summaryrefslogtreecommitdiff
path: root/lib/auth.h
blob: 2520efe2ef381b8a9c3f2b087c60ca999b1c1956 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
/*
 * Copyright (C) 2000-2012 Free Software Foundation, Inc.
 *
 * Author: Nikos Mavrogiannopoulos
 *
 * This file is part of GnuTLS.
 *
 * The GnuTLS is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public License
 * as published by the Free Software Foundation; either version 2.1 of
 * the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>
 *
 */

#ifndef GNUTLS_AUTH_H
#define GNUTLS_AUTH_H

#include "str.h"

typedef struct mod_auth_st_int {
	const char *name;	/* null terminated */
	int (*gnutls_generate_server_certificate) (gnutls_session_t,
						   gnutls_buffer_st *);
	int (*gnutls_generate_client_certificate) (gnutls_session_t,
						   gnutls_buffer_st *);
	int (*gnutls_generate_server_kx) (gnutls_session_t,
					  gnutls_buffer_st *);
	int (*gnutls_generate_client_kx) (gnutls_session_t, gnutls_buffer_st *);	/* used in SRP */
	int (*gnutls_generate_client_crt_vrfy) (gnutls_session_t,
						gnutls_buffer_st *);
	int (*gnutls_generate_server_crt_request) (gnutls_session_t,
						   gnutls_buffer_st *);

	int (*gnutls_process_server_certificate) (gnutls_session_t,
						  uint8_t *, size_t);
	int (*gnutls_process_client_certificate) (gnutls_session_t,
						  uint8_t *, size_t);
	int (*gnutls_process_server_kx) (gnutls_session_t, uint8_t *,
					 size_t);
	int (*gnutls_process_client_kx) (gnutls_session_t, uint8_t *,
					 size_t);
	int (*gnutls_process_client_crt_vrfy) (gnutls_session_t, uint8_t *,
					       size_t);
	int (*gnutls_process_server_crt_request) (gnutls_session_t,
						  uint8_t *, size_t);
} mod_auth_st;

const void *_gnutls_get_cred(gnutls_session_t session,
			     gnutls_credentials_type_t type);
const void *_gnutls_get_kx_cred(gnutls_session_t session,
				gnutls_kx_algorithm_t algo);
int _gnutls_auth_info_init(gnutls_session_t session,
			  gnutls_credentials_type_t type, int size,
			  int allow_change);

/*-
 * _gnutls_get_auth_info - Returns a pointer to authentication information.
 * @session: is a #gnutls_session_t structure.
 *
 * This function must be called after a successful gnutls_handshake().
 * Returns a pointer to authentication information. That information
 * is data obtained by the handshake protocol, the key exchange algorithm,
 * and the TLS extensions messages.
 *
 * In case of GNUTLS_CRD_ANON returns a type of &anon_(server/client)_auth_info_t;
 * In case of GNUTLS_CRD_CERTIFICATE returns a type of &cert_auth_info_t;
 * In case of GNUTLS_CRD_SRP returns a type of &srp_(server/client)_auth_info_t;
 -*/
inline static
void *_gnutls_get_auth_info(gnutls_session_t session, gnutls_credentials_type_t type)
{
	if (type == session->key.auth_info_type)
		return session->key.auth_info;
	else
		return NULL;
}

#endif