diff options
Diffstat (limited to 'manual/html_node/Abstract-key-API.html')
-rw-r--r-- | manual/html_node/Abstract-key-API.html | 2279 |
1 files changed, 0 insertions, 2279 deletions
diff --git a/manual/html_node/Abstract-key-API.html b/manual/html_node/Abstract-key-API.html deleted file mode 100644 index d247cd9bc4..0000000000 --- a/manual/html_node/Abstract-key-API.html +++ /dev/null @@ -1,2279 +0,0 @@ -<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> -<html> -<!-- This manual is last updated 4 March 2015 for version -3.5.4 of GnuTLS. - -Copyright (C) 2001-2015 Free Software Foundation, Inc.\\ -Copyright (C) 2001-2015 Nikos Mavrogiannopoulos - -Permission is granted to copy, distribute and/or modify this document -under the terms of the GNU Free Documentation License, Version 1.3 or -any later version published by the Free Software Foundation; with no -Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A -copy of the license is included in the section entitled "GNU Free -Documentation License". --> -<!-- Created by GNU Texinfo 6.1, http://www.gnu.org/software/texinfo/ --> -<head> -<title>GnuTLS 3.5.4: Abstract key API</title> - -<meta name="description" content="GnuTLS 3.5.4: Abstract key API"> -<meta name="keywords" content="GnuTLS 3.5.4: Abstract key API"> -<meta name="resource-type" content="document"> -<meta name="distribution" content="global"> -<meta name="Generator" content="makeinfo"> -<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> -<link href="index.html#Top" rel="start" title="Top"> -<link href="Function-and-Data-Index.html#Function-and-Data-Index" rel="index" title="Function and Data Index"> -<link href="index.html#SEC_Contents" rel="contents" title="Table of Contents"> -<link href="API-reference.html#API-reference" rel="up" title="API reference"> -<link href="Socket-specific-API.html#Socket-specific-API" rel="next" title="Socket specific API"> -<link href="TPM-API.html#TPM-API" rel="prev" title="TPM API"> -<style type="text/css"> -<!-- -a.summary-letter {text-decoration: none} -blockquote.indentedblock {margin-right: 0em} -blockquote.smallindentedblock {margin-right: 0em; font-size: smaller} -blockquote.smallquotation {font-size: smaller} -div.display {margin-left: 3.2em} -div.example {margin-left: 3.2em} -div.lisp {margin-left: 3.2em} -div.smalldisplay {margin-left: 3.2em} -div.smallexample {margin-left: 3.2em} -div.smalllisp {margin-left: 3.2em} -kbd {font-style: oblique} -pre.display {font-family: inherit} -pre.format {font-family: inherit} -pre.menu-comment {font-family: serif} -pre.menu-preformatted {font-family: serif} -pre.smalldisplay {font-family: inherit; font-size: smaller} -pre.smallexample {font-size: smaller} -pre.smallformat {font-family: inherit; font-size: smaller} -pre.smalllisp {font-size: smaller} -span.nolinebreak {white-space: nowrap} -span.roman {font-family: initial; font-weight: normal} -span.sansserif {font-family: sans-serif; font-weight: normal} -ul.no-bullet {list-style: none} -body { - margin: 2%; - padding: 0 5%; - background: #ffffff; -} -h1,h2,h3,h4,h5 { - font-weight: bold; - padding: 5px 5px 5px 5px; - background-color: #c2e0ff; - color: #336699; -} -h1 { - padding: 2em 2em 2em 5%; - color: white; - background: #336699; - text-align: center; - letter-spacing: 3px; -} -h2 { text-decoration: underline; } -pre { - margin: 0 5%; - padding: 0.5em; -} -pre.example,pre.verbatim { - padding-bottom: 1em; - - border: solid #c2e0ff; - background: #f0faff; - border-width: 1px 1px 1px 5px; - margin: 1em auto; - width: 90%; -} - -div.node { - margin: 0 -5% 0 -2%; - padding: 0.5em 0.5em; - margin-top: 0.5em; - margin-bottom: 0.5em; - font-weight: bold; -} -dd, li { - padding-top: 0.1em; - padding-bottom: 0.1em; -} -div.float { - - margin-bottom: 0.5em; - text-align: center; -} - -table { - text-align: left; - margin-left:auto; - margin-right:auto; - border-spacing: 7px; - width: 50%; -} - -th { - padding: 0; - color: #336699; - background-color: #c2e0ff; - border: solid #000000; - border-width: 0px; - margin: 1em auto; - text-align: center; - margin-left:auto; - margin-right:auto; -} - -td { - padding: 0; - border: solid #000000; - background-color: #f0faff; - border-width: 0px; - margin: 1em auto; - text-align: left; - margin-left:auto; - margin-right:auto; - padding-left: 1em; -} - -dl { - text-align: left; - margin-left:auto; - margin-right:auto; - width: 50%; - - padding-left: 1em; - border: solid #c2e0ff; - background: #f0faff; - border-width: 5px 1px 1px 1px; - margin: 1em auto; -} - ---> -</style> - - -</head> - -<body lang="en"> -<a name="Abstract-key-API"></a> -<div class="header"> -<p> -Next: <a href="Socket-specific-API.html#Socket-specific-API" accesskey="n" rel="next">Socket specific API</a>, Previous: <a href="TPM-API.html#TPM-API" accesskey="p" rel="prev">TPM API</a>, Up: <a href="API-reference.html#API-reference" accesskey="u" rel="up">API reference</a> [<a href="index.html#SEC_Contents" title="Table of contents" rel="contents">Contents</a>][<a href="Function-and-Data-Index.html#Function-and-Data-Index" title="Index" rel="index">Index</a>]</p> -</div> -<hr> -<a name="Abstract-key-API-1"></a> -<h3 class="section">E.10 Abstract key API</h3> - -<p>The following functions are to be used for abstract key handling. -Their prototypes lie in <samp>gnutls/abstract.h</samp>. -</p> - -<a name="gnutls_005fcertificate_005fset_005fkey-1"></a> -<h4 class="subheading">gnutls_certificate_set_key</h4> -<a name="gnutls_005fcertificate_005fset_005fkey"></a><dl> -<dt><a name="index-gnutls_005fcertificate_005fset_005fkey-1"></a>Function: <em>int</em> <strong>gnutls_certificate_set_key</strong> <em>(gnutls_certificate_credentials_t <var>res</var>, const char ** <var>names</var>, int <var>names_size</var>, gnutls_pcert_st * <var>pcert_list</var>, int <var>pcert_list_size</var>, gnutls_privkey_t <var>key</var>)</em></dt> -<dd><p><var>res</var>: is a <code>gnutls_certificate_credentials_t</code> type. -</p> -<p><var>names</var>: is an array of DNS name of the certificate (NULL if none) -</p> -<p><var>names_size</var>: holds the size of the names list -</p> -<p><var>pcert_list</var>: contains a certificate list (path) for the specified private key -</p> -<p><var>pcert_list_size</var>: holds the size of the certificate list -</p> -<p><var>key</var>: is a <code>gnutls_privkey_t</code> key -</p> -<p>This function sets a certificate/private key pair in the -gnutls_certificate_credentials_t type. This function may be -called more than once, in case multiple keys/certificates exist for -the server. For clients that wants to send more than its own end -entity certificate (e.g., also an intermediate CA cert) then put -the certificate chain in <code>pcert_list</code> . -</p> -<p>Note that the <code>key</code> and the elements of <code>pcert_list</code> will become part of the credentials -structure and must not be deallocated. They will be automatically deallocated -when the <code>res</code> type is deinitialized. -</p> -<p>If that function fails to load the <code>res</code> structure is at an undefined state, it must -not be reused to load other keys or certificates. -</p> -<p><strong>Returns:</strong> <code>GNUTLS_E_SUCCESS</code> (0) on success, or a negative error code. -</p> -<p><strong>Since:</strong> 3.0 -</p></dd></dl> - -<a name="gnutls_005fcertificate_005fset_005fretrieve_005ffunction2-1"></a> -<h4 class="subheading">gnutls_certificate_set_retrieve_function2</h4> -<a name="gnutls_005fcertificate_005fset_005fretrieve_005ffunction2"></a><dl> -<dt><a name="index-gnutls_005fcertificate_005fset_005fretrieve_005ffunction2"></a>Function: <em>void</em> <strong>gnutls_certificate_set_retrieve_function2</strong> <em>(gnutls_certificate_credentials_t <var>cred</var>, gnutls_certificate_retrieve_function2 * <var>func</var>)</em></dt> -<dd><p><var>cred</var>: is a <code>gnutls_certificate_credentials_t</code> type. -</p> -<p><var>func</var>: is the callback function -</p> -<p>This function sets a callback to be called in order to retrieve the -certificate to be used in the handshake. The callback will take control -only if a certificate is requested by the peer. -</p> -<p>The callback’s function prototype is: -int (*callback)(gnutls_session_t, const gnutls_datum_t* req_ca_dn, int nreqs, -const gnutls_pk_algorithm_t* pk_algos, int pk_algos_length, gnutls_pcert_st** pcert, -unsigned int *pcert_length, gnutls_privkey_t * pkey); -</p> -<p><code>req_ca_dn</code> is only used in X.509 certificates. -Contains a list with the CA names that the server considers trusted. -This is a hint and typically the client should send a certificate that is signed -by one of these CAs. These names, when available, are DER encoded. To get a more -meaningful value use the function <code>gnutls_x509_rdn_get()</code> . -</p> -<p><code>pk_algos</code> contains a list with server’s acceptable signature algorithms. -The certificate returned should support the server’s given algorithms. -</p> -<p><code>pcert</code> should contain a single certificate and public key or a list of them. -</p> -<p><code>pcert_length</code> is the size of the previous list. -</p> -<p><code>pkey</code> is the private key. -</p> -<p>If the callback function is provided then gnutls will call it, in the -handshake, after the certificate request message has been received. -All the provided by the callback values will not be released or -modified by gnutls. -</p> -<p>In server side pk_algos and req_ca_dn are NULL. -</p> -<p>The callback function should set the certificate list to be sent, -and return 0 on success. If no certificate was selected then the -number of certificates should be set to zero. The value (-1) -indicates error and the handshake will be terminated. If both certificates -are set in the credentials and a callback is available, the callback -takes predence. -</p> -<p><strong>Since:</strong> 3.0 -</p></dd></dl> - -<a name="gnutls_005fpcert_005fdeinit-1"></a> -<h4 class="subheading">gnutls_pcert_deinit</h4> -<a name="gnutls_005fpcert_005fdeinit"></a><dl> -<dt><a name="index-gnutls_005fpcert_005fdeinit"></a>Function: <em>void</em> <strong>gnutls_pcert_deinit</strong> <em>(gnutls_pcert_st * <var>pcert</var>)</em></dt> -<dd><p><var>pcert</var>: The structure to be deinitialized -</p> -<p>This function will deinitialize a pcert structure. -</p> -<p><strong>Since:</strong> 3.0 -</p></dd></dl> - -<a name="gnutls_005fpcert_005fexport_005fopenpgp-1"></a> -<h4 class="subheading">gnutls_pcert_export_openpgp</h4> -<a name="gnutls_005fpcert_005fexport_005fopenpgp"></a><dl> -<dt><a name="index-gnutls_005fpcert_005fexport_005fopenpgp"></a>Function: <em>int</em> <strong>gnutls_pcert_export_openpgp</strong> <em>(gnutls_pcert_st * <var>pcert</var>, gnutls_openpgp_crt_t * <var>crt</var>)</em></dt> -<dd><p><var>pcert</var>: The pcert structure. -</p> -<p><var>crt</var>: An initialized <code>gnutls_openpgp_crt_t</code> . -</p> -<p>Converts the given <code>gnutls_pcert_t</code> type into a <code>gnutls_openpgp_crt_t</code> . -This function only works if the type of <code>pcert</code> is <code>GNUTLS_CRT_OPENPGP</code> . -When successful, the value written to <code>crt</code> must be freed with -<code>gnutls_openpgp_crt_deinit()</code> when no longer needed. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.4.0 -</p></dd></dl> - -<a name="gnutls_005fpcert_005fexport_005fx509-1"></a> -<h4 class="subheading">gnutls_pcert_export_x509</h4> -<a name="gnutls_005fpcert_005fexport_005fx509"></a><dl> -<dt><a name="index-gnutls_005fpcert_005fexport_005fx509"></a>Function: <em>int</em> <strong>gnutls_pcert_export_x509</strong> <em>(gnutls_pcert_st * <var>pcert</var>, gnutls_x509_crt_t * <var>crt</var>)</em></dt> -<dd><p><var>pcert</var>: The pcert structure. -</p> -<p><var>crt</var>: An initialized <code>gnutls_x509_crt_t</code> . -</p> -<p>Converts the given <code>gnutls_pcert_t</code> type into a <code>gnutls_x509_crt_t</code> . -This function only works if the type of <code>pcert</code> is <code>GNUTLS_CRT_X509</code> . -When successful, the value written to <code>crt</code> must be freed with -<code>gnutls_x509_crt_deinit()</code> when no longer needed. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.4.0 -</p></dd></dl> - -<a name="gnutls_005fpcert_005fimport_005fopenpgp-1"></a> -<h4 class="subheading">gnutls_pcert_import_openpgp</h4> -<a name="gnutls_005fpcert_005fimport_005fopenpgp"></a><dl> -<dt><a name="index-gnutls_005fpcert_005fimport_005fopenpgp"></a>Function: <em>int</em> <strong>gnutls_pcert_import_openpgp</strong> <em>(gnutls_pcert_st * <var>pcert</var>, gnutls_openpgp_crt_t <var>crt</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>pcert</var>: The pcert structure -</p> -<p><var>crt</var>: The raw certificate to be imported -</p> -<p><var>flags</var>: zero for now -</p> -<p>This convenience function will import the given certificate to a -<code>gnutls_pcert_st</code> structure. The structure must be deinitialized -afterwards using <code>gnutls_pcert_deinit()</code> ; -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.0 -</p></dd></dl> - -<a name="gnutls_005fpcert_005fimport_005fopenpgp_005fraw-1"></a> -<h4 class="subheading">gnutls_pcert_import_openpgp_raw</h4> -<a name="gnutls_005fpcert_005fimport_005fopenpgp_005fraw"></a><dl> -<dt><a name="index-gnutls_005fpcert_005fimport_005fopenpgp_005fraw"></a>Function: <em>int</em> <strong>gnutls_pcert_import_openpgp_raw</strong> <em>(gnutls_pcert_st * <var>pcert</var>, const gnutls_datum_t * <var>cert</var>, gnutls_openpgp_crt_fmt_t <var>format</var>, gnutls_openpgp_keyid_t <var>keyid</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>pcert</var>: The pcert structure -</p> -<p><var>cert</var>: The raw certificate to be imported -</p> -<p><var>format</var>: The format of the certificate -</p> -<p><var>keyid</var>: The key ID to use (NULL for the master key) -</p> -<p><var>flags</var>: zero for now -</p> -<p>This convenience function will import the given certificate to a -<code>gnutls_pcert_st</code> structure. The structure must be deinitialized -afterwards using <code>gnutls_pcert_deinit()</code> ; -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.0 -</p></dd></dl> - -<a name="gnutls_005fpcert_005fimport_005fx509-1"></a> -<h4 class="subheading">gnutls_pcert_import_x509</h4> -<a name="gnutls_005fpcert_005fimport_005fx509"></a><dl> -<dt><a name="index-gnutls_005fpcert_005fimport_005fx509"></a>Function: <em>int</em> <strong>gnutls_pcert_import_x509</strong> <em>(gnutls_pcert_st * <var>pcert</var>, gnutls_x509_crt_t <var>crt</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>pcert</var>: The pcert structure -</p> -<p><var>crt</var>: The certificate to be imported -</p> -<p><var>flags</var>: zero for now -</p> -<p>This convenience function will import the given certificate to a -<code>gnutls_pcert_st</code> structure. The structure must be deinitialized -afterwards using <code>gnutls_pcert_deinit()</code> ; -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.0 -</p></dd></dl> - -<a name="gnutls_005fpcert_005fimport_005fx509_005flist-1"></a> -<h4 class="subheading">gnutls_pcert_import_x509_list</h4> -<a name="gnutls_005fpcert_005fimport_005fx509_005flist"></a><dl> -<dt><a name="index-gnutls_005fpcert_005fimport_005fx509_005flist"></a>Function: <em>int</em> <strong>gnutls_pcert_import_x509_list</strong> <em>(gnutls_pcert_st * <var>pcert</var>, gnutls_x509_crt_t * <var>crt</var>, unsigned * <var>ncrt</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>pcert</var>: The pcert structure -</p> -<p><var>crt</var>: The certificates to be imported -</p> -<p><var>ncrt</var>: The number of certificates -</p> -<p><var>flags</var>: zero or <code>GNUTLS_X509_CRT_LIST_SORT</code> -</p> -<p>This convenience function will import the given certificate to a -<code>gnutls_pcert_st</code> structure. The structure must be deinitialized -afterwards using <code>gnutls_pcert_deinit()</code> ; -</p> -<p>In the case <code>GNUTLS_X509_CRT_LIST_SORT</code> is specified and that -function cannot sort the list, <code>GNUTLS_E_CERTIFICATE_LIST_UNSORTED</code> -will be returned. Currently sorting can fail if the list size -exceeds an internal constraint (16). -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.4.0 -</p></dd></dl> - -<a name="gnutls_005fpcert_005fimport_005fx509_005fraw-1"></a> -<h4 class="subheading">gnutls_pcert_import_x509_raw</h4> -<a name="gnutls_005fpcert_005fimport_005fx509_005fraw"></a><dl> -<dt><a name="index-gnutls_005fpcert_005fimport_005fx509_005fraw"></a>Function: <em>int</em> <strong>gnutls_pcert_import_x509_raw</strong> <em>(gnutls_pcert_st * <var>pcert</var>, const gnutls_datum_t * <var>cert</var>, gnutls_x509_crt_fmt_t <var>format</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>pcert</var>: The pcert structure -</p> -<p><var>cert</var>: The raw certificate to be imported -</p> -<p><var>format</var>: The format of the certificate -</p> -<p><var>flags</var>: zero for now -</p> -<p>This convenience function will import the given certificate to a -<code>gnutls_pcert_st</code> structure. The structure must be deinitialized -afterwards using <code>gnutls_pcert_deinit()</code> ; -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.0 -</p></dd></dl> - -<a name="gnutls_005fpcert_005flist_005fimport_005fx509_005fraw-1"></a> -<h4 class="subheading">gnutls_pcert_list_import_x509_raw</h4> -<a name="gnutls_005fpcert_005flist_005fimport_005fx509_005fraw"></a><dl> -<dt><a name="index-gnutls_005fpcert_005flist_005fimport_005fx509_005fraw"></a>Function: <em>int</em> <strong>gnutls_pcert_list_import_x509_raw</strong> <em>(gnutls_pcert_st * <var>pcerts</var>, unsigned int * <var>pcert_max</var>, const gnutls_datum_t * <var>data</var>, gnutls_x509_crt_fmt_t <var>format</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>pcerts</var>: The structures to store the parsed certificate. Must not be initialized. -</p> -<p><var>pcert_max</var>: Initially must hold the maximum number of certs. It will be updated with the number of certs available. -</p> -<p><var>data</var>: The certificates. -</p> -<p><var>format</var>: One of DER or PEM. -</p> -<p><var>flags</var>: must be (0) or an OR’d sequence of gnutls_certificate_import_flags. -</p> -<p>This function will convert the given PEM encoded certificate list -to the native gnutls_x509_crt_t format. The output will be stored -in <code>certs</code> . They will be automatically initialized. -</p> -<p>If the Certificate is PEM encoded it should have a header of "X509 -CERTIFICATE", or "CERTIFICATE". -</p> -<p><strong>Returns:</strong> the number of certificates read or a negative error value. -</p> -<p><strong>Since:</strong> 3.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fdecrypt_005fdata-1"></a> -<h4 class="subheading">gnutls_privkey_decrypt_data</h4> -<a name="gnutls_005fprivkey_005fdecrypt_005fdata"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fdecrypt_005fdata-1"></a>Function: <em>int</em> <strong>gnutls_privkey_decrypt_data</strong> <em>(gnutls_privkey_t <var>key</var>, unsigned int <var>flags</var>, const gnutls_datum_t * <var>ciphertext</var>, gnutls_datum_t * <var>plaintext</var>)</em></dt> -<dd><p><var>key</var>: Holds the key -</p> -<p><var>flags</var>: zero for now -</p> -<p><var>ciphertext</var>: holds the data to be decrypted -</p> -<p><var>plaintext</var>: will contain the decrypted data, allocated with <code>gnutls_malloc()</code> -</p> -<p>This function will decrypt the given data using the algorithm -supported by the private key. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 2.12.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fdeinit-1"></a> -<h4 class="subheading">gnutls_privkey_deinit</h4> -<a name="gnutls_005fprivkey_005fdeinit"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fdeinit"></a>Function: <em>void</em> <strong>gnutls_privkey_deinit</strong> <em>(gnutls_privkey_t <var>key</var>)</em></dt> -<dd><p><var>key</var>: The key to be deinitialized -</p> -<p>This function will deinitialize a private key structure. -</p> -<p><strong>Since:</strong> 2.12.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fexport_005fdsa_005fraw-1"></a> -<h4 class="subheading">gnutls_privkey_export_dsa_raw</h4> -<a name="gnutls_005fprivkey_005fexport_005fdsa_005fraw"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fexport_005fdsa_005fraw"></a>Function: <em>int</em> <strong>gnutls_privkey_export_dsa_raw</strong> <em>(gnutls_privkey_t <var>key</var>, gnutls_datum_t * <var>p</var>, gnutls_datum_t * <var>q</var>, gnutls_datum_t * <var>g</var>, gnutls_datum_t * <var>y</var>, gnutls_datum_t * <var>x</var>)</em></dt> -<dd><p><var>key</var>: Holds the public key -</p> -<p><var>p</var>: will hold the p -</p> -<p><var>q</var>: will hold the q -</p> -<p><var>g</var>: will hold the g -</p> -<p><var>y</var>: will hold the y -</p> -<p><var>x</var>: will hold the x -</p> -<p>This function will export the DSA private key’s parameters found -in the given structure. The new parameters will be allocated using -<code>gnutls_malloc()</code> and will be stored in the appropriate datum. -</p> -<p><strong>Returns:</strong> <code>GNUTLS_E_SUCCESS</code> on success, otherwise a negative error code. -</p> -<p><strong>Since:</strong> 3.3.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fexport_005fecc_005fraw-1"></a> -<h4 class="subheading">gnutls_privkey_export_ecc_raw</h4> -<a name="gnutls_005fprivkey_005fexport_005fecc_005fraw"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fexport_005fecc_005fraw"></a>Function: <em>int</em> <strong>gnutls_privkey_export_ecc_raw</strong> <em>(gnutls_privkey_t <var>key</var>, gnutls_ecc_curve_t * <var>curve</var>, gnutls_datum_t * <var>x</var>, gnutls_datum_t * <var>y</var>, gnutls_datum_t * <var>k</var>)</em></dt> -<dd><p><var>key</var>: Holds the public key -</p> -<p><var>curve</var>: will hold the curve -</p> -<p><var>x</var>: will hold the x coordinate -</p> -<p><var>y</var>: will hold the y coordinate -</p> -<p><var>k</var>: will hold the private key -</p> -<p>This function will export the ECC private key’s parameters found -in the given structure. The new parameters will be allocated using -<code>gnutls_malloc()</code> and will be stored in the appropriate datum. -</p> -<p><strong>Returns:</strong> <code>GNUTLS_E_SUCCESS</code> on success, otherwise a negative error code. -</p> -<p><strong>Since:</strong> 3.3.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fexport_005fopenpgp-1"></a> -<h4 class="subheading">gnutls_privkey_export_openpgp</h4> -<a name="gnutls_005fprivkey_005fexport_005fopenpgp"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fexport_005fopenpgp"></a>Function: <em>int</em> <strong>gnutls_privkey_export_openpgp</strong> <em>(gnutls_privkey_t <var>pkey</var>, gnutls_openpgp_privkey_t * <var>key</var>)</em></dt> -<dd><p><var>pkey</var>: The private key -</p> -<p><var>key</var>: Location for the key to be exported. -</p> -<p>Converts the given abstract private key to a <code>gnutls_openpgp_privkey_t</code> -type. The key must be of type <code>GNUTLS_PRIVKEY_OPENPGP</code> . The key -returned in <code>key</code> must be deinitialized with -<code>gnutls_openpgp_privkey_deinit()</code> . -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.4.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fexport_005fpkcs11-1"></a> -<h4 class="subheading">gnutls_privkey_export_pkcs11</h4> -<a name="gnutls_005fprivkey_005fexport_005fpkcs11"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fexport_005fpkcs11"></a>Function: <em>int</em> <strong>gnutls_privkey_export_pkcs11</strong> <em>(gnutls_privkey_t <var>pkey</var>, gnutls_pkcs11_privkey_t * <var>key</var>)</em></dt> -<dd><p><var>pkey</var>: The private key -</p> -<p><var>key</var>: Location for the key to be exported. -</p> -<p>Converts the given abstract private key to a <code>gnutls_pkcs11_privkey_t</code> -type. The key must be of type <code>GNUTLS_PRIVKEY_PKCS11</code> . The key -returned in <code>key</code> must be deinitialized with -<code>gnutls_pkcs11_privkey_deinit()</code> . -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.4.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fexport_005frsa_005fraw-1"></a> -<h4 class="subheading">gnutls_privkey_export_rsa_raw</h4> -<a name="gnutls_005fprivkey_005fexport_005frsa_005fraw"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fexport_005frsa_005fraw"></a>Function: <em>int</em> <strong>gnutls_privkey_export_rsa_raw</strong> <em>(gnutls_privkey_t <var>key</var>, gnutls_datum_t * <var>m</var>, gnutls_datum_t * <var>e</var>, gnutls_datum_t * <var>d</var>, gnutls_datum_t * <var>p</var>, gnutls_datum_t * <var>q</var>, gnutls_datum_t * <var>u</var>, gnutls_datum_t * <var>e1</var>, gnutls_datum_t * <var>e2</var>)</em></dt> -<dd><p><var>key</var>: Holds the certificate -</p> -<p><var>m</var>: will hold the modulus -</p> -<p><var>e</var>: will hold the public exponent -</p> -<p><var>d</var>: will hold the private exponent -</p> -<p><var>p</var>: will hold the first prime (p) -</p> -<p><var>q</var>: will hold the second prime (q) -</p> -<p><var>u</var>: will hold the coefficient -</p> -<p><var>e1</var>: will hold e1 = d mod (p-1) -</p> -<p><var>e2</var>: will hold e2 = d mod (q-1) -</p> -<p>This function will export the RSA private key’s parameters found -in the given structure. The new parameters will be allocated using -<code>gnutls_malloc()</code> and will be stored in the appropriate datum. -</p> -<p><strong>Returns:</strong> <code>GNUTLS_E_SUCCESS</code> on success, otherwise a negative error code. -</p> -<p><strong>Since:</strong> 3.3.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fexport_005fx509-1"></a> -<h4 class="subheading">gnutls_privkey_export_x509</h4> -<a name="gnutls_005fprivkey_005fexport_005fx509"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fexport_005fx509"></a>Function: <em>int</em> <strong>gnutls_privkey_export_x509</strong> <em>(gnutls_privkey_t <var>pkey</var>, gnutls_x509_privkey_t * <var>key</var>)</em></dt> -<dd><p><var>pkey</var>: The private key -</p> -<p><var>key</var>: Location for the key to be exported. -</p> -<p>Converts the given abstract private key to a <code>gnutls_x509_privkey_t</code> -type. The key must be of type <code>GNUTLS_PRIVKEY_X509</code> . The key returned -in <code>key</code> must be deinitialized with <code>gnutls_x509_privkey_deinit()</code> . -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.4.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fgenerate-1"></a> -<h4 class="subheading">gnutls_privkey_generate</h4> -<a name="gnutls_005fprivkey_005fgenerate"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fgenerate"></a>Function: <em>int</em> <strong>gnutls_privkey_generate</strong> <em>(gnutls_privkey_t <var>pkey</var>, gnutls_pk_algorithm_t <var>algo</var>, unsigned int <var>bits</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>pkey</var>: An initialized private key -</p> -<p><var>algo</var>: is one of the algorithms in <code>gnutls_pk_algorithm_t</code> . -</p> -<p><var>bits</var>: the size of the parameters to generate -</p> -<p><var>flags</var>: Must be zero or flags from <code>gnutls_privkey_flags_t</code> . -</p> -<p>This function will generate a random private key. Note that this -function must be called on an empty private key. The flag <code>GNUTLS_PRIVKEY_FLAG_PROVABLE</code> -instructs the key generation process to use algorithms which generate -provable parameters out of a seed. -</p> -<p>Note that when generating an elliptic curve key, the curve -can be substituted in the place of the bits parameter using the -<code>GNUTLS_CURVE_TO_BITS()</code> macro. The input to the macro is any curve from -<code>gnutls_ecc_curve_t</code> . -</p> -<p>For DSA keys, if the subgroup size needs to be specified check -the <code>GNUTLS_SUBGROUP_TO_BITS()</code> macro. -</p> -<p>It is recommended to do not set the number of <code>bits</code> directly, use <code>gnutls_sec_param_to_pk_bits()</code> instead . -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.3.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fgenerate2-1"></a> -<h4 class="subheading">gnutls_privkey_generate2</h4> -<a name="gnutls_005fprivkey_005fgenerate2"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fgenerate2"></a>Function: <em>int</em> <strong>gnutls_privkey_generate2</strong> <em>(gnutls_privkey_t <var>pkey</var>, gnutls_pk_algorithm_t <var>algo</var>, unsigned int <var>bits</var>, unsigned int <var>flags</var>, const gnutls_keygen_data_st * <var>data</var>, unsigned <var>data_size</var>)</em></dt> -<dd><p><var>pkey</var>: The private key -</p> -<p><var>algo</var>: is one of the algorithms in <code>gnutls_pk_algorithm_t</code> . -</p> -<p><var>bits</var>: the size of the modulus -</p> -<p><var>flags</var>: Must be zero or flags from <code>gnutls_privkey_flags_t</code> . -</p> -<p><var>data</var>: Allow specifying <code>gnutls_keygen_data_st</code> types such as the seed to be used. -</p> -<p><var>data_size</var>: The number of <code>data</code> available. -</p> -<p>This function will generate a random private key. Note that this -function must be called on an empty private key. The flag <code>GNUTLS_PRIVKEY_FLAG_PROVABLE</code> -instructs the key generation process to use algorithms like Shawe-Taylor -which generate provable parameters out of a seed. -</p> -<p>Note that when generating an elliptic curve key, the curve -can be substituted in the place of the bits parameter using the -<code>GNUTLS_CURVE_TO_BITS()</code> macro. -</p> -<p>Do not set the number of bits directly, use <code>gnutls_sec_param_to_pk_bits()</code> . -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.5.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fget_005fpk_005falgorithm-1"></a> -<h4 class="subheading">gnutls_privkey_get_pk_algorithm</h4> -<a name="gnutls_005fprivkey_005fget_005fpk_005falgorithm"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fget_005fpk_005falgorithm"></a>Function: <em>int</em> <strong>gnutls_privkey_get_pk_algorithm</strong> <em>(gnutls_privkey_t <var>key</var>, unsigned int * <var>bits</var>)</em></dt> -<dd><p><var>key</var>: should contain a <code>gnutls_privkey_t</code> type -</p> -<p><var>bits</var>: If set will return the number of bits of the parameters (may be NULL) -</p> -<p>This function will return the public key algorithm of a private -key and if possible will return a number of bits that indicates -the security parameter of the key. -</p> -<p><strong>Returns:</strong> a member of the <code>gnutls_pk_algorithm_t</code> enumeration on -success, or a negative error code on error. -</p> -<p><strong>Since:</strong> 2.12.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fget_005fseed-1"></a> -<h4 class="subheading">gnutls_privkey_get_seed</h4> -<a name="gnutls_005fprivkey_005fget_005fseed"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fget_005fseed"></a>Function: <em>int</em> <strong>gnutls_privkey_get_seed</strong> <em>(gnutls_privkey_t <var>key</var>, gnutls_digest_algorithm_t * <var>digest</var>, void * <var>seed</var>, size_t * <var>seed_size</var>)</em></dt> -<dd><p><var>key</var>: should contain a <code>gnutls_privkey_t</code> type -</p> -<p><var>digest</var>: if non-NULL it will contain the digest algorithm used for key generation (if applicable) -</p> -<p><var>seed</var>: where seed will be copied to -</p> -<p><var>seed_size</var>: originally holds the size of <code>seed</code> , will be updated with actual size -</p> -<p>This function will return the seed that was used to generate the -given private key. That function will succeed only if the key was generated -as a provable key. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.5.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fget_005ftype-1"></a> -<h4 class="subheading">gnutls_privkey_get_type</h4> -<a name="gnutls_005fprivkey_005fget_005ftype"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fget_005ftype"></a>Function: <em>gnutls_privkey_type_t</em> <strong>gnutls_privkey_get_type</strong> <em>(gnutls_privkey_t <var>key</var>)</em></dt> -<dd><p><var>key</var>: should contain a <code>gnutls_privkey_t</code> type -</p> -<p>This function will return the type of the private key. This is -actually the type of the subsystem used to set this private key. -</p> -<p><strong>Returns:</strong> a member of the <code>gnutls_privkey_type_t</code> enumeration on -success, or a negative error code on error. -</p> -<p><strong>Since:</strong> 2.12.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fimport_005fdsa_005fraw-1"></a> -<h4 class="subheading">gnutls_privkey_import_dsa_raw</h4> -<a name="gnutls_005fprivkey_005fimport_005fdsa_005fraw"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fimport_005fdsa_005fraw"></a>Function: <em>int</em> <strong>gnutls_privkey_import_dsa_raw</strong> <em>(gnutls_privkey_t <var>key</var>, const gnutls_datum_t * <var>p</var>, const gnutls_datum_t * <var>q</var>, const gnutls_datum_t * <var>g</var>, const gnutls_datum_t * <var>y</var>, const gnutls_datum_t * <var>x</var>)</em></dt> -<dd><p><var>key</var>: The structure to store the parsed key -</p> -<p><var>p</var>: holds the p -</p> -<p><var>q</var>: holds the q -</p> -<p><var>g</var>: holds the g -</p> -<p><var>y</var>: holds the y -</p> -<p><var>x</var>: holds the x -</p> -<p>This function will convert the given DSA raw parameters to the -native <code>gnutls_privkey_t</code> format. The output will be stored -in <code>key</code> . -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fimport_005fecc_005fraw-1"></a> -<h4 class="subheading">gnutls_privkey_import_ecc_raw</h4> -<a name="gnutls_005fprivkey_005fimport_005fecc_005fraw"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fimport_005fecc_005fraw"></a>Function: <em>int</em> <strong>gnutls_privkey_import_ecc_raw</strong> <em>(gnutls_privkey_t <var>key</var>, gnutls_ecc_curve_t <var>curve</var>, const gnutls_datum_t * <var>x</var>, const gnutls_datum_t * <var>y</var>, const gnutls_datum_t * <var>k</var>)</em></dt> -<dd><p><var>key</var>: The key -</p> -<p><var>curve</var>: holds the curve -</p> -<p><var>x</var>: holds the x -</p> -<p><var>y</var>: holds the y -</p> -<p><var>k</var>: holds the k -</p> -<p>This function will convert the given elliptic curve parameters to the -native <code>gnutls_privkey_t</code> format. The output will be stored -in <code>key</code> . -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fimport_005fext-1"></a> -<h4 class="subheading">gnutls_privkey_import_ext</h4> -<a name="gnutls_005fprivkey_005fimport_005fext"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fimport_005fext"></a>Function: <em>int</em> <strong>gnutls_privkey_import_ext</strong> <em>(gnutls_privkey_t <var>pkey</var>, gnutls_pk_algorithm_t <var>pk</var>, void * <var>userdata</var>, gnutls_privkey_sign_func <var>sign_func</var>, gnutls_privkey_decrypt_func <var>decrypt_func</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>pkey</var>: The private key -</p> -<p><var>pk</var>: The public key algorithm -</p> -<p><var>userdata</var>: private data to be provided to the callbacks -</p> -<p><var>sign_func</var>: callback for signature operations -</p> -<p><var>decrypt_func</var>: callback for decryption operations -</p> -<p><var>flags</var>: Flags for the import -</p> -<p>This function will associate the given callbacks with the -<code>gnutls_privkey_t</code> type. At least one of the two callbacks -must be non-null. -</p> -<p>Note that the signing function is supposed to "raw" sign data, i.e., -without any hashing or preprocessing. In case of RSA the DigestInfo -will be provided, and the signing function is expected to do the PKCS <code>1</code> -1.5 padding and the exponentiation. -</p> -<p>See also <code>gnutls_privkey_import_ext3()</code> . -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fimport_005fext2-1"></a> -<h4 class="subheading">gnutls_privkey_import_ext2</h4> -<a name="gnutls_005fprivkey_005fimport_005fext2"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fimport_005fext2"></a>Function: <em>int</em> <strong>gnutls_privkey_import_ext2</strong> <em>(gnutls_privkey_t <var>pkey</var>, gnutls_pk_algorithm_t <var>pk</var>, void * <var>userdata</var>, gnutls_privkey_sign_func <var>sign_fn</var>, gnutls_privkey_decrypt_func <var>decrypt_fn</var>, gnutls_privkey_deinit_func <var>deinit_fn</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>pkey</var>: The private key -</p> -<p><var>pk</var>: The public key algorithm -</p> -<p><var>userdata</var>: private data to be provided to the callbacks -</p> -<p><var>sign_fn</var>: callback for signature operations -</p> -<p><var>decrypt_fn</var>: callback for decryption operations -</p> -<p><var>deinit_fn</var>: a deinitialization function -</p> -<p><var>flags</var>: Flags for the import -</p> -<p>This function will associate the given callbacks with the -<code>gnutls_privkey_t</code> type. At least one of the two callbacks -must be non-null. If a deinitialization function is provided -then flags is assumed to contain <code>GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE</code> . -</p> -<p>Note that the signing function is supposed to "raw" sign data, i.e., -without any hashing or preprocessing. In case of RSA the DigestInfo -will be provided, and the signing function is expected to do the PKCS <code>1</code> -1.5 padding and the exponentiation. -</p> -<p>See also <code>gnutls_privkey_import_ext3()</code> . -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.1 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fimport_005fext3-1"></a> -<h4 class="subheading">gnutls_privkey_import_ext3</h4> -<a name="gnutls_005fprivkey_005fimport_005fext3"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fimport_005fext3-1"></a>Function: <em>int</em> <strong>gnutls_privkey_import_ext3</strong> <em>(gnutls_privkey_t <var>pkey</var>, void * <var>userdata</var>, gnutls_privkey_sign_func <var>sign_fn</var>, gnutls_privkey_decrypt_func <var>decrypt_fn</var>, gnutls_privkey_deinit_func <var>deinit_fn</var>, gnutls_privkey_info_func <var>info_fn</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>pkey</var>: The private key -</p> -<p><var>userdata</var>: private data to be provided to the callbacks -</p> -<p><var>sign_fn</var>: callback for signature operations -</p> -<p><var>decrypt_fn</var>: callback for decryption operations -</p> -<p><var>deinit_fn</var>: a deinitialization function -</p> -<p><var>info_fn</var>: returns info about the public key algorithm (should not be <code>NULL</code> ) -</p> -<p><var>flags</var>: Flags for the import -</p> -<p>This function will associate the given callbacks with the -<code>gnutls_privkey_t</code> type. At least one of the two callbacks -must be non-null. If a deinitialization function is provided -then flags is assumed to contain <code>GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE</code> . -</p> -<p>Note that the signing function is supposed to "raw" sign data, i.e., -without any hashing or preprocessing. In case of RSA the DigestInfo -will be provided, and the signing function is expected to do the PKCS <code>1</code> -1.5 padding and the exponentiation. -</p> -<p>The <code>info_fn</code> must provide information on the algorithms supported by -this private key, and should support the flags <code>GNUTLS_PRIVKEY_INFO_PK_ALGO</code> and -<code>GNUTLS_PRIVKEY_INFO_SIGN_ALGO</code> . It must return -1 on unknown flags. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.4.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fimport_005fopenpgp-1"></a> -<h4 class="subheading">gnutls_privkey_import_openpgp</h4> -<a name="gnutls_005fprivkey_005fimport_005fopenpgp"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fimport_005fopenpgp"></a>Function: <em>int</em> <strong>gnutls_privkey_import_openpgp</strong> <em>(gnutls_privkey_t <var>pkey</var>, gnutls_openpgp_privkey_t <var>key</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>pkey</var>: The private key -</p> -<p><var>key</var>: The private key to be imported -</p> -<p><var>flags</var>: Flags for the import -</p> -<p>This function will import the given private key to the abstract -<code>gnutls_privkey_t</code> type. -</p> -<p>The <code>gnutls_openpgp_privkey_t</code> object must not be deallocated -during the lifetime of this structure. The subkey set as -preferred will be used, or the master key otherwise. -</p> -<p><code>flags</code> might be zero or one of <code>GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE</code> -and <code>GNUTLS_PRIVKEY_IMPORT_COPY</code> . -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 2.12.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fimport_005fopenpgp_005fraw-1"></a> -<h4 class="subheading">gnutls_privkey_import_openpgp_raw</h4> -<a name="gnutls_005fprivkey_005fimport_005fopenpgp_005fraw"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fimport_005fopenpgp_005fraw"></a>Function: <em>int</em> <strong>gnutls_privkey_import_openpgp_raw</strong> <em>(gnutls_privkey_t <var>pkey</var>, const gnutls_datum_t * <var>data</var>, gnutls_openpgp_crt_fmt_t <var>format</var>, const gnutls_openpgp_keyid_t <var>keyid</var>, const char * <var>password</var>)</em></dt> -<dd><p><var>pkey</var>: The private key -</p> -<p><var>data</var>: The private key data to be imported -</p> -<p><var>format</var>: The format of the private key -</p> -<p><var>keyid</var>: The key id to use (optional) -</p> -<p><var>password</var>: A password (optional) -</p> -<p>This function will import the given private key to the abstract -<code>gnutls_privkey_t</code> type. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.1.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fimport_005fpkcs11-1"></a> -<h4 class="subheading">gnutls_privkey_import_pkcs11</h4> -<a name="gnutls_005fprivkey_005fimport_005fpkcs11"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fimport_005fpkcs11"></a>Function: <em>int</em> <strong>gnutls_privkey_import_pkcs11</strong> <em>(gnutls_privkey_t <var>pkey</var>, gnutls_pkcs11_privkey_t <var>key</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>pkey</var>: The private key -</p> -<p><var>key</var>: The private key to be imported -</p> -<p><var>flags</var>: Flags for the import -</p> -<p>This function will import the given private key to the abstract -<code>gnutls_privkey_t</code> type. -</p> -<p>The <code>gnutls_pkcs11_privkey_t</code> object must not be deallocated -during the lifetime of this structure. -</p> -<p><code>flags</code> might be zero or one of <code>GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE</code> -and <code>GNUTLS_PRIVKEY_IMPORT_COPY</code> . -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 2.12.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fimport_005fpkcs11_005furl-1"></a> -<h4 class="subheading">gnutls_privkey_import_pkcs11_url</h4> -<a name="gnutls_005fprivkey_005fimport_005fpkcs11_005furl"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fimport_005fpkcs11_005furl"></a>Function: <em>int</em> <strong>gnutls_privkey_import_pkcs11_url</strong> <em>(gnutls_privkey_t <var>key</var>, const char * <var>url</var>)</em></dt> -<dd><p><var>key</var>: A key of type <code>gnutls_pubkey_t</code> -</p> -<p><var>url</var>: A PKCS 11 url -</p> -<p>This function will import a PKCS 11 private key to a <code>gnutls_private_key_t</code> -type. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.1.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fimport_005frsa_005fraw-1"></a> -<h4 class="subheading">gnutls_privkey_import_rsa_raw</h4> -<a name="gnutls_005fprivkey_005fimport_005frsa_005fraw"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fimport_005frsa_005fraw"></a>Function: <em>int</em> <strong>gnutls_privkey_import_rsa_raw</strong> <em>(gnutls_privkey_t <var>key</var>, const gnutls_datum_t * <var>m</var>, const gnutls_datum_t * <var>e</var>, const gnutls_datum_t * <var>d</var>, const gnutls_datum_t * <var>p</var>, const gnutls_datum_t * <var>q</var>, const gnutls_datum_t * <var>u</var>, const gnutls_datum_t * <var>e1</var>, const gnutls_datum_t * <var>e2</var>)</em></dt> -<dd><p><var>key</var>: The structure to store the parsed key -</p> -<p><var>m</var>: holds the modulus -</p> -<p><var>e</var>: holds the public exponent -</p> -<p><var>d</var>: holds the private exponent -</p> -<p><var>p</var>: holds the first prime (p) -</p> -<p><var>q</var>: holds the second prime (q) -</p> -<p><var>u</var>: holds the coefficient (optional) -</p> -<p><var>e1</var>: holds e1 = d mod (p-1) (optional) -</p> -<p><var>e2</var>: holds e2 = d mod (q-1) (optional) -</p> -<p>This function will convert the given RSA raw parameters to the -native <code>gnutls_privkey_t</code> format. The output will be stored in - <code>key</code> . -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fimport_005ftpm_005fraw-1"></a> -<h4 class="subheading">gnutls_privkey_import_tpm_raw</h4> -<a name="gnutls_005fprivkey_005fimport_005ftpm_005fraw"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fimport_005ftpm_005fraw"></a>Function: <em>int</em> <strong>gnutls_privkey_import_tpm_raw</strong> <em>(gnutls_privkey_t <var>pkey</var>, const gnutls_datum_t * <var>fdata</var>, gnutls_tpmkey_fmt_t <var>format</var>, const char * <var>srk_password</var>, const char * <var>key_password</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>pkey</var>: The private key -</p> -<p><var>fdata</var>: The TPM key to be imported -</p> -<p><var>format</var>: The format of the private key -</p> -<p><var>srk_password</var>: The password for the SRK key (optional) -</p> -<p><var>key_password</var>: A password for the key (optional) -</p> -<p><var>flags</var>: should be zero -</p> -<p>This function will import the given private key to the abstract -<code>gnutls_privkey_t</code> type. -</p> -<p>With respect to passwords the same as in <code>gnutls_privkey_import_tpm_url()</code> apply. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.1.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fimport_005ftpm_005furl-1"></a> -<h4 class="subheading">gnutls_privkey_import_tpm_url</h4> -<a name="gnutls_005fprivkey_005fimport_005ftpm_005furl"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fimport_005ftpm_005furl-1"></a>Function: <em>int</em> <strong>gnutls_privkey_import_tpm_url</strong> <em>(gnutls_privkey_t <var>pkey</var>, const char * <var>url</var>, const char * <var>srk_password</var>, const char * <var>key_password</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>pkey</var>: The private key -</p> -<p><var>url</var>: The URL of the TPM key to be imported -</p> -<p><var>srk_password</var>: The password for the SRK key (optional) -</p> -<p><var>key_password</var>: A password for the key (optional) -</p> -<p><var>flags</var>: One of the GNUTLS_PRIVKEY_* flags -</p> -<p>This function will import the given private key to the abstract -<code>gnutls_privkey_t</code> type. -</p> -<p>Note that unless <code>GNUTLS_PRIVKEY_DISABLE_CALLBACKS</code> -is specified, if incorrect (or NULL) passwords are given -the PKCS11 callback functions will be used to obtain the -correct passwords. Otherwise if the SRK password is wrong -<code>GNUTLS_E_TPM_SRK_PASSWORD_ERROR</code> is returned and if the key password -is wrong or not provided then <code>GNUTLS_E_TPM_KEY_PASSWORD_ERROR</code> -is returned. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.1.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fimport_005furl-1"></a> -<h4 class="subheading">gnutls_privkey_import_url</h4> -<a name="gnutls_005fprivkey_005fimport_005furl"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fimport_005furl-1"></a>Function: <em>int</em> <strong>gnutls_privkey_import_url</strong> <em>(gnutls_privkey_t <var>key</var>, const char * <var>url</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>key</var>: A key of type <code>gnutls_privkey_t</code> -</p> -<p><var>url</var>: A PKCS 11 url -</p> -<p><var>flags</var>: should be zero -</p> -<p>This function will import a PKCS11 or TPM URL as a -private key. The supported URL types can be checked -using <code>gnutls_url_is_supported()</code> . -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.1.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fimport_005fx509-1"></a> -<h4 class="subheading">gnutls_privkey_import_x509</h4> -<a name="gnutls_005fprivkey_005fimport_005fx509"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fimport_005fx509"></a>Function: <em>int</em> <strong>gnutls_privkey_import_x509</strong> <em>(gnutls_privkey_t <var>pkey</var>, gnutls_x509_privkey_t <var>key</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>pkey</var>: The private key -</p> -<p><var>key</var>: The private key to be imported -</p> -<p><var>flags</var>: Flags for the import -</p> -<p>This function will import the given private key to the abstract -<code>gnutls_privkey_t</code> type. -</p> -<p>The <code>gnutls_x509_privkey_t</code> object must not be deallocated -during the lifetime of this structure. -</p> -<p><code>flags</code> might be zero or one of <code>GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE</code> -and <code>GNUTLS_PRIVKEY_IMPORT_COPY</code> . -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 2.12.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fimport_005fx509_005fraw-1"></a> -<h4 class="subheading">gnutls_privkey_import_x509_raw</h4> -<a name="gnutls_005fprivkey_005fimport_005fx509_005fraw"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fimport_005fx509_005fraw-1"></a>Function: <em>int</em> <strong>gnutls_privkey_import_x509_raw</strong> <em>(gnutls_privkey_t <var>pkey</var>, const gnutls_datum_t * <var>data</var>, gnutls_x509_crt_fmt_t <var>format</var>, const char * <var>password</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>pkey</var>: The private key -</p> -<p><var>data</var>: The private key data to be imported -</p> -<p><var>format</var>: The format of the private key -</p> -<p><var>password</var>: A password (optional) -</p> -<p><var>flags</var>: an ORed sequence of gnutls_pkcs_encrypt_flags_t -</p> -<p>This function will import the given private key to the abstract -<code>gnutls_privkey_t</code> type. -</p> -<p>The supported formats are basic unencrypted key, PKCS8, PKCS12, -and the openssl format. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.1.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005finit-1"></a> -<h4 class="subheading">gnutls_privkey_init</h4> -<a name="gnutls_005fprivkey_005finit"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005finit"></a>Function: <em>int</em> <strong>gnutls_privkey_init</strong> <em>(gnutls_privkey_t * <var>key</var>)</em></dt> -<dd><p><var>key</var>: A pointer to the type to be initialized -</p> -<p>This function will initialize a private key. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 2.12.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fset_005fflags-1"></a> -<h4 class="subheading">gnutls_privkey_set_flags</h4> -<a name="gnutls_005fprivkey_005fset_005fflags"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fset_005fflags"></a>Function: <em>void</em> <strong>gnutls_privkey_set_flags</strong> <em>(gnutls_privkey_t <var>key</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>key</var>: A key of type <code>gnutls_privkey_t</code> -</p> -<p><var>flags</var>: flags from the <code>gnutls_privkey_flags</code> -</p> -<p>This function will set flags for the specified private key, after -it is generated. Currently this is useful for the <code>GNUTLS_PRIVKEY_FLAG_EXPORT_COMPAT</code> -to allow exporting a "provable" private key in backwards compatible way. -</p> -<p><strong>Since:</strong> 3.5.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fset_005fpin_005ffunction-1"></a> -<h4 class="subheading">gnutls_privkey_set_pin_function</h4> -<a name="gnutls_005fprivkey_005fset_005fpin_005ffunction"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fset_005fpin_005ffunction"></a>Function: <em>void</em> <strong>gnutls_privkey_set_pin_function</strong> <em>(gnutls_privkey_t <var>key</var>, gnutls_pin_callback_t <var>fn</var>, void * <var>userdata</var>)</em></dt> -<dd><p><var>key</var>: A key of type <code>gnutls_privkey_t</code> -</p> -<p><var>fn</var>: the callback -</p> -<p><var>userdata</var>: data associated with the callback -</p> -<p>This function will set a callback function to be used when -required to access the object. This function overrides any other -global PIN functions. -</p> -<p>Note that this function must be called right after initialization -to have effect. -</p> -<p><strong>Since:</strong> 3.1.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fsign_005fdata-1"></a> -<h4 class="subheading">gnutls_privkey_sign_data</h4> -<a name="gnutls_005fprivkey_005fsign_005fdata"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fsign_005fdata-1"></a>Function: <em>int</em> <strong>gnutls_privkey_sign_data</strong> <em>(gnutls_privkey_t <var>signer</var>, gnutls_digest_algorithm_t <var>hash</var>, unsigned int <var>flags</var>, const gnutls_datum_t * <var>data</var>, gnutls_datum_t * <var>signature</var>)</em></dt> -<dd><p><var>signer</var>: Holds the key -</p> -<p><var>hash</var>: should be a digest algorithm -</p> -<p><var>flags</var>: Zero or one of <code>gnutls_privkey_flags_t</code> -</p> -<p><var>data</var>: holds the data to be signed -</p> -<p><var>signature</var>: will contain the signature allocated with <code>gnutls_malloc()</code> -</p> -<p>This function will sign the given data using a signature algorithm -supported by the private key. Signature algorithms are always used -together with a hash functions. Different hash functions may be -used for the RSA algorithm, but only the SHA family for the DSA keys. -</p> -<p>You may use <code>gnutls_pubkey_get_preferred_hash_algorithm()</code> to determine -the hash algorithm. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 2.12.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fsign_005fhash-1"></a> -<h4 class="subheading">gnutls_privkey_sign_hash</h4> -<a name="gnutls_005fprivkey_005fsign_005fhash"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fsign_005fhash-1"></a>Function: <em>int</em> <strong>gnutls_privkey_sign_hash</strong> <em>(gnutls_privkey_t <var>signer</var>, gnutls_digest_algorithm_t <var>hash_algo</var>, unsigned int <var>flags</var>, const gnutls_datum_t * <var>hash_data</var>, gnutls_datum_t * <var>signature</var>)</em></dt> -<dd><p><var>signer</var>: Holds the signer’s key -</p> -<p><var>hash_algo</var>: The hash algorithm used -</p> -<p><var>flags</var>: Zero or one of <code>gnutls_privkey_flags_t</code> -</p> -<p><var>hash_data</var>: holds the data to be signed -</p> -<p><var>signature</var>: will contain newly allocated signature -</p> -<p>This function will sign the given hashed data using a signature algorithm -supported by the private key. Signature algorithms are always used -together with a hash functions. Different hash functions may be -used for the RSA algorithm, but only SHA-XXX for the DSA keys. -</p> -<p>You may use <code>gnutls_pubkey_get_preferred_hash_algorithm()</code> to determine -the hash algorithm. -</p> -<p>Note that if <code>GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA</code> flag is specified this function -will ignore <code>hash_algo</code> and perform a raw PKCS1 signature. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 2.12.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fstatus-1"></a> -<h4 class="subheading">gnutls_privkey_status</h4> -<a name="gnutls_005fprivkey_005fstatus"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fstatus"></a>Function: <em>int</em> <strong>gnutls_privkey_status</strong> <em>(gnutls_privkey_t <var>key</var>)</em></dt> -<dd><p><var>key</var>: Holds the key -</p> -<p>Checks the status of the private key token. This function -is an actual wrapper over <code>gnutls_pkcs11_privkey_status()</code> , and -if the private key is a PKCS <code>11</code> token it will check whether -it is inserted or not. -</p> -<p><strong>Returns:</strong> this function will return non-zero if the token -holding the private key is still available (inserted), and zero otherwise. -</p> -<p><strong>Since:</strong> 3.1.10 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fverify_005fparams-1"></a> -<h4 class="subheading">gnutls_privkey_verify_params</h4> -<a name="gnutls_005fprivkey_005fverify_005fparams"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fverify_005fparams"></a>Function: <em>int</em> <strong>gnutls_privkey_verify_params</strong> <em>(gnutls_privkey_t <var>key</var>)</em></dt> -<dd><p><var>key</var>: should contain a <code>gnutls_privkey_t</code> type -</p> -<p>This function will verify the private key parameters. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.3.0 -</p></dd></dl> - -<a name="gnutls_005fprivkey_005fverify_005fseed-1"></a> -<h4 class="subheading">gnutls_privkey_verify_seed</h4> -<a name="gnutls_005fprivkey_005fverify_005fseed"></a><dl> -<dt><a name="index-gnutls_005fprivkey_005fverify_005fseed"></a>Function: <em>int</em> <strong>gnutls_privkey_verify_seed</strong> <em>(gnutls_privkey_t <var>key</var>, gnutls_digest_algorithm_t <var>digest</var>, const void * <var>seed</var>, size_t <var>seed_size</var>)</em></dt> -<dd><p><var>key</var>: should contain a <code>gnutls_privkey_t</code> type -</p> -<p><var>digest</var>: it contains the digest algorithm used for key generation (if applicable) -</p> -<p><var>seed</var>: the seed of the key to be checked with -</p> -<p><var>seed_size</var>: holds the size of <code>seed</code> -</p> -<p>This function will verify that the given private key was generated from -the provided seed. -</p> -<p><strong>Returns:</strong> In case of a verification failure <code>GNUTLS_E_PRIVKEY_VERIFICATION_ERROR</code> -is returned, and zero or positive code on success. -</p> -<p><strong>Since:</strong> 3.5.0 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fdeinit-1"></a> -<h4 class="subheading">gnutls_pubkey_deinit</h4> -<a name="gnutls_005fpubkey_005fdeinit"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fdeinit"></a>Function: <em>void</em> <strong>gnutls_pubkey_deinit</strong> <em>(gnutls_pubkey_t <var>key</var>)</em></dt> -<dd><p><var>key</var>: The key to be deinitialized -</p> -<p>This function will deinitialize a public key structure. -</p> -<p><strong>Since:</strong> 2.12.0 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fencrypt_005fdata-1"></a> -<h4 class="subheading">gnutls_pubkey_encrypt_data</h4> -<a name="gnutls_005fpubkey_005fencrypt_005fdata"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fencrypt_005fdata-1"></a>Function: <em>int</em> <strong>gnutls_pubkey_encrypt_data</strong> <em>(gnutls_pubkey_t <var>key</var>, unsigned int <var>flags</var>, const gnutls_datum_t * <var>plaintext</var>, gnutls_datum_t * <var>ciphertext</var>)</em></dt> -<dd><p><var>key</var>: Holds the public key -</p> -<p><var>flags</var>: should be 0 for now -</p> -<p><var>plaintext</var>: The data to be encrypted -</p> -<p><var>ciphertext</var>: contains the encrypted data -</p> -<p>This function will encrypt the given data, using the public -key. On success the <code>ciphertext</code> will be allocated using <code>gnutls_malloc()</code> . -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.0 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fexport-1"></a> -<h4 class="subheading">gnutls_pubkey_export</h4> -<a name="gnutls_005fpubkey_005fexport"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fexport"></a>Function: <em>int</em> <strong>gnutls_pubkey_export</strong> <em>(gnutls_pubkey_t <var>key</var>, gnutls_x509_crt_fmt_t <var>format</var>, void * <var>output_data</var>, size_t * <var>output_data_size</var>)</em></dt> -<dd><p><var>key</var>: Holds the certificate -</p> -<p><var>format</var>: the format of output params. One of PEM or DER. -</p> -<p><var>output_data</var>: will contain a certificate PEM or DER encoded -</p> -<p><var>output_data_size</var>: holds the size of output_data (and will be -replaced by the actual size of parameters) -</p> -<p>This function will export the public key to DER or PEM format. -The contents of the exported data is the SubjectPublicKeyInfo -X.509 structure. -</p> -<p>If the buffer provided is not long enough to hold the output, then -*output_data_size is updated and <code>GNUTLS_E_SHORT_MEMORY_BUFFER</code> will -be returned. -</p> -<p>If the structure is PEM encoded, it will have a header -of "BEGIN CERTIFICATE". -</p> -<p><strong>Returns:</strong> In case of failure a negative error code will be -returned, and 0 on success. -</p> -<p><strong>Since:</strong> 2.12.0 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fexport2-1"></a> -<h4 class="subheading">gnutls_pubkey_export2</h4> -<a name="gnutls_005fpubkey_005fexport2"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fexport2-1"></a>Function: <em>int</em> <strong>gnutls_pubkey_export2</strong> <em>(gnutls_pubkey_t <var>key</var>, gnutls_x509_crt_fmt_t <var>format</var>, gnutls_datum_t * <var>out</var>)</em></dt> -<dd><p><var>key</var>: Holds the certificate -</p> -<p><var>format</var>: the format of output params. One of PEM or DER. -</p> -<p><var>out</var>: will contain a certificate PEM or DER encoded -</p> -<p>This function will export the public key to DER or PEM format. -The contents of the exported data is the SubjectPublicKeyInfo -X.509 structure. -</p> -<p>The output buffer will be allocated using <code>gnutls_malloc()</code> . -</p> -<p>If the structure is PEM encoded, it will have a header -of "BEGIN CERTIFICATE". -</p> -<p><strong>Returns:</strong> In case of failure a negative error code will be -returned, and 0 on success. -</p> -<p><strong>Since:</strong> 3.1.3 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fexport_005fdsa_005fraw-1"></a> -<h4 class="subheading">gnutls_pubkey_export_dsa_raw</h4> -<a name="gnutls_005fpubkey_005fexport_005fdsa_005fraw"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fexport_005fdsa_005fraw"></a>Function: <em>int</em> <strong>gnutls_pubkey_export_dsa_raw</strong> <em>(gnutls_pubkey_t <var>key</var>, gnutls_datum_t * <var>p</var>, gnutls_datum_t * <var>q</var>, gnutls_datum_t * <var>g</var>, gnutls_datum_t * <var>y</var>)</em></dt> -<dd><p><var>key</var>: Holds the public key -</p> -<p><var>p</var>: will hold the p (may be <code>NULL</code> ) -</p> -<p><var>q</var>: will hold the q (may be <code>NULL</code> ) -</p> -<p><var>g</var>: will hold the g (may be <code>NULL</code> ) -</p> -<p><var>y</var>: will hold the y (may be <code>NULL</code> ) -</p> -<p>This function will export the DSA public key’s parameters found in -the given certificate. The new parameters will be allocated using -<code>gnutls_malloc()</code> and will be stored in the appropriate datum. -</p> -<p>This function allows for <code>NULL</code> parameters since 3.4.1. -</p> -<p><strong>Returns:</strong> <code>GNUTLS_E_SUCCESS</code> on success, otherwise a negative error code. -</p> -<p><strong>Since:</strong> 3.3.0 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fexport_005fecc_005fraw-1"></a> -<h4 class="subheading">gnutls_pubkey_export_ecc_raw</h4> -<a name="gnutls_005fpubkey_005fexport_005fecc_005fraw"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fexport_005fecc_005fraw"></a>Function: <em>int</em> <strong>gnutls_pubkey_export_ecc_raw</strong> <em>(gnutls_pubkey_t <var>key</var>, gnutls_ecc_curve_t * <var>curve</var>, gnutls_datum_t * <var>x</var>, gnutls_datum_t * <var>y</var>)</em></dt> -<dd><p><var>key</var>: Holds the public key -</p> -<p><var>curve</var>: will hold the curve (may be <code>NULL</code> ) -</p> -<p><var>x</var>: will hold x (may be <code>NULL</code> ) -</p> -<p><var>y</var>: will hold y (may be <code>NULL</code> ) -</p> -<p>This function will export the ECC public key’s parameters found in -the given key. The new parameters will be allocated using -<code>gnutls_malloc()</code> and will be stored in the appropriate datum. -</p> -<p>This function allows for <code>NULL</code> parameters since 3.4.1. -</p> -<p><strong>Returns:</strong> <code>GNUTLS_E_SUCCESS</code> on success, otherwise a negative error code. -</p> -<p><strong>Since:</strong> 3.0 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fexport_005fecc_005fx962-1"></a> -<h4 class="subheading">gnutls_pubkey_export_ecc_x962</h4> -<a name="gnutls_005fpubkey_005fexport_005fecc_005fx962"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fexport_005fecc_005fx962"></a>Function: <em>int</em> <strong>gnutls_pubkey_export_ecc_x962</strong> <em>(gnutls_pubkey_t <var>key</var>, gnutls_datum_t * <var>parameters</var>, gnutls_datum_t * <var>ecpoint</var>)</em></dt> -<dd><p><var>key</var>: Holds the public key -</p> -<p><var>parameters</var>: DER encoding of an ANSI X9.62 parameters -</p> -<p><var>ecpoint</var>: DER encoding of ANSI X9.62 ECPoint -</p> -<p>This function will export the ECC public key’s parameters found in -the given certificate. The new parameters will be allocated using -<code>gnutls_malloc()</code> and will be stored in the appropriate datum. -</p> -<p><strong>Returns:</strong> <code>GNUTLS_E_SUCCESS</code> on success, otherwise a negative error code. -</p> -<p><strong>Since:</strong> 3.3.0 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fexport_005frsa_005fraw-1"></a> -<h4 class="subheading">gnutls_pubkey_export_rsa_raw</h4> -<a name="gnutls_005fpubkey_005fexport_005frsa_005fraw"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fexport_005frsa_005fraw"></a>Function: <em>int</em> <strong>gnutls_pubkey_export_rsa_raw</strong> <em>(gnutls_pubkey_t <var>key</var>, gnutls_datum_t * <var>m</var>, gnutls_datum_t * <var>e</var>)</em></dt> -<dd><p><var>key</var>: Holds the certificate -</p> -<p><var>m</var>: will hold the modulus (may be <code>NULL</code> ) -</p> -<p><var>e</var>: will hold the public exponent (may be <code>NULL</code> ) -</p> -<p>This function will export the RSA public key’s parameters found in -the given structure. The new parameters will be allocated using -<code>gnutls_malloc()</code> and will be stored in the appropriate datum. -</p> -<p>This function allows for <code>NULL</code> parameters since 3.4.1. -</p> -<p><strong>Returns:</strong> <code>GNUTLS_E_SUCCESS</code> on success, otherwise a negative error code. -</p> -<p><strong>Since:</strong> 3.3.0 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fget_005fkey_005fid-1"></a> -<h4 class="subheading">gnutls_pubkey_get_key_id</h4> -<a name="gnutls_005fpubkey_005fget_005fkey_005fid"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fget_005fkey_005fid"></a>Function: <em>int</em> <strong>gnutls_pubkey_get_key_id</strong> <em>(gnutls_pubkey_t <var>key</var>, unsigned int <var>flags</var>, unsigned char * <var>output_data</var>, size_t * <var>output_data_size</var>)</em></dt> -<dd><p><var>key</var>: Holds the public key -</p> -<p><var>flags</var>: should be one of the flags from <code>gnutls_keyid_flags_t</code> -</p> -<p><var>output_data</var>: will contain the key ID -</p> -<p><var>output_data_size</var>: holds the size of output_data (and will be -replaced by the actual size of parameters) -</p> -<p>This function will return a unique ID that depends on the public -key parameters. This ID can be used in checking whether a -certificate corresponds to the given public key. -</p> -<p>If the buffer provided is not long enough to hold the output, then -*output_data_size is updated and <code>GNUTLS_E_SHORT_MEMORY_BUFFER</code> will -be returned. The output will normally be a SHA-1 hash output, -which is 20 bytes. -</p> -<p><strong>Returns:</strong> In case of failure a negative error code will be -returned, and 0 on success. -</p> -<p><strong>Since:</strong> 2.12.0 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fget_005fkey_005fusage-1"></a> -<h4 class="subheading">gnutls_pubkey_get_key_usage</h4> -<a name="gnutls_005fpubkey_005fget_005fkey_005fusage"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fget_005fkey_005fusage"></a>Function: <em>int</em> <strong>gnutls_pubkey_get_key_usage</strong> <em>(gnutls_pubkey_t <var>key</var>, unsigned int * <var>usage</var>)</em></dt> -<dd><p><var>key</var>: should contain a <code>gnutls_pubkey_t</code> type -</p> -<p><var>usage</var>: If set will return the number of bits of the parameters (may be NULL) -</p> -<p>This function will return the key usage of the public key. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 2.12.0 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fget_005fopenpgp_005fkey_005fid-1"></a> -<h4 class="subheading">gnutls_pubkey_get_openpgp_key_id</h4> -<a name="gnutls_005fpubkey_005fget_005fopenpgp_005fkey_005fid"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fget_005fopenpgp_005fkey_005fid"></a>Function: <em>int</em> <strong>gnutls_pubkey_get_openpgp_key_id</strong> <em>(gnutls_pubkey_t <var>key</var>, unsigned int <var>flags</var>, unsigned char * <var>output_data</var>, size_t * <var>output_data_size</var>, unsigned int * <var>subkey</var>)</em></dt> -<dd><p><var>key</var>: Holds the public key -</p> -<p><var>flags</var>: should be 0 or <code>GNUTLS_PUBKEY_GET_OPENPGP_FINGERPRINT</code> -</p> -<p><var>output_data</var>: will contain the key ID -</p> -<p><var>output_data_size</var>: holds the size of output_data (and will be -replaced by the actual size of parameters) -</p> -<p><var>subkey</var>: Will be non zero if the key ID corresponds to a subkey -</p> -<p>This function returns the OpenPGP key ID of the corresponding key. -The key is a unique ID that depends on the public -key parameters. -</p> -<p>If the flag <code>GNUTLS_PUBKEY_GET_OPENPGP_FINGERPRINT</code> is specified -this function returns the fingerprint of the master key. -</p> -<p>If the buffer provided is not long enough to hold the output, then -*output_data_size is updated and <code>GNUTLS_E_SHORT_MEMORY_BUFFER</code> will -be returned. The output is <code>GNUTLS_OPENPGP_KEYID_SIZE</code> bytes long. -</p> -<p><strong>Returns:</strong> In case of failure a negative error code will be -returned, and 0 on success. -</p> -<p><strong>Since:</strong> 3.0 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fget_005fpk_005falgorithm-1"></a> -<h4 class="subheading">gnutls_pubkey_get_pk_algorithm</h4> -<a name="gnutls_005fpubkey_005fget_005fpk_005falgorithm"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fget_005fpk_005falgorithm"></a>Function: <em>int</em> <strong>gnutls_pubkey_get_pk_algorithm</strong> <em>(gnutls_pubkey_t <var>key</var>, unsigned int * <var>bits</var>)</em></dt> -<dd><p><var>key</var>: should contain a <code>gnutls_pubkey_t</code> type -</p> -<p><var>bits</var>: If set will return the number of bits of the parameters (may be NULL) -</p> -<p>This function will return the public key algorithm of a public -key and if possible will return a number of bits that indicates -the security parameter of the key. -</p> -<p><strong>Returns:</strong> a member of the <code>gnutls_pk_algorithm_t</code> enumeration on -success, or a negative error code on error. -</p> -<p><strong>Since:</strong> 2.12.0 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fget_005fpreferred_005fhash_005falgorithm-1"></a> -<h4 class="subheading">gnutls_pubkey_get_preferred_hash_algorithm</h4> -<a name="gnutls_005fpubkey_005fget_005fpreferred_005fhash_005falgorithm"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fget_005fpreferred_005fhash_005falgorithm"></a>Function: <em>int</em> <strong>gnutls_pubkey_get_preferred_hash_algorithm</strong> <em>(gnutls_pubkey_t <var>key</var>, gnutls_digest_algorithm_t * <var>hash</var>, unsigned int * <var>mand</var>)</em></dt> -<dd><p><var>key</var>: Holds the certificate -</p> -<p><var>hash</var>: The result of the call with the hash algorithm used for signature -</p> -<p><var>mand</var>: If non zero it means that the algorithm MUST use this hash. May be NULL. -</p> -<p>This function will read the certificate and return the appropriate digest -algorithm to use for signing with this certificate. Some certificates (i.e. -DSA might not be able to sign without the preferred algorithm). -</p> -<p>To get the signature algorithm instead of just the hash use <code>gnutls_pk_to_sign()</code> -with the algorithm of the certificate/key and the provided <code>hash</code> . -</p> -<p><strong>Returns:</strong> the 0 if the hash algorithm is found. A negative error code is -returned on error. -</p> -<p><strong>Since:</strong> 2.12.0 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fimport-1"></a> -<h4 class="subheading">gnutls_pubkey_import</h4> -<a name="gnutls_005fpubkey_005fimport"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fimport"></a>Function: <em>int</em> <strong>gnutls_pubkey_import</strong> <em>(gnutls_pubkey_t <var>key</var>, const gnutls_datum_t * <var>data</var>, gnutls_x509_crt_fmt_t <var>format</var>)</em></dt> -<dd><p><var>key</var>: The public key. -</p> -<p><var>data</var>: The DER or PEM encoded certificate. -</p> -<p><var>format</var>: One of DER or PEM -</p> -<p>This function will import the provided public key in -a SubjectPublicKeyInfo X.509 structure to a native -<code>gnutls_pubkey_t</code> type. The output will be stored -in <code>key</code> . If the public key is PEM encoded it should have a header -of "PUBLIC KEY". -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 2.12.0 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fimport_005fdsa_005fraw-1"></a> -<h4 class="subheading">gnutls_pubkey_import_dsa_raw</h4> -<a name="gnutls_005fpubkey_005fimport_005fdsa_005fraw"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fimport_005fdsa_005fraw"></a>Function: <em>int</em> <strong>gnutls_pubkey_import_dsa_raw</strong> <em>(gnutls_pubkey_t <var>key</var>, const gnutls_datum_t * <var>p</var>, const gnutls_datum_t * <var>q</var>, const gnutls_datum_t * <var>g</var>, const gnutls_datum_t * <var>y</var>)</em></dt> -<dd><p><var>key</var>: The structure to store the parsed key -</p> -<p><var>p</var>: holds the p -</p> -<p><var>q</var>: holds the q -</p> -<p><var>g</var>: holds the g -</p> -<p><var>y</var>: holds the y -</p> -<p>This function will convert the given DSA raw parameters to the -native <code>gnutls_pubkey_t</code> format. The output will be stored -in <code>key</code> . -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 2.12.0 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fimport_005fecc_005fraw-1"></a> -<h4 class="subheading">gnutls_pubkey_import_ecc_raw</h4> -<a name="gnutls_005fpubkey_005fimport_005fecc_005fraw"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fimport_005fecc_005fraw"></a>Function: <em>int</em> <strong>gnutls_pubkey_import_ecc_raw</strong> <em>(gnutls_pubkey_t <var>key</var>, gnutls_ecc_curve_t <var>curve</var>, const gnutls_datum_t * <var>x</var>, const gnutls_datum_t * <var>y</var>)</em></dt> -<dd><p><var>key</var>: The structure to store the parsed key -</p> -<p><var>curve</var>: holds the curve -</p> -<p><var>x</var>: holds the x -</p> -<p><var>y</var>: holds the y -</p> -<p>This function will convert the given elliptic curve parameters to a -<code>gnutls_pubkey_t</code> . The output will be stored in <code>key</code> . -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.0 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fimport_005fecc_005fx962-1"></a> -<h4 class="subheading">gnutls_pubkey_import_ecc_x962</h4> -<a name="gnutls_005fpubkey_005fimport_005fecc_005fx962"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fimport_005fecc_005fx962"></a>Function: <em>int</em> <strong>gnutls_pubkey_import_ecc_x962</strong> <em>(gnutls_pubkey_t <var>key</var>, const gnutls_datum_t * <var>parameters</var>, const gnutls_datum_t * <var>ecpoint</var>)</em></dt> -<dd><p><var>key</var>: The structure to store the parsed key -</p> -<p><var>parameters</var>: DER encoding of an ANSI X9.62 parameters -</p> -<p><var>ecpoint</var>: DER encoding of ANSI X9.62 ECPoint -</p> -<p>This function will convert the given elliptic curve parameters to a -<code>gnutls_pubkey_t</code> . The output will be stored in <code>key</code> . -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.0 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fimport_005fopenpgp-1"></a> -<h4 class="subheading">gnutls_pubkey_import_openpgp</h4> -<a name="gnutls_005fpubkey_005fimport_005fopenpgp"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fimport_005fopenpgp"></a>Function: <em>int</em> <strong>gnutls_pubkey_import_openpgp</strong> <em>(gnutls_pubkey_t <var>key</var>, gnutls_openpgp_crt_t <var>crt</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>key</var>: The public key -</p> -<p><var>crt</var>: The certificate to be imported -</p> -<p><var>flags</var>: should be zero -</p> -<p>Imports a public key from an openpgp key. This function will import -the given public key to the abstract <code>gnutls_pubkey_t</code> -type. The subkey set as preferred will be imported or the -master key otherwise. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 2.12.0 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fimport_005fopenpgp_005fraw-1"></a> -<h4 class="subheading">gnutls_pubkey_import_openpgp_raw</h4> -<a name="gnutls_005fpubkey_005fimport_005fopenpgp_005fraw"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fimport_005fopenpgp_005fraw"></a>Function: <em>int</em> <strong>gnutls_pubkey_import_openpgp_raw</strong> <em>(gnutls_pubkey_t <var>pkey</var>, const gnutls_datum_t * <var>data</var>, gnutls_openpgp_crt_fmt_t <var>format</var>, const gnutls_openpgp_keyid_t <var>keyid</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>pkey</var>: The public key -</p> -<p><var>data</var>: The public key data to be imported -</p> -<p><var>format</var>: The format of the public key -</p> -<p><var>keyid</var>: The key id to use (optional) -</p> -<p><var>flags</var>: Should be zero -</p> -<p>This function will import the given public key to the abstract -<code>gnutls_pubkey_t</code> type. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.1.3 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fimport_005fpkcs11-1"></a> -<h4 class="subheading">gnutls_pubkey_import_pkcs11</h4> -<a name="gnutls_005fpubkey_005fimport_005fpkcs11"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fimport_005fpkcs11"></a>Function: <em>int</em> <strong>gnutls_pubkey_import_pkcs11</strong> <em>(gnutls_pubkey_t <var>key</var>, gnutls_pkcs11_obj_t <var>obj</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>key</var>: The public key -</p> -<p><var>obj</var>: The parameters to be imported -</p> -<p><var>flags</var>: should be zero -</p> -<p>Imports a public key from a pkcs11 key. This function will import -the given public key to the abstract <code>gnutls_pubkey_t</code> type. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 2.12.0 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fimport_005fprivkey-1"></a> -<h4 class="subheading">gnutls_pubkey_import_privkey</h4> -<a name="gnutls_005fpubkey_005fimport_005fprivkey"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fimport_005fprivkey"></a>Function: <em>int</em> <strong>gnutls_pubkey_import_privkey</strong> <em>(gnutls_pubkey_t <var>key</var>, gnutls_privkey_t <var>pkey</var>, unsigned int <var>usage</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>key</var>: The public key -</p> -<p><var>pkey</var>: The private key -</p> -<p><var>usage</var>: GNUTLS_KEY_* key usage flags. -</p> -<p><var>flags</var>: should be zero -</p> -<p>Imports the public key from a private. This function will import -the given public key to the abstract <code>gnutls_pubkey_t</code> type. -</p> -<p>Note that in certain keys this operation may not be possible, e.g., -in other than RSA PKCS<code>11</code> keys. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 2.12.0 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fimport_005frsa_005fraw-1"></a> -<h4 class="subheading">gnutls_pubkey_import_rsa_raw</h4> -<a name="gnutls_005fpubkey_005fimport_005frsa_005fraw"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fimport_005frsa_005fraw"></a>Function: <em>int</em> <strong>gnutls_pubkey_import_rsa_raw</strong> <em>(gnutls_pubkey_t <var>key</var>, const gnutls_datum_t * <var>m</var>, const gnutls_datum_t * <var>e</var>)</em></dt> -<dd><p><var>key</var>: The key -</p> -<p><var>m</var>: holds the modulus -</p> -<p><var>e</var>: holds the public exponent -</p> -<p>This function will replace the parameters in the given structure. -The new parameters should be stored in the appropriate -gnutls_datum. -</p> -<p><strong>Returns:</strong> <code>GNUTLS_E_SUCCESS</code> on success, or an negative error code. -</p> -<p><strong>Since:</strong> 2.12.0 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fimport_005ftpm_005fraw-1"></a> -<h4 class="subheading">gnutls_pubkey_import_tpm_raw</h4> -<a name="gnutls_005fpubkey_005fimport_005ftpm_005fraw"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fimport_005ftpm_005fraw"></a>Function: <em>int</em> <strong>gnutls_pubkey_import_tpm_raw</strong> <em>(gnutls_pubkey_t <var>pkey</var>, const gnutls_datum_t * <var>fdata</var>, gnutls_tpmkey_fmt_t <var>format</var>, const char * <var>srk_password</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>pkey</var>: The public key -</p> -<p><var>fdata</var>: The TPM key to be imported -</p> -<p><var>format</var>: The format of the private key -</p> -<p><var>srk_password</var>: The password for the SRK key (optional) -</p> -<p><var>flags</var>: One of the GNUTLS_PUBKEY_* flags -</p> -<p>This function will import the public key from the provided TPM key -structure. -</p> -<p>With respect to passwords the same as in -<code>gnutls_pubkey_import_tpm_url()</code> apply. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.1.0 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fimport_005ftpm_005furl-1"></a> -<h4 class="subheading">gnutls_pubkey_import_tpm_url</h4> -<a name="gnutls_005fpubkey_005fimport_005ftpm_005furl"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fimport_005ftpm_005furl-1"></a>Function: <em>int</em> <strong>gnutls_pubkey_import_tpm_url</strong> <em>(gnutls_pubkey_t <var>pkey</var>, const char * <var>url</var>, const char * <var>srk_password</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>pkey</var>: The public key -</p> -<p><var>url</var>: The URL of the TPM key to be imported -</p> -<p><var>srk_password</var>: The password for the SRK key (optional) -</p> -<p><var>flags</var>: should be zero -</p> -<p>This function will import the given private key to the abstract -<code>gnutls_privkey_t</code> type. -</p> -<p>Note that unless <code>GNUTLS_PUBKEY_DISABLE_CALLBACKS</code> -is specified, if incorrect (or NULL) passwords are given -the PKCS11 callback functions will be used to obtain the -correct passwords. Otherwise if the SRK password is wrong -<code>GNUTLS_E_TPM_SRK_PASSWORD_ERROR</code> is returned. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.1.0 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fimport_005furl-1"></a> -<h4 class="subheading">gnutls_pubkey_import_url</h4> -<a name="gnutls_005fpubkey_005fimport_005furl"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fimport_005furl"></a>Function: <em>int</em> <strong>gnutls_pubkey_import_url</strong> <em>(gnutls_pubkey_t <var>key</var>, const char * <var>url</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>key</var>: A key of type <code>gnutls_pubkey_t</code> -</p> -<p><var>url</var>: A PKCS 11 url -</p> -<p><var>flags</var>: One of GNUTLS_PKCS11_OBJ_* flags -</p> -<p>This function will import a public key from the provided URL. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.1.0 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fimport_005fx509-1"></a> -<h4 class="subheading">gnutls_pubkey_import_x509</h4> -<a name="gnutls_005fpubkey_005fimport_005fx509"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fimport_005fx509"></a>Function: <em>int</em> <strong>gnutls_pubkey_import_x509</strong> <em>(gnutls_pubkey_t <var>key</var>, gnutls_x509_crt_t <var>crt</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>key</var>: The public key -</p> -<p><var>crt</var>: The certificate to be imported -</p> -<p><var>flags</var>: should be zero -</p> -<p>This function will import the given public key to the abstract -<code>gnutls_pubkey_t</code> type. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 2.12.0 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fimport_005fx509_005fcrq-1"></a> -<h4 class="subheading">gnutls_pubkey_import_x509_crq</h4> -<a name="gnutls_005fpubkey_005fimport_005fx509_005fcrq"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fimport_005fx509_005fcrq"></a>Function: <em>int</em> <strong>gnutls_pubkey_import_x509_crq</strong> <em>(gnutls_pubkey_t <var>key</var>, gnutls_x509_crq_t <var>crq</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>key</var>: The public key -</p> -<p><var>crq</var>: The certificate to be imported -</p> -<p><var>flags</var>: should be zero -</p> -<p>This function will import the given public key to the abstract -<code>gnutls_pubkey_t</code> type. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.1.5 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fimport_005fx509_005fraw-1"></a> -<h4 class="subheading">gnutls_pubkey_import_x509_raw</h4> -<a name="gnutls_005fpubkey_005fimport_005fx509_005fraw"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fimport_005fx509_005fraw"></a>Function: <em>int</em> <strong>gnutls_pubkey_import_x509_raw</strong> <em>(gnutls_pubkey_t <var>pkey</var>, const gnutls_datum_t * <var>data</var>, gnutls_x509_crt_fmt_t <var>format</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>pkey</var>: The public key -</p> -<p><var>data</var>: The public key data to be imported -</p> -<p><var>format</var>: The format of the public key -</p> -<p><var>flags</var>: should be zero -</p> -<p>This function will import the given public key to the abstract -<code>gnutls_pubkey_t</code> type. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.1.3 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005finit-1"></a> -<h4 class="subheading">gnutls_pubkey_init</h4> -<a name="gnutls_005fpubkey_005finit"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005finit"></a>Function: <em>int</em> <strong>gnutls_pubkey_init</strong> <em>(gnutls_pubkey_t * <var>key</var>)</em></dt> -<dd><p><var>key</var>: A pointer to the type to be initialized -</p> -<p>This function will initialize a public key. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 2.12.0 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fprint-1"></a> -<h4 class="subheading">gnutls_pubkey_print</h4> -<a name="gnutls_005fpubkey_005fprint"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fprint"></a>Function: <em>int</em> <strong>gnutls_pubkey_print</strong> <em>(gnutls_pubkey_t <var>pubkey</var>, gnutls_certificate_print_formats_t <var>format</var>, gnutls_datum_t * <var>out</var>)</em></dt> -<dd><p><var>pubkey</var>: The data to be printed -</p> -<p><var>format</var>: Indicate the format to use -</p> -<p><var>out</var>: Newly allocated datum with null terminated string. -</p> -<p>This function will pretty print public key information, suitable for -display to a human. -</p> -<p>Only <code>GNUTLS_CRT_PRINT_FULL</code> and <code>GNUTLS_CRT_PRINT_FULL_NUMBERS</code> -are implemented. -</p> -<p>The output <code>out</code> needs to be deallocated using <code>gnutls_free()</code> . -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.1.5 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fset_005fkey_005fusage-1"></a> -<h4 class="subheading">gnutls_pubkey_set_key_usage</h4> -<a name="gnutls_005fpubkey_005fset_005fkey_005fusage"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fset_005fkey_005fusage"></a>Function: <em>int</em> <strong>gnutls_pubkey_set_key_usage</strong> <em>(gnutls_pubkey_t <var>key</var>, unsigned int <var>usage</var>)</em></dt> -<dd><p><var>key</var>: a certificate of type <code>gnutls_x509_crt_t</code> -</p> -<p><var>usage</var>: an ORed sequence of the GNUTLS_KEY_* elements. -</p> -<p>This function will set the key usage flags of the public key. This -is only useful if the key is to be exported to a certificate or -certificate request. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 2.12.0 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fset_005fpin_005ffunction-1"></a> -<h4 class="subheading">gnutls_pubkey_set_pin_function</h4> -<a name="gnutls_005fpubkey_005fset_005fpin_005ffunction"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fset_005fpin_005ffunction"></a>Function: <em>void</em> <strong>gnutls_pubkey_set_pin_function</strong> <em>(gnutls_pubkey_t <var>key</var>, gnutls_pin_callback_t <var>fn</var>, void * <var>userdata</var>)</em></dt> -<dd><p><var>key</var>: A key of type <code>gnutls_pubkey_t</code> -</p> -<p><var>fn</var>: the callback -</p> -<p><var>userdata</var>: data associated with the callback -</p> -<p>This function will set a callback function to be used when -required to access the object. This function overrides any other -global PIN functions. -</p> -<p>Note that this function must be called right after initialization -to have effect. -</p> -<p><strong>Since:</strong> 3.1.0 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fverify_005fdata2-1"></a> -<h4 class="subheading">gnutls_pubkey_verify_data2</h4> -<a name="gnutls_005fpubkey_005fverify_005fdata2"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fverify_005fdata2-1"></a>Function: <em>int</em> <strong>gnutls_pubkey_verify_data2</strong> <em>(gnutls_pubkey_t <var>pubkey</var>, gnutls_sign_algorithm_t <var>algo</var>, unsigned int <var>flags</var>, const gnutls_datum_t * <var>data</var>, const gnutls_datum_t * <var>signature</var>)</em></dt> -<dd><p><var>pubkey</var>: Holds the public key -</p> -<p><var>algo</var>: The signature algorithm used -</p> -<p><var>flags</var>: Zero or an OR list of <code>gnutls_certificate_verify_flags</code> -</p> -<p><var>data</var>: holds the signed data -</p> -<p><var>signature</var>: contains the signature -</p> -<p>This function will verify the given signed data, using the -parameters from the certificate. -</p> -<p><strong>Returns:</strong> In case of a verification failure <code>GNUTLS_E_PK_SIG_VERIFY_FAILED</code> -is returned, and zero or positive code on success. For known to be insecure -signatures this function will return <code>GNUTLS_E_INSUFFICIENT_SECURITY</code> unless -the flag <code>GNUTLS_VERIFY_ALLOW_BROKEN</code> is specified. -</p> -<p><strong>Since:</strong> 3.0 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fverify_005fhash2-1"></a> -<h4 class="subheading">gnutls_pubkey_verify_hash2</h4> -<a name="gnutls_005fpubkey_005fverify_005fhash2"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fverify_005fhash2-1"></a>Function: <em>int</em> <strong>gnutls_pubkey_verify_hash2</strong> <em>(gnutls_pubkey_t <var>key</var>, gnutls_sign_algorithm_t <var>algo</var>, unsigned int <var>flags</var>, const gnutls_datum_t * <var>hash</var>, const gnutls_datum_t * <var>signature</var>)</em></dt> -<dd><p><var>key</var>: Holds the public key -</p> -<p><var>algo</var>: The signature algorithm used -</p> -<p><var>flags</var>: Zero or an OR list of <code>gnutls_certificate_verify_flags</code> -</p> -<p><var>hash</var>: holds the hash digest to be verified -</p> -<p><var>signature</var>: contains the signature -</p> -<p>This function will verify the given signed digest, using the -parameters from the public key. Note that unlike <code>gnutls_privkey_sign_hash()</code> , -this function accepts a signature algorithm instead of a digest algorithm. -You can use <code>gnutls_pk_to_sign()</code> to get the appropriate value. -</p> -<p><strong>Returns:</strong> In case of a verification failure <code>GNUTLS_E_PK_SIG_VERIFY_FAILED</code> -is returned, and zero or positive code on success. -</p> -<p><strong>Since:</strong> 3.0 -</p></dd></dl> - -<a name="gnutls_005fpubkey_005fverify_005fparams-1"></a> -<h4 class="subheading">gnutls_pubkey_verify_params</h4> -<a name="gnutls_005fpubkey_005fverify_005fparams"></a><dl> -<dt><a name="index-gnutls_005fpubkey_005fverify_005fparams"></a>Function: <em>int</em> <strong>gnutls_pubkey_verify_params</strong> <em>(gnutls_pubkey_t <var>key</var>)</em></dt> -<dd><p><var>key</var>: should contain a <code>gnutls_pubkey_t</code> type -</p> -<p>This function will verify the private key parameters. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.3.0 -</p></dd></dl> - -<a name="gnutls_005fregister_005fcustom_005furl-1"></a> -<h4 class="subheading">gnutls_register_custom_url</h4> -<a name="gnutls_005fregister_005fcustom_005furl"></a><dl> -<dt><a name="index-gnutls_005fregister_005fcustom_005furl-1"></a>Function: <em>int</em> <strong>gnutls_register_custom_url</strong> <em>(const gnutls_custom_url_st * <var>st</var>)</em></dt> -<dd><p><var>st</var>: A <code>gnutls_custom_url_st</code> structure -</p> -<p>Register a custom URL. This will affect the following functions: -<code>gnutls_url_is_supported()</code> , <code>gnutls_privkey_import_url()</code> , -gnutls_pubkey_import_url, <code>gnutls_x509_crt_import_url()</code> -and all functions that depend on -them, e.g., <code>gnutls_certificate_set_x509_key_file2()</code> . -</p> -<p>The provided structure and callback functions must be valid throughout -the lifetime of the process. The registration of an existing URL type -will fail with <code>GNUTLS_E_INVALID_REQUEST</code> . Since GnuTLS 3.5.0 this function -can be used to override the builtin URLs. -</p> -<p>This function is not thread safe. -</p> -<p><strong>Returns:</strong> returns zero if the given structure was imported or a negative value otherwise. -</p> -<p><strong>Since:</strong> 3.4.0 -</p></dd></dl> - -<a name="gnutls_005fsystem_005fkey_005fadd_005fx509-1"></a> -<h4 class="subheading">gnutls_system_key_add_x509</h4> -<a name="gnutls_005fsystem_005fkey_005fadd_005fx509"></a><dl> -<dt><a name="index-gnutls_005fsystem_005fkey_005fadd_005fx509"></a>Function: <em>int</em> <strong>gnutls_system_key_add_x509</strong> <em>(gnutls_x509_crt_t <var>crt</var>, gnutls_x509_privkey_t <var>privkey</var>, const char * <var>label</var>, char ** <var>cert_url</var>, char ** <var>key_url</var>)</em></dt> -<dd><p><var>crt</var>: the certificate to be added -</p> -<p><var>privkey</var>: the key to be added -</p> -<p><var>label</var>: the friendly name to describe the key -</p> -<p><var>cert_url</var>: if non-NULL it will contain an allocated value with the certificate URL -</p> -<p><var>key_url</var>: if non-NULL it will contain an allocated value with the key URL -</p> -<p>This function will added the given key and certificate pair, -to the system list. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.4.0 -</p></dd></dl> - -<a name="gnutls_005fsystem_005fkey_005fdelete-1"></a> -<h4 class="subheading">gnutls_system_key_delete</h4> -<a name="gnutls_005fsystem_005fkey_005fdelete"></a><dl> -<dt><a name="index-gnutls_005fsystem_005fkey_005fdelete"></a>Function: <em>int</em> <strong>gnutls_system_key_delete</strong> <em>(const char * <var>cert_url</var>, const char * <var>key_url</var>)</em></dt> -<dd><p><var>cert_url</var>: the URL of the certificate -</p> -<p><var>key_url</var>: the URL of the key -</p> -<p>This function will delete the key and certificate pair. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.4.0 -</p></dd></dl> - -<a name="gnutls_005fsystem_005fkey_005fiter_005fdeinit-1"></a> -<h4 class="subheading">gnutls_system_key_iter_deinit</h4> -<a name="gnutls_005fsystem_005fkey_005fiter_005fdeinit"></a><dl> -<dt><a name="index-gnutls_005fsystem_005fkey_005fiter_005fdeinit"></a>Function: <em>void</em> <strong>gnutls_system_key_iter_deinit</strong> <em>(gnutls_system_key_iter_t <var>iter</var>)</em></dt> -<dd><p><var>iter</var>: an iterator of system keys -</p> -<p>This function will deinitialize the iterator. -</p> -<p><strong>Since:</strong> 3.4.0 -</p></dd></dl> - -<a name="gnutls_005fsystem_005fkey_005fiter_005fget_005finfo-1"></a> -<h4 class="subheading">gnutls_system_key_iter_get_info</h4> -<a name="gnutls_005fsystem_005fkey_005fiter_005fget_005finfo"></a><dl> -<dt><a name="index-gnutls_005fsystem_005fkey_005fiter_005fget_005finfo-1"></a>Function: <em>int</em> <strong>gnutls_system_key_iter_get_info</strong> <em>(gnutls_system_key_iter_t * <var>iter</var>, unsigned <var>cert_type</var>, char ** <var>cert_url</var>, char ** <var>key_url</var>, char ** <var>label</var>, gnutls_datum_t * <var>der</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>iter</var>: an iterator of the system keys (must be set to <code>NULL</code> initially) -</p> -<p><var>cert_type</var>: A value of gnutls_certificate_type_t which indicates the type of certificate to look for -</p> -<p><var>cert_url</var>: The certificate URL of the pair (may be <code>NULL</code> ) -</p> -<p><var>key_url</var>: The key URL of the pair (may be <code>NULL</code> ) -</p> -<p><var>label</var>: The friendly name (if any) of the pair (may be <code>NULL</code> ) -</p> -<p><var>der</var>: if non-NULL the DER data of the certificate -</p> -<p><var>flags</var>: should be zero -</p> -<p>This function will return on each call a certificate -and key pair URLs, as well as a label associated with them, -and the DER-encoded certificate. When the iteration is complete it will -return <code>GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code> . -</p> -<p>Typically <code>cert_type</code> should be <code>GNUTLS_CRT_X509</code> . -</p> -<p>All values set are allocated and must be cleared using <code>gnutls_free()</code> , -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 3.4.0 -</p></dd></dl> - -<a name="gnutls_005fx509_005fcrl_005fprivkey_005fsign-1"></a> -<h4 class="subheading">gnutls_x509_crl_privkey_sign</h4> -<a name="gnutls_005fx509_005fcrl_005fprivkey_005fsign"></a><dl> -<dt><a name="index-gnutls_005fx509_005fcrl_005fprivkey_005fsign-1"></a>Function: <em>int</em> <strong>gnutls_x509_crl_privkey_sign</strong> <em>(gnutls_x509_crl_t <var>crl</var>, gnutls_x509_crt_t <var>issuer</var>, gnutls_privkey_t <var>issuer_key</var>, gnutls_digest_algorithm_t <var>dig</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>crl</var>: should contain a gnutls_x509_crl_t type -</p> -<p><var>issuer</var>: is the certificate of the certificate issuer -</p> -<p><var>issuer_key</var>: holds the issuer’s private key -</p> -<p><var>dig</var>: The message digest to use. GNUTLS_DIG_SHA1 is the safe choice unless you know what you’re doing. -</p> -<p><var>flags</var>: must be 0 -</p> -<p>This function will sign the CRL with the issuer’s private key, and -will copy the issuer’s information into the CRL. -</p> -<p>This must be the last step in a certificate CRL since all -the previously set parameters are now signed. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p>Since 2.12.0 -</p></dd></dl> - -<a name="gnutls_005fx509_005fcrq_005fprivkey_005fsign-1"></a> -<h4 class="subheading">gnutls_x509_crq_privkey_sign</h4> -<a name="gnutls_005fx509_005fcrq_005fprivkey_005fsign"></a><dl> -<dt><a name="index-gnutls_005fx509_005fcrq_005fprivkey_005fsign"></a>Function: <em>int</em> <strong>gnutls_x509_crq_privkey_sign</strong> <em>(gnutls_x509_crq_t <var>crq</var>, gnutls_privkey_t <var>key</var>, gnutls_digest_algorithm_t <var>dig</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>crq</var>: should contain a <code>gnutls_x509_crq_t</code> type -</p> -<p><var>key</var>: holds a private key -</p> -<p><var>dig</var>: The message digest to use, i.e., <code>GNUTLS_DIG_SHA1</code> -</p> -<p><var>flags</var>: must be 0 -</p> -<p>This function will sign the certificate request with a private key. -This must be the same key as the one used in -<code>gnutls_x509_crt_set_key()</code> since a certificate request is self -signed. -</p> -<p>This must be the last step in a certificate request generation -since all the previously set parameters are now signed. -</p> -<p><strong>Returns:</strong> <code>GNUTLS_E_SUCCESS</code> on success, otherwise a negative error code. -<code>GNUTLS_E_ASN1_VALUE_NOT_FOUND</code> is returned if you didn’t set all -information in the certificate request (e.g., the version using -<code>gnutls_x509_crq_set_version()</code> ). -</p> -<p><strong>Since:</strong> 2.12.0 -</p></dd></dl> - -<a name="gnutls_005fx509_005fcrq_005fset_005fpubkey-1"></a> -<h4 class="subheading">gnutls_x509_crq_set_pubkey</h4> -<a name="gnutls_005fx509_005fcrq_005fset_005fpubkey"></a><dl> -<dt><a name="index-gnutls_005fx509_005fcrq_005fset_005fpubkey-1"></a>Function: <em>int</em> <strong>gnutls_x509_crq_set_pubkey</strong> <em>(gnutls_x509_crq_t <var>crq</var>, gnutls_pubkey_t <var>key</var>)</em></dt> -<dd><p><var>crq</var>: should contain a <code>gnutls_x509_crq_t</code> type -</p> -<p><var>key</var>: holds a public key -</p> -<p>This function will set the public parameters from the given public -key to the request. The <code>key</code> can be deallocated after that. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 2.12.0 -</p></dd></dl> - -<a name="gnutls_005fx509_005fcrt_005fprivkey_005fsign-1"></a> -<h4 class="subheading">gnutls_x509_crt_privkey_sign</h4> -<a name="gnutls_005fx509_005fcrt_005fprivkey_005fsign"></a><dl> -<dt><a name="index-gnutls_005fx509_005fcrt_005fprivkey_005fsign"></a>Function: <em>int</em> <strong>gnutls_x509_crt_privkey_sign</strong> <em>(gnutls_x509_crt_t <var>crt</var>, gnutls_x509_crt_t <var>issuer</var>, gnutls_privkey_t <var>issuer_key</var>, gnutls_digest_algorithm_t <var>dig</var>, unsigned int <var>flags</var>)</em></dt> -<dd><p><var>crt</var>: a certificate of type <code>gnutls_x509_crt_t</code> -</p> -<p><var>issuer</var>: is the certificate of the certificate issuer -</p> -<p><var>issuer_key</var>: holds the issuer’s private key -</p> -<p><var>dig</var>: The message digest to use, <code>GNUTLS_DIG_SHA1</code> is a safe choice -</p> -<p><var>flags</var>: must be 0 -</p> -<p>This function will sign the certificate with the issuer’s private key, and -will copy the issuer’s information into the certificate. -</p> -<p>This must be the last step in a certificate generation since all -the previously set parameters are now signed. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p></dd></dl> - -<a name="gnutls_005fx509_005fcrt_005fset_005fpubkey-1"></a> -<h4 class="subheading">gnutls_x509_crt_set_pubkey</h4> -<a name="gnutls_005fx509_005fcrt_005fset_005fpubkey"></a><dl> -<dt><a name="index-gnutls_005fx509_005fcrt_005fset_005fpubkey-1"></a>Function: <em>int</em> <strong>gnutls_x509_crt_set_pubkey</strong> <em>(gnutls_x509_crt_t <var>crt</var>, gnutls_pubkey_t <var>key</var>)</em></dt> -<dd><p><var>crt</var>: should contain a <code>gnutls_x509_crt_t</code> type -</p> -<p><var>key</var>: holds a public key -</p> -<p>This function will set the public parameters from the given public -key to the certificate. The <code>key</code> can be deallocated after that. -</p> -<p><strong>Returns:</strong> On success, <code>GNUTLS_E_SUCCESS</code> (0) is returned, otherwise a -negative error value. -</p> -<p><strong>Since:</strong> 2.12.0 -</p></dd></dl> - - -<hr> -<div class="header"> -<p> -Next: <a href="Socket-specific-API.html#Socket-specific-API" accesskey="n" rel="next">Socket specific API</a>, Previous: <a href="TPM-API.html#TPM-API" accesskey="p" rel="prev">TPM API</a>, Up: <a href="API-reference.html#API-reference" accesskey="u" rel="up">API reference</a> [<a href="index.html#SEC_Contents" title="Table of contents" rel="contents">Contents</a>][<a href="Function-and-Data-Index.html#Function-and-Data-Index" title="Index" rel="index">Index</a>]</p> -</div> - - - -</body> -</html> |