ABI
Tracker

(GnuTLS)



Headers diff: 3.1.1 vs 3.1.2



 abstract.h (3.1.1)   abstract.h (3.1.2) 
skipping to change at line 228 skipping to change at line 228
int gnutls_privkey_import_x509_raw (gnutls_privkey_t pkey, int gnutls_privkey_import_x509_raw (gnutls_privkey_t pkey,
const gnutls_datum_t * data, const gnutls_datum_t * data,
gnutls_x509_crt_fmt_t format, gnutls_x509_crt_fmt_t format,
const char* password, unsigned int flag s); const char* password, unsigned int flag s);
int int
gnutls_privkey_import_tpm_raw (gnutls_privkey_t pkey, gnutls_privkey_import_tpm_raw (gnutls_privkey_t pkey,
const gnutls_datum_t * fdata, const gnutls_datum_t * fdata,
gnutls_tpmkey_fmt_t format, gnutls_tpmkey_fmt_t format,
const char *srk_password, const char *srk_password,
const char *tpm_password, unsigned int flags) ; const char *key_password, unsigned int flags) ;
int int
gnutls_privkey_import_tpm_url (gnutls_privkey_t pkey, gnutls_privkey_import_tpm_url (gnutls_privkey_t pkey,
const char* url, const char *srk_password, const char *key_passwo rd, const char* url, const char *srk_password, const char *key_passwo rd,
unsigned int flags); unsigned int flags);
int gnutls_privkey_import_url (gnutls_privkey_t key, const char *url, unsig ned int flags); int gnutls_privkey_import_url (gnutls_privkey_t key, const char *url, unsig ned int flags);
int gnutls_privkey_import_pkcs11_url (gnutls_privkey_t key, const char *url ); int gnutls_privkey_import_pkcs11_url (gnutls_privkey_t key, const char *url );
 End of changes. 1 change blocks. 
1 lines changed or deleted 1 lines changed or added


 gnutls.h (3.1.1)   gnutls.h (3.1.2) 
skipping to change at line 54 skipping to change at line 54
#include <sys/types.h> #include <sys/types.h>
/* *INDENT-ON* */ /* *INDENT-ON* */
#endif #endif
/* Get time_t. */ /* Get time_t. */
#include <time.h> #include <time.h>
#ifdef __cplusplus #ifdef __cplusplus
extern "C" extern "C"
{ {
#endif #endif
#define GNUTLS_VERSION "3.1.1" #define GNUTLS_VERSION "3.1.2"
#define GNUTLS_VERSION_MAJOR 3 #define GNUTLS_VERSION_MAJOR 3
#define GNUTLS_VERSION_MINOR 1 #define GNUTLS_VERSION_MINOR 1
#define GNUTLS_VERSION_PATCH 1 #define GNUTLS_VERSION_PATCH 2
#define GNUTLS_VERSION_NUMBER 0x030101 #define GNUTLS_VERSION_NUMBER 0x030102
#define GNUTLS_CIPHER_RIJNDAEL_128_CBC GNUTLS_CIPHER_AES_128_CBC #define GNUTLS_CIPHER_RIJNDAEL_128_CBC GNUTLS_CIPHER_AES_128_CBC
#define GNUTLS_CIPHER_RIJNDAEL_256_CBC GNUTLS_CIPHER_AES_256_CBC #define GNUTLS_CIPHER_RIJNDAEL_256_CBC GNUTLS_CIPHER_AES_256_CBC
#define GNUTLS_CIPHER_RIJNDAEL_CBC GNUTLS_CIPHER_AES_128_CBC #define GNUTLS_CIPHER_RIJNDAEL_CBC GNUTLS_CIPHER_AES_128_CBC
#define GNUTLS_CIPHER_ARCFOUR GNUTLS_CIPHER_ARCFOUR_128 #define GNUTLS_CIPHER_ARCFOUR GNUTLS_CIPHER_ARCFOUR_128
/** /**
* gnutls_cipher_algorithm_t: * gnutls_cipher_algorithm_t:
* @GNUTLS_CIPHER_UNKNOWN: Unknown algorithm. * @GNUTLS_CIPHER_UNKNOWN: Unknown algorithm.
* @GNUTLS_CIPHER_NULL: NULL algorithm. * @GNUTLS_CIPHER_NULL: NULL algorithm.
skipping to change at line 298 skipping to change at line 298
} gnutls_compression_method_t; } gnutls_compression_method_t;
/* /*
* Flags for gnutls_init() * Flags for gnutls_init()
* *
* @GNUTLS_SERVER: Connection end is a server. * @GNUTLS_SERVER: Connection end is a server.
* @GNUTLS_CLIENT: Connection end is a client. * @GNUTLS_CLIENT: Connection end is a client.
* @GNUTLS_DATAGRAM: Connection is datagram oriented (DTLS). * @GNUTLS_DATAGRAM: Connection is datagram oriented (DTLS).
* @GNUTLS_NONBLOCK: Connection should not block (DTLS). * @GNUTLS_NONBLOCK: Connection should not block (DTLS).
* *
* Enumeration of different TLS connection end types.
*/ */
#define GNUTLS_SERVER 1 #define GNUTLS_SERVER 1
#define GNUTLS_CLIENT (1<<1) #define GNUTLS_CLIENT (1<<1)
#define GNUTLS_DATAGRAM (1<<2) #define GNUTLS_DATAGRAM (1<<2)
#define GNUTLS_NONBLOCK (1<<3) #define GNUTLS_NONBLOCK (1<<3)
/** /**
* gnutls_alert_level_t: * gnutls_alert_level_t:
* @GNUTLS_AL_WARNING: Alert of warning severity. * @GNUTLS_AL_WARNING: Alert of warning severity.
* @GNUTLS_AL_FATAL: Alert of fatal severity. * @GNUTLS_AL_FATAL: Alert of fatal severity.
skipping to change at line 665 skipping to change at line 664
typedef enum typedef enum
{ {
GNUTLS_ECC_CURVE_INVALID=0, GNUTLS_ECC_CURVE_INVALID=0,
GNUTLS_ECC_CURVE_SECP224R1, GNUTLS_ECC_CURVE_SECP224R1,
GNUTLS_ECC_CURVE_SECP256R1, GNUTLS_ECC_CURVE_SECP256R1,
GNUTLS_ECC_CURVE_SECP384R1, GNUTLS_ECC_CURVE_SECP384R1,
GNUTLS_ECC_CURVE_SECP521R1, GNUTLS_ECC_CURVE_SECP521R1,
GNUTLS_ECC_CURVE_SECP192R1, GNUTLS_ECC_CURVE_SECP192R1,
} gnutls_ecc_curve_t; } gnutls_ecc_curve_t;
#define GNUTLS_SEC_PARAM_WEAK GNUTLS_SEC_PARAM_LOW
/** /**
* gnutls_sec_param_t: * gnutls_sec_param_t:
* @GNUTLS_SEC_PARAM_INSECURE: Less than 72 bits of security
* @GNUTLS_SEC_PARAM_WEAK: 72 bits of security
* @GNUTLS_SEC_PARAM_UNKNOWN: Cannot be known * @GNUTLS_SEC_PARAM_UNKNOWN: Cannot be known
* @GNUTLS_SEC_PARAM_LOW: low security level * @GNUTLS_SEC_PARAM_LOW: 80 bits of security
* @GNUTLS_SEC_PARAM_LEGACY: 96 bits of security * @GNUTLS_SEC_PARAM_LEGACY: 96 bits of security
* @GNUTLS_SEC_PARAM_NORMAL: 112 bits of security * @GNUTLS_SEC_PARAM_NORMAL: 112 bits of security
* @GNUTLS_SEC_PARAM_HIGH: 128 bits of security * @GNUTLS_SEC_PARAM_HIGH: 128 bits of security
* @GNUTLS_SEC_PARAM_ULTRA: 192 bits of security * @GNUTLS_SEC_PARAM_ULTRA: 192 bits of security
* *
* Enumeration of security parameters for passive attacks. * Enumeration of security parameters for passive attacks.
*/ */
typedef enum typedef enum
{ {
GNUTLS_SEC_PARAM_UNKNOWN, GNUTLS_SEC_PARAM_INSECURE = -20,
GNUTLS_SEC_PARAM_WEAK = -10,
GNUTLS_SEC_PARAM_UNKNOWN = 0,
GNUTLS_SEC_PARAM_LOW = 1, GNUTLS_SEC_PARAM_LOW = 1,
GNUTLS_SEC_PARAM_LEGACY = 2, GNUTLS_SEC_PARAM_LEGACY = 2,
GNUTLS_SEC_PARAM_NORMAL = 3, GNUTLS_SEC_PARAM_NORMAL = 3,
GNUTLS_SEC_PARAM_HIGH = 4, GNUTLS_SEC_PARAM_HIGH = 4,
GNUTLS_SEC_PARAM_ULTRA = 5, GNUTLS_SEC_PARAM_ULTRA = 5,
} gnutls_sec_param_t; } gnutls_sec_param_t;
/** /**
* gnutls_channel_binding_t: * gnutls_channel_binding_t:
* @GNUTLS_CB_TLS_UNIQUE: "tls-unique" (RFC 5929) channel binding * @GNUTLS_CB_TLS_UNIQUE: "tls-unique" (RFC 5929) channel binding
skipping to change at line 753 skipping to change at line 754
int gnutls_init (gnutls_session_t * session, int gnutls_init (gnutls_session_t * session,
unsigned int flags); unsigned int flags);
void gnutls_deinit (gnutls_session_t session); void gnutls_deinit (gnutls_session_t session);
#define _gnutls_deinit(x) gnutls_deinit(x) #define _gnutls_deinit(x) gnutls_deinit(x)
int gnutls_bye (gnutls_session_t session, gnutls_close_request_t how); int gnutls_bye (gnutls_session_t session, gnutls_close_request_t how);
int gnutls_handshake (gnutls_session_t session); int gnutls_handshake (gnutls_session_t session);
#define GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT ((unsigned int)-1) #define GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT ((unsigned int)-1)
void gnutls_handshake_set_timeout (gnutls_session_t session, unsigned int void gnutls_handshake_set_timeout (gnutls_session_t session,
sec); unsigned int ms);
int gnutls_rehandshake (gnutls_session_t session); int gnutls_rehandshake (gnutls_session_t session);
gnutls_alert_description_t gnutls_alert_get (gnutls_session_t session); gnutls_alert_description_t gnutls_alert_get (gnutls_session_t session);
int gnutls_alert_send (gnutls_session_t session, int gnutls_alert_send (gnutls_session_t session,
gnutls_alert_level_t level, gnutls_alert_level_t level,
gnutls_alert_description_t desc); gnutls_alert_description_t desc);
int gnutls_alert_send_appropriate (gnutls_session_t session, int err); int gnutls_alert_send_appropriate (gnutls_session_t session, int err);
const char *gnutls_alert_get_name (gnutls_alert_description_t alert); const char *gnutls_alert_get_name (gnutls_alert_description_t alert);
const char * gnutls_alert_get_strname (gnutls_alert_description_t alert); const char * gnutls_alert_get_strname (gnutls_alert_description_t alert);
skipping to change at line 803 skipping to change at line 805
/* the name of the specified algorithms */ /* the name of the specified algorithms */
const char *gnutls_cipher_get_name (gnutls_cipher_algorithm_t algorithm); const char *gnutls_cipher_get_name (gnutls_cipher_algorithm_t algorithm);
const char *gnutls_mac_get_name (gnutls_mac_algorithm_t algorithm); const char *gnutls_mac_get_name (gnutls_mac_algorithm_t algorithm);
const char *gnutls_compression_get_name (gnutls_compression_method_t const char *gnutls_compression_get_name (gnutls_compression_method_t
algorithm); algorithm);
const char *gnutls_kx_get_name (gnutls_kx_algorithm_t algorithm); const char *gnutls_kx_get_name (gnutls_kx_algorithm_t algorithm);
const char *gnutls_certificate_type_get_name (gnutls_certificate_type_t const char *gnutls_certificate_type_get_name (gnutls_certificate_type_t
type); type);
const char *gnutls_pk_get_name (gnutls_pk_algorithm_t algorithm); const char *gnutls_pk_get_name (gnutls_pk_algorithm_t algorithm);
const char *gnutls_sign_get_name (gnutls_sign_algorithm_t algorithm); const char *gnutls_sign_get_name (gnutls_sign_algorithm_t algorithm);
gnutls_digest_algorithm_t gnutls_sign_get_hash_algorithm (gnutls_sign_alg gnutls_digest_algorithm_t
orithm_t); gnutls_sign_get_hash_algorithm (gnutls_sign_algorithm_t sign);
gnutls_pk_algorithm_t gnutls_sign_get_pk_algorithm (gnutls_sign_algorithm gnutls_pk_algorithm_t
_t); gnutls_sign_get_pk_algorithm (gnutls_sign_algorithm_t sign);
gnutls_sign_algorithm_t
gnutls_sign_algorithm_t gnutls_pk_to_sign (gnutls_pk_algorithm_t pk, gnutls_pk_to_sign (gnutls_pk_algorithm_t pk,
gnutls_digest_algorithm_t d); gnutls_digest_algorithm_t hash);
#define gnutls_sign_algorithm_get_name gnutls_sign_get_name #define gnutls_sign_algorithm_get_name gnutls_sign_get_name
gnutls_mac_algorithm_t gnutls_mac_get_id (const char *name); gnutls_mac_algorithm_t gnutls_mac_get_id (const char *name);
gnutls_compression_method_t gnutls_compression_get_id (const char *name); gnutls_compression_method_t gnutls_compression_get_id (const char *name);
gnutls_cipher_algorithm_t gnutls_cipher_get_id (const char *name); gnutls_cipher_algorithm_t gnutls_cipher_get_id (const char *name);
gnutls_kx_algorithm_t gnutls_kx_get_id (const char *name); gnutls_kx_algorithm_t gnutls_kx_get_id (const char *name);
gnutls_protocol_t gnutls_protocol_get_id (const char *name); gnutls_protocol_t gnutls_protocol_get_id (const char *name);
gnutls_certificate_type_t gnutls_certificate_type_get_id (const char *nam e); gnutls_certificate_type_t gnutls_certificate_type_get_id (const char *nam e);
gnutls_pk_algorithm_t gnutls_pk_get_id (const char *name); gnutls_pk_algorithm_t gnutls_pk_get_id (const char *name);
skipping to change at line 856 skipping to change at line 860
*/ */
void gnutls_handshake_set_private_extensions (gnutls_session_t session, void gnutls_handshake_set_private_extensions (gnutls_session_t session,
int allow); int allow);
gnutls_handshake_description_t gnutls_handshake_description_t
gnutls_handshake_get_last_out (gnutls_session_t session); gnutls_handshake_get_last_out (gnutls_session_t session);
gnutls_handshake_description_t gnutls_handshake_description_t
gnutls_handshake_get_last_in (gnutls_session_t session); gnutls_handshake_get_last_in (gnutls_session_t session);
/* Record layer functions. /* Record layer functions.
*/ */
#define GNUTLS_HEARTBEAT_WAIT 1
int gnutls_heartbeat_ping (gnutls_session_t session, size_t data_size,
unsigned int max_tries, unsigned int flags);
int gnutls_heartbeat_pong (gnutls_session_t session, unsigned int flags);
ssize_t gnutls_record_send (gnutls_session_t session, const void *data, ssize_t gnutls_record_send (gnutls_session_t session, const void *data,
size_t data_size); size_t data_size);
ssize_t gnutls_record_recv (gnutls_session_t session, void *data, ssize_t gnutls_record_recv (gnutls_session_t session, void *data,
size_t data_size); size_t data_size);
#define gnutls_read gnutls_record_recv #define gnutls_read gnutls_record_recv
#define gnutls_write gnutls_record_send #define gnutls_write gnutls_record_send
ssize_t gnutls_record_recv_seq (gnutls_session_t session, void *data, siz e_t data_size, ssize_t gnutls_record_recv_seq (gnutls_session_t session, void *data, siz e_t data_size,
unsigned char *seq); unsigned char *seq);
void gnutls_session_enable_compatibility_mode (gnutls_session_t session); void gnutls_session_enable_compatibility_mode (gnutls_session_t session);
skipping to change at line 906 skipping to change at line 915
} gnutls_server_name_type_t; } gnutls_server_name_type_t;
int gnutls_server_name_set (gnutls_session_t session, int gnutls_server_name_set (gnutls_session_t session,
gnutls_server_name_type_t type, gnutls_server_name_type_t type,
const void *name, size_t name_length); const void *name, size_t name_length);
int gnutls_server_name_get (gnutls_session_t session, int gnutls_server_name_get (gnutls_session_t session,
void *data, size_t * data_length, void *data, size_t * data_length,
unsigned int *type, unsigned int indx); unsigned int *type, unsigned int indx);
unsigned int gnutls_heartbeat_get_timeout (gnutls_session_t session);
void gnutls_heartbeat_set_timeouts (gnutls_session_t session, unsigned in
t retrans_timeout,
unsigned int total_timeout);
#define GNUTLS_HB_PEER_ALLOWED_TO_SEND (1)
#define GNUTLS_HB_PEER_NOT_ALLOWED_TO_SEND (1<<1)
/* Heartbeat */
void gnutls_heartbeat_enable (gnutls_session_t session, unsigned int type
);
#define GNUTLS_HB_LOCAL_ALLOWED_TO_SEND (1<<2)
int gnutls_heartbeat_allowed (gnutls_session_t session, unsigned int type
);
/* Safe renegotiation */ /* Safe renegotiation */
int gnutls_safe_renegotiation_status (gnutls_session_t session); int gnutls_safe_renegotiation_status (gnutls_session_t session);
/** /**
* gnutls_supplemental_data_format_type_t: * gnutls_supplemental_data_format_type_t:
* @GNUTLS_SUPPLEMENTAL_USER_MAPPING_DATA: Supplemental user mapping data. * @GNUTLS_SUPPLEMENTAL_USER_MAPPING_DATA: Supplemental user mapping data.
* *
* Enumeration of different supplemental data types (RFC 4680). * Enumeration of different supplemental data types (RFC 4680).
*/ */
typedef enum typedef enum
skipping to change at line 1956 skipping to change at line 1978
#define GNUTLS_E_HANDSHAKE_TOO_LARGE -210 #define GNUTLS_E_HANDSHAKE_TOO_LARGE -210
#define GNUTLS_E_CRYPTODEV_IOCTL_ERROR -211 #define GNUTLS_E_CRYPTODEV_IOCTL_ERROR -211
#define GNUTLS_E_CRYPTODEV_DEVICE_ERROR -212 #define GNUTLS_E_CRYPTODEV_DEVICE_ERROR -212
#define GNUTLS_E_CHANNEL_BINDING_NOT_AVAILABLE -213 #define GNUTLS_E_CHANNEL_BINDING_NOT_AVAILABLE -213
#define GNUTLS_E_BAD_COOKIE -214 #define GNUTLS_E_BAD_COOKIE -214
#define GNUTLS_E_OPENPGP_PREFERRED_KEY_ERROR -215 #define GNUTLS_E_OPENPGP_PREFERRED_KEY_ERROR -215
#define GNUTLS_E_INCOMPAT_DSA_KEY_WITH_TLS_PROTOCOL -216 #define GNUTLS_E_INCOMPAT_DSA_KEY_WITH_TLS_PROTOCOL -216
#define GNUTLS_E_HEARTBEAT_PONG_RECEIVED -292
#define GNUTLS_E_HEARTBEAT_PING_RECEIVED -293
/* PKCS11 related */ /* PKCS11 related */
#define GNUTLS_E_PKCS11_ERROR -300 #define GNUTLS_E_PKCS11_ERROR -300
#define GNUTLS_E_PKCS11_LOAD_ERROR -301 #define GNUTLS_E_PKCS11_LOAD_ERROR -301
#define GNUTLS_E_PARSING_ERROR -302 #define GNUTLS_E_PARSING_ERROR -302
#define GNUTLS_E_PKCS11_PIN_ERROR -303 #define GNUTLS_E_PKCS11_PIN_ERROR -303
#define GNUTLS_E_PKCS11_SLOT_ERROR -305 #define GNUTLS_E_PKCS11_SLOT_ERROR -305
#define GNUTLS_E_LOCKING_ERROR -306 #define GNUTLS_E_LOCKING_ERROR -306
#define GNUTLS_E_PKCS11_ATTRIBUTE_ERROR -307 #define GNUTLS_E_PKCS11_ATTRIBUTE_ERROR -307
#define GNUTLS_E_PKCS11_DEVICE_ERROR -308 #define GNUTLS_E_PKCS11_DEVICE_ERROR -308
 End of changes. 13 change blocks. 
17 lines changed or deleted 42 lines changed or added


 pkcs11.h (3.1.1)   pkcs11.h (3.1.2) 
skipping to change at line 83 skipping to change at line 83
void gnutls_pkcs11_set_token_function (gnutls_pkcs11_token_callback_t fn, void gnutls_pkcs11_set_token_function (gnutls_pkcs11_token_callback_t fn,
void *userdata); void *userdata);
void gnutls_pkcs11_set_pin_function (gnutls_pin_callback_t fn, void gnutls_pkcs11_set_pin_function (gnutls_pin_callback_t fn,
void *userdata); void *userdata);
gnutls_pin_callback_t gnutls_pkcs11_get_pin_function (void **userdata); gnutls_pin_callback_t gnutls_pkcs11_get_pin_function (void **userdata);
int gnutls_pkcs11_add_provider (const char *name, const char *params); int gnutls_pkcs11_add_provider (const char *name, const char *params);
int gnutls_pkcs11_obj_init (gnutls_pkcs11_obj_t * obj); int gnutls_pkcs11_obj_init (gnutls_pkcs11_obj_t * obj);
void gnutls_pkcs11_obj_set_pin_function (gnutls_pkcs11_obj_t, void gnutls_pkcs11_obj_set_pin_function (gnutls_pkcs11_obj_t obj,
gnutls_pin_callback_t fn, gnutls_pin_callback_t fn,
void *userdata); void *userdata);
#define GNUTLS_PKCS11_OBJ_FLAG_LOGIN (1<<0) /* force login in the token for the operation */ #define GNUTLS_PKCS11_OBJ_FLAG_LOGIN (1<<0) /* force login in the token for the operation */
#define GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED (1<<1) /* object marked as trusted */ #define GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED (1<<1) /* object marked as trusted */
#define GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE (1<<2) /* object marked as sensitive (unexportable) */ #define GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE (1<<2) /* object marked as sensitive (unexportable) */
#define GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO (1<<3) /* force login as a secu rity officer in the token for the operation */ #define GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO (1<<3) /* force login as a secu rity officer in the token for the operation */
#define GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE (1<<4) /* marked as private (re quires PIN to access) */ #define GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE (1<<4) /* marked as private (re quires PIN to access) */
#define GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE (1<<5) /* marked as not pri vate */ #define GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE (1<<5) /* marked as not pri vate */
/** /**
* gnutls_pkcs11_url_type_t: * gnutls_pkcs11_url_type_t:
skipping to change at line 109 skipping to change at line 109
* *
* Enumeration of different URL extraction flags. * Enumeration of different URL extraction flags.
*/ */
typedef enum typedef enum
{ {
GNUTLS_PKCS11_URL_GENERIC, /* URL specifies the object on token leve l */ GNUTLS_PKCS11_URL_GENERIC, /* URL specifies the object on token leve l */
GNUTLS_PKCS11_URL_LIB, /* URL specifies the object on module lev el */ GNUTLS_PKCS11_URL_LIB, /* URL specifies the object on module lev el */
GNUTLS_PKCS11_URL_LIB_VERSION /* URL specifies the object on module and version level */ GNUTLS_PKCS11_URL_LIB_VERSION /* URL specifies the object on module and version level */
} gnutls_pkcs11_url_type_t; } gnutls_pkcs11_url_type_t;
int gnutls_pkcs11_obj_import_url (gnutls_pkcs11_obj_t cert, int gnutls_pkcs11_obj_import_url (gnutls_pkcs11_obj_t obj,
const char *url, const char *url,
unsigned int flags unsigned int flags
/* GNUTLS_PKCS11_OBJ_FLAG_* */ ); /* GNUTLS_PKCS11_OBJ_FLAG_* */ );
int gnutls_pkcs11_obj_export_url (gnutls_pkcs11_obj_t obj, int gnutls_pkcs11_obj_export_url (gnutls_pkcs11_obj_t obj,
gnutls_pkcs11_url_type_t detailed, gnutls_pkcs11_url_type_t detailed,
char **url); char **url);
void gnutls_pkcs11_obj_deinit (gnutls_pkcs11_obj_t obj); void gnutls_pkcs11_obj_deinit (gnutls_pkcs11_obj_t obj);
int gnutls_pkcs11_obj_export (gnutls_pkcs11_obj_t obj, int gnutls_pkcs11_obj_export (gnutls_pkcs11_obj_t obj,
void *output_data, size_t * output_data_size) ; void *output_data, size_t * output_data_size) ;
int gnutls_pkcs11_copy_x509_crt (const char *token_url, gnutls_x509_crt_t c rt, int gnutls_pkcs11_copy_x509_crt (const char *token_url, gnutls_x509_crt_t c rt,
const char *label, unsigned int flags const char *label, unsigned int flags
skipping to change at line 284 skipping to change at line 284
gnutls_pkcs11_obj_type_t gnutls_pkcs11_obj_get_type (gnutls_pkcs11_obj_t ob j); gnutls_pkcs11_obj_type_t gnutls_pkcs11_obj_get_type (gnutls_pkcs11_obj_t ob j);
const char *gnutls_pkcs11_type_get_name (gnutls_pkcs11_obj_type_t type); const char *gnutls_pkcs11_type_get_name (gnutls_pkcs11_obj_type_t type);
int gnutls_x509_crt_list_import_pkcs11 (gnutls_x509_crt_t * certs, int gnutls_x509_crt_list_import_pkcs11 (gnutls_x509_crt_t * certs,
unsigned int cert_max, unsigned int cert_max,
gnutls_pkcs11_obj_t * const objs, gnutls_pkcs11_obj_t * const objs,
unsigned int flags /* must be zero */); unsigned int flags /* must be zero */);
/* private key functions...*/ /* private key functions...*/
int gnutls_pkcs11_privkey_init (gnutls_pkcs11_privkey_t * key); int gnutls_pkcs11_privkey_init (gnutls_pkcs11_privkey_t * key);
void gnutls_pkcs11_privkey_set_pin_function (gnutls_pkcs11_privkey_t, void gnutls_pkcs11_privkey_set_pin_function (gnutls_pkcs11_privkey_t key,
gnutls_pin_callback_t fn, void gnutls_pin_callback_t fn,
*userdata); void *userdata);
void gnutls_pkcs11_privkey_deinit (gnutls_pkcs11_privkey_t key); void gnutls_pkcs11_privkey_deinit (gnutls_pkcs11_privkey_t key);
int gnutls_pkcs11_privkey_get_pk_algorithm (gnutls_pkcs11_privkey_t key, int gnutls_pkcs11_privkey_get_pk_algorithm (gnutls_pkcs11_privkey_t key,
unsigned int *bits); unsigned int *bits);
int gnutls_pkcs11_privkey_get_info (gnutls_pkcs11_privkey_t pkey, int gnutls_pkcs11_privkey_get_info (gnutls_pkcs11_privkey_t pkey,
gnutls_pkcs11_obj_info_t itype, gnutls_pkcs11_obj_info_t itype,
void *output, size_t * output_size); void *output, size_t * output_size);
int gnutls_pkcs11_privkey_import_url (gnutls_pkcs11_privkey_t pkey, int gnutls_pkcs11_privkey_import_url (gnutls_pkcs11_privkey_t pkey,
const char *url, unsigned int flags); const char *url, unsigned int flags);
int gnutls_pkcs11_privkey_export_url (gnutls_pkcs11_privkey_t key, int gnutls_pkcs11_privkey_export_url (gnutls_pkcs11_privkey_t key,
gnutls_pkcs11_url_type_t detailed, gnutls_pkcs11_url_type_t detailed,
char **url); char **url);
int int gnutls_pkcs11_privkey_generate (const char* url,
gnutls_pkcs11_privkey_generate (const char* url, gnutls_pk_algorithm_t pk,
gnutls_pk_algorithm_t pk, unsigned int bits, unsigned int bits,
const char* label, unsigned int flags); const char* label, unsigned int flags);
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif #endif
 End of changes. 9 change blocks. 
19 lines changed or deleted 19 lines changed or added


 tpm.h (3.1.1)   tpm.h (3.1.2) 
skipping to change at line 43 skipping to change at line 43
struct tpm_key_list_st; struct tpm_key_list_st;
typedef struct tpm_key_list_st *gnutls_tpm_key_list_t; typedef struct tpm_key_list_st *gnutls_tpm_key_list_t;
#define GNUTLS_TPM_KEY_SIGNING (1<<1) #define GNUTLS_TPM_KEY_SIGNING (1<<1)
#define GNUTLS_TPM_REGISTER_KEY (1<<2) #define GNUTLS_TPM_REGISTER_KEY (1<<2)
#define GNUTLS_TPM_KEY_USER (1<<3) #define GNUTLS_TPM_KEY_USER (1<<3)
/** /**
* gnutls_tpmkey_fmt_t: * gnutls_tpmkey_fmt_t:
* @GNUTLS_TPM_FMT_DER: The portable data format. * @GNUTLS_TPMKEY_FMT_DER: The portable data format.
* @GNUTLS_TPM_FMT_CTK_PEM: A custom data format used by some TPM tools. * @GNUTLS_TPMKEY_FMT_CTK_PEM: A custom data format used by some TPM tools.
* *
* Enumeration of different certificate encoding formats. * Enumeration of different certificate encoding formats.
*/ */
typedef enum typedef enum
{ {
GNUTLS_TPMKEY_FMT_DER = 0, GNUTLS_TPMKEY_FMT_DER = 0,
GNUTLS_TPMKEY_FMT_CTK_PEM = 1 GNUTLS_TPMKEY_FMT_CTK_PEM = 1
} gnutls_tpmkey_fmt_t; } gnutls_tpmkey_fmt_t;
int int
 End of changes. 1 change blocks. 
2 lines changed or deleted 2 lines changed or added


 x509.h (3.1.1)   x509.h (3.1.2) 
skipping to change at line 602 skipping to change at line 602
* @GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT: Allow trusted CA certificates * @GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT: Allow trusted CA certificates
* with version 1. This is safer than %GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA _CRT, * with version 1. This is safer than %GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA _CRT,
* and should be used instead. That way only signers in your trusted list * and should be used instead. That way only signers in your trusted list
* will be allowed to have certificates of version 1. This is the default. * will be allowed to have certificates of version 1. This is the default.
* @GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT: Do not allow trusted CA * @GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT: Do not allow trusted CA
* certificates that have version 1. This option is to be used * certificates that have version 1. This option is to be used
* to deprecate all certificates of version 1. * to deprecate all certificates of version 1.
* @GNUTLS_VERIFY_DO_NOT_ALLOW_SAME: If a certificate is not signed by * @GNUTLS_VERIFY_DO_NOT_ALLOW_SAME: If a certificate is not signed by
* anyone trusted but exists in the trusted CA list do not treat it * anyone trusted but exists in the trusted CA list do not treat it
* as trusted. * as trusted.
* @GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN: A certificate chain is tolerated
* if unsorted (the case with many TLS servers out there).
* @GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT: Allow CA certificates that * @GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT: Allow CA certificates that
* have version 1 (both root and intermediate). This might be * have version 1 (both root and intermediate). This might be
* dangerous since those haven't the basicConstraints * dangerous since those haven't the basicConstraints
* extension. Must be used in combination with * extension. Must be used in combination with
* %GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT. * %GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT.
* @GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2: Allow certificates to be signed * @GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2: Allow certificates to be signed
* using the broken MD2 algorithm. * using the broken MD2 algorithm.
* @GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5: Allow certificates to be signed * @GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5: Allow certificates to be signed
* using the broken MD5 algorithm. * using the broken MD5 algorithm.
* @GNUTLS_VERIFY_DISABLE_TIME_CHECKS: Disable checking of activation * @GNUTLS_VERIFY_DISABLE_TIME_CHECKS: Disable checking of activation
skipping to change at line 631 skipping to change at line 633
GNUTLS_VERIFY_DISABLE_CA_SIGN = 1, GNUTLS_VERIFY_DISABLE_CA_SIGN = 1,
GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT = 2, GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT = 2,
GNUTLS_VERIFY_DO_NOT_ALLOW_SAME = 4, GNUTLS_VERIFY_DO_NOT_ALLOW_SAME = 4,
GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT = 8, GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT = 8,
GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2 = 16, GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2 = 16,
GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5 = 32, GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5 = 32,
GNUTLS_VERIFY_DISABLE_TIME_CHECKS = 64, GNUTLS_VERIFY_DISABLE_TIME_CHECKS = 64,
GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS = 128, GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS = 128,
GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT = 256, GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT = 256,
GNUTLS_VERIFY_DISABLE_CRL_CHECKS = 512, GNUTLS_VERIFY_DISABLE_CRL_CHECKS = 512,
GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN = 1024,
} gnutls_certificate_verify_flags; } gnutls_certificate_verify_flags;
int gnutls_x509_crt_check_issuer (gnutls_x509_crt_t cert, int gnutls_x509_crt_check_issuer (gnutls_x509_crt_t cert,
gnutls_x509_crt_t issuer); gnutls_x509_crt_t issuer);
int gnutls_x509_crt_list_verify (const gnutls_x509_crt_t * cert_list, int gnutls_x509_crt_list_verify (const gnutls_x509_crt_t * cert_list,
int cert_list_length, int cert_list_length,
const gnutls_x509_crt_t * CA_list, const gnutls_x509_crt_t * CA_list,
int CA_list_length, int CA_list_length,
const gnutls_x509_crl_t * CRL_list, const gnutls_x509_crl_t * CRL_list,
skipping to change at line 768 skipping to change at line 771
gnutls_datum_t * y, gnutls_datum_t * y,
gnutls_datum_t * x); gnutls_datum_t * x);
int gnutls_x509_privkey_import_dsa_raw (gnutls_x509_privkey_t key, int gnutls_x509_privkey_import_dsa_raw (gnutls_x509_privkey_t key,
const gnutls_datum_t * p, const gnutls_datum_t * p,
const gnutls_datum_t * q, const gnutls_datum_t * q,
const gnutls_datum_t * g, const gnutls_datum_t * g,
const gnutls_datum_t * y, const gnutls_datum_t * y,
const gnutls_datum_t * x); const gnutls_datum_t * x);
int gnutls_x509_privkey_get_pk_algorithm (gnutls_x509_privkey_t key); int gnutls_x509_privkey_get_pk_algorithm (gnutls_x509_privkey_t key);
int gnutls_x509_privkey_get_pk_algorithm2 (gnutls_x509_privkey_t key, uns igned int *bits);
int gnutls_x509_privkey_get_key_id (gnutls_x509_privkey_t key, int gnutls_x509_privkey_get_key_id (gnutls_x509_privkey_t key,
unsigned int flags, unsigned int flags,
unsigned char *output_data, unsigned char *output_data,
size_t * output_data_size); size_t * output_data_size);
int gnutls_x509_privkey_generate (gnutls_x509_privkey_t key, int gnutls_x509_privkey_generate (gnutls_x509_privkey_t key,
gnutls_pk_algorithm_t algo, gnutls_pk_algorithm_t algo,
unsigned int bits, unsigned int flags); unsigned int bits, unsigned int flags);
int gnutls_x509_privkey_verify_params (gnutls_x509_privkey_t key); int gnutls_x509_privkey_verify_params (gnutls_x509_privkey_t key);
 End of changes. 3 change blocks. 
0 lines changed or deleted 4 lines changed or added

This html diff was produced by rfcdiff 1.41.The latest version is available from http://tools.ietf.org/tools/rfcdiff/