mirror of
https://github.com/ValveSoftware/Proton.git
synced 2024-12-27 07:05:46 +03:00
makefile: Include and build Wine with gnutls26 headers
This commit is contained in:
parent
85bbfb60d7
commit
55b80e0c68
1
.gitignore
vendored
1
.gitignore
vendored
@ -1,6 +1,5 @@
|
|||||||
/dist
|
/dist
|
||||||
/build
|
/build
|
||||||
/contrib
|
|
||||||
/dist-*
|
/dist-*
|
||||||
/obj-*
|
/obj-*
|
||||||
/syn-*
|
/syn-*
|
||||||
|
@ -700,7 +700,7 @@ $(WINE_CONFIGURE_FILES64): SHELL = $(CONTAINER_SHELL64)
|
|||||||
$(WINE_CONFIGURE_FILES64): $(MAKEFILE_DEP) | $(WINE_OBJ64)
|
$(WINE_CONFIGURE_FILES64): $(MAKEFILE_DEP) | $(WINE_OBJ64)
|
||||||
cd $(dir $@) && \
|
cd $(dir $@) && \
|
||||||
STRIP=$(STRIP_QUOTED) \
|
STRIP=$(STRIP_QUOTED) \
|
||||||
CFLAGS=-I$(abspath $(TOOLS_DIR64))"/include -g $(COMMON_FLAGS)" \
|
CFLAGS="-I$(abspath $(TOOLS_DIR64))/include -I$(abspath $(SRCDIR))/contrib/include -g $(COMMON_FLAGS)" \
|
||||||
LDFLAGS=-L$(abspath $(TOOLS_DIR64))/lib \
|
LDFLAGS=-L$(abspath $(TOOLS_DIR64))/lib \
|
||||||
PKG_CONFIG_PATH=$(abspath $(TOOLS_DIR64))/lib/pkgconfig \
|
PKG_CONFIG_PATH=$(abspath $(TOOLS_DIR64))/lib/pkgconfig \
|
||||||
CC=$(CC_QUOTED) \
|
CC=$(CC_QUOTED) \
|
||||||
@ -715,7 +715,7 @@ $(WINE_CONFIGURE_FILES32): SHELL = $(CONTAINER_SHELL32)
|
|||||||
$(WINE_CONFIGURE_FILES32): $(MAKEFILE_DEP) | $(WINE_OBJ32) $(WINE_ORDER_DEPS32)
|
$(WINE_CONFIGURE_FILES32): $(MAKEFILE_DEP) | $(WINE_OBJ32) $(WINE_ORDER_DEPS32)
|
||||||
cd $(dir $@) && \
|
cd $(dir $@) && \
|
||||||
STRIP=$(STRIP_QUOTED) \
|
STRIP=$(STRIP_QUOTED) \
|
||||||
CFLAGS=-I$(abspath $(TOOLS_DIR32))"/include -g $(COMMON_FLAGS)" \
|
CFLAGS="-I$(abspath $(TOOLS_DIR32))/include -I$(abspath $(SRCDIR))/contrib/include -g $(COMMON_FLAGS)" \
|
||||||
LDFLAGS=-L$(abspath $(TOOLS_DIR32))/lib \
|
LDFLAGS=-L$(abspath $(TOOLS_DIR32))/lib \
|
||||||
PKG_CONFIG_PATH=$(abspath $(TOOLS_DIR32))/lib/pkgconfig \
|
PKG_CONFIG_PATH=$(abspath $(TOOLS_DIR32))/lib/pkgconfig \
|
||||||
CC=$(CC_QUOTED) \
|
CC=$(CC_QUOTED) \
|
||||||
|
150
contrib/include/gnutls26/abstract.h
Normal file
150
contrib/include/gnutls26/abstract.h
Normal file
@ -0,0 +1,150 @@
|
|||||||
|
#ifndef __GNUTLS_ABSTRACT_H
|
||||||
|
#define __GNUTLS_ABSTRACT_H
|
||||||
|
|
||||||
|
#include <stdarg.h>
|
||||||
|
#include <gnutls26/gnutls.h>
|
||||||
|
#include <gnutls26/x509.h>
|
||||||
|
#include <gnutls26/pkcs11.h>
|
||||||
|
#include <gnutls26/openpgp.h>
|
||||||
|
|
||||||
|
/* Public key operations */
|
||||||
|
|
||||||
|
struct gnutls_pubkey_st;
|
||||||
|
typedef struct gnutls_pubkey_st *gnutls_pubkey_t;
|
||||||
|
|
||||||
|
struct gnutls_privkey_st;
|
||||||
|
typedef struct gnutls_privkey_st *gnutls_privkey_t;
|
||||||
|
|
||||||
|
int gnutls_pubkey_init (gnutls_pubkey_t * key);
|
||||||
|
void gnutls_pubkey_deinit (gnutls_pubkey_t key);
|
||||||
|
int gnutls_pubkey_get_pk_algorithm (gnutls_pubkey_t key, unsigned int *bits);
|
||||||
|
|
||||||
|
int gnutls_pubkey_import_x509 (gnutls_pubkey_t key, gnutls_x509_crt_t crt,
|
||||||
|
unsigned int flags);
|
||||||
|
int gnutls_pubkey_import_pkcs11 (gnutls_pubkey_t pkey,
|
||||||
|
gnutls_pkcs11_obj_t crt, unsigned int flags);
|
||||||
|
int gnutls_pubkey_import_openpgp (gnutls_pubkey_t pkey,
|
||||||
|
gnutls_openpgp_crt_t crt,
|
||||||
|
unsigned int flags);
|
||||||
|
int
|
||||||
|
gnutls_pubkey_import_privkey (gnutls_pubkey_t key, gnutls_privkey_t pkey,
|
||||||
|
unsigned int usage, unsigned int flags);
|
||||||
|
|
||||||
|
|
||||||
|
int gnutls_pubkey_get_preferred_hash_algorithm (gnutls_pubkey_t key,
|
||||||
|
gnutls_digest_algorithm_t *
|
||||||
|
hash, unsigned int *mand);
|
||||||
|
|
||||||
|
int gnutls_pubkey_get_pk_rsa_raw (gnutls_pubkey_t key,
|
||||||
|
gnutls_datum_t * m, gnutls_datum_t * e);
|
||||||
|
int gnutls_pubkey_get_pk_dsa_raw (gnutls_pubkey_t key,
|
||||||
|
gnutls_datum_t * p, gnutls_datum_t * q,
|
||||||
|
gnutls_datum_t * g, gnutls_datum_t * y);
|
||||||
|
|
||||||
|
int gnutls_pubkey_export (gnutls_pubkey_t key,
|
||||||
|
gnutls_x509_crt_fmt_t format,
|
||||||
|
void *output_data, size_t * output_data_size);
|
||||||
|
|
||||||
|
int gnutls_pubkey_get_key_id (gnutls_pubkey_t key, unsigned int flags,
|
||||||
|
unsigned char *output_data,
|
||||||
|
size_t * output_data_size);
|
||||||
|
|
||||||
|
int gnutls_pubkey_get_key_usage (gnutls_pubkey_t key, unsigned int *usage);
|
||||||
|
int gnutls_pubkey_set_key_usage (gnutls_pubkey_t key, unsigned int usage);
|
||||||
|
|
||||||
|
int gnutls_pubkey_import (gnutls_pubkey_t key,
|
||||||
|
const gnutls_datum_t * data,
|
||||||
|
gnutls_x509_crt_fmt_t format);
|
||||||
|
|
||||||
|
|
||||||
|
int gnutls_pubkey_import_pkcs11_url (gnutls_pubkey_t key, const char *url,
|
||||||
|
unsigned int flags
|
||||||
|
/* GNUTLS_PKCS11_OBJ_FLAG_* */ );
|
||||||
|
int gnutls_pubkey_import_dsa_raw (gnutls_pubkey_t key,
|
||||||
|
const gnutls_datum_t * p,
|
||||||
|
const gnutls_datum_t * q,
|
||||||
|
const gnutls_datum_t * g,
|
||||||
|
const gnutls_datum_t * y);
|
||||||
|
int gnutls_pubkey_import_rsa_raw (gnutls_pubkey_t key,
|
||||||
|
const gnutls_datum_t * m,
|
||||||
|
const gnutls_datum_t * e);
|
||||||
|
|
||||||
|
int gnutls_x509_crt_set_pubkey (gnutls_x509_crt_t crt, gnutls_pubkey_t key);
|
||||||
|
|
||||||
|
int gnutls_x509_crq_set_pubkey (gnutls_x509_crq_t crq, gnutls_pubkey_t key);
|
||||||
|
|
||||||
|
int
|
||||||
|
gnutls_pubkey_verify_hash (gnutls_pubkey_t key, unsigned int flags,
|
||||||
|
const gnutls_datum_t * hash,
|
||||||
|
const gnutls_datum_t * signature);
|
||||||
|
int
|
||||||
|
gnutls_pubkey_get_verify_algorithm (gnutls_pubkey_t key,
|
||||||
|
const gnutls_datum_t * signature,
|
||||||
|
gnutls_digest_algorithm_t * hash);
|
||||||
|
|
||||||
|
int gnutls_pubkey_verify_data (gnutls_pubkey_t pubkey,
|
||||||
|
unsigned int flags,
|
||||||
|
const gnutls_datum_t * data,
|
||||||
|
const gnutls_datum_t * signature);
|
||||||
|
|
||||||
|
/* Private key operations */
|
||||||
|
|
||||||
|
int gnutls_privkey_init (gnutls_privkey_t * key);
|
||||||
|
void gnutls_privkey_deinit (gnutls_privkey_t key);
|
||||||
|
int gnutls_privkey_get_pk_algorithm (gnutls_privkey_t key,
|
||||||
|
unsigned int *bits);
|
||||||
|
|
||||||
|
int
|
||||||
|
gnutls_privkey_get_preferred_hash_algorithm (gnutls_privkey_t key,
|
||||||
|
gnutls_digest_algorithm_t *
|
||||||
|
hash, unsigned int *mand);
|
||||||
|
gnutls_privkey_type_t gnutls_privkey_get_type (gnutls_privkey_t key);
|
||||||
|
|
||||||
|
|
||||||
|
#define GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE (1<<0)
|
||||||
|
#define GNUTLS_PRIVKEY_IMPORT_COPY (1<<1)
|
||||||
|
int gnutls_privkey_import_pkcs11 (gnutls_privkey_t pkey,
|
||||||
|
gnutls_pkcs11_privkey_t key,
|
||||||
|
unsigned int flags);
|
||||||
|
int gnutls_privkey_import_x509 (gnutls_privkey_t pkey,
|
||||||
|
gnutls_x509_privkey_t key,
|
||||||
|
unsigned int flags);
|
||||||
|
int gnutls_privkey_import_openpgp (gnutls_privkey_t pkey,
|
||||||
|
gnutls_openpgp_privkey_t key,
|
||||||
|
unsigned int flags);
|
||||||
|
|
||||||
|
int gnutls_privkey_sign_data (gnutls_privkey_t signer,
|
||||||
|
gnutls_digest_algorithm_t hash,
|
||||||
|
unsigned int flags,
|
||||||
|
const gnutls_datum_t * data,
|
||||||
|
gnutls_datum_t * signature);
|
||||||
|
|
||||||
|
int gnutls_privkey_sign_hash (gnutls_privkey_t signer,
|
||||||
|
gnutls_digest_algorithm_t hash_algo,
|
||||||
|
unsigned int flags,
|
||||||
|
const gnutls_datum_t * hash_data,
|
||||||
|
gnutls_datum_t * signature);
|
||||||
|
|
||||||
|
int gnutls_privkey_decrypt_data (gnutls_privkey_t key,
|
||||||
|
unsigned int flags,
|
||||||
|
const gnutls_datum_t * ciphertext,
|
||||||
|
gnutls_datum_t * plaintext);
|
||||||
|
|
||||||
|
int gnutls_x509_crt_privkey_sign (gnutls_x509_crt_t crt,
|
||||||
|
gnutls_x509_crt_t issuer,
|
||||||
|
gnutls_privkey_t issuer_key,
|
||||||
|
gnutls_digest_algorithm_t dig,
|
||||||
|
unsigned int flags);
|
||||||
|
|
||||||
|
int gnutls_x509_crl_privkey_sign (gnutls_x509_crl_t crl,
|
||||||
|
gnutls_x509_crt_t issuer,
|
||||||
|
gnutls_privkey_t issuer_key,
|
||||||
|
gnutls_digest_algorithm_t dig,
|
||||||
|
unsigned int flags);
|
||||||
|
|
||||||
|
int gnutls_x509_crq_privkey_sign (gnutls_x509_crq_t crq,
|
||||||
|
gnutls_privkey_t key,
|
||||||
|
gnutls_digest_algorithm_t dig,
|
||||||
|
unsigned int flags);
|
||||||
|
|
||||||
|
#endif
|
359
contrib/include/gnutls26/compat.h
Normal file
359
contrib/include/gnutls26/compat.h
Normal file
@ -0,0 +1,359 @@
|
|||||||
|
/* Typedefs for more compatibility with older GnuTLS. */
|
||||||
|
|
||||||
|
#ifndef _GNUTLS_COMPAT_H
|
||||||
|
#define _GNUTLS_COMPAT_H
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C"
|
||||||
|
{
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifdef __GNUC__
|
||||||
|
|
||||||
|
#define _GNUTLS_GCC_VERSION (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__)
|
||||||
|
|
||||||
|
#if !defined GNUTLS_INTERNAL_BUILD
|
||||||
|
#if _GNUTLS_GCC_VERSION >= 30100
|
||||||
|
#define _GNUTLS_GCC_ATTR_DEPRECATED __attribute__ ((__deprecated__))
|
||||||
|
#endif
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#endif /* __GNUC__ */
|
||||||
|
|
||||||
|
#ifndef _GNUTLS_GCC_ATTR_DEPRECATED
|
||||||
|
#define _GNUTLS_GCC_ATTR_DEPRECATED
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#define gnutls_cipher_algorithm gnutls_cipher_algorithm_t
|
||||||
|
#define gnutls_kx_algorithm gnutls_kx_algorithm_t
|
||||||
|
#define gnutls_paramsype gnutls_paramsype_t
|
||||||
|
#define gnutls_mac_algorithm gnutls_mac_algorithm_t
|
||||||
|
#define gnutls_digest_algorithm gnutls_digest_algorithm_t
|
||||||
|
#define gnutls_compression_method gnutls_compression_method_t
|
||||||
|
#define gnutls_connection_end gnutls_connection_end_t
|
||||||
|
#define gnutls_credentialsype gnutls_credentialsype_t
|
||||||
|
#define gnutls_certificateype gnutls_certificateype_t
|
||||||
|
#define gnutls_x509_crt_fmt gnutls_x509_crt_fmt_t
|
||||||
|
#define gnutls_openpgp_key_fmt gnutls_openpgp_key_fmt_t
|
||||||
|
#define gnutls_pk_algorithm gnutls_pk_algorithm_t
|
||||||
|
#define gnutls_sign_algorithm gnutls_sign_algorithm_t
|
||||||
|
#define gnutls_server_name gnutls_server_nameype_t
|
||||||
|
#define gnutls_protocol gnutls_protocol_version_t
|
||||||
|
#define gnutls_close_request gnutls_close_request_t
|
||||||
|
#define gnutls_openpgp_key_status gnutls_openpgp_key_status_t
|
||||||
|
#define gnutls_certificate_request gnutls_certificate_request_t
|
||||||
|
#define gnutls_certificate_status gnutls_certificate_status_t
|
||||||
|
#define gnutls_session gnutls_session_t
|
||||||
|
#define gnutls_alert_level gnutls_alert_level_t
|
||||||
|
#define gnutls_alert_description gnutls_alert_description_t
|
||||||
|
#define gnutls_x509_subject_alt_name gnutls_x509_subject_alt_name_t
|
||||||
|
#define gnutls_openpgp_key gnutls_openpgp_key_t
|
||||||
|
#define gnutls_openpgp_privkey gnutls_openpgp_privkey_t
|
||||||
|
#define gnutls_openpgp_keyring gnutls_openpgp_keyring_t
|
||||||
|
#define gnutls_x509_crt gnutls_x509_crt_t
|
||||||
|
#define gnutls_x509_privkey gnutls_x509_privkey_t
|
||||||
|
#define gnutls_x509_crl gnutls_x509_crl_t
|
||||||
|
#define gnutls_pkcs7 gnutls_pkcs7_t
|
||||||
|
#define gnutls_x509_crq gnutls_x509_crq_t
|
||||||
|
#define gnutls_pkcs_encrypt_flags gnutls_pkcs_encrypt_flags_t
|
||||||
|
#define gnutls_pkcs12_bag_type gnutls_pkcs12_bag_type_t
|
||||||
|
#define gnutls_pkcs12_bag gnutls_pkcs12_bag_t
|
||||||
|
#define gnutls_pkcs12 gnutls_pkcs12_t
|
||||||
|
#define gnutls_certificate_credentials gnutls_certificate_credentials_t
|
||||||
|
#define gnutls_anon_server_credentials gnutls_anon_server_credentials_t
|
||||||
|
#define gnutls_anon_client_credentials gnutls_anon_client_credentials_t
|
||||||
|
#define gnutls_srp_client_credentials gnutls_srp_client_credentials_t
|
||||||
|
#define gnutls_srp_server_credentials gnutls_srp_server_credentials_t
|
||||||
|
#define gnutls_dh_params gnutls_dh_params_t
|
||||||
|
#define gnutls_rsa_params gnutls_rsa_params_t
|
||||||
|
#define gnutls_params_type gnutls_params_type_t
|
||||||
|
#define gnutls_credentials_type gnutls_credentials_type_t
|
||||||
|
#define gnutls_certificate_type gnutls_certificate_type_t
|
||||||
|
#define gnutls_datum gnutls_datum_t
|
||||||
|
#define gnutls_transport_ptr gnutls_transport_ptr_t
|
||||||
|
|
||||||
|
/* Old SRP alerts removed in 2.1.x because the TLS-SRP RFC was
|
||||||
|
modified to use the PSK alert. */
|
||||||
|
#define GNUTLS_A_MISSING_SRP_USERNAME GNUTLS_A_UNKNOWN_PSK_IDENTITY
|
||||||
|
#define GNUTLS_A_UNKNOWN_SRP_USERNAME GNUTLS_A_UNKNOWN_PSK_IDENTITY
|
||||||
|
|
||||||
|
/* OpenPGP stuff renamed in 2.1.x. */
|
||||||
|
#define gnutls_openpgp_key_fmt_t gnutls_openpgp_crt_fmt_t
|
||||||
|
#define GNUTLS_OPENPGP_KEY GNUTLS_OPENPGP_CERT
|
||||||
|
#define GNUTLS_OPENPGP_KEY_FINGERPRINT GNUTLS_OPENPGP_CERT_FINGERPRINT
|
||||||
|
#define gnutls_openpgp_send_key gnutls_openpgp_send_cert
|
||||||
|
#define gnutls_openpgp_key_status_t gnutls_openpgp_crt_status_t
|
||||||
|
#define gnutls_openpgp_key_t gnutls_openpgp_crt_t
|
||||||
|
#define gnutls_openpgp_key_init gnutls_openpgp_crt_init
|
||||||
|
#define gnutls_openpgp_key_deinit gnutls_openpgp_crt_deinit
|
||||||
|
#define gnutls_openpgp_key_import gnutls_openpgp_crt_import
|
||||||
|
#define gnutls_openpgp_key_export gnutls_openpgp_crt_export
|
||||||
|
#define gnutls_openpgp_key_get_key_usage gnutls_openpgp_crt_get_key_usage
|
||||||
|
#define gnutls_openpgp_key_get_fingerprint gnutls_openpgp_crt_get_fingerprint
|
||||||
|
#define gnutls_openpgp_key_get_pk_algorithm gnutls_openpgp_crt_get_pk_algorithm
|
||||||
|
#define gnutls_openpgp_key_get_name gnutls_openpgp_crt_get_name
|
||||||
|
#define gnutls_openpgp_key_get_version gnutls_openpgp_crt_get_version
|
||||||
|
#define gnutls_openpgp_key_get_creation_time gnutls_openpgp_crt_get_creation_time
|
||||||
|
#define gnutls_openpgp_key_get_expiration_time gnutls_openpgp_crt_get_expiration_time
|
||||||
|
#define gnutls_openpgp_key_get_id gnutls_openpgp_crt_get_id
|
||||||
|
#define gnutls_openpgp_key_check_hostname gnutls_openpgp_crt_check_hostname
|
||||||
|
|
||||||
|
/* OpenPGP stuff renamed in 2.3.x. */
|
||||||
|
#define gnutls_openpgp_crt_get_id gnutls_openpgp_crt_get_key_id
|
||||||
|
|
||||||
|
/* New better names renamed in 2.3.x, add these for backwards
|
||||||
|
compatibility with old poor names.*/
|
||||||
|
#define GNUTLS_X509_CRT_FULL GNUTLS_CRT_PRINT_FULL
|
||||||
|
#define GNUTLS_X509_CRT_ONELINE GNUTLS_CRT_PRINT_ONELINE
|
||||||
|
#define GNUTLS_X509_CRT_UNSIGNED_FULL GNUTLS_CRT_PRINT_UNSIGNED_FULL
|
||||||
|
|
||||||
|
/* These old #define's violate the gnutls_* namespace. */
|
||||||
|
#define TLS_MASTER_SIZE GNUTLS_MASTER_SIZE
|
||||||
|
#define TLS_RANDOM_SIZE GNUTLS_RANDOM_SIZE
|
||||||
|
|
||||||
|
/* Namespace problems. */
|
||||||
|
#define LIBGNUTLS_VERSION GNUTLS_VERSION
|
||||||
|
#define LIBGNUTLS_VERSION_MAJOR GNUTLS_VERSION_MAJOR
|
||||||
|
#define LIBGNUTLS_VERSION_MINOR GNUTLS_VERSION_MINOR
|
||||||
|
#define LIBGNUTLS_VERSION_PATCH GNUTLS_VERSION_PATCH
|
||||||
|
#define LIBGNUTLS_VERSION_NUMBER GNUTLS_VERSION_NUMBER
|
||||||
|
#define LIBGNUTLS_EXTRA_VERSION GNUTLS_VERSION
|
||||||
|
|
||||||
|
/* The gnutls_retr_st was deprecated by gnutls_certificate_retrieve_function()
|
||||||
|
* and gnutls_retr2_st.
|
||||||
|
*/
|
||||||
|
typedef struct gnutls_retr_st
|
||||||
|
{
|
||||||
|
gnutls_certificate_type_t type;
|
||||||
|
union
|
||||||
|
{
|
||||||
|
gnutls_x509_crt_t *x509;
|
||||||
|
gnutls_openpgp_crt_t pgp;
|
||||||
|
} cert;
|
||||||
|
unsigned int ncerts; /* one for pgp keys */
|
||||||
|
|
||||||
|
union
|
||||||
|
{
|
||||||
|
gnutls_x509_privkey_t x509;
|
||||||
|
gnutls_openpgp_privkey_t pgp;
|
||||||
|
} key;
|
||||||
|
|
||||||
|
unsigned int deinit_all; /* if non zero all keys will be deinited */
|
||||||
|
} gnutls_retr_st;
|
||||||
|
|
||||||
|
typedef int gnutls_certificate_client_retrieve_function (gnutls_session_t,
|
||||||
|
const
|
||||||
|
gnutls_datum_t *
|
||||||
|
req_ca_rdn,
|
||||||
|
int nreqs,
|
||||||
|
const
|
||||||
|
gnutls_pk_algorithm_t
|
||||||
|
* pk_algos,
|
||||||
|
int
|
||||||
|
pk_algos_length,
|
||||||
|
gnutls_retr_st *);
|
||||||
|
typedef int gnutls_certificate_server_retrieve_function (gnutls_session_t,
|
||||||
|
gnutls_retr_st *);
|
||||||
|
|
||||||
|
void gnutls_certificate_client_set_retrieve_function
|
||||||
|
(gnutls_certificate_credentials_t cred,
|
||||||
|
gnutls_certificate_client_retrieve_function *
|
||||||
|
func) _GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
void
|
||||||
|
gnutls_certificate_server_set_retrieve_function
|
||||||
|
(gnutls_certificate_credentials_t cred,
|
||||||
|
gnutls_certificate_server_retrieve_function *
|
||||||
|
func) _GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
|
||||||
|
/* External signing callback. No longer supported because it
|
||||||
|
* was deprecated by the PKCS #11 API. */
|
||||||
|
typedef int (*gnutls_sign_func) (gnutls_session_t session,
|
||||||
|
void *userdata,
|
||||||
|
gnutls_certificate_type_t cert_type,
|
||||||
|
const gnutls_datum_t * cert,
|
||||||
|
const gnutls_datum_t * hash,
|
||||||
|
gnutls_datum_t * signature);
|
||||||
|
|
||||||
|
void
|
||||||
|
gnutls_sign_callback_set (gnutls_session_t session,
|
||||||
|
gnutls_sign_func sign_func, void *userdata)
|
||||||
|
_GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
gnutls_sign_func
|
||||||
|
gnutls_sign_callback_get (gnutls_session_t session, void **userdata)
|
||||||
|
_GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
|
||||||
|
/* Extension API is no longer exported because a lot of internal
|
||||||
|
* structures are used. Currently it works due to a compatibility
|
||||||
|
* layer, but will be removed in later versions.
|
||||||
|
*/
|
||||||
|
int gnutls_ext_register (int type,
|
||||||
|
const char *name,
|
||||||
|
gnutls_ext_parse_type_t parse_type,
|
||||||
|
gnutls_ext_recv_func recv_func,
|
||||||
|
gnutls_ext_send_func send_func)
|
||||||
|
_GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
|
||||||
|
/* We no longer support the finished callback. Use
|
||||||
|
* gnutls_session_channel_binding for similar functionality.
|
||||||
|
*/
|
||||||
|
typedef void (*gnutls_finished_callback_func) (gnutls_session_t session,
|
||||||
|
const void *finished,
|
||||||
|
size_t len);
|
||||||
|
void gnutls_session_set_finished_function (gnutls_session_t session,
|
||||||
|
gnutls_finished_callback_func
|
||||||
|
func)
|
||||||
|
_GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
|
||||||
|
/* returns security values.
|
||||||
|
* Do not use them unless you know what you're doing. Those are dangerous since
|
||||||
|
* they depend on a particular TLS version number
|
||||||
|
*/
|
||||||
|
#define GNUTLS_MASTER_SIZE 48
|
||||||
|
#define GNUTLS_RANDOM_SIZE 32
|
||||||
|
const void *gnutls_session_get_server_random (gnutls_session_t session)
|
||||||
|
_GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
const void *gnutls_session_get_client_random (gnutls_session_t session)
|
||||||
|
_GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
const void *gnutls_session_get_master_secret (gnutls_session_t session)
|
||||||
|
_GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
|
||||||
|
int gnutls_psk_netconf_derive_key (const char *password,
|
||||||
|
const char *psk_identity,
|
||||||
|
const char *psk_identity_hint,
|
||||||
|
gnutls_datum_t *
|
||||||
|
output_key)
|
||||||
|
_GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
|
||||||
|
/* This is a very dangerous and error-prone function.
|
||||||
|
* Use gnutls_privkey_sign_hash() instead.
|
||||||
|
*/
|
||||||
|
int gnutls_x509_privkey_sign_hash (gnutls_x509_privkey_t key,
|
||||||
|
const gnutls_datum_t * hash,
|
||||||
|
gnutls_datum_t * signature)
|
||||||
|
_GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
|
||||||
|
int gnutls_openpgp_privkey_sign_hash (gnutls_openpgp_privkey_t key,
|
||||||
|
const gnutls_datum_t * hash,
|
||||||
|
gnutls_datum_t * signature)
|
||||||
|
_GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
|
||||||
|
|
||||||
|
/* Deprecated because verify_* functions are moved to public
|
||||||
|
* keys. Check abstract.h for similar functionality.
|
||||||
|
*/
|
||||||
|
int gnutls_x509_privkey_verify_data (gnutls_x509_privkey_t key,
|
||||||
|
unsigned int flags,
|
||||||
|
const gnutls_datum_t * data,
|
||||||
|
const gnutls_datum_t * signature)
|
||||||
|
_GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
|
||||||
|
/* we support the gnutls_privkey_sign_data() instead.
|
||||||
|
*/
|
||||||
|
int gnutls_x509_privkey_sign_data (gnutls_x509_privkey_t key,
|
||||||
|
gnutls_digest_algorithm_t digest,
|
||||||
|
unsigned int flags,
|
||||||
|
const gnutls_datum_t * data,
|
||||||
|
void *signature,
|
||||||
|
size_t * signature_size)
|
||||||
|
_GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
|
||||||
|
/* gnutls_pubkey_verify_data() */
|
||||||
|
int gnutls_x509_crt_verify_data (gnutls_x509_crt_t crt,
|
||||||
|
unsigned int flags,
|
||||||
|
const gnutls_datum_t * data,
|
||||||
|
const gnutls_datum_t * signature)
|
||||||
|
_GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
|
||||||
|
|
||||||
|
/* gnutls_pubkey_verify_hash() */
|
||||||
|
int gnutls_x509_crt_verify_hash (gnutls_x509_crt_t crt,
|
||||||
|
unsigned int flags,
|
||||||
|
const gnutls_datum_t * hash,
|
||||||
|
const gnutls_datum_t * signature)
|
||||||
|
_GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
|
||||||
|
/* gnutls_pubkey_get_verify_algorithm() */
|
||||||
|
int gnutls_x509_crt_get_verify_algorithm (gnutls_x509_crt_t crt,
|
||||||
|
const gnutls_datum_t * signature,
|
||||||
|
gnutls_digest_algorithm_t * hash)
|
||||||
|
_GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
|
||||||
|
/* gnutls_pubkey_get_preferred_hash_algorithm() */
|
||||||
|
int gnutls_x509_crt_get_preferred_hash_algorithm (gnutls_x509_crt_t crt,
|
||||||
|
gnutls_digest_algorithm_t
|
||||||
|
* hash,
|
||||||
|
unsigned int *mand)
|
||||||
|
_GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
|
||||||
|
/* gnutls_x509_crq_privkey_sign() */
|
||||||
|
int gnutls_x509_crq_sign2 (gnutls_x509_crq_t crq,
|
||||||
|
gnutls_x509_privkey_t key,
|
||||||
|
gnutls_digest_algorithm_t dig,
|
||||||
|
unsigned int flags)
|
||||||
|
_GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
int gnutls_x509_crq_sign (gnutls_x509_crq_t crq, gnutls_x509_privkey_t key)
|
||||||
|
_GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
/* gnutls_x509_crl_privkey_sign */
|
||||||
|
int gnutls_x509_crl_sign (gnutls_x509_crl_t crl,
|
||||||
|
gnutls_x509_crt_t issuer,
|
||||||
|
gnutls_x509_privkey_t issuer_key)
|
||||||
|
_GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
int gnutls_x509_crl_sign2 (gnutls_x509_crl_t crl,
|
||||||
|
gnutls_x509_crt_t issuer,
|
||||||
|
gnutls_x509_privkey_t issuer_key,
|
||||||
|
gnutls_digest_algorithm_t dig,
|
||||||
|
unsigned int flags)
|
||||||
|
_GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
|
||||||
|
|
||||||
|
void gnutls_certificate_get_x509_cas (gnutls_certificate_credentials_t sc,
|
||||||
|
gnutls_x509_crt_t ** x509_ca_list,
|
||||||
|
unsigned int *ncas)
|
||||||
|
_GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
|
||||||
|
void gnutls_certificate_get_x509_crls (gnutls_certificate_credentials_t sc,
|
||||||
|
gnutls_x509_crl_t ** x509_crl_list,
|
||||||
|
unsigned int *ncrls)
|
||||||
|
_GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
|
||||||
|
void
|
||||||
|
gnutls_certificate_get_openpgp_keyring (gnutls_certificate_credentials_t
|
||||||
|
sc,
|
||||||
|
gnutls_openpgp_keyring_t *
|
||||||
|
keyring)
|
||||||
|
_GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
|
||||||
|
/* this is obsolete (?). */
|
||||||
|
int gnutls_certificate_verify_peers (gnutls_session_t session)
|
||||||
|
_GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
|
||||||
|
/* functions to set priority of cipher suites
|
||||||
|
*/
|
||||||
|
int gnutls_cipher_set_priority (gnutls_session_t session, const int *list)
|
||||||
|
_GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
int gnutls_mac_set_priority (gnutls_session_t session, const int *list)
|
||||||
|
_GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
int gnutls_compression_set_priority (gnutls_session_t session,
|
||||||
|
const int *list)
|
||||||
|
_GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
int gnutls_kx_set_priority (gnutls_session_t session, const int *list)
|
||||||
|
_GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
int gnutls_protocol_set_priority (gnutls_session_t session,
|
||||||
|
const int *list)
|
||||||
|
_GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
int gnutls_certificate_type_set_priority (gnutls_session_t session,
|
||||||
|
const int *list)
|
||||||
|
_GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
|
||||||
|
void gnutls_transport_set_lowat (gnutls_session_t session, int num) _GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
|
||||||
|
void gnutls_transport_set_global_errno (int err) _GNUTLS_GCC_ATTR_DEPRECATED;
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#endif /* _GNUTLS_COMPAT_H */
|
378
contrib/include/gnutls26/crypto.h
Normal file
378
contrib/include/gnutls26/crypto.h
Normal file
@ -0,0 +1,378 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (C) 2008, 2009, 2010 Free Software Foundation, Inc.
|
||||||
|
*
|
||||||
|
* Author: Nikos Mavrogiannopoulos
|
||||||
|
*
|
||||||
|
* This file is part of GnuTLS.
|
||||||
|
*
|
||||||
|
* The GnuTLS is free software; you can redistribute it and/or
|
||||||
|
* modify it under the terms of the GNU Lesser General Public License
|
||||||
|
* as published by the Free Software Foundation; either version 2.1 of
|
||||||
|
* the License, or (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This library is distributed in the hope that it will be useful, but
|
||||||
|
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||||
|
* Lesser General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU Lesser General Public
|
||||||
|
* License along with this library; if not, write to the Free Software
|
||||||
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
|
||||||
|
* USA
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef GNUTLS_CRYPTO_H
|
||||||
|
#define GNUTLS_CRYPTO_H
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C"
|
||||||
|
{
|
||||||
|
#endif
|
||||||
|
|
||||||
|
typedef struct cipher_hd_st *gnutls_cipher_hd_t;
|
||||||
|
|
||||||
|
int gnutls_cipher_init (gnutls_cipher_hd_t * handle,
|
||||||
|
gnutls_cipher_algorithm_t cipher,
|
||||||
|
const gnutls_datum_t * key,
|
||||||
|
const gnutls_datum_t * iv);
|
||||||
|
int gnutls_cipher_encrypt (const gnutls_cipher_hd_t handle,
|
||||||
|
void *text, size_t textlen);
|
||||||
|
int gnutls_cipher_decrypt (const gnutls_cipher_hd_t handle,
|
||||||
|
void *ciphertext, size_t ciphertextlen);
|
||||||
|
int gnutls_cipher_decrypt2 (gnutls_cipher_hd_t handle,
|
||||||
|
const void *ciphertext, size_t ciphertextlen,
|
||||||
|
void *text, size_t textlen);
|
||||||
|
int gnutls_cipher_encrypt2 (gnutls_cipher_hd_t handle, void *text,
|
||||||
|
size_t textlen, void *ciphertext,
|
||||||
|
size_t ciphertextlen);
|
||||||
|
|
||||||
|
void gnutls_cipher_deinit (gnutls_cipher_hd_t handle);
|
||||||
|
int gnutls_cipher_get_block_size (gnutls_cipher_algorithm_t algorithm);
|
||||||
|
|
||||||
|
|
||||||
|
typedef struct hash_hd_st *gnutls_hash_hd_t;
|
||||||
|
typedef struct hmac_hd_st *gnutls_hmac_hd_t;
|
||||||
|
|
||||||
|
int gnutls_hmac_init (gnutls_hmac_hd_t * dig,
|
||||||
|
gnutls_digest_algorithm_t algorithm, const void *key,
|
||||||
|
size_t keylen);
|
||||||
|
int gnutls_hmac (gnutls_hmac_hd_t handle, const void *text, size_t textlen);
|
||||||
|
void gnutls_hmac_output (gnutls_hmac_hd_t handle, void *digest);
|
||||||
|
void gnutls_hmac_deinit (gnutls_hmac_hd_t handle, void *digest);
|
||||||
|
int gnutls_hmac_get_len (gnutls_mac_algorithm_t algorithm);
|
||||||
|
int gnutls_hmac_fast (gnutls_mac_algorithm_t algorithm, const void *key,
|
||||||
|
size_t keylen, const void *text, size_t textlen,
|
||||||
|
void *digest);
|
||||||
|
|
||||||
|
int gnutls_hash_init (gnutls_hash_hd_t * dig,
|
||||||
|
gnutls_digest_algorithm_t algorithm);
|
||||||
|
int gnutls_hash (gnutls_hash_hd_t handle, const void *text, size_t textlen);
|
||||||
|
void gnutls_hash_output (gnutls_hash_hd_t handle, void *digest);
|
||||||
|
void gnutls_hash_deinit (gnutls_hash_hd_t handle, void *digest);
|
||||||
|
int gnutls_hash_get_len (gnutls_digest_algorithm_t algorithm);
|
||||||
|
int gnutls_hash_fast (gnutls_digest_algorithm_t algorithm,
|
||||||
|
const void *text, size_t textlen, void *digest);
|
||||||
|
|
||||||
|
/* register ciphers */
|
||||||
|
|
||||||
|
#define GNUTLS_CRYPTO_API_VERSION 0x03
|
||||||
|
|
||||||
|
#define gnutls_crypto_single_cipher_st gnutls_crypto_cipher_st
|
||||||
|
#define gnutls_crypto_single_mac_st gnutls_crypto_mac_st
|
||||||
|
#define gnutls_crypto_single_digest_st gnutls_crypto_digest_st
|
||||||
|
|
||||||
|
typedef struct
|
||||||
|
{
|
||||||
|
int (*init) (gnutls_cipher_algorithm_t, void **ctx);
|
||||||
|
int (*setkey) (void *ctx, const void *key, size_t keysize);
|
||||||
|
int (*setiv) (void *ctx, const void *iv, size_t ivsize);
|
||||||
|
int (*encrypt) (void *ctx, const void *plain, size_t plainsize,
|
||||||
|
void *encr, size_t encrsize);
|
||||||
|
int (*decrypt) (void *ctx, const void *encr, size_t encrsize,
|
||||||
|
void *plain, size_t plainsize);
|
||||||
|
void (*deinit) (void *ctx);
|
||||||
|
} gnutls_crypto_cipher_st;
|
||||||
|
|
||||||
|
typedef struct
|
||||||
|
{
|
||||||
|
int (*init) (gnutls_mac_algorithm_t, void **ctx);
|
||||||
|
int (*setkey) (void *ctx, const void *key, size_t keysize);
|
||||||
|
int (*hash) (void *ctx, const void *text, size_t textsize);
|
||||||
|
int (*output) (void *src_ctx, void *digest, size_t digestsize);
|
||||||
|
void (*deinit) (void *ctx);
|
||||||
|
} gnutls_crypto_mac_st;
|
||||||
|
|
||||||
|
typedef struct
|
||||||
|
{
|
||||||
|
int (*init) (gnutls_mac_algorithm_t, void **ctx);
|
||||||
|
int (*hash) (void *ctx, const void *text, size_t textsize);
|
||||||
|
int (*copy) (void **dst_ctx, void *src_ctx);
|
||||||
|
int (*output) (void *src_ctx, void *digest, size_t digestsize);
|
||||||
|
void (*deinit) (void *ctx);
|
||||||
|
} gnutls_crypto_digest_st;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* gnutls_rnd_level_t:
|
||||||
|
* @GNUTLS_RND_NONCE: Non-predictable random number. Fatal in parts
|
||||||
|
* of session if broken, i.e., vulnerable to statistical analysis.
|
||||||
|
* @GNUTLS_RND_RANDOM: Pseudo-random cryptographic random number.
|
||||||
|
* Fatal in session if broken.
|
||||||
|
* @GNUTLS_RND_KEY: Fatal in many sessions if broken.
|
||||||
|
*
|
||||||
|
* Enumeration of random quality levels.
|
||||||
|
*/
|
||||||
|
typedef enum gnutls_rnd_level
|
||||||
|
{
|
||||||
|
GNUTLS_RND_NONCE = 0,
|
||||||
|
GNUTLS_RND_RANDOM = 1,
|
||||||
|
GNUTLS_RND_KEY = 2
|
||||||
|
} gnutls_rnd_level_t;
|
||||||
|
|
||||||
|
int gnutls_rnd (gnutls_rnd_level_t level, void *data, size_t len);
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* gnutls_pk_flag_t:
|
||||||
|
* @GNUTLS_PK_FLAG_NONE: No flag.
|
||||||
|
*
|
||||||
|
* Enumeration of public-key flag.
|
||||||
|
*/
|
||||||
|
typedef enum
|
||||||
|
{
|
||||||
|
GNUTLS_PK_FLAG_NONE = 0
|
||||||
|
} gnutls_pk_flag_t;
|
||||||
|
|
||||||
|
typedef struct gnutls_crypto_rnd
|
||||||
|
{
|
||||||
|
int (*init) (void **ctx);
|
||||||
|
int (*rnd) (void *ctx, int level, void *data, size_t datasize);
|
||||||
|
void (*deinit) (void *ctx);
|
||||||
|
} gnutls_crypto_rnd_st;
|
||||||
|
|
||||||
|
typedef void *bigint_t;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* gnutls_bigint_format_t:
|
||||||
|
* @GNUTLS_MPI_FORMAT_USG: Raw unsigned integer format.
|
||||||
|
* @GNUTLS_MPI_FORMAT_STD: Raw signed integer format, always a leading
|
||||||
|
* zero when positive.
|
||||||
|
* @GNUTLS_MPI_FORMAT_PGP: The pgp integer format.
|
||||||
|
*
|
||||||
|
* Enumeration of different bignum integer encoding formats.
|
||||||
|
*/
|
||||||
|
typedef enum
|
||||||
|
{
|
||||||
|
/* raw unsigned integer format */
|
||||||
|
GNUTLS_MPI_FORMAT_USG = 0,
|
||||||
|
/* raw signed integer format - always a leading zero when positive */
|
||||||
|
GNUTLS_MPI_FORMAT_STD = 1,
|
||||||
|
/* the pgp integer format */
|
||||||
|
GNUTLS_MPI_FORMAT_PGP = 2
|
||||||
|
} gnutls_bigint_format_t;
|
||||||
|
|
||||||
|
typedef struct
|
||||||
|
{
|
||||||
|
bigint_t g; /* group generator */
|
||||||
|
bigint_t p; /* prime */
|
||||||
|
} gnutls_group_st;
|
||||||
|
|
||||||
|
/* Multi precision integer arithmetic */
|
||||||
|
typedef struct gnutls_crypto_bigint
|
||||||
|
{
|
||||||
|
bigint_t (*bigint_new) (int nbits);
|
||||||
|
void (*bigint_release) (bigint_t n);
|
||||||
|
/* 0 for equality, > 0 for m1>m2, < 0 for m1<m2 */
|
||||||
|
int (*bigint_cmp) (const bigint_t m1, const bigint_t m2);
|
||||||
|
/* as bigint_cmp */
|
||||||
|
int (*bigint_cmp_ui) (const bigint_t m1, unsigned long m2);
|
||||||
|
/* ret = a % b */
|
||||||
|
bigint_t (*bigint_mod) (const bigint_t a, const bigint_t b);
|
||||||
|
/* a = b -> ret == a */
|
||||||
|
bigint_t (*bigint_set) (bigint_t a, const bigint_t b);
|
||||||
|
/* a = b -> ret == a */
|
||||||
|
bigint_t (*bigint_set_ui) (bigint_t a, unsigned long b);
|
||||||
|
unsigned int (*bigint_get_nbits) (const bigint_t a);
|
||||||
|
/* w = b ^ e mod m */
|
||||||
|
bigint_t (*bigint_powm) (bigint_t w, const bigint_t b,
|
||||||
|
const bigint_t e, const bigint_t m);
|
||||||
|
/* w = a + b mod m */
|
||||||
|
bigint_t (*bigint_addm) (bigint_t w, const bigint_t a,
|
||||||
|
const bigint_t b, const bigint_t m);
|
||||||
|
/* w = a - b mod m */
|
||||||
|
bigint_t (*bigint_subm) (bigint_t w, const bigint_t a, const bigint_t b,
|
||||||
|
const bigint_t m);
|
||||||
|
/* w = a * b mod m */
|
||||||
|
bigint_t (*bigint_mulm) (bigint_t w, const bigint_t a, const bigint_t b,
|
||||||
|
const bigint_t m);
|
||||||
|
/* w = a + b */ bigint_t (*bigint_add) (bigint_t w, const bigint_t a,
|
||||||
|
const bigint_t b);
|
||||||
|
/* w = a - b */ bigint_t (*bigint_sub) (bigint_t w, const bigint_t a,
|
||||||
|
const bigint_t b);
|
||||||
|
/* w = a * b */
|
||||||
|
bigint_t (*bigint_mul) (bigint_t w, const bigint_t a, const bigint_t b);
|
||||||
|
/* w = a + b */
|
||||||
|
bigint_t (*bigint_add_ui) (bigint_t w, const bigint_t a,
|
||||||
|
unsigned long b);
|
||||||
|
/* w = a - b */
|
||||||
|
bigint_t (*bigint_sub_ui) (bigint_t w, const bigint_t a,
|
||||||
|
unsigned long b);
|
||||||
|
/* w = a * b */
|
||||||
|
bigint_t (*bigint_mul_ui) (bigint_t w, const bigint_t a,
|
||||||
|
unsigned long b);
|
||||||
|
/* q = a / b */
|
||||||
|
bigint_t (*bigint_div) (bigint_t q, const bigint_t a, const bigint_t b);
|
||||||
|
/* 0 if prime */
|
||||||
|
int (*bigint_prime_check) (const bigint_t pp);
|
||||||
|
int (*bigint_generate_group) (gnutls_group_st * gg, unsigned int bits);
|
||||||
|
|
||||||
|
/* reads an bigint from a buffer */
|
||||||
|
/* stores an bigint into the buffer. returns
|
||||||
|
* GNUTLS_E_SHORT_MEMORY_BUFFER if buf_size is not sufficient to
|
||||||
|
* store this integer, and updates the buf_size;
|
||||||
|
*/
|
||||||
|
bigint_t (*bigint_scan) (const void *buf, size_t buf_size,
|
||||||
|
gnutls_bigint_format_t format);
|
||||||
|
int (*bigint_print) (const bigint_t a, void *buf, size_t * buf_size,
|
||||||
|
gnutls_bigint_format_t format);
|
||||||
|
} gnutls_crypto_bigint_st;
|
||||||
|
|
||||||
|
#define GNUTLS_MAX_PK_PARAMS 16
|
||||||
|
|
||||||
|
typedef struct
|
||||||
|
{
|
||||||
|
bigint_t params[GNUTLS_MAX_PK_PARAMS];
|
||||||
|
unsigned int params_nr; /* the number of parameters */
|
||||||
|
unsigned int flags;
|
||||||
|
} gnutls_pk_params_st;
|
||||||
|
|
||||||
|
void gnutls_pk_params_release (gnutls_pk_params_st * p);
|
||||||
|
void gnutls_pk_params_init (gnutls_pk_params_st * p);
|
||||||
|
|
||||||
|
/* params are:
|
||||||
|
* RSA:
|
||||||
|
* [0] is modulus
|
||||||
|
* [1] is public exponent
|
||||||
|
* [2] is private exponent (private key only)
|
||||||
|
* [3] is prime1 (p) (private key only)
|
||||||
|
* [4] is prime2 (q) (private key only)
|
||||||
|
* [5] is coefficient (u == inverse of p mod q) (private key only)
|
||||||
|
* [6] e1 == d mod (p-1)
|
||||||
|
* [7] e2 == d mod (q-1)
|
||||||
|
*
|
||||||
|
* note that for libgcrypt that does not use the inverse of q mod p,
|
||||||
|
* we need to perform conversions using fixup_params().
|
||||||
|
*
|
||||||
|
* DSA:
|
||||||
|
* [0] is p
|
||||||
|
* [1] is q
|
||||||
|
* [2] is g
|
||||||
|
* [3] is y (public key)
|
||||||
|
* [4] is x (private key only)
|
||||||
|
*/
|
||||||
|
|
||||||
|
/**
|
||||||
|
* gnutls_direction_t:
|
||||||
|
* @GNUTLS_IMPORT: Import direction.
|
||||||
|
* @GNUTLS_EXPORT: Export direction.
|
||||||
|
*
|
||||||
|
* Enumeration of different directions.
|
||||||
|
*/
|
||||||
|
typedef enum
|
||||||
|
{
|
||||||
|
GNUTLS_IMPORT = 0,
|
||||||
|
GNUTLS_EXPORT = 1
|
||||||
|
} gnutls_direction_t;
|
||||||
|
|
||||||
|
/* Public key algorithms */
|
||||||
|
typedef struct gnutls_crypto_pk
|
||||||
|
{
|
||||||
|
/* The params structure should contain the private or public key
|
||||||
|
* parameters, depending on the operation */
|
||||||
|
int (*encrypt) (gnutls_pk_algorithm_t, gnutls_datum_t * ciphertext,
|
||||||
|
const gnutls_datum_t * plaintext,
|
||||||
|
const gnutls_pk_params_st * pub);
|
||||||
|
int (*decrypt) (gnutls_pk_algorithm_t, gnutls_datum_t * plaintext,
|
||||||
|
const gnutls_datum_t * ciphertext,
|
||||||
|
const gnutls_pk_params_st * priv);
|
||||||
|
|
||||||
|
int (*sign) (gnutls_pk_algorithm_t, gnutls_datum_t * signature,
|
||||||
|
const gnutls_datum_t * data,
|
||||||
|
const gnutls_pk_params_st * priv);
|
||||||
|
int (*verify) (gnutls_pk_algorithm_t, const gnutls_datum_t * data,
|
||||||
|
const gnutls_datum_t * signature,
|
||||||
|
const gnutls_pk_params_st * pub);
|
||||||
|
|
||||||
|
int (*generate) (gnutls_pk_algorithm_t, unsigned int nbits,
|
||||||
|
gnutls_pk_params_st *);
|
||||||
|
/* this function should convert params to ones suitable
|
||||||
|
* for the above functions
|
||||||
|
*/
|
||||||
|
int (*pk_fixup_private_params) (gnutls_pk_algorithm_t, gnutls_direction_t,
|
||||||
|
gnutls_pk_params_st *);
|
||||||
|
|
||||||
|
} gnutls_crypto_pk_st;
|
||||||
|
|
||||||
|
/* priority: infinity for backend algorithms, 90 for kernel
|
||||||
|
algorithms, lowest wins
|
||||||
|
*/
|
||||||
|
#define gnutls_crypto_single_cipher_register(algo, prio, st) \
|
||||||
|
gnutls_crypto_single_cipher_register2 (algo, prio, \
|
||||||
|
GNUTLS_CRYPTO_API_VERSION, st)
|
||||||
|
#define gnutls_crypto_single_mac_register(algo, prio, st) \
|
||||||
|
gnutls_crypto_single_mac_register2 (algo, prio, \
|
||||||
|
GNUTLS_CRYPTO_API_VERSION, st)
|
||||||
|
#define gnutls_crypto_single_digest_register(algo, prio, st) \
|
||||||
|
gnutls_crypto_single_digest_register2(algo, prio, \
|
||||||
|
GNUTLS_CRYPTO_API_VERSION, st)
|
||||||
|
|
||||||
|
int gnutls_crypto_single_cipher_register2 (gnutls_cipher_algorithm_t
|
||||||
|
algorithm, int priority,
|
||||||
|
int version,
|
||||||
|
const
|
||||||
|
gnutls_crypto_single_cipher_st *
|
||||||
|
s);
|
||||||
|
int gnutls_crypto_single_mac_register2 (gnutls_mac_algorithm_t algorithm,
|
||||||
|
int priority, int version,
|
||||||
|
const gnutls_crypto_single_mac_st *
|
||||||
|
s);
|
||||||
|
int gnutls_crypto_single_digest_register2 (gnutls_digest_algorithm_t
|
||||||
|
algorithm, int priority,
|
||||||
|
int version,
|
||||||
|
const
|
||||||
|
gnutls_crypto_single_digest_st *
|
||||||
|
s);
|
||||||
|
|
||||||
|
#define gnutls_crypto_cipher_register(prio, st) \
|
||||||
|
gnutls_crypto_cipher_register2 (prio, GNUTLS_CRYPTO_API_VERSION, st)
|
||||||
|
#define gnutls_crypto_mac_register(prio, st) \
|
||||||
|
gnutls_crypto_mac_register2 (prio, GNUTLS_CRYPTO_API_VERSION, st)
|
||||||
|
#define gnutls_crypto_digest_register(prio, st) \
|
||||||
|
gnutls_crypto_digest_register2 (prio, GNUTLS_CRYPTO_API_VERSION, st)
|
||||||
|
|
||||||
|
int gnutls_crypto_cipher_register2 (int priority, int version,
|
||||||
|
const gnutls_crypto_cipher_st * s);
|
||||||
|
int gnutls_crypto_mac_register2 (int priority, int version,
|
||||||
|
const gnutls_crypto_mac_st * s);
|
||||||
|
int gnutls_crypto_digest_register2 (int priority, int version,
|
||||||
|
const gnutls_crypto_digest_st * s);
|
||||||
|
|
||||||
|
#define gnutls_crypto_rnd_register(prio, st) \
|
||||||
|
gnutls_crypto_rnd_register2 (prio, GNUTLS_CRYPTO_API_VERSION, st)
|
||||||
|
#define gnutls_crypto_pk_register(prio, st) \
|
||||||
|
gnutls_crypto_pk_register2 (prio, GNUTLS_CRYPTO_API_VERSION, st)
|
||||||
|
#define gnutls_crypto_bigint_register(prio, st) \
|
||||||
|
gnutls_crypto_bigint_register2 (prio, GNUTLS_CRYPTO_API_VERSION, st)
|
||||||
|
|
||||||
|
int gnutls_crypto_rnd_register2 (int priority, int version,
|
||||||
|
const gnutls_crypto_rnd_st * s);
|
||||||
|
int gnutls_crypto_pk_register2 (int priority, int version,
|
||||||
|
const gnutls_crypto_pk_st * s);
|
||||||
|
int gnutls_crypto_bigint_register2 (int priority, int version,
|
||||||
|
const gnutls_crypto_bigint_st * s);
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#endif
|
1777
contrib/include/gnutls26/gnutls.h
Normal file
1777
contrib/include/gnutls26/gnutls.h
Normal file
File diff suppressed because it is too large
Load Diff
365
contrib/include/gnutls26/openpgp.h
Normal file
365
contrib/include/gnutls26/openpgp.h
Normal file
@ -0,0 +1,365 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free
|
||||||
|
* Software Foundation, Inc.
|
||||||
|
*
|
||||||
|
* Author: Nikos Mavrogiannopoulos
|
||||||
|
*
|
||||||
|
* This file is part of GnuTLS.
|
||||||
|
*
|
||||||
|
* The GnuTLS is free software; you can redistribute it and/or
|
||||||
|
* modify it under the terms of the GNU Lesser General Public License
|
||||||
|
* as published by the Free Software Foundation; either version 2.1 of
|
||||||
|
* the License, or (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This library is distributed in the hope that it will be useful, but
|
||||||
|
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||||
|
* Lesser General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU Lesser General Public
|
||||||
|
* License along with this library; if not, write to the Free Software
|
||||||
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
|
||||||
|
* USA
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* This file contains the types and prototypes for the OpenPGP
|
||||||
|
* key and private key parsing functions.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef GNUTLS_OPENPGP_H
|
||||||
|
#define GNUTLS_OPENPGP_H
|
||||||
|
|
||||||
|
#include <gnutls26/gnutls.h>
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C"
|
||||||
|
{
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* Openpgp certificate stuff
|
||||||
|
*/
|
||||||
|
|
||||||
|
/**
|
||||||
|
* gnutls_openpgp_crt_fmt_t:
|
||||||
|
* @GNUTLS_OPENPGP_FMT_RAW: OpenPGP certificate in raw format.
|
||||||
|
* @GNUTLS_OPENPGP_FMT_BASE64: OpenPGP certificate in base64 format.
|
||||||
|
*
|
||||||
|
* Enumeration of different OpenPGP key formats.
|
||||||
|
*/
|
||||||
|
typedef enum gnutls_openpgp_crt_fmt
|
||||||
|
{
|
||||||
|
GNUTLS_OPENPGP_FMT_RAW,
|
||||||
|
GNUTLS_OPENPGP_FMT_BASE64
|
||||||
|
} gnutls_openpgp_crt_fmt_t;
|
||||||
|
|
||||||
|
#define GNUTLS_OPENPGP_KEYID_SIZE 8
|
||||||
|
typedef unsigned char gnutls_openpgp_keyid_t[GNUTLS_OPENPGP_KEYID_SIZE];
|
||||||
|
|
||||||
|
/* gnutls_openpgp_cert_t should be defined in gnutls.h
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* initializes the memory for gnutls_openpgp_crt_t struct */
|
||||||
|
int gnutls_openpgp_crt_init (gnutls_openpgp_crt_t * key);
|
||||||
|
/* frees all memory */
|
||||||
|
void gnutls_openpgp_crt_deinit (gnutls_openpgp_crt_t key);
|
||||||
|
|
||||||
|
int gnutls_openpgp_crt_import (gnutls_openpgp_crt_t key,
|
||||||
|
const gnutls_datum_t * data,
|
||||||
|
gnutls_openpgp_crt_fmt_t format);
|
||||||
|
int gnutls_openpgp_crt_export (gnutls_openpgp_crt_t key,
|
||||||
|
gnutls_openpgp_crt_fmt_t format,
|
||||||
|
void *output_data,
|
||||||
|
size_t * output_data_size);
|
||||||
|
|
||||||
|
int gnutls_openpgp_crt_print (gnutls_openpgp_crt_t cert,
|
||||||
|
gnutls_certificate_print_formats_t format,
|
||||||
|
gnutls_datum_t * out);
|
||||||
|
|
||||||
|
/* The key_usage flags are defined in gnutls.h. They are
|
||||||
|
* the GNUTLS_KEY_* definitions.
|
||||||
|
*/
|
||||||
|
int gnutls_openpgp_crt_get_key_usage (gnutls_openpgp_crt_t key,
|
||||||
|
unsigned int *key_usage);
|
||||||
|
int gnutls_openpgp_crt_get_fingerprint (gnutls_openpgp_crt_t key, void *fpr,
|
||||||
|
size_t * fprlen);
|
||||||
|
int gnutls_openpgp_crt_get_subkey_fingerprint (gnutls_openpgp_crt_t key,
|
||||||
|
unsigned int idx,
|
||||||
|
void *fpr, size_t * fprlen);
|
||||||
|
|
||||||
|
int gnutls_openpgp_crt_get_name (gnutls_openpgp_crt_t key,
|
||||||
|
int idx, char *buf, size_t * sizeof_buf);
|
||||||
|
|
||||||
|
gnutls_pk_algorithm_t
|
||||||
|
gnutls_openpgp_crt_get_pk_algorithm (gnutls_openpgp_crt_t key,
|
||||||
|
unsigned int *bits);
|
||||||
|
|
||||||
|
int gnutls_openpgp_crt_get_version (gnutls_openpgp_crt_t key);
|
||||||
|
|
||||||
|
time_t gnutls_openpgp_crt_get_creation_time (gnutls_openpgp_crt_t key);
|
||||||
|
time_t gnutls_openpgp_crt_get_expiration_time (gnutls_openpgp_crt_t key);
|
||||||
|
|
||||||
|
int gnutls_openpgp_crt_get_key_id (gnutls_openpgp_crt_t key,
|
||||||
|
gnutls_openpgp_keyid_t keyid);
|
||||||
|
|
||||||
|
int gnutls_openpgp_crt_check_hostname (gnutls_openpgp_crt_t key,
|
||||||
|
const char *hostname);
|
||||||
|
|
||||||
|
int gnutls_openpgp_crt_get_revoked_status (gnutls_openpgp_crt_t key);
|
||||||
|
|
||||||
|
int gnutls_openpgp_crt_get_subkey_count (gnutls_openpgp_crt_t key);
|
||||||
|
int gnutls_openpgp_crt_get_subkey_idx (gnutls_openpgp_crt_t key,
|
||||||
|
const gnutls_openpgp_keyid_t keyid);
|
||||||
|
int gnutls_openpgp_crt_get_subkey_revoked_status (gnutls_openpgp_crt_t key,
|
||||||
|
unsigned int idx);
|
||||||
|
gnutls_pk_algorithm_t
|
||||||
|
gnutls_openpgp_crt_get_subkey_pk_algorithm (gnutls_openpgp_crt_t key,
|
||||||
|
unsigned int idx,
|
||||||
|
unsigned int *bits);
|
||||||
|
time_t gnutls_openpgp_crt_get_subkey_creation_time (gnutls_openpgp_crt_t
|
||||||
|
key, unsigned int idx);
|
||||||
|
time_t gnutls_openpgp_crt_get_subkey_expiration_time (gnutls_openpgp_crt_t
|
||||||
|
key,
|
||||||
|
unsigned int idx);
|
||||||
|
int gnutls_openpgp_crt_get_subkey_id (gnutls_openpgp_crt_t key,
|
||||||
|
unsigned int idx,
|
||||||
|
gnutls_openpgp_keyid_t keyid);
|
||||||
|
int gnutls_openpgp_crt_get_subkey_usage (gnutls_openpgp_crt_t key,
|
||||||
|
unsigned int idx,
|
||||||
|
unsigned int *key_usage);
|
||||||
|
|
||||||
|
int gnutls_openpgp_crt_get_subkey_pk_dsa_raw (gnutls_openpgp_crt_t crt,
|
||||||
|
unsigned int idx,
|
||||||
|
gnutls_datum_t * p,
|
||||||
|
gnutls_datum_t * q,
|
||||||
|
gnutls_datum_t * g,
|
||||||
|
gnutls_datum_t * y);
|
||||||
|
int gnutls_openpgp_crt_get_subkey_pk_rsa_raw (gnutls_openpgp_crt_t crt,
|
||||||
|
unsigned int idx,
|
||||||
|
gnutls_datum_t * m,
|
||||||
|
gnutls_datum_t * e);
|
||||||
|
int gnutls_openpgp_crt_get_pk_dsa_raw (gnutls_openpgp_crt_t crt,
|
||||||
|
gnutls_datum_t * p,
|
||||||
|
gnutls_datum_t * q,
|
||||||
|
gnutls_datum_t * g,
|
||||||
|
gnutls_datum_t * y);
|
||||||
|
int gnutls_openpgp_crt_get_pk_rsa_raw (gnutls_openpgp_crt_t crt,
|
||||||
|
gnutls_datum_t * m,
|
||||||
|
gnutls_datum_t * e);
|
||||||
|
|
||||||
|
int gnutls_openpgp_crt_get_preferred_key_id (gnutls_openpgp_crt_t key,
|
||||||
|
gnutls_openpgp_keyid_t keyid);
|
||||||
|
int
|
||||||
|
gnutls_openpgp_crt_set_preferred_key_id (gnutls_openpgp_crt_t key,
|
||||||
|
const gnutls_openpgp_keyid_t
|
||||||
|
keyid);
|
||||||
|
|
||||||
|
/* privkey stuff.
|
||||||
|
*/
|
||||||
|
int gnutls_openpgp_privkey_init (gnutls_openpgp_privkey_t * key);
|
||||||
|
void gnutls_openpgp_privkey_deinit (gnutls_openpgp_privkey_t key);
|
||||||
|
gnutls_pk_algorithm_t
|
||||||
|
gnutls_openpgp_privkey_get_pk_algorithm (gnutls_openpgp_privkey_t key,
|
||||||
|
unsigned int *bits);
|
||||||
|
|
||||||
|
gnutls_sec_param_t
|
||||||
|
gnutls_openpgp_privkey_sec_param (gnutls_openpgp_privkey_t key);
|
||||||
|
int gnutls_openpgp_privkey_import (gnutls_openpgp_privkey_t key,
|
||||||
|
const gnutls_datum_t * data,
|
||||||
|
gnutls_openpgp_crt_fmt_t format,
|
||||||
|
const char *password,
|
||||||
|
unsigned int flags);
|
||||||
|
|
||||||
|
int gnutls_openpgp_privkey_get_fingerprint (gnutls_openpgp_privkey_t key,
|
||||||
|
void *fpr, size_t * fprlen);
|
||||||
|
int gnutls_openpgp_privkey_get_subkey_fingerprint (gnutls_openpgp_privkey_t
|
||||||
|
key, unsigned int idx,
|
||||||
|
void *fpr,
|
||||||
|
size_t * fprlen);
|
||||||
|
int gnutls_openpgp_privkey_get_key_id (gnutls_openpgp_privkey_t key,
|
||||||
|
gnutls_openpgp_keyid_t keyid);
|
||||||
|
int gnutls_openpgp_privkey_get_subkey_count (gnutls_openpgp_privkey_t key);
|
||||||
|
int gnutls_openpgp_privkey_get_subkey_idx (gnutls_openpgp_privkey_t key,
|
||||||
|
const gnutls_openpgp_keyid_t
|
||||||
|
keyid);
|
||||||
|
|
||||||
|
int
|
||||||
|
gnutls_openpgp_privkey_get_subkey_revoked_status (gnutls_openpgp_privkey_t
|
||||||
|
key, unsigned int idx);
|
||||||
|
|
||||||
|
int gnutls_openpgp_privkey_get_revoked_status (gnutls_openpgp_privkey_t
|
||||||
|
key);
|
||||||
|
|
||||||
|
gnutls_pk_algorithm_t
|
||||||
|
gnutls_openpgp_privkey_get_subkey_pk_algorithm (gnutls_openpgp_privkey_t
|
||||||
|
key, unsigned int idx,
|
||||||
|
unsigned int *bits);
|
||||||
|
|
||||||
|
time_t
|
||||||
|
gnutls_openpgp_privkey_get_subkey_expiration_time
|
||||||
|
(gnutls_openpgp_privkey_t key, unsigned int idx);
|
||||||
|
|
||||||
|
int gnutls_openpgp_privkey_get_subkey_id (gnutls_openpgp_privkey_t key,
|
||||||
|
unsigned int idx,
|
||||||
|
gnutls_openpgp_keyid_t keyid);
|
||||||
|
|
||||||
|
time_t
|
||||||
|
gnutls_openpgp_privkey_get_subkey_creation_time (gnutls_openpgp_privkey_t
|
||||||
|
key, unsigned int idx);
|
||||||
|
|
||||||
|
int
|
||||||
|
gnutls_openpgp_privkey_export_subkey_dsa_raw (gnutls_openpgp_privkey_t
|
||||||
|
pkey, unsigned int idx,
|
||||||
|
gnutls_datum_t * p,
|
||||||
|
gnutls_datum_t * q,
|
||||||
|
gnutls_datum_t * g,
|
||||||
|
gnutls_datum_t * y,
|
||||||
|
gnutls_datum_t * x);
|
||||||
|
int gnutls_openpgp_privkey_export_subkey_rsa_raw (gnutls_openpgp_privkey_t
|
||||||
|
pkey, unsigned int idx,
|
||||||
|
gnutls_datum_t * m,
|
||||||
|
gnutls_datum_t * e,
|
||||||
|
gnutls_datum_t * d,
|
||||||
|
gnutls_datum_t * p,
|
||||||
|
gnutls_datum_t * q,
|
||||||
|
gnutls_datum_t * u);
|
||||||
|
|
||||||
|
int gnutls_openpgp_privkey_export_dsa_raw (gnutls_openpgp_privkey_t pkey,
|
||||||
|
gnutls_datum_t * p,
|
||||||
|
gnutls_datum_t * q,
|
||||||
|
gnutls_datum_t * g,
|
||||||
|
gnutls_datum_t * y,
|
||||||
|
gnutls_datum_t * x);
|
||||||
|
int gnutls_openpgp_privkey_export_rsa_raw (gnutls_openpgp_privkey_t pkey,
|
||||||
|
gnutls_datum_t * m,
|
||||||
|
gnutls_datum_t * e,
|
||||||
|
gnutls_datum_t * d,
|
||||||
|
gnutls_datum_t * p,
|
||||||
|
gnutls_datum_t * q,
|
||||||
|
gnutls_datum_t * u);
|
||||||
|
|
||||||
|
int gnutls_openpgp_privkey_export (gnutls_openpgp_privkey_t key,
|
||||||
|
gnutls_openpgp_crt_fmt_t format,
|
||||||
|
const char *password,
|
||||||
|
unsigned int flags,
|
||||||
|
void *output_data,
|
||||||
|
size_t * output_data_size);
|
||||||
|
|
||||||
|
int
|
||||||
|
gnutls_openpgp_privkey_set_preferred_key_id (gnutls_openpgp_privkey_t key,
|
||||||
|
const gnutls_openpgp_keyid_t
|
||||||
|
keyid);
|
||||||
|
int gnutls_openpgp_privkey_get_preferred_key_id (gnutls_openpgp_privkey_t
|
||||||
|
key,
|
||||||
|
gnutls_openpgp_keyid_t
|
||||||
|
keyid);
|
||||||
|
|
||||||
|
int gnutls_openpgp_crt_get_auth_subkey (gnutls_openpgp_crt_t crt,
|
||||||
|
gnutls_openpgp_keyid_t keyid,
|
||||||
|
unsigned int flag);
|
||||||
|
|
||||||
|
/* Keyring stuff.
|
||||||
|
*/
|
||||||
|
|
||||||
|
int gnutls_openpgp_keyring_init (gnutls_openpgp_keyring_t * keyring);
|
||||||
|
void gnutls_openpgp_keyring_deinit (gnutls_openpgp_keyring_t keyring);
|
||||||
|
|
||||||
|
int gnutls_openpgp_keyring_import (gnutls_openpgp_keyring_t keyring,
|
||||||
|
const gnutls_datum_t * data,
|
||||||
|
gnutls_openpgp_crt_fmt_t format);
|
||||||
|
|
||||||
|
int gnutls_openpgp_keyring_check_id (gnutls_openpgp_keyring_t ring,
|
||||||
|
const gnutls_openpgp_keyid_t keyid,
|
||||||
|
unsigned int flags);
|
||||||
|
|
||||||
|
|
||||||
|
int gnutls_openpgp_crt_verify_ring (gnutls_openpgp_crt_t key,
|
||||||
|
gnutls_openpgp_keyring_t keyring,
|
||||||
|
unsigned int flags, unsigned int *verify
|
||||||
|
/* the output of the verification */ );
|
||||||
|
|
||||||
|
int gnutls_openpgp_crt_verify_self (gnutls_openpgp_crt_t key,
|
||||||
|
unsigned int flags,
|
||||||
|
unsigned int *verify);
|
||||||
|
|
||||||
|
int gnutls_openpgp_keyring_get_crt (gnutls_openpgp_keyring_t ring,
|
||||||
|
unsigned int idx,
|
||||||
|
gnutls_openpgp_crt_t * cert);
|
||||||
|
|
||||||
|
int gnutls_openpgp_keyring_get_crt_count (gnutls_openpgp_keyring_t ring);
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* gnutls_openpgp_recv_key_func:
|
||||||
|
* @session: a TLS session
|
||||||
|
* @keyfpr: key fingerprint
|
||||||
|
* @keyfpr_length: length of key fingerprint
|
||||||
|
* @key: output key.
|
||||||
|
*
|
||||||
|
* A callback of this type is used to retrieve OpenPGP keys. Only
|
||||||
|
* useful on the server, and will only be used if the peer send a key
|
||||||
|
* fingerprint instead of a full key. See also
|
||||||
|
* gnutls_openpgp_set_recv_key_function().
|
||||||
|
*
|
||||||
|
* Returns: On success, %GNUTLS_E_SUCCESS (zero) is returned,
|
||||||
|
* otherwise an error code is returned.
|
||||||
|
*/
|
||||||
|
typedef int (*gnutls_openpgp_recv_key_func) (gnutls_session_t session,
|
||||||
|
const unsigned char *keyfpr,
|
||||||
|
unsigned int keyfpr_length,
|
||||||
|
gnutls_datum_t * key);
|
||||||
|
|
||||||
|
void
|
||||||
|
gnutls_openpgp_set_recv_key_function (gnutls_session_t session,
|
||||||
|
gnutls_openpgp_recv_key_func func);
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
/* certificate authentication stuff.
|
||||||
|
*/
|
||||||
|
int gnutls_certificate_set_openpgp_key (gnutls_certificate_credentials_t
|
||||||
|
res, gnutls_openpgp_crt_t key,
|
||||||
|
gnutls_openpgp_privkey_t pkey);
|
||||||
|
|
||||||
|
int
|
||||||
|
gnutls_certificate_set_openpgp_key_file (gnutls_certificate_credentials_t
|
||||||
|
res, const char *certfile,
|
||||||
|
const char *keyfile,
|
||||||
|
gnutls_openpgp_crt_fmt_t format);
|
||||||
|
int gnutls_certificate_set_openpgp_key_mem (gnutls_certificate_credentials_t
|
||||||
|
res,
|
||||||
|
const gnutls_datum_t * cert,
|
||||||
|
const gnutls_datum_t * key,
|
||||||
|
gnutls_openpgp_crt_fmt_t
|
||||||
|
format);
|
||||||
|
|
||||||
|
int
|
||||||
|
gnutls_certificate_set_openpgp_key_file2 (gnutls_certificate_credentials_t
|
||||||
|
res, const char *certfile,
|
||||||
|
const char *keyfile,
|
||||||
|
const char *subkey_id,
|
||||||
|
gnutls_openpgp_crt_fmt_t
|
||||||
|
format);
|
||||||
|
int
|
||||||
|
gnutls_certificate_set_openpgp_key_mem2 (gnutls_certificate_credentials_t
|
||||||
|
res, const gnutls_datum_t * cert,
|
||||||
|
const gnutls_datum_t * key,
|
||||||
|
const char *subkey_id,
|
||||||
|
gnutls_openpgp_crt_fmt_t format);
|
||||||
|
|
||||||
|
int
|
||||||
|
gnutls_certificate_set_openpgp_keyring_mem
|
||||||
|
(gnutls_certificate_credentials_t c, const unsigned char *data,
|
||||||
|
size_t dlen, gnutls_openpgp_crt_fmt_t format);
|
||||||
|
|
||||||
|
int
|
||||||
|
gnutls_certificate_set_openpgp_keyring_file
|
||||||
|
(gnutls_certificate_credentials_t c, const char *file,
|
||||||
|
gnutls_openpgp_crt_fmt_t format);
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#endif /* GNUTLS_OPENPGP_H */
|
304
contrib/include/gnutls26/pkcs11.h
Normal file
304
contrib/include/gnutls26/pkcs11.h
Normal file
@ -0,0 +1,304 @@
|
|||||||
|
#ifndef __GNUTLS_PKCS11_H
|
||||||
|
#define __GNUTLS_PKCS11_H
|
||||||
|
|
||||||
|
|
||||||
|
#include <stdarg.h>
|
||||||
|
#include <gnutls26/gnutls.h>
|
||||||
|
#include <gnutls26/x509.h>
|
||||||
|
|
||||||
|
#define GNUTLS_PKCS11_MAX_PIN_LEN 32
|
||||||
|
|
||||||
|
/* Token callback function. The callback will be used to
|
||||||
|
* ask the user to re-enter the token with given null terminated
|
||||||
|
* label. Callback should return zero if token has been inserted
|
||||||
|
* by user and a negative error code otherwise. It might be called
|
||||||
|
* multiple times if the token is not detected and the retry counter
|
||||||
|
* will be increased.
|
||||||
|
*/
|
||||||
|
typedef int (*gnutls_pkcs11_token_callback_t) (void *const global_data,
|
||||||
|
const char *const label,
|
||||||
|
const unsigned retry);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* gnutls_pkcs11_pin_flag_t:
|
||||||
|
* @GNUTLS_PKCS11_PIN_USER: The PIN for the user.
|
||||||
|
* @GNUTLS_PKCS11_PIN_SO: The PIN for the security officer.
|
||||||
|
* @GNUTLS_PKCS11_PIN_CONTEXT_SPECIFIC: The PIN is for a specific action and key like signing.
|
||||||
|
* @GNUTLS_PKCS11_PIN_FINAL_TRY: This is the final try before blocking.
|
||||||
|
* @GNUTLS_PKCS11_PIN_COUNT_LOW: Few tries remain before token blocks.
|
||||||
|
* @GNUTLS_PKCS11_PIN_WRONG: Last given PIN was not correct.
|
||||||
|
*
|
||||||
|
* Enumeration of different PIN flags.
|
||||||
|
*/
|
||||||
|
typedef enum
|
||||||
|
{
|
||||||
|
GNUTLS_PKCS11_PIN_USER = (1 << 0),
|
||||||
|
GNUTLS_PKCS11_PIN_SO = (1 << 1),
|
||||||
|
GNUTLS_PKCS11_PIN_FINAL_TRY = (1 << 2),
|
||||||
|
GNUTLS_PKCS11_PIN_COUNT_LOW = (1 << 3),
|
||||||
|
GNUTLS_PKCS11_PIN_CONTEXT_SPECIFIC = (1 << 4),
|
||||||
|
GNUTLS_PKCS11_PIN_WRONG = (1 << 5),
|
||||||
|
} gnutls_pkcs11_pin_flag_t;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* gnutls_pkcs11_pin_callback_t:
|
||||||
|
* @userdata: user-controlled data from gnutls_pkcs11_set_pin_function().
|
||||||
|
* @attempt: pin-attempt counter, initially 0.
|
||||||
|
* @token_url: PKCS11 URL.
|
||||||
|
* @token_label: label of PKCS11 token.
|
||||||
|
* @flags: a #gnutls_pkcs11_pin_flag_t flag.
|
||||||
|
* @pin: buffer to hold PIN, of size @pin_max.
|
||||||
|
* @pin_max: size of @pin buffer.
|
||||||
|
*
|
||||||
|
* Callback function type for PKCS#11 PIN entry. It is set by
|
||||||
|
* gnutls_pkcs11_set_pin_function().
|
||||||
|
*
|
||||||
|
* The callback should provides the PIN code to unlock the token with
|
||||||
|
* label @token_label, specified by the URL @token_url.
|
||||||
|
*
|
||||||
|
* The PIN code, as a NUL-terminated ASCII string, should be copied
|
||||||
|
* into the @pin buffer (of maximum size @pin_max), and return 0 to
|
||||||
|
* indicate success. Alternatively, the callback may return a
|
||||||
|
* negative gnutls error code to indicate failure and cancel PIN entry
|
||||||
|
* (in which case, the contents of the @pin parameter are ignored).
|
||||||
|
*
|
||||||
|
* When a PIN is required, the callback will be invoked repeatedly
|
||||||
|
* (and indefinitely) until either the returned PIN code is correct,
|
||||||
|
* the callback returns failure, or the token refuses login (e.g. when
|
||||||
|
* the token is locked due to too many incorrect PINs!). For the
|
||||||
|
* first such invocation, the @attempt counter will have value zero;
|
||||||
|
* it will increase by one for each subsequent attempt.
|
||||||
|
*
|
||||||
|
* Returns: %GNUTLS_E_SUCCESS (0) on success or a negative error code on error.
|
||||||
|
*
|
||||||
|
* Since: 2.12.0
|
||||||
|
**/
|
||||||
|
typedef int (*gnutls_pkcs11_pin_callback_t) (void *userdata, int attempt,
|
||||||
|
const char *token_url,
|
||||||
|
const char *token_label,
|
||||||
|
unsigned int flags
|
||||||
|
/*gnutls_pkcs11_pin_flag_t */ ,
|
||||||
|
char *pin, size_t pin_max);
|
||||||
|
|
||||||
|
struct gnutls_pkcs11_obj_st;
|
||||||
|
typedef struct gnutls_pkcs11_obj_st *gnutls_pkcs11_obj_t;
|
||||||
|
|
||||||
|
|
||||||
|
#define GNUTLS_PKCS11_FLAG_MANUAL 0 /* Manual loading of libraries */
|
||||||
|
#define GNUTLS_PKCS11_FLAG_AUTO 1 /* Automatically load libraries by reading /etc/gnutls/pkcs11.conf */
|
||||||
|
|
||||||
|
/* pkcs11.conf format:
|
||||||
|
* load = /lib/xxx-pkcs11.so
|
||||||
|
* load = /lib/yyy-pkcs11.so
|
||||||
|
*/
|
||||||
|
|
||||||
|
int gnutls_pkcs11_init (unsigned int flags, const char *deprecated_config_file);
|
||||||
|
void gnutls_pkcs11_deinit (void);
|
||||||
|
void gnutls_pkcs11_set_token_function (gnutls_pkcs11_token_callback_t fn,
|
||||||
|
void *userdata);
|
||||||
|
|
||||||
|
void gnutls_pkcs11_set_pin_function (gnutls_pkcs11_pin_callback_t fn,
|
||||||
|
void *userdata);
|
||||||
|
int gnutls_pkcs11_add_provider (const char *name, const char *params);
|
||||||
|
int gnutls_pkcs11_obj_init (gnutls_pkcs11_obj_t * obj);
|
||||||
|
|
||||||
|
#define GNUTLS_PKCS11_OBJ_FLAG_LOGIN (1<<0) /* force login in the token for the operation */
|
||||||
|
#define GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED (1<<1) /* object marked as trusted */
|
||||||
|
#define GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE (1<<2) /* object marked as sensitive (unexportable) */
|
||||||
|
#define GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO (1<<3) /* force login as a security officer in the token for the operation */
|
||||||
|
|
||||||
|
/**
|
||||||
|
* gnutls_pkcs11_url_type_t:
|
||||||
|
* @GNUTLS_PKCS11_URL_GENERIC: A generic-purpose URL.
|
||||||
|
* @GNUTLS_PKCS11_URL_LIB: A URL that specifies the library used as well.
|
||||||
|
* @GNUTLS_PKCS11_URL_LIB_VERSION: A URL that specifies the library and its version.
|
||||||
|
*
|
||||||
|
* Enumeration of different URL extraction flags.
|
||||||
|
*/
|
||||||
|
typedef enum
|
||||||
|
{
|
||||||
|
GNUTLS_PKCS11_URL_GENERIC, /* URL specifies the object on token level */
|
||||||
|
GNUTLS_PKCS11_URL_LIB, /* URL specifies the object on module level */
|
||||||
|
GNUTLS_PKCS11_URL_LIB_VERSION /* URL specifies the object on module and version level */
|
||||||
|
} gnutls_pkcs11_url_type_t;
|
||||||
|
|
||||||
|
int gnutls_pkcs11_obj_import_url (gnutls_pkcs11_obj_t, const char *url,
|
||||||
|
unsigned int flags
|
||||||
|
/* GNUTLS_PKCS11_OBJ_FLAG_* */ );
|
||||||
|
int gnutls_pkcs11_obj_export_url (gnutls_pkcs11_obj_t obj,
|
||||||
|
gnutls_pkcs11_url_type_t detailed,
|
||||||
|
char **url);
|
||||||
|
void gnutls_pkcs11_obj_deinit (gnutls_pkcs11_obj_t obj);
|
||||||
|
|
||||||
|
int gnutls_pkcs11_obj_export (gnutls_pkcs11_obj_t obj,
|
||||||
|
void *output_data, size_t * output_data_size);
|
||||||
|
|
||||||
|
|
||||||
|
int gnutls_pkcs11_copy_x509_crt (const char *token_url, gnutls_x509_crt_t crt,
|
||||||
|
const char *label, unsigned int flags
|
||||||
|
/* GNUTLS_PKCS11_OBJ_FLAG_* */ );
|
||||||
|
int gnutls_pkcs11_copy_x509_privkey (const char *token_url, gnutls_x509_privkey_t key,
|
||||||
|
const char *label, unsigned int key_usage /*GNUTLS_KEY_* */, unsigned int flags
|
||||||
|
/* GNUTLS_PKCS11_OBJ_FLAG_* */ );
|
||||||
|
int gnutls_pkcs11_delete_url (const char *object_url, unsigned int flags
|
||||||
|
/* GNUTLS_PKCS11_OBJ_FLAG_* */ );
|
||||||
|
|
||||||
|
int gnutls_pkcs11_copy_secret_key (const char *token_url,
|
||||||
|
gnutls_datum_t * key, const char *label,
|
||||||
|
unsigned int key_usage /* GNUTLS_KEY_* */ ,
|
||||||
|
unsigned int flags
|
||||||
|
/* GNUTLS_PKCS11_OBJ_FLAG_* */ );
|
||||||
|
|
||||||
|
/**
|
||||||
|
* gnutls_pkcs11_obj_info_t:
|
||||||
|
* @GNUTLS_PKCS11_OBJ_ID_HEX: The object ID in hex.
|
||||||
|
* @GNUTLS_PKCS11_OBJ_LABEL: The object label.
|
||||||
|
* @GNUTLS_PKCS11_OBJ_TOKEN_LABEL: The token's label.
|
||||||
|
* @GNUTLS_PKCS11_OBJ_TOKEN_SERIAL: The token's serial number.
|
||||||
|
* @GNUTLS_PKCS11_OBJ_TOKEN_MANUFACTURER: The token's manufacturer.
|
||||||
|
* @GNUTLS_PKCS11_OBJ_TOKEN_MODEL: The token's model.
|
||||||
|
* @GNUTLS_PKCS11_OBJ_ID: The object ID.
|
||||||
|
* @GNUTLS_PKCS11_OBJ_LIBRARY_VERSION: The library's used to access the object version.
|
||||||
|
* @GNUTLS_PKCS11_OBJ_LIBRARY_DESCRIPTION: The library's used to access the object description (name).
|
||||||
|
* @GNUTLS_PKCS11_OBJ_LIBRARY_MANUFACTURER: The library's used to access the object manufacturer name.
|
||||||
|
*
|
||||||
|
* Enumeration of several object information types.
|
||||||
|
*/
|
||||||
|
typedef enum
|
||||||
|
{
|
||||||
|
GNUTLS_PKCS11_OBJ_ID_HEX = 1,
|
||||||
|
GNUTLS_PKCS11_OBJ_LABEL,
|
||||||
|
GNUTLS_PKCS11_OBJ_TOKEN_LABEL,
|
||||||
|
GNUTLS_PKCS11_OBJ_TOKEN_SERIAL,
|
||||||
|
GNUTLS_PKCS11_OBJ_TOKEN_MANUFACTURER,
|
||||||
|
GNUTLS_PKCS11_OBJ_TOKEN_MODEL,
|
||||||
|
GNUTLS_PKCS11_OBJ_ID,
|
||||||
|
/* the pkcs11 provider library info */
|
||||||
|
GNUTLS_PKCS11_OBJ_LIBRARY_VERSION,
|
||||||
|
GNUTLS_PKCS11_OBJ_LIBRARY_DESCRIPTION,
|
||||||
|
GNUTLS_PKCS11_OBJ_LIBRARY_MANUFACTURER
|
||||||
|
} gnutls_pkcs11_obj_info_t;
|
||||||
|
|
||||||
|
int gnutls_pkcs11_obj_get_info (gnutls_pkcs11_obj_t crt,
|
||||||
|
gnutls_pkcs11_obj_info_t itype, void *output,
|
||||||
|
size_t * output_size);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* gnutls_pkcs11_obj_attr_t:
|
||||||
|
* @GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL: Specify all certificates.
|
||||||
|
* @GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED: Specify all certificates marked as trusted.
|
||||||
|
* @GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY: Specify all certificates with a corresponding private key.
|
||||||
|
* @GNUTLS_PKCS11_OBJ_ATTR_PUBKEY: Specify all public keys.
|
||||||
|
* @GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY: Specify all private keys.
|
||||||
|
* @GNUTLS_PKCS11_OBJ_ATTR_ALL: Specify all objects.
|
||||||
|
*
|
||||||
|
* Enumeration of several attributes for object enumeration.
|
||||||
|
*/
|
||||||
|
typedef enum
|
||||||
|
{
|
||||||
|
GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL = 1, /* all certificates */
|
||||||
|
GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED, /* certificates marked as trusted */
|
||||||
|
GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY, /* certificates with corresponding private key */
|
||||||
|
GNUTLS_PKCS11_OBJ_ATTR_PUBKEY, /* public keys */
|
||||||
|
GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY, /* private keys */
|
||||||
|
GNUTLS_PKCS11_OBJ_ATTR_ALL /* everything! */
|
||||||
|
} gnutls_pkcs11_obj_attr_t;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* gnutls_pkcs11_token_info_t:
|
||||||
|
* @GNUTLS_PKCS11_TOKEN_LABEL: The token's label
|
||||||
|
* @GNUTLS_PKCS11_TOKEN_SERIAL: The token's serial number
|
||||||
|
* @GNUTLS_PKCS11_TOKEN_MANUFACTURER: The token's manufacturer
|
||||||
|
* @GNUTLS_PKCS11_TOKEN_MODEL: The token's model
|
||||||
|
*
|
||||||
|
* Enumeration of types for retrieving token information.
|
||||||
|
*/
|
||||||
|
typedef enum
|
||||||
|
{
|
||||||
|
GNUTLS_PKCS11_TOKEN_LABEL,
|
||||||
|
GNUTLS_PKCS11_TOKEN_SERIAL,
|
||||||
|
GNUTLS_PKCS11_TOKEN_MANUFACTURER,
|
||||||
|
GNUTLS_PKCS11_TOKEN_MODEL
|
||||||
|
} gnutls_pkcs11_token_info_t;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* gnutls_pkcs11_obj_type_t:
|
||||||
|
* @GNUTLS_PKCS11_OBJ_UNKNOWN: Unknown PKCS11 object.
|
||||||
|
* @GNUTLS_PKCS11_OBJ_X509_CRT: X.509 certificate.
|
||||||
|
* @GNUTLS_PKCS11_OBJ_PUBKEY: Public key.
|
||||||
|
* @GNUTLS_PKCS11_OBJ_PRIVKEY: Private key.
|
||||||
|
* @GNUTLS_PKCS11_OBJ_SECRET_KEY: Secret key.
|
||||||
|
* @GNUTLS_PKCS11_OBJ_DATA: Data object.
|
||||||
|
*
|
||||||
|
* Enumeration of object types.
|
||||||
|
*/
|
||||||
|
typedef enum
|
||||||
|
{
|
||||||
|
GNUTLS_PKCS11_OBJ_UNKNOWN,
|
||||||
|
GNUTLS_PKCS11_OBJ_X509_CRT,
|
||||||
|
GNUTLS_PKCS11_OBJ_PUBKEY,
|
||||||
|
GNUTLS_PKCS11_OBJ_PRIVKEY,
|
||||||
|
GNUTLS_PKCS11_OBJ_SECRET_KEY,
|
||||||
|
GNUTLS_PKCS11_OBJ_DATA
|
||||||
|
} gnutls_pkcs11_obj_type_t;
|
||||||
|
|
||||||
|
int
|
||||||
|
gnutls_pkcs11_token_init (const char *token_url,
|
||||||
|
const char *so_pin, const char *label);
|
||||||
|
|
||||||
|
int
|
||||||
|
gnutls_pkcs11_token_get_mechanism (const char *url, int idx,
|
||||||
|
unsigned long *mechanism);
|
||||||
|
|
||||||
|
int gnutls_pkcs11_token_set_pin (const char *token_url, const char *oldpin, const char *newpin, unsigned int flags /*gnutls_pkcs11_pin_flag_t */
|
||||||
|
);
|
||||||
|
|
||||||
|
int gnutls_pkcs11_token_get_url (unsigned int seq,
|
||||||
|
gnutls_pkcs11_url_type_t detailed,
|
||||||
|
char **url);
|
||||||
|
int gnutls_pkcs11_token_get_info (const char *url, gnutls_pkcs11_token_info_t ttype,
|
||||||
|
void *output, size_t * output_size);
|
||||||
|
|
||||||
|
#define GNUTLS_PKCS11_TOKEN_HW 1
|
||||||
|
int gnutls_pkcs11_token_get_flags (const char *url, unsigned int *flags);
|
||||||
|
|
||||||
|
int gnutls_pkcs11_obj_list_import_url (gnutls_pkcs11_obj_t * p_list,
|
||||||
|
unsigned int *const n_list,
|
||||||
|
const char *url,
|
||||||
|
gnutls_pkcs11_obj_attr_t attrs,
|
||||||
|
unsigned int flags
|
||||||
|
/* GNUTLS_PKCS11_OBJ_FLAG_* */ );
|
||||||
|
|
||||||
|
int gnutls_x509_crt_import_pkcs11 (gnutls_x509_crt_t crt,
|
||||||
|
gnutls_pkcs11_obj_t pkcs11_crt);
|
||||||
|
int gnutls_x509_crt_import_pkcs11_url (gnutls_x509_crt_t crt, const char *url,
|
||||||
|
unsigned int flags
|
||||||
|
/* GNUTLS_PKCS11_OBJ_FLAG_* */ );
|
||||||
|
|
||||||
|
gnutls_pkcs11_obj_type_t gnutls_pkcs11_obj_get_type (gnutls_pkcs11_obj_t
|
||||||
|
certificate);
|
||||||
|
const char *gnutls_pkcs11_type_get_name (gnutls_pkcs11_obj_type_t);
|
||||||
|
|
||||||
|
int gnutls_x509_crt_list_import_pkcs11 (gnutls_x509_crt_t * certs, unsigned int cert_max,
|
||||||
|
gnutls_pkcs11_obj_t * const objs, unsigned int flags /* must be zero */);
|
||||||
|
|
||||||
|
|
||||||
|
/* private key functions...*/
|
||||||
|
int gnutls_pkcs11_privkey_init (gnutls_pkcs11_privkey_t * key);
|
||||||
|
void gnutls_pkcs11_privkey_deinit (gnutls_pkcs11_privkey_t key);
|
||||||
|
int gnutls_pkcs11_privkey_get_pk_algorithm (gnutls_pkcs11_privkey_t key,
|
||||||
|
unsigned int *bits);
|
||||||
|
int gnutls_pkcs11_privkey_get_info (gnutls_pkcs11_privkey_t pkey,
|
||||||
|
gnutls_pkcs11_obj_info_t itype,
|
||||||
|
void *output, size_t * output_size);
|
||||||
|
|
||||||
|
int gnutls_pkcs11_privkey_import_url (gnutls_pkcs11_privkey_t pkey,
|
||||||
|
const char *url, unsigned int flags);
|
||||||
|
|
||||||
|
int gnutls_pkcs11_privkey_export_url (gnutls_pkcs11_privkey_t key,
|
||||||
|
gnutls_pkcs11_url_type_t detailed,
|
||||||
|
char **url);
|
||||||
|
|
||||||
|
/** @} */
|
||||||
|
|
||||||
|
#endif
|
123
contrib/include/gnutls26/pkcs12.h
Normal file
123
contrib/include/gnutls26/pkcs12.h
Normal file
@ -0,0 +1,123 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (C) 2003, 2004, 2005, 2007, 2008, 2009, 2010 Free Software
|
||||||
|
* Foundation, Inc.
|
||||||
|
*
|
||||||
|
* Author: Nikos Mavrogiannopoulos
|
||||||
|
*
|
||||||
|
* This file is part of GnuTLS.
|
||||||
|
*
|
||||||
|
* The GnuTLS is free software; you can redistribute it and/or
|
||||||
|
* modify it under the terms of the GNU Lesser General Public License
|
||||||
|
* as published by the Free Software Foundation; either version 2.1 of
|
||||||
|
* the License, or (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This library is distributed in the hope that it will be useful, but
|
||||||
|
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||||
|
* Lesser General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU Lesser General Public
|
||||||
|
* License along with this library; if not, write to the Free Software
|
||||||
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
|
||||||
|
* USA
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef GNUTLS_PKCS12_H
|
||||||
|
#define GNUTLS_PKCS12_H
|
||||||
|
|
||||||
|
#include <gnutls26/x509.h>
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C"
|
||||||
|
{
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* PKCS12 structures handling
|
||||||
|
*/
|
||||||
|
struct gnutls_pkcs12_int;
|
||||||
|
typedef struct gnutls_pkcs12_int *gnutls_pkcs12_t;
|
||||||
|
|
||||||
|
struct gnutls_pkcs12_bag_int;
|
||||||
|
typedef struct gnutls_pkcs12_bag_int *gnutls_pkcs12_bag_t;
|
||||||
|
|
||||||
|
int gnutls_pkcs12_init (gnutls_pkcs12_t * pkcs12);
|
||||||
|
void gnutls_pkcs12_deinit (gnutls_pkcs12_t pkcs12);
|
||||||
|
int gnutls_pkcs12_import (gnutls_pkcs12_t pkcs12,
|
||||||
|
const gnutls_datum_t * data,
|
||||||
|
gnutls_x509_crt_fmt_t format, unsigned int flags);
|
||||||
|
int gnutls_pkcs12_export (gnutls_pkcs12_t pkcs12,
|
||||||
|
gnutls_x509_crt_fmt_t format,
|
||||||
|
void *output_data, size_t * output_data_size);
|
||||||
|
|
||||||
|
int gnutls_pkcs12_get_bag (gnutls_pkcs12_t pkcs12,
|
||||||
|
int indx, gnutls_pkcs12_bag_t bag);
|
||||||
|
int gnutls_pkcs12_set_bag (gnutls_pkcs12_t pkcs12, gnutls_pkcs12_bag_t bag);
|
||||||
|
|
||||||
|
int gnutls_pkcs12_generate_mac (gnutls_pkcs12_t pkcs12, const char *pass);
|
||||||
|
int gnutls_pkcs12_verify_mac (gnutls_pkcs12_t pkcs12, const char *pass);
|
||||||
|
|
||||||
|
int gnutls_pkcs12_bag_decrypt (gnutls_pkcs12_bag_t bag, const char *pass);
|
||||||
|
int gnutls_pkcs12_bag_encrypt (gnutls_pkcs12_bag_t bag, const char *pass,
|
||||||
|
unsigned int flags);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* gnutls_pkcs12_bag_type_t:
|
||||||
|
* @GNUTLS_BAG_EMPTY: Empty PKCS-12 bag.
|
||||||
|
* @GNUTLS_BAG_PKCS8_ENCRYPTED_KEY: PKCS-12 bag with PKCS-8 encrypted key.
|
||||||
|
* @GNUTLS_BAG_PKCS8_KEY: PKCS-12 bag with PKCS-8 key.
|
||||||
|
* @GNUTLS_BAG_CERTIFICATE: PKCS-12 bag with certificate.
|
||||||
|
* @GNUTLS_BAG_CRL: PKCS-12 bag with CRL.
|
||||||
|
* @GNUTLS_BAG_SECRET: PKCS-12 bag with secret PKCS-9 keys.
|
||||||
|
* @GNUTLS_BAG_ENCRYPTED: Encrypted PKCS-12 bag.
|
||||||
|
* @GNUTLS_BAG_UNKNOWN: Unknown PKCS-12 bag.
|
||||||
|
*
|
||||||
|
* Enumeration of different PKCS 12 bag types.
|
||||||
|
*/
|
||||||
|
typedef enum gnutls_pkcs12_bag_type_t
|
||||||
|
{
|
||||||
|
GNUTLS_BAG_EMPTY = 0,
|
||||||
|
GNUTLS_BAG_PKCS8_ENCRYPTED_KEY = 1,
|
||||||
|
GNUTLS_BAG_PKCS8_KEY = 2,
|
||||||
|
GNUTLS_BAG_CERTIFICATE = 3,
|
||||||
|
GNUTLS_BAG_CRL = 4,
|
||||||
|
GNUTLS_BAG_SECRET = 5, /* Secret data. Underspecified in pkcs-12,
|
||||||
|
* gnutls extension. We use the PKCS-9
|
||||||
|
* random nonce ID 1.2.840.113549.1.9.25.3
|
||||||
|
* to store randomly generated keys.
|
||||||
|
*/
|
||||||
|
GNUTLS_BAG_ENCRYPTED = 10,
|
||||||
|
GNUTLS_BAG_UNKNOWN = 20
|
||||||
|
} gnutls_pkcs12_bag_type_t;
|
||||||
|
|
||||||
|
gnutls_pkcs12_bag_type_t
|
||||||
|
gnutls_pkcs12_bag_get_type (gnutls_pkcs12_bag_t bag, int indx);
|
||||||
|
int gnutls_pkcs12_bag_get_data (gnutls_pkcs12_bag_t bag, int indx,
|
||||||
|
gnutls_datum_t * data);
|
||||||
|
int gnutls_pkcs12_bag_set_data (gnutls_pkcs12_bag_t bag,
|
||||||
|
gnutls_pkcs12_bag_type_t type,
|
||||||
|
const gnutls_datum_t * data);
|
||||||
|
int gnutls_pkcs12_bag_set_crl (gnutls_pkcs12_bag_t bag,
|
||||||
|
gnutls_x509_crl_t crl);
|
||||||
|
int gnutls_pkcs12_bag_set_crt (gnutls_pkcs12_bag_t bag,
|
||||||
|
gnutls_x509_crt_t crt);
|
||||||
|
|
||||||
|
int gnutls_pkcs12_bag_init (gnutls_pkcs12_bag_t * bag);
|
||||||
|
void gnutls_pkcs12_bag_deinit (gnutls_pkcs12_bag_t bag);
|
||||||
|
int gnutls_pkcs12_bag_get_count (gnutls_pkcs12_bag_t bag);
|
||||||
|
|
||||||
|
int gnutls_pkcs12_bag_get_key_id (gnutls_pkcs12_bag_t bag, int indx,
|
||||||
|
gnutls_datum_t * id);
|
||||||
|
int gnutls_pkcs12_bag_set_key_id (gnutls_pkcs12_bag_t bag, int indx,
|
||||||
|
const gnutls_datum_t * id);
|
||||||
|
|
||||||
|
int gnutls_pkcs12_bag_get_friendly_name (gnutls_pkcs12_bag_t bag, int indx,
|
||||||
|
char **name);
|
||||||
|
int gnutls_pkcs12_bag_set_friendly_name (gnutls_pkcs12_bag_t bag, int indx,
|
||||||
|
const char *name);
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#endif /* GNUTLS_PKCS12_H */
|
827
contrib/include/gnutls26/x509.h
Normal file
827
contrib/include/gnutls26/x509.h
Normal file
@ -0,0 +1,827 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (C) 2003, 2004, 2005, 2007, 2008, 2009, 2010 Free Software
|
||||||
|
* Foundation, Inc.
|
||||||
|
*
|
||||||
|
* Author: Nikos Mavrogiannopoulos
|
||||||
|
*
|
||||||
|
* This file is part of GnuTLS.
|
||||||
|
*
|
||||||
|
* The GnuTLS is free software; you can redistribute it and/or
|
||||||
|
* modify it under the terms of the GNU Lesser General Public License
|
||||||
|
* as published by the Free Software Foundation; either version 2.1 of
|
||||||
|
* the License, or (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This library is distributed in the hope that it will be useful, but
|
||||||
|
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||||
|
* Lesser General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU Lesser General Public
|
||||||
|
* License along with this library; if not, write to the Free Software
|
||||||
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
|
||||||
|
* USA
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* This file contains the types and prototypes for the X.509
|
||||||
|
* certificate and CRL handling functions.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef GNUTLS_X509_H
|
||||||
|
#define GNUTLS_X509_H
|
||||||
|
|
||||||
|
#include <gnutls26/gnutls.h>
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C"
|
||||||
|
{
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* Some OIDs usually found in Distinguished names, or
|
||||||
|
* in Subject Directory Attribute extensions.
|
||||||
|
*/
|
||||||
|
#define GNUTLS_OID_X520_COUNTRY_NAME "2.5.4.6"
|
||||||
|
#define GNUTLS_OID_X520_ORGANIZATION_NAME "2.5.4.10"
|
||||||
|
#define GNUTLS_OID_X520_ORGANIZATIONAL_UNIT_NAME "2.5.4.11"
|
||||||
|
#define GNUTLS_OID_X520_COMMON_NAME "2.5.4.3"
|
||||||
|
#define GNUTLS_OID_X520_LOCALITY_NAME "2.5.4.7"
|
||||||
|
#define GNUTLS_OID_X520_STATE_OR_PROVINCE_NAME "2.5.4.8"
|
||||||
|
|
||||||
|
#define GNUTLS_OID_X520_INITIALS "2.5.4.43"
|
||||||
|
#define GNUTLS_OID_X520_GENERATION_QUALIFIER "2.5.4.44"
|
||||||
|
#define GNUTLS_OID_X520_SURNAME "2.5.4.4"
|
||||||
|
#define GNUTLS_OID_X520_GIVEN_NAME "2.5.4.42"
|
||||||
|
#define GNUTLS_OID_X520_TITLE "2.5.4.12"
|
||||||
|
#define GNUTLS_OID_X520_DN_QUALIFIER "2.5.4.46"
|
||||||
|
#define GNUTLS_OID_X520_PSEUDONYM "2.5.4.65"
|
||||||
|
#define GNUTLS_OID_X520_POSTALCODE "2.5.4.17"
|
||||||
|
#define GNUTLS_OID_X520_NAME "2.5.4.41"
|
||||||
|
|
||||||
|
#define GNUTLS_OID_LDAP_DC "0.9.2342.19200300.100.1.25"
|
||||||
|
#define GNUTLS_OID_LDAP_UID "0.9.2342.19200300.100.1.1"
|
||||||
|
|
||||||
|
/* The following should not be included in DN.
|
||||||
|
*/
|
||||||
|
#define GNUTLS_OID_PKCS9_EMAIL "1.2.840.113549.1.9.1"
|
||||||
|
|
||||||
|
#define GNUTLS_OID_PKIX_DATE_OF_BIRTH "1.3.6.1.5.5.7.9.1"
|
||||||
|
#define GNUTLS_OID_PKIX_PLACE_OF_BIRTH "1.3.6.1.5.5.7.9.2"
|
||||||
|
#define GNUTLS_OID_PKIX_GENDER "1.3.6.1.5.5.7.9.3"
|
||||||
|
#define GNUTLS_OID_PKIX_COUNTRY_OF_CITIZENSHIP "1.3.6.1.5.5.7.9.4"
|
||||||
|
#define GNUTLS_OID_PKIX_COUNTRY_OF_RESIDENCE "1.3.6.1.5.5.7.9.5"
|
||||||
|
|
||||||
|
/* Key purpose Object Identifiers.
|
||||||
|
*/
|
||||||
|
#define GNUTLS_KP_TLS_WWW_SERVER "1.3.6.1.5.5.7.3.1"
|
||||||
|
#define GNUTLS_KP_TLS_WWW_CLIENT "1.3.6.1.5.5.7.3.2"
|
||||||
|
#define GNUTLS_KP_CODE_SIGNING "1.3.6.1.5.5.7.3.3"
|
||||||
|
#define GNUTLS_KP_EMAIL_PROTECTION "1.3.6.1.5.5.7.3.4"
|
||||||
|
#define GNUTLS_KP_TIME_STAMPING "1.3.6.1.5.5.7.3.8"
|
||||||
|
#define GNUTLS_KP_OCSP_SIGNING "1.3.6.1.5.5.7.3.9"
|
||||||
|
#define GNUTLS_KP_IPSEC_IKE "1.3.6.1.5.5.7.3.17"
|
||||||
|
#define GNUTLS_KP_ANY "2.5.29.37.0"
|
||||||
|
|
||||||
|
#define GNUTLS_FSAN_SET 0
|
||||||
|
#define GNUTLS_FSAN_APPEND 1
|
||||||
|
|
||||||
|
/* Certificate handling functions.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/**
|
||||||
|
* gnutls_certificate_import_flags:
|
||||||
|
* @GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED: Fail if the
|
||||||
|
* certificates in the buffer are more than the space allocated for
|
||||||
|
* certificates. The error code will be %GNUTLS_E_SHORT_MEMORY_BUFFER.
|
||||||
|
* @GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED: Fail if the certificates
|
||||||
|
* in the buffer are not ordered starting from subject to issuer.
|
||||||
|
* The error code will be %GNUTLS_E_CERTIFICATE_LIST_UNSORTED.
|
||||||
|
*
|
||||||
|
* Enumeration of different certificate import flags.
|
||||||
|
*/
|
||||||
|
typedef enum gnutls_certificate_import_flags
|
||||||
|
{
|
||||||
|
GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED = 1,
|
||||||
|
GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED = 2
|
||||||
|
} gnutls_certificate_import_flags;
|
||||||
|
|
||||||
|
int gnutls_x509_crt_init (gnutls_x509_crt_t * cert);
|
||||||
|
void gnutls_x509_crt_deinit (gnutls_x509_crt_t cert);
|
||||||
|
int gnutls_x509_crt_import (gnutls_x509_crt_t cert,
|
||||||
|
const gnutls_datum_t * data,
|
||||||
|
gnutls_x509_crt_fmt_t format);
|
||||||
|
int gnutls_x509_crt_list_import (gnutls_x509_crt_t * certs,
|
||||||
|
unsigned int *cert_max,
|
||||||
|
const gnutls_datum_t * data,
|
||||||
|
gnutls_x509_crt_fmt_t format,
|
||||||
|
unsigned int flags);
|
||||||
|
int gnutls_x509_crt_export (gnutls_x509_crt_t cert,
|
||||||
|
gnutls_x509_crt_fmt_t format,
|
||||||
|
void *output_data, size_t * output_data_size);
|
||||||
|
int gnutls_x509_crt_get_issuer_dn (gnutls_x509_crt_t cert, char *buf,
|
||||||
|
size_t * sizeof_buf);
|
||||||
|
int gnutls_x509_crt_get_issuer_dn_oid (gnutls_x509_crt_t cert, int indx,
|
||||||
|
void *oid, size_t * sizeof_oid);
|
||||||
|
int gnutls_x509_crt_get_issuer_dn_by_oid (gnutls_x509_crt_t cert,
|
||||||
|
const char *oid, int indx,
|
||||||
|
unsigned int raw_flag,
|
||||||
|
void *buf, size_t * sizeof_buf);
|
||||||
|
int gnutls_x509_crt_get_dn (gnutls_x509_crt_t cert, char *buf,
|
||||||
|
size_t * sizeof_buf);
|
||||||
|
int gnutls_x509_crt_get_dn_oid (gnutls_x509_crt_t cert, int indx,
|
||||||
|
void *oid, size_t * sizeof_oid);
|
||||||
|
int gnutls_x509_crt_get_dn_by_oid (gnutls_x509_crt_t cert,
|
||||||
|
const char *oid, int indx,
|
||||||
|
unsigned int raw_flag, void *buf,
|
||||||
|
size_t * sizeof_buf);
|
||||||
|
int gnutls_x509_crt_check_hostname (gnutls_x509_crt_t cert,
|
||||||
|
const char *hostname);
|
||||||
|
|
||||||
|
int gnutls_x509_crt_get_signature_algorithm (gnutls_x509_crt_t cert);
|
||||||
|
int gnutls_x509_crt_get_signature (gnutls_x509_crt_t cert,
|
||||||
|
char *sig, size_t * sizeof_sig);
|
||||||
|
int gnutls_x509_crt_get_version (gnutls_x509_crt_t cert);
|
||||||
|
int gnutls_x509_crt_get_key_id (gnutls_x509_crt_t crt,
|
||||||
|
unsigned int flags,
|
||||||
|
unsigned char *output_data,
|
||||||
|
size_t * output_data_size);
|
||||||
|
|
||||||
|
int gnutls_x509_crt_set_authority_key_id (gnutls_x509_crt_t cert,
|
||||||
|
const void *id, size_t id_size);
|
||||||
|
int gnutls_x509_crt_get_authority_key_id (gnutls_x509_crt_t cert,
|
||||||
|
void *ret, size_t * ret_size,
|
||||||
|
unsigned int *critical);
|
||||||
|
|
||||||
|
int gnutls_x509_crt_get_subject_key_id (gnutls_x509_crt_t cert,
|
||||||
|
void *ret, size_t * ret_size,
|
||||||
|
unsigned int *critical);
|
||||||
|
|
||||||
|
int gnutls_x509_crt_get_subject_unique_id (gnutls_x509_crt_t crt, char *buf,
|
||||||
|
size_t * sizeof_buf);
|
||||||
|
|
||||||
|
int gnutls_x509_crt_get_issuer_unique_id (gnutls_x509_crt_t crt, char *buf,
|
||||||
|
size_t * sizeof_buf);
|
||||||
|
|
||||||
|
#define GNUTLS_CRL_REASON_UNUSED 128
|
||||||
|
#define GNUTLS_CRL_REASON_KEY_COMPROMISE 64
|
||||||
|
#define GNUTLS_CRL_REASON_CA_COMPROMISE 32
|
||||||
|
#define GNUTLS_CRL_REASON_AFFILIATION_CHANGED 16
|
||||||
|
#define GNUTLS_CRL_REASON_SUPERSEDED 8
|
||||||
|
#define GNUTLS_CRL_REASON_SUPERSEEDED GNUTLS_CRL_REASON_SUPERSEDED
|
||||||
|
#define GNUTLS_CRL_REASON_CESSATION_OF_OPERATION 4
|
||||||
|
#define GNUTLS_CRL_REASON_CERTIFICATE_HOLD 2
|
||||||
|
#define GNUTLS_CRL_REASON_PRIVILEGE_WITHDRAWN 1
|
||||||
|
#define GNUTLS_CRL_REASON_AA_COMPROMISE 32768
|
||||||
|
|
||||||
|
int gnutls_x509_crt_get_crl_dist_points (gnutls_x509_crt_t cert,
|
||||||
|
unsigned int seq, void *ret,
|
||||||
|
size_t * ret_size,
|
||||||
|
unsigned int *reason_flags,
|
||||||
|
unsigned int *critical);
|
||||||
|
int gnutls_x509_crt_set_crl_dist_points2 (gnutls_x509_crt_t crt,
|
||||||
|
gnutls_x509_subject_alt_name_t
|
||||||
|
type, const void *data,
|
||||||
|
unsigned int data_size,
|
||||||
|
unsigned int reason_flags);
|
||||||
|
int gnutls_x509_crt_set_crl_dist_points (gnutls_x509_crt_t crt,
|
||||||
|
gnutls_x509_subject_alt_name_t
|
||||||
|
type, const void *data_string,
|
||||||
|
unsigned int reason_flags);
|
||||||
|
int gnutls_x509_crt_cpy_crl_dist_points (gnutls_x509_crt_t dst,
|
||||||
|
gnutls_x509_crt_t src);
|
||||||
|
|
||||||
|
time_t gnutls_x509_crt_get_activation_time (gnutls_x509_crt_t cert);
|
||||||
|
time_t gnutls_x509_crt_get_expiration_time (gnutls_x509_crt_t cert);
|
||||||
|
int gnutls_x509_crt_get_serial (gnutls_x509_crt_t cert, void *result,
|
||||||
|
size_t * result_size);
|
||||||
|
|
||||||
|
int gnutls_x509_crt_get_pk_algorithm (gnutls_x509_crt_t cert,
|
||||||
|
unsigned int *bits);
|
||||||
|
int gnutls_x509_crt_get_pk_rsa_raw (gnutls_x509_crt_t crt,
|
||||||
|
gnutls_datum_t * m, gnutls_datum_t * e);
|
||||||
|
int gnutls_x509_crt_get_pk_dsa_raw (gnutls_x509_crt_t crt,
|
||||||
|
gnutls_datum_t * p,
|
||||||
|
gnutls_datum_t * q,
|
||||||
|
gnutls_datum_t * g, gnutls_datum_t * y);
|
||||||
|
|
||||||
|
int gnutls_x509_crt_get_subject_alt_name (gnutls_x509_crt_t cert,
|
||||||
|
unsigned int seq, void *ret,
|
||||||
|
size_t * ret_size,
|
||||||
|
unsigned int *critical);
|
||||||
|
int gnutls_x509_crt_get_subject_alt_name2 (gnutls_x509_crt_t cert,
|
||||||
|
unsigned int seq, void *ret,
|
||||||
|
size_t * ret_size,
|
||||||
|
unsigned int *ret_type,
|
||||||
|
unsigned int *critical);
|
||||||
|
|
||||||
|
int gnutls_x509_crt_get_subject_alt_othername_oid (gnutls_x509_crt_t cert,
|
||||||
|
unsigned int seq,
|
||||||
|
void *ret,
|
||||||
|
size_t * ret_size);
|
||||||
|
|
||||||
|
int gnutls_x509_crt_get_issuer_alt_name (gnutls_x509_crt_t cert,
|
||||||
|
unsigned int seq, void *ret,
|
||||||
|
size_t * ret_size,
|
||||||
|
unsigned int *critical);
|
||||||
|
int gnutls_x509_crt_get_issuer_alt_name2 (gnutls_x509_crt_t cert,
|
||||||
|
unsigned int seq, void *ret,
|
||||||
|
size_t * ret_size,
|
||||||
|
unsigned int *ret_type,
|
||||||
|
unsigned int *critical);
|
||||||
|
|
||||||
|
int gnutls_x509_crt_get_issuer_alt_othername_oid (gnutls_x509_crt_t cert,
|
||||||
|
unsigned int seq,
|
||||||
|
void *ret,
|
||||||
|
size_t * ret_size);
|
||||||
|
|
||||||
|
int gnutls_x509_crt_get_ca_status (gnutls_x509_crt_t cert,
|
||||||
|
unsigned int *critical);
|
||||||
|
int gnutls_x509_crt_get_basic_constraints (gnutls_x509_crt_t cert,
|
||||||
|
unsigned int *critical,
|
||||||
|
int *ca, int *pathlen);
|
||||||
|
|
||||||
|
/* The key_usage flags are defined in gnutls.h. They are the
|
||||||
|
* GNUTLS_KEY_* definitions.
|
||||||
|
*/
|
||||||
|
int gnutls_x509_crt_get_key_usage (gnutls_x509_crt_t cert,
|
||||||
|
unsigned int *key_usage,
|
||||||
|
unsigned int *critical);
|
||||||
|
int gnutls_x509_crt_set_key_usage (gnutls_x509_crt_t crt,
|
||||||
|
unsigned int usage);
|
||||||
|
|
||||||
|
int gnutls_x509_crt_get_proxy (gnutls_x509_crt_t cert,
|
||||||
|
unsigned int *critical,
|
||||||
|
int *pathlen,
|
||||||
|
char **policyLanguage,
|
||||||
|
char **policy, size_t * sizeof_policy);
|
||||||
|
|
||||||
|
int gnutls_x509_dn_oid_known (const char *oid);
|
||||||
|
|
||||||
|
/* Read extensions by OID. */
|
||||||
|
int gnutls_x509_crt_get_extension_oid (gnutls_x509_crt_t cert, int indx,
|
||||||
|
void *oid, size_t * sizeof_oid);
|
||||||
|
int gnutls_x509_crt_get_extension_by_oid (gnutls_x509_crt_t cert,
|
||||||
|
const char *oid, int indx,
|
||||||
|
void *buf,
|
||||||
|
size_t * sizeof_buf,
|
||||||
|
unsigned int *critical);
|
||||||
|
|
||||||
|
/* Read extensions by sequence number. */
|
||||||
|
int gnutls_x509_crt_get_extension_info (gnutls_x509_crt_t cert, int indx,
|
||||||
|
void *oid, size_t * sizeof_oid,
|
||||||
|
int *critical);
|
||||||
|
int gnutls_x509_crt_get_extension_data (gnutls_x509_crt_t cert, int indx,
|
||||||
|
void *data, size_t * sizeof_data);
|
||||||
|
|
||||||
|
int gnutls_x509_crt_set_extension_by_oid (gnutls_x509_crt_t crt,
|
||||||
|
const char *oid,
|
||||||
|
const void *buf,
|
||||||
|
size_t sizeof_buf,
|
||||||
|
unsigned int critical);
|
||||||
|
|
||||||
|
/* X.509 Certificate writing.
|
||||||
|
*/
|
||||||
|
int gnutls_x509_crt_set_dn_by_oid (gnutls_x509_crt_t crt,
|
||||||
|
const char *oid,
|
||||||
|
unsigned int raw_flag,
|
||||||
|
const void *name,
|
||||||
|
unsigned int sizeof_name);
|
||||||
|
int gnutls_x509_crt_set_issuer_dn_by_oid (gnutls_x509_crt_t crt,
|
||||||
|
const char *oid,
|
||||||
|
unsigned int raw_flag,
|
||||||
|
const void *name,
|
||||||
|
unsigned int sizeof_name);
|
||||||
|
int gnutls_x509_crt_set_version (gnutls_x509_crt_t crt,
|
||||||
|
unsigned int version);
|
||||||
|
int gnutls_x509_crt_set_key (gnutls_x509_crt_t crt,
|
||||||
|
gnutls_x509_privkey_t key);
|
||||||
|
int gnutls_x509_crt_set_ca_status (gnutls_x509_crt_t crt, unsigned int ca);
|
||||||
|
int gnutls_x509_crt_set_basic_constraints (gnutls_x509_crt_t crt,
|
||||||
|
unsigned int ca,
|
||||||
|
int pathLenConstraint);
|
||||||
|
int gnutls_x509_crt_set_subject_alternative_name (gnutls_x509_crt_t crt,
|
||||||
|
gnutls_x509_subject_alt_name_t
|
||||||
|
type,
|
||||||
|
const char *data_string);
|
||||||
|
int gnutls_x509_crt_set_subject_alt_name (gnutls_x509_crt_t crt,
|
||||||
|
gnutls_x509_subject_alt_name_t
|
||||||
|
type, const void *data,
|
||||||
|
unsigned int data_size,
|
||||||
|
unsigned int flags);
|
||||||
|
int gnutls_x509_crt_sign (gnutls_x509_crt_t crt, gnutls_x509_crt_t issuer,
|
||||||
|
gnutls_x509_privkey_t issuer_key);
|
||||||
|
int gnutls_x509_crt_sign2 (gnutls_x509_crt_t crt, gnutls_x509_crt_t issuer,
|
||||||
|
gnutls_x509_privkey_t issuer_key,
|
||||||
|
gnutls_digest_algorithm_t dig,
|
||||||
|
unsigned int flags);
|
||||||
|
int gnutls_x509_crt_set_activation_time (gnutls_x509_crt_t cert,
|
||||||
|
time_t act_time);
|
||||||
|
int gnutls_x509_crt_set_expiration_time (gnutls_x509_crt_t cert,
|
||||||
|
time_t exp_time);
|
||||||
|
int gnutls_x509_crt_set_serial (gnutls_x509_crt_t cert, const void *serial,
|
||||||
|
size_t serial_size);
|
||||||
|
|
||||||
|
int gnutls_x509_crt_set_subject_key_id (gnutls_x509_crt_t cert,
|
||||||
|
const void *id, size_t id_size);
|
||||||
|
|
||||||
|
int gnutls_x509_crt_set_proxy_dn (gnutls_x509_crt_t crt,
|
||||||
|
gnutls_x509_crt_t eecrt,
|
||||||
|
unsigned int raw_flag,
|
||||||
|
const void *name,
|
||||||
|
unsigned int sizeof_name);
|
||||||
|
int gnutls_x509_crt_set_proxy (gnutls_x509_crt_t crt,
|
||||||
|
int pathLenConstraint,
|
||||||
|
const char *policyLanguage,
|
||||||
|
const char *policy, size_t sizeof_policy);
|
||||||
|
|
||||||
|
int gnutls_x509_crt_print (gnutls_x509_crt_t cert,
|
||||||
|
gnutls_certificate_print_formats_t format,
|
||||||
|
gnutls_datum_t * out);
|
||||||
|
int gnutls_x509_crl_print (gnutls_x509_crl_t crl,
|
||||||
|
gnutls_certificate_print_formats_t format,
|
||||||
|
gnutls_datum_t * out);
|
||||||
|
|
||||||
|
/* Access to internal Certificate fields.
|
||||||
|
*/
|
||||||
|
int gnutls_x509_crt_get_raw_issuer_dn (gnutls_x509_crt_t cert,
|
||||||
|
gnutls_datum_t * start);
|
||||||
|
int gnutls_x509_crt_get_raw_dn (gnutls_x509_crt_t cert,
|
||||||
|
gnutls_datum_t * start);
|
||||||
|
|
||||||
|
/* RDN handling.
|
||||||
|
*/
|
||||||
|
int gnutls_x509_rdn_get (const gnutls_datum_t * idn,
|
||||||
|
char *buf, size_t * sizeof_buf);
|
||||||
|
int gnutls_x509_rdn_get_oid (const gnutls_datum_t * idn,
|
||||||
|
int indx, void *buf, size_t * sizeof_buf);
|
||||||
|
|
||||||
|
int gnutls_x509_rdn_get_by_oid (const gnutls_datum_t * idn,
|
||||||
|
const char *oid, int indx,
|
||||||
|
unsigned int raw_flag, void *buf,
|
||||||
|
size_t * sizeof_buf);
|
||||||
|
|
||||||
|
typedef void *gnutls_x509_dn_t;
|
||||||
|
|
||||||
|
typedef struct gnutls_x509_ava_st
|
||||||
|
{
|
||||||
|
gnutls_datum_t oid;
|
||||||
|
gnutls_datum_t value;
|
||||||
|
unsigned long value_tag;
|
||||||
|
} gnutls_x509_ava_st;
|
||||||
|
|
||||||
|
int gnutls_x509_crt_get_subject (gnutls_x509_crt_t cert,
|
||||||
|
gnutls_x509_dn_t * dn);
|
||||||
|
int gnutls_x509_crt_get_issuer (gnutls_x509_crt_t cert,
|
||||||
|
gnutls_x509_dn_t * dn);
|
||||||
|
int gnutls_x509_dn_get_rdn_ava (gnutls_x509_dn_t dn, int irdn,
|
||||||
|
int iava, gnutls_x509_ava_st * ava);
|
||||||
|
|
||||||
|
int gnutls_x509_dn_init (gnutls_x509_dn_t * dn);
|
||||||
|
|
||||||
|
int gnutls_x509_dn_import (gnutls_x509_dn_t dn,
|
||||||
|
const gnutls_datum_t * data);
|
||||||
|
|
||||||
|
int gnutls_x509_dn_export (gnutls_x509_dn_t dn,
|
||||||
|
gnutls_x509_crt_fmt_t format, void *output_data,
|
||||||
|
size_t * output_data_size);
|
||||||
|
|
||||||
|
void gnutls_x509_dn_deinit (gnutls_x509_dn_t dn);
|
||||||
|
|
||||||
|
|
||||||
|
/* CRL handling functions.
|
||||||
|
*/
|
||||||
|
int gnutls_x509_crl_init (gnutls_x509_crl_t * crl);
|
||||||
|
void gnutls_x509_crl_deinit (gnutls_x509_crl_t crl);
|
||||||
|
|
||||||
|
int gnutls_x509_crl_import (gnutls_x509_crl_t crl,
|
||||||
|
const gnutls_datum_t * data,
|
||||||
|
gnutls_x509_crt_fmt_t format);
|
||||||
|
int gnutls_x509_crl_export (gnutls_x509_crl_t crl,
|
||||||
|
gnutls_x509_crt_fmt_t format,
|
||||||
|
void *output_data, size_t * output_data_size);
|
||||||
|
|
||||||
|
int
|
||||||
|
gnutls_x509_crl_get_raw_issuer_dn (gnutls_x509_crl_t crl,
|
||||||
|
gnutls_datum_t * dn);
|
||||||
|
|
||||||
|
int gnutls_x509_crl_get_issuer_dn (const gnutls_x509_crl_t crl,
|
||||||
|
char *buf, size_t * sizeof_buf);
|
||||||
|
int gnutls_x509_crl_get_issuer_dn_by_oid (gnutls_x509_crl_t crl,
|
||||||
|
const char *oid, int indx,
|
||||||
|
unsigned int raw_flag,
|
||||||
|
void *buf, size_t * sizeof_buf);
|
||||||
|
int gnutls_x509_crl_get_dn_oid (gnutls_x509_crl_t crl, int indx,
|
||||||
|
void *oid, size_t * sizeof_oid);
|
||||||
|
|
||||||
|
int gnutls_x509_crl_get_signature_algorithm (gnutls_x509_crl_t crl);
|
||||||
|
int gnutls_x509_crl_get_signature (gnutls_x509_crl_t crl,
|
||||||
|
char *sig, size_t * sizeof_sig);
|
||||||
|
int gnutls_x509_crl_get_version (gnutls_x509_crl_t crl);
|
||||||
|
|
||||||
|
time_t gnutls_x509_crl_get_this_update (gnutls_x509_crl_t crl);
|
||||||
|
time_t gnutls_x509_crl_get_next_update (gnutls_x509_crl_t crl);
|
||||||
|
|
||||||
|
int gnutls_x509_crl_get_crt_count (gnutls_x509_crl_t crl);
|
||||||
|
int gnutls_x509_crl_get_crt_serial (gnutls_x509_crl_t crl, int indx,
|
||||||
|
unsigned char *serial,
|
||||||
|
size_t * serial_size, time_t * t);
|
||||||
|
#define gnutls_x509_crl_get_certificate_count gnutls_x509_crl_get_crt_count
|
||||||
|
#define gnutls_x509_crl_get_certificate gnutls_x509_crl_get_crt_serial
|
||||||
|
|
||||||
|
int gnutls_x509_crl_check_issuer (gnutls_x509_crl_t crl,
|
||||||
|
gnutls_x509_crt_t issuer);
|
||||||
|
|
||||||
|
/* CRL writing.
|
||||||
|
*/
|
||||||
|
int gnutls_x509_crl_set_version (gnutls_x509_crl_t crl,
|
||||||
|
unsigned int version);
|
||||||
|
int gnutls_x509_crl_set_this_update (gnutls_x509_crl_t crl,
|
||||||
|
time_t act_time);
|
||||||
|
int gnutls_x509_crl_set_next_update (gnutls_x509_crl_t crl,
|
||||||
|
time_t exp_time);
|
||||||
|
int gnutls_x509_crl_set_crt_serial (gnutls_x509_crl_t crl,
|
||||||
|
const void *serial,
|
||||||
|
size_t serial_size,
|
||||||
|
time_t revocation_time);
|
||||||
|
int gnutls_x509_crl_set_crt (gnutls_x509_crl_t crl,
|
||||||
|
gnutls_x509_crt_t crt, time_t revocation_time);
|
||||||
|
|
||||||
|
int gnutls_x509_crl_get_authority_key_id (gnutls_x509_crl_t crl, void *ret,
|
||||||
|
size_t * ret_size,
|
||||||
|
unsigned int *critical);
|
||||||
|
|
||||||
|
int gnutls_x509_crl_get_number (gnutls_x509_crl_t crl, void *ret,
|
||||||
|
size_t * ret_size, unsigned int *critical);
|
||||||
|
|
||||||
|
int gnutls_x509_crl_get_extension_oid (gnutls_x509_crl_t crl, int indx,
|
||||||
|
void *oid, size_t * sizeof_oid);
|
||||||
|
|
||||||
|
int gnutls_x509_crl_get_extension_info (gnutls_x509_crl_t crl, int indx,
|
||||||
|
void *oid, size_t * sizeof_oid,
|
||||||
|
int *critical);
|
||||||
|
|
||||||
|
int gnutls_x509_crl_get_extension_data (gnutls_x509_crl_t crl, int indx,
|
||||||
|
void *data, size_t * sizeof_data);
|
||||||
|
|
||||||
|
int gnutls_x509_crl_set_authority_key_id (gnutls_x509_crl_t crl,
|
||||||
|
const void *id, size_t id_size);
|
||||||
|
|
||||||
|
int gnutls_x509_crl_set_number (gnutls_x509_crl_t crl,
|
||||||
|
const void *nr, size_t nr_size);
|
||||||
|
|
||||||
|
|
||||||
|
/* PKCS7 structures handling
|
||||||
|
*/
|
||||||
|
struct gnutls_pkcs7_int;
|
||||||
|
typedef struct gnutls_pkcs7_int *gnutls_pkcs7_t;
|
||||||
|
|
||||||
|
int gnutls_pkcs7_init (gnutls_pkcs7_t * pkcs7);
|
||||||
|
void gnutls_pkcs7_deinit (gnutls_pkcs7_t pkcs7);
|
||||||
|
int gnutls_pkcs7_import (gnutls_pkcs7_t pkcs7,
|
||||||
|
const gnutls_datum_t * data,
|
||||||
|
gnutls_x509_crt_fmt_t format);
|
||||||
|
int gnutls_pkcs7_export (gnutls_pkcs7_t pkcs7,
|
||||||
|
gnutls_x509_crt_fmt_t format,
|
||||||
|
void *output_data, size_t * output_data_size);
|
||||||
|
|
||||||
|
int gnutls_pkcs7_get_crt_count (gnutls_pkcs7_t pkcs7);
|
||||||
|
int gnutls_pkcs7_get_crt_raw (gnutls_pkcs7_t pkcs7, int indx,
|
||||||
|
void *certificate, size_t * certificate_size);
|
||||||
|
|
||||||
|
int gnutls_pkcs7_set_crt_raw (gnutls_pkcs7_t pkcs7,
|
||||||
|
const gnutls_datum_t * crt);
|
||||||
|
int gnutls_pkcs7_set_crt (gnutls_pkcs7_t pkcs7, gnutls_x509_crt_t crt);
|
||||||
|
int gnutls_pkcs7_delete_crt (gnutls_pkcs7_t pkcs7, int indx);
|
||||||
|
|
||||||
|
int gnutls_pkcs7_get_crl_raw (gnutls_pkcs7_t pkcs7,
|
||||||
|
int indx, void *crl, size_t * crl_size);
|
||||||
|
int gnutls_pkcs7_get_crl_count (gnutls_pkcs7_t pkcs7);
|
||||||
|
|
||||||
|
int gnutls_pkcs7_set_crl_raw (gnutls_pkcs7_t pkcs7,
|
||||||
|
const gnutls_datum_t * crl);
|
||||||
|
int gnutls_pkcs7_set_crl (gnutls_pkcs7_t pkcs7, gnutls_x509_crl_t crl);
|
||||||
|
int gnutls_pkcs7_delete_crl (gnutls_pkcs7_t pkcs7, int indx);
|
||||||
|
|
||||||
|
/* X.509 Certificate verification functions.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/**
|
||||||
|
* gnutls_certificate_verify_flags:
|
||||||
|
* @GNUTLS_VERIFY_DISABLE_CA_SIGN: If set a signer does not have to be
|
||||||
|
* a certificate authority. This flag should normaly be disabled,
|
||||||
|
* unless you know what this means.
|
||||||
|
* @GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS: If set a signer in the trusted
|
||||||
|
* list is never checked for expiration or activation.
|
||||||
|
* @GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT: Allow trusted CA
|
||||||
|
* certificates that have version 1. This is the default.
|
||||||
|
* @GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT: Do not allow trusted CA
|
||||||
|
* certificates that have version 1. This option is to be used
|
||||||
|
* to deprecate all V1 certificates.
|
||||||
|
* @GNUTLS_VERIFY_DO_NOT_ALLOW_SAME: If a certificate is not signed by
|
||||||
|
* anyone trusted but exists in the trusted CA list do not treat it
|
||||||
|
* as trusted.
|
||||||
|
* @GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT: Allow CA certificates that
|
||||||
|
* have version 1 (both root and intermediate). This might be
|
||||||
|
* dangerous since those haven't the basicConstraints
|
||||||
|
* extension. Must be used in combination with
|
||||||
|
* %GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT.
|
||||||
|
* @GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2: Allow certificates to be signed
|
||||||
|
* using the broken MD2 algorithm.
|
||||||
|
* @GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5: Allow certificates to be signed
|
||||||
|
* using the broken MD5 algorithm.
|
||||||
|
* @GNUTLS_VERIFY_DISABLE_TIME_CHECKS: Disable checking of activation
|
||||||
|
* and expiration validity periods of certificate chains. Don't set
|
||||||
|
* this unless you understand the security implications.
|
||||||
|
*
|
||||||
|
* Enumeration of different certificate verify flags.
|
||||||
|
*/
|
||||||
|
typedef enum gnutls_certificate_verify_flags
|
||||||
|
{
|
||||||
|
GNUTLS_VERIFY_DISABLE_CA_SIGN = 1,
|
||||||
|
GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT = 2,
|
||||||
|
GNUTLS_VERIFY_DO_NOT_ALLOW_SAME = 4,
|
||||||
|
GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT = 8,
|
||||||
|
GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2 = 16,
|
||||||
|
GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5 = 32,
|
||||||
|
GNUTLS_VERIFY_DISABLE_TIME_CHECKS = 64,
|
||||||
|
GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS = 128,
|
||||||
|
GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT = 256
|
||||||
|
} gnutls_certificate_verify_flags;
|
||||||
|
|
||||||
|
int gnutls_x509_crt_check_issuer (gnutls_x509_crt_t cert,
|
||||||
|
gnutls_x509_crt_t issuer);
|
||||||
|
|
||||||
|
int gnutls_x509_crt_list_verify (const gnutls_x509_crt_t * cert_list,
|
||||||
|
int cert_list_length,
|
||||||
|
const gnutls_x509_crt_t * CA_list,
|
||||||
|
int CA_list_length,
|
||||||
|
const gnutls_x509_crl_t * CRL_list,
|
||||||
|
int CRL_list_length,
|
||||||
|
unsigned int flags, unsigned int *verify);
|
||||||
|
|
||||||
|
int gnutls_x509_crt_verify (gnutls_x509_crt_t cert,
|
||||||
|
const gnutls_x509_crt_t * CA_list,
|
||||||
|
int CA_list_length, unsigned int flags,
|
||||||
|
unsigned int *verify);
|
||||||
|
int gnutls_x509_crl_verify (gnutls_x509_crl_t crl,
|
||||||
|
const gnutls_x509_crt_t * CA_list,
|
||||||
|
int CA_list_length, unsigned int flags,
|
||||||
|
unsigned int *verify);
|
||||||
|
|
||||||
|
int gnutls_x509_crt_check_revocation (gnutls_x509_crt_t cert,
|
||||||
|
const gnutls_x509_crl_t *
|
||||||
|
crl_list, int crl_list_length);
|
||||||
|
|
||||||
|
int gnutls_x509_crt_get_fingerprint (gnutls_x509_crt_t cert,
|
||||||
|
gnutls_digest_algorithm_t algo,
|
||||||
|
void *buf, size_t * sizeof_buf);
|
||||||
|
|
||||||
|
int gnutls_x509_crt_get_key_purpose_oid (gnutls_x509_crt_t cert,
|
||||||
|
int indx, void *oid,
|
||||||
|
size_t * sizeof_oid,
|
||||||
|
unsigned int *critical);
|
||||||
|
int gnutls_x509_crt_set_key_purpose_oid (gnutls_x509_crt_t cert,
|
||||||
|
const void *oid,
|
||||||
|
unsigned int critical);
|
||||||
|
|
||||||
|
/* Private key handling.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* Flags for the gnutls_x509_privkey_export_pkcs8() function.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/**
|
||||||
|
* gnutls_pkcs_encrypt_flags_t:
|
||||||
|
* @GNUTLS_PKCS_PLAIN: Unencrypted private key.
|
||||||
|
* @GNUTLS_PKCS8_PLAIN: Same as %GNUTLS_PKCS_PLAIN.
|
||||||
|
* @GNUTLS_PKCS_USE_PKCS12_3DES: PKCS-12 3DES.
|
||||||
|
* @GNUTLS_PKCS8_USE_PKCS12_3DES: Same as %GNUTLS_PKCS_USE_PKCS12_3DES.
|
||||||
|
* @GNUTLS_PKCS_USE_PKCS12_ARCFOUR: PKCS-12 ARCFOUR.
|
||||||
|
* @GNUTLS_PKCS8_USE_PKCS12_ARCFOUR: Same as %GNUTLS_PKCS_USE_PKCS12_ARCFOUR.
|
||||||
|
* @GNUTLS_PKCS_USE_PKCS12_RC2_40: PKCS-12 RC2-40.
|
||||||
|
* @GNUTLS_PKCS8_USE_PKCS12_RC2_40: Same as %GNUTLS_PKCS_USE_PKCS12_RC2_40.
|
||||||
|
* @GNUTLS_PKCS_USE_PBES2_3DES: PBES2 3DES.
|
||||||
|
* @GNUTLS_PKCS_USE_PBES2_AES_128: PBES2 AES-128.
|
||||||
|
* @GNUTLS_PKCS_USE_PBES2_AES_192: PBES2 AES-192.
|
||||||
|
* @GNUTLS_PKCS_USE_PBES2_AES_256: PBES2 AES-256.
|
||||||
|
*
|
||||||
|
* Enumeration of different PKCS encryption flags.
|
||||||
|
*/
|
||||||
|
typedef enum gnutls_pkcs_encrypt_flags_t
|
||||||
|
{
|
||||||
|
GNUTLS_PKCS_PLAIN = 1,
|
||||||
|
GNUTLS_PKCS8_PLAIN = GNUTLS_PKCS_PLAIN,
|
||||||
|
GNUTLS_PKCS_USE_PKCS12_3DES = 2,
|
||||||
|
GNUTLS_PKCS8_USE_PKCS12_3DES = GNUTLS_PKCS_USE_PKCS12_3DES,
|
||||||
|
GNUTLS_PKCS_USE_PKCS12_ARCFOUR = 4,
|
||||||
|
GNUTLS_PKCS8_USE_PKCS12_ARCFOUR = GNUTLS_PKCS_USE_PKCS12_ARCFOUR,
|
||||||
|
GNUTLS_PKCS_USE_PKCS12_RC2_40 = 8,
|
||||||
|
GNUTLS_PKCS8_USE_PKCS12_RC2_40 = GNUTLS_PKCS_USE_PKCS12_RC2_40,
|
||||||
|
GNUTLS_PKCS_USE_PBES2_3DES = 16,
|
||||||
|
GNUTLS_PKCS_USE_PBES2_AES_128 = 32,
|
||||||
|
GNUTLS_PKCS_USE_PBES2_AES_192 = 64,
|
||||||
|
GNUTLS_PKCS_USE_PBES2_AES_256 = 128
|
||||||
|
} gnutls_pkcs_encrypt_flags_t;
|
||||||
|
|
||||||
|
int gnutls_x509_privkey_init (gnutls_x509_privkey_t * key);
|
||||||
|
void gnutls_x509_privkey_deinit (gnutls_x509_privkey_t key);
|
||||||
|
gnutls_sec_param_t gnutls_x509_privkey_sec_param (gnutls_x509_privkey_t
|
||||||
|
key);
|
||||||
|
int gnutls_x509_privkey_cpy (gnutls_x509_privkey_t dst,
|
||||||
|
gnutls_x509_privkey_t src);
|
||||||
|
int gnutls_x509_privkey_import (gnutls_x509_privkey_t key,
|
||||||
|
const gnutls_datum_t * data,
|
||||||
|
gnutls_x509_crt_fmt_t format);
|
||||||
|
int gnutls_x509_privkey_import_pkcs8 (gnutls_x509_privkey_t key,
|
||||||
|
const gnutls_datum_t * data,
|
||||||
|
gnutls_x509_crt_fmt_t format,
|
||||||
|
const char *password,
|
||||||
|
unsigned int flags);
|
||||||
|
int gnutls_x509_privkey_import_rsa_raw (gnutls_x509_privkey_t key,
|
||||||
|
const gnutls_datum_t * m,
|
||||||
|
const gnutls_datum_t * e,
|
||||||
|
const gnutls_datum_t * d,
|
||||||
|
const gnutls_datum_t * p,
|
||||||
|
const gnutls_datum_t * q,
|
||||||
|
const gnutls_datum_t * u);
|
||||||
|
int gnutls_x509_privkey_import_rsa_raw2 (gnutls_x509_privkey_t key,
|
||||||
|
const gnutls_datum_t * m,
|
||||||
|
const gnutls_datum_t * e,
|
||||||
|
const gnutls_datum_t * d,
|
||||||
|
const gnutls_datum_t * p,
|
||||||
|
const gnutls_datum_t * q,
|
||||||
|
const gnutls_datum_t * u,
|
||||||
|
const gnutls_datum_t * e1,
|
||||||
|
const gnutls_datum_t * e2);
|
||||||
|
int gnutls_x509_privkey_fix (gnutls_x509_privkey_t key);
|
||||||
|
|
||||||
|
int gnutls_x509_privkey_export_dsa_raw (gnutls_x509_privkey_t key,
|
||||||
|
gnutls_datum_t * p,
|
||||||
|
gnutls_datum_t * q,
|
||||||
|
gnutls_datum_t * g,
|
||||||
|
gnutls_datum_t * y,
|
||||||
|
gnutls_datum_t * x);
|
||||||
|
int gnutls_x509_privkey_import_dsa_raw (gnutls_x509_privkey_t key,
|
||||||
|
const gnutls_datum_t * p,
|
||||||
|
const gnutls_datum_t * q,
|
||||||
|
const gnutls_datum_t * g,
|
||||||
|
const gnutls_datum_t * y,
|
||||||
|
const gnutls_datum_t * x);
|
||||||
|
|
||||||
|
int gnutls_x509_privkey_get_pk_algorithm (gnutls_x509_privkey_t key);
|
||||||
|
int gnutls_x509_privkey_get_key_id (gnutls_x509_privkey_t key,
|
||||||
|
unsigned int flags,
|
||||||
|
unsigned char *output_data,
|
||||||
|
size_t * output_data_size);
|
||||||
|
|
||||||
|
int gnutls_x509_privkey_generate (gnutls_x509_privkey_t key,
|
||||||
|
gnutls_pk_algorithm_t algo,
|
||||||
|
unsigned int bits, unsigned int flags);
|
||||||
|
|
||||||
|
int gnutls_x509_privkey_export (gnutls_x509_privkey_t key,
|
||||||
|
gnutls_x509_crt_fmt_t format,
|
||||||
|
void *output_data,
|
||||||
|
size_t * output_data_size);
|
||||||
|
int gnutls_x509_privkey_export_pkcs8 (gnutls_x509_privkey_t key,
|
||||||
|
gnutls_x509_crt_fmt_t format,
|
||||||
|
const char *password,
|
||||||
|
unsigned int flags,
|
||||||
|
void *output_data,
|
||||||
|
size_t * output_data_size);
|
||||||
|
int gnutls_x509_privkey_export_rsa_raw2 (gnutls_x509_privkey_t key,
|
||||||
|
gnutls_datum_t * m,
|
||||||
|
gnutls_datum_t * e,
|
||||||
|
gnutls_datum_t * d,
|
||||||
|
gnutls_datum_t * p,
|
||||||
|
gnutls_datum_t * q,
|
||||||
|
gnutls_datum_t * u,
|
||||||
|
gnutls_datum_t * e1,
|
||||||
|
gnutls_datum_t * e2);
|
||||||
|
int gnutls_x509_privkey_export_rsa_raw (gnutls_x509_privkey_t key,
|
||||||
|
gnutls_datum_t * m,
|
||||||
|
gnutls_datum_t * e,
|
||||||
|
gnutls_datum_t * d,
|
||||||
|
gnutls_datum_t * p,
|
||||||
|
gnutls_datum_t * q,
|
||||||
|
gnutls_datum_t * u);
|
||||||
|
|
||||||
|
/* Certificate request stuff.
|
||||||
|
*/
|
||||||
|
|
||||||
|
int gnutls_x509_crq_print (gnutls_x509_crq_t crq,
|
||||||
|
gnutls_certificate_print_formats_t format,
|
||||||
|
gnutls_datum_t * out);
|
||||||
|
|
||||||
|
int gnutls_x509_crq_verify (gnutls_x509_crq_t crq, unsigned int flags);
|
||||||
|
|
||||||
|
int gnutls_x509_crq_init (gnutls_x509_crq_t * crq);
|
||||||
|
void gnutls_x509_crq_deinit (gnutls_x509_crq_t crq);
|
||||||
|
int gnutls_x509_crq_import (gnutls_x509_crq_t crq,
|
||||||
|
const gnutls_datum_t * data,
|
||||||
|
gnutls_x509_crt_fmt_t format);
|
||||||
|
|
||||||
|
int gnutls_x509_crq_get_dn (gnutls_x509_crq_t crq, char *buf,
|
||||||
|
size_t * sizeof_buf);
|
||||||
|
int gnutls_x509_crq_get_dn_oid (gnutls_x509_crq_t crq, int indx,
|
||||||
|
void *oid, size_t * sizeof_oid);
|
||||||
|
int gnutls_x509_crq_get_dn_by_oid (gnutls_x509_crq_t crq,
|
||||||
|
const char *oid, int indx,
|
||||||
|
unsigned int raw_flag, void *buf,
|
||||||
|
size_t * sizeof_buf);
|
||||||
|
int gnutls_x509_crq_set_dn_by_oid (gnutls_x509_crq_t crq,
|
||||||
|
const char *oid,
|
||||||
|
unsigned int raw_flag,
|
||||||
|
const void *data,
|
||||||
|
unsigned int sizeof_data);
|
||||||
|
int gnutls_x509_crq_set_version (gnutls_x509_crq_t crq,
|
||||||
|
unsigned int version);
|
||||||
|
int gnutls_x509_crq_get_version (gnutls_x509_crq_t crq);
|
||||||
|
int gnutls_x509_crq_set_key (gnutls_x509_crq_t crq,
|
||||||
|
gnutls_x509_privkey_t key);
|
||||||
|
|
||||||
|
int gnutls_x509_crq_set_challenge_password (gnutls_x509_crq_t crq,
|
||||||
|
const char *pass);
|
||||||
|
int gnutls_x509_crq_get_challenge_password (gnutls_x509_crq_t crq,
|
||||||
|
char *pass,
|
||||||
|
size_t * sizeof_pass);
|
||||||
|
|
||||||
|
int gnutls_x509_crq_set_attribute_by_oid (gnutls_x509_crq_t crq,
|
||||||
|
const char *oid, void *buf,
|
||||||
|
size_t sizeof_buf);
|
||||||
|
int gnutls_x509_crq_get_attribute_by_oid (gnutls_x509_crq_t crq,
|
||||||
|
const char *oid, int indx,
|
||||||
|
void *buf, size_t * sizeof_buf);
|
||||||
|
|
||||||
|
int gnutls_x509_crq_export (gnutls_x509_crq_t crq,
|
||||||
|
gnutls_x509_crt_fmt_t format,
|
||||||
|
void *output_data, size_t * output_data_size);
|
||||||
|
|
||||||
|
int gnutls_x509_crt_set_crq (gnutls_x509_crt_t crt, gnutls_x509_crq_t crq);
|
||||||
|
int gnutls_x509_crt_set_crq_extensions (gnutls_x509_crt_t crt,
|
||||||
|
gnutls_x509_crq_t crq);
|
||||||
|
|
||||||
|
int gnutls_x509_crq_set_key_rsa_raw (gnutls_x509_crq_t crq,
|
||||||
|
const gnutls_datum_t * m,
|
||||||
|
const gnutls_datum_t * e);
|
||||||
|
int gnutls_x509_crq_set_subject_alt_name (gnutls_x509_crq_t crq,
|
||||||
|
gnutls_x509_subject_alt_name_t nt,
|
||||||
|
const void *data,
|
||||||
|
unsigned int data_size,
|
||||||
|
unsigned int flags);
|
||||||
|
|
||||||
|
int gnutls_x509_crq_set_key_usage (gnutls_x509_crq_t crq,
|
||||||
|
unsigned int usage);
|
||||||
|
int gnutls_x509_crq_set_basic_constraints (gnutls_x509_crq_t crq,
|
||||||
|
unsigned int ca,
|
||||||
|
int pathLenConstraint);
|
||||||
|
int gnutls_x509_crq_set_key_purpose_oid (gnutls_x509_crq_t crq,
|
||||||
|
const void *oid,
|
||||||
|
unsigned int critical);
|
||||||
|
int gnutls_x509_crq_get_key_purpose_oid (gnutls_x509_crq_t crq, int indx,
|
||||||
|
void *oid, size_t * sizeof_oid,
|
||||||
|
unsigned int *critical);
|
||||||
|
|
||||||
|
int gnutls_x509_crq_get_extension_data (gnutls_x509_crq_t crq, int indx,
|
||||||
|
void *data, size_t * sizeof_data);
|
||||||
|
int gnutls_x509_crq_get_extension_info (gnutls_x509_crq_t crq, int indx,
|
||||||
|
void *oid, size_t * sizeof_oid,
|
||||||
|
int *critical);
|
||||||
|
int gnutls_x509_crq_get_attribute_data (gnutls_x509_crq_t crq, int indx,
|
||||||
|
void *data, size_t * sizeof_data);
|
||||||
|
int gnutls_x509_crq_get_attribute_info (gnutls_x509_crq_t crq, int indx,
|
||||||
|
void *oid, size_t * sizeof_oid);
|
||||||
|
int gnutls_x509_crq_get_pk_algorithm (gnutls_x509_crq_t crq,
|
||||||
|
unsigned int *bits);
|
||||||
|
|
||||||
|
int gnutls_x509_crq_get_key_id (gnutls_x509_crq_t crq, unsigned int flags,
|
||||||
|
unsigned char *output_data,
|
||||||
|
size_t * output_data_size);
|
||||||
|
int gnutls_x509_crq_get_key_rsa_raw (gnutls_x509_crq_t crq,
|
||||||
|
gnutls_datum_t * m,
|
||||||
|
gnutls_datum_t * e);
|
||||||
|
|
||||||
|
int gnutls_x509_crq_get_key_usage (gnutls_x509_crq_t crq,
|
||||||
|
unsigned int *key_usage,
|
||||||
|
unsigned int *critical);
|
||||||
|
int gnutls_x509_crq_get_basic_constraints (gnutls_x509_crq_t crq,
|
||||||
|
unsigned int *critical,
|
||||||
|
int *ca, int *pathlen);
|
||||||
|
int gnutls_x509_crq_get_subject_alt_name (gnutls_x509_crq_t crq,
|
||||||
|
unsigned int seq, void *ret,
|
||||||
|
size_t * ret_size,
|
||||||
|
unsigned int *ret_type,
|
||||||
|
unsigned int *critical);
|
||||||
|
int gnutls_x509_crq_get_subject_alt_othername_oid (gnutls_x509_crq_t crq,
|
||||||
|
unsigned int seq,
|
||||||
|
void *ret,
|
||||||
|
size_t * ret_size);
|
||||||
|
|
||||||
|
int gnutls_x509_crq_get_extension_by_oid (gnutls_x509_crq_t crq,
|
||||||
|
const char *oid, int indx,
|
||||||
|
void *buf, size_t * sizeof_buf,
|
||||||
|
unsigned int *critical);
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#endif /* GNUTLS_X509_H */
|
2
wine
2
wine
@ -1 +1 @@
|
|||||||
Subproject commit 0d666718091ff54b2304908e71ce0967465fb801
|
Subproject commit d6efa4b35e126d8de4e35c822c7185af4bb3df09
|
Loading…
Reference in New Issue
Block a user