diff options
Diffstat (limited to 'lib/includes/gnutls/gnutls.h.in')
-rw-r--r-- | lib/includes/gnutls/gnutls.h.in | 85 |
1 files changed, 80 insertions, 5 deletions
diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in index 41389a39af..7a0a63188d 100644 --- a/lib/includes/gnutls/gnutls.h.in +++ b/lib/includes/gnutls/gnutls.h.in @@ -114,6 +114,11 @@ extern "C" { * @GNUTLS_CIPHER_SALSA20_256: Salsa20 with 256-bit keys. * @GNUTLS_CIPHER_ESTREAM_SALSA20_256: Estream's Salsa20 variant with 256-bit keys. * @GNUTLS_CIPHER_CHACHA20_POLY1305: The Chacha20 cipher with the Poly1305 authenticator (AEAD). + * @GNUTLS_CIPHER_GOST28147_TC26Z_CFB: GOST 28147-89 (Magma) cipher in CFB mode with TC26 Z S-box. + * @GNUTLS_CIPHER_GOST28147_CPA_CFB: GOST 28147-89 (Magma) cipher in CFB mode with CryptoPro A S-box. + * @GNUTLS_CIPHER_GOST28147_CPB_CFB: GOST 28147-89 (Magma) cipher in CFB mode with CryptoPro B S-box. + * @GNUTLS_CIPHER_GOST28147_CPC_CFB: GOST 28147-89 (Magma) cipher in CFB mode with CryptoPro C S-box. + * @GNUTLS_CIPHER_GOST28147_CPD_CFB: GOST 28147-89 (Magma) cipher in CFB mode with CryptoPro D S-box. * @GNUTLS_CIPHER_IDEA_PGP_CFB: IDEA in CFB mode (placeholder - unsupported). * @GNUTLS_CIPHER_3DES_PGP_CFB: 3DES in CFB mode (placeholder - unsupported). * @GNUTLS_CIPHER_CAST5_PGP_CFB: CAST5 in CFB mode (placeholder - unsupported). @@ -151,6 +156,11 @@ typedef enum gnutls_cipher_algorithm { GNUTLS_CIPHER_AES_128_CCM_8 = 21, GNUTLS_CIPHER_AES_256_CCM_8 = 22, GNUTLS_CIPHER_CHACHA20_POLY1305 = 23, + GNUTLS_CIPHER_GOST28147_TC26Z_CFB = 24, + GNUTLS_CIPHER_GOST28147_CPA_CFB = 25, + GNUTLS_CIPHER_GOST28147_CPB_CFB = 26, + GNUTLS_CIPHER_GOST28147_CPC_CFB = 27, + GNUTLS_CIPHER_GOST28147_CPD_CFB = 28, /* used only for PGP internals. Ignored in TLS/SSL */ @@ -253,6 +263,9 @@ typedef enum { * @GNUTLS_MAC_SHA512: HMAC-SHA-512 algorithm. * @GNUTLS_MAC_SHA224: HMAC-SHA-224 algorithm. * @GNUTLS_MAC_MD5_SHA1: Combined MD5+SHA1 MAC placeholder. + * @GNUTLS_MAC_GOSTR_94: HMAC GOST R 34.10-94 algorithm. + * @GNUTLS_MAC_STREEBOG_256: HMAC GOST R 34.10-2001 (Streebog) algorithm, 256 bit. + * @GNUTLS_MAC_STREEBOG_512: HMAC GOST R 34.10-2001 (Streebog) algorithm, 512 bit. * @GNUTLS_MAC_AEAD: MAC implicit through AEAD cipher. * @GNUTLS_MAC_UMAC_96: The UMAC-96 MAC algorithm. * @GNUTLS_MAC_UMAC_128: The UMAC-128 MAC algorithm. @@ -276,11 +289,14 @@ typedef enum { GNUTLS_MAC_SHA3_384 = 12, /* reserved: no implementation */ GNUTLS_MAC_SHA3_512 = 13, /* reserved: no implementation */ GNUTLS_MAC_MD5_SHA1 = 14, /* reserved: no implementation */ + GNUTLS_MAC_GOSTR_94 = 15, + GNUTLS_MAC_STREEBOG_256 = 16, + GNUTLS_MAC_STREEBOG_512 = 17, /* If you add anything here, make sure you align with gnutls_digest_algorithm_t. */ GNUTLS_MAC_AEAD = 200, /* indicates that MAC is on the cipher */ GNUTLS_MAC_UMAC_96 = 201, - GNUTLS_MAC_UMAC_128 = 202 + GNUTLS_MAC_UMAC_128 = 202, } gnutls_mac_algorithm_t; /** @@ -300,6 +316,9 @@ typedef enum { * @GNUTLS_DIG_SHA3_384: SHA3-384 algorithm. * @GNUTLS_DIG_SHA3_512: SHA3-512 algorithm. * @GNUTLS_DIG_MD5_SHA1: Combined MD5+SHA1 algorithm. + * @GNUTLS_DIG_GOSTR_94: GOST R 34.10-94 algorithm. + * @GNUTLS_DIG_STREEBOG_256: GOST R 34.10-2001 (Streebog) algorithm, 256 bit. + * @GNUTLS_DIG_STREEBOG_512: GOST R 34.10-2001 (Streebog) algorithm, 512 bit. * * Enumeration of different digest (hash) algorithms. */ @@ -318,7 +337,10 @@ typedef enum { GNUTLS_DIG_SHA3_256 = GNUTLS_MAC_SHA3_256, GNUTLS_DIG_SHA3_384 = GNUTLS_MAC_SHA3_384, GNUTLS_DIG_SHA3_512 = GNUTLS_MAC_SHA3_512, - GNUTLS_DIG_MD5_SHA1 = GNUTLS_MAC_MD5_SHA1 + GNUTLS_DIG_MD5_SHA1 = GNUTLS_MAC_MD5_SHA1, + GNUTLS_DIG_GOSTR_94 = GNUTLS_MAC_GOSTR_94, + GNUTLS_DIG_STREEBOG_256 = GNUTLS_MAC_STREEBOG_256, + GNUTLS_DIG_STREEBOG_512 = GNUTLS_MAC_STREEBOG_512 /* If you add anything here, make sure you align with gnutls_mac_algorithm_t. */ } gnutls_digest_algorithm_t; @@ -746,6 +768,9 @@ typedef enum gnutls_certificate_print_formats { * @GNUTLS_PK_ECDSA: Elliptic curve algorithm. These parameters are compatible with the ECDSA and ECDH algorithm. * @GNUTLS_PK_ECDH_X25519: Elliptic curve algorithm, restricted to ECDH as per rfc7748. * @GNUTLS_PK_EDDSA_ED25519: Edwards curve Digital signature algorithm. Used with SHA512 on signatures. + * @GNUTLS_PK_GOST_01: GOST R 34.10-2001 algorithm per rfc5832. + * @GNUTLS_PK_GOST_12_256: GOST R 34.10-2012 algorithm, 256-bit key per rfc7091. + * @GNUTLS_PK_GOST_12_512: GOST R 34.10-2012 algorithm, 512-bit key per rfc7091. * * Enumeration of different public-key algorithms. */ @@ -758,7 +783,10 @@ typedef enum { GNUTLS_PK_ECDH_X25519 = 5, GNUTLS_PK_RSA_PSS = 6, GNUTLS_PK_EDDSA_ED25519 = 7, - GNUTLS_PK_MAX = GNUTLS_PK_EDDSA_ED25519 + GNUTLS_PK_GOST_01 = 8, + GNUTLS_PK_GOST_12_256 = 9, + GNUTLS_PK_GOST_12_512 = 10, + GNUTLS_PK_MAX = GNUTLS_PK_GOST_12_512 } gnutls_pk_algorithm_t; @@ -819,6 +847,9 @@ const char *gnutls_pk_algorithm_get_name(gnutls_pk_algorithm_t algorithm); * @GNUTLS_SIGN_RSA_PSS_SHA384: Digital signature algorithm RSA with SHA-384, with PSS padding (RSA-PSS certificate). * @GNUTLS_SIGN_RSA_PSS_SHA512: Digital signature algorithm RSA with SHA-512, with PSS padding (RSA-PSS certificate). * @GNUTLS_SIGN_EDDSA_ED25519: Digital signature algorithm EdDSA with Ed25519 curve. + * @GNUTLS_SIGN_GOST_94: Digital signature algorithm GOST R 34.10-2001 with GOST R 34.11-94 + * @GNUTLS_SIGN_GOST_256: Digital signature algorithm GOST R 34.10-2001 with GOST R 34.11-2012 256 bit + * @GNUTLS_SIGN_GOST_512: Digital signature algorithm GOST R 34.10-2001 with GOST R 34.11-2012 512 bit * * Enumeration of different digital signature algorithms. */ @@ -871,7 +902,11 @@ typedef enum { GNUTLS_SIGN_RSA_PSS_RSAE_SHA256 = 40, GNUTLS_SIGN_RSA_PSS_RSAE_SHA384 = 41, GNUTLS_SIGN_RSA_PSS_RSAE_SHA512 = 42, - GNUTLS_SIGN_MAX = GNUTLS_SIGN_RSA_PSS_RSAE_SHA512 + + GNUTLS_SIGN_GOST_94 = 43, + GNUTLS_SIGN_GOST_256 = 44, + GNUTLS_SIGN_GOST_512 = 45, + GNUTLS_SIGN_MAX = GNUTLS_SIGN_GOST_512 } gnutls_sign_algorithm_t; /** @@ -884,6 +919,13 @@ typedef enum { * @GNUTLS_ECC_CURVE_SECP521R1: the SECP521R1 curve * @GNUTLS_ECC_CURVE_X25519: the X25519 curve (ECDH only) * @GNUTLS_ECC_CURVE_ED25519: the Ed25519 curve + * @GNUTLS_ECC_CURVE_GOST256CPA: GOST R 34.10 CryptoPro 256 A curve + * @GNUTLS_ECC_CURVE_GOST256CPB: GOST R 34.10 CryptoPro 256 B curve + * @GNUTLS_ECC_CURVE_GOST256CPC: GOST R 34.10 CryptoPro 256 C curve + * @GNUTLS_ECC_CURVE_GOST256CPXA: GOST R 34.10 CryptoPro 256 XchA curve + * @GNUTLS_ECC_CURVE_GOST256CPXB: GOST R 34.10 CryptoPro 256 XchB curve + * @GNUTLS_ECC_CURVE_GOST512A: GOST R 34.10 TC26 512 A curve + * @GNUTLS_ECC_CURVE_GOST512B: GOST R 34.10 TC26 512 B curve * * Enumeration of ECC curves. */ @@ -896,7 +938,14 @@ typedef enum { GNUTLS_ECC_CURVE_SECP192R1, GNUTLS_ECC_CURVE_X25519, GNUTLS_ECC_CURVE_ED25519, - GNUTLS_ECC_CURVE_MAX = GNUTLS_ECC_CURVE_ED25519 + GNUTLS_ECC_CURVE_GOST256CPA, + GNUTLS_ECC_CURVE_GOST256CPB, + GNUTLS_ECC_CURVE_GOST256CPC, + GNUTLS_ECC_CURVE_GOST256CPXA, + GNUTLS_ECC_CURVE_GOST256CPXB, + GNUTLS_ECC_CURVE_GOST512A, + GNUTLS_ECC_CURVE_GOST512B, + GNUTLS_ECC_CURVE_MAX = GNUTLS_ECC_CURVE_GOST512B } gnutls_ecc_curve_t; /** @@ -983,6 +1032,25 @@ typedef enum { GNUTLS_CB_TLS_UNIQUE } gnutls_channel_binding_t; +/** + * gnutls_gost_paramset_t: + * @GNUTLS_GOST_PARAMSET_UNKNOWN: Unknown/default parameter set + * @GNUTLS_GOST_PARAMSET_TC26_Z: Specified by TC26, see rfc7836 + * @GNUTLS_GOST_PARAMSET_CP_A: CryptoPro-A, see rfc4357 + * @GNUTLS_GOST_PARAMSET_CP_B: CryptoPro-B, see rfc4357 + * @GNUTLS_GOST_PARAMSET_CP_C: CryptoPro-C, see rfc4357 + * @GNUTLS_GOST_PARAMSET_CP_D: CryptoPro-D, see rfc4357 + * + * Enumeration of different GOST 28147 parameter sets. + */ +typedef enum { + GNUTLS_GOST_PARAMSET_UNKNOWN = 0, + GNUTLS_GOST_PARAMSET_TC26_Z, + GNUTLS_GOST_PARAMSET_CP_A, + GNUTLS_GOST_PARAMSET_CP_B, + GNUTLS_GOST_PARAMSET_CP_C, + GNUTLS_GOST_PARAMSET_CP_D +} gnutls_gost_paramset_t; /* If you want to change this, then also change the define in * gnutls_int.h, and recompile. @@ -1112,6 +1180,11 @@ const char * const char *gnutls_sign_get_oid(gnutls_sign_algorithm_t sign) __GNUTLS_CONST__; +const char * + gnutls_gost_paramset_get_name(gnutls_gost_paramset_t param) __GNUTLS_CONST__; +const char * + gnutls_gost_paramset_get_oid(gnutls_gost_paramset_t param) __GNUTLS_CONST__; + size_t gnutls_cipher_get_key_size(gnutls_cipher_algorithm_t algorithm) __GNUTLS_CONST__; size_t @@ -1169,6 +1242,8 @@ gnutls_sign_algorithm_t gnutls_oid_to_sign(const char *oid) __GNUTLS_CONST__; gnutls_ecc_curve_t gnutls_oid_to_ecc_curve(const char *oid) __GNUTLS_CONST__; +gnutls_gost_paramset_t + gnutls_oid_to_gost_paramset(const char *oid) __GNUTLS_CONST__; /* list supported algorithms */ const gnutls_ecc_curve_t * |