2 files changed, 22 insertions, 18 deletions

diff --git a/NEWS b/NEWS
index 57d8556aa5..42cc6cbfcc 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,6 @@
+Version 0.8.5
+- Allow larger MPI parameters.
+
 Version 0.8.4 (10/03/2003)
 - Corrected a broken buffer check in _gnutls_io_read_buffered(),
   which caused some unexpected packet length errors. Report and patch
diff --git a/lib/gnutls_cert.h b/lib/gnutls_cert.h
index b792c4b7ef..c157a38274 100644
--- a/lib/gnutls_cert.h
+++ b/lib/gnutls_cert.h
@@ -4,12 +4,11 @@
 #include <gnutls_pk.h>
 #include <libtasn1.h>
 #include <gnutls_ui.h>
-#include "x509/x509.h"
 
 #define MAX_PARAMS_SIZE 6 /* ok for RSA and DSA */
 
 /* parameters should not be larger than this limit */
-#define MAX_PARAMETER_SIZE 1200
+#define MAX_PARAMETER_SIZE 2400
 #define DSA_PRIVATE_PARAMS 5
 #define DSA_PUBLIC_PARAMS 4
 #define RSA_PRIVATE_PARAMS 6
@@ -50,16 +49,26 @@ typedef struct gnutls_cert {
 	
 	gnutls_pk_algorithm subject_pk_algorithm;
 
- 	unsigned int keyUsage; /* bits from KEY_* 
-				  */
+	gnutls_datum   signature;
+
+	time_t	   expiration_time;
+	time_t	   activation_time;
+
+	int	   version; /* 1,2,3 
+ 	                     */
+ 	
+ 	uint16	   keyUsage; /* bits from KEY_* 
+ 	                      */
+ 	
+	int        CA;    /* 0 if the certificate does not belong to
+	                   * a certificate authority. 1 otherwise.
+	                   */
 
-	unsigned int version; 	
 			/* holds the type (PGP, X509)
 			 */
 	gnutls_certificate_type     cert_type;
 	
-	gnutls_datum raw;
-	
+	gnutls_datum raw; /* the raw certificate */
 } gnutls_cert;
 
 typedef struct {
@@ -83,21 +92,13 @@ typedef struct {
 
 	gnutls_pk_algorithm pk_algorithm;
 
+	gnutls_datum raw; /* the raw key */
 } gnutls_private_key;
 
 struct gnutls_session_int; /* because gnutls_session is not defined when this file is included */
 
-typedef enum ConvFlags { 
-	CERT_NO_COPY=2, 
-	CERT_ONLY_PUBKEY=4,
-	CERT_ONLY_EXTENSIONS=16
-} ConvFlags;
-
-int _gnutls_x509_cert2gnutls_cert(gnutls_cert * gcert, const gnutls_datum *derCert,
-	int flags);
-void _gnutls_free_cert(gnutls_cert* cert);
-int _gnutls_cert_get_dn(gnutls_cert * cert, gnutls_datum * odn);
-
 int _gnutls_cert_supported_kx( const gnutls_cert* cert, gnutls_kx_algorithm **alg, int *alg_size);
 
+void _gnutls_free_cert(gnutls_cert cert);
+
 #endif