lib/gnutls_cert.h

   1 #ifndef GNUTLS_CERT_H
   2 # define GNUTLS_CERT_H
   3
   4 #include <gnutls_pk.h>
   5 #include <x509_asn1.h>
   6 #include <gnutls_ui.h>
   7
   8 #define MAX_PARAMS_SIZE 6 /* ok for RSA and DSA */
   9
  10 /* parameters should not be larger than this limit */
  11 #define MAX_PARAMETER_SIZE 1200
  12 #define DSA_PRIVATE_PARAMS 5
  13 #define DSA_PUBLIC_PARAMS 4
  14 #define RSA_PRIVATE_PARAMS 6
  15 #define RSA_PUBLIC_PARAMS 2
  16
  17 #if MAX_PARAMS_SIZE - RSA_PRIVATE_PARAMS < 0
  18 # error INCREASE MAX_PARAMS
  19 #endif
  20
  21 #if MAX_PARAMS_SIZE - DSA_PRIVATE_PARAMS < 0
  22 # error INCREASE MAX_PARAMS
  23 #endif
  24
  25 typedef struct gnutls_cert {
  26         MPI params[MAX_PARAMS_SIZE];    /* the size of params depends on the public
  27                                  * key algorithm
  28                                  * RSA: [0] is modulus
  29                                  *      [1] is public exponent
  30                                  * DSA: [0] is p
  31                                  *      [1] is q
  32                                  *      [2] is g
  33                                  *      [3] is public key
  34                                  */
  35         int params_size; /* holds the size of MPI params */
  36
  37         PKAlgorithm subject_pk_algorithm;
  38
  39         gnutls_datum   signature;
  40
  41         time_t     expiration_time;
  42         time_t     activation_time;
  43
  44         int        version; /* 1,2,3
  45                              */
  46
  47         uint16     keyUsage; /* bits from X509KEY_*
  48                               */
  49
  50         int        valid; /* 0 if the certificate looks good.
  51                            */
  52
  53         int        CA;    /* 0 if the certificate does not belong to
  54                            * a certificate authority. 1 otherwise.
  55                            */
  56
  57                         /* holds the type (PGP, X509)
  58                          */
  59         CertificateType     cert_type;
  60
  61         gnutls_datum raw; /* the raw certificate */
  62 } gnutls_cert;
  63
  64 typedef struct {
  65         MPI params[MAX_PARAMS_SIZE];/* the size of params depends on the public
  66                                  * key algorithm
  67                                  */
  68                                 /*
  69                                  * RSA: [0] is modulus
  70                                  *      [1] is public exponent
  71                                  *      [2] is private exponent
  72                                  *      [3] is prime1 (p)
  73                                  *      [4] is prime2 (q)
  74                                  *      [5] is coefficient (u == inverse of p mod q)
  75                                  * DSA: [0] is p
  76                                  *      [1] is q
  77                                  *      [2] is g
  78                                  *      [3] is y (public key)
  79                                  *      [4] is x (private key)
  80                                  */
  81         int params_size; /* holds the number of params */
  82
  83         PKAlgorithm pk_algorithm;
  84
  85         gnutls_datum raw; /* the raw key */
  86 } gnutls_private_key;
  87
  88 struct GNUTLS_STATE_INT; /* because GNUTLS_STATE is not defined when this file is included */
  89
  90 int _gnutls_cert_supported_kx( const gnutls_cert* cert, KXAlgorithm **alg, int *alg_size);
  91 PKAlgorithm _gnutls_map_pk_get_pk(KXAlgorithm kx_algorithm);
  92
  93 void _gnutls_free_cert(gnutls_cert cert);
  94
  95 #endif