diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2002-01-04 12:05:51 +0000 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2002-01-04 12:05:51 +0000 |
commit | faa84bc98ead2485c5ff7e57d9b7e208a8816364 (patch) | |
tree | 8413d914f1691ecc19d90e12ca9049f66fc95fcd /src | |
parent | 78fcf46acfef31b49960d2a7fee7c172a1116bf0 (diff) | |
download | gnutls-faa84bc98ead2485c5ff7e57d9b7e208a8816364.tar.gz |
updated documentation
Diffstat (limited to 'src')
-rw-r--r-- | src/common.h | 31 |
1 files changed, 26 insertions, 5 deletions
diff --git a/src/common.h b/src/common.h index cc616c2494..9d2aee344f 100644 --- a/src/common.h +++ b/src/common.h @@ -12,13 +12,18 @@ static int print_info( GNUTLS_STATE state) { const char *tmp; -CredType cred; +GNUTLS_CredType cred; gnutls_DN dn; const gnutls_datum* cert_list; -CertificateStatus status; +GNUTLS_CertificateStatus status; int cert_list_size = 0; +GNUTLS_KXAlgorithm kx; - tmp = gnutls_kx_get_name(gnutls_kx_get_algo( state)); + + /* print the key exchange's algorithm name + */ + kx = gnutls_kx_get_algo(state); + tmp = gnutls_kx_get_name( kx); printf("- Key Exchange: %s\n", tmp); cred = gnutls_auth_get_type(state); @@ -28,6 +33,8 @@ int cert_list_size = 0; gnutls_anon_client_get_dh_bits( state)); break; case GNUTLS_X509PKI: + /* in case of X509 PKI + */ cert_list = gnutls_x509pki_client_get_peer_certificate_list( state, &cert_list_size); status = gnutls_x509pki_client_get_peer_certificate_status( state); @@ -48,7 +55,14 @@ int cert_list_size = 0; printf("- Peer's X509 Certificate was invalid\n"); break; } - + + /* Check if we have been using ephemeral Diffie Hellman. + */ + if (kx == GNUTLS_KX_X509PKI_DHE_RSA || kx == GNUTLS_KX_X509PKI_DHE_DSS) { + printf("\n- Ephemeral DH using prime of %d bits\n", + gnutls_x509pki_server_get_dh_bits( state)); + } + if (cert_list_size > 0) { char digest[20]; char serial[40]; @@ -59,6 +73,8 @@ int cert_list_size = 0; printf(" - Certificate info:\n"); + /* Print the fingerprint of the certificate + */ if ( gnutls_fingerprint( GNUTLS_DIG_MD5, &cert_list[0], digest, &digest_size) >= 0) { print = printable; for (i=0;i<digest_size;i++) { @@ -67,7 +83,9 @@ int cert_list_size = 0; } printf(" - Certificate fingerprint: %s\n", printable); } - + + /* Print the serial number of the certificate. + */ if ( gnutls_x509pki_extract_certificate_serial( &cert_list[0], serial, &serial_size) >= 0) { print = printable; for (i=0;i<serial_size;i++) { @@ -77,6 +95,9 @@ int cert_list_size = 0; printf(" - Certificate serial number: %s\n", printable); } + /* Print the version of the X.509 + * certificate. + */ printf(" - Certificate version: #%d\n", gnutls_x509pki_extract_certificate_version( &cert_list[0])); gnutls_x509pki_extract_certificate_dn( &cert_list[0], &dn); |