2 * Copyright (C) 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation
4 * Author: Nikos Mavroyanopoulos
6 * This file is part of GNUTLS.
8 * The GNUTLS library is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public License
10 * as published by the Free Software Foundation; either version 2.1 of
11 * the License, or (at your option) any later version.
13 * This library is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
18 * You should have received a copy of the GNU Lesser General Public
19 * License along with this library; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
25 /* This file contains the types and prototypes for all the
26 * high level functionality of gnutls main library. For the
27 * extra functionality (which is under the GNU GPL license) check
28 * the gnutls/extra.h header. The openssl compatibility layer is
29 * in gnutls/openssl.h.
31 * The low level cipher functionality is in libgcrypt. Check
44 #define LIBGNUTLS_VERSION "@VERSION@"
46 #define LIBGNUTLS_VERSION_MAJOR @MAJOR_VERSION@
47 #define LIBGNUTLS_VERSION_MINOR @MINOR_VERSION@
48 #define LIBGNUTLS_VERSION_PATCH @PATCH_VERSION@
50 #define LIBGNUTLS_VERSION_NUMBER @NUMBER_VERSION@
52 @POSSIBLY_WARN_ABOUT_MISSING_FEATURES@
63 #include <gnutls/compat.h>
65 #define GNUTLS_CIPHER_RIJNDAEL_128_CBC GNUTLS_CIPHER_AES_128_CBC
66 #define GNUTLS_CIPHER_RIJNDAEL_256_CBC GNUTLS_CIPHER_AES_256_CBC
67 #define GNUTLS_CIPHER_RIJNDAEL_CBC GNUTLS_CIPHER_AES_128_CBC
68 #define GNUTLS_CIPHER_ARCFOUR GNUTLS_CIPHER_ARCFOUR_128
70 typedef enum gnutls_cipher_algorithm
72 GNUTLS_CIPHER_UNKNOWN
= 0,
73 GNUTLS_CIPHER_NULL
= 1,
74 GNUTLS_CIPHER_ARCFOUR_128
,
75 GNUTLS_CIPHER_3DES_CBC
,
76 GNUTLS_CIPHER_AES_128_CBC
,
77 GNUTLS_CIPHER_AES_256_CBC
,
78 GNUTLS_CIPHER_ARCFOUR_40
,
79 GNUTLS_CIPHER_CAMELLIA_128_CBC
,
80 GNUTLS_CIPHER_CAMELLIA_256_CBC
,
81 GNUTLS_CIPHER_RC2_40_CBC
= 90,
83 } gnutls_cipher_algorithm_t
;
87 GNUTLS_KX_UNKNOWN
= 0,
98 } gnutls_kx_algorithm_t
;
102 GNUTLS_PARAMS_RSA_EXPORT
= 1,
104 } gnutls_params_type_t
;
108 GNUTLS_CRD_CERTIFICATE
= 1,
113 } gnutls_credentials_type_t
;
115 #define GNUTLS_MAC_SHA GNUTLS_MAC_SHA1
116 #define GNUTLS_DIG_SHA GNUTLS_DIG_SHA1
120 GNUTLS_MAC_UNKNOWN
= 0,
129 } gnutls_mac_algorithm_t
;
131 /* The enumerations here should have the same value with
132 gnutls_mac_algorithm_t.
136 GNUTLS_DIG_NULL
= GNUTLS_MAC_NULL
,
137 GNUTLS_DIG_MD5
= GNUTLS_MAC_MD5
,
138 GNUTLS_DIG_SHA1
= GNUTLS_MAC_SHA1
,
139 GNUTLS_DIG_RMD160
= GNUTLS_MAC_RMD160
,
140 GNUTLS_DIG_MD2
= GNUTLS_MAC_MD2
,
141 GNUTLS_DIG_SHA256
= GNUTLS_MAC_SHA256
,
142 GNUTLS_DIG_SHA384
= GNUTLS_MAC_SHA384
,
143 GNUTLS_DIG_SHA512
= GNUTLS_MAC_SHA512
144 } gnutls_digest_algorithm_t
;
146 /* exported for other gnutls headers. This is the maximum number of
147 * algorithms (ciphers, kx or macs).
149 #define GNUTLS_MAX_ALGORITHM_NUM 16
151 #define GNUTLS_COMP_ZLIB GNUTLS_COMP_DEFLATE
154 GNUTLS_COMP_UNKNOWN
= 0,
155 GNUTLS_COMP_NULL
= 1,
157 GNUTLS_COMP_LZO
/* only available if gnutls-extra has
160 } gnutls_compression_method_t
;
166 } gnutls_connection_end_t
;
170 GNUTLS_AL_WARNING
= 1,
172 } gnutls_alert_level_t
;
176 GNUTLS_A_CLOSE_NOTIFY
,
177 GNUTLS_A_UNEXPECTED_MESSAGE
= 10,
178 GNUTLS_A_BAD_RECORD_MAC
= 20,
179 GNUTLS_A_DECRYPTION_FAILED
,
180 GNUTLS_A_RECORD_OVERFLOW
,
181 GNUTLS_A_DECOMPRESSION_FAILURE
= 30,
182 GNUTLS_A_HANDSHAKE_FAILURE
= 40,
183 GNUTLS_A_SSL3_NO_CERTIFICATE
= 41,
184 GNUTLS_A_BAD_CERTIFICATE
= 42,
185 GNUTLS_A_UNSUPPORTED_CERTIFICATE
,
186 GNUTLS_A_CERTIFICATE_REVOKED
,
187 GNUTLS_A_CERTIFICATE_EXPIRED
,
188 GNUTLS_A_CERTIFICATE_UNKNOWN
,
189 GNUTLS_A_ILLEGAL_PARAMETER
,
191 GNUTLS_A_ACCESS_DENIED
,
192 GNUTLS_A_DECODE_ERROR
= 50,
193 GNUTLS_A_DECRYPT_ERROR
,
194 GNUTLS_A_EXPORT_RESTRICTION
= 60,
195 GNUTLS_A_PROTOCOL_VERSION
= 70,
196 GNUTLS_A_INSUFFICIENT_SECURITY
,
197 GNUTLS_A_INTERNAL_ERROR
= 80,
198 GNUTLS_A_USER_CANCELED
= 90,
199 GNUTLS_A_NO_RENEGOTIATION
= 100,
200 GNUTLS_A_UNSUPPORTED_EXTENSION
= 110,
201 GNUTLS_A_CERTIFICATE_UNOBTAINABLE
= 111,
202 GNUTLS_A_UNRECOGNIZED_NAME
= 112,
203 GNUTLS_A_UNKNOWN_PSK_IDENTITY
= 115,
204 GNUTLS_A_INNER_APPLICATION_FAILURE
= 208,
205 GNUTLS_A_INNER_APPLICATION_VERIFICATION
= 209
206 } gnutls_alert_description_t
;
209 { GNUTLS_HANDSHAKE_HELLO_REQUEST
= 0,
210 GNUTLS_HANDSHAKE_CLIENT_HELLO
= 1,
211 GNUTLS_HANDSHAKE_SERVER_HELLO
= 2,
212 GNUTLS_HANDSHAKE_CERTIFICATE_PKT
= 11,
213 GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE
= 12,
214 GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST
= 13,
215 GNUTLS_HANDSHAKE_SERVER_HELLO_DONE
= 14,
216 GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY
= 15,
217 GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE
= 16,
218 GNUTLS_HANDSHAKE_FINISHED
= 20,
219 GNUTLS_HANDSHAKE_SUPPLEMENTAL
= 23
220 } gnutls_handshake_description_t
;
222 /* Note that the status bits have different meanings
223 * in openpgp keys and x.509 certificate verification.
227 GNUTLS_CERT_INVALID
= 2, /* will be set if the certificate
230 GNUTLS_CERT_REVOKED
= 32, /* in X.509 this will be set only if CRLs are checked
233 /* Those are extra information about the verification
234 * process. Will be set only if the certificate was
237 GNUTLS_CERT_SIGNER_NOT_FOUND
= 64,
238 GNUTLS_CERT_SIGNER_NOT_CA
= 128,
239 GNUTLS_CERT_INSECURE_ALGORITHM
= 256
240 } gnutls_certificate_status_t
;
245 GNUTLS_CERT_REQUEST
= 1,
247 } gnutls_certificate_request_t
;
250 { GNUTLS_OPENPGP_CERT
,
251 GNUTLS_OPENPGP_CERT_FINGERPRINT
252 } gnutls_openpgp_crt_status_t
;
256 GNUTLS_SHUT_RDWR
= 0,
258 } gnutls_close_request_t
;
260 #define GNUTLS_TLS1 GNUTLS_TLS1_0
267 GNUTLS_VERSION_UNKNOWN
= 0xff
272 GNUTLS_CRT_UNKNOWN
= 0,
275 } gnutls_certificate_type_t
;
281 } gnutls_x509_crt_fmt_t
;
283 typedef enum gnutls_certificate_print_formats
285 GNUTLS_CRT_PRINT_FULL
,
286 GNUTLS_CRT_PRINT_ONELINE
,
287 GNUTLS_CRT_PRINT_UNSIGNED_FULL
,
288 } gnutls_certificate_print_formats_t
;
292 GNUTLS_PK_UNKNOWN
= 0,
295 } gnutls_pk_algorithm_t
;
297 const char *gnutls_pk_algorithm_get_name (gnutls_pk_algorithm_t algorithm
);
299 #define GNUTLS_SIGN_RSA_SHA GNUTLS_SIGN_RSA_SHA1
300 #define GNUTLS_SIGN_DSA_SHA GNUTLS_SIGN_DSA_SHA1
303 GNUTLS_SIGN_UNKNOWN
= 0,
304 GNUTLS_SIGN_RSA_SHA1
= 1,
305 GNUTLS_SIGN_DSA_SHA1
,
308 GNUTLS_SIGN_RSA_RMD160
,
309 GNUTLS_SIGN_RSA_SHA256
,
310 GNUTLS_SIGN_RSA_SHA384
,
311 GNUTLS_SIGN_RSA_SHA512
312 } gnutls_sign_algorithm_t
;
314 const char *gnutls_sign_algorithm_get_name (gnutls_sign_algorithm_t
317 /* If you want to change this, then also change the define in
318 * gnutls_int.h, and recompile.
320 typedef void *gnutls_transport_ptr_t
;
322 struct gnutls_session_int
;
323 typedef struct gnutls_session_int
*gnutls_session_t
;
325 struct gnutls_dh_params_int
;
326 typedef struct gnutls_dh_params_int
*gnutls_dh_params_t
;
328 struct gnutls_x509_privkey_int
; /* XXX ugly. */
329 typedef struct gnutls_x509_privkey_int
*gnutls_rsa_params_t
; /* XXX ugly. */
331 struct gnutls_priority_st
;
332 typedef struct gnutls_priority_st
*gnutls_priority_t
;
341 typedef struct gnutls_params_st
343 gnutls_params_type_t type
;
346 gnutls_dh_params_t dh
;
347 gnutls_rsa_params_t rsa_export
;
352 typedef int gnutls_params_function (gnutls_session_t
, gnutls_params_type_t
,
355 /* internal functions */
357 int gnutls_init (gnutls_session_t
* session
,
358 gnutls_connection_end_t con_end
);
359 void gnutls_deinit (gnutls_session_t session
);
360 #define _gnutls_deinit(x) gnutls_deinit(x)
362 int gnutls_bye (gnutls_session_t session
, gnutls_close_request_t how
);
364 int gnutls_handshake (gnutls_session_t session
);
365 int gnutls_rehandshake (gnutls_session_t session
);
367 gnutls_alert_description_t
gnutls_alert_get (gnutls_session_t session
);
368 int gnutls_alert_send (gnutls_session_t session
,
369 gnutls_alert_level_t level
,
370 gnutls_alert_description_t desc
);
371 int gnutls_alert_send_appropriate (gnutls_session_t session
, int err
);
372 const char *gnutls_alert_get_name (gnutls_alert_description_t alert
);
374 /* get information on the current session */
375 gnutls_cipher_algorithm_t
gnutls_cipher_get (gnutls_session_t session
);
376 gnutls_kx_algorithm_t
gnutls_kx_get (gnutls_session_t session
);
377 gnutls_mac_algorithm_t
gnutls_mac_get (gnutls_session_t session
);
378 gnutls_compression_method_t
gnutls_compression_get (gnutls_session_t
380 gnutls_certificate_type_t
gnutls_certificate_type_get (gnutls_session_t
383 size_t gnutls_cipher_get_key_size (gnutls_cipher_algorithm_t algorithm
);
384 size_t gnutls_mac_get_key_size (gnutls_mac_algorithm_t algorithm
);
386 /* the name of the specified algorithms */
387 const char *gnutls_cipher_get_name (gnutls_cipher_algorithm_t algorithm
);
388 const char *gnutls_mac_get_name (gnutls_mac_algorithm_t algorithm
);
389 const char *gnutls_compression_get_name (gnutls_compression_method_t
391 const char *gnutls_kx_get_name (gnutls_kx_algorithm_t algorithm
);
392 const char *gnutls_certificate_type_get_name (gnutls_certificate_type_t
395 gnutls_mac_algorithm_t
gnutls_mac_get_id (const char* name
);
396 gnutls_compression_method_t
gnutls_compression_get_id (const char* name
);
397 gnutls_cipher_algorithm_t
gnutls_cipher_get_id (const char* name
);
398 gnutls_kx_algorithm_t
gnutls_kx_get_id (const char* name
);
399 gnutls_protocol_t
gnutls_protocol_get_id (const char* name
);
400 gnutls_certificate_type_t
gnutls_certificate_type_get_id (const char* name
);
403 /* list supported algorithms */
404 const gnutls_cipher_algorithm_t
*gnutls_cipher_list (void);
405 const gnutls_mac_algorithm_t
*gnutls_mac_list (void);
406 const gnutls_compression_method_t
*gnutls_compression_list (void);
407 const gnutls_protocol_t
*gnutls_protocol_list (void);
408 const gnutls_certificate_type_t
*gnutls_certificate_type_list (void);
409 const gnutls_kx_algorithm_t
*gnutls_kx_list (void);
410 const char *gnutls_cipher_suite_info (size_t i
,
412 gnutls_kx_algorithm_t
*kx
,
413 gnutls_cipher_algorithm_t
*cipher
,
414 gnutls_mac_algorithm_t
*mac
,
415 gnutls_protocol_t
*version
);
417 /* error functions */
418 int gnutls_error_is_fatal (int error
);
419 int gnutls_error_to_alert (int err
, int *level
);
421 void gnutls_perror (int error
);
422 const char *gnutls_strerror (int error
);
424 /* Semi-internal functions.
426 void gnutls_handshake_set_private_extensions (gnutls_session_t session
,
428 gnutls_handshake_description_t
429 gnutls_handshake_get_last_out (gnutls_session_t session
);
430 gnutls_handshake_description_t
431 gnutls_handshake_get_last_in (gnutls_session_t session
);
433 /* Record layer functions.
435 ssize_t
gnutls_record_send (gnutls_session_t session
, const void *data
,
437 ssize_t
gnutls_record_recv (gnutls_session_t session
, void *data
,
439 #define gnutls_read gnutls_record_recv
440 #define gnutls_write gnutls_record_send
442 void gnutls_session_enable_compatibility_mode (gnutls_session_t session
);
444 void gnutls_record_disable_padding (gnutls_session_t session
);
446 int gnutls_record_get_direction (gnutls_session_t session
);
448 size_t gnutls_record_get_max_size (gnutls_session_t session
);
449 ssize_t
gnutls_record_set_max_size (gnutls_session_t session
, size_t size
);
451 size_t gnutls_record_check_pending (gnutls_session_t session
);
453 int gnutls_prf (gnutls_session_t session
,
454 size_t label_size
, const char *label
,
455 int server_random_first
,
456 size_t extra_size
, const char *extra
,
457 size_t outsize
, char *out
);
459 int gnutls_prf_raw (gnutls_session_t session
,
460 size_t label_size
, const char *label
,
461 size_t seed_size
, const char *seed
,
462 size_t outsize
, char *out
);
469 } gnutls_server_name_type_t
;
471 int gnutls_server_name_set (gnutls_session_t session
,
472 gnutls_server_name_type_t type
,
473 const void *name
, size_t name_length
);
475 int gnutls_server_name_get (gnutls_session_t session
,
476 void *data
, size_t * data_length
,
477 unsigned int *type
, unsigned int indx
);
480 * http://tools.ietf.org/id/draft-rescorla-tls-opaque-prf-input-00.txt
484 gnutls_oprfi_enable_client (gnutls_session_t session
,
486 unsigned char *data
);
488 typedef int (*gnutls_oprfi_callback_func
) (gnutls_session_t session
,
491 const unsigned char *in_oprfi
,
492 unsigned char *out_oprfi
);
495 gnutls_oprfi_enable_server (gnutls_session_t session
,
496 gnutls_oprfi_callback_func cb
,
499 /* Supplemental data, RFC 4680. */
502 GNUTLS_SUPPLEMENTAL_USER_MAPPING_DATA
= 0
503 } gnutls_supplemental_data_format_type_t
;
505 const char *gnutls_supplemental_get_name
506 (gnutls_supplemental_data_format_type_t type
);
508 /* functions to set priority of cipher suites
510 int gnutls_cipher_set_priority (gnutls_session_t session
, const int *list
);
511 int gnutls_mac_set_priority (gnutls_session_t session
, const int *list
);
512 int gnutls_compression_set_priority (gnutls_session_t session
,
514 int gnutls_kx_set_priority (gnutls_session_t session
, const int *list
);
515 int gnutls_protocol_set_priority (gnutls_session_t session
,
517 int gnutls_certificate_type_set_priority (gnutls_session_t session
,
520 /* if you just want some defaults, use the following.
522 int gnutls_priority_init( gnutls_priority_t
*, const char *priority
, const char** err_pos
);
523 void gnutls_priority_deinit( gnutls_priority_t
);
525 int gnutls_priority_set(gnutls_session_t session
, gnutls_priority_t
);
526 int gnutls_priority_set_direct(gnutls_session_t session
, const char *priority
, const char** err_pos
);
530 int gnutls_set_default_priority (gnutls_session_t session
);
531 int gnutls_set_default_export_priority (gnutls_session_t session
);
533 /* Returns the name of a cipher suite */
534 const char *gnutls_cipher_suite_get_name (gnutls_kx_algorithm_t
536 gnutls_cipher_algorithm_t
538 gnutls_mac_algorithm_t
541 /* get the currently used protocol version */
542 gnutls_protocol_t
gnutls_protocol_get_version (gnutls_session_t session
);
544 const char *gnutls_protocol_get_name (gnutls_protocol_t version
);
549 int gnutls_session_set_data (gnutls_session_t session
,
550 const void *session_data
,
551 size_t session_data_size
);
552 int gnutls_session_get_data (gnutls_session_t session
, void *session_data
,
553 size_t * session_data_size
);
554 int gnutls_session_get_data2 (gnutls_session_t session
,
555 gnutls_datum_t
* data
);
557 /* returns the session ID */
558 #define GNUTLS_MAX_SESSION_ID 32
559 int gnutls_session_get_id (gnutls_session_t session
, void *session_id
,
560 size_t * session_id_size
);
562 /* returns security values.
563 * Do not use them unless you know what you're doing.
565 #define TLS_MASTER_SIZE 48
566 #define TLS_RANDOM_SIZE 32
567 const void *gnutls_session_get_server_random (gnutls_session_t session
);
568 const void *gnutls_session_get_client_random (gnutls_session_t session
);
569 const void *gnutls_session_get_master_secret (gnutls_session_t session
);
571 /* checks if this session is a resumed one
573 int gnutls_session_is_resumed (gnutls_session_t session
);
575 typedef int (*gnutls_db_store_func
) (void *, gnutls_datum_t key
,
576 gnutls_datum_t data
);
577 typedef int (*gnutls_db_remove_func
) (void *, gnutls_datum_t key
);
578 typedef gnutls_datum_t (*gnutls_db_retr_func
) (void *, gnutls_datum_t key
);
580 void gnutls_db_set_cache_expiration (gnutls_session_t session
, int seconds
);
582 void gnutls_db_remove_session (gnutls_session_t session
);
583 void gnutls_db_set_retrieve_function (gnutls_session_t session
,
584 gnutls_db_retr_func retr_func
);
585 void gnutls_db_set_remove_function (gnutls_session_t session
,
586 gnutls_db_remove_func rem_func
);
587 void gnutls_db_set_store_function (gnutls_session_t session
,
588 gnutls_db_store_func store_func
);
589 void gnutls_db_set_ptr (gnutls_session_t session
, void *ptr
);
590 void *gnutls_db_get_ptr (gnutls_session_t session
);
591 int gnutls_db_check_entry (gnutls_session_t session
,
592 gnutls_datum_t session_entry
);
594 typedef int (*gnutls_handshake_post_client_hello_func
)(gnutls_session_t
);
595 void gnutls_handshake_set_post_client_hello_function(gnutls_session_t
,
596 gnutls_handshake_post_client_hello_func
);
598 void gnutls_handshake_set_max_packet_length (gnutls_session_t session
,
601 /* returns libgnutls version (call it with a NULL argument)
603 const char *gnutls_check_version (const char *req_version
);
605 /* Functions for setting/clearing credentials
607 void gnutls_credentials_clear (gnutls_session_t session
);
609 /* cred is a structure defined by the kx algorithm
611 int gnutls_credentials_set (gnutls_session_t session
,
612 gnutls_credentials_type_t type
, void *cred
);
613 #define gnutls_cred_set gnutls_credentials_set
615 /* Credential structures - used in gnutls_credentials_set(); */
617 struct gnutls_certificate_credentials_st
;
618 typedef struct gnutls_certificate_credentials_st
619 *gnutls_certificate_credentials_t
;
620 typedef gnutls_certificate_credentials_t
621 gnutls_certificate_server_credentials
;
622 typedef gnutls_certificate_credentials_t
623 gnutls_certificate_client_credentials
;
625 typedef struct gnutls_anon_server_credentials_st
626 *gnutls_anon_server_credentials_t
;
627 typedef struct gnutls_anon_client_credentials_st
628 *gnutls_anon_client_credentials_t
;
630 void gnutls_anon_free_server_credentials (gnutls_anon_server_credentials_t sc
);
631 int gnutls_anon_allocate_server_credentials (gnutls_anon_server_credentials_t
* sc
);
633 void gnutls_anon_set_server_dh_params (gnutls_anon_server_credentials_t res
,
634 gnutls_dh_params_t dh_params
);
637 gnutls_anon_set_server_params_function (gnutls_anon_server_credentials_t
639 gnutls_params_function
* func
);
641 void gnutls_anon_free_client_credentials (gnutls_anon_client_credentials_t
644 gnutls_anon_allocate_client_credentials (gnutls_anon_client_credentials_t
647 /* CERTFILE is an x509 certificate in PEM form.
648 * KEYFILE is a pkcs-1 private key in PEM form (for RSA keys).
650 void gnutls_certificate_free_credentials (gnutls_certificate_credentials_t
653 gnutls_certificate_allocate_credentials (gnutls_certificate_credentials_t
656 void gnutls_certificate_free_keys (gnutls_certificate_credentials_t sc
);
657 void gnutls_certificate_free_cas (gnutls_certificate_credentials_t sc
);
658 void gnutls_certificate_free_ca_names (gnutls_certificate_credentials_t sc
);
659 void gnutls_certificate_free_crls (gnutls_certificate_credentials_t sc
);
661 void gnutls_certificate_set_dh_params (gnutls_certificate_credentials_t res
,
662 gnutls_dh_params_t dh_params
);
664 gnutls_certificate_set_rsa_export_params (gnutls_certificate_credentials_t
666 gnutls_rsa_params_t rsa_params
);
667 void gnutls_certificate_set_verify_flags (gnutls_certificate_credentials_t
668 res
, unsigned int flags
);
669 void gnutls_certificate_set_verify_limits (gnutls_certificate_credentials_t
670 res
, unsigned int max_bits
,
671 unsigned int max_depth
);
673 int gnutls_certificate_set_x509_trust_file (gnutls_certificate_credentials_t
674 res
, const char *CAFILE
,
675 gnutls_x509_crt_fmt_t type
);
676 int gnutls_certificate_set_x509_trust_mem (gnutls_certificate_credentials_t
677 res
, const gnutls_datum_t
* CA
,
678 gnutls_x509_crt_fmt_t type
);
680 int gnutls_certificate_set_x509_crl_file (gnutls_certificate_credentials_t
681 res
, const char *crlfile
,
682 gnutls_x509_crt_fmt_t type
);
683 int gnutls_certificate_set_x509_crl_mem (gnutls_certificate_credentials_t
684 res
, const gnutls_datum_t
* CRL
,
685 gnutls_x509_crt_fmt_t type
);
687 int gnutls_certificate_set_x509_key_file (gnutls_certificate_credentials_t
688 res
, const char *CERTFILE
,
690 gnutls_x509_crt_fmt_t type
);
691 int gnutls_certificate_set_x509_key_mem (gnutls_certificate_credentials_t
692 res
, const gnutls_datum_t
* CERT
,
693 const gnutls_datum_t
* KEY
,
694 gnutls_x509_crt_fmt_t type
);
696 void gnutls_certificate_send_x509_rdn_sequence (gnutls_session_t session
,
701 gnutls_certificate_set_x509_simple_pkcs12_file
702 (gnutls_certificate_credentials_t res
, const char *pkcs12file
,
703 gnutls_x509_crt_fmt_t type
, const char *password
);
705 /* New functions to allow setting already parsed X.509 stuff.
707 struct gnutls_x509_privkey_int
;
708 typedef struct gnutls_x509_privkey_int
*gnutls_x509_privkey_t
;
710 struct gnutls_x509_crl_int
;
711 typedef struct gnutls_x509_crl_int
*gnutls_x509_crl_t
;
713 struct gnutls_x509_crt_int
;
714 typedef struct gnutls_x509_crt_int
*gnutls_x509_crt_t
;
716 struct gnutls_openpgp_keyring_int
;
717 typedef struct gnutls_openpgp_keyring_int
*gnutls_openpgp_keyring_t
;
719 int gnutls_certificate_set_x509_key (gnutls_certificate_credentials_t res
,
720 gnutls_x509_crt_t
* cert_list
,
722 gnutls_x509_privkey_t key
);
723 int gnutls_certificate_set_x509_trust (gnutls_certificate_credentials_t res
,
724 gnutls_x509_crt_t
* ca_list
,
726 int gnutls_certificate_set_x509_crl (gnutls_certificate_credentials_t res
,
727 gnutls_x509_crl_t
* crl_list
,
730 void gnutls_certificate_get_x509_cas (gnutls_certificate_credentials_t sc
,
731 gnutls_x509_crt_t
**x509_ca_list
,
734 void gnutls_certificate_get_x509_crls (gnutls_certificate_credentials_t sc
,
735 gnutls_x509_crl_t
**x509_crl_list
,
736 unsigned int* ncrls
);
738 void gnutls_certificate_get_openpgp_keyring (gnutls_certificate_credentials_t sc
,
739 gnutls_openpgp_keyring_t
*keyring
);
741 /* global state functions
743 int gnutls_global_init (void);
744 void gnutls_global_deinit (void);
746 typedef void *(*gnutls_alloc_function
) (size_t);
747 typedef void *(*gnutls_calloc_function
) (size_t, size_t);
748 typedef int (*gnutls_is_secure_function
) (const void *);
749 typedef void (*gnutls_free_function
) (void *);
750 typedef void *(*gnutls_realloc_function
) (void *, size_t);
753 gnutls_global_set_mem_functions (gnutls_alloc_function gt_alloc_func
,
754 gnutls_alloc_function
755 gt_secure_alloc_func
,
756 gnutls_is_secure_function
758 gnutls_realloc_function gt_realloc_func
,
759 gnutls_free_function gt_free_func
);
761 /* For use in callbacks */
762 extern gnutls_alloc_function gnutls_malloc
;
763 extern gnutls_alloc_function gnutls_secure_malloc
;
764 extern gnutls_realloc_function gnutls_realloc
;
765 extern gnutls_calloc_function gnutls_calloc
;
766 extern gnutls_free_function gnutls_free
;
768 extern char *(*gnutls_strdup
) (const char *);
770 typedef void (*gnutls_log_func
) (int, const char *);
771 void gnutls_global_set_log_function (gnutls_log_func log_func
);
772 void gnutls_global_set_log_level (int level
);
774 /* Diffie Hellman parameter handling.
776 int gnutls_dh_params_init (gnutls_dh_params_t
* dh_params
);
777 void gnutls_dh_params_deinit (gnutls_dh_params_t dh_params
);
778 int gnutls_dh_params_import_raw (gnutls_dh_params_t dh_params
,
779 const gnutls_datum_t
* prime
,
780 const gnutls_datum_t
* generator
);
781 int gnutls_dh_params_import_pkcs3 (gnutls_dh_params_t params
,
782 const gnutls_datum_t
* pkcs3_params
,
783 gnutls_x509_crt_fmt_t format
);
784 int gnutls_dh_params_generate2 (gnutls_dh_params_t params
,
786 int gnutls_dh_params_export_pkcs3 (gnutls_dh_params_t params
,
787 gnutls_x509_crt_fmt_t format
,
788 unsigned char *params_data
,
789 size_t * params_data_size
);
790 int gnutls_dh_params_export_raw (gnutls_dh_params_t params
,
791 gnutls_datum_t
* prime
,
792 gnutls_datum_t
* generator
,
794 int gnutls_dh_params_cpy (gnutls_dh_params_t dst
, gnutls_dh_params_t src
);
799 int gnutls_rsa_params_init (gnutls_rsa_params_t
* rsa_params
);
800 void gnutls_rsa_params_deinit (gnutls_rsa_params_t rsa_params
);
801 int gnutls_rsa_params_cpy (gnutls_rsa_params_t dst
,
802 gnutls_rsa_params_t src
);
803 int gnutls_rsa_params_import_raw (gnutls_rsa_params_t rsa_params
,
804 const gnutls_datum_t
* m
,
805 const gnutls_datum_t
* e
,
806 const gnutls_datum_t
* d
,
807 const gnutls_datum_t
* p
,
808 const gnutls_datum_t
* q
,
809 const gnutls_datum_t
* u
);
810 int gnutls_rsa_params_generate2 (gnutls_rsa_params_t params
,
812 int gnutls_rsa_params_export_raw (gnutls_rsa_params_t params
,
813 gnutls_datum_t
* m
, gnutls_datum_t
* e
,
814 gnutls_datum_t
* d
, gnutls_datum_t
* p
,
815 gnutls_datum_t
* q
, gnutls_datum_t
* u
,
817 int gnutls_rsa_params_export_pkcs1 (gnutls_rsa_params_t params
,
818 gnutls_x509_crt_fmt_t format
,
819 unsigned char *params_data
,
820 size_t * params_data_size
);
821 int gnutls_rsa_params_import_pkcs1 (gnutls_rsa_params_t params
,
822 const gnutls_datum_t
* pkcs1_params
,
823 gnutls_x509_crt_fmt_t format
);
827 typedef ssize_t (*gnutls_pull_func
) (gnutls_transport_ptr_t
, void *,
829 typedef ssize_t (*gnutls_push_func
) (gnutls_transport_ptr_t
, const void *,
831 void gnutls_transport_set_ptr (gnutls_session_t session
,
832 gnutls_transport_ptr_t ptr
);
833 void gnutls_transport_set_ptr2 (gnutls_session_t session
,
834 gnutls_transport_ptr_t recv_ptr
,
835 gnutls_transport_ptr_t send_ptr
);
837 gnutls_transport_ptr_t
gnutls_transport_get_ptr (gnutls_session_t session
);
838 void gnutls_transport_get_ptr2 (gnutls_session_t session
,
839 gnutls_transport_ptr_t
* recv_ptr
,
840 gnutls_transport_ptr_t
* send_ptr
);
842 void gnutls_transport_set_lowat (gnutls_session_t session
, int num
);
845 void gnutls_transport_set_push_function (gnutls_session_t session
,
846 gnutls_push_func push_func
);
847 void gnutls_transport_set_pull_function (gnutls_session_t session
,
848 gnutls_pull_func pull_func
);
850 void gnutls_transport_set_errno (gnutls_session_t session
, int err
);
851 void gnutls_transport_set_global_errno (int err
);
855 void gnutls_session_set_ptr (gnutls_session_t session
, void *ptr
);
856 void *gnutls_session_get_ptr (gnutls_session_t session
);
858 void gnutls_openpgp_send_cert (gnutls_session_t session
,
859 gnutls_openpgp_crt_status_t status
);
862 * Actually this function returns the hash of the given data.
864 int gnutls_fingerprint (gnutls_digest_algorithm_t algo
,
865 const gnutls_datum_t
* data
, void *result
,
866 size_t * result_size
);
872 typedef struct gnutls_srp_server_credentials_st
873 *gnutls_srp_server_credentials_t
;
874 typedef struct gnutls_srp_client_credentials_st
875 *gnutls_srp_client_credentials_t
;
877 void gnutls_srp_free_client_credentials (gnutls_srp_client_credentials_t
879 int gnutls_srp_allocate_client_credentials (gnutls_srp_client_credentials_t
881 int gnutls_srp_set_client_credentials (gnutls_srp_client_credentials_t res
,
882 const char *username
, const char *password
);
884 void gnutls_srp_free_server_credentials (gnutls_srp_server_credentials_t
886 int gnutls_srp_allocate_server_credentials (gnutls_srp_server_credentials_t
888 int gnutls_srp_set_server_credentials_file (gnutls_srp_server_credentials_t
889 res
, const char *password_file
,
890 const char *password_conf_file
);
892 const char *gnutls_srp_server_get_username (gnutls_session_t session
);
894 extern int gnutls_srp_verifier (const char *username
,
895 const char *password
,
896 const gnutls_datum_t
* salt
,
897 const gnutls_datum_t
* generator
,
898 const gnutls_datum_t
* prime
,
899 gnutls_datum_t
* res
);
901 /* The static parameters defined in draft-ietf-tls-srp-05
902 * Those should be used as input to gnutls_srp_verifier().
904 extern const gnutls_datum_t gnutls_srp_2048_group_prime
;
905 extern const gnutls_datum_t gnutls_srp_2048_group_generator
;
907 extern const gnutls_datum_t gnutls_srp_1536_group_prime
;
908 extern const gnutls_datum_t gnutls_srp_1536_group_generator
;
910 extern const gnutls_datum_t gnutls_srp_1024_group_prime
;
911 extern const gnutls_datum_t gnutls_srp_1024_group_generator
;
913 typedef int gnutls_srp_server_credentials_function (gnutls_session_t
,
914 const char *username
,
915 gnutls_datum_t
* salt
,
920 gnutls_datum_t
* prime
);
922 gnutls_srp_set_server_credentials_function
923 (gnutls_srp_server_credentials_t cred
,
924 gnutls_srp_server_credentials_function
* func
);
926 typedef int gnutls_srp_client_credentials_function (gnutls_session_t
,
929 gnutls_srp_set_client_credentials_function
930 (gnutls_srp_client_credentials_t cred
,
931 gnutls_srp_client_credentials_function
* func
);
933 int gnutls_srp_base64_encode (const gnutls_datum_t
* data
, char *result
,
934 size_t * result_size
);
935 int gnutls_srp_base64_encode_alloc (const gnutls_datum_t
* data
,
936 gnutls_datum_t
* result
);
938 int gnutls_srp_base64_decode (const gnutls_datum_t
* b64_data
, char *result
,
939 size_t * result_size
);
940 int gnutls_srp_base64_decode_alloc (const gnutls_datum_t
* b64_data
,
941 gnutls_datum_t
* result
);
944 typedef struct gnutls_psk_server_credentials_st
945 *gnutls_psk_server_credentials_t
;
946 typedef struct gnutls_psk_client_credentials_st
947 *gnutls_psk_client_credentials_t
;
949 typedef enum gnutls_psk_key_flags
951 GNUTLS_PSK_KEY_RAW
= 0,
953 } gnutls_psk_key_flags
;
955 void gnutls_psk_free_client_credentials (gnutls_psk_client_credentials_t
957 int gnutls_psk_allocate_client_credentials (gnutls_psk_client_credentials_t
959 int gnutls_psk_set_client_credentials (gnutls_psk_client_credentials_t res
,
960 const char *username
,
961 const gnutls_datum_t
* key
,
962 gnutls_psk_key_flags format
);
964 void gnutls_psk_free_server_credentials (gnutls_psk_server_credentials_t
966 int gnutls_psk_allocate_server_credentials (gnutls_psk_server_credentials_t
968 int gnutls_psk_set_server_credentials_file (gnutls_psk_server_credentials_t
969 res
, const char *password_file
);
971 const char *gnutls_psk_server_get_username (gnutls_session_t session
);
972 const char *gnutls_psk_client_get_hint (gnutls_session_t session
);
974 typedef int gnutls_psk_server_credentials_function (gnutls_session_t
,
975 const char *username
,
976 gnutls_datum_t
* key
);
978 gnutls_psk_set_server_credentials_function
979 (gnutls_psk_server_credentials_t cred
,
980 gnutls_psk_server_credentials_function
* func
);
982 typedef int gnutls_psk_client_credentials_function (gnutls_session_t
,
984 gnutls_datum_t
* key
);
986 gnutls_psk_set_client_credentials_function
987 (gnutls_psk_client_credentials_t cred
,
988 gnutls_psk_client_credentials_function
* func
);
990 int gnutls_hex_encode (const gnutls_datum_t
* data
, char *result
,
991 size_t * result_size
);
992 int gnutls_hex_decode (const gnutls_datum_t
* hex_data
, char *result
,
993 size_t * result_size
);
995 void gnutls_psk_set_server_dh_params (gnutls_psk_server_credentials_t res
,
996 gnutls_dh_params_t dh_params
);
998 void gnutls_psk_set_server_params_function (gnutls_psk_server_credentials_t
1000 gnutls_params_function
* func
);
1002 int gnutls_psk_netconf_derive_key (const char *password
,
1003 const char *psk_identity
,
1004 const char *psk_identity_hint
,
1005 gnutls_datum_t
*output_key
);
1008 typedef enum gnutls_x509_subject_alt_name_t
1010 GNUTLS_SAN_DNSNAME
= 1,
1011 GNUTLS_SAN_RFC822NAME
,
1013 GNUTLS_SAN_IPADDRESS
,
1014 GNUTLS_SAN_OTHERNAME
,
1016 /* The following are "virtual" subject alternative name types, in
1017 that they are represented by an otherName value and an OID.
1018 Used by gnutls_x509_crt_get_subject_alt_othername_oid(). */
1019 GNUTLS_SAN_OTHERNAME_XMPP
= 1000
1020 } gnutls_x509_subject_alt_name_t
;
1022 struct gnutls_openpgp_crt_int
;
1023 typedef struct gnutls_openpgp_crt_int
*gnutls_openpgp_crt_t
;
1025 struct gnutls_openpgp_privkey_int
;
1026 typedef struct gnutls_openpgp_privkey_int
*gnutls_openpgp_privkey_t
;
1028 typedef struct gnutls_retr_st
1030 gnutls_certificate_type_t type
;
1033 gnutls_x509_crt_t
*x509
;
1034 gnutls_openpgp_crt_t pgp
;
1036 unsigned int ncerts
; /* one for pgp keys */
1040 gnutls_x509_privkey_t x509
;
1041 gnutls_openpgp_privkey_t pgp
;
1044 unsigned int deinit_all
; /* if non zero all keys will be deinited */
1047 typedef int gnutls_certificate_client_retrieve_function (gnutls_session_t
,
1053 gnutls_pk_algorithm_t
1058 typedef int gnutls_certificate_server_retrieve_function (gnutls_session_t
,
1062 /* Functions that allow auth_info_t structures handling
1065 gnutls_credentials_type_t
gnutls_auth_get_type (gnutls_session_t session
);
1066 gnutls_credentials_type_t
1067 gnutls_auth_server_get_type (gnutls_session_t session
);
1068 gnutls_credentials_type_t
1069 gnutls_auth_client_get_type (gnutls_session_t session
);
1073 void gnutls_dh_set_prime_bits (gnutls_session_t session
, unsigned int bits
);
1074 int gnutls_dh_get_secret_bits (gnutls_session_t session
);
1075 int gnutls_dh_get_peers_public_bits (gnutls_session_t session
);
1076 int gnutls_dh_get_prime_bits (gnutls_session_t session
);
1078 int gnutls_dh_get_group (gnutls_session_t session
, gnutls_datum_t
* raw_gen
,
1079 gnutls_datum_t
* raw_prime
);
1080 int gnutls_dh_get_pubkey (gnutls_session_t session
,
1081 gnutls_datum_t
* raw_key
);
1084 int gnutls_rsa_export_get_pubkey (gnutls_session_t session
,
1085 gnutls_datum_t
* exponent
,
1086 gnutls_datum_t
* modulus
);
1087 int gnutls_rsa_export_get_modulus_bits (gnutls_session_t session
);
1091 /* External signing callback. Experimental. */
1092 typedef int (*gnutls_sign_func
) (gnutls_session_t session
,
1094 gnutls_certificate_type_t cert_type
,
1095 const gnutls_datum_t
* cert
,
1096 const gnutls_datum_t
* hash
,
1097 gnutls_datum_t
* signature
);
1099 void gnutls_sign_callback_set (gnutls_session_t session
,
1100 gnutls_sign_func sign_func
,
1103 gnutls_sign_callback_get (gnutls_session_t session
,
1106 /* These are set on the credentials structure.
1108 void gnutls_certificate_client_set_retrieve_function
1109 (gnutls_certificate_credentials_t cred
,
1110 gnutls_certificate_client_retrieve_function
* func
);
1111 void gnutls_certificate_server_set_retrieve_function
1112 (gnutls_certificate_credentials_t cred
,
1113 gnutls_certificate_server_retrieve_function
* func
);
1115 void gnutls_certificate_server_set_request (gnutls_session_t session
,
1116 gnutls_certificate_request_t
1119 /* get data from the session
1121 const gnutls_datum_t
*gnutls_certificate_get_peers (gnutls_session_t
1125 const gnutls_datum_t
*gnutls_certificate_get_ours (gnutls_session_t
1128 time_t gnutls_certificate_activation_time_peers (gnutls_session_t session
);
1129 time_t gnutls_certificate_expiration_time_peers (gnutls_session_t session
);
1131 int gnutls_certificate_client_get_request_status (gnutls_session_t session
);
1132 int gnutls_certificate_verify_peers2 (gnutls_session_t session
,
1133 unsigned int *status
);
1135 /* this is obsolete (?). */
1136 int gnutls_certificate_verify_peers (gnutls_session_t session
);
1138 int gnutls_pem_base64_encode (const char *msg
, const gnutls_datum_t
* data
,
1139 char *result
, size_t * result_size
);
1140 int gnutls_pem_base64_decode (const char *header
,
1141 const gnutls_datum_t
* b64_data
,
1142 unsigned char *result
, size_t * result_size
);
1144 int gnutls_pem_base64_encode_alloc (const char *msg
,
1145 const gnutls_datum_t
* data
,
1146 gnutls_datum_t
* result
);
1147 int gnutls_pem_base64_decode_alloc (const char *header
,
1148 const gnutls_datum_t
* b64_data
,
1149 gnutls_datum_t
* result
);
1151 /* key_usage will be an OR of the following values:
1154 /* when the key is to be used for signing: */
1155 #define GNUTLS_KEY_DIGITAL_SIGNATURE 128
1156 #define GNUTLS_KEY_NON_REPUDIATION 64
1157 /* when the key is to be used for encryption: */
1158 #define GNUTLS_KEY_KEY_ENCIPHERMENT 32
1159 #define GNUTLS_KEY_DATA_ENCIPHERMENT 16
1160 #define GNUTLS_KEY_KEY_AGREEMENT 8
1161 #define GNUTLS_KEY_KEY_CERT_SIGN 4
1162 #define GNUTLS_KEY_CRL_SIGN 2
1163 #define GNUTLS_KEY_ENCIPHER_ONLY 1
1164 #define GNUTLS_KEY_DECIPHER_ONLY 32768
1167 gnutls_certificate_set_params_function (gnutls_certificate_credentials_t res
,
1168 gnutls_params_function
* func
);
1169 void gnutls_anon_set_params_function (gnutls_anon_server_credentials_t res
,
1170 gnutls_params_function
* func
);
1171 void gnutls_psk_set_params_function (gnutls_psk_server_credentials_t res
,
1172 gnutls_params_function
* func
);
1174 int gnutls_hex2bin (const char * hex_data
, size_t hex_size
,
1175 char * bin_data
, size_t * bin_size
);
1177 /* Gnutls error codes. The mapping to a TLS alert is also shown in
1181 #define GNUTLS_E_SUCCESS 0
1182 #define GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM -3
1183 #define GNUTLS_E_UNKNOWN_CIPHER_TYPE -6
1184 #define GNUTLS_E_LARGE_PACKET -7
1185 #define GNUTLS_E_UNSUPPORTED_VERSION_PACKET -8 /* GNUTLS_A_PROTOCOL_VERSION */
1186 #define GNUTLS_E_UNEXPECTED_PACKET_LENGTH -9 /* GNUTLS_A_RECORD_OVERFLOW */
1187 #define GNUTLS_E_INVALID_SESSION -10
1188 #define GNUTLS_E_FATAL_ALERT_RECEIVED -12
1189 #define GNUTLS_E_UNEXPECTED_PACKET -15 /* GNUTLS_A_UNEXPECTED_MESSAGE */
1190 #define GNUTLS_E_WARNING_ALERT_RECEIVED -16
1191 #define GNUTLS_E_ERROR_IN_FINISHED_PACKET -18
1192 #define GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET -19
1193 #define GNUTLS_E_UNKNOWN_CIPHER_SUITE -21 /* GNUTLS_A_HANDSHAKE_FAILURE */
1194 #define GNUTLS_E_UNWANTED_ALGORITHM -22
1195 #define GNUTLS_E_MPI_SCAN_FAILED -23
1196 #define GNUTLS_E_DECRYPTION_FAILED -24 /* GNUTLS_A_DECRYPTION_FAILED, GNUTLS_A_BAD_RECORD_MAC */
1197 #define GNUTLS_E_MEMORY_ERROR -25
1198 #define GNUTLS_E_DECOMPRESSION_FAILED -26 /* GNUTLS_A_DECOMPRESSION_FAILURE */
1199 #define GNUTLS_E_COMPRESSION_FAILED -27
1200 #define GNUTLS_E_AGAIN -28
1201 #define GNUTLS_E_EXPIRED -29
1202 #define GNUTLS_E_DB_ERROR -30
1203 #define GNUTLS_E_SRP_PWD_ERROR -31
1204 #define GNUTLS_E_INSUFFICIENT_CREDENTIALS -32
1205 #define GNUTLS_E_INSUFICIENT_CREDENTIALS GNUTLS_E_INSUFFICIENT_CREDENTIALS /* for backwards compatibility only */
1206 #define GNUTLS_E_INSUFFICIENT_CRED GNUTLS_E_INSUFFICIENT_CREDENTIALS
1207 #define GNUTLS_E_INSUFICIENT_CRED GNUTLS_E_INSUFFICIENT_CREDENTIALS /* for backwards compatibility only */
1209 #define GNUTLS_E_HASH_FAILED -33
1210 #define GNUTLS_E_BASE64_DECODING_ERROR -34
1212 #define GNUTLS_E_MPI_PRINT_FAILED -35
1213 #define GNUTLS_E_REHANDSHAKE -37 /* GNUTLS_A_NO_RENEGOTIATION */
1214 #define GNUTLS_E_GOT_APPLICATION_DATA -38
1215 #define GNUTLS_E_RECORD_LIMIT_REACHED -39
1216 #define GNUTLS_E_ENCRYPTION_FAILED -40
1218 #define GNUTLS_E_PK_ENCRYPTION_FAILED -44
1219 #define GNUTLS_E_PK_DECRYPTION_FAILED -45
1220 #define GNUTLS_E_PK_SIGN_FAILED -46
1221 #define GNUTLS_E_X509_UNSUPPORTED_CRITICAL_EXTENSION -47
1222 #define GNUTLS_E_KEY_USAGE_VIOLATION -48
1223 #define GNUTLS_E_NO_CERTIFICATE_FOUND -49 /* GNUTLS_A_BAD_CERTIFICATE */
1224 #define GNUTLS_E_INVALID_REQUEST -50
1225 #define GNUTLS_E_SHORT_MEMORY_BUFFER -51
1226 #define GNUTLS_E_INTERRUPTED -52
1227 #define GNUTLS_E_PUSH_ERROR -53
1228 #define GNUTLS_E_PULL_ERROR -54
1229 #define GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER -55 /* GNUTLS_A_ILLEGAL_PARAMETER */
1230 #define GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE -56
1231 #define GNUTLS_E_PKCS1_WRONG_PAD -57
1232 #define GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION -58
1233 #define GNUTLS_E_INTERNAL_ERROR -59
1234 #define GNUTLS_E_DH_PRIME_UNACCEPTABLE -63
1235 #define GNUTLS_E_FILE_ERROR -64
1236 #define GNUTLS_E_TOO_MANY_EMPTY_PACKETS -78
1237 #define GNUTLS_E_UNKNOWN_PK_ALGORITHM -80
1240 /* returned if libextra functionality was requested but
1241 * gnutls_global_init_extra() was not called.
1243 #define GNUTLS_E_INIT_LIBEXTRA -82
1244 #define GNUTLS_E_LIBRARY_VERSION_MISMATCH -83
1247 /* returned if you need to generate temporary RSA
1248 * parameters. These are needed for export cipher suites.
1250 #define GNUTLS_E_NO_TEMPORARY_RSA_PARAMS -84
1252 #define GNUTLS_E_LZO_INIT_FAILED -85
1253 #define GNUTLS_E_NO_COMPRESSION_ALGORITHMS -86
1254 #define GNUTLS_E_NO_CIPHER_SUITES -87
1256 #define GNUTLS_E_OPENPGP_GETKEY_FAILED -88
1257 #define GNUTLS_E_PK_SIG_VERIFY_FAILED -89
1259 #define GNUTLS_E_ILLEGAL_SRP_USERNAME -90
1260 #define GNUTLS_E_SRP_PWD_PARSING_ERROR -91
1261 #define GNUTLS_E_NO_TEMPORARY_DH_PARAMS -93
1263 /* For certificate and key stuff
1265 #define GNUTLS_E_ASN1_ELEMENT_NOT_FOUND -67
1266 #define GNUTLS_E_ASN1_IDENTIFIER_NOT_FOUND -68
1267 #define GNUTLS_E_ASN1_DER_ERROR -69
1268 #define GNUTLS_E_ASN1_VALUE_NOT_FOUND -70
1269 #define GNUTLS_E_ASN1_GENERIC_ERROR -71
1270 #define GNUTLS_E_ASN1_VALUE_NOT_VALID -72
1271 #define GNUTLS_E_ASN1_TAG_ERROR -73
1272 #define GNUTLS_E_ASN1_TAG_IMPLICIT -74
1273 #define GNUTLS_E_ASN1_TYPE_ANY_ERROR -75
1274 #define GNUTLS_E_ASN1_SYNTAX_ERROR -76
1275 #define GNUTLS_E_ASN1_DER_OVERFLOW -77
1276 #define GNUTLS_E_OPENPGP_UID_REVOKED -79
1277 #define GNUTLS_E_CERTIFICATE_ERROR -43
1278 #define GNUTLS_E_X509_CERTIFICATE_ERROR GNUTLS_E_CERTIFICATE_ERROR
1279 #define GNUTLS_E_CERTIFICATE_KEY_MISMATCH -60
1280 #define GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE -61 /* GNUTLS_A_UNSUPPORTED_CERTIFICATE */
1281 #define GNUTLS_E_X509_UNKNOWN_SAN -62
1282 #define GNUTLS_E_OPENPGP_FINGERPRINT_UNSUPPORTED -94
1283 #define GNUTLS_E_X509_UNSUPPORTED_ATTRIBUTE -95
1284 #define GNUTLS_E_UNKNOWN_HASH_ALGORITHM -96
1285 #define GNUTLS_E_UNKNOWN_PKCS_CONTENT_TYPE -97
1286 #define GNUTLS_E_UNKNOWN_PKCS_BAG_TYPE -98
1287 #define GNUTLS_E_INVALID_PASSWORD -99
1288 #define GNUTLS_E_MAC_VERIFY_FAILED -100 /* for PKCS #12 MAC */
1289 #define GNUTLS_E_CONSTRAINT_ERROR -101
1291 #define GNUTLS_E_WARNING_IA_IPHF_RECEIVED -102
1292 #define GNUTLS_E_WARNING_IA_FPHF_RECEIVED -103
1294 #define GNUTLS_E_IA_VERIFY_FAILED -104
1296 #define GNUTLS_E_UNKNOWN_ALGORITHM -105
1298 #define GNUTLS_E_BASE64_ENCODING_ERROR -201
1299 #define GNUTLS_E_INCOMPATIBLE_GCRYPT_LIBRARY -202 /* obsolete */
1300 #define GNUTLS_E_INCOMPATIBLE_CRYPTO_LIBRARY -202
1301 #define GNUTLS_E_INCOMPATIBLE_LIBTASN1_LIBRARY -203
1303 #define GNUTLS_E_OPENPGP_KEYRING_ERROR -204
1304 #define GNUTLS_E_X509_UNSUPPORTED_OID -205
1306 #define GNUTLS_E_RANDOM_FAILED -206
1307 #define GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR -207
1309 #define GNUTLS_E_OPENPGP_SUBKEY_ERROR -208
1311 #define GNUTLS_E_CRYPTO_ALREADY_REGISTERED -209
1313 #define GNUTLS_E_UNIMPLEMENTED_FEATURE -1250
1315 #define GNUTLS_E_APPLICATION_ERROR_MAX -65000
1316 #define GNUTLS_E_APPLICATION_ERROR_MIN -65500
1322 #endif /* GNUTLS_H */