ABI
Tracker

(GnuTLS)




Headers diff: 3.0.2 vs 3.0.3



 abstract.h (3.0.2)   abstract.h (3.0.3) 
skipping to change at line 66 skipping to change at line 66
gnutls_digest_algorithm_t * gnutls_digest_algorithm_t *
hash, unsigned int *mand); hash, unsigned int *mand);
int gnutls_pubkey_get_pk_rsa_raw (gnutls_pubkey_t key, int gnutls_pubkey_get_pk_rsa_raw (gnutls_pubkey_t key,
gnutls_datum_t * m, gnutls_datum_t * e); gnutls_datum_t * m, gnutls_datum_t * e);
int gnutls_pubkey_get_pk_dsa_raw (gnutls_pubkey_t key, int gnutls_pubkey_get_pk_dsa_raw (gnutls_pubkey_t key,
gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * p, gnutls_datum_t * q,
gnutls_datum_t * g, gnutls_datum_t * y); gnutls_datum_t * g, gnutls_datum_t * y);
int gnutls_pubkey_get_pk_ecc_raw (gnutls_pubkey_t key, gnutls_ecc_curve_t * curve, int gnutls_pubkey_get_pk_ecc_raw (gnutls_pubkey_t key, gnutls_ecc_curve_t * curve,
gnutls_datum_t * x, gnutls_datum_t * y); gnutls_datum_t * x, gnutls_datum_t * y);
int gnutls_pubkey_get_pk_ecc_x962 (gnutls_pubkey_t key, gnutls_datum_t* par
ameters,
gnutls_datum_t * ecpoint);
int gnutls_pubkey_export (gnutls_pubkey_t key, int gnutls_pubkey_export (gnutls_pubkey_t key,
gnutls_x509_crt_fmt_t format, gnutls_x509_crt_fmt_t format,
void *output_data, size_t * output_data_size); void *output_data, size_t * output_data_size);
int gnutls_pubkey_get_key_id (gnutls_pubkey_t key, unsigned int flags, int gnutls_pubkey_get_key_id (gnutls_pubkey_t key, unsigned int flags,
unsigned char *output_data, unsigned char *output_data,
size_t * output_data_size); size_t * output_data_size);
int int
skipping to change at line 100 skipping to change at line 102
/* GNUTLS_PKCS11_OBJ_FLAG_* */ ); /* GNUTLS_PKCS11_OBJ_FLAG_* */ );
int gnutls_pubkey_import_dsa_raw (gnutls_pubkey_t key, int gnutls_pubkey_import_dsa_raw (gnutls_pubkey_t key,
const gnutls_datum_t * p, const gnutls_datum_t * p,
const gnutls_datum_t * q, const gnutls_datum_t * q,
const gnutls_datum_t * g, const gnutls_datum_t * g,
const gnutls_datum_t * y); const gnutls_datum_t * y);
int gnutls_pubkey_import_rsa_raw (gnutls_pubkey_t key, int gnutls_pubkey_import_rsa_raw (gnutls_pubkey_t key,
const gnutls_datum_t * m, const gnutls_datum_t * m,
const gnutls_datum_t * e); const gnutls_datum_t * e);
int
gnutls_pubkey_import_ecc_x962 (gnutls_pubkey_t key,
const gnutls_datum_t * parameters,
const gnutls_datum_t * ecpoint);
int
gnutls_pubkey_import_ecc_raw (gnutls_pubkey_t key,
gnutls_ecc_curve_t curve,
const gnutls_datum_t * x,
const gnutls_datum_t * y);
int gnutls_x509_crt_set_pubkey (gnutls_x509_crt_t crt, gnutls_pubkey_t key) ; int gnutls_x509_crt_set_pubkey (gnutls_x509_crt_t crt, gnutls_pubkey_t key) ;
int gnutls_x509_crq_set_pubkey (gnutls_x509_crq_t crq, gnutls_pubkey_t key) ; int gnutls_x509_crq_set_pubkey (gnutls_x509_crq_t crq, gnutls_pubkey_t key) ;
#define GNUTLS_PUBKEY_VERIFY_FLAG_TLS_RSA 1 #define GNUTLS_PUBKEY_VERIFY_FLAG_TLS_RSA 1
int int
gnutls_pubkey_verify_hash (gnutls_pubkey_t key, unsigned int flags, gnutls_pubkey_verify_hash (gnutls_pubkey_t key, unsigned int flags,
const gnutls_datum_t * hash, const gnutls_datum_t * hash,
const gnutls_datum_t * signature); const gnutls_datum_t * signature);
int int
 End of changes. 2 change blocks. 
0 lines changed or deleted 14 lines changed or added


 compat.h (3.0.2)   compat.h (3.0.3) 
skipping to change at line 52 skipping to change at line 52
#endif /* __GNUC__ */ #endif /* __GNUC__ */
#ifndef _GNUTLS_GCC_ATTR_DEPRECATED #ifndef _GNUTLS_GCC_ATTR_DEPRECATED
#define _GNUTLS_GCC_ATTR_DEPRECATED #define _GNUTLS_GCC_ATTR_DEPRECATED
#endif #endif
/* gnutls_connection_end_t was made redundant in 2.99.0 */ /* gnutls_connection_end_t was made redundant in 2.99.0 */
#define gnutls_connection_end_t unsigned int #define gnutls_connection_end_t unsigned int
/* no longer valid since 2.99.0 */
#define gnutls_transport_set_lowat(session, num)
/* Stuff deprected in 2.x */ /* Stuff deprected in 2.x */
#define gnutls_cipher_algorithm gnutls_cipher_algorithm_t #define gnutls_cipher_algorithm gnutls_cipher_algorithm_t
#define gnutls_kx_algorithm gnutls_kx_algorithm_t #define gnutls_kx_algorithm gnutls_kx_algorithm_t
#define gnutls_paramsype gnutls_paramsype_t #define gnutls_paramsype gnutls_paramsype_t
#define gnutls_mac_algorithm gnutls_mac_algorithm_t #define gnutls_mac_algorithm gnutls_mac_algorithm_t
#define gnutls_digest_algorithm gnutls_digest_algorithm_t #define gnutls_digest_algorithm gnutls_digest_algorithm_t
#define gnutls_compression_method gnutls_compression_method_t #define gnutls_compression_method gnutls_compression_method_t
#define gnutls_connection_end gnutls_connection_end_t #define gnutls_connection_end gnutls_connection_end_t
#define gnutls_credentialsype gnutls_credentialsype_t #define gnutls_credentialsype gnutls_credentialsype_t
#define gnutls_certificateype gnutls_certificateype_t #define gnutls_certificateype gnutls_certificateype_t
skipping to change at line 292 skipping to change at line 289
_GNUTLS_GCC_ATTR_DEPRECATED; _GNUTLS_GCC_ATTR_DEPRECATED;
int gnutls_kx_set_priority (gnutls_session_t session, const int *list) int gnutls_kx_set_priority (gnutls_session_t session, const int *list)
_GNUTLS_GCC_ATTR_DEPRECATED; _GNUTLS_GCC_ATTR_DEPRECATED;
int gnutls_protocol_set_priority (gnutls_session_t session, int gnutls_protocol_set_priority (gnutls_session_t session,
const int *list) const int *list)
_GNUTLS_GCC_ATTR_DEPRECATED; _GNUTLS_GCC_ATTR_DEPRECATED;
int gnutls_certificate_type_set_priority (gnutls_session_t session, int gnutls_certificate_type_set_priority (gnutls_session_t session,
const int *list) const int *list)
_GNUTLS_GCC_ATTR_DEPRECATED; _GNUTLS_GCC_ATTR_DEPRECATED;
/* RSA params
*/
int gnutls_rsa_params_init (gnutls_rsa_params_t * rsa_params) _GNUTLS_GCC
_ATTR_DEPRECATED;
void gnutls_rsa_params_deinit (gnutls_rsa_params_t rsa_params) _GNUTLS_GC
C_ATTR_DEPRECATED;
int gnutls_rsa_params_cpy (gnutls_rsa_params_t dst,
gnutls_rsa_params_t src) _GNUTLS_GCC_ATTR_DEPR
ECATED;
int gnutls_rsa_params_import_raw (gnutls_rsa_params_t rsa_params,
const gnutls_datum_t * m,
const gnutls_datum_t * e,
const gnutls_datum_t * d,
const gnutls_datum_t * p,
const gnutls_datum_t * q,
const gnutls_datum_t * u);
int gnutls_rsa_params_generate2 (gnutls_rsa_params_t params,
unsigned int bits) _GNUTLS_GCC_ATTR_DEPR
ECATED;
int gnutls_rsa_params_export_raw (gnutls_rsa_params_t rsa,
gnutls_datum_t * m, gnutls_datum_t * e,
gnutls_datum_t * d, gnutls_datum_t * p,
gnutls_datum_t * q, gnutls_datum_t * u,
unsigned int *bits) _GNUTLS_GCC_ATTR_DE
PRECATED;
int gnutls_rsa_params_export_pkcs1 (gnutls_rsa_params_t params,
gnutls_x509_crt_fmt_t format,
unsigned char *params_data,
size_t * params_data_size) _GNUTLS_GC
C_ATTR_DEPRECATED;
int gnutls_rsa_params_import_pkcs1 (gnutls_rsa_params_t params,
const gnutls_datum_t * pkcs1_params,
gnutls_x509_crt_fmt_t format) _GNUTLS
_GCC_ATTR_DEPRECATED;
int gnutls_rsa_export_get_pubkey (gnutls_session_t session,
gnutls_datum_t * exponent,
gnutls_datum_t * modulus) _GNUTLS_GCC_A
TTR_DEPRECATED;
int gnutls_rsa_export_get_modulus_bits (gnutls_session_t session) _GNUTLS
_GCC_ATTR_DEPRECATED;
int gnutls_set_default_export_priority (gnutls_session_t session) _GNUTLS
_GCC_ATTR_DEPRECATED;
void
gnutls_certificate_set_rsa_export_params (gnutls_certificate_credential
s_t
res,
gnutls_rsa_params_t rsa_param
s) _GNUTLS_GCC_ATTR_DEPRECATED;
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* _GNUTLS_COMPAT_H */ #endif /* _GNUTLS_COMPAT_H */
 End of changes. 2 change blocks. 
3 lines changed or deleted 51 lines changed or added


 crypto.h (3.0.2)   crypto.h (3.0.3) 
skipping to change at line 31 skipping to change at line 31
*/ */
#ifndef GNUTLS_CRYPTO_H #ifndef GNUTLS_CRYPTO_H
#define GNUTLS_CRYPTO_H #define GNUTLS_CRYPTO_H
#ifdef __cplusplus #ifdef __cplusplus
extern "C" extern "C"
{ {
#endif #endif
typedef struct cipher_hd_st *gnutls_cipher_hd_t; typedef struct api_cipher_hd_st *gnutls_cipher_hd_t;
int gnutls_cipher_init (gnutls_cipher_hd_t * handle, int gnutls_cipher_init (gnutls_cipher_hd_t * handle,
gnutls_cipher_algorithm_t cipher, gnutls_cipher_algorithm_t cipher,
const gnutls_datum_t * key, const gnutls_datum_t * key,
const gnutls_datum_t * iv); const gnutls_datum_t * iv);
int gnutls_cipher_encrypt (const gnutls_cipher_hd_t handle, int gnutls_cipher_encrypt (const gnutls_cipher_hd_t handle,
void *text, size_t textlen); void *text, size_t textlen);
int gnutls_cipher_decrypt (const gnutls_cipher_hd_t handle, int gnutls_cipher_decrypt (const gnutls_cipher_hd_t handle,
void *ciphertext, size_t ciphertextlen); void *ciphertext, size_t ciphertextlen);
int gnutls_cipher_decrypt2 (gnutls_cipher_hd_t handle, int gnutls_cipher_decrypt2 (gnutls_cipher_hd_t handle,
 End of changes. 1 change blocks. 
1 lines changed or deleted 1 lines changed or added


 dtls.h (3.0.2)   dtls.h (3.0.3) 
skipping to change at line 48 skipping to change at line 48
void gnutls_dtls_set_timeouts (gnutls_session_t session, void gnutls_dtls_set_timeouts (gnutls_session_t session,
unsigned int retrans_timeout, unsigned int retrans_timeout,
unsigned int total_timeout); unsigned int total_timeout);
unsigned int gnutls_dtls_get_mtu (gnutls_session_t session); unsigned int gnutls_dtls_get_mtu (gnutls_session_t session);
unsigned int gnutls_dtls_get_data_mtu (gnutls_session_t session); unsigned int gnutls_dtls_get_data_mtu (gnutls_session_t session);
void gnutls_dtls_set_mtu (gnutls_session_t session, unsigned int mtu); void gnutls_dtls_set_mtu (gnutls_session_t session, unsigned int mtu);
/** /**
* gnutls_dtls_prestate_st: * gnutls_dtls_prestate_st:
* @record_seq: record sequence number * @record_seq: record sequence number
* @hsk_read_seq: handshake read sequence number * @hsk_read_seq: handshake read sequence number
* @hsk_write_seq: handshake write sequence number * @hsk_write_seq: handshake write sequence number
* *
* DTLS cookie prestate struct. This is usually never modified by * DTLS cookie prestate struct. This is usually never modified by
* the application, it is used to carry the cookie data between * the application, it is used to carry the cookie data between
* gnutls_dtls_cookie_send(), gnutls_dtls_cookie_verify() and * gnutls_dtls_cookie_send(), gnutls_dtls_cookie_verify() and
* gnutls_dtls_prestate_set(). * gnutls_dtls_prestate_set().
*/ */
typedef struct typedef struct
{ {
unsigned int record_seq; unsigned int record_seq;
unsigned int hsk_read_seq; unsigned int hsk_read_seq;
unsigned int hsk_write_seq; unsigned int hsk_write_seq;
} gnutls_dtls_prestate_st; } gnutls_dtls_prestate_st;
int gnutls_dtls_cookie_send (gnutls_datum_t* key, int gnutls_dtls_cookie_send (gnutls_datum_t* key,
void* client_data, size_t client_data_size, void* client_data, size_t client_data_size,
gnutls_dtls_prestate_st* prestate, gnutls_dtls_prestate_st* prestate,
skipping to change at line 80 skipping to change at line 80
gnutls_push_func push_func); gnutls_push_func push_func);
int gnutls_dtls_cookie_verify (gnutls_datum_t* key, int gnutls_dtls_cookie_verify (gnutls_datum_t* key,
void* client_data, size_t client_data_size, void* client_data, size_t client_data_size,
void* _msg, size_t msg_size, void* _msg, size_t msg_size,
gnutls_dtls_prestate_st* prestate); gnutls_dtls_prestate_st* prestate);
void gnutls_dtls_prestate_set (gnutls_session_t session, void gnutls_dtls_prestate_set (gnutls_session_t session,
gnutls_dtls_prestate_st* prestate); gnutls_dtls_prestate_st* prestate);
unsigned int gnutls_record_get_discarded (gnutls_session_t session);
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* GNUTLS_DTLS_H */ #endif /* GNUTLS_DTLS_H */
 End of changes. 2 change blocks. 
11 lines changed or deleted 12 lines changed or added


 gnutls.h (3.0.2)   gnutls.h (3.0.3) 
skipping to change at line 52 skipping to change at line 52
#include <sys/types.h> #include <sys/types.h>
/* *INDENT-ON* */ /* *INDENT-ON* */
#endif #endif
/* Get time_t. */ /* Get time_t. */
#include <time.h> #include <time.h>
#ifdef __cplusplus #ifdef __cplusplus
extern "C" extern "C"
{ {
#endif #endif
#define GNUTLS_VERSION "3.0.2" #define GNUTLS_VERSION "3.0.3"
#define GNUTLS_VERSION_MAJOR 3 #define GNUTLS_VERSION_MAJOR 3
#define GNUTLS_VERSION_MINOR 0 #define GNUTLS_VERSION_MINOR 0
#define GNUTLS_VERSION_PATCH 2 #define GNUTLS_VERSION_PATCH 3
#define GNUTLS_VERSION_NUMBER 0x030002 #define GNUTLS_VERSION_NUMBER 0x030003
#define GNUTLS_CIPHER_RIJNDAEL_128_CBC GNUTLS_CIPHER_AES_128_CBC #define GNUTLS_CIPHER_RIJNDAEL_128_CBC GNUTLS_CIPHER_AES_128_CBC
#define GNUTLS_CIPHER_RIJNDAEL_256_CBC GNUTLS_CIPHER_AES_256_CBC #define GNUTLS_CIPHER_RIJNDAEL_256_CBC GNUTLS_CIPHER_AES_256_CBC
#define GNUTLS_CIPHER_RIJNDAEL_CBC GNUTLS_CIPHER_AES_128_CBC #define GNUTLS_CIPHER_RIJNDAEL_CBC GNUTLS_CIPHER_AES_128_CBC
#define GNUTLS_CIPHER_ARCFOUR GNUTLS_CIPHER_ARCFOUR_128 #define GNUTLS_CIPHER_ARCFOUR GNUTLS_CIPHER_ARCFOUR_128
/** /**
* gnutls_cipher_algorithm_t: * gnutls_cipher_algorithm_t:
* @GNUTLS_CIPHER_UNKNOWN: Unknown algorithm. * @GNUTLS_CIPHER_UNKNOWN: Unknown algorithm.
* @GNUTLS_CIPHER_NULL: NULL algorithm. * @GNUTLS_CIPHER_NULL: NULL algorithm.
* @GNUTLS_CIPHER_ARCFOUR_128: ARCFOUR stream cipher with 128-bit keys. * @GNUTLS_CIPHER_ARCFOUR_128: ARCFOUR stream cipher with 128-bit keys.
* @GNUTLS_CIPHER_3DES_CBC: 3DES in CBC mode. * @GNUTLS_CIPHER_3DES_CBC: 3DES in CBC mode.
* @GNUTLS_CIPHER_AES_128_CBC: AES in CBC mode with 128-bit keys. * @GNUTLS_CIPHER_AES_128_CBC: AES in CBC mode with 128-bit keys.
* @GNUTLS_CIPHER_AES_192_CBC: AES in CBC mode with 192-bit keys. * @GNUTLS_CIPHER_AES_192_CBC: AES in CBC mode with 192-bit keys.
* @GNUTLS_CIPHER_AES_256_CBC: AES in CBC mode with 256-bit keys. * @GNUTLS_CIPHER_AES_256_CBC: AES in CBC mode with 256-bit keys.
* @GNUTLS_CIPHER_ARCFOUR_40: ARCFOUR stream cipher with 40-bit keys. * @GNUTLS_CIPHER_ARCFOUR_40: ARCFOUR stream cipher with 40-bit keys.
* @GNUTLS_CIPHER_CAMELLIA_128_CBC: Camellia in CBC mode with 128-bit key * @GNUTLS_CIPHER_CAMELLIA_128_CBC: Camellia in CBC mode with 128-bit keys.
s. * @GNUTLS_CIPHER_CAMELLIA_256_CBC: Camellia in CBC mode with 256-bit keys.
* @GNUTLS_CIPHER_CAMELLIA_256_CBC: Camellia in CBC mode with 256-bit key * @GNUTLS_CIPHER_RC2_40_CBC: RC2 in CBC mode with 40-bit keys.
s. * @GNUTLS_CIPHER_DES_CBC: DES in CBC mode (56-bit keys).
* @GNUTLS_CIPHER_RC2_40_CBC: RC2 in CBC mode with 40-bit keys. * @GNUTLS_CIPHER_AES_128_GCM: AES in GCM mode with 128-bit keys.
* @GNUTLS_CIPHER_DES_CBC: DES in CBC mode (56-bit keys). * @GNUTLS_CIPHER_AES_256_GCM: AES in GCM mode with 256-bit keys.
* @GNUTLS_CIPHER_AES_128_GCM: AES in GCM mode with 128-bit keys. * @GNUTLS_CIPHER_IDEA_PGP_CFB: IDEA in CFB mode.
* @GNUTLS_CIPHER_AES_256_GCM: AES in GCM mode with 256-bit keys. * @GNUTLS_CIPHER_3DES_PGP_CFB: 3DES in CFB mode.
* @GNUTLS_CIPHER_IDEA_PGP_CFB: IDEA in CFB mode. * @GNUTLS_CIPHER_CAST5_PGP_CFB: CAST5 in CFB mode.
* @GNUTLS_CIPHER_3DES_PGP_CFB: 3DES in CFB mode. * @GNUTLS_CIPHER_BLOWFISH_PGP_CFB: Blowfish in CFB mode.
* @GNUTLS_CIPHER_CAST5_PGP_CFB: CAST5 in CFB mode. * @GNUTLS_CIPHER_SAFER_SK128_PGP_CFB: Safer-SK in CFB mode with 128-bit ke
* @GNUTLS_CIPHER_BLOWFISH_PGP_CFB: Blowfish in CFB mode. ys.
* @GNUTLS_CIPHER_SAFER_SK128_PGP_CFB: Safer-SK in CFB mode with 128-bit * @GNUTLS_CIPHER_AES128_PGP_CFB: AES in CFB mode with 128-bit keys.
keys. * @GNUTLS_CIPHER_AES192_PGP_CFB: AES in CFB mode with 192-bit keys.
* @GNUTLS_CIPHER_AES128_PGP_CFB: AES in CFB mode with 128-bit keys. * @GNUTLS_CIPHER_AES256_PGP_CFB: AES in CFB mode with 256-bit keys.
* @GNUTLS_CIPHER_AES192_PGP_CFB: AES in CFB mode with 192-bit keys. * @GNUTLS_CIPHER_TWOFISH_PGP_CFB: Twofish in CFB mode.
* @GNUTLS_CIPHER_AES256_PGP_CFB: AES in CFB mode with 256-bit keys. *
* @GNUTLS_CIPHER_TWOFISH_PGP_CFB: Twofish in CFB mode. * Enumeration of different symmetric encryption algorithms.
* */
* Enumeration of different symmetric encryption algorithms.
*/
typedef enum gnutls_cipher_algorithm typedef enum gnutls_cipher_algorithm
{ {
GNUTLS_CIPHER_UNKNOWN = 0, GNUTLS_CIPHER_UNKNOWN = 0,
GNUTLS_CIPHER_NULL = 1, GNUTLS_CIPHER_NULL = 1,
GNUTLS_CIPHER_ARCFOUR_128 = 2, GNUTLS_CIPHER_ARCFOUR_128 = 2,
GNUTLS_CIPHER_3DES_CBC = 3, GNUTLS_CIPHER_3DES_CBC = 3,
GNUTLS_CIPHER_AES_128_CBC = 4, GNUTLS_CIPHER_AES_128_CBC = 4,
GNUTLS_CIPHER_AES_256_CBC = 5, GNUTLS_CIPHER_AES_256_CBC = 5,
GNUTLS_CIPHER_ARCFOUR_40 = 6, GNUTLS_CIPHER_ARCFOUR_40 = 6,
GNUTLS_CIPHER_CAMELLIA_128_CBC = 7, GNUTLS_CIPHER_CAMELLIA_128_CBC = 7,
skipping to change at line 123 skipping to change at line 123
GNUTLS_CIPHER_3DES_PGP_CFB = 201, GNUTLS_CIPHER_3DES_PGP_CFB = 201,
GNUTLS_CIPHER_CAST5_PGP_CFB = 202, GNUTLS_CIPHER_CAST5_PGP_CFB = 202,
GNUTLS_CIPHER_BLOWFISH_PGP_CFB = 203, GNUTLS_CIPHER_BLOWFISH_PGP_CFB = 203,
GNUTLS_CIPHER_SAFER_SK128_PGP_CFB = 204, GNUTLS_CIPHER_SAFER_SK128_PGP_CFB = 204,
GNUTLS_CIPHER_AES128_PGP_CFB = 205, GNUTLS_CIPHER_AES128_PGP_CFB = 205,
GNUTLS_CIPHER_AES192_PGP_CFB = 206, GNUTLS_CIPHER_AES192_PGP_CFB = 206,
GNUTLS_CIPHER_AES256_PGP_CFB = 207, GNUTLS_CIPHER_AES256_PGP_CFB = 207,
GNUTLS_CIPHER_TWOFISH_PGP_CFB = 208 GNUTLS_CIPHER_TWOFISH_PGP_CFB = 208
} gnutls_cipher_algorithm_t; } gnutls_cipher_algorithm_t;
/** /**
* gnutls_kx_algorithm_t: * gnutls_kx_algorithm_t:
* @GNUTLS_KX_UNKNOWN: Unknown key-exchange algorithm. * @GNUTLS_KX_UNKNOWN: Unknown key-exchange algorithm.
* @GNUTLS_KX_RSA: RSA key-exchange algorithm. * @GNUTLS_KX_RSA: RSA key-exchange algorithm.
* @GNUTLS_KX_DHE_DSS: DHE-DSS key-exchange algorithm. * @GNUTLS_KX_DHE_DSS: DHE-DSS key-exchange algorithm.
* @GNUTLS_KX_DHE_RSA: DHE-RSA key-exchange algorithm. * @GNUTLS_KX_DHE_RSA: DHE-RSA key-exchange algorithm.
* @GNUTLS_KX_ECDHE_RSA: ECDHE-RSA key-exchange algorithm. * @GNUTLS_KX_ECDHE_RSA: ECDHE-RSA key-exchange algorithm.
* @GNUTLS_KX_ECDHE_ECDSA: ECDHE-ECDSA key-exchange algorithm. * @GNUTLS_KX_ECDHE_ECDSA: ECDHE-ECDSA key-exchange algorithm.
* @GNUTLS_KX_ANON_DH: Anon-DH key-exchange algorithm. * @GNUTLS_KX_ANON_DH: Anon-DH key-exchange algorithm.
* @GNUTLS_KX_ANON_ECDH: Anon-ECDH key-exchange algorithm. * @GNUTLS_KX_ANON_ECDH: Anon-ECDH key-exchange algorithm.
* @GNUTLS_KX_SRP: SRP key-exchange algorithm. * @GNUTLS_KX_SRP: SRP key-exchange algorithm.
* @GNUTLS_KX_RSA_EXPORT: RSA-EXPORT key-exchange algorithm. * @GNUTLS_KX_RSA_EXPORT: RSA-EXPORT key-exchange algorithm.
* @GNUTLS_KX_SRP_RSA: SRP-RSA key-exchange algorithm. * @GNUTLS_KX_SRP_RSA: SRP-RSA key-exchange algorithm.
* @GNUTLS_KX_SRP_DSS: SRP-DSS key-exchange algorithm. * @GNUTLS_KX_SRP_DSS: SRP-DSS key-exchange algorithm.
* @GNUTLS_KX_PSK: PSK key-exchange algorithm. * @GNUTLS_KX_PSK: PSK key-exchange algorithm.
* @GNUTLS_KX_DHE_PSK: DHE-PSK key-exchange algorithm. * @GNUTLS_KX_DHE_PSK: DHE-PSK key-exchange algorithm.
* @GNUTLS_KX_ECDHE_PSK: ECDHE-PSK key-exchange algorithm. * @GNUTLS_KX_ECDHE_PSK: ECDHE-PSK key-exchange algorithm.
* *
* Enumeration of different key exchange algorithms. * Enumeration of different key exchange algorithms.
*/ */
typedef enum typedef enum
{ {
GNUTLS_KX_UNKNOWN = 0, GNUTLS_KX_UNKNOWN = 0,
GNUTLS_KX_RSA = 1, GNUTLS_KX_RSA = 1,
GNUTLS_KX_DHE_DSS = 2, GNUTLS_KX_DHE_DSS = 2,
GNUTLS_KX_DHE_RSA = 3, GNUTLS_KX_DHE_RSA = 3,
GNUTLS_KX_ANON_DH = 4, GNUTLS_KX_ANON_DH = 4,
GNUTLS_KX_SRP = 5, GNUTLS_KX_SRP = 5,
GNUTLS_KX_RSA_EXPORT = 6, GNUTLS_KX_RSA_EXPORT = 6,
GNUTLS_KX_SRP_RSA = 7, GNUTLS_KX_SRP_RSA = 7,
GNUTLS_KX_SRP_DSS = 8, GNUTLS_KX_SRP_DSS = 8,
GNUTLS_KX_PSK = 9, GNUTLS_KX_PSK = 9,
GNUTLS_KX_DHE_PSK = 10, GNUTLS_KX_DHE_PSK = 10,
GNUTLS_KX_ANON_ECDH = 11, GNUTLS_KX_ANON_ECDH = 11,
GNUTLS_KX_ECDHE_RSA = 12, GNUTLS_KX_ECDHE_RSA = 12,
GNUTLS_KX_ECDHE_ECDSA = 13, GNUTLS_KX_ECDHE_ECDSA = 13,
GNUTLS_KX_ECDHE_PSK = 14, GNUTLS_KX_ECDHE_PSK = 14,
} gnutls_kx_algorithm_t; } gnutls_kx_algorithm_t;
/** /**
* gnutls_params_type_t: * gnutls_params_type_t:
* @GNUTLS_PARAMS_RSA_EXPORT: Session RSA-EXPORT parameters. * @GNUTLS_PARAMS_RSA_EXPORT: Session RSA-EXPORT parameters.
* @GNUTLS_PARAMS_DH: Session Diffie-Hellman parameters. * @GNUTLS_PARAMS_DH: Session Diffie-Hellman parameters.
* @GNUTLS_PARAMS_ECDH: Session Elliptic-Curve Diffie-Hellman parameters. * @GNUTLS_PARAMS_ECDH: Session Elliptic-Curve Diffie-Hellman parameters.
* *
* Enumeration of different TLS session parameter types. * Enumeration of different TLS session parameter types.
*/ */
typedef enum typedef enum
{ {
GNUTLS_PARAMS_RSA_EXPORT = 1, GNUTLS_PARAMS_RSA_EXPORT = 1,
GNUTLS_PARAMS_DH = 2, GNUTLS_PARAMS_DH = 2,
GNUTLS_PARAMS_ECDH = 3, GNUTLS_PARAMS_ECDH = 3,
} gnutls_params_type_t; } gnutls_params_type_t;
/** /**
* gnutls_credentials_type_t: * gnutls_credentials_type_t:
* @GNUTLS_CRD_CERTIFICATE: Certificate credential. * @GNUTLS_CRD_CERTIFICATE: Certificate credential.
* @GNUTLS_CRD_ANON: Anonymous credential. * @GNUTLS_CRD_ANON: Anonymous credential.
* @GNUTLS_CRD_SRP: SRP credential. * @GNUTLS_CRD_SRP: SRP credential.
* @GNUTLS_CRD_PSK: PSK credential. * @GNUTLS_CRD_PSK: PSK credential.
* @GNUTLS_CRD_IA: IA credential. * @GNUTLS_CRD_IA: IA credential.
* *
* Enumeration of different credential types. * Enumeration of different credential types.
*/ */
typedef enum typedef enum
{ {
GNUTLS_CRD_CERTIFICATE = 1, GNUTLS_CRD_CERTIFICATE = 1,
GNUTLS_CRD_ANON, GNUTLS_CRD_ANON,
GNUTLS_CRD_SRP, GNUTLS_CRD_SRP,
GNUTLS_CRD_PSK, GNUTLS_CRD_PSK,
GNUTLS_CRD_IA GNUTLS_CRD_IA
} gnutls_credentials_type_t; } gnutls_credentials_type_t;
#define GNUTLS_MAC_SHA GNUTLS_MAC_SHA1 #define GNUTLS_MAC_SHA GNUTLS_MAC_SHA1
#define GNUTLS_DIG_SHA GNUTLS_DIG_SHA1 #define GNUTLS_DIG_SHA GNUTLS_DIG_SHA1
/** /**
* gnutls_mac_algorithm_t: * gnutls_mac_algorithm_t:
* @GNUTLS_MAC_UNKNOWN: Unknown MAC algorithm. * @GNUTLS_MAC_UNKNOWN: Unknown MAC algorithm.
* @GNUTLS_MAC_NULL: NULL MAC algorithm (empty output). * @GNUTLS_MAC_NULL: NULL MAC algorithm (empty output).
* @GNUTLS_MAC_MD5: HMAC-MD5 algorithm. * @GNUTLS_MAC_MD5: HMAC-MD5 algorithm.
* @GNUTLS_MAC_SHA1: HMAC-SHA-1 algorithm. * @GNUTLS_MAC_SHA1: HMAC-SHA-1 algorithm.
* @GNUTLS_MAC_RMD160: HMAC-RMD160 algorithm. * @GNUTLS_MAC_RMD160: HMAC-RMD160 algorithm.
* @GNUTLS_MAC_MD2: HMAC-MD2 algorithm. * @GNUTLS_MAC_MD2: HMAC-MD2 algorithm.
* @GNUTLS_MAC_SHA256: HMAC-SHA-256 algorithm. * @GNUTLS_MAC_SHA256: HMAC-SHA-256 algorithm.
* @GNUTLS_MAC_SHA384: HMAC-SHA-384 algorithm. * @GNUTLS_MAC_SHA384: HMAC-SHA-384 algorithm.
* @GNUTLS_MAC_SHA512: HMAC-SHA-512 algorithm. * @GNUTLS_MAC_SHA512: HMAC-SHA-512 algorithm.
* @GNUTLS_MAC_SHA224: HMAC-SHA-224 algorithm. * @GNUTLS_MAC_SHA224: HMAC-SHA-224 algorithm.
* @GNUTLS_MAC_AEAD: MAC implicit through AEAD cipher. * @GNUTLS_MAC_AEAD: MAC implicit through AEAD cipher.
* *
* Enumeration of different Message Authentication Code (MAC) * Enumeration of different Message Authentication Code (MAC)
* algorithms. * algorithms.
*/ */
typedef enum typedef enum
{ {
GNUTLS_MAC_UNKNOWN = 0, GNUTLS_MAC_UNKNOWN = 0,
GNUTLS_MAC_NULL = 1, GNUTLS_MAC_NULL = 1,
GNUTLS_MAC_MD5 = 2, GNUTLS_MAC_MD5 = 2,
GNUTLS_MAC_SHA1 = 3, GNUTLS_MAC_SHA1 = 3,
GNUTLS_MAC_RMD160 = 4, GNUTLS_MAC_RMD160 = 4,
GNUTLS_MAC_MD2 = 5, GNUTLS_MAC_MD2 = 5,
GNUTLS_MAC_SHA256 = 6, GNUTLS_MAC_SHA256 = 6,
GNUTLS_MAC_SHA384 = 7, GNUTLS_MAC_SHA384 = 7,
GNUTLS_MAC_SHA512 = 8, GNUTLS_MAC_SHA512 = 8,
GNUTLS_MAC_SHA224 = 9, GNUTLS_MAC_SHA224 = 9,
/* If you add anything here, make sure you align with /* If you add anything here, make sure you align with
gnutls_digest_algorithm_t. */ gnutls_digest_algorithm_t. */
GNUTLS_MAC_AEAD = 200 /* indicates that MAC is on the cipher */ GNUTLS_MAC_AEAD = 200 /* indicates that MAC is on the cipher */
} gnutls_mac_algorithm_t; } gnutls_mac_algorithm_t;
/** /**
* gnutls_digest_algorithm_t: * gnutls_digest_algorithm_t:
* @GNUTLS_DIG_UNKNOWN: Unknown hash algorithm. * @GNUTLS_DIG_UNKNOWN: Unknown hash algorithm.
* @GNUTLS_DIG_NULL: NULL hash algorithm (empty output). * @GNUTLS_DIG_NULL: NULL hash algorithm (empty output).
* @GNUTLS_DIG_MD5: MD5 algorithm. * @GNUTLS_DIG_MD5: MD5 algorithm.
* @GNUTLS_DIG_SHA1: SHA-1 algorithm. * @GNUTLS_DIG_SHA1: SHA-1 algorithm.
* @GNUTLS_DIG_RMD160: RMD160 algorithm. * @GNUTLS_DIG_RMD160: RMD160 algorithm.
* @GNUTLS_DIG_MD2: MD2 algorithm. * @GNUTLS_DIG_MD2: MD2 algorithm.
* @GNUTLS_DIG_SHA256: SHA-256 algorithm. * @GNUTLS_DIG_SHA256: SHA-256 algorithm.
* @GNUTLS_DIG_SHA384: SHA-384 algorithm. * @GNUTLS_DIG_SHA384: SHA-384 algorithm.
* @GNUTLS_DIG_SHA512: SHA-512 algorithm. * @GNUTLS_DIG_SHA512: SHA-512 algorithm.
* @GNUTLS_DIG_SHA224: SHA-224 algorithm. * @GNUTLS_DIG_SHA224: SHA-224 algorithm.
* *
* Enumeration of different digest (hash) algorithms. * Enumeration of different digest (hash) algorithms.
*/ */
typedef enum typedef enum
{ {
GNUTLS_DIG_UNKNOWN = GNUTLS_MAC_UNKNOWN, GNUTLS_DIG_UNKNOWN = GNUTLS_MAC_UNKNOWN,
GNUTLS_DIG_NULL = GNUTLS_MAC_NULL, GNUTLS_DIG_NULL = GNUTLS_MAC_NULL,
GNUTLS_DIG_MD5 = GNUTLS_MAC_MD5, GNUTLS_DIG_MD5 = GNUTLS_MAC_MD5,
GNUTLS_DIG_SHA1 = GNUTLS_MAC_SHA1, GNUTLS_DIG_SHA1 = GNUTLS_MAC_SHA1,
GNUTLS_DIG_RMD160 = GNUTLS_MAC_RMD160, GNUTLS_DIG_RMD160 = GNUTLS_MAC_RMD160,
GNUTLS_DIG_MD2 = GNUTLS_MAC_MD2, GNUTLS_DIG_MD2 = GNUTLS_MAC_MD2,
GNUTLS_DIG_SHA256 = GNUTLS_MAC_SHA256, GNUTLS_DIG_SHA256 = GNUTLS_MAC_SHA256,
GNUTLS_DIG_SHA384 = GNUTLS_MAC_SHA384, GNUTLS_DIG_SHA384 = GNUTLS_MAC_SHA384,
skipping to change at line 269 skipping to change at line 269
GNUTLS_DIG_SHA224 = GNUTLS_MAC_SHA224 GNUTLS_DIG_SHA224 = GNUTLS_MAC_SHA224
/* If you add anything here, make sure you align with /* If you add anything here, make sure you align with
gnutls_mac_algorithm_t. */ gnutls_mac_algorithm_t. */
} gnutls_digest_algorithm_t; } gnutls_digest_algorithm_t;
/* exported for other gnutls headers. This is the maximum number of /* exported for other gnutls headers. This is the maximum number of
* algorithms (ciphers, kx or macs). * algorithms (ciphers, kx or macs).
*/ */
#define GNUTLS_MAX_ALGORITHM_NUM 32 #define GNUTLS_MAX_ALGORITHM_NUM 32
/** /**
* gnutls_compression_method_t: * gnutls_compression_method_t:
* @GNUTLS_COMP_UNKNOWN: Unknown compression method. * @GNUTLS_COMP_UNKNOWN: Unknown compression method.
* @GNUTLS_COMP_NULL: The NULL compression method (uncompressed). * @GNUTLS_COMP_NULL: The NULL compression method (no compression).
* @GNUTLS_COMP_DEFLATE: The deflate/zlib compression method. * @GNUTLS_COMP_DEFLATE: The DEFLATE compression method from zlib.
* @GNUTLS_COMP_ZLIB: Same as %GNUTLS_COMP_DEFLATE. * @GNUTLS_COMP_ZLIB: Same as %GNUTLS_COMP_DEFLATE.
* *
* Enumeration of different TLS compression methods. * Enumeration of different TLS compression methods.
*/ */
typedef enum typedef enum
{ {
GNUTLS_COMP_UNKNOWN = 0, GNUTLS_COMP_UNKNOWN = 0,
GNUTLS_COMP_NULL = 1, GNUTLS_COMP_NULL = 1,
GNUTLS_COMP_DEFLATE = 2, GNUTLS_COMP_DEFLATE = 2,
GNUTLS_COMP_ZLIB = GNUTLS_COMP_DEFLATE, GNUTLS_COMP_ZLIB = GNUTLS_COMP_DEFLATE,
} gnutls_compression_method_t; } gnutls_compression_method_t;
/* /*
* Flags for gnutls_init() * Flags for gnutls_init()
skipping to change at line 301 skipping to change at line 301
* @GNUTLS_DATAGRAM: Connection is datagram oriented (DTLS). * @GNUTLS_DATAGRAM: Connection is datagram oriented (DTLS).
* @GNUTLS_NONBLOCK: Connection should not block (DTLS). * @GNUTLS_NONBLOCK: Connection should not block (DTLS).
* *
* Enumeration of different TLS connection end types. * Enumeration of different TLS connection end types.
*/ */
#define GNUTLS_SERVER 1 #define GNUTLS_SERVER 1
#define GNUTLS_CLIENT (1<<1) #define GNUTLS_CLIENT (1<<1)
#define GNUTLS_DATAGRAM (1<<2) #define GNUTLS_DATAGRAM (1<<2)
#define GNUTLS_NONBLOCK (1<<3) #define GNUTLS_NONBLOCK (1<<3)
/** /**
* gnutls_alert_level_t: * gnutls_alert_level_t:
* @GNUTLS_AL_WARNING: Alert of warning severity. * @GNUTLS_AL_WARNING: Alert of warning severity.
* @GNUTLS_AL_FATAL: Alert of fatal severity. * @GNUTLS_AL_FATAL: Alert of fatal severity.
* *
* Enumeration of different TLS alert severities. * Enumeration of different TLS alert severities.
*/ */
typedef enum typedef enum
{ {
GNUTLS_AL_WARNING = 1, GNUTLS_AL_WARNING = 1,
GNUTLS_AL_FATAL GNUTLS_AL_FATAL
} gnutls_alert_level_t; } gnutls_alert_level_t;
/** /**
* gnutls_alert_description_t: * gnutls_alert_description_t:
* @GNUTLS_A_CLOSE_NOTIFY: Close notify. * @GNUTLS_A_CLOSE_NOTIFY: Close notify.
* @GNUTLS_A_UNEXPECTED_MESSAGE: Unexpected message. * @GNUTLS_A_UNEXPECTED_MESSAGE: Unexpected message.
* @GNUTLS_A_BAD_RECORD_MAC: Bad record MAC. * @GNUTLS_A_BAD_RECORD_MAC: Bad record MAC.
* @GNUTLS_A_DECRYPTION_FAILED: Decryption failed. * @GNUTLS_A_DECRYPTION_FAILED: Decryption failed.
* @GNUTLS_A_RECORD_OVERFLOW: Record overflow. * @GNUTLS_A_RECORD_OVERFLOW: Record overflow.
* @GNUTLS_A_DECOMPRESSION_FAILURE: Decompression failed. * @GNUTLS_A_DECOMPRESSION_FAILURE: Decompression failed.
* @GNUTLS_A_HANDSHAKE_FAILURE: Handshake failed. * @GNUTLS_A_HANDSHAKE_FAILURE: Handshake failed.
* @GNUTLS_A_SSL3_NO_CERTIFICATE: No certificate. * @GNUTLS_A_SSL3_NO_CERTIFICATE: No certificate.
* @GNUTLS_A_BAD_CERTIFICATE: Certificate is bad. * @GNUTLS_A_BAD_CERTIFICATE: Certificate is bad.
* @GNUTLS_A_UNSUPPORTED_CERTIFICATE: Certificate is not supported. * @GNUTLS_A_UNSUPPORTED_CERTIFICATE: Certificate is not supported.
* @GNUTLS_A_CERTIFICATE_REVOKED: Certificate was revoked. * @GNUTLS_A_CERTIFICATE_REVOKED: Certificate was revoked.
* @GNUTLS_A_CERTIFICATE_EXPIRED: Certificate is expired. * @GNUTLS_A_CERTIFICATE_EXPIRED: Certificate is expired.
* @GNUTLS_A_CERTIFICATE_UNKNOWN: Unknown certificate. * @GNUTLS_A_CERTIFICATE_UNKNOWN: Unknown certificate.
* @GNUTLS_A_ILLEGAL_PARAMETER: Illegal parameter. * @GNUTLS_A_ILLEGAL_PARAMETER: Illegal parameter.
* @GNUTLS_A_UNKNOWN_CA: CA is unknown. * @GNUTLS_A_UNKNOWN_CA: CA is unknown.
* @GNUTLS_A_ACCESS_DENIED: Access was denied. * @GNUTLS_A_ACCESS_DENIED: Access was denied.
* @GNUTLS_A_DECODE_ERROR: Decode error. * @GNUTLS_A_DECODE_ERROR: Decode error.
* @GNUTLS_A_DECRYPT_ERROR: Decrypt error. * @GNUTLS_A_DECRYPT_ERROR: Decrypt error.
* @GNUTLS_A_EXPORT_RESTRICTION: Export restriction. * @GNUTLS_A_EXPORT_RESTRICTION: Export restriction.
* @GNUTLS_A_PROTOCOL_VERSION: Error in protocol version. * @GNUTLS_A_PROTOCOL_VERSION: Error in protocol version.
* @GNUTLS_A_INSUFFICIENT_SECURITY: Insufficient security. * @GNUTLS_A_INSUFFICIENT_SECURITY: Insufficient security.
* @GNUTLS_A_USER_CANCELED: User canceled. * @GNUTLS_A_USER_CANCELED: User canceled.
* @GNUTLS_A_INTERNAL_ERROR: Internal error. * @GNUTLS_A_INTERNAL_ERROR: Internal error.
* @GNUTLS_A_NO_RENEGOTIATION: No renegotiation is allowed. * @GNUTLS_A_NO_RENEGOTIATION: No renegotiation is allowed.
* @GNUTLS_A_CERTIFICATE_UNOBTAINABLE: Could not retrieve the * @GNUTLS_A_CERTIFICATE_UNOBTAINABLE: Could not retrieve the
* specified certificate. * specified certificate.
* @GNUTLS_A_UNSUPPORTED_EXTENSION: An unsupported extension was * @GNUTLS_A_UNSUPPORTED_EXTENSION: An unsupported extension was
* sent. * sent.
* @GNUTLS_A_UNRECOGNIZED_NAME: The server name sent was not * @GNUTLS_A_UNRECOGNIZED_NAME: The server name sent was not
* recognized. * recognized.
* @GNUTLS_A_UNKNOWN_PSK_IDENTITY: The SRP/PSK username is missing * @GNUTLS_A_UNKNOWN_PSK_IDENTITY: The SRP/PSK username is missing
* or not known. * or not known.
* *
* Enumeration of different TLS alerts. * Enumeration of different TLS alerts.
*/ */
typedef enum typedef enum
{ {
GNUTLS_A_CLOSE_NOTIFY, GNUTLS_A_CLOSE_NOTIFY,
GNUTLS_A_UNEXPECTED_MESSAGE = 10, GNUTLS_A_UNEXPECTED_MESSAGE = 10,
GNUTLS_A_BAD_RECORD_MAC = 20, GNUTLS_A_BAD_RECORD_MAC = 20,
GNUTLS_A_DECRYPTION_FAILED, GNUTLS_A_DECRYPTION_FAILED,
GNUTLS_A_RECORD_OVERFLOW, GNUTLS_A_RECORD_OVERFLOW,
GNUTLS_A_DECOMPRESSION_FAILURE = 30, GNUTLS_A_DECOMPRESSION_FAILURE = 30,
GNUTLS_A_HANDSHAKE_FAILURE = 40, GNUTLS_A_HANDSHAKE_FAILURE = 40,
GNUTLS_A_SSL3_NO_CERTIFICATE = 41, GNUTLS_A_SSL3_NO_CERTIFICATE = 41,
skipping to change at line 383 skipping to change at line 383
GNUTLS_A_INSUFFICIENT_SECURITY, GNUTLS_A_INSUFFICIENT_SECURITY,
GNUTLS_A_INTERNAL_ERROR = 80, GNUTLS_A_INTERNAL_ERROR = 80,
GNUTLS_A_USER_CANCELED = 90, GNUTLS_A_USER_CANCELED = 90,
GNUTLS_A_NO_RENEGOTIATION = 100, GNUTLS_A_NO_RENEGOTIATION = 100,
GNUTLS_A_UNSUPPORTED_EXTENSION = 110, GNUTLS_A_UNSUPPORTED_EXTENSION = 110,
GNUTLS_A_CERTIFICATE_UNOBTAINABLE = 111, GNUTLS_A_CERTIFICATE_UNOBTAINABLE = 111,
GNUTLS_A_UNRECOGNIZED_NAME = 112, GNUTLS_A_UNRECOGNIZED_NAME = 112,
GNUTLS_A_UNKNOWN_PSK_IDENTITY = 115, GNUTLS_A_UNKNOWN_PSK_IDENTITY = 115,
} gnutls_alert_description_t; } gnutls_alert_description_t;
/** /**
* gnutls_handshake_description_t: * gnutls_handshake_description_t:
* @GNUTLS_HANDSHAKE_HELLO_REQUEST: Hello request. * @GNUTLS_HANDSHAKE_HELLO_REQUEST: Hello request.
* @GNUTLS_HANDSHAKE_HELLO_VERIFY_REQUEST: DTLS Hello verify request. * @GNUTLS_HANDSHAKE_HELLO_VERIFY_REQUEST: DTLS Hello verify request.
* @GNUTLS_HANDSHAKE_CLIENT_HELLO: Client hello. * @GNUTLS_HANDSHAKE_CLIENT_HELLO: Client hello.
* @GNUTLS_HANDSHAKE_SERVER_HELLO: Server hello. * @GNUTLS_HANDSHAKE_SERVER_HELLO: Server hello.
* @GNUTLS_HANDSHAKE_NEW_SESSION_TICKET: New session ticket. * @GNUTLS_HANDSHAKE_NEW_SESSION_TICKET: New session ticket.
* @GNUTLS_HANDSHAKE_CERTIFICATE_PKT: Certificate packet. * @GNUTLS_HANDSHAKE_CERTIFICATE_PKT: Certificate packet.
* @GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE: Server key exchange. * @GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE: Server key exchange.
* @GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST: Certificate request. * @GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST: Certificate request.
* @GNUTLS_HANDSHAKE_SERVER_HELLO_DONE: Server hello done. * @GNUTLS_HANDSHAKE_SERVER_HELLO_DONE: Server hello done.
* @GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY: Certificate verify. * @GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY: Certificate verify.
* @GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE: Client key exchange. * @GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE: Client key exchange.
* @GNUTLS_HANDSHAKE_FINISHED: Finished. * @GNUTLS_HANDSHAKE_FINISHED: Finished.
* @GNUTLS_HANDSHAKE_SUPPLEMENTAL: Supplemental. * @GNUTLS_HANDSHAKE_SUPPLEMENTAL: Supplemental.
* @GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC: Change Cipher Spec * @GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC: Change Cipher Spec
* @GNUTLS_HANDSHAKE_CLIENT_HELLO_V2: SSLv2 Client Hello. * @GNUTLS_HANDSHAKE_CLIENT_HELLO_V2: SSLv2 Client Hello.
* *
* Enumeration of different TLS handshake packets. * Enumeration of different TLS handshake packets.
*/ */
typedef enum typedef enum
{ {
GNUTLS_HANDSHAKE_HELLO_REQUEST = 0, GNUTLS_HANDSHAKE_HELLO_REQUEST = 0,
GNUTLS_HANDSHAKE_CLIENT_HELLO = 1, GNUTLS_HANDSHAKE_CLIENT_HELLO = 1,
GNUTLS_HANDSHAKE_SERVER_HELLO = 2, GNUTLS_HANDSHAKE_SERVER_HELLO = 2,
GNUTLS_HANDSHAKE_HELLO_VERIFY_REQUEST = 3, GNUTLS_HANDSHAKE_HELLO_VERIFY_REQUEST = 3,
GNUTLS_HANDSHAKE_NEW_SESSION_TICKET = 4, GNUTLS_HANDSHAKE_NEW_SESSION_TICKET = 4,
GNUTLS_HANDSHAKE_CERTIFICATE_PKT = 11, GNUTLS_HANDSHAKE_CERTIFICATE_PKT = 11,
GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE = 12, GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE = 12,
GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST = 13, GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST = 13,
GNUTLS_HANDSHAKE_SERVER_HELLO_DONE = 14, GNUTLS_HANDSHAKE_SERVER_HELLO_DONE = 14,
GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY = 15, GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY = 15,
GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE = 16, GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE = 16,
GNUTLS_HANDSHAKE_FINISHED = 20, GNUTLS_HANDSHAKE_FINISHED = 20,
GNUTLS_HANDSHAKE_SUPPLEMENTAL = 23, GNUTLS_HANDSHAKE_SUPPLEMENTAL = 23,
GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC = 254, GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC = 254,
GNUTLS_HANDSHAKE_CLIENT_HELLO_V2 = 1024, GNUTLS_HANDSHAKE_CLIENT_HELLO_V2 = 1024,
} gnutls_handshake_description_t; } gnutls_handshake_description_t;
/** /**
* gnutls_certificate_status_t: * gnutls_certificate_status_t:
* @GNUTLS_CERT_INVALID: Will be set if the certificate was not * @GNUTLS_CERT_INVALID: The certificate is not signed by one of the
* verified. * known authorities or the signature is invalid.
* @GNUTLS_CERT_REVOKED: Certificate revoked. In X.509 this will be * @GNUTLS_CERT_REVOKED: Certificate is revoked by its authority. In X.509
* set only if CRLs are checked. this will be
* @GNUTLS_CERT_SIGNER_NOT_FOUND: Certificate not verified. Signer * set only if CRLs are checked.
* not found. * @GNUTLS_CERT_SIGNER_NOT_FOUND: The certificate's issuer is not known.
* @GNUTLS_CERT_SIGNER_NOT_CA: Certificate not verified. Signer * This is the case if the issue is not included in the trusted certifica
* not a CA certificate. te list.
* @GNUTLS_CERT_INSECURE_ALGORITHM: Certificate not verified, * not found.
* insecure algorithm. * @GNUTLS_CERT_SIGNER_NOT_CA: The certificate’s signer was not a CA. This
* @GNUTLS_CERT_NOT_ACTIVATED: Certificate not yet activated. * may happen if this was a version 1 certificate, which is common with
* @GNUTLS_CERT_EXPIRED: Certificate expired. * some CAs, or a version 3 certificate without the basic constrains exten
* sion.
* Enumeration of certificate status codes. Note that the status * @GNUTLS_CERT_INSECURE_ALGORITHM: The certificate was signed using an in-
* bits have different meanings in OpenPGP keys and X.509 * secure algorithm such as MD2 or MD5. These algorithms have been broken
* certificate verification. and
*/ * should not be trusted.
* @GNUTLS_CERT_NOT_ACTIVATED: The certificate is not yet activated.
* @GNUTLS_CERT_EXPIRED: The certificate has expired.
*
* Enumeration of certificate status codes. Note that the status
* bits have different meanings in OpenPGP keys and X.509
* certificate verification.
*/
typedef enum typedef enum
{ {
GNUTLS_CERT_INVALID = 2, GNUTLS_CERT_INVALID = 2,
GNUTLS_CERT_REVOKED = 32, GNUTLS_CERT_REVOKED = 32,
GNUTLS_CERT_SIGNER_NOT_FOUND = 64, GNUTLS_CERT_SIGNER_NOT_FOUND = 64,
GNUTLS_CERT_SIGNER_NOT_CA = 128, GNUTLS_CERT_SIGNER_NOT_CA = 128,
GNUTLS_CERT_INSECURE_ALGORITHM = 256, GNUTLS_CERT_INSECURE_ALGORITHM = 256,
GNUTLS_CERT_NOT_ACTIVATED = 512, GNUTLS_CERT_NOT_ACTIVATED = 512,
GNUTLS_CERT_EXPIRED = 1024 GNUTLS_CERT_EXPIRED = 1024
} gnutls_certificate_status_t; } gnutls_certificate_status_t;
/** /**
* gnutls_certificate_request_t: * gnutls_certificate_request_t:
* @GNUTLS_CERT_IGNORE: Ignore certificate. * @GNUTLS_CERT_IGNORE: Ignore certificate.
* @GNUTLS_CERT_REQUEST: Request certificate. * @GNUTLS_CERT_REQUEST: Request certificate.
* @GNUTLS_CERT_REQUIRE: Require certificate. * @GNUTLS_CERT_REQUIRE: Require certificate.
* *
* Enumeration of certificate request types. * Enumeration of certificate request types.
*/ */
typedef enum typedef enum
{ {
GNUTLS_CERT_IGNORE = 0, GNUTLS_CERT_IGNORE = 0,
GNUTLS_CERT_REQUEST = 1, GNUTLS_CERT_REQUEST = 1,
GNUTLS_CERT_REQUIRE = 2 GNUTLS_CERT_REQUIRE = 2
} gnutls_certificate_request_t; } gnutls_certificate_request_t;
/** /**
* gnutls_openpgp_crt_status_t: * gnutls_openpgp_crt_status_t:
* @GNUTLS_OPENPGP_CERT: Send entire certificate. * @GNUTLS_OPENPGP_CERT: Send entire certificate.
* @GNUTLS_OPENPGP_CERT_FINGERPRINT: Send only certificate fingerprint. * @GNUTLS_OPENPGP_CERT_FINGERPRINT: Send only certificate fingerprint.
* *
* Enumeration of ways to send OpenPGP certificate. * Enumeration of ways to send OpenPGP certificate.
*/ */
typedef enum typedef enum
{ {
GNUTLS_OPENPGP_CERT = 0, GNUTLS_OPENPGP_CERT = 0,
GNUTLS_OPENPGP_CERT_FINGERPRINT = 1 GNUTLS_OPENPGP_CERT_FINGERPRINT = 1
} gnutls_openpgp_crt_status_t; } gnutls_openpgp_crt_status_t;
/** /**
* gnutls_close_request_t: * gnutls_close_request_t:
* @GNUTLS_SHUT_RDWR: Disallow further receives/sends. * @GNUTLS_SHUT_RDWR: Disallow further receives/sends.
* @GNUTLS_SHUT_WR: Disallow further sends. * @GNUTLS_SHUT_WR: Disallow further sends.
* *
* Enumeration of how TLS session should be terminated. See gnutls_bye() * Enumeration of how TLS session should be terminated. See gnutls_bye().
. */
*/
typedef enum typedef enum
{ {
GNUTLS_SHUT_RDWR = 0, GNUTLS_SHUT_RDWR = 0,
GNUTLS_SHUT_WR = 1 GNUTLS_SHUT_WR = 1
} gnutls_close_request_t; } gnutls_close_request_t;
/** /**
* gnutls_protocol_t: * gnutls_protocol_t:
* @GNUTLS_SSL3: SSL version 3.0. * @GNUTLS_SSL3: SSL version 3.0.
* @GNUTLS_TLS1_0: TLS version 1.0. * @GNUTLS_TLS1_0: TLS version 1.0.
* @GNUTLS_TLS1: Same as %GNUTLS_TLS1_0. * @GNUTLS_TLS1: Same as %GNUTLS_TLS1_0.
* @GNUTLS_TLS1_1: TLS version 1.1. * @GNUTLS_TLS1_1: TLS version 1.1.
* @GNUTLS_TLS1_2: TLS version 1.2. * @GNUTLS_TLS1_2: TLS version 1.2.
* @GNUTLS_DTLS1_0: DTLS version 1.0. * @GNUTLS_DTLS1_0: DTLS version 1.0.
* @GNUTLS_VERSION_MAX: Maps to the highest supported TLS version. * @GNUTLS_VERSION_MAX: Maps to the highest supported TLS version.
* @GNUTLS_VERSION_UNKNOWN: Unknown SSL/TLS version. * @GNUTLS_VERSION_UNKNOWN: Unknown SSL/TLS version.
* *
* Enumeration of different SSL/TLS protocol versions. * Enumeration of different SSL/TLS protocol versions.
*/ */
typedef enum typedef enum
{ {
GNUTLS_SSL3 = 1, GNUTLS_SSL3 = 1,
GNUTLS_TLS1_0 = 2, GNUTLS_TLS1_0 = 2,
GNUTLS_TLS1 = GNUTLS_TLS1_0, GNUTLS_TLS1 = GNUTLS_TLS1_0,
GNUTLS_TLS1_1 = 3, GNUTLS_TLS1_1 = 3,
GNUTLS_TLS1_2 = 4, GNUTLS_TLS1_2 = 4,
GNUTLS_DTLS1_0 = 5, GNUTLS_DTLS1_0 = 5,
GNUTLS_VERSION_MAX = GNUTLS_DTLS1_0, GNUTLS_VERSION_MAX = GNUTLS_DTLS1_0,
GNUTLS_VERSION_UNKNOWN = 0xff GNUTLS_VERSION_UNKNOWN = 0xff
} gnutls_protocol_t; } gnutls_protocol_t;
/** /**
* gnutls_certificate_type_t: * gnutls_certificate_type_t:
* @GNUTLS_CRT_UNKNOWN: Unknown certificate type. * @GNUTLS_CRT_UNKNOWN: Unknown certificate type.
* @GNUTLS_CRT_X509: X.509 Certificate. * @GNUTLS_CRT_X509: X.509 Certificate.
* @GNUTLS_CRT_OPENPGP: OpenPGP certificate. * @GNUTLS_CRT_OPENPGP: OpenPGP certificate.
* *
* Enumeration of different certificate types. * Enumeration of different certificate types.
*/ */
typedef enum typedef enum
{ {
GNUTLS_CRT_UNKNOWN = 0, GNUTLS_CRT_UNKNOWN = 0,
GNUTLS_CRT_X509 = 1, GNUTLS_CRT_X509 = 1,
GNUTLS_CRT_OPENPGP = 2 GNUTLS_CRT_OPENPGP = 2
} gnutls_certificate_type_t; } gnutls_certificate_type_t;
/** /**
* gnutls_x509_crt_fmt_t: * gnutls_x509_crt_fmt_t:
* @GNUTLS_X509_FMT_DER: X.509 certificate in DER format (binary). * @GNUTLS_X509_FMT_DER: X.509 certificate in DER format (binary).
* @GNUTLS_X509_FMT_PEM: X.509 certificate in PEM format (text). * @GNUTLS_X509_FMT_PEM: X.509 certificate in PEM format (text).
* *
* Enumeration of different certificate encoding formats. * Enumeration of different certificate encoding formats.
*/ */
typedef enum typedef enum
{ {
GNUTLS_X509_FMT_DER = 0, GNUTLS_X509_FMT_DER = 0,
GNUTLS_X509_FMT_PEM = 1 GNUTLS_X509_FMT_PEM = 1
} gnutls_x509_crt_fmt_t; } gnutls_x509_crt_fmt_t;
/** /**
* gnutls_certificate_print_formats_t: * gnutls_certificate_print_formats_t:
* @GNUTLS_CRT_PRINT_FULL: Full information about certificate. * @GNUTLS_CRT_PRINT_FULL: Full information about certificate.
* @GNUTLS_CRT_PRINT_ONELINE: Information about certificate in one line. * @GNUTLS_CRT_PRINT_ONELINE: Information about certificate in one line.
* @GNUTLS_CRT_PRINT_UNSIGNED_FULL: All info for an unsigned certificate. * @GNUTLS_CRT_PRINT_UNSIGNED_FULL: All info for an unsigned certificate.
* *
* Enumeration of different certificate printing variants. * Enumeration of different certificate printing variants.
*/ */
typedef enum gnutls_certificate_print_formats typedef enum gnutls_certificate_print_formats
{ {
GNUTLS_CRT_PRINT_FULL = 0, GNUTLS_CRT_PRINT_FULL = 0,
GNUTLS_CRT_PRINT_ONELINE = 1, GNUTLS_CRT_PRINT_ONELINE = 1,
GNUTLS_CRT_PRINT_UNSIGNED_FULL = 2 GNUTLS_CRT_PRINT_UNSIGNED_FULL = 2
} gnutls_certificate_print_formats_t; } gnutls_certificate_print_formats_t;
/** /**
* gnutls_pk_algorithm_t: * gnutls_pk_algorithm_t:
* @GNUTLS_PK_UNKNOWN: Unknown public-key algorithm. * @GNUTLS_PK_UNKNOWN: Unknown public-key algorithm.
* @GNUTLS_PK_RSA: RSA public-key algorithm. * @GNUTLS_PK_RSA: RSA public-key algorithm.
* @GNUTLS_PK_DSA: DSA public-key algorithm. * @GNUTLS_PK_DSA: DSA public-key algorithm.
* @GNUTLS_PK_DH: Diffie-Hellman algorithm. Used to generate parameters. * @GNUTLS_PK_DH: Diffie-Hellman algorithm. Used to generate parameters.
* @GNUTLS_PK_ECC: Elliptic curve algorithm. Used to generate parameters. * @GNUTLS_PK_ECC: Elliptic curve algorithm. Used to generate parameters.
* *
* Enumeration of different public-key algorithms. * Enumeration of different public-key algorithms.
*/ */
typedef enum typedef enum
{ {
GNUTLS_PK_UNKNOWN = 0, GNUTLS_PK_UNKNOWN = 0,
GNUTLS_PK_RSA = 1, GNUTLS_PK_RSA = 1,
GNUTLS_PK_DSA = 2, GNUTLS_PK_DSA = 2,
GNUTLS_PK_DH = 3, GNUTLS_PK_DH = 3,
GNUTLS_PK_ECC = 4, GNUTLS_PK_ECC = 4,
} gnutls_pk_algorithm_t; } gnutls_pk_algorithm_t;
const char *gnutls_pk_algorithm_get_name (gnutls_pk_algorithm_t algorithm ); const char *gnutls_pk_algorithm_get_name (gnutls_pk_algorithm_t algorithm );
/** /**
* gnutls_sign_algorithm_t: * gnutls_sign_algorithm_t:
* @GNUTLS_SIGN_UNKNOWN: Unknown signature algorithm. * @GNUTLS_SIGN_UNKNOWN: Unknown signature algorithm.
* @GNUTLS_SIGN_RSA_SHA1: Digital signature algorithm RSA with SHA-1 * @GNUTLS_SIGN_RSA_SHA1: Digital signature algorithm RSA with SHA-1
* @GNUTLS_SIGN_RSA_SHA: Same as %GNUTLS_SIGN_RSA_SHA1. * @GNUTLS_SIGN_RSA_SHA: Same as %GNUTLS_SIGN_RSA_SHA1.
* @GNUTLS_SIGN_DSA_SHA1: Digital signature algorithm DSA with SHA-1 * @GNUTLS_SIGN_DSA_SHA1: Digital signature algorithm DSA with SHA-1
* @GNUTLS_SIGN_DSA_SHA224: Digital signature algorithm DSA with SHA-224 * @GNUTLS_SIGN_DSA_SHA224: Digital signature algorithm DSA with SHA-224
* @GNUTLS_SIGN_DSA_SHA256: Digital signature algorithm DSA with SHA-256 * @GNUTLS_SIGN_DSA_SHA256: Digital signature algorithm DSA with SHA-256
* @GNUTLS_SIGN_DSA_SHA: Same as %GNUTLS_SIGN_DSA_SHA1. * @GNUTLS_SIGN_DSA_SHA: Same as %GNUTLS_SIGN_DSA_SHA1.
* @GNUTLS_SIGN_RSA_MD5: Digital signature algorithm RSA with MD5. * @GNUTLS_SIGN_RSA_MD5: Digital signature algorithm RSA with MD5.
* @GNUTLS_SIGN_RSA_MD2: Digital signature algorithm RSA with MD2. * @GNUTLS_SIGN_RSA_MD2: Digital signature algorithm RSA with MD2.
* @GNUTLS_SIGN_RSA_RMD160: Digital signature algorithm RSA with RMD-160. * @GNUTLS_SIGN_RSA_RMD160: Digital signature algorithm RSA with RMD-160.
* @GNUTLS_SIGN_RSA_SHA256: Digital signature algorithm RSA with SHA-256. * @GNUTLS_SIGN_RSA_SHA256: Digital signature algorithm RSA with SHA-256.
* @GNUTLS_SIGN_RSA_SHA384: Digital signature algorithm RSA with SHA-384. * @GNUTLS_SIGN_RSA_SHA384: Digital signature algorithm RSA with SHA-384.
* @GNUTLS_SIGN_RSA_SHA512: Digital signature algorithm RSA with SHA-512. * @GNUTLS_SIGN_RSA_SHA512: Digital signature algorithm RSA with SHA-512.
* @GNUTLS_SIGN_RSA_SHA224: Digital signature algorithm RSA with SHA-224. * @GNUTLS_SIGN_RSA_SHA224: Digital signature algorithm RSA with SHA-224.
* @GNUTLS_SIGN_ECDSA_SHA1: ECDSA with SHA1. * @GNUTLS_SIGN_ECDSA_SHA1: ECDSA with SHA1.
* @GNUTLS_SIGN_ECDSA_SHA256: Digital signature algorithm ECDSA with SHA- * @GNUTLS_SIGN_ECDSA_SHA256: Digital signature algorithm ECDSA with SHA-25
256. 6.
* @GNUTLS_SIGN_ECDSA_SHA384: Digital signature algorithm ECDSA with SHA- * @GNUTLS_SIGN_ECDSA_SHA384: Digital signature algorithm ECDSA with SHA-38
384. 4.
* @GNUTLS_SIGN_ECDSA_SHA512: Digital signature algorithm ECDSA with SHA- * @GNUTLS_SIGN_ECDSA_SHA512: Digital signature algorithm ECDSA with SHA-51
512. 2.
* @GNUTLS_SIGN_ECDSA_SHA224: Digital signature algorithm ECDSA with SHA- * @GNUTLS_SIGN_ECDSA_SHA224: Digital signature algorithm ECDSA with SHA-22
224. 4.
* *
* Enumeration of different digital signature algorithms. * Enumeration of different digital signature algorithms.
*/ */
typedef enum typedef enum
{ {
GNUTLS_SIGN_UNKNOWN = 0, GNUTLS_SIGN_UNKNOWN = 0,
GNUTLS_SIGN_RSA_SHA1 = 1, GNUTLS_SIGN_RSA_SHA1 = 1,
GNUTLS_SIGN_RSA_SHA = GNUTLS_SIGN_RSA_SHA1, GNUTLS_SIGN_RSA_SHA = GNUTLS_SIGN_RSA_SHA1,
GNUTLS_SIGN_DSA_SHA1 = 2, GNUTLS_SIGN_DSA_SHA1 = 2,
GNUTLS_SIGN_DSA_SHA = GNUTLS_SIGN_DSA_SHA1, GNUTLS_SIGN_DSA_SHA = GNUTLS_SIGN_DSA_SHA1,
GNUTLS_SIGN_RSA_MD5 = 3, GNUTLS_SIGN_RSA_MD5 = 3,
GNUTLS_SIGN_RSA_MD2 = 4, GNUTLS_SIGN_RSA_MD2 = 4,
GNUTLS_SIGN_RSA_RMD160 = 5, GNUTLS_SIGN_RSA_RMD160 = 5,
skipping to change at line 629 skipping to change at line 632
GNUTLS_SIGN_RSA_SHA224 = 9, GNUTLS_SIGN_RSA_SHA224 = 9,
GNUTLS_SIGN_DSA_SHA224 = 10, GNUTLS_SIGN_DSA_SHA224 = 10,
GNUTLS_SIGN_DSA_SHA256 = 11, GNUTLS_SIGN_DSA_SHA256 = 11,
GNUTLS_SIGN_ECDSA_SHA1 = 12, GNUTLS_SIGN_ECDSA_SHA1 = 12,
GNUTLS_SIGN_ECDSA_SHA224 = 13, GNUTLS_SIGN_ECDSA_SHA224 = 13,
GNUTLS_SIGN_ECDSA_SHA256 = 14, GNUTLS_SIGN_ECDSA_SHA256 = 14,
GNUTLS_SIGN_ECDSA_SHA384 = 15, GNUTLS_SIGN_ECDSA_SHA384 = 15,
GNUTLS_SIGN_ECDSA_SHA512 = 16, GNUTLS_SIGN_ECDSA_SHA512 = 16,
} gnutls_sign_algorithm_t; } gnutls_sign_algorithm_t;
/** /**
* gnutls_ecc_curve_t: * gnutls_ecc_curve_t:
* @GNUTLS_ECC_CURVE_INVALID: Cannot be known * @GNUTLS_ECC_CURVE_INVALID: Cannot be known
* @GNUTLS_ECC_CURVE_SECP224R1: the SECP224R1 curve * @GNUTLS_ECC_CURVE_SECP224R1: the SECP224R1 curve
* @GNUTLS_ECC_CURVE_SECP256R1: the SECP256R1 curve * @GNUTLS_ECC_CURVE_SECP256R1: the SECP256R1 curve
* @GNUTLS_ECC_CURVE_SECP384R1: the SECP384R1 curve * @GNUTLS_ECC_CURVE_SECP384R1: the SECP384R1 curve
* @GNUTLS_ECC_CURVE_SECP521R1: the SECP521R1 curve * @GNUTLS_ECC_CURVE_SECP521R1: the SECP521R1 curve
* *
* Enumeration of ECC curves. * Enumeration of ECC curves.
*/ */
typedef enum typedef enum
{ {
GNUTLS_ECC_CURVE_INVALID=0, GNUTLS_ECC_CURVE_INVALID=0,
GNUTLS_ECC_CURVE_SECP224R1, GNUTLS_ECC_CURVE_SECP224R1,
GNUTLS_ECC_CURVE_SECP256R1, GNUTLS_ECC_CURVE_SECP256R1,
GNUTLS_ECC_CURVE_SECP384R1, GNUTLS_ECC_CURVE_SECP384R1,
GNUTLS_ECC_CURVE_SECP521R1, GNUTLS_ECC_CURVE_SECP521R1,
} gnutls_ecc_curve_t; } gnutls_ecc_curve_t;
/** /**
* gnutls_sec_param_t: * gnutls_sec_param_t:
* @GNUTLS_SEC_PARAM_UNKNOWN: Cannot be known * @GNUTLS_SEC_PARAM_UNKNOWN: Cannot be known
* @GNUTLS_SEC_PARAM_WEAK: 50 or less bits of security * @GNUTLS_SEC_PARAM_WEAK: 50 or less bits of security
* @GNUTLS_SEC_PARAM_LOW: 80 bits of security * @GNUTLS_SEC_PARAM_LOW: 80 bits of security
* @GNUTLS_SEC_PARAM_NORMAL: 112 bits of security * @GNUTLS_SEC_PARAM_NORMAL: 112 bits of security
* @GNUTLS_SEC_PARAM_HIGH: 128 bits of security * @GNUTLS_SEC_PARAM_HIGH: 128 bits of security
* @GNUTLS_SEC_PARAM_ULTRA: 192 bits of security * @GNUTLS_SEC_PARAM_ULTRA: 192 bits of security
* *
* Enumeration of security parameters for passive attacks * Enumeration of security parameters for passive attacks
*/ */
typedef enum typedef enum
{ {
GNUTLS_SEC_PARAM_UNKNOWN, GNUTLS_SEC_PARAM_UNKNOWN,
GNUTLS_SEC_PARAM_WEAK, GNUTLS_SEC_PARAM_WEAK,
GNUTLS_SEC_PARAM_LOW, GNUTLS_SEC_PARAM_LOW,
GNUTLS_SEC_PARAM_NORMAL, GNUTLS_SEC_PARAM_NORMAL,
GNUTLS_SEC_PARAM_HIGH, GNUTLS_SEC_PARAM_HIGH,
GNUTLS_SEC_PARAM_ULTRA GNUTLS_SEC_PARAM_ULTRA
} gnutls_sec_param_t; } gnutls_sec_param_t;
/** /**
* gnutls_channel_binding_t: * gnutls_channel_binding_t:
* @GNUTLS_CB_TLS_UNIQUE: "tls-unique" (RFC 5929) channel binding * @GNUTLS_CB_TLS_UNIQUE: "tls-unique" (RFC 5929) channel binding
* *
* Enumeration of support channel binding types. * Enumeration of support channel binding types.
*/ */
typedef enum typedef enum
{ {
GNUTLS_CB_TLS_UNIQUE GNUTLS_CB_TLS_UNIQUE
} gnutls_channel_binding_t; } gnutls_channel_binding_t;
/* If you want to change this, then also change the define in /* If you want to change this, then also change the define in
* gnutls_int.h, and recompile. * gnutls_int.h, and recompile.
*/ */
typedef void *gnutls_transport_ptr_t; typedef void *gnutls_transport_ptr_t;
skipping to change at line 855 skipping to change at line 858
size_t label_size, const char *label, size_t label_size, const char *label,
int server_random_first, int server_random_first,
size_t extra_size, const char *extra, size_t extra_size, const char *extra,
size_t outsize, char *out); size_t outsize, char *out);
int gnutls_prf_raw (gnutls_session_t session, int gnutls_prf_raw (gnutls_session_t session,
size_t label_size, const char *label, size_t label_size, const char *label,
size_t seed_size, const char *seed, size_t seed_size, const char *seed,
size_t outsize, char *out); size_t outsize, char *out);
/** /**
* gnutls_server_name_type_t: * gnutls_server_name_type_t:
* @GNUTLS_NAME_DNS: Domain Name System name type. * @GNUTLS_NAME_DNS: Domain Name System name type.
* *
* Enumeration of different server name types. * Enumeration of different server name types.
*/ */
typedef enum typedef enum
{ {
GNUTLS_NAME_DNS = 1 GNUTLS_NAME_DNS = 1
} gnutls_server_name_type_t; } gnutls_server_name_type_t;
int gnutls_server_name_set (gnutls_session_t session, int gnutls_server_name_set (gnutls_session_t session,
gnutls_server_name_type_t type, gnutls_server_name_type_t type,
const void *name, size_t name_length); const void *name, size_t name_length);
int gnutls_server_name_get (gnutls_session_t session, int gnutls_server_name_get (gnutls_session_t session,
void *data, size_t * data_length, void *data, size_t * data_length,
unsigned int *type, unsigned int indx); unsigned int *type, unsigned int indx);
/* Safe renegotiation */ /* Safe renegotiation */
int gnutls_safe_renegotiation_status (gnutls_session_t session); int gnutls_safe_renegotiation_status (gnutls_session_t session);
/** /**
* gnutls_supplemental_data_format_type_t: * gnutls_supplemental_data_format_type_t:
* @GNUTLS_SUPPLEMENTAL_USER_MAPPING_DATA: Supplemental user mapping data * @GNUTLS_SUPPLEMENTAL_USER_MAPPING_DATA: Supplemental user mapping data.
. *
* * Enumeration of different supplemental data types (RFC 4680).
* Enumeration of different supplemental data types (RFC 4680). */
*/
typedef enum typedef enum
{ {
GNUTLS_SUPPLEMENTAL_USER_MAPPING_DATA = 0 GNUTLS_SUPPLEMENTAL_USER_MAPPING_DATA = 0
} gnutls_supplemental_data_format_type_t; } gnutls_supplemental_data_format_type_t;
const char const char
*gnutls_supplemental_get_name (gnutls_supplemental_data_format_type_t *gnutls_supplemental_get_name (gnutls_supplemental_data_format_type_t
type); type);
/* SessionTicket, RFC 5077. */ /* SessionTicket, RFC 5077. */
skipping to change at line 915 skipping to change at line 918
int gnutls_priority_set (gnutls_session_t session, int gnutls_priority_set (gnutls_session_t session,
gnutls_priority_t priority); gnutls_priority_t priority);
int gnutls_priority_set_direct (gnutls_session_t session, int gnutls_priority_set_direct (gnutls_session_t session,
const char *priorities, const char *priorities,
const char **err_pos); const char **err_pos);
/* for compatibility /* for compatibility
*/ */
int gnutls_set_default_priority (gnutls_session_t session); int gnutls_set_default_priority (gnutls_session_t session);
int gnutls_set_default_export_priority (gnutls_session_t session);
/* Returns the name of a cipher suite */ /* Returns the name of a cipher suite */
const char *gnutls_cipher_suite_get_name (gnutls_kx_algorithm_t const char *gnutls_cipher_suite_get_name (gnutls_kx_algorithm_t
kx_algorithm, kx_algorithm,
gnutls_cipher_algorithm_t gnutls_cipher_algorithm_t
cipher_algorithm, cipher_algorithm,
gnutls_mac_algorithm_t gnutls_mac_algorithm_t
mac_algorithm); mac_algorithm);
/* get the currently used protocol version */ /* get the currently used protocol version */
skipping to change at line 1067 skipping to change at line 1069
gnutls_certificate_get_issuer (gnutls_certificate_credentials_t sc, gnutls_certificate_get_issuer (gnutls_certificate_credentials_t sc,
gnutls_x509_crt_t cert, gnutls_x509_crt_t* issuer, unsigned int flags); gnutls_x509_crt_t cert, gnutls_x509_crt_t* issuer, unsigned int flags);
void gnutls_certificate_free_keys (gnutls_certificate_credentials_t sc); void gnutls_certificate_free_keys (gnutls_certificate_credentials_t sc);
void gnutls_certificate_free_cas (gnutls_certificate_credentials_t sc); void gnutls_certificate_free_cas (gnutls_certificate_credentials_t sc);
void gnutls_certificate_free_ca_names (gnutls_certificate_credentials_t s c); void gnutls_certificate_free_ca_names (gnutls_certificate_credentials_t s c);
void gnutls_certificate_free_crls (gnutls_certificate_credentials_t sc); void gnutls_certificate_free_crls (gnutls_certificate_credentials_t sc);
void gnutls_certificate_set_dh_params (gnutls_certificate_credentials_t r es, void gnutls_certificate_set_dh_params (gnutls_certificate_credentials_t r es,
gnutls_dh_params_t dh_params); gnutls_dh_params_t dh_params);
void
gnutls_certificate_set_rsa_export_params (gnutls_certificate_credential
s_t
res,
gnutls_rsa_params_t rsa_param
s);
void gnutls_certificate_set_verify_flags (gnutls_certificate_credentials_ t void gnutls_certificate_set_verify_flags (gnutls_certificate_credentials_ t
res, unsigned int flags); res, unsigned int flags);
void gnutls_certificate_set_verify_limits (gnutls_certificate_credentials _t void gnutls_certificate_set_verify_limits (gnutls_certificate_credentials _t
res, unsigned int max_bits, res, unsigned int max_bits,
unsigned int max_depth); unsigned int max_depth);
int int
gnutls_certificate_set_x509_trust_file (gnutls_certificate_credentials_ t gnutls_certificate_set_x509_trust_file (gnutls_certificate_credentials_ t
res, const char *cafile, cred, const char *cafile,
gnutls_x509_crt_fmt_t type); gnutls_x509_crt_fmt_t type);
int gnutls_certificate_set_x509_trust_mem (gnutls_certificate_credentials _t int gnutls_certificate_set_x509_trust_mem (gnutls_certificate_credentials _t
res, const gnutls_datum_t * ca , res, const gnutls_datum_t * ca ,
gnutls_x509_crt_fmt_t type); gnutls_x509_crt_fmt_t type);
int int
gnutls_certificate_set_x509_crl_file (gnutls_certificate_credentials_t gnutls_certificate_set_x509_crl_file (gnutls_certificate_credentials_t
res, const char *crlfile, res, const char *crlfile,
gnutls_x509_crt_fmt_t type); gnutls_x509_crt_fmt_t type);
int gnutls_certificate_set_x509_crl_mem (gnutls_certificate_credentials_t int gnutls_certificate_set_x509_crl_mem (gnutls_certificate_credentials_t
skipping to change at line 1209 skipping to change at line 1207
int gnutls_dh_params_export_pkcs3 (gnutls_dh_params_t params, int gnutls_dh_params_export_pkcs3 (gnutls_dh_params_t params,
gnutls_x509_crt_fmt_t format, gnutls_x509_crt_fmt_t format,
unsigned char *params_data, unsigned char *params_data,
size_t * params_data_size); size_t * params_data_size);
int gnutls_dh_params_export_raw (gnutls_dh_params_t params, int gnutls_dh_params_export_raw (gnutls_dh_params_t params,
gnutls_datum_t * prime, gnutls_datum_t * prime,
gnutls_datum_t * generator, gnutls_datum_t * generator,
unsigned int *bits); unsigned int *bits);
int gnutls_dh_params_cpy (gnutls_dh_params_t dst, gnutls_dh_params_t src) ; int gnutls_dh_params_cpy (gnutls_dh_params_t dst, gnutls_dh_params_t src) ;
/* RSA params
*/
int gnutls_rsa_params_init (gnutls_rsa_params_t * rsa_params);
void gnutls_rsa_params_deinit (gnutls_rsa_params_t rsa_params);
int gnutls_rsa_params_cpy (gnutls_rsa_params_t dst,
gnutls_rsa_params_t src);
int gnutls_rsa_params_import_raw (gnutls_rsa_params_t rsa_params,
const gnutls_datum_t * m,
const gnutls_datum_t * e,
const gnutls_datum_t * d,
const gnutls_datum_t * p,
const gnutls_datum_t * q,
const gnutls_datum_t * u);
int gnutls_rsa_params_generate2 (gnutls_rsa_params_t params,
unsigned int bits);
int gnutls_rsa_params_export_raw (gnutls_rsa_params_t rsa,
gnutls_datum_t * m, gnutls_datum_t * e,
gnutls_datum_t * d, gnutls_datum_t * p,
gnutls_datum_t * q, gnutls_datum_t * u,
unsigned int *bits);
int gnutls_rsa_params_export_pkcs1 (gnutls_rsa_params_t params,
gnutls_x509_crt_fmt_t format,
unsigned char *params_data,
size_t * params_data_size);
int gnutls_rsa_params_import_pkcs1 (gnutls_rsa_params_t params,
const gnutls_datum_t * pkcs1_params,
gnutls_x509_crt_fmt_t format);
/* Session stuff /* Session stuff
*/ */
typedef struct typedef struct
{ {
void *iov_base; /* Starting address */ void *iov_base; /* Starting address */
size_t iov_len; /* Number of bytes to transfer */ size_t iov_len; /* Number of bytes to transfer */
} giovec_t; } giovec_t;
typedef ssize_t (*gnutls_pull_func) (gnutls_transport_ptr_t, void *, typedef ssize_t (*gnutls_pull_func) (gnutls_transport_ptr_t, void *,
size_t); size_t);
skipping to change at line 1384 skipping to change at line 1354
size_t * result_size); size_t * result_size);
int gnutls_srp_base64_decode_alloc (const gnutls_datum_t * b64_data, int gnutls_srp_base64_decode_alloc (const gnutls_datum_t * b64_data,
gnutls_datum_t * result); gnutls_datum_t * result);
/* PSK stuff */ /* PSK stuff */
typedef struct gnutls_psk_server_credentials_st typedef struct gnutls_psk_server_credentials_st
*gnutls_psk_server_credentials_t; *gnutls_psk_server_credentials_t;
typedef struct gnutls_psk_client_credentials_st typedef struct gnutls_psk_client_credentials_st
*gnutls_psk_client_credentials_t; *gnutls_psk_client_credentials_t;
/** /**
* gnutls_psk_key_flags: * gnutls_psk_key_flags:
* @GNUTLS_PSK_KEY_RAW: PSK-key in raw format. * @GNUTLS_PSK_KEY_RAW: PSK-key in raw format.
* @GNUTLS_PSK_KEY_HEX: PSK-key in hex format. * @GNUTLS_PSK_KEY_HEX: PSK-key in hex format.
* *
* Enumeration of different PSK key flags. * Enumeration of different PSK key flags.
*/ */
typedef enum gnutls_psk_key_flags typedef enum gnutls_psk_key_flags
{ {
GNUTLS_PSK_KEY_RAW = 0, GNUTLS_PSK_KEY_RAW = 0,
GNUTLS_PSK_KEY_HEX GNUTLS_PSK_KEY_HEX
} gnutls_psk_key_flags; } gnutls_psk_key_flags;
void void
gnutls_psk_free_client_credentials (gnutls_psk_client_credentials_t sc) ; gnutls_psk_free_client_credentials (gnutls_psk_client_credentials_t sc) ;
int int
gnutls_psk_allocate_client_credentials (gnutls_psk_client_credentials_t * gnutls_psk_allocate_client_credentials (gnutls_psk_client_credentials_t *
skipping to change at line 1452 skipping to change at line 1422
void void
gnutls_psk_set_server_dh_params (gnutls_psk_server_credentials_t res, gnutls_psk_set_server_dh_params (gnutls_psk_server_credentials_t res,
gnutls_dh_params_t dh_params); gnutls_dh_params_t dh_params);
void void
gnutls_psk_set_server_params_function (gnutls_psk_server_credentials_t gnutls_psk_set_server_params_function (gnutls_psk_server_credentials_t
res, res,
gnutls_params_function * func); gnutls_params_function * func);
/** /**
* gnutls_x509_subject_alt_name_t: * gnutls_x509_subject_alt_name_t:
* @GNUTLS_SAN_DNSNAME: DNS-name SAN. * @GNUTLS_SAN_DNSNAME: DNS-name SAN.
* @GNUTLS_SAN_RFC822NAME: E-mail address SAN. * @GNUTLS_SAN_RFC822NAME: E-mail address SAN.
* @GNUTLS_SAN_URI: URI SAN. * @GNUTLS_SAN_URI: URI SAN.
* @GNUTLS_SAN_IPADDRESS: IP address SAN. * @GNUTLS_SAN_IPADDRESS: IP address SAN.
* @GNUTLS_SAN_OTHERNAME: OtherName SAN. * @GNUTLS_SAN_OTHERNAME: OtherName SAN.
* @GNUTLS_SAN_DN: DN SAN. * @GNUTLS_SAN_DN: DN SAN.
* @GNUTLS_SAN_OTHERNAME_XMPP: Virtual SAN, used by * @GNUTLS_SAN_OTHERNAME_XMPP: Virtual SAN, used by
* gnutls_x509_crt_get_subject_alt_othername_oid(). * gnutls_x509_crt_get_subject_alt_othername_oid().
* *
* Enumeration of different subject alternative names types. * Enumeration of different subject alternative names types.
*/ */
typedef enum gnutls_x509_subject_alt_name_t typedef enum gnutls_x509_subject_alt_name_t
{ {
GNUTLS_SAN_DNSNAME = 1, GNUTLS_SAN_DNSNAME = 1,
GNUTLS_SAN_RFC822NAME = 2, GNUTLS_SAN_RFC822NAME = 2,
GNUTLS_SAN_URI = 3, GNUTLS_SAN_URI = 3,
GNUTLS_SAN_IPADDRESS = 4, GNUTLS_SAN_IPADDRESS = 4,
GNUTLS_SAN_OTHERNAME = 5, GNUTLS_SAN_OTHERNAME = 5,
GNUTLS_SAN_DN = 6, GNUTLS_SAN_DN = 6,
/* The following are "virtual" subject alternative name types, in /* The following are "virtual" subject alternative name types, in
that they are represented by an otherName value and an OID. that they are represented by an otherName value and an OID.
skipping to change at line 1488 skipping to change at line 1458
struct gnutls_openpgp_crt_int; struct gnutls_openpgp_crt_int;
typedef struct gnutls_openpgp_crt_int *gnutls_openpgp_crt_t; typedef struct gnutls_openpgp_crt_int *gnutls_openpgp_crt_t;
struct gnutls_openpgp_privkey_int; struct gnutls_openpgp_privkey_int;
typedef struct gnutls_openpgp_privkey_int *gnutls_openpgp_privkey_t; typedef struct gnutls_openpgp_privkey_int *gnutls_openpgp_privkey_t;
struct gnutls_pkcs11_privkey_st; struct gnutls_pkcs11_privkey_st;
typedef struct gnutls_pkcs11_privkey_st *gnutls_pkcs11_privkey_t; typedef struct gnutls_pkcs11_privkey_st *gnutls_pkcs11_privkey_t;
/** /**
* gnutls_privkey_type_t: * gnutls_privkey_type_t:
* @GNUTLS_PRIVKEY_X509: X.509 private key, #gnutls_x509_privkey_t. * @GNUTLS_PRIVKEY_X509: X.509 private key, #gnutls_x509_privkey_t.
* @GNUTLS_PRIVKEY_OPENPGP: OpenPGP private key, #gnutls_openpgp_privkey_ * @GNUTLS_PRIVKEY_OPENPGP: OpenPGP private key, #gnutls_openpgp_privkey_t.
t. * @GNUTLS_PRIVKEY_PKCS11: PKCS11 private key, #gnutls_pkcs11_privkey_t.
* @GNUTLS_PRIVKEY_PKCS11: PKCS11 private key, #gnutls_pkcs11_privkey_t. *
* * Enumeration of different private key types.
* Enumeration of different private key types. */
*/
typedef enum typedef enum
{ {
GNUTLS_PRIVKEY_X509, GNUTLS_PRIVKEY_X509,
GNUTLS_PRIVKEY_OPENPGP, GNUTLS_PRIVKEY_OPENPGP,
GNUTLS_PRIVKEY_PKCS11 GNUTLS_PRIVKEY_PKCS11
} gnutls_privkey_type_t; } gnutls_privkey_type_t;
typedef struct gnutls_retr2_st typedef struct gnutls_retr2_st
{ {
gnutls_certificate_type_t cert_type; gnutls_certificate_type_t cert_type;
skipping to change at line 1546 skipping to change at line 1516
void gnutls_dh_set_prime_bits (gnutls_session_t session, unsigned int bit s); void gnutls_dh_set_prime_bits (gnutls_session_t session, unsigned int bit s);
int gnutls_dh_get_secret_bits (gnutls_session_t session); int gnutls_dh_get_secret_bits (gnutls_session_t session);
int gnutls_dh_get_peers_public_bits (gnutls_session_t session); int gnutls_dh_get_peers_public_bits (gnutls_session_t session);
int gnutls_dh_get_prime_bits (gnutls_session_t session); int gnutls_dh_get_prime_bits (gnutls_session_t session);
int gnutls_dh_get_group (gnutls_session_t session, gnutls_datum_t * raw_g en, int gnutls_dh_get_group (gnutls_session_t session, gnutls_datum_t * raw_g en,
gnutls_datum_t * raw_prime); gnutls_datum_t * raw_prime);
int gnutls_dh_get_pubkey (gnutls_session_t session, int gnutls_dh_get_pubkey (gnutls_session_t session,
gnutls_datum_t * raw_key); gnutls_datum_t * raw_key);
/* RSA */
int gnutls_rsa_export_get_pubkey (gnutls_session_t session,
gnutls_datum_t * exponent,
gnutls_datum_t * modulus);
int gnutls_rsa_export_get_modulus_bits (gnutls_session_t session);
/* X509PKI */ /* X509PKI */
/* These are set on the credentials structure. /* These are set on the credentials structure.
*/ */
/* use gnutls_certificate_set_retrieve_function2() in abstract.h /* use gnutls_certificate_set_retrieve_function2() in abstract.h
* instead. It's much more efficient. * instead. It's much more efficient.
*/ */
typedef int gnutls_certificate_retrieve_function (gnutls_session_t, typedef int gnutls_certificate_retrieve_function (gnutls_session_t,
 End of changes. 36 change blocks. 
404 lines changed or deleted 365 lines changed or added


 openpgp.h (3.0.2)   openpgp.h (3.0.3) 
skipping to change at line 343 skipping to change at line 343
const char *subkey_id, const char *subkey_id,
gnutls_openpgp_crt_fmt_t gnutls_openpgp_crt_fmt_t
format); format);
int int
gnutls_certificate_set_openpgp_key_mem2 (gnutls_certificate_credentials _t gnutls_certificate_set_openpgp_key_mem2 (gnutls_certificate_credentials _t
res, const gnutls_datum_t * ce rt, res, const gnutls_datum_t * ce rt,
const gnutls_datum_t * key, const gnutls_datum_t * key,
const char *subkey_id, const char *subkey_id,
gnutls_openpgp_crt_fmt_t forma t); gnutls_openpgp_crt_fmt_t forma t);
int int gnutls_certificate_set_openpgp_keyring_mem
gnutls_certificate_set_openpgp_keyring_mem (gnutls_certificate_credentials_t c, const unsigned char *data,
(gnutls_certificate_credentials_t c, const unsigned char *data, size_t dlen, gnutls_openpgp_crt_fmt_t format);
size_t dlen, gnutls_openpgp_crt_fmt_t format);
int int gnutls_certificate_set_openpgp_keyring_file
gnutls_certificate_set_openpgp_keyring_file (gnutls_certificate_credentials_t c, const char *file,
(gnutls_certificate_credentials_t c, const char *file, gnutls_openpgp_crt_fmt_t format);
gnutls_openpgp_crt_fmt_t format);
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* GNUTLS_OPENPGP_H */ #endif /* GNUTLS_OPENPGP_H */
 End of changes. 2 change blocks. 
8 lines changed or deleted 6 lines changed or added


 pkcs11.h (3.0.2)   pkcs11.h (3.0.3) 
skipping to change at line 338 skipping to change at line 338
gnutls_pkcs11_obj_info_t itype, gnutls_pkcs11_obj_info_t itype,
void *output, size_t * output_size); void *output, size_t * output_size);
int gnutls_pkcs11_privkey_import_url (gnutls_pkcs11_privkey_t pkey, int gnutls_pkcs11_privkey_import_url (gnutls_pkcs11_privkey_t pkey,
const char *url, unsigned int flags); const char *url, unsigned int flags);
int gnutls_pkcs11_privkey_export_url (gnutls_pkcs11_privkey_t key, int gnutls_pkcs11_privkey_export_url (gnutls_pkcs11_privkey_t key,
gnutls_pkcs11_url_type_t detailed, gnutls_pkcs11_url_type_t detailed,
char **url); char **url);
int
gnutls_pkcs11_privkey_generate (const char* url,
gnutls_pk_algorithm_t pk, unsigned int bits,
const char* label, unsigned int flags);
#endif #endif
 End of changes. 1 change blocks. 
0 lines changed or deleted 5 lines changed or added


 pkcs12.h (3.0.2)   pkcs12.h (3.0.3) 
skipping to change at line 61 skipping to change at line 61
int indx, gnutls_pkcs12_bag_t bag); int indx, gnutls_pkcs12_bag_t bag);
int gnutls_pkcs12_set_bag (gnutls_pkcs12_t pkcs12, gnutls_pkcs12_bag_t ba g); int gnutls_pkcs12_set_bag (gnutls_pkcs12_t pkcs12, gnutls_pkcs12_bag_t ba g);
int gnutls_pkcs12_generate_mac (gnutls_pkcs12_t pkcs12, const char *pass) ; int gnutls_pkcs12_generate_mac (gnutls_pkcs12_t pkcs12, const char *pass) ;
int gnutls_pkcs12_verify_mac (gnutls_pkcs12_t pkcs12, const char *pass); int gnutls_pkcs12_verify_mac (gnutls_pkcs12_t pkcs12, const char *pass);
int gnutls_pkcs12_bag_decrypt (gnutls_pkcs12_bag_t bag, const char *pass) ; int gnutls_pkcs12_bag_decrypt (gnutls_pkcs12_bag_t bag, const char *pass) ;
int gnutls_pkcs12_bag_encrypt (gnutls_pkcs12_bag_t bag, const char *pass, int gnutls_pkcs12_bag_encrypt (gnutls_pkcs12_bag_t bag, const char *pass,
unsigned int flags); unsigned int flags);
/** /**
* gnutls_pkcs12_bag_type_t: * gnutls_pkcs12_bag_type_t:
* @GNUTLS_BAG_EMPTY: Empty PKCS-12 bag. * @GNUTLS_BAG_EMPTY: Empty PKCS-12 bag.
* @GNUTLS_BAG_PKCS8_ENCRYPTED_KEY: PKCS-12 bag with PKCS-8 encrypted key * @GNUTLS_BAG_PKCS8_ENCRYPTED_KEY: PKCS-12 bag with PKCS-8 encrypted key.
. * @GNUTLS_BAG_PKCS8_KEY: PKCS-12 bag with PKCS-8 key.
* @GNUTLS_BAG_PKCS8_KEY: PKCS-12 bag with PKCS-8 key. * @GNUTLS_BAG_CERTIFICATE: PKCS-12 bag with certificate.
* @GNUTLS_BAG_CERTIFICATE: PKCS-12 bag with certificate. * @GNUTLS_BAG_CRL: PKCS-12 bag with CRL.
* @GNUTLS_BAG_CRL: PKCS-12 bag with CRL. * @GNUTLS_BAG_SECRET: PKCS-12 bag with secret PKCS-9 keys.
* @GNUTLS_BAG_SECRET: PKCS-12 bag with secret PKCS-9 keys. * @GNUTLS_BAG_ENCRYPTED: Encrypted PKCS-12 bag.
* @GNUTLS_BAG_ENCRYPTED: Encrypted PKCS-12 bag. * @GNUTLS_BAG_UNKNOWN: Unknown PKCS-12 bag.
* @GNUTLS_BAG_UNKNOWN: Unknown PKCS-12 bag. *
* * Enumeration of different PKCS 12 bag types.
* Enumeration of different PKCS 12 bag types. */
*/
typedef enum gnutls_pkcs12_bag_type_t typedef enum gnutls_pkcs12_bag_type_t
{ {
GNUTLS_BAG_EMPTY = 0, GNUTLS_BAG_EMPTY = 0,
GNUTLS_BAG_PKCS8_ENCRYPTED_KEY = 1, GNUTLS_BAG_PKCS8_ENCRYPTED_KEY = 1,
GNUTLS_BAG_PKCS8_KEY = 2, GNUTLS_BAG_PKCS8_KEY = 2,
GNUTLS_BAG_CERTIFICATE = 3, GNUTLS_BAG_CERTIFICATE = 3,
GNUTLS_BAG_CRL = 4, GNUTLS_BAG_CRL = 4,
GNUTLS_BAG_SECRET = 5, /* Secret data. Underspecified in pkcs-12, GNUTLS_BAG_SECRET = 5, /* Secret data. Underspecified in pkcs-12,
* gnutls extension. We use the PKCS-9 * gnutls extension. We use the PKCS-9
* random nonce ID 1.2.840.113549.1.9.25.3 * random nonce ID 1.2.840.113549.1.9.25.3
 End of changes. 1 change blocks. 
14 lines changed or deleted 13 lines changed or added


 x509.h (3.0.2)   x509.h (3.0.3) 
skipping to change at line 122 skipping to change at line 122
gnutls_x509_crt_fmt_t format, unsigned int fla gs); gnutls_x509_crt_fmt_t format, unsigned int fla gs);
int gnutls_x509_crt_list_import (gnutls_x509_crt_t * certs, int gnutls_x509_crt_list_import (gnutls_x509_crt_t * certs,
unsigned int *cert_max, unsigned int *cert_max,
const gnutls_datum_t * data, const gnutls_datum_t * data,
gnutls_x509_crt_fmt_t format, gnutls_x509_crt_fmt_t format,
unsigned int flags); unsigned int flags);
int gnutls_x509_crt_export (gnutls_x509_crt_t cert, int gnutls_x509_crt_export (gnutls_x509_crt_t cert,
gnutls_x509_crt_fmt_t format, gnutls_x509_crt_fmt_t format,
void *output_data, size_t * output_data_size) ; void *output_data, size_t * output_data_size) ;
int gnutls_x509_crt_get_issuer_dn (gnutls_x509_crt_t cert, char *buf, int gnutls_x509_crt_get_issuer_dn (gnutls_x509_crt_t cert, char *buf,
size_t * sizeof_buf); size_t * buf_size);
int gnutls_x509_crt_get_issuer_dn_oid (gnutls_x509_crt_t cert, int indx, int gnutls_x509_crt_get_issuer_dn_oid (gnutls_x509_crt_t cert, int indx,
void *oid, size_t * sizeof_oid); void *oid, size_t * oid_size);
int gnutls_x509_crt_get_issuer_dn_by_oid (gnutls_x509_crt_t cert, int gnutls_x509_crt_get_issuer_dn_by_oid (gnutls_x509_crt_t cert,
const char *oid, int indx, const char *oid, int indx,
unsigned int raw_flag, unsigned int raw_flag,
void *buf, size_t * sizeof_buf) ; void *buf, size_t * buf_size);
int gnutls_x509_crt_get_dn (gnutls_x509_crt_t cert, char *buf, int gnutls_x509_crt_get_dn (gnutls_x509_crt_t cert, char *buf,
size_t * sizeof_buf); size_t * buf_size);
int gnutls_x509_crt_get_dn_oid (gnutls_x509_crt_t cert, int indx, int gnutls_x509_crt_get_dn_oid (gnutls_x509_crt_t cert, int indx,
void *oid, size_t * sizeof_oid); void *oid, size_t * oid_size);
int gnutls_x509_crt_get_dn_by_oid (gnutls_x509_crt_t cert, int gnutls_x509_crt_get_dn_by_oid (gnutls_x509_crt_t cert,
const char *oid, int indx, const char *oid, int indx,
unsigned int raw_flag, void *buf, unsigned int raw_flag, void *buf,
size_t * sizeof_buf); size_t * buf_size);
int gnutls_x509_crt_check_hostname (gnutls_x509_crt_t cert, int gnutls_x509_crt_check_hostname (gnutls_x509_crt_t cert,
const char *hostname); const char *hostname);
int gnutls_x509_crt_get_signature_algorithm (gnutls_x509_crt_t cert); int gnutls_x509_crt_get_signature_algorithm (gnutls_x509_crt_t cert);
int gnutls_x509_crt_get_signature (gnutls_x509_crt_t cert, int gnutls_x509_crt_get_signature (gnutls_x509_crt_t cert,
char *sig, size_t * sizeof_sig); char *sig, size_t * sizeof_sig);
int gnutls_x509_crt_get_version (gnutls_x509_crt_t cert); int gnutls_x509_crt_get_version (gnutls_x509_crt_t cert);
int gnutls_x509_crt_get_key_id (gnutls_x509_crt_t crt, int gnutls_x509_crt_get_key_id (gnutls_x509_crt_t crt,
unsigned int flags, unsigned int flags,
unsigned char *output_data, unsigned char *output_data,
skipping to change at line 160 skipping to change at line 160
const void *id, size_t id_size) ; const void *id, size_t id_size) ;
int gnutls_x509_crt_get_authority_key_id (gnutls_x509_crt_t cert, int gnutls_x509_crt_get_authority_key_id (gnutls_x509_crt_t cert,
void *ret, size_t * ret_size, void *ret, size_t * ret_size,
unsigned int *critical); unsigned int *critical);
int gnutls_x509_crt_get_subject_key_id (gnutls_x509_crt_t cert, int gnutls_x509_crt_get_subject_key_id (gnutls_x509_crt_t cert,
void *ret, size_t * ret_size, void *ret, size_t * ret_size,
unsigned int *critical); unsigned int *critical);
int gnutls_x509_crt_get_subject_unique_id (gnutls_x509_crt_t crt, char *b uf, int gnutls_x509_crt_get_subject_unique_id (gnutls_x509_crt_t crt, char *b uf,
size_t * sizeof_buf); size_t * buf_size);
int gnutls_x509_crt_get_issuer_unique_id (gnutls_x509_crt_t crt, char *bu f, int gnutls_x509_crt_get_issuer_unique_id (gnutls_x509_crt_t crt, char *bu f,
size_t * sizeof_buf); size_t * buf_size);
#define GNUTLS_CRL_REASON_UNUSED 128 #define GNUTLS_CRL_REASON_UNUSED 128
#define GNUTLS_CRL_REASON_KEY_COMPROMISE 64 #define GNUTLS_CRL_REASON_KEY_COMPROMISE 64
#define GNUTLS_CRL_REASON_CA_COMPROMISE 32 #define GNUTLS_CRL_REASON_CA_COMPROMISE 32
#define GNUTLS_CRL_REASON_AFFILIATION_CHANGED 16 #define GNUTLS_CRL_REASON_AFFILIATION_CHANGED 16
#define GNUTLS_CRL_REASON_SUPERSEDED 8 #define GNUTLS_CRL_REASON_SUPERSEDED 8
#define GNUTLS_CRL_REASON_SUPERSEEDED GNUTLS_CRL_REASON_SUPERSEDED #define GNUTLS_CRL_REASON_SUPERSEEDED GNUTLS_CRL_REASON_SUPERSEDED
#define GNUTLS_CRL_REASON_CESSATION_OF_OPERATION 4 #define GNUTLS_CRL_REASON_CESSATION_OF_OPERATION 4
#define GNUTLS_CRL_REASON_CERTIFICATE_HOLD 2 #define GNUTLS_CRL_REASON_CERTIFICATE_HOLD 2
#define GNUTLS_CRL_REASON_PRIVILEGE_WITHDRAWN 1 #define GNUTLS_CRL_REASON_PRIVILEGE_WITHDRAWN 1
skipping to change at line 225 skipping to change at line 225
size_t * ret_size, size_t * ret_size,
unsigned int *critical); unsigned int *critical);
int gnutls_x509_crt_get_subject_alt_name2 (gnutls_x509_crt_t cert, int gnutls_x509_crt_get_subject_alt_name2 (gnutls_x509_crt_t cert,
unsigned int seq, void *ret, unsigned int seq, void *ret,
size_t * ret_size, size_t * ret_size,
unsigned int *ret_type, unsigned int *ret_type,
unsigned int *critical); unsigned int *critical);
int gnutls_x509_crt_get_subject_alt_othername_oid (gnutls_x509_crt_t cert , int gnutls_x509_crt_get_subject_alt_othername_oid (gnutls_x509_crt_t cert ,
unsigned int seq, unsigned int seq,
void *ret, void *oid,
size_t * ret_size); size_t * oid_size);
int gnutls_x509_crt_get_issuer_alt_name (gnutls_x509_crt_t cert, int gnutls_x509_crt_get_issuer_alt_name (gnutls_x509_crt_t cert,
unsigned int seq, void *ret, unsigned int seq, void *ret,
size_t * ret_size, size_t * ret_size,
unsigned int *critical); unsigned int *critical);
int gnutls_x509_crt_get_issuer_alt_name2 (gnutls_x509_crt_t cert, int gnutls_x509_crt_get_issuer_alt_name2 (gnutls_x509_crt_t cert,
unsigned int seq, void *ret, unsigned int seq, void *ret,
size_t * ret_size, size_t * ret_size,
unsigned int *ret_type, unsigned int *ret_type,
unsigned int *critical); unsigned int *critical);
skipping to change at line 268 skipping to change at line 268
int gnutls_x509_crt_get_proxy (gnutls_x509_crt_t cert, int gnutls_x509_crt_get_proxy (gnutls_x509_crt_t cert,
unsigned int *critical, unsigned int *critical,
int *pathlen, int *pathlen,
char **policyLanguage, char **policyLanguage,
char **policy, size_t * sizeof_policy); char **policy, size_t * sizeof_policy);
int gnutls_x509_dn_oid_known (const char *oid); int gnutls_x509_dn_oid_known (const char *oid);
/* Read extensions by OID. */ /* Read extensions by OID. */
int gnutls_x509_crt_get_extension_oid (gnutls_x509_crt_t cert, int indx, int gnutls_x509_crt_get_extension_oid (gnutls_x509_crt_t cert, int indx,
void *oid, size_t * sizeof_oid); void *oid, size_t * oid_size);
int gnutls_x509_crt_get_extension_by_oid (gnutls_x509_crt_t cert, int gnutls_x509_crt_get_extension_by_oid (gnutls_x509_crt_t cert,
const char *oid, int indx, const char *oid, int indx,
void *buf, void *buf, size_t * buf_size,
size_t * sizeof_buf,
unsigned int *critical); unsigned int *critical);
/* Read extensions by sequence number. */ /* Read extensions by sequence number. */
int gnutls_x509_crt_get_extension_info (gnutls_x509_crt_t cert, int indx, int gnutls_x509_crt_get_extension_info (gnutls_x509_crt_t cert, int indx,
void *oid, size_t * sizeof_oid, void *oid, size_t * oid_size,
unsigned int *critical); unsigned int *critical);
int gnutls_x509_crt_get_extension_data (gnutls_x509_crt_t cert, int indx, int gnutls_x509_crt_get_extension_data (gnutls_x509_crt_t cert, int indx,
void *data, size_t * sizeof_data) ; void *data, size_t * sizeof_data) ;
int gnutls_x509_crt_set_extension_by_oid (gnutls_x509_crt_t crt, int gnutls_x509_crt_set_extension_by_oid (gnutls_x509_crt_t crt,
const char *oid, const char *oid,
const void *buf, const void *buf,
size_t sizeof_buf, size_t sizeof_buf,
unsigned int critical); unsigned int critical);
skipping to change at line 529 skipping to change at line 528
/* X.509 Certificate verification functions. /* X.509 Certificate verification functions.
*/ */
/** /**
* gnutls_certificate_verify_flags: * gnutls_certificate_verify_flags:
* @GNUTLS_VERIFY_DISABLE_CA_SIGN: If set a signer does not have to be * @GNUTLS_VERIFY_DISABLE_CA_SIGN: If set a signer does not have to be
* a certificate authority. This flag should normaly be disabled, * a certificate authority. This flag should normaly be disabled,
* unless you know what this means. * unless you know what this means.
* @GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS: If set a signer in the trust ed * @GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS: If set a signer in the trust ed
* list is never checked for expiration or activation. * list is never checked for expiration or activation.
* @GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT: Allow trusted CA * @GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT: Allow trusted CA certificates
* certificates that have version 1. This is the default. * with version 1. This is safer than %GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA
_CRT,
* and should be used instead. That way only signers in your trusted list
* will be allowed to have certificates of version 1. This is the default.
* @GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT: Do not allow trusted CA * @GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT: Do not allow trusted CA
* certificates that have version 1. This option is to be used * certificates that have version 1. This option is to be used
* to deprecate all V1 certificates. * to deprecate all certificates of version 1.
* @GNUTLS_VERIFY_DO_NOT_ALLOW_SAME: If a certificate is not signed by * @GNUTLS_VERIFY_DO_NOT_ALLOW_SAME: If a certificate is not signed by
* anyone trusted but exists in the trusted CA list do not treat it * anyone trusted but exists in the trusted CA list do not treat it
* as trusted. * as trusted.
* @GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT: Allow CA certificates that * @GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT: Allow CA certificates that
* have version 1 (both root and intermediate). This might be * have version 1 (both root and intermediate). This might be
* dangerous since those haven't the basicConstraints * dangerous since those haven't the basicConstraints
* extension. Must be used in combination with * extension. Must be used in combination with
* %GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT. * %GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT.
* @GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2: Allow certificates to be signed * @GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2: Allow certificates to be signed
* using the broken MD2 algorithm. * using the broken MD2 algorithm.
skipping to change at line 594 skipping to change at line 595
const gnutls_x509_crt_t * CA_list, const gnutls_x509_crt_t * CA_list,
int CA_list_length, unsigned int flags, int CA_list_length, unsigned int flags,
unsigned int *verify); unsigned int *verify);
int gnutls_x509_crt_check_revocation (gnutls_x509_crt_t cert, int gnutls_x509_crt_check_revocation (gnutls_x509_crt_t cert,
const gnutls_x509_crl_t * const gnutls_x509_crl_t *
crl_list, int crl_list_length); crl_list, int crl_list_length);
int gnutls_x509_crt_get_fingerprint (gnutls_x509_crt_t cert, int gnutls_x509_crt_get_fingerprint (gnutls_x509_crt_t cert,
gnutls_digest_algorithm_t algo, gnutls_digest_algorithm_t algo,
void *buf, size_t * sizeof_buf); void *buf, size_t * buf_size);
int gnutls_x509_crt_get_key_purpose_oid (gnutls_x509_crt_t cert, int gnutls_x509_crt_get_key_purpose_oid (gnutls_x509_crt_t cert,
int indx, void *oid, int indx, void *oid,
size_t * sizeof_oid, size_t * oid_size,
unsigned int *critical); unsigned int *critical);
int gnutls_x509_crt_set_key_purpose_oid (gnutls_x509_crt_t cert, int gnutls_x509_crt_set_key_purpose_oid (gnutls_x509_crt_t cert,
const void *oid, const void *oid,
unsigned int critical); unsigned int critical);
/* Private key handling. /* Private key handling.
*/ */
/* Flags for the gnutls_x509_privkey_export_pkcs8() function. /* Flags for the gnutls_x509_privkey_export_pkcs8() function.
*/ */
 End of changes. 16 change blocks. 
19 lines changed or deleted 21 lines changed or added

This html diff was produced by rfcdiff 1.41.The latest version is available from http://tools.ietf.org/tools/rfcdiff/