diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-11-09 16:09:05 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-11-09 16:09:05 +0100 |
| commit | ae9579b464f25660279bbaf64b16fda3e0e4c32b (patch) | |
| tree | e2743d41cd2ba0a55416bab5027f780b07cdcdea | |
| parent | 6addbc37fc7354eb53cec911a52023caa1783632 (diff) | |
| download | gnutls-ae9579b464f25660279bbaf64b16fda3e0e4c32b.tar.gz | |
improved indentation in headers.
| -rw-r--r-- | lib/includes/gnutls/abstract.h | 717 | ||||
| -rw-r--r-- | lib/includes/gnutls/compat.h | 523 | ||||
| -rw-r--r-- | lib/includes/gnutls/crypto.h | 138 | ||||
| -rw-r--r-- | lib/includes/gnutls/dtls.h | 60 | ||||
| -rw-r--r-- | lib/includes/gnutls/gnutls.h.in | 2499 | ||||
| -rw-r--r-- | lib/includes/gnutls/ocsp.h | 281 | ||||
| -rw-r--r-- | lib/includes/gnutls/openpgp.h | 527 | ||||
| -rw-r--r-- | lib/includes/gnutls/pkcs11.h | 406 | ||||
| -rw-r--r-- | lib/includes/gnutls/pkcs12.h | 168 | ||||
| -rw-r--r-- | lib/includes/gnutls/tpm.h | 50 | ||||
| -rw-r--r-- | lib/includes/gnutls/x509.h | 1891 | ||||
| -rw-r--r-- | lib/includes/gnutls/xssl.h | 12 |
12 files changed, 3588 insertions, 3684 deletions
diff --git a/lib/includes/gnutls/abstract.h b/lib/includes/gnutls/abstract.h index 33767bc249..4f52bdd234 100644 --- a/lib/includes/gnutls/abstract.h +++ b/lib/includes/gnutls/abstract.h @@ -29,9 +29,11 @@ #include <gnutls/openpgp.h> #include <gnutls/tpm.h> +/* *INDENT-OFF* */ #ifdef __cplusplus extern "C" { #endif +/* *INDENT-ON* */ /* Public key operations */ @@ -46,209 +48,191 @@ extern "C" { * * Enumeration of different certificate import flags. */ - typedef enum gnutls_pubkey_flags { - GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA = 1, - GNUTLS_PUBKEY_DISABLE_CALLBACKS = 1 << 2, - GNUTLS_PUBKEY_GET_OPENPGP_FINGERPRINT = 1 << 3, - } gnutls_pubkey_flags_t; - - typedef int (*gnutls_privkey_sign_func) (gnutls_privkey_t key, - void *userdata, - const gnutls_datum_t * - raw_data, - gnutls_datum_t * - signature); - typedef int (*gnutls_privkey_decrypt_func) (gnutls_privkey_t key, - void *userdata, - const gnutls_datum_t * - ciphertext, - gnutls_datum_t * - plaintext); - - typedef void (*gnutls_privkey_deinit_func) (gnutls_privkey_t key, - void *userdata); - - int gnutls_pubkey_init(gnutls_pubkey_t * key); - void gnutls_pubkey_deinit(gnutls_pubkey_t key); - - void gnutls_pubkey_set_pin_function(gnutls_pubkey_t key, - gnutls_pin_callback_t fn, +typedef enum gnutls_pubkey_flags { + GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA = 1, + GNUTLS_PUBKEY_DISABLE_CALLBACKS = 1 << 2, + GNUTLS_PUBKEY_GET_OPENPGP_FINGERPRINT = 1 << 3, +} gnutls_pubkey_flags_t; + +typedef int (*gnutls_privkey_sign_func) (gnutls_privkey_t key, + void *userdata, + const gnutls_datum_t * + raw_data, + gnutls_datum_t * signature); +typedef int (*gnutls_privkey_decrypt_func) (gnutls_privkey_t key, + void *userdata, + const gnutls_datum_t * + ciphertext, + gnutls_datum_t * plaintext); + +typedef void (*gnutls_privkey_deinit_func) (gnutls_privkey_t key, void *userdata); - int gnutls_pubkey_get_pk_algorithm(gnutls_pubkey_t key, - unsigned int *bits); - - int gnutls_pubkey_import_x509(gnutls_pubkey_t key, - gnutls_x509_crt_t crt, - unsigned int flags); - int gnutls_pubkey_import_x509_crq(gnutls_pubkey_t key, - gnutls_x509_crq_t crq, - unsigned int flags); - int gnutls_pubkey_import_pkcs11(gnutls_pubkey_t key, - gnutls_pkcs11_obj_t obj, - unsigned int flags); - int gnutls_pubkey_import_openpgp(gnutls_pubkey_t key, - gnutls_openpgp_crt_t crt, - unsigned int flags); - - int gnutls_pubkey_import_openpgp_raw(gnutls_pubkey_t pkey, - const gnutls_datum_t * data, - gnutls_openpgp_crt_fmt_t - format, - const gnutls_openpgp_keyid_t - keyid, unsigned int flags); - int gnutls_pubkey_import_x509_raw(gnutls_pubkey_t pkey, - const gnutls_datum_t * data, - gnutls_x509_crt_fmt_t format, - unsigned int flags); - - int - gnutls_pubkey_import_privkey(gnutls_pubkey_t key, - gnutls_privkey_t pkey, - unsigned int usage, - unsigned int flags); - - int - gnutls_pubkey_import_tpm_url(gnutls_pubkey_t pkey, - const char *url, - const char *srk_password, - unsigned int flags); - - int - gnutls_pubkey_import_url(gnutls_pubkey_t key, const char *url, - unsigned int flags); +int gnutls_pubkey_init(gnutls_pubkey_t * key); +void gnutls_pubkey_deinit(gnutls_pubkey_t key); - int - gnutls_pubkey_import_tpm_raw(gnutls_pubkey_t pkey, - const gnutls_datum_t * fdata, - gnutls_tpmkey_fmt_t format, - const char *srk_password, - unsigned int flags); - - int gnutls_pubkey_get_preferred_hash_algorithm(gnutls_pubkey_t key, - gnutls_digest_algorithm_t - * hash, - unsigned int *mand); - - int gnutls_pubkey_get_pk_rsa_raw(gnutls_pubkey_t key, - gnutls_datum_t * m, - gnutls_datum_t * e); - int gnutls_pubkey_get_pk_dsa_raw(gnutls_pubkey_t key, - gnutls_datum_t * p, - gnutls_datum_t * q, - gnutls_datum_t * g, - gnutls_datum_t * y); - int gnutls_pubkey_get_pk_ecc_raw(gnutls_pubkey_t key, - gnutls_ecc_curve_t * curve, - gnutls_datum_t * x, - gnutls_datum_t * y); - int gnutls_pubkey_get_pk_ecc_x962(gnutls_pubkey_t key, - gnutls_datum_t * parameters, - gnutls_datum_t * ecpoint); - - int gnutls_pubkey_export(gnutls_pubkey_t key, - gnutls_x509_crt_fmt_t format, - void *output_data, - size_t * output_data_size); +void gnutls_pubkey_set_pin_function(gnutls_pubkey_t key, + gnutls_pin_callback_t fn, + void *userdata); - int gnutls_pubkey_export2(gnutls_pubkey_t key, +int gnutls_pubkey_get_pk_algorithm(gnutls_pubkey_t key, + unsigned int *bits); + +int gnutls_pubkey_import_x509(gnutls_pubkey_t key, + gnutls_x509_crt_t crt, unsigned int flags); +int gnutls_pubkey_import_x509_crq(gnutls_pubkey_t key, + gnutls_x509_crq_t crq, + unsigned int flags); +int gnutls_pubkey_import_pkcs11(gnutls_pubkey_t key, + gnutls_pkcs11_obj_t obj, + unsigned int flags); +int gnutls_pubkey_import_openpgp(gnutls_pubkey_t key, + gnutls_openpgp_crt_t crt, + unsigned int flags); + +int gnutls_pubkey_import_openpgp_raw(gnutls_pubkey_t pkey, + const gnutls_datum_t * data, + gnutls_openpgp_crt_fmt_t + format, + const gnutls_openpgp_keyid_t + keyid, unsigned int flags); +int gnutls_pubkey_import_x509_raw(gnutls_pubkey_t pkey, + const gnutls_datum_t * data, gnutls_x509_crt_fmt_t format, - gnutls_datum_t * out); - - int gnutls_pubkey_get_key_id(gnutls_pubkey_t key, - unsigned int flags, - unsigned char *output_data, - size_t * output_data_size); - - int - gnutls_pubkey_get_openpgp_key_id(gnutls_pubkey_t key, - unsigned int flags, - unsigned char *output_data, - size_t * output_data_size, - unsigned int *subkey); - - int gnutls_pubkey_get_key_usage(gnutls_pubkey_t key, - unsigned int *usage); - int gnutls_pubkey_set_key_usage(gnutls_pubkey_t key, - unsigned int usage); - - int gnutls_pubkey_import(gnutls_pubkey_t key, - const gnutls_datum_t * data, - gnutls_x509_crt_fmt_t format); - - - int gnutls_pubkey_import_pkcs11_url(gnutls_pubkey_t key, - const char *url, - unsigned int flags - /* GNUTLS_PKCS11_OBJ_FLAG_* */ - ); - int gnutls_pubkey_import_dsa_raw(gnutls_pubkey_t key, - const gnutls_datum_t * p, - const gnutls_datum_t * q, - const gnutls_datum_t * g, - const gnutls_datum_t * y); - int gnutls_pubkey_import_rsa_raw(gnutls_pubkey_t key, - const gnutls_datum_t * m, - const gnutls_datum_t * e); - - int - gnutls_pubkey_import_ecc_x962(gnutls_pubkey_t key, - const gnutls_datum_t * parameters, - const gnutls_datum_t * ecpoint); - - int - gnutls_pubkey_import_ecc_raw(gnutls_pubkey_t key, - gnutls_ecc_curve_t curve, - const gnutls_datum_t * x, - const gnutls_datum_t * y); - - int - gnutls_pubkey_encrypt_data(gnutls_pubkey_t key, - unsigned int flags, - const gnutls_datum_t * plaintext, - gnutls_datum_t * ciphertext); - - int gnutls_x509_crt_set_pubkey(gnutls_x509_crt_t crt, - gnutls_pubkey_t key); - - int gnutls_x509_crq_set_pubkey(gnutls_x509_crq_t crq, - gnutls_pubkey_t key); - - int - gnutls_pubkey_verify_hash2(gnutls_pubkey_t key, - gnutls_sign_algorithm_t algo, - unsigned int flags, - const gnutls_datum_t * hash, - const gnutls_datum_t * signature); - - int - gnutls_pubkey_get_verify_algorithm(gnutls_pubkey_t key, - const gnutls_datum_t * - signature, - gnutls_digest_algorithm_t * - hash); + unsigned int flags); - int - gnutls_pubkey_verify_data2(gnutls_pubkey_t pubkey, - gnutls_sign_algorithm_t algo, - unsigned int flags, - const gnutls_datum_t * data, - const gnutls_datum_t * signature); +int +gnutls_pubkey_import_privkey(gnutls_pubkey_t key, + gnutls_privkey_t pkey, + unsigned int usage, unsigned int flags); + +int +gnutls_pubkey_import_tpm_url(gnutls_pubkey_t pkey, + const char *url, + const char *srk_password, unsigned int flags); + +int +gnutls_pubkey_import_url(gnutls_pubkey_t key, const char *url, + unsigned int flags); + +int +gnutls_pubkey_import_tpm_raw(gnutls_pubkey_t pkey, + const gnutls_datum_t * fdata, + gnutls_tpmkey_fmt_t format, + const char *srk_password, unsigned int flags); + +int gnutls_pubkey_get_preferred_hash_algorithm(gnutls_pubkey_t key, + gnutls_digest_algorithm_t + * hash, unsigned int *mand); + +int gnutls_pubkey_get_pk_rsa_raw(gnutls_pubkey_t key, + gnutls_datum_t * m, gnutls_datum_t * e); +int gnutls_pubkey_get_pk_dsa_raw(gnutls_pubkey_t key, + gnutls_datum_t * p, + gnutls_datum_t * q, + gnutls_datum_t * g, gnutls_datum_t * y); +int gnutls_pubkey_get_pk_ecc_raw(gnutls_pubkey_t key, + gnutls_ecc_curve_t * curve, + gnutls_datum_t * x, gnutls_datum_t * y); +int gnutls_pubkey_get_pk_ecc_x962(gnutls_pubkey_t key, + gnutls_datum_t * parameters, + gnutls_datum_t * ecpoint); + +int gnutls_pubkey_export(gnutls_pubkey_t key, + gnutls_x509_crt_fmt_t format, + void *output_data, size_t * output_data_size); + +int gnutls_pubkey_export2(gnutls_pubkey_t key, + gnutls_x509_crt_fmt_t format, + gnutls_datum_t * out); + +int gnutls_pubkey_get_key_id(gnutls_pubkey_t key, + unsigned int flags, + unsigned char *output_data, + size_t * output_data_size); + +int +gnutls_pubkey_get_openpgp_key_id(gnutls_pubkey_t key, + unsigned int flags, + unsigned char *output_data, + size_t * output_data_size, + unsigned int *subkey); + +int gnutls_pubkey_get_key_usage(gnutls_pubkey_t key, unsigned int *usage); +int gnutls_pubkey_set_key_usage(gnutls_pubkey_t key, unsigned int usage); + +int gnutls_pubkey_import(gnutls_pubkey_t key, + const gnutls_datum_t * data, + gnutls_x509_crt_fmt_t format); + + +int gnutls_pubkey_import_pkcs11_url(gnutls_pubkey_t key, + const char *url, unsigned int flags + /* GNUTLS_PKCS11_OBJ_FLAG_* */ + ); +int gnutls_pubkey_import_dsa_raw(gnutls_pubkey_t key, + const gnutls_datum_t * p, + const gnutls_datum_t * q, + const gnutls_datum_t * g, + const gnutls_datum_t * y); +int gnutls_pubkey_import_rsa_raw(gnutls_pubkey_t key, + const gnutls_datum_t * m, + const gnutls_datum_t * e); + +int +gnutls_pubkey_import_ecc_x962(gnutls_pubkey_t key, + const gnutls_datum_t * parameters, + const gnutls_datum_t * ecpoint); + +int +gnutls_pubkey_import_ecc_raw(gnutls_pubkey_t key, + gnutls_ecc_curve_t curve, + const gnutls_datum_t * x, + const gnutls_datum_t * y); + +int +gnutls_pubkey_encrypt_data(gnutls_pubkey_t key, + unsigned int flags, + const gnutls_datum_t * plaintext, + gnutls_datum_t * ciphertext); + +int gnutls_x509_crt_set_pubkey(gnutls_x509_crt_t crt, gnutls_pubkey_t key); + +int gnutls_x509_crq_set_pubkey(gnutls_x509_crq_t crq, gnutls_pubkey_t key); + +int +gnutls_pubkey_verify_hash2(gnutls_pubkey_t key, + gnutls_sign_algorithm_t algo, + unsigned int flags, + const gnutls_datum_t * hash, + const gnutls_datum_t * signature); + +int +gnutls_pubkey_get_verify_algorithm(gnutls_pubkey_t key, + const gnutls_datum_t * + signature, + gnutls_digest_algorithm_t * hash); + +int +gnutls_pubkey_verify_data2(gnutls_pubkey_t pubkey, + gnutls_sign_algorithm_t algo, + unsigned int flags, + const gnutls_datum_t * data, + const gnutls_datum_t * signature); /* Private key operations */ - int gnutls_privkey_init(gnutls_privkey_t * key); - void gnutls_privkey_deinit(gnutls_privkey_t key); +int gnutls_privkey_init(gnutls_privkey_t * key); +void gnutls_privkey_deinit(gnutls_privkey_t key); - void gnutls_privkey_set_pin_function(gnutls_privkey_t key, - gnutls_pin_callback_t fn, - void *userdata); +void gnutls_privkey_set_pin_function(gnutls_privkey_t key, + gnutls_pin_callback_t fn, + void *userdata); - int gnutls_privkey_get_pk_algorithm(gnutls_privkey_t key, - unsigned int *bits); - gnutls_privkey_type_t gnutls_privkey_get_type(gnutls_privkey_t - key); - int gnutls_privkey_status(gnutls_privkey_t key); +int gnutls_privkey_get_pk_algorithm(gnutls_privkey_t key, + unsigned int *bits); +gnutls_privkey_type_t gnutls_privkey_get_type(gnutls_privkey_t key); +int gnutls_privkey_status(gnutls_privkey_t key); /** * gnutls_privkey_flags: @@ -261,109 +245,109 @@ extern "C" { * * Enumeration of different certificate import flags. */ - typedef enum gnutls_privkey_flags { - GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE = 1, - GNUTLS_PRIVKEY_IMPORT_COPY = 1 << 1, - GNUTLS_PRIVKEY_DISABLE_CALLBACKS = 1 << 2, - GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA = 1 << 4, - } gnutls_privkey_flags_t; - - int gnutls_privkey_import_pkcs11(gnutls_privkey_t pkey, - gnutls_pkcs11_privkey_t key, - unsigned int flags); - int gnutls_privkey_import_x509(gnutls_privkey_t pkey, - gnutls_x509_privkey_t key, - unsigned int flags); - int gnutls_privkey_import_openpgp(gnutls_privkey_t pkey, - gnutls_openpgp_privkey_t key, - unsigned int flags); - - int gnutls_privkey_import_openpgp_raw(gnutls_privkey_t pkey, - const gnutls_datum_t * data, - gnutls_openpgp_crt_fmt_t - format, - const gnutls_openpgp_keyid_t - keyid, const char *password); - - int gnutls_privkey_import_x509_raw(gnutls_privkey_t pkey, - const gnutls_datum_t * data, - gnutls_x509_crt_fmt_t format, - const char *password, - unsigned int flags); - - int - gnutls_privkey_import_tpm_raw(gnutls_privkey_t pkey, - const gnutls_datum_t * fdata, - gnutls_tpmkey_fmt_t format, - const char *srk_password, - const char *key_password, - unsigned int flags); - - int - gnutls_privkey_import_tpm_url(gnutls_privkey_t pkey, - const char *url, - const char *srk_password, - const char *key_password, - unsigned int flags); - - int gnutls_privkey_import_url(gnutls_privkey_t key, - const char *url, unsigned int flags); - - int gnutls_privkey_import_pkcs11_url(gnutls_privkey_t key, - const char *url); - - int - gnutls_privkey_import_ext(gnutls_privkey_t pkey, - gnutls_pk_algorithm_t pk, - void *userdata, - gnutls_privkey_sign_func sign_func, - gnutls_privkey_decrypt_func - decrypt_func, unsigned int flags); - - int - gnutls_privkey_import_ext2(gnutls_privkey_t pkey, - gnutls_pk_algorithm_t pk, - void *userdata, - gnutls_privkey_sign_func sign_func, - gnutls_privkey_decrypt_func - decrypt_func, - gnutls_privkey_deinit_func deinit_func, - unsigned int flags); - - int gnutls_privkey_sign_data(gnutls_privkey_t signer, - gnutls_digest_algorithm_t hash, - unsigned int flags, - const gnutls_datum_t * data, - gnutls_datum_t * signature); - - int gnutls_privkey_sign_hash(gnutls_privkey_t signer, - gnutls_digest_algorithm_t hash_algo, - unsigned int flags, - const gnutls_datum_t * hash_data, - gnutls_datum_t * signature); - - - int gnutls_privkey_decrypt_data(gnutls_privkey_t key, - unsigned int flags, - const gnutls_datum_t * ciphertext, - gnutls_datum_t * plaintext); - - int gnutls_x509_crt_privkey_sign(gnutls_x509_crt_t crt, - gnutls_x509_crt_t issuer, - gnutls_privkey_t issuer_key, - gnutls_digest_algorithm_t dig, - unsigned int flags); - - int gnutls_x509_crl_privkey_sign(gnutls_x509_crl_t crl, - gnutls_x509_crt_t issuer, - gnutls_privkey_t issuer_key, - gnutls_digest_algorithm_t dig, - unsigned int flags); +typedef enum gnutls_privkey_flags { + GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE = 1, + GNUTLS_PRIVKEY_IMPORT_COPY = 1 << 1, + GNUTLS_PRIVKEY_DISABLE_CALLBACKS = 1 << 2, + GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA = 1 << 4, +} gnutls_privkey_flags_t; + +int gnutls_privkey_import_pkcs11(gnutls_privkey_t pkey, + gnutls_pkcs11_privkey_t key, + unsigned int flags); +int gnutls_privkey_import_x509(gnutls_privkey_t pkey, + gnutls_x509_privkey_t key, + unsigned int flags); +int gnutls_privkey_import_openpgp(gnutls_privkey_t pkey, + gnutls_openpgp_privkey_t key, + unsigned int flags); - int gnutls_x509_crq_privkey_sign(gnutls_x509_crq_t crq, - gnutls_privkey_t key, - gnutls_digest_algorithm_t dig, - unsigned int flags); +int gnutls_privkey_import_openpgp_raw(gnutls_privkey_t pkey, + const gnutls_datum_t * data, + gnutls_openpgp_crt_fmt_t + format, + const gnutls_openpgp_keyid_t + keyid, const char *password); + +int gnutls_privkey_import_x509_raw(gnutls_privkey_t pkey, + const gnutls_datum_t * data, + gnutls_x509_crt_fmt_t format, + const char *password, + unsigned int flags); + +int +gnutls_privkey_import_tpm_raw(gnutls_privkey_t pkey, + const gnutls_datum_t * fdata, + gnutls_tpmkey_fmt_t format, + const char *srk_password, + const char *key_password, + unsigned int flags); + +int +gnutls_privkey_import_tpm_url(gnutls_privkey_t pkey, + const char *url, + const char *srk_password, + const char *key_password, + unsigned int flags); + +int gnutls_privkey_import_url(gnutls_privkey_t key, + const char *url, unsigned int flags); + +int gnutls_privkey_import_pkcs11_url(gnutls_privkey_t key, + const char *url); + +int +gnutls_privkey_import_ext(gnutls_privkey_t pkey, + gnutls_pk_algorithm_t pk, + void *userdata, + gnutls_privkey_sign_func sign_func, + gnutls_privkey_decrypt_func + decrypt_func, unsigned int flags); + +int +gnutls_privkey_import_ext2(gnutls_privkey_t pkey, + gnutls_pk_algorithm_t pk, + void *userdata, + gnutls_privkey_sign_func sign_func, + gnutls_privkey_decrypt_func + decrypt_func, + gnutls_privkey_deinit_func deinit_func, + unsigned int flags); + +int gnutls_privkey_sign_data(gnutls_privkey_t signer, + gnutls_digest_algorithm_t hash, + unsigned int flags, + const gnutls_datum_t * data, + gnutls_datum_t * signature); + +int gnutls_privkey_sign_hash(gnutls_privkey_t signer, + gnutls_digest_algorithm_t hash_algo, + unsigned int flags, + const gnutls_datum_t * hash_data, + gnutls_datum_t * signature); + + +int gnutls_privkey_decrypt_data(gnutls_privkey_t key, + unsigned int flags, + const gnutls_datum_t * ciphertext, + gnutls_datum_t * plaintext); + +int gnutls_x509_crt_privkey_sign(gnutls_x509_crt_t crt, + gnutls_x509_crt_t issuer, + gnutls_privkey_t issuer_key, + gnutls_digest_algorithm_t dig, + unsigned int flags); + +int gnutls_x509_crl_privkey_sign(gnutls_x509_crl_t crl, + gnutls_x509_crt_t issuer, + gnutls_privkey_t issuer_key, + gnutls_digest_algorithm_t dig, + unsigned int flags); + +int gnutls_x509_crq_privkey_sign(gnutls_x509_crq_t crq, + gnutls_privkey_t key, + gnutls_digest_algorithm_t dig, + unsigned int flags); /** * gnutls_pcert_st: @@ -373,101 +357,98 @@ extern "C" { * * A parsed certificate. */ - typedef struct gnutls_pcert_st { - gnutls_pubkey_t pubkey; - gnutls_datum_t cert; - gnutls_certificate_type_t type; - } gnutls_pcert_st; +typedef struct gnutls_pcert_st { + gnutls_pubkey_t pubkey; + gnutls_datum_t cert; + gnutls_certificate_type_t type; +} gnutls_pcert_st; /* Do not initialize the "cert" element of * the certificate */ #define GNUTLS_PCERT_NO_CERT 1 - int gnutls_pcert_import_x509(gnutls_pcert_st * pcert, - gnutls_x509_crt_t crt, - unsigned int flags); +int gnutls_pcert_import_x509(gnutls_pcert_st * pcert, + gnutls_x509_crt_t crt, unsigned int flags); - int - gnutls_pcert_list_import_x509_raw(gnutls_pcert_st * pcerts, - unsigned int *pcert_max, - const gnutls_datum_t * data, - gnutls_x509_crt_fmt_t format, - unsigned int flags); +int +gnutls_pcert_list_import_x509_raw(gnutls_pcert_st * pcerts, + unsigned int *pcert_max, + const gnutls_datum_t * data, + gnutls_x509_crt_fmt_t format, + unsigned int flags); - int gnutls_pcert_import_x509_raw(gnutls_pcert_st * pcert, - const gnutls_datum_t * cert, - gnutls_x509_crt_fmt_t format, - unsigned int flags); +int gnutls_pcert_import_x509_raw(gnutls_pcert_st * pcert, + const gnutls_datum_t * cert, + gnutls_x509_crt_fmt_t format, + unsigned int flags); - int gnutls_pcert_import_openpgp_raw(gnutls_pcert_st * pcert, - const gnutls_datum_t * cert, - gnutls_openpgp_crt_fmt_t - format, - gnutls_openpgp_keyid_t keyid, - unsigned int flags); +int gnutls_pcert_import_openpgp_raw(gnutls_pcert_st * pcert, + const gnutls_datum_t * cert, + gnutls_openpgp_crt_fmt_t + format, + gnutls_openpgp_keyid_t keyid, + unsigned int flags); - int gnutls_pcert_import_openpgp(gnutls_pcert_st * pcert, - gnutls_openpgp_crt_t crt, - unsigned int flags); +int gnutls_pcert_import_openpgp(gnutls_pcert_st * pcert, + gnutls_openpgp_crt_t crt, + unsigned int flags); - void gnutls_pcert_deinit(gnutls_pcert_st * pcert); +void gnutls_pcert_deinit(gnutls_pcert_st * pcert); /* For certificate credentials */ /* This is the same as gnutls_certificate_retrieve_function() * but retrieves a gnutls_pcert_st which requires much less processing * within the library. */ - typedef int gnutls_certificate_retrieve_function2(gnutls_session_t, - const - gnutls_datum_t * - req_ca_rdn, - int nreqs, const - gnutls_pk_algorithm_t - * pk_algos, - int - pk_algos_length, - gnutls_pcert_st - **, - unsigned int - *pcert_length, - gnutls_privkey_t - * privkey); - - - void gnutls_certificate_set_retrieve_function2 - (gnutls_certificate_credentials_t cred, - gnutls_certificate_retrieve_function2 * func); - - int - gnutls_certificate_set_key(gnutls_certificate_credentials_t res, - const char **names, - int names_size, - gnutls_pcert_st * pcert_list, - int pcert_list_size, - gnutls_privkey_t key); +typedef int gnutls_certificate_retrieve_function2(gnutls_session_t, + const + gnutls_datum_t * + req_ca_rdn, + int nreqs, const + gnutls_pk_algorithm_t + * pk_algos, + int + pk_algos_length, + gnutls_pcert_st + **, unsigned int + *pcert_length, + gnutls_privkey_t + * privkey); + + +void gnutls_certificate_set_retrieve_function2 + (gnutls_certificate_credentials_t cred, + gnutls_certificate_retrieve_function2 * func); + +int +gnutls_certificate_set_key(gnutls_certificate_credentials_t res, + const char **names, + int names_size, + gnutls_pcert_st * pcert_list, + int pcert_list_size, gnutls_privkey_t key); #include <gnutls/compat.h> - int gnutls_pubkey_verify_data(gnutls_pubkey_t pubkey, - unsigned int flags, - const gnutls_datum_t * data, - const gnutls_datum_t * - signature) - _GNUTLS_GCC_ATTR_DEPRECATED; - - int gnutls_pubkey_verify_hash(gnutls_pubkey_t key, - unsigned int flags, - const gnutls_datum_t * hash, - const gnutls_datum_t * - signature) - _GNUTLS_GCC_ATTR_DEPRECATED; - - int - gnutls_pubkey_print(gnutls_pubkey_t pubkey, - gnutls_certificate_print_formats_t format, - gnutls_datum_t * out); +int gnutls_pubkey_verify_data(gnutls_pubkey_t pubkey, + unsigned int flags, + const gnutls_datum_t * data, + const gnutls_datum_t * + signature) _GNUTLS_GCC_ATTR_DEPRECATED; + +int gnutls_pubkey_verify_hash(gnutls_pubkey_t key, + unsigned int flags, + const gnutls_datum_t * hash, + const gnutls_datum_t * + signature) _GNUTLS_GCC_ATTR_DEPRECATED; + +int +gnutls_pubkey_print(gnutls_pubkey_t pubkey, + gnutls_certificate_print_formats_t format, + gnutls_datum_t * out); +/* *INDENT-OFF* */ #ifdef __cplusplus } #endif +/* *INDENT-ON* */ #endif diff --git a/lib/includes/gnutls/compat.h b/lib/includes/gnutls/compat.h index 4a330e5bfb..7fa7a91440 100644 --- a/lib/includes/gnutls/compat.h +++ b/lib/includes/gnutls/compat.h @@ -25,9 +25,11 @@ #ifndef _GNUTLS_COMPAT_H #define _GNUTLS_COMPAT_H +/* *INDENT-OFF* */ #ifdef __cplusplus extern "C" { #endif +/* *INDENT-ON* */ #ifdef __GNUC__ @@ -46,77 +48,70 @@ extern "C" { #endif /* gnutls_connection_end_t was made redundant in 2.99.0 */ - typedef unsigned int gnutls_connection_end_t - _GNUTLS_GCC_ATTR_DEPRECATED; +typedef unsigned int gnutls_connection_end_t _GNUTLS_GCC_ATTR_DEPRECATED; /* Stuff deprected in 2.x */ - typedef gnutls_cipher_algorithm_t gnutls_cipher_algorithm - _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_kx_algorithm_t gnutls_kx_algorithm - _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_mac_algorithm_t gnutls_mac_algorithm - _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_digest_algorithm_t gnutls_digest_algorithm - _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_compression_method_t gnutls_compression_method - _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_connection_end_t gnutls_connection_end - _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_x509_crt_fmt_t gnutls_x509_crt_fmt - _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_pk_algorithm_t gnutls_pk_algorithm - _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_sign_algorithm_t gnutls_sign_algorithm - _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_close_request_t gnutls_close_request - _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_certificate_request_t gnutls_certificate_request - _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_certificate_status_t gnutls_certificate_status - _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_session_t gnutls_session - _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_alert_level_t gnutls_alert_level - _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_alert_description_t gnutls_alert_description - _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_x509_subject_alt_name_t gnutls_x509_subject_alt_name - _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_openpgp_privkey_t gnutls_openpgp_privkey - _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_openpgp_keyring_t gnutls_openpgp_keyring - _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_x509_crt_t gnutls_x509_crt - _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_x509_privkey_t gnutls_x509_privkey - _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_x509_crl_t gnutls_x509_crl - _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_x509_crq_t gnutls_x509_crq - _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_certificate_credentials_t - gnutls_certificate_credentials _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_anon_server_credentials_t - gnutls_anon_server_credentials _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_anon_client_credentials_t - gnutls_anon_client_credentials _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_srp_client_credentials_t - gnutls_srp_client_credentials _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_srp_server_credentials_t - gnutls_srp_server_credentials _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_dh_params_t gnutls_dh_params - _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_rsa_params_t gnutls_rsa_params - _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_params_type_t gnutls_params_type - _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_credentials_type_t gnutls_credentials_type - _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_certificate_type_t gnutls_certificate_type - _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_datum_t gnutls_datum _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_transport_ptr_t gnutls_transport_ptr - _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_cipher_algorithm_t gnutls_cipher_algorithm + _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_kx_algorithm_t gnutls_kx_algorithm + _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_mac_algorithm_t gnutls_mac_algorithm + _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_digest_algorithm_t gnutls_digest_algorithm + _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_compression_method_t gnutls_compression_method + _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_connection_end_t gnutls_connection_end + _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_x509_crt_fmt_t gnutls_x509_crt_fmt + _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_pk_algorithm_t gnutls_pk_algorithm + _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_sign_algorithm_t gnutls_sign_algorithm + _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_close_request_t gnutls_close_request + _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_certificate_request_t gnutls_certificate_request + _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_certificate_status_t gnutls_certificate_status + _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_session_t gnutls_session _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_alert_level_t gnutls_alert_level + _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_alert_description_t gnutls_alert_description + _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_x509_subject_alt_name_t gnutls_x509_subject_alt_name + _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_openpgp_privkey_t gnutls_openpgp_privkey + _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_openpgp_keyring_t gnutls_openpgp_keyring + _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_x509_crt_t gnutls_x509_crt _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_x509_privkey_t gnutls_x509_privkey + _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_x509_crl_t gnutls_x509_crl _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_x509_crq_t gnutls_x509_crq _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_certificate_credentials_t + gnutls_certificate_credentials _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_anon_server_credentials_t + gnutls_anon_server_credentials _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_anon_client_credentials_t + gnutls_anon_client_credentials _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_srp_client_credentials_t + gnutls_srp_client_credentials _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_srp_server_credentials_t + gnutls_srp_server_credentials _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_dh_params_t gnutls_dh_params _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_rsa_params_t gnutls_rsa_params _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_params_type_t gnutls_params_type + _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_credentials_type_t gnutls_credentials_type + _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_certificate_type_t gnutls_certificate_type + _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_datum_t gnutls_datum _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_transport_ptr_t gnutls_transport_ptr + _GNUTLS_GCC_ATTR_DEPRECATED; /* Old SRP alerts removed in 2.1.x because the TLS-SRP RFC was modified to use the PSK alert. */ @@ -127,10 +122,10 @@ extern "C" { #define GNUTLS_OPENPGP_KEY GNUTLS_OPENPGP_CERT #define GNUTLS_OPENPGP_KEY_FINGERPRINT GNUTLS_OPENPGP_CERT_FINGERPRINT #define gnutls_openpgp_send_key gnutls_openpgp_send_cert - typedef gnutls_openpgp_crt_status_t gnutls_openpgp_key_status_t - _GNUTLS_GCC_ATTR_DEPRECATED; - typedef gnutls_openpgp_crt_t gnutls_openpgp_key_t - _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_openpgp_crt_status_t gnutls_openpgp_key_status_t + _GNUTLS_GCC_ATTR_DEPRECATED; +typedef gnutls_openpgp_crt_t gnutls_openpgp_key_t + _GNUTLS_GCC_ATTR_DEPRECATED; #define gnutls_openpgp_key_init gnutls_openpgp_crt_init #define gnutls_openpgp_key_deinit gnutls_openpgp_crt_deinit #define gnutls_openpgp_key_import gnutls_openpgp_crt_import @@ -165,244 +160,242 @@ extern "C" { /* The gnutls_retr_st was deprecated by gnutls_certificate_retrieve_function() * and gnutls_retr2_st. */ - typedef struct gnutls_retr_st { - gnutls_certificate_type_t type; - union { - gnutls_x509_crt_t *x509; - gnutls_openpgp_crt_t pgp; - } cert; - unsigned int ncerts; /* one for pgp keys */ - - union { - gnutls_x509_privkey_t x509; - gnutls_openpgp_privkey_t pgp; - } key; - - unsigned int deinit_all; /* if non zero all keys will be deinited */ - } gnutls_retr_st; - - typedef int - gnutls_certificate_client_retrieve_function(gnutls_session_t, - const - gnutls_datum_t * - req_ca_rdn, - int nreqs, const - gnutls_pk_algorithm_t - * pk_algos, int - pk_algos_length, - gnutls_retr_st *); - typedef int - gnutls_certificate_server_retrieve_function(gnutls_session_t, - gnutls_retr_st *); - - void gnutls_certificate_client_set_retrieve_function - (gnutls_certificate_credentials_t cred, - gnutls_certificate_client_retrieve_function * - func) _GNUTLS_GCC_ATTR_DEPRECATED; - void - gnutls_certificate_server_set_retrieve_function - (gnutls_certificate_credentials_t cred, - gnutls_certificate_server_retrieve_function * - func) _GNUTLS_GCC_ATTR_DEPRECATED; +typedef struct gnutls_retr_st { + gnutls_certificate_type_t type; + union { + gnutls_x509_crt_t *x509; + gnutls_openpgp_crt_t pgp; + } cert; + unsigned int ncerts; /* one for pgp keys */ + + union { + gnutls_x509_privkey_t x509; + gnutls_openpgp_privkey_t pgp; + } key; + + unsigned int deinit_all; /* if non zero all keys will be deinited */ +} gnutls_retr_st; + +typedef int +gnutls_certificate_client_retrieve_function(gnutls_session_t, + const + gnutls_datum_t * + req_ca_rdn, + int nreqs, const + gnutls_pk_algorithm_t + * pk_algos, int + pk_algos_length, + gnutls_retr_st *); +typedef int +gnutls_certificate_server_retrieve_function(gnutls_session_t, + gnutls_retr_st *); + +void gnutls_certificate_client_set_retrieve_function + (gnutls_certificate_credentials_t cred, + gnutls_certificate_client_retrieve_function * + func) _GNUTLS_GCC_ATTR_DEPRECATED; +void + gnutls_certificate_server_set_retrieve_function + (gnutls_certificate_credentials_t cred, + gnutls_certificate_server_retrieve_function * + func) _GNUTLS_GCC_ATTR_DEPRECATED; /* External signing callback. No longer supported because it * was deprecated by the PKCS #11 API or gnutls_privkey_import_ext. */ - typedef int (*gnutls_sign_func) (gnutls_session_t session, - void *userdata, - gnutls_certificate_type_t - cert_type, - const gnutls_datum_t * cert, - const gnutls_datum_t * hash, - gnutls_datum_t * signature); - - void - gnutls_sign_callback_set(gnutls_session_t session, - gnutls_sign_func sign_func, - void *userdata) - _GNUTLS_GCC_ATTR_DEPRECATED; - gnutls_sign_func - gnutls_sign_callback_get(gnutls_session_t session, - void **userdata) - _GNUTLS_GCC_ATTR_DEPRECATED; +typedef int (*gnutls_sign_func) (gnutls_session_t session, + void *userdata, + gnutls_certificate_type_t + cert_type, + const gnutls_datum_t * cert, + const gnutls_datum_t * hash, + gnutls_datum_t * signature); + +void +gnutls_sign_callback_set(gnutls_session_t session, + gnutls_sign_func sign_func, + void *userdata) _GNUTLS_GCC_ATTR_DEPRECATED; +gnutls_sign_func +gnutls_sign_callback_get(gnutls_session_t session, + void **userdata) _GNUTLS_GCC_ATTR_DEPRECATED; /* This is a very dangerous and error-prone function. * Use gnutls_privkey_sign_hash() instead. */ - int gnutls_x509_privkey_sign_hash(gnutls_x509_privkey_t key, - const gnutls_datum_t * hash, - gnutls_datum_t * signature) - _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_x509_privkey_sign_hash(gnutls_x509_privkey_t key, + const gnutls_datum_t * hash, + gnutls_datum_t * signature) + _GNUTLS_GCC_ATTR_DEPRECATED; - int gnutls_openpgp_privkey_sign_hash(gnutls_openpgp_privkey_t key, - const gnutls_datum_t * hash, - gnutls_datum_t * signature) - _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_openpgp_privkey_sign_hash(gnutls_openpgp_privkey_t key, + const gnutls_datum_t * hash, + gnutls_datum_t * signature) + _GNUTLS_GCC_ATTR_DEPRECATED; /* we support the gnutls_privkey_sign_data() instead. */ - int gnutls_x509_privkey_sign_data(gnutls_x509_privkey_t key, - gnutls_digest_algorithm_t digest, - unsigned int flags, - const gnutls_datum_t * data, - void *signature, - size_t * signature_size) - _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_x509_privkey_sign_data(gnutls_x509_privkey_t key, + gnutls_digest_algorithm_t digest, + unsigned int flags, + const gnutls_datum_t * data, + void *signature, + size_t * signature_size) + _GNUTLS_GCC_ATTR_DEPRECATED; /* gnutls_pubkey_verify_data() */ - int gnutls_x509_crt_verify_data(gnutls_x509_crt_t crt, - unsigned int flags, - const gnutls_datum_t * data, - const gnutls_datum_t * signature) - _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_x509_crt_verify_data(gnutls_x509_crt_t crt, + unsigned int flags, + const gnutls_datum_t * data, + const gnutls_datum_t * signature) + _GNUTLS_GCC_ATTR_DEPRECATED; /* gnutls_pubkey_verify_hash() */ - int gnutls_x509_crt_verify_hash(gnutls_x509_crt_t crt, - unsigned int flags, - const gnutls_datum_t * hash, - const gnutls_datum_t * signature) - _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_x509_crt_verify_hash(gnutls_x509_crt_t crt, + unsigned int flags, + const gnutls_datum_t * hash, + const gnutls_datum_t * signature) + _GNUTLS_GCC_ATTR_DEPRECATED; /* gnutls_pubkey_get_verify_algorithm() */ - int gnutls_x509_crt_get_verify_algorithm(gnutls_x509_crt_t crt, - const gnutls_datum_t * - signature, - gnutls_digest_algorithm_t - * hash) - _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_x509_crt_get_verify_algorithm(gnutls_x509_crt_t crt, + const gnutls_datum_t * + signature, + gnutls_digest_algorithm_t + * hash) + _GNUTLS_GCC_ATTR_DEPRECATED; /* gnutls_pubkey_get_preferred_hash_algorithm() */ - int gnutls_x509_crt_get_preferred_hash_algorithm(gnutls_x509_crt_t - crt, - gnutls_digest_algorithm_t - * hash, - unsigned int - *mand) - _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_x509_crt_get_preferred_hash_algorithm(gnutls_x509_crt_t + crt, + gnutls_digest_algorithm_t + * hash, unsigned int + *mand) + _GNUTLS_GCC_ATTR_DEPRECATED; /* gnutls_x509_crq_privkey_sign() */ - int gnutls_x509_crq_sign(gnutls_x509_crq_t crq, - gnutls_x509_privkey_t key) - _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_x509_crq_sign(gnutls_x509_crq_t crq, + gnutls_x509_privkey_t key) + _GNUTLS_GCC_ATTR_DEPRECATED; /* gnutls_x509_crl_privkey_sign */ - int gnutls_x509_crl_sign(gnutls_x509_crl_t crl, - gnutls_x509_crt_t issuer, - gnutls_x509_privkey_t issuer_key) - _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_x509_crl_sign(gnutls_x509_crl_t crl, + gnutls_x509_crt_t issuer, + gnutls_x509_privkey_t issuer_key) + _GNUTLS_GCC_ATTR_DEPRECATED; /* functions to set priority of cipher suites */ - int gnutls_cipher_set_priority(gnutls_session_t session, - const int *list) - _GNUTLS_GCC_ATTR_DEPRECATED; - int gnutls_mac_set_priority(gnutls_session_t session, +int gnutls_cipher_set_priority(gnutls_session_t session, + const int *list) + _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_mac_set_priority(gnutls_session_t session, + const int *list) _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_compression_set_priority(gnutls_session_t session, const int *list) - _GNUTLS_GCC_ATTR_DEPRECATED; - int gnutls_compression_set_priority(gnutls_session_t session, - const int *list) - _GNUTLS_GCC_ATTR_DEPRECATED; - int gnutls_kx_set_priority(gnutls_session_t session, - const int *list) - _GNUTLS_GCC_ATTR_DEPRECATED; - int gnutls_protocol_set_priority(gnutls_session_t session, + _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_kx_set_priority(gnutls_session_t session, + const int *list) _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_protocol_set_priority(gnutls_session_t session, + const int *list) + _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_certificate_type_set_priority(gnutls_session_t session, const int *list) - _GNUTLS_GCC_ATTR_DEPRECATED; - int gnutls_certificate_type_set_priority(gnutls_session_t session, - const int *list) - _GNUTLS_GCC_ATTR_DEPRECATED; + _GNUTLS_GCC_ATTR_DEPRECATED; /* RSA params */ - int gnutls_rsa_params_init(gnutls_rsa_params_t * - rsa_params) _GNUTLS_GCC_ATTR_DEPRECATED; - void gnutls_rsa_params_deinit(gnutls_rsa_params_t rsa_params) - _GNUTLS_GCC_ATTR_DEPRECATED; - int gnutls_rsa_params_cpy(gnutls_rsa_params_t dst, - gnutls_rsa_params_t src) - _GNUTLS_GCC_ATTR_DEPRECATED; - int gnutls_rsa_params_import_raw(gnutls_rsa_params_t rsa_params, - const gnutls_datum_t * m, - const gnutls_datum_t * e, - const gnutls_datum_t * d, - const gnutls_datum_t * p, - const gnutls_datum_t * q, - const gnutls_datum_t * u); - int gnutls_rsa_params_generate2(gnutls_rsa_params_t params, - unsigned int bits) - _GNUTLS_GCC_ATTR_DEPRECATED; - int gnutls_rsa_params_export_raw(gnutls_rsa_params_t rsa, - gnutls_datum_t * m, - gnutls_datum_t * e, - gnutls_datum_t * d, - gnutls_datum_t * p, - gnutls_datum_t * q, - gnutls_datum_t * u, - unsigned int *bits) - _GNUTLS_GCC_ATTR_DEPRECATED; - int gnutls_rsa_params_export_pkcs1(gnutls_rsa_params_t params, - gnutls_x509_crt_fmt_t format, - unsigned char *params_data, - size_t * - params_data_size) - _GNUTLS_GCC_ATTR_DEPRECATED; - int gnutls_rsa_params_import_pkcs1(gnutls_rsa_params_t params, - const gnutls_datum_t * - pkcs1_params, - gnutls_x509_crt_fmt_t format) - _GNUTLS_GCC_ATTR_DEPRECATED; - - int gnutls_rsa_export_get_pubkey(gnutls_session_t session, - gnutls_datum_t * exponent, - gnutls_datum_t * - modulus) - _GNUTLS_GCC_ATTR_DEPRECATED; - int gnutls_rsa_export_get_modulus_bits(gnutls_session_t session) - _GNUTLS_GCC_ATTR_DEPRECATED; - int gnutls_set_default_export_priority(gnutls_session_t session) - _GNUTLS_GCC_ATTR_DEPRECATED; - - void - gnutls_certificate_set_rsa_export_params - (gnutls_certificate_credentials_t res, - gnutls_rsa_params_t rsa_params) _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_rsa_params_init(gnutls_rsa_params_t * + rsa_params) _GNUTLS_GCC_ATTR_DEPRECATED; +void gnutls_rsa_params_deinit(gnutls_rsa_params_t rsa_params) + _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_rsa_params_cpy(gnutls_rsa_params_t dst, + gnutls_rsa_params_t src) + _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_rsa_params_import_raw(gnutls_rsa_params_t rsa_params, + const gnutls_datum_t * m, + const gnutls_datum_t * e, + const gnutls_datum_t * d, + const gnutls_datum_t * p, + const gnutls_datum_t * q, + const gnutls_datum_t * u); +int gnutls_rsa_params_generate2(gnutls_rsa_params_t params, + unsigned int bits) + _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_rsa_params_export_raw(gnutls_rsa_params_t rsa, + gnutls_datum_t * m, + gnutls_datum_t * e, + gnutls_datum_t * d, + gnutls_datum_t * p, + gnutls_datum_t * q, + gnutls_datum_t * u, + unsigned int *bits) + _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_rsa_params_export_pkcs1(gnutls_rsa_params_t params, + gnutls_x509_crt_fmt_t format, + unsigned char *params_data, + size_t * + params_data_size) + _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_rsa_params_import_pkcs1(gnutls_rsa_params_t params, + const gnutls_datum_t * + pkcs1_params, + gnutls_x509_crt_fmt_t format) + _GNUTLS_GCC_ATTR_DEPRECATED; + +int gnutls_rsa_export_get_pubkey(gnutls_session_t session, + gnutls_datum_t * exponent, + gnutls_datum_t * + modulus) _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_rsa_export_get_modulus_bits(gnutls_session_t session) + _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_set_default_export_priority(gnutls_session_t session) + _GNUTLS_GCC_ATTR_DEPRECATED; + +void gnutls_certificate_set_rsa_export_params + (gnutls_certificate_credentials_t res, + gnutls_rsa_params_t rsa_params) _GNUTLS_GCC_ATTR_DEPRECATED; /* use gnutls_privkey_sign_hash() with the GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA flag */ - int gnutls_privkey_sign_raw_data(gnutls_privkey_t key, - unsigned flags, - const gnutls_datum_t * data, - gnutls_datum_t * - signature) - _GNUTLS_GCC_ATTR_DEPRECATED; +int gnutls_privkey_sign_raw_data(gnutls_privkey_t key, + unsigned flags, + const gnutls_datum_t * data, + gnutls_datum_t * + signature) _GNUTLS_GCC_ATTR_DEPRECATED; #ifdef _ISOC99_SOURCE /* we provide older functions for compatibility as inline functions that * depend on gnutls_session_get_random. */ - static inline const void - *gnutls_session_get_server_random(gnutls_session_t session) - _GNUTLS_GCC_ATTR_DEPRECATED; - static inline const void - *gnutls_session_get_server_random(gnutls_session_t session) { - gnutls_datum_t rnd; - gnutls_session_get_random(session, NULL, &rnd); /*doc-skip */ - return rnd.data; - } static inline const void - *gnutls_session_get_client_random(gnutls_session_t session) - _GNUTLS_GCC_ATTR_DEPRECATED; - static inline const void - *gnutls_session_get_client_random(gnutls_session_t session) { - gnutls_datum_t rnd; - gnutls_session_get_random(session, &rnd, NULL); /*doc-skip */ - return rnd.data; - } +static inline const void +*gnutls_session_get_server_random(gnutls_session_t session) + _GNUTLS_GCC_ATTR_DEPRECATED; +static inline const void +*gnutls_session_get_server_random(gnutls_session_t session) +{ + gnutls_datum_t rnd; + gnutls_session_get_random(session, NULL, &rnd); /*doc-skip */ + return rnd.data; +} + +static inline const void +*gnutls_session_get_client_random(gnutls_session_t session) + _GNUTLS_GCC_ATTR_DEPRECATED; +static inline const void +*gnutls_session_get_client_random(gnutls_session_t session) +{ + gnutls_datum_t rnd; + gnutls_session_get_random(session, &rnd, NULL); /*doc-skip */ + return rnd.data; +} #endif +/* *INDENT-OFF* */ #ifdef __cplusplus } #endif +/* *INDENT-ON* */ #endif /* _GNUTLS_COMPAT_H */ diff --git a/lib/includes/gnutls/crypto.h b/lib/includes/gnutls/crypto.h index 6ab571472d..bb589df5c5 100644 --- a/lib/includes/gnutls/crypto.h +++ b/lib/includes/gnutls/crypto.h @@ -23,72 +23,68 @@ #ifndef GNUTLS_CRYPTO_H #define GNUTLS_CRYPTO_H +/* *INDENT-OFF* */ #ifdef __cplusplus extern "C" { #endif - - typedef struct api_cipher_hd_st *gnutls_cipher_hd_t; - - int gnutls_cipher_init(gnutls_cipher_hd_t * handle, - gnutls_cipher_algorithm_t cipher, - const gnutls_datum_t * key, - const gnutls_datum_t * iv); - int gnutls_cipher_encrypt(const gnutls_cipher_hd_t handle, - void *text, size_t textlen); - int gnutls_cipher_decrypt(const gnutls_cipher_hd_t handle, - void *ciphertext, size_t ciphertextlen); - int gnutls_cipher_decrypt2(gnutls_cipher_hd_t handle, - const void *ciphertext, - size_t ciphertextlen, void *text, - size_t textlen); - int gnutls_cipher_encrypt2(gnutls_cipher_hd_t handle, - const void *text, size_t textlen, - void *ciphertext, size_t ciphertextlen); - - void gnutls_cipher_set_iv(gnutls_cipher_hd_t handle, void *iv, - size_t ivlen); - - int gnutls_cipher_tag(gnutls_cipher_hd_t handle, void *tag, - size_t tag_size); - int gnutls_cipher_add_auth(gnutls_cipher_hd_t handle, - const void *text, size_t text_size); - - void gnutls_cipher_deinit(gnutls_cipher_hd_t handle); - int gnutls_cipher_get_block_size(gnutls_cipher_algorithm_t - algorithm); - int gnutls_cipher_get_iv_size(gnutls_cipher_algorithm_t algorithm); - int gnutls_cipher_get_tag_size(gnutls_cipher_algorithm_t - algorithm); - - typedef struct hash_hd_st *gnutls_hash_hd_t; - typedef struct hmac_hd_st *gnutls_hmac_hd_t; - - size_t gnutls_mac_get_nonce_size(gnutls_mac_algorithm_t algorithm); - int gnutls_hmac_init(gnutls_hmac_hd_t * dig, - gnutls_mac_algorithm_t algorithm, - const void *key, size_t keylen); - void gnutls_hmac_set_nonce(gnutls_hmac_hd_t handle, - const void *nonce, size_t nonce_len); - int gnutls_hmac(gnutls_hmac_hd_t handle, const void *text, - size_t textlen); - void gnutls_hmac_output(gnutls_hmac_hd_t handle, void *digest); - void gnutls_hmac_deinit(gnutls_hmac_hd_t handle, void *digest); - int gnutls_hmac_get_len(gnutls_mac_algorithm_t algorithm); - int gnutls_hmac_fast(gnutls_mac_algorithm_t algorithm, - const void *key, size_t keylen, - const void *text, size_t textlen, - void *digest); - - int gnutls_hash_init(gnutls_hash_hd_t * dig, - gnutls_digest_algorithm_t algorithm); - int gnutls_hash(gnutls_hash_hd_t handle, const void *text, - size_t textlen); - void gnutls_hash_output(gnutls_hash_hd_t handle, void *digest); - void gnutls_hash_deinit(gnutls_hash_hd_t handle, void *digest); - int gnutls_hash_get_len(gnutls_digest_algorithm_t algorithm); - int gnutls_hash_fast(gnutls_digest_algorithm_t algorithm, - const void *text, size_t textlen, - void *digest); +/* *INDENT-ON* */ + +typedef struct api_cipher_hd_st *gnutls_cipher_hd_t; + +int gnutls_cipher_init(gnutls_cipher_hd_t * handle, + gnutls_cipher_algorithm_t cipher, + const gnutls_datum_t * key, + const gnutls_datum_t * iv); +int gnutls_cipher_encrypt(const gnutls_cipher_hd_t handle, + void *text, size_t textlen); +int gnutls_cipher_decrypt(const gnutls_cipher_hd_t handle, + void *ciphertext, size_t ciphertextlen); +int gnutls_cipher_decrypt2(gnutls_cipher_hd_t handle, + const void *ciphertext, + size_t ciphertextlen, void *text, + size_t textlen); +int gnutls_cipher_encrypt2(gnutls_cipher_hd_t handle, + const void *text, size_t textlen, + void *ciphertext, size_t ciphertextlen); + +void gnutls_cipher_set_iv(gnutls_cipher_hd_t handle, void *iv, + size_t ivlen); + +int gnutls_cipher_tag(gnutls_cipher_hd_t handle, void *tag, + size_t tag_size); +int gnutls_cipher_add_auth(gnutls_cipher_hd_t handle, + const void *text, size_t text_size); + +void gnutls_cipher_deinit(gnutls_cipher_hd_t handle); +int gnutls_cipher_get_block_size(gnutls_cipher_algorithm_t algorithm); +int gnutls_cipher_get_iv_size(gnutls_cipher_algorithm_t algorithm); +int gnutls_cipher_get_tag_size(gnutls_cipher_algorithm_t algorithm); + +typedef struct hash_hd_st *gnutls_hash_hd_t; +typedef struct hmac_hd_st *gnutls_hmac_hd_t; + +size_t gnutls_mac_get_nonce_size(gnutls_mac_algorithm_t algorithm); +int gnutls_hmac_init(gnutls_hmac_hd_t * dig, + gnutls_mac_algorithm_t algorithm, + const void *key, size_t keylen); +void gnutls_hmac_set_nonce(gnutls_hmac_hd_t handle, + const void *nonce, size_t nonce_len); +int gnutls_hmac(gnutls_hmac_hd_t handle, const void *text, size_t textlen); +void gnutls_hmac_output(gnutls_hmac_hd_t handle, void *digest); +void gnutls_hmac_deinit(gnutls_hmac_hd_t handle, void *digest); +int gnutls_hmac_get_len(gnutls_mac_algorithm_t algorithm); +int gnutls_hmac_fast(gnutls_mac_algorithm_t algorithm, + const void *key, size_t keylen, + const void *text, size_t textlen, void *digest); + +int gnutls_hash_init(gnutls_hash_hd_t * dig, + gnutls_digest_algorithm_t algorithm); +int gnutls_hash(gnutls_hash_hd_t handle, const void *text, size_t textlen); +void gnutls_hash_output(gnutls_hash_hd_t handle, void *digest); +void gnutls_hash_deinit(gnutls_hash_hd_t handle, void *digest); +int gnutls_hash_get_len(gnutls_digest_algorithm_t algorithm); +int gnutls_hash_fast(gnutls_digest_algorithm_t algorithm, + const void *text, size_t textlen, void *digest); /* register ciphers */ @@ -103,17 +99,19 @@ extern "C" { * * Enumeration of random quality levels. */ - typedef enum gnutls_rnd_level { - GNUTLS_RND_NONCE = 0, - GNUTLS_RND_RANDOM = 1, - GNUTLS_RND_KEY = 2 - } gnutls_rnd_level_t; +typedef enum gnutls_rnd_level { + GNUTLS_RND_NONCE = 0, + GNUTLS_RND_RANDOM = 1, + GNUTLS_RND_KEY = 2 +} gnutls_rnd_level_t; - int gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t len); +int gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t len); - void gnutls_rnd_refresh(void); +void gnutls_rnd_refresh(void); +/* *INDENT-OFF* */ #ifdef __cplusplus } #endif +/* *INDENT-ON* */ #endif diff --git a/lib/includes/gnutls/dtls.h b/lib/includes/gnutls/dtls.h index c773a664dd..46d0b591fa 100644 --- a/lib/includes/gnutls/dtls.h +++ b/lib/includes/gnutls/dtls.h @@ -29,25 +29,25 @@ #include <gnutls/gnutls.h> +/* *INDENT-OFF* */ #ifdef __cplusplus extern "C" { #endif +/* *INDENT-ON* */ #define GNUTLS_COOKIE_KEY_SIZE 16 - void gnutls_dtls_set_timeouts(gnutls_session_t session, - unsigned int retrans_timeout, - unsigned int total_timeout); +void gnutls_dtls_set_timeouts(gnutls_session_t session, + unsigned int retrans_timeout, + unsigned int total_timeout); - unsigned int gnutls_dtls_get_mtu(gnutls_session_t session); - unsigned int gnutls_dtls_get_data_mtu(gnutls_session_t session); +unsigned int gnutls_dtls_get_mtu(gnutls_session_t session); +unsigned int gnutls_dtls_get_data_mtu(gnutls_session_t session); - void gnutls_dtls_set_mtu(gnutls_session_t session, - unsigned int mtu); - int gnutls_dtls_set_data_mtu(gnutls_session_t session, - unsigned int mtu); +void gnutls_dtls_set_mtu(gnutls_session_t session, unsigned int mtu); +int gnutls_dtls_set_data_mtu(gnutls_session_t session, unsigned int mtu); - unsigned int gnutls_dtls_get_timeout(gnutls_session_t session); +unsigned int gnutls_dtls_get_timeout(gnutls_session_t session); /** * gnutls_dtls_prestate_st: @@ -60,31 +60,33 @@ extern "C" { * gnutls_dtls_cookie_send(), gnutls_dtls_cookie_verify() and * gnutls_dtls_prestate_set(). */ - typedef struct { - unsigned int record_seq; - unsigned int hsk_read_seq; - unsigned int hsk_write_seq; - } gnutls_dtls_prestate_st; +typedef struct { + unsigned int record_seq; + unsigned int hsk_read_seq; + unsigned int hsk_write_seq; +} gnutls_dtls_prestate_st; - int gnutls_dtls_cookie_send(gnutls_datum_t * key, - void *client_data, - size_t client_data_size, - gnutls_dtls_prestate_st * prestate, - gnutls_transport_ptr_t ptr, - gnutls_push_func push_func); +int gnutls_dtls_cookie_send(gnutls_datum_t * key, + void *client_data, + size_t client_data_size, + gnutls_dtls_prestate_st * prestate, + gnutls_transport_ptr_t ptr, + gnutls_push_func push_func); - int gnutls_dtls_cookie_verify(gnutls_datum_t * key, - void *client_data, - size_t client_data_size, void *_msg, - size_t msg_size, - gnutls_dtls_prestate_st * prestate); +int gnutls_dtls_cookie_verify(gnutls_datum_t * key, + void *client_data, + size_t client_data_size, void *_msg, + size_t msg_size, + gnutls_dtls_prestate_st * prestate); - void gnutls_dtls_prestate_set(gnutls_session_t session, - gnutls_dtls_prestate_st * prestate); +void gnutls_dtls_prestate_set(gnutls_session_t session, + gnutls_dtls_prestate_st * prestate); - unsigned int gnutls_record_get_discarded(gnutls_session_t session); +unsigned int gnutls_record_get_discarded(gnutls_session_t session); +/* *INDENT-OFF* */ #ifdef __cplusplus } #endif +/* *INDENT-ON* */ #endif /* GNUTLS_DTLS_H */ diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in index 777e3777a2..f90f836276 100644 --- a/lib/includes/gnutls/gnutls.h.in +++ b/lib/includes/gnutls/gnutls.h.in @@ -47,10 +47,12 @@ #endif /* Get time_t. */ #include <time.h> + +/* *INDENT-OFF* */ #ifdef __cplusplus -extern "C" -{ +extern "C" { #endif +/* *INDENT-ON* */ #define GNUTLS_VERSION "@VERSION@" @@ -96,40 +98,39 @@ extern "C" * * Enumeration of different symmetric encryption algorithms. */ - typedef enum gnutls_cipher_algorithm - { - GNUTLS_CIPHER_UNKNOWN = 0, - GNUTLS_CIPHER_NULL = 1, - GNUTLS_CIPHER_ARCFOUR_128 = 2, - GNUTLS_CIPHER_3DES_CBC = 3, - GNUTLS_CIPHER_AES_128_CBC = 4, - GNUTLS_CIPHER_AES_256_CBC = 5, - GNUTLS_CIPHER_ARCFOUR_40 = 6, - GNUTLS_CIPHER_CAMELLIA_128_CBC = 7, - GNUTLS_CIPHER_CAMELLIA_256_CBC = 8, - GNUTLS_CIPHER_RC2_40_CBC = 90, - GNUTLS_CIPHER_DES_CBC = 91, - GNUTLS_CIPHER_AES_192_CBC = 92, - GNUTLS_CIPHER_AES_128_GCM = 93, - GNUTLS_CIPHER_AES_256_GCM = 94, - GNUTLS_CIPHER_CAMELLIA_192_CBC = 95, - GNUTLS_CIPHER_SALSA20_256 = 96, - GNUTLS_CIPHER_ESTREAM_SALSA20_256 = 97, - GNUTLS_CIPHER_CAMELLIA_128_GCM = 98, - GNUTLS_CIPHER_CAMELLIA_256_GCM = 99, - - /* used only for PGP internals. Ignored in TLS/SSL - */ - GNUTLS_CIPHER_IDEA_PGP_CFB = 200, - GNUTLS_CIPHER_3DES_PGP_CFB = 201, - GNUTLS_CIPHER_CAST5_PGP_CFB = 202, - GNUTLS_CIPHER_BLOWFISH_PGP_CFB = 203, - GNUTLS_CIPHER_SAFER_SK128_PGP_CFB = 204, - GNUTLS_CIPHER_AES128_PGP_CFB = 205, - GNUTLS_CIPHER_AES192_PGP_CFB = 206, - GNUTLS_CIPHER_AES256_PGP_CFB = 207, - GNUTLS_CIPHER_TWOFISH_PGP_CFB = 208 - } gnutls_cipher_algorithm_t; +typedef enum gnutls_cipher_algorithm { + GNUTLS_CIPHER_UNKNOWN = 0, + GNUTLS_CIPHER_NULL = 1, + GNUTLS_CIPHER_ARCFOUR_128 = 2, + GNUTLS_CIPHER_3DES_CBC = 3, + GNUTLS_CIPHER_AES_128_CBC = 4, + GNUTLS_CIPHER_AES_256_CBC = 5, + GNUTLS_CIPHER_ARCFOUR_40 = 6, + GNUTLS_CIPHER_CAMELLIA_128_CBC = 7, + GNUTLS_CIPHER_CAMELLIA_256_CBC = 8, + GNUTLS_CIPHER_RC2_40_CBC = 90, + GNUTLS_CIPHER_DES_CBC = 91, + GNUTLS_CIPHER_AES_192_CBC = 92, + GNUTLS_CIPHER_AES_128_GCM = 93, + GNUTLS_CIPHER_AES_256_GCM = 94, + GNUTLS_CIPHER_CAMELLIA_192_CBC = 95, + GNUTLS_CIPHER_SALSA20_256 = 96, + GNUTLS_CIPHER_ESTREAM_SALSA20_256 = 97, + GNUTLS_CIPHER_CAMELLIA_128_GCM = 98, + GNUTLS_CIPHER_CAMELLIA_256_GCM = 99, + + /* used only for PGP internals. Ignored in TLS/SSL + */ + GNUTLS_CIPHER_IDEA_PGP_CFB = 200, + GNUTLS_CIPHER_3DES_PGP_CFB = 201, + GNUTLS_CIPHER_CAST5_PGP_CFB = 202, + GNUTLS_CIPHER_BLOWFISH_PGP_CFB = 203, + GNUTLS_CIPHER_SAFER_SK128_PGP_CFB = 204, + GNUTLS_CIPHER_AES128_PGP_CFB = 205, + GNUTLS_CIPHER_AES192_PGP_CFB = 206, + GNUTLS_CIPHER_AES256_PGP_CFB = 207, + GNUTLS_CIPHER_TWOFISH_PGP_CFB = 208 +} gnutls_cipher_algorithm_t; /** * gnutls_kx_algorithm_t: @@ -152,25 +153,24 @@ extern "C" * * Enumeration of different key exchange algorithms. */ - typedef enum - { - GNUTLS_KX_UNKNOWN = 0, - GNUTLS_KX_RSA = 1, - GNUTLS_KX_DHE_DSS = 2, - GNUTLS_KX_DHE_RSA = 3, - GNUTLS_KX_ANON_DH = 4, - GNUTLS_KX_SRP = 5, - GNUTLS_KX_RSA_EXPORT = 6, - GNUTLS_KX_SRP_RSA = 7, - GNUTLS_KX_SRP_DSS = 8, - GNUTLS_KX_PSK = 9, - GNUTLS_KX_DHE_PSK = 10, - GNUTLS_KX_ANON_ECDH = 11, - GNUTLS_KX_ECDHE_RSA = 12, - GNUTLS_KX_ECDHE_ECDSA = 13, - GNUTLS_KX_ECDHE_PSK = 14, - GNUTLS_KX_RSA_PSK = 15, - } gnutls_kx_algorithm_t; +typedef enum { + GNUTLS_KX_UNKNOWN = 0, + GNUTLS_KX_RSA = 1, + GNUTLS_KX_DHE_DSS = 2, + GNUTLS_KX_DHE_RSA = 3, + GNUTLS_KX_ANON_DH = 4, + GNUTLS_KX_SRP = 5, + GNUTLS_KX_RSA_EXPORT = 6, + GNUTLS_KX_SRP_RSA = 7, + GNUTLS_KX_SRP_DSS = 8, + GNUTLS_KX_PSK = 9, + GNUTLS_KX_DHE_PSK = 10, + GNUTLS_KX_ANON_ECDH = 11, + GNUTLS_KX_ECDHE_RSA = 12, + GNUTLS_KX_ECDHE_ECDSA = 13, + GNUTLS_KX_ECDHE_PSK = 14, + GNUTLS_KX_RSA_PSK = 15, +} gnutls_kx_algorithm_t; /** * gnutls_params_type_t: @@ -180,12 +180,11 @@ extern "C" * * Enumeration of different TLS session parameter types. */ - typedef enum - { - GNUTLS_PARAMS_RSA_EXPORT = 1, - GNUTLS_PARAMS_DH = 2, - GNUTLS_PARAMS_ECDH = 3, - } gnutls_params_type_t; +typedef enum { + GNUTLS_PARAMS_RSA_EXPORT = 1, + GNUTLS_PARAMS_DH = 2, + GNUTLS_PARAMS_ECDH = 3, +} gnutls_params_type_t; /** * gnutls_credentials_type_t: @@ -197,14 +196,13 @@ extern "C" * * Enumeration of different credential types. */ - typedef enum - { - GNUTLS_CRD_CERTIFICATE = 1, - GNUTLS_CRD_ANON, - GNUTLS_CRD_SRP, - GNUTLS_CRD_PSK, - GNUTLS_CRD_IA - } gnutls_credentials_type_t; +typedef enum { + GNUTLS_CRD_CERTIFICATE = 1, + GNUTLS_CRD_ANON, + GNUTLS_CRD_SRP, + GNUTLS_CRD_PSK, + GNUTLS_CRD_IA +} gnutls_credentials_type_t; #define GNUTLS_MAC_SHA GNUTLS_MAC_SHA1 #define GNUTLS_DIG_SHA GNUTLS_DIG_SHA1 @@ -228,24 +226,23 @@ extern "C" * Enumeration of different Message Authentication Code (MAC) * algorithms. */ - typedef enum - { - GNUTLS_MAC_UNKNOWN = 0, - GNUTLS_MAC_NULL = 1, - GNUTLS_MAC_MD5 = 2, - GNUTLS_MAC_SHA1 = 3, - GNUTLS_MAC_RMD160 = 4, - GNUTLS_MAC_MD2 = 5, - GNUTLS_MAC_SHA256 = 6, - GNUTLS_MAC_SHA384 = 7, - GNUTLS_MAC_SHA512 = 8, - GNUTLS_MAC_SHA224 = 9, - /* If you add anything here, make sure you align with - gnutls_digest_algorithm_t. */ - GNUTLS_MAC_AEAD = 200, /* indicates that MAC is on the cipher */ - GNUTLS_MAC_UMAC_96 = 201, - GNUTLS_MAC_UMAC_128 = 202, - } gnutls_mac_algorithm_t; +typedef enum { + GNUTLS_MAC_UNKNOWN = 0, + GNUTLS_MAC_NULL = 1, + GNUTLS_MAC_MD5 = 2, + GNUTLS_MAC_SHA1 = 3, + GNUTLS_MAC_RMD160 = 4, + GNUTLS_MAC_MD2 = 5, + GNUTLS_MAC_SHA256 = 6, + GNUTLS_MAC_SHA384 = 7, + GNUTLS_MAC_SHA512 = 8, + GNUTLS_MAC_SHA224 = 9, + /* If you add anything here, make sure you align with + gnutls_digest_algorithm_t. */ + GNUTLS_MAC_AEAD = 200, /* indicates that MAC is on the cipher */ + GNUTLS_MAC_UMAC_96 = 201, + GNUTLS_MAC_UMAC_128 = 202, +} gnutls_mac_algorithm_t; /** * gnutls_digest_algorithm_t: @@ -262,21 +259,20 @@ extern "C" * * Enumeration of different digest (hash) algorithms. */ - typedef enum - { - GNUTLS_DIG_UNKNOWN = GNUTLS_MAC_UNKNOWN, - GNUTLS_DIG_NULL = GNUTLS_MAC_NULL, - GNUTLS_DIG_MD5 = GNUTLS_MAC_MD5, - GNUTLS_DIG_SHA1 = GNUTLS_MAC_SHA1, - GNUTLS_DIG_RMD160 = GNUTLS_MAC_RMD160, - GNUTLS_DIG_MD2 = GNUTLS_MAC_MD2, - GNUTLS_DIG_SHA256 = GNUTLS_MAC_SHA256, - GNUTLS_DIG_SHA384 = GNUTLS_MAC_SHA384, - GNUTLS_DIG_SHA512 = GNUTLS_MAC_SHA512, - GNUTLS_DIG_SHA224 = GNUTLS_MAC_SHA224 - /* If you add anything here, make sure you align with - gnutls_mac_algorithm_t. */ - } gnutls_digest_algorithm_t; +typedef enum { + GNUTLS_DIG_UNKNOWN = GNUTLS_MAC_UNKNOWN, + GNUTLS_DIG_NULL = GNUTLS_MAC_NULL, + GNUTLS_DIG_MD5 = GNUTLS_MAC_MD5, + GNUTLS_DIG_SHA1 = GNUTLS_MAC_SHA1, + GNUTLS_DIG_RMD160 = GNUTLS_MAC_RMD160, + GNUTLS_DIG_MD2 = GNUTLS_MAC_MD2, + GNUTLS_DIG_SHA256 = GNUTLS_MAC_SHA256, + GNUTLS_DIG_SHA384 = GNUTLS_MAC_SHA384, + GNUTLS_DIG_SHA512 = GNUTLS_MAC_SHA512, + GNUTLS_DIG_SHA224 = GNUTLS_MAC_SHA224 + /* If you add anything here, make sure you align with + gnutls_mac_algorithm_t. */ +} gnutls_digest_algorithm_t; /* exported for other gnutls headers. This is the maximum number of * algorithms (ciphers, kx or macs). @@ -292,13 +288,12 @@ extern "C" * * Enumeration of different TLS compression methods. */ - typedef enum - { - GNUTLS_COMP_UNKNOWN = 0, - GNUTLS_COMP_NULL = 1, - GNUTLS_COMP_DEFLATE = 2, - GNUTLS_COMP_ZLIB = GNUTLS_COMP_DEFLATE, - } gnutls_compression_method_t; +typedef enum { + GNUTLS_COMP_UNKNOWN = 0, + GNUTLS_COMP_NULL = 1, + GNUTLS_COMP_DEFLATE = 2, + GNUTLS_COMP_ZLIB = GNUTLS_COMP_DEFLATE, +} gnutls_compression_method_t; /* * Flags for gnutls_init() @@ -325,11 +320,10 @@ extern "C" * * Enumeration of different TLS alert severities. */ - typedef enum - { - GNUTLS_AL_WARNING = 1, - GNUTLS_AL_FATAL - } gnutls_alert_level_t; +typedef enum { + GNUTLS_AL_WARNING = 1, + GNUTLS_AL_FATAL +} gnutls_alert_level_t; /** * gnutls_alert_description_t: @@ -368,38 +362,37 @@ extern "C" * * Enumeration of different TLS alerts. */ - typedef enum - { - GNUTLS_A_CLOSE_NOTIFY, - GNUTLS_A_UNEXPECTED_MESSAGE = 10, - GNUTLS_A_BAD_RECORD_MAC = 20, - GNUTLS_A_DECRYPTION_FAILED, - GNUTLS_A_RECORD_OVERFLOW, - GNUTLS_A_DECOMPRESSION_FAILURE = 30, - GNUTLS_A_HANDSHAKE_FAILURE = 40, - GNUTLS_A_SSL3_NO_CERTIFICATE = 41, - GNUTLS_A_BAD_CERTIFICATE = 42, - GNUTLS_A_UNSUPPORTED_CERTIFICATE, - GNUTLS_A_CERTIFICATE_REVOKED, - GNUTLS_A_CERTIFICATE_EXPIRED, - GNUTLS_A_CERTIFICATE_UNKNOWN, - GNUTLS_A_ILLEGAL_PARAMETER, - GNUTLS_A_UNKNOWN_CA, - GNUTLS_A_ACCESS_DENIED, - GNUTLS_A_DECODE_ERROR = 50, - GNUTLS_A_DECRYPT_ERROR, - GNUTLS_A_EXPORT_RESTRICTION = 60, - GNUTLS_A_PROTOCOL_VERSION = 70, - GNUTLS_A_INSUFFICIENT_SECURITY, - GNUTLS_A_INTERNAL_ERROR = 80, - GNUTLS_A_USER_CANCELED = 90, - GNUTLS_A_NO_RENEGOTIATION = 100, - GNUTLS_A_UNSUPPORTED_EXTENSION = 110, - GNUTLS_A_CERTIFICATE_UNOBTAINABLE = 111, - GNUTLS_A_UNRECOGNIZED_NAME = 112, - GNUTLS_A_UNKNOWN_PSK_IDENTITY = 115, - GNUTLS_A_NO_APPLICATION_PROTOCOL = 120, - } gnutls_alert_description_t; +typedef enum { + GNUTLS_A_CLOSE_NOTIFY, + GNUTLS_A_UNEXPECTED_MESSAGE = 10, + GNUTLS_A_BAD_RECORD_MAC = 20, + GNUTLS_A_DECRYPTION_FAILED, + GNUTLS_A_RECORD_OVERFLOW, + GNUTLS_A_DECOMPRESSION_FAILURE = 30, + GNUTLS_A_HANDSHAKE_FAILURE = 40, + GNUTLS_A_SSL3_NO_CERTIFICATE = 41, + GNUTLS_A_BAD_CERTIFICATE = 42, + GNUTLS_A_UNSUPPORTED_CERTIFICATE, + GNUTLS_A_CERTIFICATE_REVOKED, + GNUTLS_A_CERTIFICATE_EXPIRED, + GNUTLS_A_CERTIFICATE_UNKNOWN, + GNUTLS_A_ILLEGAL_PARAMETER, + GNUTLS_A_UNKNOWN_CA, + GNUTLS_A_ACCESS_DENIED, + GNUTLS_A_DECODE_ERROR = 50, + GNUTLS_A_DECRYPT_ERROR, + GNUTLS_A_EXPORT_RESTRICTION = 60, + GNUTLS_A_PROTOCOL_VERSION = 70, + GNUTLS_A_INSUFFICIENT_SECURITY, + GNUTLS_A_INTERNAL_ERROR = 80, + GNUTLS_A_USER_CANCELED = 90, + GNUTLS_A_NO_RENEGOTIATION = 100, + GNUTLS_A_UNSUPPORTED_EXTENSION = 110, + GNUTLS_A_CERTIFICATE_UNOBTAINABLE = 111, + GNUTLS_A_UNRECOGNIZED_NAME = 112, + GNUTLS_A_UNKNOWN_PSK_IDENTITY = 115, + GNUTLS_A_NO_APPLICATION_PROTOCOL = 120, +} gnutls_alert_description_t; /** * gnutls_handshake_description_t: @@ -422,30 +415,30 @@ extern "C" * * Enumeration of different TLS handshake packets. */ - typedef enum - { - GNUTLS_HANDSHAKE_HELLO_REQUEST = 0, - GNUTLS_HANDSHAKE_CLIENT_HELLO = 1, - GNUTLS_HANDSHAKE_SERVER_HELLO = 2, - GNUTLS_HANDSHAKE_HELLO_VERIFY_REQUEST = 3, - GNUTLS_HANDSHAKE_NEW_SESSION_TICKET = 4, - GNUTLS_HANDSHAKE_CERTIFICATE_PKT = 11, - GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE = 12, - GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST = 13, - GNUTLS_HANDSHAKE_SERVER_HELLO_DONE = 14, - GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY = 15, - GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE = 16, - GNUTLS_HANDSHAKE_FINISHED = 20, - GNUTLS_HANDSHAKE_CERTIFICATE_STATUS = 22, - GNUTLS_HANDSHAKE_SUPPLEMENTAL = 23, - GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC = 254, - GNUTLS_HANDSHAKE_CLIENT_HELLO_V2 = 1024, - } gnutls_handshake_description_t; +typedef enum { + GNUTLS_HANDSHAKE_HELLO_REQUEST = 0, + GNUTLS_HANDSHAKE_CLIENT_HELLO = 1, + GNUTLS_HANDSHAKE_SERVER_HELLO = 2, + GNUTLS_HANDSHAKE_HELLO_VERIFY_REQUEST = 3, + GNUTLS_HANDSHAKE_NEW_SESSION_TICKET = 4, + GNUTLS_HANDSHAKE_CERTIFICATE_PKT = 11, + GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE = 12, + GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST = 13, + GNUTLS_HANDSHAKE_SERVER_HELLO_DONE = 14, + GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY = 15, + GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE = 16, + GNUTLS_HANDSHAKE_FINISHED = 20, + GNUTLS_HANDSHAKE_CERTIFICATE_STATUS = 22, + GNUTLS_HANDSHAKE_SUPPLEMENTAL = 23, + GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC = 254, + GNUTLS_HANDSHAKE_CLIENT_HELLO_V2 = 1024, +} gnutls_handshake_description_t; #define GNUTLS_HANDSHAKE_ANY ((unsigned int)-1) -const char * -gnutls_handshake_description_get_name (gnutls_handshake_description_t type); +const char + *gnutls_handshake_description_get_name(gnutls_handshake_description_t + type); /** * gnutls_certificate_status_t: @@ -476,22 +469,21 @@ gnutls_handshake_description_get_name (gnutls_handshake_description_t type); * bits may have different meanings in OpenPGP keys and X.509 * certificate verification. */ - typedef enum - { - GNUTLS_CERT_INVALID = 1<<1, - GNUTLS_CERT_REVOKED = 1<<5, - GNUTLS_CERT_SIGNER_NOT_FOUND = 1<<6, - GNUTLS_CERT_SIGNER_NOT_CA = 1<<7, - GNUTLS_CERT_INSECURE_ALGORITHM = 1<<8, - GNUTLS_CERT_NOT_ACTIVATED = 1<<9, - GNUTLS_CERT_EXPIRED = 1<<10, - GNUTLS_CERT_SIGNATURE_FAILURE = 1<<11, - GNUTLS_CERT_REVOCATION_DATA_SUPERSEDED = 1<<12, - GNUTLS_CERT_UNEXPECTED_OWNER = 1<<14, - GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE = 1<<15, - GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE = 1<<16, - GNUTLS_CERT_MISMATCH = 1<<17, - } gnutls_certificate_status_t; +typedef enum { + GNUTLS_CERT_INVALID = 1 << 1, + GNUTLS_CERT_REVOKED = 1 << 5, + GNUTLS_CERT_SIGNER_NOT_FOUND = 1 << 6, + GNUTLS_CERT_SIGNER_NOT_CA = 1 << 7, + GNUTLS_CERT_INSECURE_ALGORITHM = 1 << 8, + GNUTLS_CERT_NOT_ACTIVATED = 1 << 9, + GNUTLS_CERT_EXPIRED = 1 << 10, + GNUTLS_CERT_SIGNATURE_FAILURE = 1 << 11, + GNUTLS_CERT_REVOCATION_DATA_SUPERSEDED = 1 << 12, + GNUTLS_CERT_UNEXPECTED_OWNER = 1 << 14, + GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE = 1 << 15, + GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE = 1 << 16, + GNUTLS_CERT_MISMATCH = 1 << 17, +} gnutls_certificate_status_t; /** * gnutls_certificate_request_t: @@ -501,12 +493,11 @@ gnutls_handshake_description_get_name (gnutls_handshake_description_t type); * * Enumeration of certificate request types. */ - typedef enum - { - GNUTLS_CERT_IGNORE = 0, - GNUTLS_CERT_REQUEST = 1, - GNUTLS_CERT_REQUIRE = 2 - } gnutls_certificate_request_t; +typedef enum { + GNUTLS_CERT_IGNORE = 0, + GNUTLS_CERT_REQUEST = 1, + GNUTLS_CERT_REQUIRE = 2 +} gnutls_certificate_request_t; /** * gnutls_openpgp_crt_status_t: @@ -515,11 +506,10 @@ gnutls_handshake_description_get_name (gnutls_handshake_description_t type); * * Enumeration of ways to send OpenPGP certificate. */ - typedef enum - { - GNUTLS_OPENPGP_CERT = 0, - GNUTLS_OPENPGP_CERT_FINGERPRINT = 1 - } gnutls_openpgp_crt_status_t; +typedef enum { + GNUTLS_OPENPGP_CERT = 0, + GNUTLS_OPENPGP_CERT_FINGERPRINT = 1 +} gnutls_openpgp_crt_status_t; /** * gnutls_close_request_t: @@ -528,11 +518,10 @@ gnutls_handshake_description_get_name (gnutls_handshake_description_t type); * * Enumeration of how TLS session should be terminated. See gnutls_bye(). */ - typedef enum - { - GNUTLS_SHUT_RDWR = 0, - GNUTLS_SHUT_WR = 1 - } gnutls_close_request_t; +typedef enum { + GNUTLS_SHUT_RDWR = 0, + GNUTLS_SHUT_WR = 1 +} gnutls_close_request_t; /** * gnutls_protocol_t: @@ -549,21 +538,20 @@ gnutls_handshake_description_get_name (gnutls_handshake_description_t type); * * Enumeration of different SSL/TLS protocol versions. */ - typedef enum - { - GNUTLS_SSL3 = 1, - GNUTLS_TLS1_0 = 2, - GNUTLS_TLS1 = GNUTLS_TLS1_0, - GNUTLS_TLS1_1 = 3, - GNUTLS_TLS1_2 = 4, - GNUTLS_DTLS0_9 = 6, /* FIXME: at some point change it to 200 */ - GNUTLS_DTLS1_0 = 5, /* 201 */ - GNUTLS_DTLS1_2 = 202, - GNUTLS_DTLS_VERSION_MIN = GNUTLS_DTLS1_0, - GNUTLS_DTLS_VERSION_MAX = GNUTLS_DTLS1_2, - GNUTLS_TLS_VERSION_MAX = GNUTLS_TLS1_2, - GNUTLS_VERSION_UNKNOWN = 0xff /* change it to 0xffff */ - } gnutls_protocol_t; +typedef enum { + GNUTLS_SSL3 = 1, + GNUTLS_TLS1_0 = 2, + GNUTLS_TLS1 = GNUTLS_TLS1_0, + GNUTLS_TLS1_1 = 3, + GNUTLS_TLS1_2 = 4, + GNUTLS_DTLS0_9 = 6, /* FIXME: at some point change it to 200 */ + GNUTLS_DTLS1_0 = 5, /* 201 */ + GNUTLS_DTLS1_2 = 202, + GNUTLS_DTLS_VERSION_MIN = GNUTLS_DTLS1_0, + GNUTLS_DTLS_VERSION_MAX = GNUTLS_DTLS1_2, + GNUTLS_TLS_VERSION_MAX = GNUTLS_TLS1_2, + GNUTLS_VERSION_UNKNOWN = 0xff /* change it to 0xffff */ +} gnutls_protocol_t; /** * gnutls_certificate_type_t: @@ -574,13 +562,12 @@ gnutls_handshake_description_get_name (gnutls_handshake_description_t type); * * Enumeration of different certificate types. */ - typedef enum - { - GNUTLS_CRT_UNKNOWN = 0, - GNUTLS_CRT_X509 = 1, - GNUTLS_CRT_OPENPGP = 2, - GNUTLS_CRT_RAW = 3 - } gnutls_certificate_type_t; +typedef enum { + GNUTLS_CRT_UNKNOWN = 0, + GNUTLS_CRT_X509 = 1, + GNUTLS_CRT_OPENPGP = 2, + GNUTLS_CRT_RAW = 3 +} gnutls_certificate_type_t; /** * gnutls_x509_crt_fmt_t: @@ -589,11 +576,10 @@ gnutls_handshake_description_get_name (gnutls_handshake_description_t type); * * Enumeration of different certificate encoding formats. */ - typedef enum - { - GNUTLS_X509_FMT_DER = 0, - GNUTLS_X509_FMT_PEM = 1 - } gnutls_x509_crt_fmt_t; +typedef enum { + GNUTLS_X509_FMT_DER = 0, + GNUTLS_X509_FMT_PEM = 1 +} gnutls_x509_crt_fmt_t; /** * gnutls_certificate_print_formats_t: @@ -605,14 +591,13 @@ gnutls_handshake_description_get_name (gnutls_handshake_description_t type); * * Enumeration of different certificate printing variants. */ - typedef enum gnutls_certificate_print_formats - { - GNUTLS_CRT_PRINT_FULL = 0, - GNUTLS_CRT_PRINT_ONELINE = 1, - GNUTLS_CRT_PRINT_UNSIGNED_FULL = 2, - GNUTLS_CRT_PRINT_COMPACT = 3, - GNUTLS_CRT_PRINT_FULL_NUMBERS = 4, - } gnutls_certificate_print_formats_t; +typedef enum gnutls_certificate_print_formats { + GNUTLS_CRT_PRINT_FULL = 0, + GNUTLS_CRT_PRINT_ONELINE = 1, + GNUTLS_CRT_PRINT_UNSIGNED_FULL = 2, + GNUTLS_CRT_PRINT_COMPACT = 3, + GNUTLS_CRT_PRINT_FULL_NUMBERS = 4, +} gnutls_certificate_print_formats_t; #define GNUTLS_PK_ECC GNUTLS_PK_EC /** @@ -625,16 +610,15 @@ gnutls_handshake_description_get_name (gnutls_handshake_description_t type); * * Enumeration of different public-key algorithms. */ - typedef enum - { - GNUTLS_PK_UNKNOWN = 0, - GNUTLS_PK_RSA = 1, - GNUTLS_PK_DSA = 2, - GNUTLS_PK_DH = 3, - GNUTLS_PK_EC = 4, - } gnutls_pk_algorithm_t; +typedef enum { + GNUTLS_PK_UNKNOWN = 0, + GNUTLS_PK_RSA = 1, + GNUTLS_PK_DSA = 2, + GNUTLS_PK_DH = 3, + GNUTLS_PK_EC = 4, +} gnutls_pk_algorithm_t; - const char *gnutls_pk_algorithm_get_name (gnutls_pk_algorithm_t algorithm); +const char *gnutls_pk_algorithm_get_name(gnutls_pk_algorithm_t algorithm); /** * gnutls_sign_algorithm_t: @@ -660,28 +644,27 @@ gnutls_handshake_description_get_name (gnutls_handshake_description_t type); * * Enumeration of different digital signature algorithms. */ - typedef enum - { - GNUTLS_SIGN_UNKNOWN = 0, - GNUTLS_SIGN_RSA_SHA1 = 1, - GNUTLS_SIGN_RSA_SHA = GNUTLS_SIGN_RSA_SHA1, - GNUTLS_SIGN_DSA_SHA1 = 2, - GNUTLS_SIGN_DSA_SHA = GNUTLS_SIGN_DSA_SHA1, - GNUTLS_SIGN_RSA_MD5 = 3, - GNUTLS_SIGN_RSA_MD2 = 4, - GNUTLS_SIGN_RSA_RMD160 = 5, - GNUTLS_SIGN_RSA_SHA256 = 6, - GNUTLS_SIGN_RSA_SHA384 = 7, - GNUTLS_SIGN_RSA_SHA512 = 8, - GNUTLS_SIGN_RSA_SHA224 = 9, - GNUTLS_SIGN_DSA_SHA224 = 10, - GNUTLS_SIGN_DSA_SHA256 = 11, - GNUTLS_SIGN_ECDSA_SHA1 = 12, - GNUTLS_SIGN_ECDSA_SHA224 = 13, - GNUTLS_SIGN_ECDSA_SHA256 = 14, - GNUTLS_SIGN_ECDSA_SHA384 = 15, - GNUTLS_SIGN_ECDSA_SHA512 = 16, - } gnutls_sign_algorithm_t; +typedef enum { + GNUTLS_SIGN_UNKNOWN = 0, + GNUTLS_SIGN_RSA_SHA1 = 1, + GNUTLS_SIGN_RSA_SHA = GNUTLS_SIGN_RSA_SHA1, + GNUTLS_SIGN_DSA_SHA1 = 2, + GNUTLS_SIGN_DSA_SHA = GNUTLS_SIGN_DSA_SHA1, + GNUTLS_SIGN_RSA_MD5 = 3, + GNUTLS_SIGN_RSA_MD2 = 4, + GNUTLS_SIGN_RSA_RMD160 = 5, + GNUTLS_SIGN_RSA_SHA256 = 6, + GNUTLS_SIGN_RSA_SHA384 = 7, + GNUTLS_SIGN_RSA_SHA512 = 8, + GNUTLS_SIGN_RSA_SHA224 = 9, + GNUTLS_SIGN_DSA_SHA224 = 10, + GNUTLS_SIGN_DSA_SHA256 = 11, + GNUTLS_SIGN_ECDSA_SHA1 = 12, + GNUTLS_SIGN_ECDSA_SHA224 = 13, + GNUTLS_SIGN_ECDSA_SHA256 = 14, + GNUTLS_SIGN_ECDSA_SHA384 = 15, + GNUTLS_SIGN_ECDSA_SHA512 = 16, +} gnutls_sign_algorithm_t; /** * gnutls_ecc_curve_t: @@ -694,14 +677,13 @@ gnutls_handshake_description_get_name (gnutls_handshake_description_t type); * * Enumeration of ECC curves. */ -typedef enum -{ - GNUTLS_ECC_CURVE_INVALID=0, - GNUTLS_ECC_CURVE_SECP224R1, - GNUTLS_ECC_CURVE_SECP256R1, - GNUTLS_ECC_CURVE_SECP384R1, - GNUTLS_ECC_CURVE_SECP521R1, - GNUTLS_ECC_CURVE_SECP192R1, +typedef enum { + GNUTLS_ECC_CURVE_INVALID = 0, + GNUTLS_ECC_CURVE_SECP224R1, + GNUTLS_ECC_CURVE_SECP256R1, + GNUTLS_ECC_CURVE_SECP384R1, + GNUTLS_ECC_CURVE_SECP521R1, + GNUTLS_ECC_CURVE_SECP192R1, } gnutls_ecc_curve_t; /* macros to allow specifying a specific curve in gnutls_privkey_generate() @@ -725,19 +707,18 @@ typedef enum * * Enumeration of security parameters for passive attacks. */ - typedef enum - { - GNUTLS_SEC_PARAM_INSECURE = -20, - GNUTLS_SEC_PARAM_EXPORT = -15, - GNUTLS_SEC_PARAM_VERY_WEAK = -12, - GNUTLS_SEC_PARAM_WEAK = -10, - GNUTLS_SEC_PARAM_UNKNOWN = 0, - GNUTLS_SEC_PARAM_LOW = 1, - GNUTLS_SEC_PARAM_LEGACY = 2, - GNUTLS_SEC_PARAM_NORMAL = 3, - GNUTLS_SEC_PARAM_HIGH = 4, - GNUTLS_SEC_PARAM_ULTRA = 5, - } gnutls_sec_param_t; +typedef enum { + GNUTLS_SEC_PARAM_INSECURE = -20, + GNUTLS_SEC_PARAM_EXPORT = -15, + GNUTLS_SEC_PARAM_VERY_WEAK = -12, + GNUTLS_SEC_PARAM_WEAK = -10, + GNUTLS_SEC_PARAM_UNKNOWN = 0, + GNUTLS_SEC_PARAM_LOW = 1, + GNUTLS_SEC_PARAM_LEGACY = 2, + GNUTLS_SEC_PARAM_NORMAL = 3, + GNUTLS_SEC_PARAM_HIGH = 4, + GNUTLS_SEC_PARAM_ULTRA = 5, +} gnutls_sec_param_t; /** * gnutls_channel_binding_t: @@ -745,246 +726,244 @@ typedef enum * * Enumeration of support channel binding types. */ - typedef enum - { - GNUTLS_CB_TLS_UNIQUE - } gnutls_channel_binding_t; +typedef enum { + GNUTLS_CB_TLS_UNIQUE +} gnutls_channel_binding_t; /* If you want to change this, then also change the define in * gnutls_int.h, and recompile. */ - typedef void *gnutls_transport_ptr_t; +typedef void *gnutls_transport_ptr_t; - struct gnutls_session_int; - typedef struct gnutls_session_int *gnutls_session_t; +struct gnutls_session_int; +typedef struct gnutls_session_int *gnutls_session_t; - struct gnutls_dh_params_int; - typedef struct gnutls_dh_params_int *gnutls_dh_params_t; +struct gnutls_dh_params_int; +typedef struct gnutls_dh_params_int *gnutls_dh_params_t; - struct gnutls_ecdh_params_int; - typedef struct gnutls_ecdh_params_int *gnutls_ecdh_params_t; +struct gnutls_ecdh_params_int; +typedef struct gnutls_ecdh_params_int *gnutls_ecdh_params_t; /* XXX ugly. */ - struct gnutls_x509_privkey_int; - typedef struct gnutls_x509_privkey_int *gnutls_rsa_params_t; - - struct gnutls_priority_st; - typedef struct gnutls_priority_st *gnutls_priority_t; - - typedef struct - { - unsigned char *data; - unsigned int size; - } gnutls_datum_t; - - - typedef struct gnutls_params_st - { - gnutls_params_type_t type; - union params - { - gnutls_dh_params_t dh; - gnutls_ecdh_params_t ecdh; - gnutls_rsa_params_t rsa_export; - } params; - int deinit; - } gnutls_params_st; - - typedef int gnutls_params_function (gnutls_session_t, gnutls_params_type_t, - gnutls_params_st *); +struct gnutls_x509_privkey_int; +typedef struct gnutls_x509_privkey_int *gnutls_rsa_params_t; + +struct gnutls_priority_st; +typedef struct gnutls_priority_st *gnutls_priority_t; + +typedef struct { + unsigned char *data; + unsigned int size; +} gnutls_datum_t; + + +typedef struct gnutls_params_st { + gnutls_params_type_t type; + union params { + gnutls_dh_params_t dh; + gnutls_ecdh_params_t ecdh; + gnutls_rsa_params_t rsa_export; + } params; + int deinit; +} gnutls_params_st; + +typedef int gnutls_params_function(gnutls_session_t, gnutls_params_type_t, + gnutls_params_st *); /* internal functions */ - int gnutls_init (gnutls_session_t * session, - unsigned int flags); - void gnutls_deinit (gnutls_session_t session); +int gnutls_init(gnutls_session_t * session, unsigned int flags); +void gnutls_deinit(gnutls_session_t session); #define _gnutls_deinit(x) gnutls_deinit(x) - int gnutls_bye (gnutls_session_t session, gnutls_close_request_t how); +int gnutls_bye(gnutls_session_t session, gnutls_close_request_t how); - int gnutls_handshake (gnutls_session_t session); +int gnutls_handshake(gnutls_session_t session); #define GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT ((unsigned int)-1) - void gnutls_handshake_set_timeout (gnutls_session_t session, - unsigned int ms); - int gnutls_rehandshake (gnutls_session_t session); - - gnutls_alert_description_t gnutls_alert_get (gnutls_session_t session); - int gnutls_alert_send (gnutls_session_t session, - gnutls_alert_level_t level, - gnutls_alert_description_t desc); - int gnutls_alert_send_appropriate (gnutls_session_t session, int err); - const char *gnutls_alert_get_name (gnutls_alert_description_t alert); - const char * gnutls_alert_get_strname (gnutls_alert_description_t alert); - - gnutls_sec_param_t gnutls_pk_bits_to_sec_param (gnutls_pk_algorithm_t algo, - unsigned int bits); - const char *gnutls_sec_param_get_name (gnutls_sec_param_t param); - unsigned int gnutls_sec_param_to_pk_bits (gnutls_pk_algorithm_t algo, - gnutls_sec_param_t param); +void gnutls_handshake_set_timeout(gnutls_session_t session, + unsigned int ms); +int gnutls_rehandshake(gnutls_session_t session); + +gnutls_alert_description_t gnutls_alert_get(gnutls_session_t session); +int gnutls_alert_send(gnutls_session_t session, + gnutls_alert_level_t level, + gnutls_alert_description_t desc); +int gnutls_alert_send_appropriate(gnutls_session_t session, int err); +const char *gnutls_alert_get_name(gnutls_alert_description_t alert); +const char *gnutls_alert_get_strname(gnutls_alert_description_t alert); + +gnutls_sec_param_t gnutls_pk_bits_to_sec_param(gnutls_pk_algorithm_t algo, + unsigned int bits); +const char *gnutls_sec_param_get_name(gnutls_sec_param_t param); +unsigned int gnutls_sec_param_to_pk_bits(gnutls_pk_algorithm_t algo, + gnutls_sec_param_t param); /* Elliptic curves */ -const char * gnutls_ecc_curve_get_name (gnutls_ecc_curve_t curve); -int gnutls_ecc_curve_get_size (gnutls_ecc_curve_t curve); +const char *gnutls_ecc_curve_get_name(gnutls_ecc_curve_t curve); +int gnutls_ecc_curve_get_size(gnutls_ecc_curve_t curve); gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t session); /* get information on the current session */ - gnutls_cipher_algorithm_t gnutls_cipher_get (gnutls_session_t session); - gnutls_kx_algorithm_t gnutls_kx_get (gnutls_session_t session); - gnutls_mac_algorithm_t gnutls_mac_get (gnutls_session_t session); - gnutls_compression_method_t - gnutls_compression_get (gnutls_session_t session); - gnutls_certificate_type_t - gnutls_certificate_type_get (gnutls_session_t session); - - int gnutls_sign_algorithm_get (gnutls_session_t session); - int gnutls_sign_algorithm_get_client (gnutls_session_t session); - - int gnutls_sign_algorithm_get_requested (gnutls_session_t session, - size_t indx, - gnutls_sign_algorithm_t * algo); +gnutls_cipher_algorithm_t gnutls_cipher_get(gnutls_session_t session); +gnutls_kx_algorithm_t gnutls_kx_get(gnutls_session_t session); +gnutls_mac_algorithm_t gnutls_mac_get(gnutls_session_t session); +gnutls_compression_method_t +gnutls_compression_get(gnutls_session_t session); +gnutls_certificate_type_t +gnutls_certificate_type_get(gnutls_session_t session); + +int gnutls_sign_algorithm_get(gnutls_session_t session); +int gnutls_sign_algorithm_get_client(gnutls_session_t session); + +int gnutls_sign_algorithm_get_requested(gnutls_session_t session, + size_t indx, + gnutls_sign_algorithm_t * algo); /* the name of the specified algorithms */ - const char *gnutls_cipher_get_name (gnutls_cipher_algorithm_t algorithm); - const char *gnutls_mac_get_name (gnutls_mac_algorithm_t algorithm); - const char *gnutls_digest_get_name (gnutls_digest_algorithm_t algorithm); - const char *gnutls_compression_get_name (gnutls_compression_method_t - algorithm); - const char *gnutls_kx_get_name (gnutls_kx_algorithm_t algorithm); - const char *gnutls_certificate_type_get_name (gnutls_certificate_type_t - type); - const char *gnutls_pk_get_name (gnutls_pk_algorithm_t algorithm); - const char *gnutls_sign_get_name (gnutls_sign_algorithm_t algorithm); - - size_t gnutls_cipher_get_key_size (gnutls_cipher_algorithm_t algorithm); - size_t gnutls_mac_get_key_size (gnutls_mac_algorithm_t algorithm); - - int gnutls_sign_is_secure (gnutls_sign_algorithm_t algorithm); - gnutls_digest_algorithm_t - gnutls_sign_get_hash_algorithm (gnutls_sign_algorithm_t sign); - gnutls_pk_algorithm_t - gnutls_sign_get_pk_algorithm (gnutls_sign_algorithm_t sign); - gnutls_sign_algorithm_t - gnutls_pk_to_sign (gnutls_pk_algorithm_t pk, - gnutls_digest_algorithm_t hash); +const char *gnutls_cipher_get_name(gnutls_cipher_algorithm_t algorithm); +const char *gnutls_mac_get_name(gnutls_mac_algorithm_t algorithm); +const char *gnutls_digest_get_name(gnutls_digest_algorithm_t algorithm); +const char *gnutls_compression_get_name(gnutls_compression_method_t + algorithm); +const char *gnutls_kx_get_name(gnutls_kx_algorithm_t algorithm); +const char *gnutls_certificate_type_get_name(gnutls_certificate_type_t + type); +const char *gnutls_pk_get_name(gnutls_pk_algorithm_t algorithm); +const char *gnutls_sign_get_name(gnutls_sign_algorithm_t algorithm); + +size_t gnutls_cipher_get_key_size(gnutls_cipher_algorithm_t algorithm); +size_t gnutls_mac_get_key_size(gnutls_mac_algorithm_t algorithm); + +int gnutls_sign_is_secure(gnutls_sign_algorithm_t algorithm); +gnutls_digest_algorithm_t +gnutls_sign_get_hash_algorithm(gnutls_sign_algorithm_t sign); +gnutls_pk_algorithm_t +gnutls_sign_get_pk_algorithm(gnutls_sign_algorithm_t sign); +gnutls_sign_algorithm_t +gnutls_pk_to_sign(gnutls_pk_algorithm_t pk, + gnutls_digest_algorithm_t hash); #define gnutls_sign_algorithm_get_name gnutls_sign_get_name - gnutls_mac_algorithm_t gnutls_mac_get_id (const char *name); - gnutls_digest_algorithm_t gnutls_digest_get_id (const char *name); - gnutls_compression_method_t gnutls_compression_get_id (const char *name); - gnutls_cipher_algorithm_t gnutls_cipher_get_id (const char *name); - gnutls_kx_algorithm_t gnutls_kx_get_id (const char *name); - gnutls_protocol_t gnutls_protocol_get_id (const char *name); - gnutls_certificate_type_t gnutls_certificate_type_get_id (const char *name); - gnutls_pk_algorithm_t gnutls_pk_get_id (const char *name); - gnutls_sign_algorithm_t gnutls_sign_get_id (const char *name); +gnutls_mac_algorithm_t gnutls_mac_get_id(const char *name); +gnutls_digest_algorithm_t gnutls_digest_get_id(const char *name); +gnutls_compression_method_t gnutls_compression_get_id(const char *name); +gnutls_cipher_algorithm_t gnutls_cipher_get_id(const char *name); +gnutls_kx_algorithm_t gnutls_kx_get_id(const char *name); +gnutls_protocol_t gnutls_protocol_get_id(const char *name); +gnutls_certificate_type_t gnutls_certificate_type_get_id(const char *name); +gnutls_pk_algorithm_t gnutls_pk_get_id(const char *name); +gnutls_sign_algorithm_t gnutls_sign_get_id(const char *name); /* list supported algorithms */ - const gnutls_ecc_curve_t * gnutls_ecc_curve_list (void); - const gnutls_cipher_algorithm_t *gnutls_cipher_list (void); - const gnutls_mac_algorithm_t *gnutls_mac_list (void); - const gnutls_digest_algorithm_t *gnutls_digest_list (void); - const gnutls_compression_method_t *gnutls_compression_list (void); - const gnutls_protocol_t *gnutls_protocol_list (void); - const gnutls_certificate_type_t *gnutls_certificate_type_list (void); - const gnutls_kx_algorithm_t *gnutls_kx_list (void); - const gnutls_pk_algorithm_t *gnutls_pk_list (void); - const gnutls_sign_algorithm_t *gnutls_sign_list (void); - const char *gnutls_cipher_suite_info (size_t idx, - unsigned char *cs_id, - gnutls_kx_algorithm_t * kx, - gnutls_cipher_algorithm_t * cipher, - gnutls_mac_algorithm_t * mac, - gnutls_protocol_t * min_version); +const gnutls_ecc_curve_t *gnutls_ecc_curve_list(void); +const gnutls_cipher_algorithm_t *gnutls_cipher_list(void); +const gnutls_mac_algorithm_t *gnutls_mac_list(void); +const gnutls_digest_algorithm_t *gnutls_digest_list(void); +const gnutls_compression_method_t *gnutls_compression_list(void); +const gnutls_protocol_t *gnutls_protocol_list(void); +const gnutls_certificate_type_t *gnutls_certificate_type_list(void); +const gnutls_kx_algorithm_t *gnutls_kx_list(void); +const gnutls_pk_algorithm_t *gnutls_pk_list(void); +const gnutls_sign_algorithm_t *gnutls_sign_list(void); +const char *gnutls_cipher_suite_info(size_t idx, + unsigned char *cs_id, + gnutls_kx_algorithm_t * kx, + gnutls_cipher_algorithm_t * cipher, + gnutls_mac_algorithm_t * mac, + gnutls_protocol_t * min_version); /* error functions */ - int gnutls_error_is_fatal (int error); - int gnutls_error_to_alert (int err, int *level); +int gnutls_error_is_fatal(int error); +int gnutls_error_to_alert(int err, int *level); - void gnutls_perror (int error); - const char *gnutls_strerror (int error); - const char *gnutls_strerror_name (int error); +void gnutls_perror(int error); +const char *gnutls_strerror(int error); +const char *gnutls_strerror_name(int error); /* Semi-internal functions. */ - void gnutls_handshake_set_private_extensions (gnutls_session_t session, - int allow); - int gnutls_handshake_set_random (gnutls_session_t session, const gnutls_datum_t* random); +void gnutls_handshake_set_private_extensions(gnutls_session_t session, + int allow); +int gnutls_handshake_set_random(gnutls_session_t session, + const gnutls_datum_t * random); - gnutls_handshake_description_t - gnutls_handshake_get_last_out (gnutls_session_t session); - gnutls_handshake_description_t - gnutls_handshake_get_last_in (gnutls_session_t session); +gnutls_handshake_description_t +gnutls_handshake_get_last_out(gnutls_session_t session); +gnutls_handshake_description_t +gnutls_handshake_get_last_in(gnutls_session_t session); /* Record layer functions. */ #define GNUTLS_HEARTBEAT_WAIT 1 - int gnutls_heartbeat_ping (gnutls_session_t session, size_t data_size, - unsigned int max_tries, unsigned int flags); - int gnutls_heartbeat_pong (gnutls_session_t session, unsigned int flags); +int gnutls_heartbeat_ping(gnutls_session_t session, size_t data_size, + unsigned int max_tries, unsigned int flags); +int gnutls_heartbeat_pong(gnutls_session_t session, unsigned int flags); - void gnutls_record_set_timeout (gnutls_session_t session, unsigned int ms); - void gnutls_record_disable_padding (gnutls_session_t session); +void gnutls_record_set_timeout(gnutls_session_t session, unsigned int ms); +void gnutls_record_disable_padding(gnutls_session_t session); - void gnutls_record_cork (gnutls_session_t session); +void gnutls_record_cork(gnutls_session_t session); #define GNUTLS_RECORD_WAIT 1 - int gnutls_record_uncork (gnutls_session_t session, unsigned int flags); - - typedef struct { - size_t low; - size_t high; - } gnutls_range_st; - - int gnutls_range_split (gnutls_session_t session, - const gnutls_range_st *orig, - gnutls_range_st * small_range, - gnutls_range_st * rem_range); - - ssize_t gnutls_record_send (gnutls_session_t session, const void *data, - size_t data_size); - ssize_t gnutls_record_send_range (gnutls_session_t session, const void *data, - size_t data_size, const gnutls_range_st *range); - ssize_t gnutls_record_recv (gnutls_session_t session, void *data, - size_t data_size); +int gnutls_record_uncork(gnutls_session_t session, unsigned int flags); + +typedef struct { + size_t low; + size_t high; +} gnutls_range_st; + +int gnutls_range_split(gnutls_session_t session, + const gnutls_range_st * orig, + gnutls_range_st * small_range, + gnutls_range_st * rem_range); + +ssize_t gnutls_record_send(gnutls_session_t session, const void *data, + size_t data_size); +ssize_t gnutls_record_send_range(gnutls_session_t session, + const void *data, size_t data_size, + const gnutls_range_st * range); +ssize_t gnutls_record_recv(gnutls_session_t session, void *data, + size_t data_size); #define gnutls_read gnutls_record_recv #define gnutls_write gnutls_record_send - ssize_t gnutls_record_recv_seq (gnutls_session_t session, void *data, size_t data_size, - unsigned char *seq); +ssize_t gnutls_record_recv_seq(gnutls_session_t session, void *data, + size_t data_size, unsigned char *seq); - size_t gnutls_record_overhead_size (gnutls_session_t session); +size_t gnutls_record_overhead_size(gnutls_session_t session); - size_t gnutls_est_record_overhead_size (gnutls_protocol_t version, - gnutls_cipher_algorithm_t cipher, - gnutls_mac_algorithm_t mac, - gnutls_compression_method_t comp, - unsigned int flags); +size_t gnutls_est_record_overhead_size(gnutls_protocol_t version, + gnutls_cipher_algorithm_t cipher, + gnutls_mac_algorithm_t mac, + gnutls_compression_method_t comp, + unsigned int flags); - void gnutls_session_enable_compatibility_mode (gnutls_session_t session); - void gnutls_record_set_max_empty_records (gnutls_session_t session, const unsigned int i); +void gnutls_session_enable_compatibility_mode(gnutls_session_t session); +void gnutls_record_set_max_empty_records(gnutls_session_t session, + const unsigned int i); - int gnutls_record_can_use_length_hiding (gnutls_session_t session); +int gnutls_record_can_use_length_hiding(gnutls_session_t session); - int gnutls_record_get_direction (gnutls_session_t session); +int gnutls_record_get_direction(gnutls_session_t session); - size_t gnutls_record_get_max_size (gnutls_session_t session); - ssize_t gnutls_record_set_max_size (gnutls_session_t session, size_t size); +size_t gnutls_record_get_max_size(gnutls_session_t session); +ssize_t gnutls_record_set_max_size(gnutls_session_t session, size_t size); - size_t gnutls_record_check_pending (gnutls_session_t session); +size_t gnutls_record_check_pending(gnutls_session_t session); - void gnutls_session_force_valid (gnutls_session_t session); +void gnutls_session_force_valid(gnutls_session_t session); - int gnutls_prf (gnutls_session_t session, - size_t label_size, const char *label, - int server_random_first, - size_t extra_size, const char *extra, - size_t outsize, char *out); +int gnutls_prf(gnutls_session_t session, + size_t label_size, const char *label, + int server_random_first, + size_t extra_size, const char *extra, + size_t outsize, char *out); - int gnutls_prf_raw (gnutls_session_t session, - size_t label_size, const char *label, - size_t seed_size, const char *seed, - size_t outsize, char *out); +int gnutls_prf_raw(gnutls_session_t session, + size_t label_size, const char *label, + size_t seed_size, const char *seed, + size_t outsize, char *out); /** * gnutls_server_name_type_t: @@ -992,34 +971,34 @@ gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t session); * * Enumeration of different server name types. */ - typedef enum - { - GNUTLS_NAME_DNS = 1 - } gnutls_server_name_type_t; +typedef enum { + GNUTLS_NAME_DNS = 1 +} gnutls_server_name_type_t; - int gnutls_server_name_set (gnutls_session_t session, - gnutls_server_name_type_t type, - const void *name, size_t name_length); +int gnutls_server_name_set(gnutls_session_t session, + gnutls_server_name_type_t type, + const void *name, size_t name_length); - int gnutls_server_name_get (gnutls_session_t session, - void *data, size_t * data_length, - unsigned int *type, unsigned int indx); +int gnutls_server_name_get(gnutls_session_t session, + void *data, size_t * data_length, + unsigned int *type, unsigned int indx); - unsigned int gnutls_heartbeat_get_timeout (gnutls_session_t session); - void gnutls_heartbeat_set_timeouts (gnutls_session_t session, unsigned int retrans_timeout, - unsigned int total_timeout); +unsigned int gnutls_heartbeat_get_timeout(gnutls_session_t session); +void gnutls_heartbeat_set_timeouts(gnutls_session_t session, + unsigned int retrans_timeout, + unsigned int total_timeout); #define GNUTLS_HB_PEER_ALLOWED_TO_SEND (1) #define GNUTLS_HB_PEER_NOT_ALLOWED_TO_SEND (1<<1) /* Heartbeat */ - void gnutls_heartbeat_enable (gnutls_session_t session, unsigned int type); +void gnutls_heartbeat_enable(gnutls_session_t session, unsigned int type); #define GNUTLS_HB_LOCAL_ALLOWED_TO_SEND (1<<2) - int gnutls_heartbeat_allowed (gnutls_session_t session, unsigned int type); +int gnutls_heartbeat_allowed(gnutls_session_t session, unsigned int type); /* Safe renegotiation */ - int gnutls_safe_renegotiation_status (gnutls_session_t session); +int gnutls_safe_renegotiation_status(gnutls_session_t session); /** * gnutls_supplemental_data_format_type_t: @@ -1027,20 +1006,18 @@ gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t session); * * Enumeration of different supplemental data types (RFC 4680). */ - typedef enum - { - GNUTLS_SUPPLEMENTAL_USER_MAPPING_DATA = 0 - } gnutls_supplemental_data_format_type_t; +typedef enum { + GNUTLS_SUPPLEMENTAL_USER_MAPPING_DATA = 0 +} gnutls_supplemental_data_format_type_t; - const char - *gnutls_supplemental_get_name (gnutls_supplemental_data_format_type_t - type); +const char +*gnutls_supplemental_get_name(gnutls_supplemental_data_format_type_t type); /* SessionTicket, RFC 5077. */ - int gnutls_session_ticket_key_generate (gnutls_datum_t * key); - int gnutls_session_ticket_enable_client (gnutls_session_t session); - int gnutls_session_ticket_enable_server (gnutls_session_t session, - const gnutls_datum_t * key); +int gnutls_session_ticket_key_generate(gnutls_datum_t * key); +int gnutls_session_ticket_enable_client(gnutls_session_t session); +int gnutls_session_ticket_enable_server(gnutls_session_t session, + const gnutls_datum_t * key); /* SRTP, RFC 5764 */ @@ -1053,145 +1030,159 @@ gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t session); * * Enumeration of different SRTP protection profiles. */ - typedef enum - { - GNUTLS_SRTP_AES128_CM_HMAC_SHA1_80 = 0x0001, - GNUTLS_SRTP_AES128_CM_HMAC_SHA1_32 = 0x0002, - GNUTLS_SRTP_NULL_HMAC_SHA1_80 = 0x0005, - GNUTLS_SRTP_NULL_HMAC_SHA1_32 = 0x0006 - } gnutls_srtp_profile_t; - - int gnutls_srtp_set_profile (gnutls_session_t session, - gnutls_srtp_profile_t profile); - int gnutls_srtp_set_profile_direct (gnutls_session_t session, - const char *profiles, const char **err_pos); - int gnutls_srtp_get_selected_profile (gnutls_session_t session, - gnutls_srtp_profile_t *profile); - - const char *gnutls_srtp_get_profile_name (gnutls_srtp_profile_t profile); - int gnutls_srtp_get_profile_id (const char *name, - gnutls_srtp_profile_t *profile); - int gnutls_srtp_get_keys (gnutls_session_t session, - void *key_material, - unsigned int key_material_size, - gnutls_datum_t *client_key, - gnutls_datum_t *client_salt, - gnutls_datum_t *server_key, - gnutls_datum_t *server_salt); - - int gnutls_srtp_set_mki (gnutls_session_t session, const gnutls_datum_t *mki); - int gnutls_srtp_get_mki (gnutls_session_t session, gnutls_datum_t *mki); +typedef enum { + GNUTLS_SRTP_AES128_CM_HMAC_SHA1_80 = 0x0001, + GNUTLS_SRTP_AES128_CM_HMAC_SHA1_32 = 0x0002, + GNUTLS_SRTP_NULL_HMAC_SHA1_80 = 0x0005, + GNUTLS_SRTP_NULL_HMAC_SHA1_32 = 0x0006 +} gnutls_srtp_profile_t; + +int gnutls_srtp_set_profile(gnutls_session_t session, + gnutls_srtp_profile_t profile); +int gnutls_srtp_set_profile_direct(gnutls_session_t session, + const char *profiles, + const char **err_pos); +int gnutls_srtp_get_selected_profile(gnutls_session_t session, + gnutls_srtp_profile_t * profile); + +const char *gnutls_srtp_get_profile_name(gnutls_srtp_profile_t profile); +int gnutls_srtp_get_profile_id(const char *name, + gnutls_srtp_profile_t * profile); +int gnutls_srtp_get_keys(gnutls_session_t session, + void *key_material, + unsigned int key_material_size, + gnutls_datum_t * client_key, + gnutls_datum_t * client_salt, + gnutls_datum_t * server_key, + gnutls_datum_t * server_salt); + +int gnutls_srtp_set_mki(gnutls_session_t session, + const gnutls_datum_t * mki); +int gnutls_srtp_get_mki(gnutls_session_t session, gnutls_datum_t * mki); /* ALPN TLS extension */ #define GNUTLS_ALPN_MAND 1 - int gnutls_alpn_get_selected_protocol (gnutls_session_t session, - gnutls_datum_t * protocol); - int gnutls_alpn_set_protocols (gnutls_session_t session, - const gnutls_datum_t * protocols, unsigned protocols_size, - unsigned flags); +int gnutls_alpn_get_selected_protocol(gnutls_session_t session, + gnutls_datum_t * protocol); +int gnutls_alpn_set_protocols(gnutls_session_t session, + const gnutls_datum_t * protocols, + unsigned protocols_size, unsigned flags); - int gnutls_key_generate (gnutls_datum_t * key, unsigned int key_size); +int gnutls_key_generate(gnutls_datum_t * key, unsigned int key_size); /* if you just want some defaults, use the following. */ - int gnutls_priority_init (gnutls_priority_t * priority_cache, - const char *priorities, const char **err_pos); - void gnutls_priority_deinit (gnutls_priority_t priority_cache); - int gnutls_priority_get_cipher_suite_index (gnutls_priority_t pcache, unsigned int idx, unsigned int *sidx); - - int gnutls_priority_set (gnutls_session_t session, - gnutls_priority_t priority); - int gnutls_priority_set_direct (gnutls_session_t session, - const char *priorities, - const char **err_pos); - - int gnutls_priority_certificate_type_list (gnutls_priority_t pcache, const unsigned int** list); - int gnutls_priority_sign_list (gnutls_priority_t pcache, const unsigned int** list); - int gnutls_priority_protocol_list (gnutls_priority_t pcache, const unsigned int** list); - int gnutls_priority_compression_list (gnutls_priority_t pcache, const unsigned int** list); - int gnutls_priority_ecc_curve_list (gnutls_priority_t pcache, const unsigned int** list); - - int gnutls_priority_kx_list (gnutls_priority_t pcache, const unsigned int** list); - int gnutls_priority_cipher_list (gnutls_priority_t pcache, const unsigned int** list); - int gnutls_priority_mac_list (gnutls_priority_t pcache, const unsigned int** list); +int gnutls_priority_init(gnutls_priority_t * priority_cache, + const char *priorities, const char **err_pos); +void gnutls_priority_deinit(gnutls_priority_t priority_cache); +int gnutls_priority_get_cipher_suite_index(gnutls_priority_t pcache, + unsigned int idx, + unsigned int *sidx); + +int gnutls_priority_set(gnutls_session_t session, + gnutls_priority_t priority); +int gnutls_priority_set_direct(gnutls_session_t session, + const char *priorities, + const char **err_pos); + +int gnutls_priority_certificate_type_list(gnutls_priority_t pcache, + const unsigned int **list); +int gnutls_priority_sign_list(gnutls_priority_t pcache, + const unsigned int **list); +int gnutls_priority_protocol_list(gnutls_priority_t pcache, + const unsigned int **list); +int gnutls_priority_compression_list(gnutls_priority_t pcache, + const unsigned int **list); +int gnutls_priority_ecc_curve_list(gnutls_priority_t pcache, + const unsigned int **list); + +int gnutls_priority_kx_list(gnutls_priority_t pcache, + const unsigned int **list); +int gnutls_priority_cipher_list(gnutls_priority_t pcache, + const unsigned int **list); +int gnutls_priority_mac_list(gnutls_priority_t pcache, + const unsigned int **list); /* for compatibility */ - int gnutls_set_default_priority (gnutls_session_t session); +int gnutls_set_default_priority(gnutls_session_t session); /* Returns the name of a cipher suite */ - const char *gnutls_cipher_suite_get_name (gnutls_kx_algorithm_t - kx_algorithm, - gnutls_cipher_algorithm_t - cipher_algorithm, - gnutls_mac_algorithm_t - mac_algorithm); +const char *gnutls_cipher_suite_get_name(gnutls_kx_algorithm_t + kx_algorithm, + gnutls_cipher_algorithm_t + cipher_algorithm, + gnutls_mac_algorithm_t + mac_algorithm); /* get the currently used protocol version */ - gnutls_protocol_t gnutls_protocol_get_version (gnutls_session_t session); +gnutls_protocol_t gnutls_protocol_get_version(gnutls_session_t session); - const char *gnutls_protocol_get_name (gnutls_protocol_t version); +const char *gnutls_protocol_get_name(gnutls_protocol_t version); /* get/set session */ - int gnutls_session_set_data (gnutls_session_t session, - const void *session_data, - size_t session_data_size); - int gnutls_session_get_data (gnutls_session_t session, void *session_data, - size_t * session_data_size); - int gnutls_session_get_data2 (gnutls_session_t session, - gnutls_datum_t * data); - void gnutls_session_get_random (gnutls_session_t session, gnutls_datum_t* client, - gnutls_datum_t* server); - char * gnutls_session_get_desc (gnutls_session_t session); - - int gnutls_session_set_premaster (gnutls_session_t session, unsigned int entity, - gnutls_protocol_t version, - gnutls_kx_algorithm_t kx, - gnutls_cipher_algorithm_t cipher, - gnutls_mac_algorithm_t mac, - gnutls_compression_method_t comp, - const gnutls_datum_t* master, - const gnutls_datum_t * session_id); +int gnutls_session_set_data(gnutls_session_t session, + const void *session_data, + size_t session_data_size); +int gnutls_session_get_data(gnutls_session_t session, void *session_data, + size_t * session_data_size); +int gnutls_session_get_data2(gnutls_session_t session, + gnutls_datum_t * data); +void gnutls_session_get_random(gnutls_session_t session, + gnutls_datum_t * client, + gnutls_datum_t * server); +char *gnutls_session_get_desc(gnutls_session_t session); + +int gnutls_session_set_premaster(gnutls_session_t session, + unsigned int entity, + gnutls_protocol_t version, + gnutls_kx_algorithm_t kx, + gnutls_cipher_algorithm_t cipher, + gnutls_mac_algorithm_t mac, + gnutls_compression_method_t comp, + const gnutls_datum_t * master, + const gnutls_datum_t * session_id); /* returns the session ID */ #define GNUTLS_MAX_SESSION_ID 32 - int gnutls_session_get_id (gnutls_session_t session, void *session_id, - size_t * session_id_size); - int gnutls_session_get_id2 (gnutls_session_t session, gnutls_datum_t *session_id); +int gnutls_session_get_id(gnutls_session_t session, void *session_id, + size_t * session_id_size); +int gnutls_session_get_id2(gnutls_session_t session, + gnutls_datum_t * session_id); - int gnutls_session_set_id (gnutls_session_t session, - const gnutls_datum_t * sid); +int gnutls_session_set_id(gnutls_session_t session, + const gnutls_datum_t * sid); - int gnutls_session_channel_binding (gnutls_session_t session, - gnutls_channel_binding_t cbtype, - gnutls_datum_t * cb); +int gnutls_session_channel_binding(gnutls_session_t session, + gnutls_channel_binding_t cbtype, + gnutls_datum_t * cb); /* checks if this session is a resumed one */ - int gnutls_session_is_resumed (gnutls_session_t session); - int gnutls_session_resumption_requested (gnutls_session_t session); - - typedef int (*gnutls_db_store_func) (void *, gnutls_datum_t key, - gnutls_datum_t data); - typedef int (*gnutls_db_remove_func) (void *, gnutls_datum_t key); - typedef gnutls_datum_t (*gnutls_db_retr_func) (void *, gnutls_datum_t key); - - void gnutls_db_set_cache_expiration (gnutls_session_t session, int seconds); - - void gnutls_db_remove_session (gnutls_session_t session); - void gnutls_db_set_retrieve_function (gnutls_session_t session, - gnutls_db_retr_func retr_func); - void gnutls_db_set_remove_function (gnutls_session_t session, - gnutls_db_remove_func rem_func); - void gnutls_db_set_store_function (gnutls_session_t session, - gnutls_db_store_func store_func); - void gnutls_db_set_ptr (gnutls_session_t session, void *ptr); - void *gnutls_db_get_ptr (gnutls_session_t session); - int gnutls_db_check_entry (gnutls_session_t session, - gnutls_datum_t session_entry); - time_t gnutls_db_check_entry_time (gnutls_datum_t *entry); +int gnutls_session_is_resumed(gnutls_session_t session); +int gnutls_session_resumption_requested(gnutls_session_t session); + +typedef int (*gnutls_db_store_func) (void *, gnutls_datum_t key, + gnutls_datum_t data); +typedef int (*gnutls_db_remove_func) (void *, gnutls_datum_t key); +typedef gnutls_datum_t(*gnutls_db_retr_func) (void *, gnutls_datum_t key); + +void gnutls_db_set_cache_expiration(gnutls_session_t session, int seconds); + +void gnutls_db_remove_session(gnutls_session_t session); +void gnutls_db_set_retrieve_function(gnutls_session_t session, + gnutls_db_retr_func retr_func); +void gnutls_db_set_remove_function(gnutls_session_t session, + gnutls_db_remove_func rem_func); +void gnutls_db_set_store_function(gnutls_session_t session, + gnutls_db_store_func store_func); +void gnutls_db_set_ptr(gnutls_session_t session, void *ptr); +void *gnutls_db_get_ptr(gnutls_session_t session); +int gnutls_db_check_entry(gnutls_session_t session, + gnutls_datum_t session_entry); +time_t gnutls_db_check_entry_time(gnutls_datum_t * entry); /** * gnutls_handshake_hook_func: @@ -1209,214 +1200,229 @@ gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t session); #define GNUTLS_HOOK_PRE (0) #define GNUTLS_HOOK_BOTH (-1) - typedef int (*gnutls_handshake_hook_func) (gnutls_session_t, unsigned int htype, unsigned post, unsigned int incoming); - void gnutls_handshake_set_hook_function (gnutls_session_t session, - unsigned int htype, - int post, - gnutls_handshake_hook_func func); +typedef int (*gnutls_handshake_hook_func) (gnutls_session_t, + unsigned int htype, + unsigned post, + unsigned int incoming); +void gnutls_handshake_set_hook_function(gnutls_session_t session, + unsigned int htype, int post, + gnutls_handshake_hook_func func); - typedef int (*gnutls_handshake_post_client_hello_func) (gnutls_session_t); - void - gnutls_handshake_set_post_client_hello_function (gnutls_session_t session, - gnutls_handshake_post_client_hello_func - func); +typedef int (*gnutls_handshake_post_client_hello_func) (gnutls_session_t); +void +gnutls_handshake_set_post_client_hello_function(gnutls_session_t session, + gnutls_handshake_post_client_hello_func + func); - void gnutls_handshake_set_max_packet_length (gnutls_session_t session, - size_t max); +void gnutls_handshake_set_max_packet_length(gnutls_session_t session, + size_t max); /* returns libgnutls version (call it with a NULL argument) */ - const char *gnutls_check_version (const char *req_version); +const char *gnutls_check_version(const char *req_version); /* Functions for setting/clearing credentials */ - void gnutls_credentials_clear (gnutls_session_t session); +void gnutls_credentials_clear(gnutls_session_t session); /* cred is a structure defined by the kx algorithm */ - int gnutls_credentials_set (gnutls_session_t session, - gnutls_credentials_type_t type, void *cred); +int gnutls_credentials_set(gnutls_session_t session, + gnutls_credentials_type_t type, void *cred); #define gnutls_cred_set gnutls_credentials_set /* x.509 types */ - struct gnutls_pubkey_st; - typedef struct gnutls_pubkey_st *gnutls_pubkey_t; +struct gnutls_pubkey_st; +typedef struct gnutls_pubkey_st *gnutls_pubkey_t; - struct gnutls_privkey_st; - typedef struct gnutls_privkey_st *gnutls_privkey_t; +struct gnutls_privkey_st; +typedef struct gnutls_privkey_st *gnutls_privkey_t; - struct gnutls_x509_privkey_int; - typedef struct gnutls_x509_privkey_int *gnutls_x509_privkey_t; +struct gnutls_x509_privkey_int; +typedef struct gnutls_x509_privkey_int *gnutls_x509_privkey_t; - struct gnutls_x509_crl_int; - typedef struct gnutls_x509_crl_int *gnutls_x509_crl_t; +struct gnutls_x509_crl_int; +typedef struct gnutls_x509_crl_int *gnutls_x509_crl_t; - struct gnutls_x509_crt_int; - typedef struct gnutls_x509_crt_int *gnutls_x509_crt_t; +struct gnutls_x509_crt_int; +typedef struct gnutls_x509_crt_int *gnutls_x509_crt_t; - struct gnutls_x509_crq_int; - typedef struct gnutls_x509_crq_int *gnutls_x509_crq_t; +struct gnutls_x509_crq_int; +typedef struct gnutls_x509_crq_int *gnutls_x509_crq_t; - struct gnutls_openpgp_keyring_int; - typedef struct gnutls_openpgp_keyring_int *gnutls_openpgp_keyring_t; +struct gnutls_openpgp_keyring_int; +typedef struct gnutls_openpgp_keyring_int *gnutls_openpgp_keyring_t; /* Credential structures - used in gnutls_credentials_set(); */ - struct gnutls_certificate_credentials_st; - typedef struct gnutls_certificate_credentials_st - *gnutls_certificate_credentials_t; - typedef gnutls_certificate_credentials_t +struct gnutls_certificate_credentials_st; +typedef struct gnutls_certificate_credentials_st +*gnutls_certificate_credentials_t; +typedef gnutls_certificate_credentials_t gnutls_certificate_server_credentials; - typedef gnutls_certificate_credentials_t +typedef gnutls_certificate_credentials_t gnutls_certificate_client_credentials; - typedef struct gnutls_anon_server_credentials_st - *gnutls_anon_server_credentials_t; - typedef struct gnutls_anon_client_credentials_st - *gnutls_anon_client_credentials_t; +typedef struct gnutls_anon_server_credentials_st +*gnutls_anon_server_credentials_t; +typedef struct gnutls_anon_client_credentials_st +*gnutls_anon_client_credentials_t; - void gnutls_anon_free_server_credentials (gnutls_anon_server_credentials_t - sc); - int - gnutls_anon_allocate_server_credentials (gnutls_anon_server_credentials_t - * sc); +void gnutls_anon_free_server_credentials(gnutls_anon_server_credentials_t + sc); +int +gnutls_anon_allocate_server_credentials(gnutls_anon_server_credentials_t + * sc); - void gnutls_anon_set_server_dh_params (gnutls_anon_server_credentials_t res, - gnutls_dh_params_t dh_params); +void gnutls_anon_set_server_dh_params(gnutls_anon_server_credentials_t res, + gnutls_dh_params_t dh_params); - void - gnutls_anon_set_server_params_function (gnutls_anon_server_credentials_t - res, - gnutls_params_function * func); +void +gnutls_anon_set_server_params_function(gnutls_anon_server_credentials_t + res, gnutls_params_function * func); - void - gnutls_anon_free_client_credentials (gnutls_anon_client_credentials_t sc); - int - gnutls_anon_allocate_client_credentials (gnutls_anon_client_credentials_t - * sc); +void +gnutls_anon_free_client_credentials(gnutls_anon_client_credentials_t sc); +int +gnutls_anon_allocate_client_credentials(gnutls_anon_client_credentials_t + * sc); /* CERTFILE is an x509 certificate in PEM form. * KEYFILE is a pkcs-1 private key in PEM form (for RSA keys). */ - void - gnutls_certificate_free_credentials (gnutls_certificate_credentials_t sc); - int - gnutls_certificate_allocate_credentials (gnutls_certificate_credentials_t - * res); - - int - gnutls_certificate_get_issuer (gnutls_certificate_credentials_t sc, - gnutls_x509_crt_t cert, gnutls_x509_crt_t* issuer, unsigned int flags); - - int gnutls_certificate_get_crt_raw (gnutls_certificate_credentials_t sc, unsigned idx1, - unsigned idx2, gnutls_datum_t * cert); - - void gnutls_certificate_free_keys (gnutls_certificate_credentials_t sc); - void gnutls_certificate_free_cas (gnutls_certificate_credentials_t sc); - void gnutls_certificate_free_ca_names (gnutls_certificate_credentials_t sc); - void gnutls_certificate_free_crls (gnutls_certificate_credentials_t sc); - - void gnutls_certificate_set_dh_params (gnutls_certificate_credentials_t res, - gnutls_dh_params_t dh_params); - void gnutls_certificate_set_verify_flags (gnutls_certificate_credentials_t - res, unsigned int flags); - void gnutls_certificate_set_verify_limits (gnutls_certificate_credentials_t - res, unsigned int max_bits, - unsigned int max_depth); - - int - gnutls_certificate_set_x509_system_trust (gnutls_certificate_credentials_t cred); - - int - gnutls_certificate_set_x509_trust_file (gnutls_certificate_credentials_t - cred, const char *cafile, - gnutls_x509_crt_fmt_t type); - int gnutls_certificate_set_x509_trust_mem (gnutls_certificate_credentials_t - res, const gnutls_datum_t * ca, - gnutls_x509_crt_fmt_t type); - - int - gnutls_certificate_set_x509_crl_file (gnutls_certificate_credentials_t - res, const char *crlfile, - gnutls_x509_crt_fmt_t type); - int gnutls_certificate_set_x509_crl_mem (gnutls_certificate_credentials_t - res, const gnutls_datum_t * CRL, - gnutls_x509_crt_fmt_t type); - - int - gnutls_certificate_set_x509_key_file (gnutls_certificate_credentials_t - res, const char *certfile, - const char *keyfile, - gnutls_x509_crt_fmt_t type); - - int - gnutls_certificate_set_x509_key_file2 (gnutls_certificate_credentials_t - res, const char *certfile, - const char *keyfile, - gnutls_x509_crt_fmt_t type, - const char* pass, - unsigned int flags); - - int gnutls_certificate_set_x509_key_mem (gnutls_certificate_credentials_t - res, const gnutls_datum_t * cert, - const gnutls_datum_t * key, - gnutls_x509_crt_fmt_t type); - - int gnutls_certificate_set_x509_key_mem2 (gnutls_certificate_credentials_t - res, const gnutls_datum_t * cert, - const gnutls_datum_t * key, - gnutls_x509_crt_fmt_t type, - const char* pass, - unsigned int flags); - - void gnutls_certificate_send_x509_rdn_sequence (gnutls_session_t session, - int status); - - int gnutls_certificate_set_x509_simple_pkcs12_file (gnutls_certificate_credentials_t res, const char *pkcs12file, - gnutls_x509_crt_fmt_t type, const char *password); - int gnutls_certificate_set_x509_simple_pkcs12_mem (gnutls_certificate_credentials_t res, const gnutls_datum_t * p12blob, - gnutls_x509_crt_fmt_t type, const char *password); +void +gnutls_certificate_free_credentials(gnutls_certificate_credentials_t sc); +int +gnutls_certificate_allocate_credentials(gnutls_certificate_credentials_t + * res); + +int +gnutls_certificate_get_issuer(gnutls_certificate_credentials_t sc, + gnutls_x509_crt_t cert, + gnutls_x509_crt_t * issuer, + unsigned int flags); + +int gnutls_certificate_get_crt_raw(gnutls_certificate_credentials_t sc, + unsigned idx1, unsigned idx2, + gnutls_datum_t * cert); + +void gnutls_certificate_free_keys(gnutls_certificate_credentials_t sc); +void gnutls_certificate_free_cas(gnutls_certificate_credentials_t sc); +void gnutls_certificate_free_ca_names(gnutls_certificate_credentials_t sc); +void gnutls_certificate_free_crls(gnutls_certificate_credentials_t sc); + +void gnutls_certificate_set_dh_params(gnutls_certificate_credentials_t res, + gnutls_dh_params_t dh_params); +void gnutls_certificate_set_verify_flags(gnutls_certificate_credentials_t + res, unsigned int flags); +void gnutls_certificate_set_verify_limits(gnutls_certificate_credentials_t + res, unsigned int max_bits, + unsigned int max_depth); + +int +gnutls_certificate_set_x509_system_trust(gnutls_certificate_credentials_t + cred); + +int +gnutls_certificate_set_x509_trust_file(gnutls_certificate_credentials_t + cred, const char *cafile, + gnutls_x509_crt_fmt_t type); +int gnutls_certificate_set_x509_trust_mem(gnutls_certificate_credentials_t + res, const gnutls_datum_t * ca, + gnutls_x509_crt_fmt_t type); + +int +gnutls_certificate_set_x509_crl_file(gnutls_certificate_credentials_t + res, const char *crlfile, + gnutls_x509_crt_fmt_t type); +int gnutls_certificate_set_x509_crl_mem(gnutls_certificate_credentials_t + res, const gnutls_datum_t * CRL, + gnutls_x509_crt_fmt_t type); + +int +gnutls_certificate_set_x509_key_file(gnutls_certificate_credentials_t + res, const char *certfile, + const char *keyfile, + gnutls_x509_crt_fmt_t type); + +int +gnutls_certificate_set_x509_key_file2(gnutls_certificate_credentials_t + res, const char *certfile, + const char *keyfile, + gnutls_x509_crt_fmt_t type, + const char *pass, + unsigned int flags); + +int gnutls_certificate_set_x509_key_mem(gnutls_certificate_credentials_t + res, const gnutls_datum_t * cert, + const gnutls_datum_t * key, + gnutls_x509_crt_fmt_t type); + +int gnutls_certificate_set_x509_key_mem2(gnutls_certificate_credentials_t + res, const gnutls_datum_t * cert, + const gnutls_datum_t * key, + gnutls_x509_crt_fmt_t type, + const char *pass, + unsigned int flags); + +void gnutls_certificate_send_x509_rdn_sequence(gnutls_session_t session, + int status); + +int +gnutls_certificate_set_x509_simple_pkcs12_file +(gnutls_certificate_credentials_t res, const char *pkcs12file, + gnutls_x509_crt_fmt_t type, const char *password); +int +gnutls_certificate_set_x509_simple_pkcs12_mem +(gnutls_certificate_credentials_t res, const gnutls_datum_t * p12blob, + gnutls_x509_crt_fmt_t type, const char *password); /* New functions to allow setting already parsed X.509 stuff. */ - int gnutls_certificate_set_x509_key (gnutls_certificate_credentials_t res, - gnutls_x509_crt_t * cert_list, - int cert_list_size, - gnutls_x509_privkey_t key); - int gnutls_certificate_set_x509_trust (gnutls_certificate_credentials_t res, - gnutls_x509_crt_t * ca_list, - int ca_list_size); - int gnutls_certificate_set_x509_crl (gnutls_certificate_credentials_t res, - gnutls_x509_crl_t * crl_list, - int crl_list_size); +int gnutls_certificate_set_x509_key(gnutls_certificate_credentials_t res, + gnutls_x509_crt_t * cert_list, + int cert_list_size, + gnutls_x509_privkey_t key); +int gnutls_certificate_set_x509_trust(gnutls_certificate_credentials_t res, + gnutls_x509_crt_t * ca_list, + int ca_list_size); +int gnutls_certificate_set_x509_crl(gnutls_certificate_credentials_t res, + gnutls_x509_crl_t * crl_list, + int crl_list_size); /* OCSP status request extension, RFC 6066 */ - typedef int (*gnutls_status_request_ocsp_func) - (gnutls_session_t session, void *ptr, gnutls_datum_t *ocsp_response); +typedef int (*gnutls_status_request_ocsp_func) + (gnutls_session_t session, void *ptr, gnutls_datum_t * ocsp_response); - void gnutls_certificate_set_ocsp_status_request_function (gnutls_certificate_credentials_t res, - gnutls_status_request_ocsp_func ocsp_func, - void *ptr); +void +gnutls_certificate_set_ocsp_status_request_function +(gnutls_certificate_credentials_t res, +gnutls_status_request_ocsp_func ocsp_func, void *ptr); - int gnutls_certificate_set_ocsp_status_request_file (gnutls_certificate_credentials_t res, - const char* response_file, unsigned int flags); +int +gnutls_certificate_set_ocsp_status_request_file +(gnutls_certificate_credentials_t res, const char *response_file, + unsigned int flags); - int gnutls_ocsp_status_request_enable_client (gnutls_session_t session, - gnutls_datum_t *responder_id, - size_t responder_id_size, - gnutls_datum_t *request_extensions); +int gnutls_ocsp_status_request_enable_client(gnutls_session_t session, + gnutls_datum_t * responder_id, + size_t responder_id_size, + gnutls_datum_t * + request_extensions); - int gnutls_ocsp_status_request_get (gnutls_session_t session, gnutls_datum_t *response); +int gnutls_ocsp_status_request_get(gnutls_session_t session, + gnutls_datum_t * response); - int gnutls_ocsp_status_request_is_checked (gnutls_session_t session, unsigned int flags); +int gnutls_ocsp_status_request_is_checked(gnutls_session_t session, + unsigned int flags); /* global state functions */ - int gnutls_global_init (void); - void gnutls_global_deinit (void); +int gnutls_global_init(void); +void gnutls_global_deinit(void); /** * gnutls_time_func: @@ -1427,141 +1433,144 @@ gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t session); * * Returns: Number of seconds since the epoch, or (time_t)-1 on errors. */ - typedef time_t (*gnutls_time_func) (time_t *t); +typedef time_t(*gnutls_time_func) (time_t * t); - typedef int (*mutex_init_func) (void **mutex); - typedef int (*mutex_lock_func) (void **mutex); - typedef int (*mutex_unlock_func) (void **mutex); - typedef int (*mutex_deinit_func) (void **mutex); +typedef int (*mutex_init_func) (void **mutex); +typedef int (*mutex_lock_func) (void **mutex); +typedef int (*mutex_unlock_func) (void **mutex); +typedef int (*mutex_deinit_func) (void **mutex); - void gnutls_global_set_mutex (mutex_init_func init, mutex_deinit_func deinit, - mutex_lock_func lock, mutex_unlock_func unlock); +void gnutls_global_set_mutex(mutex_init_func init, + mutex_deinit_func deinit, + mutex_lock_func lock, + mutex_unlock_func unlock); - typedef void *(*gnutls_alloc_function) (size_t); - typedef void *(*gnutls_calloc_function) (size_t, size_t); - typedef int (*gnutls_is_secure_function) (const void *); - typedef void (*gnutls_free_function) (void *); - typedef void *(*gnutls_realloc_function) (void *, size_t); +typedef void *(*gnutls_alloc_function) (size_t); +typedef void *(*gnutls_calloc_function) (size_t, size_t); +typedef int (*gnutls_is_secure_function) (const void *); +typedef void (*gnutls_free_function) (void *); +typedef void *(*gnutls_realloc_function) (void *, size_t); - void - gnutls_global_set_mem_functions (gnutls_alloc_function alloc_func, - gnutls_alloc_function secure_alloc_func, - gnutls_is_secure_function is_secure_func, - gnutls_realloc_function realloc_func, - gnutls_free_function free_func); +void +gnutls_global_set_mem_functions(gnutls_alloc_function alloc_func, + gnutls_alloc_function secure_alloc_func, + gnutls_is_secure_function is_secure_func, + gnutls_realloc_function realloc_func, + gnutls_free_function free_func); - void gnutls_global_set_time_function (gnutls_time_func time_func); +void gnutls_global_set_time_function(gnutls_time_func time_func); /* For use in callbacks */ - extern gnutls_alloc_function gnutls_malloc; - extern gnutls_alloc_function gnutls_secure_malloc; - extern gnutls_realloc_function gnutls_realloc; - extern gnutls_calloc_function gnutls_calloc; - extern gnutls_free_function gnutls_free; +extern gnutls_alloc_function gnutls_malloc; +extern gnutls_alloc_function gnutls_secure_malloc; +extern gnutls_realloc_function gnutls_realloc; +extern gnutls_calloc_function gnutls_calloc; +extern gnutls_free_function gnutls_free; - extern char *(*gnutls_strdup) (const char *); +extern char *(*gnutls_strdup) (const char *); - typedef void (*gnutls_log_func) (int, const char *); - typedef void (*gnutls_audit_log_func) (gnutls_session_t, const char *); - void gnutls_global_set_log_function (gnutls_log_func log_func); - void gnutls_global_set_audit_log_function (gnutls_audit_log_func log_func); - void gnutls_global_set_log_level (int level); +typedef void (*gnutls_log_func) (int, const char *); +typedef void (*gnutls_audit_log_func) (gnutls_session_t, const char *); +void gnutls_global_set_log_function(gnutls_log_func log_func); +void gnutls_global_set_audit_log_function(gnutls_audit_log_func log_func); +void gnutls_global_set_log_level(int level); /* Diffie-Hellman parameter handling. */ - int gnutls_dh_params_init (gnutls_dh_params_t * dh_params); - void gnutls_dh_params_deinit (gnutls_dh_params_t dh_params); - int gnutls_dh_params_import_raw (gnutls_dh_params_t dh_params, - const gnutls_datum_t * prime, - const gnutls_datum_t * generator); - int gnutls_dh_params_import_pkcs3 (gnutls_dh_params_t params, - const gnutls_datum_t * pkcs3_params, - gnutls_x509_crt_fmt_t format); - int gnutls_dh_params_generate2 (gnutls_dh_params_t params, - unsigned int bits); - int gnutls_dh_params_export_pkcs3 (gnutls_dh_params_t params, - gnutls_x509_crt_fmt_t format, - unsigned char *params_data, - size_t * params_data_size); - int gnutls_dh_params_export2_pkcs3 (gnutls_dh_params_t params, - gnutls_x509_crt_fmt_t format, - gnutls_datum_t *out); - int gnutls_dh_params_export_raw (gnutls_dh_params_t params, - gnutls_datum_t * prime, - gnutls_datum_t * generator, - unsigned int *bits); - int gnutls_dh_params_cpy (gnutls_dh_params_t dst, gnutls_dh_params_t src); +int gnutls_dh_params_init(gnutls_dh_params_t * dh_params); +void gnutls_dh_params_deinit(gnutls_dh_params_t dh_params); +int gnutls_dh_params_import_raw(gnutls_dh_params_t dh_params, + const gnutls_datum_t * prime, + const gnutls_datum_t * generator); +int gnutls_dh_params_import_pkcs3(gnutls_dh_params_t params, + const gnutls_datum_t * pkcs3_params, + gnutls_x509_crt_fmt_t format); +int gnutls_dh_params_generate2(gnutls_dh_params_t params, + unsigned int bits); +int gnutls_dh_params_export_pkcs3(gnutls_dh_params_t params, + gnutls_x509_crt_fmt_t format, + unsigned char *params_data, + size_t * params_data_size); +int gnutls_dh_params_export2_pkcs3(gnutls_dh_params_t params, + gnutls_x509_crt_fmt_t format, + gnutls_datum_t * out); +int gnutls_dh_params_export_raw(gnutls_dh_params_t params, + gnutls_datum_t * prime, + gnutls_datum_t * generator, + unsigned int *bits); +int gnutls_dh_params_cpy(gnutls_dh_params_t dst, gnutls_dh_params_t src); /* Session stuff */ - typedef struct - { - void *iov_base; /* Starting address */ - size_t iov_len; /* Number of bytes to transfer */ - } giovec_t; +typedef struct { + void *iov_base; /* Starting address */ + size_t iov_len; /* Number of bytes to transfer */ +} giovec_t; - typedef ssize_t (*gnutls_pull_func) (gnutls_transport_ptr_t, void *, - size_t); - typedef ssize_t (*gnutls_push_func) (gnutls_transport_ptr_t, const void *, - size_t); +typedef ssize_t(*gnutls_pull_func) (gnutls_transport_ptr_t, void *, + size_t); +typedef ssize_t(*gnutls_push_func) (gnutls_transport_ptr_t, const void *, + size_t); - typedef int (*gnutls_pull_timeout_func) (gnutls_transport_ptr_t, unsigned int ms); +typedef int (*gnutls_pull_timeout_func) (gnutls_transport_ptr_t, + unsigned int ms); - typedef ssize_t (*gnutls_vec_push_func) (gnutls_transport_ptr_t, - const giovec_t * iov, int iovcnt); +typedef ssize_t(*gnutls_vec_push_func) (gnutls_transport_ptr_t, + const giovec_t * iov, int iovcnt); - typedef int (*gnutls_errno_func) (gnutls_transport_ptr_t); +typedef int (*gnutls_errno_func) (gnutls_transport_ptr_t); /* This will be defined as macro. void gnutls_transport_set_int (gnutls_session_t session, int r); */ - void gnutls_transport_set_int2 (gnutls_session_t session, int r, int s); - #define gnutls_transport_set_int(s, i) gnutls_transport_set_int2(s, i, i) - - void gnutls_transport_get_int2 (gnutls_session_t session, int * r, int *s); - int gnutls_transport_get_int (gnutls_session_t session); - - void gnutls_transport_set_ptr (gnutls_session_t session, - gnutls_transport_ptr_t ptr); - void gnutls_transport_set_ptr2 (gnutls_session_t session, - gnutls_transport_ptr_t recv_ptr, - gnutls_transport_ptr_t send_ptr); - - gnutls_transport_ptr_t gnutls_transport_get_ptr (gnutls_session_t session); - void gnutls_transport_get_ptr2 (gnutls_session_t session, - gnutls_transport_ptr_t * recv_ptr, - gnutls_transport_ptr_t * send_ptr); - - void gnutls_transport_set_vec_push_function (gnutls_session_t session, - gnutls_vec_push_func vec_func); - void gnutls_transport_set_push_function (gnutls_session_t session, - gnutls_push_func push_func); - void gnutls_transport_set_pull_function (gnutls_session_t session, - gnutls_pull_func pull_func); - - void gnutls_transport_set_pull_timeout_function (gnutls_session_t session, - gnutls_pull_timeout_func func); - - void gnutls_transport_set_errno_function (gnutls_session_t session, - gnutls_errno_func errno_func); - - void gnutls_transport_set_errno (gnutls_session_t session, int err); +void gnutls_transport_set_int2(gnutls_session_t session, int r, int s); +#define gnutls_transport_set_int(s, i) gnutls_transport_set_int2(s, i, i) + +void gnutls_transport_get_int2(gnutls_session_t session, int *r, int *s); +int gnutls_transport_get_int(gnutls_session_t session); + +void gnutls_transport_set_ptr(gnutls_session_t session, + gnutls_transport_ptr_t ptr); +void gnutls_transport_set_ptr2(gnutls_session_t session, + gnutls_transport_ptr_t recv_ptr, + gnutls_transport_ptr_t send_ptr); + +gnutls_transport_ptr_t gnutls_transport_get_ptr(gnutls_session_t session); +void gnutls_transport_get_ptr2(gnutls_session_t session, + gnutls_transport_ptr_t * recv_ptr, + gnutls_transport_ptr_t * send_ptr); + +void gnutls_transport_set_vec_push_function(gnutls_session_t session, + gnutls_vec_push_func vec_func); +void gnutls_transport_set_push_function(gnutls_session_t session, + gnutls_push_func push_func); +void gnutls_transport_set_pull_function(gnutls_session_t session, + gnutls_pull_func pull_func); + +void gnutls_transport_set_pull_timeout_function(gnutls_session_t session, + gnutls_pull_timeout_func + func); + +void gnutls_transport_set_errno_function(gnutls_session_t session, + gnutls_errno_func errno_func); + +void gnutls_transport_set_errno(gnutls_session_t session, int err); /* session specific */ - void gnutls_session_set_ptr (gnutls_session_t session, void *ptr); - void *gnutls_session_get_ptr (gnutls_session_t session); +void gnutls_session_set_ptr(gnutls_session_t session, void *ptr); +void *gnutls_session_get_ptr(gnutls_session_t session); - void gnutls_openpgp_send_cert (gnutls_session_t session, - gnutls_openpgp_crt_status_t status); +void gnutls_openpgp_send_cert(gnutls_session_t session, + gnutls_openpgp_crt_status_t status); /* This function returns the hash of the given data. */ - int gnutls_fingerprint (gnutls_digest_algorithm_t algo, - const gnutls_datum_t * data, void *result, - size_t * result_size); +int gnutls_fingerprint(gnutls_digest_algorithm_t algo, + const gnutls_datum_t * data, void *result, + size_t * result_size); /** * gnutls_random_art_t: @@ -1569,107 +1578,107 @@ gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t session); * * Enumeration of different random art types. */ - typedef enum gnutls_random_art - { - GNUTLS_RANDOM_ART_OPENSSH=1, - } gnutls_random_art_t; +typedef enum gnutls_random_art { + GNUTLS_RANDOM_ART_OPENSSH = 1, +} gnutls_random_art_t; - int gnutls_random_art (gnutls_random_art_t type, - const char* key_type, unsigned int key_size, - void * fpr, size_t fpr_size, - gnutls_datum_t* art); +int gnutls_random_art(gnutls_random_art_t type, + const char *key_type, unsigned int key_size, + void *fpr, size_t fpr_size, gnutls_datum_t * art); /* SRP */ - typedef struct gnutls_srp_server_credentials_st - *gnutls_srp_server_credentials_t; - typedef struct gnutls_srp_client_credentials_st - *gnutls_srp_client_credentials_t; - - void - gnutls_srp_free_client_credentials (gnutls_srp_client_credentials_t sc); - int - gnutls_srp_allocate_client_credentials (gnutls_srp_client_credentials_t * - sc); - int gnutls_srp_set_client_credentials (gnutls_srp_client_credentials_t res, - const char *username, - const char *password); - - void - gnutls_srp_free_server_credentials (gnutls_srp_server_credentials_t sc); - int - gnutls_srp_allocate_server_credentials (gnutls_srp_server_credentials_t * - sc); - int gnutls_srp_set_server_credentials_file (gnutls_srp_server_credentials_t - res, const char *password_file, - const char *password_conf_file); - - const char *gnutls_srp_server_get_username (gnutls_session_t session); - - extern void gnutls_srp_set_prime_bits (gnutls_session_t session, - unsigned int bits); - - int gnutls_srp_verifier (const char *username, - const char *password, - const gnutls_datum_t * salt, - const gnutls_datum_t * generator, - const gnutls_datum_t * prime, - gnutls_datum_t * res); +typedef struct gnutls_srp_server_credentials_st +*gnutls_srp_server_credentials_t; +typedef struct gnutls_srp_client_credentials_st +*gnutls_srp_client_credentials_t; + +void +gnutls_srp_free_client_credentials(gnutls_srp_client_credentials_t sc); +int +gnutls_srp_allocate_client_credentials(gnutls_srp_client_credentials_t * + sc); +int gnutls_srp_set_client_credentials(gnutls_srp_client_credentials_t res, + const char *username, + const char *password); + +void +gnutls_srp_free_server_credentials(gnutls_srp_server_credentials_t sc); +int +gnutls_srp_allocate_server_credentials(gnutls_srp_server_credentials_t * + sc); +int gnutls_srp_set_server_credentials_file(gnutls_srp_server_credentials_t + res, const char *password_file, + const char *password_conf_file); + +const char *gnutls_srp_server_get_username(gnutls_session_t session); + +extern void gnutls_srp_set_prime_bits(gnutls_session_t session, + unsigned int bits); + +int gnutls_srp_verifier(const char *username, + const char *password, + const gnutls_datum_t * salt, + const gnutls_datum_t * generator, + const gnutls_datum_t * prime, + gnutls_datum_t * res); /* The static parameters defined in draft-ietf-tls-srp-05 * Those should be used as input to gnutls_srp_verifier(). */ - extern const gnutls_datum_t gnutls_srp_4096_group_prime; - extern const gnutls_datum_t gnutls_srp_4096_group_generator; - - extern const gnutls_datum_t gnutls_srp_3072_group_prime; - extern const gnutls_datum_t gnutls_srp_3072_group_generator; - - extern const gnutls_datum_t gnutls_srp_2048_group_prime; - extern const gnutls_datum_t gnutls_srp_2048_group_generator; - - extern const gnutls_datum_t gnutls_srp_1536_group_prime; - extern const gnutls_datum_t gnutls_srp_1536_group_generator; - - extern const gnutls_datum_t gnutls_srp_1024_group_prime; - extern const gnutls_datum_t gnutls_srp_1024_group_generator; - - typedef int gnutls_srp_server_credentials_function (gnutls_session_t, - const char *username, - gnutls_datum_t * salt, - gnutls_datum_t * - verifier, - gnutls_datum_t * - generator, - gnutls_datum_t * prime); - void - gnutls_srp_set_server_credentials_function ( - gnutls_srp_server_credentials_t cred, - gnutls_srp_server_credentials_function * func); - - typedef int gnutls_srp_client_credentials_function (gnutls_session_t, - char **, char **); - void - gnutls_srp_set_client_credentials_function ( - gnutls_srp_client_credentials_t cred, - gnutls_srp_client_credentials_function * func); - - int gnutls_srp_base64_encode (const gnutls_datum_t * data, char *result, - size_t * result_size); - int gnutls_srp_base64_encode_alloc (const gnutls_datum_t * data, - gnutls_datum_t * result); - - int gnutls_srp_base64_decode (const gnutls_datum_t * b64_data, char *result, - size_t * result_size); - int gnutls_srp_base64_decode_alloc (const gnutls_datum_t * b64_data, - gnutls_datum_t * result); +extern const gnutls_datum_t gnutls_srp_4096_group_prime; +extern const gnutls_datum_t gnutls_srp_4096_group_generator; + +extern const gnutls_datum_t gnutls_srp_3072_group_prime; +extern const gnutls_datum_t gnutls_srp_3072_group_generator; + +extern const gnutls_datum_t gnutls_srp_2048_group_prime; +extern const gnutls_datum_t gnutls_srp_2048_group_generator; + +extern const gnutls_datum_t gnutls_srp_1536_group_prime; +extern const gnutls_datum_t gnutls_srp_1536_group_generator; + +extern const gnutls_datum_t gnutls_srp_1024_group_prime; +extern const gnutls_datum_t gnutls_srp_1024_group_generator; + +typedef int gnutls_srp_server_credentials_function(gnutls_session_t, + const char *username, + gnutls_datum_t * salt, + gnutls_datum_t * + verifier, + gnutls_datum_t * + generator, + gnutls_datum_t * prime); +void +gnutls_srp_set_server_credentials_function(gnutls_srp_server_credentials_t + cred, + gnutls_srp_server_credentials_function + * func); + +typedef int gnutls_srp_client_credentials_function(gnutls_session_t, + char **, char **); +void +gnutls_srp_set_client_credentials_function(gnutls_srp_client_credentials_t + cred, + gnutls_srp_client_credentials_function + * func); + +int gnutls_srp_base64_encode(const gnutls_datum_t * data, char *result, + size_t * result_size); +int gnutls_srp_base64_encode_alloc(const gnutls_datum_t * data, + gnutls_datum_t * result); + +int gnutls_srp_base64_decode(const gnutls_datum_t * b64_data, char *result, + size_t * result_size); +int gnutls_srp_base64_decode_alloc(const gnutls_datum_t * b64_data, + gnutls_datum_t * result); /* PSK stuff */ - typedef struct gnutls_psk_server_credentials_st - *gnutls_psk_server_credentials_t; - typedef struct gnutls_psk_client_credentials_st - *gnutls_psk_client_credentials_t; +typedef struct gnutls_psk_server_credentials_st +*gnutls_psk_server_credentials_t; +typedef struct gnutls_psk_client_credentials_st +*gnutls_psk_client_credentials_t; /** * gnutls_psk_key_flags: @@ -1678,66 +1687,66 @@ gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t session); * * Enumeration of different PSK key flags. */ - typedef enum gnutls_psk_key_flags - { - GNUTLS_PSK_KEY_RAW = 0, - GNUTLS_PSK_KEY_HEX - } gnutls_psk_key_flags; - - void - gnutls_psk_free_client_credentials (gnutls_psk_client_credentials_t sc); - int - gnutls_psk_allocate_client_credentials (gnutls_psk_client_credentials_t * - sc); - int gnutls_psk_set_client_credentials (gnutls_psk_client_credentials_t res, - const char *username, - const gnutls_datum_t * key, - gnutls_psk_key_flags flags); - - void - gnutls_psk_free_server_credentials (gnutls_psk_server_credentials_t sc); - int - gnutls_psk_allocate_server_credentials (gnutls_psk_server_credentials_t * - sc); - int gnutls_psk_set_server_credentials_file (gnutls_psk_server_credentials_t - res, const char *password_file); - - int - gnutls_psk_set_server_credentials_hint (gnutls_psk_server_credentials_t - res, const char *hint); - - const char *gnutls_psk_server_get_username (gnutls_session_t session); - const char *gnutls_psk_client_get_hint (gnutls_session_t session); - - typedef int gnutls_psk_server_credentials_function (gnutls_session_t, - const char *username, - gnutls_datum_t * key); - void - gnutls_psk_set_server_credentials_function ( - gnutls_psk_server_credentials_t cred, - gnutls_psk_server_credentials_function * func); - - typedef int gnutls_psk_client_credentials_function (gnutls_session_t, - char **username, - gnutls_datum_t * key); - void - gnutls_psk_set_client_credentials_function ( - gnutls_psk_client_credentials_t cred, - gnutls_psk_client_credentials_function * func); - - int gnutls_hex_encode (const gnutls_datum_t * data, char *result, - size_t * result_size); - int gnutls_hex_decode (const gnutls_datum_t * hex_data, void *result, - size_t * result_size); - - void - gnutls_psk_set_server_dh_params (gnutls_psk_server_credentials_t res, - gnutls_dh_params_t dh_params); - - void - gnutls_psk_set_server_params_function (gnutls_psk_server_credentials_t - res, - gnutls_params_function * func); +typedef enum gnutls_psk_key_flags { + GNUTLS_PSK_KEY_RAW = 0, + GNUTLS_PSK_KEY_HEX +} gnutls_psk_key_flags; + +void +gnutls_psk_free_client_credentials(gnutls_psk_client_credentials_t sc); +int +gnutls_psk_allocate_client_credentials(gnutls_psk_client_credentials_t * + sc); +int gnutls_psk_set_client_credentials(gnutls_psk_client_credentials_t res, + const char *username, + const gnutls_datum_t * key, + gnutls_psk_key_flags flags); + +void +gnutls_psk_free_server_credentials(gnutls_psk_server_credentials_t sc); +int +gnutls_psk_allocate_server_credentials(gnutls_psk_server_credentials_t * + sc); +int gnutls_psk_set_server_credentials_file(gnutls_psk_server_credentials_t + res, const char *password_file); + +int +gnutls_psk_set_server_credentials_hint(gnutls_psk_server_credentials_t + res, const char *hint); + +const char *gnutls_psk_server_get_username(gnutls_session_t session); +const char *gnutls_psk_client_get_hint(gnutls_session_t session); + +typedef int gnutls_psk_server_credentials_function(gnutls_session_t, + const char *username, + gnutls_datum_t * key); +void +gnutls_psk_set_server_credentials_function(gnutls_psk_server_credentials_t + cred, + gnutls_psk_server_credentials_function + * func); + +typedef int gnutls_psk_client_credentials_function(gnutls_session_t, + char **username, + gnutls_datum_t * key); +void +gnutls_psk_set_client_credentials_function(gnutls_psk_client_credentials_t + cred, + gnutls_psk_client_credentials_function + * func); + +int gnutls_hex_encode(const gnutls_datum_t * data, char *result, + size_t * result_size); +int gnutls_hex_decode(const gnutls_datum_t * hex_data, void *result, + size_t * result_size); + +void +gnutls_psk_set_server_dh_params(gnutls_psk_server_credentials_t res, + gnutls_dh_params_t dh_params); + +void +gnutls_psk_set_server_params_function(gnutls_psk_server_credentials_t + res, gnutls_params_function * func); /** * gnutls_x509_subject_alt_name_t: @@ -1752,28 +1761,27 @@ gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t session); * * Enumeration of different subject alternative names types. */ - typedef enum gnutls_x509_subject_alt_name_t - { - GNUTLS_SAN_DNSNAME = 1, - GNUTLS_SAN_RFC822NAME = 2, - GNUTLS_SAN_URI = 3, - GNUTLS_SAN_IPADDRESS = 4, - GNUTLS_SAN_OTHERNAME = 5, - GNUTLS_SAN_DN = 6, - /* The following are "virtual" subject alternative name types, in - that they are represented by an otherName value and an OID. - Used by gnutls_x509_crt_get_subject_alt_othername_oid. */ - GNUTLS_SAN_OTHERNAME_XMPP = 1000 - } gnutls_x509_subject_alt_name_t; - - struct gnutls_openpgp_crt_int; - typedef struct gnutls_openpgp_crt_int *gnutls_openpgp_crt_t; - - struct gnutls_openpgp_privkey_int; - typedef struct gnutls_openpgp_privkey_int *gnutls_openpgp_privkey_t; - - struct gnutls_pkcs11_privkey_st; - typedef struct gnutls_pkcs11_privkey_st *gnutls_pkcs11_privkey_t; +typedef enum gnutls_x509_subject_alt_name_t { + GNUTLS_SAN_DNSNAME = 1, + GNUTLS_SAN_RFC822NAME = 2, + GNUTLS_SAN_URI = 3, + GNUTLS_SAN_IPADDRESS = 4, + GNUTLS_SAN_OTHERNAME = 5, + GNUTLS_SAN_DN = 6, + /* The following are "virtual" subject alternative name types, in + that they are represented by an otherName value and an OID. + Used by gnutls_x509_crt_get_subject_alt_othername_oid. */ + GNUTLS_SAN_OTHERNAME_XMPP = 1000 +} gnutls_x509_subject_alt_name_t; + +struct gnutls_openpgp_crt_int; +typedef struct gnutls_openpgp_crt_int *gnutls_openpgp_crt_t; + +struct gnutls_openpgp_privkey_int; +typedef struct gnutls_openpgp_privkey_int *gnutls_openpgp_privkey_t; + +struct gnutls_pkcs11_privkey_st; +typedef struct gnutls_pkcs11_privkey_st *gnutls_pkcs11_privkey_t; /** * gnutls_privkey_type_t: @@ -1784,57 +1792,53 @@ gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t session); * * Enumeration of different private key types. */ - typedef enum - { - GNUTLS_PRIVKEY_X509, - GNUTLS_PRIVKEY_OPENPGP, - GNUTLS_PRIVKEY_PKCS11, - GNUTLS_PRIVKEY_EXT - } gnutls_privkey_type_t; - - typedef struct gnutls_retr2_st - { - gnutls_certificate_type_t cert_type; - gnutls_privkey_type_t key_type; - - union - { - gnutls_x509_crt_t *x509; - gnutls_openpgp_crt_t pgp; - } cert; - unsigned int ncerts; /* one for pgp keys */ - - union - { - gnutls_x509_privkey_t x509; - gnutls_openpgp_privkey_t pgp; - gnutls_pkcs11_privkey_t pkcs11; - } key; - - unsigned int deinit_all; /* if non zero all keys will be deinited */ - } gnutls_retr2_st; +typedef enum { + GNUTLS_PRIVKEY_X509, + GNUTLS_PRIVKEY_OPENPGP, + GNUTLS_PRIVKEY_PKCS11, + GNUTLS_PRIVKEY_EXT +} gnutls_privkey_type_t; + +typedef struct gnutls_retr2_st { + gnutls_certificate_type_t cert_type; + gnutls_privkey_type_t key_type; + + union { + gnutls_x509_crt_t *x509; + gnutls_openpgp_crt_t pgp; + } cert; + unsigned int ncerts; /* one for pgp keys */ + + union { + gnutls_x509_privkey_t x509; + gnutls_openpgp_privkey_t pgp; + gnutls_pkcs11_privkey_t pkcs11; + } key; + + unsigned int deinit_all; /* if non zero all keys will be deinited */ +} gnutls_retr2_st; /* Functions that allow auth_info_t structures handling */ - gnutls_credentials_type_t gnutls_auth_get_type (gnutls_session_t session); - gnutls_credentials_type_t - gnutls_auth_server_get_type (gnutls_session_t session); - gnutls_credentials_type_t - gnutls_auth_client_get_type (gnutls_session_t session); +gnutls_credentials_type_t gnutls_auth_get_type(gnutls_session_t session); +gnutls_credentials_type_t +gnutls_auth_server_get_type(gnutls_session_t session); +gnutls_credentials_type_t +gnutls_auth_client_get_type(gnutls_session_t session); /* DH */ - void gnutls_dh_set_prime_bits (gnutls_session_t session, unsigned int bits); - int gnutls_dh_get_secret_bits (gnutls_session_t session); - int gnutls_dh_get_peers_public_bits (gnutls_session_t session); - int gnutls_dh_get_prime_bits (gnutls_session_t session); +void gnutls_dh_set_prime_bits(gnutls_session_t session, unsigned int bits); +int gnutls_dh_get_secret_bits(gnutls_session_t session); +int gnutls_dh_get_peers_public_bits(gnutls_session_t session); +int gnutls_dh_get_prime_bits(gnutls_session_t session); - int gnutls_dh_get_group (gnutls_session_t session, gnutls_datum_t * raw_gen, - gnutls_datum_t * raw_prime); - int gnutls_dh_get_pubkey (gnutls_session_t session, - gnutls_datum_t * raw_key); +int gnutls_dh_get_group(gnutls_session_t session, gnutls_datum_t * raw_gen, + gnutls_datum_t * raw_prime); +int gnutls_dh_get_pubkey(gnutls_session_t session, + gnutls_datum_t * raw_key); /* X509PKI */ @@ -1846,72 +1850,75 @@ gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t session); * instead. It's much more efficient. */ - typedef int gnutls_certificate_retrieve_function (gnutls_session_t, - const - gnutls_datum_t * - req_ca_rdn, - int nreqs, - const - gnutls_pk_algorithm_t - * pk_algos, - int - pk_algos_length, - gnutls_retr2_st *); - - - void gnutls_certificate_set_retrieve_function ( - gnutls_certificate_credentials_t cred, - gnutls_certificate_retrieve_function * func); - - typedef int gnutls_certificate_verify_function (gnutls_session_t); - void - gnutls_certificate_set_verify_function (gnutls_certificate_credentials_t - cred, - gnutls_certificate_verify_function - * func); - - void - gnutls_certificate_server_set_request (gnutls_session_t session, - gnutls_certificate_request_t req); +typedef int gnutls_certificate_retrieve_function(gnutls_session_t, + const + gnutls_datum_t * + req_ca_rdn, + int nreqs, + const + gnutls_pk_algorithm_t + * pk_algos, + int + pk_algos_length, + gnutls_retr2_st *); + + +void +gnutls_certificate_set_retrieve_function(gnutls_certificate_credentials_t + cred, + gnutls_certificate_retrieve_function + * func); + +typedef int gnutls_certificate_verify_function(gnutls_session_t); +void +gnutls_certificate_set_verify_function(gnutls_certificate_credentials_t + cred, + gnutls_certificate_verify_function + * func); + +void +gnutls_certificate_server_set_request(gnutls_session_t session, + gnutls_certificate_request_t req); /* get data from the session */ - const gnutls_datum_t *gnutls_certificate_get_peers (gnutls_session_t - session, - unsigned int - *list_size); - const gnutls_datum_t *gnutls_certificate_get_ours (gnutls_session_t - session); - - int gnutls_certificate_get_peers_subkey_id(gnutls_session_t session, - gnutls_datum_t *id); - - time_t gnutls_certificate_activation_time_peers (gnutls_session_t session); - time_t gnutls_certificate_expiration_time_peers (gnutls_session_t session); - - int gnutls_certificate_client_get_request_status (gnutls_session_t session); - int gnutls_certificate_verify_peers2 (gnutls_session_t session, - unsigned int *status); - int gnutls_certificate_verify_peers3 (gnutls_session_t session, - const char* hostname, - unsigned int *status); - - int gnutls_certificate_verification_status_print (unsigned int status, - gnutls_certificate_type_t type, - gnutls_datum_t * out, unsigned int flags); - - int gnutls_pem_base64_encode (const char *msg, const gnutls_datum_t * data, - char *result, size_t * result_size); - int gnutls_pem_base64_decode (const char *header, - const gnutls_datum_t * b64_data, - unsigned char *result, size_t * result_size); - - int gnutls_pem_base64_encode_alloc (const char *msg, - const gnutls_datum_t * data, - gnutls_datum_t * result); - int gnutls_pem_base64_decode_alloc (const char *header, - const gnutls_datum_t * b64_data, - gnutls_datum_t * result); +const gnutls_datum_t *gnutls_certificate_get_peers(gnutls_session_t + session, unsigned int + *list_size); +const gnutls_datum_t *gnutls_certificate_get_ours(gnutls_session_t + session); + +int gnutls_certificate_get_peers_subkey_id(gnutls_session_t session, + gnutls_datum_t * id); + +time_t gnutls_certificate_activation_time_peers(gnutls_session_t session); +time_t gnutls_certificate_expiration_time_peers(gnutls_session_t session); + +int gnutls_certificate_client_get_request_status(gnutls_session_t session); +int gnutls_certificate_verify_peers2(gnutls_session_t session, + unsigned int *status); +int gnutls_certificate_verify_peers3(gnutls_session_t session, + const char *hostname, + unsigned int *status); + +int gnutls_certificate_verification_status_print(unsigned int status, + gnutls_certificate_type_t + type, + gnutls_datum_t * out, + unsigned int flags); + +int gnutls_pem_base64_encode(const char *msg, const gnutls_datum_t * data, + char *result, size_t * result_size); +int gnutls_pem_base64_decode(const char *header, + const gnutls_datum_t * b64_data, + unsigned char *result, size_t * result_size); + +int gnutls_pem_base64_encode_alloc(const char *msg, + const gnutls_datum_t * data, + gnutls_datum_t * result); +int gnutls_pem_base64_decode_alloc(const char *header, + const gnutls_datum_t * b64_data, + gnutls_datum_t * result); /* key_usage will be an OR of the following values: */ @@ -1928,85 +1935,85 @@ gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t session); #define GNUTLS_KEY_ENCIPHER_ONLY 1 #define GNUTLS_KEY_DECIPHER_ONLY 32768 - void - gnutls_certificate_set_params_function (gnutls_certificate_credentials_t - res, - gnutls_params_function * func); - void gnutls_anon_set_params_function (gnutls_anon_server_credentials_t res, - gnutls_params_function * func); - void gnutls_psk_set_params_function (gnutls_psk_server_credentials_t res, - gnutls_params_function * func); +void +gnutls_certificate_set_params_function(gnutls_certificate_credentials_t + res, gnutls_params_function * func); +void gnutls_anon_set_params_function(gnutls_anon_server_credentials_t res, + gnutls_params_function * func); +void gnutls_psk_set_params_function(gnutls_psk_server_credentials_t res, + gnutls_params_function * func); - int gnutls_hex2bin (const char *hex_data, size_t hex_size, - void *bin_data, size_t * bin_size); +int gnutls_hex2bin(const char *hex_data, size_t hex_size, + void *bin_data, size_t * bin_size); /* Trust on first use (or ssh like) functions */ /* stores the provided information to a database */ - typedef int (*gnutls_tdb_store_func) (const char* db_name, - const char* host, - const char* service, - time_t expiration, - const gnutls_datum_t* pubkey); - - typedef int (*gnutls_tdb_store_commitment_func) (const char* db_name, - const char* host, - const char* service, - time_t expiration, - gnutls_digest_algorithm_t hash_algo, - const gnutls_datum_t* hash); - +typedef int (*gnutls_tdb_store_func) (const char *db_name, + const char *host, + const char *service, + time_t expiration, + const gnutls_datum_t * pubkey); + +typedef int (*gnutls_tdb_store_commitment_func) (const char *db_name, + const char *host, + const char *service, + time_t expiration, + gnutls_digest_algorithm_t + hash_algo, + const gnutls_datum_t * + hash); + /* searches for the provided host/service pair that match the * provided public key in the database. */ - typedef int (*gnutls_tdb_verify_func) (const char* db_name, - const char* host, - const char* service, - const gnutls_datum_t *pubkey); - - - struct gnutls_tdb_int; - typedef struct gnutls_tdb_int *gnutls_tdb_t; - - int gnutls_tdb_init (gnutls_tdb_t *tdb); - void gnutls_tdb_set_store_func (gnutls_tdb_t tdb, - gnutls_tdb_store_func store); - void gnutls_tdb_set_store_commitment_func (gnutls_tdb_t tdb, - gnutls_tdb_store_commitment_func cstore); - void gnutls_tdb_set_verify_func (gnutls_tdb_t tdb, - gnutls_tdb_verify_func verify); - void gnutls_tdb_deinit (gnutls_tdb_t tdb); - - int gnutls_verify_stored_pubkey (const char* db_name, - gnutls_tdb_t tdb, - const char* host, - const char* service, - gnutls_certificate_type_t cert_type, - const gnutls_datum_t * cert, - unsigned int flags); - - int gnutls_store_commitment (const char* db_name, - gnutls_tdb_t tdb, - const char* host, - const char* service, - gnutls_digest_algorithm_t hash_algo, - const gnutls_datum_t* hash, - time_t expiration, - unsigned int flags); - - int gnutls_store_pubkey (const char* db_name, - gnutls_tdb_t tdb, - const char* host, - const char* service, - gnutls_certificate_type_t cert_type, - const gnutls_datum_t * cert, - time_t expiration, - unsigned int flags); +typedef int (*gnutls_tdb_verify_func) (const char *db_name, + const char *host, + const char *service, + const gnutls_datum_t * pubkey); + + +struct gnutls_tdb_int; +typedef struct gnutls_tdb_int *gnutls_tdb_t; + +int gnutls_tdb_init(gnutls_tdb_t * tdb); +void gnutls_tdb_set_store_func(gnutls_tdb_t tdb, + gnutls_tdb_store_func store); +void gnutls_tdb_set_store_commitment_func(gnutls_tdb_t tdb, + gnutls_tdb_store_commitment_func + cstore); +void gnutls_tdb_set_verify_func(gnutls_tdb_t tdb, + gnutls_tdb_verify_func verify); +void gnutls_tdb_deinit(gnutls_tdb_t tdb); + +int gnutls_verify_stored_pubkey(const char *db_name, + gnutls_tdb_t tdb, + const char *host, + const char *service, + gnutls_certificate_type_t cert_type, + const gnutls_datum_t * cert, + unsigned int flags); + +int gnutls_store_commitment(const char *db_name, + gnutls_tdb_t tdb, + const char *host, + const char *service, + gnutls_digest_algorithm_t hash_algo, + const gnutls_datum_t * hash, + time_t expiration, unsigned int flags); + +int gnutls_store_pubkey(const char *db_name, + gnutls_tdb_t tdb, + const char *host, + const char *service, + gnutls_certificate_type_t cert_type, + const gnutls_datum_t * cert, + time_t expiration, unsigned int flags); /* Other helper functions */ -int gnutls_load_file(const char* filename, gnutls_datum_t * data); +int gnutls_load_file(const char *filename, gnutls_datum_t * data); -int gnutls_url_is_supported (const char* url); +int gnutls_url_is_supported(const char *url); /* PIN callback */ @@ -2021,15 +2028,14 @@ int gnutls_url_is_supported (const char* url); * * Enumeration of different flags that are input to the PIN function. */ - typedef enum - { - GNUTLS_PIN_USER = (1 << 0), - GNUTLS_PIN_SO = (1 << 1), - GNUTLS_PIN_FINAL_TRY = (1 << 2), - GNUTLS_PIN_COUNT_LOW = (1 << 3), - GNUTLS_PIN_CONTEXT_SPECIFIC = (1 << 4), - GNUTLS_PIN_WRONG = (1 << 5), - } gnutls_pin_flag_t; +typedef enum { + GNUTLS_PIN_USER = (1 << 0), + GNUTLS_PIN_SO = (1 << 1), + GNUTLS_PIN_FINAL_TRY = (1 << 2), + GNUTLS_PIN_COUNT_LOW = (1 << 3), + GNUTLS_PIN_CONTEXT_SPECIFIC = (1 << 4), + GNUTLS_PIN_WRONG = (1 << 5), +} gnutls_pin_flag_t; #define GNUTLS_PKCS11_PIN_USER GNUTLS_PIN_USER #define GNUTLS_PKCS11_PIN_SO GNUTLS_PIN_SO @@ -2072,13 +2078,14 @@ int gnutls_url_is_supported (const char* url); * Since: 2.12.0 **/ typedef int (*gnutls_pin_callback_t) (void *userdata, int attempt, - const char *token_url, - const char *token_label, - unsigned int flags, - char *pin, size_t pin_max); + const char *token_url, + const char *token_label, + unsigned int flags, + char *pin, size_t pin_max); - void gnutls_certificate_set_pin_function (gnutls_certificate_credentials_t, - gnutls_pin_callback_t fn, void *userdata); +void gnutls_certificate_set_pin_function(gnutls_certificate_credentials_t, + gnutls_pin_callback_t fn, + void *userdata); /* Gnutls error codes. The mapping to a TLS alert is also shown in * comments. @@ -2088,35 +2095,35 @@ typedef int (*gnutls_pin_callback_t) (void *userdata, int attempt, #define GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM -3 #define GNUTLS_E_UNKNOWN_CIPHER_TYPE -6 #define GNUTLS_E_LARGE_PACKET -7 -#define GNUTLS_E_UNSUPPORTED_VERSION_PACKET -8 /* GNUTLS_A_PROTOCOL_VERSION */ -#define GNUTLS_E_UNEXPECTED_PACKET_LENGTH -9 /* GNUTLS_A_RECORD_OVERFLOW */ +#define GNUTLS_E_UNSUPPORTED_VERSION_PACKET -8 /* GNUTLS_A_PROTOCOL_VERSION */ +#define GNUTLS_E_UNEXPECTED_PACKET_LENGTH -9 /* GNUTLS_A_RECORD_OVERFLOW */ #define GNUTLS_E_INVALID_SESSION -10 #define GNUTLS_E_FATAL_ALERT_RECEIVED -12 -#define GNUTLS_E_UNEXPECTED_PACKET -15 /* GNUTLS_A_UNEXPECTED_MESSAGE */ +#define GNUTLS_E_UNEXPECTED_PACKET -15 /* GNUTLS_A_UNEXPECTED_MESSAGE */ #define GNUTLS_E_WARNING_ALERT_RECEIVED -16 #define GNUTLS_E_ERROR_IN_FINISHED_PACKET -18 #define GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET -19 -#define GNUTLS_E_UNKNOWN_CIPHER_SUITE -21 /* GNUTLS_A_HANDSHAKE_FAILURE */ +#define GNUTLS_E_UNKNOWN_CIPHER_SUITE -21 /* GNUTLS_A_HANDSHAKE_FAILURE */ #define GNUTLS_E_UNWANTED_ALGORITHM -22 #define GNUTLS_E_MPI_SCAN_FAILED -23 -#define GNUTLS_E_DECRYPTION_FAILED -24 /* GNUTLS_A_DECRYPTION_FAILED, GNUTLS_A_BAD_RECORD_MAC */ +#define GNUTLS_E_DECRYPTION_FAILED -24 /* GNUTLS_A_DECRYPTION_FAILED, GNUTLS_A_BAD_RECORD_MAC */ #define GNUTLS_E_MEMORY_ERROR -25 -#define GNUTLS_E_DECOMPRESSION_FAILED -26 /* GNUTLS_A_DECOMPRESSION_FAILURE */ +#define GNUTLS_E_DECOMPRESSION_FAILED -26 /* GNUTLS_A_DECOMPRESSION_FAILURE */ #define GNUTLS_E_COMPRESSION_FAILED -27 #define GNUTLS_E_AGAIN -28 #define GNUTLS_E_EXPIRED -29 #define GNUTLS_E_DB_ERROR -30 #define GNUTLS_E_SRP_PWD_ERROR -31 #define GNUTLS_E_INSUFFICIENT_CREDENTIALS -32 -#define GNUTLS_E_INSUFICIENT_CREDENTIALS GNUTLS_E_INSUFFICIENT_CREDENTIALS /* for backwards compatibility only */ +#define GNUTLS_E_INSUFICIENT_CREDENTIALS GNUTLS_E_INSUFFICIENT_CREDENTIALS /* for backwards compatibility only */ #define GNUTLS_E_INSUFFICIENT_CRED GNUTLS_E_INSUFFICIENT_CREDENTIALS -#define GNUTLS_E_INSUFICIENT_CRED GNUTLS_E_INSUFFICIENT_CREDENTIALS /* for backwards compatibility only */ +#define GNUTLS_E_INSUFICIENT_CRED GNUTLS_E_INSUFFICIENT_CREDENTIALS /* for backwards compatibility only */ #define GNUTLS_E_HASH_FAILED -33 #define GNUTLS_E_BASE64_DECODING_ERROR -34 #define GNUTLS_E_MPI_PRINT_FAILED -35 -#define GNUTLS_E_REHANDSHAKE -37 /* GNUTLS_A_NO_RENEGOTIATION */ +#define GNUTLS_E_REHANDSHAKE -37 /* GNUTLS_A_NO_RENEGOTIATION */ #define GNUTLS_E_GOT_APPLICATION_DATA -38 #define GNUTLS_E_RECORD_LIMIT_REACHED -39 #define GNUTLS_E_ENCRYPTION_FAILED -40 @@ -2126,13 +2133,13 @@ typedef int (*gnutls_pin_callback_t) (void *userdata, int attempt, #define GNUTLS_E_PK_SIGN_FAILED -46 #define GNUTLS_E_X509_UNSUPPORTED_CRITICAL_EXTENSION -47 #define GNUTLS_E_KEY_USAGE_VIOLATION -48 -#define GNUTLS_E_NO_CERTIFICATE_FOUND -49 /* GNUTLS_A_BAD_CERTIFICATE */ +#define GNUTLS_E_NO_CERTIFICATE_FOUND -49 /* GNUTLS_A_BAD_CERTIFICATE */ #define GNUTLS_E_INVALID_REQUEST -50 #define GNUTLS_E_SHORT_MEMORY_BUFFER -51 #define GNUTLS_E_INTERRUPTED -52 #define GNUTLS_E_PUSH_ERROR -53 #define GNUTLS_E_PULL_ERROR -54 -#define GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER -55 /* GNUTLS_A_ILLEGAL_PARAMETER */ +#define GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER -55 /* GNUTLS_A_ILLEGAL_PARAMETER */ #define GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE -56 #define GNUTLS_E_PKCS1_WRONG_PAD -57 #define GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION -58 @@ -2175,7 +2182,7 @@ typedef int (*gnutls_pin_callback_t) (void *userdata, int attempt, #define GNUTLS_E_CERTIFICATE_ERROR -43 #define GNUTLS_E_X509_CERTIFICATE_ERROR GNUTLS_E_CERTIFICATE_ERROR #define GNUTLS_E_CERTIFICATE_KEY_MISMATCH -60 -#define GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE -61 /* GNUTLS_A_UNSUPPORTED_CERTIFICATE */ +#define GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE -61 /* GNUTLS_A_UNSUPPORTED_CERTIFICATE */ #define GNUTLS_E_X509_UNKNOWN_SAN -62 #define GNUTLS_E_OPENPGP_FINGERPRINT_UNSUPPORTED -94 #define GNUTLS_E_X509_UNSUPPORTED_ATTRIBUTE -95 @@ -2183,7 +2190,7 @@ typedef int (*gnutls_pin_callback_t) (void *userdata, int attempt, #define GNUTLS_E_UNKNOWN_PKCS_CONTENT_TYPE -97 #define GNUTLS_E_UNKNOWN_PKCS_BAG_TYPE -98 #define GNUTLS_E_INVALID_PASSWORD -99 -#define GNUTLS_E_MAC_VERIFY_FAILED -100 /* for PKCS #12 MAC */ +#define GNUTLS_E_MAC_VERIFY_FAILED -100 /* for PKCS #12 MAC */ #define GNUTLS_E_CONSTRAINT_ERROR -101 #define GNUTLS_E_WARNING_IA_IPHF_RECEIVED -102 @@ -2198,7 +2205,7 @@ typedef int (*gnutls_pin_callback_t) (void *userdata, int attempt, #define GNUTLS_E_PREMATURE_TERMINATION -110 #define GNUTLS_E_BASE64_ENCODING_ERROR -201 -#define GNUTLS_E_INCOMPATIBLE_GCRYPT_LIBRARY -202 /* obsolete */ +#define GNUTLS_E_INCOMPATIBLE_GCRYPT_LIBRARY -202 /* obsolete */ #define GNUTLS_E_INCOMPATIBLE_CRYPTO_LIBRARY -202 #define GNUTLS_E_INCOMPATIBLE_LIBTASN1_LIBRARY -203 @@ -2277,10 +2284,12 @@ typedef int (*gnutls_pin_callback_t) (void *userdata, int attempt, #define GNUTLS_E_APPLICATION_ERROR_MAX -65000 #define GNUTLS_E_APPLICATION_ERROR_MIN -65500 +/* *INDENT-OFF* */ #ifdef __cplusplus } #endif +/* *INDENT-ON* */ #include <gnutls/compat.h> -#endif /* GNUTLS_H */ +#endif /* GNUTLS_H */ diff --git a/lib/includes/gnutls/ocsp.h b/lib/includes/gnutls/ocsp.h index e7f412251a..2f8976f692 100644 --- a/lib/includes/gnutls/ocsp.h +++ b/lib/includes/gnutls/ocsp.h @@ -29,9 +29,11 @@ #include <gnutls/gnutls.h> #include <gnutls/x509.h> +/* *INDENT-OFF* */ #ifdef __cplusplus extern "C" { #endif +/* *INDENT-ON* */ #define GNUTLS_OCSP_NONCE "1.3.6.1.5.5.7.48.1.2" @@ -42,10 +44,10 @@ extern "C" { * * Enumeration of different OCSP printing variants. */ - typedef enum gnutls_ocsp_print_formats_t { - GNUTLS_OCSP_PRINT_FULL = 0, - GNUTLS_OCSP_PRINT_COMPACT = 1, - } gnutls_ocsp_print_formats_t; +typedef enum gnutls_ocsp_print_formats_t { + GNUTLS_OCSP_PRINT_FULL = 0, + GNUTLS_OCSP_PRINT_COMPACT = 1, +} gnutls_ocsp_print_formats_t; /** * gnutls_ocsp_resp_status_t: @@ -58,14 +60,14 @@ extern "C" { * * Enumeration of different OCSP response status codes. */ - typedef enum gnutls_ocsp_resp_status_t { - GNUTLS_OCSP_RESP_SUCCESSFUL = 0, - GNUTLS_OCSP_RESP_MALFORMEDREQUEST = 1, - GNUTLS_OCSP_RESP_INTERNALERROR = 2, - GNUTLS_OCSP_RESP_TRYLATER = 3, - GNUTLS_OCSP_RESP_SIGREQUIRED = 5, - GNUTLS_OCSP_RESP_UNAUTHORIZED = 6 - } gnutls_ocsp_resp_status_t; +typedef enum gnutls_ocsp_resp_status_t { + GNUTLS_OCSP_RESP_SUCCESSFUL = 0, + GNUTLS_OCSP_RESP_MALFORMEDREQUEST = 1, + GNUTLS_OCSP_RESP_INTERNALERROR = 2, + GNUTLS_OCSP_RESP_TRYLATER = 3, + GNUTLS_OCSP_RESP_SIGREQUIRED = 5, + GNUTLS_OCSP_RESP_UNAUTHORIZED = 6 +} gnutls_ocsp_resp_status_t; /** * gnutls_ocsp_cert_status_t: @@ -76,11 +78,11 @@ extern "C" { * * Enumeration of different OCSP response certificate status codes. */ - typedef enum gnutls_ocsp_cert_status_t { - GNUTLS_OCSP_CERT_GOOD = 0, - GNUTLS_OCSP_CERT_REVOKED = 1, - GNUTLS_OCSP_CERT_UNKNOWN = 2 - } gnutls_ocsp_cert_status_t; +typedef enum gnutls_ocsp_cert_status_t { + GNUTLS_OCSP_CERT_GOOD = 0, + GNUTLS_OCSP_CERT_REVOKED = 1, + GNUTLS_OCSP_CERT_UNKNOWN = 2 +} gnutls_ocsp_cert_status_t; /** * gnutls_x509_crl_reason_t: @@ -99,18 +101,18 @@ extern "C" { * corresponds to the CRLReason ASN.1 enumeration type, and not the * ReasonFlags ASN.1 bit string. */ - typedef enum gnutls_x509_crl_reason_t { - GNUTLS_X509_CRLREASON_UNSPECIFIED = 0, - GNUTLS_X509_CRLREASON_KEYCOMPROMISE = 1, - GNUTLS_X509_CRLREASON_CACOMPROMISE = 2, - GNUTLS_X509_CRLREASON_AFFILIATIONCHANGED = 3, - GNUTLS_X509_CRLREASON_SUPERSEDED = 4, - GNUTLS_X509_CRLREASON_CESSATIONOFOPERATION = 5, - GNUTLS_X509_CRLREASON_CERTIFICATEHOLD = 6, - GNUTLS_X509_CRLREASON_REMOVEFROMCRL = 8, - GNUTLS_X509_CRLREASON_PRIVILEGEWITHDRAWN = 9, - GNUTLS_X509_CRLREASON_AACOMPROMISE = 10 - } gnutls_x509_crl_reason_t; +typedef enum gnutls_x509_crl_reason_t { + GNUTLS_X509_CRLREASON_UNSPECIFIED = 0, + GNUTLS_X509_CRLREASON_KEYCOMPROMISE = 1, + GNUTLS_X509_CRLREASON_CACOMPROMISE = 2, + GNUTLS_X509_CRLREASON_AFFILIATIONCHANGED = 3, + GNUTLS_X509_CRLREASON_SUPERSEDED = 4, + GNUTLS_X509_CRLREASON_CESSATIONOFOPERATION = 5, + GNUTLS_X509_CRLREASON_CERTIFICATEHOLD = 6, + GNUTLS_X509_CRLREASON_REMOVEFROMCRL = 8, + GNUTLS_X509_CRLREASON_PRIVILEGEWITHDRAWN = 9, + GNUTLS_X509_CRLREASON_AACOMPROMISE = 10 +} gnutls_x509_crl_reason_t; /** * gnutls_ocsp_verify_reason_t: @@ -125,134 +127,131 @@ extern "C" { * Enumeration of OCSP verify status codes, used by * gnutls_ocsp_resp_verify() and gnutls_ocsp_resp_verify_direct(). */ - typedef enum gnutls_ocsp_verify_reason_t { - GNUTLS_OCSP_VERIFY_SIGNER_NOT_FOUND = 1, - GNUTLS_OCSP_VERIFY_SIGNER_KEYUSAGE_ERROR = 2, - GNUTLS_OCSP_VERIFY_UNTRUSTED_SIGNER = 4, - GNUTLS_OCSP_VERIFY_INSECURE_ALGORITHM = 8, - GNUTLS_OCSP_VERIFY_SIGNATURE_FAILURE = 16, - GNUTLS_OCSP_VERIFY_CERT_NOT_ACTIVATED = 32, - GNUTLS_OCSP_VERIFY_CERT_EXPIRED = 64 - } gnutls_ocsp_verify_reason_t; +typedef enum gnutls_ocsp_verify_reason_t { + GNUTLS_OCSP_VERIFY_SIGNER_NOT_FOUND = 1, + GNUTLS_OCSP_VERIFY_SIGNER_KEYUSAGE_ERROR = 2, + GNUTLS_OCSP_VERIFY_UNTRUSTED_SIGNER = 4, + GNUTLS_OCSP_VERIFY_INSECURE_ALGORITHM = 8, + GNUTLS_OCSP_VERIFY_SIGNATURE_FAILURE = 16, + GNUTLS_OCSP_VERIFY_CERT_NOT_ACTIVATED = 32, + GNUTLS_OCSP_VERIFY_CERT_EXPIRED = 64 +} gnutls_ocsp_verify_reason_t; - struct gnutls_ocsp_req_int; - typedef struct gnutls_ocsp_req_int *gnutls_ocsp_req_t; +struct gnutls_ocsp_req_int; +typedef struct gnutls_ocsp_req_int *gnutls_ocsp_req_t; - int gnutls_ocsp_req_init(gnutls_ocsp_req_t * req); - void gnutls_ocsp_req_deinit(gnutls_ocsp_req_t req); +int gnutls_ocsp_req_init(gnutls_ocsp_req_t * req); +void gnutls_ocsp_req_deinit(gnutls_ocsp_req_t req); - int gnutls_ocsp_req_import(gnutls_ocsp_req_t req, - const gnutls_datum_t * data); - int gnutls_ocsp_req_export(gnutls_ocsp_req_t req, - gnutls_datum_t * data); - int gnutls_ocsp_req_print(gnutls_ocsp_req_t req, - gnutls_ocsp_print_formats_t format, - gnutls_datum_t * out); +int gnutls_ocsp_req_import(gnutls_ocsp_req_t req, + const gnutls_datum_t * data); +int gnutls_ocsp_req_export(gnutls_ocsp_req_t req, gnutls_datum_t * data); +int gnutls_ocsp_req_print(gnutls_ocsp_req_t req, + gnutls_ocsp_print_formats_t format, + gnutls_datum_t * out); - int gnutls_ocsp_req_get_version(gnutls_ocsp_req_t req); +int gnutls_ocsp_req_get_version(gnutls_ocsp_req_t req); - int gnutls_ocsp_req_get_cert_id(gnutls_ocsp_req_t req, - unsigned indx, - gnutls_digest_algorithm_t * digest, - gnutls_datum_t * issuer_name_hash, - gnutls_datum_t * issuer_key_hash, - gnutls_datum_t * serial_number); - int gnutls_ocsp_req_add_cert_id(gnutls_ocsp_req_t req, - gnutls_digest_algorithm_t digest, - const gnutls_datum_t * - issuer_name_hash, - const gnutls_datum_t * - issuer_key_hash, - const gnutls_datum_t * - serial_number); - int gnutls_ocsp_req_add_cert(gnutls_ocsp_req_t req, - gnutls_digest_algorithm_t digest, - gnutls_x509_crt_t issuer, - gnutls_x509_crt_t cert); +int gnutls_ocsp_req_get_cert_id(gnutls_ocsp_req_t req, + unsigned indx, + gnutls_digest_algorithm_t * digest, + gnutls_datum_t * issuer_name_hash, + gnutls_datum_t * issuer_key_hash, + gnutls_datum_t * serial_number); +int gnutls_ocsp_req_add_cert_id(gnutls_ocsp_req_t req, + gnutls_digest_algorithm_t digest, + const gnutls_datum_t * + issuer_name_hash, + const gnutls_datum_t * + issuer_key_hash, + const gnutls_datum_t * serial_number); +int gnutls_ocsp_req_add_cert(gnutls_ocsp_req_t req, + gnutls_digest_algorithm_t digest, + gnutls_x509_crt_t issuer, + gnutls_x509_crt_t cert); - int gnutls_ocsp_req_get_extension(gnutls_ocsp_req_t req, - unsigned indx, - gnutls_datum_t * oid, - unsigned int *critical, - gnutls_datum_t * data); - int gnutls_ocsp_req_set_extension(gnutls_ocsp_req_t req, - const char *oid, - unsigned int critical, - const gnutls_datum_t * data); +int gnutls_ocsp_req_get_extension(gnutls_ocsp_req_t req, + unsigned indx, + gnutls_datum_t * oid, + unsigned int *critical, + gnutls_datum_t * data); +int gnutls_ocsp_req_set_extension(gnutls_ocsp_req_t req, + const char *oid, + unsigned int critical, + const gnutls_datum_t * data); - int gnutls_ocsp_req_get_nonce(gnutls_ocsp_req_t req, - unsigned int *critical, - gnutls_datum_t * nonce); - int gnutls_ocsp_req_set_nonce(gnutls_ocsp_req_t req, - unsigned int critical, - const gnutls_datum_t * nonce); - int gnutls_ocsp_req_randomize_nonce(gnutls_ocsp_req_t req); +int gnutls_ocsp_req_get_nonce(gnutls_ocsp_req_t req, + unsigned int *critical, + gnutls_datum_t * nonce); +int gnutls_ocsp_req_set_nonce(gnutls_ocsp_req_t req, + unsigned int critical, + const gnutls_datum_t * nonce); +int gnutls_ocsp_req_randomize_nonce(gnutls_ocsp_req_t req); - struct gnutls_ocsp_resp_int; - typedef struct gnutls_ocsp_resp_int *gnutls_ocsp_resp_t; +struct gnutls_ocsp_resp_int; +typedef struct gnutls_ocsp_resp_int *gnutls_ocsp_resp_t; - int gnutls_ocsp_resp_init(gnutls_ocsp_resp_t * resp); - void gnutls_ocsp_resp_deinit(gnutls_ocsp_resp_t resp); +int gnutls_ocsp_resp_init(gnutls_ocsp_resp_t * resp); +void gnutls_ocsp_resp_deinit(gnutls_ocsp_resp_t resp); - int gnutls_ocsp_resp_import(gnutls_ocsp_resp_t resp, - const gnutls_datum_t * data); - int gnutls_ocsp_resp_export(gnutls_ocsp_resp_t resp, - gnutls_datum_t * data); - int gnutls_ocsp_resp_print(gnutls_ocsp_resp_t resp, - gnutls_ocsp_print_formats_t format, - gnutls_datum_t * out); +int gnutls_ocsp_resp_import(gnutls_ocsp_resp_t resp, + const gnutls_datum_t * data); +int gnutls_ocsp_resp_export(gnutls_ocsp_resp_t resp, + gnutls_datum_t * data); +int gnutls_ocsp_resp_print(gnutls_ocsp_resp_t resp, + gnutls_ocsp_print_formats_t format, + gnutls_datum_t * out); - int gnutls_ocsp_resp_get_status(gnutls_ocsp_resp_t resp); - int gnutls_ocsp_resp_get_response(gnutls_ocsp_resp_t resp, - gnutls_datum_t * - response_type_oid, - gnutls_datum_t * response); +int gnutls_ocsp_resp_get_status(gnutls_ocsp_resp_t resp); +int gnutls_ocsp_resp_get_response(gnutls_ocsp_resp_t resp, + gnutls_datum_t * + response_type_oid, + gnutls_datum_t * response); - int gnutls_ocsp_resp_get_version(gnutls_ocsp_resp_t resp); - int gnutls_ocsp_resp_get_responder(gnutls_ocsp_resp_t resp, - gnutls_datum_t * dn); - time_t gnutls_ocsp_resp_get_produced(gnutls_ocsp_resp_t resp); - int gnutls_ocsp_resp_get_single(gnutls_ocsp_resp_t resp, - unsigned indx, - gnutls_digest_algorithm_t * digest, - gnutls_datum_t * issuer_name_hash, - gnutls_datum_t * issuer_key_hash, - gnutls_datum_t * serial_number, - unsigned int *cert_status, - time_t * this_update, - time_t * next_update, - time_t * revocation_time, - unsigned int *revocation_reason); - int gnutls_ocsp_resp_get_extension(gnutls_ocsp_resp_t resp, - unsigned indx, - gnutls_datum_t * oid, - unsigned int *critical, - gnutls_datum_t * data); - int gnutls_ocsp_resp_get_nonce(gnutls_ocsp_resp_t resp, - unsigned int *critical, - gnutls_datum_t * nonce); - int gnutls_ocsp_resp_get_signature_algorithm(gnutls_ocsp_resp_t - resp); - int gnutls_ocsp_resp_get_signature(gnutls_ocsp_resp_t resp, - gnutls_datum_t * sig); - int gnutls_ocsp_resp_get_certs(gnutls_ocsp_resp_t resp, - gnutls_x509_crt_t ** certs, - size_t * ncerts); +int gnutls_ocsp_resp_get_version(gnutls_ocsp_resp_t resp); +int gnutls_ocsp_resp_get_responder(gnutls_ocsp_resp_t resp, + gnutls_datum_t * dn); +time_t gnutls_ocsp_resp_get_produced(gnutls_ocsp_resp_t resp); +int gnutls_ocsp_resp_get_single(gnutls_ocsp_resp_t resp, + unsigned indx, + gnutls_digest_algorithm_t * digest, + gnutls_datum_t * issuer_name_hash, + gnutls_datum_t * issuer_key_hash, + gnutls_datum_t * serial_number, + unsigned int *cert_status, + time_t * this_update, + time_t * next_update, + time_t * revocation_time, + unsigned int *revocation_reason); +int gnutls_ocsp_resp_get_extension(gnutls_ocsp_resp_t resp, + unsigned indx, + gnutls_datum_t * oid, + unsigned int *critical, + gnutls_datum_t * data); +int gnutls_ocsp_resp_get_nonce(gnutls_ocsp_resp_t resp, + unsigned int *critical, + gnutls_datum_t * nonce); +int gnutls_ocsp_resp_get_signature_algorithm(gnutls_ocsp_resp_t resp); +int gnutls_ocsp_resp_get_signature(gnutls_ocsp_resp_t resp, + gnutls_datum_t * sig); +int gnutls_ocsp_resp_get_certs(gnutls_ocsp_resp_t resp, + gnutls_x509_crt_t ** certs, + size_t * ncerts); - int gnutls_ocsp_resp_verify_direct(gnutls_ocsp_resp_t resp, - gnutls_x509_crt_t issuer, - unsigned int *verify, - unsigned int flags); - int gnutls_ocsp_resp_verify(gnutls_ocsp_resp_t resp, - gnutls_x509_trust_list_t trustlist, - unsigned int *verify, - unsigned int flags); +int gnutls_ocsp_resp_verify_direct(gnutls_ocsp_resp_t resp, + gnutls_x509_crt_t issuer, + unsigned int *verify, + unsigned int flags); +int gnutls_ocsp_resp_verify(gnutls_ocsp_resp_t resp, + gnutls_x509_trust_list_t trustlist, + unsigned int *verify, unsigned int flags); - int gnutls_ocsp_resp_check_crt(gnutls_ocsp_resp_t resp, - unsigned int indx, - gnutls_x509_crt_t crt); +int gnutls_ocsp_resp_check_crt(gnutls_ocsp_resp_t resp, + unsigned int indx, gnutls_x509_crt_t crt); +/* *INDENT-OFF* */ #ifdef __cplusplus } #endif +/* *INDENT-ON* */ #endif /* GNUTLS_OCSP_H */ diff --git a/lib/includes/gnutls/openpgp.h b/lib/includes/gnutls/openpgp.h index abb0ed348b..1fee58fb49 100644 --- a/lib/includes/gnutls/openpgp.h +++ b/lib/includes/gnutls/openpgp.h @@ -30,9 +30,11 @@ #include <gnutls/gnutls.h> #include <limits.h> +/* *INDENT-OFF* */ #ifdef __cplusplus extern "C" { #endif +/* *INDENT-ON* */ /* Openpgp certificate stuff */ @@ -44,270 +46,250 @@ extern "C" { * * Enumeration of different OpenPGP key formats. */ - typedef enum gnutls_openpgp_crt_fmt { - GNUTLS_OPENPGP_FMT_RAW, - GNUTLS_OPENPGP_FMT_BASE64 - } gnutls_openpgp_crt_fmt_t; +typedef enum gnutls_openpgp_crt_fmt { + GNUTLS_OPENPGP_FMT_RAW, + GNUTLS_OPENPGP_FMT_BASE64 +} gnutls_openpgp_crt_fmt_t; #define GNUTLS_OPENPGP_KEYID_SIZE 8 #define GNUTLS_OPENPGP_V4_FINGERPRINT_SIZE 20 - typedef unsigned char - gnutls_openpgp_keyid_t[GNUTLS_OPENPGP_KEYID_SIZE]; +typedef unsigned char + gnutls_openpgp_keyid_t[GNUTLS_OPENPGP_KEYID_SIZE]; /* gnutls_openpgp_cert_t should be defined in gnutls.h */ /* initializes the memory for gnutls_openpgp_crt_t struct */ - int gnutls_openpgp_crt_init(gnutls_openpgp_crt_t * key); +int gnutls_openpgp_crt_init(gnutls_openpgp_crt_t * key); /* frees all memory */ - void gnutls_openpgp_crt_deinit(gnutls_openpgp_crt_t key); - - int gnutls_openpgp_crt_import(gnutls_openpgp_crt_t key, - const gnutls_datum_t * data, - gnutls_openpgp_crt_fmt_t format); - int gnutls_openpgp_crt_export(gnutls_openpgp_crt_t key, - gnutls_openpgp_crt_fmt_t format, - void *output_data, - size_t * output_data_size); - int gnutls_openpgp_crt_export2(gnutls_openpgp_crt_t key, - gnutls_openpgp_crt_fmt_t format, - gnutls_datum_t * out); - - int gnutls_openpgp_crt_print(gnutls_openpgp_crt_t cert, - gnutls_certificate_print_formats_t - format, gnutls_datum_t * out); +void gnutls_openpgp_crt_deinit(gnutls_openpgp_crt_t key); + +int gnutls_openpgp_crt_import(gnutls_openpgp_crt_t key, + const gnutls_datum_t * data, + gnutls_openpgp_crt_fmt_t format); +int gnutls_openpgp_crt_export(gnutls_openpgp_crt_t key, + gnutls_openpgp_crt_fmt_t format, + void *output_data, + size_t * output_data_size); +int gnutls_openpgp_crt_export2(gnutls_openpgp_crt_t key, + gnutls_openpgp_crt_fmt_t format, + gnutls_datum_t * out); + +int gnutls_openpgp_crt_print(gnutls_openpgp_crt_t cert, + gnutls_certificate_print_formats_t + format, gnutls_datum_t * out); /* The key_usage flags are defined in gnutls.h. They are * the GNUTLS_KEY_* definitions. */ #define GNUTLS_OPENPGP_MASTER_KEYID_IDX INT_MAX - int gnutls_openpgp_crt_get_key_usage(gnutls_openpgp_crt_t key, - unsigned int *key_usage); - int gnutls_openpgp_crt_get_fingerprint(gnutls_openpgp_crt_t key, - void *fpr, size_t * fprlen); - int gnutls_openpgp_crt_get_subkey_fingerprint(gnutls_openpgp_crt_t - key, - unsigned int idx, - void *fpr, - size_t * fprlen); +int gnutls_openpgp_crt_get_key_usage(gnutls_openpgp_crt_t key, + unsigned int *key_usage); +int gnutls_openpgp_crt_get_fingerprint(gnutls_openpgp_crt_t key, + void *fpr, size_t * fprlen); +int gnutls_openpgp_crt_get_subkey_fingerprint(gnutls_openpgp_crt_t + key, + unsigned int idx, + void *fpr, size_t * fprlen); - int gnutls_openpgp_crt_get_name(gnutls_openpgp_crt_t key, - int idx, char *buf, - size_t * sizeof_buf); +int gnutls_openpgp_crt_get_name(gnutls_openpgp_crt_t key, + int idx, char *buf, size_t * sizeof_buf); - gnutls_pk_algorithm_t - gnutls_openpgp_crt_get_pk_algorithm(gnutls_openpgp_crt_t key, - unsigned int *bits); +gnutls_pk_algorithm_t +gnutls_openpgp_crt_get_pk_algorithm(gnutls_openpgp_crt_t key, + unsigned int *bits); - int gnutls_openpgp_crt_get_version(gnutls_openpgp_crt_t key); +int gnutls_openpgp_crt_get_version(gnutls_openpgp_crt_t key); - time_t gnutls_openpgp_crt_get_creation_time(gnutls_openpgp_crt_t - key); - time_t gnutls_openpgp_crt_get_expiration_time(gnutls_openpgp_crt_t - key); +time_t gnutls_openpgp_crt_get_creation_time(gnutls_openpgp_crt_t key); +time_t gnutls_openpgp_crt_get_expiration_time(gnutls_openpgp_crt_t key); - int gnutls_openpgp_crt_get_key_id(gnutls_openpgp_crt_t key, - gnutls_openpgp_keyid_t keyid); +int gnutls_openpgp_crt_get_key_id(gnutls_openpgp_crt_t key, + gnutls_openpgp_keyid_t keyid); + +int gnutls_openpgp_crt_check_hostname(gnutls_openpgp_crt_t key, + const char *hostname); - int gnutls_openpgp_crt_check_hostname(gnutls_openpgp_crt_t key, - const char *hostname); - - int gnutls_openpgp_crt_get_revoked_status(gnutls_openpgp_crt_t - key); - - int gnutls_openpgp_crt_get_subkey_count(gnutls_openpgp_crt_t key); - int gnutls_openpgp_crt_get_subkey_idx(gnutls_openpgp_crt_t key, - const gnutls_openpgp_keyid_t - keyid); - int gnutls_openpgp_crt_get_subkey_revoked_status - (gnutls_openpgp_crt_t key, unsigned int idx); - gnutls_pk_algorithm_t - gnutls_openpgp_crt_get_subkey_pk_algorithm(gnutls_openpgp_crt_t - key, - unsigned int idx, - unsigned int *bits); - time_t - gnutls_openpgp_crt_get_subkey_creation_time - (gnutls_openpgp_crt_t key, unsigned int idx); - time_t - gnutls_openpgp_crt_get_subkey_expiration_time - (gnutls_openpgp_crt_t key, unsigned int idx); - int gnutls_openpgp_crt_get_subkey_id(gnutls_openpgp_crt_t key, - unsigned int idx, - gnutls_openpgp_keyid_t keyid); - int gnutls_openpgp_crt_get_subkey_usage(gnutls_openpgp_crt_t key, - unsigned int idx, - unsigned int *key_usage); - - int gnutls_openpgp_crt_get_subkey_pk_dsa_raw(gnutls_openpgp_crt_t - crt, unsigned int idx, - gnutls_datum_t * p, - gnutls_datum_t * q, - gnutls_datum_t * g, - gnutls_datum_t * y); - int gnutls_openpgp_crt_get_subkey_pk_rsa_raw(gnutls_openpgp_crt_t - crt, unsigned int idx, - gnutls_datum_t * m, - gnutls_datum_t * e); - int gnutls_openpgp_crt_get_pk_dsa_raw(gnutls_openpgp_crt_t crt, - gnutls_datum_t * p, - gnutls_datum_t * q, - gnutls_datum_t * g, - gnutls_datum_t * y); - int gnutls_openpgp_crt_get_pk_rsa_raw(gnutls_openpgp_crt_t crt, - gnutls_datum_t * m, - gnutls_datum_t * e); - - int gnutls_openpgp_crt_get_preferred_key_id(gnutls_openpgp_crt_t - key, - gnutls_openpgp_keyid_t - keyid); - int - gnutls_openpgp_crt_set_preferred_key_id(gnutls_openpgp_crt_t key, - const - gnutls_openpgp_keyid_t - keyid); +int gnutls_openpgp_crt_get_revoked_status(gnutls_openpgp_crt_t key); + +int gnutls_openpgp_crt_get_subkey_count(gnutls_openpgp_crt_t key); +int gnutls_openpgp_crt_get_subkey_idx(gnutls_openpgp_crt_t key, + const gnutls_openpgp_keyid_t keyid); +int gnutls_openpgp_crt_get_subkey_revoked_status + (gnutls_openpgp_crt_t key, unsigned int idx); +gnutls_pk_algorithm_t +gnutls_openpgp_crt_get_subkey_pk_algorithm(gnutls_openpgp_crt_t + key, + unsigned int idx, + unsigned int *bits); +time_t + gnutls_openpgp_crt_get_subkey_creation_time + (gnutls_openpgp_crt_t key, unsigned int idx); +time_t + gnutls_openpgp_crt_get_subkey_expiration_time + (gnutls_openpgp_crt_t key, unsigned int idx); +int gnutls_openpgp_crt_get_subkey_id(gnutls_openpgp_crt_t key, + unsigned int idx, + gnutls_openpgp_keyid_t keyid); +int gnutls_openpgp_crt_get_subkey_usage(gnutls_openpgp_crt_t key, + unsigned int idx, + unsigned int *key_usage); + +int gnutls_openpgp_crt_get_subkey_pk_dsa_raw(gnutls_openpgp_crt_t + crt, unsigned int idx, + gnutls_datum_t * p, + gnutls_datum_t * q, + gnutls_datum_t * g, + gnutls_datum_t * y); +int gnutls_openpgp_crt_get_subkey_pk_rsa_raw(gnutls_openpgp_crt_t + crt, unsigned int idx, + gnutls_datum_t * m, + gnutls_datum_t * e); +int gnutls_openpgp_crt_get_pk_dsa_raw(gnutls_openpgp_crt_t crt, + gnutls_datum_t * p, + gnutls_datum_t * q, + gnutls_datum_t * g, + gnutls_datum_t * y); +int gnutls_openpgp_crt_get_pk_rsa_raw(gnutls_openpgp_crt_t crt, + gnutls_datum_t * m, + gnutls_datum_t * e); + +int gnutls_openpgp_crt_get_preferred_key_id(gnutls_openpgp_crt_t + key, + gnutls_openpgp_keyid_t keyid); +int +gnutls_openpgp_crt_set_preferred_key_id(gnutls_openpgp_crt_t key, + const + gnutls_openpgp_keyid_t keyid); /* privkey stuff. */ - int gnutls_openpgp_privkey_init(gnutls_openpgp_privkey_t * key); - void gnutls_openpgp_privkey_deinit(gnutls_openpgp_privkey_t key); - gnutls_pk_algorithm_t - gnutls_openpgp_privkey_get_pk_algorithm - (gnutls_openpgp_privkey_t key, unsigned int *bits); - - gnutls_sec_param_t - gnutls_openpgp_privkey_sec_param(gnutls_openpgp_privkey_t key); - int gnutls_openpgp_privkey_import(gnutls_openpgp_privkey_t key, - const gnutls_datum_t * data, - gnutls_openpgp_crt_fmt_t format, - const char *password, - unsigned int flags); - - int gnutls_openpgp_privkey_get_fingerprint(gnutls_openpgp_privkey_t - key, void *fpr, - size_t * fprlen); - int gnutls_openpgp_privkey_get_subkey_fingerprint - (gnutls_openpgp_privkey_t key, unsigned int idx, void *fpr, - size_t * fprlen); - int gnutls_openpgp_privkey_get_key_id(gnutls_openpgp_privkey_t key, - gnutls_openpgp_keyid_t - keyid); - int gnutls_openpgp_privkey_get_subkey_count - (gnutls_openpgp_privkey_t key); - int gnutls_openpgp_privkey_get_subkey_idx(gnutls_openpgp_privkey_t - key, - const - gnutls_openpgp_keyid_t - keyid); - - int - gnutls_openpgp_privkey_get_subkey_revoked_status - (gnutls_openpgp_privkey_t key, unsigned int idx); - - int gnutls_openpgp_privkey_get_revoked_status - (gnutls_openpgp_privkey_t key); - - gnutls_pk_algorithm_t - gnutls_openpgp_privkey_get_subkey_pk_algorithm - (gnutls_openpgp_privkey_t key, unsigned int idx, - unsigned int *bits); - - time_t - gnutls_openpgp_privkey_get_subkey_expiration_time - (gnutls_openpgp_privkey_t key, unsigned int idx); - - int gnutls_openpgp_privkey_get_subkey_id(gnutls_openpgp_privkey_t - key, unsigned int idx, - gnutls_openpgp_keyid_t - keyid); - - time_t - gnutls_openpgp_privkey_get_subkey_creation_time - (gnutls_openpgp_privkey_t key, unsigned int idx); - - int - gnutls_openpgp_privkey_export_subkey_dsa_raw - (gnutls_openpgp_privkey_t pkey, unsigned int idx, - gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * g, - gnutls_datum_t * y, gnutls_datum_t * x); - int gnutls_openpgp_privkey_export_subkey_rsa_raw - (gnutls_openpgp_privkey_t pkey, unsigned int idx, - gnutls_datum_t * m, gnutls_datum_t * e, gnutls_datum_t * d, - gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * u); - - int gnutls_openpgp_privkey_export_dsa_raw(gnutls_openpgp_privkey_t - pkey, gnutls_datum_t * p, - gnutls_datum_t * q, - gnutls_datum_t * g, - gnutls_datum_t * y, - gnutls_datum_t * x); - int gnutls_openpgp_privkey_export_rsa_raw(gnutls_openpgp_privkey_t - pkey, gnutls_datum_t * m, - gnutls_datum_t * e, - gnutls_datum_t * d, - gnutls_datum_t * p, - gnutls_datum_t * q, - gnutls_datum_t * u); - - int gnutls_openpgp_privkey_export(gnutls_openpgp_privkey_t key, - gnutls_openpgp_crt_fmt_t format, - const char *password, - unsigned int flags, - void *output_data, - size_t * output_data_size); - int gnutls_openpgp_privkey_export2(gnutls_openpgp_privkey_t key, - gnutls_openpgp_crt_fmt_t format, - const char *password, - unsigned int flags, - gnutls_datum_t * out); - - int - gnutls_openpgp_privkey_set_preferred_key_id - (gnutls_openpgp_privkey_t key, - const gnutls_openpgp_keyid_t keyid); - int gnutls_openpgp_privkey_get_preferred_key_id - (gnutls_openpgp_privkey_t key, gnutls_openpgp_keyid_t keyid); - - int gnutls_openpgp_crt_get_auth_subkey(gnutls_openpgp_crt_t crt, - gnutls_openpgp_keyid_t - keyid, unsigned int flag); +int gnutls_openpgp_privkey_init(gnutls_openpgp_privkey_t * key); +void gnutls_openpgp_privkey_deinit(gnutls_openpgp_privkey_t key); +gnutls_pk_algorithm_t + gnutls_openpgp_privkey_get_pk_algorithm + (gnutls_openpgp_privkey_t key, unsigned int *bits); + +gnutls_sec_param_t +gnutls_openpgp_privkey_sec_param(gnutls_openpgp_privkey_t key); +int gnutls_openpgp_privkey_import(gnutls_openpgp_privkey_t key, + const gnutls_datum_t * data, + gnutls_openpgp_crt_fmt_t format, + const char *password, + unsigned int flags); + +int gnutls_openpgp_privkey_get_fingerprint(gnutls_openpgp_privkey_t + key, void *fpr, + size_t * fprlen); +int gnutls_openpgp_privkey_get_subkey_fingerprint + (gnutls_openpgp_privkey_t key, unsigned int idx, void *fpr, + size_t * fprlen); +int gnutls_openpgp_privkey_get_key_id(gnutls_openpgp_privkey_t key, + gnutls_openpgp_keyid_t keyid); +int gnutls_openpgp_privkey_get_subkey_count(gnutls_openpgp_privkey_t key); +int gnutls_openpgp_privkey_get_subkey_idx(gnutls_openpgp_privkey_t + key, + const + gnutls_openpgp_keyid_t keyid); + +int gnutls_openpgp_privkey_get_subkey_revoked_status + (gnutls_openpgp_privkey_t key, unsigned int idx); + +int gnutls_openpgp_privkey_get_revoked_status + (gnutls_openpgp_privkey_t key); + +gnutls_pk_algorithm_t + gnutls_openpgp_privkey_get_subkey_pk_algorithm + (gnutls_openpgp_privkey_t key, unsigned int idx, unsigned int *bits); + +time_t + gnutls_openpgp_privkey_get_subkey_expiration_time + (gnutls_openpgp_privkey_t key, unsigned int idx); + +int gnutls_openpgp_privkey_get_subkey_id(gnutls_openpgp_privkey_t + key, unsigned int idx, + gnutls_openpgp_keyid_t keyid); + +time_t + gnutls_openpgp_privkey_get_subkey_creation_time + (gnutls_openpgp_privkey_t key, unsigned int idx); + +int gnutls_openpgp_privkey_export_subkey_dsa_raw + (gnutls_openpgp_privkey_t pkey, unsigned int idx, + gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * g, + gnutls_datum_t * y, gnutls_datum_t * x); +int gnutls_openpgp_privkey_export_subkey_rsa_raw + (gnutls_openpgp_privkey_t pkey, unsigned int idx, + gnutls_datum_t * m, gnutls_datum_t * e, gnutls_datum_t * d, + gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * u); + +int gnutls_openpgp_privkey_export_dsa_raw(gnutls_openpgp_privkey_t + pkey, gnutls_datum_t * p, + gnutls_datum_t * q, + gnutls_datum_t * g, + gnutls_datum_t * y, + gnutls_datum_t * x); +int gnutls_openpgp_privkey_export_rsa_raw(gnutls_openpgp_privkey_t + pkey, gnutls_datum_t * m, + gnutls_datum_t * e, + gnutls_datum_t * d, + gnutls_datum_t * p, + gnutls_datum_t * q, + gnutls_datum_t * u); + +int gnutls_openpgp_privkey_export(gnutls_openpgp_privkey_t key, + gnutls_openpgp_crt_fmt_t format, + const char *password, + unsigned int flags, + void *output_data, + size_t * output_data_size); +int gnutls_openpgp_privkey_export2(gnutls_openpgp_privkey_t key, + gnutls_openpgp_crt_fmt_t format, + const char *password, + unsigned int flags, + gnutls_datum_t * out); + +int gnutls_openpgp_privkey_set_preferred_key_id + (gnutls_openpgp_privkey_t key, const gnutls_openpgp_keyid_t keyid); +int gnutls_openpgp_privkey_get_preferred_key_id + (gnutls_openpgp_privkey_t key, gnutls_openpgp_keyid_t keyid); + +int gnutls_openpgp_crt_get_auth_subkey(gnutls_openpgp_crt_t crt, + gnutls_openpgp_keyid_t + keyid, unsigned int flag); /* Keyring stuff. */ - int gnutls_openpgp_keyring_init(gnutls_openpgp_keyring_t * - keyring); - void gnutls_openpgp_keyring_deinit(gnutls_openpgp_keyring_t - keyring); +int gnutls_openpgp_keyring_init(gnutls_openpgp_keyring_t * keyring); +void gnutls_openpgp_keyring_deinit(gnutls_openpgp_keyring_t keyring); - int gnutls_openpgp_keyring_import(gnutls_openpgp_keyring_t keyring, - const gnutls_datum_t * data, - gnutls_openpgp_crt_fmt_t format); +int gnutls_openpgp_keyring_import(gnutls_openpgp_keyring_t keyring, + const gnutls_datum_t * data, + gnutls_openpgp_crt_fmt_t format); - int gnutls_openpgp_keyring_check_id(gnutls_openpgp_keyring_t ring, - const gnutls_openpgp_keyid_t - keyid, unsigned int flags); +int gnutls_openpgp_keyring_check_id(gnutls_openpgp_keyring_t ring, + const gnutls_openpgp_keyid_t + keyid, unsigned int flags); - int gnutls_openpgp_crt_verify_ring(gnutls_openpgp_crt_t key, - gnutls_openpgp_keyring_t - keyring, unsigned int flags, - unsigned int *verify - /* the output of the verification */ - ); +int gnutls_openpgp_crt_verify_ring(gnutls_openpgp_crt_t key, + gnutls_openpgp_keyring_t + keyring, unsigned int flags, + unsigned int *verify + /* the output of the verification */ + ); - int gnutls_openpgp_crt_verify_self(gnutls_openpgp_crt_t key, - unsigned int flags, - unsigned int *verify); +int gnutls_openpgp_crt_verify_self(gnutls_openpgp_crt_t key, + unsigned int flags, + unsigned int *verify); - int gnutls_openpgp_keyring_get_crt(gnutls_openpgp_keyring_t ring, - unsigned int idx, - gnutls_openpgp_crt_t * cert); +int gnutls_openpgp_keyring_get_crt(gnutls_openpgp_keyring_t ring, + unsigned int idx, + gnutls_openpgp_crt_t * cert); - int gnutls_openpgp_keyring_get_crt_count(gnutls_openpgp_keyring_t - ring); +int gnutls_openpgp_keyring_get_crt_count(gnutls_openpgp_keyring_t ring); @@ -328,56 +310,57 @@ extern "C" { * Returns: On success, %GNUTLS_E_SUCCESS (zero) is returned, * otherwise an error code is returned. */ - typedef int (*gnutls_openpgp_recv_key_func) (gnutls_session_t - session, - const unsigned char - *keyfpr, - unsigned int - keyfpr_length, - gnutls_datum_t * key); +typedef int (*gnutls_openpgp_recv_key_func) (gnutls_session_t + session, + const unsigned char + *keyfpr, + unsigned int + keyfpr_length, + gnutls_datum_t * key); - void - gnutls_openpgp_set_recv_key_function(gnutls_session_t session, - gnutls_openpgp_recv_key_func - func); +void +gnutls_openpgp_set_recv_key_function(gnutls_session_t session, + gnutls_openpgp_recv_key_func func); /* certificate authentication stuff. */ - int gnutls_certificate_set_openpgp_key - (gnutls_certificate_credentials_t res, - gnutls_openpgp_crt_t crt, gnutls_openpgp_privkey_t pkey); - - int - gnutls_certificate_set_openpgp_key_file - (gnutls_certificate_credentials_t res, const char *certfile, - const char *keyfile, gnutls_openpgp_crt_fmt_t format); - int gnutls_certificate_set_openpgp_key_mem - (gnutls_certificate_credentials_t res, - const gnutls_datum_t * cert, const gnutls_datum_t * key, - gnutls_openpgp_crt_fmt_t format); - - int - gnutls_certificate_set_openpgp_key_file2 - (gnutls_certificate_credentials_t res, const char *certfile, - const char *keyfile, const char *subkey_id, - gnutls_openpgp_crt_fmt_t format); - int - gnutls_certificate_set_openpgp_key_mem2 - (gnutls_certificate_credentials_t res, - const gnutls_datum_t * cert, const gnutls_datum_t * key, - const char *subkey_id, gnutls_openpgp_crt_fmt_t format); - - int gnutls_certificate_set_openpgp_keyring_mem - (gnutls_certificate_credentials_t c, const unsigned char *data, - size_t dlen, gnutls_openpgp_crt_fmt_t format); - - int gnutls_certificate_set_openpgp_keyring_file - (gnutls_certificate_credentials_t c, const char *file, - gnutls_openpgp_crt_fmt_t format); - +int gnutls_certificate_set_openpgp_key + (gnutls_certificate_credentials_t res, + gnutls_openpgp_crt_t crt, gnutls_openpgp_privkey_t pkey); + +int + gnutls_certificate_set_openpgp_key_file + (gnutls_certificate_credentials_t res, const char *certfile, + const char *keyfile, gnutls_openpgp_crt_fmt_t format); +int gnutls_certificate_set_openpgp_key_mem + (gnutls_certificate_credentials_t res, + const gnutls_datum_t * cert, const gnutls_datum_t * key, + gnutls_openpgp_crt_fmt_t format); + +int + gnutls_certificate_set_openpgp_key_file2 + (gnutls_certificate_credentials_t res, const char *certfile, + const char *keyfile, const char *subkey_id, + gnutls_openpgp_crt_fmt_t format); +int + gnutls_certificate_set_openpgp_key_mem2 + (gnutls_certificate_credentials_t res, + const gnutls_datum_t * cert, const gnutls_datum_t * key, + const char *subkey_id, gnutls_openpgp_crt_fmt_t format); + +int gnutls_certificate_set_openpgp_keyring_mem + (gnutls_certificate_credentials_t c, const unsigned char *data, + size_t dlen, gnutls_openpgp_crt_fmt_t format); + +int gnutls_certificate_set_openpgp_keyring_file + (gnutls_certificate_credentials_t c, const char *file, + gnutls_openpgp_crt_fmt_t format); + +/* *INDENT-OFF* */ #ifdef __cplusplus } #endif +/* *INDENT-ON* */ #endif /* GNUTLS_OPENPGP_H */ diff --git a/lib/includes/gnutls/pkcs11.h b/lib/includes/gnutls/pkcs11.h index 13015c0bef..1877faab43 100644 --- a/lib/includes/gnutls/pkcs11.h +++ b/lib/includes/gnutls/pkcs11.h @@ -28,9 +28,11 @@ #include <gnutls/gnutls.h> #include <gnutls/x509.h> +/* *INDENT-OFF* */ #ifdef __cplusplus extern "C" { #endif +/* *INDENT-ON* */ #define GNUTLS_PKCS11_MAX_PIN_LEN 32 @@ -52,15 +54,14 @@ extern "C" { * * Since: 2.12.0 **/ - typedef int (*gnutls_pkcs11_token_callback_t) (void *const - userdata, - const char *const - label, - unsigned retry); +typedef int (*gnutls_pkcs11_token_callback_t) (void *const + userdata, + const char *const + label, unsigned retry); - struct gnutls_pkcs11_obj_st; - typedef struct gnutls_pkcs11_obj_st *gnutls_pkcs11_obj_t; +struct gnutls_pkcs11_obj_st; +typedef struct gnutls_pkcs11_obj_st *gnutls_pkcs11_obj_t; #define GNUTLS_PKCS11_FLAG_MANUAL 0 /* Manual loading of libraries */ @@ -71,25 +72,24 @@ extern "C" { * load = /lib/yyy-pkcs11.so */ - int gnutls_pkcs11_init(unsigned int flags, - const char *deprecated_config_file); - int gnutls_pkcs11_reinit(void); - void gnutls_pkcs11_deinit(void); - void gnutls_pkcs11_set_token_function - (gnutls_pkcs11_token_callback_t fn, void *userdata); +int gnutls_pkcs11_init(unsigned int flags, + const char *deprecated_config_file); +int gnutls_pkcs11_reinit(void); +void gnutls_pkcs11_deinit(void); +void gnutls_pkcs11_set_token_function + (gnutls_pkcs11_token_callback_t fn, void *userdata); - void gnutls_pkcs11_set_pin_function(gnutls_pin_callback_t fn, - void *userdata); +void gnutls_pkcs11_set_pin_function(gnutls_pin_callback_t fn, + void *userdata); - gnutls_pin_callback_t gnutls_pkcs11_get_pin_function(void - **userdata); +gnutls_pin_callback_t gnutls_pkcs11_get_pin_function(void + **userdata); - int gnutls_pkcs11_add_provider(const char *name, - const char *params); - int gnutls_pkcs11_obj_init(gnutls_pkcs11_obj_t * obj); - void gnutls_pkcs11_obj_set_pin_function(gnutls_pkcs11_obj_t obj, - gnutls_pin_callback_t fn, - void *userdata); +int gnutls_pkcs11_add_provider(const char *name, const char *params); +int gnutls_pkcs11_obj_init(gnutls_pkcs11_obj_t * obj); +void gnutls_pkcs11_obj_set_pin_function(gnutls_pkcs11_obj_t obj, + gnutls_pin_callback_t fn, + void *userdata); #define GNUTLS_PKCS11_OBJ_FLAG_LOGIN (1<<0) /* force login in the token for the operation */ #define GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED (1<<1) /* object marked as trusted */ @@ -106,51 +106,46 @@ extern "C" { * * Enumeration of different URL extraction flags. */ - typedef enum { - GNUTLS_PKCS11_URL_GENERIC, /* URL specifies the object on token level */ - GNUTLS_PKCS11_URL_LIB, /* URL specifies the object on module level */ - GNUTLS_PKCS11_URL_LIB_VERSION /* URL specifies the object on module and version level */ - } gnutls_pkcs11_url_type_t; - - int gnutls_pkcs11_obj_import_url(gnutls_pkcs11_obj_t obj, - const char *url, - unsigned int flags - /* GNUTLS_PKCS11_OBJ_FLAG_* */ ); - int gnutls_pkcs11_obj_export_url(gnutls_pkcs11_obj_t obj, - gnutls_pkcs11_url_type_t detailed, - char **url); - void gnutls_pkcs11_obj_deinit(gnutls_pkcs11_obj_t obj); - - int gnutls_pkcs11_obj_export(gnutls_pkcs11_obj_t obj, - void *output_data, - size_t * output_data_size); - int gnutls_pkcs11_obj_export2(gnutls_pkcs11_obj_t obj, - gnutls_datum_t * out); - - int gnutls_pkcs11_copy_x509_crt(const char *token_url, - gnutls_x509_crt_t crt, - const char *label, - unsigned int flags - /* GNUTLS_PKCS11_OBJ_FLAG_* */ ); - int gnutls_pkcs11_copy_x509_privkey(const char *token_url, - gnutls_x509_privkey_t key, - const char *label, - unsigned int key_usage - /*GNUTLS_KEY_* */ , - unsigned int flags - /* GNUTLS_PKCS11_OBJ_FLAG_* */ - ); - int gnutls_pkcs11_delete_url(const char *object_url, - unsigned int flags - /* GNUTLS_PKCS11_OBJ_FLAG_* */ ); - - int gnutls_pkcs11_copy_secret_key(const char *token_url, - gnutls_datum_t * key, - const char *label, - unsigned int key_usage - /* GNUTLS_KEY_* */ , - unsigned int flags - /* GNUTLS_PKCS11_OBJ_FLAG_* */ ); +typedef enum { + GNUTLS_PKCS11_URL_GENERIC, /* URL specifies the object on token level */ + GNUTLS_PKCS11_URL_LIB, /* URL specifies the object on module level */ + GNUTLS_PKCS11_URL_LIB_VERSION /* URL specifies the object on module and version level */ +} gnutls_pkcs11_url_type_t; + +int gnutls_pkcs11_obj_import_url(gnutls_pkcs11_obj_t obj, + const char *url, unsigned int flags + /* GNUTLS_PKCS11_OBJ_FLAG_* */ ); +int gnutls_pkcs11_obj_export_url(gnutls_pkcs11_obj_t obj, + gnutls_pkcs11_url_type_t detailed, + char **url); +void gnutls_pkcs11_obj_deinit(gnutls_pkcs11_obj_t obj); + +int gnutls_pkcs11_obj_export(gnutls_pkcs11_obj_t obj, + void *output_data, size_t * output_data_size); +int gnutls_pkcs11_obj_export2(gnutls_pkcs11_obj_t obj, + gnutls_datum_t * out); + +int gnutls_pkcs11_copy_x509_crt(const char *token_url, + gnutls_x509_crt_t crt, + const char *label, unsigned int flags + /* GNUTLS_PKCS11_OBJ_FLAG_* */ ); +int gnutls_pkcs11_copy_x509_privkey(const char *token_url, + gnutls_x509_privkey_t key, + const char *label, + unsigned int key_usage + /*GNUTLS_KEY_* */ , + unsigned int flags + /* GNUTLS_PKCS11_OBJ_FLAG_* */ + ); +int gnutls_pkcs11_delete_url(const char *object_url, unsigned int flags + /* GNUTLS_PKCS11_OBJ_FLAG_* */ ); + +int gnutls_pkcs11_copy_secret_key(const char *token_url, + gnutls_datum_t * key, + const char *label, unsigned int key_usage + /* GNUTLS_KEY_* */ , + unsigned int flags + /* GNUTLS_PKCS11_OBJ_FLAG_* */ ); /** * gnutls_pkcs11_obj_info_t: @@ -167,23 +162,23 @@ extern "C" { * * Enumeration of several object information types. */ - typedef enum { - GNUTLS_PKCS11_OBJ_ID_HEX = 1, - GNUTLS_PKCS11_OBJ_LABEL, - GNUTLS_PKCS11_OBJ_TOKEN_LABEL, - GNUTLS_PKCS11_OBJ_TOKEN_SERIAL, - GNUTLS_PKCS11_OBJ_TOKEN_MANUFACTURER, - GNUTLS_PKCS11_OBJ_TOKEN_MODEL, - GNUTLS_PKCS11_OBJ_ID, - /* the pkcs11 provider library info */ - GNUTLS_PKCS11_OBJ_LIBRARY_VERSION, - GNUTLS_PKCS11_OBJ_LIBRARY_DESCRIPTION, - GNUTLS_PKCS11_OBJ_LIBRARY_MANUFACTURER - } gnutls_pkcs11_obj_info_t; - - int gnutls_pkcs11_obj_get_info(gnutls_pkcs11_obj_t crt, - gnutls_pkcs11_obj_info_t itype, - void *output, size_t * output_size); +typedef enum { + GNUTLS_PKCS11_OBJ_ID_HEX = 1, + GNUTLS_PKCS11_OBJ_LABEL, + GNUTLS_PKCS11_OBJ_TOKEN_LABEL, + GNUTLS_PKCS11_OBJ_TOKEN_SERIAL, + GNUTLS_PKCS11_OBJ_TOKEN_MANUFACTURER, + GNUTLS_PKCS11_OBJ_TOKEN_MODEL, + GNUTLS_PKCS11_OBJ_ID, + /* the pkcs11 provider library info */ + GNUTLS_PKCS11_OBJ_LIBRARY_VERSION, + GNUTLS_PKCS11_OBJ_LIBRARY_DESCRIPTION, + GNUTLS_PKCS11_OBJ_LIBRARY_MANUFACTURER +} gnutls_pkcs11_obj_info_t; + +int gnutls_pkcs11_obj_get_info(gnutls_pkcs11_obj_t crt, + gnutls_pkcs11_obj_info_t itype, + void *output, size_t * output_size); /** * gnutls_pkcs11_obj_attr_t: @@ -197,15 +192,15 @@ extern "C" { * * Enumeration of several attributes for object enumeration. */ - typedef enum { - GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL = 1, /* all certificates */ - GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED, /* certificates marked as trusted */ - GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY, /* certificates with corresponding private key */ - GNUTLS_PKCS11_OBJ_ATTR_PUBKEY, /* public keys */ - GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY, /* private keys */ - GNUTLS_PKCS11_OBJ_ATTR_ALL, /* everything! */ - GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED_CA, /* CAs */ - } gnutls_pkcs11_obj_attr_t; +typedef enum { + GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL = 1, /* all certificates */ + GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED, /* certificates marked as trusted */ + GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY, /* certificates with corresponding private key */ + GNUTLS_PKCS11_OBJ_ATTR_PUBKEY, /* public keys */ + GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY, /* private keys */ + GNUTLS_PKCS11_OBJ_ATTR_ALL, /* everything! */ + GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED_CA, /* CAs */ +} gnutls_pkcs11_obj_attr_t; /** * gnutls_pkcs11_token_info_t: @@ -216,12 +211,12 @@ extern "C" { * * Enumeration of types for retrieving token information. */ - typedef enum { - GNUTLS_PKCS11_TOKEN_LABEL, - GNUTLS_PKCS11_TOKEN_SERIAL, - GNUTLS_PKCS11_TOKEN_MANUFACTURER, - GNUTLS_PKCS11_TOKEN_MODEL - } gnutls_pkcs11_token_info_t; +typedef enum { + GNUTLS_PKCS11_TOKEN_LABEL, + GNUTLS_PKCS11_TOKEN_SERIAL, + GNUTLS_PKCS11_TOKEN_MANUFACTURER, + GNUTLS_PKCS11_TOKEN_MODEL +} gnutls_pkcs11_token_info_t; /** * gnutls_pkcs11_obj_type_t: @@ -234,120 +229,113 @@ extern "C" { * * Enumeration of object types. */ - typedef enum { - GNUTLS_PKCS11_OBJ_UNKNOWN, - GNUTLS_PKCS11_OBJ_X509_CRT, - GNUTLS_PKCS11_OBJ_PUBKEY, - GNUTLS_PKCS11_OBJ_PRIVKEY, - GNUTLS_PKCS11_OBJ_SECRET_KEY, - GNUTLS_PKCS11_OBJ_DATA - } gnutls_pkcs11_obj_type_t; - - int - gnutls_pkcs11_token_init(const char *token_url, - const char *so_pin, const char *label); - - int - gnutls_pkcs11_token_get_mechanism(const char *url, - unsigned int idx, - unsigned long *mechanism); - - int gnutls_pkcs11_token_set_pin(const char *token_url, const char *oldpin, const char *newpin, unsigned int flags /*gnutls_pin_flag_t */ - ); - - int gnutls_pkcs11_token_get_url(unsigned int seq, - gnutls_pkcs11_url_type_t detailed, - char **url); - int gnutls_pkcs11_token_get_info(const char *url, - gnutls_pkcs11_token_info_t ttype, - void *output, - size_t * output_size); +typedef enum { + GNUTLS_PKCS11_OBJ_UNKNOWN, + GNUTLS_PKCS11_OBJ_X509_CRT, + GNUTLS_PKCS11_OBJ_PUBKEY, + GNUTLS_PKCS11_OBJ_PRIVKEY, + GNUTLS_PKCS11_OBJ_SECRET_KEY, + GNUTLS_PKCS11_OBJ_DATA +} gnutls_pkcs11_obj_type_t; + +int +gnutls_pkcs11_token_init(const char *token_url, + const char *so_pin, const char *label); + +int +gnutls_pkcs11_token_get_mechanism(const char *url, + unsigned int idx, + unsigned long *mechanism); + +int gnutls_pkcs11_token_set_pin(const char *token_url, const char *oldpin, const char *newpin, unsigned int flags /*gnutls_pin_flag_t */ + ); + +int gnutls_pkcs11_token_get_url(unsigned int seq, + gnutls_pkcs11_url_type_t detailed, + char **url); +int gnutls_pkcs11_token_get_info(const char *url, + gnutls_pkcs11_token_info_t ttype, + void *output, size_t * output_size); #define GNUTLS_PKCS11_TOKEN_HW 1 - int gnutls_pkcs11_token_get_flags(const char *url, - unsigned int *flags); - - int gnutls_pkcs11_obj_list_import_url(gnutls_pkcs11_obj_t * p_list, - unsigned int *const n_list, - const char *url, - gnutls_pkcs11_obj_attr_t - attrs, unsigned int flags - /* GNUTLS_PKCS11_OBJ_FLAG_* */ - ); - - int - gnutls_pkcs11_obj_list_import_url2(gnutls_pkcs11_obj_t ** p_list, - unsigned int *n_list, - const char *url, - gnutls_pkcs11_obj_attr_t attrs, - unsigned int flags - /* GNUTLS_PKCS11_OBJ_FLAG_* */ - ); - - int gnutls_x509_crt_import_pkcs11(gnutls_x509_crt_t crt, - gnutls_pkcs11_obj_t pkcs11_crt); - int gnutls_x509_crt_import_pkcs11_url(gnutls_x509_crt_t crt, - const char *url, - unsigned int flags - /* GNUTLS_PKCS11_OBJ_FLAG_* */ - ); - - gnutls_pkcs11_obj_type_t - gnutls_pkcs11_obj_get_type(gnutls_pkcs11_obj_t obj); - const char *gnutls_pkcs11_type_get_name(gnutls_pkcs11_obj_type_t - type); - - int gnutls_x509_crt_list_import_pkcs11(gnutls_x509_crt_t * certs, - unsigned int cert_max, - gnutls_pkcs11_obj_t * - const objs, - unsigned int flags - /* must be zero */ ); +int gnutls_pkcs11_token_get_flags(const char *url, unsigned int *flags); + +int gnutls_pkcs11_obj_list_import_url(gnutls_pkcs11_obj_t * p_list, + unsigned int *const n_list, + const char *url, + gnutls_pkcs11_obj_attr_t + attrs, unsigned int flags + /* GNUTLS_PKCS11_OBJ_FLAG_* */ + ); + +int +gnutls_pkcs11_obj_list_import_url2(gnutls_pkcs11_obj_t ** p_list, + unsigned int *n_list, + const char *url, + gnutls_pkcs11_obj_attr_t attrs, + unsigned int flags + /* GNUTLS_PKCS11_OBJ_FLAG_* */ + ); + +int gnutls_x509_crt_import_pkcs11(gnutls_x509_crt_t crt, + gnutls_pkcs11_obj_t pkcs11_crt); +int gnutls_x509_crt_import_pkcs11_url(gnutls_x509_crt_t crt, + const char *url, unsigned int flags + /* GNUTLS_PKCS11_OBJ_FLAG_* */ + ); + +gnutls_pkcs11_obj_type_t +gnutls_pkcs11_obj_get_type(gnutls_pkcs11_obj_t obj); +const char *gnutls_pkcs11_type_get_name(gnutls_pkcs11_obj_type_t type); + +int gnutls_x509_crt_list_import_pkcs11(gnutls_x509_crt_t * certs, + unsigned int cert_max, + gnutls_pkcs11_obj_t * + const objs, unsigned int flags + /* must be zero */ ); /* private key functions...*/ - int gnutls_pkcs11_privkey_init(gnutls_pkcs11_privkey_t * key); - void gnutls_pkcs11_privkey_set_pin_function(gnutls_pkcs11_privkey_t - key, - gnutls_pin_callback_t - fn, void *userdata); - void gnutls_pkcs11_privkey_deinit(gnutls_pkcs11_privkey_t key); - int gnutls_pkcs11_privkey_get_pk_algorithm(gnutls_pkcs11_privkey_t - key, - unsigned int *bits); - int gnutls_pkcs11_privkey_get_info(gnutls_pkcs11_privkey_t pkey, - gnutls_pkcs11_obj_info_t itype, - void *output, - size_t * output_size); - - int gnutls_pkcs11_privkey_import_url(gnutls_pkcs11_privkey_t pkey, - const char *url, - unsigned int flags); - - int gnutls_pkcs11_privkey_export_url(gnutls_pkcs11_privkey_t key, - gnutls_pkcs11_url_type_t - detailed, char **url); - int gnutls_pkcs11_privkey_status(gnutls_pkcs11_privkey_t key); - - int gnutls_pkcs11_privkey_generate(const char *url, - gnutls_pk_algorithm_t pk, - unsigned int bits, - const char *label, - unsigned int flags); - - int - gnutls_pkcs11_privkey_generate2(const char *url, - gnutls_pk_algorithm_t pk, - unsigned int bits, - const char *label, - gnutls_x509_crt_fmt_t fmt, - gnutls_datum_t * pubkey, - unsigned int flags); - - int - gnutls_pkcs11_token_get_random(const char *token_url, - void *data, size_t len); - +int gnutls_pkcs11_privkey_init(gnutls_pkcs11_privkey_t * key); +void gnutls_pkcs11_privkey_set_pin_function(gnutls_pkcs11_privkey_t + key, + gnutls_pin_callback_t + fn, void *userdata); +void gnutls_pkcs11_privkey_deinit(gnutls_pkcs11_privkey_t key); +int gnutls_pkcs11_privkey_get_pk_algorithm(gnutls_pkcs11_privkey_t + key, unsigned int *bits); +int gnutls_pkcs11_privkey_get_info(gnutls_pkcs11_privkey_t pkey, + gnutls_pkcs11_obj_info_t itype, + void *output, size_t * output_size); + +int gnutls_pkcs11_privkey_import_url(gnutls_pkcs11_privkey_t pkey, + const char *url, unsigned int flags); + +int gnutls_pkcs11_privkey_export_url(gnutls_pkcs11_privkey_t key, + gnutls_pkcs11_url_type_t + detailed, char **url); +int gnutls_pkcs11_privkey_status(gnutls_pkcs11_privkey_t key); + +int gnutls_pkcs11_privkey_generate(const char *url, + gnutls_pk_algorithm_t pk, + unsigned int bits, + const char *label, unsigned int flags); + +int +gnutls_pkcs11_privkey_generate2(const char *url, + gnutls_pk_algorithm_t pk, + unsigned int bits, + const char *label, + gnutls_x509_crt_fmt_t fmt, + gnutls_datum_t * pubkey, + unsigned int flags); + +int +gnutls_pkcs11_token_get_random(const char *token_url, + void *data, size_t len); + +/* *INDENT-OFF* */ #ifdef __cplusplus } #endif +/* *INDENT-ON* */ #endif diff --git a/lib/includes/gnutls/pkcs12.h b/lib/includes/gnutls/pkcs12.h index ad1410d434..8b024e502b 100644 --- a/lib/includes/gnutls/pkcs12.h +++ b/lib/includes/gnutls/pkcs12.h @@ -25,58 +25,53 @@ #include <gnutls/x509.h> +/* *INDENT-OFF* */ #ifdef __cplusplus extern "C" { #endif +/* *INDENT-ON* */ /* PKCS12 structures handling */ - struct gnutls_pkcs12_int; - typedef struct gnutls_pkcs12_int *gnutls_pkcs12_t; - - struct gnutls_pkcs12_bag_int; - typedef struct gnutls_pkcs12_bag_int *gnutls_pkcs12_bag_t; - - int gnutls_pkcs12_init(gnutls_pkcs12_t * pkcs12); - void gnutls_pkcs12_deinit(gnutls_pkcs12_t pkcs12); - int gnutls_pkcs12_import(gnutls_pkcs12_t pkcs12, - const gnutls_datum_t * data, - gnutls_x509_crt_fmt_t format, - unsigned int flags); - int gnutls_pkcs12_export(gnutls_pkcs12_t pkcs12, - gnutls_x509_crt_fmt_t format, - void *output_data, - size_t * output_data_size); - int gnutls_pkcs12_export2(gnutls_pkcs12_t pkcs12, - gnutls_x509_crt_fmt_t format, - gnutls_datum_t * out); - - int gnutls_pkcs12_get_bag(gnutls_pkcs12_t pkcs12, - int indx, gnutls_pkcs12_bag_t bag); - int gnutls_pkcs12_set_bag(gnutls_pkcs12_t pkcs12, - gnutls_pkcs12_bag_t bag); - - int gnutls_pkcs12_generate_mac(gnutls_pkcs12_t pkcs12, - const char *pass); - int gnutls_pkcs12_verify_mac(gnutls_pkcs12_t pkcs12, - const char *pass); - - int gnutls_pkcs12_bag_decrypt(gnutls_pkcs12_bag_t bag, - const char *pass); - int gnutls_pkcs12_bag_encrypt(gnutls_pkcs12_bag_t bag, - const char *pass, - unsigned int flags); +struct gnutls_pkcs12_int; +typedef struct gnutls_pkcs12_int *gnutls_pkcs12_t; + +struct gnutls_pkcs12_bag_int; +typedef struct gnutls_pkcs12_bag_int *gnutls_pkcs12_bag_t; + +int gnutls_pkcs12_init(gnutls_pkcs12_t * pkcs12); +void gnutls_pkcs12_deinit(gnutls_pkcs12_t pkcs12); +int gnutls_pkcs12_import(gnutls_pkcs12_t pkcs12, + const gnutls_datum_t * data, + gnutls_x509_crt_fmt_t format, unsigned int flags); +int gnutls_pkcs12_export(gnutls_pkcs12_t pkcs12, + gnutls_x509_crt_fmt_t format, + void *output_data, size_t * output_data_size); +int gnutls_pkcs12_export2(gnutls_pkcs12_t pkcs12, + gnutls_x509_crt_fmt_t format, + gnutls_datum_t * out); + +int gnutls_pkcs12_get_bag(gnutls_pkcs12_t pkcs12, + int indx, gnutls_pkcs12_bag_t bag); +int gnutls_pkcs12_set_bag(gnutls_pkcs12_t pkcs12, gnutls_pkcs12_bag_t bag); + +int gnutls_pkcs12_generate_mac(gnutls_pkcs12_t pkcs12, const char *pass); +int gnutls_pkcs12_verify_mac(gnutls_pkcs12_t pkcs12, const char *pass); + +int gnutls_pkcs12_bag_decrypt(gnutls_pkcs12_bag_t bag, const char *pass); +int gnutls_pkcs12_bag_encrypt(gnutls_pkcs12_bag_t bag, + const char *pass, unsigned int flags); #define GNUTLS_PKCS12_SP_INCLUDE_SELF_SIGNED 1 - int gnutls_pkcs12_simple_parse(gnutls_pkcs12_t p12, - const char *password, - gnutls_x509_privkey_t * key, - gnutls_x509_crt_t ** chain, - unsigned int *chain_len, - gnutls_x509_crt_t ** extra_certs, - unsigned int *extra_certs_len, - gnutls_x509_crl_t * crl, - unsigned int flags); +int gnutls_pkcs12_simple_parse(gnutls_pkcs12_t p12, + const char *password, + gnutls_x509_privkey_t * key, + gnutls_x509_crt_t ** chain, + unsigned int *chain_len, + gnutls_x509_crt_t ** extra_certs, + unsigned int *extra_certs_len, + gnutls_x509_crl_t * crl, + unsigned int flags); /** * gnutls_pkcs12_bag_type_t: @@ -91,49 +86,50 @@ extern "C" { * * Enumeration of different PKCS 12 bag types. */ - typedef enum gnutls_pkcs12_bag_type_t { - GNUTLS_BAG_EMPTY = 0, - GNUTLS_BAG_PKCS8_ENCRYPTED_KEY = 1, - GNUTLS_BAG_PKCS8_KEY = 2, - GNUTLS_BAG_CERTIFICATE = 3, - GNUTLS_BAG_CRL = 4, - GNUTLS_BAG_SECRET = 5, /* Secret data. Underspecified in pkcs-12, - * gnutls extension. We use the PKCS-9 - * random nonce ID 1.2.840.113549.1.9.25.3 - * to store randomly generated keys. - */ - GNUTLS_BAG_ENCRYPTED = 10, - GNUTLS_BAG_UNKNOWN = 20 - } gnutls_pkcs12_bag_type_t; - - gnutls_pkcs12_bag_type_t - gnutls_pkcs12_bag_get_type(gnutls_pkcs12_bag_t bag, int indx); - int gnutls_pkcs12_bag_get_data(gnutls_pkcs12_bag_t bag, int indx, - gnutls_datum_t * data); - int gnutls_pkcs12_bag_set_data(gnutls_pkcs12_bag_t bag, - gnutls_pkcs12_bag_type_t type, - const gnutls_datum_t * data); - int gnutls_pkcs12_bag_set_crl(gnutls_pkcs12_bag_t bag, - gnutls_x509_crl_t crl); - int gnutls_pkcs12_bag_set_crt(gnutls_pkcs12_bag_t bag, - gnutls_x509_crt_t crt); - - int gnutls_pkcs12_bag_init(gnutls_pkcs12_bag_t * bag); - void gnutls_pkcs12_bag_deinit(gnutls_pkcs12_bag_t bag); - int gnutls_pkcs12_bag_get_count(gnutls_pkcs12_bag_t bag); - - int gnutls_pkcs12_bag_get_key_id(gnutls_pkcs12_bag_t bag, int indx, - gnutls_datum_t * id); - int gnutls_pkcs12_bag_set_key_id(gnutls_pkcs12_bag_t bag, int indx, - const gnutls_datum_t * id); - - int gnutls_pkcs12_bag_get_friendly_name(gnutls_pkcs12_bag_t bag, - int indx, char **name); - int gnutls_pkcs12_bag_set_friendly_name(gnutls_pkcs12_bag_t bag, - int indx, - const char *name); - +typedef enum gnutls_pkcs12_bag_type_t { + GNUTLS_BAG_EMPTY = 0, + GNUTLS_BAG_PKCS8_ENCRYPTED_KEY = 1, + GNUTLS_BAG_PKCS8_KEY = 2, + GNUTLS_BAG_CERTIFICATE = 3, + GNUTLS_BAG_CRL = 4, + GNUTLS_BAG_SECRET = 5, /* Secret data. Underspecified in pkcs-12, + * gnutls extension. We use the PKCS-9 + * random nonce ID 1.2.840.113549.1.9.25.3 + * to store randomly generated keys. + */ + GNUTLS_BAG_ENCRYPTED = 10, + GNUTLS_BAG_UNKNOWN = 20 +} gnutls_pkcs12_bag_type_t; + +gnutls_pkcs12_bag_type_t +gnutls_pkcs12_bag_get_type(gnutls_pkcs12_bag_t bag, int indx); +int gnutls_pkcs12_bag_get_data(gnutls_pkcs12_bag_t bag, int indx, + gnutls_datum_t * data); +int gnutls_pkcs12_bag_set_data(gnutls_pkcs12_bag_t bag, + gnutls_pkcs12_bag_type_t type, + const gnutls_datum_t * data); +int gnutls_pkcs12_bag_set_crl(gnutls_pkcs12_bag_t bag, + gnutls_x509_crl_t crl); +int gnutls_pkcs12_bag_set_crt(gnutls_pkcs12_bag_t bag, + gnutls_x509_crt_t crt); + +int gnutls_pkcs12_bag_init(gnutls_pkcs12_bag_t * bag); +void gnutls_pkcs12_bag_deinit(gnutls_pkcs12_bag_t bag); +int gnutls_pkcs12_bag_get_count(gnutls_pkcs12_bag_t bag); + +int gnutls_pkcs12_bag_get_key_id(gnutls_pkcs12_bag_t bag, int indx, + gnutls_datum_t * id); +int gnutls_pkcs12_bag_set_key_id(gnutls_pkcs12_bag_t bag, int indx, + const gnutls_datum_t * id); + +int gnutls_pkcs12_bag_get_friendly_name(gnutls_pkcs12_bag_t bag, + int indx, char **name); +int gnutls_pkcs12_bag_set_friendly_name(gnutls_pkcs12_bag_t bag, + int indx, const char *name); + +/* *INDENT-OFF* */ #ifdef __cplusplus } #endif +/* *INDENT-ON* */ #endif /* GNUTLS_PKCS12_H */ diff --git a/lib/includes/gnutls/tpm.h b/lib/includes/gnutls/tpm.h index cf2c0dd566..17becf33f3 100644 --- a/lib/includes/gnutls/tpm.h +++ b/lib/includes/gnutls/tpm.h @@ -26,12 +26,14 @@ #include <gnutls/gnutls.h> #include <gnutls/x509.h> +/* *INDENT-OFF* */ #ifdef __cplusplus extern "C" { #endif +/* *INDENT-ON* */ - struct tpm_key_list_st; - typedef struct tpm_key_list_st *gnutls_tpm_key_list_t; +struct tpm_key_list_st; +typedef struct tpm_key_list_st *gnutls_tpm_key_list_t; #define GNUTLS_TPM_KEY_SIGNING (1<<1) #define GNUTLS_TPM_REGISTER_KEY (1<<2) @@ -45,33 +47,33 @@ extern "C" { * * Enumeration of different certificate encoding formats. */ - typedef enum { - GNUTLS_TPMKEY_FMT_RAW = 0, - GNUTLS_TPMKEY_FMT_DER = GNUTLS_TPMKEY_FMT_RAW, - GNUTLS_TPMKEY_FMT_CTK_PEM = 1 - } gnutls_tpmkey_fmt_t; +typedef enum { + GNUTLS_TPMKEY_FMT_RAW = 0, + GNUTLS_TPMKEY_FMT_DER = GNUTLS_TPMKEY_FMT_RAW, + GNUTLS_TPMKEY_FMT_CTK_PEM = 1 +} gnutls_tpmkey_fmt_t; - int - gnutls_tpm_privkey_generate(gnutls_pk_algorithm_t pk, - unsigned int bits, - const char *srk_password, - const char *key_password, - gnutls_tpmkey_fmt_t format, - gnutls_x509_crt_fmt_t pub_format, - gnutls_datum_t * privkey, - gnutls_datum_t * pubkey, - unsigned int flags); +int +gnutls_tpm_privkey_generate(gnutls_pk_algorithm_t pk, + unsigned int bits, + const char *srk_password, + const char *key_password, + gnutls_tpmkey_fmt_t format, + gnutls_x509_crt_fmt_t pub_format, + gnutls_datum_t * privkey, + gnutls_datum_t * pubkey, unsigned int flags); - void gnutls_tpm_key_list_deinit(gnutls_tpm_key_list_t list); - int gnutls_tpm_key_list_get_url(gnutls_tpm_key_list_t list, - unsigned int idx, char **url, - unsigned int flags); - int gnutls_tpm_get_registered(gnutls_tpm_key_list_t * list); - int gnutls_tpm_privkey_delete(const char *url, - const char *srk_password); +void gnutls_tpm_key_list_deinit(gnutls_tpm_key_list_t list); +int gnutls_tpm_key_list_get_url(gnutls_tpm_key_list_t list, + unsigned int idx, char **url, + unsigned int flags); +int gnutls_tpm_get_registered(gnutls_tpm_key_list_t * list); +int gnutls_tpm_privkey_delete(const char *url, const char *srk_password); +/* *INDENT-OFF* */ #ifdef __cplusplus } #endif +/* *INDENT-ON* */ #endif diff --git a/lib/includes/gnutls/x509.h b/lib/includes/gnutls/x509.h index c06ff4735e..5176efd166 100644 --- a/lib/includes/gnutls/x509.h +++ b/lib/includes/gnutls/x509.h @@ -29,9 +29,11 @@ #include <gnutls/gnutls.h> +/* *INDENT-OFF* */ #ifdef __cplusplus extern "C" { #endif +/* *INDENT-ON* */ /* Some OIDs usually found in Distinguished names, or * in Subject Directory Attribute extensions. @@ -99,118 +101,108 @@ extern "C" { * * Enumeration of different certificate import flags. */ - typedef enum gnutls_certificate_import_flags { - GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED = 1, - GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED = 2 - } gnutls_certificate_import_flags; - - int gnutls_x509_crt_init(gnutls_x509_crt_t * cert); - void gnutls_x509_crt_deinit(gnutls_x509_crt_t cert); - int gnutls_x509_crt_import(gnutls_x509_crt_t cert, - const gnutls_datum_t * data, - gnutls_x509_crt_fmt_t format); - int gnutls_x509_crt_list_import2(gnutls_x509_crt_t ** certs, - unsigned int *size, - const gnutls_datum_t * data, - gnutls_x509_crt_fmt_t format, - unsigned int flags); - int gnutls_x509_crt_list_import(gnutls_x509_crt_t * certs, - unsigned int *cert_max, - const gnutls_datum_t * data, - gnutls_x509_crt_fmt_t format, - unsigned int flags); - int gnutls_x509_crt_export(gnutls_x509_crt_t cert, - gnutls_x509_crt_fmt_t format, - void *output_data, - size_t * output_data_size); - int gnutls_x509_crt_export2(gnutls_x509_crt_t cert, - gnutls_x509_crt_fmt_t format, - gnutls_datum_t * out); - int gnutls_x509_crt_get_private_key_usage_period(gnutls_x509_crt_t - cert, - time_t * - activation, - time_t * - expiration, - unsigned int - *critical); - - int gnutls_x509_crt_get_issuer_dn(gnutls_x509_crt_t cert, +typedef enum gnutls_certificate_import_flags { + GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED = 1, + GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED = 2 +} gnutls_certificate_import_flags; + +int gnutls_x509_crt_init(gnutls_x509_crt_t * cert); +void gnutls_x509_crt_deinit(gnutls_x509_crt_t cert); +int gnutls_x509_crt_import(gnutls_x509_crt_t cert, + const gnutls_datum_t * data, + gnutls_x509_crt_fmt_t format); +int gnutls_x509_crt_list_import2(gnutls_x509_crt_t ** certs, + unsigned int *size, + const gnutls_datum_t * data, + gnutls_x509_crt_fmt_t format, + unsigned int flags); +int gnutls_x509_crt_list_import(gnutls_x509_crt_t * certs, + unsigned int *cert_max, + const gnutls_datum_t * data, + gnutls_x509_crt_fmt_t format, + unsigned int flags); +int gnutls_x509_crt_export(gnutls_x509_crt_t cert, + gnutls_x509_crt_fmt_t format, + void *output_data, size_t * output_data_size); +int gnutls_x509_crt_export2(gnutls_x509_crt_t cert, + gnutls_x509_crt_fmt_t format, + gnutls_datum_t * out); +int gnutls_x509_crt_get_private_key_usage_period(gnutls_x509_crt_t + cert, + time_t * + activation, + time_t * + expiration, unsigned int + *critical); + +int gnutls_x509_crt_get_issuer_dn(gnutls_x509_crt_t cert, + char *buf, size_t * buf_size); +int gnutls_x509_crt_get_issuer_dn2(gnutls_x509_crt_t cert, + gnutls_datum_t * dn); +int gnutls_x509_crt_get_issuer_dn_oid(gnutls_x509_crt_t cert, + int indx, void *oid, + size_t * oid_size); +int gnutls_x509_crt_get_issuer_dn_by_oid(gnutls_x509_crt_t cert, + const char *oid, int indx, + unsigned int raw_flag, + void *buf, size_t * buf_size); +int gnutls_x509_crt_get_dn(gnutls_x509_crt_t cert, char *buf, + size_t * buf_size); +int gnutls_x509_crt_get_dn2(gnutls_x509_crt_t cert, gnutls_datum_t * dn); +int gnutls_x509_crt_get_dn_oid(gnutls_x509_crt_t cert, int indx, + void *oid, size_t * oid_size); +int gnutls_x509_crt_get_dn_by_oid(gnutls_x509_crt_t cert, + const char *oid, int indx, + unsigned int raw_flag, void *buf, + size_t * buf_size); +int gnutls_x509_crt_check_hostname(gnutls_x509_crt_t cert, + const char *hostname); + +int gnutls_x509_crt_get_signature_algorithm(gnutls_x509_crt_t cert); +int gnutls_x509_crt_get_signature(gnutls_x509_crt_t cert, + char *sig, size_t * sizeof_sig); +int gnutls_x509_crt_get_version(gnutls_x509_crt_t cert); +int gnutls_x509_crt_get_key_id(gnutls_x509_crt_t crt, + unsigned int flags, + unsigned char *output_data, + size_t * output_data_size); + +int gnutls_x509_crt_set_private_key_usage_period(gnutls_x509_crt_t + crt, + time_t activation, + time_t expiration); +int gnutls_x509_crt_set_authority_key_id(gnutls_x509_crt_t cert, + const void *id, size_t id_size); +int gnutls_x509_crt_get_authority_key_id(gnutls_x509_crt_t cert, + void *id, + size_t * id_size, + unsigned int *critical); +int gnutls_x509_crt_get_authority_key_gn_serial(gnutls_x509_crt_t + cert, + unsigned int seq, + void *alt, + size_t * alt_size, + unsigned int + *alt_type, + void *serial, + size_t * + serial_size, unsigned int + *critical); + +int gnutls_x509_crt_get_subject_key_id(gnutls_x509_crt_t cert, + void *ret, + size_t * ret_size, + unsigned int *critical); + +int gnutls_x509_crt_get_subject_unique_id(gnutls_x509_crt_t crt, char *buf, size_t * buf_size); - int gnutls_x509_crt_get_issuer_dn2(gnutls_x509_crt_t cert, - gnutls_datum_t * dn); - int gnutls_x509_crt_get_issuer_dn_oid(gnutls_x509_crt_t cert, - int indx, void *oid, - size_t * oid_size); - int gnutls_x509_crt_get_issuer_dn_by_oid(gnutls_x509_crt_t cert, - const char *oid, int indx, - unsigned int raw_flag, - void *buf, - size_t * buf_size); - int gnutls_x509_crt_get_dn(gnutls_x509_crt_t cert, char *buf, - size_t * buf_size); - int gnutls_x509_crt_get_dn2(gnutls_x509_crt_t cert, - gnutls_datum_t * dn); - int gnutls_x509_crt_get_dn_oid(gnutls_x509_crt_t cert, int indx, - void *oid, size_t * oid_size); - int gnutls_x509_crt_get_dn_by_oid(gnutls_x509_crt_t cert, - const char *oid, int indx, - unsigned int raw_flag, void *buf, - size_t * buf_size); - int gnutls_x509_crt_check_hostname(gnutls_x509_crt_t cert, - const char *hostname); - - int gnutls_x509_crt_get_signature_algorithm(gnutls_x509_crt_t - cert); - int gnutls_x509_crt_get_signature(gnutls_x509_crt_t cert, - char *sig, size_t * sizeof_sig); - int gnutls_x509_crt_get_version(gnutls_x509_crt_t cert); - int gnutls_x509_crt_get_key_id(gnutls_x509_crt_t crt, - unsigned int flags, - unsigned char *output_data, - size_t * output_data_size); - - int gnutls_x509_crt_set_private_key_usage_period(gnutls_x509_crt_t - crt, - time_t activation, - time_t - expiration); - int gnutls_x509_crt_set_authority_key_id(gnutls_x509_crt_t cert, - const void *id, - size_t id_size); - int gnutls_x509_crt_get_authority_key_id(gnutls_x509_crt_t cert, - void *id, - size_t * id_size, - unsigned int *critical); - int gnutls_x509_crt_get_authority_key_gn_serial(gnutls_x509_crt_t - cert, - unsigned int seq, - void *alt, - size_t * alt_size, - unsigned int - *alt_type, - void *serial, - size_t * - serial_size, - unsigned int - *critical); - - int gnutls_x509_crt_get_subject_key_id(gnutls_x509_crt_t cert, - void *ret, - size_t * ret_size, - unsigned int *critical); - - int gnutls_x509_crt_get_subject_unique_id(gnutls_x509_crt_t crt, - char *buf, - size_t * buf_size); - - int gnutls_x509_crt_get_issuer_unique_id(gnutls_x509_crt_t crt, - char *buf, - size_t * buf_size); - - void gnutls_x509_crt_set_pin_function(gnutls_x509_crt_t crt, - gnutls_pin_callback_t fn, - void *userdata); + +int gnutls_x509_crt_get_issuer_unique_id(gnutls_x509_crt_t crt, + char *buf, size_t * buf_size); + +void gnutls_x509_crt_set_pin_function(gnutls_x509_crt_t crt, + gnutls_pin_callback_t fn, + void *userdata); /** * gnutls_info_access_what_t: @@ -223,24 +215,23 @@ extern "C" { * Enumeration of types for the @what parameter of * gnutls_x509_crt_get_authority_info_access(). */ - typedef enum gnutls_info_access_what_t { - GNUTLS_IA_ACCESSMETHOD_OID = 1, - GNUTLS_IA_ACCESSLOCATION_GENERALNAME_TYPE = 2, - /* use 100-108 for the generalName types, populate as needed */ - GNUTLS_IA_URI = 106, - /* quick-access variants that match both OID and name type. */ - GNUTLS_IA_OCSP_URI = 10006, - GNUTLS_IA_CAISSUERS_URI = 10106 - } gnutls_info_access_what_t; - - int gnutls_x509_crt_get_authority_info_access(gnutls_x509_crt_t - crt, - unsigned int seq, - int what, - gnutls_datum_t * - data, - unsigned int - *critical); +typedef enum gnutls_info_access_what_t { + GNUTLS_IA_ACCESSMETHOD_OID = 1, + GNUTLS_IA_ACCESSLOCATION_GENERALNAME_TYPE = 2, + /* use 100-108 for the generalName types, populate as needed */ + GNUTLS_IA_URI = 106, + /* quick-access variants that match both OID and name type. */ + GNUTLS_IA_OCSP_URI = 10006, + GNUTLS_IA_CAISSUERS_URI = 10106 +} gnutls_info_access_what_t; + +int gnutls_x509_crt_get_authority_info_access(gnutls_x509_crt_t + crt, + unsigned int seq, + int what, + gnutls_datum_t * + data, unsigned int + *critical); #define GNUTLS_CRL_REASON_SUPERSEEDED GNUTLS_CRL_REASON_SUPERSEDED, /** @@ -257,125 +248,117 @@ extern "C" { * * Enumeration of types for the CRL revocation reasons. */ - typedef enum gnutls_x509_crl_reason_flags_t { - GNUTLS_CRL_REASON_UNSPECIFIED = 0, - GNUTLS_CRL_REASON_PRIVILEGE_WITHDRAWN = 1, - GNUTLS_CRL_REASON_CERTIFICATE_HOLD = 2, - GNUTLS_CRL_REASON_CESSATION_OF_OPERATION = 4, - GNUTLS_CRL_REASON_SUPERSEDED = 8, - GNUTLS_CRL_REASON_AFFILIATION_CHANGED = 16, - GNUTLS_CRL_REASON_CA_COMPROMISE = 32, - GNUTLS_CRL_REASON_KEY_COMPROMISE = 64, - GNUTLS_CRL_REASON_UNUSED = 128, - GNUTLS_CRL_REASON_AA_COMPROMISE = 32768 - } gnutls_x509_crl_reason_flags_t; - - int gnutls_x509_crt_get_crl_dist_points(gnutls_x509_crt_t cert, - unsigned int seq, - void *ret, - size_t * ret_size, - unsigned int *reason_flags, - unsigned int *critical); - int gnutls_x509_crt_set_crl_dist_points2(gnutls_x509_crt_t crt, - gnutls_x509_subject_alt_name_t - type, const void *data, - unsigned int data_size, - unsigned int - reason_flags); - int gnutls_x509_crt_set_crl_dist_points(gnutls_x509_crt_t crt, - gnutls_x509_subject_alt_name_t - type, - const void *data_string, - unsigned int reason_flags); - int gnutls_x509_crt_cpy_crl_dist_points(gnutls_x509_crt_t dst, - gnutls_x509_crt_t src); - - int gnutls_x509_crl_sign2(gnutls_x509_crl_t crl, - gnutls_x509_crt_t issuer, - gnutls_x509_privkey_t issuer_key, - gnutls_digest_algorithm_t dig, - unsigned int flags); - - time_t gnutls_x509_crt_get_activation_time(gnutls_x509_crt_t cert); - time_t gnutls_x509_crt_get_expiration_time(gnutls_x509_crt_t cert); - int gnutls_x509_crt_get_serial(gnutls_x509_crt_t cert, - void *result, size_t * result_size); - - int gnutls_x509_crt_get_pk_algorithm(gnutls_x509_crt_t cert, - unsigned int *bits); - int gnutls_x509_crt_get_pk_rsa_raw(gnutls_x509_crt_t crt, - gnutls_datum_t * m, - gnutls_datum_t * e); - int gnutls_x509_crt_get_pk_dsa_raw(gnutls_x509_crt_t crt, - gnutls_datum_t * p, - gnutls_datum_t * q, - gnutls_datum_t * g, - gnutls_datum_t * y); - - int gnutls_x509_crt_get_subject_alt_name(gnutls_x509_crt_t cert, - unsigned int seq, - void *san, - size_t * san_size, - unsigned int *critical); - int gnutls_x509_crt_get_subject_alt_name2(gnutls_x509_crt_t cert, +typedef enum gnutls_x509_crl_reason_flags_t { + GNUTLS_CRL_REASON_UNSPECIFIED = 0, + GNUTLS_CRL_REASON_PRIVILEGE_WITHDRAWN = 1, + GNUTLS_CRL_REASON_CERTIFICATE_HOLD = 2, + GNUTLS_CRL_REASON_CESSATION_OF_OPERATION = 4, + GNUTLS_CRL_REASON_SUPERSEDED = 8, + GNUTLS_CRL_REASON_AFFILIATION_CHANGED = 16, + GNUTLS_CRL_REASON_CA_COMPROMISE = 32, + GNUTLS_CRL_REASON_KEY_COMPROMISE = 64, + GNUTLS_CRL_REASON_UNUSED = 128, + GNUTLS_CRL_REASON_AA_COMPROMISE = 32768 +} gnutls_x509_crl_reason_flags_t; + +int gnutls_x509_crt_get_crl_dist_points(gnutls_x509_crt_t cert, + unsigned int seq, + void *ret, + size_t * ret_size, + unsigned int *reason_flags, + unsigned int *critical); +int gnutls_x509_crt_set_crl_dist_points2(gnutls_x509_crt_t crt, + gnutls_x509_subject_alt_name_t + type, const void *data, + unsigned int data_size, + unsigned int reason_flags); +int gnutls_x509_crt_set_crl_dist_points(gnutls_x509_crt_t crt, + gnutls_x509_subject_alt_name_t + type, + const void *data_string, + unsigned int reason_flags); +int gnutls_x509_crt_cpy_crl_dist_points(gnutls_x509_crt_t dst, + gnutls_x509_crt_t src); + +int gnutls_x509_crl_sign2(gnutls_x509_crl_t crl, + gnutls_x509_crt_t issuer, + gnutls_x509_privkey_t issuer_key, + gnutls_digest_algorithm_t dig, + unsigned int flags); + +time_t gnutls_x509_crt_get_activation_time(gnutls_x509_crt_t cert); +time_t gnutls_x509_crt_get_expiration_time(gnutls_x509_crt_t cert); +int gnutls_x509_crt_get_serial(gnutls_x509_crt_t cert, + void *result, size_t * result_size); + +int gnutls_x509_crt_get_pk_algorithm(gnutls_x509_crt_t cert, + unsigned int *bits); +int gnutls_x509_crt_get_pk_rsa_raw(gnutls_x509_crt_t crt, + gnutls_datum_t * m, gnutls_datum_t * e); +int gnutls_x509_crt_get_pk_dsa_raw(gnutls_x509_crt_t crt, + gnutls_datum_t * p, + gnutls_datum_t * q, + gnutls_datum_t * g, gnutls_datum_t * y); + +int gnutls_x509_crt_get_subject_alt_name(gnutls_x509_crt_t cert, + unsigned int seq, + void *san, + size_t * san_size, + unsigned int *critical); +int gnutls_x509_crt_get_subject_alt_name2(gnutls_x509_crt_t cert, + unsigned int seq, + void *san, + size_t * san_size, + unsigned int *san_type, + unsigned int *critical); + +int gnutls_x509_crt_get_subject_alt_othername_oid(gnutls_x509_crt_t + cert, unsigned int seq, - void *san, - size_t * san_size, - unsigned int *san_type, - unsigned int *critical); - - int gnutls_x509_crt_get_subject_alt_othername_oid(gnutls_x509_crt_t - cert, - unsigned int seq, - void *oid, - size_t * - oid_size); - - int gnutls_x509_crt_get_issuer_alt_name(gnutls_x509_crt_t cert, - unsigned int seq, - void *ian, - size_t * ian_size, - unsigned int *critical); - int gnutls_x509_crt_get_issuer_alt_name2(gnutls_x509_crt_t cert, + void *oid, + size_t * oid_size); + +int gnutls_x509_crt_get_issuer_alt_name(gnutls_x509_crt_t cert, + unsigned int seq, + void *ian, + size_t * ian_size, + unsigned int *critical); +int gnutls_x509_crt_get_issuer_alt_name2(gnutls_x509_crt_t cert, + unsigned int seq, + void *ian, + size_t * ian_size, + unsigned int *ian_type, + unsigned int *critical); + +int gnutls_x509_crt_get_issuer_alt_othername_oid(gnutls_x509_crt_t + cert, unsigned int seq, - void *ian, - size_t * ian_size, - unsigned int *ian_type, - unsigned int *critical); - - int gnutls_x509_crt_get_issuer_alt_othername_oid(gnutls_x509_crt_t - cert, - unsigned int seq, - void *ret, - size_t * - ret_size); - - int gnutls_x509_crt_get_ca_status(gnutls_x509_crt_t cert, - unsigned int *critical); - int gnutls_x509_crt_get_basic_constraints(gnutls_x509_crt_t cert, - unsigned int *critical, - unsigned int *ca, - int *pathlen); + void *ret, + size_t * ret_size); + +int gnutls_x509_crt_get_ca_status(gnutls_x509_crt_t cert, + unsigned int *critical); +int gnutls_x509_crt_get_basic_constraints(gnutls_x509_crt_t cert, + unsigned int *critical, + unsigned int *ca, int *pathlen); /* The key_usage flags are defined in gnutls.h. They are the * GNUTLS_KEY_* definitions. */ - int gnutls_x509_crt_get_key_usage(gnutls_x509_crt_t cert, - unsigned int *key_usage, - unsigned int *critical); - int gnutls_x509_crt_set_key_usage(gnutls_x509_crt_t crt, - unsigned int usage); - int gnutls_x509_crt_set_authority_info_access(gnutls_x509_crt_t - crt, int what, - gnutls_datum_t * - data); - - int gnutls_x509_crt_get_proxy(gnutls_x509_crt_t cert, - unsigned int *critical, - int *pathlen, - char **policyLanguage, - char **policy, - size_t * sizeof_policy); +int gnutls_x509_crt_get_key_usage(gnutls_x509_crt_t cert, + unsigned int *key_usage, + unsigned int *critical); +int gnutls_x509_crt_set_key_usage(gnutls_x509_crt_t crt, + unsigned int usage); +int gnutls_x509_crt_set_authority_info_access(gnutls_x509_crt_t + crt, int what, + gnutls_datum_t * data); + +int gnutls_x509_crt_get_proxy(gnutls_x509_crt_t cert, + unsigned int *critical, + int *pathlen, + char **policyLanguage, + char **policy, size_t * sizeof_policy); #define GNUTLS_MAX_QUALIFIERS 8 @@ -387,349 +370,325 @@ extern "C" { * * Enumeration of types for the X.509 qualifiers, of the certificate policy extension. */ - typedef enum gnutls_x509_qualifier_t { - GNUTLS_X509_QUALIFIER_UNKNOWN = - 0, GNUTLS_X509_QUALIFIER_URI, - GNUTLS_X509_QUALIFIER_NOTICE - } gnutls_x509_qualifier_t; - - typedef struct gnutls_x509_policy_st { - char *oid; - unsigned int qualifiers; - struct { - gnutls_x509_qualifier_t type; - char *data; - unsigned int size; - } qualifier[GNUTLS_MAX_QUALIFIERS]; - } gnutls_x509_policy_st; - - void gnutls_x509_policy_release(struct gnutls_x509_policy_st - *policy); - int gnutls_x509_crt_get_policy(gnutls_x509_crt_t crt, int indx, - struct gnutls_x509_policy_st - *policy, unsigned int *critical); - int gnutls_x509_crt_set_policy(gnutls_x509_crt_t crt, - struct gnutls_x509_policy_st - *policy, unsigned int critical); - - int gnutls_x509_dn_oid_known(const char *oid); +typedef enum gnutls_x509_qualifier_t { + GNUTLS_X509_QUALIFIER_UNKNOWN = 0, GNUTLS_X509_QUALIFIER_URI, + GNUTLS_X509_QUALIFIER_NOTICE +} gnutls_x509_qualifier_t; + +typedef struct gnutls_x509_policy_st { + char *oid; + unsigned int qualifiers; + struct { + gnutls_x509_qualifier_t type; + char *data; + unsigned int size; + } qualifier[GNUTLS_MAX_QUALIFIERS]; +} gnutls_x509_policy_st; + +void gnutls_x509_policy_release(struct gnutls_x509_policy_st + *policy); +int gnutls_x509_crt_get_policy(gnutls_x509_crt_t crt, int indx, struct gnutls_x509_policy_st + *policy, unsigned int *critical); +int gnutls_x509_crt_set_policy(gnutls_x509_crt_t crt, struct gnutls_x509_policy_st + *policy, unsigned int critical); + +int gnutls_x509_dn_oid_known(const char *oid); #define GNUTLS_X509_DN_OID_RETURN_OID 1 - const char *gnutls_x509_dn_oid_name(const char *oid, - unsigned int flags); +const char *gnutls_x509_dn_oid_name(const char *oid, unsigned int flags); /* Read extensions by OID. */ - int gnutls_x509_crt_get_extension_oid(gnutls_x509_crt_t cert, - int indx, void *oid, - size_t * oid_size); - int gnutls_x509_crt_get_extension_by_oid(gnutls_x509_crt_t cert, - const char *oid, int indx, - void *buf, - size_t * buf_size, - unsigned int *critical); +int gnutls_x509_crt_get_extension_oid(gnutls_x509_crt_t cert, + int indx, void *oid, + size_t * oid_size); +int gnutls_x509_crt_get_extension_by_oid(gnutls_x509_crt_t cert, + const char *oid, int indx, + void *buf, + size_t * buf_size, + unsigned int *critical); /* Read extensions by sequence number. */ - int gnutls_x509_crt_get_extension_info(gnutls_x509_crt_t cert, - int indx, void *oid, - size_t * oid_size, - unsigned int *critical); - int gnutls_x509_crt_get_extension_data(gnutls_x509_crt_t cert, - int indx, void *data, - size_t * sizeof_data); - - int gnutls_x509_crt_set_extension_by_oid(gnutls_x509_crt_t crt, - const char *oid, - const void *buf, - size_t sizeof_buf, - unsigned int critical); +int gnutls_x509_crt_get_extension_info(gnutls_x509_crt_t cert, + int indx, void *oid, + size_t * oid_size, + unsigned int *critical); +int gnutls_x509_crt_get_extension_data(gnutls_x509_crt_t cert, + int indx, void *data, + size_t * sizeof_data); + +int gnutls_x509_crt_set_extension_by_oid(gnutls_x509_crt_t crt, + const char *oid, + const void *buf, + size_t sizeof_buf, + unsigned int critical); /* X.509 Certificate writing. */ - int gnutls_x509_crt_set_dn(gnutls_x509_crt_t crt, const char *dn, - const char **err); - - int gnutls_x509_crt_set_dn_by_oid(gnutls_x509_crt_t crt, - const char *oid, - unsigned int raw_flag, - const void *name, - unsigned int sizeof_name); - int gnutls_x509_crt_set_issuer_dn_by_oid(gnutls_x509_crt_t crt, - const char *oid, - unsigned int raw_flag, - const void *name, - unsigned int sizeof_name); - int gnutls_x509_crt_set_issuer_dn(gnutls_x509_crt_t crt, - const char *dn, - const char **err); - - int gnutls_x509_crt_set_version(gnutls_x509_crt_t crt, - unsigned int version); - int gnutls_x509_crt_set_key(gnutls_x509_crt_t crt, - gnutls_x509_privkey_t key); - int gnutls_x509_crt_set_ca_status(gnutls_x509_crt_t crt, - unsigned int ca); - int gnutls_x509_crt_set_basic_constraints(gnutls_x509_crt_t crt, - unsigned int ca, - int pathLenConstraint); - int gnutls_x509_crt_set_subject_alternative_name(gnutls_x509_crt_t - crt, - gnutls_x509_subject_alt_name_t - type, - const char - *data_string); - int gnutls_x509_crt_set_subject_alt_name(gnutls_x509_crt_t crt, - gnutls_x509_subject_alt_name_t - type, const void *data, - unsigned int data_size, - unsigned int flags); - int gnutls_x509_crt_sign(gnutls_x509_crt_t crt, - gnutls_x509_crt_t issuer, - gnutls_x509_privkey_t issuer_key); - int gnutls_x509_crt_sign2(gnutls_x509_crt_t crt, - gnutls_x509_crt_t issuer, - gnutls_x509_privkey_t issuer_key, - gnutls_digest_algorithm_t dig, - unsigned int flags); - int gnutls_x509_crt_set_activation_time(gnutls_x509_crt_t cert, - time_t act_time); - int gnutls_x509_crt_set_expiration_time(gnutls_x509_crt_t cert, - time_t exp_time); - int gnutls_x509_crt_set_serial(gnutls_x509_crt_t cert, - const void *serial, - size_t serial_size); - - int gnutls_x509_crt_set_subject_key_id(gnutls_x509_crt_t cert, - const void *id, - size_t id_size); - - int gnutls_x509_crt_set_proxy_dn(gnutls_x509_crt_t crt, - gnutls_x509_crt_t eecrt, +int gnutls_x509_crt_set_dn(gnutls_x509_crt_t crt, const char *dn, + const char **err); + +int gnutls_x509_crt_set_dn_by_oid(gnutls_x509_crt_t crt, + const char *oid, + unsigned int raw_flag, + const void *name, + unsigned int sizeof_name); +int gnutls_x509_crt_set_issuer_dn_by_oid(gnutls_x509_crt_t crt, + const char *oid, unsigned int raw_flag, const void *name, unsigned int sizeof_name); - int gnutls_x509_crt_set_proxy(gnutls_x509_crt_t crt, - int pathLenConstraint, - const char *policyLanguage, - const char *policy, - size_t sizeof_policy); - - int gnutls_x509_crt_print(gnutls_x509_crt_t cert, - gnutls_certificate_print_formats_t - format, gnutls_datum_t * out); - int gnutls_x509_crl_print(gnutls_x509_crl_t crl, - gnutls_certificate_print_formats_t - format, gnutls_datum_t * out); +int gnutls_x509_crt_set_issuer_dn(gnutls_x509_crt_t crt, + const char *dn, const char **err); + +int gnutls_x509_crt_set_version(gnutls_x509_crt_t crt, + unsigned int version); +int gnutls_x509_crt_set_key(gnutls_x509_crt_t crt, + gnutls_x509_privkey_t key); +int gnutls_x509_crt_set_ca_status(gnutls_x509_crt_t crt, unsigned int ca); +int gnutls_x509_crt_set_basic_constraints(gnutls_x509_crt_t crt, + unsigned int ca, + int pathLenConstraint); +int gnutls_x509_crt_set_subject_alternative_name(gnutls_x509_crt_t + crt, + gnutls_x509_subject_alt_name_t + type, const char + *data_string); +int gnutls_x509_crt_set_subject_alt_name(gnutls_x509_crt_t crt, + gnutls_x509_subject_alt_name_t + type, const void *data, + unsigned int data_size, + unsigned int flags); +int gnutls_x509_crt_sign(gnutls_x509_crt_t crt, + gnutls_x509_crt_t issuer, + gnutls_x509_privkey_t issuer_key); +int gnutls_x509_crt_sign2(gnutls_x509_crt_t crt, + gnutls_x509_crt_t issuer, + gnutls_x509_privkey_t issuer_key, + gnutls_digest_algorithm_t dig, + unsigned int flags); +int gnutls_x509_crt_set_activation_time(gnutls_x509_crt_t cert, + time_t act_time); +int gnutls_x509_crt_set_expiration_time(gnutls_x509_crt_t cert, + time_t exp_time); +int gnutls_x509_crt_set_serial(gnutls_x509_crt_t cert, + const void *serial, size_t serial_size); + +int gnutls_x509_crt_set_subject_key_id(gnutls_x509_crt_t cert, + const void *id, size_t id_size); + +int gnutls_x509_crt_set_proxy_dn(gnutls_x509_crt_t crt, + gnutls_x509_crt_t eecrt, + unsigned int raw_flag, + const void *name, + unsigned int sizeof_name); +int gnutls_x509_crt_set_proxy(gnutls_x509_crt_t crt, + int pathLenConstraint, + const char *policyLanguage, + const char *policy, size_t sizeof_policy); + +int gnutls_x509_crt_print(gnutls_x509_crt_t cert, + gnutls_certificate_print_formats_t + format, gnutls_datum_t * out); +int gnutls_x509_crl_print(gnutls_x509_crl_t crl, + gnutls_certificate_print_formats_t + format, gnutls_datum_t * out); /* Access to internal Certificate fields. */ - int gnutls_x509_crt_get_raw_issuer_dn(gnutls_x509_crt_t cert, - gnutls_datum_t * start); - int gnutls_x509_crt_get_raw_dn(gnutls_x509_crt_t cert, - gnutls_datum_t * start); +int gnutls_x509_crt_get_raw_issuer_dn(gnutls_x509_crt_t cert, + gnutls_datum_t * start); +int gnutls_x509_crt_get_raw_dn(gnutls_x509_crt_t cert, + gnutls_datum_t * start); /* RDN handling. */ - int gnutls_x509_rdn_get(const gnutls_datum_t * idn, - char *buf, size_t * sizeof_buf); - int gnutls_x509_rdn_get_oid(const gnutls_datum_t * idn, - int indx, void *buf, - size_t * sizeof_buf); +int gnutls_x509_rdn_get(const gnutls_datum_t * idn, + char *buf, size_t * sizeof_buf); +int gnutls_x509_rdn_get_oid(const gnutls_datum_t * idn, + int indx, void *buf, size_t * sizeof_buf); - int gnutls_x509_rdn_get_by_oid(const gnutls_datum_t * idn, - const char *oid, int indx, - unsigned int raw_flag, void *buf, - size_t * sizeof_buf); +int gnutls_x509_rdn_get_by_oid(const gnutls_datum_t * idn, + const char *oid, int indx, + unsigned int raw_flag, void *buf, + size_t * sizeof_buf); - typedef void *gnutls_x509_dn_t; +typedef void *gnutls_x509_dn_t; - typedef struct gnutls_x509_ava_st { - gnutls_datum_t oid; - gnutls_datum_t value; - unsigned long value_tag; - } gnutls_x509_ava_st; +typedef struct gnutls_x509_ava_st { + gnutls_datum_t oid; + gnutls_datum_t value; + unsigned long value_tag; +} gnutls_x509_ava_st; - int gnutls_x509_crt_get_subject(gnutls_x509_crt_t cert, - gnutls_x509_dn_t * dn); - int gnutls_x509_crt_get_issuer(gnutls_x509_crt_t cert, - gnutls_x509_dn_t * dn); - int gnutls_x509_dn_get_rdn_ava(gnutls_x509_dn_t dn, int irdn, - int iava, gnutls_x509_ava_st * ava); +int gnutls_x509_crt_get_subject(gnutls_x509_crt_t cert, + gnutls_x509_dn_t * dn); +int gnutls_x509_crt_get_issuer(gnutls_x509_crt_t cert, + gnutls_x509_dn_t * dn); +int gnutls_x509_dn_get_rdn_ava(gnutls_x509_dn_t dn, int irdn, + int iava, gnutls_x509_ava_st * ava); - int gnutls_x509_dn_init(gnutls_x509_dn_t * dn); +int gnutls_x509_dn_init(gnutls_x509_dn_t * dn); - int gnutls_x509_dn_import(gnutls_x509_dn_t dn, - const gnutls_datum_t * data); +int gnutls_x509_dn_import(gnutls_x509_dn_t dn, + const gnutls_datum_t * data); - int gnutls_x509_dn_export(gnutls_x509_dn_t dn, - gnutls_x509_crt_fmt_t format, - void *output_data, - size_t * output_data_size); - int gnutls_x509_dn_export2(gnutls_x509_dn_t dn, - gnutls_x509_crt_fmt_t format, - gnutls_datum_t * out); +int gnutls_x509_dn_export(gnutls_x509_dn_t dn, + gnutls_x509_crt_fmt_t format, + void *output_data, size_t * output_data_size); +int gnutls_x509_dn_export2(gnutls_x509_dn_t dn, + gnutls_x509_crt_fmt_t format, + gnutls_datum_t * out); - void gnutls_x509_dn_deinit(gnutls_x509_dn_t dn); +void gnutls_x509_dn_deinit(gnutls_x509_dn_t dn); /* CRL handling functions. */ - int gnutls_x509_crl_init(gnutls_x509_crl_t * crl); - void gnutls_x509_crl_deinit(gnutls_x509_crl_t crl); - - int gnutls_x509_crl_import(gnutls_x509_crl_t crl, - const gnutls_datum_t * data, - gnutls_x509_crt_fmt_t format); - int gnutls_x509_crl_export(gnutls_x509_crl_t crl, - gnutls_x509_crt_fmt_t format, - void *output_data, - size_t * output_data_size); - int gnutls_x509_crl_export2(gnutls_x509_crl_t crl, - gnutls_x509_crt_fmt_t format, - gnutls_datum_t * out); - - int - gnutls_x509_crl_get_raw_issuer_dn(gnutls_x509_crl_t crl, - gnutls_datum_t * dn); - - int gnutls_x509_crl_get_issuer_dn(gnutls_x509_crl_t crl, - char *buf, size_t * sizeof_buf); - int gnutls_x509_crl_get_issuer_dn2(gnutls_x509_crl_t crl, - gnutls_datum_t * dn); - int gnutls_x509_crl_get_issuer_dn_by_oid(gnutls_x509_crl_t crl, - const char *oid, int indx, - unsigned int raw_flag, - void *buf, - size_t * sizeof_buf); - int gnutls_x509_crl_get_dn_oid(gnutls_x509_crl_t crl, int indx, - void *oid, size_t * sizeof_oid); - - int gnutls_x509_crl_get_signature_algorithm(gnutls_x509_crl_t crl); - int gnutls_x509_crl_get_signature(gnutls_x509_crl_t crl, - char *sig, size_t * sizeof_sig); - int gnutls_x509_crl_get_version(gnutls_x509_crl_t crl); - - time_t gnutls_x509_crl_get_this_update(gnutls_x509_crl_t crl); - time_t gnutls_x509_crl_get_next_update(gnutls_x509_crl_t crl); - - int gnutls_x509_crl_get_crt_count(gnutls_x509_crl_t crl); - int gnutls_x509_crl_get_crt_serial(gnutls_x509_crl_t crl, int indx, - unsigned char *serial, - size_t * serial_size, - time_t * t); +int gnutls_x509_crl_init(gnutls_x509_crl_t * crl); +void gnutls_x509_crl_deinit(gnutls_x509_crl_t crl); + +int gnutls_x509_crl_import(gnutls_x509_crl_t crl, + const gnutls_datum_t * data, + gnutls_x509_crt_fmt_t format); +int gnutls_x509_crl_export(gnutls_x509_crl_t crl, + gnutls_x509_crt_fmt_t format, + void *output_data, size_t * output_data_size); +int gnutls_x509_crl_export2(gnutls_x509_crl_t crl, + gnutls_x509_crt_fmt_t format, + gnutls_datum_t * out); + +int +gnutls_x509_crl_get_raw_issuer_dn(gnutls_x509_crl_t crl, + gnutls_datum_t * dn); + +int gnutls_x509_crl_get_issuer_dn(gnutls_x509_crl_t crl, + char *buf, size_t * sizeof_buf); +int gnutls_x509_crl_get_issuer_dn2(gnutls_x509_crl_t crl, + gnutls_datum_t * dn); +int gnutls_x509_crl_get_issuer_dn_by_oid(gnutls_x509_crl_t crl, + const char *oid, int indx, + unsigned int raw_flag, + void *buf, size_t * sizeof_buf); +int gnutls_x509_crl_get_dn_oid(gnutls_x509_crl_t crl, int indx, + void *oid, size_t * sizeof_oid); + +int gnutls_x509_crl_get_signature_algorithm(gnutls_x509_crl_t crl); +int gnutls_x509_crl_get_signature(gnutls_x509_crl_t crl, + char *sig, size_t * sizeof_sig); +int gnutls_x509_crl_get_version(gnutls_x509_crl_t crl); + +time_t gnutls_x509_crl_get_this_update(gnutls_x509_crl_t crl); +time_t gnutls_x509_crl_get_next_update(gnutls_x509_crl_t crl); + +int gnutls_x509_crl_get_crt_count(gnutls_x509_crl_t crl); +int gnutls_x509_crl_get_crt_serial(gnutls_x509_crl_t crl, int indx, + unsigned char *serial, + size_t * serial_size, time_t * t); #define gnutls_x509_crl_get_certificate_count gnutls_x509_crl_get_crt_count #define gnutls_x509_crl_get_certificate gnutls_x509_crl_get_crt_serial - int gnutls_x509_crl_check_issuer(gnutls_x509_crl_t crl, - gnutls_x509_crt_t issuer); +int gnutls_x509_crl_check_issuer(gnutls_x509_crl_t crl, + gnutls_x509_crt_t issuer); - int gnutls_x509_crl_list_import2(gnutls_x509_crl_t ** crls, - unsigned int *size, - const gnutls_datum_t * data, - gnutls_x509_crt_fmt_t format, - unsigned int flags); +int gnutls_x509_crl_list_import2(gnutls_x509_crl_t ** crls, + unsigned int *size, + const gnutls_datum_t * data, + gnutls_x509_crt_fmt_t format, + unsigned int flags); - int gnutls_x509_crl_list_import(gnutls_x509_crl_t * crls, - unsigned int *crl_max, - const gnutls_datum_t * data, - gnutls_x509_crt_fmt_t format, - unsigned int flags); +int gnutls_x509_crl_list_import(gnutls_x509_crl_t * crls, + unsigned int *crl_max, + const gnutls_datum_t * data, + gnutls_x509_crt_fmt_t format, + unsigned int flags); /* CRL writing. */ - int gnutls_x509_crl_set_version(gnutls_x509_crl_t crl, - unsigned int version); - int gnutls_x509_crl_set_this_update(gnutls_x509_crl_t crl, - time_t act_time); - int gnutls_x509_crl_set_next_update(gnutls_x509_crl_t crl, - time_t exp_time); - int gnutls_x509_crl_set_crt_serial(gnutls_x509_crl_t crl, - const void *serial, - size_t serial_size, - time_t revocation_time); - int gnutls_x509_crl_set_crt(gnutls_x509_crl_t crl, - gnutls_x509_crt_t crt, - time_t revocation_time); - - int gnutls_x509_crl_get_authority_key_id(gnutls_x509_crl_t crl, - void *id, - size_t * id_size, - unsigned int *critical); - int gnutls_x509_crl_get_authority_key_gn_serial(gnutls_x509_crl_t - crl, - unsigned int seq, - void *alt, - size_t * alt_size, - unsigned int - *alt_type, - void *serial, - size_t * - serial_size, - unsigned int - *critical); - - int gnutls_x509_crl_get_number(gnutls_x509_crl_t crl, void *ret, - size_t * ret_size, +int gnutls_x509_crl_set_version(gnutls_x509_crl_t crl, + unsigned int version); +int gnutls_x509_crl_set_this_update(gnutls_x509_crl_t crl, + time_t act_time); +int gnutls_x509_crl_set_next_update(gnutls_x509_crl_t crl, + time_t exp_time); +int gnutls_x509_crl_set_crt_serial(gnutls_x509_crl_t crl, + const void *serial, + size_t serial_size, + time_t revocation_time); +int gnutls_x509_crl_set_crt(gnutls_x509_crl_t crl, + gnutls_x509_crt_t crt, time_t revocation_time); + +int gnutls_x509_crl_get_authority_key_id(gnutls_x509_crl_t crl, + void *id, + size_t * id_size, + unsigned int *critical); +int gnutls_x509_crl_get_authority_key_gn_serial(gnutls_x509_crl_t + crl, + unsigned int seq, + void *alt, + size_t * alt_size, + unsigned int + *alt_type, + void *serial, + size_t * + serial_size, unsigned int + *critical); + +int gnutls_x509_crl_get_number(gnutls_x509_crl_t crl, void *ret, + size_t * ret_size, unsigned int *critical); + +int gnutls_x509_crl_get_extension_oid(gnutls_x509_crl_t crl, + int indx, void *oid, + size_t * sizeof_oid); + +int gnutls_x509_crl_get_extension_info(gnutls_x509_crl_t crl, + int indx, void *oid, + size_t * sizeof_oid, unsigned int *critical); - int gnutls_x509_crl_get_extension_oid(gnutls_x509_crl_t crl, - int indx, void *oid, - size_t * sizeof_oid); +int gnutls_x509_crl_get_extension_data(gnutls_x509_crl_t crl, + int indx, void *data, + size_t * sizeof_data); - int gnutls_x509_crl_get_extension_info(gnutls_x509_crl_t crl, - int indx, void *oid, - size_t * sizeof_oid, - unsigned int *critical); +int gnutls_x509_crl_set_authority_key_id(gnutls_x509_crl_t crl, + const void *id, size_t id_size); - int gnutls_x509_crl_get_extension_data(gnutls_x509_crl_t crl, - int indx, void *data, - size_t * sizeof_data); - - int gnutls_x509_crl_set_authority_key_id(gnutls_x509_crl_t crl, - const void *id, - size_t id_size); - - int gnutls_x509_crl_set_number(gnutls_x509_crl_t crl, - const void *nr, size_t nr_size); +int gnutls_x509_crl_set_number(gnutls_x509_crl_t crl, + const void *nr, size_t nr_size); /* PKCS7 structures handling */ - struct gnutls_pkcs7_int; - typedef struct gnutls_pkcs7_int *gnutls_pkcs7_t; - - int gnutls_pkcs7_init(gnutls_pkcs7_t * pkcs7); - void gnutls_pkcs7_deinit(gnutls_pkcs7_t pkcs7); - int gnutls_pkcs7_import(gnutls_pkcs7_t pkcs7, - const gnutls_datum_t * data, - gnutls_x509_crt_fmt_t format); - int gnutls_pkcs7_export(gnutls_pkcs7_t pkcs7, - gnutls_x509_crt_fmt_t format, - void *output_data, - size_t * output_data_size); - int gnutls_pkcs7_export2(gnutls_pkcs7_t pkcs7, - gnutls_x509_crt_fmt_t format, - gnutls_datum_t * out); - - int gnutls_pkcs7_get_crt_count(gnutls_pkcs7_t pkcs7); - int gnutls_pkcs7_get_crt_raw(gnutls_pkcs7_t pkcs7, int indx, - void *certificate, - size_t * certificate_size); - - int gnutls_pkcs7_set_crt_raw(gnutls_pkcs7_t pkcs7, - const gnutls_datum_t * crt); - int gnutls_pkcs7_set_crt(gnutls_pkcs7_t pkcs7, - gnutls_x509_crt_t crt); - int gnutls_pkcs7_delete_crt(gnutls_pkcs7_t pkcs7, int indx); - - int gnutls_pkcs7_get_crl_raw(gnutls_pkcs7_t pkcs7, - int indx, void *crl, - size_t * crl_size); - int gnutls_pkcs7_get_crl_count(gnutls_pkcs7_t pkcs7); - - int gnutls_pkcs7_set_crl_raw(gnutls_pkcs7_t pkcs7, - const gnutls_datum_t * crl); - int gnutls_pkcs7_set_crl(gnutls_pkcs7_t pkcs7, - gnutls_x509_crl_t crl); - int gnutls_pkcs7_delete_crl(gnutls_pkcs7_t pkcs7, int indx); +struct gnutls_pkcs7_int; +typedef struct gnutls_pkcs7_int *gnutls_pkcs7_t; + +int gnutls_pkcs7_init(gnutls_pkcs7_t * pkcs7); +void gnutls_pkcs7_deinit(gnutls_pkcs7_t pkcs7); +int gnutls_pkcs7_import(gnutls_pkcs7_t pkcs7, + const gnutls_datum_t * data, + gnutls_x509_crt_fmt_t format); +int gnutls_pkcs7_export(gnutls_pkcs7_t pkcs7, + gnutls_x509_crt_fmt_t format, + void *output_data, size_t * output_data_size); +int gnutls_pkcs7_export2(gnutls_pkcs7_t pkcs7, + gnutls_x509_crt_fmt_t format, + gnutls_datum_t * out); + +int gnutls_pkcs7_get_crt_count(gnutls_pkcs7_t pkcs7); +int gnutls_pkcs7_get_crt_raw(gnutls_pkcs7_t pkcs7, int indx, + void *certificate, size_t * certificate_size); + +int gnutls_pkcs7_set_crt_raw(gnutls_pkcs7_t pkcs7, + const gnutls_datum_t * crt); +int gnutls_pkcs7_set_crt(gnutls_pkcs7_t pkcs7, gnutls_x509_crt_t crt); +int gnutls_pkcs7_delete_crt(gnutls_pkcs7_t pkcs7, int indx); + +int gnutls_pkcs7_get_crl_raw(gnutls_pkcs7_t pkcs7, + int indx, void *crl, size_t * crl_size); +int gnutls_pkcs7_get_crl_count(gnutls_pkcs7_t pkcs7); + +int gnutls_pkcs7_set_crl_raw(gnutls_pkcs7_t pkcs7, + const gnutls_datum_t * crl); +int gnutls_pkcs7_set_crl(gnutls_pkcs7_t pkcs7, gnutls_x509_crl_t crl); +int gnutls_pkcs7_delete_crl(gnutls_pkcs7_t pkcs7, int indx); /* X.509 Certificate verification functions. */ @@ -773,58 +732,56 @@ extern "C" { * * Enumeration of different certificate verify flags. */ - typedef enum gnutls_certificate_verify_flags { - GNUTLS_VERIFY_DISABLE_CA_SIGN = 1 << 0, - GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT = 1 << 1, - GNUTLS_VERIFY_DO_NOT_ALLOW_SAME = 1 << 2, - GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT = 1 << 3, - GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2 = 1 << 4, - GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5 = 1 << 5, - GNUTLS_VERIFY_DISABLE_TIME_CHECKS = 1 << 6, - GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS = 1 << 7, - GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT = 1 << 8, - GNUTLS_VERIFY_DISABLE_CRL_CHECKS = 1 << 9, - GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN = 1 << 10, - GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN = 1 << 11, - } gnutls_certificate_verify_flags; - - int gnutls_x509_crt_check_issuer(gnutls_x509_crt_t cert, - gnutls_x509_crt_t issuer); - - int gnutls_x509_crt_list_verify(const gnutls_x509_crt_t * - cert_list, int cert_list_length, - const gnutls_x509_crt_t * CA_list, - int CA_list_length, - const gnutls_x509_crl_t * CRL_list, - int CRL_list_length, - unsigned int flags, - unsigned int *verify); - - int gnutls_x509_crt_verify(gnutls_x509_crt_t cert, - const gnutls_x509_crt_t * CA_list, - int CA_list_length, unsigned int flags, - unsigned int *verify); - int gnutls_x509_crl_verify(gnutls_x509_crl_t crl, - const gnutls_x509_crt_t * CA_list, - int CA_list_length, unsigned int flags, - unsigned int *verify); - - int gnutls_x509_crt_check_revocation(gnutls_x509_crt_t cert, - const gnutls_x509_crl_t * - crl_list, - int crl_list_length); - - int gnutls_x509_crt_get_fingerprint(gnutls_x509_crt_t cert, - gnutls_digest_algorithm_t algo, - void *buf, size_t * buf_size); - - int gnutls_x509_crt_get_key_purpose_oid(gnutls_x509_crt_t cert, - int indx, void *oid, - size_t * oid_size, - unsigned int *critical); - int gnutls_x509_crt_set_key_purpose_oid(gnutls_x509_crt_t cert, - const void *oid, - unsigned int critical); +typedef enum gnutls_certificate_verify_flags { + GNUTLS_VERIFY_DISABLE_CA_SIGN = 1 << 0, + GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT = 1 << 1, + GNUTLS_VERIFY_DO_NOT_ALLOW_SAME = 1 << 2, + GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT = 1 << 3, + GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2 = 1 << 4, + GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5 = 1 << 5, + GNUTLS_VERIFY_DISABLE_TIME_CHECKS = 1 << 6, + GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS = 1 << 7, + GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT = 1 << 8, + GNUTLS_VERIFY_DISABLE_CRL_CHECKS = 1 << 9, + GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN = 1 << 10, + GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN = 1 << 11, +} gnutls_certificate_verify_flags; + +int gnutls_x509_crt_check_issuer(gnutls_x509_crt_t cert, + gnutls_x509_crt_t issuer); + +int gnutls_x509_crt_list_verify(const gnutls_x509_crt_t * + cert_list, int cert_list_length, + const gnutls_x509_crt_t * CA_list, + int CA_list_length, + const gnutls_x509_crl_t * CRL_list, + int CRL_list_length, + unsigned int flags, unsigned int *verify); + +int gnutls_x509_crt_verify(gnutls_x509_crt_t cert, + const gnutls_x509_crt_t * CA_list, + int CA_list_length, unsigned int flags, + unsigned int *verify); +int gnutls_x509_crl_verify(gnutls_x509_crl_t crl, + const gnutls_x509_crt_t * CA_list, + int CA_list_length, unsigned int flags, + unsigned int *verify); + +int gnutls_x509_crt_check_revocation(gnutls_x509_crt_t cert, + const gnutls_x509_crl_t * + crl_list, int crl_list_length); + +int gnutls_x509_crt_get_fingerprint(gnutls_x509_crt_t cert, + gnutls_digest_algorithm_t algo, + void *buf, size_t * buf_size); + +int gnutls_x509_crt_get_key_purpose_oid(gnutls_x509_crt_t cert, + int indx, void *oid, + size_t * oid_size, + unsigned int *critical); +int gnutls_x509_crt_set_key_purpose_oid(gnutls_x509_crt_t cert, + const void *oid, + unsigned int critical); /* Private key handling. */ @@ -851,398 +808,382 @@ extern "C" { * * Enumeration of different PKCS encryption flags. */ - typedef enum gnutls_pkcs_encrypt_flags_t { - GNUTLS_PKCS_PLAIN = 1, - GNUTLS_PKCS_USE_PKCS12_3DES = 2, - GNUTLS_PKCS_USE_PKCS12_ARCFOUR = 4, - GNUTLS_PKCS_USE_PKCS12_RC2_40 = 8, - GNUTLS_PKCS_USE_PBES2_3DES = 16, - GNUTLS_PKCS_USE_PBES2_AES_128 = 32, - GNUTLS_PKCS_USE_PBES2_AES_192 = 64, - GNUTLS_PKCS_USE_PBES2_AES_256 = 128, - GNUTLS_PKCS_NULL_PASSWORD = 256 - } gnutls_pkcs_encrypt_flags_t; - - int gnutls_x509_privkey_init(gnutls_x509_privkey_t * key); - void gnutls_x509_privkey_deinit(gnutls_x509_privkey_t key); - gnutls_sec_param_t - gnutls_x509_privkey_sec_param(gnutls_x509_privkey_t key); - int gnutls_x509_privkey_cpy(gnutls_x509_privkey_t dst, - gnutls_x509_privkey_t src); - int gnutls_x509_privkey_import(gnutls_x509_privkey_t key, +typedef enum gnutls_pkcs_encrypt_flags_t { + GNUTLS_PKCS_PLAIN = 1, + GNUTLS_PKCS_USE_PKCS12_3DES = 2, + GNUTLS_PKCS_USE_PKCS12_ARCFOUR = 4, + GNUTLS_PKCS_USE_PKCS12_RC2_40 = 8, + GNUTLS_PKCS_USE_PBES2_3DES = 16, + GNUTLS_PKCS_USE_PBES2_AES_128 = 32, + GNUTLS_PKCS_USE_PBES2_AES_192 = 64, + GNUTLS_PKCS_USE_PBES2_AES_256 = 128, + GNUTLS_PKCS_NULL_PASSWORD = 256 +} gnutls_pkcs_encrypt_flags_t; + +int gnutls_x509_privkey_init(gnutls_x509_privkey_t * key); +void gnutls_x509_privkey_deinit(gnutls_x509_privkey_t key); +gnutls_sec_param_t +gnutls_x509_privkey_sec_param(gnutls_x509_privkey_t key); +int gnutls_x509_privkey_cpy(gnutls_x509_privkey_t dst, + gnutls_x509_privkey_t src); +int gnutls_x509_privkey_import(gnutls_x509_privkey_t key, + const gnutls_datum_t * data, + gnutls_x509_crt_fmt_t format); +int gnutls_x509_privkey_import_pkcs8(gnutls_x509_privkey_t key, + const gnutls_datum_t * data, + gnutls_x509_crt_fmt_t format, + const char *password, + unsigned int flags); +int gnutls_x509_privkey_import_openssl(gnutls_x509_privkey_t key, const gnutls_datum_t * data, - gnutls_x509_crt_fmt_t format); - int gnutls_x509_privkey_import_pkcs8(gnutls_x509_privkey_t key, - const gnutls_datum_t * data, - gnutls_x509_crt_fmt_t format, - const char *password, - unsigned int flags); - int gnutls_x509_privkey_import_openssl(gnutls_x509_privkey_t key, - const gnutls_datum_t * data, - const char *password); - - int gnutls_x509_privkey_import2(gnutls_x509_privkey_t key, - const gnutls_datum_t * data, - gnutls_x509_crt_fmt_t format, - const char *password, - unsigned int flags); - - int gnutls_x509_privkey_import_rsa_raw(gnutls_x509_privkey_t key, - const gnutls_datum_t * m, - const gnutls_datum_t * e, - const gnutls_datum_t * d, - const gnutls_datum_t * p, - const gnutls_datum_t * q, - const gnutls_datum_t * u); - int gnutls_x509_privkey_import_rsa_raw2(gnutls_x509_privkey_t key, - const gnutls_datum_t * m, - const gnutls_datum_t * e, - const gnutls_datum_t * d, - const gnutls_datum_t * p, - const gnutls_datum_t * q, - const gnutls_datum_t * u, - const gnutls_datum_t * e1, - const gnutls_datum_t * e2); - int gnutls_x509_privkey_import_ecc_raw(gnutls_x509_privkey_t key, - gnutls_ecc_curve_t curve, - const gnutls_datum_t * x, - const gnutls_datum_t * y, - const gnutls_datum_t * k); - - int gnutls_x509_privkey_fix(gnutls_x509_privkey_t key); - - int gnutls_x509_privkey_export_dsa_raw(gnutls_x509_privkey_t key, - gnutls_datum_t * p, - gnutls_datum_t * q, - gnutls_datum_t * g, - gnutls_datum_t * y, - gnutls_datum_t * x); - int gnutls_x509_privkey_import_dsa_raw(gnutls_x509_privkey_t key, - const gnutls_datum_t * p, - const gnutls_datum_t * q, - const gnutls_datum_t * g, - const gnutls_datum_t * y, - const gnutls_datum_t * x); - - int gnutls_x509_privkey_get_pk_algorithm(gnutls_x509_privkey_t - key); - int gnutls_x509_privkey_get_pk_algorithm2(gnutls_x509_privkey_t - key, unsigned int *bits); - int gnutls_x509_privkey_get_key_id(gnutls_x509_privkey_t key, - unsigned int flags, - unsigned char *output_data, - size_t * output_data_size); - - int gnutls_x509_privkey_generate(gnutls_x509_privkey_t key, - gnutls_pk_algorithm_t algo, - unsigned int bits, - unsigned int flags); - int gnutls_x509_privkey_verify_params(gnutls_x509_privkey_t key); - - int gnutls_x509_privkey_export(gnutls_x509_privkey_t key, - gnutls_x509_crt_fmt_t format, - void *output_data, - size_t * output_data_size); - int gnutls_x509_privkey_export2(gnutls_x509_privkey_t key, - gnutls_x509_crt_fmt_t format, - gnutls_datum_t * out); - int gnutls_x509_privkey_export_pkcs8(gnutls_x509_privkey_t key, - gnutls_x509_crt_fmt_t format, - const char *password, - unsigned int flags, - void *output_data, - size_t * output_data_size); - int gnutls_x509_privkey_export2_pkcs8(gnutls_x509_privkey_t key, - gnutls_x509_crt_fmt_t format, - const char *password, - unsigned int flags, - gnutls_datum_t * out); - int gnutls_x509_privkey_export_rsa_raw2(gnutls_x509_privkey_t key, - gnutls_datum_t * m, - gnutls_datum_t * e, - gnutls_datum_t * d, - gnutls_datum_t * p, - gnutls_datum_t * q, - gnutls_datum_t * u, - gnutls_datum_t * e1, - gnutls_datum_t * e2); - int gnutls_x509_privkey_export_rsa_raw(gnutls_x509_privkey_t key, - gnutls_datum_t * m, - gnutls_datum_t * e, - gnutls_datum_t * d, - gnutls_datum_t * p, - gnutls_datum_t * q, - gnutls_datum_t * u); - int gnutls_x509_privkey_export_ecc_raw(gnutls_x509_privkey_t key, - gnutls_ecc_curve_t * curve, - gnutls_datum_t * x, - gnutls_datum_t * y, - gnutls_datum_t * k); + const char *password); + +int gnutls_x509_privkey_import2(gnutls_x509_privkey_t key, + const gnutls_datum_t * data, + gnutls_x509_crt_fmt_t format, + const char *password, unsigned int flags); + +int gnutls_x509_privkey_import_rsa_raw(gnutls_x509_privkey_t key, + const gnutls_datum_t * m, + const gnutls_datum_t * e, + const gnutls_datum_t * d, + const gnutls_datum_t * p, + const gnutls_datum_t * q, + const gnutls_datum_t * u); +int gnutls_x509_privkey_import_rsa_raw2(gnutls_x509_privkey_t key, + const gnutls_datum_t * m, + const gnutls_datum_t * e, + const gnutls_datum_t * d, + const gnutls_datum_t * p, + const gnutls_datum_t * q, + const gnutls_datum_t * u, + const gnutls_datum_t * e1, + const gnutls_datum_t * e2); +int gnutls_x509_privkey_import_ecc_raw(gnutls_x509_privkey_t key, + gnutls_ecc_curve_t curve, + const gnutls_datum_t * x, + const gnutls_datum_t * y, + const gnutls_datum_t * k); + +int gnutls_x509_privkey_fix(gnutls_x509_privkey_t key); + +int gnutls_x509_privkey_export_dsa_raw(gnutls_x509_privkey_t key, + gnutls_datum_t * p, + gnutls_datum_t * q, + gnutls_datum_t * g, + gnutls_datum_t * y, + gnutls_datum_t * x); +int gnutls_x509_privkey_import_dsa_raw(gnutls_x509_privkey_t key, + const gnutls_datum_t * p, + const gnutls_datum_t * q, + const gnutls_datum_t * g, + const gnutls_datum_t * y, + const gnutls_datum_t * x); + +int gnutls_x509_privkey_get_pk_algorithm(gnutls_x509_privkey_t key); +int gnutls_x509_privkey_get_pk_algorithm2(gnutls_x509_privkey_t + key, unsigned int *bits); +int gnutls_x509_privkey_get_key_id(gnutls_x509_privkey_t key, + unsigned int flags, + unsigned char *output_data, + size_t * output_data_size); + +int gnutls_x509_privkey_generate(gnutls_x509_privkey_t key, + gnutls_pk_algorithm_t algo, + unsigned int bits, unsigned int flags); +int gnutls_x509_privkey_verify_params(gnutls_x509_privkey_t key); + +int gnutls_x509_privkey_export(gnutls_x509_privkey_t key, + gnutls_x509_crt_fmt_t format, + void *output_data, + size_t * output_data_size); +int gnutls_x509_privkey_export2(gnutls_x509_privkey_t key, + gnutls_x509_crt_fmt_t format, + gnutls_datum_t * out); +int gnutls_x509_privkey_export_pkcs8(gnutls_x509_privkey_t key, + gnutls_x509_crt_fmt_t format, + const char *password, + unsigned int flags, + void *output_data, + size_t * output_data_size); +int gnutls_x509_privkey_export2_pkcs8(gnutls_x509_privkey_t key, + gnutls_x509_crt_fmt_t format, + const char *password, + unsigned int flags, + gnutls_datum_t * out); +int gnutls_x509_privkey_export_rsa_raw2(gnutls_x509_privkey_t key, + gnutls_datum_t * m, + gnutls_datum_t * e, + gnutls_datum_t * d, + gnutls_datum_t * p, + gnutls_datum_t * q, + gnutls_datum_t * u, + gnutls_datum_t * e1, + gnutls_datum_t * e2); +int gnutls_x509_privkey_export_rsa_raw(gnutls_x509_privkey_t key, + gnutls_datum_t * m, + gnutls_datum_t * e, + gnutls_datum_t * d, + gnutls_datum_t * p, + gnutls_datum_t * q, + gnutls_datum_t * u); +int gnutls_x509_privkey_export_ecc_raw(gnutls_x509_privkey_t key, + gnutls_ecc_curve_t * curve, + gnutls_datum_t * x, + gnutls_datum_t * y, + gnutls_datum_t * k); /* Certificate request stuff. */ - int gnutls_x509_crq_sign2(gnutls_x509_crq_t crq, - gnutls_x509_privkey_t key, - gnutls_digest_algorithm_t dig, - unsigned int flags); - - int gnutls_x509_crq_print(gnutls_x509_crq_t crq, - gnutls_certificate_print_formats_t - format, gnutls_datum_t * out); - - int gnutls_x509_crq_verify(gnutls_x509_crq_t crq, - unsigned int flags); - - int gnutls_x509_crq_init(gnutls_x509_crq_t * crq); - void gnutls_x509_crq_deinit(gnutls_x509_crq_t crq); - int gnutls_x509_crq_import(gnutls_x509_crq_t crq, - const gnutls_datum_t * data, - gnutls_x509_crt_fmt_t format); - - int gnutls_x509_crq_get_private_key_usage_period(gnutls_x509_crq_t - cert, - time_t * - activation, - time_t * - expiration, - unsigned int - *critical); - - int gnutls_x509_crq_get_dn(gnutls_x509_crq_t crq, char *buf, - size_t * sizeof_buf); - int gnutls_x509_crq_get_dn2(gnutls_x509_crq_t crq, - gnutls_datum_t * dn); - int gnutls_x509_crq_get_dn_oid(gnutls_x509_crq_t crq, int indx, - void *oid, size_t * sizeof_oid); - int gnutls_x509_crq_get_dn_by_oid(gnutls_x509_crq_t crq, - const char *oid, int indx, - unsigned int raw_flag, void *buf, - size_t * sizeof_buf); - int gnutls_x509_crq_set_dn(gnutls_x509_crq_t crq, const char *dn, - const char **err); - int gnutls_x509_crq_set_dn_by_oid(gnutls_x509_crq_t crq, - const char *oid, - unsigned int raw_flag, - const void *data, - unsigned int sizeof_data); - int gnutls_x509_crq_set_version(gnutls_x509_crq_t crq, - unsigned int version); - int gnutls_x509_crq_get_version(gnutls_x509_crq_t crq); - int gnutls_x509_crq_set_key(gnutls_x509_crq_t crq, - gnutls_x509_privkey_t key); - - int gnutls_x509_crq_set_challenge_password(gnutls_x509_crq_t crq, - const char *pass); - int gnutls_x509_crq_get_challenge_password(gnutls_x509_crq_t crq, - char *pass, - size_t * sizeof_pass); - - int gnutls_x509_crq_set_attribute_by_oid(gnutls_x509_crq_t crq, - const char *oid, - void *buf, - size_t sizeof_buf); - int gnutls_x509_crq_get_attribute_by_oid(gnutls_x509_crq_t crq, - const char *oid, int indx, - void *buf, - size_t * sizeof_buf); - - int gnutls_x509_crq_export(gnutls_x509_crq_t crq, - gnutls_x509_crt_fmt_t format, - void *output_data, - size_t * output_data_size); - int gnutls_x509_crq_export2(gnutls_x509_crq_t crq, - gnutls_x509_crt_fmt_t format, - gnutls_datum_t * out); - - int gnutls_x509_crt_set_crq(gnutls_x509_crt_t crt, - gnutls_x509_crq_t crq); - int gnutls_x509_crt_set_crq_extensions(gnutls_x509_crt_t crt, - gnutls_x509_crq_t crq); - - int gnutls_x509_crq_set_private_key_usage_period(gnutls_x509_crq_t - crq, - time_t activation, - time_t - expiration); - int gnutls_x509_crq_set_key_rsa_raw(gnutls_x509_crq_t crq, - const gnutls_datum_t * m, - const gnutls_datum_t * e); - int gnutls_x509_crq_set_subject_alt_name(gnutls_x509_crq_t crq, - gnutls_x509_subject_alt_name_t - nt, const void *data, - unsigned int data_size, - unsigned int flags); - - int gnutls_x509_crq_set_key_usage(gnutls_x509_crq_t crq, - unsigned int usage); - int gnutls_x509_crq_set_basic_constraints(gnutls_x509_crq_t crq, - unsigned int ca, - int pathLenConstraint); - int gnutls_x509_crq_set_key_purpose_oid(gnutls_x509_crq_t crq, - const void *oid, - unsigned int critical); - int gnutls_x509_crq_get_key_purpose_oid(gnutls_x509_crq_t crq, - int indx, void *oid, - size_t * sizeof_oid, - unsigned int *critical); - - int gnutls_x509_crq_get_extension_data(gnutls_x509_crq_t crq, - int indx, void *data, - size_t * sizeof_data); - int gnutls_x509_crq_get_extension_info(gnutls_x509_crq_t crq, - int indx, void *oid, - size_t * sizeof_oid, - unsigned int *critical); - int gnutls_x509_crq_get_attribute_data(gnutls_x509_crq_t crq, - int indx, void *data, - size_t * sizeof_data); - int gnutls_x509_crq_get_attribute_info(gnutls_x509_crq_t crq, - int indx, void *oid, - size_t * sizeof_oid); - int gnutls_x509_crq_get_pk_algorithm(gnutls_x509_crq_t crq, - unsigned int *bits); - - int gnutls_x509_crq_get_key_id(gnutls_x509_crq_t crq, - unsigned int flags, - unsigned char *output_data, - size_t * output_data_size); - int gnutls_x509_crq_get_key_rsa_raw(gnutls_x509_crq_t crq, - gnutls_datum_t * m, - gnutls_datum_t * e); - - int gnutls_x509_crq_get_key_usage(gnutls_x509_crq_t crq, - unsigned int *key_usage, - unsigned int *critical); - int gnutls_x509_crq_get_basic_constraints(gnutls_x509_crq_t crq, - unsigned int *critical, - unsigned int *ca, - int *pathlen); - int gnutls_x509_crq_get_subject_alt_name(gnutls_x509_crq_t crq, - unsigned int seq, - void *ret, - size_t * ret_size, - unsigned int *ret_type, - unsigned int *critical); - int gnutls_x509_crq_get_subject_alt_othername_oid(gnutls_x509_crq_t - crq, - unsigned int seq, - void *ret, - size_t * - ret_size); - - int gnutls_x509_crq_get_extension_by_oid(gnutls_x509_crq_t crq, - const char *oid, int indx, - void *buf, - size_t * sizeof_buf, - unsigned int *critical); - - typedef struct gnutls_x509_trust_list_st *gnutls_x509_trust_list_t; - - int - gnutls_x509_trust_list_init(gnutls_x509_trust_list_t * list, - unsigned int size); - - void - gnutls_x509_trust_list_deinit(gnutls_x509_trust_list_t list, - unsigned int all); - - int gnutls_x509_trust_list_get_issuer(gnutls_x509_trust_list_t - list, gnutls_x509_crt_t cert, - gnutls_x509_crt_t * issuer, - unsigned int flags); - - int - gnutls_x509_trust_list_add_cas(gnutls_x509_trust_list_t list, - const gnutls_x509_crt_t * clist, - int clist_size, - unsigned int flags); - int gnutls_x509_trust_list_remove_cas(gnutls_x509_trust_list_t - list, - const gnutls_x509_crt_t * - clist, int clist_size); - - int gnutls_x509_trust_list_add_named_crt(gnutls_x509_trust_list_t - list, - gnutls_x509_crt_t cert, - const void *name, - size_t name_size, - unsigned int flags); +int gnutls_x509_crq_sign2(gnutls_x509_crq_t crq, + gnutls_x509_privkey_t key, + gnutls_digest_algorithm_t dig, + unsigned int flags); + +int gnutls_x509_crq_print(gnutls_x509_crq_t crq, + gnutls_certificate_print_formats_t + format, gnutls_datum_t * out); + +int gnutls_x509_crq_verify(gnutls_x509_crq_t crq, unsigned int flags); + +int gnutls_x509_crq_init(gnutls_x509_crq_t * crq); +void gnutls_x509_crq_deinit(gnutls_x509_crq_t crq); +int gnutls_x509_crq_import(gnutls_x509_crq_t crq, + const gnutls_datum_t * data, + gnutls_x509_crt_fmt_t format); + +int gnutls_x509_crq_get_private_key_usage_period(gnutls_x509_crq_t + cert, + time_t * + activation, + time_t * + expiration, unsigned int + *critical); + +int gnutls_x509_crq_get_dn(gnutls_x509_crq_t crq, char *buf, + size_t * sizeof_buf); +int gnutls_x509_crq_get_dn2(gnutls_x509_crq_t crq, gnutls_datum_t * dn); +int gnutls_x509_crq_get_dn_oid(gnutls_x509_crq_t crq, int indx, + void *oid, size_t * sizeof_oid); +int gnutls_x509_crq_get_dn_by_oid(gnutls_x509_crq_t crq, + const char *oid, int indx, + unsigned int raw_flag, void *buf, + size_t * sizeof_buf); +int gnutls_x509_crq_set_dn(gnutls_x509_crq_t crq, const char *dn, + const char **err); +int gnutls_x509_crq_set_dn_by_oid(gnutls_x509_crq_t crq, + const char *oid, + unsigned int raw_flag, + const void *data, + unsigned int sizeof_data); +int gnutls_x509_crq_set_version(gnutls_x509_crq_t crq, + unsigned int version); +int gnutls_x509_crq_get_version(gnutls_x509_crq_t crq); +int gnutls_x509_crq_set_key(gnutls_x509_crq_t crq, + gnutls_x509_privkey_t key); + +int gnutls_x509_crq_set_challenge_password(gnutls_x509_crq_t crq, + const char *pass); +int gnutls_x509_crq_get_challenge_password(gnutls_x509_crq_t crq, + char *pass, + size_t * sizeof_pass); + +int gnutls_x509_crq_set_attribute_by_oid(gnutls_x509_crq_t crq, + const char *oid, + void *buf, size_t sizeof_buf); +int gnutls_x509_crq_get_attribute_by_oid(gnutls_x509_crq_t crq, + const char *oid, int indx, + void *buf, size_t * sizeof_buf); + +int gnutls_x509_crq_export(gnutls_x509_crq_t crq, + gnutls_x509_crt_fmt_t format, + void *output_data, size_t * output_data_size); +int gnutls_x509_crq_export2(gnutls_x509_crq_t crq, + gnutls_x509_crt_fmt_t format, + gnutls_datum_t * out); + +int gnutls_x509_crt_set_crq(gnutls_x509_crt_t crt, gnutls_x509_crq_t crq); +int gnutls_x509_crt_set_crq_extensions(gnutls_x509_crt_t crt, + gnutls_x509_crq_t crq); + +int gnutls_x509_crq_set_private_key_usage_period(gnutls_x509_crq_t + crq, + time_t activation, + time_t expiration); +int gnutls_x509_crq_set_key_rsa_raw(gnutls_x509_crq_t crq, + const gnutls_datum_t * m, + const gnutls_datum_t * e); +int gnutls_x509_crq_set_subject_alt_name(gnutls_x509_crq_t crq, + gnutls_x509_subject_alt_name_t + nt, const void *data, + unsigned int data_size, + unsigned int flags); + +int gnutls_x509_crq_set_key_usage(gnutls_x509_crq_t crq, + unsigned int usage); +int gnutls_x509_crq_set_basic_constraints(gnutls_x509_crq_t crq, + unsigned int ca, + int pathLenConstraint); +int gnutls_x509_crq_set_key_purpose_oid(gnutls_x509_crq_t crq, + const void *oid, + unsigned int critical); +int gnutls_x509_crq_get_key_purpose_oid(gnutls_x509_crq_t crq, + int indx, void *oid, + size_t * sizeof_oid, + unsigned int *critical); + +int gnutls_x509_crq_get_extension_data(gnutls_x509_crq_t crq, + int indx, void *data, + size_t * sizeof_data); +int gnutls_x509_crq_get_extension_info(gnutls_x509_crq_t crq, + int indx, void *oid, + size_t * sizeof_oid, + unsigned int *critical); +int gnutls_x509_crq_get_attribute_data(gnutls_x509_crq_t crq, + int indx, void *data, + size_t * sizeof_data); +int gnutls_x509_crq_get_attribute_info(gnutls_x509_crq_t crq, + int indx, void *oid, + size_t * sizeof_oid); +int gnutls_x509_crq_get_pk_algorithm(gnutls_x509_crq_t crq, + unsigned int *bits); + +int gnutls_x509_crq_get_key_id(gnutls_x509_crq_t crq, + unsigned int flags, + unsigned char *output_data, + size_t * output_data_size); +int gnutls_x509_crq_get_key_rsa_raw(gnutls_x509_crq_t crq, + gnutls_datum_t * m, + gnutls_datum_t * e); + +int gnutls_x509_crq_get_key_usage(gnutls_x509_crq_t crq, + unsigned int *key_usage, + unsigned int *critical); +int gnutls_x509_crq_get_basic_constraints(gnutls_x509_crq_t crq, + unsigned int *critical, + unsigned int *ca, int *pathlen); +int gnutls_x509_crq_get_subject_alt_name(gnutls_x509_crq_t crq, + unsigned int seq, + void *ret, + size_t * ret_size, + unsigned int *ret_type, + unsigned int *critical); +int gnutls_x509_crq_get_subject_alt_othername_oid(gnutls_x509_crq_t + crq, + unsigned int seq, + void *ret, + size_t * ret_size); + +int gnutls_x509_crq_get_extension_by_oid(gnutls_x509_crq_t crq, + const char *oid, int indx, + void *buf, + size_t * sizeof_buf, + unsigned int *critical); + +typedef struct gnutls_x509_trust_list_st *gnutls_x509_trust_list_t; + +int +gnutls_x509_trust_list_init(gnutls_x509_trust_list_t * list, + unsigned int size); + +void +gnutls_x509_trust_list_deinit(gnutls_x509_trust_list_t list, + unsigned int all); + +int gnutls_x509_trust_list_get_issuer(gnutls_x509_trust_list_t + list, gnutls_x509_crt_t cert, + gnutls_x509_crt_t * issuer, + unsigned int flags); + +int +gnutls_x509_trust_list_add_cas(gnutls_x509_trust_list_t list, + const gnutls_x509_crt_t * clist, + int clist_size, unsigned int flags); +int gnutls_x509_trust_list_remove_cas(gnutls_x509_trust_list_t + list, + const gnutls_x509_crt_t * + clist, int clist_size); + +int gnutls_x509_trust_list_add_named_crt(gnutls_x509_trust_list_t + list, + gnutls_x509_crt_t cert, + const void *name, + size_t name_size, + unsigned int flags); #define GNUTLS_TL_VERIFY_CRL 1 - int - gnutls_x509_trust_list_add_crls(gnutls_x509_trust_list_t list, - const gnutls_x509_crl_t * - crl_list, int crl_size, - unsigned int flags, - unsigned int verification_flags); - - typedef int gnutls_verify_output_function(gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, /* The issuer if verification failed - * because of him. might be null. - */ - gnutls_x509_crl_t crl, /* The CRL that caused verification failure - * if any. Might be null. - */ - unsigned int - verification_output); - - int gnutls_x509_trust_list_verify_named_crt - (gnutls_x509_trust_list_t list, gnutls_x509_crt_t cert, - const void *name, size_t name_size, unsigned int flags, - unsigned int *verify, gnutls_verify_output_function func); - - int - gnutls_x509_trust_list_verify_crt(gnutls_x509_trust_list_t list, - gnutls_x509_crt_t * cert_list, - unsigned int cert_list_size, - unsigned int flags, - unsigned int *verify, - gnutls_verify_output_function - func); +int +gnutls_x509_trust_list_add_crls(gnutls_x509_trust_list_t list, + const gnutls_x509_crl_t * + crl_list, int crl_size, + unsigned int flags, + unsigned int verification_flags); + +typedef int gnutls_verify_output_function(gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, /* The issuer if verification failed + * because of him. might be null. + */ + gnutls_x509_crl_t crl, /* The CRL that caused verification failure + * if any. Might be null. + */ + unsigned int + verification_output); + +int gnutls_x509_trust_list_verify_named_crt + (gnutls_x509_trust_list_t list, gnutls_x509_crt_t cert, + const void *name, size_t name_size, unsigned int flags, + unsigned int *verify, gnutls_verify_output_function func); + +int +gnutls_x509_trust_list_verify_crt(gnutls_x509_trust_list_t list, + gnutls_x509_crt_t * cert_list, + unsigned int cert_list_size, + unsigned int flags, + unsigned int *verify, + gnutls_verify_output_function func); /* trust list convenience functions */ - int - gnutls_x509_trust_list_add_trust_mem(gnutls_x509_trust_list_t - list, - const gnutls_datum_t * cas, - const gnutls_datum_t * crls, - gnutls_x509_crt_fmt_t type, - unsigned int tl_flags, - unsigned int tl_vflags); - - int - gnutls_x509_trust_list_add_trust_file(gnutls_x509_trust_list_t - list, const char *ca_file, - const char *crl_file, - gnutls_x509_crt_fmt_t type, - unsigned int tl_flags, - unsigned int tl_vflags); - - int - gnutls_x509_trust_list_remove_trust_file(gnutls_x509_trust_list_t - list, - const char *ca_file, - gnutls_x509_crt_fmt_t - type); - - int - gnutls_x509_trust_list_remove_trust_mem(gnutls_x509_trust_list_t - list, - const gnutls_datum_t * - cas, - gnutls_x509_crt_fmt_t - type); - - int - gnutls_x509_trust_list_add_system_trust(gnutls_x509_trust_list_t - list, - unsigned int tl_flags, - unsigned int tl_vflags); - - void gnutls_certificate_set_trust_list - (gnutls_certificate_credentials_t res, - gnutls_x509_trust_list_t tlist, unsigned flags); - +int +gnutls_x509_trust_list_add_trust_mem(gnutls_x509_trust_list_t + list, + const gnutls_datum_t * cas, + const gnutls_datum_t * crls, + gnutls_x509_crt_fmt_t type, + unsigned int tl_flags, + unsigned int tl_vflags); + +int +gnutls_x509_trust_list_add_trust_file(gnutls_x509_trust_list_t + list, const char *ca_file, + const char *crl_file, + gnutls_x509_crt_fmt_t type, + unsigned int tl_flags, + unsigned int tl_vflags); + +int +gnutls_x509_trust_list_remove_trust_file(gnutls_x509_trust_list_t + list, + const char *ca_file, + gnutls_x509_crt_fmt_t type); + +int +gnutls_x509_trust_list_remove_trust_mem(gnutls_x509_trust_list_t + list, + const gnutls_datum_t * + cas, gnutls_x509_crt_fmt_t type); + +int +gnutls_x509_trust_list_add_system_trust(gnutls_x509_trust_list_t + list, + unsigned int tl_flags, + unsigned int tl_vflags); + +void gnutls_certificate_set_trust_list + (gnutls_certificate_credentials_t res, + gnutls_x509_trust_list_t tlist, unsigned flags); + +/* *INDENT-OFF* */ #ifdef __cplusplus } #endif +/* *INDENT-ON* */ #endif /* GNUTLS_X509_H */ diff --git a/lib/includes/gnutls/xssl.h b/lib/includes/gnutls/xssl.h index 578eca6e08..f9d2bce2fa 100644 --- a/lib/includes/gnutls/xssl.h +++ b/lib/includes/gnutls/xssl.h @@ -21,6 +21,12 @@ #ifndef GNUTLS_SBUF_H #define GNUTLS_SBUF_H +/* *INDENT-OFF* */ +#ifdef __cplusplus +extern "C" { +#endif +/* *INDENT-ON* */ + #include <gnutls/gnutls.h> /* Buffered session I/O */ @@ -110,4 +116,10 @@ int xssl_cred_init(xssl_cred_t * c, unsigned vflags, void xssl_cred_deinit(xssl_cred_t cred); +/* *INDENT-OFF* */ +#ifdef __cplusplus +} +#endif +/* *INDENT-ON* */ + #endif /* GNUTLS_SBUF_H */ |