Headers diff: 3.0.32 vs 3.1.0
| abstract.h (3.0.32) | | abstract.h (3.1.0) | |
|---|
| | | | |
| skipping to change at line 26 | | skipping to change at line 26 | |
|---|
| * Lesser General Public License for more details. | | * Lesser General Public License for more details. | |
| * | | * | |
| * You should have received a copy of the GNU Lesser General Public License | | * You should have received a copy of the GNU Lesser General Public License | |
| * along with this program. If not, see <http://www.gnu.org/licenses/> | | * along with this program. If not, see <http://www.gnu.org/licenses/> | |
| * | | * | |
| */ | | */ | |
| | | | |
| #ifndef __GNUTLS_ABSTRACT_H | | #ifndef __GNUTLS_ABSTRACT_H | |
| #define __GNUTLS_ABSTRACT_H | | #define __GNUTLS_ABSTRACT_H | |
| | | | |
|
| #include <stdarg.h> | | | |
| #include <gnutls/gnutls.h> | | #include <gnutls/gnutls.h> | |
| #include <gnutls/x509.h> | | #include <gnutls/x509.h> | |
| #include <gnutls/pkcs11.h> | | #include <gnutls/pkcs11.h> | |
| #include <gnutls/openpgp.h> | | #include <gnutls/openpgp.h> | |
|
| | | #include <gnutls/tpm.h> | |
| | | | |
| #ifdef __cplusplus | | #ifdef __cplusplus | |
| extern "C" | | extern "C" | |
| { | | { | |
| #endif | | #endif | |
| | | | |
| /* Public key operations */ | | /* Public key operations */ | |
| | | | |
|
| #define GNUTLS_PUBKEY_VERIFY_FLAG_TLS_RSA 1 | | | |
| /* The following flag disables call to PIN callbacks etc. | | | |
| * Only works for TPM keys. | | | |
| */ | | | |
| #define GNUTLS_PUBKEY_GET_OPENPGP_FINGERPRINT (1<<3) | | | |
| | | | |
| struct gnutls_pubkey_st; | | struct gnutls_pubkey_st; | |
| typedef struct gnutls_pubkey_st *gnutls_pubkey_t; | | typedef struct gnutls_pubkey_st *gnutls_pubkey_t; | |
| | | | |
| struct gnutls_privkey_st; | | struct gnutls_privkey_st; | |
| typedef struct gnutls_privkey_st *gnutls_privkey_t; | | typedef struct gnutls_privkey_st *gnutls_privkey_t; | |
| | | | |
| typedef int (*gnutls_privkey_sign_func) (gnutls_privkey_t key, | | typedef int (*gnutls_privkey_sign_func) (gnutls_privkey_t key, | |
| void *userdata, | | void *userdata, | |
| const gnutls_datum_t * raw_data, | | const gnutls_datum_t * raw_data, | |
| gnutls_datum_t * signature); | | gnutls_datum_t * signature); | |
| typedef int (*gnutls_privkey_decrypt_func) (gnutls_privkey_t key, | | typedef int (*gnutls_privkey_decrypt_func) (gnutls_privkey_t key, | |
| void *userdata, | | void *userdata, | |
| const gnutls_datum_t * cipherte
xt, | | const gnutls_datum_t * cipherte
xt, | |
| gnutls_datum_t * plaintext); | | gnutls_datum_t * plaintext); | |
| | | | |
|
| | | typedef void (*gnutls_privkey_deinit_func) (gnutls_privkey_t key, | |
| | | void *userdata); | |
| | | | |
| int gnutls_pubkey_init (gnutls_pubkey_t * key); | | int gnutls_pubkey_init (gnutls_pubkey_t * key); | |
| void gnutls_pubkey_deinit (gnutls_pubkey_t key); | | void gnutls_pubkey_deinit (gnutls_pubkey_t key); | |
|
| | | | |
| | | void gnutls_pubkey_set_pin_function (gnutls_pubkey_t key, | |
| | | gnutls_pin_callback_t fn, void *userd | |
| | | ata); | |
| | | | |
| int gnutls_pubkey_get_pk_algorithm (gnutls_pubkey_t key, unsigned int *bits
); | | int gnutls_pubkey_get_pk_algorithm (gnutls_pubkey_t key, unsigned int *bits
); | |
| | | | |
| int gnutls_pubkey_import_x509 (gnutls_pubkey_t key, gnutls_x509_crt_t crt, | | int gnutls_pubkey_import_x509 (gnutls_pubkey_t key, gnutls_x509_crt_t crt, | |
| unsigned int flags); | | unsigned int flags); | |
| int gnutls_pubkey_import_pkcs11 (gnutls_pubkey_t key, | | int gnutls_pubkey_import_pkcs11 (gnutls_pubkey_t key, | |
| gnutls_pkcs11_obj_t obj, unsigned int flag
s); | | gnutls_pkcs11_obj_t obj, unsigned int flag
s); | |
| int gnutls_pubkey_import_openpgp (gnutls_pubkey_t key, | | int gnutls_pubkey_import_openpgp (gnutls_pubkey_t key, | |
| gnutls_openpgp_crt_t crt, | | gnutls_openpgp_crt_t crt, | |
| unsigned int flags); | | unsigned int flags); | |
| int | | int | |
| gnutls_pubkey_import_privkey (gnutls_pubkey_t key, gnutls_privkey_t pkey, | | gnutls_pubkey_import_privkey (gnutls_pubkey_t key, gnutls_privkey_t pkey, | |
| unsigned int usage, unsigned int flags); | | unsigned int usage, unsigned int flags); | |
| | | | |
|
| | | int | |
| | | gnutls_pubkey_import_tpm_url (gnutls_pubkey_t pkey, | |
| | | const char* url, | |
| | | const char *srk_password, | |
| | | unsigned int flags); | |
| | | | |
| | | int | |
| | | gnutls_pubkey_import_url (gnutls_pubkey_t key, const char *url, | |
| | | unsigned int flags); | |
| | | | |
| | | int | |
| | | gnutls_pubkey_import_tpm_raw (gnutls_pubkey_t pkey, | |
| | | const gnutls_datum_t * fdata, | |
| | | gnutls_tpmkey_fmt_t format, | |
| | | const char *srk_password, | |
| | | unsigned int flags); | |
| | | | |
| int gnutls_pubkey_get_preferred_hash_algorithm (gnutls_pubkey_t key, | | int gnutls_pubkey_get_preferred_hash_algorithm (gnutls_pubkey_t key, | |
| gnutls_digest_algorithm_t * | | gnutls_digest_algorithm_t * | |
| hash, unsigned int *mand); | | hash, unsigned int *mand); | |
| | | | |
| int gnutls_pubkey_get_pk_rsa_raw (gnutls_pubkey_t key, | | int gnutls_pubkey_get_pk_rsa_raw (gnutls_pubkey_t key, | |
| gnutls_datum_t * m, gnutls_datum_t * e); | | gnutls_datum_t * m, gnutls_datum_t * e); | |
| int gnutls_pubkey_get_pk_dsa_raw (gnutls_pubkey_t key, | | int gnutls_pubkey_get_pk_dsa_raw (gnutls_pubkey_t key, | |
| gnutls_datum_t * p, gnutls_datum_t * q, | | gnutls_datum_t * p, gnutls_datum_t * q, | |
| gnutls_datum_t * g, gnutls_datum_t * y); | | gnutls_datum_t * g, gnutls_datum_t * y); | |
| int gnutls_pubkey_get_pk_ecc_raw (gnutls_pubkey_t key, gnutls_ecc_curve_t *
curve, | | int gnutls_pubkey_get_pk_ecc_raw (gnutls_pubkey_t key, gnutls_ecc_curve_t *
curve, | |
| | | | |
| skipping to change at line 142 | | skipping to change at line 160 | |
|---|
| | | | |
| int | | int | |
| gnutls_pubkey_encrypt_data (gnutls_pubkey_t key, unsigned int flags, | | gnutls_pubkey_encrypt_data (gnutls_pubkey_t key, unsigned int flags, | |
| const gnutls_datum_t * plaintext, | | const gnutls_datum_t * plaintext, | |
| gnutls_datum_t * ciphertext); | | gnutls_datum_t * ciphertext); | |
| | | | |
| int gnutls_x509_crt_set_pubkey (gnutls_x509_crt_t crt, gnutls_pubkey_t key)
; | | int gnutls_x509_crt_set_pubkey (gnutls_x509_crt_t crt, gnutls_pubkey_t key)
; | |
| | | | |
| int gnutls_x509_crq_set_pubkey (gnutls_x509_crq_t crq, gnutls_pubkey_t key)
; | | int gnutls_x509_crq_set_pubkey (gnutls_x509_crq_t crq, gnutls_pubkey_t key)
; | |
| | | | |
|
| int | | #define GNUTLS_PUBKEY_VERIFY_FLAG_TLS_RSA 1 | |
| gnutls_pubkey_verify_hash (gnutls_pubkey_t key, unsigned int flags, | | /* The following flag disables call to PIN callbacks etc. | |
| const gnutls_datum_t * hash, | | * Only works for TPM keys. | |
| const gnutls_datum_t * signature); | | */ | |
| | | #define GNUTLS_PUBKEY_DISABLE_CALLBACKS (1<<2) | |
| int | | int | |
| gnutls_pubkey_verify_hash2 (gnutls_pubkey_t key, | | gnutls_pubkey_verify_hash2 (gnutls_pubkey_t key, | |
| gnutls_sign_algorithm_t algo, | | gnutls_sign_algorithm_t algo, | |
| unsigned int flags, | | unsigned int flags, | |
| const gnutls_datum_t * hash, | | const gnutls_datum_t * hash, | |
| const gnutls_datum_t * signature); | | const gnutls_datum_t * signature); | |
| | | | |
| int | | int | |
| gnutls_pubkey_get_verify_algorithm (gnutls_pubkey_t key, | | gnutls_pubkey_get_verify_algorithm (gnutls_pubkey_t key, | |
| const gnutls_datum_t * signature, | | const gnutls_datum_t * signature, | |
| gnutls_digest_algorithm_t * hash); | | gnutls_digest_algorithm_t * hash); | |
| | | | |
|
| int gnutls_pubkey_verify_data (gnutls_pubkey_t pubkey, | | | |
| unsigned int flags, | | | |
| const gnutls_datum_t * data, | | | |
| const gnutls_datum_t * signature); | | | |
| int | | int | |
| gnutls_pubkey_verify_data2 (gnutls_pubkey_t pubkey, | | gnutls_pubkey_verify_data2 (gnutls_pubkey_t pubkey, | |
| gnutls_sign_algorithm_t algo, | | gnutls_sign_algorithm_t algo, | |
| unsigned int flags, | | unsigned int flags, | |
| const gnutls_datum_t * data, | | const gnutls_datum_t * data, | |
| const gnutls_datum_t * signature); | | const gnutls_datum_t * signature); | |
| | | | |
| /* Private key operations */ | | /* Private key operations */ | |
| | | | |
| int gnutls_privkey_init (gnutls_privkey_t * key); | | int gnutls_privkey_init (gnutls_privkey_t * key); | |
| void gnutls_privkey_deinit (gnutls_privkey_t key); | | void gnutls_privkey_deinit (gnutls_privkey_t key); | |
|
| | | | |
| | | void gnutls_privkey_set_pin_function (gnutls_privkey_t key, | |
| | | gnutls_pin_callback_t fn, void *userd | |
| | | ata); | |
| | | | |
| int gnutls_privkey_get_pk_algorithm (gnutls_privkey_t key, | | int gnutls_privkey_get_pk_algorithm (gnutls_privkey_t key, | |
| unsigned int *bits); | | unsigned int *bits); | |
| gnutls_privkey_type_t gnutls_privkey_get_type (gnutls_privkey_t key); | | gnutls_privkey_type_t gnutls_privkey_get_type (gnutls_privkey_t key); | |
| | | | |
| #define GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE (1<<0) | | #define GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE (1<<0) | |
| #define GNUTLS_PRIVKEY_IMPORT_COPY (1<<1) | | #define GNUTLS_PRIVKEY_IMPORT_COPY (1<<1) | |
|
| | | /* The following flag disables call to PIN callbacks etc. | |
| | | * Only works for TPM keys. | |
| | | */ | |
| | | #define GNUTLS_PRIVKEY_DISABLE_CALLBACKS (1<<2) | |
| int gnutls_privkey_import_pkcs11 (gnutls_privkey_t pkey, | | int gnutls_privkey_import_pkcs11 (gnutls_privkey_t pkey, | |
| gnutls_pkcs11_privkey_t key, | | gnutls_pkcs11_privkey_t key, | |
| unsigned int flags); | | unsigned int flags); | |
| int gnutls_privkey_import_x509 (gnutls_privkey_t pkey, | | int gnutls_privkey_import_x509 (gnutls_privkey_t pkey, | |
| gnutls_x509_privkey_t key, | | gnutls_x509_privkey_t key, | |
| unsigned int flags); | | unsigned int flags); | |
| int gnutls_privkey_import_openpgp (gnutls_privkey_t pkey, | | int gnutls_privkey_import_openpgp (gnutls_privkey_t pkey, | |
| gnutls_openpgp_privkey_t key, | | gnutls_openpgp_privkey_t key, | |
| unsigned int flags); | | unsigned int flags); | |
|
| | | | |
| | | int gnutls_privkey_import_openpgp_raw (gnutls_privkey_t pkey, | |
| | | const gnutls_datum_t * data, | |
| | | gnutls_openpgp_crt_fmt_t format, | |
| | | const gnutls_openpgp_keyid_t keyid, | |
| | | const char* password); | |
| | | | |
| | | int gnutls_privkey_import_x509_raw (gnutls_privkey_t pkey, | |
| | | const gnutls_datum_t * data, | |
| | | gnutls_x509_crt_fmt_t format, | |
| | | const char* password, unsigned int flag | |
| | | s); | |
| | | | |
| | | int | |
| | | gnutls_privkey_import_tpm_raw (gnutls_privkey_t pkey, | |
| | | const gnutls_datum_t * fdata, | |
| | | gnutls_tpmkey_fmt_t format, | |
| | | const char *srk_password, | |
| | | const char *tpm_password, unsigned int flags) | |
| | | ; | |
| | | | |
| | | int | |
| | | gnutls_privkey_import_tpm_url (gnutls_privkey_t pkey, | |
| | | const char* url, const char *srk_password, const char *key_passwo | |
| | | rd, | |
| | | unsigned int flags); | |
| | | | |
| | | int gnutls_privkey_import_url (gnutls_privkey_t key, const char *url, unsig | |
| | | ned int flags); | |
| | | | |
| | | int gnutls_privkey_import_pkcs11_url (gnutls_privkey_t key, const char *url | |
| | | ); | |
| | | | |
| int | | int | |
| gnutls_privkey_import_ext (gnutls_privkey_t pkey, | | gnutls_privkey_import_ext (gnutls_privkey_t pkey, | |
| gnutls_pk_algorithm_t pk, | | gnutls_pk_algorithm_t pk, | |
| void* userdata, | | void* userdata, | |
| gnutls_privkey_sign_func sign_func, | | gnutls_privkey_sign_func sign_func, | |
| gnutls_privkey_decrypt_func decrypt_func, | | gnutls_privkey_decrypt_func decrypt_func, | |
| unsigned int flags); | | unsigned int flags); | |
| | | | |
|
| | | int | |
| | | gnutls_privkey_import_ext2 (gnutls_privkey_t pkey, | |
| | | gnutls_pk_algorithm_t pk, | |
| | | void* userdata, | |
| | | gnutls_privkey_sign_func sign_func, | |
| | | gnutls_privkey_decrypt_func decrypt_func, | |
| | | gnutls_privkey_deinit_func deinit_func, | |
| | | unsigned int flags); | |
| | | | |
| int gnutls_privkey_sign_data (gnutls_privkey_t signer, | | int gnutls_privkey_sign_data (gnutls_privkey_t signer, | |
| gnutls_digest_algorithm_t hash, | | gnutls_digest_algorithm_t hash, | |
| unsigned int flags, | | unsigned int flags, | |
| const gnutls_datum_t * data, | | const gnutls_datum_t * data, | |
| gnutls_datum_t * signature); | | gnutls_datum_t * signature); | |
| | | | |
| int gnutls_privkey_sign_hash (gnutls_privkey_t signer, | | int gnutls_privkey_sign_hash (gnutls_privkey_t signer, | |
| gnutls_digest_algorithm_t hash_algo, | | gnutls_digest_algorithm_t hash_algo, | |
| unsigned int flags, | | unsigned int flags, | |
| const gnutls_datum_t * hash_data, | | const gnutls_datum_t * hash_data, | |
| | | | |
| skipping to change at line 302 | | skipping to change at line 361 | |
|---|
| gnutls_certificate_retrieve_function2 * func); | | gnutls_certificate_retrieve_function2 * func); | |
| | | | |
| int | | int | |
| gnutls_certificate_set_key (gnutls_certificate_credentials_t res, | | gnutls_certificate_set_key (gnutls_certificate_credentials_t res, | |
| const char** names, | | const char** names, | |
| int names_size, | | int names_size, | |
| gnutls_pcert_st * pcert_list, | | gnutls_pcert_st * pcert_list, | |
| int pcert_list_size, | | int pcert_list_size, | |
| gnutls_privkey_t key); | | gnutls_privkey_t key); | |
| | | | |
|
| | | #include <gnutls/compat.h> | |
| | | | |
| | | int gnutls_pubkey_verify_data (gnutls_pubkey_t pubkey, | |
| | | unsigned int flags, | |
| | | const gnutls_datum_t * data, | |
| | | const gnutls_datum_t * signature) _GNUTLS_GC | |
| | | C_ATTR_DEPRECATED; | |
| | | | |
| | | int gnutls_pubkey_verify_hash (gnutls_pubkey_t key, unsigned int flags, | |
| | | const gnutls_datum_t * hash, | |
| | | const gnutls_datum_t * signature) _GNUTLS_GCC_AT | |
| | | TR_DEPRECATED; | |
| | | | |
| #ifdef __cplusplus | | #ifdef __cplusplus | |
| } | | } | |
| #endif | | #endif | |
| | | | |
| #endif | | #endif | |
| | | | |
| End of changes. 13 change blocks. |
|---|
| 16 lines changed or deleted | | 95 lines changed or added | |
|---|
|
| gnutls.h (3.0.32) | | gnutls.h (3.1.0) | |
|---|
| | | | |
| skipping to change at line 54 | | skipping to change at line 54 | |
|---|
| #include <sys/types.h> | | #include <sys/types.h> | |
| /* *INDENT-ON* */ | | /* *INDENT-ON* */ | |
| #endif | | #endif | |
| /* Get time_t. */ | | /* Get time_t. */ | |
| #include <time.h> | | #include <time.h> | |
| #ifdef __cplusplus | | #ifdef __cplusplus | |
| extern "C" | | extern "C" | |
| { | | { | |
| #endif | | #endif | |
| | | | |
|
| #define GNUTLS_VERSION "3.0.32" | | #define GNUTLS_VERSION "3.1.0" | |
| | | | |
| #define GNUTLS_VERSION_MAJOR 3 | | #define GNUTLS_VERSION_MAJOR 3 | |
|
| #define GNUTLS_VERSION_MINOR 0 | | #define GNUTLS_VERSION_MINOR 1 | |
| #define GNUTLS_VERSION_PATCH 32 | | #define GNUTLS_VERSION_PATCH 0 | |
| | | | |
|
| #define GNUTLS_VERSION_NUMBER 0x030020 | | #define GNUTLS_VERSION_NUMBER 0x030100 | |
| | | | |
| #define GNUTLS_CIPHER_RIJNDAEL_128_CBC GNUTLS_CIPHER_AES_128_CBC | | #define GNUTLS_CIPHER_RIJNDAEL_128_CBC GNUTLS_CIPHER_AES_128_CBC | |
| #define GNUTLS_CIPHER_RIJNDAEL_256_CBC GNUTLS_CIPHER_AES_256_CBC | | #define GNUTLS_CIPHER_RIJNDAEL_256_CBC GNUTLS_CIPHER_AES_256_CBC | |
| #define GNUTLS_CIPHER_RIJNDAEL_CBC GNUTLS_CIPHER_AES_128_CBC | | #define GNUTLS_CIPHER_RIJNDAEL_CBC GNUTLS_CIPHER_AES_128_CBC | |
| #define GNUTLS_CIPHER_ARCFOUR GNUTLS_CIPHER_ARCFOUR_128 | | #define GNUTLS_CIPHER_ARCFOUR GNUTLS_CIPHER_ARCFOUR_128 | |
| | | | |
| /** | | /** | |
| * gnutls_cipher_algorithm_t: | | * gnutls_cipher_algorithm_t: | |
| * @GNUTLS_CIPHER_UNKNOWN: Unknown algorithm. | | * @GNUTLS_CIPHER_UNKNOWN: Unknown algorithm. | |
| * @GNUTLS_CIPHER_NULL: NULL algorithm. | | * @GNUTLS_CIPHER_NULL: NULL algorithm. | |
| * @GNUTLS_CIPHER_ARCFOUR_128: ARCFOUR stream cipher with 128-bit keys. | | * @GNUTLS_CIPHER_ARCFOUR_128: ARCFOUR stream cipher with 128-bit keys. | |
| * @GNUTLS_CIPHER_3DES_CBC: 3DES in CBC mode. | | * @GNUTLS_CIPHER_3DES_CBC: 3DES in CBC mode. | |
| * @GNUTLS_CIPHER_AES_128_CBC: AES in CBC mode with 128-bit keys. | | * @GNUTLS_CIPHER_AES_128_CBC: AES in CBC mode with 128-bit keys. | |
| * @GNUTLS_CIPHER_AES_192_CBC: AES in CBC mode with 192-bit keys. | | * @GNUTLS_CIPHER_AES_192_CBC: AES in CBC mode with 192-bit keys. | |
| * @GNUTLS_CIPHER_AES_256_CBC: AES in CBC mode with 256-bit keys. | | * @GNUTLS_CIPHER_AES_256_CBC: AES in CBC mode with 256-bit keys. | |
| * @GNUTLS_CIPHER_ARCFOUR_40: ARCFOUR stream cipher with 40-bit keys. | | * @GNUTLS_CIPHER_ARCFOUR_40: ARCFOUR stream cipher with 40-bit keys. | |
| * @GNUTLS_CIPHER_CAMELLIA_128_CBC: Camellia in CBC mode with 128-bit keys. | | * @GNUTLS_CIPHER_CAMELLIA_128_CBC: Camellia in CBC mode with 128-bit keys. | |
|
| | | * @GNUTLS_CIPHER_CAMELLIA_192_CBC: Camellia in CBC mode with 192-bit keys. | |
| * @GNUTLS_CIPHER_CAMELLIA_256_CBC: Camellia in CBC mode with 256-bit keys. | | * @GNUTLS_CIPHER_CAMELLIA_256_CBC: Camellia in CBC mode with 256-bit keys. | |
| * @GNUTLS_CIPHER_RC2_40_CBC: RC2 in CBC mode with 40-bit keys. | | * @GNUTLS_CIPHER_RC2_40_CBC: RC2 in CBC mode with 40-bit keys. | |
| * @GNUTLS_CIPHER_DES_CBC: DES in CBC mode (56-bit keys). | | * @GNUTLS_CIPHER_DES_CBC: DES in CBC mode (56-bit keys). | |
| * @GNUTLS_CIPHER_AES_128_GCM: AES in GCM mode with 128-bit keys. | | * @GNUTLS_CIPHER_AES_128_GCM: AES in GCM mode with 128-bit keys. | |
| * @GNUTLS_CIPHER_AES_256_GCM: AES in GCM mode with 256-bit keys. | | * @GNUTLS_CIPHER_AES_256_GCM: AES in GCM mode with 256-bit keys. | |
| * @GNUTLS_CIPHER_IDEA_PGP_CFB: IDEA in CFB mode. | | * @GNUTLS_CIPHER_IDEA_PGP_CFB: IDEA in CFB mode. | |
| * @GNUTLS_CIPHER_3DES_PGP_CFB: 3DES in CFB mode. | | * @GNUTLS_CIPHER_3DES_PGP_CFB: 3DES in CFB mode. | |
| * @GNUTLS_CIPHER_CAST5_PGP_CFB: CAST5 in CFB mode. | | * @GNUTLS_CIPHER_CAST5_PGP_CFB: CAST5 in CFB mode. | |
| * @GNUTLS_CIPHER_BLOWFISH_PGP_CFB: Blowfish in CFB mode. | | * @GNUTLS_CIPHER_BLOWFISH_PGP_CFB: Blowfish in CFB mode. | |
| * @GNUTLS_CIPHER_SAFER_SK128_PGP_CFB: Safer-SK in CFB mode with 128-bit ke
ys. | | * @GNUTLS_CIPHER_SAFER_SK128_PGP_CFB: Safer-SK in CFB mode with 128-bit ke
ys. | |
| | | | |
| skipping to change at line 111 | | skipping to change at line 112 | |
|---|
| GNUTLS_CIPHER_AES_128_CBC = 4, | | GNUTLS_CIPHER_AES_128_CBC = 4, | |
| GNUTLS_CIPHER_AES_256_CBC = 5, | | GNUTLS_CIPHER_AES_256_CBC = 5, | |
| GNUTLS_CIPHER_ARCFOUR_40 = 6, | | GNUTLS_CIPHER_ARCFOUR_40 = 6, | |
| GNUTLS_CIPHER_CAMELLIA_128_CBC = 7, | | GNUTLS_CIPHER_CAMELLIA_128_CBC = 7, | |
| GNUTLS_CIPHER_CAMELLIA_256_CBC = 8, | | GNUTLS_CIPHER_CAMELLIA_256_CBC = 8, | |
| GNUTLS_CIPHER_RC2_40_CBC = 90, | | GNUTLS_CIPHER_RC2_40_CBC = 90, | |
| GNUTLS_CIPHER_DES_CBC = 91, | | GNUTLS_CIPHER_DES_CBC = 91, | |
| GNUTLS_CIPHER_AES_192_CBC = 92, | | GNUTLS_CIPHER_AES_192_CBC = 92, | |
| GNUTLS_CIPHER_AES_128_GCM = 93, | | GNUTLS_CIPHER_AES_128_GCM = 93, | |
| GNUTLS_CIPHER_AES_256_GCM = 94, | | GNUTLS_CIPHER_AES_256_GCM = 94, | |
|
| | | GNUTLS_CIPHER_CAMELLIA_192_CBC = 95, | |
| | | | |
| /* used only for PGP internals. Ignored in TLS/SSL | | /* used only for PGP internals. Ignored in TLS/SSL | |
| */ | | */ | |
| GNUTLS_CIPHER_IDEA_PGP_CFB = 200, | | GNUTLS_CIPHER_IDEA_PGP_CFB = 200, | |
| GNUTLS_CIPHER_3DES_PGP_CFB = 201, | | GNUTLS_CIPHER_3DES_PGP_CFB = 201, | |
| GNUTLS_CIPHER_CAST5_PGP_CFB = 202, | | GNUTLS_CIPHER_CAST5_PGP_CFB = 202, | |
| GNUTLS_CIPHER_BLOWFISH_PGP_CFB = 203, | | GNUTLS_CIPHER_BLOWFISH_PGP_CFB = 203, | |
| GNUTLS_CIPHER_SAFER_SK128_PGP_CFB = 204, | | GNUTLS_CIPHER_SAFER_SK128_PGP_CFB = 204, | |
| GNUTLS_CIPHER_AES128_PGP_CFB = 205, | | GNUTLS_CIPHER_AES128_PGP_CFB = 205, | |
| GNUTLS_CIPHER_AES192_PGP_CFB = 206, | | GNUTLS_CIPHER_AES192_PGP_CFB = 206, | |
| | | | |
| skipping to change at line 296 | | skipping to change at line 298 | |
|---|
| } gnutls_compression_method_t; | | } gnutls_compression_method_t; | |
| | | | |
| /* | | /* | |
| * Flags for gnutls_init() | | * Flags for gnutls_init() | |
| * | | * | |
| * @GNUTLS_SERVER: Connection end is a server. | | * @GNUTLS_SERVER: Connection end is a server. | |
| * @GNUTLS_CLIENT: Connection end is a client. | | * @GNUTLS_CLIENT: Connection end is a client. | |
| * @GNUTLS_DATAGRAM: Connection is datagram oriented (DTLS). | | * @GNUTLS_DATAGRAM: Connection is datagram oriented (DTLS). | |
| * @GNUTLS_NONBLOCK: Connection should not block (DTLS). | | * @GNUTLS_NONBLOCK: Connection should not block (DTLS). | |
| * | | * | |
|
| | | * Enumeration of different TLS connection end types. | |
| */ | | */ | |
| #define GNUTLS_SERVER 1 | | #define GNUTLS_SERVER 1 | |
| #define GNUTLS_CLIENT (1<<1) | | #define GNUTLS_CLIENT (1<<1) | |
| #define GNUTLS_DATAGRAM (1<<2) | | #define GNUTLS_DATAGRAM (1<<2) | |
| #define GNUTLS_NONBLOCK (1<<3) | | #define GNUTLS_NONBLOCK (1<<3) | |
| | | | |
| /** | | /** | |
| * gnutls_alert_level_t: | | * gnutls_alert_level_t: | |
| * @GNUTLS_AL_WARNING: Alert of warning severity. | | * @GNUTLS_AL_WARNING: Alert of warning severity. | |
| * @GNUTLS_AL_FATAL: Alert of fatal severity. | | * @GNUTLS_AL_FATAL: Alert of fatal severity. | |
| | | | |
| skipping to change at line 427 | | skipping to change at line 430 | |
|---|
| GNUTLS_HANDSHAKE_FINISHED = 20, | | GNUTLS_HANDSHAKE_FINISHED = 20, | |
| GNUTLS_HANDSHAKE_SUPPLEMENTAL = 23, | | GNUTLS_HANDSHAKE_SUPPLEMENTAL = 23, | |
| GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC = 254, | | GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC = 254, | |
| GNUTLS_HANDSHAKE_CLIENT_HELLO_V2 = 1024, | | GNUTLS_HANDSHAKE_CLIENT_HELLO_V2 = 1024, | |
| } gnutls_handshake_description_t; | | } gnutls_handshake_description_t; | |
| | | | |
| /** | | /** | |
| * gnutls_certificate_status_t: | | * gnutls_certificate_status_t: | |
| * @GNUTLS_CERT_INVALID: The certificate is not signed by one of the | | * @GNUTLS_CERT_INVALID: The certificate is not signed by one of the | |
| * known authorities or the signature is invalid. | | * known authorities or the signature is invalid. | |
|
| | | * @GNUTLS_CERT_SIGNATURE_FAILURE: The signature verification failed. | |
| * @GNUTLS_CERT_REVOKED: Certificate is revoked by its authority. In X.509
this will be | | * @GNUTLS_CERT_REVOKED: Certificate is revoked by its authority. In X.509
this will be | |
| * set only if CRLs are checked. | | * set only if CRLs are checked. | |
| * @GNUTLS_CERT_SIGNER_NOT_FOUND: The certificate's issuer is not known. | | * @GNUTLS_CERT_SIGNER_NOT_FOUND: The certificate's issuer is not known. | |
| * This is the case if the issuer is not included in the trusted certific
ate list. | | * This is the case if the issuer is not included in the trusted certific
ate list. | |
| * @GNUTLS_CERT_SIGNER_NOT_CA: The certificate's signer was not a CA. This | | * @GNUTLS_CERT_SIGNER_NOT_CA: The certificate's signer was not a CA. This | |
| * may happen if this was a version 1 certificate, which is common with | | * may happen if this was a version 1 certificate, which is common with | |
| * some CAs, or a version 3 certificate without the basic constrains exte
nsion. | | * some CAs, or a version 3 certificate without the basic constrains exte
nsion. | |
| * @GNUTLS_CERT_INSECURE_ALGORITHM: The certificate was signed using an in
secure | | * @GNUTLS_CERT_INSECURE_ALGORITHM: The certificate was signed using an in
secure | |
| * algorithm such as MD2 or MD5. These algorithms have been broken and | | * algorithm such as MD2 or MD5. These algorithms have been broken and | |
| * should not be trusted. | | * should not be trusted. | |
| * @GNUTLS_CERT_NOT_ACTIVATED: The certificate is not yet activated. | | * @GNUTLS_CERT_NOT_ACTIVATED: The certificate is not yet activated. | |
| * @GNUTLS_CERT_EXPIRED: The certificate has expired. | | * @GNUTLS_CERT_EXPIRED: The certificate has expired. | |
|
| * @GNUTLS_CERT_REVOCATION_DATA_SUPERSEDED: The revocation data are old and | | | |
| have been superseded. | | | |
| * @GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE: The revocation data have | | | |
| a future issue date. | | | |
| * | | * | |
| * Enumeration of certificate status codes. Note that the status | | * Enumeration of certificate status codes. Note that the status | |
| * bits have different meanings in OpenPGP keys and X.509 | | * bits have different meanings in OpenPGP keys and X.509 | |
| * certificate verification. | | * certificate verification. | |
| */ | | */ | |
| typedef enum | | typedef enum | |
| { | | { | |
|
| GNUTLS_CERT_INVALID = 1<<1, | | GNUTLS_CERT_INVALID = 2, | |
| GNUTLS_CERT_REVOKED = 1<<5, | | GNUTLS_CERT_REVOKED = 32, | |
| GNUTLS_CERT_SIGNER_NOT_FOUND = 1<<6, | | GNUTLS_CERT_SIGNER_NOT_FOUND = 64, | |
| GNUTLS_CERT_SIGNER_NOT_CA = 1<<7, | | GNUTLS_CERT_SIGNER_NOT_CA = 128, | |
| GNUTLS_CERT_INSECURE_ALGORITHM = 1<<8, | | GNUTLS_CERT_INSECURE_ALGORITHM = 256, | |
| GNUTLS_CERT_NOT_ACTIVATED = 1<<9, | | GNUTLS_CERT_NOT_ACTIVATED = 512, | |
| GNUTLS_CERT_EXPIRED = 1<<10, | | GNUTLS_CERT_EXPIRED = 1024, | |
| GNUTLS_CERT_SIGNATURE_FAILURE = 1<<11, | | GNUTLS_CERT_SIGNATURE_FAILURE = 2048 | |
| GNUTLS_CERT_REVOCATION_DATA_SUPERSEDED = 1<<12, | | | |
| GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE = 1<<15, | | | |
| } gnutls_certificate_status_t; | | } gnutls_certificate_status_t; | |
| | | | |
| /** | | /** | |
| * gnutls_certificate_request_t: | | * gnutls_certificate_request_t: | |
| * @GNUTLS_CERT_IGNORE: Ignore certificate. | | * @GNUTLS_CERT_IGNORE: Ignore certificate. | |
| * @GNUTLS_CERT_REQUEST: Request certificate. | | * @GNUTLS_CERT_REQUEST: Request certificate. | |
| * @GNUTLS_CERT_REQUIRE: Require certificate. | | * @GNUTLS_CERT_REQUIRE: Require certificate. | |
| * | | * | |
| * Enumeration of certificate request types. | | * Enumeration of certificate request types. | |
| */ | | */ | |
| | | | |
| skipping to change at line 751 | | skipping to change at line 751 | |
|---|
| /* internal functions */ | | /* internal functions */ | |
| | | | |
| int gnutls_init (gnutls_session_t * session, | | int gnutls_init (gnutls_session_t * session, | |
| unsigned int flags); | | unsigned int flags); | |
| void gnutls_deinit (gnutls_session_t session); | | void gnutls_deinit (gnutls_session_t session); | |
| #define _gnutls_deinit(x) gnutls_deinit(x) | | #define _gnutls_deinit(x) gnutls_deinit(x) | |
| | | | |
| int gnutls_bye (gnutls_session_t session, gnutls_close_request_t how); | | int gnutls_bye (gnutls_session_t session, gnutls_close_request_t how); | |
| | | | |
| int gnutls_handshake (gnutls_session_t session); | | int gnutls_handshake (gnutls_session_t session); | |
|
| | | | |
| | | #define GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT ((unsigned int)-1) | |
| | | void gnutls_handshake_set_timeout (gnutls_session_t session, unsigned int | |
| | | sec); | |
| int gnutls_rehandshake (gnutls_session_t session); | | int gnutls_rehandshake (gnutls_session_t session); | |
| | | | |
| gnutls_alert_description_t gnutls_alert_get (gnutls_session_t session); | | gnutls_alert_description_t gnutls_alert_get (gnutls_session_t session); | |
| int gnutls_alert_send (gnutls_session_t session, | | int gnutls_alert_send (gnutls_session_t session, | |
| gnutls_alert_level_t level, | | gnutls_alert_level_t level, | |
| gnutls_alert_description_t desc); | | gnutls_alert_description_t desc); | |
| int gnutls_alert_send_appropriate (gnutls_session_t session, int err); | | int gnutls_alert_send_appropriate (gnutls_session_t session, int err); | |
| const char *gnutls_alert_get_name (gnutls_alert_description_t alert); | | const char *gnutls_alert_get_name (gnutls_alert_description_t alert); | |
| const char * gnutls_alert_get_strname (gnutls_alert_description_t alert); | | const char * gnutls_alert_get_strname (gnutls_alert_description_t alert); | |
| | | | |
| | | | |
| skipping to change at line 776 | | skipping to change at line 779 | |
|---|
| | | | |
| /* Elliptic curves */ | | /* Elliptic curves */ | |
| const char * gnutls_ecc_curve_get_name (gnutls_ecc_curve_t curve); | | const char * gnutls_ecc_curve_get_name (gnutls_ecc_curve_t curve); | |
| int gnutls_ecc_curve_get_size (gnutls_ecc_curve_t curve); | | int gnutls_ecc_curve_get_size (gnutls_ecc_curve_t curve); | |
| gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t session); | | gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t session); | |
| | | | |
| /* get information on the current session */ | | /* get information on the current session */ | |
| gnutls_cipher_algorithm_t gnutls_cipher_get (gnutls_session_t session); | | gnutls_cipher_algorithm_t gnutls_cipher_get (gnutls_session_t session); | |
| gnutls_kx_algorithm_t gnutls_kx_get (gnutls_session_t session); | | gnutls_kx_algorithm_t gnutls_kx_get (gnutls_session_t session); | |
| gnutls_mac_algorithm_t gnutls_mac_get (gnutls_session_t session); | | gnutls_mac_algorithm_t gnutls_mac_get (gnutls_session_t session); | |
|
| gnutls_compression_method_t | | gnutls_compression_method_t | |
| gnutls_compression_get (gnutls_session_t session); | | gnutls_compression_get (gnutls_session_t session); | |
|
| gnutls_certificate_type_t | | gnutls_certificate_type_t | |
| gnutls_certificate_type_get (gnutls_session_t session); | | gnutls_certificate_type_get (gnutls_session_t session); | |
|
| | | | |
| int gnutls_sign_algorithm_get_requested (gnutls_session_t session, | | int gnutls_sign_algorithm_get_requested (gnutls_session_t session, | |
| size_t indx, | | size_t indx, | |
| gnutls_sign_algorithm_t * algo); | | gnutls_sign_algorithm_t * algo); | |
| | | | |
| size_t gnutls_cipher_get_key_size (gnutls_cipher_algorithm_t algorithm); | | size_t gnutls_cipher_get_key_size (gnutls_cipher_algorithm_t algorithm); | |
| size_t gnutls_mac_get_key_size (gnutls_mac_algorithm_t algorithm); | | size_t gnutls_mac_get_key_size (gnutls_mac_algorithm_t algorithm); | |
| | | | |
| /* the name of the specified algorithms */ | | /* the name of the specified algorithms */ | |
| const char *gnutls_cipher_get_name (gnutls_cipher_algorithm_t algorithm); | | const char *gnutls_cipher_get_name (gnutls_cipher_algorithm_t algorithm); | |
| const char *gnutls_mac_get_name (gnutls_mac_algorithm_t algorithm); | | const char *gnutls_mac_get_name (gnutls_mac_algorithm_t algorithm); | |
| | | | |
| skipping to change at line 1727 | | skipping to change at line 1733 | |
|---|
| | | | |
| int gnutls_store_pubkey (const char* db_name, | | int gnutls_store_pubkey (const char* db_name, | |
| gnutls_tdb_t tdb, | | gnutls_tdb_t tdb, | |
| const char* host, | | const char* host, | |
| const char* service, | | const char* service, | |
| gnutls_certificate_type_t cert_type, | | gnutls_certificate_type_t cert_type, | |
| const gnutls_datum_t * cert, | | const gnutls_datum_t * cert, | |
| time_t expiration, | | time_t expiration, | |
| unsigned int flags); | | unsigned int flags); | |
| | | | |
|
| | | /* Other helper functions */ | |
| | | int gnutls_load_file(const char* filename, gnutls_datum_t * data); | |
| | | | |
| | | int gnutls_url_is_supported (const char* url); | |
| | | | |
| | | /* PIN callback */ | |
| | | | |
| | | /** | |
| | | * gnutls_pin_flag_t: | |
| | | * @GNUTLS_PIN_USER: The PIN for the user. | |
| | | * @GNUTLS_PIN_SO: The PIN for the security officer (admin). | |
| | | * @GNUTLS_PIN_CONTEXT_SPECIFIC: The PIN is for a specific action and key l | |
| | | ike signing. | |
| | | * @GNUTLS_PIN_FINAL_TRY: This is the final try before blocking. | |
| | | * @GNUTLS_PIN_COUNT_LOW: Few tries remain before token blocks. | |
| | | * @GNUTLS_PIN_WRONG: Last given PIN was not correct. | |
| | | * | |
| | | * Enumeration of different flags that are input to the PIN function. | |
| | | */ | |
| | | typedef enum | |
| | | { | |
| | | GNUTLS_PIN_USER = (1 << 0), | |
| | | GNUTLS_PIN_SO = (1 << 1), | |
| | | GNUTLS_PIN_FINAL_TRY = (1 << 2), | |
| | | GNUTLS_PIN_COUNT_LOW = (1 << 3), | |
| | | GNUTLS_PIN_CONTEXT_SPECIFIC = (1 << 4), | |
| | | GNUTLS_PIN_WRONG = (1 << 5), | |
| | | } gnutls_pin_flag_t; | |
| | | | |
| | | #define GNUTLS_PKCS11_PIN_USER GNUTLS_PIN_USER | |
| | | #define GNUTLS_PKCS11_PIN_SO GNUTLS_PIN_SO | |
| | | #define GNUTLS_PKCS11_PIN_FINAL_TRY GNUTLS_PIN_FINAL_TRY | |
| | | #define GNUTLS_PKCS11_PIN_COUNT_LOW GNUTLS_PIN_COUNT_LOW | |
| | | #define GNUTLS_PKCS11_PIN_CONTEXT_SPECIFIC GNUTLS_PIN_CONTEXT_SPECIFIC | |
| | | #define GNUTLS_PKCS11_PIN_WRONG GNUTLS_PIN_WRONG | |
| | | | |
| | | /** | |
| | | * gnutls_pin_callback_t: | |
| | | * @userdata: user-controlled data from gnutls_pkcs11_set_pin_function(). | |
| | | * @attempt: pin-attempt counter, initially 0. | |
| | | * @token_url: URL of token. | |
| | | * @token_label: label of token. | |
| | | * @flags: a #gnutls_pin_flag_t flag. | |
| | | * @pin: buffer to hold PIN, of size @pin_max. | |
| | | * @pin_max: size of @pin buffer. | |
| | | * | |
| | | * Callback function type for PKCS#11 or TPM PIN entry. It is set by | |
| | | * functions like gnutls_pkcs11_set_pin_function(). | |
| | | * | |
| | | * The callback should provides the PIN code to unlock the token with | |
| | | * label @token_label, specified by the URL @token_url. | |
| | | * | |
| | | * The PIN code, as a NUL-terminated ASCII string, should be copied | |
| | | * into the @pin buffer (of maximum size @pin_max), and return 0 to | |
| | | * indicate success. Alternatively, the callback may return a | |
| | | * negative gnutls error code to indicate failure and cancel PIN entry | |
| | | * (in which case, the contents of the @pin parameter are ignored). | |
| | | * | |
| | | * When a PIN is required, the callback will be invoked repeatedly | |
| | | * (and indefinitely) until either the returned PIN code is correct, | |
| | | * the callback returns failure, or the token refuses login (e.g. when | |
| | | * the token is locked due to too many incorrect PINs!). For the | |
| | | * first such invocation, the @attempt counter will have value zero; | |
| | | * it will increase by one for each subsequent attempt. | |
| | | * | |
| | | * Returns: %GNUTLS_E_SUCCESS (0) on success or a negative error code on er | |
| | | ror. | |
| | | * | |
| | | * Since: 2.12.0 | |
| | | **/ | |
| | | typedef int (*gnutls_pin_callback_t) (void *userdata, int attempt, | |
| | | const char *token_url, | |
| | | const char *token_label, | |
| | | unsigned int flags, | |
| | | char *pin, size_t pin_max); | |
| | | | |
| | | void gnutls_certificate_set_pin_function (gnutls_certificate_credentials_ | |
| | | t, | |
| | | gnutls_pin_callback_t fn, void | |
| | | *userdata); | |
| | | | |
| /* Gnutls error codes. The mapping to a TLS alert is also shown in | | /* Gnutls error codes. The mapping to a TLS alert is also shown in | |
| * comments. | | * comments. | |
| */ | | */ | |
| | | | |
| #define GNUTLS_E_SUCCESS 0 | | #define GNUTLS_E_SUCCESS 0 | |
| #define GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM -3 | | #define GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM -3 | |
| #define GNUTLS_E_UNKNOWN_CIPHER_TYPE -6 | | #define GNUTLS_E_UNKNOWN_CIPHER_TYPE -6 | |
| #define GNUTLS_E_LARGE_PACKET -7 | | #define GNUTLS_E_LARGE_PACKET -7 | |
| #define GNUTLS_E_UNSUPPORTED_VERSION_PACKET -8 /* GNUTLS_A_PROTOCOL_VERSIO
N */ | | #define GNUTLS_E_UNSUPPORTED_VERSION_PACKET -8 /* GNUTLS_A_PROTOCOL_VERSIO
N */ | |
| #define GNUTLS_E_UNEXPECTED_PACKET_LENGTH -9 /* GNUTLS_A_RECORD_OVERFLOW
*/ | | #define GNUTLS_E_UNEXPECTED_PACKET_LENGTH -9 /* GNUTLS_A_RECORD_OVERFLOW
*/ | |
| | | | |
| skipping to change at line 1901 | | skipping to change at line 1984 | |
|---|
| #define GNUTLS_E_USER_ERROR -320 | | #define GNUTLS_E_USER_ERROR -320 | |
| #define GNUTLS_E_ECC_NO_SUPPORTED_CURVES -321 | | #define GNUTLS_E_ECC_NO_SUPPORTED_CURVES -321 | |
| #define GNUTLS_E_ECC_UNSUPPORTED_CURVE -322 | | #define GNUTLS_E_ECC_UNSUPPORTED_CURVE -322 | |
| #define GNUTLS_E_PKCS11_REQUESTED_OBJECT_NOT_AVAILBLE -323 | | #define GNUTLS_E_PKCS11_REQUESTED_OBJECT_NOT_AVAILBLE -323 | |
| #define GNUTLS_E_CERTIFICATE_LIST_UNSORTED -324 | | #define GNUTLS_E_CERTIFICATE_LIST_UNSORTED -324 | |
| #define GNUTLS_E_ILLEGAL_PARAMETER -325 | | #define GNUTLS_E_ILLEGAL_PARAMETER -325 | |
| #define GNUTLS_E_NO_PRIORITIES_WERE_SET -326 | | #define GNUTLS_E_NO_PRIORITIES_WERE_SET -326 | |
| #define GNUTLS_E_X509_UNSUPPORTED_EXTENSION -327 | | #define GNUTLS_E_X509_UNSUPPORTED_EXTENSION -327 | |
| #define GNUTLS_E_SESSION_EOF -328 | | #define GNUTLS_E_SESSION_EOF -328 | |
| | | | |
|
| #define GNUTLS_E_OCSP_RESPONSE_ERROR -341 | | #define GNUTLS_E_TPM_ERROR -329 | |
| | | #define GNUTLS_E_TPM_KEY_PASSWORD_ERROR -330 | |
| | | #define GNUTLS_E_TPM_SRK_PASSWORD_ERROR -331 | |
| | | #define GNUTLS_E_TPM_SESSION_ERROR -332 | |
| | | #define GNUTLS_E_TPM_KEY_NOT_FOUND -333 | |
| | | #define GNUTLS_E_TPM_UNINITIALIZED -334 | |
| | | | |
| #define GNUTLS_E_UNIMPLEMENTED_FEATURE -1250 | | #define GNUTLS_E_UNIMPLEMENTED_FEATURE -1250 | |
| | | | |
| #define GNUTLS_E_APPLICATION_ERROR_MAX -65000 | | #define GNUTLS_E_APPLICATION_ERROR_MAX -65000 | |
| #define GNUTLS_E_APPLICATION_ERROR_MIN -65500 | | #define GNUTLS_E_APPLICATION_ERROR_MIN -65500 | |
| | | | |
| #ifdef __cplusplus | | #ifdef __cplusplus | |
| } | | } | |
| #endif | | #endif | |
| | | | |
| | | | |
| End of changes. 15 change blocks. |
|---|
| 21 lines changed or deleted | | 110 lines changed or added | |
|---|
|
| gnutlsxx.h (3.0.32) | | gnutlsxx.h (3.1.0) | |
|---|
| | | | |
| skipping to change at line 184 | | skipping to change at line 184 | |
|---|
| | | | |
| void set_transport_ptr (gnutls_transport_ptr_t ptr); | | void set_transport_ptr (gnutls_transport_ptr_t ptr); | |
| void set_transport_ptr (gnutls_transport_ptr_t recv_ptr, | | void set_transport_ptr (gnutls_transport_ptr_t recv_ptr, | |
| gnutls_transport_ptr_t send_ptr); | | gnutls_transport_ptr_t send_ptr); | |
| gnutls_transport_ptr_t get_transport_ptr () const; | | gnutls_transport_ptr_t get_transport_ptr () const; | |
| void get_transport_ptr (gnutls_transport_ptr_t & recv_ptr, | | void get_transport_ptr (gnutls_transport_ptr_t & recv_ptr, | |
| gnutls_transport_ptr_t & send_ptr) const; | | gnutls_transport_ptr_t & send_ptr) const; | |
| | | | |
| void set_transport_lowat (size_t num); | | void set_transport_lowat (size_t num); | |
| void set_transport_push_function (gnutls_push_func push_func); | | void set_transport_push_function (gnutls_push_func push_func); | |
|
| | | void set_transport_vec_push_function (gnutls_vec_push_func vec_push_fun
c); | |
| void set_transport_pull_function (gnutls_pull_func pull_func); | | void set_transport_pull_function (gnutls_pull_func pull_func); | |
| | | | |
| void set_user_ptr (void *ptr); | | void set_user_ptr (void *ptr); | |
| void *get_user_ptr () const; | | void *get_user_ptr () const; | |
| | | | |
| void send_openpgp_cert (gnutls_openpgp_crt_status_t status); | | void send_openpgp_cert (gnutls_openpgp_crt_status_t status); | |
| | | | |
| gnutls_credentials_type_t get_auth_type () const; | | gnutls_credentials_type_t get_auth_type () const; | |
| gnutls_credentials_type_t get_server_auth_type () const; | | gnutls_credentials_type_t get_server_auth_type () const; | |
| gnutls_credentials_type_t get_client_auth_type () const; | | gnutls_credentials_type_t get_client_auth_type () const; | |
| | | | |
| End of changes. 1 change blocks. |
|---|
| 0 lines changed or deleted | | 1 lines changed or added | |
|---|
|
| ocsp.h (3.0.32) | | ocsp.h (3.1.0) | |
|---|
| | | | |
| skipping to change at line 252 | | skipping to change at line 252 | |
|---|
| | | | |
| int gnutls_ocsp_resp_verify_direct (gnutls_ocsp_resp_t resp, | | int gnutls_ocsp_resp_verify_direct (gnutls_ocsp_resp_t resp, | |
| gnutls_x509_crt_t issuer, | | gnutls_x509_crt_t issuer, | |
| unsigned int *verify, | | unsigned int *verify, | |
| unsigned int flags); | | unsigned int flags); | |
| int gnutls_ocsp_resp_verify (gnutls_ocsp_resp_t resp, | | int gnutls_ocsp_resp_verify (gnutls_ocsp_resp_t resp, | |
| gnutls_x509_trust_list_t trustlist, | | gnutls_x509_trust_list_t trustlist, | |
| unsigned int *verify, | | unsigned int *verify, | |
| unsigned int flags); | | unsigned int flags); | |
| | | | |
|
| int gnutls_ocsp_resp_check_crt (gnutls_ocsp_resp_t resp, | | | |
| unsigned int indx, | | | |
| gnutls_x509_crt_t crt); | | | |
| | | | |
| #ifdef __cplusplus | | #ifdef __cplusplus | |
| } | | } | |
| #endif | | #endif | |
| | | | |
| #endif /* GNUTLS_OCSP_H */ | | #endif /* GNUTLS_OCSP_H */ | |
| | | | |
| End of changes. 1 change blocks. |
|---|
| 4 lines changed or deleted | | 0 lines changed or added | |
|---|
|
| openpgp.h (3.0.32) | | openpgp.h (3.1.0) | |
|---|
| | | | |
| skipping to change at line 31 | | skipping to change at line 31 | |
|---|
| */ | | */ | |
| | | | |
| /* This file contains the types and prototypes for the OpenPGP | | /* This file contains the types and prototypes for the OpenPGP | |
| * key and private key parsing functions. | | * key and private key parsing functions. | |
| */ | | */ | |
| | | | |
| #ifndef GNUTLS_OPENPGP_H | | #ifndef GNUTLS_OPENPGP_H | |
| #define GNUTLS_OPENPGP_H | | #define GNUTLS_OPENPGP_H | |
| | | | |
| #include <gnutls/gnutls.h> | | #include <gnutls/gnutls.h> | |
|
| #include <limits.h> | | | |
| | | | |
| #ifdef __cplusplus | | #ifdef __cplusplus | |
| extern "C" | | extern "C" | |
| { | | { | |
| #endif | | #endif | |
| | | | |
| /* Openpgp certificate stuff | | /* Openpgp certificate stuff | |
| */ | | */ | |
| | | | |
| /** | | /** | |
| | | | |
| skipping to change at line 55 | | skipping to change at line 54 | |
|---|
| * | | * | |
| * Enumeration of different OpenPGP key formats. | | * Enumeration of different OpenPGP key formats. | |
| */ | | */ | |
| typedef enum gnutls_openpgp_crt_fmt | | typedef enum gnutls_openpgp_crt_fmt | |
| { | | { | |
| GNUTLS_OPENPGP_FMT_RAW, | | GNUTLS_OPENPGP_FMT_RAW, | |
| GNUTLS_OPENPGP_FMT_BASE64 | | GNUTLS_OPENPGP_FMT_BASE64 | |
| } gnutls_openpgp_crt_fmt_t; | | } gnutls_openpgp_crt_fmt_t; | |
| | | | |
| #define GNUTLS_OPENPGP_KEYID_SIZE 8 | | #define GNUTLS_OPENPGP_KEYID_SIZE 8 | |
|
| #define GNUTLS_OPENPGP_V4_FINGERPRINT_SIZE 20 | | | |
| typedef unsigned char gnutls_openpgp_keyid_t[GNUTLS_OPENPGP_KEYID_SIZE]; | | typedef unsigned char gnutls_openpgp_keyid_t[GNUTLS_OPENPGP_KEYID_SIZE]; | |
| | | | |
| /* gnutls_openpgp_cert_t should be defined in gnutls.h | | /* gnutls_openpgp_cert_t should be defined in gnutls.h | |
| */ | | */ | |
| | | | |
| /* initializes the memory for gnutls_openpgp_crt_t struct */ | | /* initializes the memory for gnutls_openpgp_crt_t struct */ | |
| int gnutls_openpgp_crt_init (gnutls_openpgp_crt_t * key); | | int gnutls_openpgp_crt_init (gnutls_openpgp_crt_t * key); | |
| /* frees all memory */ | | /* frees all memory */ | |
| void gnutls_openpgp_crt_deinit (gnutls_openpgp_crt_t key); | | void gnutls_openpgp_crt_deinit (gnutls_openpgp_crt_t key); | |
| | | | |
| | | | |
| skipping to change at line 81 | | skipping to change at line 79 | |
|---|
| void *output_data, | | void *output_data, | |
| size_t * output_data_size); | | size_t * output_data_size); | |
| | | | |
| int gnutls_openpgp_crt_print (gnutls_openpgp_crt_t cert, | | int gnutls_openpgp_crt_print (gnutls_openpgp_crt_t cert, | |
| gnutls_certificate_print_formats_t format, | | gnutls_certificate_print_formats_t format, | |
| gnutls_datum_t * out); | | gnutls_datum_t * out); | |
| | | | |
| /* The key_usage flags are defined in gnutls.h. They are | | /* The key_usage flags are defined in gnutls.h. They are | |
| * the GNUTLS_KEY_* definitions. | | * the GNUTLS_KEY_* definitions. | |
| */ | | */ | |
|
| #define GNUTLS_OPENPGP_MASTER_KEYID_IDX INT_MAX | | | |
| | | | |
| int gnutls_openpgp_crt_get_key_usage (gnutls_openpgp_crt_t key, | | int gnutls_openpgp_crt_get_key_usage (gnutls_openpgp_crt_t key, | |
| unsigned int *key_usage); | | unsigned int *key_usage); | |
| int gnutls_openpgp_crt_get_fingerprint (gnutls_openpgp_crt_t key, void *f
pr, | | int gnutls_openpgp_crt_get_fingerprint (gnutls_openpgp_crt_t key, void *f
pr, | |
| size_t * fprlen); | | size_t * fprlen); | |
| int gnutls_openpgp_crt_get_subkey_fingerprint (gnutls_openpgp_crt_t key, | | int gnutls_openpgp_crt_get_subkey_fingerprint (gnutls_openpgp_crt_t key, | |
| unsigned int idx, | | unsigned int idx, | |
| void *fpr, size_t * fprlen
); | | void *fpr, size_t * fprlen
); | |
| | | | |
| int gnutls_openpgp_crt_get_name (gnutls_openpgp_crt_t key, | | int gnutls_openpgp_crt_get_name (gnutls_openpgp_crt_t key, | |
| int idx, char *buf, size_t * sizeof_buf)
; | | int idx, char *buf, size_t * sizeof_buf)
; | |
| | | | |
| skipping to change at line 303 | | skipping to change at line 299 | |
|---|
| * @session: a TLS session | | * @session: a TLS session | |
| * @keyfpr: key fingerprint | | * @keyfpr: key fingerprint | |
| * @keyfpr_length: length of key fingerprint | | * @keyfpr_length: length of key fingerprint | |
| * @key: output key. | | * @key: output key. | |
| * | | * | |
| * A callback of this type is used to retrieve OpenPGP keys. Only | | * A callback of this type is used to retrieve OpenPGP keys. Only | |
| * useful on the server, and will only be used if the peer send a key | | * useful on the server, and will only be used if the peer send a key | |
| * fingerprint instead of a full key. See also | | * fingerprint instead of a full key. See also | |
| * gnutls_openpgp_set_recv_key_function(). | | * gnutls_openpgp_set_recv_key_function(). | |
| * | | * | |
|
| * The variable @key must be allocated using gnutls_malloc(). | | | |
| * | | | |
| * Returns: On success, %GNUTLS_E_SUCCESS (zero) is returned, | | * Returns: On success, %GNUTLS_E_SUCCESS (zero) is returned, | |
| * otherwise an error code is returned. | | * otherwise an error code is returned. | |
| */ | | */ | |
| typedef int (*gnutls_openpgp_recv_key_func) (gnutls_session_t session, | | typedef int (*gnutls_openpgp_recv_key_func) (gnutls_session_t session, | |
| const unsigned char *keyfpr, | | const unsigned char *keyfpr, | |
| unsigned int keyfpr_length, | | unsigned int keyfpr_length, | |
| gnutls_datum_t * key); | | gnutls_datum_t * key); | |
| | | | |
| void | | void | |
| gnutls_openpgp_set_recv_key_function (gnutls_session_t session, | | gnutls_openpgp_set_recv_key_function (gnutls_session_t session, | |
| | | | |
| End of changes. 4 change blocks. |
|---|
| 6 lines changed or deleted | | 0 lines changed or added | |
|---|
|
| pkcs11.h (3.0.32) | | pkcs11.h (3.1.0) | |
|---|
| | | | |
| skipping to change at line 59 | | skipping to change at line 59 | |
|---|
| * | | * | |
| * Returns: %GNUTLS_E_SUCCESS (0) on success or a negative error code | | * Returns: %GNUTLS_E_SUCCESS (0) on success or a negative error code | |
| * on error. | | * on error. | |
| * | | * | |
| * Since: 2.12.0 | | * Since: 2.12.0 | |
| **/ | | **/ | |
| typedef int (*gnutls_pkcs11_token_callback_t) (void *const userdata, | | typedef int (*gnutls_pkcs11_token_callback_t) (void *const userdata, | |
| const char *const label, | | const char *const label, | |
| unsigned retry); | | unsigned retry); | |
| | | | |
|
| /** | | | |
| * gnutls_pkcs11_pin_flag_t: | | | |
| * @GNUTLS_PKCS11_PIN_USER: The PIN for the user. | | | |
| * @GNUTLS_PKCS11_PIN_SO: The PIN for the security officer. | | | |
| * @GNUTLS_PKCS11_PIN_CONTEXT_SPECIFIC: The PIN is for a specific action an | | | |
| d key like signing. | | | |
| * @GNUTLS_PKCS11_PIN_FINAL_TRY: This is the final try before blocking. | | | |
| * @GNUTLS_PKCS11_PIN_COUNT_LOW: Few tries remain before token blocks. | | | |
| * @GNUTLS_PKCS11_PIN_WRONG: Last given PIN was not correct. | | | |
| * | | | |
| * Enumeration of different PIN flags. | | | |
| */ | | | |
| typedef enum | | | |
| { | | | |
| GNUTLS_PKCS11_PIN_USER = (1 << 0), | | | |
| GNUTLS_PKCS11_PIN_SO = (1 << 1), | | | |
| GNUTLS_PKCS11_PIN_FINAL_TRY = (1 << 2), | | | |
| GNUTLS_PKCS11_PIN_COUNT_LOW = (1 << 3), | | | |
| GNUTLS_PKCS11_PIN_CONTEXT_SPECIFIC = (1 << 4), | | | |
| GNUTLS_PKCS11_PIN_WRONG = (1 << 5), | | | |
| } gnutls_pkcs11_pin_flag_t; | | | |
| | | | |
| /** | | | |
| * gnutls_pkcs11_pin_callback_t: | | | |
| * @userdata: user-controlled data from gnutls_pkcs11_set_pin_function(). | | | |
| * @attempt: pin-attempt counter, initially 0. | | | |
| * @token_url: PKCS11 URL. | | | |
| * @token_label: label of PKCS11 token. | | | |
| * @flags: a #gnutls_pkcs11_pin_flag_t flag. | | | |
| * @pin: buffer to hold PIN, of size @pin_max. | | | |
| * @pin_max: size of @pin buffer. | | | |
| * | | | |
| * Callback function type for PKCS#11 PIN entry. It is set by | | | |
| * gnutls_pkcs11_set_pin_function(). | | | |
| * | | | |
| * The callback should provides the PIN code to unlock the token with | | | |
| * label @token_label, specified by the URL @token_url. | | | |
| * | | | |
| * The PIN code, as a NUL-terminated ASCII string, should be copied | | | |
| * into the @pin buffer (of maximum size @pin_max), and return 0 to | | | |
| * indicate success. Alternatively, the callback may return a | | | |
| * negative gnutls error code to indicate failure and cancel PIN entry | | | |
| * (in which case, the contents of the @pin parameter are ignored). | | | |
| * | | | |
| * When a PIN is required, the callback will be invoked repeatedly | | | |
| * (and indefinitely) until either the returned PIN code is correct, | | | |
| * the callback returns failure, or the token refuses login (e.g. when | | | |
| * the token is locked due to too many incorrect PINs!). For the | | | |
| * first such invocation, the @attempt counter will have value zero; | | | |
| * it will increase by one for each subsequent attempt. | | | |
| * | | | |
| * Returns: %GNUTLS_E_SUCCESS (0) on success or a negative error code on er | | | |
| ror. | | | |
| * | | | |
| * Since: 2.12.0 | | | |
| **/ | | | |
| typedef int (*gnutls_pkcs11_pin_callback_t) (void *userdata, int attempt, | | | |
| const char *token_url, | | | |
| const char *token_label, | | | |
| unsigned int flags, | | | |
| char *pin, size_t pin_max); | | | |
| | | | |
| struct gnutls_pkcs11_obj_st; | | struct gnutls_pkcs11_obj_st; | |
| typedef struct gnutls_pkcs11_obj_st *gnutls_pkcs11_obj_t; | | typedef struct gnutls_pkcs11_obj_st *gnutls_pkcs11_obj_t; | |
| | | | |
| #define GNUTLS_PKCS11_FLAG_MANUAL 0 /* Manual loading of libraries */ | | #define GNUTLS_PKCS11_FLAG_MANUAL 0 /* Manual loading of libraries */ | |
| #define GNUTLS_PKCS11_FLAG_AUTO 1 /* Automatically load libraries by
reading /etc/gnutls/pkcs11.conf */ | | #define GNUTLS_PKCS11_FLAG_AUTO 1 /* Automatically load libraries by
reading /etc/gnutls/pkcs11.conf */ | |
| | | | |
| /* pkcs11.conf format: | | /* pkcs11.conf format: | |
| * load = /lib/xxx-pkcs11.so | | * load = /lib/xxx-pkcs11.so | |
| * load = /lib/yyy-pkcs11.so | | * load = /lib/yyy-pkcs11.so | |
| */ | | */ | |
| | | | |
| int gnutls_pkcs11_init (unsigned int flags, const char *deprecated_config_f
ile); | | int gnutls_pkcs11_init (unsigned int flags, const char *deprecated_config_f
ile); | |
| int gnutls_pkcs11_reinit (void); | | int gnutls_pkcs11_reinit (void); | |
| void gnutls_pkcs11_deinit (void); | | void gnutls_pkcs11_deinit (void); | |
| void gnutls_pkcs11_set_token_function (gnutls_pkcs11_token_callback_t fn, | | void gnutls_pkcs11_set_token_function (gnutls_pkcs11_token_callback_t fn, | |
| void *userdata); | | void *userdata); | |
| | | | |
|
| void gnutls_pkcs11_set_pin_function (gnutls_pkcs11_pin_callback_t fn, | | void gnutls_pkcs11_set_pin_function (gnutls_pin_callback_t fn, | |
| void *userdata); | | void *userdata); | |
|
| | | | |
| | | gnutls_pin_callback_t gnutls_pkcs11_get_pin_function (void **userdata); | |
| | | | |
| int gnutls_pkcs11_add_provider (const char *name, const char *params); | | int gnutls_pkcs11_add_provider (const char *name, const char *params); | |
| int gnutls_pkcs11_obj_init (gnutls_pkcs11_obj_t * obj); | | int gnutls_pkcs11_obj_init (gnutls_pkcs11_obj_t * obj); | |
|
| | | void gnutls_pkcs11_obj_set_pin_function (gnutls_pkcs11_obj_t, | |
| | | gnutls_pin_callback_t fn, | |
| | | void *userdata); | |
| | | | |
| #define GNUTLS_PKCS11_OBJ_FLAG_LOGIN (1<<0) /* force login in the token
for the operation */ | | #define GNUTLS_PKCS11_OBJ_FLAG_LOGIN (1<<0) /* force login in the token
for the operation */ | |
| #define GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED (1<<1) /* object marked as
trusted */ | | #define GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED (1<<1) /* object marked as
trusted */ | |
| #define GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE (1<<2) /* object marked as
sensitive (unexportable) */ | | #define GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE (1<<2) /* object marked as
sensitive (unexportable) */ | |
| #define GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO (1<<3) /* force login as a secu
rity officer in the token for the operation */ | | #define GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO (1<<3) /* force login as a secu
rity officer in the token for the operation */ | |
| #define GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE (1<<4) /* marked as private (re
quires PIN to access) */ | | #define GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE (1<<4) /* marked as private (re
quires PIN to access) */ | |
| #define GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE (1<<5) /* marked as not pri
vate */ | | #define GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE (1<<5) /* marked as not pri
vate */ | |
| | | | |
| /** | | /** | |
| * gnutls_pkcs11_url_type_t: | | * gnutls_pkcs11_url_type_t: | |
| | | | |
| skipping to change at line 228 | | skipping to change at line 174 | |
|---|
| } gnutls_pkcs11_obj_info_t; | | } gnutls_pkcs11_obj_info_t; | |
| | | | |
| int gnutls_pkcs11_obj_get_info (gnutls_pkcs11_obj_t crt, | | int gnutls_pkcs11_obj_get_info (gnutls_pkcs11_obj_t crt, | |
| gnutls_pkcs11_obj_info_t itype, void *outpu
t, | | gnutls_pkcs11_obj_info_t itype, void *outpu
t, | |
| size_t * output_size); | | size_t * output_size); | |
| | | | |
| /** | | /** | |
| * gnutls_pkcs11_obj_attr_t: | | * gnutls_pkcs11_obj_attr_t: | |
| * @GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL: Specify all certificates. | | * @GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL: Specify all certificates. | |
| * @GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED: Specify all certificates marked as
trusted. | | * @GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED: Specify all certificates marked as
trusted. | |
|
| * @GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED_CA: Specify all certificates marked
as trusted and are CAs. | | | |
| * @GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY: Specify all certificates with
a corresponding private key. | | * @GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY: Specify all certificates with
a corresponding private key. | |
| * @GNUTLS_PKCS11_OBJ_ATTR_PUBKEY: Specify all public keys. | | * @GNUTLS_PKCS11_OBJ_ATTR_PUBKEY: Specify all public keys. | |
| * @GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY: Specify all private keys. | | * @GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY: Specify all private keys. | |
| * @GNUTLS_PKCS11_OBJ_ATTR_ALL: Specify all objects. | | * @GNUTLS_PKCS11_OBJ_ATTR_ALL: Specify all objects. | |
| * | | * | |
| * Enumeration of several attributes for object enumeration. | | * Enumeration of several attributes for object enumeration. | |
| */ | | */ | |
| typedef enum | | typedef enum | |
| { | | { | |
| GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL = 1, /* all certificates */ | | GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL = 1, /* all certificates */ | |
| GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED, /* certificates marked as trusted
*/ | | GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED, /* certificates marked as trusted
*/ | |
| GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY, /* certificates with corr
esponding private key */ | | GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY, /* certificates with corr
esponding private key */ | |
| GNUTLS_PKCS11_OBJ_ATTR_PUBKEY, /* public keys */ | | GNUTLS_PKCS11_OBJ_ATTR_PUBKEY, /* public keys */ | |
| GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY, /* private keys */ | | GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY, /* private keys */ | |
|
| GNUTLS_PKCS11_OBJ_ATTR_ALL, /* everything! */ | | GNUTLS_PKCS11_OBJ_ATTR_ALL /* everything! */ | |
| GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED_CA, | | | |
| } gnutls_pkcs11_obj_attr_t; | | } gnutls_pkcs11_obj_attr_t; | |
| | | | |
| /** | | /** | |
| * gnutls_pkcs11_token_info_t: | | * gnutls_pkcs11_token_info_t: | |
| * @GNUTLS_PKCS11_TOKEN_LABEL: The token's label | | * @GNUTLS_PKCS11_TOKEN_LABEL: The token's label | |
| * @GNUTLS_PKCS11_TOKEN_SERIAL: The token's serial number | | * @GNUTLS_PKCS11_TOKEN_SERIAL: The token's serial number | |
| * @GNUTLS_PKCS11_TOKEN_MANUFACTURER: The token's manufacturer | | * @GNUTLS_PKCS11_TOKEN_MANUFACTURER: The token's manufacturer | |
| * @GNUTLS_PKCS11_TOKEN_MODEL: The token's model | | * @GNUTLS_PKCS11_TOKEN_MODEL: The token's model | |
| * | | * | |
| * Enumeration of types for retrieving token information. | | * Enumeration of types for retrieving token information. | |
| | | | |
| skipping to change at line 296 | | skipping to change at line 240 | |
|---|
| gnutls_pkcs11_token_init (const char *token_url, | | gnutls_pkcs11_token_init (const char *token_url, | |
| const char *so_pin, const char *label); | | const char *so_pin, const char *label); | |
| | | | |
| int | | int | |
| gnutls_pkcs11_token_get_mechanism (const char *url, unsigned int idx, | | gnutls_pkcs11_token_get_mechanism (const char *url, unsigned int idx, | |
| unsigned long *mechanism); | | unsigned long *mechanism); | |
| | | | |
| int gnutls_pkcs11_token_set_pin (const char *token_url, | | int gnutls_pkcs11_token_set_pin (const char *token_url, | |
| const char *oldpin, | | const char *oldpin, | |
| const char *newpin, | | const char *newpin, | |
|
| unsigned int flags /*gnutls_pkcs11_pin_fla
g_t */ | | unsigned int flags /*gnutls_pin_flag_t */ | |
| ); | | ); | |
| | | | |
| int gnutls_pkcs11_token_get_url (unsigned int seq, | | int gnutls_pkcs11_token_get_url (unsigned int seq, | |
| gnutls_pkcs11_url_type_t detailed, | | gnutls_pkcs11_url_type_t detailed, | |
| char **url); | | char **url); | |
| int gnutls_pkcs11_token_get_info (const char *url, | | int gnutls_pkcs11_token_get_info (const char *url, | |
| gnutls_pkcs11_token_info_t ttype, | | gnutls_pkcs11_token_info_t ttype, | |
| void *output, size_t * output_size); | | void *output, size_t * output_size); | |
| | | | |
| #define GNUTLS_PKCS11_TOKEN_HW 1 | | #define GNUTLS_PKCS11_TOKEN_HW 1 | |
| int gnutls_pkcs11_token_get_flags (const char *url, unsigned int *flags); | | int gnutls_pkcs11_token_get_flags (const char *url, unsigned int *flags); | |
| | | | |
| int gnutls_pkcs11_obj_list_import_url (gnutls_pkcs11_obj_t * p_list, | | int gnutls_pkcs11_obj_list_import_url (gnutls_pkcs11_obj_t * p_list, | |
| unsigned int *const n_list, | | unsigned int *const n_list, | |
| const char *url, | | const char *url, | |
| gnutls_pkcs11_obj_attr_t attrs, | | gnutls_pkcs11_obj_attr_t attrs, | |
| unsigned int flags | | unsigned int flags | |
| /* GNUTLS_PKCS11_OBJ_FLAG_* */ ); | | /* GNUTLS_PKCS11_OBJ_FLAG_* */ ); | |
| | | | |
|
| | | int | |
| | | gnutls_pkcs11_obj_list_import_url2 (gnutls_pkcs11_obj_t ** p_list, | |
| | | unsigned int *n_list, | |
| | | const char *url, | |
| | | gnutls_pkcs11_obj_attr_t attrs, | |
| | | unsigned int flags | |
| | | /* GNUTLS_PKCS11_OBJ_FLAG_* */ ); | |
| | | | |
| int gnutls_x509_crt_import_pkcs11 (gnutls_x509_crt_t crt, | | int gnutls_x509_crt_import_pkcs11 (gnutls_x509_crt_t crt, | |
| gnutls_pkcs11_obj_t pkcs11_crt); | | gnutls_pkcs11_obj_t pkcs11_crt); | |
| int gnutls_x509_crt_import_pkcs11_url (gnutls_x509_crt_t crt, const char *u
rl, | | int gnutls_x509_crt_import_pkcs11_url (gnutls_x509_crt_t crt, const char *u
rl, | |
| unsigned int flags | | unsigned int flags | |
| /* GNUTLS_PKCS11_OBJ_FLAG_* */ ); | | /* GNUTLS_PKCS11_OBJ_FLAG_* */ ); | |
| | | | |
| gnutls_pkcs11_obj_type_t gnutls_pkcs11_obj_get_type (gnutls_pkcs11_obj_t ob
j); | | gnutls_pkcs11_obj_type_t gnutls_pkcs11_obj_get_type (gnutls_pkcs11_obj_t ob
j); | |
| const char *gnutls_pkcs11_type_get_name (gnutls_pkcs11_obj_type_t type); | | const char *gnutls_pkcs11_type_get_name (gnutls_pkcs11_obj_type_t type); | |
| | | | |
| int gnutls_x509_crt_list_import_pkcs11 (gnutls_x509_crt_t * certs, | | int gnutls_x509_crt_list_import_pkcs11 (gnutls_x509_crt_t * certs, | |
| unsigned int cert_max, | | unsigned int cert_max, | |
| gnutls_pkcs11_obj_t * const objs, | | gnutls_pkcs11_obj_t * const objs, | |
| unsigned int flags /* must be zero
*/); | | unsigned int flags /* must be zero
*/); | |
| | | | |
| /* private key functions...*/ | | /* private key functions...*/ | |
| int gnutls_pkcs11_privkey_init (gnutls_pkcs11_privkey_t * key); | | int gnutls_pkcs11_privkey_init (gnutls_pkcs11_privkey_t * key); | |
|
| | | void gnutls_pkcs11_privkey_set_pin_function (gnutls_pkcs11_privkey_t, | |
| | | gnutls_pin_callback_t fn, void | |
| | | *userdata); | |
| void gnutls_pkcs11_privkey_deinit (gnutls_pkcs11_privkey_t key); | | void gnutls_pkcs11_privkey_deinit (gnutls_pkcs11_privkey_t key); | |
| int gnutls_pkcs11_privkey_get_pk_algorithm (gnutls_pkcs11_privkey_t key, | | int gnutls_pkcs11_privkey_get_pk_algorithm (gnutls_pkcs11_privkey_t key, | |
| unsigned int *bits); | | unsigned int *bits); | |
| int gnutls_pkcs11_privkey_get_info (gnutls_pkcs11_privkey_t pkey, | | int gnutls_pkcs11_privkey_get_info (gnutls_pkcs11_privkey_t pkey, | |
| gnutls_pkcs11_obj_info_t itype, | | gnutls_pkcs11_obj_info_t itype, | |
| void *output, size_t * output_size); | | void *output, size_t * output_size); | |
| | | | |
| int gnutls_pkcs11_privkey_import_url (gnutls_pkcs11_privkey_t pkey, | | int gnutls_pkcs11_privkey_import_url (gnutls_pkcs11_privkey_t pkey, | |
| const char *url, unsigned int flags); | | const char *url, unsigned int flags); | |
| | | | |
| | | | |
| End of changes. 9 change blocks. |
|---|
| 67 lines changed or deleted | | 20 lines changed or added | |
|---|
|
| pkcs12.h (3.0.32) | | pkcs12.h (3.1.0) | |
|---|
| | | | |
| skipping to change at line 61 | | skipping to change at line 61 | |
|---|
| int indx, gnutls_pkcs12_bag_t bag); | | int indx, gnutls_pkcs12_bag_t bag); | |
| int gnutls_pkcs12_set_bag (gnutls_pkcs12_t pkcs12, gnutls_pkcs12_bag_t ba
g); | | int gnutls_pkcs12_set_bag (gnutls_pkcs12_t pkcs12, gnutls_pkcs12_bag_t ba
g); | |
| | | | |
| int gnutls_pkcs12_generate_mac (gnutls_pkcs12_t pkcs12, const char *pass)
; | | int gnutls_pkcs12_generate_mac (gnutls_pkcs12_t pkcs12, const char *pass)
; | |
| int gnutls_pkcs12_verify_mac (gnutls_pkcs12_t pkcs12, const char *pass); | | int gnutls_pkcs12_verify_mac (gnutls_pkcs12_t pkcs12, const char *pass); | |
| | | | |
| int gnutls_pkcs12_bag_decrypt (gnutls_pkcs12_bag_t bag, const char *pass)
; | | int gnutls_pkcs12_bag_decrypt (gnutls_pkcs12_bag_t bag, const char *pass)
; | |
| int gnutls_pkcs12_bag_encrypt (gnutls_pkcs12_bag_t bag, const char *pass, | | int gnutls_pkcs12_bag_encrypt (gnutls_pkcs12_bag_t bag, const char *pass, | |
| unsigned int flags); | | unsigned int flags); | |
| | | | |
|
| | | #define GNUTLS_PKCS12_SP_INCLUDE_SELF_SIGNED 1 | |
| | | int gnutls_pkcs12_simple_parse (gnutls_pkcs12_t p12, | |
| | | const char *password, | |
| | | gnutls_x509_privkey_t * key, | |
| | | gnutls_x509_crt_t ** chain, | |
| | | unsigned int * chain_len, | |
| | | gnutls_x509_crt_t ** extra_certs, | |
| | | unsigned int * extra_certs_len, | |
| | | gnutls_x509_crl_t * crl, | |
| | | unsigned int flags); | |
| | | | |
| /** | | /** | |
| * gnutls_pkcs12_bag_type_t: | | * gnutls_pkcs12_bag_type_t: | |
| * @GNUTLS_BAG_EMPTY: Empty PKCS-12 bag. | | * @GNUTLS_BAG_EMPTY: Empty PKCS-12 bag. | |
| * @GNUTLS_BAG_PKCS8_ENCRYPTED_KEY: PKCS-12 bag with PKCS-8 encrypted key. | | * @GNUTLS_BAG_PKCS8_ENCRYPTED_KEY: PKCS-12 bag with PKCS-8 encrypted key. | |
| * @GNUTLS_BAG_PKCS8_KEY: PKCS-12 bag with PKCS-8 key. | | * @GNUTLS_BAG_PKCS8_KEY: PKCS-12 bag with PKCS-8 key. | |
| * @GNUTLS_BAG_CERTIFICATE: PKCS-12 bag with certificate. | | * @GNUTLS_BAG_CERTIFICATE: PKCS-12 bag with certificate. | |
| * @GNUTLS_BAG_CRL: PKCS-12 bag with CRL. | | * @GNUTLS_BAG_CRL: PKCS-12 bag with CRL. | |
| * @GNUTLS_BAG_SECRET: PKCS-12 bag with secret PKCS-9 keys. | | * @GNUTLS_BAG_SECRET: PKCS-12 bag with secret PKCS-9 keys. | |
| * @GNUTLS_BAG_ENCRYPTED: Encrypted PKCS-12 bag. | | * @GNUTLS_BAG_ENCRYPTED: Encrypted PKCS-12 bag. | |
| * @GNUTLS_BAG_UNKNOWN: Unknown PKCS-12 bag. | | * @GNUTLS_BAG_UNKNOWN: Unknown PKCS-12 bag. | |
| | | | |
| End of changes. 1 change blocks. |
|---|
| 0 lines changed or deleted | | 11 lines changed or added | |
|---|
|
| x509.h (3.0.32) | | x509.h (3.1.0) | |
|---|
| | | | |
| skipping to change at line 184 | | skipping to change at line 184 | |
|---|
| int gnutls_x509_crt_get_subject_key_id (gnutls_x509_crt_t cert, | | int gnutls_x509_crt_get_subject_key_id (gnutls_x509_crt_t cert, | |
| void *ret, size_t * ret_size, | | void *ret, size_t * ret_size, | |
| unsigned int *critical); | | unsigned int *critical); | |
| | | | |
| int gnutls_x509_crt_get_subject_unique_id (gnutls_x509_crt_t crt, char *b
uf, | | int gnutls_x509_crt_get_subject_unique_id (gnutls_x509_crt_t crt, char *b
uf, | |
| size_t * buf_size); | | size_t * buf_size); | |
| | | | |
| int gnutls_x509_crt_get_issuer_unique_id (gnutls_x509_crt_t crt, char *bu
f, | | int gnutls_x509_crt_get_issuer_unique_id (gnutls_x509_crt_t crt, char *bu
f, | |
| size_t * buf_size); | | size_t * buf_size); | |
| | | | |
|
| | | void gnutls_x509_crt_set_pin_function (gnutls_x509_crt_t crt, | |
| | | gnutls_pin_callback_t fn, void *user | |
| | | data); | |
| | | | |
| /** | | /** | |
| * gnutls_info_access_what_t: | | * gnutls_info_access_what_t: | |
| * @GNUTLS_IA_ACCESSMETHOD_OID: Get accessMethod OID. | | * @GNUTLS_IA_ACCESSMETHOD_OID: Get accessMethod OID. | |
| * @GNUTLS_IA_ACCESSLOCATION_GENERALNAME_TYPE: Get accessLocation name ty
pe. | | * @GNUTLS_IA_ACCESSLOCATION_GENERALNAME_TYPE: Get accessLocation name ty
pe. | |
| * @GNUTLS_IA_URI: Get accessLocation URI value. | | * @GNUTLS_IA_URI: Get accessLocation URI value. | |
| * @GNUTLS_IA_OCSP_URI: get accessLocation URI value for OCSP. | | * @GNUTLS_IA_OCSP_URI: get accessLocation URI value for OCSP. | |
| * @GNUTLS_IA_CAISSUERS_URI: get accessLocation URI value for caIssuers. | | * @GNUTLS_IA_CAISSUERS_URI: get accessLocation URI value for caIssuers. | |
| * | | * | |
| * Enumeration of types for the @what parameter of | | * Enumeration of types for the @what parameter of | |
| * gnutls_x509_crt_get_authority_info_access(). | | * gnutls_x509_crt_get_authority_info_access(). | |
| | | | |
| skipping to change at line 599 | | skipping to change at line 602 | |
|---|
| * @GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT: Allow trusted CA certificates | | * @GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT: Allow trusted CA certificates | |
| * with version 1. This is safer than %GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA
_CRT, | | * with version 1. This is safer than %GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA
_CRT, | |
| * and should be used instead. That way only signers in your trusted list | | * and should be used instead. That way only signers in your trusted list | |
| * will be allowed to have certificates of version 1. This is the default. | | * will be allowed to have certificates of version 1. This is the default. | |
| * @GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT: Do not allow trusted CA | | * @GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT: Do not allow trusted CA | |
| * certificates that have version 1. This option is to be used | | * certificates that have version 1. This option is to be used | |
| * to deprecate all certificates of version 1. | | * to deprecate all certificates of version 1. | |
| * @GNUTLS_VERIFY_DO_NOT_ALLOW_SAME: If a certificate is not signed by | | * @GNUTLS_VERIFY_DO_NOT_ALLOW_SAME: If a certificate is not signed by | |
| * anyone trusted but exists in the trusted CA list do not treat it | | * anyone trusted but exists in the trusted CA list do not treat it | |
| * as trusted. | | * as trusted. | |
|
| * @GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN: A certificate chain is tolerated | | | |
| * if unsorted (the case with many TLS servers out there). | | | |
| * @GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT: Allow CA certificates that | | * @GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT: Allow CA certificates that | |
| * have version 1 (both root and intermediate). This might be | | * have version 1 (both root and intermediate). This might be | |
| * dangerous since those haven't the basicConstraints | | * dangerous since those haven't the basicConstraints | |
| * extension. Must be used in combination with | | * extension. Must be used in combination with | |
| * %GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT. | | * %GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT. | |
| * @GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2: Allow certificates to be signed | | * @GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2: Allow certificates to be signed | |
| * using the broken MD2 algorithm. | | * using the broken MD2 algorithm. | |
| * @GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5: Allow certificates to be signed | | * @GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5: Allow certificates to be signed | |
| * using the broken MD5 algorithm. | | * using the broken MD5 algorithm. | |
| * @GNUTLS_VERIFY_DISABLE_TIME_CHECKS: Disable checking of activation | | * @GNUTLS_VERIFY_DISABLE_TIME_CHECKS: Disable checking of activation | |
| | | | |
| skipping to change at line 630 | | skipping to change at line 631 | |
|---|
| GNUTLS_VERIFY_DISABLE_CA_SIGN = 1, | | GNUTLS_VERIFY_DISABLE_CA_SIGN = 1, | |
| GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT = 2, | | GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT = 2, | |
| GNUTLS_VERIFY_DO_NOT_ALLOW_SAME = 4, | | GNUTLS_VERIFY_DO_NOT_ALLOW_SAME = 4, | |
| GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT = 8, | | GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT = 8, | |
| GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2 = 16, | | GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2 = 16, | |
| GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5 = 32, | | GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5 = 32, | |
| GNUTLS_VERIFY_DISABLE_TIME_CHECKS = 64, | | GNUTLS_VERIFY_DISABLE_TIME_CHECKS = 64, | |
| GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS = 128, | | GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS = 128, | |
| GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT = 256, | | GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT = 256, | |
| GNUTLS_VERIFY_DISABLE_CRL_CHECKS = 512, | | GNUTLS_VERIFY_DISABLE_CRL_CHECKS = 512, | |
|
| GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN = 1024, | | | |
| } gnutls_certificate_verify_flags; | | } gnutls_certificate_verify_flags; | |
| | | | |
| int gnutls_x509_crt_check_issuer (gnutls_x509_crt_t cert, | | int gnutls_x509_crt_check_issuer (gnutls_x509_crt_t cert, | |
| gnutls_x509_crt_t issuer); | | gnutls_x509_crt_t issuer); | |
| | | | |
| int gnutls_x509_crt_list_verify (const gnutls_x509_crt_t * cert_list, | | int gnutls_x509_crt_list_verify (const gnutls_x509_crt_t * cert_list, | |
| int cert_list_length, | | int cert_list_length, | |
| const gnutls_x509_crt_t * CA_list, | | const gnutls_x509_crt_t * CA_list, | |
| int CA_list_length, | | int CA_list_length, | |
| const gnutls_x509_crl_t * CRL_list, | | const gnutls_x509_crl_t * CRL_list, | |
| | | | |
| skipping to change at line 675 | | skipping to change at line 675 | |
|---|
| int gnutls_x509_crt_set_key_purpose_oid (gnutls_x509_crt_t cert, | | int gnutls_x509_crt_set_key_purpose_oid (gnutls_x509_crt_t cert, | |
| const void *oid, | | const void *oid, | |
| unsigned int critical); | | unsigned int critical); | |
| | | | |
| /* Private key handling. | | /* Private key handling. | |
| */ | | */ | |
| | | | |
| /* Flags for the gnutls_x509_privkey_export_pkcs8() function. | | /* Flags for the gnutls_x509_privkey_export_pkcs8() function. | |
| */ | | */ | |
| | | | |
|
| | | #define GNUTLS_PKCS8_PLAIN GNUTLS_PKCS_PLAIN | |
| | | #define GNUTLS_PKCS8_USE_PKCS12_3DES GNUTLS_PKCS_USE_PKCS12_3DES | |
| | | #define GNUTLS_PKCS8_USE_PKCS12_ARCFOUR GNUTLS_PKCS_USE_PKCS12_ARCFOUR | |
| | | #define GNUTLS_PKCS8_USE_PKCS12_RC2_40 GNUTLS_PKCS_USE_PKCS12_RC2_40 | |
| | | | |
| /** | | /** | |
| * gnutls_pkcs_encrypt_flags_t: | | * gnutls_pkcs_encrypt_flags_t: | |
| * @GNUTLS_PKCS_PLAIN: Unencrypted private key. | | * @GNUTLS_PKCS_PLAIN: Unencrypted private key. | |
|
| * @GNUTLS_PKCS8_PLAIN: Same as %GNUTLS_PKCS_PLAIN. | | * @GNUTLS_PKCS_NULL_PASSWORD: Some schemas distinguish between an empty an
d a NULL password. | |
| * @GNUTLS_PKCS_USE_PKCS12_3DES: PKCS-12 3DES. | | * @GNUTLS_PKCS_USE_PKCS12_3DES: PKCS-12 3DES. | |
|
| * @GNUTLS_PKCS8_USE_PKCS12_3DES: Same as %GNUTLS_PKCS_USE_PKCS12_3DES. | | | |
| * @GNUTLS_PKCS_USE_PKCS12_ARCFOUR: PKCS-12 ARCFOUR. | | * @GNUTLS_PKCS_USE_PKCS12_ARCFOUR: PKCS-12 ARCFOUR. | |
|
| * @GNUTLS_PKCS8_USE_PKCS12_ARCFOUR: Same as %GNUTLS_PKCS_USE_PKCS12_ARCFOU
R. | | | |
| * @GNUTLS_PKCS_USE_PKCS12_RC2_40: PKCS-12 RC2-40. | | * @GNUTLS_PKCS_USE_PKCS12_RC2_40: PKCS-12 RC2-40. | |
|
| * @GNUTLS_PKCS8_USE_PKCS12_RC2_40: Same as %GNUTLS_PKCS_USE_PKCS12_RC2_40. | | | |
| * @GNUTLS_PKCS_USE_PBES2_3DES: PBES2 3DES. | | * @GNUTLS_PKCS_USE_PBES2_3DES: PBES2 3DES. | |
| * @GNUTLS_PKCS_USE_PBES2_AES_128: PBES2 AES-128. | | * @GNUTLS_PKCS_USE_PBES2_AES_128: PBES2 AES-128. | |
| * @GNUTLS_PKCS_USE_PBES2_AES_192: PBES2 AES-192. | | * @GNUTLS_PKCS_USE_PBES2_AES_192: PBES2 AES-192. | |
| * @GNUTLS_PKCS_USE_PBES2_AES_256: PBES2 AES-256. | | * @GNUTLS_PKCS_USE_PBES2_AES_256: PBES2 AES-256. | |
| * | | * | |
| * Enumeration of different PKCS encryption flags. | | * Enumeration of different PKCS encryption flags. | |
| */ | | */ | |
| typedef enum gnutls_pkcs_encrypt_flags_t | | typedef enum gnutls_pkcs_encrypt_flags_t | |
| { | | { | |
| GNUTLS_PKCS_PLAIN = 1, | | GNUTLS_PKCS_PLAIN = 1, | |
|
| GNUTLS_PKCS8_PLAIN = GNUTLS_PKCS_PLAIN, | | | |
| GNUTLS_PKCS_USE_PKCS12_3DES = 2, | | GNUTLS_PKCS_USE_PKCS12_3DES = 2, | |
|
| GNUTLS_PKCS8_USE_PKCS12_3DES = GNUTLS_PKCS_USE_PKCS12_3DES, | | | |
| GNUTLS_PKCS_USE_PKCS12_ARCFOUR = 4, | | GNUTLS_PKCS_USE_PKCS12_ARCFOUR = 4, | |
|
| GNUTLS_PKCS8_USE_PKCS12_ARCFOUR = GNUTLS_PKCS_USE_PKCS12_ARCFOUR, | | | |
| GNUTLS_PKCS_USE_PKCS12_RC2_40 = 8, | | GNUTLS_PKCS_USE_PKCS12_RC2_40 = 8, | |
|
| GNUTLS_PKCS8_USE_PKCS12_RC2_40 = GNUTLS_PKCS_USE_PKCS12_RC2_40, | | | |
| GNUTLS_PKCS_USE_PBES2_3DES = 16, | | GNUTLS_PKCS_USE_PBES2_3DES = 16, | |
| GNUTLS_PKCS_USE_PBES2_AES_128 = 32, | | GNUTLS_PKCS_USE_PBES2_AES_128 = 32, | |
| GNUTLS_PKCS_USE_PBES2_AES_192 = 64, | | GNUTLS_PKCS_USE_PBES2_AES_192 = 64, | |
|
| GNUTLS_PKCS_USE_PBES2_AES_256 = 128 | | GNUTLS_PKCS_USE_PBES2_AES_256 = 128, | |
| | | GNUTLS_PKCS_NULL_PASSWORD = 256 | |
| } gnutls_pkcs_encrypt_flags_t; | | } gnutls_pkcs_encrypt_flags_t; | |
| | | | |
| int gnutls_x509_privkey_init (gnutls_x509_privkey_t * key); | | int gnutls_x509_privkey_init (gnutls_x509_privkey_t * key); | |
| void gnutls_x509_privkey_deinit (gnutls_x509_privkey_t key); | | void gnutls_x509_privkey_deinit (gnutls_x509_privkey_t key); | |
| gnutls_sec_param_t gnutls_x509_privkey_sec_param (gnutls_x509_privkey_t | | gnutls_sec_param_t gnutls_x509_privkey_sec_param (gnutls_x509_privkey_t | |
| key); | | key); | |
| int gnutls_x509_privkey_cpy (gnutls_x509_privkey_t dst, | | int gnutls_x509_privkey_cpy (gnutls_x509_privkey_t dst, | |
| gnutls_x509_privkey_t src); | | gnutls_x509_privkey_t src); | |
| int gnutls_x509_privkey_import (gnutls_x509_privkey_t key, | | int gnutls_x509_privkey_import (gnutls_x509_privkey_t key, | |
| const gnutls_datum_t * data, | | const gnutls_datum_t * data, | |
| gnutls_x509_crt_fmt_t format); | | gnutls_x509_crt_fmt_t format); | |
| int gnutls_x509_privkey_import_pkcs8 (gnutls_x509_privkey_t key, | | int gnutls_x509_privkey_import_pkcs8 (gnutls_x509_privkey_t key, | |
| const gnutls_datum_t * data, | | const gnutls_datum_t * data, | |
| gnutls_x509_crt_fmt_t format, | | gnutls_x509_crt_fmt_t format, | |
| const char *password, | | const char *password, | |
| unsigned int flags); | | unsigned int flags); | |
|
| | | int gnutls_x509_privkey_import_openssl (gnutls_x509_privkey_t key, | |
| | | const gnutls_datum_t *data, | |
| | | const char* password); | |
| | | | |
| | | int gnutls_x509_privkey_import2 (gnutls_x509_privkey_t key, | |
| | | const gnutls_datum_t * data, | |
| | | gnutls_x509_crt_fmt_t format, | |
| | | const char* password, unsigned int flags | |
| | | ); | |
| | | | |
| int gnutls_x509_privkey_import_rsa_raw (gnutls_x509_privkey_t key, | | int gnutls_x509_privkey_import_rsa_raw (gnutls_x509_privkey_t key, | |
| const gnutls_datum_t * m, | | const gnutls_datum_t * m, | |
| const gnutls_datum_t * e, | | const gnutls_datum_t * e, | |
| const gnutls_datum_t * d, | | const gnutls_datum_t * d, | |
| const gnutls_datum_t * p, | | const gnutls_datum_t * p, | |
| const gnutls_datum_t * q, | | const gnutls_datum_t * q, | |
| const gnutls_datum_t * u); | | const gnutls_datum_t * u); | |
| int gnutls_x509_privkey_import_rsa_raw2 (gnutls_x509_privkey_t key, | | int gnutls_x509_privkey_import_rsa_raw2 (gnutls_x509_privkey_t key, | |
| const gnutls_datum_t * m, | | const gnutls_datum_t * m, | |
| const gnutls_datum_t * e, | | const gnutls_datum_t * e, | |
| | | | |
| skipping to change at line 978 | | skipping to change at line 986 | |
|---|
| | | | |
| int | | int | |
| gnutls_x509_trust_list_verify_crt ( | | gnutls_x509_trust_list_verify_crt ( | |
| gnutls_x509_trust_list_t list, | | gnutls_x509_trust_list_t list, | |
| gnutls_x509_crt_t *cert_list, | | gnutls_x509_crt_t *cert_list, | |
| unsigned int cert_list_size, | | unsigned int cert_list_size, | |
| unsigned int flags, | | unsigned int flags, | |
| unsigned int *verify, | | unsigned int *verify, | |
| gnutls_verify_output_function func); | | gnutls_verify_output_function func); | |
| | | | |
|
| | | /* trust list convenience functions */ | |
| | | int | |
| | | gnutls_x509_trust_list_add_trust_mem(gnutls_x509_trust_list_t list, | |
| | | const gnutls_datum_t * cas, | |
| | | const gnutls_datum_t * crls, | |
| | | gnutls_x509_crt_fmt_t type, | |
| | | unsigned int tl_flags, | |
| | | unsigned int tl_vflags); | |
| | | | |
| | | int | |
| | | gnutls_x509_trust_list_add_trust_file(gnutls_x509_trust_list_t list, | |
| | | const char* ca_file, | |
| | | const char* crl_file, | |
| | | gnutls_x509_crt_fmt_t type, | |
| | | unsigned int tl_flags, | |
| | | unsigned int tl_vflags); | |
| | | | |
| | | int | |
| | | gnutls_x509_trust_list_add_system_trust(gnutls_x509_trust_list_t list, | |
| | | unsigned int tl_flags, unsigned int | |
| | | tl_vflags); | |
| #ifdef __cplusplus | | #ifdef __cplusplus | |
| } | | } | |
| #endif | | #endif | |
| | | | |
| #endif /* GNUTLS_X509_H */ | | #endif /* GNUTLS_X509_H */ | |
| | | | |
| End of changes. 15 change blocks. |
|---|
| 12 lines changed or deleted | | 43 lines changed or added | |
|---|
|
|