2 * Copyright (C) 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation
4 * Author: Nikos Mavroyanopoulos
6 * This file is part of GNUTLS.
8 * The GNUTLS library is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public License
10 * as published by the Free Software Foundation; either version 2.1 of
11 * the License, or (at your option) any later version.
13 * This library is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
18 * You should have received a copy of the GNU Lesser General Public
19 * License along with this library; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
26 # define GNUTLS_CERT_H
28 #include <gnutls_pk.h>
30 #include "x509/x509.h"
32 #define MAX_PUBLIC_PARAMS_SIZE 4 /* ok for RSA and DSA */
34 /* parameters should not be larger than this limit */
35 #define DSA_PUBLIC_PARAMS 4
36 #define RSA_PUBLIC_PARAMS 2
38 /* For key Usage, test as:
39 * if (st.key_usage & KEY_DIGITAL_SIGNATURE) ...
41 #define KEY_DIGITAL_SIGNATURE 128
42 #define KEY_NON_REPUDIATION 64
43 #define KEY_KEY_ENCIPHERMENT 32
44 #define KEY_DATA_ENCIPHERMENT 16
45 #define KEY_KEY_AGREEMENT 8
46 #define KEY_KEY_CERT_SIGN 4
47 #define KEY_CRL_SIGN 2
48 #define KEY_ENCIPHER_ONLY 1
49 #define KEY_DECIPHER_ONLY 32768
51 typedef struct gnutls_cert
53 mpi_t params
[MAX_PUBLIC_PARAMS_SIZE
]; /* the size of params depends on the public
56 * [1] is public exponent
62 int params_size
; /* holds the size of MPI params */
64 gnutls_pk_algorithm_t subject_pk_algorithm
;
66 unsigned int key_usage
; /* bits from KEY_*
70 /* holds the type (PGP, X509)
72 gnutls_certificate_type_t cert_type
;
78 typedef struct gnutls_privkey_int
80 mpi_t params
[MAX_PRIV_PARAMS_SIZE
]; /* the size of params depends on the public
85 * [1] is public exponent
86 * [2] is private exponent
89 * [5] is coefficient (u == inverse of p mod q)
93 * [3] is y (public key)
94 * [4] is x (private key)
96 int params_size
; /* holds the number of params */
98 gnutls_pk_algorithm_t pk_algorithm
;
101 struct gnutls_session_int
; /* because gnutls_session_t is not defined when this file is included */
103 typedef enum ConvFlags
106 CERT_ONLY_PUBKEY
= 4,
107 CERT_ONLY_EXTENSIONS
= 16
110 int _gnutls_x509_raw_cert_to_gcert (gnutls_cert
* gcert
,
111 const gnutls_datum_t
* derCert
,
113 int _gnutls_x509_crt_to_gcert (gnutls_cert
* gcert
, gnutls_x509_crt_t cert
,
116 void _gnutls_gkey_deinit (gnutls_privkey
* key
);
117 void _gnutls_gcert_deinit (gnutls_cert
* cert
);
119 int _gnutls_selected_cert_supported_kx (struct gnutls_session_int
*session
,
120 gnutls_kx_algorithm_t
** alg
,
123 int _gnutls_raw_cert_to_gcert (gnutls_cert
* gcert
,
124 gnutls_certificate_type_t type
,
125 const gnutls_datum_t
* raw_cert
,
126 int flags
/* OR of ConvFlags */ );
127 int _gnutls_raw_privkey_to_gkey (gnutls_privkey
* key
,
128 gnutls_certificate_type_t type
,
129 const gnutls_datum_t
* raw_key
,
130 int key_enc
/* DER or PEM */ );