lib/gnutls_ui.h

   1 #ifndef GNUTLS_UI_H
   2 # define GNUTLS_UI_H
   3
   4
   5 /* Extra definitions */
   6
   7 #define GNUTLS_X509_CN_SIZE 256
   8 #define GNUTLS_X509_C_SIZE 3
   9 #define GNUTLS_X509_O_SIZE 256
  10 #define GNUTLS_X509_OU_SIZE 256
  11 #define GNUTLS_X509_L_SIZE 256
  12 #define GNUTLS_X509_S_SIZE 256
  13 #define GNUTLS_X509_EMAIL_SIZE 256
  14
  15 typedef struct {
  16         char common_name[GNUTLS_X509_CN_SIZE];
  17         char country[GNUTLS_X509_C_SIZE];
  18         char organization[GNUTLS_X509_O_SIZE];
  19         char organizational_unit_name[GNUTLS_X509_OU_SIZE];
  20         char locality_name[GNUTLS_X509_L_SIZE];
  21         char state_or_province_name[GNUTLS_X509_S_SIZE];
  22         char email[GNUTLS_X509_EMAIL_SIZE];
  23 } gnutls_x509_dn;
  24 #define gnutls_DN gnutls_x509_dn
  25
  26 typedef struct {
  27         char name[GNUTLS_X509_CN_SIZE];
  28         char email[GNUTLS_X509_CN_SIZE];
  29 } gnutls_openpgp_name;
  30
  31 typedef enum GNUTLS_X509_SUBJECT_ALT_NAME {
  32         GNUTLS_SAN_DNSNAME=1, GNUTLS_SAN_RFC822NAME,
  33         GNUTLS_SAN_URI, GNUTLS_SAN_IPADDRESS
  34 } GNUTLS_X509_SUBJECT_ALT_NAME;
  35
  36 /* For key Usage, test as:
  37  * if (st.keyUsage & X509KEY_DIGITAL_SIGNATURE) ...
  38  */
  39 #define GNUTLS_X509KEY_DIGITAL_SIGNATURE        256
  40 #define GNUTLS_X509KEY_NON_REPUDIATION          128
  41 #define GNUTLS_X509KEY_KEY_ENCIPHERMENT         64
  42 #define GNUTLS_X509KEY_DATA_ENCIPHERMENT        32
  43 #define GNUTLS_X509KEY_KEY_AGREEMENT            16
  44 #define GNUTLS_X509KEY_KEY_CERT_SIGN            8
  45 #define GNUTLS_X509KEY_CRL_SIGN                 4
  46 #define GNUTLS_X509KEY_ENCIPHER_ONLY            2
  47 #define GNUTLS_X509KEY_DECIPHER_ONLY            1
  48
  49
  50 # ifdef LIBGNUTLS_VERSION /* These are defined only in gnutls.h */
  51
  52 typedef int gnutls_certificate_client_select_func(GNUTLS_STATE, const gnutls_datum *, int, const gnutls_datum *, int);
  53 typedef int gnutls_certificate_server_select_func(GNUTLS_STATE, const gnutls_datum *, int);
  54
  55 typedef int gnutls_srp_server_select_func(GNUTLS_STATE, char **, char**, int);
  56
  57 /* Functions that allow AUTH_INFO structures handling
  58  */
  59
  60 GNUTLS_CredType gnutls_auth_get_type( GNUTLS_STATE state);
  61
  62 /* SRP */
  63
  64 const char* gnutls_srp_server_get_username( GNUTLS_STATE state);
  65
  66 void gnutls_srp_server_set_select_func( GNUTLS_STATE, gnutls_srp_server_select_func *);
  67
  68 /* DH */
  69
  70 void gnutls_dh_set_prime_bits( GNUTLS_STATE state, int bits);
  71 int gnutls_dh_get_prime_bits( GNUTLS_STATE);
  72 int gnutls_dh_get_secret_bits( GNUTLS_STATE);
  73 int gnutls_dh_get_peers_public_bits( GNUTLS_STATE);
  74
  75 /* X509PKI */
  76
  77 void gnutls_certificate_client_set_select_func( GNUTLS_STATE, gnutls_certificate_client_select_func *);
  78 void gnutls_certificate_server_set_select_func( GNUTLS_STATE, gnutls_certificate_server_select_func *);
  79
  80 void gnutls_certificate_server_set_request( GNUTLS_STATE, GNUTLS_CertificateRequest);
  81
  82 /* X.509 certificate handling functions */
  83 int gnutls_x509_extract_dn( const gnutls_datum*, gnutls_x509_dn*);
  84 int gnutls_x509_extract_certificate_dn( const gnutls_datum*, gnutls_x509_dn*);
  85 int gnutls_x509_extract_certificate_issuer_dn(  const gnutls_datum*, gnutls_x509_dn *);
  86 int gnutls_x509_extract_certificate_version( const gnutls_datum*);
  87 int gnutls_x509_extract_certificate_serial(const gnutls_datum * cert, char* result, int* result_size);
  88 time_t gnutls_x509_extract_certificate_activation_time( const gnutls_datum*);
  89 time_t gnutls_x509_extract_certificate_expiration_time( const gnutls_datum*);
  90 int gnutls_x509_extract_certificate_subject_alt_name( const gnutls_datum*, int seq, char*, int*);
  91 int gnutls_x509_pkcs7_extract_certificate(const gnutls_datum * pkcs7_struct, int indx, char* certificate, int* certificate_size);
  92 int gnutls_x509_extract_certificate_pk_algorithm( const gnutls_datum * cert, int* bits);
  93
  94 int gnutls_x509_verify_certificate( const gnutls_datum* cert_list, int cert_list_length, const gnutls_datum * CA_list, int CA_list_length, const gnutls_datum* CRL_list, int CRL_list_length);
  95
  96 /* Openpgp certificate stuff */
  97 int gnutls_openpgp_extract_key_name( const gnutls_datum *cert,
  98                                  int idx,
  99                                  gnutls_openpgp_name *dn );
 100
 101 int gnutls_openpgp_extract_key_pk_algorithm(const gnutls_datum *cert,
 102                                             int *r_bits);
 103
 104 int gnutls_openpgp_extract_key_version( const gnutls_datum *cert );
 105
 106 time_t gnutls_openpgp_extract_key_creation_time( const gnutls_datum *cert );
 107 time_t gnutls_openpgp_extract_key_expiration_time( const gnutls_datum *cert );
 108
 109 int gnutls_openpgp_verify_key( const gnutls_datum* keyring,
 110         const gnutls_datum* key_list,
 111         int key_list_length);
 112
 113 /* get data from the state */
 114 const gnutls_datum* gnutls_certificate_get_peers( GNUTLS_STATE, int* list_size);
 115 const gnutls_datum *gnutls_certificate_get_ours( GNUTLS_STATE state);
 116
 117 time_t gnutls_certificate_activation_time_peers(GNUTLS_STATE state);
 118 time_t gnutls_certificate_expiration_time_peers(GNUTLS_STATE state);
 119
 120 int gnutls_certificate_client_get_request_status(  GNUTLS_STATE);
 121 int gnutls_certificate_verify_peers( GNUTLS_STATE);
 122
 123 int gnutls_b64_encode_fmt( const char* msg, const gnutls_datum *data, char* result, int* result_size);
 124 int gnutls_b64_decode_fmt( const gnutls_datum *b64_data, char* result, int* result_size);
 125
 126 # endif /* LIBGNUTLS_VERSION */
 127
 128 #endif /* GNUTLS_UI_H */