ABI
Tracker

(GnuTLS)



Headers diff: 2.12.23 vs 3.0.1



 abstract.h (2.12.23)   abstract.h (3.0.1) 
/*
* Copyright (C) 2010-2011 Free Software Foundation, Inc.
*
* Author: Nikos Mavrogiannopoulos
*
* This file is part of GnuTLS.
*
* The GnuTLS is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public License
* as published by the Free Software Foundation; either version 3 of
* the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
#ifndef __GNUTLS_ABSTRACT_H #ifndef __GNUTLS_ABSTRACT_H
#define __GNUTLS_ABSTRACT_H #define __GNUTLS_ABSTRACT_H
#include <stdarg.h> #include <stdarg.h>
#include <gnutls/gnutls.h> #include <gnutls/gnutls.h>
#include <gnutls/x509.h> #include <gnutls/x509.h>
#include <gnutls/pkcs11.h> #include <gnutls/pkcs11.h>
#include <gnutls/openpgp.h> #include <gnutls/openpgp.h>
/* Public key operations */ /* Public key operations */
skipping to change at line 24 skipping to change at line 46
struct gnutls_privkey_st; struct gnutls_privkey_st;
typedef struct gnutls_privkey_st *gnutls_privkey_t; typedef struct gnutls_privkey_st *gnutls_privkey_t;
int gnutls_pubkey_init (gnutls_pubkey_t * key); int gnutls_pubkey_init (gnutls_pubkey_t * key);
void gnutls_pubkey_deinit (gnutls_pubkey_t key); void gnutls_pubkey_deinit (gnutls_pubkey_t key);
int gnutls_pubkey_get_pk_algorithm (gnutls_pubkey_t key, unsigned int *bits ); int gnutls_pubkey_get_pk_algorithm (gnutls_pubkey_t key, unsigned int *bits );
int gnutls_pubkey_import_x509 (gnutls_pubkey_t key, gnutls_x509_crt_t crt, int gnutls_pubkey_import_x509 (gnutls_pubkey_t key, gnutls_x509_crt_t crt,
unsigned int flags); unsigned int flags);
int gnutls_pubkey_import_pkcs11 (gnutls_pubkey_t pkey, int gnutls_pubkey_import_pkcs11 (gnutls_pubkey_t key,
gnutls_pkcs11_obj_t crt, unsigned int flag gnutls_pkcs11_obj_t obj, unsigned int flag
s); s);
int gnutls_pubkey_import_openpgp (gnutls_pubkey_t pkey, int gnutls_pubkey_import_openpgp (gnutls_pubkey_t key,
gnutls_openpgp_crt_t crt, gnutls_openpgp_crt_t crt,
unsigned int flags); unsigned int flags);
int int
gnutls_pubkey_import_privkey (gnutls_pubkey_t key, gnutls_privkey_t pkey, gnutls_pubkey_import_privkey (gnutls_pubkey_t key, gnutls_privkey_t pkey,
unsigned int usage, unsigned int flags); unsigned int usage, unsigned int flags);
int gnutls_pubkey_get_preferred_hash_algorithm (gnutls_pubkey_t key, int gnutls_pubkey_get_preferred_hash_algorithm (gnutls_pubkey_t key,
gnutls_digest_algorithm_t * gnutls_digest_algorithm_t *
hash, unsigned int *mand); hash, unsigned int *mand);
int gnutls_pubkey_get_pk_rsa_raw (gnutls_pubkey_t key, int gnutls_pubkey_get_pk_rsa_raw (gnutls_pubkey_t key,
gnutls_datum_t * m, gnutls_datum_t * e); gnutls_datum_t * m, gnutls_datum_t * e);
int gnutls_pubkey_get_pk_dsa_raw (gnutls_pubkey_t key, int gnutls_pubkey_get_pk_dsa_raw (gnutls_pubkey_t key,
gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * p, gnutls_datum_t * q,
gnutls_datum_t * g, gnutls_datum_t * y); gnutls_datum_t * g, gnutls_datum_t * y);
int gnutls_pubkey_get_pk_ecc_raw (gnutls_pubkey_t key, gnutls_ecc_curve_t *
curve,
gnutls_datum_t * x, gnutls_datum_t * y);
int gnutls_pubkey_export (gnutls_pubkey_t key, int gnutls_pubkey_export (gnutls_pubkey_t key,
gnutls_x509_crt_fmt_t format, gnutls_x509_crt_fmt_t format,
void *output_data, size_t * output_data_size); void *output_data, size_t * output_data_size);
int gnutls_pubkey_get_key_id (gnutls_pubkey_t key, unsigned int flags, int gnutls_pubkey_get_key_id (gnutls_pubkey_t key, unsigned int flags,
unsigned char *output_data, unsigned char *output_data,
size_t * output_data_size); size_t * output_data_size);
int
gnutls_pubkey_get_openpgp_key_id (gnutls_pubkey_t key, unsigned int flags,
unsigned char *output_data,
size_t * output_data_size,
unsigned int *subkey);
int gnutls_pubkey_get_key_usage (gnutls_pubkey_t key, unsigned int *usage); int gnutls_pubkey_get_key_usage (gnutls_pubkey_t key, unsigned int *usage);
int gnutls_pubkey_set_key_usage (gnutls_pubkey_t key, unsigned int usage); int gnutls_pubkey_set_key_usage (gnutls_pubkey_t key, unsigned int usage);
int gnutls_pubkey_import (gnutls_pubkey_t key, int gnutls_pubkey_import (gnutls_pubkey_t key,
const gnutls_datum_t * data, const gnutls_datum_t * data,
gnutls_x509_crt_fmt_t format); gnutls_x509_crt_fmt_t format);
int gnutls_pubkey_import_pkcs11_url (gnutls_pubkey_t key, const char *url, int gnutls_pubkey_import_pkcs11_url (gnutls_pubkey_t key, const char *url,
unsigned int flags unsigned int flags
/* GNUTLS_PKCS11_OBJ_FLAG_* */ ); /* GNUTLS_PKCS11_OBJ_FLAG_* */ );
skipping to change at line 74 skipping to change at line 104
const gnutls_datum_t * g, const gnutls_datum_t * g,
const gnutls_datum_t * y); const gnutls_datum_t * y);
int gnutls_pubkey_import_rsa_raw (gnutls_pubkey_t key, int gnutls_pubkey_import_rsa_raw (gnutls_pubkey_t key,
const gnutls_datum_t * m, const gnutls_datum_t * m,
const gnutls_datum_t * e); const gnutls_datum_t * e);
int gnutls_x509_crt_set_pubkey (gnutls_x509_crt_t crt, gnutls_pubkey_t key) ; int gnutls_x509_crt_set_pubkey (gnutls_x509_crt_t crt, gnutls_pubkey_t key) ;
int gnutls_x509_crq_set_pubkey (gnutls_x509_crq_t crq, gnutls_pubkey_t key) ; int gnutls_x509_crq_set_pubkey (gnutls_x509_crq_t crq, gnutls_pubkey_t key) ;
#define GNUTLS_PUBKEY_VERIFY_FLAG_TLS_RSA 1
int int
gnutls_pubkey_verify_hash (gnutls_pubkey_t key, unsigned int flags, gnutls_pubkey_verify_hash (gnutls_pubkey_t key, unsigned int flags,
const gnutls_datum_t * hash, const gnutls_datum_t * hash,
const gnutls_datum_t * signature); const gnutls_datum_t * signature);
int int
gnutls_pubkey_get_verify_algorithm (gnutls_pubkey_t key, gnutls_pubkey_get_verify_algorithm (gnutls_pubkey_t key,
const gnutls_datum_t * signature, const gnutls_datum_t * signature,
gnutls_digest_algorithm_t * hash); gnutls_digest_algorithm_t * hash);
int gnutls_pubkey_verify_data (gnutls_pubkey_t pubkey, int gnutls_pubkey_verify_data (gnutls_pubkey_t pubkey,
unsigned int flags, unsigned int flags,
const gnutls_datum_t * data, const gnutls_datum_t * data,
const gnutls_datum_t * signature); const gnutls_datum_t * signature);
int
gnutls_pubkey_verify_data2 (gnutls_pubkey_t pubkey,
gnutls_sign_algorithm_t algo,
unsigned int flags,
const gnutls_datum_t * data,
const gnutls_datum_t * signature);
/* Private key operations */ /* Private key operations */
int gnutls_privkey_init (gnutls_privkey_t * key); int gnutls_privkey_init (gnutls_privkey_t * key);
void gnutls_privkey_deinit (gnutls_privkey_t key); void gnutls_privkey_deinit (gnutls_privkey_t key);
int gnutls_privkey_get_pk_algorithm (gnutls_privkey_t key, int gnutls_privkey_get_pk_algorithm (gnutls_privkey_t key,
unsigned int *bits); unsigned int *bits);
int
gnutls_privkey_get_preferred_hash_algorithm (gnutls_privkey_t key,
gnutls_digest_algorithm_t *
hash, unsigned int *mand);
gnutls_privkey_type_t gnutls_privkey_get_type (gnutls_privkey_t key); gnutls_privkey_type_t gnutls_privkey_get_type (gnutls_privkey_t key);
#define GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE (1<<0) #define GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE 1
#define GNUTLS_PRIVKEY_IMPORT_COPY (1<<1)
int gnutls_privkey_import_pkcs11 (gnutls_privkey_t pkey, int gnutls_privkey_import_pkcs11 (gnutls_privkey_t pkey,
gnutls_pkcs11_privkey_t key, gnutls_pkcs11_privkey_t key,
unsigned int flags); unsigned int flags);
int gnutls_privkey_import_x509 (gnutls_privkey_t pkey, int gnutls_privkey_import_x509 (gnutls_privkey_t pkey,
gnutls_x509_privkey_t key, gnutls_x509_privkey_t key,
unsigned int flags); unsigned int flags);
int gnutls_privkey_import_openpgp (gnutls_privkey_t pkey, int gnutls_privkey_import_openpgp (gnutls_privkey_t pkey,
gnutls_openpgp_privkey_t key, gnutls_openpgp_privkey_t key,
unsigned int flags); unsigned int flags);
skipping to change at line 147 skipping to change at line 178
gnutls_x509_crt_t issuer, gnutls_x509_crt_t issuer,
gnutls_privkey_t issuer_key, gnutls_privkey_t issuer_key,
gnutls_digest_algorithm_t dig, gnutls_digest_algorithm_t dig,
unsigned int flags); unsigned int flags);
int gnutls_x509_crq_privkey_sign (gnutls_x509_crq_t crq, int gnutls_x509_crq_privkey_sign (gnutls_x509_crq_t crq,
gnutls_privkey_t key, gnutls_privkey_t key,
gnutls_digest_algorithm_t dig, gnutls_digest_algorithm_t dig,
unsigned int flags); unsigned int flags);
/**
* gnutls_pcert_st:
* @pubkey: public key of parsed certificate.
* @cert: certificate itself of parsed certificate
* @type: type of certificate, a #gnutls_certificate_type_t type.
*
* A parsed certificate.
*/
typedef struct gnutls_pcert_st
{
gnutls_pubkey_t pubkey;
gnutls_datum_t cert;
gnutls_certificate_type_t type;
} gnutls_pcert_st;
/* Do not initialize the "cert" element of
* the certificate */
#define GNUTLS_PCERT_NO_CERT 1
int gnutls_pcert_import_x509 (gnutls_pcert_st* pcert,
gnutls_x509_crt_t crt, unsigned int flags);
int
gnutls_pcert_list_import_x509_raw (gnutls_pcert_st * pcerts,
unsigned int *pcert_max,
const gnutls_datum_t * data,
gnutls_x509_crt_fmt_t format, unsigned int fla
gs);
int gnutls_pcert_import_x509_raw (gnutls_pcert_st* pcert,
const gnutls_datum_t* cert,
gnutls_x509_crt_fmt_t format, unsigned int flags);
int gnutls_pcert_import_openpgp_raw (gnutls_pcert_st* pcert,
const gnutls_datum_t* cert,
gnutls_openpgp_crt_fmt_t format,
gnutls_openpgp_keyid_t keyid, unsigned int flags);
int gnutls_pcert_import_openpgp (gnutls_pcert_st* pcert,
gnutls_openpgp_crt_t crt, unsigned int flags);
void gnutls_pcert_deinit (gnutls_pcert_st* pcert);
/* For certificate credentials */
/* This is the same as gnutls_certificate_retrieve_function()
* but retrieves a gnutls_pcert_st which requires much less processing
* within the library.
*/
typedef int gnutls_certificate_retrieve_function2 (gnutls_session_t,
const gnutls_datum_t *
req_ca_rdn,
int nreqs,
const
gnutls_pk_algorithm_t
* pk_algos,
int pk_algos_length,
gnutls_pcert_st **,
unsigned int *pcert_len
gth,
gnutls_privkey_t *privk
ey);
void gnutls_certificate_set_retrieve_function2
(gnutls_certificate_credentials_t cred,
gnutls_certificate_retrieve_function2 * func);
#endif #endif
 End of changes. 9 change blocks. 
11 lines changed or deleted 109 lines changed or added


 compat.h (2.12.23)   compat.h (3.0.1) 
/*
* Copyright (C) 2008-2011 Free Software Foundation, Inc.
*
* Author: Nikos Mavrogiannopoulos
*
* This file is part of GnuTLS.
*
* The GnuTLS is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public License
* as published by the Free Software Foundation; either version 3 of
* the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
/* Typedefs for more compatibility with older GnuTLS. */ /* Typedefs for more compatibility with older GnuTLS. */
#ifndef _GNUTLS_COMPAT_H #ifndef _GNUTLS_COMPAT_H
#define _GNUTLS_COMPAT_H #define _GNUTLS_COMPAT_H
#ifdef __cplusplus #ifdef __cplusplus
extern "C" extern "C"
{ {
#endif #endif
skipping to change at line 27 skipping to change at line 49
#define _GNUTLS_GCC_ATTR_DEPRECATED __attribute__ ((__deprecated__)) #define _GNUTLS_GCC_ATTR_DEPRECATED __attribute__ ((__deprecated__))
#endif #endif
#endif #endif
#endif /* __GNUC__ */ #endif /* __GNUC__ */
#ifndef _GNUTLS_GCC_ATTR_DEPRECATED #ifndef _GNUTLS_GCC_ATTR_DEPRECATED
#define _GNUTLS_GCC_ATTR_DEPRECATED #define _GNUTLS_GCC_ATTR_DEPRECATED
#endif #endif
/* gnutls_connection_end_t was made redundant in 2.99.0 */
#define gnutls_connection_end_t unsigned int
/* no longer valid since 2.99.0 */
#define gnutls_transport_set_lowat(session, num)
/* Stuff deprected in 2.x */
#define gnutls_cipher_algorithm gnutls_cipher_algorithm_t #define gnutls_cipher_algorithm gnutls_cipher_algorithm_t
#define gnutls_kx_algorithm gnutls_kx_algorithm_t #define gnutls_kx_algorithm gnutls_kx_algorithm_t
#define gnutls_paramsype gnutls_paramsype_t #define gnutls_paramsype gnutls_paramsype_t
#define gnutls_mac_algorithm gnutls_mac_algorithm_t #define gnutls_mac_algorithm gnutls_mac_algorithm_t
#define gnutls_digest_algorithm gnutls_digest_algorithm_t #define gnutls_digest_algorithm gnutls_digest_algorithm_t
#define gnutls_compression_method gnutls_compression_method_t #define gnutls_compression_method gnutls_compression_method_t
#define gnutls_connection_end gnutls_connection_end_t #define gnutls_connection_end gnutls_connection_end_t
#define gnutls_credentialsype gnutls_credentialsype_t #define gnutls_credentialsype gnutls_credentialsype_t
#define gnutls_certificateype gnutls_certificateype_t #define gnutls_certificateype gnutls_certificateype_t
#define gnutls_x509_crt_fmt gnutls_x509_crt_fmt_t #define gnutls_x509_crt_fmt gnutls_x509_crt_fmt_t
skipping to change at line 185 skipping to change at line 214
gnutls_datum_t * signature); gnutls_datum_t * signature);
void void
gnutls_sign_callback_set (gnutls_session_t session, gnutls_sign_callback_set (gnutls_session_t session,
gnutls_sign_func sign_func, void *userdata) gnutls_sign_func sign_func, void *userdata)
_GNUTLS_GCC_ATTR_DEPRECATED; _GNUTLS_GCC_ATTR_DEPRECATED;
gnutls_sign_func gnutls_sign_func
gnutls_sign_callback_get (gnutls_session_t session, void **userdata) gnutls_sign_callback_get (gnutls_session_t session, void **userdata)
_GNUTLS_GCC_ATTR_DEPRECATED; _GNUTLS_GCC_ATTR_DEPRECATED;
/* Extension API is no longer exported because a lot of internal
* structures are used. Currently it works due to a compatibility
* layer, but will be removed in later versions.
*/
int gnutls_ext_register (int type,
const char *name,
gnutls_ext_parse_type_t parse_type,
gnutls_ext_recv_func recv_func,
gnutls_ext_send_func send_func)
_GNUTLS_GCC_ATTR_DEPRECATED;
/* We no longer support the finished callback. Use
* gnutls_session_channel_binding for similar functionality.
*/
typedef void (*gnutls_finished_callback_func) (gnutls_session_t sessio
n,
const void *finished,
size_t len);
void gnutls_session_set_finished_function (gnutls_session_t session,
gnutls_finished_callback_fu
nc
func)
_GNUTLS_GCC_ATTR_DEPRECATED;
/* returns security values.
* Do not use them unless you know what you're doing. Those are dangerous s
ince
* they depend on a particular TLS version number
*/
#define GNUTLS_MASTER_SIZE 48
#define GNUTLS_RANDOM_SIZE 32
const void *gnutls_session_get_server_random (gnutls_session_t session
)
_GNUTLS_GCC_ATTR_DEPRECATED;
const void *gnutls_session_get_client_random (gnutls_session_t session
)
_GNUTLS_GCC_ATTR_DEPRECATED;
const void *gnutls_session_get_master_secret (gnutls_session_t session
)
_GNUTLS_GCC_ATTR_DEPRECATED;
int gnutls_psk_netconf_derive_key (const char *password,
const char *psk_identity,
const char *psk_identity_hint,
gnutls_datum_t *
output_key)
_GNUTLS_GCC_ATTR_DEPRECATED;
/* This is a very dangerous and error-prone function. /* This is a very dangerous and error-prone function.
* Use gnutls_privkey_sign_hash() instead. * Use gnutls_privkey_sign_hash() instead.
*/ */
int gnutls_x509_privkey_sign_hash (gnutls_x509_privkey_t key, int gnutls_x509_privkey_sign_hash (gnutls_x509_privkey_t key,
const gnutls_datum_t * hash, const gnutls_datum_t * hash,
gnutls_datum_t * signature) gnutls_datum_t * signature)
_GNUTLS_GCC_ATTR_DEPRECATED; _GNUTLS_GCC_ATTR_DEPRECATED;
int gnutls_openpgp_privkey_sign_hash (gnutls_openpgp_privkey_t key, int gnutls_openpgp_privkey_sign_hash (gnutls_openpgp_privkey_t key,
const gnutls_datum_t * hash, const gnutls_datum_t * hash,
gnutls_datum_t * signature) gnutls_datum_t * signature)
_GNUTLS_GCC_ATTR_DEPRECATED; _GNUTLS_GCC_ATTR_DEPRECATED;
/* Deprecated because verify_* functions are moved to public
* keys. Check abstract.h for similar functionality.
*/
int gnutls_x509_privkey_verify_data (gnutls_x509_privkey_t key,
unsigned int flags,
const gnutls_datum_t * data,
const gnutls_datum_t * signature)
_GNUTLS_GCC_ATTR_DEPRECATED;
/* we support the gnutls_privkey_sign_data() instead. /* we support the gnutls_privkey_sign_data() instead.
*/ */
int gnutls_x509_privkey_sign_data (gnutls_x509_privkey_t key, int gnutls_x509_privkey_sign_data (gnutls_x509_privkey_t key,
gnutls_digest_algorithm_t digest, gnutls_digest_algorithm_t digest,
unsigned int flags, unsigned int flags,
const gnutls_datum_t * data, const gnutls_datum_t * data,
void *signature, void *signature,
size_t * signature_size) size_t * signature_size)
_GNUTLS_GCC_ATTR_DEPRECATED; _GNUTLS_GCC_ATTR_DEPRECATED;
skipping to change at line 287 skipping to change at line 265
_GNUTLS_GCC_ATTR_DEPRECATED; _GNUTLS_GCC_ATTR_DEPRECATED;
/* gnutls_pubkey_get_preferred_hash_algorithm() */ /* gnutls_pubkey_get_preferred_hash_algorithm() */
int gnutls_x509_crt_get_preferred_hash_algorithm (gnutls_x509_crt_t crt, int gnutls_x509_crt_get_preferred_hash_algorithm (gnutls_x509_crt_t crt,
gnutls_digest_algorithm _t gnutls_digest_algorithm _t
* hash, * hash,
unsigned int *mand) unsigned int *mand)
_GNUTLS_GCC_ATTR_DEPREC ATED; _GNUTLS_GCC_ATTR_DEPREC ATED;
/* gnutls_x509_crq_privkey_sign() */ /* gnutls_x509_crq_privkey_sign() */
int gnutls_x509_crq_sign2 (gnutls_x509_crq_t crq,
gnutls_x509_privkey_t key,
gnutls_digest_algorithm_t dig,
unsigned int flags)
_GNUTLS_GCC_ATTR_DEPRECATED;
int gnutls_x509_crq_sign (gnutls_x509_crq_t crq, gnutls_x509_privkey_t ke y) int gnutls_x509_crq_sign (gnutls_x509_crq_t crq, gnutls_x509_privkey_t ke y)
_GNUTLS_GCC_ATTR_DEPRECATED; _GNUTLS_GCC_ATTR_DEPRECATED;
/* gnutls_x509_crl_privkey_sign */ /* gnutls_x509_crl_privkey_sign */
int gnutls_x509_crl_sign (gnutls_x509_crl_t crl, int gnutls_x509_crl_sign (gnutls_x509_crl_t crl,
gnutls_x509_crt_t issuer, gnutls_x509_crt_t issuer,
gnutls_x509_privkey_t issuer_key) gnutls_x509_privkey_t issuer_key)
_GNUTLS_GCC_ATTR_DEPRECATED; _GNUTLS_GCC_ATTR_DEPRECATED;
int gnutls_x509_crl_sign2 (gnutls_x509_crl_t crl,
gnutls_x509_crt_t issuer,
gnutls_x509_privkey_t issuer_key,
gnutls_digest_algorithm_t dig,
unsigned int flags)
_GNUTLS_GCC_ATTR_DEPRECATED;
void gnutls_certificate_get_x509_cas (gnutls_certificate_credentials_t sc
,
gnutls_x509_crt_t ** x509_ca_list,
unsigned int *ncas)
_GNUTLS_GCC_ATTR_DEPRECATED;
void gnutls_certificate_get_x509_crls (gnutls_certificate_credentials_t s
c,
gnutls_x509_crl_t ** x509_crl_list
,
unsigned int *ncrls)
_GNUTLS_GCC_ATTR_DEPRECATED;
void
gnutls_certificate_get_openpgp_keyring (gnutls_certificate_credentials_
t
sc,
gnutls_openpgp_keyring_t *
keyring)
_GNUTLS_GCC_ATTR_DEPRECATED;
/* this is obsolete (?). */
int gnutls_certificate_verify_peers (gnutls_session_t session)
_GNUTLS_GCC_ATTR_DEPRECATED;
/* functions to set priority of cipher suites /* functions to set priority of cipher suites
*/ */
int gnutls_cipher_set_priority (gnutls_session_t session, const int *list ) int gnutls_cipher_set_priority (gnutls_session_t session, const int *list )
_GNUTLS_GCC_ATTR_DEPRECATED; _GNUTLS_GCC_ATTR_DEPRECATED;
int gnutls_mac_set_priority (gnutls_session_t session, const int *list) int gnutls_mac_set_priority (gnutls_session_t session, const int *list)
_GNUTLS_GCC_ATTR_DEPRECATED; _GNUTLS_GCC_ATTR_DEPRECATED;
int gnutls_compression_set_priority (gnutls_session_t session, int gnutls_compression_set_priority (gnutls_session_t session,
const int *list) const int *list)
_GNUTLS_GCC_ATTR_DEPRECATED; _GNUTLS_GCC_ATTR_DEPRECATED;
int gnutls_kx_set_priority (gnutls_session_t session, const int *list) int gnutls_kx_set_priority (gnutls_session_t session, const int *list)
_GNUTLS_GCC_ATTR_DEPRECATED; _GNUTLS_GCC_ATTR_DEPRECATED;
int gnutls_protocol_set_priority (gnutls_session_t session, int gnutls_protocol_set_priority (gnutls_session_t session,
const int *list) const int *list)
_GNUTLS_GCC_ATTR_DEPRECATED; _GNUTLS_GCC_ATTR_DEPRECATED;
int gnutls_certificate_type_set_priority (gnutls_session_t session, int gnutls_certificate_type_set_priority (gnutls_session_t session,
const int *list) const int *list)
_GNUTLS_GCC_ATTR_DEPRECATED; _GNUTLS_GCC_ATTR_DEPRECATED;
void gnutls_transport_set_lowat (gnutls_session_t session, int num) _GNUT
LS_GCC_ATTR_DEPRECATED;
void gnutls_transport_set_global_errno (int err) _GNUTLS_GCC_ATTR_DEPRECA
TED;
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* _GNUTLS_COMPAT_H */ #endif /* _GNUTLS_COMPAT_H */
 End of changes. 7 change blocks. 
99 lines changed or deleted 29 lines changed or added


 crypto.h (2.12.23)   crypto.h (3.0.1) 
/* /*
* Copyright (C) 2008, 2009, 2010 Free Software Foundation, Inc. * Copyright (C) 2008-2011 Free Software Foundation, Inc.
* *
* Author: Nikos Mavrogiannopoulos * Author: Nikos Mavrogiannopoulos
* *
* This file is part of GnuTLS. * This file is part of GnuTLS.
* *
* The GnuTLS is free software; you can redistribute it and/or * The GnuTLS is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public License * modify it under the terms of the GNU Lesser General Public License
* as published by the Free Software Foundation; either version 2.1 of * as published by the Free Software Foundation; either version 3 of
* the License, or (at your option) any later version. * the License, or (at your option) any later version.
* *
* This library is distributed in the hope that it will be useful, but * This library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details. * Lesser General Public License for more details.
* *
* You should have received a copy of the GNU Lesser General Public * You should have received a copy of the GNU Lesser General Public License
* License along with this library; if not, write to the Free Software * along with this program. If not, see <http://www.gnu.org/licenses/>
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
,
* USA
* *
*/ */
#ifndef GNUTLS_CRYPTO_H #ifndef GNUTLS_CRYPTO_H
#define GNUTLS_CRYPTO_H #define GNUTLS_CRYPTO_H
#ifdef __cplusplus #ifdef __cplusplus
extern "C" extern "C"
{ {
#endif #endif
skipping to change at line 46 skipping to change at line 44
gnutls_cipher_algorithm_t cipher, gnutls_cipher_algorithm_t cipher,
const gnutls_datum_t * key, const gnutls_datum_t * key,
const gnutls_datum_t * iv); const gnutls_datum_t * iv);
int gnutls_cipher_encrypt (const gnutls_cipher_hd_t handle, int gnutls_cipher_encrypt (const gnutls_cipher_hd_t handle,
void *text, size_t textlen); void *text, size_t textlen);
int gnutls_cipher_decrypt (const gnutls_cipher_hd_t handle, int gnutls_cipher_decrypt (const gnutls_cipher_hd_t handle,
void *ciphertext, size_t ciphertextlen); void *ciphertext, size_t ciphertextlen);
int gnutls_cipher_decrypt2 (gnutls_cipher_hd_t handle, int gnutls_cipher_decrypt2 (gnutls_cipher_hd_t handle,
const void *ciphertext, size_t ciphertextlen, const void *ciphertext, size_t ciphertextlen,
void *text, size_t textlen); void *text, size_t textlen);
int gnutls_cipher_encrypt2 (gnutls_cipher_hd_t handle, void *text, int gnutls_cipher_encrypt2 (gnutls_cipher_hd_t handle, const void *text,
size_t textlen, void *ciphertext, size_t textlen, void *ciphertext,
size_t ciphertextlen); size_t ciphertextlen);
void gnutls_cipher_set_iv (gnutls_cipher_hd_t handle, void *iv, size_t iv
len);
int gnutls_cipher_tag( gnutls_cipher_hd_t handle, void* tag, size_t tag_s
ize);
int gnutls_cipher_add_auth( gnutls_cipher_hd_t handle, const void* text,
size_t text_size);
void gnutls_cipher_deinit (gnutls_cipher_hd_t handle); void gnutls_cipher_deinit (gnutls_cipher_hd_t handle);
int gnutls_cipher_get_block_size (gnutls_cipher_algorithm_t algorithm); int gnutls_cipher_get_block_size (gnutls_cipher_algorithm_t algorithm);
typedef struct hash_hd_st *gnutls_hash_hd_t; typedef struct hash_hd_st *gnutls_hash_hd_t;
typedef struct hmac_hd_st *gnutls_hmac_hd_t; typedef struct hmac_hd_st *gnutls_hmac_hd_t;
int gnutls_hmac_init (gnutls_hmac_hd_t * dig, int gnutls_hmac_init (gnutls_hmac_hd_t * dig,
gnutls_digest_algorithm_t algorithm, const void *ke y, gnutls_digest_algorithm_t algorithm, const void *ke y,
size_t keylen); size_t keylen);
int gnutls_hmac (gnutls_hmac_hd_t handle, const void *text, size_t textle n); int gnutls_hmac (gnutls_hmac_hd_t handle, const void *text, size_t textle n);
skipping to change at line 78 skipping to change at line 81
gnutls_digest_algorithm_t algorithm); gnutls_digest_algorithm_t algorithm);
int gnutls_hash (gnutls_hash_hd_t handle, const void *text, size_t textle n); int gnutls_hash (gnutls_hash_hd_t handle, const void *text, size_t textle n);
void gnutls_hash_output (gnutls_hash_hd_t handle, void *digest); void gnutls_hash_output (gnutls_hash_hd_t handle, void *digest);
void gnutls_hash_deinit (gnutls_hash_hd_t handle, void *digest); void gnutls_hash_deinit (gnutls_hash_hd_t handle, void *digest);
int gnutls_hash_get_len (gnutls_digest_algorithm_t algorithm); int gnutls_hash_get_len (gnutls_digest_algorithm_t algorithm);
int gnutls_hash_fast (gnutls_digest_algorithm_t algorithm, int gnutls_hash_fast (gnutls_digest_algorithm_t algorithm,
const void *text, size_t textlen, void *digest); const void *text, size_t textlen, void *digest);
/* register ciphers */ /* register ciphers */
#define GNUTLS_CRYPTO_API_VERSION 0x03
#define gnutls_crypto_single_cipher_st gnutls_crypto_cipher_st
#define gnutls_crypto_single_mac_st gnutls_crypto_mac_st
#define gnutls_crypto_single_digest_st gnutls_crypto_digest_st
typedef struct
{
int (*init) (gnutls_cipher_algorithm_t, void **ctx);
int (*setkey) (void *ctx, const void *key, size_t keysize);
int (*setiv) (void *ctx, const void *iv, size_t ivsize);
int (*encrypt) (void *ctx, const void *plain, size_t plainsize,
void *encr, size_t encrsize);
int (*decrypt) (void *ctx, const void *encr, size_t encrsize,
void *plain, size_t plainsize);
void (*deinit) (void *ctx);
} gnutls_crypto_cipher_st;
typedef struct
{
int (*init) (gnutls_mac_algorithm_t, void **ctx);
int (*setkey) (void *ctx, const void *key, size_t keysize);
int (*hash) (void *ctx, const void *text, size_t textsize);
int (*output) (void *src_ctx, void *digest, size_t digestsize);
void (*deinit) (void *ctx);
} gnutls_crypto_mac_st;
typedef struct
{
int (*init) (gnutls_mac_algorithm_t, void **ctx);
int (*hash) (void *ctx, const void *text, size_t textsize);
int (*copy) (void **dst_ctx, void *src_ctx);
int (*output) (void *src_ctx, void *digest, size_t digestsize);
void (*deinit) (void *ctx);
} gnutls_crypto_digest_st;
/** /**
* gnutls_rnd_level_t: * gnutls_rnd_level_t:
* @GNUTLS_RND_NONCE: Non-predictable random number. Fatal in parts * @GNUTLS_RND_NONCE: Non-predictable random number. Fatal in parts
* of session if broken, i.e., vulnerable to statistical analysis. * of session if broken, i.e., vulnerable to statistical analysis.
* @GNUTLS_RND_RANDOM: Pseudo-random cryptographic random number. * @GNUTLS_RND_RANDOM: Pseudo-random cryptographic random number.
* Fatal in session if broken. * Fatal in session if broken.
* @GNUTLS_RND_KEY: Fatal in many sessions if broken. * @GNUTLS_RND_KEY: Fatal in many sessions if broken.
* *
* Enumeration of random quality levels. * Enumeration of random quality levels.
*/ */
typedef enum gnutls_rnd_level typedef enum gnutls_rnd_level
{ {
GNUTLS_RND_NONCE = 0, GNUTLS_RND_NONCE = 0,
GNUTLS_RND_RANDOM = 1, GNUTLS_RND_RANDOM = 1,
GNUTLS_RND_KEY = 2 GNUTLS_RND_KEY = 2
} gnutls_rnd_level_t; } gnutls_rnd_level_t;
int gnutls_rnd (gnutls_rnd_level_t level, void *data, size_t len); int gnutls_rnd (gnutls_rnd_level_t level, void *data, size_t len);
/**
* gnutls_pk_flag_t:
* @GNUTLS_PK_FLAG_NONE: No flag.
*
* Enumeration of public-key flag.
*/
typedef enum
{
GNUTLS_PK_FLAG_NONE = 0
} gnutls_pk_flag_t;
typedef struct gnutls_crypto_rnd
{
int (*init) (void **ctx);
int (*rnd) (void *ctx, int level, void *data, size_t datasize);
void (*deinit) (void *ctx);
} gnutls_crypto_rnd_st;
typedef void *bigint_t;
/**
* gnutls_bigint_format_t:
* @GNUTLS_MPI_FORMAT_USG: Raw unsigned integer format.
* @GNUTLS_MPI_FORMAT_STD: Raw signed integer format, always a leading
* zero when positive.
* @GNUTLS_MPI_FORMAT_PGP: The pgp integer format.
*
* Enumeration of different bignum integer encoding formats.
*/
typedef enum
{
/* raw unsigned integer format */
GNUTLS_MPI_FORMAT_USG = 0,
/* raw signed integer format - always a leading zero when positive */
GNUTLS_MPI_FORMAT_STD = 1,
/* the pgp integer format */
GNUTLS_MPI_FORMAT_PGP = 2
} gnutls_bigint_format_t;
typedef struct
{
bigint_t g; /* group generator */
bigint_t p; /* prime */
} gnutls_group_st;
/* Multi precision integer arithmetic */
typedef struct gnutls_crypto_bigint
{
bigint_t (*bigint_new) (int nbits);
void (*bigint_release) (bigint_t n);
/* 0 for equality, > 0 for m1>m2, < 0 for m1<m2 */
int (*bigint_cmp) (const bigint_t m1, const bigint_t m2);
/* as bigint_cmp */
int (*bigint_cmp_ui) (const bigint_t m1, unsigned long m2);
/* ret = a % b */
bigint_t (*bigint_mod) (const bigint_t a, const bigint_t b);
/* a = b -> ret == a */
bigint_t (*bigint_set) (bigint_t a, const bigint_t b);
/* a = b -> ret == a */
bigint_t (*bigint_set_ui) (bigint_t a, unsigned long b);
unsigned int (*bigint_get_nbits) (const bigint_t a);
/* w = b ^ e mod m */
bigint_t (*bigint_powm) (bigint_t w, const bigint_t b,
const bigint_t e, const bigint_t m);
/* w = a + b mod m */
bigint_t (*bigint_addm) (bigint_t w, const bigint_t a,
const bigint_t b, const bigint_t m);
/* w = a - b mod m */
bigint_t (*bigint_subm) (bigint_t w, const bigint_t a, const bigint_t
b,
const bigint_t m);
/* w = a * b mod m */
bigint_t (*bigint_mulm) (bigint_t w, const bigint_t a, const bigint_t
b,
const bigint_t m);
/* w = a + b */ bigint_t (*bigint_add) (bigint_t w, const bigint_t a,
const bigint_t b);
/* w = a - b */ bigint_t (*bigint_sub) (bigint_t w, const bigint_t a,
const bigint_t b);
/* w = a * b */
bigint_t (*bigint_mul) (bigint_t w, const bigint_t a, const bigint_t
b);
/* w = a + b */
bigint_t (*bigint_add_ui) (bigint_t w, const bigint_t a,
unsigned long b);
/* w = a - b */
bigint_t (*bigint_sub_ui) (bigint_t w, const bigint_t a,
unsigned long b);
/* w = a * b */
bigint_t (*bigint_mul_ui) (bigint_t w, const bigint_t a,
unsigned long b);
/* q = a / b */
bigint_t (*bigint_div) (bigint_t q, const bigint_t a, const bigint_t
b);
/* 0 if prime */
int (*bigint_prime_check) (const bigint_t pp);
int (*bigint_generate_group) (gnutls_group_st * gg, unsigned int bits);
/* reads an bigint from a buffer */
/* stores an bigint into the buffer. returns
* GNUTLS_E_SHORT_MEMORY_BUFFER if buf_size is not sufficient to
* store this integer, and updates the buf_size;
*/
bigint_t (*bigint_scan) (const void *buf, size_t buf_size,
gnutls_bigint_format_t format);
int (*bigint_print) (const bigint_t a, void *buf, size_t * buf_size,
gnutls_bigint_format_t format);
} gnutls_crypto_bigint_st;
#define GNUTLS_MAX_PK_PARAMS 16
typedef struct
{
bigint_t params[GNUTLS_MAX_PK_PARAMS];
unsigned int params_nr; /* the number of parameters */
unsigned int flags;
} gnutls_pk_params_st;
void gnutls_pk_params_release (gnutls_pk_params_st * p);
void gnutls_pk_params_init (gnutls_pk_params_st * p);
/* params are:
* RSA:
* [0] is modulus
* [1] is public exponent
* [2] is private exponent (private key only)
* [3] is prime1 (p) (private key only)
* [4] is prime2 (q) (private key only)
* [5] is coefficient (u == inverse of p mod q) (private key only)
* [6] e1 == d mod (p-1)
* [7] e2 == d mod (q-1)
*
* note that for libgcrypt that does not use the inverse of q mod p,
* we need to perform conversions using fixup_params().
*
* DSA:
* [0] is p
* [1] is q
* [2] is g
* [3] is y (public key)
* [4] is x (private key only)
*/
/**
* gnutls_direction_t:
* @GNUTLS_IMPORT: Import direction.
* @GNUTLS_EXPORT: Export direction.
*
* Enumeration of different directions.
*/
typedef enum
{
GNUTLS_IMPORT = 0,
GNUTLS_EXPORT = 1
} gnutls_direction_t;
/* Public key algorithms */
typedef struct gnutls_crypto_pk
{
/* The params structure should contain the private or public key
* parameters, depending on the operation */
int (*encrypt) (gnutls_pk_algorithm_t, gnutls_datum_t * ciphertext,
const gnutls_datum_t * plaintext,
const gnutls_pk_params_st * pub);
int (*decrypt) (gnutls_pk_algorithm_t, gnutls_datum_t * plaintext,
const gnutls_datum_t * ciphertext,
const gnutls_pk_params_st * priv);
int (*sign) (gnutls_pk_algorithm_t, gnutls_datum_t * signature,
const gnutls_datum_t * data,
const gnutls_pk_params_st * priv);
int (*verify) (gnutls_pk_algorithm_t, const gnutls_datum_t * data,
const gnutls_datum_t * signature,
const gnutls_pk_params_st * pub);
int (*generate) (gnutls_pk_algorithm_t, unsigned int nbits,
gnutls_pk_params_st *);
/* this function should convert params to ones suitable
* for the above functions
*/
int (*pk_fixup_private_params) (gnutls_pk_algorithm_t, gnutls_direction
_t,
gnutls_pk_params_st *);
} gnutls_crypto_pk_st;
/* priority: infinity for backend algorithms, 90 for kernel
algorithms, lowest wins
*/
#define gnutls_crypto_single_cipher_register(algo, prio, st) \
gnutls_crypto_single_cipher_register2 (algo, prio, \
GNUTLS_CRYPTO_API_VERSION, st)
#define gnutls_crypto_single_mac_register(algo, prio, st) \
gnutls_crypto_single_mac_register2 (algo, prio, \
GNUTLS_CRYPTO_API_VERSION, st)
#define gnutls_crypto_single_digest_register(algo, prio, st) \
gnutls_crypto_single_digest_register2(algo, prio, \
GNUTLS_CRYPTO_API_VERSION, st)
int gnutls_crypto_single_cipher_register2 (gnutls_cipher_algorithm_t
algorithm, int priority,
int version,
const
gnutls_crypto_single_cipher_st
*
s);
int gnutls_crypto_single_mac_register2 (gnutls_mac_algorithm_t algorithm,
int priority, int version,
const gnutls_crypto_single_mac_st
*
s);
int gnutls_crypto_single_digest_register2 (gnutls_digest_algorithm_t
algorithm, int priority,
int version,
const
gnutls_crypto_single_digest_st
*
s);
#define gnutls_crypto_cipher_register(prio, st) \
gnutls_crypto_cipher_register2 (prio, GNUTLS_CRYPTO_API_VERSION, st)
#define gnutls_crypto_mac_register(prio, st) \
gnutls_crypto_mac_register2 (prio, GNUTLS_CRYPTO_API_VERSION, st)
#define gnutls_crypto_digest_register(prio, st) \
gnutls_crypto_digest_register2 (prio, GNUTLS_CRYPTO_API_VERSION, st)
int gnutls_crypto_cipher_register2 (int priority, int version,
const gnutls_crypto_cipher_st * s);
int gnutls_crypto_mac_register2 (int priority, int version,
const gnutls_crypto_mac_st * s);
int gnutls_crypto_digest_register2 (int priority, int version,
const gnutls_crypto_digest_st * s);
#define gnutls_crypto_rnd_register(prio, st) \
gnutls_crypto_rnd_register2 (prio, GNUTLS_CRYPTO_API_VERSION, st)
#define gnutls_crypto_pk_register(prio, st) \
gnutls_crypto_pk_register2 (prio, GNUTLS_CRYPTO_API_VERSION, st)
#define gnutls_crypto_bigint_register(prio, st) \
gnutls_crypto_bigint_register2 (prio, GNUTLS_CRYPTO_API_VERSION, st)
int gnutls_crypto_rnd_register2 (int priority, int version,
const gnutls_crypto_rnd_st * s);
int gnutls_crypto_pk_register2 (int priority, int version,
const gnutls_crypto_pk_st * s);
int gnutls_crypto_bigint_register2 (int priority, int version,
const gnutls_crypto_bigint_st * s);
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif #endif
 End of changes. 7 change blocks. 
291 lines changed or deleted 13 lines changed or added


 extra.h (2.12.23)   extra.h (3.0.1) 
/* /*
* Copyright (C) 2002, 2003, 2004, 2005, 2007, 2008, 2009, 2010 Free * Copyright (C) 2002-2011 Free Software Foundation, Inc.
* Software Foundation, Inc.
* *
* Author: Nikos Mavrogiannopoulos * Author: Nikos Mavrogiannopoulos
* *
* This file is part of GnuTLS-EXTRA. * This file is part of GnuTLS-EXTRA.
* *
* GnuTLS-extra is free software; you can redistribute it and/or * GnuTLS-extra is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License as * modify it under the terms of the GNU General Public License as
* published by the Free Software Foundation; either version 3 of the * published by the Free Software Foundation; either version 3 of the
* License, or (at your option) any later version. * License, or (at your option) any later version.
* *
skipping to change at line 42 skipping to change at line 41
#include <gnutls/gnutls.h> #include <gnutls/gnutls.h>
#ifdef __cplusplus #ifdef __cplusplus
extern "C" extern "C"
{ {
#endif #endif
#define GNUTLS_EXTRA_VERSION GNUTLS_VERSION #define GNUTLS_EXTRA_VERSION GNUTLS_VERSION
/* TLS/IA stuff
*/
/**
* gnutls_ia_apptype_t:
* @GNUTLS_IA_APPLICATION_PAYLOAD: TLS/IA application payload.
* @GNUTLS_IA_INTERMEDIATE_PHASE_FINISHED: TLS/IA intermediate phase fini
shed.
* @GNUTLS_IA_FINAL_PHASE_FINISHED: TLS/IA final phase finished.
*
* Enumeration of different certificate encoding formats.
*/
typedef enum
{
GNUTLS_IA_APPLICATION_PAYLOAD = 0,
GNUTLS_IA_INTERMEDIATE_PHASE_FINISHED = 1,
GNUTLS_IA_FINAL_PHASE_FINISHED = 2
} gnutls_ia_apptype_t;
/* TLS/IA credential
*/
typedef int (*gnutls_ia_avp_func) (gnutls_session_t session, void *ptr,
const char *last, size_t lastlen,
char **next, size_t * nextlen);
typedef struct gnutls_ia_server_credentials_st
*gnutls_ia_server_credentials_t;
typedef struct gnutls_ia_client_credentials_st
*gnutls_ia_client_credentials_t;
/* Allocate and free TLS/IA credentials. */
extern void
gnutls_ia_free_client_credentials (gnutls_ia_client_credentials_t sc)
_GNUTLS_GCC_ATTR_DEPRECATED;
extern int
gnutls_ia_allocate_client_credentials (gnutls_ia_client_credentials_t *
sc)
_GNUTLS_GCC_ATTR_DEPRECATED;
extern void
gnutls_ia_free_server_credentials (gnutls_ia_server_credentials_t sc)
_GNUTLS_GCC_ATTR_DEPRECATED;
extern int
gnutls_ia_allocate_server_credentials (gnutls_ia_server_credentials_t *
sc)
_GNUTLS_GCC_ATTR_DEPRECATED;
/* Client TLS/IA credential functions. */
extern void
gnutls_ia_set_client_avp_function (gnutls_ia_client_credentials_t cred,
gnutls_ia_avp_func avp_func)
_GNUTLS_GCC_ATTR_DEPRECATED;
extern void
gnutls_ia_set_client_avp_ptr (gnutls_ia_client_credentials_t cred,
void *ptr)
_GNUTLS_GCC_ATTR_DEPRECATED;
extern void *gnutls_ia_get_client_avp_ptr (gnutls_ia_client_credentials_t
cred)
_GNUTLS_GCC_ATTR_DEPRECATED;
/* Server TLS/IA credential functions. */
extern void
gnutls_ia_set_server_avp_function (gnutls_ia_server_credentials_t cred,
gnutls_ia_avp_func avp_func)
_GNUTLS_GCC_ATTR_DEPRECATED;
extern void
gnutls_ia_set_server_avp_ptr (gnutls_ia_server_credentials_t cred,
void *ptr)
_GNUTLS_GCC_ATTR_DEPRECATED;
extern void *gnutls_ia_get_server_avp_ptr (gnutls_ia_server_credentials_t
cred)
_GNUTLS_GCC_ATTR_DEPRECATED;
/* TLS/IA handshake. */
extern int gnutls_ia_handshake_p (gnutls_session_t session)
_GNUTLS_GCC_ATTR_DEPRECATED;
extern int gnutls_ia_handshake (gnutls_session_t session)
_GNUTLS_GCC_ATTR_DEPRECATED;
/* TLS/IA low level interface. */
extern int
gnutls_ia_permute_inner_secret (gnutls_session_t session,
size_t session_keys_size,
const char *session_keys)
_GNUTLS_GCC_ATTR_DEPRECATED;
extern int gnutls_ia_endphase_send (gnutls_session_t session, int final_p
);
extern int gnutls_ia_verify_endphase (gnutls_session_t session,
const char *checksum);
extern ssize_t gnutls_ia_send (gnutls_session_t session,
const char *data, size_t sizeofdata);
extern ssize_t gnutls_ia_recv (gnutls_session_t session,
char *data, size_t sizeofdata);
/* Utility stuff. */
extern int gnutls_ia_generate_challenge (gnutls_session_t session,
size_t buffer_size, char *buffer
)
_GNUTLS_GCC_ATTR_DEPRECATED;
extern void gnutls_ia_extract_inner_secret (gnutls_session_t session,
char *buffer)
_GNUTLS_GCC_ATTR_DEPRECATED;
/* Define whether inner phases are wanted. */
extern void gnutls_ia_enable (gnutls_session_t session,
int allow_skip_on_resume)
_GNUTLS_GCC_ATTR_DEPRECATED;
int gnutls_global_init_extra (void); int gnutls_global_init_extra (void);
/* Use internal (HMAC-)MD5 code, typically for use if libgcrypt is /* Use internal (HMAC-)MD5 code, typically for use if libgcrypt is
in FIPS mode. */ in FIPS mode. */
int gnutls_register_md5_handler (void); int gnutls_register_md5_handler (void);
/* returns libgnutls-extra version (call it with a NULL argument) /* returns libgnutls-extra version (call it with a NULL argument)
*/ */
const char *gnutls_extra_check_version (const char *req_version); const char *gnutls_extra_check_version (const char *req_version);
 End of changes. 2 change blocks. 
114 lines changed or deleted 1 lines changed or added


 gnutls.h (2.12.23)   gnutls.h (3.0.1) 
/* -*- c -*- /* -*- c -*-
* Copyright (C) 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, * Copyright (C) 2000-2011 Free Software Foundation, Inc.
* 2009, 2010 Free Software Foundation, Inc.
* *
* Author: Nikos Mavroyanopoulos * Author: Nikos Mavrogiannopoulos
* *
* This file is part of GnuTLS. * This file is part of GnuTLS.
* *
* The GnuTLS is free software; you can redistribute it and/or * The GnuTLS is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public License * modify it under the terms of the GNU Lesser General Public License
* as published by the Free Software Foundation; either version 2.1 of * as published by the Free Software Foundation; either version 3 of
* the License, or (at your option) any later version. * the License, or (at your option) any later version.
* *
* This library is distributed in the hope that it will be useful, but * This library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details. * Lesser General Public License for more details.
* *
* You should have received a copy of the GNU Lesser General Public * You should have received a copy of the GNU Lesser General Public License
* License along with this library; if not, write to the Free Software * along with this program. If not, see <http://www.gnu.org/licenses/>
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
* USA
* *
*/ */
/* This file contains the types and prototypes for all the /* This file contains the types and prototypes for all the
* high level functionality of gnutls main library. For the * high level functionality of gnutls main library. For the
* extra functionality (which is under the GNU GPL license) check * extra functionality (which is under the GNU GPL license) check
* the gnutls/extra.h header. The openssl compatibility layer is * the gnutls/extra.h header. The openssl compatibility layer is
* in gnutls/openssl.h. * in gnutls/openssl.h.
* *
* The low level cipher functionality is in libgcrypt. Check * The low level cipher functionality is in libgcrypt. Check
skipping to change at line 55 skipping to change at line 52
#include <sys/types.h> #include <sys/types.h>
/* *INDENT-ON* */ /* *INDENT-ON* */
#endif #endif
/* Get time_t. */ /* Get time_t. */
#include <time.h> #include <time.h>
#ifdef __cplusplus #ifdef __cplusplus
extern "C" extern "C"
{ {
#endif #endif
#define GNUTLS_VERSION "2.12.23" #define GNUTLS_VERSION "3.0.1"
#define GNUTLS_VERSION_MAJOR 2 #define GNUTLS_VERSION_MAJOR 3
#define GNUTLS_VERSION_MINOR 12 #define GNUTLS_VERSION_MINOR 0
#define GNUTLS_VERSION_PATCH 23 #define GNUTLS_VERSION_PATCH 1
#define GNUTLS_VERSION_NUMBER 0x020c17 #define GNUTLS_VERSION_NUMBER 0x030001
#define GNUTLS_CIPHER_RIJNDAEL_128_CBC GNUTLS_CIPHER_AES_128_CBC #define GNUTLS_CIPHER_RIJNDAEL_128_CBC GNUTLS_CIPHER_AES_128_CBC
#define GNUTLS_CIPHER_RIJNDAEL_256_CBC GNUTLS_CIPHER_AES_256_CBC #define GNUTLS_CIPHER_RIJNDAEL_256_CBC GNUTLS_CIPHER_AES_256_CBC
#define GNUTLS_CIPHER_RIJNDAEL_CBC GNUTLS_CIPHER_AES_128_CBC #define GNUTLS_CIPHER_RIJNDAEL_CBC GNUTLS_CIPHER_AES_128_CBC
#define GNUTLS_CIPHER_ARCFOUR GNUTLS_CIPHER_ARCFOUR_128 #define GNUTLS_CIPHER_ARCFOUR GNUTLS_CIPHER_ARCFOUR_128
/** /**
* gnutls_cipher_algorithm_t: * gnutls_cipher_algorithm_t:
* @GNUTLS_CIPHER_UNKNOWN: Unknown algorithm. * @GNUTLS_CIPHER_UNKNOWN: Unknown algorithm.
* @GNUTLS_CIPHER_NULL: NULL algorithm. * @GNUTLS_CIPHER_NULL: NULL algorithm.
* @GNUTLS_CIPHER_ARCFOUR_128: ARCFOUR stream cipher with 128-bit keys. * @GNUTLS_CIPHER_ARCFOUR_128: ARCFOUR stream cipher with 128-bit keys.
* @GNUTLS_CIPHER_3DES_CBC: 3DES in CBC mode. * @GNUTLS_CIPHER_3DES_CBC: 3DES in CBC mode.
* @GNUTLS_CIPHER_AES_128_CBC: AES in CBC mode with 128-bit keys. * @GNUTLS_CIPHER_AES_128_CBC: AES in CBC mode with 128-bit keys.
* @GNUTLS_CIPHER_AES_192_CBC: AES in CBC mode with 192-bit keys.
* @GNUTLS_CIPHER_AES_256_CBC: AES in CBC mode with 256-bit keys. * @GNUTLS_CIPHER_AES_256_CBC: AES in CBC mode with 256-bit keys.
* @GNUTLS_CIPHER_ARCFOUR_40: ARCFOUR stream cipher with 40-bit keys. * @GNUTLS_CIPHER_ARCFOUR_40: ARCFOUR stream cipher with 40-bit keys.
* @GNUTLS_CIPHER_CAMELLIA_128_CBC: Camellia in CBC mode with 128-bit key s. * @GNUTLS_CIPHER_CAMELLIA_128_CBC: Camellia in CBC mode with 128-bit key s.
* @GNUTLS_CIPHER_CAMELLIA_256_CBC: Camellia in CBC mode with 256-bit key s. * @GNUTLS_CIPHER_CAMELLIA_256_CBC: Camellia in CBC mode with 256-bit key s.
* @GNUTLS_CIPHER_RC2_40_CBC: RC2 in CBC mode with 40-bit keys. * @GNUTLS_CIPHER_RC2_40_CBC: RC2 in CBC mode with 40-bit keys.
* @GNUTLS_CIPHER_DES_CBC: DES in CBC mode (56-bit keys). * @GNUTLS_CIPHER_DES_CBC: DES in CBC mode (56-bit keys).
* @GNUTLS_CIPHER_AES_192_CBC: AES in CBC mode with 192-bit keys. * @GNUTLS_CIPHER_AES_128_GCM: AES in GCM mode with 128-bit keys.
* @GNUTLS_CIPHER_AES_256_GCM: AES in GCM mode with 256-bit keys.
* @GNUTLS_CIPHER_IDEA_PGP_CFB: IDEA in CFB mode. * @GNUTLS_CIPHER_IDEA_PGP_CFB: IDEA in CFB mode.
* @GNUTLS_CIPHER_3DES_PGP_CFB: 3DES in CFB mode. * @GNUTLS_CIPHER_3DES_PGP_CFB: 3DES in CFB mode.
* @GNUTLS_CIPHER_CAST5_PGP_CFB: CAST5 in CFB mode. * @GNUTLS_CIPHER_CAST5_PGP_CFB: CAST5 in CFB mode.
* @GNUTLS_CIPHER_BLOWFISH_PGP_CFB: Blowfish in CFB mode. * @GNUTLS_CIPHER_BLOWFISH_PGP_CFB: Blowfish in CFB mode.
* @GNUTLS_CIPHER_SAFER_SK128_PGP_CFB: Safer-SK in CFB mode with 128-bit keys. * @GNUTLS_CIPHER_SAFER_SK128_PGP_CFB: Safer-SK in CFB mode with 128-bit keys.
* @GNUTLS_CIPHER_AES128_PGP_CFB: AES in CFB mode with 128-bit keys. * @GNUTLS_CIPHER_AES128_PGP_CFB: AES in CFB mode with 128-bit keys.
* @GNUTLS_CIPHER_AES192_PGP_CFB: AES in CFB mode with 192-bit keys. * @GNUTLS_CIPHER_AES192_PGP_CFB: AES in CFB mode with 192-bit keys.
* @GNUTLS_CIPHER_AES256_PGP_CFB: AES in CFB mode with 256-bit keys. * @GNUTLS_CIPHER_AES256_PGP_CFB: AES in CFB mode with 256-bit keys.
* @GNUTLS_CIPHER_TWOFISH_PGP_CFB: Twofish in CFB mode. * @GNUTLS_CIPHER_TWOFISH_PGP_CFB: Twofish in CFB mode.
* *
skipping to change at line 108 skipping to change at line 107
GNUTLS_CIPHER_ARCFOUR_128 = 2, GNUTLS_CIPHER_ARCFOUR_128 = 2,
GNUTLS_CIPHER_3DES_CBC = 3, GNUTLS_CIPHER_3DES_CBC = 3,
GNUTLS_CIPHER_AES_128_CBC = 4, GNUTLS_CIPHER_AES_128_CBC = 4,
GNUTLS_CIPHER_AES_256_CBC = 5, GNUTLS_CIPHER_AES_256_CBC = 5,
GNUTLS_CIPHER_ARCFOUR_40 = 6, GNUTLS_CIPHER_ARCFOUR_40 = 6,
GNUTLS_CIPHER_CAMELLIA_128_CBC = 7, GNUTLS_CIPHER_CAMELLIA_128_CBC = 7,
GNUTLS_CIPHER_CAMELLIA_256_CBC = 8, GNUTLS_CIPHER_CAMELLIA_256_CBC = 8,
GNUTLS_CIPHER_RC2_40_CBC = 90, GNUTLS_CIPHER_RC2_40_CBC = 90,
GNUTLS_CIPHER_DES_CBC = 91, GNUTLS_CIPHER_DES_CBC = 91,
GNUTLS_CIPHER_AES_192_CBC = 92, GNUTLS_CIPHER_AES_192_CBC = 92,
GNUTLS_CIPHER_AES_128_GCM = 93,
GNUTLS_CIPHER_AES_256_GCM = 94,
/* used only for PGP internals. Ignored in TLS/SSL /* used only for PGP internals. Ignored in TLS/SSL
*/ */
GNUTLS_CIPHER_IDEA_PGP_CFB = 200, GNUTLS_CIPHER_IDEA_PGP_CFB = 200,
GNUTLS_CIPHER_3DES_PGP_CFB = 201, GNUTLS_CIPHER_3DES_PGP_CFB = 201,
GNUTLS_CIPHER_CAST5_PGP_CFB = 202, GNUTLS_CIPHER_CAST5_PGP_CFB = 202,
GNUTLS_CIPHER_BLOWFISH_PGP_CFB = 203, GNUTLS_CIPHER_BLOWFISH_PGP_CFB = 203,
GNUTLS_CIPHER_SAFER_SK128_PGP_CFB = 204, GNUTLS_CIPHER_SAFER_SK128_PGP_CFB = 204,
GNUTLS_CIPHER_AES128_PGP_CFB = 205, GNUTLS_CIPHER_AES128_PGP_CFB = 205,
GNUTLS_CIPHER_AES192_PGP_CFB = 206, GNUTLS_CIPHER_AES192_PGP_CFB = 206,
GNUTLS_CIPHER_AES256_PGP_CFB = 207, GNUTLS_CIPHER_AES256_PGP_CFB = 207,
GNUTLS_CIPHER_TWOFISH_PGP_CFB = 208 GNUTLS_CIPHER_TWOFISH_PGP_CFB = 208
} gnutls_cipher_algorithm_t; } gnutls_cipher_algorithm_t;
/** /**
* gnutls_kx_algorithm_t: * gnutls_kx_algorithm_t:
* @GNUTLS_KX_UNKNOWN: Unknown key-exchange algorithm. * @GNUTLS_KX_UNKNOWN: Unknown key-exchange algorithm.
* @GNUTLS_KX_RSA: RSA key-exchange algorithm. * @GNUTLS_KX_RSA: RSA key-exchange algorithm.
* @GNUTLS_KX_DHE_DSS: DHE-DSS key-exchange algorithm. * @GNUTLS_KX_DHE_DSS: DHE-DSS key-exchange algorithm.
* @GNUTLS_KX_DHE_RSA: DHE-RSA key-exchange algorithm. * @GNUTLS_KX_DHE_RSA: DHE-RSA key-exchange algorithm.
* @GNUTLS_KX_ECDHE_RSA: ECDHE-RSA key-exchange algorithm.
* @GNUTLS_KX_ECDHE_ECDSA: ECDHE-ECDSA key-exchange algorithm.
* @GNUTLS_KX_ANON_DH: Anon-DH key-exchange algorithm. * @GNUTLS_KX_ANON_DH: Anon-DH key-exchange algorithm.
* @GNUTLS_KX_ANON_ECDH: Anon-ECDH key-exchange algorithm.
* @GNUTLS_KX_SRP: SRP key-exchange algorithm. * @GNUTLS_KX_SRP: SRP key-exchange algorithm.
* @GNUTLS_KX_RSA_EXPORT: RSA-EXPORT key-exchange algorithm. * @GNUTLS_KX_RSA_EXPORT: RSA-EXPORT key-exchange algorithm.
* @GNUTLS_KX_SRP_RSA: SRP-RSA key-exchange algorithm. * @GNUTLS_KX_SRP_RSA: SRP-RSA key-exchange algorithm.
* @GNUTLS_KX_SRP_DSS: SRP-DSS key-exchange algorithm. * @GNUTLS_KX_SRP_DSS: SRP-DSS key-exchange algorithm.
* @GNUTLS_KX_PSK: PSK key-exchange algorithm. * @GNUTLS_KX_PSK: PSK key-exchange algorithm.
* @GNUTLS_KX_DHE_PSK: DHE-PSK key-exchange algorithm. * @GNUTLS_KX_DHE_PSK: DHE-PSK key-exchange algorithm.
* @GNUTLS_KX_ECDHE_PSK: ECDHE-PSK key-exchange algorithm.
* *
* Enumeration of different key exchange algorithms. * Enumeration of different key exchange algorithms.
*/ */
typedef enum typedef enum
{ {
GNUTLS_KX_UNKNOWN = 0, GNUTLS_KX_UNKNOWN = 0,
GNUTLS_KX_RSA = 1, GNUTLS_KX_RSA = 1,
GNUTLS_KX_DHE_DSS = 2, GNUTLS_KX_DHE_DSS = 2,
GNUTLS_KX_DHE_RSA = 3, GNUTLS_KX_DHE_RSA = 3,
GNUTLS_KX_ANON_DH = 4, GNUTLS_KX_ANON_DH = 4,
GNUTLS_KX_SRP = 5, GNUTLS_KX_SRP = 5,
GNUTLS_KX_RSA_EXPORT = 6, GNUTLS_KX_RSA_EXPORT = 6,
GNUTLS_KX_SRP_RSA = 7, GNUTLS_KX_SRP_RSA = 7,
GNUTLS_KX_SRP_DSS = 8, GNUTLS_KX_SRP_DSS = 8,
GNUTLS_KX_PSK = 9, GNUTLS_KX_PSK = 9,
GNUTLS_KX_DHE_PSK = 10 GNUTLS_KX_DHE_PSK = 10,
GNUTLS_KX_ANON_ECDH = 11,
GNUTLS_KX_ECDHE_RSA = 12,
GNUTLS_KX_ECDHE_ECDSA = 13,
GNUTLS_KX_ECDHE_PSK = 14,
} gnutls_kx_algorithm_t; } gnutls_kx_algorithm_t;
/** /**
* gnutls_params_type_t: * gnutls_params_type_t:
* @GNUTLS_PARAMS_RSA_EXPORT: Session RSA-EXPORT parameters. * @GNUTLS_PARAMS_RSA_EXPORT: Session RSA-EXPORT parameters.
* @GNUTLS_PARAMS_DH: Session Diffie-Hellman parameters. * @GNUTLS_PARAMS_DH: Session Diffie-Hellman parameters.
* @GNUTLS_PARAMS_ECDH: Session Elliptic-Curve Diffie-Hellman parameters.
* *
* Enumeration of different TLS session parameter types. * Enumeration of different TLS session parameter types.
*/ */
typedef enum typedef enum
{ {
GNUTLS_PARAMS_RSA_EXPORT = 1, GNUTLS_PARAMS_RSA_EXPORT = 1,
GNUTLS_PARAMS_DH = 2 GNUTLS_PARAMS_DH = 2,
GNUTLS_PARAMS_ECDH = 3,
} gnutls_params_type_t; } gnutls_params_type_t;
/** /**
* gnutls_credentials_type_t: * gnutls_credentials_type_t:
* @GNUTLS_CRD_CERTIFICATE: Certificate credential. * @GNUTLS_CRD_CERTIFICATE: Certificate credential.
* @GNUTLS_CRD_ANON: Anonymous credential. * @GNUTLS_CRD_ANON: Anonymous credential.
* @GNUTLS_CRD_SRP: SRP credential. * @GNUTLS_CRD_SRP: SRP credential.
* @GNUTLS_CRD_PSK: PSK credential. * @GNUTLS_CRD_PSK: PSK credential.
* @GNUTLS_CRD_IA: IA credential. * @GNUTLS_CRD_IA: IA credential.
* *
skipping to change at line 200 skipping to change at line 211
* @GNUTLS_MAC_UNKNOWN: Unknown MAC algorithm. * @GNUTLS_MAC_UNKNOWN: Unknown MAC algorithm.
* @GNUTLS_MAC_NULL: NULL MAC algorithm (empty output). * @GNUTLS_MAC_NULL: NULL MAC algorithm (empty output).
* @GNUTLS_MAC_MD5: HMAC-MD5 algorithm. * @GNUTLS_MAC_MD5: HMAC-MD5 algorithm.
* @GNUTLS_MAC_SHA1: HMAC-SHA-1 algorithm. * @GNUTLS_MAC_SHA1: HMAC-SHA-1 algorithm.
* @GNUTLS_MAC_RMD160: HMAC-RMD160 algorithm. * @GNUTLS_MAC_RMD160: HMAC-RMD160 algorithm.
* @GNUTLS_MAC_MD2: HMAC-MD2 algorithm. * @GNUTLS_MAC_MD2: HMAC-MD2 algorithm.
* @GNUTLS_MAC_SHA256: HMAC-SHA-256 algorithm. * @GNUTLS_MAC_SHA256: HMAC-SHA-256 algorithm.
* @GNUTLS_MAC_SHA384: HMAC-SHA-384 algorithm. * @GNUTLS_MAC_SHA384: HMAC-SHA-384 algorithm.
* @GNUTLS_MAC_SHA512: HMAC-SHA-512 algorithm. * @GNUTLS_MAC_SHA512: HMAC-SHA-512 algorithm.
* @GNUTLS_MAC_SHA224: HMAC-SHA-224 algorithm. * @GNUTLS_MAC_SHA224: HMAC-SHA-224 algorithm.
* @GNUTLS_MAC_AEAD: MAC implicit through AEAD cipher.
* *
* Enumeration of different Message Authentication Code (MAC) * Enumeration of different Message Authentication Code (MAC)
* algorithms. * algorithms.
*/ */
typedef enum typedef enum
{ {
GNUTLS_MAC_UNKNOWN = 0, GNUTLS_MAC_UNKNOWN = 0,
GNUTLS_MAC_NULL = 1, GNUTLS_MAC_NULL = 1,
GNUTLS_MAC_MD5 = 2, GNUTLS_MAC_MD5 = 2,
GNUTLS_MAC_SHA1 = 3, GNUTLS_MAC_SHA1 = 3,
GNUTLS_MAC_RMD160 = 4, GNUTLS_MAC_RMD160 = 4,
GNUTLS_MAC_MD2 = 5, GNUTLS_MAC_MD2 = 5,
GNUTLS_MAC_SHA256 = 6, GNUTLS_MAC_SHA256 = 6,
GNUTLS_MAC_SHA384 = 7, GNUTLS_MAC_SHA384 = 7,
GNUTLS_MAC_SHA512 = 8, GNUTLS_MAC_SHA512 = 8,
GNUTLS_MAC_SHA224 = 9 GNUTLS_MAC_SHA224 = 9,
/* If you add anything here, make sure you align with /* If you add anything here, make sure you align with
gnutls_digest_algorithm_t. */ gnutls_digest_algorithm_t. */
GNUTLS_MAC_AEAD = 200 /* indicates that MAC is on the cipher */
} gnutls_mac_algorithm_t; } gnutls_mac_algorithm_t;
/** /**
* gnutls_digest_algorithm_t: * gnutls_digest_algorithm_t:
* @GNUTLS_DIG_UNKNOWN: Unknown hash algorithm. * @GNUTLS_DIG_UNKNOWN: Unknown hash algorithm.
* @GNUTLS_DIG_NULL: NULL hash algorithm (empty output). * @GNUTLS_DIG_NULL: NULL hash algorithm (empty output).
* @GNUTLS_DIG_MD5: MD5 algorithm. * @GNUTLS_DIG_MD5: MD5 algorithm.
* @GNUTLS_DIG_SHA1: SHA-1 algorithm. * @GNUTLS_DIG_SHA1: SHA-1 algorithm.
* @GNUTLS_DIG_RMD160: RMD160 algorithm. * @GNUTLS_DIG_RMD160: RMD160 algorithm.
* @GNUTLS_DIG_MD2: MD2 algorithm. * @GNUTLS_DIG_MD2: MD2 algorithm.
skipping to change at line 254 skipping to change at line 267
GNUTLS_DIG_SHA384 = GNUTLS_MAC_SHA384, GNUTLS_DIG_SHA384 = GNUTLS_MAC_SHA384,
GNUTLS_DIG_SHA512 = GNUTLS_MAC_SHA512, GNUTLS_DIG_SHA512 = GNUTLS_MAC_SHA512,
GNUTLS_DIG_SHA224 = GNUTLS_MAC_SHA224 GNUTLS_DIG_SHA224 = GNUTLS_MAC_SHA224
/* If you add anything here, make sure you align with /* If you add anything here, make sure you align with
gnutls_mac_algorithm_t. */ gnutls_mac_algorithm_t. */
} gnutls_digest_algorithm_t; } gnutls_digest_algorithm_t;
/* exported for other gnutls headers. This is the maximum number of /* exported for other gnutls headers. This is the maximum number of
* algorithms (ciphers, kx or macs). * algorithms (ciphers, kx or macs).
*/ */
#define GNUTLS_MAX_ALGORITHM_NUM 16 #define GNUTLS_MAX_ALGORITHM_NUM 32
/** /**
* gnutls_compression_method_t: * gnutls_compression_method_t:
* @GNUTLS_COMP_UNKNOWN: Unknown compression method. * @GNUTLS_COMP_UNKNOWN: Unknown compression method.
* @GNUTLS_COMP_NULL: The NULL compression method (uncompressed). * @GNUTLS_COMP_NULL: The NULL compression method (uncompressed).
* @GNUTLS_COMP_DEFLATE: The deflate/zlib compression method. * @GNUTLS_COMP_DEFLATE: The deflate/zlib compression method.
* @GNUTLS_COMP_ZLIB: Same as %GNUTLS_COMP_DEFLATE. * @GNUTLS_COMP_ZLIB: Same as %GNUTLS_COMP_DEFLATE.
* @GNUTLS_COMP_LZO: The non-standard LZO compression method.
* *
* Enumeration of different TLS compression methods. * Enumeration of different TLS compression methods.
*/ */
typedef enum typedef enum
{ {
GNUTLS_COMP_UNKNOWN = 0, GNUTLS_COMP_UNKNOWN = 0,
GNUTLS_COMP_NULL = 1, GNUTLS_COMP_NULL = 1,
GNUTLS_COMP_DEFLATE = 2, GNUTLS_COMP_DEFLATE = 2,
GNUTLS_COMP_ZLIB = GNUTLS_COMP_DEFLATE, GNUTLS_COMP_ZLIB = GNUTLS_COMP_DEFLATE,
GNUTLS_COMP_LZO = 3 /* only available if gnutls-extra has
been initialized
*/
} gnutls_compression_method_t; } gnutls_compression_method_t;
/** /*
* gnutls_connection_end_t: * Flags for gnutls_init()
*
* @GNUTLS_SERVER: Connection end is a server. * @GNUTLS_SERVER: Connection end is a server.
* @GNUTLS_CLIENT: Connection end is a client. * @GNUTLS_CLIENT: Connection end is a client.
* @GNUTLS_DATAGRAM: Connection is datagram oriented (DTLS).
* @GNUTLS_NONBLOCK: Connection should not block (DTLS).
* *
* Enumeration of different TLS connection end types. * Enumeration of different TLS connection end types.
*/ */
typedef enum #define GNUTLS_SERVER 1
{ #define GNUTLS_CLIENT (1<<1)
GNUTLS_SERVER = 1, #define GNUTLS_DATAGRAM (1<<2)
GNUTLS_CLIENT #define GNUTLS_NONBLOCK (1<<3)
} gnutls_connection_end_t;
/** /**
* gnutls_alert_level_t: * gnutls_alert_level_t:
* @GNUTLS_AL_WARNING: Alert of warning severity. * @GNUTLS_AL_WARNING: Alert of warning severity.
* @GNUTLS_AL_FATAL: Alert of fatal severity. * @GNUTLS_AL_FATAL: Alert of fatal severity.
* *
* Enumeration of different TLS alert severities. * Enumeration of different TLS alert severities.
*/ */
typedef enum typedef enum
{ {
skipping to change at line 337 skipping to change at line 348
* @GNUTLS_A_INTERNAL_ERROR: Internal error. * @GNUTLS_A_INTERNAL_ERROR: Internal error.
* @GNUTLS_A_NO_RENEGOTIATION: No renegotiation is allowed. * @GNUTLS_A_NO_RENEGOTIATION: No renegotiation is allowed.
* @GNUTLS_A_CERTIFICATE_UNOBTAINABLE: Could not retrieve the * @GNUTLS_A_CERTIFICATE_UNOBTAINABLE: Could not retrieve the
* specified certificate. * specified certificate.
* @GNUTLS_A_UNSUPPORTED_EXTENSION: An unsupported extension was * @GNUTLS_A_UNSUPPORTED_EXTENSION: An unsupported extension was
* sent. * sent.
* @GNUTLS_A_UNRECOGNIZED_NAME: The server name sent was not * @GNUTLS_A_UNRECOGNIZED_NAME: The server name sent was not
* recognized. * recognized.
* @GNUTLS_A_UNKNOWN_PSK_IDENTITY: The SRP/PSK username is missing * @GNUTLS_A_UNKNOWN_PSK_IDENTITY: The SRP/PSK username is missing
* or not known. * or not known.
* @GNUTLS_A_INNER_APPLICATION_FAILURE: Inner application
* negotiation failed.
* @GNUTLS_A_INNER_APPLICATION_VERIFICATION: Inner application
* verification failed.
* *
* Enumeration of different TLS alerts. * Enumeration of different TLS alerts.
*/ */
typedef enum typedef enum
{ {
GNUTLS_A_CLOSE_NOTIFY, GNUTLS_A_CLOSE_NOTIFY,
GNUTLS_A_UNEXPECTED_MESSAGE = 10, GNUTLS_A_UNEXPECTED_MESSAGE = 10,
GNUTLS_A_BAD_RECORD_MAC = 20, GNUTLS_A_BAD_RECORD_MAC = 20,
GNUTLS_A_DECRYPTION_FAILED, GNUTLS_A_DECRYPTION_FAILED,
GNUTLS_A_RECORD_OVERFLOW, GNUTLS_A_RECORD_OVERFLOW,
skipping to change at line 374 skipping to change at line 381
GNUTLS_A_EXPORT_RESTRICTION = 60, GNUTLS_A_EXPORT_RESTRICTION = 60,
GNUTLS_A_PROTOCOL_VERSION = 70, GNUTLS_A_PROTOCOL_VERSION = 70,
GNUTLS_A_INSUFFICIENT_SECURITY, GNUTLS_A_INSUFFICIENT_SECURITY,
GNUTLS_A_INTERNAL_ERROR = 80, GNUTLS_A_INTERNAL_ERROR = 80,
GNUTLS_A_USER_CANCELED = 90, GNUTLS_A_USER_CANCELED = 90,
GNUTLS_A_NO_RENEGOTIATION = 100, GNUTLS_A_NO_RENEGOTIATION = 100,
GNUTLS_A_UNSUPPORTED_EXTENSION = 110, GNUTLS_A_UNSUPPORTED_EXTENSION = 110,
GNUTLS_A_CERTIFICATE_UNOBTAINABLE = 111, GNUTLS_A_CERTIFICATE_UNOBTAINABLE = 111,
GNUTLS_A_UNRECOGNIZED_NAME = 112, GNUTLS_A_UNRECOGNIZED_NAME = 112,
GNUTLS_A_UNKNOWN_PSK_IDENTITY = 115, GNUTLS_A_UNKNOWN_PSK_IDENTITY = 115,
GNUTLS_A_INNER_APPLICATION_FAILURE = 208,
GNUTLS_A_INNER_APPLICATION_VERIFICATION = 209
} gnutls_alert_description_t; } gnutls_alert_description_t;
/** /**
* gnutls_handshake_description_t: * gnutls_handshake_description_t:
* @GNUTLS_HANDSHAKE_HELLO_REQUEST: Hello request. * @GNUTLS_HANDSHAKE_HELLO_REQUEST: Hello request.
* @GNUTLS_HANDSHAKE_HELLO_VERIFY_REQUEST: DTLS Hello verify request.
* @GNUTLS_HANDSHAKE_CLIENT_HELLO: Client hello. * @GNUTLS_HANDSHAKE_CLIENT_HELLO: Client hello.
* @GNUTLS_HANDSHAKE_SERVER_HELLO: Server hello. * @GNUTLS_HANDSHAKE_SERVER_HELLO: Server hello.
* @GNUTLS_HANDSHAKE_NEW_SESSION_TICKET: New session ticket. * @GNUTLS_HANDSHAKE_NEW_SESSION_TICKET: New session ticket.
* @GNUTLS_HANDSHAKE_CERTIFICATE_PKT: Certificate packet. * @GNUTLS_HANDSHAKE_CERTIFICATE_PKT: Certificate packet.
* @GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE: Server key exchange. * @GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE: Server key exchange.
* @GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST: Certificate request. * @GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST: Certificate request.
* @GNUTLS_HANDSHAKE_SERVER_HELLO_DONE: Server hello done. * @GNUTLS_HANDSHAKE_SERVER_HELLO_DONE: Server hello done.
* @GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY: Certificate verify. * @GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY: Certificate verify.
* @GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE: Client key exchange. * @GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE: Client key exchange.
* @GNUTLS_HANDSHAKE_FINISHED: Finished. * @GNUTLS_HANDSHAKE_FINISHED: Finished.
* @GNUTLS_HANDSHAKE_SUPPLEMENTAL: Supplemental. * @GNUTLS_HANDSHAKE_SUPPLEMENTAL: Supplemental.
* @GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC: Change Cipher Spec
* @GNUTLS_HANDSHAKE_CLIENT_HELLO_V2: SSLv2 Client Hello.
* *
* Enumeration of different TLS handshake packets. * Enumeration of different TLS handshake packets.
*/ */
typedef enum typedef enum
{ {
GNUTLS_HANDSHAKE_HELLO_REQUEST = 0, GNUTLS_HANDSHAKE_HELLO_REQUEST = 0,
GNUTLS_HANDSHAKE_CLIENT_HELLO = 1, GNUTLS_HANDSHAKE_CLIENT_HELLO = 1,
GNUTLS_HANDSHAKE_SERVER_HELLO = 2, GNUTLS_HANDSHAKE_SERVER_HELLO = 2,
GNUTLS_HANDSHAKE_HELLO_VERIFY_REQUEST = 3,
GNUTLS_HANDSHAKE_NEW_SESSION_TICKET = 4, GNUTLS_HANDSHAKE_NEW_SESSION_TICKET = 4,
GNUTLS_HANDSHAKE_CERTIFICATE_PKT = 11, GNUTLS_HANDSHAKE_CERTIFICATE_PKT = 11,
GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE = 12, GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE = 12,
GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST = 13, GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST = 13,
GNUTLS_HANDSHAKE_SERVER_HELLO_DONE = 14, GNUTLS_HANDSHAKE_SERVER_HELLO_DONE = 14,
GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY = 15, GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY = 15,
GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE = 16, GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE = 16,
GNUTLS_HANDSHAKE_FINISHED = 20, GNUTLS_HANDSHAKE_FINISHED = 20,
GNUTLS_HANDSHAKE_SUPPLEMENTAL = 23 GNUTLS_HANDSHAKE_SUPPLEMENTAL = 23,
GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC = 254,
GNUTLS_HANDSHAKE_CLIENT_HELLO_V2 = 1024,
} gnutls_handshake_description_t; } gnutls_handshake_description_t;
/** /**
* gnutls_certificate_status_t: * gnutls_certificate_status_t:
* @GNUTLS_CERT_INVALID: Will be set if the certificate was not * @GNUTLS_CERT_INVALID: Will be set if the certificate was not
* verified. * verified.
* @GNUTLS_CERT_REVOKED: Certificate revoked. In X.509 this will be * @GNUTLS_CERT_REVOKED: Certificate revoked. In X.509 this will be
* set only if CRLs are checked. * set only if CRLs are checked.
* @GNUTLS_CERT_SIGNER_NOT_FOUND: Certificate not verified. Signer * @GNUTLS_CERT_SIGNER_NOT_FOUND: Certificate not verified. Signer
* not found. * not found.
skipping to change at line 489 skipping to change at line 500
GNUTLS_SHUT_WR = 1 GNUTLS_SHUT_WR = 1
} gnutls_close_request_t; } gnutls_close_request_t;
/** /**
* gnutls_protocol_t: * gnutls_protocol_t:
* @GNUTLS_SSL3: SSL version 3.0. * @GNUTLS_SSL3: SSL version 3.0.
* @GNUTLS_TLS1_0: TLS version 1.0. * @GNUTLS_TLS1_0: TLS version 1.0.
* @GNUTLS_TLS1: Same as %GNUTLS_TLS1_0. * @GNUTLS_TLS1: Same as %GNUTLS_TLS1_0.
* @GNUTLS_TLS1_1: TLS version 1.1. * @GNUTLS_TLS1_1: TLS version 1.1.
* @GNUTLS_TLS1_2: TLS version 1.2. * @GNUTLS_TLS1_2: TLS version 1.2.
* @GNUTLS_DTLS1_0: DTLS version 1.0.
* @GNUTLS_VERSION_MAX: Maps to the highest supported TLS version. * @GNUTLS_VERSION_MAX: Maps to the highest supported TLS version.
* @GNUTLS_VERSION_UNKNOWN: Unknown SSL/TLS version. * @GNUTLS_VERSION_UNKNOWN: Unknown SSL/TLS version.
* *
* Enumeration of different SSL/TLS protocol versions. * Enumeration of different SSL/TLS protocol versions.
*/ */
typedef enum typedef enum
{ {
GNUTLS_SSL3 = 1, GNUTLS_SSL3 = 1,
GNUTLS_TLS1_0 = 2, GNUTLS_TLS1_0 = 2,
GNUTLS_TLS1 = GNUTLS_TLS1_0, GNUTLS_TLS1 = GNUTLS_TLS1_0,
GNUTLS_TLS1_1 = 3, GNUTLS_TLS1_1 = 3,
GNUTLS_TLS1_2 = 4, GNUTLS_TLS1_2 = 4,
GNUTLS_VERSION_MAX = GNUTLS_TLS1_2, GNUTLS_DTLS1_0 = 5,
GNUTLS_VERSION_MAX = GNUTLS_DTLS1_0,
GNUTLS_VERSION_UNKNOWN = 0xff GNUTLS_VERSION_UNKNOWN = 0xff
} gnutls_protocol_t; } gnutls_protocol_t;
/** /**
* gnutls_certificate_type_t: * gnutls_certificate_type_t:
* @GNUTLS_CRT_UNKNOWN: Unknown certificate type. * @GNUTLS_CRT_UNKNOWN: Unknown certificate type.
* @GNUTLS_CRT_X509: X.509 Certificate. * @GNUTLS_CRT_X509: X.509 Certificate.
* @GNUTLS_CRT_OPENPGP: OpenPGP certificate. * @GNUTLS_CRT_OPENPGP: OpenPGP certificate.
* *
* Enumeration of different certificate types. * Enumeration of different certificate types.
skipping to change at line 554 skipping to change at line 567
GNUTLS_CRT_PRINT_ONELINE = 1, GNUTLS_CRT_PRINT_ONELINE = 1,
GNUTLS_CRT_PRINT_UNSIGNED_FULL = 2 GNUTLS_CRT_PRINT_UNSIGNED_FULL = 2
} gnutls_certificate_print_formats_t; } gnutls_certificate_print_formats_t;
/** /**
* gnutls_pk_algorithm_t: * gnutls_pk_algorithm_t:
* @GNUTLS_PK_UNKNOWN: Unknown public-key algorithm. * @GNUTLS_PK_UNKNOWN: Unknown public-key algorithm.
* @GNUTLS_PK_RSA: RSA public-key algorithm. * @GNUTLS_PK_RSA: RSA public-key algorithm.
* @GNUTLS_PK_DSA: DSA public-key algorithm. * @GNUTLS_PK_DSA: DSA public-key algorithm.
* @GNUTLS_PK_DH: Diffie-Hellman algorithm. Used to generate parameters. * @GNUTLS_PK_DH: Diffie-Hellman algorithm. Used to generate parameters.
* @GNUTLS_PK_ECC: Elliptic curve algorithm. Used to generate parameters.
* *
* Enumeration of different public-key algorithms. * Enumeration of different public-key algorithms.
*/ */
typedef enum typedef enum
{ {
GNUTLS_PK_UNKNOWN = 0, GNUTLS_PK_UNKNOWN = 0,
GNUTLS_PK_RSA = 1, GNUTLS_PK_RSA = 1,
GNUTLS_PK_DSA = 2, GNUTLS_PK_DSA = 2,
GNUTLS_PK_DH = 3 GNUTLS_PK_DH = 3,
GNUTLS_PK_ECC = 4,
} gnutls_pk_algorithm_t; } gnutls_pk_algorithm_t;
const char *gnutls_pk_algorithm_get_name (gnutls_pk_algorithm_t algorithm ); const char *gnutls_pk_algorithm_get_name (gnutls_pk_algorithm_t algorithm );
/** /**
* gnutls_sign_algorithm_t: * gnutls_sign_algorithm_t:
* @GNUTLS_SIGN_UNKNOWN: Unknown signature algorithm. * @GNUTLS_SIGN_UNKNOWN: Unknown signature algorithm.
* @GNUTLS_SIGN_RSA_SHA1: Digital signature algorithm RSA with SHA-1 * @GNUTLS_SIGN_RSA_SHA1: Digital signature algorithm RSA with SHA-1
* @GNUTLS_SIGN_RSA_SHA: Same as %GNUTLS_SIGN_RSA_SHA1. * @GNUTLS_SIGN_RSA_SHA: Same as %GNUTLS_SIGN_RSA_SHA1.
* @GNUTLS_SIGN_DSA_SHA1: Digital signature algorithm DSA with SHA-1 * @GNUTLS_SIGN_DSA_SHA1: Digital signature algorithm DSA with SHA-1
* @GNUTLS_SIGN_DSA_SHA224: Digital signature algorithm DSA with SHA-224 * @GNUTLS_SIGN_DSA_SHA224: Digital signature algorithm DSA with SHA-224
* @GNUTLS_SIGN_DSA_SHA256: Digital signature algorithm DSA with SHA-256 * @GNUTLS_SIGN_DSA_SHA256: Digital signature algorithm DSA with SHA-256
* @GNUTLS_SIGN_DSA_SHA: Same as %GNUTLS_SIGN_DSA_SHA1. * @GNUTLS_SIGN_DSA_SHA: Same as %GNUTLS_SIGN_DSA_SHA1.
* @GNUTLS_SIGN_RSA_MD5: Digital signature algorithm RSA with MD5. * @GNUTLS_SIGN_RSA_MD5: Digital signature algorithm RSA with MD5.
* @GNUTLS_SIGN_RSA_MD2: Digital signature algorithm RSA with MD2. * @GNUTLS_SIGN_RSA_MD2: Digital signature algorithm RSA with MD2.
* @GNUTLS_SIGN_RSA_RMD160: Digital signature algorithm RSA with RMD-160. * @GNUTLS_SIGN_RSA_RMD160: Digital signature algorithm RSA with RMD-160.
* @GNUTLS_SIGN_RSA_SHA256: Digital signature algorithm RSA with SHA-256. * @GNUTLS_SIGN_RSA_SHA256: Digital signature algorithm RSA with SHA-256.
* @GNUTLS_SIGN_RSA_SHA384: Digital signature algorithm RSA with SHA-384. * @GNUTLS_SIGN_RSA_SHA384: Digital signature algorithm RSA with SHA-384.
* @GNUTLS_SIGN_RSA_SHA512: Digital signature algorithm RSA with SHA-512. * @GNUTLS_SIGN_RSA_SHA512: Digital signature algorithm RSA with SHA-512.
* @GNUTLS_SIGN_RSA_SHA224: Digital signature algorithm RSA with SHA-224. * @GNUTLS_SIGN_RSA_SHA224: Digital signature algorithm RSA with SHA-224.
* @GNUTLS_SIGN_ECDSA_SHA1: ECDSA with SHA1.
* @GNUTLS_SIGN_ECDSA_SHA256: Digital signature algorithm ECDSA with SHA-
256.
* @GNUTLS_SIGN_ECDSA_SHA384: Digital signature algorithm ECDSA with SHA-
384.
* @GNUTLS_SIGN_ECDSA_SHA512: Digital signature algorithm ECDSA with SHA-
512.
* @GNUTLS_SIGN_ECDSA_SHA224: Digital signature algorithm ECDSA with SHA-
224.
* *
* Enumeration of different digital signature algorithms. * Enumeration of different digital signature algorithms.
*/ */
typedef enum typedef enum
{ {
GNUTLS_SIGN_UNKNOWN = 0, GNUTLS_SIGN_UNKNOWN = 0,
GNUTLS_SIGN_RSA_SHA1 = 1, GNUTLS_SIGN_RSA_SHA1 = 1,
GNUTLS_SIGN_RSA_SHA = GNUTLS_SIGN_RSA_SHA1, GNUTLS_SIGN_RSA_SHA = GNUTLS_SIGN_RSA_SHA1,
GNUTLS_SIGN_DSA_SHA1 = 2, GNUTLS_SIGN_DSA_SHA1 = 2,
GNUTLS_SIGN_DSA_SHA = GNUTLS_SIGN_DSA_SHA1, GNUTLS_SIGN_DSA_SHA = GNUTLS_SIGN_DSA_SHA1,
GNUTLS_SIGN_RSA_MD5 = 3, GNUTLS_SIGN_RSA_MD5 = 3,
GNUTLS_SIGN_RSA_MD2 = 4, GNUTLS_SIGN_RSA_MD2 = 4,
GNUTLS_SIGN_RSA_RMD160 = 5, GNUTLS_SIGN_RSA_RMD160 = 5,
GNUTLS_SIGN_RSA_SHA256 = 6, GNUTLS_SIGN_RSA_SHA256 = 6,
GNUTLS_SIGN_RSA_SHA384 = 7, GNUTLS_SIGN_RSA_SHA384 = 7,
GNUTLS_SIGN_RSA_SHA512 = 8, GNUTLS_SIGN_RSA_SHA512 = 8,
GNUTLS_SIGN_RSA_SHA224 = 9, GNUTLS_SIGN_RSA_SHA224 = 9,
GNUTLS_SIGN_DSA_SHA224 = 10, GNUTLS_SIGN_DSA_SHA224 = 10,
GNUTLS_SIGN_DSA_SHA256 = 11 GNUTLS_SIGN_DSA_SHA256 = 11,
GNUTLS_SIGN_ECDSA_SHA1 = 12,
GNUTLS_SIGN_ECDSA_SHA224 = 13,
GNUTLS_SIGN_ECDSA_SHA256 = 14,
GNUTLS_SIGN_ECDSA_SHA384 = 15,
GNUTLS_SIGN_ECDSA_SHA512 = 16,
} gnutls_sign_algorithm_t; } gnutls_sign_algorithm_t;
const char *gnutls_sign_algorithm_get_name (gnutls_sign_algorithm_t sign) /**
; * gnutls_ecc_curve_t:
* @GNUTLS_ECC_CURVE_INVALID: Cannot be known
* @GNUTLS_ECC_CURVE_SECP224R1: the SECP224R1 curve
* @GNUTLS_ECC_CURVE_SECP256R1: the SECP256R1 curve
* @GNUTLS_ECC_CURVE_SECP384R1: the SECP384R1 curve
* @GNUTLS_ECC_CURVE_SECP521R1: the SECP521R1 curve
*
* Enumeration of ECC curves.
*/
typedef enum
{
GNUTLS_ECC_CURVE_INVALID=0,
GNUTLS_ECC_CURVE_SECP224R1,
GNUTLS_ECC_CURVE_SECP256R1,
GNUTLS_ECC_CURVE_SECP384R1,
GNUTLS_ECC_CURVE_SECP521R1,
} gnutls_ecc_curve_t;
/** /**
* gnutls_sec_param_t: * gnutls_sec_param_t:
* @GNUTLS_SEC_PARAM_UNKNOWN: Cannot be known * @GNUTLS_SEC_PARAM_UNKNOWN: Cannot be known
* @GNUTLS_SEC_PARAM_WEAK: 50 or less bits of security * @GNUTLS_SEC_PARAM_WEAK: 50 or less bits of security
* @GNUTLS_SEC_PARAM_LOW: 80 bits of security * @GNUTLS_SEC_PARAM_LOW: 80 bits of security
* @GNUTLS_SEC_PARAM_NORMAL: 112 bits of security * @GNUTLS_SEC_PARAM_NORMAL: 112 bits of security
* @GNUTLS_SEC_PARAM_HIGH: 128 bits of security * @GNUTLS_SEC_PARAM_HIGH: 128 bits of security
* @GNUTLS_SEC_PARAM_ULTRA: 192 bits of security * @GNUTLS_SEC_PARAM_ULTRA: 192 bits of security
* *
skipping to change at line 649 skipping to change at line 691
* gnutls_int.h, and recompile. * gnutls_int.h, and recompile.
*/ */
typedef void *gnutls_transport_ptr_t; typedef void *gnutls_transport_ptr_t;
struct gnutls_session_int; struct gnutls_session_int;
typedef struct gnutls_session_int *gnutls_session_t; typedef struct gnutls_session_int *gnutls_session_t;
struct gnutls_dh_params_int; struct gnutls_dh_params_int;
typedef struct gnutls_dh_params_int *gnutls_dh_params_t; typedef struct gnutls_dh_params_int *gnutls_dh_params_t;
struct gnutls_ecdh_params_int;
typedef struct gnutls_ecdh_params_int *gnutls_ecdh_params_t;
/* XXX ugly. */ /* XXX ugly. */
struct gnutls_x509_privkey_int; struct gnutls_x509_privkey_int;
typedef struct gnutls_x509_privkey_int *gnutls_rsa_params_t; typedef struct gnutls_x509_privkey_int *gnutls_rsa_params_t;
struct gnutls_priority_st; struct gnutls_priority_st;
typedef struct gnutls_priority_st *gnutls_priority_t; typedef struct gnutls_priority_st *gnutls_priority_t;
typedef struct typedef struct
{ {
unsigned char *data; unsigned char *data;
unsigned int size; unsigned int size;
} gnutls_datum_t; } gnutls_datum_t;
typedef struct gnutls_params_st typedef struct gnutls_params_st
{ {
gnutls_params_type_t type; gnutls_params_type_t type;
union params union params
{ {
gnutls_dh_params_t dh; gnutls_dh_params_t dh;
gnutls_ecdh_params_t ecdh;
gnutls_rsa_params_t rsa_export; gnutls_rsa_params_t rsa_export;
} params; } params;
int deinit; int deinit;
} gnutls_params_st; } gnutls_params_st;
typedef int gnutls_params_function (gnutls_session_t, gnutls_params_type_ t, typedef int gnutls_params_function (gnutls_session_t, gnutls_params_type_ t,
gnutls_params_st *); gnutls_params_st *);
/* internal functions */ /* internal functions */
int gnutls_init (gnutls_session_t * session, int gnutls_init (gnutls_session_t * session,
gnutls_connection_end_t con_end); unsigned int flags);
void gnutls_deinit (gnutls_session_t session); void gnutls_deinit (gnutls_session_t session);
#define _gnutls_deinit(x) gnutls_deinit(x) #define _gnutls_deinit(x) gnutls_deinit(x)
int gnutls_bye (gnutls_session_t session, gnutls_close_request_t how); int gnutls_bye (gnutls_session_t session, gnutls_close_request_t how);
int gnutls_handshake (gnutls_session_t session); int gnutls_handshake (gnutls_session_t session);
int gnutls_rehandshake (gnutls_session_t session); int gnutls_rehandshake (gnutls_session_t session);
gnutls_alert_description_t gnutls_alert_get (gnutls_session_t session); gnutls_alert_description_t gnutls_alert_get (gnutls_session_t session);
int gnutls_alert_send (gnutls_session_t session, int gnutls_alert_send (gnutls_session_t session,
gnutls_alert_level_t level, gnutls_alert_level_t level,
gnutls_alert_description_t desc); gnutls_alert_description_t desc);
int gnutls_alert_send_appropriate (gnutls_session_t session, int err); int gnutls_alert_send_appropriate (gnutls_session_t session, int err);
const char *gnutls_alert_get_name (gnutls_alert_description_t alert); const char *gnutls_alert_get_name (gnutls_alert_description_t alert);
const char * gnutls_alert_get_strname (gnutls_alert_description_t alert);
gnutls_sec_param_t gnutls_pk_bits_to_sec_param (gnutls_pk_algorithm_t alg o, gnutls_sec_param_t gnutls_pk_bits_to_sec_param (gnutls_pk_algorithm_t alg o,
unsigned int bits); unsigned int bits);
const char *gnutls_sec_param_get_name (gnutls_sec_param_t param); const char *gnutls_sec_param_get_name (gnutls_sec_param_t param);
unsigned int gnutls_sec_param_to_pk_bits (gnutls_pk_algorithm_t algo, unsigned int gnutls_sec_param_to_pk_bits (gnutls_pk_algorithm_t algo,
gnutls_sec_param_t param); gnutls_sec_param_t param);
/* Elliptic curves */
const char * gnutls_ecc_curve_get_name (gnutls_ecc_curve_t curve);
int gnutls_ecc_curve_get_size (gnutls_ecc_curve_t curve);
gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t session);
/* get information on the current session */ /* get information on the current session */
gnutls_cipher_algorithm_t gnutls_cipher_get (gnutls_session_t session); gnutls_cipher_algorithm_t gnutls_cipher_get (gnutls_session_t session);
gnutls_kx_algorithm_t gnutls_kx_get (gnutls_session_t session); gnutls_kx_algorithm_t gnutls_kx_get (gnutls_session_t session);
gnutls_mac_algorithm_t gnutls_mac_get (gnutls_session_t session); gnutls_mac_algorithm_t gnutls_mac_get (gnutls_session_t session);
gnutls_compression_method_t gnutls_compression_method_t
gnutls_compression_get (gnutls_session_t session); gnutls_compression_get (gnutls_session_t session);
gnutls_certificate_type_t gnutls_certificate_type_t
gnutls_certificate_type_get (gnutls_session_t session); gnutls_certificate_type_get (gnutls_session_t session);
int gnutls_sign_algorithm_get_requested (gnutls_session_t session, int gnutls_sign_algorithm_get_requested (gnutls_session_t session,
size_t indx, size_t indx,
skipping to change at line 726 skipping to change at line 778
/* the name of the specified algorithms */ /* the name of the specified algorithms */
const char *gnutls_cipher_get_name (gnutls_cipher_algorithm_t algorithm); const char *gnutls_cipher_get_name (gnutls_cipher_algorithm_t algorithm);
const char *gnutls_mac_get_name (gnutls_mac_algorithm_t algorithm); const char *gnutls_mac_get_name (gnutls_mac_algorithm_t algorithm);
const char *gnutls_compression_get_name (gnutls_compression_method_t const char *gnutls_compression_get_name (gnutls_compression_method_t
algorithm); algorithm);
const char *gnutls_kx_get_name (gnutls_kx_algorithm_t algorithm); const char *gnutls_kx_get_name (gnutls_kx_algorithm_t algorithm);
const char *gnutls_certificate_type_get_name (gnutls_certificate_type_t const char *gnutls_certificate_type_get_name (gnutls_certificate_type_t
type); type);
const char *gnutls_pk_get_name (gnutls_pk_algorithm_t algorithm); const char *gnutls_pk_get_name (gnutls_pk_algorithm_t algorithm);
const char *gnutls_sign_get_name (gnutls_sign_algorithm_t algorithm); const char *gnutls_sign_get_name (gnutls_sign_algorithm_t algorithm);
#define gnutls_sign_algorithm_get_name gnutls_sign_get_name
gnutls_mac_algorithm_t gnutls_mac_get_id (const char *name); gnutls_mac_algorithm_t gnutls_mac_get_id (const char *name);
gnutls_compression_method_t gnutls_compression_get_id (const char *name); gnutls_compression_method_t gnutls_compression_get_id (const char *name);
gnutls_cipher_algorithm_t gnutls_cipher_get_id (const char *name); gnutls_cipher_algorithm_t gnutls_cipher_get_id (const char *name);
gnutls_kx_algorithm_t gnutls_kx_get_id (const char *name); gnutls_kx_algorithm_t gnutls_kx_get_id (const char *name);
gnutls_protocol_t gnutls_protocol_get_id (const char *name); gnutls_protocol_t gnutls_protocol_get_id (const char *name);
gnutls_certificate_type_t gnutls_certificate_type_get_id (const char *nam e); gnutls_certificate_type_t gnutls_certificate_type_get_id (const char *nam e);
gnutls_pk_algorithm_t gnutls_pk_get_id (const char *name); gnutls_pk_algorithm_t gnutls_pk_get_id (const char *name);
gnutls_sign_algorithm_t gnutls_sign_get_id (const char *name); gnutls_sign_algorithm_t gnutls_sign_get_id (const char *name);
skipping to change at line 750 skipping to change at line 803
const gnutls_protocol_t *gnutls_protocol_list (void); const gnutls_protocol_t *gnutls_protocol_list (void);
const gnutls_certificate_type_t *gnutls_certificate_type_list (void); const gnutls_certificate_type_t *gnutls_certificate_type_list (void);
const gnutls_kx_algorithm_t *gnutls_kx_list (void); const gnutls_kx_algorithm_t *gnutls_kx_list (void);
const gnutls_pk_algorithm_t *gnutls_pk_list (void); const gnutls_pk_algorithm_t *gnutls_pk_list (void);
const gnutls_sign_algorithm_t *gnutls_sign_list (void); const gnutls_sign_algorithm_t *gnutls_sign_list (void);
const char *gnutls_cipher_suite_info (size_t idx, const char *gnutls_cipher_suite_info (size_t idx,
char *cs_id, char *cs_id,
gnutls_kx_algorithm_t * kx, gnutls_kx_algorithm_t * kx,
gnutls_cipher_algorithm_t * cipher, gnutls_cipher_algorithm_t * cipher,
gnutls_mac_algorithm_t * mac, gnutls_mac_algorithm_t * mac,
gnutls_protocol_t * version); gnutls_protocol_t * min_version);
/* error functions */ /* error functions */
int gnutls_error_is_fatal (int error); int gnutls_error_is_fatal (int error);
int gnutls_error_to_alert (int err, int *level); int gnutls_error_to_alert (int err, int *level);
void gnutls_perror (int error); void gnutls_perror (int error);
const char *gnutls_strerror (int error); const char *gnutls_strerror (int error);
const char *gnutls_strerror_name (int error); const char *gnutls_strerror_name (int error);
/* Semi-internal functions. /* Semi-internal functions.
skipping to change at line 772 skipping to change at line 825
void gnutls_handshake_set_private_extensions (gnutls_session_t session, void gnutls_handshake_set_private_extensions (gnutls_session_t session,
int allow); int allow);
gnutls_handshake_description_t gnutls_handshake_description_t
gnutls_handshake_get_last_out (gnutls_session_t session); gnutls_handshake_get_last_out (gnutls_session_t session);
gnutls_handshake_description_t gnutls_handshake_description_t
gnutls_handshake_get_last_in (gnutls_session_t session); gnutls_handshake_get_last_in (gnutls_session_t session);
/* Record layer functions. /* Record layer functions.
*/ */
ssize_t gnutls_record_send (gnutls_session_t session, const void *data, ssize_t gnutls_record_send (gnutls_session_t session, const void *data,
size_t sizeofdata); size_t data_size);
ssize_t gnutls_record_recv (gnutls_session_t session, void *data, ssize_t gnutls_record_recv (gnutls_session_t session, void *data,
size_t sizeofdata); size_t data_size);
#define gnutls_read gnutls_record_recv #define gnutls_read gnutls_record_recv
#define gnutls_write gnutls_record_send #define gnutls_write gnutls_record_send
ssize_t gnutls_record_recv_seq (gnutls_session_t session, void *data, siz
e_t data_size,
unsigned char *seq);
void gnutls_session_enable_compatibility_mode (gnutls_session_t session); void gnutls_session_enable_compatibility_mode (gnutls_session_t session);
void gnutls_record_disable_padding (gnutls_session_t session); void gnutls_record_disable_padding (gnutls_session_t session);
int gnutls_record_get_direction (gnutls_session_t session); int gnutls_record_get_direction (gnutls_session_t session);
size_t gnutls_record_get_max_size (gnutls_session_t session); size_t gnutls_record_get_max_size (gnutls_session_t session);
ssize_t gnutls_record_set_max_size (gnutls_session_t session, size_t size ); ssize_t gnutls_record_set_max_size (gnutls_session_t session, size_t size );
skipping to change at line 800 skipping to change at line 855
size_t label_size, const char *label, size_t label_size, const char *label,
int server_random_first, int server_random_first,
size_t extra_size, const char *extra, size_t extra_size, const char *extra,
size_t outsize, char *out); size_t outsize, char *out);
int gnutls_prf_raw (gnutls_session_t session, int gnutls_prf_raw (gnutls_session_t session,
size_t label_size, const char *label, size_t label_size, const char *label,
size_t seed_size, const char *seed, size_t seed_size, const char *seed,
size_t outsize, char *out); size_t outsize, char *out);
/* TLS Extensions */
typedef int (*gnutls_ext_recv_func) (gnutls_session_t session,
const unsigned char *data, size_t le
n);
typedef int (*gnutls_ext_send_func) (gnutls_session_t session,
unsigned char *data, size_t len);
/**
* gnutls_ext_parse_type_t:
* @GNUTLS_EXT_NONE: Never parsed
* @GNUTLS_EXT_ANY: Any extension type.
* @GNUTLS_EXT_APPLICATION: Application extension.
* @GNUTLS_EXT_TLS: TLS-internal extension.
* @GNUTLS_EXT_MANDATORY: Extension parsed even if resuming (or extension
s are disabled).
*
* Enumeration of different TLS extension types. This flag
* indicates for an extension whether it is useful to application
* level or TLS level only. This is (only) used to parse the
* application level extensions before the "client_hello" callback
* is called.
*/
typedef enum
{
GNUTLS_EXT_ANY = 0,
GNUTLS_EXT_APPLICATION = 1,
GNUTLS_EXT_TLS = 2,
GNUTLS_EXT_MANDATORY = 3,
GNUTLS_EXT_NONE = 4
} gnutls_ext_parse_type_t;
/** /**
* gnutls_server_name_type_t: * gnutls_server_name_type_t:
* @GNUTLS_NAME_DNS: Domain Name System name type. * @GNUTLS_NAME_DNS: Domain Name System name type.
* *
* Enumeration of different server name types. * Enumeration of different server name types.
*/ */
typedef enum typedef enum
{ {
GNUTLS_NAME_DNS = 1 GNUTLS_NAME_DNS = 1
} gnutls_server_name_type_t; } gnutls_server_name_type_t;
skipping to change at line 873 skipping to change at line 898
const char const char
*gnutls_supplemental_get_name (gnutls_supplemental_data_format_type_t *gnutls_supplemental_get_name (gnutls_supplemental_data_format_type_t
type); type);
/* SessionTicket, RFC 5077. */ /* SessionTicket, RFC 5077. */
int gnutls_session_ticket_key_generate (gnutls_datum_t * key); int gnutls_session_ticket_key_generate (gnutls_datum_t * key);
int gnutls_session_ticket_enable_client (gnutls_session_t session); int gnutls_session_ticket_enable_client (gnutls_session_t session);
int gnutls_session_ticket_enable_server (gnutls_session_t session, int gnutls_session_ticket_enable_server (gnutls_session_t session,
const gnutls_datum_t * key); const gnutls_datum_t * key);
int gnutls_key_generate (gnutls_datum_t * key, unsigned int key_size);
/* if you just want some defaults, use the following. /* if you just want some defaults, use the following.
*/ */
int gnutls_priority_init (gnutls_priority_t * priority_cache, int gnutls_priority_init (gnutls_priority_t * priority_cache,
const char *priorities, const char **err_pos); const char *priorities, const char **err_pos);
void gnutls_priority_deinit (gnutls_priority_t priority_cache); void gnutls_priority_deinit (gnutls_priority_t priority_cache);
int gnutls_priority_set (gnutls_session_t session, int gnutls_priority_set (gnutls_session_t session,
gnutls_priority_t priority); gnutls_priority_t priority);
int gnutls_priority_set_direct (gnutls_session_t session, int gnutls_priority_set_direct (gnutls_session_t session,
const char *priorities, const char *priorities,
skipping to change at line 968 skipping to change at line 995
/* Functions for setting/clearing credentials /* Functions for setting/clearing credentials
*/ */
void gnutls_credentials_clear (gnutls_session_t session); void gnutls_credentials_clear (gnutls_session_t session);
/* cred is a structure defined by the kx algorithm /* cred is a structure defined by the kx algorithm
*/ */
int gnutls_credentials_set (gnutls_session_t session, int gnutls_credentials_set (gnutls_session_t session,
gnutls_credentials_type_t type, void *cred); gnutls_credentials_type_t type, void *cred);
#define gnutls_cred_set gnutls_credentials_set #define gnutls_cred_set gnutls_credentials_set
/* x.509 types */
struct gnutls_x509_privkey_int;
typedef struct gnutls_x509_privkey_int *gnutls_x509_privkey_t;
struct gnutls_x509_crl_int;
typedef struct gnutls_x509_crl_int *gnutls_x509_crl_t;
struct gnutls_x509_crt_int;
typedef struct gnutls_x509_crt_int *gnutls_x509_crt_t;
struct gnutls_x509_crq_int;
typedef struct gnutls_x509_crq_int *gnutls_x509_crq_t;
struct gnutls_openpgp_keyring_int;
typedef struct gnutls_openpgp_keyring_int *gnutls_openpgp_keyring_t;
/* Credential structures - used in gnutls_credentials_set(); */ /* Credential structures - used in gnutls_credentials_set(); */
struct gnutls_certificate_credentials_st; struct gnutls_certificate_credentials_st;
typedef struct gnutls_certificate_credentials_st typedef struct gnutls_certificate_credentials_st
*gnutls_certificate_credentials_t; *gnutls_certificate_credentials_t;
typedef gnutls_certificate_credentials_t typedef gnutls_certificate_credentials_t
gnutls_certificate_server_credentials; gnutls_certificate_server_credentials;
typedef gnutls_certificate_credentials_t typedef gnutls_certificate_credentials_t
gnutls_certificate_client_credentials; gnutls_certificate_client_credentials;
skipping to change at line 1012 skipping to change at line 1056
/* CERTFILE is an x509 certificate in PEM form. /* CERTFILE is an x509 certificate in PEM form.
* KEYFILE is a pkcs-1 private key in PEM form (for RSA keys). * KEYFILE is a pkcs-1 private key in PEM form (for RSA keys).
*/ */
void void
gnutls_certificate_free_credentials (gnutls_certificate_credentials_t s c); gnutls_certificate_free_credentials (gnutls_certificate_credentials_t s c);
int int
gnutls_certificate_allocate_credentials (gnutls_certificate_credentials _t gnutls_certificate_allocate_credentials (gnutls_certificate_credentials _t
* res); * res);
int
gnutls_certificate_get_issuer (gnutls_certificate_credentials_t sc,
gnutls_x509_crt_t cert, gnutls_x509_crt_t* issuer, unsigned int flags);
void gnutls_certificate_free_keys (gnutls_certificate_credentials_t sc); void gnutls_certificate_free_keys (gnutls_certificate_credentials_t sc);
void gnutls_certificate_free_cas (gnutls_certificate_credentials_t sc); void gnutls_certificate_free_cas (gnutls_certificate_credentials_t sc);
void gnutls_certificate_free_ca_names (gnutls_certificate_credentials_t s c); void gnutls_certificate_free_ca_names (gnutls_certificate_credentials_t s c);
void gnutls_certificate_free_crls (gnutls_certificate_credentials_t sc); void gnutls_certificate_free_crls (gnutls_certificate_credentials_t sc);
void gnutls_certificate_set_dh_params (gnutls_certificate_credentials_t r es, void gnutls_certificate_set_dh_params (gnutls_certificate_credentials_t r es,
gnutls_dh_params_t dh_params); gnutls_dh_params_t dh_params);
void void
gnutls_certificate_set_rsa_export_params (gnutls_certificate_credential s_t gnutls_certificate_set_rsa_export_params (gnutls_certificate_credential s_t
res, res,
skipping to change at line 1067 skipping to change at line 1115
int gnutls_certificate_set_x509_simple_pkcs12_file int gnutls_certificate_set_x509_simple_pkcs12_file
(gnutls_certificate_credentials_t res, const char *pkcs12file, (gnutls_certificate_credentials_t res, const char *pkcs12file,
gnutls_x509_crt_fmt_t type, const char *password); gnutls_x509_crt_fmt_t type, const char *password);
int gnutls_certificate_set_x509_simple_pkcs12_mem int gnutls_certificate_set_x509_simple_pkcs12_mem
(gnutls_certificate_credentials_t res, const gnutls_datum_t * p12blob, (gnutls_certificate_credentials_t res, const gnutls_datum_t * p12blob,
gnutls_x509_crt_fmt_t type, const char *password); gnutls_x509_crt_fmt_t type, const char *password);
/* New functions to allow setting already parsed X.509 stuff. /* New functions to allow setting already parsed X.509 stuff.
*/ */
struct gnutls_x509_privkey_int;
typedef struct gnutls_x509_privkey_int *gnutls_x509_privkey_t;
struct gnutls_x509_crl_int;
typedef struct gnutls_x509_crl_int *gnutls_x509_crl_t;
struct gnutls_x509_crt_int;
typedef struct gnutls_x509_crt_int *gnutls_x509_crt_t;
struct gnutls_x509_crq_int;
typedef struct gnutls_x509_crq_int *gnutls_x509_crq_t;
struct gnutls_openpgp_keyring_int;
typedef struct gnutls_openpgp_keyring_int *gnutls_openpgp_keyring_t;
int
gnutls_certificate_get_issuer (gnutls_certificate_credentials_t sc,
gnutls_x509_crt_t cert, gnutls_x509_crt_t* issuer, unsigned int flags);
int gnutls_certificate_set_x509_key (gnutls_certificate_credentials_t res , int gnutls_certificate_set_x509_key (gnutls_certificate_credentials_t res ,
gnutls_x509_crt_t * cert_list, gnutls_x509_crt_t * cert_list,
int cert_list_size, int cert_list_size,
gnutls_x509_privkey_t key); gnutls_x509_privkey_t key);
int gnutls_certificate_set_x509_trust (gnutls_certificate_credentials_t r es, int gnutls_certificate_set_x509_trust (gnutls_certificate_credentials_t r es,
gnutls_x509_crt_t * ca_list, gnutls_x509_crt_t * ca_list,
int ca_list_size); int ca_list_size);
int gnutls_certificate_set_x509_crl (gnutls_certificate_credentials_t res , int gnutls_certificate_set_x509_crl (gnutls_certificate_credentials_t res ,
gnutls_x509_crl_t * crl_list, gnutls_x509_crl_t * crl_list,
int crl_list_size); int crl_list_size);
void
gnutls_certificate_get_openpgp_keyring (gnutls_certificate_credentials_
t
sc,
gnutls_openpgp_keyring_t *
keyring);
/* global state functions /* global state functions
*/ */
int gnutls_global_init (void); int gnutls_global_init (void);
void gnutls_global_deinit (void); void gnutls_global_deinit (void);
/**
* gnutls_time_func:
* @t: where to store time.
*
* Function prototype for time()-like function. Set with
* gnutls_global_set_time_function().
*
* Returns: Number of seconds since the epoch, or (time_t)-1 on errors.
*/
typedef time_t (*gnutls_time_func) (time_t *t); typedef time_t (*gnutls_time_func) (time_t *t);
typedef int (*mutex_init_func) (void **mutex); typedef int (*mutex_init_func) (void **mutex);
typedef int (*mutex_lock_func) (void **mutex); typedef int (*mutex_lock_func) (void **mutex);
typedef int (*mutex_unlock_func) (void **mutex); typedef int (*mutex_unlock_func) (void **mutex);
typedef int (*mutex_deinit_func) (void **mutex); typedef int (*mutex_deinit_func) (void **mutex);
void gnutls_global_set_mutex (mutex_init_func init, mutex_deinit_func dei nit, void gnutls_global_set_mutex (mutex_init_func init, mutex_deinit_func dei nit,
mutex_lock_func lock, mutex_unlock_func unl ock); mutex_lock_func lock, mutex_unlock_func unl ock);
typedef void *(*gnutls_alloc_function) (size_t); typedef void *(*gnutls_alloc_function) (size_t);
typedef void *(*gnutls_calloc_function) (size_t, size_t); typedef void *(*gnutls_calloc_function) (size_t, size_t);
skipping to change at line 1124 skipping to change at line 1170
typedef void (*gnutls_free_function) (void *); typedef void (*gnutls_free_function) (void *);
typedef void *(*gnutls_realloc_function) (void *, size_t); typedef void *(*gnutls_realloc_function) (void *, size_t);
void void
gnutls_global_set_mem_functions (gnutls_alloc_function alloc_func, gnutls_global_set_mem_functions (gnutls_alloc_function alloc_func,
gnutls_alloc_function secure_alloc_fun c, gnutls_alloc_function secure_alloc_fun c,
gnutls_is_secure_function is_secure_fu nc, gnutls_is_secure_function is_secure_fu nc,
gnutls_realloc_function realloc_func, gnutls_realloc_function realloc_func,
gnutls_free_function free_func); gnutls_free_function free_func);
void gnutls_global_set_time_function (gnutls_time_func); void gnutls_global_set_time_function (gnutls_time_func time_func);
/* For use in callbacks */ /* For use in callbacks */
extern gnutls_alloc_function gnutls_malloc; extern gnutls_alloc_function gnutls_malloc;
extern gnutls_alloc_function gnutls_secure_malloc; extern gnutls_alloc_function gnutls_secure_malloc;
extern gnutls_realloc_function gnutls_realloc; extern gnutls_realloc_function gnutls_realloc;
extern gnutls_calloc_function gnutls_calloc; extern gnutls_calloc_function gnutls_calloc;
extern gnutls_free_function gnutls_free; extern gnutls_free_function gnutls_free;
extern char *(*gnutls_strdup) (const char *); extern char *(*gnutls_strdup) (const char *);
typedef void (*gnutls_log_func) (int, const char *); typedef void (*gnutls_log_func) (int, const char *);
typedef void (*gnutls_audit_log_func) (gnutls_session_t, const char *);
void gnutls_global_set_log_function (gnutls_log_func log_func); void gnutls_global_set_log_function (gnutls_log_func log_func);
void gnutls_global_set_audit_log_function (gnutls_audit_log_func log_func );
void gnutls_global_set_log_level (int level); void gnutls_global_set_log_level (int level);
/* Diffie-Hellman parameter handling. /* Diffie-Hellman parameter handling.
*/ */
int gnutls_dh_params_init (gnutls_dh_params_t * dh_params); int gnutls_dh_params_init (gnutls_dh_params_t * dh_params);
void gnutls_dh_params_deinit (gnutls_dh_params_t dh_params); void gnutls_dh_params_deinit (gnutls_dh_params_t dh_params);
int gnutls_dh_params_import_raw (gnutls_dh_params_t dh_params, int gnutls_dh_params_import_raw (gnutls_dh_params_t dh_params,
const gnutls_datum_t * prime, const gnutls_datum_t * prime,
const gnutls_datum_t * generator); const gnutls_datum_t * generator);
int gnutls_dh_params_import_pkcs3 (gnutls_dh_params_t params, int gnutls_dh_params_import_pkcs3 (gnutls_dh_params_t params,
skipping to change at line 1176 skipping to change at line 1224
gnutls_rsa_params_t src); gnutls_rsa_params_t src);
int gnutls_rsa_params_import_raw (gnutls_rsa_params_t rsa_params, int gnutls_rsa_params_import_raw (gnutls_rsa_params_t rsa_params,
const gnutls_datum_t * m, const gnutls_datum_t * m,
const gnutls_datum_t * e, const gnutls_datum_t * e,
const gnutls_datum_t * d, const gnutls_datum_t * d,
const gnutls_datum_t * p, const gnutls_datum_t * p,
const gnutls_datum_t * q, const gnutls_datum_t * q,
const gnutls_datum_t * u); const gnutls_datum_t * u);
int gnutls_rsa_params_generate2 (gnutls_rsa_params_t params, int gnutls_rsa_params_generate2 (gnutls_rsa_params_t params,
unsigned int bits); unsigned int bits);
int gnutls_rsa_params_export_raw (gnutls_rsa_params_t params, int gnutls_rsa_params_export_raw (gnutls_rsa_params_t rsa,
gnutls_datum_t * m, gnutls_datum_t * e, gnutls_datum_t * m, gnutls_datum_t * e,
gnutls_datum_t * d, gnutls_datum_t * p, gnutls_datum_t * d, gnutls_datum_t * p,
gnutls_datum_t * q, gnutls_datum_t * u, gnutls_datum_t * q, gnutls_datum_t * u,
unsigned int *bits); unsigned int *bits);
int gnutls_rsa_params_export_pkcs1 (gnutls_rsa_params_t params, int gnutls_rsa_params_export_pkcs1 (gnutls_rsa_params_t params,
gnutls_x509_crt_fmt_t format, gnutls_x509_crt_fmt_t format,
unsigned char *params_data, unsigned char *params_data,
size_t * params_data_size); size_t * params_data_size);
int gnutls_rsa_params_import_pkcs1 (gnutls_rsa_params_t params, int gnutls_rsa_params_import_pkcs1 (gnutls_rsa_params_t params,
const gnutls_datum_t * pkcs1_params, const gnutls_datum_t * pkcs1_params,
skipping to change at line 1202 skipping to change at line 1250
{ {
void *iov_base; /* Starting address */ void *iov_base; /* Starting address */
size_t iov_len; /* Number of bytes to transfer */ size_t iov_len; /* Number of bytes to transfer */
} giovec_t; } giovec_t;
typedef ssize_t (*gnutls_pull_func) (gnutls_transport_ptr_t, void *, typedef ssize_t (*gnutls_pull_func) (gnutls_transport_ptr_t, void *,
size_t); size_t);
typedef ssize_t (*gnutls_push_func) (gnutls_transport_ptr_t, const void * , typedef ssize_t (*gnutls_push_func) (gnutls_transport_ptr_t, const void * ,
size_t); size_t);
typedef int (*gnutls_pull_timeout_func) (gnutls_transport_ptr_t, unsigned
int ms);
typedef ssize_t (*gnutls_vec_push_func) (gnutls_transport_ptr_t, typedef ssize_t (*gnutls_vec_push_func) (gnutls_transport_ptr_t,
const giovec_t * iov, int iovcnt ); const giovec_t * iov, int iovcnt );
typedef int (*gnutls_errno_func) (gnutls_transport_ptr_t); typedef int (*gnutls_errno_func) (gnutls_transport_ptr_t);
void gnutls_transport_set_ptr (gnutls_session_t session, void gnutls_transport_set_ptr (gnutls_session_t session,
gnutls_transport_ptr_t ptr); gnutls_transport_ptr_t ptr);
void gnutls_transport_set_ptr2 (gnutls_session_t session, void gnutls_transport_set_ptr2 (gnutls_session_t session,
gnutls_transport_ptr_t recv_ptr, gnutls_transport_ptr_t recv_ptr,
gnutls_transport_ptr_t send_ptr); gnutls_transport_ptr_t send_ptr);
skipping to change at line 1225 skipping to change at line 1275
gnutls_transport_ptr_t * recv_ptr, gnutls_transport_ptr_t * recv_ptr,
gnutls_transport_ptr_t * send_ptr); gnutls_transport_ptr_t * send_ptr);
void gnutls_transport_set_vec_push_function (gnutls_session_t session, void gnutls_transport_set_vec_push_function (gnutls_session_t session,
gnutls_vec_push_func vec_func); gnutls_vec_push_func vec_func);
void gnutls_transport_set_push_function (gnutls_session_t session, void gnutls_transport_set_push_function (gnutls_session_t session,
gnutls_push_func push_func); gnutls_push_func push_func);
void gnutls_transport_set_pull_function (gnutls_session_t session, void gnutls_transport_set_pull_function (gnutls_session_t session,
gnutls_pull_func pull_func); gnutls_pull_func pull_func);
void gnutls_transport_set_pull_timeout_function (gnutls_session_t session
,
gnutls_pull_timeout_func func);
void gnutls_transport_set_errno_function (gnutls_session_t session, void gnutls_transport_set_errno_function (gnutls_session_t session,
gnutls_errno_func errno_func); gnutls_errno_func errno_func);
void gnutls_transport_set_errno (gnutls_session_t session, int err); void gnutls_transport_set_errno (gnutls_session_t session, int err);
/* session specific /* session specific
*/ */
void gnutls_session_set_ptr (gnutls_session_t session, void *ptr); void gnutls_session_set_ptr (gnutls_session_t session, void *ptr);
void *gnutls_session_get_ptr (gnutls_session_t session); void *gnutls_session_get_ptr (gnutls_session_t session);
skipping to change at line 1352 skipping to change at line 1405
} gnutls_psk_key_flags; } gnutls_psk_key_flags;
void void
gnutls_psk_free_client_credentials (gnutls_psk_client_credentials_t sc) ; gnutls_psk_free_client_credentials (gnutls_psk_client_credentials_t sc) ;
int int
gnutls_psk_allocate_client_credentials (gnutls_psk_client_credentials_t * gnutls_psk_allocate_client_credentials (gnutls_psk_client_credentials_t *
sc); sc);
int gnutls_psk_set_client_credentials (gnutls_psk_client_credentials_t re s, int gnutls_psk_set_client_credentials (gnutls_psk_client_credentials_t re s,
const char *username, const char *username,
const gnutls_datum_t * key, const gnutls_datum_t * key,
gnutls_psk_key_flags format); gnutls_psk_key_flags flags);
void void
gnutls_psk_free_server_credentials (gnutls_psk_server_credentials_t sc) ; gnutls_psk_free_server_credentials (gnutls_psk_server_credentials_t sc) ;
int int
gnutls_psk_allocate_server_credentials (gnutls_psk_server_credentials_t * gnutls_psk_allocate_server_credentials (gnutls_psk_server_credentials_t *
sc); sc);
int gnutls_psk_set_server_credentials_file (gnutls_psk_server_credentials _t int gnutls_psk_set_server_credentials_file (gnutls_psk_server_credentials _t
res, const char *password_fil e); res, const char *password_fil e);
int int
skipping to change at line 1435 skipping to change at line 1488
struct gnutls_openpgp_crt_int; struct gnutls_openpgp_crt_int;
typedef struct gnutls_openpgp_crt_int *gnutls_openpgp_crt_t; typedef struct gnutls_openpgp_crt_int *gnutls_openpgp_crt_t;
struct gnutls_openpgp_privkey_int; struct gnutls_openpgp_privkey_int;
typedef struct gnutls_openpgp_privkey_int *gnutls_openpgp_privkey_t; typedef struct gnutls_openpgp_privkey_int *gnutls_openpgp_privkey_t;
struct gnutls_pkcs11_privkey_st; struct gnutls_pkcs11_privkey_st;
typedef struct gnutls_pkcs11_privkey_st *gnutls_pkcs11_privkey_t; typedef struct gnutls_pkcs11_privkey_st *gnutls_pkcs11_privkey_t;
/**
* gnutls_privkey_type_t:
* @GNUTLS_PRIVKEY_X509: X.509 private key, #gnutls_x509_privkey_t.
* @GNUTLS_PRIVKEY_OPENPGP: OpenPGP private key, #gnutls_openpgp_privkey_
t.
* @GNUTLS_PRIVKEY_PKCS11: PKCS11 private key, #gnutls_pkcs11_privkey_t.
*
* Enumeration of different private key types.
*/
typedef enum typedef enum
{ {
GNUTLS_PRIVKEY_X509, /* gnutls_x509_privkey_t */ GNUTLS_PRIVKEY_X509,
GNUTLS_PRIVKEY_OPENPGP, /* gnutls_openpgp_privkey_t */ GNUTLS_PRIVKEY_OPENPGP,
GNUTLS_PRIVKEY_PKCS11 /* gnutls_pkcs11_privkey_t */ GNUTLS_PRIVKEY_PKCS11
} gnutls_privkey_type_t; } gnutls_privkey_type_t;
typedef struct gnutls_retr2_st typedef struct gnutls_retr2_st
{ {
gnutls_certificate_type_t cert_type; gnutls_certificate_type_t cert_type;
gnutls_privkey_type_t key_type; gnutls_privkey_type_t key_type;
union union
{ {
gnutls_x509_crt_t *x509; gnutls_x509_crt_t *x509;
gnutls_openpgp_crt_t pgp; gnutls_openpgp_crt_t pgp;
skipping to change at line 1496 skipping to change at line 1557
int gnutls_rsa_export_get_pubkey (gnutls_session_t session, int gnutls_rsa_export_get_pubkey (gnutls_session_t session,
gnutls_datum_t * exponent, gnutls_datum_t * exponent,
gnutls_datum_t * modulus); gnutls_datum_t * modulus);
int gnutls_rsa_export_get_modulus_bits (gnutls_session_t session); int gnutls_rsa_export_get_modulus_bits (gnutls_session_t session);
/* X509PKI */ /* X509PKI */
/* These are set on the credentials structure. /* These are set on the credentials structure.
*/ */
/* use gnutls_certificate_set_retrieve_function2() in abstract.h
* instead. It's much more efficient.
*/
typedef int gnutls_certificate_retrieve_function (gnutls_session_t, typedef int gnutls_certificate_retrieve_function (gnutls_session_t,
const const
gnutls_datum_t * gnutls_datum_t *
req_ca_rdn, req_ca_rdn,
int nreqs, int nreqs,
const const
gnutls_pk_algorithm_t gnutls_pk_algorithm_t
* pk_algos, * pk_algos,
int int
pk_algos_length, pk_algos_length,
skipping to change at line 1640 skipping to change at line 1705
#define GNUTLS_E_PULL_ERROR -54 #define GNUTLS_E_PULL_ERROR -54
#define GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER -55 /* GNUTLS_A_ILLEGAL_PARAMET ER */ #define GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER -55 /* GNUTLS_A_ILLEGAL_PARAMET ER */
#define GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE -56 #define GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE -56
#define GNUTLS_E_PKCS1_WRONG_PAD -57 #define GNUTLS_E_PKCS1_WRONG_PAD -57
#define GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION -58 #define GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION -58
#define GNUTLS_E_INTERNAL_ERROR -59 #define GNUTLS_E_INTERNAL_ERROR -59
#define GNUTLS_E_DH_PRIME_UNACCEPTABLE -63 #define GNUTLS_E_DH_PRIME_UNACCEPTABLE -63
#define GNUTLS_E_FILE_ERROR -64 #define GNUTLS_E_FILE_ERROR -64
#define GNUTLS_E_TOO_MANY_EMPTY_PACKETS -78 #define GNUTLS_E_TOO_MANY_EMPTY_PACKETS -78
#define GNUTLS_E_UNKNOWN_PK_ALGORITHM -80 #define GNUTLS_E_UNKNOWN_PK_ALGORITHM -80
#define GNUTLS_E_TOO_MANY_HANDSHAKE_PACKETS -81
/* returned if libextra functionality was requested but /* returned if libextra functionality was requested but
* gnutls_global_init_extra() was not called. * gnutls_global_init_extra() was not called.
*/ */
#define GNUTLS_E_INIT_LIBEXTRA -82 #define GNUTLS_E_INIT_LIBEXTRA -82
#define GNUTLS_E_LIBRARY_VERSION_MISMATCH -83 #define GNUTLS_E_LIBRARY_VERSION_MISMATCH -83
/* returned if you need to generate temporary RSA /* returned if you need to generate temporary RSA
* parameters. These are needed for export cipher suites. * parameters. These are needed for export cipher suites.
*/ */
#define GNUTLS_E_NO_TEMPORARY_RSA_PARAMS -84 #define GNUTLS_E_NO_TEMPORARY_RSA_PARAMS -84
#define GNUTLS_E_LZO_INIT_FAILED -85
#define GNUTLS_E_NO_COMPRESSION_ALGORITHMS -86 #define GNUTLS_E_NO_COMPRESSION_ALGORITHMS -86
#define GNUTLS_E_NO_CIPHER_SUITES -87 #define GNUTLS_E_NO_CIPHER_SUITES -87
#define GNUTLS_E_OPENPGP_GETKEY_FAILED -88 #define GNUTLS_E_OPENPGP_GETKEY_FAILED -88
#define GNUTLS_E_PK_SIG_VERIFY_FAILED -89 #define GNUTLS_E_PK_SIG_VERIFY_FAILED -89
#define GNUTLS_E_ILLEGAL_SRP_USERNAME -90 #define GNUTLS_E_ILLEGAL_SRP_USERNAME -90
#define GNUTLS_E_SRP_PWD_PARSING_ERROR -91 #define GNUTLS_E_SRP_PWD_PARSING_ERROR -91
#define GNUTLS_E_NO_TEMPORARY_DH_PARAMS -93 #define GNUTLS_E_NO_TEMPORARY_DH_PARAMS -93
skipping to change at line 1700 skipping to change at line 1765
#define GNUTLS_E_WARNING_IA_IPHF_RECEIVED -102 #define GNUTLS_E_WARNING_IA_IPHF_RECEIVED -102
#define GNUTLS_E_WARNING_IA_FPHF_RECEIVED -103 #define GNUTLS_E_WARNING_IA_FPHF_RECEIVED -103
#define GNUTLS_E_IA_VERIFY_FAILED -104 #define GNUTLS_E_IA_VERIFY_FAILED -104
#define GNUTLS_E_UNKNOWN_ALGORITHM -105 #define GNUTLS_E_UNKNOWN_ALGORITHM -105
#define GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM -106 #define GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM -106
#define GNUTLS_E_SAFE_RENEGOTIATION_FAILED -107 #define GNUTLS_E_SAFE_RENEGOTIATION_FAILED -107
#define GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED -108 #define GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED -108
#define GNUTLS_E_UNKNOWN_SRP_USERNAME -109 #define GNUTLS_E_UNKNOWN_SRP_USERNAME -109
#define GNUTLS_E_PREMATURE_TERMINATION -110
#define GNUTLS_E_BASE64_ENCODING_ERROR -201 #define GNUTLS_E_BASE64_ENCODING_ERROR -201
#define GNUTLS_E_INCOMPATIBLE_GCRYPT_LIBRARY -202 /* obsolete */ #define GNUTLS_E_INCOMPATIBLE_GCRYPT_LIBRARY -202 /* obsolete */
#define GNUTLS_E_INCOMPATIBLE_CRYPTO_LIBRARY -202 #define GNUTLS_E_INCOMPATIBLE_CRYPTO_LIBRARY -202
#define GNUTLS_E_INCOMPATIBLE_LIBTASN1_LIBRARY -203 #define GNUTLS_E_INCOMPATIBLE_LIBTASN1_LIBRARY -203
#define GNUTLS_E_OPENPGP_KEYRING_ERROR -204 #define GNUTLS_E_OPENPGP_KEYRING_ERROR -204
#define GNUTLS_E_X509_UNSUPPORTED_OID -205 #define GNUTLS_E_X509_UNSUPPORTED_OID -205
#define GNUTLS_E_RANDOM_FAILED -206 #define GNUTLS_E_RANDOM_FAILED -206
skipping to change at line 1722 skipping to change at line 1788
#define GNUTLS_E_OPENPGP_SUBKEY_ERROR -208 #define GNUTLS_E_OPENPGP_SUBKEY_ERROR -208
#define GNUTLS_E_CRYPTO_ALREADY_REGISTERED -209 #define GNUTLS_E_CRYPTO_ALREADY_REGISTERED -209
#define GNUTLS_E_HANDSHAKE_TOO_LARGE -210 #define GNUTLS_E_HANDSHAKE_TOO_LARGE -210
#define GNUTLS_E_CRYPTODEV_IOCTL_ERROR -211 #define GNUTLS_E_CRYPTODEV_IOCTL_ERROR -211
#define GNUTLS_E_CRYPTODEV_DEVICE_ERROR -212 #define GNUTLS_E_CRYPTODEV_DEVICE_ERROR -212
#define GNUTLS_E_CHANNEL_BINDING_NOT_AVAILABLE -213 #define GNUTLS_E_CHANNEL_BINDING_NOT_AVAILABLE -213
#define GNUTLS_E_BAD_COOKIE -214
#define GNUTLS_E_OPENPGP_PREFERRED_KEY_ERROR -215 #define GNUTLS_E_OPENPGP_PREFERRED_KEY_ERROR -215
#define GNUTLS_E_INCOMPAT_DSA_KEY_WITH_TLS_PROTOCOL -216 #define GNUTLS_E_INCOMPAT_DSA_KEY_WITH_TLS_PROTOCOL -216
/* PKCS11 related */ /* PKCS11 related */
#define GNUTLS_E_PKCS11_ERROR -300 #define GNUTLS_E_PKCS11_ERROR -300
#define GNUTLS_E_PKCS11_LOAD_ERROR -301 #define GNUTLS_E_PKCS11_LOAD_ERROR -301
#define GNUTLS_E_PARSING_ERROR -302 #define GNUTLS_E_PARSING_ERROR -302
#define GNUTLS_E_PKCS11_PIN_ERROR -303 #define GNUTLS_E_PKCS11_PIN_ERROR -303
#define GNUTLS_E_PKCS11_SLOT_ERROR -305 #define GNUTLS_E_PKCS11_SLOT_ERROR -305
skipping to change at line 1746 skipping to change at line 1813
#define GNUTLS_E_PKCS11_UNSUPPORTED_FEATURE_ERROR -310 #define GNUTLS_E_PKCS11_UNSUPPORTED_FEATURE_ERROR -310
#define GNUTLS_E_PKCS11_KEY_ERROR -311 #define GNUTLS_E_PKCS11_KEY_ERROR -311
#define GNUTLS_E_PKCS11_PIN_EXPIRED -312 #define GNUTLS_E_PKCS11_PIN_EXPIRED -312
#define GNUTLS_E_PKCS11_PIN_LOCKED -313 #define GNUTLS_E_PKCS11_PIN_LOCKED -313
#define GNUTLS_E_PKCS11_SESSION_ERROR -314 #define GNUTLS_E_PKCS11_SESSION_ERROR -314
#define GNUTLS_E_PKCS11_SIGNATURE_ERROR -315 #define GNUTLS_E_PKCS11_SIGNATURE_ERROR -315
#define GNUTLS_E_PKCS11_TOKEN_ERROR -316 #define GNUTLS_E_PKCS11_TOKEN_ERROR -316
#define GNUTLS_E_PKCS11_USER_ERROR -317 #define GNUTLS_E_PKCS11_USER_ERROR -317
#define GNUTLS_E_CRYPTO_INIT_FAILED -318 #define GNUTLS_E_CRYPTO_INIT_FAILED -318
#define GNUTLS_E_TIMEDOUT -319
#define GNUTLS_E_USER_ERROR -320
#define GNUTLS_E_ECC_NO_SUPPORTED_CURVES -321
#define GNUTLS_E_ECC_UNSUPPORTED_CURVE -322
#define GNUTLS_E_PKCS11_REQUESTED_OBJECT_NOT_AVAILBLE -323
#define GNUTLS_E_CERTIFICATE_LIST_UNSORTED -324 #define GNUTLS_E_CERTIFICATE_LIST_UNSORTED -324
#define GNUTLS_E_UNIMPLEMENTED_FEATURE -1250 #define GNUTLS_E_UNIMPLEMENTED_FEATURE -1250
#define GNUTLS_E_APPLICATION_ERROR_MAX -65000 #define GNUTLS_E_APPLICATION_ERROR_MAX -65000
#define GNUTLS_E_APPLICATION_ERROR_MIN -65500 #define GNUTLS_E_APPLICATION_ERROR_MIN -65500
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
 End of changes. 71 change blocks. 
104 lines changed or deleted 182 lines changed or added


 gnutlsxx.h (2.12.23)   gnutlsxx.h (3.0.1) 
/*
* Copyright (C) 2006-2011 Free Software Foundation, Inc.
*
* Author: Nikos Mavrogiannopoulos
*
* This file is part of GnuTLS.
*
* The GnuTLS is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public License
* as published by the Free Software Foundation; either version 3 of
* the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
#ifndef GNUTLSXX_H #ifndef GNUTLSXX_H
#define GNUTLSXX_H #define GNUTLSXX_H
#include <exception> #include <exception>
#include <vector> #include <vector>
#include <gnutls/gnutls.h> #include <gnutls/gnutls.h>
namespace gnutls namespace gnutls
{ {
skipping to change at line 89 skipping to change at line 111
protected: protected:
gnutls_rsa_params_t params; gnutls_rsa_params_t params;
}; };
class session:private noncopyable class session:private noncopyable
{ {
protected: protected:
gnutls_session_t s; gnutls_session_t s;
public: public:
session (gnutls_connection_end_t); session (unsigned int);
virtual ~ session (); virtual ~ session ();
int bye (gnutls_close_request_t how); int bye (gnutls_close_request_t how);
int handshake (); int handshake ();
gnutls_alert_description_t get_alert () const; gnutls_alert_description_t get_alert () const;
int send_alert (gnutls_alert_level_t level, int send_alert (gnutls_alert_level_t level,
gnutls_alert_description_t desc); gnutls_alert_description_t desc);
int send_appropriate_alert (int err); int send_appropriate_alert (int err);
skipping to change at line 133 skipping to change at line 155
void prf (size_t label_size, const char *label, void prf (size_t label_size, const char *label,
int server_random_first, int server_random_first,
size_t extra_size, const char *extra, size_t extra_size, const char *extra,
size_t outsize, char *out); size_t outsize, char *out);
void prf_raw (size_t label_size, const char *label, void prf_raw (size_t label_size, const char *label,
size_t seed_size, const char *seed, size_t seed_size, const char *seed,
size_t outsize, char *out); size_t outsize, char *out);
void set_cipher_priority (const int *list);
void set_mac_priority (const int *list);
void set_compression_priority (const int *list);
void set_kx_priority (const int *list);
void set_protocol_priority (const int *list);
void set_certificate_type_priority (const int *list);
/* if you just want some defaults, use the following. /* if you just want some defaults, use the following.
*/ */
void set_priority (const char *prio, const char **err_pos); void set_priority (const char *prio, const char **err_pos);
void set_priority (gnutls_priority_t p); void set_priority (gnutls_priority_t p);
gnutls_protocol_t get_protocol_version () const; gnutls_protocol_t get_protocol_version () const;
// for resuming sessions // for resuming sessions
void set_data (const void *session_data, size_t session_data_size); void set_data (const void *session_data, size_t session_data_size);
void get_data (void *session_data, size_t * session_data_size) const; void get_data (void *session_data, size_t * session_data_size) const;
 End of changes. 3 change blocks. 
8 lines changed or deleted 23 lines changed or added


 openpgp.h (2.12.23)   openpgp.h (3.0.1) 
/* /*
* Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free * Copyright (C) 2003-2011 Free Software Foundation, Inc.
* Software Foundation, Inc.
* *
* Author: Nikos Mavrogiannopoulos * Author: Nikos Mavrogiannopoulos
* *
* This file is part of GnuTLS. * This file is part of GnuTLS.
* *
* The GnuTLS is free software; you can redistribute it and/or * The GnuTLS is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public License * modify it under the terms of the GNU Lesser General Public License
* as published by the Free Software Foundation; either version 2.1 of * as published by the Free Software Foundation; either version 3 of
* the License, or (at your option) any later version. * the License, or (at your option) any later version.
* *
* This library is distributed in the hope that it will be useful, but * This library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details. * Lesser General Public License for more details.
* *
* You should have received a copy of the GNU Lesser General Public * You should have received a copy of the GNU Lesser General Public License
* License along with this library; if not, write to the Free Software * along with this program. If not, see <http://www.gnu.org/licenses/>
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
* USA
* *
*/ */
/* This file contains the types and prototypes for the OpenPGP /* This file contains the types and prototypes for the OpenPGP
* key and private key parsing functions. * key and private key parsing functions.
*/ */
#ifndef GNUTLS_OPENPGP_H #ifndef GNUTLS_OPENPGP_H
#define GNUTLS_OPENPGP_H #define GNUTLS_OPENPGP_H
skipping to change at line 316 skipping to change at line 313
const unsigned char *keyfpr, const unsigned char *keyfpr,
unsigned int keyfpr_length, unsigned int keyfpr_length,
gnutls_datum_t * key); gnutls_datum_t * key);
void void
gnutls_openpgp_set_recv_key_function (gnutls_session_t session, gnutls_openpgp_set_recv_key_function (gnutls_session_t session,
gnutls_openpgp_recv_key_func func ); gnutls_openpgp_recv_key_func func );
/* certificate authentication stuff. /* certificate authentication stuff.
*/ */
int gnutls_certificate_set_openpgp_key (gnutls_certificate_credentials_t int gnutls_certificate_set_openpgp_key (gnutls_certificate_credentials_t
res, gnutls_openpgp_crt_t key, res,
gnutls_openpgp_crt_t crt,
gnutls_openpgp_privkey_t pkey); gnutls_openpgp_privkey_t pkey);
int int
gnutls_certificate_set_openpgp_key_file (gnutls_certificate_credentials _t gnutls_certificate_set_openpgp_key_file (gnutls_certificate_credentials _t
res, const char *certfile, res, const char *certfile,
const char *keyfile, const char *keyfile,
gnutls_openpgp_crt_fmt_t forma t); gnutls_openpgp_crt_fmt_t forma t);
int gnutls_certificate_set_openpgp_key_mem (gnutls_certificate_credential s_t int gnutls_certificate_set_openpgp_key_mem (gnutls_certificate_credential s_t
res, res,
const gnutls_datum_t * cert, const gnutls_datum_t * cert,
 End of changes. 4 change blocks. 
9 lines changed or deleted 7 lines changed or added


 pkcs11.h (2.12.23)   pkcs11.h (3.0.1) 
/*
* Copyright (C) 2010-2011 Free Software Foundation, Inc.
*
* Author: Nikos Mavrogiannopoulos
*
* This file is part of GnuTLS.
*
* The GnuTLS is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public License
* as published by the Free Software Foundation; either version 3 of
* the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
#ifndef __GNUTLS_PKCS11_H #ifndef __GNUTLS_PKCS11_H
#define __GNUTLS_PKCS11_H #define __GNUTLS_PKCS11_H
#include <stdarg.h> #include <stdarg.h>
#include <gnutls/gnutls.h> #include <gnutls/gnutls.h>
#include <gnutls/x509.h> #include <gnutls/x509.h>
#define GNUTLS_PKCS11_MAX_PIN_LEN 32 #define GNUTLS_PKCS11_MAX_PIN_LEN 32
/* Token callback function. The callback will be used to /**
* ask the user to re-enter the token with given null terminated * gnutls_pkcs11_token_callback_t:
* label. Callback should return zero if token has been inserted * @userdata: user-controlled data from gnutls_pkcs11_set_token_function().
* by user and a negative error code otherwise. It might be called * @label: token label.
* multiple times if the token is not detected and the retry counter * @retry: retry counter, initially 0.
* will be increased. *
*/ * Token callback function. The callback will be used to ask the user
typedef int (*gnutls_pkcs11_token_callback_t) (void *const global_data, * to re-insert the token with given (null terminated) label. The
* callback should return zero if token has been inserted by user and
* a negative error code otherwise. It might be called multiple times
* if the token is not detected and the retry counter will be
* increased.
*
* Returns: %GNUTLS_E_SUCCESS (0) on success or a negative error code
* on error.
*
* Since: 2.12.0
**/
typedef int (*gnutls_pkcs11_token_callback_t) (void *const userdata,
const char *const label, const char *const label,
const unsigned retry); const unsigned retry);
/** /**
* gnutls_pkcs11_pin_flag_t: * gnutls_pkcs11_pin_flag_t:
* @GNUTLS_PKCS11_PIN_USER: The PIN for the user. * @GNUTLS_PKCS11_PIN_USER: The PIN for the user.
* @GNUTLS_PKCS11_PIN_SO: The PIN for the security officer. * @GNUTLS_PKCS11_PIN_SO: The PIN for the security officer.
* @GNUTLS_PKCS11_PIN_CONTEXT_SPECIFIC: The PIN is for a specific action an d key like signing. * @GNUTLS_PKCS11_PIN_CONTEXT_SPECIFIC: The PIN is for a specific action an d key like signing.
* @GNUTLS_PKCS11_PIN_FINAL_TRY: This is the final try before blocking. * @GNUTLS_PKCS11_PIN_FINAL_TRY: This is the final try before blocking.
* @GNUTLS_PKCS11_PIN_COUNT_LOW: Few tries remain before token blocks. * @GNUTLS_PKCS11_PIN_COUNT_LOW: Few tries remain before token blocks.
skipping to change at line 78 skipping to change at line 111
* first such invocation, the @attempt counter will have value zero; * first such invocation, the @attempt counter will have value zero;
* it will increase by one for each subsequent attempt. * it will increase by one for each subsequent attempt.
* *
* Returns: %GNUTLS_E_SUCCESS (0) on success or a negative error code on er ror. * Returns: %GNUTLS_E_SUCCESS (0) on success or a negative error code on er ror.
* *
* Since: 2.12.0 * Since: 2.12.0
**/ **/
typedef int (*gnutls_pkcs11_pin_callback_t) (void *userdata, int attempt, typedef int (*gnutls_pkcs11_pin_callback_t) (void *userdata, int attempt,
const char *token_url, const char *token_url,
const char *token_label, const char *token_label,
unsigned int flags unsigned int flags,
/*gnutls_pkcs11_pin_flag_t */
,
char *pin, size_t pin_max); char *pin, size_t pin_max);
struct gnutls_pkcs11_obj_st; struct gnutls_pkcs11_obj_st;
typedef struct gnutls_pkcs11_obj_st *gnutls_pkcs11_obj_t; typedef struct gnutls_pkcs11_obj_st *gnutls_pkcs11_obj_t;
#define GNUTLS_PKCS11_FLAG_MANUAL 0 /* Manual loading of libraries */ #define GNUTLS_PKCS11_FLAG_MANUAL 0 /* Manual loading of libraries */
#define GNUTLS_PKCS11_FLAG_AUTO 1 /* Automatically load libraries by reading /etc/gnutls/pkcs11.conf */ #define GNUTLS_PKCS11_FLAG_AUTO 1 /* Automatically load libraries by reading /etc/gnutls/pkcs11.conf */
/* pkcs11.conf format: /* pkcs11.conf format:
* load = /lib/xxx-pkcs11.so * load = /lib/xxx-pkcs11.so
* load = /lib/yyy-pkcs11.so * load = /lib/yyy-pkcs11.so
*/ */
int gnutls_pkcs11_init (unsigned int flags, const char *deprecated_config_f ile); int gnutls_pkcs11_init (unsigned int flags, const char *deprecated_config_f ile);
int gnutls_pkcs11_reinit (void);
void gnutls_pkcs11_deinit (void); void gnutls_pkcs11_deinit (void);
void gnutls_pkcs11_set_token_function (gnutls_pkcs11_token_callback_t fn, void gnutls_pkcs11_set_token_function (gnutls_pkcs11_token_callback_t fn,
void *userdata); void *userdata);
void gnutls_pkcs11_set_pin_function (gnutls_pkcs11_pin_callback_t fn, void gnutls_pkcs11_set_pin_function (gnutls_pkcs11_pin_callback_t fn,
void *userdata); void *userdata);
int gnutls_pkcs11_add_provider (const char *name, const char *params); int gnutls_pkcs11_add_provider (const char *name, const char *params);
int gnutls_pkcs11_obj_init (gnutls_pkcs11_obj_t * obj); int gnutls_pkcs11_obj_init (gnutls_pkcs11_obj_t * obj);
#define GNUTLS_PKCS11_OBJ_FLAG_LOGIN (1<<0) /* force login in the token for the operation */ #define GNUTLS_PKCS11_OBJ_FLAG_LOGIN (1<<0) /* force login in the token for the operation */
#define GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED (1<<1) /* object marked as trusted */ #define GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED (1<<1) /* object marked as trusted */
#define GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE (1<<2) /* object marked as sensitive (unexportable) */ #define GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE (1<<2) /* object marked as sensitive (unexportable) */
#define GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO (1<<3) /* force login as a secu rity officer in the token for the operation */ #define GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO (1<<3) /* force login as a secu rity officer in the token for the operation */
#define GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE (1<<4) /* marked as private (re
quires PIN to access) */
#define GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE (1<<5) /* marked as not pri
vate */
/** /**
* gnutls_pkcs11_url_type_t: * gnutls_pkcs11_url_type_t:
* @GNUTLS_PKCS11_URL_GENERIC: A generic-purpose URL. * @GNUTLS_PKCS11_URL_GENERIC: A generic-purpose URL.
* @GNUTLS_PKCS11_URL_LIB: A URL that specifies the library used as well. * @GNUTLS_PKCS11_URL_LIB: A URL that specifies the library used as well.
* @GNUTLS_PKCS11_URL_LIB_VERSION: A URL that specifies the library and i * @GNUTLS_PKCS11_URL_LIB_VERSION: A URL that specifies the library and its
ts version. version.
* *
* Enumeration of different URL extraction flags. * Enumeration of different URL extraction flags.
*/ */
typedef enum typedef enum
{ {
GNUTLS_PKCS11_URL_GENERIC, /* URL specifies the object on token level GNUTLS_PKCS11_URL_GENERIC, /* URL specifies the object on token leve
*/ l */
GNUTLS_PKCS11_URL_LIB, /* URL specifies the object on module level GNUTLS_PKCS11_URL_LIB, /* URL specifies the object on module lev
*/ el */
GNUTLS_PKCS11_URL_LIB_VERSION /* URL specifies the object on module and v GNUTLS_PKCS11_URL_LIB_VERSION /* URL specifies the object on module and
ersion level */ version level */
} gnutls_pkcs11_url_type_t; } gnutls_pkcs11_url_type_t;
int gnutls_pkcs11_obj_import_url (gnutls_pkcs11_obj_t, const char *url, int gnutls_pkcs11_obj_import_url (gnutls_pkcs11_obj_t cert,
const char *url,
unsigned int flags unsigned int flags
/* GNUTLS_PKCS11_OBJ_FLAG_* */ ); /* GNUTLS_PKCS11_OBJ_FLAG_* */ );
int gnutls_pkcs11_obj_export_url (gnutls_pkcs11_obj_t obj, int gnutls_pkcs11_obj_export_url (gnutls_pkcs11_obj_t obj,
gnutls_pkcs11_url_type_t detailed, gnutls_pkcs11_url_type_t detailed,
char **url); char **url);
void gnutls_pkcs11_obj_deinit (gnutls_pkcs11_obj_t obj); void gnutls_pkcs11_obj_deinit (gnutls_pkcs11_obj_t obj);
int gnutls_pkcs11_obj_export (gnutls_pkcs11_obj_t obj, int gnutls_pkcs11_obj_export (gnutls_pkcs11_obj_t obj,
void *output_data, size_t * output_data_size) ; void *output_data, size_t * output_data_size) ;
skipping to change at line 150 skipping to change at line 184
/* GNUTLS_PKCS11_OBJ_FLAG_* */ ); /* GNUTLS_PKCS11_OBJ_FLAG_* */ );
int gnutls_pkcs11_delete_url (const char *object_url, unsigned int flags int gnutls_pkcs11_delete_url (const char *object_url, unsigned int flags
/* GNUTLS_PKCS11_OBJ_FLAG_* */ ); /* GNUTLS_PKCS11_OBJ_FLAG_* */ );
int gnutls_pkcs11_copy_secret_key (const char *token_url, int gnutls_pkcs11_copy_secret_key (const char *token_url,
gnutls_datum_t * key, const char *label, gnutls_datum_t * key, const char *label,
unsigned int key_usage /* GNUTLS_KEY_* * / , unsigned int key_usage /* GNUTLS_KEY_* * / ,
unsigned int flags unsigned int flags
/* GNUTLS_PKCS11_OBJ_FLAG_* */ ); /* GNUTLS_PKCS11_OBJ_FLAG_* */ );
/** /**
* gnutls_pkcs11_obj_info_t: * gnutls_pkcs11_obj_info_t:
* @GNUTLS_PKCS11_OBJ_ID_HEX: The object ID in hex. * @GNUTLS_PKCS11_OBJ_ID_HEX: The object ID in hex.
* @GNUTLS_PKCS11_OBJ_LABEL: The object label. * @GNUTLS_PKCS11_OBJ_LABEL: The object label.
* @GNUTLS_PKCS11_OBJ_TOKEN_LABEL: The token's label. * @GNUTLS_PKCS11_OBJ_TOKEN_LABEL: The token's label.
* @GNUTLS_PKCS11_OBJ_TOKEN_SERIAL: The token's serial number. * @GNUTLS_PKCS11_OBJ_TOKEN_SERIAL: The token's serial number.
* @GNUTLS_PKCS11_OBJ_TOKEN_MANUFACTURER: The token's manufacturer. * @GNUTLS_PKCS11_OBJ_TOKEN_MANUFACTURER: The token's manufacturer.
* @GNUTLS_PKCS11_OBJ_TOKEN_MODEL: The token's model. * @GNUTLS_PKCS11_OBJ_TOKEN_MODEL: The token's model.
* @GNUTLS_PKCS11_OBJ_ID: The object ID. * @GNUTLS_PKCS11_OBJ_ID: The object ID.
* @GNUTLS_PKCS11_OBJ_LIBRARY_VERSION: The library's used to access the o * @GNUTLS_PKCS11_OBJ_LIBRARY_VERSION: The library's used to access the obj
bject version. ect version.
* @GNUTLS_PKCS11_OBJ_LIBRARY_DESCRIPTION: The library's used to access t * @GNUTLS_PKCS11_OBJ_LIBRARY_DESCRIPTION: The library's used to access the
he object description (name). object description (name).
* @GNUTLS_PKCS11_OBJ_LIBRARY_MANUFACTURER: The library's used to access * @GNUTLS_PKCS11_OBJ_LIBRARY_MANUFACTURER: The library's used to access th
the object manufacturer name. e object manufacturer name.
* *
* Enumeration of several object information types. * Enumeration of several object information types.
*/ */
typedef enum typedef enum
{ {
GNUTLS_PKCS11_OBJ_ID_HEX = 1, GNUTLS_PKCS11_OBJ_ID_HEX = 1,
GNUTLS_PKCS11_OBJ_LABEL, GNUTLS_PKCS11_OBJ_LABEL,
GNUTLS_PKCS11_OBJ_TOKEN_LABEL, GNUTLS_PKCS11_OBJ_TOKEN_LABEL,
GNUTLS_PKCS11_OBJ_TOKEN_SERIAL, GNUTLS_PKCS11_OBJ_TOKEN_SERIAL,
GNUTLS_PKCS11_OBJ_TOKEN_MANUFACTURER, GNUTLS_PKCS11_OBJ_TOKEN_MANUFACTURER,
GNUTLS_PKCS11_OBJ_TOKEN_MODEL, GNUTLS_PKCS11_OBJ_TOKEN_MODEL,
GNUTLS_PKCS11_OBJ_ID, GNUTLS_PKCS11_OBJ_ID,
/* the pkcs11 provider library info */ /* the pkcs11 provider library info */
GNUTLS_PKCS11_OBJ_LIBRARY_VERSION, GNUTLS_PKCS11_OBJ_LIBRARY_VERSION,
GNUTLS_PKCS11_OBJ_LIBRARY_DESCRIPTION, GNUTLS_PKCS11_OBJ_LIBRARY_DESCRIPTION,
GNUTLS_PKCS11_OBJ_LIBRARY_MANUFACTURER GNUTLS_PKCS11_OBJ_LIBRARY_MANUFACTURER
} gnutls_pkcs11_obj_info_t; } gnutls_pkcs11_obj_info_t;
int gnutls_pkcs11_obj_get_info (gnutls_pkcs11_obj_t crt, int gnutls_pkcs11_obj_get_info (gnutls_pkcs11_obj_t crt,
gnutls_pkcs11_obj_info_t itype, void *outpu t, gnutls_pkcs11_obj_info_t itype, void *outpu t,
size_t * output_size); size_t * output_size);
/** /**
* gnutls_pkcs11_obj_attr_t: * gnutls_pkcs11_obj_attr_t:
* @GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL: Specify all certificates. * @GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL: Specify all certificates.
* @GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED: Specify all certificates marked a * @GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED: Specify all certificates marked as
s trusted. trusted.
* @GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY: Specify all certificates wit * @GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY: Specify all certificates with
h a corresponding private key. a corresponding private key.
* @GNUTLS_PKCS11_OBJ_ATTR_PUBKEY: Specify all public keys. * @GNUTLS_PKCS11_OBJ_ATTR_PUBKEY: Specify all public keys.
* @GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY: Specify all private keys. * @GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY: Specify all private keys.
* @GNUTLS_PKCS11_OBJ_ATTR_ALL: Specify all objects. * @GNUTLS_PKCS11_OBJ_ATTR_ALL: Specify all objects.
* *
* Enumeration of several attributes for object enumeration. * Enumeration of several attributes for object enumeration.
*/ */
typedef enum typedef enum
{ {
GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL = 1, /* all certificates */ GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL = 1, /* all certificates */
GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED, /* certificates marked as trusted * GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED, /* certificates marked as trusted
/ */
GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY, /* certificates with corres GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY, /* certificates with corr
ponding private key */ esponding private key */
GNUTLS_PKCS11_OBJ_ATTR_PUBKEY, /* public keys */ GNUTLS_PKCS11_OBJ_ATTR_PUBKEY, /* public keys */
GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY, /* private keys */ GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY, /* private keys */
GNUTLS_PKCS11_OBJ_ATTR_ALL /* everything! */ GNUTLS_PKCS11_OBJ_ATTR_ALL /* everything! */
} gnutls_pkcs11_obj_attr_t; } gnutls_pkcs11_obj_attr_t;
/** /**
* gnutls_pkcs11_token_info_t: * gnutls_pkcs11_token_info_t:
* @GNUTLS_PKCS11_TOKEN_LABEL: The token's label * @GNUTLS_PKCS11_TOKEN_LABEL: The token's label
* @GNUTLS_PKCS11_TOKEN_SERIAL: The token's serial number * @GNUTLS_PKCS11_TOKEN_SERIAL: The token's serial number
* @GNUTLS_PKCS11_TOKEN_MANUFACTURER: The token's manufacturer * @GNUTLS_PKCS11_TOKEN_MANUFACTURER: The token's manufacturer
* @GNUTLS_PKCS11_TOKEN_MODEL: The token's model * @GNUTLS_PKCS11_TOKEN_MODEL: The token's model
* *
* Enumeration of types for retrieving token information. * Enumeration of types for retrieving token information.
*/ */
typedef enum typedef enum
{ {
GNUTLS_PKCS11_TOKEN_LABEL, GNUTLS_PKCS11_TOKEN_LABEL,
GNUTLS_PKCS11_TOKEN_SERIAL, GNUTLS_PKCS11_TOKEN_SERIAL,
GNUTLS_PKCS11_TOKEN_MANUFACTURER, GNUTLS_PKCS11_TOKEN_MANUFACTURER,
GNUTLS_PKCS11_TOKEN_MODEL GNUTLS_PKCS11_TOKEN_MODEL
} gnutls_pkcs11_token_info_t; } gnutls_pkcs11_token_info_t;
/** /**
* gnutls_pkcs11_obj_type_t: * gnutls_pkcs11_obj_type_t:
* @GNUTLS_PKCS11_OBJ_UNKNOWN: Unknown PKCS11 object. * @GNUTLS_PKCS11_OBJ_UNKNOWN: Unknown PKCS11 object.
* @GNUTLS_PKCS11_OBJ_X509_CRT: X.509 certificate. * @GNUTLS_PKCS11_OBJ_X509_CRT: X.509 certificate.
* @GNUTLS_PKCS11_OBJ_PUBKEY: Public key. * @GNUTLS_PKCS11_OBJ_PUBKEY: Public key.
* @GNUTLS_PKCS11_OBJ_PRIVKEY: Private key. * @GNUTLS_PKCS11_OBJ_PRIVKEY: Private key.
* @GNUTLS_PKCS11_OBJ_SECRET_KEY: Secret key. * @GNUTLS_PKCS11_OBJ_SECRET_KEY: Secret key.
* @GNUTLS_PKCS11_OBJ_DATA: Data object. * @GNUTLS_PKCS11_OBJ_DATA: Data object.
* *
* Enumeration of object types. * Enumeration of object types.
*/ */
typedef enum typedef enum
{ {
GNUTLS_PKCS11_OBJ_UNKNOWN, GNUTLS_PKCS11_OBJ_UNKNOWN,
GNUTLS_PKCS11_OBJ_X509_CRT, GNUTLS_PKCS11_OBJ_X509_CRT,
GNUTLS_PKCS11_OBJ_PUBKEY, GNUTLS_PKCS11_OBJ_PUBKEY,
GNUTLS_PKCS11_OBJ_PRIVKEY, GNUTLS_PKCS11_OBJ_PRIVKEY,
GNUTLS_PKCS11_OBJ_SECRET_KEY, GNUTLS_PKCS11_OBJ_SECRET_KEY,
GNUTLS_PKCS11_OBJ_DATA GNUTLS_PKCS11_OBJ_DATA
} gnutls_pkcs11_obj_type_t; } gnutls_pkcs11_obj_type_t;
int int
gnutls_pkcs11_token_init (const char *token_url, gnutls_pkcs11_token_init (const char *token_url,
const char *so_pin, const char *label); const char *so_pin, const char *label);
int int
gnutls_pkcs11_token_get_mechanism (const char *url, int idx, gnutls_pkcs11_token_get_mechanism (const char *url, int idx,
unsigned long *mechanism); unsigned long *mechanism);
int gnutls_pkcs11_token_set_pin (const char *token_url, const char *oldpin, int gnutls_pkcs11_token_set_pin (const char *token_url,
const char *newpin, unsigned int flags /*gnutls_pkcs11_pin_flag_t */ const char *oldpin,
); const char *newpin,
unsigned int flags /*gnutls_pkcs11_pin_fla
g_t */
);
int gnutls_pkcs11_token_get_url (unsigned int seq, int gnutls_pkcs11_token_get_url (unsigned int seq,
gnutls_pkcs11_url_type_t detailed, gnutls_pkcs11_url_type_t detailed,
char **url); char **url);
int gnutls_pkcs11_token_get_info (const char *url, gnutls_pkcs11_token_info int gnutls_pkcs11_token_get_info (const char *url,
_t ttype, gnutls_pkcs11_token_info_t ttype,
void *output, size_t * output_size); void *output, size_t * output_size);
#define GNUTLS_PKCS11_TOKEN_HW 1 #define GNUTLS_PKCS11_TOKEN_HW 1
int gnutls_pkcs11_token_get_flags (const char *url, unsigned int *flags); int gnutls_pkcs11_token_get_flags (const char *url, unsigned int *flags);
int gnutls_pkcs11_obj_list_import_url (gnutls_pkcs11_obj_t * p_list, int gnutls_pkcs11_obj_list_import_url (gnutls_pkcs11_obj_t * p_list,
unsigned int *const n_list, unsigned int *const n_list,
const char *url, const char *url,
gnutls_pkcs11_obj_attr_t attrs, gnutls_pkcs11_obj_attr_t attrs,
unsigned int flags unsigned int flags
/* GNUTLS_PKCS11_OBJ_FLAG_* */ ); /* GNUTLS_PKCS11_OBJ_FLAG_* */ );
int gnutls_x509_crt_import_pkcs11 (gnutls_x509_crt_t crt, int gnutls_x509_crt_import_pkcs11 (gnutls_x509_crt_t crt,
gnutls_pkcs11_obj_t pkcs11_crt); gnutls_pkcs11_obj_t pkcs11_crt);
int gnutls_x509_crt_import_pkcs11_url (gnutls_x509_crt_t crt, const char *u rl, int gnutls_x509_crt_import_pkcs11_url (gnutls_x509_crt_t crt, const char *u rl,
unsigned int flags unsigned int flags
/* GNUTLS_PKCS11_OBJ_FLAG_* */ ); /* GNUTLS_PKCS11_OBJ_FLAG_* */ );
gnutls_pkcs11_obj_type_t gnutls_pkcs11_obj_get_type (gnutls_pkcs11_obj_t gnutls_pkcs11_obj_type_t gnutls_pkcs11_obj_get_type (gnutls_pkcs11_obj_t ob
certificate); j);
const char *gnutls_pkcs11_type_get_name (gnutls_pkcs11_obj_type_t); const char *gnutls_pkcs11_type_get_name (gnutls_pkcs11_obj_type_t type);
int gnutls_x509_crt_list_import_pkcs11 (gnutls_x509_crt_t * certs, unsigned int gnutls_x509_crt_list_import_pkcs11 (gnutls_x509_crt_t * certs,
int cert_max, unsigned int cert_max,
gnutls_pkcs11_obj_t * const objs, unsigned int flags /* must be zero */) gnutls_pkcs11_obj_t * const objs,
; unsigned int flags /* must be zero
*/);
/* private key functions...*/ /* private key functions...*/
int gnutls_pkcs11_privkey_init (gnutls_pkcs11_privkey_t * key); int gnutls_pkcs11_privkey_init (gnutls_pkcs11_privkey_t * key);
void gnutls_pkcs11_privkey_deinit (gnutls_pkcs11_privkey_t key); void gnutls_pkcs11_privkey_deinit (gnutls_pkcs11_privkey_t key);
int gnutls_pkcs11_privkey_get_pk_algorithm (gnutls_pkcs11_privkey_t key, int gnutls_pkcs11_privkey_get_pk_algorithm (gnutls_pkcs11_privkey_t key,
unsigned int *bits); unsigned int *bits);
int gnutls_pkcs11_privkey_get_info (gnutls_pkcs11_privkey_t pkey, int gnutls_pkcs11_privkey_get_info (gnutls_pkcs11_privkey_t pkey,
gnutls_pkcs11_obj_info_t itype, gnutls_pkcs11_obj_info_t itype,
void *output, size_t * output_size); void *output, size_t * output_size);
int gnutls_pkcs11_privkey_import_url (gnutls_pkcs11_privkey_t pkey, int gnutls_pkcs11_privkey_import_url (gnutls_pkcs11_privkey_t pkey,
const char *url, unsigned int flags); const char *url, unsigned int flags);
int gnutls_pkcs11_privkey_export_url (gnutls_pkcs11_privkey_t key, int gnutls_pkcs11_privkey_export_url (gnutls_pkcs11_privkey_t key,
gnutls_pkcs11_url_type_t detailed, gnutls_pkcs11_url_type_t detailed,
char **url); char **url);
/** @} */
#endif #endif
 End of changes. 21 change blocks. 
132 lines changed or deleted 169 lines changed or added


 pkcs12.h (2.12.23)   pkcs12.h (3.0.1) 
/* /*
* Copyright (C) 2003, 2004, 2005, 2007, 2008, 2009, 2010 Free Software * Copyright (C) 2003-2011 Free Software Foundation, Inc.
* Foundation, Inc.
* *
* Author: Nikos Mavrogiannopoulos * Author: Nikos Mavrogiannopoulos
* *
* This file is part of GnuTLS. * This file is part of GnuTLS.
* *
* The GnuTLS is free software; you can redistribute it and/or * The GnuTLS is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public License * modify it under the terms of the GNU Lesser General Public License
* as published by the Free Software Foundation; either version 2.1 of * as published by the Free Software Foundation; either version 3 of
* the License, or (at your option) any later version. * the License, or (at your option) any later version.
* *
* This library is distributed in the hope that it will be useful, but * This library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details. * Lesser General Public License for more details.
* *
* You should have received a copy of the GNU Lesser General Public * You should have received a copy of the GNU Lesser General Public License
* License along with this library; if not, write to the Free Software * along with this program. If not, see <http://www.gnu.org/licenses/>
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
* USA
* *
*/ */
#ifndef GNUTLS_PKCS12_H #ifndef GNUTLS_PKCS12_H
#define GNUTLS_PKCS12_H #define GNUTLS_PKCS12_H
#include <gnutls/x509.h> #include <gnutls/x509.h>
#ifdef __cplusplus #ifdef __cplusplus
extern "C" extern "C"
 End of changes. 3 change blocks. 
7 lines changed or deleted 4 lines changed or added


 x509.h (2.12.23)   x509.h (3.0.1) 
/* /*
* Copyright (C) 2003, 2004, 2005, 2007, 2008, 2009, 2010 Free Software * Copyright (C) 2003-2011 Free Software Foundation, Inc.
* Foundation, Inc.
* *
* Author: Nikos Mavrogiannopoulos * Author: Nikos Mavrogiannopoulos
* *
* This file is part of GnuTLS. * This file is part of GnuTLS.
* *
* The GnuTLS is free software; you can redistribute it and/or * The GnuTLS is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public License * modify it under the terms of the GNU Lesser General Public License
* as published by the Free Software Foundation; either version 2.1 of * as published by the Free Software Foundation; either version 3 of
* the License, or (at your option) any later version. * the License, or (at your option) any later version.
* *
* This library is distributed in the hope that it will be useful, but * This library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of * WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details. * Lesser General Public License for more details.
* *
* You should have received a copy of the GNU Lesser General Public * You should have received a copy of the GNU Lesser General Public License
* License along with this library; if not, write to the Free Software * along with this program. If not, see <http://www.gnu.org/licenses/>
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
* USA
* *
*/ */
/* This file contains the types and prototypes for the X.509 /* This file contains the types and prototypes for the X.509
* certificate and CRL handling functions. * certificate and CRL handling functions.
*/ */
#ifndef GNUTLS_X509_H #ifndef GNUTLS_X509_H
#define GNUTLS_X509_H #define GNUTLS_X509_H
skipping to change at line 112 skipping to change at line 109
{ {
GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED = 1, GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED = 1,
GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED = 2 GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED = 2
} gnutls_certificate_import_flags; } gnutls_certificate_import_flags;
int gnutls_x509_crt_init (gnutls_x509_crt_t * cert); int gnutls_x509_crt_init (gnutls_x509_crt_t * cert);
void gnutls_x509_crt_deinit (gnutls_x509_crt_t cert); void gnutls_x509_crt_deinit (gnutls_x509_crt_t cert);
int gnutls_x509_crt_import (gnutls_x509_crt_t cert, int gnutls_x509_crt_import (gnutls_x509_crt_t cert,
const gnutls_datum_t * data, const gnutls_datum_t * data,
gnutls_x509_crt_fmt_t format); gnutls_x509_crt_fmt_t format);
int gnutls_x509_crt_list_import2 (gnutls_x509_crt_t ** certs,
unsigned int * size,
const gnutls_datum_t * data,
gnutls_x509_crt_fmt_t format, unsigned int fla
gs);
int gnutls_x509_crt_list_import (gnutls_x509_crt_t * certs, int gnutls_x509_crt_list_import (gnutls_x509_crt_t * certs,
unsigned int *cert_max, unsigned int *cert_max,
const gnutls_datum_t * data, const gnutls_datum_t * data,
gnutls_x509_crt_fmt_t format, gnutls_x509_crt_fmt_t format,
unsigned int flags); unsigned int flags);
int gnutls_x509_crt_export (gnutls_x509_crt_t cert, int gnutls_x509_crt_export (gnutls_x509_crt_t cert,
gnutls_x509_crt_fmt_t format, gnutls_x509_crt_fmt_t format,
void *output_data, size_t * output_data_size) ; void *output_data, size_t * output_data_size) ;
int gnutls_x509_crt_get_issuer_dn (gnutls_x509_crt_t cert, char *buf, int gnutls_x509_crt_get_issuer_dn (gnutls_x509_crt_t cert, char *buf,
size_t * sizeof_buf); size_t * sizeof_buf);
skipping to change at line 192 skipping to change at line 193
type, const void *data, type, const void *data,
unsigned int data_size, unsigned int data_size,
unsigned int reason_flags); unsigned int reason_flags);
int gnutls_x509_crt_set_crl_dist_points (gnutls_x509_crt_t crt, int gnutls_x509_crt_set_crl_dist_points (gnutls_x509_crt_t crt,
gnutls_x509_subject_alt_name_t gnutls_x509_subject_alt_name_t
type, const void *data_string, type, const void *data_string,
unsigned int reason_flags); unsigned int reason_flags);
int gnutls_x509_crt_cpy_crl_dist_points (gnutls_x509_crt_t dst, int gnutls_x509_crt_cpy_crl_dist_points (gnutls_x509_crt_t dst,
gnutls_x509_crt_t src); gnutls_x509_crt_t src);
int gnutls_x509_crl_sign2 (gnutls_x509_crl_t crl,
gnutls_x509_crt_t issuer,
gnutls_x509_privkey_t issuer_key,
gnutls_digest_algorithm_t dig,
unsigned int flags);
time_t gnutls_x509_crt_get_activation_time (gnutls_x509_crt_t cert); time_t gnutls_x509_crt_get_activation_time (gnutls_x509_crt_t cert);
time_t gnutls_x509_crt_get_expiration_time (gnutls_x509_crt_t cert); time_t gnutls_x509_crt_get_expiration_time (gnutls_x509_crt_t cert);
int gnutls_x509_crt_get_serial (gnutls_x509_crt_t cert, void *result, int gnutls_x509_crt_get_serial (gnutls_x509_crt_t cert, void *result,
size_t * result_size); size_t * result_size);
int gnutls_x509_crt_get_pk_algorithm (gnutls_x509_crt_t cert, int gnutls_x509_crt_get_pk_algorithm (gnutls_x509_crt_t cert,
unsigned int *bits); unsigned int *bits);
int gnutls_x509_crt_get_pk_rsa_raw (gnutls_x509_crt_t crt, int gnutls_x509_crt_get_pk_rsa_raw (gnutls_x509_crt_t crt,
gnutls_datum_t * m, gnutls_datum_t * e); gnutls_datum_t * m, gnutls_datum_t * e);
int gnutls_x509_crt_get_pk_dsa_raw (gnutls_x509_crt_t crt, int gnutls_x509_crt_get_pk_dsa_raw (gnutls_x509_crt_t crt,
skipping to change at line 432 skipping to change at line 439
int gnutls_x509_crl_get_crt_count (gnutls_x509_crl_t crl); int gnutls_x509_crl_get_crt_count (gnutls_x509_crl_t crl);
int gnutls_x509_crl_get_crt_serial (gnutls_x509_crl_t crl, int indx, int gnutls_x509_crl_get_crt_serial (gnutls_x509_crl_t crl, int indx,
unsigned char *serial, unsigned char *serial,
size_t * serial_size, time_t * t); size_t * serial_size, time_t * t);
#define gnutls_x509_crl_get_certificate_count gnutls_x509_crl_get_crt_count #define gnutls_x509_crl_get_certificate_count gnutls_x509_crl_get_crt_count
#define gnutls_x509_crl_get_certificate gnutls_x509_crl_get_crt_serial #define gnutls_x509_crl_get_certificate gnutls_x509_crl_get_crt_serial
int gnutls_x509_crl_check_issuer (gnutls_x509_crl_t crl, int gnutls_x509_crl_check_issuer (gnutls_x509_crl_t crl,
gnutls_x509_crt_t issuer); gnutls_x509_crt_t issuer);
int gnutls_x509_crl_list_import2 (gnutls_x509_crl_t ** crls,
unsigned int * size,
const gnutls_datum_t * data,
gnutls_x509_crt_fmt_t format, unsigned int fla
gs);
int gnutls_x509_crl_list_import (gnutls_x509_crl_t * crls,
unsigned int *crl_max,
const gnutls_datum_t * data,
gnutls_x509_crt_fmt_t format,
unsigned int flags);
/* CRL writing. /* CRL writing.
*/ */
int gnutls_x509_crl_set_version (gnutls_x509_crl_t crl, int gnutls_x509_crl_set_version (gnutls_x509_crl_t crl,
unsigned int version); unsigned int version);
int gnutls_x509_crl_set_this_update (gnutls_x509_crl_t crl, int gnutls_x509_crl_set_this_update (gnutls_x509_crl_t crl,
time_t act_time); time_t act_time);
int gnutls_x509_crl_set_next_update (gnutls_x509_crl_t crl, int gnutls_x509_crl_set_next_update (gnutls_x509_crl_t crl,
time_t exp_time); time_t exp_time);
int gnutls_x509_crl_set_crt_serial (gnutls_x509_crl_t crl, int gnutls_x509_crl_set_crt_serial (gnutls_x509_crl_t crl,
const void *serial, const void *serial,
skipping to change at line 532 skipping to change at line 549
* dangerous since those haven't the basicConstraints * dangerous since those haven't the basicConstraints
* extension. Must be used in combination with * extension. Must be used in combination with
* %GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT. * %GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT.
* @GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2: Allow certificates to be signed * @GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2: Allow certificates to be signed
* using the broken MD2 algorithm. * using the broken MD2 algorithm.
* @GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5: Allow certificates to be signed * @GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5: Allow certificates to be signed
* using the broken MD5 algorithm. * using the broken MD5 algorithm.
* @GNUTLS_VERIFY_DISABLE_TIME_CHECKS: Disable checking of activation * @GNUTLS_VERIFY_DISABLE_TIME_CHECKS: Disable checking of activation
* and expiration validity periods of certificate chains. Don't set * and expiration validity periods of certificate chains. Don't set
* this unless you understand the security implications. * this unless you understand the security implications.
* @GNUTLS_VERIFY_DISABLE_CRL_CHECKS: Disable checking for validity
* using certificate revocation lists.
* *
* Enumeration of different certificate verify flags. * Enumeration of different certificate verify flags.
*/ */
typedef enum gnutls_certificate_verify_flags typedef enum gnutls_certificate_verify_flags
{ {
GNUTLS_VERIFY_DISABLE_CA_SIGN = 1, GNUTLS_VERIFY_DISABLE_CA_SIGN = 1,
GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT = 2, GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT = 2,
GNUTLS_VERIFY_DO_NOT_ALLOW_SAME = 4, GNUTLS_VERIFY_DO_NOT_ALLOW_SAME = 4,
GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT = 8, GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT = 8,
GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2 = 16, GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2 = 16,
GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5 = 32, GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5 = 32,
GNUTLS_VERIFY_DISABLE_TIME_CHECKS = 64, GNUTLS_VERIFY_DISABLE_TIME_CHECKS = 64,
GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS = 128, GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS = 128,
GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT = 256 GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT = 256,
GNUTLS_VERIFY_DISABLE_CRL_CHECKS = 512,
} gnutls_certificate_verify_flags; } gnutls_certificate_verify_flags;
int gnutls_x509_crt_check_issuer (gnutls_x509_crt_t cert, int gnutls_x509_crt_check_issuer (gnutls_x509_crt_t cert,
gnutls_x509_crt_t issuer); gnutls_x509_crt_t issuer);
int gnutls_x509_crt_list_verify (const gnutls_x509_crt_t * cert_list, int gnutls_x509_crt_list_verify (const gnutls_x509_crt_t * cert_list,
int cert_list_length, int cert_list_length,
const gnutls_x509_crt_t * CA_list, const gnutls_x509_crt_t * CA_list,
int CA_list_length, int CA_list_length,
const gnutls_x509_crl_t * CRL_list, const gnutls_x509_crl_t * CRL_list,
skipping to change at line 653 skipping to change at line 673
const gnutls_datum_t * u); const gnutls_datum_t * u);
int gnutls_x509_privkey_import_rsa_raw2 (gnutls_x509_privkey_t key, int gnutls_x509_privkey_import_rsa_raw2 (gnutls_x509_privkey_t key,
const gnutls_datum_t * m, const gnutls_datum_t * m,
const gnutls_datum_t * e, const gnutls_datum_t * e,
const gnutls_datum_t * d, const gnutls_datum_t * d,
const gnutls_datum_t * p, const gnutls_datum_t * p,
const gnutls_datum_t * q, const gnutls_datum_t * q,
const gnutls_datum_t * u, const gnutls_datum_t * u,
const gnutls_datum_t * e1, const gnutls_datum_t * e1,
const gnutls_datum_t * e2); const gnutls_datum_t * e2);
int gnutls_x509_privkey_import_ecc_raw (gnutls_x509_privkey_t key,
gnutls_ecc_curve_t curve,
const gnutls_datum_t * x,
const gnutls_datum_t * y,
const gnutls_datum_t * k);
int gnutls_x509_privkey_fix (gnutls_x509_privkey_t key); int gnutls_x509_privkey_fix (gnutls_x509_privkey_t key);
int gnutls_x509_privkey_export_dsa_raw (gnutls_x509_privkey_t key, int gnutls_x509_privkey_export_dsa_raw (gnutls_x509_privkey_t key,
gnutls_datum_t * p, gnutls_datum_t * p,
gnutls_datum_t * q, gnutls_datum_t * q,
gnutls_datum_t * g, gnutls_datum_t * g,
gnutls_datum_t * y, gnutls_datum_t * y,
gnutls_datum_t * x); gnutls_datum_t * x);
int gnutls_x509_privkey_import_dsa_raw (gnutls_x509_privkey_t key, int gnutls_x509_privkey_import_dsa_raw (gnutls_x509_privkey_t key,
const gnutls_datum_t * p, const gnutls_datum_t * p,
skipping to change at line 704 skipping to change at line 730
gnutls_datum_t * u, gnutls_datum_t * u,
gnutls_datum_t * e1, gnutls_datum_t * e1,
gnutls_datum_t * e2); gnutls_datum_t * e2);
int gnutls_x509_privkey_export_rsa_raw (gnutls_x509_privkey_t key, int gnutls_x509_privkey_export_rsa_raw (gnutls_x509_privkey_t key,
gnutls_datum_t * m, gnutls_datum_t * m,
gnutls_datum_t * e, gnutls_datum_t * e,
gnutls_datum_t * d, gnutls_datum_t * d,
gnutls_datum_t * p, gnutls_datum_t * p,
gnutls_datum_t * q, gnutls_datum_t * q,
gnutls_datum_t * u); gnutls_datum_t * u);
int gnutls_x509_privkey_export_ecc_raw (gnutls_x509_privkey_t key,
gnutls_ecc_curve_t *curve,
gnutls_datum_t * x, gnutls_datum_
t * y,
gnutls_datum_t* k);
/* Certificate request stuff. /* Certificate request stuff.
*/ */
int gnutls_x509_crq_sign2 (gnutls_x509_crq_t crq,
gnutls_x509_privkey_t key,
gnutls_digest_algorithm_t dig,
unsigned int flags);
int gnutls_x509_crq_print (gnutls_x509_crq_t crq, int gnutls_x509_crq_print (gnutls_x509_crq_t crq,
gnutls_certificate_print_formats_t format, gnutls_certificate_print_formats_t format,
gnutls_datum_t * out); gnutls_datum_t * out);
int gnutls_x509_crq_verify (gnutls_x509_crq_t crq, unsigned int flags); int gnutls_x509_crq_verify (gnutls_x509_crq_t crq, unsigned int flags);
int gnutls_x509_crq_init (gnutls_x509_crq_t * crq); int gnutls_x509_crq_init (gnutls_x509_crq_t * crq);
void gnutls_x509_crq_deinit (gnutls_x509_crq_t crq); void gnutls_x509_crq_deinit (gnutls_x509_crq_t crq);
int gnutls_x509_crq_import (gnutls_x509_crq_t crq, int gnutls_x509_crq_import (gnutls_x509_crq_t crq,
const gnutls_datum_t * data, const gnutls_datum_t * data,
skipping to change at line 821 skipping to change at line 855
int gnutls_x509_crq_get_subject_alt_othername_oid (gnutls_x509_crq_t crq, int gnutls_x509_crq_get_subject_alt_othername_oid (gnutls_x509_crq_t crq,
unsigned int seq, unsigned int seq,
void *ret, void *ret,
size_t * ret_size); size_t * ret_size);
int gnutls_x509_crq_get_extension_by_oid (gnutls_x509_crq_t crq, int gnutls_x509_crq_get_extension_by_oid (gnutls_x509_crq_t crq,
const char *oid, int indx, const char *oid, int indx,
void *buf, size_t * sizeof_buf, void *buf, size_t * sizeof_buf,
unsigned int *critical); unsigned int *critical);
typedef struct gnutls_x509_trust_list_st *gnutls_x509_trust_list_t;
int
gnutls_x509_trust_list_init (gnutls_x509_trust_list_t * list, unsigned in
t size);
void
gnutls_x509_trust_list_deinit (gnutls_x509_trust_list_t list, unsigned in
t all);
int gnutls_x509_trust_list_get_issuer(gnutls_x509_trust_list_t list,
gnutls_x509_crt_t cert, gnutls_x509_crt_t* issuer, unsigned int flags);
int
gnutls_x509_trust_list_add_cas (gnutls_x509_trust_list_t list,
const gnutls_x509_crt_t * clist, int clist_size, unsigned int flags);
int gnutls_x509_trust_list_add_named_crt (gnutls_x509_trust_list_t list,
gnutls_x509_crt_t cert, const void* name, size_t name_size, unsigned
int flags);
#define GNUTLS_TL_VERIFY_CRL 1
int
gnutls_x509_trust_list_add_crls (gnutls_x509_trust_list_t list,
const gnutls_x509_crl_t * crl_list, int crl_size, unsigned int flags,
unsigned int verification_flags);
typedef int gnutls_verify_output_function (
gnutls_x509_crt_t cert,
gnutls_x509_crt_t issuer, /* The issuer if verification failed
* because of him. might be null.
*/
gnutls_x509_crl_t crl, /* The CRL that caused verification failure
* if any. Might be null.
*/
unsigned int verification_output);
int gnutls_x509_trust_list_verify_named_crt (
gnutls_x509_trust_list_t list,
gnutls_x509_crt_t cert,
const void * name, size_t name_size,
unsigned int flags,
unsigned int *verify,
gnutls_verify_output_function func);
int
gnutls_x509_trust_list_verify_crt (
gnutls_x509_trust_list_t list,
gnutls_x509_crt_t *cert_list,
unsigned int cert_list_size,
unsigned int flags,
unsigned int *verify,
gnutls_verify_output_function func);
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* GNUTLS_X509_H */ #endif /* GNUTLS_X509_H */
 End of changes. 12 change blocks. 
9 lines changed or deleted 100 lines changed or added

This html diff was produced by rfcdiff 1.41.The latest version is available from http://tools.ietf.org/tools/rfcdiff/