diff options
| -rw-r--r-- | lib/includes/gnutls/compat.h | 26 | ||||
| -rw-r--r-- | lib/includes/gnutls/crypto.h | 297 | ||||
| -rw-r--r-- | lib/includes/gnutls/gnutlsxx.h | 770 | ||||
| -rw-r--r-- | lib/includes/gnutls/openpgp.h | 266 | ||||
| -rw-r--r-- | lib/includes/gnutls/pkcs12.h | 23 | ||||
| -rw-r--r-- | lib/includes/gnutls/x509.h | 77 |
6 files changed, 774 insertions, 685 deletions
diff --git a/lib/includes/gnutls/compat.h b/lib/includes/gnutls/compat.h index f96d6a0c02..b269f7fa75 100644 --- a/lib/includes/gnutls/compat.h +++ b/lib/includes/gnutls/compat.h @@ -1,23 +1,7 @@ -/* Typedefs to be fully compatible with the types of - * GnuTLS 1.0.x. - */ +/* Typedefs for more compatibility with older GnuTLS. */ -#ifndef GCOMPAT_H -# define GCOMPAT_H - -#ifdef __GNUC__ - -#define _GNUTLS_GCC_VERSION (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__) - -#if _GNUTLS_GCC_VERSION >= 30100 -#define _GNUTLS_GCC_ATTR_DEPRECATED __attribute__ ((__deprecated__)) -#endif - -#endif /* __GNUC__ */ - -#ifndef _GNUTLS_GCC_ATTR_DEPRECATED -#define _GNUTLS_GCC_ATTR_DEPRECATED -#endif +#ifndef GNUTLS_COMPAT_H +# define GNUTLS_COMPAT_H #define gnutls_cipher_algorithm gnutls_cipher_algorithm_t #define gnutls_kx_algorithm gnutls_kx_algorithm_t @@ -106,11 +90,11 @@ #define TLS_MASTER_SIZE GNUTLS_MASTER_SIZE #define TLS_RANDOM_SIZE GNUTLS_RANDOM_SIZE -/* Further namespace problems. */ +/* Namespace problems. */ #define LIBGNUTLS_VERSION GNUTLS_VERSION #define LIBGNUTLS_VERSION_MAJOR GNUTLS_VERSION_MAJOR #define LIBGNUTLS_VERSION_MINOR GNUTLS_VERSION_MINOR #define LIBGNUTLS_VERSION_PATCH GNUTLS_VERSION_PATCH #define LIBGNUTLS_VERSION_NUMBER GNUTLS_VERSION_NUMBER -#endif /* GCOMPAT_H */ +#endif /* GNUTLS_COMPAT_H */ diff --git a/lib/includes/gnutls/crypto.h b/lib/includes/gnutls/crypto.h index 24813c0935..52a6b98aa0 100644 --- a/lib/includes/gnutls/crypto.h +++ b/lib/includes/gnutls/crypto.h @@ -25,46 +25,50 @@ #ifndef GNUTLS_CRYPTO_H # define GNUTLS_CRYPTO_H -#define GNUTLS_CRYPTO_API_VERSION 0x01 +# define GNUTLS_CRYPTO_API_VERSION 0x01 -typedef struct { - int (*init) (void** ctx); - int (*setkey) (void* ctx, const void * key, size_t keysize); - int (*setiv) (void* ctx, const void* iv, size_t ivsize); - int (*encrypt) (void* ctx, const void* plain, size_t plainsize, - void* encr, size_t encrsize); - int (*decrypt) (void* ctx, const void* encr, size_t encrsize, - void* plain, size_t plainsize); - void (*deinit) (void* ctx); +typedef struct +{ + int (*init) (void **ctx); + int (*setkey) (void *ctx, const void *key, size_t keysize); + int (*setiv) (void *ctx, const void *iv, size_t ivsize); + int (*encrypt) (void *ctx, const void *plain, size_t plainsize, + void *encr, size_t encrsize); + int (*decrypt) (void *ctx, const void *encr, size_t encrsize, + void *plain, size_t plainsize); + void (*deinit) (void *ctx); } gnutls_crypto_single_cipher_st; -typedef struct { - int (*init) (void** ctx); - int (*setkey) (void* ctx, const void * key, size_t keysize); - int (*hash) (void* ctx, const void * text, size_t textsize); - int (*copy) (void** dst_ctx, void* src_ctx); - int (*output) (void* src_ctx, void* digest, size_t digestsize); - void (*deinit)(void* ctx); +typedef struct +{ + int (*init) (void **ctx); + int (*setkey) (void *ctx, const void *key, size_t keysize); + int (*hash) (void *ctx, const void *text, size_t textsize); + int (*copy) (void **dst_ctx, void *src_ctx); + int (*output) (void *src_ctx, void *digest, size_t digestsize); + void (*deinit) (void *ctx); } gnutls_crypto_single_mac_st; -typedef struct { - int (*init) (gnutls_cipher_algorithm_t, void** ctx); - int (*setkey) (void* ctx, const void * key, size_t keysize); - int (*setiv) (void* ctx, const void* iv, size_t ivsize); - int (*encrypt) (void* ctx, const void* plain, size_t plainsize, - void* encr, size_t encrsize); - int (*decrypt) (void* ctx, const void* encr, size_t encrsize, - void* plain, size_t plainsize); - void (*deinit) (void* ctx); +typedef struct +{ + int (*init) (gnutls_cipher_algorithm_t, void **ctx); + int (*setkey) (void *ctx, const void *key, size_t keysize); + int (*setiv) (void *ctx, const void *iv, size_t ivsize); + int (*encrypt) (void *ctx, const void *plain, size_t plainsize, + void *encr, size_t encrsize); + int (*decrypt) (void *ctx, const void *encr, size_t encrsize, + void *plain, size_t plainsize); + void (*deinit) (void *ctx); } gnutls_crypto_cipher_st; -typedef struct { - int (*init) (gnutls_mac_algorithm_t, void** ctx); - int (*setkey) (void* ctx, const void * key, size_t keysize); - int (*hash) (void* ctx, const void * text, size_t textsize); - int (*copy) (void** dst_ctx, void* src_ctx); - int (*output) (void* src_ctx, void* digest, size_t digestsize); - void (*deinit)(void* ctx); +typedef struct +{ + int (*init) (gnutls_mac_algorithm_t, void **ctx); + int (*setkey) (void *ctx, const void *key, size_t keysize); + int (*hash) (void *ctx, const void *text, size_t textsize); + int (*copy) (void **dst_ctx, void *src_ctx); + int (*output) (void *src_ctx, void *digest, size_t digestsize); + void (*deinit) (void *ctx); } gnutls_crypto_mac_st; /* the same... setkey should be null */ @@ -72,112 +76,115 @@ typedef gnutls_crypto_single_mac_st gnutls_crypto_single_digest_st; typedef gnutls_crypto_mac_st gnutls_crypto_digest_st; typedef enum gnutls_rnd_level - { - /* fatal in parts of session if broken, i.e., vulnerable to - statistical analysis */ - GNUTLS_RND_NONCE = 0, - /* fatal in session if broken */ - GNUTLS_RND_RANDOM = 1, - /* fatal in many sessions if broken */ - GNUTLS_RND_KEY = 2 - } gnutls_rnd_level_t; +{ + /* fatal in parts of session if broken, i.e., vulnerable to + statistical analysis */ + GNUTLS_RND_NONCE = 0, + /* fatal in session if broken */ + GNUTLS_RND_RANDOM = 1, + /* fatal in many sessions if broken */ + GNUTLS_RND_KEY = 2 +} gnutls_rnd_level_t; typedef enum - { - GNUTLS_PK_FLAG_NONE = 0 - } gnutls_pk_flag_t; +{ + GNUTLS_PK_FLAG_NONE = 0 +} gnutls_pk_flag_t; -typedef struct gnutls_crypto_rnd { - int (*init)( void** ctx); - int (*rnd) ( void* ctx, int /* gnutls_rnd_level_t */ level, - void* data, size_t datasize); - void (*deinit)( void* ctx); +typedef struct gnutls_crypto_rnd +{ + int (*init) (void **ctx); + int (*rnd) (void *ctx, int /* gnutls_rnd_level_t */ level, + void *data, size_t datasize); + void (*deinit) (void *ctx); } gnutls_crypto_rnd_st; -typedef void* bigint_t; +typedef void *bigint_t; typedef enum - { - /* raw unsigned integer format */ - GNUTLS_MPI_FORMAT_USG = 0, - /* raw signed integer format - always a leading zero when positive */ - GNUTLS_MPI_FORMAT_STD = 1, - /* the pgp integer format */ - GNUTLS_MPI_FORMAT_PGP = 2 - } gnutls_bigint_format_t; +{ + /* raw unsigned integer format */ + GNUTLS_MPI_FORMAT_USG = 0, + /* raw signed integer format - always a leading zero when positive */ + GNUTLS_MPI_FORMAT_STD = 1, + /* the pgp integer format */ + GNUTLS_MPI_FORMAT_PGP = 2 +} gnutls_bigint_format_t; typedef struct { - bigint_t g; /* group generator */ - bigint_t p; /* prime */ + bigint_t g; /* group generator */ + bigint_t p; /* prime */ } gnutls_group_st; /* Multi precision integer arithmetic */ -typedef struct gnutls_crypto_bigint { - bigint_t (*bigint_new)( int nbits); - void (*bigint_release)( bigint_t n); +typedef struct gnutls_crypto_bigint +{ + bigint_t (*bigint_new) (int nbits); + void (*bigint_release) (bigint_t n); /* 0 for equality, > 0 for m1>m2, < 0 for m1<m2 */ - int (*bigint_cmp)(const bigint_t m1, const bigint_t m2); + int (*bigint_cmp) (const bigint_t m1, const bigint_t m2); /* as bigint_cmp */ - int (*bigint_cmp_ui)(const bigint_t m1, unsigned long m2); + int (*bigint_cmp_ui) (const bigint_t m1, unsigned long m2); /* ret = a % b */ - bigint_t (*bigint_mod) (const bigint_t a, const bigint_t b); + bigint_t (*bigint_mod) (const bigint_t a, const bigint_t b); /* a = b -> ret == a */ - bigint_t (*bigint_set) (bigint_t a, const bigint_t b); + bigint_t (*bigint_set) (bigint_t a, const bigint_t b); /* a = b -> ret == a */ - bigint_t (*bigint_set_ui) (bigint_t a, unsigned long b); - unsigned int (*bigint_get_nbits)(const bigint_t a); + bigint_t (*bigint_set_ui) (bigint_t a, unsigned long b); + unsigned int (*bigint_get_nbits) (const bigint_t a); /* w = b ^ e mod m */ - bigint_t (*bigint_powm) (bigint_t w, const bigint_t b, - const bigint_t e, const bigint_t m); + bigint_t (*bigint_powm) (bigint_t w, const bigint_t b, + const bigint_t e, const bigint_t m); /* w = a + b mod m */ - bigint_t (*bigint_addm) (bigint_t w, const bigint_t a, - const bigint_t b, const bigint_t m); + bigint_t (*bigint_addm) (bigint_t w, const bigint_t a, + const bigint_t b, const bigint_t m); /* w = a - b mod m */ - bigint_t (*bigint_subm) (bigint_t w, const bigint_t a, const bigint_t b, - const bigint_t m); + bigint_t (*bigint_subm) (bigint_t w, const bigint_t a, const bigint_t b, + const bigint_t m); /* w = a * b mod m */ - bigint_t (*bigint_mulm) (bigint_t w, const bigint_t a, const bigint_t b, - const bigint_t m); - /* w = a + b */bigint_t (*bigint_add) (bigint_t w, const bigint_t a, - const bigint_t b); - /* w = a - b */bigint_t (*bigint_sub) (bigint_t w, const bigint_t a, - const bigint_t b); + bigint_t (*bigint_mulm) (bigint_t w, const bigint_t a, const bigint_t b, + const bigint_t m); + /* w = a + b */ bigint_t (*bigint_add) (bigint_t w, const bigint_t a, + const bigint_t b); + /* w = a - b */ bigint_t (*bigint_sub) (bigint_t w, const bigint_t a, + const bigint_t b); /* w = a * b */ - bigint_t (*bigint_mul) (bigint_t w, const bigint_t a, const bigint_t b); + bigint_t (*bigint_mul) (bigint_t w, const bigint_t a, const bigint_t b); /* w = a + b */ - bigint_t (*bigint_add_ui) (bigint_t w, const bigint_t a, unsigned long b); + bigint_t (*bigint_add_ui) (bigint_t w, const bigint_t a, unsigned long b); /* w = a - b */ - bigint_t (*bigint_sub_ui) (bigint_t w, const bigint_t a, unsigned long b); + bigint_t (*bigint_sub_ui) (bigint_t w, const bigint_t a, unsigned long b); /* w = a * b */ - bigint_t (*bigint_mul_ui) (bigint_t w, const bigint_t a, unsigned long b); + bigint_t (*bigint_mul_ui) (bigint_t w, const bigint_t a, unsigned long b); /* q = a / b */ - bigint_t (*bigint_div) (bigint_t q, const bigint_t a, const bigint_t b); + bigint_t (*bigint_div) (bigint_t q, const bigint_t a, const bigint_t b); /* 0 if prime */ int (*bigint_prime_check) (const bigint_t pp); - int (*bigint_generate_group) (gnutls_group_st* gg, unsigned int bits); + int (*bigint_generate_group) (gnutls_group_st * gg, unsigned int bits); /* reads an bigint from a buffer */ /* stores an bigint into the buffer. returns * GNUTLS_E_SHORT_MEMORY_BUFFER if buf_size is not sufficient to * store this integer, and updates the buf_size; */ - bigint_t (*bigint_scan) (const void* buf, size_t buf_size, - gnutls_bigint_format_t format); - int (*bigint_print) (const bigint_t a, void* buf, size_t* buf_size, + bigint_t (*bigint_scan) (const void *buf, size_t buf_size, + gnutls_bigint_format_t format); + int (*bigint_print) (const bigint_t a, void *buf, size_t * buf_size, gnutls_bigint_format_t format); } gnutls_crypto_bigint_st; #define GNUTLS_MAX_PK_PARAMS 6 -typedef struct { +typedef struct +{ bigint_t params[GNUTLS_MAX_PK_PARAMS]; - unsigned int params_nr; /* the number of parameters */ + unsigned int params_nr; /* the number of parameters */ unsigned int flags; } gnutls_pk_params_st; -void gnutls_pk_params_release (gnutls_pk_params_st* p); -void gnutls_pk_params_init (gnutls_pk_params_st* p); +void gnutls_pk_params_release (gnutls_pk_params_st * p); +void gnutls_pk_params_init (gnutls_pk_params_st * p); /* params are: * RSA: @@ -206,79 +213,87 @@ typedef enum } gnutls_direction_t; /* Public key algorithms */ -typedef struct gnutls_crypto_pk { +typedef struct gnutls_crypto_pk +{ /* The params structure should contain the private or public key * parameters, depending on the operation */ - int (*encrypt)( gnutls_pk_algorithm_t, gnutls_datum_t* ciphertext, - const gnutls_datum_t* plaintext, const gnutls_pk_params_st* /* public */); - int (*decrypt)( gnutls_pk_algorithm_t, gnutls_datum_t* plaintext, - const gnutls_datum_t* ciphertext, - const gnutls_pk_params_st* /* private */); - - int (*sign)( gnutls_pk_algorithm_t, gnutls_datum_t* signature, - const gnutls_datum_t* data, - const gnutls_pk_params_st* /* private */); - int (*verify)( gnutls_pk_algorithm_t, const gnutls_datum_t* data, - const gnutls_datum_t* signature, - const gnutls_pk_params_st* /* public */); - - int (*generate)( gnutls_pk_algorithm_t, unsigned int level /*bits*/, - gnutls_pk_params_st*); + int (*encrypt) (gnutls_pk_algorithm_t, gnutls_datum_t * ciphertext, + const gnutls_datum_t * plaintext, + const gnutls_pk_params_st * /* public */ ); + int (*decrypt) (gnutls_pk_algorithm_t, gnutls_datum_t * plaintext, + const gnutls_datum_t * ciphertext, + const gnutls_pk_params_st * /* private */ ); + + int (*sign) (gnutls_pk_algorithm_t, gnutls_datum_t * signature, + const gnutls_datum_t * data, + const gnutls_pk_params_st * /* private */ ); + int (*verify) (gnutls_pk_algorithm_t, const gnutls_datum_t * data, + const gnutls_datum_t * signature, + const gnutls_pk_params_st * /* public */ ); + + int (*generate) (gnutls_pk_algorithm_t, unsigned int level /*bits */ , + gnutls_pk_params_st *); /* this function should convert params to ones suitable * for the above functions */ - int (*pk_fixup_private_params)( gnutls_pk_algorithm_t, gnutls_direction_t, - gnutls_pk_params_st*); + int (*pk_fixup_private_params) (gnutls_pk_algorithm_t, gnutls_direction_t, + gnutls_pk_params_st *); } gnutls_crypto_pk_st; /* priority: infinity for backend algorithms, 90 for kernel algorithms, lowest wins */ -#define gnutls_crypto_single_cipher_register(algo, prio, st) \ - gnutls_crypto_single_cipher_register2 (algo, prio, GNUTLS_CRYPTO_API_VERSION, st) -#define gnutls_crypto_single_mac_register(algo, prio, st) \ - gnutls_crypto_single_mac_register2 (algo, prio, GNUTLS_CRYPTO_API_VERSION, st) -#define gnutls_crypto_single_digest_register(algo, prio, st) \ - gnutls_crypto_single_digest_register2(algo, prio, GNUTLS_CRYPTO_API_VERSION, st) - -int gnutls_crypto_single_cipher_register2 (gnutls_cipher_algorithm_t algorithm, - int priority, int version, - gnutls_crypto_single_cipher_st* s); +# define gnutls_crypto_single_cipher_register(algo, prio, st) \ + gnutls_crypto_single_cipher_register2 (algo, prio, \ + GNUTLS_CRYPTO_API_VERSION, st) +# define gnutls_crypto_single_mac_register(algo, prio, st) \ + gnutls_crypto_single_mac_register2 (algo, prio, \ + GNUTLS_CRYPTO_API_VERSION, st) +# define gnutls_crypto_single_digest_register(algo, prio, st) \ + gnutls_crypto_single_digest_register2(algo, prio, \ + GNUTLS_CRYPTO_API_VERSION, st) + +int gnutls_crypto_single_cipher_register2 (gnutls_cipher_algorithm_t + algorithm, int priority, + int version, + gnutls_crypto_single_cipher_st * + s); int gnutls_crypto_single_mac_register2 (gnutls_mac_algorithm_t algorithm, int priority, int version, - gnutls_crypto_single_mac_st* s); -int gnutls_crypto_single_digest_register2 (gnutls_digest_algorithm_t algorithm, - int priority, int version, - gnutls_crypto_single_digest_st* s); - -#define gnutls_crypto_cipher_register(prio, st) \ + gnutls_crypto_single_mac_st * s); +int gnutls_crypto_single_digest_register2 (gnutls_digest_algorithm_t + algorithm, int priority, + int version, + gnutls_crypto_single_digest_st * + s); + +# define gnutls_crypto_cipher_register(prio, st) \ gnutls_crypto_cipher_register2 (prio, GNUTLS_CRYPTO_API_VERSION, st) -#define gnutls_crypto_mac_register(prio, st) \ +# define gnutls_crypto_mac_register(prio, st) \ gnutls_crypto_mac_register2 (prio, GNUTLS_CRYPTO_API_VERSION, st) -#define gnutls_crypto_digest_register(prio, st) \ +# define gnutls_crypto_digest_register(prio, st) \ gnutls_crypto_digest_register2 (prio, GNUTLS_CRYPTO_API_VERSION, st) int gnutls_crypto_cipher_register2 (int priority, int version, - gnutls_crypto_cipher_st* s); + gnutls_crypto_cipher_st * s); int gnutls_crypto_mac_register2 (int priority, int version, - gnutls_crypto_mac_st* s); + gnutls_crypto_mac_st * s); int gnutls_crypto_digest_register2 (int priority, int version, - gnutls_crypto_digest_st* s); + gnutls_crypto_digest_st * s); -#define gnutls_crypto_rnd_register(prio, st) \ +# define gnutls_crypto_rnd_register(prio, st) \ gnutls_crypto_rnd_register2 (prio, GNUTLS_CRYPTO_API_VERSION, st) -#define gnutls_crypto_pk_register(prio, st) \ +# define gnutls_crypto_pk_register(prio, st) \ gnutls_crypto_pk_register2 (prio, GNUTLS_CRYPTO_API_VERSION, st) -#define gnutls_crypto_bigint_register(prio, st) \ +# define gnutls_crypto_bigint_register(prio, st) \ gnutls_crypto_bigint_register2 (prio, GNUTLS_CRYPTO_API_VERSION, st) int gnutls_crypto_rnd_register2 (int priority, int version, - gnutls_crypto_rnd_st* s); + gnutls_crypto_rnd_st * s); int gnutls_crypto_pk_register2 (int priority, int version, - gnutls_crypto_pk_st* s); + gnutls_crypto_pk_st * s); int gnutls_crypto_bigint_register2 (int priority, int version, - gnutls_crypto_bigint_st* s); + gnutls_crypto_bigint_st * s); #endif - diff --git a/lib/includes/gnutls/gnutlsxx.h b/lib/includes/gnutls/gnutlsxx.h index 455fa2425f..b3013d2d02 100644 --- a/lib/includes/gnutls/gnutlsxx.h +++ b/lib/includes/gnutls/gnutlsxx.h @@ -5,384 +5,408 @@ #include <vector> #include <gnutls/gnutls.h> -namespace gnutls { - -class noncopyable +namespace gnutls { - protected: - noncopyable() { } - ~noncopyable() { } - private: - // These are non-implemented. - noncopyable(const noncopyable &); - noncopyable &operator=(const noncopyable &); -}; + class noncopyable + { + protected: + noncopyable () + { + } + ~noncopyable () + { + } + + private: + // These are non-implemented. + noncopyable (const noncopyable &); + noncopyable & operator= (const noncopyable &); + }; + + + class exception:public std::exception + { + public: + exception (int x); + const char *what () const throw (); + int get_code (); + protected: + int retcode; + }; + + + class dh_params:private noncopyable + { + public: + dh_params (); + ~dh_params (); + void import_raw (const gnutls_datum_t & prime, + const gnutls_datum_t & generator); + void import_pkcs3 (const gnutls_datum_t & pkcs3_params, + gnutls_x509_crt_fmt_t format); + void generate (unsigned int bits); + + void export_pkcs3 (gnutls_x509_crt_fmt_t format, + unsigned char *params_data, size_t * params_data_size); + void export_raw (gnutls_datum_t & prime, gnutls_datum_t & generator); + + gnutls_dh_params_t get_params_t () const; + dh_params & operator= (const dh_params & src); + protected: + gnutls_dh_params_t params; + }; + + + class rsa_params:private noncopyable + { + public: + rsa_params (); + ~rsa_params (); + void import_raw (const gnutls_datum_t & m, + const gnutls_datum_t & e, + const gnutls_datum_t & d, + const gnutls_datum_t & p, + const gnutls_datum_t & q, const gnutls_datum_t & u); + void import_pkcs1 (const gnutls_datum_t & pkcs1_params, + gnutls_x509_crt_fmt_t format); + void generate (unsigned int bits); + + void export_pkcs1 (gnutls_x509_crt_fmt_t format, + unsigned char *params_data, size_t * params_data_size); + void export_raw (gnutls_datum_t & m, gnutls_datum_t & e, + gnutls_datum_t & d, gnutls_datum_t & p, + gnutls_datum_t & q, gnutls_datum_t & u); + gnutls_rsa_params_t get_params_t () const; + rsa_params & operator= (const rsa_params & src); + + protected: + gnutls_rsa_params_t params; + }; + + class session:private noncopyable + { + protected: + gnutls_session_t s; + public: + session (gnutls_connection_end_t); + virtual ~ session (); + + int bye (gnutls_close_request_t how); + int handshake (); + + gnutls_alert_description_t get_alert () const; + + int send_alert (gnutls_alert_level_t level, + gnutls_alert_description_t desc); + int send_appropriate_alert (int err); + + gnutls_cipher_algorithm_t get_cipher () const; + gnutls_kx_algorithm_t get_kx () const; + gnutls_mac_algorithm_t get_mac () const; + gnutls_compression_method_t get_compression () const; + gnutls_certificate_type_t get_certificate_type () const; + + // for the handshake + void set_private_extensions (bool allow); + + gnutls_handshake_description_t get_handshake_last_out () const; + gnutls_handshake_description_t get_handshake_last_in () const; + + ssize_t send (const void *data, size_t sizeofdata); + ssize_t recv (void *data, size_t sizeofdata); + + bool get_record_direction () const; + + // maximum packet size + size_t get_max_size () const; + void set_max_size (size_t size); + + size_t check_pending () const; + + void prf (size_t label_size, const char *label, + int server_random_first, + size_t extra_size, const char *extra, + size_t outsize, char *out); + + void prf_raw (size_t label_size, const char *label, + size_t seed_size, const char *seed, + size_t outsize, char *out); + + void set_cipher_priority (const int *list); + void set_mac_priority (const int *list); + void set_compression_priority (const int *list); + void set_kx_priority (const int *list); + void set_protocol_priority (const int *list); + void set_certificate_type_priority (const int *list); + + /* if you just want some defaults, use the following. + */ + void set_priority (const char *prio, const char **err_pos); + void set_priority (gnutls_priority_t p); + + gnutls_protocol_t get_protocol_version () const; + + // for resuming sessions + void set_data (const void *session_data, size_t session_data_size); + void get_data (void *session_data, size_t * session_data_size) const; + void get_data (gnutls_session_t session, gnutls_datum_t & data) const; + void get_id (void *session_id, size_t * session_id_size) const; + + bool is_resumed () const; + + void set_max_handshake_packet_length (size_t max); + + void clear_credentials (); + void set_credentials (class credentials & cred); + + void set_transport_ptr (gnutls_transport_ptr_t ptr); + void set_transport_ptr (gnutls_transport_ptr_t recv_ptr, + gnutls_transport_ptr_t send_ptr); + gnutls_transport_ptr_t get_transport_ptr () const; + void get_transport_ptr (gnutls_transport_ptr_t & recv_ptr, + gnutls_transport_ptr_t & send_ptr) const; + + void set_transport_lowat (size_t num); + void set_transport_push_function (gnutls_push_func push_func); + void set_transport_pull_function (gnutls_pull_func pull_func); + + void set_user_ptr (void *ptr); + void *get_user_ptr () const; + + void send_openpgp_cert (gnutls_openpgp_crt_status_t status); + + gnutls_credentials_type_t get_auth_type () const; + gnutls_credentials_type_t get_server_auth_type () const; + gnutls_credentials_type_t get_client_auth_type () const; + // informational stuff + void set_dh_prime_bits (unsigned int bits); + unsigned int get_dh_secret_bits () const; + unsigned int get_dh_peers_public_bits () const; + unsigned int get_dh_prime_bits () const; + void get_dh_group (gnutls_datum_t & gen, gnutls_datum_t & prime) const; + void get_dh_pubkey (gnutls_datum_t & raw_key) const; + void get_rsa_export_pubkey (gnutls_datum_t & exponent, + gnutls_datum_t & modulus) const; + unsigned int get_rsa_export_modulus_bits () const; -class exception: public std::exception -{ - public: - exception( int x); - const char* what() const throw(); - int get_code(); - protected: - int retcode; -}; + void get_our_certificate (gnutls_datum_t & cert) const; + bool get_peers_certificate (std::vector < gnutls_datum_t > + &out_certs) const; + bool get_peers_certificate (const gnutls_datum_t ** certs, + unsigned int *certs_size) const; + time_t get_peers_certificate_activation_time () const; + time_t get_peers_certificate_expiration_time () const; + void verify_peers_certificate (unsigned int &status) const; -class dh_params : private noncopyable -{ - public: - dh_params(); - ~dh_params(); - void import_raw( const gnutls_datum_t & prime, - const gnutls_datum_t & generator); - void import_pkcs3( const gnutls_datum_t & pkcs3_params, - gnutls_x509_crt_fmt_t format); - void generate( unsigned int bits); - - void export_pkcs3( gnutls_x509_crt_fmt_t format, unsigned char *params_data, size_t * params_data_size); - void export_raw( gnutls_datum_t& prime, gnutls_datum_t &generator); - - gnutls_dh_params_t get_params_t() const; - dh_params & operator=(const dh_params& src); - protected: - gnutls_dh_params_t params; -}; - - -class rsa_params : private noncopyable -{ - public: - rsa_params(); - ~rsa_params(); - void import_raw( const gnutls_datum_t & m, - const gnutls_datum_t & e, - const gnutls_datum_t & d, - const gnutls_datum_t & p, - const gnutls_datum_t & q, - const gnutls_datum_t & u); - void import_pkcs1( const gnutls_datum_t & pkcs1_params, - gnutls_x509_crt_fmt_t format); - void generate( unsigned int bits); - - void export_pkcs1( gnutls_x509_crt_fmt_t format, unsigned char *params_data, size_t * params_data_size); - void export_raw( gnutls_datum_t & m, gnutls_datum_t & e, - gnutls_datum_t & d, gnutls_datum_t & p, - gnutls_datum_t & q, gnutls_datum_t & u); - gnutls_rsa_params_t get_params_t() const; - rsa_params & operator=(const rsa_params& src); - - protected: - gnutls_rsa_params_t params; -}; - -class session : private noncopyable -{ - protected: - gnutls_session_t s; - public: - session( gnutls_connection_end_t); - virtual ~session(); - - int bye( gnutls_close_request_t how); - int handshake (); - - gnutls_alert_description_t get_alert() const; - - int send_alert ( gnutls_alert_level_t level, - gnutls_alert_description_t desc); - int send_appropriate_alert (int err); - - gnutls_cipher_algorithm_t get_cipher() const; - gnutls_kx_algorithm_t get_kx () const; - gnutls_mac_algorithm_t get_mac () const; - gnutls_compression_method_t get_compression () const; - gnutls_certificate_type_t get_certificate_type() const; - - // for the handshake - void set_private_extensions ( bool allow); - - gnutls_handshake_description_t get_handshake_last_out() const; - gnutls_handshake_description_t get_handshake_last_in() const; - - ssize_t send (const void *data, size_t sizeofdata); - ssize_t recv (void *data, size_t sizeofdata); - - bool get_record_direction() const; - - // maximum packet size - size_t get_max_size() const; - void set_max_size(size_t size); - - size_t check_pending() const; - - void prf (size_t label_size, const char *label, - int server_random_first, - size_t extra_size, const char *extra, - size_t outsize, char *out); - - void prf_raw ( size_t label_size, const char *label, - size_t seed_size, const char *seed, - size_t outsize, char *out); - - void set_cipher_priority (const int *list); - void set_mac_priority (const int *list); - void set_compression_priority (const int *list); - void set_kx_priority (const int *list); - void set_protocol_priority (const int *list); - void set_certificate_type_priority (const int *list); - - /* if you just want some defaults, use the following. - */ - void set_priority (const char* prio, const char** err_pos); - void set_priority (gnutls_priority_t p); - - gnutls_protocol_t get_protocol_version() const; - - // for resuming sessions - void set_data ( const void *session_data, - size_t session_data_size); - void get_data (void *session_data, - size_t * session_data_size) const; - void get_data(gnutls_session_t session, - gnutls_datum_t & data) const; - void get_id ( void *session_id, - size_t * session_id_size) const; - - bool is_resumed () const; - - void set_max_handshake_packet_length ( size_t max); - - void clear_credentials(); - void set_credentials( class credentials & cred); - - void set_transport_ptr( gnutls_transport_ptr_t ptr); - void set_transport_ptr( gnutls_transport_ptr_t recv_ptr, gnutls_transport_ptr_t send_ptr); - gnutls_transport_ptr_t get_transport_ptr() const; - void get_transport_ptr(gnutls_transport_ptr_t & recv_ptr, - gnutls_transport_ptr_t & send_ptr) const; - - void set_transport_lowat (size_t num); - void set_transport_push_function( gnutls_push_func push_func); - void set_transport_pull_function( gnutls_pull_func pull_func); - - void set_user_ptr( void* ptr); - void *get_user_ptr() const; - - void send_openpgp_cert( gnutls_openpgp_crt_status_t status); - - gnutls_credentials_type_t get_auth_type() const; - gnutls_credentials_type_t get_server_auth_type() const; - gnutls_credentials_type_t get_client_auth_type() const; - - // informational stuff - void set_dh_prime_bits( unsigned int bits); - unsigned int get_dh_secret_bits() const; - unsigned int get_dh_peers_public_bits() const; - unsigned int get_dh_prime_bits() const; - void get_dh_group( gnutls_datum_t & gen, gnutls_datum_t & prime) const; - void get_dh_pubkey( gnutls_datum_t & raw_key) const; - void get_rsa_export_pubkey( gnutls_datum_t& exponent, gnutls_datum_t& modulus) const; - unsigned int get_rsa_export_modulus_bits() const; - - void get_our_certificate(gnutls_datum_t & cert) const; - bool get_peers_certificate(std::vector<gnutls_datum_t> &out_certs) const; - bool get_peers_certificate(const gnutls_datum_t** certs, unsigned int *certs_size) const; - - time_t get_peers_certificate_activation_time() const; - time_t get_peers_certificate_expiration_time() const; - void verify_peers_certificate( unsigned int& status) const; - -}; + }; // interface for databases -class DB : private noncopyable -{ - public: - virtual ~DB()=0; - virtual bool store( const gnutls_datum_t& key, const gnutls_datum_t& data)=0; - virtual bool retrieve( const gnutls_datum_t& key, gnutls_datum_t& data)=0; - virtual bool remove( const gnutls_datum_t& key)=0; -}; - -class server_session: public session -{ - public: - server_session(); - ~server_session(); - void db_remove() const; - - void set_db_cache_expiration (unsigned int seconds); - void set_db( const DB& db); - - // returns true if session is expired - bool db_check_entry ( gnutls_datum_t &session_data) const; - - // server side only - const char *get_srp_username() const; - const char *get_psk_username() const; - - void get_server_name (void *data, size_t * data_length, - unsigned int *type, unsigned int indx) const; - - int rehandshake(); - void set_certificate_request( gnutls_certificate_request_t); -}; - -class client_session: public session -{ - public: - client_session(); - ~client_session(); - - void set_server_name (gnutls_server_name_type_t type, - const void *name, size_t name_length); - - bool get_request_status(); -}; - - -class credentials : private noncopyable -{ - public: - virtual ~credentials() { } - gnutls_credentials_type_t get_type() const; - protected: - friend class session; - credentials(gnutls_credentials_type_t t); - void* ptr() const; - void set_ptr(void* ptr); - gnutls_credentials_type_t type; - private: - void *cred; -}; - -class certificate_credentials: public credentials -{ - public: - ~certificate_credentials(); - certificate_credentials(); - - void free_keys (); - void free_cas (); - void free_ca_names (); - void free_crls (); - - void set_dh_params ( const dh_params ¶ms); - void set_rsa_export_params ( const rsa_params& params); - void set_verify_flags ( unsigned int flags); - void set_verify_limits ( unsigned int max_bits, unsigned int max_depth); - - void set_x509_trust_file(const char *cafile, gnutls_x509_crt_fmt_t type); - void set_x509_trust(const gnutls_datum_t & CA, gnutls_x509_crt_fmt_t type); - // FIXME: use classes instead of gnutls_x509_crt_t - void set_x509_trust ( gnutls_x509_crt_t * ca_list, int ca_list_size); - - void set_x509_crl_file( const char *crlfile, gnutls_x509_crt_fmt_t type); - void set_x509_crl(const gnutls_datum_t & CRL, gnutls_x509_crt_fmt_t type); - void set_x509_crl ( gnutls_x509_crl_t * crl_list, int crl_list_size); - - void set_x509_key_file(const char *certfile, const char *KEYFILE, gnutls_x509_crt_fmt_t type); - void set_x509_key(const gnutls_datum_t & CERT, const gnutls_datum_t & KEY, gnutls_x509_crt_fmt_t type); - // FIXME: use classes - void set_x509_key ( gnutls_x509_crt_t * cert_list, int cert_list_size, - gnutls_x509_privkey_t key); - - - void set_simple_pkcs12_file( const char *pkcs12file, - gnutls_x509_crt_fmt_t type, const char *password); - - protected: - gnutls_certificate_credentials_t cred; -}; - -class certificate_server_credentials: public certificate_credentials -{ - public: - void set_retrieve_function( gnutls_certificate_server_retrieve_function* func); - void set_params_function( gnutls_params_function* func); -}; - -class certificate_client_credentials: public certificate_credentials -{ - public: - void set_retrieve_function( gnutls_certificate_client_retrieve_function* func); -}; - - - - -class anon_server_credentials: public credentials -{ - public: - anon_server_credentials(); - ~anon_server_credentials(); - void set_dh_params ( const dh_params ¶ms); - void set_params_function ( gnutls_params_function * func); - protected: - gnutls_anon_server_credentials_t cred; -}; - -class anon_client_credentials: public credentials -{ - public: - anon_client_credentials(); - ~anon_client_credentials(); - protected: - gnutls_anon_client_credentials_t cred; -}; - - -class srp_server_credentials: public credentials -{ - public: - srp_server_credentials(); - ~srp_server_credentials(); - void set_credentials_file (const char *password_file, const char *password_conf_file); - void set_credentials_function( gnutls_srp_server_credentials_function *func); - protected: - gnutls_srp_server_credentials_t cred; -}; - -class srp_client_credentials: public credentials -{ - public: - srp_client_credentials(); - ~srp_client_credentials(); - void set_credentials (const char *username, const char *password); - void set_credentials_function( gnutls_srp_client_credentials_function* func); - protected: - gnutls_srp_client_credentials_t cred; -}; - - -class psk_server_credentials: public credentials -{ - public: - psk_server_credentials(); - ~psk_server_credentials(); - void set_credentials_file(const char* password_file); - void set_credentials_function( gnutls_psk_server_credentials_function* func); - void set_dh_params ( const dh_params ¶ms); - void set_params_function (gnutls_params_function * func); - protected: - gnutls_psk_server_credentials_t cred; -}; - -class psk_client_credentials: public credentials -{ - public: - psk_client_credentials(); - ~psk_client_credentials(); - void set_credentials (const char *username, const gnutls_datum_t& key, gnutls_psk_key_flags flags); - void set_credentials_function( gnutls_psk_client_credentials_function* func); - protected: - gnutls_psk_client_credentials_t cred; -}; - - -} /* namespace */ - -#endif /* GNUTLSXX_H */ + class DB:private noncopyable + { + public: + virtual ~ DB () = 0; + virtual bool store (const gnutls_datum_t & key, + const gnutls_datum_t & data) = 0; + virtual bool retrieve (const gnutls_datum_t & key, + gnutls_datum_t & data) = 0; + virtual bool remove (const gnutls_datum_t & key) = 0; + }; + + class server_session:public session + { + public: + server_session (); + ~server_session (); + void db_remove () const; + + void set_db_cache_expiration (unsigned int seconds); + void set_db (const DB & db); + + // returns true if session is expired + bool db_check_entry (gnutls_datum_t & session_data) const; + + // server side only + const char *get_srp_username () const; + const char *get_psk_username () const; + + void get_server_name (void *data, size_t * data_length, + unsigned int *type, unsigned int indx) const; + + int rehandshake (); + void set_certificate_request (gnutls_certificate_request_t); + }; + + class client_session:public session + { + public: + client_session (); + ~client_session (); + + void set_server_name (gnutls_server_name_type_t type, + const void *name, size_t name_length); + + bool get_request_status (); + }; + + + class credentials:private noncopyable + { + public: + virtual ~ credentials () + { + } + gnutls_credentials_type_t get_type () const; + protected: + friend class session; + credentials (gnutls_credentials_type_t t); + void *ptr () const; + void set_ptr (void *ptr); + gnutls_credentials_type_t type; + private: + void *cred; + }; + + class certificate_credentials:public credentials + { + public: + ~certificate_credentials (); + certificate_credentials (); + + void free_keys (); + void free_cas (); + void free_ca_names (); + void free_crls (); + + void set_dh_params (const dh_params & params); + void set_rsa_export_params (const rsa_params & params); + void set_verify_flags (unsigned int flags); + void set_verify_limits (unsigned int max_bits, unsigned int max_depth); + + void set_x509_trust_file (const char *cafile, gnutls_x509_crt_fmt_t type); + void set_x509_trust (const gnutls_datum_t & CA, + gnutls_x509_crt_fmt_t type); + // FIXME: use classes instead of gnutls_x509_crt_t + void set_x509_trust (gnutls_x509_crt_t * ca_list, int ca_list_size); + + void set_x509_crl_file (const char *crlfile, gnutls_x509_crt_fmt_t type); + void set_x509_crl (const gnutls_datum_t & CRL, + gnutls_x509_crt_fmt_t type); + void set_x509_crl (gnutls_x509_crl_t * crl_list, int crl_list_size); + + void set_x509_key_file (const char *certfile, const char *KEYFILE, + gnutls_x509_crt_fmt_t type); + void set_x509_key (const gnutls_datum_t & CERT, + const gnutls_datum_t & KEY, + gnutls_x509_crt_fmt_t type); + // FIXME: use classes + void set_x509_key (gnutls_x509_crt_t * cert_list, int cert_list_size, + gnutls_x509_privkey_t key); + + + void set_simple_pkcs12_file (const char *pkcs12file, + gnutls_x509_crt_fmt_t type, + const char *password); + + protected: + gnutls_certificate_credentials_t cred; + }; + + class certificate_server_credentials:public certificate_credentials + { + public: + void set_retrieve_function (gnutls_certificate_server_retrieve_function * + func); + void set_params_function (gnutls_params_function * func); + }; + + class certificate_client_credentials:public certificate_credentials + { + public: + void set_retrieve_function (gnutls_certificate_client_retrieve_function * + func); + }; + + + + + class anon_server_credentials:public credentials + { + public: + anon_server_credentials (); + ~anon_server_credentials (); + void set_dh_params (const dh_params & params); + void set_params_function (gnutls_params_function * func); + protected: + gnutls_anon_server_credentials_t cred; + }; + + class anon_client_credentials:public credentials + { + public: + anon_client_credentials (); + ~anon_client_credentials (); + protected: + gnutls_anon_client_credentials_t cred; + }; + + + class srp_server_credentials:public credentials + { + public: + srp_server_credentials (); + ~srp_server_credentials (); + void set_credentials_file (const char *password_file, + const char *password_conf_file); + void set_credentials_function (gnutls_srp_server_credentials_function * + func); + protected: + gnutls_srp_server_credentials_t cred; + }; + + class srp_client_credentials:public credentials + { + public: + srp_client_credentials (); + ~srp_client_credentials (); + void set_credentials (const char *username, const char *password); + void set_credentials_function (gnutls_srp_client_credentials_function * + func); + protected: + gnutls_srp_client_credentials_t cred; + }; + + + class psk_server_credentials:public credentials + { + public: + psk_server_credentials (); + ~psk_server_credentials (); + void set_credentials_file (const char *password_file); + void set_credentials_function (gnutls_psk_server_credentials_function * + func); + void set_dh_params (const dh_params & params); + void set_params_function (gnutls_params_function * func); + protected: + gnutls_psk_server_credentials_t cred; + }; + + class psk_client_credentials:public credentials + { + public: + psk_client_credentials (); + ~psk_client_credentials (); + void set_credentials (const char *username, const gnutls_datum_t & key, + gnutls_psk_key_flags flags); + void set_credentials_function (gnutls_psk_client_credentials_function * + func); + protected: + gnutls_psk_client_credentials_t cred; + }; + + +} /* namespace */ + +#endif /* GNUTLSXX_H */ diff --git a/lib/includes/gnutls/openpgp.h b/lib/includes/gnutls/openpgp.h index ecb05183c8..316a12ee24 100644 --- a/lib/includes/gnutls/openpgp.h +++ b/lib/includes/gnutls/openpgp.h @@ -29,14 +29,14 @@ #ifndef GNUTLS_OPENPGP_H # define GNUTLS_OPENPGP_H -#ifdef __cplusplus +# include <gnutls/gnutls.h> + +# ifdef __cplusplus extern "C" { -#endif - -#include <gnutls/gnutls.h> +# endif -/* Openpgp certificate stuff +/* Openpgp certificate stuff */ typedef enum gnutls_openpgp_crt_fmt @@ -45,7 +45,7 @@ extern "C" } gnutls_openpgp_crt_fmt_t; typedef unsigned char gnutls_openpgp_keyid_t[8]; - + /* gnutls_openpgp_cert_t should be defined in gnutls.h */ @@ -63,8 +63,8 @@ extern "C" size_t * output_data_size); int gnutls_openpgp_crt_print (gnutls_openpgp_crt_t cert, - gnutls_certificate_print_formats_t format, - gnutls_datum_t *out); + gnutls_certificate_print_formats_t format, + gnutls_datum_t * out); /* The key_usage flags are defined in gnutls.h. They are * the GNUTLS_KEY_* definitions. @@ -80,9 +80,9 @@ extern "C" int gnutls_openpgp_crt_get_name (gnutls_openpgp_crt_t key, int idx, char *buf, size_t * sizeof_buf); - gnutls_pk_algorithm_t - gnutls_openpgp_crt_get_pk_algorithm (gnutls_openpgp_crt_t key, - unsigned int *bits); + gnutls_pk_algorithm_t + gnutls_openpgp_crt_get_pk_algorithm (gnutls_openpgp_crt_t key, + unsigned int *bits); int gnutls_openpgp_crt_get_version (gnutls_openpgp_crt_t key); @@ -90,7 +90,7 @@ extern "C" time_t gnutls_openpgp_crt_get_expiration_time (gnutls_openpgp_crt_t key); int gnutls_openpgp_crt_get_key_id (gnutls_openpgp_crt_t key, - gnutls_openpgp_keyid_t keyid); + gnutls_openpgp_keyid_t keyid); int gnutls_openpgp_crt_check_hostname (gnutls_openpgp_crt_t key, const char *hostname); @@ -98,94 +98,153 @@ extern "C" int gnutls_openpgp_crt_get_revoked_status (gnutls_openpgp_crt_t key); int gnutls_openpgp_crt_get_subkey_count (gnutls_openpgp_crt_t key); - int gnutls_openpgp_crt_get_subkey_idx (gnutls_openpgp_crt_t key, const gnutls_openpgp_keyid_t keyid); - int gnutls_openpgp_crt_get_subkey_revoked_status (gnutls_openpgp_crt_t key, unsigned int idx); - gnutls_pk_algorithm_t gnutls_openpgp_crt_get_subkey_pk_algorithm (gnutls_openpgp_crt_t key, - unsigned int idx, unsigned int *bits); - time_t gnutls_openpgp_crt_get_subkey_creation_time (gnutls_openpgp_crt_t key, unsigned int idx); - time_t gnutls_openpgp_crt_get_subkey_expiration_time (gnutls_openpgp_crt_t key, unsigned int idx); - int gnutls_openpgp_crt_get_subkey_id (gnutls_openpgp_crt_t key, unsigned int idx, gnutls_openpgp_keyid_t keyid); - int gnutls_openpgp_crt_get_subkey_usage (gnutls_openpgp_crt_t key, unsigned int idx, - unsigned int *key_usage); - - int gnutls_openpgp_crt_get_subkey_pk_dsa_raw (gnutls_openpgp_crt_t crt, unsigned int idx, - gnutls_datum_t * p, gnutls_datum_t * q, - gnutls_datum_t * g, gnutls_datum_t * y); - int gnutls_openpgp_crt_get_subkey_pk_rsa_raw (gnutls_openpgp_crt_t crt, unsigned int idx, - gnutls_datum_t * m, gnutls_datum_t * e); - int gnutls_openpgp_crt_get_pk_dsa_raw (gnutls_openpgp_crt_t crt, - gnutls_datum_t * p, gnutls_datum_t * q, - gnutls_datum_t * g, gnutls_datum_t * y); - int gnutls_openpgp_crt_get_pk_rsa_raw (gnutls_openpgp_crt_t crt, - gnutls_datum_t * m, gnutls_datum_t * e); - - int gnutls_openpgp_crt_get_preferred_key_id (gnutls_openpgp_crt_t key, gnutls_openpgp_keyid_t keyid); - int gnutls_openpgp_crt_set_preferred_key_id (gnutls_openpgp_crt_t key, const gnutls_openpgp_keyid_t keyid); + int gnutls_openpgp_crt_get_subkey_idx (gnutls_openpgp_crt_t key, + const gnutls_openpgp_keyid_t keyid); + int gnutls_openpgp_crt_get_subkey_revoked_status (gnutls_openpgp_crt_t key, + unsigned int idx); + gnutls_pk_algorithm_t + gnutls_openpgp_crt_get_subkey_pk_algorithm (gnutls_openpgp_crt_t key, + unsigned int idx, + unsigned int *bits); + time_t gnutls_openpgp_crt_get_subkey_creation_time (gnutls_openpgp_crt_t + key, unsigned int idx); + time_t gnutls_openpgp_crt_get_subkey_expiration_time (gnutls_openpgp_crt_t + key, + unsigned int idx); + int gnutls_openpgp_crt_get_subkey_id (gnutls_openpgp_crt_t key, + unsigned int idx, + gnutls_openpgp_keyid_t keyid); + int gnutls_openpgp_crt_get_subkey_usage (gnutls_openpgp_crt_t key, + unsigned int idx, + unsigned int *key_usage); + + int gnutls_openpgp_crt_get_subkey_pk_dsa_raw (gnutls_openpgp_crt_t crt, + unsigned int idx, + gnutls_datum_t * p, + gnutls_datum_t * q, + gnutls_datum_t * g, + gnutls_datum_t * y); + int gnutls_openpgp_crt_get_subkey_pk_rsa_raw (gnutls_openpgp_crt_t crt, + unsigned int idx, + gnutls_datum_t * m, + gnutls_datum_t * e); + int gnutls_openpgp_crt_get_pk_dsa_raw (gnutls_openpgp_crt_t crt, + gnutls_datum_t * p, + gnutls_datum_t * q, + gnutls_datum_t * g, + gnutls_datum_t * y); + int gnutls_openpgp_crt_get_pk_rsa_raw (gnutls_openpgp_crt_t crt, + gnutls_datum_t * m, + gnutls_datum_t * e); + + int gnutls_openpgp_crt_get_preferred_key_id (gnutls_openpgp_crt_t key, + gnutls_openpgp_keyid_t keyid); + int gnutls_openpgp_crt_set_preferred_key_id (gnutls_openpgp_crt_t key, + const gnutls_openpgp_keyid_t + keyid); /* privkey stuff. */ int gnutls_openpgp_privkey_init (gnutls_openpgp_privkey_t * key); void gnutls_openpgp_privkey_deinit (gnutls_openpgp_privkey_t key); - gnutls_pk_algorithm_t - gnutls_openpgp_privkey_get_pk_algorithm (gnutls_openpgp_privkey_t key, - unsigned int *bits); + gnutls_pk_algorithm_t + gnutls_openpgp_privkey_get_pk_algorithm (gnutls_openpgp_privkey_t key, + unsigned int *bits); int gnutls_openpgp_privkey_import (gnutls_openpgp_privkey_t key, const gnutls_datum_t * data, gnutls_openpgp_crt_fmt_t format, const char *pass, unsigned int flags); int gnutls_openpgp_privkey_sign_hash (gnutls_openpgp_privkey_t key, - const gnutls_datum_t * hash, - gnutls_datum_t * signature); + const gnutls_datum_t * hash, + gnutls_datum_t * signature); int gnutls_openpgp_privkey_get_fingerprint (gnutls_openpgp_privkey_t key, - void *fpr, size_t * fprlen); + void *fpr, size_t * fprlen); int - gnutls_openpgp_privkey_get_subkey_fingerprint (gnutls_openpgp_privkey_t key, - unsigned int idx, - void *fpr, size_t * fprlen); - int gnutls_openpgp_privkey_get_key_id (gnutls_openpgp_privkey_t key, gnutls_openpgp_keyid_t keyid); + gnutls_openpgp_privkey_get_subkey_fingerprint (gnutls_openpgp_privkey_t + key, unsigned int idx, + void *fpr, + size_t * fprlen); + int gnutls_openpgp_privkey_get_key_id (gnutls_openpgp_privkey_t key, + gnutls_openpgp_keyid_t keyid); int gnutls_openpgp_privkey_get_subkey_count (gnutls_openpgp_privkey_t key); - int gnutls_openpgp_privkey_get_subkey_idx (gnutls_openpgp_privkey_t key, const gnutls_openpgp_keyid_t keyid); - - int gnutls_openpgp_privkey_get_subkey_revoked_status (gnutls_openpgp_privkey_t key, unsigned int idx); - - int gnutls_openpgp_privkey_get_revoked_status (gnutls_openpgp_privkey_t key); + int gnutls_openpgp_privkey_get_subkey_idx (gnutls_openpgp_privkey_t key, + const gnutls_openpgp_keyid_t + keyid); - gnutls_pk_algorithm_t gnutls_openpgp_privkey_get_subkey_pk_algorithm (gnutls_openpgp_privkey_t key, - unsigned int idx, unsigned int *bits); - - time_t gnutls_openpgp_privkey_get_subkey_expiration_time (gnutls_openpgp_privkey_t key, unsigned int idx); - - int gnutls_openpgp_privkey_get_subkey_id (gnutls_openpgp_privkey_t key, unsigned int idx, gnutls_openpgp_keyid_t keyid); - - time_t gnutls_openpgp_privkey_get_subkey_creation_time (gnutls_openpgp_privkey_t key, unsigned int idx); - - int gnutls_openpgp_privkey_export_subkey_dsa_raw (gnutls_openpgp_privkey_t crt, unsigned int idx, - gnutls_datum_t * p, gnutls_datum_t * q, - gnutls_datum_t * g, gnutls_datum_t * y, - gnutls_datum_t * x); - int gnutls_openpgp_privkey_export_subkey_rsa_raw (gnutls_openpgp_privkey_t crt, unsigned int idx, - gnutls_datum_t * m, gnutls_datum_t * e, - gnutls_datum_t * d, gnutls_datum_t * p, - gnutls_datum_t * q, gnutls_datum_t * u); - - int gnutls_openpgp_privkey_export_dsa_raw (gnutls_openpgp_privkey_t crt, - gnutls_datum_t * p, gnutls_datum_t * q, - gnutls_datum_t * g, gnutls_datum_t * y, - gnutls_datum_t * x); - int gnutls_openpgp_privkey_export_rsa_raw (gnutls_openpgp_privkey_t crt, - gnutls_datum_t * m, gnutls_datum_t * e, - gnutls_datum_t * d, gnutls_datum_t * p, - gnutls_datum_t * q, gnutls_datum_t * u); + int + gnutls_openpgp_privkey_get_subkey_revoked_status (gnutls_openpgp_privkey_t + key, unsigned int idx); + + int gnutls_openpgp_privkey_get_revoked_status (gnutls_openpgp_privkey_t + key); + + gnutls_pk_algorithm_t + gnutls_openpgp_privkey_get_subkey_pk_algorithm (gnutls_openpgp_privkey_t + key, unsigned int idx, + unsigned int *bits); + + time_t + gnutls_openpgp_privkey_get_subkey_expiration_time + (gnutls_openpgp_privkey_t key, unsigned int idx); + + int gnutls_openpgp_privkey_get_subkey_id (gnutls_openpgp_privkey_t key, + unsigned int idx, + gnutls_openpgp_keyid_t keyid); + + time_t + gnutls_openpgp_privkey_get_subkey_creation_time (gnutls_openpgp_privkey_t + key, unsigned int idx); + + int gnutls_openpgp_privkey_export_subkey_dsa_raw (gnutls_openpgp_privkey_t + crt, unsigned int idx, + gnutls_datum_t * p, + gnutls_datum_t * q, + gnutls_datum_t * g, + gnutls_datum_t * y, + gnutls_datum_t * x); + int gnutls_openpgp_privkey_export_subkey_rsa_raw (gnutls_openpgp_privkey_t + crt, unsigned int idx, + gnutls_datum_t * m, + gnutls_datum_t * e, + gnutls_datum_t * d, + gnutls_datum_t * p, + gnutls_datum_t * q, + gnutls_datum_t * u); + + int gnutls_openpgp_privkey_export_dsa_raw (gnutls_openpgp_privkey_t crt, + gnutls_datum_t * p, + gnutls_datum_t * q, + gnutls_datum_t * g, + gnutls_datum_t * y, + gnutls_datum_t * x); + int gnutls_openpgp_privkey_export_rsa_raw (gnutls_openpgp_privkey_t crt, + gnutls_datum_t * m, + gnutls_datum_t * e, + gnutls_datum_t * d, + gnutls_datum_t * p, + gnutls_datum_t * q, + gnutls_datum_t * u); int gnutls_openpgp_privkey_export (gnutls_openpgp_privkey_t key, - gnutls_openpgp_crt_fmt_t format, - const char* password, unsigned int flags, - void *output_data, size_t * output_data_size); - - int gnutls_openpgp_privkey_set_preferred_key_id (gnutls_openpgp_privkey_t key, const gnutls_openpgp_keyid_t keyid); - int gnutls_openpgp_privkey_get_preferred_key_id (gnutls_openpgp_privkey_t key, gnutls_openpgp_keyid_t keyid); - - int gnutls_openpgp_crt_get_auth_subkey( gnutls_openpgp_crt_t crt, gnutls_openpgp_keyid_t keyid, unsigned int flag); + gnutls_openpgp_crt_fmt_t format, + const char *password, + unsigned int flags, + void *output_data, + size_t * output_data_size); + + int gnutls_openpgp_privkey_set_preferred_key_id (gnutls_openpgp_privkey_t + key, + const + gnutls_openpgp_keyid_t + keyid); + int gnutls_openpgp_privkey_get_preferred_key_id (gnutls_openpgp_privkey_t + key, + gnutls_openpgp_keyid_t + keyid); + + int gnutls_openpgp_crt_get_auth_subkey (gnutls_openpgp_crt_t crt, + gnutls_openpgp_keyid_t keyid, + unsigned int flag); /* Keyring stuff. */ @@ -211,8 +270,9 @@ extern "C" unsigned int flags, unsigned int *verify); - int gnutls_openpgp_keyring_get_crt (gnutls_openpgp_keyring_t ring, unsigned int idx, - gnutls_openpgp_crt_t* cert); + int gnutls_openpgp_keyring_get_crt (gnutls_openpgp_keyring_t ring, + unsigned int idx, + gnutls_openpgp_crt_t * cert); int gnutls_openpgp_keyring_get_crt_count (gnutls_openpgp_keyring_t ring); @@ -251,22 +311,26 @@ extern "C" int gnutls_certificate_set_openpgp_key_file (gnutls_certificate_credentials_t res, const char *CERTFILE, - const char *KEYFILE, gnutls_openpgp_crt_fmt_t); + const char *KEYFILE, + gnutls_openpgp_crt_fmt_t); int gnutls_certificate_set_openpgp_key_mem (gnutls_certificate_credentials_t res, const gnutls_datum_t * CERT, - const gnutls_datum_t * KEY, gnutls_openpgp_crt_fmt_t); + const gnutls_datum_t * KEY, + gnutls_openpgp_crt_fmt_t); - int gnutls_certificate_set_openpgp_key_file2 (gnutls_certificate_credentials_t - res, const char *CERTFILE, - const char *KEYFILE, const char* keyid, - gnutls_openpgp_crt_fmt_t); - int gnutls_certificate_set_openpgp_key_mem2 (gnutls_certificate_credentials_t - res, - const gnutls_datum_t * CERT, - const gnutls_datum_t * KEY, - const char* keyid, + int + gnutls_certificate_set_openpgp_key_file2 (gnutls_certificate_credentials_t + res, const char *CERTFILE, + const char *KEYFILE, + const char *keyid, gnutls_openpgp_crt_fmt_t); + int + gnutls_certificate_set_openpgp_key_mem2 (gnutls_certificate_credentials_t + res, const gnutls_datum_t * CERT, + const gnutls_datum_t * KEY, + const char *keyid, + gnutls_openpgp_crt_fmt_t); int gnutls_certificate_set_openpgp_keyring_mem @@ -275,9 +339,11 @@ extern "C" int gnutls_certificate_set_openpgp_keyring_file - (gnutls_certificate_credentials_t c, const char *file, gnutls_openpgp_crt_fmt_t); + (gnutls_certificate_credentials_t c, const char *file, + gnutls_openpgp_crt_fmt_t); -#ifdef __cplusplus +# ifdef __cplusplus } -#endif +# endif + #endif /* GNUTLS_OPENPGP_H */ diff --git a/lib/includes/gnutls/pkcs12.h b/lib/includes/gnutls/pkcs12.h index eb32e436f7..fcd6a49291 100644 --- a/lib/includes/gnutls/pkcs12.h +++ b/lib/includes/gnutls/pkcs12.h @@ -25,15 +25,15 @@ #ifndef GNUTLS_PKCS12_H # define GNUTLS_PKCS12_H -#ifdef __cplusplus +# include <gnutls/x509.h> + +# ifdef __cplusplus extern "C" { -#endif - -#include <gnutls/x509.h> +# endif -/* PKCS12 structures handling - */ + /* PKCS12 structures handling + */ struct gnutls_pkcs12_int; typedef struct gnutls_pkcs12_int *gnutls_pkcs12_t; @@ -44,12 +44,10 @@ extern "C" void gnutls_pkcs12_deinit (gnutls_pkcs12_t pkcs12); int gnutls_pkcs12_import (gnutls_pkcs12_t pkcs12, const gnutls_datum_t * data, - gnutls_x509_crt_fmt_t format, - unsigned int flags); + gnutls_x509_crt_fmt_t format, unsigned int flags); int gnutls_pkcs12_export (gnutls_pkcs12_t pkcs12, gnutls_x509_crt_fmt_t format, - void *output_data, - size_t * output_data_size); + void *output_data, size_t * output_data_size); int gnutls_pkcs12_get_bag (gnutls_pkcs12_t pkcs12, int indx, gnutls_pkcs12_bag_t bag); @@ -100,7 +98,8 @@ extern "C" int gnutls_pkcs12_bag_set_friendly_name (gnutls_pkcs12_bag_t bag, int indx, const char *name); -#ifdef __cplusplus +# ifdef __cplusplus } -#endif +# endif + #endif /* GNUTLS_PKCS12_H */ diff --git a/lib/includes/gnutls/x509.h b/lib/includes/gnutls/x509.h index c0e86b5365..63da3201cb 100644 --- a/lib/includes/gnutls/x509.h +++ b/lib/includes/gnutls/x509.h @@ -29,12 +29,12 @@ #ifndef GNUTLS_X509_H # define GNUTLS_X509_H -#ifdef __cplusplus +# include <gnutls/gnutls.h> + +# ifdef __cplusplus extern "C" { -#endif - -#include <gnutls/gnutls.h> +# endif /* Some OIDs usually found in Distinguished names, or * in Subject Directory Attribute extensions. @@ -125,7 +125,7 @@ extern "C" int gnutls_x509_crt_get_signature_algorithm (gnutls_x509_crt_t cert); int gnutls_x509_crt_get_signature (gnutls_x509_crt_t cert, - char *sig, size_t *sizeof_sig); + char *sig, size_t * sizeof_sig); int gnutls_x509_crt_get_version (gnutls_x509_crt_t cert); int gnutls_x509_crt_get_key_id (gnutls_x509_crt_t crt, unsigned int flags, @@ -158,9 +158,10 @@ extern "C" unsigned int *reason_flags, unsigned int *critical); int gnutls_x509_crt_set_crl_dist_points2 (gnutls_x509_crt_t crt, - gnutls_x509_subject_alt_name_t - type, const void *data, unsigned int data_size, - unsigned int reason_flags); + gnutls_x509_subject_alt_name_t + type, const void *data, + unsigned int data_size, + unsigned int reason_flags); int gnutls_x509_crt_set_crl_dist_points (gnutls_x509_crt_t crt, gnutls_x509_subject_alt_name_t type, const void *data_string, @@ -187,9 +188,11 @@ extern "C" size_t * ret_size, unsigned int *critical); int gnutls_x509_crt_get_subject_alt_name2 (gnutls_x509_crt_t cert, - unsigned int seq, void *ret, size_t * ret_size, - unsigned int* ret_type, unsigned int *critical); - + unsigned int seq, void *ret, + size_t * ret_size, + unsigned int *ret_type, + unsigned int *critical); + int gnutls_x509_crt_get_subject_alt_othername_oid (gnutls_x509_crt_t cert, unsigned int seq, void *ret, @@ -199,8 +202,7 @@ extern "C" unsigned int *critical); int gnutls_x509_crt_get_basic_constraints (gnutls_x509_crt_t cert, unsigned int *critical, - int *ca, - int *pathlen); + int *ca, int *pathlen); /* The key_usage flags are defined in gnutls.h. They are the * GNUTLS_KEY_* definitions. @@ -215,8 +217,7 @@ extern "C" unsigned int *critical, int *pathlen, char **policyLanguage, - char **policy, - size_t *sizeof_policy); + char **policy, size_t * sizeof_policy); int gnutls_x509_dn_oid_known (const char *oid); @@ -270,21 +271,20 @@ extern "C" int gnutls_x509_crt_set_subject_alt_name (gnutls_x509_crt_t crt, gnutls_x509_subject_alt_name_t type, - const void *data, unsigned int data_size, + const void *data, + unsigned int data_size, unsigned int flags); - int gnutls_x509_crt_sign (gnutls_x509_crt_t crt, - gnutls_x509_crt_t issuer, + int gnutls_x509_crt_sign (gnutls_x509_crt_t crt, gnutls_x509_crt_t issuer, gnutls_x509_privkey_t issuer_key); - int gnutls_x509_crt_sign2 (gnutls_x509_crt_t crt, - gnutls_x509_crt_t issuer, + int gnutls_x509_crt_sign2 (gnutls_x509_crt_t crt, gnutls_x509_crt_t issuer, gnutls_x509_privkey_t issuer_key, gnutls_digest_algorithm_t, unsigned int flags); int gnutls_x509_crt_set_activation_time (gnutls_x509_crt_t cert, time_t act_time); int gnutls_x509_crt_set_expiration_time (gnutls_x509_crt_t cert, time_t exp_time); - int gnutls_x509_crt_set_serial (gnutls_x509_crt_t cert, - const void *serial, size_t serial_size); + int gnutls_x509_crt_set_serial (gnutls_x509_crt_t cert, const void *serial, + size_t serial_size); int gnutls_x509_crt_set_subject_key_id (gnutls_x509_crt_t cert, const void *id, size_t id_size); @@ -297,15 +297,14 @@ extern "C" int gnutls_x509_crt_set_proxy (gnutls_x509_crt_t crt, int pathLenConstraint, const char *policyLanguage, - const char *policy, - size_t sizeof_policy); + const char *policy, size_t sizeof_policy); int gnutls_x509_crt_print (gnutls_x509_crt_t cert, gnutls_certificate_print_formats_t format, - gnutls_datum_t *out); + gnutls_datum_t * out); int gnutls_x509_crl_print (gnutls_x509_crl_t crl, gnutls_certificate_print_formats_t format, - gnutls_datum_t *out); + gnutls_datum_t * out); /* Access to internal Certificate fields. */ @@ -328,27 +327,28 @@ extern "C" typedef void *gnutls_x509_dn_t; - typedef struct gnutls_x509_ava_st { + typedef struct gnutls_x509_ava_st + { gnutls_datum_t oid; gnutls_datum_t value; unsigned long value_tag; } gnutls_x509_ava_st; int gnutls_x509_crt_get_subject (gnutls_x509_crt_t cert, - gnutls_x509_dn_t *dn); + gnutls_x509_dn_t * dn); int gnutls_x509_crt_get_issuer (gnutls_x509_crt_t cert, - gnutls_x509_dn_t *dn); + gnutls_x509_dn_t * dn); int gnutls_x509_dn_get_rdn_ava (gnutls_x509_dn_t dn, int irdn, - int iava, gnutls_x509_ava_st *avast); + int iava, gnutls_x509_ava_st * avast); int gnutls_x509_dn_init (gnutls_x509_dn_t * dn); int gnutls_x509_dn_import (gnutls_x509_dn_t odn, - const gnutls_datum_t * data); + const gnutls_datum_t * data); int gnutls_x509_dn_export (gnutls_x509_dn_t dn, - gnutls_x509_crt_fmt_t format, void *output_data, - size_t * output_data_size); + gnutls_x509_crt_fmt_t format, void *output_data, + size_t * output_data_size); void gnutls_x509_dn_deinit (gnutls_x509_dn_t idn); @@ -376,7 +376,7 @@ extern "C" int gnutls_x509_crl_get_signature_algorithm (gnutls_x509_crl_t crl); int gnutls_x509_crl_get_signature (gnutls_x509_crl_t crl, - char *sig, size_t *sizeof_sig); + char *sig, size_t * sizeof_sig); int gnutls_x509_crl_get_version (gnutls_x509_crl_t crl); time_t gnutls_x509_crl_get_this_update (gnutls_x509_crl_t crl); @@ -653,8 +653,8 @@ extern "C" typedef struct gnutls_x509_crq_int *gnutls_x509_crq_t; int gnutls_x509_crq_print (gnutls_x509_crq_t crq, - gnutls_certificate_print_formats_t format, - gnutls_datum_t * out); + gnutls_certificate_print_formats_t format, + gnutls_datum_t * out); int gnutls_x509_crq_init (gnutls_x509_crq_t * crq); void gnutls_x509_crq_deinit (gnutls_x509_crq_t crq); @@ -763,7 +763,8 @@ extern "C" void *buf, size_t * sizeof_buf, unsigned int *critical); -#ifdef __cplusplus +# ifdef __cplusplus } -#endif +# endif + #endif /* GNUTLS_X509_H */ |