diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2011-09-11 17:47:51 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2011-09-11 17:49:36 +0200 |
commit | 49df2b00630ecfd29d4862dc18b55bd3fc701f8a (patch) | |
tree | a8822af00e00f8c0a3f40e0b6b12d7ff4e89884d /lib/includes | |
parent | 4d57e71e9916543258118c05d6580b8c64127b58 (diff) | |
download | gnutls-49df2b00630ecfd29d4862dc18b55bd3fc701f8a.tar.gz |
Modified gdoc to be able to handle enumerations. Only valid to latex.
Diffstat (limited to 'lib/includes')
-rw-r--r-- | lib/includes/gnutls/dtls.h | 22 | ||||
-rw-r--r-- | lib/includes/gnutls/gnutls.h.in | 701 | ||||
-rw-r--r-- | lib/includes/gnutls/pkcs12.h | 26 | ||||
-rw-r--r-- | lib/includes/gnutls/x509.h | 8 |
4 files changed, 381 insertions, 376 deletions
diff --git a/lib/includes/gnutls/dtls.h b/lib/includes/gnutls/dtls.h index 7a43707081..2f3369cd21 100644 --- a/lib/includes/gnutls/dtls.h +++ b/lib/includes/gnutls/dtls.h @@ -45,17 +45,17 @@ unsigned int gnutls_dtls_get_data_mtu (gnutls_session_t session); void gnutls_dtls_set_mtu (gnutls_session_t session, unsigned int mtu); - /** - * gnutls_dtls_prestate_st: - * @record_seq: record sequence number - * @hsk_read_seq: handshake read sequence number - * @hsk_write_seq: handshake write sequence number - * - * DTLS cookie prestate struct. This is usually never modified by - * the application, it is used to carry the cookie data between - * gnutls_dtls_cookie_send(), gnutls_dtls_cookie_verify() and - * gnutls_dtls_prestate_set(). - */ +/** + * gnutls_dtls_prestate_st: + * @record_seq: record sequence number + * @hsk_read_seq: handshake read sequence number + * @hsk_write_seq: handshake write sequence number + * + * DTLS cookie prestate struct. This is usually never modified by + * the application, it is used to carry the cookie data between + * gnutls_dtls_cookie_send(), gnutls_dtls_cookie_verify() and + * gnutls_dtls_prestate_set(). + */ typedef struct { unsigned int record_seq; diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in index 3488c555ee..dea88db02d 100644 --- a/lib/includes/gnutls/gnutls.h.in +++ b/lib/includes/gnutls/gnutls.h.in @@ -63,34 +63,34 @@ extern "C" #define GNUTLS_CIPHER_RIJNDAEL_CBC GNUTLS_CIPHER_AES_128_CBC #define GNUTLS_CIPHER_ARCFOUR GNUTLS_CIPHER_ARCFOUR_128 - /** - * gnutls_cipher_algorithm_t: - * @GNUTLS_CIPHER_UNKNOWN: Unknown algorithm. - * @GNUTLS_CIPHER_NULL: NULL algorithm. - * @GNUTLS_CIPHER_ARCFOUR_128: ARCFOUR stream cipher with 128-bit keys. - * @GNUTLS_CIPHER_3DES_CBC: 3DES in CBC mode. - * @GNUTLS_CIPHER_AES_128_CBC: AES in CBC mode with 128-bit keys. - * @GNUTLS_CIPHER_AES_192_CBC: AES in CBC mode with 192-bit keys. - * @GNUTLS_CIPHER_AES_256_CBC: AES in CBC mode with 256-bit keys. - * @GNUTLS_CIPHER_ARCFOUR_40: ARCFOUR stream cipher with 40-bit keys. - * @GNUTLS_CIPHER_CAMELLIA_128_CBC: Camellia in CBC mode with 128-bit keys. - * @GNUTLS_CIPHER_CAMELLIA_256_CBC: Camellia in CBC mode with 256-bit keys. - * @GNUTLS_CIPHER_RC2_40_CBC: RC2 in CBC mode with 40-bit keys. - * @GNUTLS_CIPHER_DES_CBC: DES in CBC mode (56-bit keys). - * @GNUTLS_CIPHER_AES_128_GCM: AES in GCM mode with 128-bit keys. - * @GNUTLS_CIPHER_AES_256_GCM: AES in GCM mode with 256-bit keys. - * @GNUTLS_CIPHER_IDEA_PGP_CFB: IDEA in CFB mode. - * @GNUTLS_CIPHER_3DES_PGP_CFB: 3DES in CFB mode. - * @GNUTLS_CIPHER_CAST5_PGP_CFB: CAST5 in CFB mode. - * @GNUTLS_CIPHER_BLOWFISH_PGP_CFB: Blowfish in CFB mode. - * @GNUTLS_CIPHER_SAFER_SK128_PGP_CFB: Safer-SK in CFB mode with 128-bit keys. - * @GNUTLS_CIPHER_AES128_PGP_CFB: AES in CFB mode with 128-bit keys. - * @GNUTLS_CIPHER_AES192_PGP_CFB: AES in CFB mode with 192-bit keys. - * @GNUTLS_CIPHER_AES256_PGP_CFB: AES in CFB mode with 256-bit keys. - * @GNUTLS_CIPHER_TWOFISH_PGP_CFB: Twofish in CFB mode. - * - * Enumeration of different symmetric encryption algorithms. - */ +/** + * gnutls_cipher_algorithm_t: + * @GNUTLS_CIPHER_UNKNOWN: Unknown algorithm. + * @GNUTLS_CIPHER_NULL: NULL algorithm. + * @GNUTLS_CIPHER_ARCFOUR_128: ARCFOUR stream cipher with 128-bit keys. + * @GNUTLS_CIPHER_3DES_CBC: 3DES in CBC mode. + * @GNUTLS_CIPHER_AES_128_CBC: AES in CBC mode with 128-bit keys. + * @GNUTLS_CIPHER_AES_192_CBC: AES in CBC mode with 192-bit keys. + * @GNUTLS_CIPHER_AES_256_CBC: AES in CBC mode with 256-bit keys. + * @GNUTLS_CIPHER_ARCFOUR_40: ARCFOUR stream cipher with 40-bit keys. + * @GNUTLS_CIPHER_CAMELLIA_128_CBC: Camellia in CBC mode with 128-bit keys. + * @GNUTLS_CIPHER_CAMELLIA_256_CBC: Camellia in CBC mode with 256-bit keys. + * @GNUTLS_CIPHER_RC2_40_CBC: RC2 in CBC mode with 40-bit keys. + * @GNUTLS_CIPHER_DES_CBC: DES in CBC mode (56-bit keys). + * @GNUTLS_CIPHER_AES_128_GCM: AES in GCM mode with 128-bit keys. + * @GNUTLS_CIPHER_AES_256_GCM: AES in GCM mode with 256-bit keys. + * @GNUTLS_CIPHER_IDEA_PGP_CFB: IDEA in CFB mode. + * @GNUTLS_CIPHER_3DES_PGP_CFB: 3DES in CFB mode. + * @GNUTLS_CIPHER_CAST5_PGP_CFB: CAST5 in CFB mode. + * @GNUTLS_CIPHER_BLOWFISH_PGP_CFB: Blowfish in CFB mode. + * @GNUTLS_CIPHER_SAFER_SK128_PGP_CFB: Safer-SK in CFB mode with 128-bit keys. + * @GNUTLS_CIPHER_AES128_PGP_CFB: AES in CFB mode with 128-bit keys. + * @GNUTLS_CIPHER_AES192_PGP_CFB: AES in CFB mode with 192-bit keys. + * @GNUTLS_CIPHER_AES256_PGP_CFB: AES in CFB mode with 256-bit keys. + * @GNUTLS_CIPHER_TWOFISH_PGP_CFB: Twofish in CFB mode. + * + * Enumeration of different symmetric encryption algorithms. + */ typedef enum gnutls_cipher_algorithm { GNUTLS_CIPHER_UNKNOWN = 0, @@ -121,26 +121,26 @@ extern "C" GNUTLS_CIPHER_TWOFISH_PGP_CFB = 208 } gnutls_cipher_algorithm_t; - /** - * gnutls_kx_algorithm_t: - * @GNUTLS_KX_UNKNOWN: Unknown key-exchange algorithm. - * @GNUTLS_KX_RSA: RSA key-exchange algorithm. - * @GNUTLS_KX_DHE_DSS: DHE-DSS key-exchange algorithm. - * @GNUTLS_KX_DHE_RSA: DHE-RSA key-exchange algorithm. - * @GNUTLS_KX_ECDHE_RSA: ECDHE-RSA key-exchange algorithm. - * @GNUTLS_KX_ECDHE_ECDSA: ECDHE-ECDSA key-exchange algorithm. - * @GNUTLS_KX_ANON_DH: Anon-DH key-exchange algorithm. - * @GNUTLS_KX_ANON_ECDH: Anon-ECDH key-exchange algorithm. - * @GNUTLS_KX_SRP: SRP key-exchange algorithm. - * @GNUTLS_KX_RSA_EXPORT: RSA-EXPORT key-exchange algorithm. - * @GNUTLS_KX_SRP_RSA: SRP-RSA key-exchange algorithm. - * @GNUTLS_KX_SRP_DSS: SRP-DSS key-exchange algorithm. - * @GNUTLS_KX_PSK: PSK key-exchange algorithm. - * @GNUTLS_KX_DHE_PSK: DHE-PSK key-exchange algorithm. - * @GNUTLS_KX_ECDHE_PSK: ECDHE-PSK key-exchange algorithm. - * - * Enumeration of different key exchange algorithms. - */ +/** + * gnutls_kx_algorithm_t: + * @GNUTLS_KX_UNKNOWN: Unknown key-exchange algorithm. + * @GNUTLS_KX_RSA: RSA key-exchange algorithm. + * @GNUTLS_KX_DHE_DSS: DHE-DSS key-exchange algorithm. + * @GNUTLS_KX_DHE_RSA: DHE-RSA key-exchange algorithm. + * @GNUTLS_KX_ECDHE_RSA: ECDHE-RSA key-exchange algorithm. + * @GNUTLS_KX_ECDHE_ECDSA: ECDHE-ECDSA key-exchange algorithm. + * @GNUTLS_KX_ANON_DH: Anon-DH key-exchange algorithm. + * @GNUTLS_KX_ANON_ECDH: Anon-ECDH key-exchange algorithm. + * @GNUTLS_KX_SRP: SRP key-exchange algorithm. + * @GNUTLS_KX_RSA_EXPORT: RSA-EXPORT key-exchange algorithm. + * @GNUTLS_KX_SRP_RSA: SRP-RSA key-exchange algorithm. + * @GNUTLS_KX_SRP_DSS: SRP-DSS key-exchange algorithm. + * @GNUTLS_KX_PSK: PSK key-exchange algorithm. + * @GNUTLS_KX_DHE_PSK: DHE-PSK key-exchange algorithm. + * @GNUTLS_KX_ECDHE_PSK: ECDHE-PSK key-exchange algorithm. + * + * Enumeration of different key exchange algorithms. + */ typedef enum { GNUTLS_KX_UNKNOWN = 0, @@ -160,14 +160,14 @@ extern "C" GNUTLS_KX_ECDHE_PSK = 14, } gnutls_kx_algorithm_t; - /** - * gnutls_params_type_t: - * @GNUTLS_PARAMS_RSA_EXPORT: Session RSA-EXPORT parameters. - * @GNUTLS_PARAMS_DH: Session Diffie-Hellman parameters. - * @GNUTLS_PARAMS_ECDH: Session Elliptic-Curve Diffie-Hellman parameters. - * - * Enumeration of different TLS session parameter types. - */ +/** + * gnutls_params_type_t: + * @GNUTLS_PARAMS_RSA_EXPORT: Session RSA-EXPORT parameters. + * @GNUTLS_PARAMS_DH: Session Diffie-Hellman parameters. + * @GNUTLS_PARAMS_ECDH: Session Elliptic-Curve Diffie-Hellman parameters. + * + * Enumeration of different TLS session parameter types. + */ typedef enum { GNUTLS_PARAMS_RSA_EXPORT = 1, @@ -175,16 +175,16 @@ extern "C" GNUTLS_PARAMS_ECDH = 3, } gnutls_params_type_t; - /** - * gnutls_credentials_type_t: - * @GNUTLS_CRD_CERTIFICATE: Certificate credential. - * @GNUTLS_CRD_ANON: Anonymous credential. - * @GNUTLS_CRD_SRP: SRP credential. - * @GNUTLS_CRD_PSK: PSK credential. - * @GNUTLS_CRD_IA: IA credential. - * - * Enumeration of different credential types. - */ +/** + * gnutls_credentials_type_t: + * @GNUTLS_CRD_CERTIFICATE: Certificate credential. + * @GNUTLS_CRD_ANON: Anonymous credential. + * @GNUTLS_CRD_SRP: SRP credential. + * @GNUTLS_CRD_PSK: PSK credential. + * @GNUTLS_CRD_IA: IA credential. + * + * Enumeration of different credential types. + */ typedef enum { GNUTLS_CRD_CERTIFICATE = 1, @@ -197,23 +197,23 @@ extern "C" #define GNUTLS_MAC_SHA GNUTLS_MAC_SHA1 #define GNUTLS_DIG_SHA GNUTLS_DIG_SHA1 - /** - * gnutls_mac_algorithm_t: - * @GNUTLS_MAC_UNKNOWN: Unknown MAC algorithm. - * @GNUTLS_MAC_NULL: NULL MAC algorithm (empty output). - * @GNUTLS_MAC_MD5: HMAC-MD5 algorithm. - * @GNUTLS_MAC_SHA1: HMAC-SHA-1 algorithm. - * @GNUTLS_MAC_RMD160: HMAC-RMD160 algorithm. - * @GNUTLS_MAC_MD2: HMAC-MD2 algorithm. - * @GNUTLS_MAC_SHA256: HMAC-SHA-256 algorithm. - * @GNUTLS_MAC_SHA384: HMAC-SHA-384 algorithm. - * @GNUTLS_MAC_SHA512: HMAC-SHA-512 algorithm. - * @GNUTLS_MAC_SHA224: HMAC-SHA-224 algorithm. - * @GNUTLS_MAC_AEAD: MAC implicit through AEAD cipher. - * - * Enumeration of different Message Authentication Code (MAC) - * algorithms. - */ +/** + * gnutls_mac_algorithm_t: + * @GNUTLS_MAC_UNKNOWN: Unknown MAC algorithm. + * @GNUTLS_MAC_NULL: NULL MAC algorithm (empty output). + * @GNUTLS_MAC_MD5: HMAC-MD5 algorithm. + * @GNUTLS_MAC_SHA1: HMAC-SHA-1 algorithm. + * @GNUTLS_MAC_RMD160: HMAC-RMD160 algorithm. + * @GNUTLS_MAC_MD2: HMAC-MD2 algorithm. + * @GNUTLS_MAC_SHA256: HMAC-SHA-256 algorithm. + * @GNUTLS_MAC_SHA384: HMAC-SHA-384 algorithm. + * @GNUTLS_MAC_SHA512: HMAC-SHA-512 algorithm. + * @GNUTLS_MAC_SHA224: HMAC-SHA-224 algorithm. + * @GNUTLS_MAC_AEAD: MAC implicit through AEAD cipher. + * + * Enumeration of different Message Authentication Code (MAC) + * algorithms. + */ typedef enum { GNUTLS_MAC_UNKNOWN = 0, @@ -231,21 +231,21 @@ extern "C" GNUTLS_MAC_AEAD = 200 /* indicates that MAC is on the cipher */ } gnutls_mac_algorithm_t; - /** - * gnutls_digest_algorithm_t: - * @GNUTLS_DIG_UNKNOWN: Unknown hash algorithm. - * @GNUTLS_DIG_NULL: NULL hash algorithm (empty output). - * @GNUTLS_DIG_MD5: MD5 algorithm. - * @GNUTLS_DIG_SHA1: SHA-1 algorithm. - * @GNUTLS_DIG_RMD160: RMD160 algorithm. - * @GNUTLS_DIG_MD2: MD2 algorithm. - * @GNUTLS_DIG_SHA256: SHA-256 algorithm. - * @GNUTLS_DIG_SHA384: SHA-384 algorithm. - * @GNUTLS_DIG_SHA512: SHA-512 algorithm. - * @GNUTLS_DIG_SHA224: SHA-224 algorithm. - * - * Enumeration of different digest (hash) algorithms. - */ +/** + * gnutls_digest_algorithm_t: + * @GNUTLS_DIG_UNKNOWN: Unknown hash algorithm. + * @GNUTLS_DIG_NULL: NULL hash algorithm (empty output). + * @GNUTLS_DIG_MD5: MD5 algorithm. + * @GNUTLS_DIG_SHA1: SHA-1 algorithm. + * @GNUTLS_DIG_RMD160: RMD160 algorithm. + * @GNUTLS_DIG_MD2: MD2 algorithm. + * @GNUTLS_DIG_SHA256: SHA-256 algorithm. + * @GNUTLS_DIG_SHA384: SHA-384 algorithm. + * @GNUTLS_DIG_SHA512: SHA-512 algorithm. + * @GNUTLS_DIG_SHA224: SHA-224 algorithm. + * + * Enumeration of different digest (hash) algorithms. + */ typedef enum { GNUTLS_DIG_UNKNOWN = GNUTLS_MAC_UNKNOWN, @@ -267,15 +267,15 @@ extern "C" */ #define GNUTLS_MAX_ALGORITHM_NUM 32 - /** - * gnutls_compression_method_t: - * @GNUTLS_COMP_UNKNOWN: Unknown compression method. - * @GNUTLS_COMP_NULL: The NULL compression method (uncompressed). - * @GNUTLS_COMP_DEFLATE: The deflate/zlib compression method. - * @GNUTLS_COMP_ZLIB: Same as %GNUTLS_COMP_DEFLATE. - * - * Enumeration of different TLS compression methods. - */ +/** + * gnutls_compression_method_t: + * @GNUTLS_COMP_UNKNOWN: Unknown compression method. + * @GNUTLS_COMP_NULL: The NULL compression method (uncompressed). + * @GNUTLS_COMP_DEFLATE: The deflate/zlib compression method. + * @GNUTLS_COMP_ZLIB: Same as %GNUTLS_COMP_DEFLATE. + * + * Enumeration of different TLS compression methods. + */ typedef enum { GNUTLS_COMP_UNKNOWN = 0, @@ -299,56 +299,56 @@ extern "C" #define GNUTLS_DATAGRAM (1<<2) #define GNUTLS_NONBLOCK (1<<3) - /** - * gnutls_alert_level_t: - * @GNUTLS_AL_WARNING: Alert of warning severity. - * @GNUTLS_AL_FATAL: Alert of fatal severity. - * - * Enumeration of different TLS alert severities. - */ +/** + * gnutls_alert_level_t: + * @GNUTLS_AL_WARNING: Alert of warning severity. + * @GNUTLS_AL_FATAL: Alert of fatal severity. + * + * Enumeration of different TLS alert severities. + */ typedef enum { GNUTLS_AL_WARNING = 1, GNUTLS_AL_FATAL } gnutls_alert_level_t; - /** - * gnutls_alert_description_t: - * @GNUTLS_A_CLOSE_NOTIFY: Close notify. - * @GNUTLS_A_UNEXPECTED_MESSAGE: Unexpected message. - * @GNUTLS_A_BAD_RECORD_MAC: Bad record MAC. - * @GNUTLS_A_DECRYPTION_FAILED: Decryption failed. - * @GNUTLS_A_RECORD_OVERFLOW: Record overflow. - * @GNUTLS_A_DECOMPRESSION_FAILURE: Decompression failed. - * @GNUTLS_A_HANDSHAKE_FAILURE: Handshake failed. - * @GNUTLS_A_SSL3_NO_CERTIFICATE: No certificate. - * @GNUTLS_A_BAD_CERTIFICATE: Certificate is bad. - * @GNUTLS_A_UNSUPPORTED_CERTIFICATE: Certificate is not supported. - * @GNUTLS_A_CERTIFICATE_REVOKED: Certificate was revoked. - * @GNUTLS_A_CERTIFICATE_EXPIRED: Certificate is expired. - * @GNUTLS_A_CERTIFICATE_UNKNOWN: Unknown certificate. - * @GNUTLS_A_ILLEGAL_PARAMETER: Illegal parameter. - * @GNUTLS_A_UNKNOWN_CA: CA is unknown. - * @GNUTLS_A_ACCESS_DENIED: Access was denied. - * @GNUTLS_A_DECODE_ERROR: Decode error. - * @GNUTLS_A_DECRYPT_ERROR: Decrypt error. - * @GNUTLS_A_EXPORT_RESTRICTION: Export restriction. - * @GNUTLS_A_PROTOCOL_VERSION: Error in protocol version. - * @GNUTLS_A_INSUFFICIENT_SECURITY: Insufficient security. - * @GNUTLS_A_USER_CANCELED: User canceled. - * @GNUTLS_A_INTERNAL_ERROR: Internal error. - * @GNUTLS_A_NO_RENEGOTIATION: No renegotiation is allowed. - * @GNUTLS_A_CERTIFICATE_UNOBTAINABLE: Could not retrieve the - * specified certificate. - * @GNUTLS_A_UNSUPPORTED_EXTENSION: An unsupported extension was - * sent. - * @GNUTLS_A_UNRECOGNIZED_NAME: The server name sent was not - * recognized. - * @GNUTLS_A_UNKNOWN_PSK_IDENTITY: The SRP/PSK username is missing - * or not known. - * - * Enumeration of different TLS alerts. - */ +/** + * gnutls_alert_description_t: + * @GNUTLS_A_CLOSE_NOTIFY: Close notify. + * @GNUTLS_A_UNEXPECTED_MESSAGE: Unexpected message. + * @GNUTLS_A_BAD_RECORD_MAC: Bad record MAC. + * @GNUTLS_A_DECRYPTION_FAILED: Decryption failed. + * @GNUTLS_A_RECORD_OVERFLOW: Record overflow. + * @GNUTLS_A_DECOMPRESSION_FAILURE: Decompression failed. + * @GNUTLS_A_HANDSHAKE_FAILURE: Handshake failed. + * @GNUTLS_A_SSL3_NO_CERTIFICATE: No certificate. + * @GNUTLS_A_BAD_CERTIFICATE: Certificate is bad. + * @GNUTLS_A_UNSUPPORTED_CERTIFICATE: Certificate is not supported. + * @GNUTLS_A_CERTIFICATE_REVOKED: Certificate was revoked. + * @GNUTLS_A_CERTIFICATE_EXPIRED: Certificate is expired. + * @GNUTLS_A_CERTIFICATE_UNKNOWN: Unknown certificate. + * @GNUTLS_A_ILLEGAL_PARAMETER: Illegal parameter. + * @GNUTLS_A_UNKNOWN_CA: CA is unknown. + * @GNUTLS_A_ACCESS_DENIED: Access was denied. + * @GNUTLS_A_DECODE_ERROR: Decode error. + * @GNUTLS_A_DECRYPT_ERROR: Decrypt error. + * @GNUTLS_A_EXPORT_RESTRICTION: Export restriction. + * @GNUTLS_A_PROTOCOL_VERSION: Error in protocol version. + * @GNUTLS_A_INSUFFICIENT_SECURITY: Insufficient security. + * @GNUTLS_A_USER_CANCELED: User canceled. + * @GNUTLS_A_INTERNAL_ERROR: Internal error. + * @GNUTLS_A_NO_RENEGOTIATION: No renegotiation is allowed. + * @GNUTLS_A_CERTIFICATE_UNOBTAINABLE: Could not retrieve the + * specified certificate. + * @GNUTLS_A_UNSUPPORTED_EXTENSION: An unsupported extension was + * sent. + * @GNUTLS_A_UNRECOGNIZED_NAME: The server name sent was not + * recognized. + * @GNUTLS_A_UNKNOWN_PSK_IDENTITY: The SRP/PSK username is missing + * or not known. + * + * Enumeration of different TLS alerts. + */ typedef enum { GNUTLS_A_CLOSE_NOTIFY, @@ -381,26 +381,26 @@ extern "C" GNUTLS_A_UNKNOWN_PSK_IDENTITY = 115, } gnutls_alert_description_t; - /** - * gnutls_handshake_description_t: - * @GNUTLS_HANDSHAKE_HELLO_REQUEST: Hello request. - * @GNUTLS_HANDSHAKE_HELLO_VERIFY_REQUEST: DTLS Hello verify request. - * @GNUTLS_HANDSHAKE_CLIENT_HELLO: Client hello. - * @GNUTLS_HANDSHAKE_SERVER_HELLO: Server hello. - * @GNUTLS_HANDSHAKE_NEW_SESSION_TICKET: New session ticket. - * @GNUTLS_HANDSHAKE_CERTIFICATE_PKT: Certificate packet. - * @GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE: Server key exchange. - * @GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST: Certificate request. - * @GNUTLS_HANDSHAKE_SERVER_HELLO_DONE: Server hello done. - * @GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY: Certificate verify. - * @GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE: Client key exchange. - * @GNUTLS_HANDSHAKE_FINISHED: Finished. - * @GNUTLS_HANDSHAKE_SUPPLEMENTAL: Supplemental. - * @GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC: Change Cipher Spec - * @GNUTLS_HANDSHAKE_CLIENT_HELLO_V2: SSLv2 Client Hello. - * - * Enumeration of different TLS handshake packets. - */ +/** + * gnutls_handshake_description_t: + * @GNUTLS_HANDSHAKE_HELLO_REQUEST: Hello request. + * @GNUTLS_HANDSHAKE_HELLO_VERIFY_REQUEST: DTLS Hello verify request. + * @GNUTLS_HANDSHAKE_CLIENT_HELLO: Client hello. + * @GNUTLS_HANDSHAKE_SERVER_HELLO: Server hello. + * @GNUTLS_HANDSHAKE_NEW_SESSION_TICKET: New session ticket. + * @GNUTLS_HANDSHAKE_CERTIFICATE_PKT: Certificate packet. + * @GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE: Server key exchange. + * @GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST: Certificate request. + * @GNUTLS_HANDSHAKE_SERVER_HELLO_DONE: Server hello done. + * @GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY: Certificate verify. + * @GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE: Client key exchange. + * @GNUTLS_HANDSHAKE_FINISHED: Finished. + * @GNUTLS_HANDSHAKE_SUPPLEMENTAL: Supplemental. + * @GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC: Change Cipher Spec + * @GNUTLS_HANDSHAKE_CLIENT_HELLO_V2: SSLv2 Client Hello. + * + * Enumeration of different TLS handshake packets. + */ typedef enum { GNUTLS_HANDSHAKE_HELLO_REQUEST = 0, @@ -420,25 +420,28 @@ extern "C" GNUTLS_HANDSHAKE_CLIENT_HELLO_V2 = 1024, } gnutls_handshake_description_t; - /** - * gnutls_certificate_status_t: - * @GNUTLS_CERT_INVALID: Will be set if the certificate was not - * verified. - * @GNUTLS_CERT_REVOKED: Certificate revoked. In X.509 this will be - * set only if CRLs are checked. - * @GNUTLS_CERT_SIGNER_NOT_FOUND: Certificate not verified. Signer - * not found. - * @GNUTLS_CERT_SIGNER_NOT_CA: Certificate not verified. Signer - * not a CA certificate. - * @GNUTLS_CERT_INSECURE_ALGORITHM: Certificate not verified, - * insecure algorithm. - * @GNUTLS_CERT_NOT_ACTIVATED: Certificate not yet activated. - * @GNUTLS_CERT_EXPIRED: Certificate expired. - * - * Enumeration of certificate status codes. Note that the status - * bits have different meanings in OpenPGP keys and X.509 - * certificate verification. - */ +/** + * gnutls_certificate_status_t: + * @GNUTLS_CERT_INVALID: The certificate is not signed by one of the + * known authorities or the signature is invalid. + * @GNUTLS_CERT_REVOKED: Certificate is revoked by its authority. In X.509 this will be + * set only if CRLs are checked. + * @GNUTLS_CERT_SIGNER_NOT_FOUND: The certificate's issuer is not known. + * This is the case if the issue is not included in the trusted certificate list. + * not found. + * @GNUTLS_CERT_SIGNER_NOT_CA: The certificate’s signer was not a CA. This + * may happen if this was a version 1 certificate, which is common with + * some CAs, or a version 3 certificate without the basic constrains extension. + * @GNUTLS_CERT_INSECURE_ALGORITHM: The certificate was signed using an in- + * secure algorithm such as MD2 or MD5. These algorithms have been broken and + * should not be trusted. + * @GNUTLS_CERT_NOT_ACTIVATED: The certificate is not yet activated. + * @GNUTLS_CERT_EXPIRED: The certificate has expired. + * + * Enumeration of certificate status codes. Note that the status + * bits have different meanings in OpenPGP keys and X.509 + * certificate verification. + */ typedef enum { GNUTLS_CERT_INVALID = 2, @@ -450,14 +453,14 @@ extern "C" GNUTLS_CERT_EXPIRED = 1024 } gnutls_certificate_status_t; - /** - * gnutls_certificate_request_t: - * @GNUTLS_CERT_IGNORE: Ignore certificate. - * @GNUTLS_CERT_REQUEST: Request certificate. - * @GNUTLS_CERT_REQUIRE: Require certificate. - * - * Enumeration of certificate request types. - */ +/** + * gnutls_certificate_request_t: + * @GNUTLS_CERT_IGNORE: Ignore certificate. + * @GNUTLS_CERT_REQUEST: Request certificate. + * @GNUTLS_CERT_REQUIRE: Require certificate. + * + * Enumeration of certificate request types. + */ typedef enum { GNUTLS_CERT_IGNORE = 0, @@ -465,45 +468,45 @@ extern "C" GNUTLS_CERT_REQUIRE = 2 } gnutls_certificate_request_t; - /** - * gnutls_openpgp_crt_status_t: - * @GNUTLS_OPENPGP_CERT: Send entire certificate. - * @GNUTLS_OPENPGP_CERT_FINGERPRINT: Send only certificate fingerprint. - * - * Enumeration of ways to send OpenPGP certificate. - */ +/** + * gnutls_openpgp_crt_status_t: + * @GNUTLS_OPENPGP_CERT: Send entire certificate. + * @GNUTLS_OPENPGP_CERT_FINGERPRINT: Send only certificate fingerprint. + * + * Enumeration of ways to send OpenPGP certificate. + */ typedef enum { GNUTLS_OPENPGP_CERT = 0, GNUTLS_OPENPGP_CERT_FINGERPRINT = 1 } gnutls_openpgp_crt_status_t; - /** - * gnutls_close_request_t: - * @GNUTLS_SHUT_RDWR: Disallow further receives/sends. - * @GNUTLS_SHUT_WR: Disallow further sends. - * - * Enumeration of how TLS session should be terminated. See gnutls_bye(). - */ +/** + * gnutls_close_request_t: + * @GNUTLS_SHUT_RDWR: Disallow further receives/sends. + * @GNUTLS_SHUT_WR: Disallow further sends. + * + * Enumeration of how TLS session should be terminated. See gnutls_bye(). + */ typedef enum { GNUTLS_SHUT_RDWR = 0, GNUTLS_SHUT_WR = 1 } gnutls_close_request_t; - /** - * gnutls_protocol_t: - * @GNUTLS_SSL3: SSL version 3.0. - * @GNUTLS_TLS1_0: TLS version 1.0. - * @GNUTLS_TLS1: Same as %GNUTLS_TLS1_0. - * @GNUTLS_TLS1_1: TLS version 1.1. - * @GNUTLS_TLS1_2: TLS version 1.2. - * @GNUTLS_DTLS1_0: DTLS version 1.0. - * @GNUTLS_VERSION_MAX: Maps to the highest supported TLS version. - * @GNUTLS_VERSION_UNKNOWN: Unknown SSL/TLS version. - * - * Enumeration of different SSL/TLS protocol versions. - */ +/** + * gnutls_protocol_t: + * @GNUTLS_SSL3: SSL version 3.0. + * @GNUTLS_TLS1_0: TLS version 1.0. + * @GNUTLS_TLS1: Same as %GNUTLS_TLS1_0. + * @GNUTLS_TLS1_1: TLS version 1.1. + * @GNUTLS_TLS1_2: TLS version 1.2. + * @GNUTLS_DTLS1_0: DTLS version 1.0. + * @GNUTLS_VERSION_MAX: Maps to the highest supported TLS version. + * @GNUTLS_VERSION_UNKNOWN: Unknown SSL/TLS version. + * + * Enumeration of different SSL/TLS protocol versions. + */ typedef enum { GNUTLS_SSL3 = 1, @@ -516,14 +519,14 @@ extern "C" GNUTLS_VERSION_UNKNOWN = 0xff } gnutls_protocol_t; - /** - * gnutls_certificate_type_t: - * @GNUTLS_CRT_UNKNOWN: Unknown certificate type. - * @GNUTLS_CRT_X509: X.509 Certificate. - * @GNUTLS_CRT_OPENPGP: OpenPGP certificate. - * - * Enumeration of different certificate types. - */ +/** + * gnutls_certificate_type_t: + * @GNUTLS_CRT_UNKNOWN: Unknown certificate type. + * @GNUTLS_CRT_X509: X.509 Certificate. + * @GNUTLS_CRT_OPENPGP: OpenPGP certificate. + * + * Enumeration of different certificate types. + */ typedef enum { GNUTLS_CRT_UNKNOWN = 0, @@ -531,27 +534,27 @@ extern "C" GNUTLS_CRT_OPENPGP = 2 } gnutls_certificate_type_t; - /** - * gnutls_x509_crt_fmt_t: - * @GNUTLS_X509_FMT_DER: X.509 certificate in DER format (binary). - * @GNUTLS_X509_FMT_PEM: X.509 certificate in PEM format (text). - * - * Enumeration of different certificate encoding formats. - */ +/** + * gnutls_x509_crt_fmt_t: + * @GNUTLS_X509_FMT_DER: X.509 certificate in DER format (binary). + * @GNUTLS_X509_FMT_PEM: X.509 certificate in PEM format (text). + * + * Enumeration of different certificate encoding formats. + */ typedef enum { GNUTLS_X509_FMT_DER = 0, GNUTLS_X509_FMT_PEM = 1 } gnutls_x509_crt_fmt_t; - /** - * gnutls_certificate_print_formats_t: - * @GNUTLS_CRT_PRINT_FULL: Full information about certificate. - * @GNUTLS_CRT_PRINT_ONELINE: Information about certificate in one line. - * @GNUTLS_CRT_PRINT_UNSIGNED_FULL: All info for an unsigned certificate. - * - * Enumeration of different certificate printing variants. - */ +/** + * gnutls_certificate_print_formats_t: + * @GNUTLS_CRT_PRINT_FULL: Full information about certificate. + * @GNUTLS_CRT_PRINT_ONELINE: Information about certificate in one line. + * @GNUTLS_CRT_PRINT_UNSIGNED_FULL: All info for an unsigned certificate. + * + * Enumeration of different certificate printing variants. + */ typedef enum gnutls_certificate_print_formats { GNUTLS_CRT_PRINT_FULL = 0, @@ -559,16 +562,16 @@ extern "C" GNUTLS_CRT_PRINT_UNSIGNED_FULL = 2 } gnutls_certificate_print_formats_t; - /** - * gnutls_pk_algorithm_t: - * @GNUTLS_PK_UNKNOWN: Unknown public-key algorithm. - * @GNUTLS_PK_RSA: RSA public-key algorithm. - * @GNUTLS_PK_DSA: DSA public-key algorithm. - * @GNUTLS_PK_DH: Diffie-Hellman algorithm. Used to generate parameters. - * @GNUTLS_PK_ECC: Elliptic curve algorithm. Used to generate parameters. - * - * Enumeration of different public-key algorithms. - */ +/** + * gnutls_pk_algorithm_t: + * @GNUTLS_PK_UNKNOWN: Unknown public-key algorithm. + * @GNUTLS_PK_RSA: RSA public-key algorithm. + * @GNUTLS_PK_DSA: DSA public-key algorithm. + * @GNUTLS_PK_DH: Diffie-Hellman algorithm. Used to generate parameters. + * @GNUTLS_PK_ECC: Elliptic curve algorithm. Used to generate parameters. + * + * Enumeration of different public-key algorithms. + */ typedef enum { GNUTLS_PK_UNKNOWN = 0, @@ -580,30 +583,30 @@ extern "C" const char *gnutls_pk_algorithm_get_name (gnutls_pk_algorithm_t algorithm); - /** - * gnutls_sign_algorithm_t: - * @GNUTLS_SIGN_UNKNOWN: Unknown signature algorithm. - * @GNUTLS_SIGN_RSA_SHA1: Digital signature algorithm RSA with SHA-1 - * @GNUTLS_SIGN_RSA_SHA: Same as %GNUTLS_SIGN_RSA_SHA1. - * @GNUTLS_SIGN_DSA_SHA1: Digital signature algorithm DSA with SHA-1 - * @GNUTLS_SIGN_DSA_SHA224: Digital signature algorithm DSA with SHA-224 - * @GNUTLS_SIGN_DSA_SHA256: Digital signature algorithm DSA with SHA-256 - * @GNUTLS_SIGN_DSA_SHA: Same as %GNUTLS_SIGN_DSA_SHA1. - * @GNUTLS_SIGN_RSA_MD5: Digital signature algorithm RSA with MD5. - * @GNUTLS_SIGN_RSA_MD2: Digital signature algorithm RSA with MD2. - * @GNUTLS_SIGN_RSA_RMD160: Digital signature algorithm RSA with RMD-160. - * @GNUTLS_SIGN_RSA_SHA256: Digital signature algorithm RSA with SHA-256. - * @GNUTLS_SIGN_RSA_SHA384: Digital signature algorithm RSA with SHA-384. - * @GNUTLS_SIGN_RSA_SHA512: Digital signature algorithm RSA with SHA-512. - * @GNUTLS_SIGN_RSA_SHA224: Digital signature algorithm RSA with SHA-224. - * @GNUTLS_SIGN_ECDSA_SHA1: ECDSA with SHA1. - * @GNUTLS_SIGN_ECDSA_SHA256: Digital signature algorithm ECDSA with SHA-256. - * @GNUTLS_SIGN_ECDSA_SHA384: Digital signature algorithm ECDSA with SHA-384. - * @GNUTLS_SIGN_ECDSA_SHA512: Digital signature algorithm ECDSA with SHA-512. - * @GNUTLS_SIGN_ECDSA_SHA224: Digital signature algorithm ECDSA with SHA-224. - * - * Enumeration of different digital signature algorithms. - */ +/** + * gnutls_sign_algorithm_t: + * @GNUTLS_SIGN_UNKNOWN: Unknown signature algorithm. + * @GNUTLS_SIGN_RSA_SHA1: Digital signature algorithm RSA with SHA-1 + * @GNUTLS_SIGN_RSA_SHA: Same as %GNUTLS_SIGN_RSA_SHA1. + * @GNUTLS_SIGN_DSA_SHA1: Digital signature algorithm DSA with SHA-1 + * @GNUTLS_SIGN_DSA_SHA224: Digital signature algorithm DSA with SHA-224 + * @GNUTLS_SIGN_DSA_SHA256: Digital signature algorithm DSA with SHA-256 + * @GNUTLS_SIGN_DSA_SHA: Same as %GNUTLS_SIGN_DSA_SHA1. + * @GNUTLS_SIGN_RSA_MD5: Digital signature algorithm RSA with MD5. + * @GNUTLS_SIGN_RSA_MD2: Digital signature algorithm RSA with MD2. + * @GNUTLS_SIGN_RSA_RMD160: Digital signature algorithm RSA with RMD-160. + * @GNUTLS_SIGN_RSA_SHA256: Digital signature algorithm RSA with SHA-256. + * @GNUTLS_SIGN_RSA_SHA384: Digital signature algorithm RSA with SHA-384. + * @GNUTLS_SIGN_RSA_SHA512: Digital signature algorithm RSA with SHA-512. + * @GNUTLS_SIGN_RSA_SHA224: Digital signature algorithm RSA with SHA-224. + * @GNUTLS_SIGN_ECDSA_SHA1: ECDSA with SHA1. + * @GNUTLS_SIGN_ECDSA_SHA256: Digital signature algorithm ECDSA with SHA-256. + * @GNUTLS_SIGN_ECDSA_SHA384: Digital signature algorithm ECDSA with SHA-384. + * @GNUTLS_SIGN_ECDSA_SHA512: Digital signature algorithm ECDSA with SHA-512. + * @GNUTLS_SIGN_ECDSA_SHA224: Digital signature algorithm ECDSA with SHA-224. + * + * Enumeration of different digital signature algorithms. + */ typedef enum { GNUTLS_SIGN_UNKNOWN = 0, @@ -627,16 +630,16 @@ extern "C" GNUTLS_SIGN_ECDSA_SHA512 = 16, } gnutls_sign_algorithm_t; - /** - * gnutls_ecc_curve_t: - * @GNUTLS_ECC_CURVE_INVALID: Cannot be known - * @GNUTLS_ECC_CURVE_SECP224R1: the SECP224R1 curve - * @GNUTLS_ECC_CURVE_SECP256R1: the SECP256R1 curve - * @GNUTLS_ECC_CURVE_SECP384R1: the SECP384R1 curve - * @GNUTLS_ECC_CURVE_SECP521R1: the SECP521R1 curve - * - * Enumeration of ECC curves. - */ +/** + * gnutls_ecc_curve_t: + * @GNUTLS_ECC_CURVE_INVALID: Cannot be known + * @GNUTLS_ECC_CURVE_SECP224R1: the SECP224R1 curve + * @GNUTLS_ECC_CURVE_SECP256R1: the SECP256R1 curve + * @GNUTLS_ECC_CURVE_SECP384R1: the SECP384R1 curve + * @GNUTLS_ECC_CURVE_SECP521R1: the SECP521R1 curve + * + * Enumeration of ECC curves. + */ typedef enum { GNUTLS_ECC_CURVE_INVALID=0, @@ -646,17 +649,17 @@ typedef enum GNUTLS_ECC_CURVE_SECP521R1, } gnutls_ecc_curve_t; - /** - * gnutls_sec_param_t: - * @GNUTLS_SEC_PARAM_UNKNOWN: Cannot be known - * @GNUTLS_SEC_PARAM_WEAK: 50 or less bits of security - * @GNUTLS_SEC_PARAM_LOW: 80 bits of security - * @GNUTLS_SEC_PARAM_NORMAL: 112 bits of security - * @GNUTLS_SEC_PARAM_HIGH: 128 bits of security - * @GNUTLS_SEC_PARAM_ULTRA: 192 bits of security - * - * Enumeration of security parameters for passive attacks - */ +/** + * gnutls_sec_param_t: + * @GNUTLS_SEC_PARAM_UNKNOWN: Cannot be known + * @GNUTLS_SEC_PARAM_WEAK: 50 or less bits of security + * @GNUTLS_SEC_PARAM_LOW: 80 bits of security + * @GNUTLS_SEC_PARAM_NORMAL: 112 bits of security + * @GNUTLS_SEC_PARAM_HIGH: 128 bits of security + * @GNUTLS_SEC_PARAM_ULTRA: 192 bits of security + * + * Enumeration of security parameters for passive attacks + */ typedef enum { GNUTLS_SEC_PARAM_UNKNOWN, @@ -667,12 +670,12 @@ typedef enum GNUTLS_SEC_PARAM_ULTRA } gnutls_sec_param_t; - /** - * gnutls_channel_binding_t: - * @GNUTLS_CB_TLS_UNIQUE: "tls-unique" (RFC 5929) channel binding - * - * Enumeration of support channel binding types. - */ +/** + * gnutls_channel_binding_t: + * @GNUTLS_CB_TLS_UNIQUE: "tls-unique" (RFC 5929) channel binding + * + * Enumeration of support channel binding types. + */ typedef enum { GNUTLS_CB_TLS_UNIQUE @@ -854,12 +857,12 @@ gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t session); size_t seed_size, const char *seed, size_t outsize, char *out); - /** - * gnutls_server_name_type_t: - * @GNUTLS_NAME_DNS: Domain Name System name type. - * - * Enumeration of different server name types. - */ +/** + * gnutls_server_name_type_t: + * @GNUTLS_NAME_DNS: Domain Name System name type. + * + * Enumeration of different server name types. + */ typedef enum { GNUTLS_NAME_DNS = 1 @@ -876,12 +879,12 @@ gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t session); /* Safe renegotiation */ int gnutls_safe_renegotiation_status (gnutls_session_t session); - /** - * gnutls_supplemental_data_format_type_t: - * @GNUTLS_SUPPLEMENTAL_USER_MAPPING_DATA: Supplemental user mapping data. - * - * Enumeration of different supplemental data types (RFC 4680). - */ +/** + * gnutls_supplemental_data_format_type_t: + * @GNUTLS_SUPPLEMENTAL_USER_MAPPING_DATA: Supplemental user mapping data. + * + * Enumeration of different supplemental data types (RFC 4680). + */ typedef enum { GNUTLS_SUPPLEMENTAL_USER_MAPPING_DATA = 0 @@ -1388,13 +1391,13 @@ gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t session); typedef struct gnutls_psk_client_credentials_st *gnutls_psk_client_credentials_t; - /** - * gnutls_psk_key_flags: - * @GNUTLS_PSK_KEY_RAW: PSK-key in raw format. - * @GNUTLS_PSK_KEY_HEX: PSK-key in hex format. - * - * Enumeration of different PSK key flags. - */ +/** + * gnutls_psk_key_flags: + * @GNUTLS_PSK_KEY_RAW: PSK-key in raw format. + * @GNUTLS_PSK_KEY_HEX: PSK-key in hex format. + * + * Enumeration of different PSK key flags. + */ typedef enum gnutls_psk_key_flags { GNUTLS_PSK_KEY_RAW = 0, @@ -1456,19 +1459,19 @@ gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t session); res, gnutls_params_function * func); - /** - * gnutls_x509_subject_alt_name_t: - * @GNUTLS_SAN_DNSNAME: DNS-name SAN. - * @GNUTLS_SAN_RFC822NAME: E-mail address SAN. - * @GNUTLS_SAN_URI: URI SAN. - * @GNUTLS_SAN_IPADDRESS: IP address SAN. - * @GNUTLS_SAN_OTHERNAME: OtherName SAN. - * @GNUTLS_SAN_DN: DN SAN. - * @GNUTLS_SAN_OTHERNAME_XMPP: Virtual SAN, used by - * gnutls_x509_crt_get_subject_alt_othername_oid(). - * - * Enumeration of different subject alternative names types. - */ +/** + * gnutls_x509_subject_alt_name_t: + * @GNUTLS_SAN_DNSNAME: DNS-name SAN. + * @GNUTLS_SAN_RFC822NAME: E-mail address SAN. + * @GNUTLS_SAN_URI: URI SAN. + * @GNUTLS_SAN_IPADDRESS: IP address SAN. + * @GNUTLS_SAN_OTHERNAME: OtherName SAN. + * @GNUTLS_SAN_DN: DN SAN. + * @GNUTLS_SAN_OTHERNAME_XMPP: Virtual SAN, used by + * gnutls_x509_crt_get_subject_alt_othername_oid(). + * + * Enumeration of different subject alternative names types. + */ typedef enum gnutls_x509_subject_alt_name_t { GNUTLS_SAN_DNSNAME = 1, @@ -1492,14 +1495,14 @@ gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t session); struct gnutls_pkcs11_privkey_st; typedef struct gnutls_pkcs11_privkey_st *gnutls_pkcs11_privkey_t; - /** - * gnutls_privkey_type_t: - * @GNUTLS_PRIVKEY_X509: X.509 private key, #gnutls_x509_privkey_t. - * @GNUTLS_PRIVKEY_OPENPGP: OpenPGP private key, #gnutls_openpgp_privkey_t. - * @GNUTLS_PRIVKEY_PKCS11: PKCS11 private key, #gnutls_pkcs11_privkey_t. - * - * Enumeration of different private key types. - */ +/** + * gnutls_privkey_type_t: + * @GNUTLS_PRIVKEY_X509: X.509 private key, #gnutls_x509_privkey_t. + * @GNUTLS_PRIVKEY_OPENPGP: OpenPGP private key, #gnutls_openpgp_privkey_t. + * @GNUTLS_PRIVKEY_PKCS11: PKCS11 private key, #gnutls_pkcs11_privkey_t. + * + * Enumeration of different private key types. + */ typedef enum { GNUTLS_PRIVKEY_X509, diff --git a/lib/includes/gnutls/pkcs12.h b/lib/includes/gnutls/pkcs12.h index 45fce1fb01..85a1259d75 100644 --- a/lib/includes/gnutls/pkcs12.h +++ b/lib/includes/gnutls/pkcs12.h @@ -58,19 +58,19 @@ extern "C" int gnutls_pkcs12_bag_encrypt (gnutls_pkcs12_bag_t bag, const char *pass, unsigned int flags); - /** - * gnutls_pkcs12_bag_type_t: - * @GNUTLS_BAG_EMPTY: Empty PKCS-12 bag. - * @GNUTLS_BAG_PKCS8_ENCRYPTED_KEY: PKCS-12 bag with PKCS-8 encrypted key. - * @GNUTLS_BAG_PKCS8_KEY: PKCS-12 bag with PKCS-8 key. - * @GNUTLS_BAG_CERTIFICATE: PKCS-12 bag with certificate. - * @GNUTLS_BAG_CRL: PKCS-12 bag with CRL. - * @GNUTLS_BAG_SECRET: PKCS-12 bag with secret PKCS-9 keys. - * @GNUTLS_BAG_ENCRYPTED: Encrypted PKCS-12 bag. - * @GNUTLS_BAG_UNKNOWN: Unknown PKCS-12 bag. - * - * Enumeration of different PKCS 12 bag types. - */ +/** + * gnutls_pkcs12_bag_type_t: + * @GNUTLS_BAG_EMPTY: Empty PKCS-12 bag. + * @GNUTLS_BAG_PKCS8_ENCRYPTED_KEY: PKCS-12 bag with PKCS-8 encrypted key. + * @GNUTLS_BAG_PKCS8_KEY: PKCS-12 bag with PKCS-8 key. + * @GNUTLS_BAG_CERTIFICATE: PKCS-12 bag with certificate. + * @GNUTLS_BAG_CRL: PKCS-12 bag with CRL. + * @GNUTLS_BAG_SECRET: PKCS-12 bag with secret PKCS-9 keys. + * @GNUTLS_BAG_ENCRYPTED: Encrypted PKCS-12 bag. + * @GNUTLS_BAG_UNKNOWN: Unknown PKCS-12 bag. + * + * Enumeration of different PKCS 12 bag types. + */ typedef enum gnutls_pkcs12_bag_type_t { GNUTLS_BAG_EMPTY = 0, diff --git a/lib/includes/gnutls/x509.h b/lib/includes/gnutls/x509.h index 9344558ebe..67b5a1e37d 100644 --- a/lib/includes/gnutls/x509.h +++ b/lib/includes/gnutls/x509.h @@ -527,11 +527,13 @@ extern "C" * unless you know what this means. * @GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS: If set a signer in the trusted * list is never checked for expiration or activation. - * @GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT: Allow trusted CA - * certificates that have version 1. This is the default. + * @GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT: Allow trusted CA certificates + * with version 1. This is safer than %GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT, + * and should be used instead. That way only signers in your trusted list + * will be allowed to have certificates of version 1. This is the default. * @GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT: Do not allow trusted CA * certificates that have version 1. This option is to be used - * to deprecate all V1 certificates. + * to deprecate all certificates of version 1. * @GNUTLS_VERIFY_DO_NOT_ALLOW_SAME: If a certificate is not signed by * anyone trusted but exists in the trusted CA list do not treat it * as trusted. |