs11_token_get_ptr(const char *url, void **ptr, unsigned long *slot_id, - unsigned int flags); +int gnutls_pkcs11_token_get_ptr(const char *url, void **ptr, + unsigned long *slot_id, unsigned int flags); -int -gnutls_pkcs11_token_get_mechanism(const char *url, - unsigned int idx, unsigned long *mechanism); +int gnutls_pkcs11_token_get_mechanism(const char *url, unsigned int idx, + unsigned long *mechanism); -unsigned -gnutls_pkcs11_token_check_mechanism(const char *url, - unsigned long mechanism, - void *ptr, unsigned psize, unsigned flags); +unsigned gnutls_pkcs11_token_check_mechanism(const char *url, + unsigned long mechanism, void *ptr, + unsigned psize, unsigned flags); int gnutls_pkcs11_token_set_pin(const char *token_url, const char *oldpin, const char *newpin, - unsigned int flags /*gnutls_pin_flag_t */ ); + unsigned int flags /*gnutls_pin_flag_t */); int gnutls_pkcs11_token_get_url(unsigned int seq, gnutls_pkcs11_url_type_t detailed, char **url); int gnutls_pkcs11_token_get_info(const char *url, - gnutls_pkcs11_token_info_t ttype, - void *output, size_t *output_size); - -# define GNUTLS_PKCS11_TOKEN_HW 1 -# define GNUTLS_PKCS11_TOKEN_TRUSTED (1<<1) /* p11-kit trusted */ -# define GNUTLS_PKCS11_TOKEN_RNG (1<<2) /* CKF_RNG */ -# define GNUTLS_PKCS11_TOKEN_LOGIN_REQUIRED (1<<3) /* CKF_LOGIN_REQUIRED */ -# define GNUTLS_PKCS11_TOKEN_PROTECTED_AUTHENTICATION_PATH (1<<4) /* CKF_PROTECTED_AUTHENTICATION_PATH */ -# define GNUTLS_PKCS11_TOKEN_INITIALIZED (1<<5) /* CKF_TOKEN_INITIALIZED */ -# define GNUTLS_PKCS11_TOKEN_USER_PIN_COUNT_LOW (1<<6) /* CKF_USER_PIN_COUNT_LOW */ -# define GNUTLS_PKCS11_TOKEN_USER_PIN_FINAL_TRY (1<<7) /* CKF_USER_PIN_FINAL_TRY */ -# define GNUTLS_PKCS11_TOKEN_USER_PIN_LOCKED (1<<8) /* CKF_USER_PIN_LOCKED */ -# define GNUTLS_PKCS11_TOKEN_SO_PIN_COUNT_LOW (1<<9) /* CKF_SO_PIN_COUNT_LOW */ -# define GNUTLS_PKCS11_TOKEN_SO_PIN_FINAL_TRY (1<<10) /* CKF_SO_PIN_FINAL_TRY */ -# define GNUTLS_PKCS11_TOKEN_SO_PIN_LOCKED (1<<11) /* CKF_SO_PIN_LOCKED */ -# define GNUTLS_PKCS11_TOKEN_USER_PIN_INITIALIZED (1<<12) /* CKF_USER_PIN_INITIALIZED */ -# define GNUTLS_PKCS11_TOKEN_ERROR_STATE (1<<13)/* CKF_ERROR_STATE */ + gnutls_pkcs11_token_info_t ttype, void *output, + size_t *output_size); + +#define GNUTLS_PKCS11_TOKEN_HW 1 +#define GNUTLS_PKCS11_TOKEN_TRUSTED (1 << 1) /* p11-kit trusted */ +#define GNUTLS_PKCS11_TOKEN_RNG (1 << 2) /* CKF_RNG */ +#define GNUTLS_PKCS11_TOKEN_LOGIN_REQUIRED (1 << 3) /* CKF_LOGIN_REQUIRED */ +#define GNUTLS_PKCS11_TOKEN_PROTECTED_AUTHENTICATION_PATH \ + (1 << 4) /* CKF_PROTECTED_AUTHENTICATION_PATH */ +#define GNUTLS_PKCS11_TOKEN_INITIALIZED (1 << 5) /* CKF_TOKEN_INITIALIZED */ +#define GNUTLS_PKCS11_TOKEN_USER_PIN_COUNT_LOW \ + (1 << 6) /* CKF_USER_PIN_COUNT_LOW */ +#define GNUTLS_PKCS11_TOKEN_USER_PIN_FINAL_TRY \ + (1 << 7) /* CKF_USER_PIN_FINAL_TRY */ +#define GNUTLS_PKCS11_TOKEN_USER_PIN_LOCKED (1 << 8) /* CKF_USER_PIN_LOCKED */ +#define GNUTLS_PKCS11_TOKEN_SO_PIN_COUNT_LOW (1 << 9) /* CKF_SO_PIN_COUNT_LOW */ +#define GNUTLS_PKCS11_TOKEN_SO_PIN_FINAL_TRY \ + (1 << 10) /* CKF_SO_PIN_FINAL_TRY */ +#define GNUTLS_PKCS11_TOKEN_SO_PIN_LOCKED (1 << 11) /* CKF_SO_PIN_LOCKED */ +#define GNUTLS_PKCS11_TOKEN_USER_PIN_INITIALIZED \ + (1 << 12) /* CKF_USER_PIN_INITIALIZED */ +#define GNUTLS_PKCS11_TOKEN_ERROR_STATE (1 << 13) /* CKF_ERROR_STATE */ int gnutls_pkcs11_token_get_flags(const char *url, unsigned int *flags); -# define gnutls_pkcs11_obj_list_import_url(p_list, n_list, url, attrs, flags) gnutls_pkcs11_obj_list_import_url3(p_list, n_list, url, attrs|flags) -# define gnutls_pkcs11_obj_list_import_url2(p_list, n_list, url, attrs, flags) gnutls_pkcs11_obj_list_import_url4(p_list, n_list, url, attrs|flags) +#define gnutls_pkcs11_obj_list_import_url(p_list, n_list, url, attrs, flags) \ + gnutls_pkcs11_obj_list_import_url3(p_list, n_list, url, attrs | flags) +#define gnutls_pkcs11_obj_list_import_url2(p_list, n_list, url, attrs, flags) \ + gnutls_pkcs11_obj_list_import_url4(p_list, n_list, url, attrs | flags) -int gnutls_pkcs11_obj_list_import_url3(gnutls_pkcs11_obj_t * p_list, +int gnutls_pkcs11_obj_list_import_url3(gnutls_pkcs11_obj_t *p_list, unsigned int *const n_list, const char *url, unsigned int flags /* GNUTLS_PKCS11_OBJ_FLAG_* */ - ); +); -int -gnutls_pkcs11_obj_list_import_url4(gnutls_pkcs11_obj_t ** p_list, - unsigned int *n_list, - const char *url, unsigned int flags - /* GNUTLS_PKCS11_OBJ_FLAG_* */ - ); +int gnutls_pkcs11_obj_list_import_url4(gnutls_pkcs11_obj_t **p_list, + unsigned int *n_list, const char *url, + unsigned int flags + /* GNUTLS_PKCS11_OBJ_FLAG_* */ +); int gnutls_x509_crt_import_pkcs11(gnutls_x509_crt_t crt, gnutls_pkcs11_obj_t pkcs11_crt); @@ -416,81 +415,77 @@ int gnutls_x509_crt_import_pkcs11(gnutls_x509_crt_t crt, gnutls_pkcs11_obj_type_t gnutls_pkcs11_obj_get_type(gnutls_pkcs11_obj_t obj); const char *gnutls_pkcs11_type_get_name(gnutls_pkcs11_obj_type_t type); -int -gnutls_pkcs11_obj_get_exts(gnutls_pkcs11_obj_t obj, - struct gnutls_x509_ext_st **exts, - unsigned int *exts_size, unsigned int flags); +int gnutls_pkcs11_obj_get_exts(gnutls_pkcs11_obj_t obj, + struct gnutls_x509_ext_st **exts, + unsigned int *exts_size, unsigned int flags); int gnutls_pkcs11_obj_get_flags(gnutls_pkcs11_obj_t obj, unsigned int *oflags); char *gnutls_pkcs11_obj_flags_get_str(unsigned int flags); -int gnutls_x509_crt_list_import_pkcs11(gnutls_x509_crt_t * certs, +int gnutls_x509_crt_list_import_pkcs11(gnutls_x509_crt_t *certs, unsigned int cert_max, - gnutls_pkcs11_obj_t * - const objs, unsigned int flags - /* must be zero */ ); + gnutls_pkcs11_obj_t *const objs, + unsigned int flags + /* must be zero */); /* private key functions...*/ -int gnutls_pkcs11_privkey_init(gnutls_pkcs11_privkey_t * key); +int gnutls_pkcs11_privkey_init(gnutls_pkcs11_privkey_t *key); -int -gnutls_pkcs11_privkey_cpy(gnutls_pkcs11_privkey_t dst, - gnutls_pkcs11_privkey_t src); +int gnutls_pkcs11_privkey_cpy(gnutls_pkcs11_privkey_t dst, + gnutls_pkcs11_privkey_t src); -void gnutls_pkcs11_privkey_set_pin_function(gnutls_pkcs11_privkey_t - key, - gnutls_pin_callback_t - fn, void *userdata); +void gnutls_pkcs11_privkey_set_pin_function(gnutls_pkcs11_privkey_t key, + gnutls_pin_callback_t fn, + void *userdata); void gnutls_pkcs11_privkey_deinit(gnutls_pkcs11_privkey_t key); -int gnutls_pkcs11_privkey_get_pk_algorithm(gnutls_pkcs11_privkey_t - key, unsigned int *bits); +int gnutls_pkcs11_privkey_get_pk_algorithm(gnutls_pkcs11_privkey_t key, + unsigned int *bits); int gnutls_pkcs11_privkey_get_info(gnutls_pkcs11_privkey_t pkey, - gnutls_pkcs11_obj_info_t itype, - void *output, size_t *output_size); + gnutls_pkcs11_obj_info_t itype, void *output, + size_t *output_size); int gnutls_pkcs11_privkey_import_url(gnutls_pkcs11_privkey_t pkey, const char *url, unsigned int flags); int gnutls_pkcs11_privkey_export_url(gnutls_pkcs11_privkey_t key, - gnutls_pkcs11_url_type_t - detailed, char **url); + gnutls_pkcs11_url_type_t detailed, + char **url); unsigned gnutls_pkcs11_privkey_status(gnutls_pkcs11_privkey_t key); -# define gnutls_pkcs11_privkey_generate(url, pk, bits, label, flags) \ - gnutls_pkcs11_privkey_generate3(url, pk, bits, label, NULL, 0, NULL, 0, flags) +#define gnutls_pkcs11_privkey_generate(url, pk, bits, label, flags) \ + gnutls_pkcs11_privkey_generate3(url, pk, bits, label, NULL, 0, NULL, \ + 0, flags) -# define gnutls_pkcs11_privkey_generate2(url, pk, bits, label, fmt, pubkey, flags) \ - gnutls_pkcs11_privkey_generate3(url, pk, bits, label, NULL, fmt, pubkey, 0, flags) +#define gnutls_pkcs11_privkey_generate2(url, pk, bits, label, fmt, pubkey, \ + flags) \ + gnutls_pkcs11_privkey_generate3(url, pk, bits, label, NULL, fmt, \ + pubkey, 0, flags) -int -gnutls_pkcs11_privkey_generate3(const char *url, - gnutls_pk_algorithm_t pk, - unsigned int bits, - const char *label, - const gnutls_datum_t * cid, - gnutls_x509_crt_fmt_t fmt, - gnutls_datum_t * pubkey, - unsigned int key_usage, unsigned int flags); - -int -gnutls_pkcs11_privkey_export_pubkey(gnutls_pkcs11_privkey_t pkey, +int gnutls_pkcs11_privkey_generate3(const char *url, gnutls_pk_algorithm_t pk, + unsigned int bits, const char *label, + const gnutls_datum_t *cid, gnutls_x509_crt_fmt_t fmt, - gnutls_datum_t * pubkey, - unsigned int flags); + gnutls_datum_t *pubkey, + unsigned int key_usage, unsigned int flags); -int -gnutls_pkcs11_token_get_random(const char *token_url, void *data, size_t len); +int gnutls_pkcs11_privkey_export_pubkey(gnutls_pkcs11_privkey_t pkey, + gnutls_x509_crt_fmt_t fmt, + gnutls_datum_t *pubkey, + unsigned int flags); -int -gnutls_pkcs11_copy_attached_extension(const char *token_url, - gnutls_x509_crt_t crt, - gnutls_datum_t * data, - const char *label, unsigned int flags); +int gnutls_pkcs11_token_get_random(const char *token_url, void *data, + size_t len); + +int gnutls_pkcs11_copy_attached_extension(const char *token_url, + gnutls_x509_crt_t crt, + gnutls_datum_t *data, + const char *label, + unsigned int flags); -# define gnutls_x509_crt_import_pkcs11_url gnutls_x509_crt_import_url +#define gnutls_x509_crt_import_pkcs11_url gnutls_x509_crt_import_url #ifdef __cplusplus } #endif -#endif /* GNUTLS_PKCS11_H */ +#endif /* GNUTLS_PKCS11_H */ diff --git a/lib/includes/gnutls/pkcs12.h b/lib/includes/gnutls/pkcs12.h index ad35089ceb..b16f0fab53 100644 --- a/lib/includes/gnutls/pkcs12.h +++ b/lib/includes/gnutls/pkcs12.h @@ -21,15 +21,15 @@ */ #ifndef GNUTLS_PKCS12_H -# define GNUTLS_PKCS12_H +#define GNUTLS_PKCS12_H -# include <gnutls/x509.h> +#include <gnutls/x509.h> #ifdef __cplusplus extern "C" { #endif - /* PKCS12 structures handling +/* PKCS12 structures handling */ struct gnutls_pkcs12_int; typedef struct gnutls_pkcs12_int *gnutls_pkcs12_t; @@ -37,19 +37,17 @@ typedef struct gnutls_pkcs12_int *gnutls_pkcs12_t; struct gnutls_pkcs12_bag_int; typedef struct gnutls_pkcs12_bag_int *gnutls_pkcs12_bag_t; -int gnutls_pkcs12_init(gnutls_pkcs12_t * pkcs12); +int gnutls_pkcs12_init(gnutls_pkcs12_t *pkcs12); void gnutls_pkcs12_deinit(gnutls_pkcs12_t pkcs12); -int gnutls_pkcs12_import(gnutls_pkcs12_t pkcs12, - const gnutls_datum_t * data, +int gnutls_pkcs12_import(gnutls_pkcs12_t pkcs12, const gnutls_datum_t *data, gnutls_x509_crt_fmt_t format, unsigned int flags); -int gnutls_pkcs12_export(gnutls_pkcs12_t pkcs12, - gnutls_x509_crt_fmt_t format, +int gnutls_pkcs12_export(gnutls_pkcs12_t pkcs12, gnutls_x509_crt_fmt_t format, void *output_data, size_t *output_data_size); -int gnutls_pkcs12_export2(gnutls_pkcs12_t pkcs12, - gnutls_x509_crt_fmt_t format, gnutls_datum_t * out); +int gnutls_pkcs12_export2(gnutls_pkcs12_t pkcs12, gnutls_x509_crt_fmt_t format, + gnutls_datum_t *out); -int gnutls_pkcs12_get_bag(gnutls_pkcs12_t pkcs12, - int indx, gnutls_pkcs12_bag_t bag); +int gnutls_pkcs12_get_bag(gnutls_pkcs12_t pkcs12, int indx, + gnutls_pkcs12_bag_t bag); int gnutls_pkcs12_set_bag(gnutls_pkcs12_t pkcs12, gnutls_pkcs12_bag_t bag); int gnutls_pkcs12_generate_mac(gnutls_pkcs12_t pkcs12, const char *pass); @@ -58,27 +56,25 @@ int gnutls_pkcs12_generate_mac2(gnutls_pkcs12_t pkcs12, int gnutls_pkcs12_verify_mac(gnutls_pkcs12_t pkcs12, const char *pass); int gnutls_pkcs12_bag_decrypt(gnutls_pkcs12_bag_t bag, const char *pass); -int gnutls_pkcs12_bag_encrypt(gnutls_pkcs12_bag_t bag, - const char *pass, unsigned int flags); - -int -gnutls_pkcs12_bag_enc_info(gnutls_pkcs12_bag_t bag, unsigned int *schema, - unsigned int *cipher, void *salt, - unsigned int *salt_size, unsigned int *iter_count, - char **oid); +int gnutls_pkcs12_bag_encrypt(gnutls_pkcs12_bag_t bag, const char *pass, + unsigned int flags); + +int gnutls_pkcs12_bag_enc_info(gnutls_pkcs12_bag_t bag, unsigned int *schema, + unsigned int *cipher, void *salt, + unsigned int *salt_size, + unsigned int *iter_count, char **oid); int gnutls_pkcs12_mac_info(gnutls_pkcs12_t pkcs12, unsigned int *mac, void *salt, unsigned int *salt_size, unsigned int *iter_count, char **oid); -# define GNUTLS_PKCS12_SP_INCLUDE_SELF_SIGNED 1 -int gnutls_pkcs12_simple_parse(gnutls_pkcs12_t p12, - const char *password, - gnutls_x509_privkey_t * key, - gnutls_x509_crt_t ** chain, +#define GNUTLS_PKCS12_SP_INCLUDE_SELF_SIGNED 1 +int gnutls_pkcs12_simple_parse(gnutls_pkcs12_t p12, const char *password, + gnutls_x509_privkey_t *key, + gnutls_x509_crt_t **chain, unsigned int *chain_len, - gnutls_x509_crt_t ** extra_certs, + gnutls_x509_crt_t **extra_certs, unsigned int *extra_certs_len, - gnutls_x509_crl_t * crl, unsigned int flags); + gnutls_x509_crl_t *crl, unsigned int flags); /** * gnutls_pkcs12_bag_type_t: @@ -99,7 +95,7 @@ typedef enum gnutls_pkcs12_bag_type_t { GNUTLS_BAG_PKCS8_KEY = 2, GNUTLS_BAG_CERTIFICATE = 3, GNUTLS_BAG_CRL = 4, - GNUTLS_BAG_SECRET = 5, /* Secret data. Underspecified in pkcs-12, + GNUTLS_BAG_SECRET = 5, /* Secret data. Underspecified in pkcs-12, * gnutls extension. We use the PKCS-9 * random nonce ID 1.2.840.113549.1.9.25.3 * to store randomly generated keys. @@ -110,34 +106,33 @@ typedef enum gnutls_pkcs12_bag_type_t { int gnutls_pkcs12_bag_get_type(gnutls_pkcs12_bag_t bag, unsigned indx); int gnutls_pkcs12_bag_get_data(gnutls_pkcs12_bag_t bag, unsigned indx, - gnutls_datum_t * data); + gnutls_datum_t *data); int gnutls_pkcs12_bag_set_data(gnutls_pkcs12_bag_t bag, gnutls_pkcs12_bag_type_t type, - const gnutls_datum_t * data); + const gnutls_datum_t *data); int gnutls_pkcs12_bag_set_crl(gnutls_pkcs12_bag_t bag, gnutls_x509_crl_t crl); int gnutls_pkcs12_bag_set_crt(gnutls_pkcs12_bag_t bag, gnutls_x509_crt_t crt); -int -gnutls_pkcs12_bag_set_privkey(gnutls_pkcs12_bag_t bag, - gnutls_x509_privkey_t privkey, - const char *password, unsigned flags); +int gnutls_pkcs12_bag_set_privkey(gnutls_pkcs12_bag_t bag, + gnutls_x509_privkey_t privkey, + const char *password, unsigned flags); -int gnutls_pkcs12_bag_init(gnutls_pkcs12_bag_t * bag); +int gnutls_pkcs12_bag_init(gnutls_pkcs12_bag_t *bag); void gnutls_pkcs12_bag_deinit(gnutls_pkcs12_bag_t bag); int gnutls_pkcs12_bag_get_count(gnutls_pkcs12_bag_t bag); int gnutls_pkcs12_bag_get_key_id(gnutls_pkcs12_bag_t bag, unsigned indx, - gnutls_datum_t * id); + gnutls_datum_t *id); int gnutls_pkcs12_bag_set_key_id(gnutls_pkcs12_bag_t bag, unsigned indx, - const gnutls_datum_t * id); + const gnutls_datum_t *id); -int gnutls_pkcs12_bag_get_friendly_name(gnutls_pkcs12_bag_t bag, - unsigned indx, char **name); -int gnutls_pkcs12_bag_set_friendly_name(gnutls_pkcs12_bag_t bag, - unsigned indx, const char *name); +int gnutls_pkcs12_bag_get_friendly_name(gnutls_pkcs12_bag_t bag, unsigned indx, + char **name); +int gnutls_pkcs12_bag_set_friendly_name(gnutls_pkcs12_bag_t bag, unsigned indx, + const char *name); #ifdef __cplusplus } #endif -#endif /* GNUTLS_PKCS12_H */ +#endif /* GNUTLS_PKCS12_H */ diff --git a/lib/includes/gnutls/pkcs7.h b/lib/includes/gnutls/pkcs7.h index 777c0002f6..35660ddb67 100644 --- a/lib/includes/gnutls/pkcs7.h +++ b/lib/includes/gnutls/pkcs7.h @@ -26,10 +26,10 @@ */ #ifndef GNUTLS_PKCS7_H -# define GNUTLS_PKCS7_H +#define GNUTLS_PKCS7_H -# include <gnutls/gnutls.h> -# include <gnutls/x509.h> +#include <gnutls/gnutls.h> +#include <gnutls/x509.h> #ifdef __cplusplus extern "C" { @@ -40,22 +40,20 @@ extern "C" { struct gnutls_pkcs7_int; typedef struct gnutls_pkcs7_int *gnutls_pkcs7_t; -int gnutls_pkcs7_init(gnutls_pkcs7_t * pkcs7); +int gnutls_pkcs7_init(gnutls_pkcs7_t *pkcs7); void gnutls_pkcs7_deinit(gnutls_pkcs7_t pkcs7); -int gnutls_pkcs7_import(gnutls_pkcs7_t pkcs7, - const gnutls_datum_t * data, +int gnutls_pkcs7_import(gnutls_pkcs7_t pkcs7, const gnutls_datum_t *data, gnutls_x509_crt_fmt_t format); -int gnutls_pkcs7_export(gnutls_pkcs7_t pkcs7, - gnutls_x509_crt_fmt_t format, +int gnutls_pkcs7_export(gnutls_pkcs7_t pkcs7, gnutls_x509_crt_fmt_t format, void *output_data, size_t *output_data_size); -int gnutls_pkcs7_export2(gnutls_pkcs7_t pkcs7, - gnutls_x509_crt_fmt_t format, gnutls_datum_t * out); +int gnutls_pkcs7_export2(gnutls_pkcs7_t pkcs7, gnutls_x509_crt_fmt_t format, + gnutls_datum_t *out); int gnutls_pkcs7_get_signature_count(gnutls_pkcs7_t pkcs7); -# define GNUTLS_PKCS7_EDATA_GET_RAW (1<<24) +#define GNUTLS_PKCS7_EDATA_GET_RAW (1 << 24) int gnutls_pkcs7_get_embedded_data(gnutls_pkcs7_t pkcs7, unsigned flags, - gnutls_datum_t * data); + gnutls_datum_t *data); const char *gnutls_pkcs7_get_embedded_data_oid(gnutls_pkcs7_t pkcs7); @@ -63,15 +61,15 @@ int gnutls_pkcs7_get_crt_count(gnutls_pkcs7_t pkcs7); int gnutls_pkcs7_get_crt_raw(gnutls_pkcs7_t pkcs7, unsigned indx, void *certificate, size_t *certificate_size); -int gnutls_pkcs7_set_crt_raw(gnutls_pkcs7_t pkcs7, const gnutls_datum_t * crt); +int gnutls_pkcs7_set_crt_raw(gnutls_pkcs7_t pkcs7, const gnutls_datum_t *crt); int gnutls_pkcs7_set_crt(gnutls_pkcs7_t pkcs7, gnutls_x509_crt_t crt); int gnutls_pkcs7_delete_crt(gnutls_pkcs7_t pkcs7, int indx); -int gnutls_pkcs7_get_crl_raw(gnutls_pkcs7_t pkcs7, - unsigned indx, void *crl, size_t *crl_size); +int gnutls_pkcs7_get_crl_raw(gnutls_pkcs7_t pkcs7, unsigned indx, void *crl, + size_t *crl_size); int gnutls_pkcs7_get_crl_count(gnutls_pkcs7_t pkcs7); -int gnutls_pkcs7_set_crl_raw(gnutls_pkcs7_t pkcs7, const gnutls_datum_t * crl); +int gnutls_pkcs7_set_crl_raw(gnutls_pkcs7_t pkcs7, const gnutls_datum_t *crl); int gnutls_pkcs7_set_crl(gnutls_pkcs7_t pkcs7, gnutls_x509_crl_t crl); int gnutls_pkcs7_delete_crl(gnutls_pkcs7_t pkcs7, int indx); @@ -89,24 +87,24 @@ typedef struct gnutls_pkcs7_signature_info_st { char pad[64]; } gnutls_pkcs7_signature_info_st; -void gnutls_pkcs7_signature_info_deinit(gnutls_pkcs7_signature_info_st * info); +void gnutls_pkcs7_signature_info_deinit(gnutls_pkcs7_signature_info_st *info); int gnutls_pkcs7_get_signature_info(gnutls_pkcs7_t pkcs7, unsigned idx, - gnutls_pkcs7_signature_info_st * info); + gnutls_pkcs7_signature_info_st *info); int gnutls_pkcs7_verify_direct(gnutls_pkcs7_t pkcs7, gnutls_x509_crt_t signer, - unsigned idx, const gnutls_datum_t * data, + unsigned idx, const gnutls_datum_t *data, unsigned flags); int gnutls_pkcs7_verify(gnutls_pkcs7_t pkcs7, gnutls_x509_trust_list_t tl, - gnutls_typed_vdata_st * vdata, unsigned int vdata_size, - unsigned idx, const gnutls_datum_t * data, + gnutls_typed_vdata_st *vdata, unsigned int vdata_size, + unsigned idx, const gnutls_datum_t *data, unsigned flags); -# define GNUTLS_PKCS7_ATTR_ENCODE_OCTET_STRING 1 -int gnutls_pkcs7_add_attr(gnutls_pkcs7_attrs_t * list, const char *oid, - gnutls_datum_t * data, unsigned flags); +#define GNUTLS_PKCS7_ATTR_ENCODE_OCTET_STRING 1 +int gnutls_pkcs7_add_attr(gnutls_pkcs7_attrs_t *list, const char *oid, + gnutls_datum_t *data, unsigned flags); void gnutls_pkcs7_attrs_deinit(gnutls_pkcs7_attrs_t list); int gnutls_pkcs7_get_attr(gnutls_pkcs7_attrs_t list, unsigned idx, char **oid, - gnutls_datum_t * data, unsigned flags); + gnutls_datum_t *data, unsigned flags); /** * gnutls_pkcs7_sign_flags: @@ -124,31 +122,27 @@ typedef enum gnutls_pkcs7_sign_flags { GNUTLS_PKCS7_WRITE_SPKI = (1 << 3) } gnutls_pkcs7_sign_flags; -int gnutls_pkcs7_sign(gnutls_pkcs7_t pkcs7, - gnutls_x509_crt_t signer, - gnutls_privkey_t signer_key, - const gnutls_datum_t * data, +int gnutls_pkcs7_sign(gnutls_pkcs7_t pkcs7, gnutls_x509_crt_t signer, + gnutls_privkey_t signer_key, const gnutls_datum_t *data, gnutls_pkcs7_attrs_t signed_attrs, gnutls_pkcs7_attrs_t unsigned_attrs, gnutls_digest_algorithm_t dig, unsigned flags); -int -gnutls_pkcs7_get_crt_raw2(gnutls_pkcs7_t pkcs7, - unsigned indx, gnutls_datum_t * cert); -int -gnutls_pkcs7_get_crl_raw2(gnutls_pkcs7_t pkcs7, - unsigned indx, gnutls_datum_t * crl); +int gnutls_pkcs7_get_crt_raw2(gnutls_pkcs7_t pkcs7, unsigned indx, + gnutls_datum_t *cert); +int gnutls_pkcs7_get_crl_raw2(gnutls_pkcs7_t pkcs7, unsigned indx, + gnutls_datum_t *crl); int gnutls_pkcs7_print(gnutls_pkcs7_t pkcs7, gnutls_certificate_print_formats_t format, - gnutls_datum_t * out); + gnutls_datum_t *out); -int gnutls_pkcs7_print_signature_info(gnutls_pkcs7_signature_info_st * info, +int gnutls_pkcs7_print_signature_info(gnutls_pkcs7_signature_info_st *info, gnutls_certificate_print_formats_t format, - gnutls_datum_t * out); + gnutls_datum_t *out); #ifdef __cplusplus } #endif -#endif /* GNUTLS_PKCS7_H */ +#endif /* GNUTLS_PKCS7_H */ diff --git a/lib/includes/gnutls/self-test.h b/lib/includes/gnutls/self-test.h index 0d5989e63a..c695a8d93c 100644 --- a/lib/includes/gnutls/self-test.h +++ b/lib/includes/gnutls/self-test.h @@ -21,14 +21,14 @@ */ #ifndef GNUTLS_SELF_TEST_H -# define GNUTLS_SELF_TEST_H +#define GNUTLS_SELF_TEST_H -# include <gnutls/gnutls.h> +#include <gnutls/gnutls.h> - /* Self checking functions */ +/* Self checking functions */ -# define GNUTLS_SELF_TEST_FLAG_ALL 1 -# define GNUTLS_SELF_TEST_FLAG_NO_COMPAT (1<<1) +#define GNUTLS_SELF_TEST_FLAG_ALL 1 +#define GNUTLS_SELF_TEST_FLAG_NO_COMPAT (1 << 1) int gnutls_cipher_self_test(unsigned flags, gnutls_cipher_algorithm_t cipher); int gnutls_mac_self_test(unsigned flags, gnutls_mac_algorithm_t mac); @@ -38,4 +38,4 @@ int gnutls_hkdf_self_test(unsigned flags, gnutls_mac_algorithm_t mac); int gnutls_pbkdf2_self_test(unsigned flags, gnutls_mac_algorithm_t mac); int gnutls_tlsprf_self_test(unsigned flags, gnutls_mac_algorithm_t mac); -#endif /* GNUTLS_SELF_TEST_H */ +#endif /* GNUTLS_SELF_TEST_H */ diff --git a/lib/includes/gnutls/socket.h b/lib/includes/gnutls/socket.h index ccf24a76e8..46e72dbb72 100644 --- a/lib/includes/gnutls/socket.h +++ b/lib/includes/gnutls/socket.h @@ -24,19 +24,18 @@ */ #ifndef GNUTLS_SOCKET_H -# define GNUTLS_SOCKET_H +#define GNUTLS_SOCKET_H -# include <gnutls/gnutls.h> +#include <gnutls/gnutls.h> /* Get socklen_t */ -# include <sys/socket.h> +#include <sys/socket.h> #ifdef __cplusplus extern "C" { #endif -void gnutls_transport_set_fastopen(gnutls_session_t session, - int fd, +void gnutls_transport_set_fastopen(gnutls_session_t session, int fd, struct sockaddr *connect_addr, socklen_t connect_addrlen, unsigned int flags); @@ -45,4 +44,4 @@ void gnutls_transport_set_fastopen(gnutls_session_t session, } #endif -#endif /* GNUTLS_SOCKET_H */ +#endif /* GNUTLS_SOCKET_H */ diff --git a/lib/includes/gnutls/system-keys.h b/lib/includes/gnutls/system-keys.h index f392fcfa8e..aa653067a5 100644 --- a/lib/includes/gnutls/system-keys.h +++ b/lib/includes/gnutls/system-keys.h @@ -21,10 +21,10 @@ */ #ifndef GNUTLS_SYSTEM_KEYS_H -# define GNUTLS_SYSTEM_KEYS_H +#define GNUTLS_SYSTEM_KEYS_H -# include <gnutls/gnutls.h> -# include <gnutls/x509.h> +#include <gnutls/gnutls.h> +#include <gnutls/x509.h> /* This API allows to access user key and certificate pairs that are * available in the current system. If any passwords are required, @@ -39,12 +39,12 @@ struct system_key_iter_st; typedef struct system_key_iter_st *gnutls_system_key_iter_t; void gnutls_system_key_iter_deinit(gnutls_system_key_iter_t iter); -int -gnutls_system_key_iter_get_info(gnutls_system_key_iter_t * iter, - unsigned cert_type - /* gnutls_certificate_type_t */ , - char **cert_url, char **key_url, char **label, - gnutls_datum_t * der, unsigned int flags); +int gnutls_system_key_iter_get_info(gnutls_system_key_iter_t *iter, + unsigned cert_type + /* gnutls_certificate_type_t */, + char **cert_url, char **key_url, + char **label, gnutls_datum_t *der, + unsigned int flags); int gnutls_system_key_delete(const char *cert_url, const char *key_url); @@ -56,4 +56,4 @@ int gnutls_system_key_add_x509(gnutls_x509_crt_t crt, } #endif -#endif /* GNUTLS_SYSTEM_KEYS_H */ +#endif /* GNUTLS_SYSTEM_KEYS_H */ diff --git a/lib/includes/gnutls/tpm.h b/lib/includes/gnutls/tpm.h index e54e0bbf66..8824952bb9 100644 --- a/lib/includes/gnutls/tpm.h +++ b/lib/includes/gnutls/tpm.h @@ -21,10 +21,10 @@ */ #ifndef GNUTLS_TPM_H -# define GNUTLS_TPM_H +#define GNUTLS_TPM_H -# include <gnutls/gnutls.h> -# include <gnutls/x509.h> +#include <gnutls/gnutls.h> +#include <gnutls/x509.h> #ifdef __cplusplus extern "C" { @@ -33,9 +33,9 @@ extern "C" { struct tpm_key_list_st; typedef struct tpm_key_list_st *gnutls_tpm_key_list_t; -# define GNUTLS_TPM_KEY_SIGNING (1<<1) -# define GNUTLS_TPM_REGISTER_KEY (1<<2) -# define GNUTLS_TPM_KEY_USER (1<<3) +#define GNUTLS_TPM_KEY_SIGNING (1 << 1) +#define GNUTLS_TPM_REGISTER_KEY (1 << 2) +#define GNUTLS_TPM_KEY_USER (1 << 3) /** * gnutls_tpmkey_fmt_t: @@ -51,26 +51,22 @@ typedef enum { GNUTLS_TPMKEY_FMT_CTK_PEM = 1 } gnutls_tpmkey_fmt_t; -int -gnutls_tpm_privkey_generate(gnutls_pk_algorithm_t pk, - unsigned int bits, - const char *srk_password, - const char *key_password, - gnutls_tpmkey_fmt_t format, - gnutls_x509_crt_fmt_t pub_format, - gnutls_datum_t * privkey, - gnutls_datum_t * pubkey, unsigned int flags); +int gnutls_tpm_privkey_generate(gnutls_pk_algorithm_t pk, unsigned int bits, + const char *srk_password, + const char *key_password, + gnutls_tpmkey_fmt_t format, + gnutls_x509_crt_fmt_t pub_format, + gnutls_datum_t *privkey, gnutls_datum_t *pubkey, + unsigned int flags); void gnutls_tpm_key_list_deinit(gnutls_tpm_key_list_t list); -int gnutls_tpm_key_list_get_url(gnutls_tpm_key_list_t list, - unsigned int idx, char **url, - unsigned int flags); -int gnutls_tpm_get_registered(gnutls_tpm_key_list_t * list); +int gnutls_tpm_key_list_get_url(gnutls_tpm_key_list_t list, unsigned int idx, + char **url, unsigned int flags); +int gnutls_tpm_get_registered(gnutls_tpm_key_list_t *list); int gnutls_tpm_privkey_delete(const char *url, const char *srk_password); - #ifdef __cplusplus } #endif -#endif /* GNUTLS_TPM_H */ +#endif /* GNUTLS_TPM_H */ diff --git a/lib/includes/gnutls/urls.h b/lib/includes/gnutls/urls.h index 3f2ef45a80..368c26d090 100644 --- a/lib/includes/gnutls/urls.h +++ b/lib/includes/gnutls/urls.h @@ -21,11 +21,11 @@ */ #ifndef GNUTLS_URLS_H -# define GNUTLS_URLS_H +#define GNUTLS_URLS_H -# include <gnutls/gnutls.h> -# include <gnutls/x509.h> -# include <gnutls/abstract.h> +#include <gnutls/gnutls.h> +#include <gnutls/x509.h> +#include <gnutls/abstract.h> /* This API allows to register application specific URLs for * keys and certificates. @@ -53,7 +53,7 @@ typedef int (*gnutls_pubkey_import_url_func)(gnutls_pubkey_t pkey, * it should return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE. */ typedef int (*gnutls_get_raw_issuer_func)(const char *url, gnutls_x509_crt_t crt, - gnutls_datum_t * issuer_der, + gnutls_datum_t *issuer_der, unsigned flags); typedef struct gnutls_custom_url_st { @@ -63,14 +63,14 @@ typedef struct gnutls_custom_url_st { gnutls_x509_crt_import_url_func import_crt; gnutls_pubkey_import_url_func import_pubkey; gnutls_get_raw_issuer_func get_issuer; - void *future1; /* replace in a future extension */ - void *future2; /* replace in a future extension */ + void *future1; /* replace in a future extension */ + void *future2; /* replace in a future extension */ } gnutls_custom_url_st; -int gnutls_register_custom_url(const gnutls_custom_url_st * st); +int gnutls_register_custom_url(const gnutls_custom_url_st *st); #ifdef __cplusplus } #endif -#endif /* GNUTLS_URLS_H */ +#endif /* GNUTLS_URLS_H */ diff --git a/lib/includes/gnutls/x509-ext.h b/lib/includes/gnutls/x509-ext.h index c0fa233b5a..6993c3c9a5 100644 --- a/lib/includes/gnutls/x509-ext.h +++ b/lib/includes/gnutls/x509-ext.h @@ -23,10 +23,10 @@ /* Prototypes for direct handling of extension data */ #ifndef GNUTLS_X509_EXT_H -# define GNUTLS_X509_EXT_H +#define GNUTLS_X509_EXT_H -# include <gnutls/gnutls.h> -# include <gnutls/x509.h> +#include <gnutls/gnutls.h> +#include <gnutls/x509.h> #ifdef __cplusplus extern "C" { @@ -38,22 +38,24 @@ int gnutls_subject_alt_names_init(gnutls_subject_alt_names_t *); void gnutls_subject_alt_names_deinit(gnutls_subject_alt_names_t sans); int gnutls_subject_alt_names_get(gnutls_subject_alt_names_t sans, unsigned int seq, unsigned int *san_type, - gnutls_datum_t * san, - gnutls_datum_t * othername_oid); + gnutls_datum_t *san, + gnutls_datum_t *othername_oid); int gnutls_subject_alt_names_set(gnutls_subject_alt_names_t sans, unsigned int san_type, - const gnutls_datum_t * san, + const gnutls_datum_t *san, const char *othername_oid); -int gnutls_x509_ext_import_subject_alt_names(const gnutls_datum_t * ext, +int gnutls_x509_ext_import_subject_alt_names(const gnutls_datum_t *ext, gnutls_subject_alt_names_t, unsigned int flags); int gnutls_x509_ext_export_subject_alt_names(gnutls_subject_alt_names_t, - gnutls_datum_t * ext); + gnutls_datum_t *ext); /* They are exactly the same */ -# define gnutls_x509_ext_import_issuer_alt_name gnutls_x509_ext_import_subject_alt_name -# define gnutls_x509_ext_export_issuer_alt_name gnutls_x509_ext_export_subject_alt_name +#define gnutls_x509_ext_import_issuer_alt_name \ + gnutls_x509_ext_import_subject_alt_name +#define gnutls_x509_ext_export_issuer_alt_name \ + gnutls_x509_ext_export_subject_alt_name typedef struct gnutls_x509_crl_dist_points_st *gnutls_x509_crl_dist_points_t; @@ -61,115 +63,113 @@ int gnutls_x509_crl_dist_points_init(gnutls_x509_crl_dist_points_t *); void gnutls_x509_crl_dist_points_deinit(gnutls_x509_crl_dist_points_t); int gnutls_x509_crl_dist_points_get(gnutls_x509_crl_dist_points_t, unsigned int seq, unsigned int *type, - gnutls_datum_t * dist, + gnutls_datum_t *dist, unsigned int *reason_flags); int gnutls_x509_crl_dist_points_set(gnutls_x509_crl_dist_points_t, gnutls_x509_subject_alt_name_t type, - const gnutls_datum_t * dist, + const gnutls_datum_t *dist, unsigned int reason_flags); -int gnutls_x509_ext_import_crl_dist_points(const gnutls_datum_t * ext, +int gnutls_x509_ext_import_crl_dist_points(const gnutls_datum_t *ext, gnutls_x509_crl_dist_points_t dp, unsigned int flags); int gnutls_x509_ext_export_crl_dist_points(gnutls_x509_crl_dist_points_t dp, - gnutls_datum_t * ext); + gnutls_datum_t *ext); -int gnutls_x509_ext_import_name_constraints(const gnutls_datum_t * ext, +int gnutls_x509_ext_import_name_constraints(const gnutls_datum_t *ext, gnutls_x509_name_constraints_t nc, unsigned int flags); int gnutls_x509_ext_export_name_constraints(gnutls_x509_name_constraints_t nc, - gnutls_datum_t * ext); + gnutls_datum_t *ext); typedef struct gnutls_x509_aia_st *gnutls_x509_aia_t; int gnutls_x509_aia_init(gnutls_x509_aia_t *); void gnutls_x509_aia_deinit(gnutls_x509_aia_t); int gnutls_x509_aia_get(gnutls_x509_aia_t aia, unsigned int seq, - gnutls_datum_t * oid, - unsigned *san_type, gnutls_datum_t * san); -int gnutls_x509_aia_set(gnutls_x509_aia_t aia, - const char *oid, - unsigned san_type, const gnutls_datum_t * san); + gnutls_datum_t *oid, unsigned *san_type, + gnutls_datum_t *san); +int gnutls_x509_aia_set(gnutls_x509_aia_t aia, const char *oid, + unsigned san_type, const gnutls_datum_t *san); -int gnutls_x509_ext_import_aia(const gnutls_datum_t * ext, - gnutls_x509_aia_t, unsigned int flags); -int gnutls_x509_ext_export_aia(gnutls_x509_aia_t aia, gnutls_datum_t * ext); +int gnutls_x509_ext_import_aia(const gnutls_datum_t *ext, gnutls_x509_aia_t, + unsigned int flags); +int gnutls_x509_ext_export_aia(gnutls_x509_aia_t aia, gnutls_datum_t *ext); -int gnutls_x509_ext_import_subject_key_id(const gnutls_datum_t * ext, - gnutls_datum_t * id); -int gnutls_x509_ext_export_subject_key_id(const gnutls_datum_t * id, - gnutls_datum_t * ext); +int gnutls_x509_ext_import_subject_key_id(const gnutls_datum_t *ext, + gnutls_datum_t *id); +int gnutls_x509_ext_export_subject_key_id(const gnutls_datum_t *id, + gnutls_datum_t *ext); typedef struct gnutls_x509_aki_st *gnutls_x509_aki_t; int gnutls_x509_ext_export_authority_key_id(gnutls_x509_aki_t, - gnutls_datum_t * ext); -int gnutls_x509_ext_import_authority_key_id(const gnutls_datum_t * ext, + gnutls_datum_t *ext); +int gnutls_x509_ext_import_authority_key_id(const gnutls_datum_t *ext, gnutls_x509_aki_t, unsigned int flags); int gnutls_x509_othername_to_virtual(const char *oid, - const gnutls_datum_t * othername, + const gnutls_datum_t *othername, unsigned int *virt_type, - gnutls_datum_t * virt); + gnutls_datum_t *virt); int gnutls_x509_aki_init(gnutls_x509_aki_t *); -int gnutls_x509_aki_get_id(gnutls_x509_aki_t, gnutls_datum_t * id); +int gnutls_x509_aki_get_id(gnutls_x509_aki_t, gnutls_datum_t *id); int gnutls_x509_aki_get_cert_issuer(gnutls_x509_aki_t aki, unsigned int seq, - unsigned int *san_type, - gnutls_datum_t * san, - gnutls_datum_t * othername_oid, - gnutls_datum_t * serial); -int gnutls_x509_aki_set_id(gnutls_x509_aki_t aki, const gnutls_datum_t * id); + unsigned int *san_type, gnutls_datum_t *san, + gnutls_datum_t *othername_oid, + gnutls_datum_t *serial); +int gnutls_x509_aki_set_id(gnutls_x509_aki_t aki, const gnutls_datum_t *id); int gnutls_x509_aki_set_cert_issuer(gnutls_x509_aki_t aki, unsigned int san_type, - const gnutls_datum_t * san, + const gnutls_datum_t *san, const char *othername_oid, - const gnutls_datum_t * serial); + const gnutls_datum_t *serial); void gnutls_x509_aki_deinit(gnutls_x509_aki_t); -int gnutls_x509_ext_import_private_key_usage_period(const gnutls_datum_t * ext, - time_t * activation, - time_t * expiration); +int gnutls_x509_ext_import_private_key_usage_period(const gnutls_datum_t *ext, + time_t *activation, + time_t *expiration); int gnutls_x509_ext_export_private_key_usage_period(time_t activation, time_t expiration, - gnutls_datum_t * ext); + gnutls_datum_t *ext); -int gnutls_x509_ext_import_basic_constraints(const gnutls_datum_t * ext, +int gnutls_x509_ext_import_basic_constraints(const gnutls_datum_t *ext, unsigned int *ca, int *pathlen); int gnutls_x509_ext_export_basic_constraints(unsigned int ca, int pathlen, - gnutls_datum_t * ext); + gnutls_datum_t *ext); typedef struct gnutls_x509_key_purposes_st *gnutls_x509_key_purposes_t; -int gnutls_x509_key_purpose_init(gnutls_x509_key_purposes_t * p); +int gnutls_x509_key_purpose_init(gnutls_x509_key_purposes_t *p); void gnutls_x509_key_purpose_deinit(gnutls_x509_key_purposes_t p); int gnutls_x509_key_purpose_set(gnutls_x509_key_purposes_t p, const char *oid); int gnutls_x509_key_purpose_get(gnutls_x509_key_purposes_t p, unsigned idx, - gnutls_datum_t * oid); + gnutls_datum_t *oid); -int gnutls_x509_ext_import_key_purposes(const gnutls_datum_t * ext, +int gnutls_x509_ext_import_key_purposes(const gnutls_datum_t *ext, gnutls_x509_key_purposes_t, unsigned int flags); int gnutls_x509_ext_export_key_purposes(gnutls_x509_key_purposes_t, - gnutls_datum_t * ext); + gnutls_datum_t *ext); -int gnutls_x509_ext_import_key_usage(const gnutls_datum_t * ext, +int gnutls_x509_ext_import_key_usage(const gnutls_datum_t *ext, unsigned int *key_usage); int gnutls_x509_ext_export_key_usage(unsigned int key_usage, - gnutls_datum_t * ext); + gnutls_datum_t *ext); -int gnutls_x509_ext_import_inhibit_anypolicy(const gnutls_datum_t * ext, +int gnutls_x509_ext_import_inhibit_anypolicy(const gnutls_datum_t *ext, unsigned int *skipcerts); int gnutls_x509_ext_export_inhibit_anypolicy(unsigned int skipcerts, - gnutls_datum_t * ext); + gnutls_datum_t *ext); -int gnutls_x509_ext_import_proxy(const gnutls_datum_t * ext, int *pathlen, +int gnutls_x509_ext_import_proxy(const gnutls_datum_t *ext, int *pathlen, char **policyLanguage, char **policy, size_t *sizeof_policy); int gnutls_x509_ext_export_proxy(int pathLenConstraint, const char *policyLanguage, const char *policy, - size_t sizeof_policy, gnutls_datum_t * ext); + size_t sizeof_policy, gnutls_datum_t *ext); typedef struct gnutls_x509_policies_st *gnutls_x509_policies_t; @@ -181,40 +181,40 @@ int gnutls_x509_policies_get(gnutls_x509_policies_t policies, unsigned int seq, int gnutls_x509_policies_set(gnutls_x509_policies_t policies, const struct gnutls_x509_policy_st *policy); -int gnutls_x509_ext_import_policies(const gnutls_datum_t * ext, +int gnutls_x509_ext_import_policies(const gnutls_datum_t *ext, gnutls_x509_policies_t policies, unsigned int flags); int gnutls_x509_ext_export_policies(gnutls_x509_policies_t policies, - gnutls_datum_t * ext); + gnutls_datum_t *ext); -int gnutls_x509_ext_import_tlsfeatures(const gnutls_datum_t * ext, +int gnutls_x509_ext_import_tlsfeatures(const gnutls_datum_t *ext, gnutls_x509_tlsfeatures_t, unsigned int flags); int gnutls_x509_ext_export_tlsfeatures(gnutls_x509_tlsfeatures_t f, - gnutls_datum_t * ext); + gnutls_datum_t *ext); int gnutls_x509_tlsfeatures_add(gnutls_x509_tlsfeatures_t f, unsigned int feature); typedef struct gnutls_x509_ct_scts_st *gnutls_x509_ct_scts_t; -int gnutls_x509_ext_ct_scts_init(gnutls_x509_ct_scts_t * scts); +int gnutls_x509_ext_ct_scts_init(gnutls_x509_ct_scts_t *scts); void gnutls_x509_ext_ct_scts_deinit(gnutls_x509_ct_scts_t scts); -int gnutls_x509_ext_ct_import_scts(const gnutls_datum_t * ext, +int gnutls_x509_ext_ct_import_scts(const gnutls_datum_t *ext, gnutls_x509_ct_scts_t scts, unsigned int flags); int gnutls_x509_ext_ct_export_scts(const gnutls_x509_ct_scts_t scts, - gnutls_datum_t * ext); + gnutls_datum_t *ext); int gnutls_x509_ct_sct_get_version(const gnutls_x509_ct_scts_t scts, unsigned idx, unsigned int *version_out); int gnutls_x509_ct_sct_get(const gnutls_x509_ct_scts_t scts, unsigned idx, - time_t * timestamp, gnutls_datum_t * logid, - gnutls_sign_algorithm_t * sigalg, - gnutls_datum_t * signature); + time_t *timestamp, gnutls_datum_t *logid, + gnutls_sign_algorithm_t *sigalg, + gnutls_datum_t *signature); #ifdef __cplusplus } #endif -#endif /* GNUTLS_X509_EXT_H */ +#endif /* GNUTLS_X509_EXT_H */ diff --git a/lib/includes/gnutls/x509.h b/lib/includes/gnutls/x509.h index d5a5e8e914..08ee980f73 100644 --- a/lib/includes/gnutls/x509.h +++ b/lib/includes/gnutls/x509.h @@ -26,9 +26,9 @@ */ #ifndef GNUTLS_X509_H -# define GNUTLS_X509_H +#define GNUTLS_X509_H -# include <gnutls/gnutls.h> +#include <gnutls/gnutls.h> #ifdef __cplusplus extern "C" { @@ -37,77 +37,77 @@ extern "C" { /* Some OIDs usually found in Distinguished names, or * in Subject Directory Attribute extensions. */ -# define GNUTLS_OID_X520_COUNTRY_NAME "2.5.4.6" -# define GNUTLS_OID_X520_ORGANIZATION_NAME "2.5.4.10" -# define GNUTLS_OID_X520_ORGANIZATIONAL_UNIT_NAME "2.5.4.11" -# define GNUTLS_OID_X520_COMMON_NAME "2.5.4.3" -# define GNUTLS_OID_X520_LOCALITY_NAME "2.5.4.7" -# define GNUTLS_OID_X520_STATE_OR_PROVINCE_NAME "2.5.4.8" - -# define GNUTLS_OID_X520_INITIALS "2.5.4.43" -# define GNUTLS_OID_X520_GENERATION_QUALIFIER "2.5.4.44" -# define GNUTLS_OID_X520_SURNAME "2.5.4.4" -# define GNUTLS_OID_X520_GIVEN_NAME "2.5.4.42" -# define GNUTLS_OID_X520_TITLE "2.5.4.12" -# define GNUTLS_OID_X520_DN_QUALIFIER "2.5.4.46" -# define GNUTLS_OID_X520_PSEUDONYM "2.5.4.65" -# define GNUTLS_OID_X520_POSTALCODE "2.5.4.17" -# define GNUTLS_OID_X520_NAME "2.5.4.41" - -# define GNUTLS_OID_LDAP_DC "0.9.2342.19200300.100.1.25" -# define GNUTLS_OID_LDAP_UID "0.9.2342.19200300.100.1.1" +#define GNUTLS_OID_X520_COUNTRY_NAME "2.5.4.6" +#define GNUTLS_OID_X520_ORGANIZATION_NAME "2.5.4.10" +#define GNUTLS_OID_X520_ORGANIZATIONAL_UNIT_NAME "2.5.4.11" +#define GNUTLS_OID_X520_COMMON_NAME "2.5.4.3" +#define GNUTLS_OID_X520_LOCALITY_NAME "2.5.4.7" +#define GNUTLS_OID_X520_STATE_OR_PROVINCE_NAME "2.5.4.8" + +#define GNUTLS_OID_X520_INITIALS "2.5.4.43" +#define GNUTLS_OID_X520_GENERATION_QUALIFIER "2.5.4.44" +#define GNUTLS_OID_X520_SURNAME "2.5.4.4" +#define GNUTLS_OID_X520_GIVEN_NAME "2.5.4.42" +#define GNUTLS_OID_X520_TITLE "2.5.4.12" +#define GNUTLS_OID_X520_DN_QUALIFIER "2.5.4.46" +#define GNUTLS_OID_X520_PSEUDONYM "2.5.4.65" +#define GNUTLS_OID_X520_POSTALCODE "2.5.4.17" +#define GNUTLS_OID_X520_NAME "2.5.4.41" + +#define GNUTLS_OID_LDAP_DC "0.9.2342.19200300.100.1.25" +#define GNUTLS_OID_LDAP_UID "0.9.2342.19200300.100.1.1" /* The following should not be included in DN. */ -# define GNUTLS_OID_PKCS9_EMAIL "1.2.840.113549.1.9.1" +#define GNUTLS_OID_PKCS9_EMAIL "1.2.840.113549.1.9.1" -# define GNUTLS_OID_PKIX_DATE_OF_BIRTH "1.3.6.1.5.5.7.9.1" -# define GNUTLS_OID_PKIX_PLACE_OF_BIRTH "1.3.6.1.5.5.7.9.2" -# define GNUTLS_OID_PKIX_GENDER "1.3.6.1.5.5.7.9.3" -# define GNUTLS_OID_PKIX_COUNTRY_OF_CITIZENSHIP "1.3.6.1.5.5.7.9.4" -# define GNUTLS_OID_PKIX_COUNTRY_OF_RESIDENCE "1.3.6.1.5.5.7.9.5" +#define GNUTLS_OID_PKIX_DATE_OF_BIRTH "1.3.6.1.5.5.7.9.1" +#define GNUTLS_OID_PKIX_PLACE_OF_BIRTH "1.3.6.1.5.5.7.9.2" +#define GNUTLS_OID_PKIX_GENDER "1.3.6.1.5.5.7.9.3" +#define GNUTLS_OID_PKIX_COUNTRY_OF_CITIZENSHIP "1.3.6.1.5.5.7.9.4" +#define GNUTLS_OID_PKIX_COUNTRY_OF_RESIDENCE "1.3.6.1.5.5.7.9.5" /* Key purpose Object Identifiers. */ -# define GNUTLS_KP_TLS_WWW_SERVER "1.3.6.1.5.5.7.3.1" -# define GNUTLS_KP_TLS_WWW_CLIENT "1.3.6.1.5.5.7.3.2" -# define GNUTLS_KP_CODE_SIGNING "1.3.6.1.5.5.7.3.3" -# define GNUTLS_KP_MS_SMART_CARD_LOGON "1.3.6.1.4.1.311.20.2.2" -# define GNUTLS_KP_EMAIL_PROTECTION "1.3.6.1.5.5.7.3.4" -# define GNUTLS_KP_TIME_STAMPING "1.3.6.1.5.5.7.3.8" -# define GNUTLS_KP_OCSP_SIGNING "1.3.6.1.5.5.7.3.9" -# define GNUTLS_KP_IPSEC_IKE "1.3.6.1.5.5.7.3.17" -# define GNUTLS_KP_ANY "2.5.29.37.0" - -# define GNUTLS_KP_FLAG_DISALLOW_ANY 1 - -# define GNUTLS_OID_AIA "1.3.6.1.5.5.7.1.1" -# define GNUTLS_OID_AD_OCSP "1.3.6.1.5.5.7.48.1" -# define GNUTLS_OID_AD_CAISSUERS "1.3.6.1.5.5.7.48.2" - -# define GNUTLS_FSAN_SET 0 -# define GNUTLS_FSAN_APPEND 1 -# define GNUTLS_FSAN_ENCODE_OCTET_STRING (1<<1) -# define GNUTLS_FSAN_ENCODE_UTF8_STRING (1<<2) - -# define GNUTLS_X509EXT_OID_SUBJECT_KEY_ID "2.5.29.14" -# define GNUTLS_X509EXT_OID_KEY_USAGE "2.5.29.15" -# define GNUTLS_X509EXT_OID_PRIVATE_KEY_USAGE_PERIOD "2.5.29.16" -# define GNUTLS_X509EXT_OID_SAN "2.5.29.17" -# define GNUTLS_X509EXT_OID_IAN "2.5.29.18" -# define GNUTLS_X509EXT_OID_BASIC_CONSTRAINTS "2.5.29.19" -# define GNUTLS_X509EXT_OID_NAME_CONSTRAINTS "2.5.29.30" -# define GNUTLS_X509EXT_OID_CRL_DIST_POINTS "2.5.29.31" -# define GNUTLS_X509EXT_OID_CRT_POLICY "2.5.29.32" -# define GNUTLS_X509EXT_OID_AUTHORITY_KEY_ID "2.5.29.35" -# define GNUTLS_X509EXT_OID_EXTENDED_KEY_USAGE "2.5.29.37" -# define GNUTLS_X509EXT_OID_INHIBIT_ANYPOLICY "2.5.29.52" -# define GNUTLS_X509EXT_OID_AUTHORITY_INFO_ACCESS "1.3.6.1.5.5.7.1.1" -# define GNUTLS_X509EXT_OID_PROXY_CRT_INFO "1.3.6.1.5.5.7.1.14" -# define GNUTLS_X509EXT_OID_TLSFEATURES "1.3.6.1.5.5.7.1.24" -# define GNUTLS_X509EXT_OID_CT_SCT_V1 "1.3.6.1.4.1.11129.2.4.2" - -# define GNUTLS_X509_OID_POLICY_ANY "2.5.29.54" +#define GNUTLS_KP_TLS_WWW_SERVER "1.3.6.1.5.5.7.3.1" +#define GNUTLS_KP_TLS_WWW_CLIENT "1.3.6.1.5.5.7.3.2" +#define GNUTLS_KP_CODE_SIGNING "1.3.6.1.5.5.7.3.3" +#define GNUTLS_KP_MS_SMART_CARD_LOGON "1.3.6.1.4.1.311.20.2.2" +#define GNUTLS_KP_EMAIL_PROTECTION "1.3.6.1.5.5.7.3.4" +#define GNUTLS_KP_TIME_STAMPING "1.3.6.1.5.5.7.3.8" +#define GNUTLS_KP_OCSP_SIGNING "1.3.6.1.5.5.7.3.9" +#define GNUTLS_KP_IPSEC_IKE "1.3.6.1.5.5.7.3.17" +#define GNUTLS_KP_ANY "2.5.29.37.0" + +#define GNUTLS_KP_FLAG_DISALLOW_ANY 1 + +#define GNUTLS_OID_AIA "1.3.6.1.5.5.7.1.1" +#define GNUTLS_OID_AD_OCSP "1.3.6.1.5.5.7.48.1" +#define GNUTLS_OID_AD_CAISSUERS "1.3.6.1.5.5.7.48.2" + +#define GNUTLS_FSAN_SET 0 +#define GNUTLS_FSAN_APPEND 1 +#define GNUTLS_FSAN_ENCODE_OCTET_STRING (1 << 1) +#define GNUTLS_FSAN_ENCODE_UTF8_STRING (1 << 2) + +#define GNUTLS_X509EXT_OID_SUBJECT_KEY_ID "2.5.29.14" +#define GNUTLS_X509EXT_OID_KEY_USAGE "2.5.29.15" +#define GNUTLS_X509EXT_OID_PRIVATE_KEY_USAGE_PERIOD "2.5.29.16" +#define GNUTLS_X509EXT_OID_SAN "2.5.29.17" +#define GNUTLS_X509EXT_OID_IAN "2.5.29.18" +#define GNUTLS_X509EXT_OID_BASIC_CONSTRAINTS "2.5.29.19" +#define GNUTLS_X509EXT_OID_NAME_CONSTRAINTS "2.5.29.30" +#define GNUTLS_X509EXT_OID_CRL_DIST_POINTS "2.5.29.31" +#define GNUTLS_X509EXT_OID_CRT_POLICY "2.5.29.32" +#define GNUTLS_X509EXT_OID_AUTHORITY_KEY_ID "2.5.29.35" +#define GNUTLS_X509EXT_OID_EXTENDED_KEY_USAGE "2.5.29.37" +#define GNUTLS_X509EXT_OID_INHIBIT_ANYPOLICY "2.5.29.52" +#define GNUTLS_X509EXT_OID_AUTHORITY_INFO_ACCESS "1.3.6.1.5.5.7.1.1" +#define GNUTLS_X509EXT_OID_PROXY_CRT_INFO "1.3.6.1.5.5.7.1.14" +#define GNUTLS_X509EXT_OID_TLSFEATURES "1.3.6.1.5.5.7.1.24" +#define GNUTLS_X509EXT_OID_CT_SCT_V1 "1.3.6.1.4.1.11129.2.4.2" + +#define GNUTLS_X509_OID_POLICY_ANY "2.5.29.54" /* Certificate handling functions. */ @@ -130,7 +130,7 @@ typedef enum gnutls_certificate_import_flags { GNUTLS_X509_CRT_LIST_SORT = 1 << 2 } gnutls_certificate_import_flags; -int gnutls_x509_crt_init(gnutls_x509_crt_t * cert); +int gnutls_x509_crt_init(gnutls_x509_crt_t *cert); void gnutls_x509_crt_deinit(gnutls_x509_crt_t cert); /** @@ -149,71 +149,61 @@ void gnutls_x509_crt_set_flags(gnutls_x509_crt_t cert, unsigned flags); unsigned gnutls_x509_crt_equals(gnutls_x509_crt_t cert1, gnutls_x509_crt_t cert2); unsigned gnutls_x509_crt_equals2(gnutls_x509_crt_t cert1, - const gnutls_datum_t * der); + const gnutls_datum_t *der); -int gnutls_x509_crt_import(gnutls_x509_crt_t cert, - const gnutls_datum_t * data, +int gnutls_x509_crt_import(gnutls_x509_crt_t cert, const gnutls_datum_t *data, gnutls_x509_crt_fmt_t format); -int gnutls_x509_crt_list_import2(gnutls_x509_crt_t ** certs, - unsigned int *size, - const gnutls_datum_t * data, +int gnutls_x509_crt_list_import2(gnutls_x509_crt_t **certs, unsigned int *size, + const gnutls_datum_t *data, gnutls_x509_crt_fmt_t format, unsigned int flags); -int gnutls_x509_crt_list_import(gnutls_x509_crt_t * certs, +int gnutls_x509_crt_list_import(gnutls_x509_crt_t *certs, unsigned int *cert_max, - const gnutls_datum_t * data, + const gnutls_datum_t *data, gnutls_x509_crt_fmt_t format, unsigned int flags); -int gnutls_x509_crt_import_url(gnutls_x509_crt_t crt, - const char *url, unsigned int flags +int gnutls_x509_crt_import_url(gnutls_x509_crt_t crt, const char *url, + unsigned int flags /* GNUTLS_PKCS11_OBJ_FLAG_* */ - ); +); -int -gnutls_x509_crt_list_import_url(gnutls_x509_crt_t ** certs, - unsigned int *size, - const char *url, - gnutls_pin_callback_t pin_fn, - void *pin_fn_userdata, unsigned int flags); +int gnutls_x509_crt_list_import_url(gnutls_x509_crt_t **certs, + unsigned int *size, const char *url, + gnutls_pin_callback_t pin_fn, + void *pin_fn_userdata, unsigned int flags); -int gnutls_x509_crt_export(gnutls_x509_crt_t cert, - gnutls_x509_crt_fmt_t format, +int gnutls_x509_crt_export(gnutls_x509_crt_t cert, gnutls_x509_crt_fmt_t format, void *output_data, size_t *output_data_size); int gnutls_x509_crt_export2(gnutls_x509_crt_t cert, - gnutls_x509_crt_fmt_t format, gnutls_datum_t * out); -int gnutls_x509_crt_get_private_key_usage_period(gnutls_x509_crt_t - cert, - time_t * - activation, - time_t * - expiration, unsigned int - *critical); - -int gnutls_x509_crt_get_issuer_dn(gnutls_x509_crt_t cert, - char *buf, size_t *buf_size); -int gnutls_x509_crt_get_issuer_dn2(gnutls_x509_crt_t cert, gnutls_datum_t * dn); -int gnutls_x509_crt_get_issuer_dn3(gnutls_x509_crt_t cert, - gnutls_datum_t * dn, unsigned flags); -int gnutls_x509_crt_get_issuer_dn_oid(gnutls_x509_crt_t cert, - unsigned indx, void *oid, - size_t *oid_size); + gnutls_x509_crt_fmt_t format, gnutls_datum_t *out); +int gnutls_x509_crt_get_private_key_usage_period(gnutls_x509_crt_t cert, + time_t *activation, + time_t *expiration, + unsigned int *critical); + +int gnutls_x509_crt_get_issuer_dn(gnutls_x509_crt_t cert, char *buf, + size_t *buf_size); +int gnutls_x509_crt_get_issuer_dn2(gnutls_x509_crt_t cert, gnutls_datum_t *dn); +int gnutls_x509_crt_get_issuer_dn3(gnutls_x509_crt_t cert, gnutls_datum_t *dn, + unsigned flags); +int gnutls_x509_crt_get_issuer_dn_oid(gnutls_x509_crt_t cert, unsigned indx, + void *oid, size_t *oid_size); int gnutls_x509_crt_get_issuer_dn_by_oid(gnutls_x509_crt_t cert, const char *oid, unsigned indx, - unsigned int raw_flag, - void *buf, size_t *buf_size); + unsigned int raw_flag, void *buf, + size_t *buf_size); int gnutls_x509_crt_get_dn(gnutls_x509_crt_t cert, char *buf, size_t *buf_size); -int gnutls_x509_crt_get_dn2(gnutls_x509_crt_t cert, gnutls_datum_t * dn); -int gnutls_x509_crt_get_dn3(gnutls_x509_crt_t cert, gnutls_datum_t * dn, +int gnutls_x509_crt_get_dn2(gnutls_x509_crt_t cert, gnutls_datum_t *dn); +int gnutls_x509_crt_get_dn3(gnutls_x509_crt_t cert, gnutls_datum_t *dn, unsigned flags); -int gnutls_x509_crt_get_dn_oid(gnutls_x509_crt_t cert, unsigned indx, - void *oid, size_t *oid_size); -int gnutls_x509_crt_get_dn_by_oid(gnutls_x509_crt_t cert, - const char *oid, unsigned indx, - unsigned int raw_flag, void *buf, - size_t *buf_size); +int gnutls_x509_crt_get_dn_oid(gnutls_x509_crt_t cert, unsigned indx, void *oid, + size_t *oid_size); +int gnutls_x509_crt_get_dn_by_oid(gnutls_x509_crt_t cert, const char *oid, + unsigned indx, unsigned int raw_flag, + void *buf, size_t *buf_size); unsigned gnutls_x509_crt_check_hostname(gnutls_x509_crt_t cert, const char *hostname); unsigned gnutls_x509_crt_check_hostname2(gnutls_x509_crt_t cert, @@ -222,14 +212,13 @@ unsigned gnutls_x509_crt_check_hostname2(gnutls_x509_crt_t cert, unsigned gnutls_x509_crt_check_email(gnutls_x509_crt_t cert, const char *email, unsigned int flags); -unsigned -gnutls_x509_crt_check_ip(gnutls_x509_crt_t cert, - const unsigned char *ip, unsigned int ip_size, - unsigned int flags); +unsigned gnutls_x509_crt_check_ip(gnutls_x509_crt_t cert, + const unsigned char *ip, unsigned int ip_size, + unsigned int flags); int gnutls_x509_crt_get_signature_algorithm(gnutls_x509_crt_t cert); -int gnutls_x509_crt_get_signature(gnutls_x509_crt_t cert, - char *sig, size_t *sizeof_sig); +int gnutls_x509_crt_get_signature(gnutls_x509_crt_t cert, char *sig, + size_t *sizeof_sig); int gnutls_x509_crt_get_version(gnutls_x509_crt_t cert); int gnutls_x509_crt_get_pk_oid(gnutls_x509_crt_t cert, char *oid, @@ -253,47 +242,37 @@ typedef enum { GNUTLS_KEYID_USE_SHA512 = (1 << 1), GNUTLS_KEYID_USE_BEST_KNOWN = (1 << 30) } gnutls_keyid_flags_t; -int gnutls_x509_crt_get_key_id(gnutls_x509_crt_t crt, - unsigned int flags, +int gnutls_x509_crt_get_key_id(gnutls_x509_crt_t crt, unsigned int flags, unsigned char *output_data, size_t *output_data_size); -int gnutls_x509_crt_set_private_key_usage_period(gnutls_x509_crt_t - crt, +int gnutls_x509_crt_set_private_key_usage_period(gnutls_x509_crt_t crt, time_t activation, time_t expiration); -int gnutls_x509_crt_set_authority_key_id(gnutls_x509_crt_t cert, - const void *id, size_t id_size); -int gnutls_x509_crt_get_authority_key_id(gnutls_x509_crt_t cert, - void *id, +int gnutls_x509_crt_set_authority_key_id(gnutls_x509_crt_t cert, const void *id, + size_t id_size); +int gnutls_x509_crt_get_authority_key_id(gnutls_x509_crt_t cert, void *id, size_t *id_size, unsigned int *critical); -int gnutls_x509_crt_get_authority_key_gn_serial(gnutls_x509_crt_t - cert, - unsigned int seq, - void *alt, - size_t *alt_size, unsigned int - *alt_type, - void *serial, - size_t *serial_size, - unsigned int - *critical); - -int gnutls_x509_crt_get_subject_key_id(gnutls_x509_crt_t cert, - void *ret, +int gnutls_x509_crt_get_authority_key_gn_serial( + gnutls_x509_crt_t cert, unsigned int seq, void *alt, size_t *alt_size, + unsigned int *alt_type, void *serial, size_t *serial_size, + unsigned int *critical); + +int gnutls_x509_crt_get_subject_key_id(gnutls_x509_crt_t cert, void *ret, size_t *ret_size, unsigned int *critical); -int gnutls_x509_crt_get_subject_unique_id(gnutls_x509_crt_t crt, - char *buf, size_t *buf_size); +int gnutls_x509_crt_get_subject_unique_id(gnutls_x509_crt_t crt, char *buf, + size_t *buf_size); -int gnutls_x509_crt_get_issuer_unique_id(gnutls_x509_crt_t crt, - char *buf, size_t *buf_size); +int gnutls_x509_crt_get_issuer_unique_id(gnutls_x509_crt_t crt, char *buf, + size_t *buf_size); void gnutls_x509_crt_set_pin_function(gnutls_x509_crt_t crt, gnutls_pin_callback_t fn, void *userdata); - /** +/** * gnutls_info_access_what_t: * @GNUTLS_IA_ACCESSMETHOD_OID: Get accessMethod OID. * @GNUTLS_IA_ACCESSLOCATION_GENERALNAME_TYPE: Get accessLocation name type. @@ -315,57 +294,50 @@ typedef enum gnutls_info_access_what_t { GNUTLS_IA_CAISSUERS_URI = 10106 } gnutls_info_access_what_t; -int gnutls_x509_crt_get_authority_info_access(gnutls_x509_crt_t - crt, - unsigned int seq, - int what, - gnutls_datum_t * - data, unsigned int - *critical); +int gnutls_x509_crt_get_authority_info_access(gnutls_x509_crt_t crt, + unsigned int seq, int what, + gnutls_datum_t *data, + unsigned int *critical); typedef struct gnutls_name_constraints_st *gnutls_x509_name_constraints_t; unsigned gnutls_x509_name_constraints_check(gnutls_x509_name_constraints_t nc, gnutls_x509_subject_alt_name_t type, - const gnutls_datum_t * name); -unsigned gnutls_x509_name_constraints_check_crt(gnutls_x509_name_constraints_t - nc, - gnutls_x509_subject_alt_name_t - type, gnutls_x509_crt_t crt); + const gnutls_datum_t *name); +unsigned +gnutls_x509_name_constraints_check_crt(gnutls_x509_name_constraints_t nc, + gnutls_x509_subject_alt_name_t type, + gnutls_x509_crt_t crt); -int gnutls_x509_name_constraints_init(gnutls_x509_name_constraints_t * nc); +int gnutls_x509_name_constraints_init(gnutls_x509_name_constraints_t *nc); void gnutls_x509_name_constraints_deinit(gnutls_x509_name_constraints_t nc); -# define GNUTLS_EXT_FLAG_APPEND 1 +#define GNUTLS_EXT_FLAG_APPEND 1 -# define GNUTLS_NAME_CONSTRAINTS_FLAG_APPEND GNUTLS_EXT_FLAG_APPEND +#define GNUTLS_NAME_CONSTRAINTS_FLAG_APPEND GNUTLS_EXT_FLAG_APPEND int gnutls_x509_crt_get_name_constraints(gnutls_x509_crt_t crt, gnutls_x509_name_constraints_t nc, unsigned int flags, unsigned int *critical); -int gnutls_x509_name_constraints_add_permitted(gnutls_x509_name_constraints_t - nc, - gnutls_x509_subject_alt_name_t - type, - const gnutls_datum_t * name); -int gnutls_x509_name_constraints_add_excluded(gnutls_x509_name_constraints_t nc, - gnutls_x509_subject_alt_name_t - type, - const gnutls_datum_t * name); +int gnutls_x509_name_constraints_add_permitted( + gnutls_x509_name_constraints_t nc, gnutls_x509_subject_alt_name_t type, + const gnutls_datum_t *name); +int gnutls_x509_name_constraints_add_excluded( + gnutls_x509_name_constraints_t nc, gnutls_x509_subject_alt_name_t type, + const gnutls_datum_t *name); int gnutls_x509_crt_set_name_constraints(gnutls_x509_crt_t crt, gnutls_x509_name_constraints_t nc, unsigned int critical); -int gnutls_x509_name_constraints_get_permitted(gnutls_x509_name_constraints_t - nc, unsigned idx, unsigned *type, - gnutls_datum_t * name); +int gnutls_x509_name_constraints_get_permitted(gnutls_x509_name_constraints_t nc, + unsigned idx, unsigned *type, + gnutls_datum_t *name); int gnutls_x509_name_constraints_get_excluded(gnutls_x509_name_constraints_t nc, unsigned idx, unsigned *type, - gnutls_datum_t * name); -int gnutls_x509_cidr_to_rfc5280(const char *cidr, - gnutls_datum_t * cidr_rfc5280); + gnutls_datum_t *name); +int gnutls_x509_cidr_to_rfc5280(const char *cidr, gnutls_datum_t *cidr_rfc5280); -# define GNUTLS_CRL_REASON_SUPERSEEDED GNUTLS_CRL_REASON_SUPERSEDED, - /** +#define GNUTLS_CRL_REASON_SUPERSEEDED GNUTLS_CRL_REASON_SUPERSEDED, +/** * gnutls_x509_crl_reason_flags_t: * @GNUTLS_CRL_REASON_PRIVILEGE_WITHDRAWN: The privileges were withdrawn from the owner. * @GNUTLS_CRL_REASON_CERTIFICATE_HOLD: The certificate is on hold. @@ -393,49 +365,45 @@ typedef enum gnutls_x509_crl_reason_flags_t { } gnutls_x509_crl_reason_flags_t; int gnutls_x509_crt_get_crl_dist_points(gnutls_x509_crt_t cert, - unsigned int seq, - void *ret, + unsigned int seq, void *ret, size_t *ret_size, unsigned int *reason_flags, unsigned int *critical); int gnutls_x509_crt_set_crl_dist_points2(gnutls_x509_crt_t crt, - gnutls_x509_subject_alt_name_t - type, const void *data, + gnutls_x509_subject_alt_name_t type, + const void *data, unsigned int data_size, unsigned int reason_flags); int gnutls_x509_crt_set_crl_dist_points(gnutls_x509_crt_t crt, - gnutls_x509_subject_alt_name_t - type, + gnutls_x509_subject_alt_name_t type, const void *data_string, unsigned int reason_flags); int gnutls_x509_crt_cpy_crl_dist_points(gnutls_x509_crt_t dst, gnutls_x509_crt_t src); -int gnutls_x509_crl_sign(gnutls_x509_crl_t crl, - gnutls_x509_crt_t issuer, +int gnutls_x509_crl_sign(gnutls_x509_crl_t crl, gnutls_x509_crt_t issuer, gnutls_x509_privkey_t issuer_key); -int gnutls_x509_crl_sign2(gnutls_x509_crl_t crl, - gnutls_x509_crt_t issuer, +int gnutls_x509_crl_sign2(gnutls_x509_crl_t crl, gnutls_x509_crt_t issuer, gnutls_x509_privkey_t issuer_key, gnutls_digest_algorithm_t dig, unsigned int flags); time_t gnutls_x509_crt_get_activation_time(gnutls_x509_crt_t cert); /* This macro is deprecated and defunc; do not use */ -# define GNUTLS_X509_NO_WELL_DEFINED_EXPIRATION ((time_t)4294197631) +#define GNUTLS_X509_NO_WELL_DEFINED_EXPIRATION ((time_t)4294197631) time_t gnutls_x509_crt_get_expiration_time(gnutls_x509_crt_t cert); -int gnutls_x509_crt_get_serial(gnutls_x509_crt_t cert, - void *result, size_t *result_size); +int gnutls_x509_crt_get_serial(gnutls_x509_crt_t cert, void *result, + size_t *result_size); typedef struct gnutls_x509_spki_st *gnutls_x509_spki_t; -int gnutls_x509_spki_init(gnutls_x509_spki_t * spki); +int gnutls_x509_spki_init(gnutls_x509_spki_t *spki); void gnutls_x509_spki_deinit(gnutls_x509_spki_t spki); int gnutls_x509_spki_get_rsa_pss_params(gnutls_x509_spki_t spki, - gnutls_digest_algorithm_t * dig, + gnutls_digest_algorithm_t *dig, unsigned int *salt_size); void gnutls_x509_spki_set_rsa_pss_params(gnutls_x509_spki_t spki, @@ -449,54 +417,47 @@ int gnutls_x509_crt_set_spki(gnutls_x509_crt_t crt, int gnutls_x509_crt_get_spki(gnutls_x509_crt_t cert, gnutls_x509_spki_t spki, unsigned int flags); -int gnutls_x509_crt_get_pk_rsa_raw(gnutls_x509_crt_t crt, - gnutls_datum_t * m, gnutls_datum_t * e); -int gnutls_x509_crt_get_pk_dsa_raw(gnutls_x509_crt_t crt, - gnutls_datum_t * p, - gnutls_datum_t * q, - gnutls_datum_t * g, gnutls_datum_t * y); +int gnutls_x509_crt_get_pk_rsa_raw(gnutls_x509_crt_t crt, gnutls_datum_t *m, + gnutls_datum_t *e); +int gnutls_x509_crt_get_pk_dsa_raw(gnutls_x509_crt_t crt, gnutls_datum_t *p, + gnutls_datum_t *q, gnutls_datum_t *g, + gnutls_datum_t *y); int gnutls_x509_crt_get_pk_ecc_raw(gnutls_x509_crt_t crt, - gnutls_ecc_curve_t * curve, - gnutls_datum_t * x, gnutls_datum_t * y); + gnutls_ecc_curve_t *curve, gnutls_datum_t *x, + gnutls_datum_t *y); int gnutls_x509_crt_get_pk_gost_raw(gnutls_x509_crt_t crt, - gnutls_ecc_curve_t * curve, - gnutls_digest_algorithm_t * digest, - gnutls_gost_paramset_t * paramset, - gnutls_datum_t * x, gnutls_datum_t * y); + gnutls_ecc_curve_t *curve, + gnutls_digest_algorithm_t *digest, + gnutls_gost_paramset_t *paramset, + gnutls_datum_t *x, gnutls_datum_t *y); int gnutls_x509_crt_get_subject_alt_name(gnutls_x509_crt_t cert, - unsigned int seq, - void *san, + unsigned int seq, void *san, size_t *san_size, unsigned int *critical); int gnutls_x509_crt_get_subject_alt_name2(gnutls_x509_crt_t cert, - unsigned int seq, - void *san, + unsigned int seq, void *san, size_t *san_size, unsigned int *san_type, unsigned int *critical); -int gnutls_x509_crt_get_subject_alt_othername_oid(gnutls_x509_crt_t - cert, - unsigned int seq, - void *oid, size_t *oid_size); +int gnutls_x509_crt_get_subject_alt_othername_oid(gnutls_x509_crt_t cert, + unsigned int seq, void *oid, + size_t *oid_size); int gnutls_x509_crt_get_issuer_alt_name(gnutls_x509_crt_t cert, - unsigned int seq, - void *ian, + unsigned int seq, void *ian, size_t *ian_size, unsigned int *critical); int gnutls_x509_crt_get_issuer_alt_name2(gnutls_x509_crt_t cert, - unsigned int seq, - void *ian, + unsigned int seq, void *ian, size_t *ian_size, unsigned int *ian_type, unsigned int *critical); -int gnutls_x509_crt_get_issuer_alt_othername_oid(gnutls_x509_crt_t - cert, - unsigned int seq, - void *ret, size_t *ret_size); +int gnutls_x509_crt_get_issuer_alt_othername_oid(gnutls_x509_crt_t cert, + unsigned int seq, void *ret, + size_t *ret_size); int gnutls_x509_crt_get_ca_status(gnutls_x509_crt_t cert, unsigned int *critical); @@ -511,26 +472,22 @@ int gnutls_x509_crt_get_key_usage(gnutls_x509_crt_t cert, unsigned int *key_usage, unsigned int *critical); int gnutls_x509_crt_set_key_usage(gnutls_x509_crt_t crt, unsigned int usage); -int gnutls_x509_crt_set_authority_info_access(gnutls_x509_crt_t - crt, int what, - gnutls_datum_t * data); +int gnutls_x509_crt_set_authority_info_access(gnutls_x509_crt_t crt, int what, + gnutls_datum_t *data); int gnutls_x509_crt_get_inhibit_anypolicy(gnutls_x509_crt_t cert, unsigned int *skipcerts, unsigned int *critical); -int -gnutls_x509_crt_set_inhibit_anypolicy(gnutls_x509_crt_t crt, - unsigned int skipcerts); - -int gnutls_x509_crt_get_proxy(gnutls_x509_crt_t cert, - unsigned int *critical, - int *pathlen, - char **policyLanguage, +int gnutls_x509_crt_set_inhibit_anypolicy(gnutls_x509_crt_t crt, + unsigned int skipcerts); + +int gnutls_x509_crt_get_proxy(gnutls_x509_crt_t cert, unsigned int *critical, + int *pathlen, char **policyLanguage, char **policy, size_t *sizeof_policy); typedef struct gnutls_x509_tlsfeatures_st *gnutls_x509_tlsfeatures_t; -int gnutls_x509_tlsfeatures_init(gnutls_x509_tlsfeatures_t * features); +int gnutls_x509_tlsfeatures_init(gnutls_x509_tlsfeatures_t *features); void gnutls_x509_tlsfeatures_deinit(gnutls_x509_tlsfeatures_t); int gnutls_x509_tlsfeatures_get(gnutls_x509_tlsfeatures_t f, unsigned idx, unsigned int *feature); @@ -545,9 +502,9 @@ int gnutls_x509_crt_get_tlsfeatures(gnutls_x509_crt_t cert, unsigned gnutls_x509_tlsfeatures_check_crt(gnutls_x509_tlsfeatures_t feat, gnutls_x509_crt_t crt); -# define GNUTLS_MAX_QUALIFIERS 8 +#define GNUTLS_MAX_QUALIFIERS 8 - /** +/** * gnutls_x509_qualifier_t: * @GNUTLS_X509_QUALIFIER_UNKNOWN: Unknown qualifier. * @GNUTLS_X509_QUALIFIER_URI: A URL @@ -556,7 +513,8 @@ unsigned gnutls_x509_tlsfeatures_check_crt(gnutls_x509_tlsfeatures_t feat, * Enumeration of types for the X.509 qualifiers, of the certificate policy extension. */ typedef enum gnutls_x509_qualifier_t { - GNUTLS_X509_QUALIFIER_UNKNOWN = 0, GNUTLS_X509_QUALIFIER_URI, + GNUTLS_X509_QUALIFIER_UNKNOWN = 0, + GNUTLS_X509_QUALIFIER_URI, GNUTLS_X509_QUALIFIER_NOTICE } gnutls_x509_qualifier_t; @@ -570,51 +528,44 @@ typedef struct gnutls_x509_policy_st { } qualifier[GNUTLS_MAX_QUALIFIERS]; } gnutls_x509_policy_st; -void gnutls_x509_policy_release(struct gnutls_x509_policy_st - *policy); -int gnutls_x509_crt_get_policy(gnutls_x509_crt_t crt, unsigned indx, struct gnutls_x509_policy_st - *policy, unsigned int *critical); -int gnutls_x509_crt_set_policy(gnutls_x509_crt_t crt, const struct gnutls_x509_policy_st - *policy, unsigned int critical); +void gnutls_x509_policy_release(struct gnutls_x509_policy_st *policy); +int gnutls_x509_crt_get_policy(gnutls_x509_crt_t crt, unsigned indx, + struct gnutls_x509_policy_st *policy, + unsigned int *critical); +int gnutls_x509_crt_set_policy(gnutls_x509_crt_t crt, + const struct gnutls_x509_policy_st *policy, + unsigned int critical); int gnutls_x509_dn_oid_known(const char *oid); -# define GNUTLS_X509_DN_OID_RETURN_OID 1 +#define GNUTLS_X509_DN_OID_RETURN_OID 1 const char *gnutls_x509_dn_oid_name(const char *oid, unsigned int flags); - /* Read extensions by OID. */ -int gnutls_x509_crt_get_extension_oid(gnutls_x509_crt_t cert, - unsigned indx, void *oid, - size_t *oid_size); +/* Read extensions by OID. */ +int gnutls_x509_crt_get_extension_oid(gnutls_x509_crt_t cert, unsigned indx, + void *oid, size_t *oid_size); int gnutls_x509_crt_get_extension_by_oid(gnutls_x509_crt_t cert, const char *oid, unsigned indx, - void *buf, - size_t *buf_size, + void *buf, size_t *buf_size, unsigned int *critical); int gnutls_x509_crq_get_signature_algorithm(gnutls_x509_crq_t crq); -int -gnutls_x509_crq_get_extension_by_oid2(gnutls_x509_crq_t crq, - const char *oid, unsigned indx, - gnutls_datum_t * output, - unsigned int *critical); - - /* Read extensions by sequence number. */ -int gnutls_x509_crt_get_extension_info(gnutls_x509_crt_t cert, - unsigned indx, void *oid, - size_t *oid_size, +int gnutls_x509_crq_get_extension_by_oid2(gnutls_x509_crq_t crq, + const char *oid, unsigned indx, + gnutls_datum_t *output, + unsigned int *critical); + +/* Read extensions by sequence number. */ +int gnutls_x509_crt_get_extension_info(gnutls_x509_crt_t cert, unsigned indx, + void *oid, size_t *oid_size, unsigned int *critical); -int gnutls_x509_crt_get_extension_data(gnutls_x509_crt_t cert, - unsigned indx, void *data, - size_t *sizeof_data); -int -gnutls_x509_crt_get_extension_data2(gnutls_x509_crt_t cert, - unsigned indx, gnutls_datum_t * data); - -int gnutls_x509_crt_set_extension_by_oid(gnutls_x509_crt_t crt, - const char *oid, - const void *buf, - size_t sizeof_buf, +int gnutls_x509_crt_get_extension_data(gnutls_x509_crt_t cert, unsigned indx, + void *data, size_t *sizeof_data); +int gnutls_x509_crt_get_extension_data2(gnutls_x509_crt_t cert, unsigned indx, + gnutls_datum_t *data); + +int gnutls_x509_crt_set_extension_by_oid(gnutls_x509_crt_t crt, const char *oid, + const void *buf, size_t sizeof_buf, unsigned int critical); /* X.509 Certificate writing. @@ -622,17 +573,15 @@ int gnutls_x509_crt_set_extension_by_oid(gnutls_x509_crt_t crt, int gnutls_x509_crt_set_dn(gnutls_x509_crt_t crt, const char *dn, const char **err); -int gnutls_x509_crt_set_dn_by_oid(gnutls_x509_crt_t crt, - const char *oid, - unsigned int raw_flag, - const void *name, unsigned int sizeof_name); -int gnutls_x509_crt_set_issuer_dn_by_oid(gnutls_x509_crt_t crt, - const char *oid, +int gnutls_x509_crt_set_dn_by_oid(gnutls_x509_crt_t crt, const char *oid, + unsigned int raw_flag, const void *name, + unsigned int sizeof_name); +int gnutls_x509_crt_set_issuer_dn_by_oid(gnutls_x509_crt_t crt, const char *oid, unsigned int raw_flag, const void *name, unsigned int sizeof_name); -int gnutls_x509_crt_set_issuer_dn(gnutls_x509_crt_t crt, - const char *dn, const char **err); +int gnutls_x509_crt_set_issuer_dn(gnutls_x509_crt_t crt, const char *dn, + const char **err); int gnutls_x509_crt_set_version(gnutls_x509_crt_t crt, unsigned int version); int gnutls_x509_crt_set_key(gnutls_x509_crt_t crt, gnutls_x509_privkey_t key); @@ -641,97 +590,83 @@ int gnutls_x509_crt_set_basic_constraints(gnutls_x509_crt_t crt, unsigned int ca, int pathLenConstraint); -int -gnutls_x509_crt_set_subject_unique_id(gnutls_x509_crt_t cert, const void *id, - size_t id_size); -int -gnutls_x509_crt_set_issuer_unique_id(gnutls_x509_crt_t cert, const void *id, - size_t id_size); - -int gnutls_x509_crt_set_subject_alternative_name(gnutls_x509_crt_t - crt, - gnutls_x509_subject_alt_name_t - type, const char - *data_string); +int gnutls_x509_crt_set_subject_unique_id(gnutls_x509_crt_t cert, + const void *id, size_t id_size); +int gnutls_x509_crt_set_issuer_unique_id(gnutls_x509_crt_t cert, const void *id, + size_t id_size); + +int gnutls_x509_crt_set_subject_alternative_name( + gnutls_x509_crt_t crt, gnutls_x509_subject_alt_name_t type, + const char *data_string); int gnutls_x509_crt_set_subject_alt_name(gnutls_x509_crt_t crt, - gnutls_x509_subject_alt_name_t - type, const void *data, + gnutls_x509_subject_alt_name_t type, + const void *data, unsigned int data_size, unsigned int flags); -int -gnutls_x509_crt_set_subject_alt_othername(gnutls_x509_crt_t crt, - const char *oid, - const void *data, - unsigned int data_size, - unsigned int flags); +int gnutls_x509_crt_set_subject_alt_othername(gnutls_x509_crt_t crt, + const char *oid, const void *data, + unsigned int data_size, + unsigned int flags); int gnutls_x509_crt_set_issuer_alt_name(gnutls_x509_crt_t crt, - gnutls_x509_subject_alt_name_t - type, const void *data, + gnutls_x509_subject_alt_name_t type, + const void *data, unsigned int data_size, unsigned int flags); -int -gnutls_x509_crt_set_issuer_alt_othername(gnutls_x509_crt_t crt, - const char *oid, - const void *data, - unsigned int data_size, - unsigned int flags); +int gnutls_x509_crt_set_issuer_alt_othername(gnutls_x509_crt_t crt, + const char *oid, const void *data, + unsigned int data_size, + unsigned int flags); -int gnutls_x509_crt_sign(gnutls_x509_crt_t crt, - gnutls_x509_crt_t issuer, +int gnutls_x509_crt_sign(gnutls_x509_crt_t crt, gnutls_x509_crt_t issuer, gnutls_x509_privkey_t issuer_key); -int gnutls_x509_crt_sign2(gnutls_x509_crt_t crt, - gnutls_x509_crt_t issuer, +int gnutls_x509_crt_sign2(gnutls_x509_crt_t crt, gnutls_x509_crt_t issuer, gnutls_x509_privkey_t issuer_key, gnutls_digest_algorithm_t dig, unsigned int flags); int gnutls_x509_crt_set_activation_time(gnutls_x509_crt_t cert, time_t act_time); int gnutls_x509_crt_set_expiration_time(gnutls_x509_crt_t cert, time_t exp_time); -int gnutls_x509_crt_set_serial(gnutls_x509_crt_t cert, - const void *serial, size_t serial_size); +int gnutls_x509_crt_set_serial(gnutls_x509_crt_t cert, const void *serial, + size_t serial_size); -int gnutls_x509_crt_set_subject_key_id(gnutls_x509_crt_t cert, - const void *id, size_t id_size); +int gnutls_x509_crt_set_subject_key_id(gnutls_x509_crt_t cert, const void *id, + size_t id_size); -int gnutls_x509_crt_set_proxy_dn(gnutls_x509_crt_t crt, - gnutls_x509_crt_t eecrt, - unsigned int raw_flag, - const void *name, unsigned int sizeof_name); -int gnutls_x509_crt_set_proxy(gnutls_x509_crt_t crt, - int pathLenConstraint, - const char *policyLanguage, - const char *policy, size_t sizeof_policy); +int gnutls_x509_crt_set_proxy_dn(gnutls_x509_crt_t crt, gnutls_x509_crt_t eecrt, + unsigned int raw_flag, const void *name, + unsigned int sizeof_name); +int gnutls_x509_crt_set_proxy(gnutls_x509_crt_t crt, int pathLenConstraint, + const char *policyLanguage, const char *policy, + size_t sizeof_policy); int gnutls_x509_crt_print(gnutls_x509_crt_t cert, - gnutls_certificate_print_formats_t - format, gnutls_datum_t * out); + gnutls_certificate_print_formats_t format, + gnutls_datum_t *out); int gnutls_x509_crl_print(gnutls_x509_crl_t crl, - gnutls_certificate_print_formats_t - format, gnutls_datum_t * out); + gnutls_certificate_print_formats_t format, + gnutls_datum_t *out); - /* Access to internal Certificate fields. +/* Access to internal Certificate fields. */ int gnutls_x509_crt_get_raw_issuer_dn(gnutls_x509_crt_t cert, - gnutls_datum_t * start); -int gnutls_x509_crt_get_raw_dn(gnutls_x509_crt_t cert, gnutls_datum_t * start); + gnutls_datum_t *start); +int gnutls_x509_crt_get_raw_dn(gnutls_x509_crt_t cert, gnutls_datum_t *start); /* RDN handling. */ -int gnutls_x509_rdn_get(const gnutls_datum_t * idn, - char *buf, size_t *sizeof_buf); -int -gnutls_x509_rdn_get2(const gnutls_datum_t * idn, - gnutls_datum_t * str, unsigned flags); - -int gnutls_x509_rdn_get_oid(const gnutls_datum_t * idn, - unsigned indx, void *buf, size_t *sizeof_buf); - -int gnutls_x509_rdn_get_by_oid(const gnutls_datum_t * idn, - const char *oid, unsigned indx, - unsigned int raw_flag, void *buf, +int gnutls_x509_rdn_get(const gnutls_datum_t *idn, char *buf, + size_t *sizeof_buf); +int gnutls_x509_rdn_get2(const gnutls_datum_t *idn, gnutls_datum_t *str, + unsigned flags); + +int gnutls_x509_rdn_get_oid(const gnutls_datum_t *idn, unsigned indx, void *buf, + size_t *sizeof_buf); + +int gnutls_x509_rdn_get_by_oid(const gnutls_datum_t *idn, const char *oid, + unsigned indx, unsigned int raw_flag, void *buf, size_t *sizeof_buf); typedef struct gnutls_x509_dn_st *gnutls_x509_dn_t; @@ -742,65 +677,61 @@ typedef struct gnutls_x509_ava_st { unsigned long value_tag; } gnutls_x509_ava_st; -int gnutls_x509_crt_get_subject(gnutls_x509_crt_t cert, gnutls_x509_dn_t * dn); -int gnutls_x509_crt_get_issuer(gnutls_x509_crt_t cert, gnutls_x509_dn_t * dn); -int gnutls_x509_dn_get_rdn_ava(gnutls_x509_dn_t dn, int irdn, - int iava, gnutls_x509_ava_st * ava); +int gnutls_x509_crt_get_subject(gnutls_x509_crt_t cert, gnutls_x509_dn_t *dn); +int gnutls_x509_crt_get_issuer(gnutls_x509_crt_t cert, gnutls_x509_dn_t *dn); +int gnutls_x509_dn_get_rdn_ava(gnutls_x509_dn_t dn, int irdn, int iava, + gnutls_x509_ava_st *ava); -int gnutls_x509_dn_get_str(gnutls_x509_dn_t dn, gnutls_datum_t * str); +int gnutls_x509_dn_get_str(gnutls_x509_dn_t dn, gnutls_datum_t *str); -# define GNUTLS_X509_DN_FLAG_COMPAT 1 -int gnutls_x509_dn_get_str2(gnutls_x509_dn_t dn, gnutls_datum_t * str, +#define GNUTLS_X509_DN_FLAG_COMPAT 1 +int gnutls_x509_dn_get_str2(gnutls_x509_dn_t dn, gnutls_datum_t *str, unsigned flags); -int -gnutls_x509_dn_set_str(gnutls_x509_dn_t dn, const char *str, const char **err); +int gnutls_x509_dn_set_str(gnutls_x509_dn_t dn, const char *str, + const char **err); -int gnutls_x509_dn_init(gnutls_x509_dn_t * dn); +int gnutls_x509_dn_init(gnutls_x509_dn_t *dn); -int gnutls_x509_dn_import(gnutls_x509_dn_t dn, const gnutls_datum_t * data); +int gnutls_x509_dn_import(gnutls_x509_dn_t dn, const gnutls_datum_t *data); -int gnutls_x509_dn_export(gnutls_x509_dn_t dn, - gnutls_x509_crt_fmt_t format, +int gnutls_x509_dn_export(gnutls_x509_dn_t dn, gnutls_x509_crt_fmt_t format, void *output_data, size_t *output_data_size); -int gnutls_x509_dn_export2(gnutls_x509_dn_t dn, - gnutls_x509_crt_fmt_t format, gnutls_datum_t * out); +int gnutls_x509_dn_export2(gnutls_x509_dn_t dn, gnutls_x509_crt_fmt_t format, + gnutls_datum_t *out); void gnutls_x509_dn_deinit(gnutls_x509_dn_t dn); /* CRL handling functions. */ -int gnutls_x509_crl_init(gnutls_x509_crl_t * crl); +int gnutls_x509_crl_init(gnutls_x509_crl_t *crl); void gnutls_x509_crl_deinit(gnutls_x509_crl_t crl); -int gnutls_x509_crl_import(gnutls_x509_crl_t crl, - const gnutls_datum_t * data, +int gnutls_x509_crl_import(gnutls_x509_crl_t crl, const gnutls_datum_t *data, gnutls_x509_crt_fmt_t format); -int gnutls_x509_crl_export(gnutls_x509_crl_t crl, - gnutls_x509_crt_fmt_t format, +int gnutls_x509_crl_export(gnutls_x509_crl_t crl, gnutls_x509_crt_fmt_t format, void *output_data, size_t *output_data_size); -int gnutls_x509_crl_export2(gnutls_x509_crl_t crl, - gnutls_x509_crt_fmt_t format, gnutls_datum_t * out); +int gnutls_x509_crl_export2(gnutls_x509_crl_t crl, gnutls_x509_crt_fmt_t format, + gnutls_datum_t *out); -int -gnutls_x509_crl_get_raw_issuer_dn(gnutls_x509_crl_t crl, gnutls_datum_t * dn); +int gnutls_x509_crl_get_raw_issuer_dn(gnutls_x509_crl_t crl, + gnutls_datum_t *dn); -int gnutls_x509_crl_get_issuer_dn(gnutls_x509_crl_t crl, - char *buf, size_t *sizeof_buf); -int gnutls_x509_crl_get_issuer_dn2(gnutls_x509_crl_t crl, gnutls_datum_t * dn); -int gnutls_x509_crl_get_issuer_dn3(gnutls_x509_crl_t crl, - gnutls_datum_t * dn, unsigned flags); +int gnutls_x509_crl_get_issuer_dn(gnutls_x509_crl_t crl, char *buf, + size_t *sizeof_buf); +int gnutls_x509_crl_get_issuer_dn2(gnutls_x509_crl_t crl, gnutls_datum_t *dn); +int gnutls_x509_crl_get_issuer_dn3(gnutls_x509_crl_t crl, gnutls_datum_t *dn, + unsigned flags); -int gnutls_x509_crl_get_issuer_dn_by_oid(gnutls_x509_crl_t crl, - const char *oid, unsigned indx, - unsigned int raw_flag, +int gnutls_x509_crl_get_issuer_dn_by_oid(gnutls_x509_crl_t crl, const char *oid, + unsigned indx, unsigned int raw_flag, void *buf, size_t *sizeof_buf); -int gnutls_x509_crl_get_dn_oid(gnutls_x509_crl_t crl, unsigned indx, - void *oid, size_t *sizeof_oid); +int gnutls_x509_crl_get_dn_oid(gnutls_x509_crl_t crl, unsigned indx, void *oid, + size_t *sizeof_oid); int gnutls_x509_crl_get_signature_algorithm(gnutls_x509_crl_t crl); -int gnutls_x509_crl_get_signature(gnutls_x509_crl_t crl, - char *sig, size_t *sizeof_sig); +int gnutls_x509_crl_get_signature(gnutls_x509_crl_t crl, char *sig, + size_t *sizeof_sig); int gnutls_x509_crl_get_version(gnutls_x509_crl_t crl); int gnutls_x509_crl_get_signature_oid(gnutls_x509_crl_t crl, char *oid, @@ -811,33 +742,31 @@ time_t gnutls_x509_crl_get_next_update(gnutls_x509_crl_t crl); int gnutls_x509_crl_get_crt_count(gnutls_x509_crl_t crl); int gnutls_x509_crl_get_crt_serial(gnutls_x509_crl_t crl, unsigned indx, - unsigned char *serial, - size_t *serial_size, time_t * t); + unsigned char *serial, size_t *serial_size, + time_t *t); typedef struct gnutls_x509_crl_iter *gnutls_x509_crl_iter_t; int gnutls_x509_crl_iter_crt_serial(gnutls_x509_crl_t crl, gnutls_x509_crl_iter_t *, - unsigned char *serial, - size_t *serial_size, time_t * t); + unsigned char *serial, size_t *serial_size, + time_t *t); void gnutls_x509_crl_iter_deinit(gnutls_x509_crl_iter_t); -# define gnutls_x509_crl_get_certificate_count gnutls_x509_crl_get_crt_count -# define gnutls_x509_crl_get_certificate gnutls_x509_crl_get_crt_serial +#define gnutls_x509_crl_get_certificate_count gnutls_x509_crl_get_crt_count +#define gnutls_x509_crl_get_certificate gnutls_x509_crl_get_crt_serial unsigned gnutls_x509_crl_check_issuer(gnutls_x509_crl_t crl, gnutls_x509_crt_t issuer); -int gnutls_x509_crl_list_import2(gnutls_x509_crl_t ** crls, - unsigned int *size, - const gnutls_datum_t * data, +int gnutls_x509_crl_list_import2(gnutls_x509_crl_t **crls, unsigned int *size, + const gnutls_datum_t *data, gnutls_x509_crt_fmt_t format, unsigned int flags); -int gnutls_x509_crl_list_import(gnutls_x509_crl_t * crls, - unsigned int *crl_max, - const gnutls_datum_t * data, +int gnutls_x509_crl_list_import(gnutls_x509_crl_t *crls, unsigned int *crl_max, + const gnutls_datum_t *data, gnutls_x509_crt_fmt_t format, unsigned int flags); /* CRL writing. @@ -845,51 +774,39 @@ int gnutls_x509_crl_list_import(gnutls_x509_crl_t * crls, int gnutls_x509_crl_set_version(gnutls_x509_crl_t crl, unsigned int version); int gnutls_x509_crl_set_this_update(gnutls_x509_crl_t crl, time_t act_time); int gnutls_x509_crl_set_next_update(gnutls_x509_crl_t crl, time_t exp_time); -int gnutls_x509_crl_set_crt_serial(gnutls_x509_crl_t crl, - const void *serial, +int gnutls_x509_crl_set_crt_serial(gnutls_x509_crl_t crl, const void *serial, size_t serial_size, time_t revocation_time); -int gnutls_x509_crl_set_crt(gnutls_x509_crl_t crl, - gnutls_x509_crt_t crt, time_t revocation_time); +int gnutls_x509_crl_set_crt(gnutls_x509_crl_t crl, gnutls_x509_crt_t crt, + time_t revocation_time); -int gnutls_x509_crl_get_authority_key_id(gnutls_x509_crl_t crl, - void *id, +int gnutls_x509_crl_get_authority_key_id(gnutls_x509_crl_t crl, void *id, size_t *id_size, unsigned int *critical); -int gnutls_x509_crl_get_authority_key_gn_serial(gnutls_x509_crl_t - crl, - unsigned int seq, - void *alt, - size_t *alt_size, unsigned int - *alt_type, - void *serial, - size_t *serial_size, - unsigned int - *critical); +int gnutls_x509_crl_get_authority_key_gn_serial( + gnutls_x509_crl_t crl, unsigned int seq, void *alt, size_t *alt_size, + unsigned int *alt_type, void *serial, size_t *serial_size, + unsigned int *critical); int gnutls_x509_crl_get_number(gnutls_x509_crl_t crl, void *ret, size_t *ret_size, unsigned int *critical); -int gnutls_x509_crl_get_extension_oid(gnutls_x509_crl_t crl, - unsigned indx, void *oid, - size_t *sizeof_oid); +int gnutls_x509_crl_get_extension_oid(gnutls_x509_crl_t crl, unsigned indx, + void *oid, size_t *sizeof_oid); -int gnutls_x509_crl_get_extension_info(gnutls_x509_crl_t crl, - unsigned indx, void *oid, - size_t *sizeof_oid, +int gnutls_x509_crl_get_extension_info(gnutls_x509_crl_t crl, unsigned indx, + void *oid, size_t *sizeof_oid, unsigned int *critical); -int gnutls_x509_crl_get_extension_data(gnutls_x509_crl_t crl, - unsigned indx, void *data, - size_t *sizeof_data); -int -gnutls_x509_crl_get_extension_data2(gnutls_x509_crl_t crl, - unsigned indx, gnutls_datum_t * data); +int gnutls_x509_crl_get_extension_data(gnutls_x509_crl_t crl, unsigned indx, + void *data, size_t *sizeof_data); +int gnutls_x509_crl_get_extension_data2(gnutls_x509_crl_t crl, unsigned indx, + gnutls_datum_t *data); -int gnutls_x509_crl_set_authority_key_id(gnutls_x509_crl_t crl, - const void *id, size_t id_size); +int gnutls_x509_crl_set_authority_key_id(gnutls_x509_crl_t crl, const void *id, + size_t id_size); -int gnutls_x509_crl_set_number(gnutls_x509_crl_t crl, - const void *nr, size_t nr_size); +int gnutls_x509_crl_set_number(gnutls_x509_crl_t crl, const void *nr, + size_t nr_size); /* X.509 Certificate verification functions. */ @@ -964,10 +881,11 @@ typedef enum gnutls_certificate_verify_flags { GNUTLS_VERIFY_IGNORE_UNKNOWN_CRIT_EXTENSIONS = 1 << 14, GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1 = 1 << 15, GNUTLS_VERIFY_RSA_PSS_FIXED_SALT_LENGTH = 1 << 16 - /* cannot exceed 2^24 due to GNUTLS_PROFILE_TO_VFLAGS() */ + /* cannot exceed 2^24 due to GNUTLS_PROFILE_TO_VFLAGS() */ } gnutls_certificate_verify_flags; -# define GNUTLS_VERIFY_ALLOW_BROKEN (GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2|GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5) +#define GNUTLS_VERIFY_ALLOW_BROKEN \ + (GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2 | GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5) /** * gnutls_certificate_verification_profiles_t: @@ -1005,65 +923,59 @@ typedef enum gnutls_certificate_verification_profiles_t { GNUTLS_PROFILE_SUITEB128 = 32, GNUTLS_PROFILE_SUITEB192 = 33 - /*GNUTLS_PROFILE_MAX=255 */ + /*GNUTLS_PROFILE_MAX=255 */ } gnutls_certificate_verification_profiles_t; -# define GNUTLS_PROFILE_TO_VFLAGS(x) \ - (((unsigned)x)<<24) +#define GNUTLS_PROFILE_TO_VFLAGS(x) (((unsigned)x) << 24) -# define GNUTLS_VFLAGS_PROFILE_MASK (0xff000000) +#define GNUTLS_VFLAGS_PROFILE_MASK (0xff000000) -# define GNUTLS_VFLAGS_TO_PROFILE(x) \ - ((((unsigned)x)>>24)&0xff) +#define GNUTLS_VFLAGS_TO_PROFILE(x) ((((unsigned)x) >> 24) & 0xff) -const char -*gnutls_certificate_verification_profile_get_name - (gnutls_certificate_verification_profiles_t id) __GNUTLS_CONST__; +const char *gnutls_certificate_verification_profile_get_name( + gnutls_certificate_verification_profiles_t id) __GNUTLS_CONST__; gnutls_certificate_verification_profiles_t gnutls_certificate_verification_profile_get_id(const char *name) -__GNUTLS_CONST__; + __GNUTLS_CONST__; unsigned gnutls_x509_crt_check_issuer(gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer); -int gnutls_x509_crt_list_verify(const gnutls_x509_crt_t * - cert_list, unsigned cert_list_length, - const gnutls_x509_crt_t * CA_list, +int gnutls_x509_crt_list_verify(const gnutls_x509_crt_t *cert_list, + unsigned cert_list_length, + const gnutls_x509_crt_t *CA_list, unsigned CA_list_length, - const gnutls_x509_crl_t * CRL_list, - unsigned CRL_list_length, - unsigned int flags, unsigned int *verify); + const gnutls_x509_crl_t *CRL_list, + unsigned CRL_list_length, unsigned int flags, + unsigned int *verify); int gnutls_x509_crt_verify(gnutls_x509_crt_t cert, - const gnutls_x509_crt_t * CA_list, + const gnutls_x509_crt_t *CA_list, unsigned CA_list_length, unsigned int flags, unsigned int *verify); int gnutls_x509_crl_verify(gnutls_x509_crl_t crl, - const gnutls_x509_crt_t * CA_list, + const gnutls_x509_crt_t *CA_list, unsigned CA_list_length, unsigned int flags, unsigned int *verify); -int -gnutls_x509_crt_verify_data2(gnutls_x509_crt_t crt, - gnutls_sign_algorithm_t algo, - unsigned int flags, - const gnutls_datum_t * data, - const gnutls_datum_t * signature); +int gnutls_x509_crt_verify_data2(gnutls_x509_crt_t crt, + gnutls_sign_algorithm_t algo, + unsigned int flags, const gnutls_datum_t *data, + const gnutls_datum_t *signature); int gnutls_x509_crt_check_revocation(gnutls_x509_crt_t cert, - const gnutls_x509_crl_t * - crl_list, unsigned crl_list_length); + const gnutls_x509_crl_t *crl_list, + unsigned crl_list_length); int gnutls_x509_crt_get_fingerprint(gnutls_x509_crt_t cert, - gnutls_digest_algorithm_t algo, - void *buf, size_t *buf_size); + gnutls_digest_algorithm_t algo, void *buf, + size_t *buf_size); -int gnutls_x509_crt_get_key_purpose_oid(gnutls_x509_crt_t cert, - unsigned indx, void *oid, - size_t *oid_size, +int gnutls_x509_crt_get_key_purpose_oid(gnutls_x509_crt_t cert, unsigned indx, + void *oid, size_t *oid_size, unsigned int *critical); -int gnutls_x509_crt_set_key_purpose_oid(gnutls_x509_crt_t cert, - const void *oid, unsigned int critical); +int gnutls_x509_crt_set_key_purpose_oid(gnutls_x509_crt_t cert, const void *oid, + unsigned int critical); unsigned gnutls_x509_crt_check_key_purpose(gnutls_x509_crt_t cert, const char *purpose, unsigned flags); @@ -1074,10 +986,10 @@ unsigned gnutls_x509_crt_check_key_purpose(gnutls_x509_crt_t cert, /* Flags for the gnutls_x509_privkey_export_pkcs8() function. */ -# define GNUTLS_PKCS8_PLAIN GNUTLS_PKCS_PLAIN -# define GNUTLS_PKCS8_USE_PKCS12_3DES GNUTLS_PKCS_PKCS12_3DES -# define GNUTLS_PKCS8_USE_PKCS12_ARCFOUR GNUTLS_PKCS_PKCS12_ARCFOUR -# define GNUTLS_PKCS8_USE_PKCS12_RC2_40 GNUTLS_PKCS_PKCS12_RC2_40 +#define GNUTLS_PKCS8_PLAIN GNUTLS_PKCS_PLAIN +#define GNUTLS_PKCS8_USE_PKCS12_3DES GNUTLS_PKCS_PKCS12_3DES +#define GNUTLS_PKCS8_USE_PKCS12_ARCFOUR GNUTLS_PKCS_PKCS12_ARCFOUR +#define GNUTLS_PKCS8_USE_PKCS12_RC2_40 GNUTLS_PKCS_PKCS12_RC2_40 /** * gnutls_pkcs_encrypt_flags_t: @@ -1119,25 +1031,25 @@ typedef enum gnutls_pkcs_encrypt_flags_t { GNUTLS_PKCS_PBES2_GOST_CPD = 1 << 15 } gnutls_pkcs_encrypt_flags_t; -# define GNUTLS_PKCS_CIPHER_MASK(x) ((x)&(~(GNUTLS_PKCS_NULL_PASSWORD))) - -# define GNUTLS_PKCS_USE_PKCS12_3DES GNUTLS_PKCS_PKCS12_3DES -# define GNUTLS_PKCS_USE_PKCS12_ARCFOUR GNUTLS_PKCS_PKCS12_ARCFOUR -# define GNUTLS_PKCS_USE_PKCS12_RC2_40 GNUTLS_PKCS_PKCS12_RC2_40 -# define GNUTLS_PKCS_USE_PBES2_3DES GNUTLS_PKCS_PBES2_3DES -# define GNUTLS_PKCS_USE_PBES2_AES_128 GNUTLS_PKCS_PBES2_AES_128 -# define GNUTLS_PKCS_USE_PBES2_AES_192 GNUTLS_PKCS_PBES2_AES_192 -# define GNUTLS_PKCS_USE_PBES2_AES_256 GNUTLS_PKCS_PBES2_AES_256 -# define GNUTLS_PKCS_USE_PBES2_GOST_TC26Z GNUTLS_PKCS_PBES2_GOST_TC26Z -# define GNUTLS_PKCS_USE_PBES2_GOST_CPA GNUTLS_PKCS_PBES2_GOST_CPA -# define GNUTLS_PKCS_USE_PBES2_GOST_CPB GNUTLS_PKCS_PBES2_GOST_CPB -# define GNUTLS_PKCS_USE_PBES2_GOST_CPC GNUTLS_PKCS_PBES2_GOST_CPC -# define GNUTLS_PKCS_USE_PBES2_GOST_CPD GNUTLS_PKCS_PBES2_GOST_CPD +#define GNUTLS_PKCS_CIPHER_MASK(x) ((x) & (~(GNUTLS_PKCS_NULL_PASSWORD))) + +#define GNUTLS_PKCS_USE_PKCS12_3DES GNUTLS_PKCS_PKCS12_3DES +#define GNUTLS_PKCS_USE_PKCS12_ARCFOUR GNUTLS_PKCS_PKCS12_ARCFOUR +#define GNUTLS_PKCS_USE_PKCS12_RC2_40 GNUTLS_PKCS_PKCS12_RC2_40 +#define GNUTLS_PKCS_USE_PBES2_3DES GNUTLS_PKCS_PBES2_3DES +#define GNUTLS_PKCS_USE_PBES2_AES_128 GNUTLS_PKCS_PBES2_AES_128 +#define GNUTLS_PKCS_USE_PBES2_AES_192 GNUTLS_PKCS_PBES2_AES_192 +#define GNUTLS_PKCS_USE_PBES2_AES_256 GNUTLS_PKCS_PBES2_AES_256 +#define GNUTLS_PKCS_USE_PBES2_GOST_TC26Z GNUTLS_PKCS_PBES2_GOST_TC26Z +#define GNUTLS_PKCS_USE_PBES2_GOST_CPA GNUTLS_PKCS_PBES2_GOST_CPA +#define GNUTLS_PKCS_USE_PBES2_GOST_CPB GNUTLS_PKCS_PBES2_GOST_CPB +#define GNUTLS_PKCS_USE_PBES2_GOST_CPC GNUTLS_PKCS_PBES2_GOST_CPC +#define GNUTLS_PKCS_USE_PBES2_GOST_CPD GNUTLS_PKCS_PBES2_GOST_CPD const char *gnutls_pkcs_schema_get_name(unsigned int schema); const char *gnutls_pkcs_schema_get_oid(unsigned int schema); -int gnutls_x509_privkey_init(gnutls_x509_privkey_t * key); +int gnutls_x509_privkey_init(gnutls_x509_privkey_t *key); void gnutls_x509_privkey_deinit(gnutls_x509_privkey_t key); gnutls_sec_param_t gnutls_x509_privkey_sec_param(gnutls_x509_privkey_t key); @@ -1148,78 +1060,73 @@ void gnutls_x509_privkey_set_pin_function(gnutls_x509_privkey_t key, int gnutls_x509_privkey_cpy(gnutls_x509_privkey_t dst, gnutls_x509_privkey_t src); int gnutls_x509_privkey_import(gnutls_x509_privkey_t key, - const gnutls_datum_t * data, + const gnutls_datum_t *data, gnutls_x509_crt_fmt_t format); int gnutls_x509_privkey_import_pkcs8(gnutls_x509_privkey_t key, - const gnutls_datum_t * data, + const gnutls_datum_t *data, gnutls_x509_crt_fmt_t format, const char *password, unsigned int flags); int gnutls_x509_privkey_import_openssl(gnutls_x509_privkey_t key, - const gnutls_datum_t * data, + const gnutls_datum_t *data, const char *password); -int -gnutls_pkcs8_info(const gnutls_datum_t * data, gnutls_x509_crt_fmt_t format, - unsigned int *schema, unsigned int *cipher, - void *salt, unsigned int *salt_size, - unsigned int *iter_count, char **oid); +int gnutls_pkcs8_info(const gnutls_datum_t *data, gnutls_x509_crt_fmt_t format, + unsigned int *schema, unsigned int *cipher, void *salt, + unsigned int *salt_size, unsigned int *iter_count, + char **oid); int gnutls_x509_privkey_import2(gnutls_x509_privkey_t key, - const gnutls_datum_t * data, + const gnutls_datum_t *data, gnutls_x509_crt_fmt_t format, const char *password, unsigned int flags); int gnutls_x509_privkey_import_rsa_raw(gnutls_x509_privkey_t key, - const gnutls_datum_t * m, - const gnutls_datum_t * e, - const gnutls_datum_t * d, - const gnutls_datum_t * p, - const gnutls_datum_t * q, - const gnutls_datum_t * u); -int gnutls_x509_privkey_import_rsa_raw2(gnutls_x509_privkey_t key, - const gnutls_datum_t * m, - const gnutls_datum_t * e, - const gnutls_datum_t * d, - const gnutls_datum_t * p, - const gnutls_datum_t * q, - const gnutls_datum_t * u, - const gnutls_datum_t * e1, - const gnutls_datum_t * e2); + const gnutls_datum_t *m, + const gnutls_datum_t *e, + const gnutls_datum_t *d, + const gnutls_datum_t *p, + const gnutls_datum_t *q, + const gnutls_datum_t *u); +int gnutls_x509_privkey_import_rsa_raw2( + gnutls_x509_privkey_t key, const gnutls_datum_t *m, + const gnutls_datum_t *e, const gnutls_datum_t *d, + const gnutls_datum_t *p, const gnutls_datum_t *q, + const gnutls_datum_t *u, const gnutls_datum_t *e1, + const gnutls_datum_t *e2); int gnutls_x509_privkey_import_ecc_raw(gnutls_x509_privkey_t key, gnutls_ecc_curve_t curve, - const gnutls_datum_t * x, - const gnutls_datum_t * y, - const gnutls_datum_t * k); + const gnutls_datum_t *x, + const gnutls_datum_t *y, + const gnutls_datum_t *k); int gnutls_x509_privkey_import_gost_raw(gnutls_x509_privkey_t key, gnutls_ecc_curve_t curve, gnutls_digest_algorithm_t digest, gnutls_gost_paramset_t paramset, - const gnutls_datum_t * x, - const gnutls_datum_t * y, - const gnutls_datum_t * k); + const gnutls_datum_t *x, + const gnutls_datum_t *y, + const gnutls_datum_t *k); int gnutls_x509_privkey_fix(gnutls_x509_privkey_t key); int gnutls_x509_privkey_export_dsa_raw(gnutls_x509_privkey_t key, - gnutls_datum_t * p, - gnutls_datum_t * q, - gnutls_datum_t * g, - gnutls_datum_t * y, gnutls_datum_t * x); + gnutls_datum_t *p, gnutls_datum_t *q, + gnutls_datum_t *g, gnutls_datum_t *y, + gnutls_datum_t *x); int gnutls_x509_privkey_import_dsa_raw(gnutls_x509_privkey_t key, - const gnutls_datum_t * p, - const gnutls_datum_t * q, - const gnutls_datum_t * g, - const gnutls_datum_t * y, - const gnutls_datum_t * x); + const gnutls_datum_t *p, + const gnutls_datum_t *q, + const gnutls_datum_t *g, + const gnutls_datum_t *y, + const gnutls_datum_t *x); int gnutls_x509_privkey_get_pk_algorithm(gnutls_x509_privkey_t key); -int gnutls_x509_privkey_get_pk_algorithm2(gnutls_x509_privkey_t - key, unsigned int *bits); +int gnutls_x509_privkey_get_pk_algorithm2(gnutls_x509_privkey_t key, + unsigned int *bits); int gnutls_x509_privkey_get_spki(gnutls_x509_privkey_t key, gnutls_x509_spki_t spki, unsigned int flags); -int -gnutls_x509_privkey_set_spki(gnutls_x509_privkey_t key, - const gnutls_x509_spki_t spki, unsigned int flags); +int gnutls_x509_privkey_set_spki(gnutls_x509_privkey_t key, + const gnutls_x509_spki_t spki, + unsigned int flags); int gnutls_x509_privkey_get_key_id(gnutls_x509_privkey_t key, unsigned int flags, @@ -1227,8 +1134,8 @@ int gnutls_x509_privkey_get_key_id(gnutls_x509_privkey_t key, size_t *output_data_size); int gnutls_x509_privkey_generate(gnutls_x509_privkey_t key, - gnutls_pk_algorithm_t algo, - unsigned int bits, unsigned int flags); + gnutls_pk_algorithm_t algo, unsigned int bits, + unsigned int flags); void gnutls_x509_privkey_set_flags(gnutls_x509_privkey_t key, unsigned int flags); @@ -1253,12 +1160,11 @@ typedef struct { unsigned int size; } gnutls_keygen_data_st; -int -gnutls_x509_privkey_generate2(gnutls_x509_privkey_t key, - gnutls_pk_algorithm_t algo, unsigned int bits, - unsigned int flags, - const gnutls_keygen_data_st * data, - unsigned data_size); +int gnutls_x509_privkey_generate2(gnutls_x509_privkey_t key, + gnutls_pk_algorithm_t algo, unsigned int bits, + unsigned int flags, + const gnutls_keygen_data_st *data, + unsigned data_size); int gnutls_x509_privkey_verify_seed(gnutls_x509_privkey_t key, gnutls_digest_algorithm_t, const void *seed, @@ -1270,85 +1176,73 @@ int gnutls_x509_privkey_get_seed(gnutls_x509_privkey_t key, int gnutls_x509_privkey_verify_params(gnutls_x509_privkey_t key); int gnutls_x509_privkey_export(gnutls_x509_privkey_t key, - gnutls_x509_crt_fmt_t format, - void *output_data, size_t *output_data_size); + gnutls_x509_crt_fmt_t format, void *output_data, + size_t *output_data_size); int gnutls_x509_privkey_export2(gnutls_x509_privkey_t key, gnutls_x509_crt_fmt_t format, - gnutls_datum_t * out); + gnutls_datum_t *out); int gnutls_x509_privkey_export_pkcs8(gnutls_x509_privkey_t key, gnutls_x509_crt_fmt_t format, - const char *password, - unsigned int flags, + const char *password, unsigned int flags, void *output_data, size_t *output_data_size); int gnutls_x509_privkey_export2_pkcs8(gnutls_x509_privkey_t key, gnutls_x509_crt_fmt_t format, - const char *password, - unsigned int flags, gnutls_datum_t * out); + const char *password, unsigned int flags, + gnutls_datum_t *out); int gnutls_x509_privkey_export_rsa_raw2(gnutls_x509_privkey_t key, - gnutls_datum_t * m, - gnutls_datum_t * e, - gnutls_datum_t * d, - gnutls_datum_t * p, - gnutls_datum_t * q, - gnutls_datum_t * u, - gnutls_datum_t * e1, - gnutls_datum_t * e2); + gnutls_datum_t *m, gnutls_datum_t *e, + gnutls_datum_t *d, gnutls_datum_t *p, + gnutls_datum_t *q, gnutls_datum_t *u, + gnutls_datum_t *e1, gnutls_datum_t *e2); int gnutls_x509_privkey_export_rsa_raw(gnutls_x509_privkey_t key, - gnutls_datum_t * m, - gnutls_datum_t * e, - gnutls_datum_t * d, - gnutls_datum_t * p, - gnutls_datum_t * q, gnutls_datum_t * u); + gnutls_datum_t *m, gnutls_datum_t *e, + gnutls_datum_t *d, gnutls_datum_t *p, + gnutls_datum_t *q, gnutls_datum_t *u); int gnutls_x509_privkey_export_ecc_raw(gnutls_x509_privkey_t key, - gnutls_ecc_curve_t * curve, - gnutls_datum_t * x, - gnutls_datum_t * y, gnutls_datum_t * k); + gnutls_ecc_curve_t *curve, + gnutls_datum_t *x, gnutls_datum_t *y, + gnutls_datum_t *k); int gnutls_x509_privkey_export_gost_raw(gnutls_x509_privkey_t key, - gnutls_ecc_curve_t * curve, - gnutls_digest_algorithm_t * digest, - gnutls_gost_paramset_t * paramset, - gnutls_datum_t * x, - gnutls_datum_t * y, gnutls_datum_t * k); + gnutls_ecc_curve_t *curve, + gnutls_digest_algorithm_t *digest, + gnutls_gost_paramset_t *paramset, + gnutls_datum_t *x, gnutls_datum_t *y, + gnutls_datum_t *k); int gnutls_x509_privkey_sign_data(gnutls_x509_privkey_t key, gnutls_digest_algorithm_t digest, unsigned int flags, - const gnutls_datum_t * data, - void *signature, size_t *signature_size); + const gnutls_datum_t *data, void *signature, + size_t *signature_size); /* Certificate request stuff. */ int gnutls_x509_crq_sign(gnutls_x509_crq_t crq, gnutls_x509_privkey_t key); -int gnutls_x509_crq_sign2(gnutls_x509_crq_t crq, - gnutls_x509_privkey_t key, +int gnutls_x509_crq_sign2(gnutls_x509_crq_t crq, gnutls_x509_privkey_t key, gnutls_digest_algorithm_t dig, unsigned int flags); int gnutls_x509_crq_print(gnutls_x509_crq_t crq, - gnutls_certificate_print_formats_t - format, gnutls_datum_t * out); + gnutls_certificate_print_formats_t format, + gnutls_datum_t *out); int gnutls_x509_crq_verify(gnutls_x509_crq_t crq, unsigned int flags); -int gnutls_x509_crq_init(gnutls_x509_crq_t * crq); +int gnutls_x509_crq_init(gnutls_x509_crq_t *crq); void gnutls_x509_crq_deinit(gnutls_x509_crq_t crq); -int gnutls_x509_crq_import(gnutls_x509_crq_t crq, - const gnutls_datum_t * data, +int gnutls_x509_crq_import(gnutls_x509_crq_t crq, const gnutls_datum_t *data, gnutls_x509_crt_fmt_t format); -int gnutls_x509_crq_get_private_key_usage_period(gnutls_x509_crq_t - cert, - time_t * - activation, - time_t * - expiration, unsigned int - *critical); +int gnutls_x509_crq_get_private_key_usage_period(gnutls_x509_crq_t cert, + time_t *activation, + time_t *expiration, + unsigned int *critical); int gnutls_x509_crq_get_dn(gnutls_x509_crq_t crq, char *buf, size_t *sizeof_buf); -int gnutls_x509_crq_get_dn2(gnutls_x509_crq_t crq, gnutls_datum_t * dn); -int gnutls_x509_crq_get_dn3(gnutls_x509_crq_t crq, gnutls_datum_t * dn, +int gnutls_x509_crq_get_dn2(gnutls_x509_crq_t crq, gnutls_datum_t *dn); +int gnutls_x509_crq_get_dn3(gnutls_x509_crq_t crq, gnutls_datum_t *dn, unsigned flags); int gnutls_x509_crq_get_dn_oid(gnutls_x509_crq_t crq, unsigned indx, void *oid, size_t *sizeof_oid); @@ -1364,85 +1258,72 @@ int gnutls_x509_crq_set_version(gnutls_x509_crq_t crq, unsigned int version); int gnutls_x509_crq_get_version(gnutls_x509_crq_t crq); int gnutls_x509_crq_set_key(gnutls_x509_crq_t crq, gnutls_x509_privkey_t key); -int -gnutls_x509_crq_set_extension_by_oid(gnutls_x509_crq_t crq, - const char *oid, const void *buf, - size_t sizeof_buf, unsigned int critical); +int gnutls_x509_crq_set_extension_by_oid(gnutls_x509_crq_t crq, const char *oid, + const void *buf, size_t sizeof_buf, + unsigned int critical); int gnutls_x509_crq_set_challenge_password(gnutls_x509_crq_t crq, const char *pass); -int gnutls_x509_crq_get_challenge_password(gnutls_x509_crq_t crq, - char *pass, size_t *sizeof_pass); +int gnutls_x509_crq_get_challenge_password(gnutls_x509_crq_t crq, char *pass, + size_t *sizeof_pass); -int gnutls_x509_crq_set_attribute_by_oid(gnutls_x509_crq_t crq, - const char *oid, +int gnutls_x509_crq_set_attribute_by_oid(gnutls_x509_crq_t crq, const char *oid, void *buf, size_t sizeof_buf); -int gnutls_x509_crq_get_attribute_by_oid(gnutls_x509_crq_t crq, - const char *oid, unsigned indx, - void *buf, size_t *sizeof_buf); +int gnutls_x509_crq_get_attribute_by_oid(gnutls_x509_crq_t crq, const char *oid, + unsigned indx, void *buf, + size_t *sizeof_buf); -int gnutls_x509_crq_export(gnutls_x509_crq_t crq, - gnutls_x509_crt_fmt_t format, +int gnutls_x509_crq_export(gnutls_x509_crq_t crq, gnutls_x509_crt_fmt_t format, void *output_data, size_t *output_data_size); -int gnutls_x509_crq_export2(gnutls_x509_crq_t crq, - gnutls_x509_crt_fmt_t format, gnutls_datum_t * out); +int gnutls_x509_crq_export2(gnutls_x509_crq_t crq, gnutls_x509_crt_fmt_t format, + gnutls_datum_t *out); int gnutls_x509_crt_set_crq(gnutls_x509_crt_t crt, gnutls_x509_crq_t crq); int gnutls_x509_crt_set_crq_extensions(gnutls_x509_crt_t crt, gnutls_x509_crq_t crq); -int -gnutls_x509_crt_set_crq_extension_by_oid(gnutls_x509_crt_t crt, - gnutls_x509_crq_t crq, const char *oid, - unsigned flags); +int gnutls_x509_crt_set_crq_extension_by_oid(gnutls_x509_crt_t crt, + gnutls_x509_crq_t crq, + const char *oid, unsigned flags); -int gnutls_x509_crq_set_private_key_usage_period(gnutls_x509_crq_t - crq, +int gnutls_x509_crq_set_private_key_usage_period(gnutls_x509_crq_t crq, time_t activation, time_t expiration); int gnutls_x509_crq_set_key_rsa_raw(gnutls_x509_crq_t crq, - const gnutls_datum_t * m, - const gnutls_datum_t * e); + const gnutls_datum_t *m, + const gnutls_datum_t *e); int gnutls_x509_crq_set_subject_alt_name(gnutls_x509_crq_t crq, - gnutls_x509_subject_alt_name_t - nt, const void *data, + gnutls_x509_subject_alt_name_t nt, + const void *data, unsigned int data_size, unsigned int flags); -int -gnutls_x509_crq_set_subject_alt_othername(gnutls_x509_crq_t crq, - const char *oid, - const void *data, - unsigned int data_size, - unsigned int flags); +int gnutls_x509_crq_set_subject_alt_othername(gnutls_x509_crq_t crq, + const char *oid, const void *data, + unsigned int data_size, + unsigned int flags); int gnutls_x509_crq_set_key_usage(gnutls_x509_crq_t crq, unsigned int usage); int gnutls_x509_crq_set_basic_constraints(gnutls_x509_crq_t crq, unsigned int ca, int pathLenConstraint); -int gnutls_x509_crq_set_key_purpose_oid(gnutls_x509_crq_t crq, - const void *oid, unsigned int critical); -int gnutls_x509_crq_get_key_purpose_oid(gnutls_x509_crq_t crq, - unsigned indx, void *oid, - size_t *sizeof_oid, +int gnutls_x509_crq_set_key_purpose_oid(gnutls_x509_crq_t crq, const void *oid, + unsigned int critical); +int gnutls_x509_crq_get_key_purpose_oid(gnutls_x509_crq_t crq, unsigned indx, + void *oid, size_t *sizeof_oid, unsigned int *critical); -int gnutls_x509_crq_get_extension_data(gnutls_x509_crq_t crq, - unsigned indx, void *data, - size_t *sizeof_data); -int -gnutls_x509_crq_get_extension_data2(gnutls_x509_crq_t crq, - unsigned indx, gnutls_datum_t * data); -int gnutls_x509_crq_get_extension_info(gnutls_x509_crq_t crq, - unsigned indx, void *oid, - size_t *sizeof_oid, +int gnutls_x509_crq_get_extension_data(gnutls_x509_crq_t crq, unsigned indx, + void *data, size_t *sizeof_data); +int gnutls_x509_crq_get_extension_data2(gnutls_x509_crq_t crq, unsigned indx, + gnutls_datum_t *data); +int gnutls_x509_crq_get_extension_info(gnutls_x509_crq_t crq, unsigned indx, + void *oid, size_t *sizeof_oid, unsigned int *critical); -int gnutls_x509_crq_get_attribute_data(gnutls_x509_crq_t crq, - unsigned indx, void *data, - size_t *sizeof_data); -int gnutls_x509_crq_get_attribute_info(gnutls_x509_crq_t crq, - unsigned indx, void *oid, - size_t *sizeof_oid); +int gnutls_x509_crq_get_attribute_data(gnutls_x509_crq_t crq, unsigned indx, + void *data, size_t *sizeof_data); +int gnutls_x509_crq_get_attribute_info(gnutls_x509_crq_t crq, unsigned indx, + void *oid, size_t *sizeof_oid); int gnutls_x509_crq_get_pk_algorithm(gnutls_x509_crq_t crq, unsigned int *bits); int gnutls_x509_crq_get_spki(gnutls_x509_crq_t crq, gnutls_x509_spki_t spki, unsigned int flags); @@ -1455,12 +1336,11 @@ int gnutls_x509_crq_get_signature_oid(gnutls_x509_crq_t crq, char *oid, int gnutls_x509_crq_get_pk_oid(gnutls_x509_crq_t crq, char *oid, size_t *oid_size); -int gnutls_x509_crq_get_key_id(gnutls_x509_crq_t crq, - unsigned int flags, +int gnutls_x509_crq_get_key_id(gnutls_x509_crq_t crq, unsigned int flags, unsigned char *output_data, size_t *output_data_size); -int gnutls_x509_crq_get_key_rsa_raw(gnutls_x509_crq_t crq, - gnutls_datum_t * m, gnutls_datum_t * e); +int gnutls_x509_crq_get_key_rsa_raw(gnutls_x509_crq_t crq, gnutls_datum_t *m, + gnutls_datum_t *e); int gnutls_x509_crq_get_key_usage(gnutls_x509_crq_t crq, unsigned int *key_usage, @@ -1469,19 +1349,16 @@ int gnutls_x509_crq_get_basic_constraints(gnutls_x509_crq_t crq, unsigned int *critical, unsigned int *ca, int *pathlen); int gnutls_x509_crq_get_subject_alt_name(gnutls_x509_crq_t crq, - unsigned int seq, - void *ret, + unsigned int seq, void *ret, size_t *ret_size, unsigned int *ret_type, unsigned int *critical); -int gnutls_x509_crq_get_subject_alt_othername_oid(gnutls_x509_crq_t - crq, - unsigned int seq, - void *ret, size_t *ret_size); +int gnutls_x509_crq_get_subject_alt_othername_oid(gnutls_x509_crq_t crq, + unsigned int seq, void *ret, + size_t *ret_size); -int gnutls_x509_crq_get_extension_by_oid(gnutls_x509_crq_t crq, - const char *oid, unsigned indx, - void *buf, +int gnutls_x509_crq_get_extension_by_oid(gnutls_x509_crq_t crq, const char *oid, + unsigned indx, void *buf, size_t *sizeof_buf, unsigned int *critical); @@ -1491,40 +1368,34 @@ int gnutls_x509_crq_get_tlsfeatures(gnutls_x509_crq_t crq, int gnutls_x509_crq_set_tlsfeatures(gnutls_x509_crq_t crq, gnutls_x509_tlsfeatures_t features); -int -gnutls_x509_crt_get_extension_by_oid2(gnutls_x509_crt_t cert, - const char *oid, unsigned indx, - gnutls_datum_t * output, - unsigned int *critical); +int gnutls_x509_crt_get_extension_by_oid2(gnutls_x509_crt_t cert, + const char *oid, unsigned indx, + gnutls_datum_t *output, + unsigned int *critical); typedef struct gnutls_x509_trust_list_st *gnutls_x509_trust_list_t; typedef struct gnutls_x509_trust_list_iter *gnutls_x509_trust_list_iter_t; -int -gnutls_x509_trust_list_init(gnutls_x509_trust_list_t * list, unsigned int size); +int gnutls_x509_trust_list_init(gnutls_x509_trust_list_t *list, + unsigned int size); -void -gnutls_x509_trust_list_deinit(gnutls_x509_trust_list_t list, unsigned int all); +void gnutls_x509_trust_list_deinit(gnutls_x509_trust_list_t list, + unsigned int all); -int gnutls_x509_trust_list_get_issuer(gnutls_x509_trust_list_t - list, gnutls_x509_crt_t cert, - gnutls_x509_crt_t * issuer, +int gnutls_x509_trust_list_get_issuer(gnutls_x509_trust_list_t list, + gnutls_x509_crt_t cert, + gnutls_x509_crt_t *issuer, unsigned int flags); int gnutls_x509_trust_list_get_issuer_by_dn(gnutls_x509_trust_list_t list, - const gnutls_datum_t * dn, - gnutls_x509_crt_t * issuer, + const gnutls_datum_t *dn, + gnutls_x509_crt_t *issuer, unsigned int flags); -int gnutls_x509_trust_list_get_issuer_by_subject_key_id(gnutls_x509_trust_list_t - list, - const gnutls_datum_t * - dn, - const gnutls_datum_t * - spki, - gnutls_x509_crt_t * - issuer, - unsigned int flags); +int gnutls_x509_trust_list_get_issuer_by_subject_key_id( + gnutls_x509_trust_list_t list, const gnutls_datum_t *dn, + const gnutls_datum_t *spki, gnutls_x509_crt_t *issuer, + unsigned int flags); /** * gnutls_trust_list_flags_t: * @GNUTLS_TL_VERIFY_CRL: If any CRLs are provided they will be verified for validity @@ -1547,151 +1418,125 @@ int gnutls_x509_trust_list_get_issuer_by_subject_key_id(gnutls_x509_trust_list_t */ typedef enum gnutls_trust_list_flags_t { GNUTLS_TL_VERIFY_CRL = 1, -# define GNUTLS_TL_VERIFY_CRL 1 +#define GNUTLS_TL_VERIFY_CRL 1 GNUTLS_TL_USE_IN_TLS = (1 << 1), -# define GNUTLS_TL_USE_IN_TLS (1<<1) +#define GNUTLS_TL_USE_IN_TLS (1 << 1) GNUTLS_TL_NO_DUPLICATES = (1 << 2), -# define GNUTLS_TL_NO_DUPLICATES (1<<2) +#define GNUTLS_TL_NO_DUPLICATES (1 << 2) GNUTLS_TL_NO_DUPLICATE_KEY = (1 << 3), -# define GNUTLS_TL_NO_DUPLICATE_KEY (1<<3) +#define GNUTLS_TL_NO_DUPLICATE_KEY (1 << 3) GNUTLS_TL_GET_COPY = (1 << 4), -# define GNUTLS_TL_GET_COPY (1<<4) +#define GNUTLS_TL_GET_COPY (1 << 4) GNUTLS_TL_FAIL_ON_INVALID_CRL = (1 << 5) -# define GNUTLS_TL_FAIL_ON_INVALID_CRL (1<<5) +#define GNUTLS_TL_FAIL_ON_INVALID_CRL (1 << 5) } gnutls_trust_list_flags_t; -int -gnutls_x509_trust_list_add_cas(gnutls_x509_trust_list_t list, - const gnutls_x509_crt_t * clist, - unsigned clist_size, unsigned int flags); -int gnutls_x509_trust_list_remove_cas(gnutls_x509_trust_list_t - list, - const gnutls_x509_crt_t * - clist, unsigned clist_size); - -int gnutls_x509_trust_list_add_named_crt(gnutls_x509_trust_list_t - list, +int gnutls_x509_trust_list_add_cas(gnutls_x509_trust_list_t list, + const gnutls_x509_crt_t *clist, + unsigned clist_size, unsigned int flags); +int gnutls_x509_trust_list_remove_cas(gnutls_x509_trust_list_t list, + const gnutls_x509_crt_t *clist, + unsigned clist_size); + +int gnutls_x509_trust_list_add_named_crt(gnutls_x509_trust_list_t list, gnutls_x509_crt_t cert, - const void *name, - size_t name_size, unsigned int flags); + const void *name, size_t name_size, + unsigned int flags); -int -gnutls_x509_trust_list_add_crls(gnutls_x509_trust_list_t list, - const gnutls_x509_crl_t * - crl_list, unsigned crl_size, - unsigned int flags, - unsigned int verification_flags); +int gnutls_x509_trust_list_add_crls(gnutls_x509_trust_list_t list, + const gnutls_x509_crl_t *crl_list, + unsigned crl_size, unsigned int flags, + unsigned int verification_flags); -int -gnutls_x509_trust_list_iter_get_ca(gnutls_x509_trust_list_t list, - gnutls_x509_trust_list_iter_t * iter, - gnutls_x509_crt_t * crt); +int gnutls_x509_trust_list_iter_get_ca(gnutls_x509_trust_list_t list, + gnutls_x509_trust_list_iter_t *iter, + gnutls_x509_crt_t *crt); void gnutls_x509_trust_list_iter_deinit(gnutls_x509_trust_list_iter_t iter); -typedef int gnutls_verify_output_function(gnutls_x509_crt_t cert, - gnutls_x509_crt_t issuer, - /* The issuer if verification failed +typedef int gnutls_verify_output_function( + gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, + /* The issuer if verification failed * because of him. might be null. */ - gnutls_x509_crl_t crl, /* The CRL that caused verification failure + gnutls_x509_crl_t crl, /* The CRL that caused verification failure * if any. Might be null. */ - unsigned int verification_output); - -void gnutls_session_set_verify_output_function(gnutls_session_t session, - gnutls_verify_output_function * - func); - -int gnutls_x509_trust_list_verify_named_crt - (gnutls_x509_trust_list_t list, gnutls_x509_crt_t cert, - const void *name, size_t name_size, unsigned int flags, - unsigned int *verify, gnutls_verify_output_function func); - -int -gnutls_x509_trust_list_verify_crt2(gnutls_x509_trust_list_t list, - gnutls_x509_crt_t * cert_list, - unsigned int cert_list_size, - gnutls_typed_vdata_st * data, - unsigned int elements, - unsigned int flags, - unsigned int *voutput, - gnutls_verify_output_function func); - -int -gnutls_x509_trust_list_verify_crt(gnutls_x509_trust_list_t list, - gnutls_x509_crt_t * cert_list, - unsigned int cert_list_size, - unsigned int flags, - unsigned int *verify, - gnutls_verify_output_function func); - - /* trust list convenience functions */ -int -gnutls_x509_trust_list_add_trust_mem(gnutls_x509_trust_list_t - list, - const gnutls_datum_t * cas, - const gnutls_datum_t * crls, - gnutls_x509_crt_fmt_t type, - unsigned int tl_flags, - unsigned int tl_vflags); - -int -gnutls_x509_trust_list_add_trust_file(gnutls_x509_trust_list_t - list, const char *ca_file, - const char *crl_file, - gnutls_x509_crt_fmt_t type, - unsigned int tl_flags, - unsigned int tl_vflags); - -int -gnutls_x509_trust_list_add_trust_dir(gnutls_x509_trust_list_t list, - const char *ca_dir, - const char *crl_dir, - gnutls_x509_crt_fmt_t type, - unsigned int tl_flags, - unsigned int tl_vflags); - -int -gnutls_x509_trust_list_remove_trust_file(gnutls_x509_trust_list_t - list, - const char *ca_file, - gnutls_x509_crt_fmt_t type); - -int -gnutls_x509_trust_list_remove_trust_mem(gnutls_x509_trust_list_t - list, - const gnutls_datum_t * - cas, gnutls_x509_crt_fmt_t type); - -int -gnutls_x509_trust_list_add_system_trust(gnutls_x509_trust_list_t - list, - unsigned int tl_flags, - unsigned int tl_vflags); - -typedef int gnutls_x509_trust_list_getissuer_function(gnutls_x509_trust_list_t - list, - const gnutls_x509_crt_t - cert, - gnutls_x509_crt_t ** - issuers, unsigned int - *issuers_size); - -void gnutls_x509_trust_list_set_getissuer_function(gnutls_x509_trust_list_t - tlist, - gnutls_x509_trust_list_getissuer_function - * func); + unsigned int verification_output); + +void gnutls_session_set_verify_output_function( + gnutls_session_t session, gnutls_verify_output_function *func); + +int gnutls_x509_trust_list_verify_named_crt(gnutls_x509_trust_list_t list, + gnutls_x509_crt_t cert, + const void *name, size_t name_size, + unsigned int flags, + unsigned int *verify, + gnutls_verify_output_function func); + +int gnutls_x509_trust_list_verify_crt2( + gnutls_x509_trust_list_t list, gnutls_x509_crt_t *cert_list, + unsigned int cert_list_size, gnutls_typed_vdata_st *data, + unsigned int elements, unsigned int flags, unsigned int *voutput, + gnutls_verify_output_function func); + +int gnutls_x509_trust_list_verify_crt(gnutls_x509_trust_list_t list, + gnutls_x509_crt_t *cert_list, + unsigned int cert_list_size, + unsigned int flags, unsigned int *verify, + gnutls_verify_output_function func); + +/* trust list convenience functions */ +int gnutls_x509_trust_list_add_trust_mem(gnutls_x509_trust_list_t list, + const gnutls_datum_t *cas, + const gnutls_datum_t *crls, + gnutls_x509_crt_fmt_t type, + unsigned int tl_flags, + unsigned int tl_vflags); + +int gnutls_x509_trust_list_add_trust_file(gnutls_x509_trust_list_t list, + const char *ca_file, + const char *crl_file, + gnutls_x509_crt_fmt_t type, + unsigned int tl_flags, + unsigned int tl_vflags); + +int gnutls_x509_trust_list_add_trust_dir(gnutls_x509_trust_list_t list, + const char *ca_dir, + const char *crl_dir, + gnutls_x509_crt_fmt_t type, + unsigned int tl_flags, + unsigned int tl_vflags); + +int gnutls_x509_trust_list_remove_trust_file(gnutls_x509_trust_list_t list, + const char *ca_file, + gnutls_x509_crt_fmt_t type); + +int gnutls_x509_trust_list_remove_trust_mem(gnutls_x509_trust_list_t list, + const gnutls_datum_t *cas, + gnutls_x509_crt_fmt_t type); + +int gnutls_x509_trust_list_add_system_trust(gnutls_x509_trust_list_t list, + unsigned int tl_flags, + unsigned int tl_vflags); + +typedef int gnutls_x509_trust_list_getissuer_function( + gnutls_x509_trust_list_t list, const gnutls_x509_crt_t cert, + gnutls_x509_crt_t **issuers, unsigned int *issuers_size); + +void gnutls_x509_trust_list_set_getissuer_function( + gnutls_x509_trust_list_t tlist, + gnutls_x509_trust_list_getissuer_function *func); void gnutls_x509_trust_list_set_ptr(gnutls_x509_trust_list_t tlist, void *ptr); void *gnutls_x509_trust_list_get_ptr(gnutls_x509_trust_list_t tlist); -void gnutls_certificate_set_trust_list - (gnutls_certificate_credentials_t res, - gnutls_x509_trust_list_t tlist, unsigned flags); -void gnutls_certificate_get_trust_list - (gnutls_certificate_credentials_t res, gnutls_x509_trust_list_t * tlist); +void gnutls_certificate_set_trust_list(gnutls_certificate_credentials_t res, + gnutls_x509_trust_list_t tlist, + unsigned flags); +void gnutls_certificate_get_trust_list(gnutls_certificate_credentials_t res, + gnutls_x509_trust_list_t *tlist); typedef struct gnutls_x509_ext_st { char *oid; @@ -1699,17 +1544,16 @@ typedef struct gnutls_x509_ext_st { gnutls_datum_t data; } gnutls_x509_ext_st; -void gnutls_x509_ext_deinit(gnutls_x509_ext_st * ext); +void gnutls_x509_ext_deinit(gnutls_x509_ext_st *ext); -int -gnutls_x509_ext_print(gnutls_x509_ext_st * exts, unsigned int exts_size, - gnutls_certificate_print_formats_t format, - gnutls_datum_t * out); +int gnutls_x509_ext_print(gnutls_x509_ext_st *exts, unsigned int exts_size, + gnutls_certificate_print_formats_t format, + gnutls_datum_t *out); -# include <gnutls/pkcs7.h> +#include <gnutls/pkcs7.h> #ifdef __cplusplus } #endif -#endif /* GNUTLS_X509_H */ +#endif /* GNUTLS_X509_H */ |