| gnutls.h (3.1.6) | | gnutls.h (3.1.7) | |
|---|
| | | | |
| skipping to change at line 54 | | skipping to change at line 54 | |
|---|
| #include <sys/types.h> | | #include <sys/types.h> | |
| /* *INDENT-ON* */ | | /* *INDENT-ON* */ | |
| #endif | | #endif | |
| /* Get time_t. */ | | /* Get time_t. */ | |
| #include <time.h> | | #include <time.h> | |
| #ifdef __cplusplus | | #ifdef __cplusplus | |
| extern "C" | | extern "C" | |
| { | | { | |
| #endif | | #endif | |
| | | | |
|
| #define GNUTLS_VERSION "3.1.6" | | #define GNUTLS_VERSION "3.1.7" | |
| | | | |
| #define GNUTLS_VERSION_MAJOR 3 | | #define GNUTLS_VERSION_MAJOR 3 | |
| #define GNUTLS_VERSION_MINOR 1 | | #define GNUTLS_VERSION_MINOR 1 | |
|
| #define GNUTLS_VERSION_PATCH 6 | | #define GNUTLS_VERSION_PATCH 7 | |
| | | | |
|
| #define GNUTLS_VERSION_NUMBER 0x030106 | | #define GNUTLS_VERSION_NUMBER 0x030107 | |
| | | | |
| #define GNUTLS_CIPHER_RIJNDAEL_128_CBC GNUTLS_CIPHER_AES_128_CBC | | #define GNUTLS_CIPHER_RIJNDAEL_128_CBC GNUTLS_CIPHER_AES_128_CBC | |
| #define GNUTLS_CIPHER_RIJNDAEL_256_CBC GNUTLS_CIPHER_AES_256_CBC | | #define GNUTLS_CIPHER_RIJNDAEL_256_CBC GNUTLS_CIPHER_AES_256_CBC | |
| #define GNUTLS_CIPHER_RIJNDAEL_CBC GNUTLS_CIPHER_AES_128_CBC | | #define GNUTLS_CIPHER_RIJNDAEL_CBC GNUTLS_CIPHER_AES_128_CBC | |
| #define GNUTLS_CIPHER_ARCFOUR GNUTLS_CIPHER_ARCFOUR_128 | | #define GNUTLS_CIPHER_ARCFOUR GNUTLS_CIPHER_ARCFOUR_128 | |
| | | | |
| /** | | /** | |
| * gnutls_cipher_algorithm_t: | | * gnutls_cipher_algorithm_t: | |
| * @GNUTLS_CIPHER_UNKNOWN: Unknown algorithm. | | * @GNUTLS_CIPHER_UNKNOWN: Unknown algorithm. | |
| * @GNUTLS_CIPHER_NULL: NULL algorithm. | | * @GNUTLS_CIPHER_NULL: NULL algorithm. | |
| | | | |
| skipping to change at line 452 | | skipping to change at line 452 | |
|---|
| * @GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE: The certificate's signer constr
aints were | | * @GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE: The certificate's signer constr
aints were | |
| * violated. | | * violated. | |
| * @GNUTLS_CERT_INSECURE_ALGORITHM: The certificate was signed using an in
secure | | * @GNUTLS_CERT_INSECURE_ALGORITHM: The certificate was signed using an in
secure | |
| * algorithm such as MD2 or MD5. These algorithms have been broken and | | * algorithm such as MD2 or MD5. These algorithms have been broken and | |
| * should not be trusted. | | * should not be trusted. | |
| * @GNUTLS_CERT_NOT_ACTIVATED: The certificate is not yet activated. | | * @GNUTLS_CERT_NOT_ACTIVATED: The certificate is not yet activated. | |
| * @GNUTLS_CERT_EXPIRED: The certificate has expired. | | * @GNUTLS_CERT_EXPIRED: The certificate has expired. | |
| * @GNUTLS_CERT_REVOCATION_DATA_SUPERSEDED: The revocation data are old and
have been superseded. | | * @GNUTLS_CERT_REVOCATION_DATA_SUPERSEDED: The revocation data are old and
have been superseded. | |
| * @GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE: The revocation data have
a future issue date. | | * @GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE: The revocation data have
a future issue date. | |
| * @GNUTLS_CERT_UNEXPECTED_OWNER: The owner is not the expected one. | | * @GNUTLS_CERT_UNEXPECTED_OWNER: The owner is not the expected one. | |
|
| | | * @GNUTLS_CERT_MISMATCH: The certificate presented isn't the expected one
(TOFU) | |
| * | | * | |
| * Enumeration of certificate status codes. Note that the status | | * Enumeration of certificate status codes. Note that the status | |
| * bits may have different meanings in OpenPGP keys and X.509 | | * bits may have different meanings in OpenPGP keys and X.509 | |
| * certificate verification. | | * certificate verification. | |
| */ | | */ | |
| typedef enum | | typedef enum | |
| { | | { | |
| GNUTLS_CERT_INVALID = 1<<1, | | GNUTLS_CERT_INVALID = 1<<1, | |
| GNUTLS_CERT_REVOKED = 1<<5, | | GNUTLS_CERT_REVOKED = 1<<5, | |
| GNUTLS_CERT_SIGNER_NOT_FOUND = 1<<6, | | GNUTLS_CERT_SIGNER_NOT_FOUND = 1<<6, | |
| GNUTLS_CERT_SIGNER_NOT_CA = 1<<7, | | GNUTLS_CERT_SIGNER_NOT_CA = 1<<7, | |
| GNUTLS_CERT_INSECURE_ALGORITHM = 1<<8, | | GNUTLS_CERT_INSECURE_ALGORITHM = 1<<8, | |
| GNUTLS_CERT_NOT_ACTIVATED = 1<<9, | | GNUTLS_CERT_NOT_ACTIVATED = 1<<9, | |
| GNUTLS_CERT_EXPIRED = 1<<10, | | GNUTLS_CERT_EXPIRED = 1<<10, | |
| GNUTLS_CERT_SIGNATURE_FAILURE = 1<<11, | | GNUTLS_CERT_SIGNATURE_FAILURE = 1<<11, | |
| GNUTLS_CERT_REVOCATION_DATA_SUPERSEDED = 1<<12, | | GNUTLS_CERT_REVOCATION_DATA_SUPERSEDED = 1<<12, | |
| GNUTLS_CERT_UNEXPECTED_OWNER = 1<<14, | | GNUTLS_CERT_UNEXPECTED_OWNER = 1<<14, | |
| GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE = 1<<15, | | GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE = 1<<15, | |
| GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE = 1<<16, | | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE = 1<<16, | |
|
| | | GNUTLS_CERT_MISMATCH = 1<<17, | |
| } gnutls_certificate_status_t; | | } gnutls_certificate_status_t; | |
| | | | |
| /** | | /** | |
| * gnutls_certificate_request_t: | | * gnutls_certificate_request_t: | |
| * @GNUTLS_CERT_IGNORE: Ignore certificate. | | * @GNUTLS_CERT_IGNORE: Ignore certificate. | |
| * @GNUTLS_CERT_REQUEST: Request certificate. | | * @GNUTLS_CERT_REQUEST: Request certificate. | |
| * @GNUTLS_CERT_REQUIRE: Require certificate. | | * @GNUTLS_CERT_REQUIRE: Require certificate. | |
| * | | * | |
| * Enumeration of certificate request types. | | * Enumeration of certificate request types. | |
| */ | | */ | |
| | | | |
| skipping to change at line 682 | | skipping to change at line 684 | |
|---|
| GNUTLS_ECC_CURVE_INVALID=0, | | GNUTLS_ECC_CURVE_INVALID=0, | |
| GNUTLS_ECC_CURVE_SECP224R1, | | GNUTLS_ECC_CURVE_SECP224R1, | |
| GNUTLS_ECC_CURVE_SECP256R1, | | GNUTLS_ECC_CURVE_SECP256R1, | |
| GNUTLS_ECC_CURVE_SECP384R1, | | GNUTLS_ECC_CURVE_SECP384R1, | |
| GNUTLS_ECC_CURVE_SECP521R1, | | GNUTLS_ECC_CURVE_SECP521R1, | |
| GNUTLS_ECC_CURVE_SECP192R1, | | GNUTLS_ECC_CURVE_SECP192R1, | |
| } gnutls_ecc_curve_t; | | } gnutls_ecc_curve_t; | |
| | | | |
| /** | | /** | |
| * gnutls_sec_param_t: | | * gnutls_sec_param_t: | |
|
| * @GNUTLS_SEC_PARAM_INSECURE: Less than 72 bits of security | | | |
| * @GNUTLS_SEC_PARAM_WEAK: 72 bits of security | | | |
| * @GNUTLS_SEC_PARAM_UNKNOWN: Cannot be known | | * @GNUTLS_SEC_PARAM_UNKNOWN: Cannot be known | |
|
| | | * @GNUTLS_SEC_PARAM_INSECURE: Less than 42 bits of security | |
| | | * @GNUTLS_SEC_PARAM_EXPORT: 42 bits of security | |
| | | * @GNUTLS_SEC_PARAM_VERY_WEAK: 64 bits of security | |
| | | * @GNUTLS_SEC_PARAM_WEAK: 72 bits of security | |
| * @GNUTLS_SEC_PARAM_LOW: 80 bits of security | | * @GNUTLS_SEC_PARAM_LOW: 80 bits of security | |
| * @GNUTLS_SEC_PARAM_LEGACY: 96 bits of security | | * @GNUTLS_SEC_PARAM_LEGACY: 96 bits of security | |
| * @GNUTLS_SEC_PARAM_NORMAL: 112 bits of security | | * @GNUTLS_SEC_PARAM_NORMAL: 112 bits of security | |
| * @GNUTLS_SEC_PARAM_HIGH: 128 bits of security | | * @GNUTLS_SEC_PARAM_HIGH: 128 bits of security | |
| * @GNUTLS_SEC_PARAM_ULTRA: 192 bits of security | | * @GNUTLS_SEC_PARAM_ULTRA: 192 bits of security | |
| * | | * | |
| * Enumeration of security parameters for passive attacks. | | * Enumeration of security parameters for passive attacks. | |
| */ | | */ | |
| typedef enum | | typedef enum | |
| { | | { | |
| GNUTLS_SEC_PARAM_INSECURE = -20, | | GNUTLS_SEC_PARAM_INSECURE = -20, | |
|
| | | GNUTLS_SEC_PARAM_EXPORT = -15, | |
| | | GNUTLS_SEC_PARAM_VERY_WEAK = -12, | |
| GNUTLS_SEC_PARAM_WEAK = -10, | | GNUTLS_SEC_PARAM_WEAK = -10, | |
| GNUTLS_SEC_PARAM_UNKNOWN = 0, | | GNUTLS_SEC_PARAM_UNKNOWN = 0, | |
| GNUTLS_SEC_PARAM_LOW = 1, | | GNUTLS_SEC_PARAM_LOW = 1, | |
| GNUTLS_SEC_PARAM_LEGACY = 2, | | GNUTLS_SEC_PARAM_LEGACY = 2, | |
| GNUTLS_SEC_PARAM_NORMAL = 3, | | GNUTLS_SEC_PARAM_NORMAL = 3, | |
| GNUTLS_SEC_PARAM_HIGH = 4, | | GNUTLS_SEC_PARAM_HIGH = 4, | |
| GNUTLS_SEC_PARAM_ULTRA = 5, | | GNUTLS_SEC_PARAM_ULTRA = 5, | |
| } gnutls_sec_param_t; | | } gnutls_sec_param_t; | |
| | | | |
| /** | | /** | |
| | | | |
| skipping to change at line 883 | | skipping to change at line 889 | |
|---|
| gnutls_handshake_description_t | | gnutls_handshake_description_t | |
| gnutls_handshake_get_last_in (gnutls_session_t session); | | gnutls_handshake_get_last_in (gnutls_session_t session); | |
| | | | |
| /* Record layer functions. | | /* Record layer functions. | |
| */ | | */ | |
| #define GNUTLS_HEARTBEAT_WAIT 1 | | #define GNUTLS_HEARTBEAT_WAIT 1 | |
| int gnutls_heartbeat_ping (gnutls_session_t session, size_t data_size, | | int gnutls_heartbeat_ping (gnutls_session_t session, size_t data_size, | |
| unsigned int max_tries, unsigned int flags); | | unsigned int max_tries, unsigned int flags); | |
| int gnutls_heartbeat_pong (gnutls_session_t session, unsigned int flags); | | int gnutls_heartbeat_pong (gnutls_session_t session, unsigned int flags); | |
| | | | |
|
| | | void gnutls_record_set_timeout (gnutls_session_t session, unsigned int ms | |
| | | ); | |
| | | void gnutls_record_disable_padding (gnutls_session_t session); | |
| | | | |
| | | void gnutls_record_cork (gnutls_session_t session); | |
| | | #define GNUTLS_RECORD_WAIT 1 | |
| | | int gnutls_record_uncork (gnutls_session_t session, unsigned int flags); | |
| | | | |
| | | typedef struct { | |
| | | size_t low; | |
| | | size_t high; | |
| | | } gnutls_range_st; | |
| | | | |
| | | int gnutls_range_split (gnutls_session_t session, | |
| | | const gnutls_range_st *orig, | |
| | | gnutls_range_st * small_range, | |
| | | gnutls_range_st * rem_range); | |
| | | | |
| ssize_t gnutls_record_send (gnutls_session_t session, const void *data, | | ssize_t gnutls_record_send (gnutls_session_t session, const void *data, | |
| size_t data_size); | | size_t data_size); | |
|
| | | ssize_t gnutls_record_send_range (gnutls_session_t session, const void *d | |
| | | ata, | |
| | | size_t data_size, const gnutls_range_st | |
| | | *range); | |
| ssize_t gnutls_record_recv (gnutls_session_t session, void *data, | | ssize_t gnutls_record_recv (gnutls_session_t session, void *data, | |
| size_t data_size); | | size_t data_size); | |
| #define gnutls_read gnutls_record_recv | | #define gnutls_read gnutls_record_recv | |
| #define gnutls_write gnutls_record_send | | #define gnutls_write gnutls_record_send | |
| ssize_t gnutls_record_recv_seq (gnutls_session_t session, void *data, siz
e_t data_size, | | ssize_t gnutls_record_recv_seq (gnutls_session_t session, void *data, siz
e_t data_size, | |
| unsigned char *seq); | | unsigned char *seq); | |
| | | | |
| void gnutls_session_enable_compatibility_mode (gnutls_session_t session); | | void gnutls_session_enable_compatibility_mode (gnutls_session_t session); | |
|
| | | void gnutls_record_set_max_empty_records (gnutls_session_t session, const
unsigned int i); | |
| | | | |
|
| void gnutls_record_disable_padding (gnutls_session_t session); | | int gnutls_record_can_use_length_hiding (gnutls_session_t session); | |
| | | | |
| int gnutls_record_get_direction (gnutls_session_t session); | | int gnutls_record_get_direction (gnutls_session_t session); | |
| | | | |
| size_t gnutls_record_get_max_size (gnutls_session_t session); | | size_t gnutls_record_get_max_size (gnutls_session_t session); | |
| ssize_t gnutls_record_set_max_size (gnutls_session_t session, size_t size
); | | ssize_t gnutls_record_set_max_size (gnutls_session_t session, size_t size
); | |
| | | | |
| size_t gnutls_record_check_pending (gnutls_session_t session); | | size_t gnutls_record_check_pending (gnutls_session_t session); | |
| | | | |
|
| | | void gnutls_session_force_valid (gnutls_session_t session); | |
| | | | |
| int gnutls_prf (gnutls_session_t session, | | int gnutls_prf (gnutls_session_t session, | |
| size_t label_size, const char *label, | | size_t label_size, const char *label, | |
| int server_random_first, | | int server_random_first, | |
| size_t extra_size, const char *extra, | | size_t extra_size, const char *extra, | |
| size_t outsize, char *out); | | size_t outsize, char *out); | |
| | | | |
| int gnutls_prf_raw (gnutls_session_t session, | | int gnutls_prf_raw (gnutls_session_t session, | |
| size_t label_size, const char *label, | | size_t label_size, const char *label, | |
| size_t seed_size, const char *seed, | | size_t seed_size, const char *seed, | |
| size_t outsize, char *out); | | size_t outsize, char *out); | |
| | | | |
| skipping to change at line 1102 | | skipping to change at line 1130 | |
|---|
| void gnutls_db_set_retrieve_function (gnutls_session_t session, | | void gnutls_db_set_retrieve_function (gnutls_session_t session, | |
| gnutls_db_retr_func retr_func); | | gnutls_db_retr_func retr_func); | |
| void gnutls_db_set_remove_function (gnutls_session_t session, | | void gnutls_db_set_remove_function (gnutls_session_t session, | |
| gnutls_db_remove_func rem_func); | | gnutls_db_remove_func rem_func); | |
| void gnutls_db_set_store_function (gnutls_session_t session, | | void gnutls_db_set_store_function (gnutls_session_t session, | |
| gnutls_db_store_func store_func); | | gnutls_db_store_func store_func); | |
| void gnutls_db_set_ptr (gnutls_session_t session, void *ptr); | | void gnutls_db_set_ptr (gnutls_session_t session, void *ptr); | |
| void *gnutls_db_get_ptr (gnutls_session_t session); | | void *gnutls_db_get_ptr (gnutls_session_t session); | |
| int gnutls_db_check_entry (gnutls_session_t session, | | int gnutls_db_check_entry (gnutls_session_t session, | |
| gnutls_datum_t session_entry); | | gnutls_datum_t session_entry); | |
|
| | | time_t gnutls_db_check_entry_time (gnutls_datum_t *entry); | |
| | | | |
| typedef int (*gnutls_handshake_post_client_hello_func) (gnutls_session_t)
; | | typedef int (*gnutls_handshake_post_client_hello_func) (gnutls_session_t)
; | |
| void | | void | |
| gnutls_handshake_set_post_client_hello_function (gnutls_session_t sessi
on, | | gnutls_handshake_set_post_client_hello_function (gnutls_session_t sessi
on, | |
| gnutls_handshake_post_
client_hello_func | | gnutls_handshake_post_
client_hello_func | |
| func); | | func); | |
| | | | |
| void gnutls_handshake_set_max_packet_length (gnutls_session_t session, | | void gnutls_handshake_set_max_packet_length (gnutls_session_t session, | |
| size_t max); | | size_t max); | |
| | | | |
| | | | |
| skipping to change at line 2114 | | skipping to change at line 2143 | |
|---|
| | | | |
| #define GNUTLS_E_TPM_ERROR -329 | | #define GNUTLS_E_TPM_ERROR -329 | |
| #define GNUTLS_E_TPM_KEY_PASSWORD_ERROR -330 | | #define GNUTLS_E_TPM_KEY_PASSWORD_ERROR -330 | |
| #define GNUTLS_E_TPM_SRK_PASSWORD_ERROR -331 | | #define GNUTLS_E_TPM_SRK_PASSWORD_ERROR -331 | |
| #define GNUTLS_E_TPM_SESSION_ERROR -332 | | #define GNUTLS_E_TPM_SESSION_ERROR -332 | |
| #define GNUTLS_E_TPM_KEY_NOT_FOUND -333 | | #define GNUTLS_E_TPM_KEY_NOT_FOUND -333 | |
| #define GNUTLS_E_TPM_UNINITIALIZED -334 | | #define GNUTLS_E_TPM_UNINITIALIZED -334 | |
| | | | |
| #define GNUTLS_E_NO_CERTIFICATE_STATUS -340 | | #define GNUTLS_E_NO_CERTIFICATE_STATUS -340 | |
| #define GNUTLS_E_OCSP_RESPONSE_ERROR -341 | | #define GNUTLS_E_OCSP_RESPONSE_ERROR -341 | |
|
| | | #define GNUTLS_E_RANDOM_DEVICE_ERROR -342 | |
| | | #define GNUTLS_E_AUTH_ERROR -343 | |
| | | | |
| #define GNUTLS_E_UNIMPLEMENTED_FEATURE -1250 | | #define GNUTLS_E_UNIMPLEMENTED_FEATURE -1250 | |
| | | | |
| #define GNUTLS_E_APPLICATION_ERROR_MAX -65000 | | #define GNUTLS_E_APPLICATION_ERROR_MAX -65000 | |
| #define GNUTLS_E_APPLICATION_ERROR_MIN -65500 | | #define GNUTLS_E_APPLICATION_ERROR_MIN -65500 | |
| | | | |
| #ifdef __cplusplus | | #ifdef __cplusplus | |
| } | | } | |
| #endif | | #endif | |
| | | | |
| | | | |
| End of changes. 15 change blocks. |
|---|
| 6 lines changed or deleted | | 40 lines changed or added | |
|---|
|
| pkcs11.h (3.1.6) | | pkcs11.h (3.1.7) | |
|---|
| /* | | /* | |
| * Copyright (C) 2010-2012 Free Software Foundation, Inc. | | * Copyright (C) 2010-2012 Free Software Foundation, Inc. | |
| * | | * | |
| * Author: Nikos Mavrogiannopoulos | | * Author: Nikos Mavrogiannopoulos | |
| * | | * | |
| * This file is part of GnuTLS. | | * This file is part of GnuTLS. | |
| * | | * | |
| * The GnuTLS is free software; you can redistribute it and/or | | * The GnuTLS is free software; you can redistribute it and/or | |
| * modify it under the terms of the GNU Lesser General Public License | | * modify it under the terms of the GNU Lesser General Public License | |
|
| * as published by the Free Software Foundation; either version 3 of | | * as published by the Free Software Foundation; either version 2.1 of | |
| * the License, or (at your option) any later version. | | * the License, or (at your option) any later version. | |
| * | | * | |
| * This library is distributed in the hope that it will be useful, but | | * This library is distributed in the hope that it will be useful, but | |
| * WITHOUT ANY WARRANTY; without even the implied warranty of | | * WITHOUT ANY WARRANTY; without even the implied warranty of | |
| * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
| * Lesser General Public License for more details. | | * Lesser General Public License for more details. | |
| * | | * | |
| * You should have received a copy of the GNU Lesser General Public License | | * You should have received a copy of the GNU Lesser General Public License | |
| * along with this program. If not, see <http://www.gnu.org/licenses/> | | * along with this program. If not, see <http://www.gnu.org/licenses/> | |
| * | | * | |
| | | | |
| skipping to change at line 176 | | skipping to change at line 176 | |
|---|
| } gnutls_pkcs11_obj_info_t; | | } gnutls_pkcs11_obj_info_t; | |
| | | | |
| int gnutls_pkcs11_obj_get_info (gnutls_pkcs11_obj_t crt, | | int gnutls_pkcs11_obj_get_info (gnutls_pkcs11_obj_t crt, | |
| gnutls_pkcs11_obj_info_t itype, void *outpu
t, | | gnutls_pkcs11_obj_info_t itype, void *outpu
t, | |
| size_t * output_size); | | size_t * output_size); | |
| | | | |
| /** | | /** | |
| * gnutls_pkcs11_obj_attr_t: | | * gnutls_pkcs11_obj_attr_t: | |
| * @GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL: Specify all certificates. | | * @GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL: Specify all certificates. | |
| * @GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED: Specify all certificates marked as
trusted. | | * @GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED: Specify all certificates marked as
trusted. | |
|
| | | * @GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED_CA: Specify all certificates marked
as trusted and are CAs. | |
| * @GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY: Specify all certificates with
a corresponding private key. | | * @GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY: Specify all certificates with
a corresponding private key. | |
| * @GNUTLS_PKCS11_OBJ_ATTR_PUBKEY: Specify all public keys. | | * @GNUTLS_PKCS11_OBJ_ATTR_PUBKEY: Specify all public keys. | |
| * @GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY: Specify all private keys. | | * @GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY: Specify all private keys. | |
| * @GNUTLS_PKCS11_OBJ_ATTR_ALL: Specify all objects. | | * @GNUTLS_PKCS11_OBJ_ATTR_ALL: Specify all objects. | |
| * | | * | |
| * Enumeration of several attributes for object enumeration. | | * Enumeration of several attributes for object enumeration. | |
| */ | | */ | |
| typedef enum | | typedef enum | |
| { | | { | |
| GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL = 1, /* all certificates */ | | GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL = 1, /* all certificates */ | |
| GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED, /* certificates marked as trusted
*/ | | GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED, /* certificates marked as trusted
*/ | |
| GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY, /* certificates with corr
esponding private key */ | | GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY, /* certificates with corr
esponding private key */ | |
| GNUTLS_PKCS11_OBJ_ATTR_PUBKEY, /* public keys */ | | GNUTLS_PKCS11_OBJ_ATTR_PUBKEY, /* public keys */ | |
| GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY, /* private keys */ | | GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY, /* private keys */ | |
|
| GNUTLS_PKCS11_OBJ_ATTR_ALL /* everything! */ | | GNUTLS_PKCS11_OBJ_ATTR_ALL, /* everything! */ | |
| | | GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED_CA, /* CAs */ | |
| } gnutls_pkcs11_obj_attr_t; | | } gnutls_pkcs11_obj_attr_t; | |
| | | | |
| /** | | /** | |
| * gnutls_pkcs11_token_info_t: | | * gnutls_pkcs11_token_info_t: | |
| * @GNUTLS_PKCS11_TOKEN_LABEL: The token's label | | * @GNUTLS_PKCS11_TOKEN_LABEL: The token's label | |
| * @GNUTLS_PKCS11_TOKEN_SERIAL: The token's serial number | | * @GNUTLS_PKCS11_TOKEN_SERIAL: The token's serial number | |
| * @GNUTLS_PKCS11_TOKEN_MANUFACTURER: The token's manufacturer | | * @GNUTLS_PKCS11_TOKEN_MANUFACTURER: The token's manufacturer | |
| * @GNUTLS_PKCS11_TOKEN_MODEL: The token's model | | * @GNUTLS_PKCS11_TOKEN_MODEL: The token's model | |
| * | | * | |
| * Enumeration of types for retrieving token information. | | * Enumeration of types for retrieving token information. | |
| | | | |
| End of changes. 3 change blocks. |
|---|
| 2 lines changed or deleted | | 4 lines changed or added | |
|---|
|
| x509.h (3.1.6) | | x509.h (3.1.7) | |
|---|
| | | | |
| skipping to change at line 400 | | skipping to change at line 400 | |
|---|
| void *data, size_t * sizeof_data)
; | | void *data, size_t * sizeof_data)
; | |
| | | | |
| int gnutls_x509_crt_set_extension_by_oid (gnutls_x509_crt_t crt, | | int gnutls_x509_crt_set_extension_by_oid (gnutls_x509_crt_t crt, | |
| const char *oid, | | const char *oid, | |
| const void *buf, | | const void *buf, | |
| size_t sizeof_buf, | | size_t sizeof_buf, | |
| unsigned int critical); | | unsigned int critical); | |
| | | | |
| /* X.509 Certificate writing. | | /* X.509 Certificate writing. | |
| */ | | */ | |
|
| | | int gnutls_x509_crt_set_dn (gnutls_x509_crt_t crt, const char *dn, const | |
| | | char** err); | |
| | | | |
| int gnutls_x509_crt_set_dn_by_oid (gnutls_x509_crt_t crt, | | int gnutls_x509_crt_set_dn_by_oid (gnutls_x509_crt_t crt, | |
| const char *oid, | | const char *oid, | |
| unsigned int raw_flag, | | unsigned int raw_flag, | |
| const void *name, | | const void *name, | |
| unsigned int sizeof_name); | | unsigned int sizeof_name); | |
| int gnutls_x509_crt_set_issuer_dn_by_oid (gnutls_x509_crt_t crt, | | int gnutls_x509_crt_set_issuer_dn_by_oid (gnutls_x509_crt_t crt, | |
| const char *oid, | | const char *oid, | |
| unsigned int raw_flag, | | unsigned int raw_flag, | |
| const void *name, | | const void *name, | |
| unsigned int sizeof_name); | | unsigned int sizeof_name); | |
|
| | | int gnutls_x509_crt_set_issuer_dn (gnutls_x509_crt_t crt, const char *dn, | |
| | | const char** err); | |
| | | | |
| int gnutls_x509_crt_set_version (gnutls_x509_crt_t crt, | | int gnutls_x509_crt_set_version (gnutls_x509_crt_t crt, | |
| unsigned int version); | | unsigned int version); | |
| int gnutls_x509_crt_set_key (gnutls_x509_crt_t crt, | | int gnutls_x509_crt_set_key (gnutls_x509_crt_t crt, | |
| gnutls_x509_privkey_t key); | | gnutls_x509_privkey_t key); | |
| int gnutls_x509_crt_set_ca_status (gnutls_x509_crt_t crt, unsigned int ca
); | | int gnutls_x509_crt_set_ca_status (gnutls_x509_crt_t crt, unsigned int ca
); | |
| int gnutls_x509_crt_set_basic_constraints (gnutls_x509_crt_t crt, | | int gnutls_x509_crt_set_basic_constraints (gnutls_x509_crt_t crt, | |
| unsigned int ca, | | unsigned int ca, | |
| int pathLenConstraint); | | int pathLenConstraint); | |
| int gnutls_x509_crt_set_subject_alternative_name (gnutls_x509_crt_t crt, | | int gnutls_x509_crt_set_subject_alternative_name (gnutls_x509_crt_t crt, | |
| gnutls_x509_subject_alt
_name_t | | gnutls_x509_subject_alt
_name_t | |
| | | | |
| skipping to change at line 656 | | skipping to change at line 660 | |
|---|
| /* X.509 Certificate verification functions. | | /* X.509 Certificate verification functions. | |
| */ | | */ | |
| | | | |
| /** | | /** | |
| * gnutls_certificate_verify_flags: | | * gnutls_certificate_verify_flags: | |
| * @GNUTLS_VERIFY_DISABLE_CA_SIGN: If set a signer does not have to be | | * @GNUTLS_VERIFY_DISABLE_CA_SIGN: If set a signer does not have to be | |
| * a certificate authority. This flag should normaly be disabled, | | * a certificate authority. This flag should normaly be disabled, | |
| * unless you know what this means. | | * unless you know what this means. | |
| * @GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS: If set a signer in the trust
ed | | * @GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS: If set a signer in the trust
ed | |
| * list is never checked for expiration or activation. | | * list is never checked for expiration or activation. | |
|
| * @GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT: Allow trusted CA certificates | | * @GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT: Allow trusted CA certificates | |
| * with version 1. This is safer than %GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA
_CRT, | | * with version 1. This is safer than %GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA
_CRT, | |
| * and should be used instead. That way only signers in your trusted list | | * and should be used instead. That way only signers in your trusted list | |
|
| * will be allowed to have certificates of version 1. This is the default. | | * will be allowed to have certificates of version 1. This is the default
. | |
| * @GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT: Do not allow trusted CA | | * @GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT: Do not allow trusted CA | |
| * certificates that have version 1. This option is to be used | | * certificates that have version 1. This option is to be used | |
| * to deprecate all certificates of version 1. | | * to deprecate all certificates of version 1. | |
| * @GNUTLS_VERIFY_DO_NOT_ALLOW_SAME: If a certificate is not signed by | | * @GNUTLS_VERIFY_DO_NOT_ALLOW_SAME: If a certificate is not signed by | |
| * anyone trusted but exists in the trusted CA list do not treat it | | * anyone trusted but exists in the trusted CA list do not treat it | |
| * as trusted. | | * as trusted. | |
| * @GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN: A certificate chain is tolerated | | * @GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN: A certificate chain is tolerated | |
| * if unsorted (the case with many TLS servers out there). This is the | | * if unsorted (the case with many TLS servers out there). This is the | |
| * default since GnuTLS 3.1.4. | | * default since GnuTLS 3.1.4. | |
| * @GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN: Do not tolerate an unsorted | | * @GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN: Do not tolerate an unsorted | |
| | | | |
| skipping to change at line 919 | | skipping to change at line 923 | |
|---|
| unsigned int *critical); | | unsigned int *critical); | |
| | | | |
| int gnutls_x509_crq_get_dn (gnutls_x509_crq_t crq, char *buf, | | int gnutls_x509_crq_get_dn (gnutls_x509_crq_t crq, char *buf, | |
| size_t * sizeof_buf); | | size_t * sizeof_buf); | |
| int gnutls_x509_crq_get_dn_oid (gnutls_x509_crq_t crq, int indx, | | int gnutls_x509_crq_get_dn_oid (gnutls_x509_crq_t crq, int indx, | |
| void *oid, size_t * sizeof_oid); | | void *oid, size_t * sizeof_oid); | |
| int gnutls_x509_crq_get_dn_by_oid (gnutls_x509_crq_t crq, | | int gnutls_x509_crq_get_dn_by_oid (gnutls_x509_crq_t crq, | |
| const char *oid, int indx, | | const char *oid, int indx, | |
| unsigned int raw_flag, void *buf, | | unsigned int raw_flag, void *buf, | |
| size_t * sizeof_buf); | | size_t * sizeof_buf); | |
|
| | | int gnutls_x509_crq_set_dn (gnutls_x509_crq_t crq, const char *dn, const
char** err); | |
| int gnutls_x509_crq_set_dn_by_oid (gnutls_x509_crq_t crq, | | int gnutls_x509_crq_set_dn_by_oid (gnutls_x509_crq_t crq, | |
| const char *oid, | | const char *oid, | |
| unsigned int raw_flag, | | unsigned int raw_flag, | |
| const void *data, | | const void *data, | |
| unsigned int sizeof_data); | | unsigned int sizeof_data); | |
| int gnutls_x509_crq_set_version (gnutls_x509_crq_t crq, | | int gnutls_x509_crq_set_version (gnutls_x509_crq_t crq, | |
| unsigned int version); | | unsigned int version); | |
| int gnutls_x509_crq_get_version (gnutls_x509_crq_t crq); | | int gnutls_x509_crq_get_version (gnutls_x509_crq_t crq); | |
| int gnutls_x509_crq_set_key (gnutls_x509_crq_t crq, | | int gnutls_x509_crq_set_key (gnutls_x509_crq_t crq, | |
| gnutls_x509_privkey_t key); | | gnutls_x509_privkey_t key); | |
| | | | |
| End of changes. 5 change blocks. |
|---|
| 2 lines changed or deleted | | 9 lines changed or added | |
|---|
|