ABI
Tracker

(GnuTLS)



Headers diff: 3.3.6 vs 3.3.8



 abstract.h (3.3.6)   abstract.h (3.3.8) 
skipping to change at line 54 skipping to change at line 54
* as in the TLS 1.0 protocol. * as in the TLS 1.0 protocol.
* @GNUTLS_PUBKEY_DISABLE_CALLBACKS: The following flag disables call to PI N callbacks. Only * @GNUTLS_PUBKEY_DISABLE_CALLBACKS: The following flag disables call to PI N callbacks. Only
* relevant to TPM keys. * relevant to TPM keys.
* @GNUTLS_PUBKEY_GET_OPENPGP_FINGERPRINT: request an OPENPGP fingerprint i nstead of the default. * @GNUTLS_PUBKEY_GET_OPENPGP_FINGERPRINT: request an OPENPGP fingerprint i nstead of the default.
* *
* Enumeration of different certificate import flags. * Enumeration of different certificate import flags.
*/ */
typedef enum gnutls_pubkey_flags { typedef enum gnutls_pubkey_flags {
GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA = 1, GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA = 1,
GNUTLS_PUBKEY_DISABLE_CALLBACKS = 1 << 2, GNUTLS_PUBKEY_DISABLE_CALLBACKS = 1 << 2,
GNUTLS_PUBKEY_GET_OPENPGP_FINGERPRINT = 1 << 3, GNUTLS_PUBKEY_GET_OPENPGP_FINGERPRINT = 1 << 3
} gnutls_pubkey_flags_t; } gnutls_pubkey_flags_t;
typedef int (*gnutls_privkey_sign_func) (gnutls_privkey_t key, typedef int (*gnutls_privkey_sign_func) (gnutls_privkey_t key,
void *userdata, void *userdata,
const gnutls_datum_t * const gnutls_datum_t *
raw_data, raw_data,
gnutls_datum_t * signature); gnutls_datum_t * signature);
typedef int (*gnutls_privkey_decrypt_func) (gnutls_privkey_t key, typedef int (*gnutls_privkey_decrypt_func) (gnutls_privkey_t key,
void *userdata, void *userdata,
const gnutls_datum_t * const gnutls_datum_t *
skipping to change at line 273 skipping to change at line 273
* @GNUTLS_PRIVKEY_IMPORT_COPY: Copy required values during import. * @GNUTLS_PRIVKEY_IMPORT_COPY: Copy required values during import.
* @GNUTLS_PRIVKEY_DISABLE_CALLBACKS: The following flag disables call to P IN callbacks etc. * @GNUTLS_PRIVKEY_DISABLE_CALLBACKS: The following flag disables call to P IN callbacks etc.
* Only relevant to TPM keys. * Only relevant to TPM keys.
* *
* Enumeration of different certificate import flags. * Enumeration of different certificate import flags.
*/ */
typedef enum gnutls_privkey_flags { typedef enum gnutls_privkey_flags {
GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE = 1, GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE = 1,
GNUTLS_PRIVKEY_IMPORT_COPY = 1 << 1, GNUTLS_PRIVKEY_IMPORT_COPY = 1 << 1,
GNUTLS_PRIVKEY_DISABLE_CALLBACKS = 1 << 2, GNUTLS_PRIVKEY_DISABLE_CALLBACKS = 1 << 2,
GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA = 1 << 4, GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA = 1 << 4
} gnutls_privkey_flags_t; } gnutls_privkey_flags_t;
int gnutls_privkey_import_pkcs11(gnutls_privkey_t pkey, int gnutls_privkey_import_pkcs11(gnutls_privkey_t pkey,
gnutls_pkcs11_privkey_t key, gnutls_pkcs11_privkey_t key,
unsigned int flags); unsigned int flags);
int gnutls_privkey_import_x509(gnutls_privkey_t pkey, int gnutls_privkey_import_x509(gnutls_privkey_t pkey,
gnutls_x509_privkey_t key, gnutls_x509_privkey_t key,
unsigned int flags); unsigned int flags);
int gnutls_privkey_import_openpgp(gnutls_privkey_t pkey, int gnutls_privkey_import_openpgp(gnutls_privkey_t pkey,
gnutls_openpgp_privkey_t key, gnutls_openpgp_privkey_t key,
 End of changes. 2 change blocks. 
2 lines changed or deleted 2 lines changed or added


 gnutls.h (3.3.6)   gnutls.h (3.3.8) 
skipping to change at line 56 skipping to change at line 56
#endif #endif
/* Get time_t. */ /* Get time_t. */
#include <time.h> #include <time.h>
/* *INDENT-OFF* */ /* *INDENT-OFF* */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
/* *INDENT-ON* */ /* *INDENT-ON* */
#define GNUTLS_VERSION "3.3.6" #define GNUTLS_VERSION "3.3.8"
#define GNUTLS_VERSION_MAJOR 3 #define GNUTLS_VERSION_MAJOR 3
#define GNUTLS_VERSION_MINOR 3 #define GNUTLS_VERSION_MINOR 3
#define GNUTLS_VERSION_PATCH 6 #define GNUTLS_VERSION_PATCH 8
#define GNUTLS_VERSION_NUMBER 0x030306 #define GNUTLS_VERSION_NUMBER 0x030308
#define GNUTLS_CIPHER_RIJNDAEL_128_CBC GNUTLS_CIPHER_AES_128_CBC #define GNUTLS_CIPHER_RIJNDAEL_128_CBC GNUTLS_CIPHER_AES_128_CBC
#define GNUTLS_CIPHER_RIJNDAEL_256_CBC GNUTLS_CIPHER_AES_256_CBC #define GNUTLS_CIPHER_RIJNDAEL_256_CBC GNUTLS_CIPHER_AES_256_CBC
#define GNUTLS_CIPHER_RIJNDAEL_CBC GNUTLS_CIPHER_AES_128_CBC #define GNUTLS_CIPHER_RIJNDAEL_CBC GNUTLS_CIPHER_AES_128_CBC
#define GNUTLS_CIPHER_ARCFOUR GNUTLS_CIPHER_ARCFOUR_128 #define GNUTLS_CIPHER_ARCFOUR GNUTLS_CIPHER_ARCFOUR_128
/** /**
* gnutls_cipher_algorithm_t: * gnutls_cipher_algorithm_t:
* @GNUTLS_CIPHER_UNKNOWN: Unknown algorithm. * @GNUTLS_CIPHER_UNKNOWN: Unknown algorithm.
* @GNUTLS_CIPHER_NULL: NULL algorithm. * @GNUTLS_CIPHER_NULL: NULL algorithm.
skipping to change at line 171 skipping to change at line 171
GNUTLS_KX_SRP = 5, GNUTLS_KX_SRP = 5,
GNUTLS_KX_RSA_EXPORT = 6, GNUTLS_KX_RSA_EXPORT = 6,
GNUTLS_KX_SRP_RSA = 7, GNUTLS_KX_SRP_RSA = 7,
GNUTLS_KX_SRP_DSS = 8, GNUTLS_KX_SRP_DSS = 8,
GNUTLS_KX_PSK = 9, GNUTLS_KX_PSK = 9,
GNUTLS_KX_DHE_PSK = 10, GNUTLS_KX_DHE_PSK = 10,
GNUTLS_KX_ANON_ECDH = 11, GNUTLS_KX_ANON_ECDH = 11,
GNUTLS_KX_ECDHE_RSA = 12, GNUTLS_KX_ECDHE_RSA = 12,
GNUTLS_KX_ECDHE_ECDSA = 13, GNUTLS_KX_ECDHE_ECDSA = 13,
GNUTLS_KX_ECDHE_PSK = 14, GNUTLS_KX_ECDHE_PSK = 14,
GNUTLS_KX_RSA_PSK = 15, GNUTLS_KX_RSA_PSK = 15
} gnutls_kx_algorithm_t; } gnutls_kx_algorithm_t;
/** /**
* gnutls_params_type_t: * gnutls_params_type_t:
* @GNUTLS_PARAMS_RSA_EXPORT: Session RSA-EXPORT parameters (defunc). * @GNUTLS_PARAMS_RSA_EXPORT: Session RSA-EXPORT parameters (defunc).
* @GNUTLS_PARAMS_DH: Session Diffie-Hellman parameters. * @GNUTLS_PARAMS_DH: Session Diffie-Hellman parameters.
* @GNUTLS_PARAMS_ECDH: Session Elliptic-Curve Diffie-Hellman parameters. * @GNUTLS_PARAMS_ECDH: Session Elliptic-Curve Diffie-Hellman parameters.
* *
* Enumeration of different TLS session parameter types. * Enumeration of different TLS session parameter types.
*/ */
typedef enum { typedef enum {
GNUTLS_PARAMS_RSA_EXPORT = 1, GNUTLS_PARAMS_RSA_EXPORT = 1,
GNUTLS_PARAMS_DH = 2, GNUTLS_PARAMS_DH = 2,
GNUTLS_PARAMS_ECDH = 3, GNUTLS_PARAMS_ECDH = 3
} gnutls_params_type_t; } gnutls_params_type_t;
/** /**
* gnutls_credentials_type_t: * gnutls_credentials_type_t:
* @GNUTLS_CRD_CERTIFICATE: Certificate credential. * @GNUTLS_CRD_CERTIFICATE: Certificate credential.
* @GNUTLS_CRD_ANON: Anonymous credential. * @GNUTLS_CRD_ANON: Anonymous credential.
* @GNUTLS_CRD_SRP: SRP credential. * @GNUTLS_CRD_SRP: SRP credential.
* @GNUTLS_CRD_PSK: PSK credential. * @GNUTLS_CRD_PSK: PSK credential.
* @GNUTLS_CRD_IA: IA credential. * @GNUTLS_CRD_IA: IA credential.
* *
skipping to change at line 243 skipping to change at line 243
GNUTLS_MAC_RMD160 = 4, GNUTLS_MAC_RMD160 = 4,
GNUTLS_MAC_MD2 = 5, GNUTLS_MAC_MD2 = 5,
GNUTLS_MAC_SHA256 = 6, GNUTLS_MAC_SHA256 = 6,
GNUTLS_MAC_SHA384 = 7, GNUTLS_MAC_SHA384 = 7,
GNUTLS_MAC_SHA512 = 8, GNUTLS_MAC_SHA512 = 8,
GNUTLS_MAC_SHA224 = 9, GNUTLS_MAC_SHA224 = 9,
/* If you add anything here, make sure you align with /* If you add anything here, make sure you align with
gnutls_digest_algorithm_t. */ gnutls_digest_algorithm_t. */
GNUTLS_MAC_AEAD = 200, /* indicates that MAC is on the cipher */ GNUTLS_MAC_AEAD = 200, /* indicates that MAC is on the cipher */
GNUTLS_MAC_UMAC_96 = 201, GNUTLS_MAC_UMAC_96 = 201,
GNUTLS_MAC_UMAC_128 = 202, GNUTLS_MAC_UMAC_128 = 202
} gnutls_mac_algorithm_t; } gnutls_mac_algorithm_t;
/** /**
* gnutls_digest_algorithm_t: * gnutls_digest_algorithm_t:
* @GNUTLS_DIG_UNKNOWN: Unknown hash algorithm. * @GNUTLS_DIG_UNKNOWN: Unknown hash algorithm.
* @GNUTLS_DIG_NULL: NULL hash algorithm (empty output). * @GNUTLS_DIG_NULL: NULL hash algorithm (empty output).
* @GNUTLS_DIG_MD5: MD5 algorithm. * @GNUTLS_DIG_MD5: MD5 algorithm.
* @GNUTLS_DIG_SHA1: SHA-1 algorithm. * @GNUTLS_DIG_SHA1: SHA-1 algorithm.
* @GNUTLS_DIG_RMD160: RMD160 algorithm. * @GNUTLS_DIG_RMD160: RMD160 algorithm.
* @GNUTLS_DIG_MD2: MD2 algorithm. * @GNUTLS_DIG_MD2: MD2 algorithm.
skipping to change at line 294 skipping to change at line 294
* @GNUTLS_COMP_NULL: The NULL compression method (no compression). * @GNUTLS_COMP_NULL: The NULL compression method (no compression).
* @GNUTLS_COMP_DEFLATE: The DEFLATE compression method from zlib. * @GNUTLS_COMP_DEFLATE: The DEFLATE compression method from zlib.
* @GNUTLS_COMP_ZLIB: Same as %GNUTLS_COMP_DEFLATE. * @GNUTLS_COMP_ZLIB: Same as %GNUTLS_COMP_DEFLATE.
* *
* Enumeration of different TLS compression methods. * Enumeration of different TLS compression methods.
*/ */
typedef enum { typedef enum {
GNUTLS_COMP_UNKNOWN = 0, GNUTLS_COMP_UNKNOWN = 0,
GNUTLS_COMP_NULL = 1, GNUTLS_COMP_NULL = 1,
GNUTLS_COMP_DEFLATE = 2, GNUTLS_COMP_DEFLATE = 2,
GNUTLS_COMP_ZLIB = GNUTLS_COMP_DEFLATE, GNUTLS_COMP_ZLIB = GNUTLS_COMP_DEFLATE
} gnutls_compression_method_t; } gnutls_compression_method_t;
/* /*
* Flags for gnutls_init() * Flags for gnutls_init()
* *
* @GNUTLS_SERVER: Connection end is a server. * @GNUTLS_SERVER: Connection end is a server.
* @GNUTLS_CLIENT: Connection end is a client. * @GNUTLS_CLIENT: Connection end is a client.
* @GNUTLS_DATAGRAM: Connection is datagram oriented (DTLS). * @GNUTLS_DATAGRAM: Connection is datagram oriented (DTLS).
* @GNUTLS_NONBLOCK: Connection should not block (DTLS). * @GNUTLS_NONBLOCK: Connection should not block (DTLS).
* @GNUTLS_NO_EXTENSIONS: Do not enable any TLS extensions by default. * @GNUTLS_NO_EXTENSIONS: Do not enable any TLS extensions by default.
skipping to change at line 393 skipping to change at line 393
GNUTLS_A_EXPORT_RESTRICTION = 60, GNUTLS_A_EXPORT_RESTRICTION = 60,
GNUTLS_A_PROTOCOL_VERSION = 70, GNUTLS_A_PROTOCOL_VERSION = 70,
GNUTLS_A_INSUFFICIENT_SECURITY, GNUTLS_A_INSUFFICIENT_SECURITY,
GNUTLS_A_INTERNAL_ERROR = 80, GNUTLS_A_INTERNAL_ERROR = 80,
GNUTLS_A_USER_CANCELED = 90, GNUTLS_A_USER_CANCELED = 90,
GNUTLS_A_NO_RENEGOTIATION = 100, GNUTLS_A_NO_RENEGOTIATION = 100,
GNUTLS_A_UNSUPPORTED_EXTENSION = 110, GNUTLS_A_UNSUPPORTED_EXTENSION = 110,
GNUTLS_A_CERTIFICATE_UNOBTAINABLE = 111, GNUTLS_A_CERTIFICATE_UNOBTAINABLE = 111,
GNUTLS_A_UNRECOGNIZED_NAME = 112, GNUTLS_A_UNRECOGNIZED_NAME = 112,
GNUTLS_A_UNKNOWN_PSK_IDENTITY = 115, GNUTLS_A_UNKNOWN_PSK_IDENTITY = 115,
GNUTLS_A_NO_APPLICATION_PROTOCOL = 120, GNUTLS_A_NO_APPLICATION_PROTOCOL = 120
} gnutls_alert_description_t; } gnutls_alert_description_t;
/** /**
* gnutls_handshake_description_t: * gnutls_handshake_description_t:
* @GNUTLS_HANDSHAKE_HELLO_REQUEST: Hello request. * @GNUTLS_HANDSHAKE_HELLO_REQUEST: Hello request.
* @GNUTLS_HANDSHAKE_HELLO_VERIFY_REQUEST: DTLS Hello verify request. * @GNUTLS_HANDSHAKE_HELLO_VERIFY_REQUEST: DTLS Hello verify request.
* @GNUTLS_HANDSHAKE_CLIENT_HELLO: Client hello. * @GNUTLS_HANDSHAKE_CLIENT_HELLO: Client hello.
* @GNUTLS_HANDSHAKE_SERVER_HELLO: Server hello. * @GNUTLS_HANDSHAKE_SERVER_HELLO: Server hello.
* @GNUTLS_HANDSHAKE_NEW_SESSION_TICKET: New session ticket. * @GNUTLS_HANDSHAKE_NEW_SESSION_TICKET: New session ticket.
* @GNUTLS_HANDSHAKE_CERTIFICATE_PKT: Certificate packet. * @GNUTLS_HANDSHAKE_CERTIFICATE_PKT: Certificate packet.
skipping to change at line 433 skipping to change at line 433
GNUTLS_HANDSHAKE_CERTIFICATE_PKT = 11, GNUTLS_HANDSHAKE_CERTIFICATE_PKT = 11,
GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE = 12, GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE = 12,
GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST = 13, GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST = 13,
GNUTLS_HANDSHAKE_SERVER_HELLO_DONE = 14, GNUTLS_HANDSHAKE_SERVER_HELLO_DONE = 14,
GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY = 15, GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY = 15,
GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE = 16, GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE = 16,
GNUTLS_HANDSHAKE_FINISHED = 20, GNUTLS_HANDSHAKE_FINISHED = 20,
GNUTLS_HANDSHAKE_CERTIFICATE_STATUS = 22, GNUTLS_HANDSHAKE_CERTIFICATE_STATUS = 22,
GNUTLS_HANDSHAKE_SUPPLEMENTAL = 23, GNUTLS_HANDSHAKE_SUPPLEMENTAL = 23,
GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC = 254, GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC = 254,
GNUTLS_HANDSHAKE_CLIENT_HELLO_V2 = 1024, GNUTLS_HANDSHAKE_CLIENT_HELLO_V2 = 1024
} gnutls_handshake_description_t; } gnutls_handshake_description_t;
#define GNUTLS_HANDSHAKE_ANY ((unsigned int)-1) #define GNUTLS_HANDSHAKE_ANY ((unsigned int)-1)
const char const char
*gnutls_handshake_description_get_name(gnutls_handshake_description_t *gnutls_handshake_description_get_name(gnutls_handshake_description_t
type); type);
/** /**
* gnutls_certificate_status_t: * gnutls_certificate_status_t:
skipping to change at line 484 skipping to change at line 484
GNUTLS_CERT_SIGNER_NOT_FOUND = 1 << 6, GNUTLS_CERT_SIGNER_NOT_FOUND = 1 << 6,
GNUTLS_CERT_SIGNER_NOT_CA = 1 << 7, GNUTLS_CERT_SIGNER_NOT_CA = 1 << 7,
GNUTLS_CERT_INSECURE_ALGORITHM = 1 << 8, GNUTLS_CERT_INSECURE_ALGORITHM = 1 << 8,
GNUTLS_CERT_NOT_ACTIVATED = 1 << 9, GNUTLS_CERT_NOT_ACTIVATED = 1 << 9,
GNUTLS_CERT_EXPIRED = 1 << 10, GNUTLS_CERT_EXPIRED = 1 << 10,
GNUTLS_CERT_SIGNATURE_FAILURE = 1 << 11, GNUTLS_CERT_SIGNATURE_FAILURE = 1 << 11,
GNUTLS_CERT_REVOCATION_DATA_SUPERSEDED = 1 << 12, GNUTLS_CERT_REVOCATION_DATA_SUPERSEDED = 1 << 12,
GNUTLS_CERT_UNEXPECTED_OWNER = 1 << 14, GNUTLS_CERT_UNEXPECTED_OWNER = 1 << 14,
GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE = 1 << 15, GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE = 1 << 15,
GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE = 1 << 16, GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE = 1 << 16,
GNUTLS_CERT_MISMATCH = 1 << 17, GNUTLS_CERT_MISMATCH = 1 << 17
} gnutls_certificate_status_t; } gnutls_certificate_status_t;
/** /**
* gnutls_certificate_request_t: * gnutls_certificate_request_t:
* @GNUTLS_CERT_IGNORE: Ignore certificate. * @GNUTLS_CERT_IGNORE: Ignore certificate.
* @GNUTLS_CERT_REQUEST: Request certificate. * @GNUTLS_CERT_REQUEST: Request certificate.
* @GNUTLS_CERT_REQUIRE: Require certificate. * @GNUTLS_CERT_REQUIRE: Require certificate.
* *
* Enumeration of certificate request types. * Enumeration of certificate request types.
*/ */
skipping to change at line 598 skipping to change at line 598
* @GNUTLS_CRT_PRINT_ONELINE: Information about certificate in one line. * @GNUTLS_CRT_PRINT_ONELINE: Information about certificate in one line.
* @GNUTLS_CRT_PRINT_UNSIGNED_FULL: All info for an unsigned certificate. * @GNUTLS_CRT_PRINT_UNSIGNED_FULL: All info for an unsigned certificate.
* *
* Enumeration of different certificate printing variants. * Enumeration of different certificate printing variants.
*/ */
typedef enum gnutls_certificate_print_formats { typedef enum gnutls_certificate_print_formats {
GNUTLS_CRT_PRINT_FULL = 0, GNUTLS_CRT_PRINT_FULL = 0,
GNUTLS_CRT_PRINT_ONELINE = 1, GNUTLS_CRT_PRINT_ONELINE = 1,
GNUTLS_CRT_PRINT_UNSIGNED_FULL = 2, GNUTLS_CRT_PRINT_UNSIGNED_FULL = 2,
GNUTLS_CRT_PRINT_COMPACT = 3, GNUTLS_CRT_PRINT_COMPACT = 3,
GNUTLS_CRT_PRINT_FULL_NUMBERS = 4, GNUTLS_CRT_PRINT_FULL_NUMBERS = 4
} gnutls_certificate_print_formats_t; } gnutls_certificate_print_formats_t;
#define GNUTLS_PK_ECC GNUTLS_PK_EC #define GNUTLS_PK_ECC GNUTLS_PK_EC
/** /**
* gnutls_pk_algorithm_t: * gnutls_pk_algorithm_t:
* @GNUTLS_PK_UNKNOWN: Unknown public-key algorithm. * @GNUTLS_PK_UNKNOWN: Unknown public-key algorithm.
* @GNUTLS_PK_RSA: RSA public-key algorithm. * @GNUTLS_PK_RSA: RSA public-key algorithm.
* @GNUTLS_PK_DSA: DSA public-key algorithm. * @GNUTLS_PK_DSA: DSA public-key algorithm.
* @GNUTLS_PK_DH: Diffie-Hellman algorithm. Used to generate parameters. * @GNUTLS_PK_DH: Diffie-Hellman algorithm. Used to generate parameters.
* @GNUTLS_PK_EC: Elliptic curve algorithm. Used to generate parameters. * @GNUTLS_PK_EC: Elliptic curve algorithm. Used to generate parameters.
* *
* Enumeration of different public-key algorithms. * Enumeration of different public-key algorithms.
*/ */
typedef enum { typedef enum {
GNUTLS_PK_UNKNOWN = 0, GNUTLS_PK_UNKNOWN = 0,
GNUTLS_PK_RSA = 1, GNUTLS_PK_RSA = 1,
GNUTLS_PK_DSA = 2, GNUTLS_PK_DSA = 2,
GNUTLS_PK_DH = 3, GNUTLS_PK_DH = 3,
GNUTLS_PK_EC = 4, GNUTLS_PK_EC = 4
} gnutls_pk_algorithm_t; } gnutls_pk_algorithm_t;
const char *gnutls_pk_algorithm_get_name(gnutls_pk_algorithm_t algorithm); const char *gnutls_pk_algorithm_get_name(gnutls_pk_algorithm_t algorithm);
/** /**
* gnutls_sign_algorithm_t: * gnutls_sign_algorithm_t:
* @GNUTLS_SIGN_UNKNOWN: Unknown signature algorithm. * @GNUTLS_SIGN_UNKNOWN: Unknown signature algorithm.
* @GNUTLS_SIGN_RSA_SHA1: Digital signature algorithm RSA with SHA-1 * @GNUTLS_SIGN_RSA_SHA1: Digital signature algorithm RSA with SHA-1
* @GNUTLS_SIGN_RSA_SHA: Same as %GNUTLS_SIGN_RSA_SHA1. * @GNUTLS_SIGN_RSA_SHA: Same as %GNUTLS_SIGN_RSA_SHA1.
* @GNUTLS_SIGN_DSA_SHA1: Digital signature algorithm DSA with SHA-1 * @GNUTLS_SIGN_DSA_SHA1: Digital signature algorithm DSA with SHA-1
skipping to change at line 667 skipping to change at line 667
GNUTLS_SIGN_RSA_SHA512 = 8, GNUTLS_SIGN_RSA_SHA512 = 8,
GNUTLS_SIGN_RSA_SHA224 = 9, GNUTLS_SIGN_RSA_SHA224 = 9,
GNUTLS_SIGN_DSA_SHA224 = 10, GNUTLS_SIGN_DSA_SHA224 = 10,
GNUTLS_SIGN_DSA_SHA256 = 11, GNUTLS_SIGN_DSA_SHA256 = 11,
GNUTLS_SIGN_ECDSA_SHA1 = 12, GNUTLS_SIGN_ECDSA_SHA1 = 12,
GNUTLS_SIGN_ECDSA_SHA224 = 13, GNUTLS_SIGN_ECDSA_SHA224 = 13,
GNUTLS_SIGN_ECDSA_SHA256 = 14, GNUTLS_SIGN_ECDSA_SHA256 = 14,
GNUTLS_SIGN_ECDSA_SHA384 = 15, GNUTLS_SIGN_ECDSA_SHA384 = 15,
GNUTLS_SIGN_ECDSA_SHA512 = 16, GNUTLS_SIGN_ECDSA_SHA512 = 16,
GNUTLS_SIGN_DSA_SHA384 = 17, GNUTLS_SIGN_DSA_SHA384 = 17,
GNUTLS_SIGN_DSA_SHA512 = 18, GNUTLS_SIGN_DSA_SHA512 = 18
} gnutls_sign_algorithm_t; } gnutls_sign_algorithm_t;
/** /**
* gnutls_ecc_curve_t: * gnutls_ecc_curve_t:
* @GNUTLS_ECC_CURVE_INVALID: Cannot be known * @GNUTLS_ECC_CURVE_INVALID: Cannot be known
* @GNUTLS_ECC_CURVE_SECP192R1: the SECP192R1 curve * @GNUTLS_ECC_CURVE_SECP192R1: the SECP192R1 curve
* @GNUTLS_ECC_CURVE_SECP224R1: the SECP224R1 curve * @GNUTLS_ECC_CURVE_SECP224R1: the SECP224R1 curve
* @GNUTLS_ECC_CURVE_SECP256R1: the SECP256R1 curve * @GNUTLS_ECC_CURVE_SECP256R1: the SECP256R1 curve
* @GNUTLS_ECC_CURVE_SECP384R1: the SECP384R1 curve * @GNUTLS_ECC_CURVE_SECP384R1: the SECP384R1 curve
* @GNUTLS_ECC_CURVE_SECP521R1: the SECP521R1 curve * @GNUTLS_ECC_CURVE_SECP521R1: the SECP521R1 curve
* *
* Enumeration of ECC curves. * Enumeration of ECC curves.
*/ */
typedef enum { typedef enum {
GNUTLS_ECC_CURVE_INVALID = 0, GNUTLS_ECC_CURVE_INVALID = 0,
GNUTLS_ECC_CURVE_SECP224R1, GNUTLS_ECC_CURVE_SECP224R1,
GNUTLS_ECC_CURVE_SECP256R1, GNUTLS_ECC_CURVE_SECP256R1,
GNUTLS_ECC_CURVE_SECP384R1, GNUTLS_ECC_CURVE_SECP384R1,
GNUTLS_ECC_CURVE_SECP521R1, GNUTLS_ECC_CURVE_SECP521R1,
GNUTLS_ECC_CURVE_SECP192R1, GNUTLS_ECC_CURVE_SECP192R1
} gnutls_ecc_curve_t; } gnutls_ecc_curve_t;
/* macros to allow specifying a specific curve in gnutls_privkey_generate() /* macros to allow specifying a specific curve in gnutls_privkey_generate()
* and gnutls_x509_privkey_generate() */ * and gnutls_x509_privkey_generate() */
#define GNUTLS_CURVE_TO_BITS(curve) (unsigned int)((1<<31)|(curve)) #define GNUTLS_CURVE_TO_BITS(curve) (unsigned int)((1<<31)|(curve))
#define GNUTLS_BITS_TO_CURVE(bits) ((bits) & 0x7FFFFFFF) #define GNUTLS_BITS_TO_CURVE(bits) ((bits) & 0x7FFFFFFF)
#define GNUTLS_BITS_ARE_CURVE(bits) ((bits) & 0x80000000) #define GNUTLS_BITS_ARE_CURVE(bits) ((bits) & 0x80000000)
/** /**
* gnutls_sec_param_t: * gnutls_sec_param_t:
skipping to change at line 721 skipping to change at line 721
typedef enum { typedef enum {
GNUTLS_SEC_PARAM_INSECURE = -20, GNUTLS_SEC_PARAM_INSECURE = -20,
GNUTLS_SEC_PARAM_EXPORT = -15, GNUTLS_SEC_PARAM_EXPORT = -15,
GNUTLS_SEC_PARAM_VERY_WEAK = -12, GNUTLS_SEC_PARAM_VERY_WEAK = -12,
GNUTLS_SEC_PARAM_WEAK = -10, GNUTLS_SEC_PARAM_WEAK = -10,
GNUTLS_SEC_PARAM_UNKNOWN = 0, GNUTLS_SEC_PARAM_UNKNOWN = 0,
GNUTLS_SEC_PARAM_LOW = 1, GNUTLS_SEC_PARAM_LOW = 1,
GNUTLS_SEC_PARAM_LEGACY = 2, GNUTLS_SEC_PARAM_LEGACY = 2,
GNUTLS_SEC_PARAM_MEDIUM = 3, GNUTLS_SEC_PARAM_MEDIUM = 3,
GNUTLS_SEC_PARAM_HIGH = 4, GNUTLS_SEC_PARAM_HIGH = 4,
GNUTLS_SEC_PARAM_ULTRA = 5, GNUTLS_SEC_PARAM_ULTRA = 5
} gnutls_sec_param_t; } gnutls_sec_param_t;
/* old name */ /* old name */
#define GNUTLS_SEC_PARAM_NORMAL GNUTLS_SEC_PARAM_MEDIUM #define GNUTLS_SEC_PARAM_NORMAL GNUTLS_SEC_PARAM_MEDIUM
/** /**
* gnutls_channel_binding_t: * gnutls_channel_binding_t:
* @GNUTLS_CB_TLS_UNIQUE: "tls-unique" (RFC 5929) channel binding * @GNUTLS_CB_TLS_UNIQUE: "tls-unique" (RFC 5929) channel binding
* *
* Enumeration of support channel binding types. * Enumeration of support channel binding types.
skipping to change at line 1596 skipping to change at line 1596
const gnutls_datum_t * data, void *result, const gnutls_datum_t * data, void *result,
size_t * result_size); size_t * result_size);
/** /**
* gnutls_random_art_t: * gnutls_random_art_t:
* @GNUTLS_RANDOM_ART_OPENSSH: OpenSSH-style random art. * @GNUTLS_RANDOM_ART_OPENSSH: OpenSSH-style random art.
* *
* Enumeration of different random art types. * Enumeration of different random art types.
*/ */
typedef enum gnutls_random_art { typedef enum gnutls_random_art {
GNUTLS_RANDOM_ART_OPENSSH = 1, GNUTLS_RANDOM_ART_OPENSSH = 1
} gnutls_random_art_t; } gnutls_random_art_t;
int gnutls_random_art(gnutls_random_art_t type, int gnutls_random_art(gnutls_random_art_t type,
const char *key_type, unsigned int key_size, const char *key_type, unsigned int key_size,
void *fpr, size_t fpr_size, gnutls_datum_t * art); void *fpr, size_t fpr_size, gnutls_datum_t * art);
/* SRP /* SRP
*/ */
typedef struct gnutls_srp_server_credentials_st typedef struct gnutls_srp_server_credentials_st
skipping to change at line 1932 skipping to change at line 1932
* gnutls_vdata_types_t: * gnutls_vdata_types_t:
* @GNUTLS_DT_UNKNOWN: Unknown data type. * @GNUTLS_DT_UNKNOWN: Unknown data type.
* @GNUTLS_DT_DNS_HOSTNAME: The data contain a null-terminated DNS hostname . * @GNUTLS_DT_DNS_HOSTNAME: The data contain a null-terminated DNS hostname .
* @GNUTLS_DT_KEY_PURPOSE_OID: The data contain a null-terminated key purpo se OID. * @GNUTLS_DT_KEY_PURPOSE_OID: The data contain a null-terminated key purpo se OID.
* *
* Enumeration of different key exchange algorithms. * Enumeration of different key exchange algorithms.
*/ */
typedef enum { typedef enum {
GNUTLS_DT_UNKNOWN = 0, GNUTLS_DT_UNKNOWN = 0,
GNUTLS_DT_DNS_HOSTNAME = 1, GNUTLS_DT_DNS_HOSTNAME = 1,
GNUTLS_DT_KEY_PURPOSE_OID = 2, GNUTLS_DT_KEY_PURPOSE_OID = 2
} gnutls_vdata_types_t; } gnutls_vdata_types_t;
typedef struct { typedef struct {
gnutls_vdata_types_t type; gnutls_vdata_types_t type;
unsigned char *data; unsigned char *data;
unsigned int size; unsigned int size;
} gnutls_typed_vdata_st; } gnutls_typed_vdata_st;
int int
gnutls_certificate_verify_peers(gnutls_session_t session, gnutls_certificate_verify_peers(gnutls_session_t session,
skipping to change at line 2079 skipping to change at line 2079
* @GNUTLS_PIN_WRONG: Last given PIN was not correct. * @GNUTLS_PIN_WRONG: Last given PIN was not correct.
* *
* Enumeration of different flags that are input to the PIN function. * Enumeration of different flags that are input to the PIN function.
*/ */
typedef enum { typedef enum {
GNUTLS_PIN_USER = (1 << 0), GNUTLS_PIN_USER = (1 << 0),
GNUTLS_PIN_SO = (1 << 1), GNUTLS_PIN_SO = (1 << 1),
GNUTLS_PIN_FINAL_TRY = (1 << 2), GNUTLS_PIN_FINAL_TRY = (1 << 2),
GNUTLS_PIN_COUNT_LOW = (1 << 3), GNUTLS_PIN_COUNT_LOW = (1 << 3),
GNUTLS_PIN_CONTEXT_SPECIFIC = (1 << 4), GNUTLS_PIN_CONTEXT_SPECIFIC = (1 << 4),
GNUTLS_PIN_WRONG = (1 << 5), GNUTLS_PIN_WRONG = (1 << 5)
} gnutls_pin_flag_t; } gnutls_pin_flag_t;
#define GNUTLS_PKCS11_PIN_USER GNUTLS_PIN_USER #define GNUTLS_PKCS11_PIN_USER GNUTLS_PIN_USER
#define GNUTLS_PKCS11_PIN_SO GNUTLS_PIN_SO #define GNUTLS_PKCS11_PIN_SO GNUTLS_PIN_SO
#define GNUTLS_PKCS11_PIN_FINAL_TRY GNUTLS_PIN_FINAL_TRY #define GNUTLS_PKCS11_PIN_FINAL_TRY GNUTLS_PIN_FINAL_TRY
#define GNUTLS_PKCS11_PIN_COUNT_LOW GNUTLS_PIN_COUNT_LOW #define GNUTLS_PKCS11_PIN_COUNT_LOW GNUTLS_PIN_COUNT_LOW
#define GNUTLS_PKCS11_PIN_CONTEXT_SPECIFIC GNUTLS_PIN_CONTEXT_SPECIFIC #define GNUTLS_PKCS11_PIN_CONTEXT_SPECIFIC GNUTLS_PIN_CONTEXT_SPECIFIC
#define GNUTLS_PKCS11_PIN_WRONG GNUTLS_PIN_WRONG #define GNUTLS_PKCS11_PIN_WRONG GNUTLS_PIN_WRONG
/** /**
 End of changes. 18 change blocks. 
18 lines changed or deleted 18 lines changed or added


 ocsp.h (3.3.6)   ocsp.h (3.3.8) 
skipping to change at line 49 skipping to change at line 49
/** /**
* gnutls_ocsp_print_formats_t: * gnutls_ocsp_print_formats_t:
* @GNUTLS_OCSP_PRINT_FULL: Full information about OCSP request/response. * @GNUTLS_OCSP_PRINT_FULL: Full information about OCSP request/response.
* @GNUTLS_OCSP_PRINT_COMPACT: More compact information about OCSP request/ response. * @GNUTLS_OCSP_PRINT_COMPACT: More compact information about OCSP request/ response.
* *
* Enumeration of different OCSP printing variants. * Enumeration of different OCSP printing variants.
*/ */
typedef enum gnutls_ocsp_print_formats_t { typedef enum gnutls_ocsp_print_formats_t {
GNUTLS_OCSP_PRINT_FULL = 0, GNUTLS_OCSP_PRINT_FULL = 0,
GNUTLS_OCSP_PRINT_COMPACT = 1, GNUTLS_OCSP_PRINT_COMPACT = 1
} gnutls_ocsp_print_formats_t; } gnutls_ocsp_print_formats_t;
/** /**
* gnutls_ocsp_resp_status_t: * gnutls_ocsp_resp_status_t:
* @GNUTLS_OCSP_RESP_SUCCESSFUL: Response has valid confirmations. * @GNUTLS_OCSP_RESP_SUCCESSFUL: Response has valid confirmations.
* @GNUTLS_OCSP_RESP_MALFORMEDREQUEST: Illegal confirmation request * @GNUTLS_OCSP_RESP_MALFORMEDREQUEST: Illegal confirmation request
* @GNUTLS_OCSP_RESP_INTERNALERROR: Internal error in issuer * @GNUTLS_OCSP_RESP_INTERNALERROR: Internal error in issuer
* @GNUTLS_OCSP_RESP_TRYLATER: Try again later * @GNUTLS_OCSP_RESP_TRYLATER: Try again later
* @GNUTLS_OCSP_RESP_SIGREQUIRED: Must sign the request * @GNUTLS_OCSP_RESP_SIGREQUIRED: Must sign the request
* @GNUTLS_OCSP_RESP_UNAUTHORIZED: Request unauthorized * @GNUTLS_OCSP_RESP_UNAUTHORIZED: Request unauthorized
 End of changes. 1 change blocks. 
1 lines changed or deleted 1 lines changed or added


 pkcs11.h (3.3.6)   pkcs11.h (3.3.8) 
skipping to change at line 91 skipping to change at line 91
gnutls_pin_callback_t gnutls_pkcs11_get_pin_function(void gnutls_pin_callback_t gnutls_pkcs11_get_pin_function(void
**userdata); **userdata);
int gnutls_pkcs11_add_provider(const char *name, const char *params); int gnutls_pkcs11_add_provider(const char *name, const char *params);
int gnutls_pkcs11_obj_init(gnutls_pkcs11_obj_t * obj); int gnutls_pkcs11_obj_init(gnutls_pkcs11_obj_t * obj);
void gnutls_pkcs11_obj_set_pin_function(gnutls_pkcs11_obj_t obj, void gnutls_pkcs11_obj_set_pin_function(gnutls_pkcs11_obj_t obj,
gnutls_pin_callback_t fn, gnutls_pin_callback_t fn,
void *userdata); void *userdata);
#define GNUTLS_PKCS11_OBJ_FLAG_LOGIN (1<<0) /* force login in the token /**
for the operation */ * gnutls_pkcs11_obj_flags:
#define GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED (1<<1) /* object marked as * @GNUTLS_PKCS11_OBJ_FLAG_LOGIN: Force login in the token for the operatio
trusted */ n.
#define GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE (1<<2) /* object marked as * @GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED: object marked as trusted.
sensitive (unexportable) */ * @GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE: object marked as sensitive (unex
#define GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO (1<<3) /* force login as a security portable).
officer in the token for the operation */ * @GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO: force login as a security officer in t
#define GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE (1<<4) /* marked as private he token for the operation.
(requires PIN to access) */ * @GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE: marked as private (requires PIN to
#define GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE (1<<5) /* marked as not pri access).
vate */ * @GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE: marked as not private.
#define GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_ANY (1<<6) /* No need for the objec * @GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_ANY: When retrieving an object, do not
t to be a trusted one */ set any requirements.
#define GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED (1<<7) /* The object must b * GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED: When retrieving an object, only
e marked as trusted retrieve the marked as trusted.
* in gnutls_pkcs11_crt_is_known() it implies GNUTLS_PKCS11_OBJ_FLAG_ * In gnutls_pkcs11_crt_is_known() it implies %GNUTLS_PKCS11_OBJ_FLAG_RET
RETRIEVE_COMPARE */ RIEVE_COMPARE if %GNUTLS_PKCS11_OBJ_FLAG_COMPARE_KEY is not given.
#define GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED (1<<8) /* The object mus * @GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED: When retrieving an object,
t be marked as distrusted */ only retrieve the marked as distrusted.
#define GNUTLS_PKCS11_OBJ_FLAG_COMPARE (1<<9) /* The object must be fully c * @GNUTLS_PKCS11_OBJ_FLAG_COMPARE: When checking an object's presence, ful
ompared */ ly compare it before returning any result.
#define GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE (1<<10) /* The obj * @GNUTLS_PKCS11_OBJ_FLAG_COMPARE_KEY: When checking an object's presence,
ect must be present in a marked as trusted module */ compare the key before returning any result.
#define GNUTLS_PKCS11_OBJ_FLAG_MARK_CA (1<<11) /* object marked as CA */ * @GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE: The object must be pr
esent in a marked as trusted module.
* @GNUTLS_PKCS11_OBJ_FLAG_MARK_CA: Mark the object as a CA.
* @GNUTLS_PKCS11_OBJ_FLAG_MARK_KEY_WRAP: Mark the generated key pair as wr
apping and unwrapping keys.
* @GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT: When an issuer is reques
ted, override its extensions with the ones present in the trust module.
*
* Enumeration of different PKCS #11 object flags.
*/
typedef enum gnutls_pkcs11_obj_flags {
GNUTLS_PKCS11_OBJ_FLAG_LOGIN = (1<<0),
GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED = (1<<1),
GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE = (1<<2),
GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO = (1<<3),
GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE = (1<<4),
GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE = (1<<5),
GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_ANY = (1<<6),
GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED = (1<<7),
GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED = (1<<8),
GNUTLS_PKCS11_OBJ_FLAG_COMPARE = (1<<9),
GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE = (1<<10),
GNUTLS_PKCS11_OBJ_FLAG_MARK_CA = (1<<11),
GNUTLS_PKCS11_OBJ_FLAG_MARK_KEY_WRAP = (1<<12),
GNUTLS_PKCS11_OBJ_FLAG_COMPARE_KEY = (1<<13),
GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT = (1<<14)
} gnutls_pkcs11_obj_flags;
/** /**
* gnutls_pkcs11_url_type_t: * gnutls_pkcs11_url_type_t:
* @GNUTLS_PKCS11_URL_GENERIC: A generic-purpose URL. * @GNUTLS_PKCS11_URL_GENERIC: A generic-purpose URL.
* @GNUTLS_PKCS11_URL_LIB: A URL that specifies the library used as well. * @GNUTLS_PKCS11_URL_LIB: A URL that specifies the library used as well.
* @GNUTLS_PKCS11_URL_LIB_VERSION: A URL that specifies the library and its version. * @GNUTLS_PKCS11_URL_LIB_VERSION: A URL that specifies the library and its version.
* *
* Enumeration of different URL extraction flags. * Enumeration of different URL extraction flags.
*/ */
typedef enum { typedef enum {
skipping to change at line 200 skipping to change at line 225
GNUTLS_PKCS11_OBJ_LIBRARY_DESCRIPTION, GNUTLS_PKCS11_OBJ_LIBRARY_DESCRIPTION,
GNUTLS_PKCS11_OBJ_LIBRARY_MANUFACTURER GNUTLS_PKCS11_OBJ_LIBRARY_MANUFACTURER
} gnutls_pkcs11_obj_info_t; } gnutls_pkcs11_obj_info_t;
int gnutls_pkcs11_obj_get_info(gnutls_pkcs11_obj_t crt, int gnutls_pkcs11_obj_get_info(gnutls_pkcs11_obj_t crt,
gnutls_pkcs11_obj_info_t itype, gnutls_pkcs11_obj_info_t itype,
void *output, size_t * output_size); void *output, size_t * output_size);
/** /**
* gnutls_pkcs11_obj_attr_t: * gnutls_pkcs11_obj_attr_t:
* @GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL: Specify all certificates. * @GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL: Specify all certificates in the specifi
* @GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED: Specify all certificates marked as ed token.
trusted. * @GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED: Specify all certificates marked as
* @GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED_CA: Specify all certificates marked trusted in the specified token.
as trusted and are CAs. * @GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED_CA: Specify all certificates marked
* @GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY: Specify all certificates with as trusted and are CAs in the specified token.
a corresponding private key. * @GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY: Specify all certificates with
* @GNUTLS_PKCS11_OBJ_ATTR_PUBKEY: Specify all public keys. a corresponding private key in the specified token.
* @GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY: Specify all private keys. * @GNUTLS_PKCS11_OBJ_ATTR_PUBKEY: Specify all public keys in the specified
* @GNUTLS_PKCS11_OBJ_ATTR_ALL: Specify all objects. token.
* @GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY: Specify all private keys in the specifi
ed token.
* @GNUTLS_PKCS11_OBJ_ATTR_ALL: Specify all objects in the specified token.
* @GNUTLS_PKCS11_OBJ_ATTR_MATCH: Only the objects that match the URL.
* *
* Enumeration of several attributes for object enumeration. * Enumeration of several attributes for object enumeration.
*/ */
typedef enum { typedef enum {
GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL = 1, /* all certificates */ GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL = 1, /* all certificates */
GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED, /* certificates marked as tr usted */ GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED, /* certificates marked as tr usted */
GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY, /* certificates with corresponding private key */ GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY, /* certificates with corresponding private key */
GNUTLS_PKCS11_OBJ_ATTR_PUBKEY, /* public keys */ GNUTLS_PKCS11_OBJ_ATTR_PUBKEY, /* public keys */
GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY, /* private keys */ GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY, /* private keys */
GNUTLS_PKCS11_OBJ_ATTR_ALL, /* everything! */ GNUTLS_PKCS11_OBJ_ATTR_ALL, /* everything! */
GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED_CA, /* CAs */ GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED_CA, /* CAs */
GNUTLS_PKCS11_OBJ_ATTR_MATCH
} gnutls_pkcs11_obj_attr_t; } gnutls_pkcs11_obj_attr_t;
/** /**
* gnutls_pkcs11_token_info_t: * gnutls_pkcs11_token_info_t:
* @GNUTLS_PKCS11_TOKEN_LABEL: The token's label (string) * @GNUTLS_PKCS11_TOKEN_LABEL: The token's label (string)
* @GNUTLS_PKCS11_TOKEN_SERIAL: The token's serial number (string) * @GNUTLS_PKCS11_TOKEN_SERIAL: The token's serial number (string)
* @GNUTLS_PKCS11_TOKEN_MANUFACTURER: The token's manufacturer (string) * @GNUTLS_PKCS11_TOKEN_MANUFACTURER: The token's manufacturer (string)
* @GNUTLS_PKCS11_TOKEN_MODEL: The token's model (string) * @GNUTLS_PKCS11_TOKEN_MODEL: The token's model (string)
* @GNUTLS_PKCS11_TOKEN_TRUSTED: Whether the token is marked as trusted in p11-kit (unsigned int) * @GNUTLS_PKCS11_TOKEN_TRUSTED: Whether the token is marked as trusted in p11-kit (unsigned int)
* *
* Enumeration of types for retrieving token information. * Enumeration of types for retrieving token information.
*/ */
typedef enum { typedef enum {
GNUTLS_PKCS11_TOKEN_LABEL, GNUTLS_PKCS11_TOKEN_LABEL,
GNUTLS_PKCS11_TOKEN_SERIAL, GNUTLS_PKCS11_TOKEN_SERIAL,
GNUTLS_PKCS11_TOKEN_MANUFACTURER, GNUTLS_PKCS11_TOKEN_MANUFACTURER,
GNUTLS_PKCS11_TOKEN_MODEL, GNUTLS_PKCS11_TOKEN_MODEL
} gnutls_pkcs11_token_info_t; } gnutls_pkcs11_token_info_t;
/** /**
* gnutls_pkcs11_obj_type_t: * gnutls_pkcs11_obj_type_t:
* @GNUTLS_PKCS11_OBJ_UNKNOWN: Unknown PKCS11 object. * @GNUTLS_PKCS11_OBJ_UNKNOWN: Unknown PKCS11 object.
* @GNUTLS_PKCS11_OBJ_X509_CRT: X.509 certificate. * @GNUTLS_PKCS11_OBJ_X509_CRT: X.509 certificate.
* @GNUTLS_PKCS11_OBJ_PUBKEY: Public key. * @GNUTLS_PKCS11_OBJ_PUBKEY: Public key.
* @GNUTLS_PKCS11_OBJ_PRIVKEY: Private key. * @GNUTLS_PKCS11_OBJ_PRIVKEY: Private key.
* @GNUTLS_PKCS11_OBJ_SECRET_KEY: Secret key. * @GNUTLS_PKCS11_OBJ_SECRET_KEY: Secret key.
* @GNUTLS_PKCS11_OBJ_DATA: Data object. * @GNUTLS_PKCS11_OBJ_DATA: Data object.
* *
* Enumeration of object types. * Enumeration of object types.
*/ */
typedef enum { typedef enum {
GNUTLS_PKCS11_OBJ_UNKNOWN, GNUTLS_PKCS11_OBJ_UNKNOWN,
GNUTLS_PKCS11_OBJ_X509_CRT, GNUTLS_PKCS11_OBJ_X509_CRT,
GNUTLS_PKCS11_OBJ_PUBKEY, GNUTLS_PKCS11_OBJ_PUBKEY,
GNUTLS_PKCS11_OBJ_PRIVKEY, GNUTLS_PKCS11_OBJ_PRIVKEY,
GNUTLS_PKCS11_OBJ_SECRET_KEY, GNUTLS_PKCS11_OBJ_SECRET_KEY,
GNUTLS_PKCS11_OBJ_DATA GNUTLS_PKCS11_OBJ_DATA,
GNUTLS_PKCS11_OBJ_X509_CRT_EXTENSION
} gnutls_pkcs11_obj_type_t; } gnutls_pkcs11_obj_type_t;
int int
gnutls_pkcs11_token_init(const char *token_url, gnutls_pkcs11_token_init(const char *token_url,
const char *so_pin, const char *label); const char *so_pin, const char *label);
int int
gnutls_pkcs11_token_get_mechanism(const char *url, gnutls_pkcs11_token_get_mechanism(const char *url,
unsigned int idx, unsigned int idx,
unsigned long *mechanism); unsigned long *mechanism);
skipping to change at line 307 skipping to change at line 335
gnutls_pkcs11_obj_t pkcs11_crt); gnutls_pkcs11_obj_t pkcs11_crt);
int gnutls_x509_crt_import_pkcs11_url(gnutls_x509_crt_t crt, int gnutls_x509_crt_import_pkcs11_url(gnutls_x509_crt_t crt,
const char *url, unsigned int flags const char *url, unsigned int flags
/* GNUTLS_PKCS11_OBJ_FLAG_* */ /* GNUTLS_PKCS11_OBJ_FLAG_* */
); );
gnutls_pkcs11_obj_type_t gnutls_pkcs11_obj_type_t
gnutls_pkcs11_obj_get_type(gnutls_pkcs11_obj_t obj); gnutls_pkcs11_obj_get_type(gnutls_pkcs11_obj_t obj);
const char *gnutls_pkcs11_type_get_name(gnutls_pkcs11_obj_type_t type); const char *gnutls_pkcs11_type_get_name(gnutls_pkcs11_obj_type_t type);
int
gnutls_pkcs11_obj_get_exts(gnutls_pkcs11_obj_t obj,
struct gnutls_x509_ext_st **exts, unsigned int *e
xts_size,
unsigned int flags);
int
gnutls_pkcs11_obj_get_flags(gnutls_pkcs11_obj_t obj, unsigned int *oflags);
char *gnutls_pkcs11_obj_flags_get_str(unsigned int flags);
int gnutls_x509_crt_list_import_pkcs11(gnutls_x509_crt_t * certs, int gnutls_x509_crt_list_import_pkcs11(gnutls_x509_crt_t * certs,
unsigned int cert_max, unsigned int cert_max,
gnutls_pkcs11_obj_t * gnutls_pkcs11_obj_t *
const objs, unsigned int flags const objs, unsigned int flags
/* must be zero */ ); /* must be zero */ );
/* private key functions...*/ /* private key functions...*/
int gnutls_pkcs11_privkey_init(gnutls_pkcs11_privkey_t * key); int gnutls_pkcs11_privkey_init(gnutls_pkcs11_privkey_t * key);
void gnutls_pkcs11_privkey_set_pin_function(gnutls_pkcs11_privkey_t void gnutls_pkcs11_privkey_set_pin_function(gnutls_pkcs11_privkey_t
key, key,
skipping to change at line 349 skipping to change at line 386
int int
gnutls_pkcs11_privkey_generate2(const char *url, gnutls_pkcs11_privkey_generate2(const char *url,
gnutls_pk_algorithm_t pk, gnutls_pk_algorithm_t pk,
unsigned int bits, unsigned int bits,
const char *label, const char *label,
gnutls_x509_crt_fmt_t fmt, gnutls_x509_crt_fmt_t fmt,
gnutls_datum_t * pubkey, gnutls_datum_t * pubkey,
unsigned int flags); unsigned int flags);
int int
gnutls_pkcs11_privkey_export_pubkey(gnutls_pkcs11_privkey_t pkey,
gnutls_x509_crt_fmt_t fmt,
gnutls_datum_t * pubkey,
unsigned int flags);
int
gnutls_pkcs11_token_get_random(const char *token_url, gnutls_pkcs11_token_get_random(const char *token_url,
void *data, size_t len); void *data, size_t len);
/* *INDENT-OFF* */ /* *INDENT-OFF* */
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
/* *INDENT-ON* */ /* *INDENT-ON* */
#endif #endif
 End of changes. 7 change blocks. 
37 lines changed or deleted 85 lines changed or added


 x509-ext.h (3.3.6)   x509-ext.h (3.3.8) 
skipping to change at line 114 skipping to change at line 114
gnutls_datum_t * ext); gnutls_datum_t * ext);
typedef struct gnutls_x509_aki_st *gnutls_x509_aki_t; typedef struct gnutls_x509_aki_st *gnutls_x509_aki_t;
int gnutls_x509_ext_export_authority_key_id(gnutls_x509_aki_t, int gnutls_x509_ext_export_authority_key_id(gnutls_x509_aki_t,
gnutls_datum_t * ext); gnutls_datum_t * ext);
int gnutls_x509_ext_import_authority_key_id(const gnutls_datum_t * ext, int gnutls_x509_ext_import_authority_key_id(const gnutls_datum_t * ext,
gnutls_x509_aki_t, gnutls_x509_aki_t,
unsigned int flags); unsigned int flags);
int gnutls_x509_othername_to_virtual(const char *oid,
const gnutls_datum_t *othername,
unsigned int *virt_type,
gnutls_datum_t *virt);
int gnutls_x509_aki_init(gnutls_x509_aki_t *); int gnutls_x509_aki_init(gnutls_x509_aki_t *);
int gnutls_x509_aki_get_id(gnutls_x509_aki_t, gnutls_datum_t *id); int gnutls_x509_aki_get_id(gnutls_x509_aki_t, gnutls_datum_t *id);
int gnutls_x509_aki_get_cert_issuer(gnutls_x509_aki_t aki, unsigned int seq , int gnutls_x509_aki_get_cert_issuer(gnutls_x509_aki_t aki, unsigned int seq ,
unsigned int *san_type, gnutls_datum_t * sa n, unsigned int *san_type, gnutls_datum_t * sa n,
gnutls_datum_t *othername_oid, gnutls_datum_t *othername_oid,
gnutls_datum_t *serial); gnutls_datum_t *serial);
int gnutls_x509_aki_set_id(gnutls_x509_aki_t aki, const gnutls_datum_t *id) ; int gnutls_x509_aki_set_id(gnutls_x509_aki_t aki, const gnutls_datum_t *id) ;
int gnutls_x509_aki_set_cert_issuer(gnutls_x509_aki_t aki, int gnutls_x509_aki_set_cert_issuer(gnutls_x509_aki_t aki,
unsigned int san_type, unsigned int san_type,
const gnutls_datum_t * san, const gnutls_datum_t * san,
 End of changes. 1 change blocks. 
0 lines changed or deleted 5 lines changed or added


 x509.h (3.3.6)   x509.h (3.3.8) 
skipping to change at line 462 skipping to change at line 462
/* Read extensions by OID. */ /* Read extensions by OID. */
int gnutls_x509_crt_get_extension_oid(gnutls_x509_crt_t cert, int gnutls_x509_crt_get_extension_oid(gnutls_x509_crt_t cert,
int indx, void *oid, int indx, void *oid,
size_t * oid_size); size_t * oid_size);
int gnutls_x509_crt_get_extension_by_oid(gnutls_x509_crt_t cert, int gnutls_x509_crt_get_extension_by_oid(gnutls_x509_crt_t cert,
const char *oid, int indx, const char *oid, int indx,
void *buf, void *buf,
size_t * buf_size, size_t * buf_size,
unsigned int *critical); unsigned int *critical);
int
gnutls_x509_crq_get_extension_by_oid2(gnutls_x509_crq_t crq,
const char *oid, int indx,
gnutls_datum_t *output,
unsigned int *critical);
/* Read extensions by sequence number. */ /* Read extensions by sequence number. */
int gnutls_x509_crt_get_extension_info(gnutls_x509_crt_t cert, int gnutls_x509_crt_get_extension_info(gnutls_x509_crt_t cert,
int indx, void *oid, int indx, void *oid,
size_t * oid_size, size_t * oid_size,
unsigned int *critical); unsigned int *critical);
int gnutls_x509_crt_get_extension_data(gnutls_x509_crt_t cert, int gnutls_x509_crt_get_extension_data(gnutls_x509_crt_t cert,
int indx, void *data, int indx, void *data,
size_t * sizeof_data); size_t * sizeof_data);
int int
skipping to change at line 820 skipping to change at line 825
GNUTLS_VERIFY_DO_NOT_ALLOW_SAME = 1 << 2, GNUTLS_VERIFY_DO_NOT_ALLOW_SAME = 1 << 2,
GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT = 1 << 3, GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT = 1 << 3,
GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2 = 1 << 4, GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2 = 1 << 4,
GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5 = 1 << 5, GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5 = 1 << 5,
GNUTLS_VERIFY_DISABLE_TIME_CHECKS = 1 << 6, GNUTLS_VERIFY_DISABLE_TIME_CHECKS = 1 << 6,
GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS = 1 << 7, GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS = 1 << 7,
GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT = 1 << 8, GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT = 1 << 8,
GNUTLS_VERIFY_DISABLE_CRL_CHECKS = 1 << 9, GNUTLS_VERIFY_DISABLE_CRL_CHECKS = 1 << 9,
GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN = 1 << 10, GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN = 1 << 10,
GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN = 1 << 11, GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN = 1 << 11,
GNUTLS_VERIFY_DO_NOT_ALLOW_WILDCARDS = 1 << 12, GNUTLS_VERIFY_DO_NOT_ALLOW_WILDCARDS = 1 << 12
} gnutls_certificate_verify_flags; } gnutls_certificate_verify_flags;
/** /**
* gnutls_certificate_verification_profiles_t: * gnutls_certificate_verification_profiles_t:
* @GNUTLS_PROFILE_VERY_WEAK: A verification profile that * @GNUTLS_PROFILE_VERY_WEAK: A verification profile that
* corresponds to @GNUTLS_SEC_PARAM_VERY_WEAK (64 bits) * corresponds to @GNUTLS_SEC_PARAM_VERY_WEAK (64 bits)
* @GNUTLS_PROFILE_LOW: A verification profile that * @GNUTLS_PROFILE_LOW: A verification profile that
* corresponds to @GNUTLS_SEC_PARAM_LOW (80 bits) * corresponds to @GNUTLS_SEC_PARAM_LOW (80 bits)
* @GNUTLS_PROFILE_LEGACY: A verification profile that * @GNUTLS_PROFILE_LEGACY: A verification profile that
* corresponds to @GNUTLS_SEC_PARAM_LEGACY (96 bits) * corresponds to @GNUTLS_SEC_PARAM_LEGACY (96 bits)
skipping to change at line 853 skipping to change at line 858
*/ */
typedef enum gnutls_certificate_verification_profiles_t { typedef enum gnutls_certificate_verification_profiles_t {
GNUTLS_PROFILE_VERY_WEAK = 1, GNUTLS_PROFILE_VERY_WEAK = 1,
GNUTLS_PROFILE_LOW = 2, GNUTLS_PROFILE_LOW = 2,
GNUTLS_PROFILE_LEGACY = 4, GNUTLS_PROFILE_LEGACY = 4,
GNUTLS_PROFILE_MEDIUM = 5, GNUTLS_PROFILE_MEDIUM = 5,
GNUTLS_PROFILE_HIGH = 6, GNUTLS_PROFILE_HIGH = 6,
GNUTLS_PROFILE_ULTRA = 7, GNUTLS_PROFILE_ULTRA = 7,
GNUTLS_PROFILE_SUITEB128=32, GNUTLS_PROFILE_SUITEB128=32,
GNUTLS_PROFILE_SUITEB192=33, GNUTLS_PROFILE_SUITEB192=33
/*GNUTLS_PROFILE_MAX=255*/ /*GNUTLS_PROFILE_MAX=255*/
} gnutls_certificate_verification_profiles_t; } gnutls_certificate_verification_profiles_t;
#define GNUTLS_PROFILE_TO_VFLAGS(x) \ #define GNUTLS_PROFILE_TO_VFLAGS(x) \
(((unsigned)x)<<24) (((unsigned)x)<<24)
#define GNUTLS_VFLAGS_PROFILE_MASK (0xff000000) #define GNUTLS_VFLAGS_PROFILE_MASK (0xff000000)
#define GNUTLS_VFLAGS_TO_PROFILE(x) \ #define GNUTLS_VFLAGS_TO_PROFILE(x) \
((((unsigned)x)>>24)&0xff) ((((unsigned)x)>>24)&0xff)
skipping to change at line 1201 skipping to change at line 1206
crq, crq,
unsigned int seq, unsigned int seq,
void *ret, void *ret,
size_t * ret_size); size_t * ret_size);
int gnutls_x509_crq_get_extension_by_oid(gnutls_x509_crq_t crq, int gnutls_x509_crq_get_extension_by_oid(gnutls_x509_crq_t crq,
const char *oid, int indx, const char *oid, int indx,
void *buf, void *buf,
size_t * sizeof_buf, size_t * sizeof_buf,
unsigned int *critical); unsigned int *critical);
int
gnutls_x509_crt_get_extension_by_oid2(gnutls_x509_crt_t cert,
const char *oid, int indx,
gnutls_datum_t *output,
unsigned int *critical);
typedef struct gnutls_x509_trust_list_st *gnutls_x509_trust_list_t; typedef struct gnutls_x509_trust_list_st *gnutls_x509_trust_list_t;
int int
gnutls_x509_trust_list_init(gnutls_x509_trust_list_t * list, gnutls_x509_trust_list_init(gnutls_x509_trust_list_t * list,
unsigned int size); unsigned int size);
void void
gnutls_x509_trust_list_deinit(gnutls_x509_trust_list_t list, gnutls_x509_trust_list_deinit(gnutls_x509_trust_list_t list,
unsigned int all); unsigned int all);
int gnutls_x509_trust_list_get_issuer(gnutls_x509_trust_list_t int gnutls_x509_trust_list_get_issuer(gnutls_x509_trust_list_t
list, gnutls_x509_crt_t cert, list, gnutls_x509_crt_t cert,
gnutls_x509_crt_t * issuer, gnutls_x509_crt_t * issuer,
unsigned int flags); unsigned int flags);
#define GNUTLS_TL_VERIFY_CRL 1 #define GNUTLS_TL_VERIFY_CRL 1
#define GNUTLS_TL_USE_IN_TLS (1<<1) #define GNUTLS_TL_USE_IN_TLS (1<<1)
#define GNUTLS_TL_NO_DUPLICATES (1<<2) #define GNUTLS_TL_NO_DUPLICATES (1<<2)
#define GNUTLS_TL_NO_DUPLICATE_KEY (1<<3)
int int
gnutls_x509_trust_list_add_cas(gnutls_x509_trust_list_t list, gnutls_x509_trust_list_add_cas(gnutls_x509_trust_list_t list,
const gnutls_x509_crt_t * clist, const gnutls_x509_crt_t * clist,
unsigned clist_size, unsigned int flags); unsigned clist_size, unsigned int flags);
int gnutls_x509_trust_list_remove_cas(gnutls_x509_trust_list_t int gnutls_x509_trust_list_remove_cas(gnutls_x509_trust_list_t
list, list,
const gnutls_x509_crt_t * const gnutls_x509_crt_t *
clist, int clist_size); clist, int clist_size);
int gnutls_x509_trust_list_add_named_crt(gnutls_x509_trust_list_t int gnutls_x509_trust_list_add_named_crt(gnutls_x509_trust_list_t
skipping to change at line 1258 skipping to change at line 1269
*/ */
unsigned int unsigned int
verification_output); verification_output);
int gnutls_x509_trust_list_verify_named_crt int gnutls_x509_trust_list_verify_named_crt
(gnutls_x509_trust_list_t list, gnutls_x509_crt_t cert, (gnutls_x509_trust_list_t list, gnutls_x509_crt_t cert,
const void *name, size_t name_size, unsigned int flags, const void *name, size_t name_size, unsigned int flags,
unsigned int *verify, gnutls_verify_output_function func); unsigned int *verify, gnutls_verify_output_function func);
int int
gnutls_x509_trust_list_verify_crt2(gnutls_x509_trust_list_t list,
gnutls_x509_crt_t * cert_list,
unsigned int cert_list_size,
gnutls_typed_vdata_st * data,
unsigned int elements,
unsigned int flags,
unsigned int *voutput,
gnutls_verify_output_function func);
int
gnutls_x509_trust_list_verify_crt(gnutls_x509_trust_list_t list, gnutls_x509_trust_list_verify_crt(gnutls_x509_trust_list_t list,
gnutls_x509_crt_t * cert_list, gnutls_x509_crt_t * cert_list,
unsigned int cert_list_size, unsigned int cert_list_size,
unsigned int flags, unsigned int flags,
unsigned int *verify, unsigned int *verify,
gnutls_verify_output_function func); gnutls_verify_output_function func);
/* trust list convenience functions */ /* trust list convenience functions */
int int
gnutls_x509_trust_list_add_trust_mem(gnutls_x509_trust_list_t gnutls_x509_trust_list_add_trust_mem(gnutls_x509_trust_list_t
skipping to change at line 1313 skipping to change at line 1334
int int
gnutls_x509_trust_list_add_system_trust(gnutls_x509_trust_list_t gnutls_x509_trust_list_add_system_trust(gnutls_x509_trust_list_t
list, list,
unsigned int tl_flags, unsigned int tl_flags,
unsigned int tl_vflags); unsigned int tl_vflags);
void gnutls_certificate_set_trust_list void gnutls_certificate_set_trust_list
(gnutls_certificate_credentials_t res, (gnutls_certificate_credentials_t res,
gnutls_x509_trust_list_t tlist, unsigned flags); gnutls_x509_trust_list_t tlist, unsigned flags);
typedef struct gnutls_x509_ext_st {
char *oid;
unsigned int critical;
gnutls_datum_t data;
} gnutls_x509_ext_st;
void gnutls_x509_ext_deinit(gnutls_x509_ext_st *ext);
int
gnutls_x509_ext_print(gnutls_x509_ext_st *exts, unsigned int exts_size,
gnutls_certificate_print_formats_t format,
gnutls_datum_t * out);
/* *INDENT-OFF* */ /* *INDENT-OFF* */
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
/* *INDENT-ON* */ /* *INDENT-ON* */
#endif /* GNUTLS_X509_H */ #endif /* GNUTLS_X509_H */
 End of changes. 7 change blocks. 
2 lines changed or deleted 36 lines changed or added

This html diff was produced by rfcdiff 1.41.The latest version is available from http://tools.ietf.org/tools/rfcdiff/