Previous: , Up: API reference   [Contents][Index]


E.13 Compatibility API

The following functions are carried over from old GnuTLS released. They might be removed at a later version. Their prototypes lie in gnutls/compat.h.

gnutls_global_set_mem_functions

Function: void gnutls_global_set_mem_functions (gnutls_alloc_function alloc_func, gnutls_alloc_function secure_alloc_func, gnutls_is_secure_function is_secure_func, gnutls_realloc_function realloc_func, gnutls_free_function free_func)

alloc_func: it’s the default memory allocation function. Like malloc() .

secure_alloc_func: This is the memory allocation function that will be used for sensitive data.

is_secure_func: a function that returns 0 if the memory given is not secure. May be NULL.

realloc_func: A realloc function

free_func: The function that frees allocated data. Must accept a NULL pointer.

Deprecated: since 3.3.0 it is no longer possible to replace the internally used memory allocation functions

This is the function where you set the memory allocation functions gnutls is going to use. By default the libc’s allocation functions (malloc() , free() ), are used by gnutls, to allocate both sensitive and not sensitive data. This function is provided to set the memory allocation functions to something other than the defaults

This function must be called before gnutls_global_init() is called. This function is not thread safe.

gnutls_openpgp_privkey_sign_hash

Function: int gnutls_openpgp_privkey_sign_hash (gnutls_openpgp_privkey_t key, const gnutls_datum_t * hash, gnutls_datum_t * signature)

key: Holds the key

hash: holds the data to be signed

signature: will contain newly allocated signature

This function will sign the given hash using the private key. You should use gnutls_openpgp_privkey_set_preferred_key_id() before calling this function to set the subkey to use.

Returns: On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.

Deprecated: Use gnutls_privkey_sign_hash() instead.

gnutls_x509_crl_sign

Function: int gnutls_x509_crl_sign (gnutls_x509_crl_t crl, gnutls_x509_crt_t issuer, gnutls_x509_privkey_t issuer_key)

crl: should contain a gnutls_x509_crl_t type

issuer: is the certificate of the certificate issuer

issuer_key: holds the issuer’s private key

This function is the same a gnutls_x509_crl_sign2() with no flags, and SHA1 as the hash algorithm.

Returns: On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.

Deprecated: Use gnutls_x509_crl_privkey_sign() .

gnutls_x509_crq_sign

Function: int gnutls_x509_crq_sign (gnutls_x509_crq_t crq, gnutls_x509_privkey_t key)

crq: should contain a gnutls_x509_crq_t type

key: holds a private key

This function is the same a gnutls_x509_crq_sign2() with no flags, and SHA1 as the hash algorithm.

Returns: On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.

Deprecated: Use gnutls_x509_crq_privkey_sign() instead.

gnutls_x509_crt_get_preferred_hash_algorithm

Function: int gnutls_x509_crt_get_preferred_hash_algorithm (gnutls_x509_crt_t crt, gnutls_digest_algorithm_t * hash, unsigned int * mand)

crt: Holds the certificate

hash: The result of the call with the hash algorithm used for signature

mand: If non-zero it means that the algorithm MUST use this hash. May be NULL.

This function will read the certificate and return the appropriate digest algorithm to use for signing with this certificate. Some certificates (i.e. DSA might not be able to sign without the preferred algorithm).

Deprecated: Please use gnutls_pubkey_get_preferred_hash_algorithm() .

Returns: the 0 if the hash algorithm is found. A negative error code is returned on error.

Since: 2.12.0

gnutls_x509_privkey_sign_hash

Function: int gnutls_x509_privkey_sign_hash (gnutls_x509_privkey_t key, const gnutls_datum_t * hash, gnutls_datum_t * signature)

key: a key

hash: holds the data to be signed

signature: will contain newly allocated signature

This function will sign the given hash using the private key. Do not use this function directly unless you know what it is. Typical signing requires the data to be hashed and stored in special formats (e.g. BER Digest-Info for RSA).

Returns: On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.

Deprecated in: 2.12.0


Previous: , Up: API reference   [Contents][Index]