5 /* Extra definitions */
7 #define GNUTLS_X509_CN_SIZE 256
8 #define GNUTLS_X509_C_SIZE 3
9 #define GNUTLS_X509_O_SIZE 256
10 #define GNUTLS_X509_OU_SIZE 256
11 #define GNUTLS_X509_L_SIZE 256
12 #define GNUTLS_X509_S_SIZE 256
13 #define GNUTLS_X509_EMAIL_SIZE 256
16 char common_name
[GNUTLS_X509_CN_SIZE
];
17 char country
[GNUTLS_X509_C_SIZE
];
18 char organization
[GNUTLS_X509_O_SIZE
];
19 char organizational_unit_name
[GNUTLS_X509_OU_SIZE
];
20 char locality_name
[GNUTLS_X509_L_SIZE
];
21 char state_or_province_name
[GNUTLS_X509_S_SIZE
];
22 char email
[GNUTLS_X509_EMAIL_SIZE
];
24 #define gnutls_DN gnutls_x509_dn
27 char name
[GNUTLS_X509_CN_SIZE
];
28 char email
[GNUTLS_X509_CN_SIZE
];
29 } gnutls_openpgp_name
;
31 typedef enum GNUTLS_X509_SUBJECT_ALT_NAME
{
32 GNUTLS_SAN_DNSNAME
=1, GNUTLS_SAN_RFC822NAME
,
33 GNUTLS_SAN_URI
, GNUTLS_SAN_IPADDRESS
34 } GNUTLS_X509_SUBJECT_ALT_NAME
;
36 /* For key Usage, test as:
37 * if (st.keyUsage & X509KEY_DIGITAL_SIGNATURE) ...
39 #define GNUTLS_X509KEY_DIGITAL_SIGNATURE 256
40 #define GNUTLS_X509KEY_NON_REPUDIATION 128
41 #define GNUTLS_X509KEY_KEY_ENCIPHERMENT 64
42 #define GNUTLS_X509KEY_DATA_ENCIPHERMENT 32
43 #define GNUTLS_X509KEY_KEY_AGREEMENT 16
44 #define GNUTLS_X509KEY_KEY_CERT_SIGN 8
45 #define GNUTLS_X509KEY_CRL_SIGN 4
46 #define GNUTLS_X509KEY_ENCIPHER_ONLY 2
47 #define GNUTLS_X509KEY_DECIPHER_ONLY 1
50 # ifdef LIBGNUTLS_VERSION /* These are defined only in gnutls.h */
52 typedef int gnutls_certificate_client_select_func(GNUTLS_STATE
, const gnutls_datum
*, int, const gnutls_datum
*, int);
53 typedef int gnutls_certificate_server_select_func(GNUTLS_STATE
, const gnutls_datum
*, int);
55 typedef int gnutls_srp_server_select_func(GNUTLS_STATE
, char **, char**, int);
57 /* Functions that allow AUTH_INFO structures handling
60 GNUTLS_CredType
gnutls_auth_get_type( GNUTLS_STATE state
);
64 const char* gnutls_srp_server_get_username( GNUTLS_STATE state
);
66 void gnutls_srp_server_set_select_func( GNUTLS_STATE
, gnutls_srp_server_select_func
*);
70 void gnutls_dh_set_prime_bits( GNUTLS_STATE state
, int bits
);
71 int gnutls_dh_get_prime_bits( GNUTLS_STATE
);
72 int gnutls_dh_get_secret_bits( GNUTLS_STATE
);
73 int gnutls_dh_get_peers_public_bits( GNUTLS_STATE
);
77 void gnutls_certificate_client_set_select_func( GNUTLS_STATE
, gnutls_certificate_client_select_func
*);
78 void gnutls_certificate_server_set_select_func( GNUTLS_STATE
, gnutls_certificate_server_select_func
*);
80 void gnutls_certificate_server_set_request( GNUTLS_STATE
, GNUTLS_CertificateRequest
);
82 /* X.509 certificate handling functions */
83 int gnutls_x509_extract_dn( const gnutls_datum
*, gnutls_x509_dn
*);
84 int gnutls_x509_extract_certificate_dn( const gnutls_datum
*, gnutls_x509_dn
*);
85 int gnutls_x509_extract_certificate_issuer_dn( const gnutls_datum
*, gnutls_x509_dn
*);
86 int gnutls_x509_extract_certificate_version( const gnutls_datum
*);
87 int gnutls_x509_extract_certificate_serial(const gnutls_datum
* cert
, char* result
, int* result_size
);
88 time_t gnutls_x509_extract_certificate_activation_time( const gnutls_datum
*);
89 time_t gnutls_x509_extract_certificate_expiration_time( const gnutls_datum
*);
90 int gnutls_x509_extract_certificate_subject_alt_name( const gnutls_datum
*, int seq
, char*, int*);
91 int gnutls_x509_pkcs7_extract_certificate(const gnutls_datum
* pkcs7_struct
, int indx
, char* certificate
, int* certificate_size
);
92 int gnutls_x509_extract_certificate_pk_algorithm( const gnutls_datum
* cert
, int* bits
);
94 int gnutls_x509_verify_certificate( const gnutls_datum
* cert_list
, int cert_list_length
, const gnutls_datum
* CA_list
, int CA_list_length
, const gnutls_datum
* CRL_list
, int CRL_list_length
);
96 /* Openpgp certificate stuff */
97 int gnutls_openpgp_extract_key_name( const gnutls_datum
*cert
,
99 gnutls_openpgp_name
*dn
);
101 int gnutls_openpgp_extract_key_pk_algorithm(const gnutls_datum
*cert
,
104 int gnutls_openpgp_extract_key_version( const gnutls_datum
*cert
);
106 time_t gnutls_openpgp_extract_key_creation_time( const gnutls_datum
*cert
);
107 time_t gnutls_openpgp_extract_key_expiration_time( const gnutls_datum
*cert
);
109 int gnutls_openpgp_verify_key( const gnutls_datum
* keyring
,
110 const gnutls_datum
* key_list
,
111 int key_list_length
);
113 /* get data from the state */
114 const gnutls_datum
* gnutls_certificate_get_peers( GNUTLS_STATE
, int* list_size
);
115 const gnutls_datum
*gnutls_certificate_get_ours( GNUTLS_STATE state
);
117 time_t gnutls_certificate_activation_time_peers(GNUTLS_STATE state
);
118 time_t gnutls_certificate_expiration_time_peers(GNUTLS_STATE state
);
120 int gnutls_certificate_client_get_request_status( GNUTLS_STATE
);
121 int gnutls_certificate_verify_peers( GNUTLS_STATE
);
123 int gnutls_b64_encode_fmt( const char* msg
, const gnutls_datum
*data
, char* result
, int* result_size
);
124 int gnutls_b64_decode_fmt( const gnutls_datum
*b64_data
, char* result
, int* result_size
);
126 # endif /* LIBGNUTLS_VERSION */
128 #endif /* GNUTLS_UI_H */