1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
|
#ifndef GNUTLS_CERT_H
# define GNUTLS_CERT_H
#include <gnutls_pk.h>
#include <x509_asn1.h>
#include <gnutls_ui.h>
typedef struct gnutls_cert {
MPI *params; /* the size of params depends on the public
* key algorithm
*/
PKAlgorithm subject_pk_algorithm;
gnutls_DN cert_info;
gnutls_DN issuer_info;
opaque subjectAltDNSName[X509_CN_SIZE];
int subjectAltDNSName_size;
opaque signature[1024];
int signature_size;
time_t expiration_time;
time_t activation_time;
int version; /* 1,2,3
*/
uint8 keyUsage; /* bits from X509KEY_*
*/
int valid; /* 0 if the certificate looks good.
*/
int CA; /* 0 if the certificate does not belong to
* a certificate authority. 1 otherwise.
*/
gnutls_datum raw; /* the raw certificate */
} gnutls_cert;
typedef struct {
MPI *params; /* the size of params depends on the public
* key algorithm
*/
PKAlgorithm pk_algorithm;
gnutls_datum raw; /* the raw key */
} gnutls_private_key;
int _gnutls_cert_supported_kx(gnutls_cert* cert, KXAlgorithm **alg, int *alg_size);
PKAlgorithm _gnutls_map_pk_get_pk(KXAlgorithm kx_algorithm);
int _gnutls_cert2gnutlsCert(gnutls_cert * gCert, gnutls_datum derCert);
gnutls_cert* _gnutls_find_cert( gnutls_cert** cert_list, int cert_list_length, const char* name);
int _gnutls_find_cert_list_index(gnutls_cert ** cert_list,
int cert_list_length, const char *name);
#define MAX_INT_DIGITS 4
void _gnutls_int2str(int k, char* data);
int _gnutls_get_name_type( node_asn *rasn, char *root, gnutls_DN * dn);
void gnutls_free_cert(gnutls_cert cert);
int _gnutls_check_x509_key_usage(gnutls_cert * cert, KXAlgorithm alg);
#endif
|
