blob: e8e139caab205dd8fa2ef5d7badae4901d8f49be (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
|
#ifndef AUTH_X509_H
# define AUTH_X509_H
# include "gnutls_cert.h"
/* this is not to be included by gnutls_anon.c */
extern MOD_AUTH_STRUCT rsa_auth_struct;
/* This structure may be complex but, it's the only way to
* support a server that has multiple certificates
*/
typedef struct {
gnutls_cert ** cert_list;
/* contains a list of a list of certificates.
* eg: [0] certificate1, certificate11, certificate111
* (if more than one, one certificate certifies the one before)
* [1] certificate2, certificate22, ...
*/
int * cert_list_length;
/* contains the number of the certificates in a
* row.
*/
int ncerts; /* contains the number of columns in cert_list.
*/
gnutls_private_key * pkey; /* private keys. It contains ncerts private
* keys. pkey[i] corresponds to certificate in
* cert_list[i][0].
*/
gnutls_cert * ca_list;
int ncas; /* number of CAs in the ca_list
*/
} X509PKI_CREDENTIALS_INT;
/* typedef X509PKI_CREDENTIALS_INT * X509PKI_CREDENTIALS; */
#define X509PKI_CREDENTIALS X509PKI_CREDENTIALS_INT*
typedef struct {
gnutls_DN peer_dn;
gnutls_DN issuer_dn;
CertificateStatus peer_certificate_status;
int peer_certificate_version;
time_t peer_certificate_activation_time;
time_t peer_certificate_expiration_time;
char subjectAltName[X509_CN_SIZE];
unsigned char keyUsage;
} X509PKI_CLIENT_AUTH_INFO;
void _gnutls_copy_x509_client_auth_info( X509PKI_CLIENT_AUTH_INFO* info, gnutls_cert* cert, CertificateStatus verify);
#endif
|
