| blob | b7bd2817b5b61e30f754b8cbd14bb8a6b8adb1ef |
1 /* gnutls.vapi
2 *
3 * Copyright (C) 2009 Jiří Zárevúcky
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
18 *
19 * As a special exception, if you use inline functions from this file, this
20 * file does not by itself cause the resulting executable to be covered by
21 * the GNU Lesser General Public License.
22 *
23 * Author:
24 * Jiří Zárevúcky <zarevucky.jiri@gmail.com>
25 *
26 */
28 [CCode (cprefix = "gnutls_", lower_case_cprefix = "gnutls_", cheader_filename = "gnutls/gnutls.h")]
29 namespace GnuTLS
30 {
31 [CCode (cname = "LIBGNUTLS_VERSION")]
32 public const string VERSION;
33 [CCode (cname = "LIBGNUTLS_VERSION_MAJOR")]
34 public const int VERSION_MAJOR;
35 [CCode (cname = "LIBGNUTLS_VERSION_MINOR")]
36 public const int VERSION_MINOR;
37 [CCode (cname = "LIBGNUTLS_VERSION_PATCH")]
38 public const int VERSION_PATCH;
39 [CCode (cname = "LIBGNUTLS_VERSION_NUMBER")]
40 public const int VERSION_NUMBER;
42 public unowned string? check_version (string? req_version);
44 [CCode (cname = "gnutls_cipher_algorithm_t", cprefix = "GNUTLS_CIPHER_", has_type_id = false)]
45 public enum CipherAlgorithm {
46 UNKNOWN,
47 NULL,
48 ARCFOUR_128,
49 3DES_CBC,
50 AES_128_CBC,
51 AES_256_CBC,
52 ARCFOUR_40,
53 CAMELLIA_128_CBC,
54 CAMELLIA_256_CBC,
55 RC2_40_CBC,
56 DES_CBC,
58 RIJNDAEL_128_CBC, // == AES_128_CBC
59 RIJNDAEL_256_CBC, // == AES_256_CBC
60 RIJNDAEL_CBC, // == AES_128_CBC
61 ARCFOUR; // == ARCFOUR_128
63 [CCode (cname = "gnutls_cipher_get_key_size")]
64 public size_t get_key_size ();
65 [CCode (cname = "gnutls_cipher_get_name")]
66 public unowned string? get_name ();
67 [CCode (cname = "gnutls_mac_get_id")]
68 public static CipherAlgorithm from_name (string name);
69 [CCode (cname = "gnutls_cipher_list", array_length = "false", array_null_terminated = "true")]
70 public static unowned CipherAlgorithm[] list ();
71 }
73 [CCode (cname = "gnutls_kx_algorithm_t", cprefix = "GNUTLS_KX_", has_type_id = false)]
74 public enum KXAlgorithm {
75 UNKNOWN,
76 RSA,
77 DHE_DSS,
78 DHE_RSA,
79 ANON_DH,
80 SRP,
81 RSA_EXPORT,
82 SRP_RSA,
83 SRP_DSS,
84 PSK,
85 DHE_PSK;
87 [CCode (cname = "gnutls_kx_get_name")]
88 public unowned string? get_name ();
89 [CCode (cname = "gnutls_kx_get_id")]
90 public static KXAlgorithm from_name (string name);
91 [CCode (cname = "gnutls_kx_list", array_length = "false", array_null_terminated = "true")]
92 public static unowned KXAlgorithm[] list ();
93 }
95 [CCode (cname = "gnutls_mac_algorithm_t", cprefix = "GNUTLS_MAC_", has_type_id = false)]
96 public enum MacAlgorithm {
97 UNKNOWN,
98 NULL,
99 MD5,
100 SHA1,
101 RMD160,
102 MD2,
103 SHA256,
104 SHA384,
105 SHA512;
107 [CCode (cname = "gnutls_mac_get_key_size")]
108 public size_t get_key_size ();
109 [CCode (cname = "gnutls_mac_get_name")]
110 public unowned string? get_name ();
111 [CCode (cname = "gnutls_mac_get_id")]
112 public static MacAlgorithm from_name (string name);
113 [CCode (cname = "gnutls_mac_list", array_length = "false", array_null_terminated = "true")]
114 public static unowned MacAlgorithm[] list ();
115 }
117 [CCode (cname = "gnutls_digest_algorithm_t", cprefix = "GNUTLS_DIG_", has_type_id = false)]
118 public enum DigestAlgorithm {
119 NULL,
120 MD5,
121 SHA1,
122 RMD160,
123 MD2,
124 SHA224,
125 SHA256,
126 SHA384,
127 SHA512;
129 [CCode (cname = "gnutls_fingerprint")]
130 public int fingerprint (/* const */ ref Datum data, void* result, ref size_t result_size);
131 }
133 [CCode (cname = "GNUTLS_MAX_ALGORITHM_NUM")]
134 public const int MAX_ALGORITHM_NUM;
136 [CCode (cname = "gnutls_pk_algorithm_t", cprefix = "GNUTLS_PK_", has_type_id = false)]
137 public enum PKAlgorithm {
138 UNKNOWN,
139 RSA,
140 DSA;
142 [CCode (cname = "gnutls_pk_algorithm_get_name")]
143 public unowned string? get_name ();
144 }
146 [CCode (cname = "gnutls_sign_algorithm_t", cprefix = "GNUTLS_SIGN_", has_type_id = false)]
147 public enum SignAlgorithm {
148 UNKNOWN,
149 RSA_SHA1,
150 DSA_SHA1,
151 RSA_MD5,
152 RSA_MD2,
153 RSA_RMD160,
154 RSA_SHA224,
155 RSA_SHA256,
156 RSA_SHA384,
157 RSA_SHA512;
159 [CCode (cname = "gnutls_sign_algorithm_get_name")]
160 public unowned string? get_name ();
161 }
163 [CCode (cname = "gnutls_compression_method_t", cprefix = "GNUTLS_COMP_", has_type_id = false)]
164 public enum CompressionMethod {
165 UNKNOWN,
166 NULL,
167 DEFLATE,
168 ZLIB, // == DEFLATE
169 LZO; // only available if gnutls-extra has been initialized
171 [CCode (cname = "gnutls_compression_get_name")]
172 public unowned string? get_name ();
173 [CCode (cname = "gnutls_compression_get_id")]
174 public static CompressionMethod from_name (string name);
175 [CCode (cname = "gnutls_compression_list", array_length = "false", array_null_terminated = "true")]
176 public static unowned CompressionMethod[] list ();
177 }
179 [CCode (cname = "gnutls_params_type_t", cprefix = "GNUTLS_PARAMS_", has_type_id = false)]
180 public enum ParamsType {
181 RSA_EXPORT,
182 DH
183 }
185 [CCode (cname = "gnutls_credentials_type_t", cprefix = "GNUTLS_CRD_", has_type_id = false)]
186 public enum CredentialsType {
187 CERTIFICATE,
188 ANON,
189 SRP,
190 PSK,
191 IA
192 }
194 [CCode (cname = "gnutls_alert_level_t", cprefix = "GNUTLS_AL_", has_type_id = false)]
195 public enum AlertLevel {
196 WARNING,
197 FATAL
198 }
200 [CCode (cname = "gnutls_alert_description_t", cprefix = "GNUTLS_A_", has_type_id = false)]
201 public enum AlertDescription {
202 CLOSE_NOTIFY,
203 UNEXPECTED_MESSAGE,
204 BAD_RECORD_MAC,
205 DECRYPTION_FAILED,
206 RECORD_OVERFLOW,
207 DECOMPRESSION_FAILURE,
208 HANDSHAKE_FAILURE,
209 SSL3_NO_CERTIFICATE,
210 BAD_CERTIFICATE,
211 UNSUPPORTED_CERTIFICATE,
212 CERTIFICATE_REVOKED,
213 CERTIFICATE_EXPIRED,
214 CERTIFICATE_UNKNOWN,
215 ILLEGAL_PARAMETER,
216 UNKNOWN_CA,
217 ACCESS_DENIED,
218 DECODE_ERROR,
219 DECRYPT_ERROR,
220 EXPORT_RESTRICTION,
221 PROTOCOL_VERSION,
222 INSUFFICIENT_SECURITY,
223 INTERNAL_ERROR,
224 USER_CANCELED,
225 NO_RENEGOTIATION,
226 UNSUPPORTED_EXTENSION,
227 CERTIFICATE_UNOBTAINABLE,
228 UNRECOGNIZED_NAME,
229 UNKNOWN_PSK_IDENTITY,
230 INNER_APPLICATION_FAILURE,
231 INNER_APPLICATION_VERIFICATION;
233 [CCode (cname = "gnutls_alert_get_name")]
234 public unowned string? get_name ();
235 }
237 [CCode (cname = "gnutls_handshake_description_t", cprefix = "GNUTLS_HANDSHAKE_", has_type_id = false)]
238 public enum HandshakeDescription {
239 HELLO_REQUEST,
240 CLIENT_HELLO,
241 SERVER_HELLO,
242 CERTIFICATE_PKT,
243 SERVER_KEY_EXCHANGE,
244 CERTIFICATE_REQUEST,
245 SERVER_HELLO_DONE,
246 CERTIFICATE_VERIFY,
247 CLIENT_KEY_EXCHANGE,
248 FINISHED,
249 SUPPLEMENTAL
250 }
252 /* Note that the status bits have different meanings
253 * in openpgp keys and x.509 certificate verification.
254 */
255 [Flags]
256 [CCode (cname = "gnutls_certificate_status_t", cprefix = "GNUTLS_CERT_", has_type_id = false)]
257 public enum CertificateStatus {
258 INVALID, // will be set if the certificate was not verified.
259 REVOKED, // in X.509 this will be set only if CRLs are checked
260 SIGNER_NOT_FOUND,
261 SIGNER_NOT_CA,
262 INSECURE_ALGORITHM
263 }
265 [CCode (cname = "gnutls_certificate_request_t", cprefix = "GNUTLS_CERT_", has_type_id = false)]
266 public enum CertificateRequest {
267 IGNORE,
268 REQUEST,
269 REQUIRE
270 }
272 // [CCode (cname = "gnutls_openpgp_crt_status_t", cprefix = "GNUTLS_OPENPGP_", has_type_id = false)]
273 // public enum OpenPGP.CertificateStatus {
274 // CERT,
275 // CERT_FINGERPRINT
276 // }
277 //
278 // [CCode (cname = "gnutls_connection_end_t", cprefix = "GNUTLS_", has_type_id = false)]
279 // public enum ConnectionEnd {
280 // SERVER,
281 // CLIENT
282 // }
284 [CCode (cname = "gnutls_close_request_t", cprefix = "GNUTLS_SHUT_", has_type_id = false)]
285 public enum CloseRequest {
286 RDWR,
287 WR
288 }
290 [CCode (cname = "gnutls_protocol_t", cprefix = "GNUTLS_", has_type_id = false)]
291 public enum Protocol {
292 SSL3,
293 TLS1, // == TLS1_0
294 TLS1_0,
295 TLS1_1,
296 TLS1_2,
297 [CCode (cname = "GNUTLS_VERSION_UNKNOWN")]
298 UNKNOWN;
300 [CCode (cname = "gnutls_protocol_get_name")]
301 public unowned string? get_name ();
302 [CCode (cname = "gnutls_protocol_get_id")]
303 public static Protocol from_name (string name);
304 [CCode (cname = "gnutls_protocol_list", array_length = "false", array_null_terminated = "true")]
305 public static unowned Protocol[] list ();
306 }
308 [CCode (cname = "gnutls_certificate_type_t", cprefix = "GNUTLS_CRT_", has_type_id = false)]
309 public enum CertificateType {
310 UNKNOWN,
311 X509,
312 OPENPGP;
314 [CCode (cname = "gnutls_certificate_type_get_name")]
315 public unowned string? get_name ();
316 [CCode (cname = "gnutls_certificate_type_get_id")]
317 public static CertificateType from_name (string name);
318 [CCode (cname = "gnutls_certificate_type_list", array_length = "false", array_null_terminated = "true")]
319 public static unowned CertificateType[] list ();
320 }
322 [CCode (cname = "gnutls_certificate_print_formats_t", cprefix = "GNUTLS_CRT_PRINT_", has_type_id = false)]
323 public enum CertificatePrintFormats {
324 FULL,
325 ONELINE,
326 UNSIGNED_FULL
327 }
329 [Flags]
330 [CCode (cname = "unsigned int", cprefix = "GNUTLS_KEY_", has_type_id = false)]
331 public enum KeyUsage
332 {
333 DIGITAL_SIGNATURE,
334 NON_REPUDIATION,
335 KEY_ENCIPHERMENT,
336 DATA_ENCIPHERMENT,
337 KEY_AGREEMENT,
338 KEY_CERT_SIGN,
339 CRL_SIGN,
340 ENCIPHER_ONLY,
341 DECIPHER_ONLY
342 }
344 [CCode (cname = "gnutls_server_name_type_t", cprefix = "GNUTLS_NAME_", has_type_id = false)]
345 public enum ServerNameType {
346 DNS;
347 }
349 // Diffie Hellman parameter handling.
350 [Compact]
351 [CCode (cname = "struct gnutls_dh_params_int", free_function = "gnutls_dh_params_deinit", lower_case_cprefix = "gnutls_dh_params_")]
352 public class DHParams {
353 private static int init (out DHParams dh_params);
354 public static DHParams create ()
355 {
356 DHParams result;
357 var ret = init (out result);
358 if (ret != 0)
359 GLib.error ("%s", ((ErrorCode)ret).to_string ());
360 return result;
361 }
363 private int cpy (DHParams source);
365 public int import_raw (/* const */ ref Datum prime, /* const */ ref Datum generator);
366 public int export_raw (/* const */ ref Datum prime, /* const */ ref Datum generator, out uint bits);
367 public int import_pkcs3 (/* const */ ref Datum pkcs3_params, X509.CertificateFormat format);
368 public int export_pkcs3 (X509.CertificateFormat format, void* params_data, ref size_t params_data_size);
370 [CCode (cname = "gnutls_dh_params_generate2")]
371 public int generate (uint bits);
372 }
374 [Compact]
375 [CCode (cname = "struct gnutls_x509_privkey_int", free_function = "gnutls_rsa_params_deinit", lower_case_cprefix = "gnutls_rsa_params_")]
376 public class RSAParams {
377 private static int init (out RSAParams dh_params);
378 public static RSAParams create ()
379 {
380 RSAParams result = null;
381 var ret = init (out result);
382 if (ret != 0)
383 GLib.error ("%s", ((ErrorCode)ret).to_string ());
384 return result;
385 }
387 private int cpy (RSAParams source);
389 public int import_raw (/* const */ ref Datum m, /* const */ ref Datum e, /* const */ ref Datum d, /* const */ ref Datum p, /* const */ ref Datum q, /* const */ ref Datum u);
390 public int export_raw (/* const */ ref Datum m, /* const */ ref Datum e, /* const */ ref Datum d, /* const */ ref Datum p, /* const */ ref Datum q, /* const */ ref Datum u, out uint bits);
391 public int import_pkcs1 (/* const */ ref Datum pkcs1_params, X509.CertificateFormat format);
392 public int export_pkcs1 (X509.CertificateFormat format, void* params_data, ref size_t params_data_size);
394 public int generate2 (uint bits);
395 }
397 [Compact]
398 [CCode (cname = "struct gnutls_priority_st", free_function = "gnutls_priority_deinit")]
399 public class Priority {
400 private static int init (out Priority self, string priority, out char* err_pos);
401 public static Priority create (string priority, out ErrorCode err = null, out char* err_pos = null)
402 {
403 Priority result;
404 var ret = init (out result, priority, out err_pos);
405 if (&err != null)
406 err = (ErrorCode) ret;
407 return result;
408 }
409 }
411 [SimpleType]
412 [CCode (cname = "gnutls_datum_t", has_type_id = false)]
413 public struct Datum {
414 public void* data;
415 public uint size;
416 }
418 [CCode (cname = "gnutls_params_st", has_type_id = false)]
419 public struct Params {
420 public ParamsType type;
421 [CCode (cname = "params.dh")]
422 public DHParams dh_params;
423 [CCode (cname = "params.rsa_export")]
424 public RSAParams rsa_params;
425 public bool deinit;
426 }
428 [CCode (cname = "gnutls_params_function *", has_target = false)]
429 public delegate int ParamsFunction (Session session, ParamsType type, Params params);
431 [CCode (cname = "gnutls_oprfi_callback_func", instance_pos = "1.2")]
432 public delegate int OprfiCallbackFunc (Session session,
433 [CCode (array_length_pos = "1.8", array_length_type = "size_t")] /* const */ uint8[] in_oprfi,
434 [CCode (array_length_pos = "1.8", array_length_type = "size_t")] uint8[] out_oprfi);
436 /* Supplemental data, RFC 4680. */
437 [CCode (cname = "gnutls_supplemental_data_format_type_t", has_type_id = false)]
438 public enum SupplementalDataFormatType {
439 USER_MAPPING_DATA;
441 [CCode (cname = "gnutls_supplemental_get_name")]
442 public unowned string? get_name ();
443 }
445 [CCode (cname = "TLS_MASTER_SIZE")]
446 public const int TLS_MASTER_SIZE;
447 [CCode (cname = "TLS_RANDOM_SIZE")]
448 public const int TLS_RANDOM_SIZE;
450 [CCode (cname = "gnutls_db_store_func", has_target = false)]
451 public delegate int DBStoreFunc (void* ptr, Datum key, Datum data);
452 [CCode (cname = "gnutls_db_remove_func", has_target = false)]
453 public delegate int DBRemoveFunc (void* ptr, Datum key);
454 [CCode (cname = "gnutls_db_retr_func", has_target = false)]
455 public delegate Datum DBRetrieveFunc (void* ptr, Datum key);
457 [CCode (cname = "gnutls_handshake_post_client_hello_func", has_target = false)]
458 public delegate int HandshakePostClientHelloFunc (Session session);
460 // External signing callback. Experimental.
461 [CCode (cname = "gnutls_sign_func", instance_pos = "1.9")]
462 public delegate int SignFunc (Session session, CertificateType cert_type, /* const */ ref Datum cert, /* const */ ref Datum hash, out Datum signature);
464 [CCode (cname = "gnutls_pull_func", has_target = false)]
465 public delegate ssize_t PullFunc (void* transport_ptr, void* buffer, size_t count);
466 [CCode (cname = "gnutls_push_func", has_target = false)]
467 public delegate ssize_t PushFunc (void* transport_ptr, void* buffer, size_t count);
469 [Compact]
470 [CCode (cname = "struct gnutls_session_int", free_function = "gnutls_deinit")]
471 public class Session {
472 [CCode (cname = "gnutls_init")]
473 private static int init (out Session session, int con_end);
474 protected static Session? create (int con_end)
475 {
476 Session result;
477 var ret = init (out result, con_end);
478 if (ret != 0)
479 GLib.error ("%s", ((ErrorCode)ret).to_string ());
480 return result;
481 }
483 [CCode (cname = "gnutls_credentials_set")]
484 public int set_credentials (CredentialsType type, void* cred);
485 [CCode (cname = "gnutls_credentials_clear")]
486 public void clear_credentials ();
488 [CCode (cname = "gnutls_handshake")]
489 public int handshake ();
490 [CCode (cname = "gnutls_bye")]
491 public int bye (CloseRequest how);
493 [CCode (cname = "gnutls_session_is_resumed")]
494 public bool is_resumed ();
496 [CCode (cname = "gnutls_alert_get")]
497 public AlertDescription get_last_alert ();
498 [CCode (cname = "gnutls_alert_send")]
499 public int send_alert (AlertLevel level, AlertDescription desc);
500 [CCode (cname = "gnutls_alert_send_appropriate")]
501 public int send_appropriate_alert (ErrorCode err);
503 [CCode (cname = "gnutls_cipher_get")]
504 public CipherAlgorithm get_cipher ();
505 [CCode (cname = "gnutls_kx_get")]
506 public KXAlgorithm get_kx ();
507 [CCode (cname = "gnutls_mac_get")]
508 public MacAlgorithm get_mac ();
509 [CCode (cname = "gnutls_compression_get")]
510 public CompressionMethod get_compression ();
511 [CCode (cname = "gnutls_certificate_type_get")]
512 public CertificateType get_certificate_type ();
513 [CCode (cname = "gnutls_protocol_get_version")]
514 public Protocol get_protocol_version ();
515 [CCode (cname = "gnutls_record_get_max_size")]
516 public size_t get_max_record_size ();
517 [CCode (cname = "gnutls_dh_get_prime_bits")]
518 public int get_dh_prime_bits ();
519 [CCode (cname = "gnutls_dh_get_secret_bits")]
520 public int get_dh_secret_bits ();
521 [CCode (cname = "gnutls_dh_get_peers_public_bits")]
522 public int get_peers_dh_public_bits ();
523 [CCode (cname = "gnutls_dh_get_group")]
524 public int get_dh_group (out Datum raw_gen, out Datum raw_prime);
525 [CCode (cname = "gnutls_dh_get_pubkey")]
526 public int get_dh_pubkey (out Datum raw_key);
527 [CCode (cname = "gnutls_rsa_export_get_pubkey")]
528 public int get_rsa_export_pubkey (out Datum exponent, out Datum modulus);
529 [CCode (cname = "gnutls_rsa_export_get_modulus_bits")]
530 public int get_rsa_export_modulus_bits ();
532 [CCode (cname = "gnutls_handshake_set_private_extensions")]
533 public void allow_private_extensions (bool allow);
534 [CCode (cname = "gnutls_handshake_get_last_out")]
535 public HandshakeDescription get_last_out_handshake ();
536 [CCode (cname = "gnutls_handshake_get_last_in")]
537 public HandshakeDescription get_last_in_handshake ();
539 [CCode (cname = "gnutls_record_send")]
540 public ssize_t send (void* buffer, size_t count);
541 [CCode (cname = "gnutls_record_recv")]
542 public ssize_t receive (void* buffer, size_t count);
544 [CCode (cname = "gnutls_record_get_direction")]
545 public int get_last_direction ();
547 [CCode (cname = "gnutls_record_check_pending")]
548 public size_t check_pending ();
550 [CCode (cname = "gnutls_cipher_set_priority")]
551 public int set_cipher_priority ([CCode (array_length = "false", array_null_terminated = "true")] CipherAlgorithm[] list);
552 [CCode (cname = "gnutls_mac_set_priority")]
553 public int set_mac_priority ([CCode (array_length = "false", array_null_terminated = "true")] MacAlgorithm[] list);
554 [CCode (cname = "gnutls_compression_set_priority")]
555 public int set_compression_priority ([CCode (array_length = "false", array_null_terminated = "true")] CompressionMethod[] list);
556 [CCode (cname = "gnutls_kx_set_priority")]
557 public int set_kx_priority ([CCode (array_length = "false", array_null_terminated = "true")] KXAlgorithm[] list);
558 [CCode (cname = "gnutls_protocol_set_priority")]
559 public int set_protocol_priority ([CCode (array_length = "false", array_null_terminated = "true")] Protocol[] list);
560 [CCode (cname = "gnutls_certificate_type_set_priority")]
561 public int set_certificate_type_priority ([CCode (array_length = "false", array_null_terminated = "true")] CertificateType[] list);
563 [CCode (cname = "gnutls_priority_set")]
564 public int set_priority (Priority priority);
565 [CCode (cname = "gnutls_priority_set_direct")]
566 public int set_priority_from_string (string priority, out unowned string err_pos = null);
567 [CCode (cname = "gnutls_set_default_priority")]
568 public int set_default_priority ();
569 [CCode (cname = "gnutls_set_default_export_priority")]
570 public int set_default_export_priority ();
572 [CCode (cname = "GNUTLS_MAX_SESSION_ID")]
573 public const int MAX_SESSION_ID;
575 [CCode (cname = "gnutls_session_get_id")]
576 public int get_id (void* session_id, ref size_t session_id_size);
578 [CCode (cname = "gnutls_session_get_server_random")]
579 public void* get_server_random ();
580 [CCode (cname = "gnutls_session_get_client_random")]
581 public void* get_client_random ();
582 [CCode (cname = "gnutls_session_get_master_secret")]
583 public void* get_master_secret ();
585 [CCode (cname = "gnutls_transport_set_ptr")]
586 public void set_transport_ptr (void* ptr);
587 [CCode (cname = "gnutls_transport_set_ptr2")]
588 public void set_transport_ptr2 (void* recv_ptr, void* send_ptr);
589 [CCode (cname = "gnutls_transport_set_lowat")]
590 public void set_lowat (int num);
591 [CCode (cname = "gnutls_transport_set_push_function")]
592 public void set_push_function (PushFunc func);
593 [CCode (cname = "gnutls_transport_set_pull_function")]
594 public void set_pull_function (PullFunc func);
596 [CCode (cname = "gnutls_transport_set_errno")]
597 public void set_errno (int err);
599 [CCode (cname = "gnutls_session_set_ptr")]
600 public void set_ptr (void* ptr);
601 [CCode (cname = "gnutls_session_get_ptr")]
602 public void* get_ptr ();
604 [CCode (cname = "gnutls_auth_get_type")]
605 public CredentialsType get_auth_type ();
606 // [CCode (cname = "gnutls_auth_server_get_type")]
607 // public CredentialsType get_server_auth_type ();
608 // [CCode (cname = "gnutls_auth_client_get_type")]
609 // public CredentialsType get_client_auth_type ();
611 [CCode (cname = "gnutls_sign_callback_set")]
612 public void set_sign_callback (SignFunc func);
613 [CCode (cname = "gnutls_sign_callback_get")]
614 public SignFunc get_sign_callback ();
616 [CCode (cname = "gnutls_certificate_get_peers", array_length_type = "unsigned int")]
617 public unowned Datum[]? get_peer_certificates ();
618 [CCode (cname = "gnutls_certificate_get_ours")]
619 public unowned Datum? get_our_certificate ();
621 [CCode (cname = "gnutls_certificate_verify_peers2")]
622 public int verify_peer_certificate (out CertificateStatus status);
623 }
625 [CCode (cname = "struct gnutls_session_int", lower_case_cprefix = "gnutls_", free_function = "gnutls_deinit")]
626 public class ClientSession: Session {
628 public static ClientSession create ()
629 {
630 return (ClientSession) Session.create (2);
631 }
633 [CCode (cname = "gnutls_record_set_max_size")]
634 public ssize_t set_max_record_size (size_t size);
636 [CCode (cname = "gnutls_dh_set_prime_bits")]
637 public void set_dh_prime_bits (uint bits);
639 [CCode (cname = "gnutls_server_name_get")]
640 public int get_server_name (void* data, out size_t data_length, out ServerNameType type, uint index);
642 [CCode (cname = "gnutls_oprfi_enable_client")]
643 public void enable_oprfi ([CCode (array_length_pos = "0.9", array_length_type = "size_t")] uint8[] data);
645 [CCode (cname = "gnutls_session_set_data")]
646 public int set_session_data (void* session_data, size_t session_data_size);
647 [CCode (cname = "gnutls_session_get_data")]
648 public int get_session_data (void* session_data, out size_t session_data_size);
649 [CCode (cname = "gnutls_session_get_data2")]
650 public int get_session_data2 (out Datum data);
652 [CCode (cname = "gnutls_openpgp_send_cert")]
653 public void set_openpgp_send_cert (bool fingerprint_only);
655 [CCode (cname = "gnutls_psk_client_get_hint")]
656 public unowned string get_psk_hint ();
658 [CCode (cname = "gnutls_certificate_client_get_request_status")]
659 public int get_certificate_request_status ();
660 }
662 [CCode (cname = "struct gnutls_session_int", lower_case_cprefix = "gnutls_", free_function = "gnutls_deinit")]
663 public class ServerSession: Session {
665 public static ServerSession create ()
666 {
667 return (ServerSession) Session.create (1);
668 }
670 public int rehandshake ();
672 [CCode (cname = "gnutls_session_enable_compatibility_mode")]
673 public void enable_compatibility_mode ();
675 [CCode (cname = "gnutls_record_disable_padding")]
676 public void disable_record_padding ();
678 [CCode (cname = "gnutls_server_name_set")]
679 public int set_server_name (ServerNameType type, void* data, size_t data_length);
681 [CCode (cname = "gnutls_oprfi_enable_server")]
682 public void enable_oprfi (OprfiCallbackFunc cb);
684 public void db_set_cache_expiration (int seconds);
685 public void db_remove_session ();
686 public void db_set_retrieve_function (DBRetrieveFunc func);
687 public void db_set_remove_function (DBRemoveFunc func);
688 public void db_set_store_function (DBStoreFunc func);
689 public void db_set_ptr (void* ptr);
690 public void* db_get_ptr ();
691 public int db_check_entry (Datum session_entry);
693 [CCode (cname = "gnutls_handshake_set_post_client_hello_function")]
694 public void set_post_client_hello_function (HandshakePostClientHelloFunc func);
696 [CCode (cname = "gnutls_handshake_set_max_packet_length")]
697 public void set_max_handshake_packet_length (size_t max);
699 [CCode (cname = "gnutls_certificate_server_set_request")]
700 public void set_certificate_request (CertificateRequest req);
702 [CCode (cname = "gnutls_certificate_send_x509_rdn_sequence")]
703 public void disable_sending_x509_rdn_sequence (bool disable);
705 [CCode (cname = "gnutls_psk_server_get_username")]
706 public unowned string get_psk_username ();
708 [CCode (cheader_filename = "gnutls/openpgp.h", cname = "gnutls_openpgp_set_recv_key_function")]
709 public void set_openpgp_recv_key_function (OpenPGP.RecvKeyFunc func);
710 }
713 [Compact]
714 [CCode (cname = "struct gnutls_anon_server_credentials_st", free_function = "gnutls_anon_free_server_credentials")]
715 public class AnonServerCredentials
716 {
717 [CCode (cname = "gnutls_anon_allocate_server_credentials")]
718 private static int allocate (out AnonServerCredentials credentials);
719 public static AnonServerCredentials create ()
720 {
721 AnonServerCredentials result;
722 var ret = allocate (out result);
723 if (ret != 0)
724 GLib.error ("%s", ((ErrorCode)ret).to_string ());
725 return result;
726 }
729 [CCode (cname = "gnutls_anon_set_server_dh_params")]
730 public void set_dh_params (DHParams dh_params);
732 // [CCode (cname = "gnutls_anon_set_server_params_function")]
733 // public void set_server_params_function (ParamsFunction func);
735 [CCode (cname = "gnutls_anon_set_params_function")]
736 public void set_params_function (ParamsFunction func);
737 }
739 [Compact]
740 [CCode (cname = "struct gnutls_anon_client_credentials_st", free_function = "gnutls_anon_free_client_credentials")]
741 public class AnonClientCredentials
742 {
743 [CCode (cname = "gnutls_anon_allocate_client_credentials")]
744 private static int allocate (out AnonClientCredentials credentials);
745 public static AnonClientCredentials create ()
746 {
747 AnonClientCredentials result;
748 var ret = allocate (out result);
749 if (ret != 0)
750 GLib.error ("%s", ((ErrorCode)ret).to_string ());
751 return result;
752 }
753 }
755 [CCode (cheader_filename = "gnutls/x509.h", cprefix = "GNUTLS_")]
756 namespace X509
757 {
758 // Some OIDs usually found in Distinguished names, or
759 // in Subject Directory Attribute extensions.
761 public const string OID_X520_COUNTRY_NAME;
762 public const string OID_X520_ORGANIZATION_NAME;
763 public const string OID_X520_ORGANIZATIONAL_UNIT_NAME;
764 public const string OID_X520_COMMON_NAME;
765 public const string OID_X520_LOCALITY_NAME;
766 public const string OID_X520_STATE_OR_PROVINCE_NAME;
768 public const string OID_X520_INITIALS;
769 public const string OID_X520_GENERATION_QUALIFIER;
770 public const string OID_X520_SURNAME;
771 public const string OID_X520_GIVEN_NAME;
772 public const string OID_X520_TITLE;
773 public const string OID_X520_DN_QUALIFIER;
774 public const string OID_X520_PSEUDONYM;
776 public const string OID_LDAP_DC;
777 public const string OID_LDAP_UID;
779 // The following should not be included in DN.
781 public const string OID_PKCS9_EMAIL;
783 public const string OID_PKIX_DATE_OF_BIRTH;
784 public const string OID_PKIX_PLACE_OF_BIRTH;
785 public const string OID_PKIX_GENDER;
786 public const string OID_PKIX_COUNTRY_OF_CITIZENSHIP;
787 public const string OID_PKIX_COUNTRY_OF_RESIDENCE;
789 // Key purpose Object Identifiers.
791 public const string KP_TLS_WWW_SERVER;
792 public const string KP_TLS_WWW_CLIENT;
793 public const string KP_CODE_SIGNING;
794 public const string KP_EMAIL_PROTECTION;
795 public const string KP_TIME_STAMPING;
796 public const string KP_OCSP_SIGNING;
797 public const string KP_ANY;
800 [CCode (cname = "gnutls_x509_crt_fmt_t", cprefix = "GNUTLS_X509_FMT_", has_type_id = false)]
801 public enum CertificateFormat {
802 DER,
803 PEM
804 }
806 [Flags]
807 [CCode (cname = "gnutls_certificate_import_flags", cprefix = "GNUTLS_X509_CRT_", has_type_id = false)]
808 public enum CertificateImportFlags {
809 /* Fail if the certificates in the buffer are more than the space
810 * allocated for certificates. The error code will be
811 * GNUTLS_E_SHORT_MEMORY_BUFFER.
812 */
813 LIST_IMPORT_FAIL_IF_EXCEED // == 1
814 }
816 [Flags]
817 [CCode (cname = "unsigned int", cprefix = "GNUTLS_CRL_REASON_", has_type_id = false)]
818 public enum RevocationReasons {
819 UNUSED,
820 KEY_COMPROMISE,
821 CA_COMPROMISE,
822 AFFILIATION_CHANGED,
823 SUPERSEEDED,
824 CESSATION_OF_OPERATION,
825 CERTIFICATE_HOLD,
826 PRIVILEGE_WITHDRAWN,
827 AA_COMPROMISE
828 }
830 [Flags]
831 [CCode (cname = "gnutls_certificate_verify_flags", cprefix = "GNUTLS_VERIFY_", has_type_id = false)]
832 public enum CertificateVerifyFlags
833 {
834 // If set a signer does not have to be a certificate authority. This
835 // flag should normaly be disabled, unless you know what this means.
836 DISABLE_CA_SIGN,
838 // Allow only trusted CA certificates that have version 1. This is
839 // safer than GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT, and should be
840 // used instead. That way only signers in your trusted list will be
841 // allowed to have certificates of version 1.
842 ALLOW_X509_V1_CA_CRT,
844 // If a certificate is not signed by anyone trusted but exists in
845 // the trusted CA list do not treat it as trusted.
846 DO_NOT_ALLOW_SAME,
848 // Allow CA certificates that have version 1 (both root and
849 // intermediate). This might be dangerous since those haven't the
850 // basicConstraints extension. Must be used in combination with
851 // GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT.
852 ALLOW_ANY_X509_V1_CA_CRT,
854 // Allow certificates to be signed using the broken MD2 algorithm.
855 ALLOW_SIGN_RSA_MD2,
857 // Allow certificates to be signed using the broken MD5 algorithm.
858 ALLOW_SIGN_RSA_MD5
859 }
861 [CCode (cname = "gnutls_x509_subject_alt_name_t", has_type_id = false)]
862 public enum SubjectAltName {
863 DNSNAME,
864 RFC822NAME,
865 URI,
866 IPADDRESS,
867 OTHERNAME,
868 DN,
870 OTHERNAME_XMPP
871 }
873 [Compact]
874 [CCode (cname = "void", cprefix = "gnutls_x509_dn_", free_function = "gnutls_x509_dn_deinit")]
875 public class DN
876 {
877 private static int init (out DN dn);
878 public static DN create ()
879 {
880 DN result;
881 var ret = init (out result);
882 if (ret != 0)
883 GLib.error ("%s", ((ErrorCode)ret).to_string ());
884 return result;
885 }
887 public int get_rdn_ava (int irdn, int iava, out unowned Ava ava);
889 public int import (ref Datum data);
890 public int export (CertificateFormat format, void* output, ref size_t output_size);
892 }
894 // RDN handling.
895 public int rdn_get (ref Datum idn, char* buf, ref size_t buf_size);
896 public int rdn_get_oid (ref Datum idn, int index, void* buf, ref size_t buf_size);
897 public int rdn_get_by_oid (ref Datum idn, string oid, int index, uint raw_flag, void* buf, ref size_t buf_size);
899 [SimpleType]
900 [CCode (cname = "gnutls_x509_ava_st", has_type_id = false)]
901 public struct Ava
902 {
903 [CCode (cname = "oid.data", array_length_cname = "oid.size")]
904 uint8[] oid;
905 [CCode (cname = "value.data", array_length_cname = "value.size")]
906 uint8[] value;
907 ulong value_tag;
908 }
910 [Compact]
911 [CCode (cname = "struct gnutls_x509_crt_int", cprefix = "gnutls_x509_crt_", free_function = "gnutls_x509_crt_deinit")]
912 public class Certificate
913 {
914 private static int init (out Certificate cert);
915 public static Certificate create ()
916 {
917 Certificate result;
918 var ret = init (out result);
919 if (ret != 0)
920 GLib.error ("%s", ((ErrorCode)ret).to_string ());
921 return result;
922 }
924 public int import (ref Datum data, CertificateFormat format);
925 public int export (CertificateFormat format, void* output, ref size_t output_size);
927 public static int list_import ([CCode (array_length = "false")] Certificate[]? certs,
928 ref uint cert_max, ref Datum data,
929 CertificateFormat format, bool fail_if_exceed);
933 public int get_issuer_dn (char* buf, ref size_t buf_size);
934 public int get_issuer_dn_oid (int index, void* oid, ref size_t oid_size);
935 public int get_issuer_dn_by_oid (string oid, int index, uint raw_flag, void* buf, ref size_t buf_size);
937 public int get_dn (char* buf, ref size_t buf_size);
938 public int get_dn_oid (int index, void* oid, ref size_t oid_size);
939 public int get_dn_by_oid (string oid, int index, uint raw_flag, void* buf, ref size_t buf_size);
942 public int get_subject (out DN dn);
943 public int get_issuer (out DN dn);
945 public bool check_hostname (string hostname);
947 public SignAlgorithm get_signature_algorithm ();
949 public int get_signature (char* sig, ref size_t sig_size);
951 public int get_version ();
953 public int get_key_id (uint flags, uchar* output, ref size_t output_size);
955 public int set_authority_key_id (void* id, size_t id_size);
956 public int get_authority_key_id (void* ret, ref size_t ret_size, out bool critical);
958 public int get_subject_key_id (void* ret, ref size_t ret_size, out bool critical);
960 public int get_crl_dist_points (uint seq, void* ret, ref size_t ret_size, out RevocationReasons reason_flags, out bool critical);
961 public int set_crl_dist_points (SubjectAltName type, void* data_string, RevocationReasons reason_flags);
962 public int cpy_crl_dist_points (Certificate source);
964 public time_t get_activation_time ();
965 public time_t get_expiration_time ();
967 public int get_serial (void* result, ref size_t result_size);
969 public PKAlgorithm get_pk_algorithm (out uint bits);
970 public int get_pk_rsa_raw (out Datum modulus, out Datum exponent);
971 public int get_pk_dsa_raw (out Datum p, out Datum q, out Datum g, out Datum y);
973 public int get_subject_alt_name (uint seq, void* ret, ref size_t ret_size, out bool critical);
974 public int get_subject_alt_name2 (uint seq, void* ret, ref size_t ret_size, out SubjectAltName ret_type, out bool critical);
976 public int get_subject_alt_othername_oid (uint seq, void* ret, ref size_t ret_size);
978 public int get_ca_status (out bool critical);
980 public int get_basic_constraints (out bool critical, out int ca, out int pathlen);
982 public int get_key_usage (out KeyUsage key_usage, out bool critical);
983 public int set_key_usage (KeyUsage usage);
985 public int get_proxy (out bool critical, out int pathlen, [CCode (array_length = "false")] out char[] policyLanguage, out char[] policy);
987 public bool dn_oid_known (string oid);
989 public int get_extension_oid (int index, void* oid, ref size_t oid_size);
990 public int get_extension_by_oid (string oid, int index, void* buf, ref size_t buf_size, out bool critical);
992 public int get_extension_info (int index, void* oid, ref size_t oid_size, out bool critical);
993 public int get_extension_data (int index, void* data, ref size_t data_size);
995 public int set_extension_by_oid (string oid, void* buf, size_t buf_size, bool critical);
996 public int set_dn_by_oid (string oid, uint raw_flag, void* name, uint name_size);
997 public int set_issuer_dn_by_oid (string oid, uint raw_flag, void* name, uint name_size);
998 public int set_version (uint version);
999 public int set_key (PrivateKey key);
1000 public int set_ca_status (uint ca);
1001 public int set_basic_constraints (uint ca, int pathLenConstraint);
1002 public int set_subject_alternative_name (SubjectAltName type, string data_string);
1004 public int sign (Certificate issuer, PrivateKey issuer_key);
1005 public int sign2 (Certificate issuer, PrivateKey issuer_key, DigestAlgorithm alg, uint flags);
1007 public int set_activation_time (time_t act_time);
1008 public int set_expiration_time (time_t exp_time);
1009 public int set_serial (void* serial, size_t serial_size);
1011 public int set_subject_key_id (void* id, size_t id_size);
1012 public int set_proxy_dn (Certificate eecrt, uint raw_flag, void* name, uint name_size);
1013 public int set_proxy (int pathLenConstraint, string policyLanguage, [CCode (array_length_type = "size_t")] uint8[] policy);
1015 public int print (CertificatePrintFormats format, out Datum output);
1017 public int get_raw_issuer_dn (out unowned Datum start);
1018 public int get_raw_dn (out unowned Datum start);
1020 public int verify_data (uint flags, ref Datum data, ref Datum signature);
1022 private int set_crq (CertificateRequest crq);
1024 // verification
1026 public int check_issuer (Certificate issuer);
1027 public static int list_verify (Certificate[] cert_list, Certificate[] CA_list, Certificate[] CLR_list, CertificateVerifyFlags flags, out CertificateStatus verify);
1028 public int verify (Certificate[] CA_list, CertificateVerifyFlags flags, out CertificateStatus verify);
1029 public int check_revocation (CRL[] crl_list);
1030 public int get_fingerprint (DigestAlgorithm algo, void* buf, ref size_t buf_size);
1031 public int get_key_purpose_oid (int index, void* oid, ref size_t oid_size, out bool critical);
1032 public int set_key_purpose_oid (string oid, bool critical);
1033 }
1035 [Compact]
1036 [CCode (cname = "struct gnutls_x509_crl_int", free_function = "gnutls_x509_crl_deinit", cprefix = "gnutls_x509_crl_")]
1037 public class CRL
1038 {
1039 private static int init (out CRL crl);
1040 public static CRL create ()
1041 {
1042 CRL result;
1043 var ret = init (out result);
1044 if (ret != 0)
1045 GLib.error ("%s", ((ErrorCode)ret).to_string ());
1046 return result;
1047 }
1049 public int import (ref Datum data, CertificateFormat format);
1050 public int export (CertificateFormat format, void* output, ref size_t output_size);
1052 public int get_issuer_dn (char* buf, ref size_t buf_size);
1053 public int get_issuer_dn_by_oid (string oid, int index, uint raw_flag, void* buf, ref size_t buf_size);
1055 public int get_dn_oid (int index, void* oid, ref size_t oid_size);
1057 public int get_signature_algorithm ();
1058 public int get_signature (char* sig, ref size_t sig_size);
1059 public int get_version ();
1061 public time_t get_this_update ();
1062 public time_t get_next_update ();
1064 public int get_crt_count ();
1065 public int get_crt_serial (int index, uchar* serial, ref size_t serial_size, out time_t t);
1067 // aliases for previous two
1068 public int get_certificate_count ();
1069 public int get_certificate (int index, uchar* serial, ref size_t serial_size, out time_t t);
1071 public int check_issuer (Certificate issuer);
1073 public int verify (Certificate[] ca_list, CertificateVerifyFlags flags, out CertificateStatus verify);
1075 // CRL writing
1077 public int set_version (uint version);
1078 public int sign (Certificate issuer, PrivateKey issuer_key);
1079 public int sign2 (Certificate issuer, PrivateKey issuer_key, DigestAlgorithm algo, uint flags);
1081 public int set_this_update (time_t act_time);
1082 public int set_next_update (time_t exp_time);
1084 public int set_crt_serial (void* serial, size_t serial_size, time_t revocation_time);
1085 public int set_crt (Certificate crt, time_t revocation_time);
1087 public int print (CertificatePrintFormats format, out Datum output);
1088 }
1090 [Compact]
1091 [CCode (cname = "struct gnutls_pkcs7_int", cprefix = "gnutls_pkcs7_", free_function = "gnutls_pkcs7_deinit")]
1092 public class PKCS7
1093 {
1094 private static int init (out PKCS7 pkcs7);
1095 public static PKCS7 create ()
1096 {
1097 PKCS7 result;
1098 var ret = init (out result);
1099 if (ret != 0)
1100 GLib.error ("%s", ((ErrorCode)ret).to_string ());
1101 return result;
1102 }
1104 public int import (ref Datum data, CertificateFormat format);
1105 public int export (CertificateFormat format, void* output, ref size_t output_size);
1107 public int get_crt_count ();
1108 public int get_crt_raw (int index, void* certificate, ref size_t certificate_size);
1109 public int set_crt_raw (ref Datum crt);
1110 public int set_crt (Certificate crt);
1111 public int delete_crt (int index);
1113 public int get_crl_count ();
1114 public int get_crl_raw (int index, void* crl, ref size_t crl_size);
1115 public int set_crl_raw (ref Datum crt);
1116 public int set_crl (CRL crl);
1117 public int delete_crl (int index);
1118 }
1120 // Flags for the gnutls_x509_privkey_export_pkcs8() function.
1121 [Flags]
1122 [CCode (cname = "gnutls_pkcs_encrypt_flags_t", cprefix = "GNUTLS_PKCS_", has_type_id = false)]
1123 public enum PKCSEncryptFlags {
1124 PLAIN,
1125 USE_PKCS12_3DES,
1126 USE_PKCS12_ARCFOUR,
1127 USE_PKCS12_RC2_40,
1128 USE_PBES2_3DES
1129 }
1131 [Compact]
1132 [CCode (cname = "struct gnutls_x509_privkey_int", cprefix = "gnutls_x509_privkey_", free_function = "gnutls_x509_privkey_deinit")]
1133 public class PrivateKey
1134 {
1135 private static int init (out PrivateKey key);
1136 public static PrivateKey create ()
1137 {
1138 PrivateKey result;
1139 var ret = init (out result);
1140 if (ret != 0)
1141 GLib.error ("%s", ((ErrorCode)ret).to_string ());
1142 return result;
1143 }
1145 public int cpy (PrivateKey source);
1147 public int import (ref Datum data, CertificateFormat format);
1148 public int import_pkcs8 (ref Datum data, CertificateFormat format, string? password, PKCSEncryptFlags flags);
1149 public int import_rsa_raw (ref Datum m, ref Datum e, ref Datum d, ref Datum p, ref Datum q, ref Datum u);
1150 public int import_dsa_raw (ref Datum p, ref Datum q, ref Datum g, ref Datum y, ref Datum x);
1152 public int export (CertificateFormat format, void* output, ref size_t output_size);
1153 public int export_pkcs8 (CertificateFormat format, string password, PKCSEncryptFlags flags, void* output, ref size_t output_size);
1154 public int export_rsa_raw (out Datum m, out Datum e, out Datum d, out Datum p, out Datum q, out Datum u);
1155 public int export_dsa_raw (out Datum p, out Datum q, out Datum g, out Datum y, out Datum x);
1157 public int fix ();
1158 public int generate (PKAlgorithm algo, uint bits, uint flags = 0);
1160 public int get_pk_algorithm ();
1161 public int get_key_id (uint flags, uchar* output, ref size_t output_size);
1163 // Signing stuff
1165 public int sign_data (DigestAlgorithm digest, uint flags, ref Datum data, void* signature, ref size_t signature_size);
1166 public int verify_data (uint flags, ref Datum data, ref Datum signature);
1167 public int sign_hash (ref Datum hash, out Datum signature);
1168 }
1170 [Compact]
1171 [CCode (cname = "struct gnutls_x509_crq_int", cprefix = "gnutls_x509_crq_", free_function = "gnutls_x509_crq_deinit")]
1172 public class CertificateRequest
1173 {
1174 private static int init (out CertificateRequest request);
1175 public static CertificateRequest create ()
1176 {
1177 CertificateRequest result;
1178 var ret = init (out result);
1179 if (ret != 0)
1180 GLib.error ("%s", ((ErrorCode)ret).to_string ());
1181 return result;
1182 }
1184 public int import (ref Datum data, CertificateFormat format);
1185 public int export (CertificateFormat format, void* output, ref size_t output_size);
1187 public int get_pk_algorithm (out uint bits);
1188 public int get_dn (char* buf, ref size_t buf_size);
1189 public int get_dn_oid (int index, void* oid, ref size_t oid_size);
1190 public int get_dn_by_oid (string oid, int index, uint raw_flag, void* buf, ref size_t buf_size);
1191 public int set_dn_by_oid (string oid, uint raw_flag, void* name, uint name_size);
1193 public int set_version (uint version);
1195 public int set_key (PrivateKey key);
1197 public int sign (PrivateKey key);
1198 public int sign2 (PrivateKey key, DigestAlgorithm algo, uint flags);
1200 public int set_challenge_password (string pass);
1201 public int get_challenge_password (char* pass, ref size_t pass_size);
1203 public int set_attribute_by_oid (string oid, void* buf, size_t buf_size);
1204 public int get_attribute_by_oid (string oid, int index, void* buf, ref size_t buf_size);
1205 }
1207 [Compact]
1208 [CCode (cheader_filename = "gnutls/pkcs12.h", cname = "struct gnutls_pkcs12_int", cprefix = "gnutls_pkcs12_", free_function = "gnutls_pkcs12_deinit")]
1209 public class PKCS12
1210 {
1211 private static int init (out PKCS12 request);
1212 public static PKCS12 create ()
1213 {
1214 PKCS12 result;
1215 var ret = init (out result);
1216 if (ret != 0)
1217 GLib.error ("%s", ((ErrorCode)ret).to_string ());
1218 return result;
1219 }
1221 public int import (ref Datum data, CertificateFormat format, uint flags);
1222 public int export (CertificateFormat format, void* output, ref size_t output_size);
1224 public int get_bag (int index, PKCS12Bag bag);
1225 public int set_bag (PKCS12Bag bag);
1227 public int generate_mac (string pass);
1228 public int verify_mac (string pass);
1229 }
1231 [CCode (cheader_filename = "gnutls/pkcs12.h", cname = "gnutls_pkcs12_bag_type_t", cprefix = "GNUTLS_BAG_", has_type_id = false)]
1232 public enum PKCS12BagType {
1233 EMPTY,
1234 PKCS8_ENCRYPTED_KEY,
1235 PKCS8_KEY,
1236 CERTIFICATE,
1237 CRL,
1238 ENCRYPTED,
1239 UNKNOWN
1240 }
1242 [Compact]
1243 [CCode (cheader_filename = "gnutls/pkcs12.h", cname = "struct gnutls_pkcs12_bag_int", cprefix = "gnutls_pkcs12_bag_", free_function = "gnutls_pkcs12_bag_deinit")]
1244 public class PKCS12Bag {
1245 private static int init (out PKCS12Bag request);
1246 public static PKCS12Bag create ()
1247 {
1248 PKCS12Bag result;
1249 var ret = init (out result);
1250 if (ret != 0)
1251 GLib.error ("%s", ((ErrorCode)ret).to_string ());
1252 return result;
1253 }
1255 public int decrypt (string pass);
1256 public int encrypt (string pass, PKCSEncryptFlags flags);
1258 public PKCS12BagType get_type (int index);
1259 public int get_data (int index, out Datum data);
1260 public int set_data (PKCS12BagType type, ref Datum data);
1261 public int set_crl (CRL crl);
1262 public int set_crt (Certificate crt);
1264 public int get_count ();
1266 public int get_key_id (int index, out Datum id);
1267 public int set_key_id (int index, ref Datum id);
1269 public int get_friendly_name (int index, out unowned string name);
1270 public int set_friendly_name (int index, string name);
1271 }
1272 }
1274 [CCode (cheader_filename = "gnutls/openpgp.h")]
1275 namespace OpenPGP
1276 {
1277 [CCode (has_target = false)]
1278 public delegate int RecvKeyFunc (Session session, uint8[] keyfpr, out Datum key);
1280 [CCode (cname = "gnutls_openpgp_crt_fmt_t", cprefix = "GNUTLS_OPENPGP_FMT_", has_type_id = false)]
1281 public enum CertificateFormat {
1282 RAW,
1283 BASE64
1284 }
1286 [Compact]
1287 [CCode (cname = "struct gnutls_openpgp_crt_int", cprefix = "gnutls_openpgp_crt_", free_function = "gnutls_openpgp_crt_deinit")]
1288 public class Certificate
1289 {
1290 private static int init (out Certificate crt);
1291 public static Certificate create ()
1292 {
1293 Certificate result;
1294 var ret = init (out result);
1295 if (ret != 0)
1296 GLib.error ("%s", ((ErrorCode)ret).to_string ());
1297 return result;
1298 }
1300 public int import (ref Datum data, CertificateFormat format);
1301 public int export (CertificateFormat format, void* output, ref size_t output_size);
1303 public int print (CertificatePrintFormats format, out Datum output);
1305 public int get_key_usage (out KeyUsage key_usage);
1306 public int get_fingerprint (void* fpr, ref size_t fpr_size);
1307 public int get_subkey_fingerprint (uint index, void* fpr, ref size_t fpr_size);
1309 public int get_name (int index, char* buf, ref size_t buf_size);
1311 public PKAlgorithm get_pk_algorithm (out uint bits);
1313 public int get_version ();
1315 public time_t get_creation_time ();
1316 public time_t get_expiration_time ();
1318 // keyid is 8 bytes
1319 public int get_key_id (uchar* keyid);
1321 public int check_hostname (string hostname);
1323 public int get_revoked_status ();
1325 public int get_subkey_count ();
1326 public int get_subkey_idx (/*const*/ uchar* keyid);
1327 public int get_subkey_revoked_status (uint idx);
1329 public PKAlgorithm get_subkey_pk_algorithm (uint idx, out uint bits);
1331 public time_t get_subkey_creation_time (uint idx);
1332 public time_t get_subkey_expiration_time (uint idx);
1334 public int get_subkey_id (uint idx, uchar* keyid);
1335 public int get_subkey_usage (uint idx, out KeyUsage key_usage);
1337 public int get_pk_dsa_raw (out Datum p, out Datum q, out Datum g, out Datum y);
1338 public int get_pk_rsa_raw (out Datum m, out Datum e);
1340 public int get_subkey_pk_dsa_raw (uint index, out Datum p, out Datum q, out Datum g, out Datum y);
1341 public int get_subkey_pk_rsa_raw (uint index, out Datum m, out Datum e);
1343 public int get_preferred_key_id (uchar* keyid);
1344 public int set_preferred_key_id (/* const */ uchar* keyid);
1346 public int verify_ring (Keyring keyring, uint flags, out CertificateStatus verify);
1347 public int verify_self (uint flags, out CertificateStatus verify);
1348 }
1350 [Compact]
1351 [CCode (cname = "struct gnutls_openpgp_privkey_int", cprefix = "gnutls_openpgp_privkey_", free_function = "gnutls_openpgp_privkey_deinit")]
1352 public class PrivateKey
1353 {
1354 private static int init (out PrivateKey key);
1355 public static PrivateKey create ()
1356 {
1357 PrivateKey result = null;
1358 var ret = init (out result);
1359 if (ret != 0)
1360 GLib.error ("%s", ((ErrorCode)ret).to_string ());
1361 return result;
1362 }
1364 public PKAlgorithm get_pk_algorithm (out uint bits);
1366 public int import (ref Datum data, CertificateFormat format, string pass, uint flags);
1367 public int export (CertificateFormat format, string password, uint flags, void* output, ref size_t output_size);
1369 public int sign_hash (ref Datum hash, out Datum signature);
1370 public int get_fingerprint (void* fpr, ref size_t fpr_size);
1371 public int get_subkey_fingerprint (uint idx, void* fpr, ref size_t fpr_size);
1373 public int get_key_id (uchar* keyid);
1374 public int get_subkey_count ();
1375 public int get_subkey_idx (/*const*/ uchar* keyid);
1377 public int get_subkey_revoked_status (uint index);
1378 public int get_revoked_status ();
1380 public PKAlgorithm get_subkey_pk_algorithm (uint idx, out uint bits);
1382 public time_t get_subkey_expiration_time (uint idx);
1383 public time_t get_subkey_creation_time (uint idx);
1385 public int get_subkey_id (uint idx, uchar* keyid);
1387 public int export_subkey_dsa_raw (uint idx, out Datum p, out Datum q, out Datum g, out Datum y, out Datum x);
1388 public int export_subkey_rsa_raw (uint idx, out Datum m, out Datum e, out Datum d, out Datum p, out Datum q, out Datum u);
1390 public int export_dsa_raw (out Datum p, out Datum q, out Datum g, out Datum y, out Datum x);
1391 public int export_rsa_raw (out Datum m, out Datum e, out Datum d, out Datum p, out Datum q, out Datum u);
1393 public int set_preferred_key_id (/*const*/ uchar* keyid);
1394 public int get_preferred_key_id (uchar* keyid);
1396 public int get_auth_subkey (uchar* keyid, uint flag);
1397 }
1399 [Compact]
1400 [CCode (cname = "struct gnutls_openpgp_keyring_int", cprefix = "gnutls_openpgp_keyring_", free_function = "gnutls_openpgp_keyring_deinit")]
1401 public class Keyring
1402 {
1403 private static int init (out Keyring keyring);
1404 public static Keyring create ()
1405 {
1406 Keyring result;
1407 var ret = init (out result);
1408 if (ret != 0)
1409 GLib.error ("%s", ((ErrorCode)ret).to_string ());
1410 return result;
1411 }
1413 public int import (ref Datum data, CertificateFormat format);
1414 public int check_id (/*const*/ uchar* keyid, uint flags);
1416 public int get_crt_count ();
1417 public int get_crt (uint index, out Certificate cert);
1418 }
1419 }
1422 [CCode (cname = "gnutls_certificate_client_retrieve_function *", has_target = false)]
1423 public delegate int ClientCertificateRetrieveFunction (Session session, Datum[] req_ca_rdn, PKAlgorithm[] pk_algos, out RetrStruct st);
1424 [CCode (cname = "gnutls_certificate_server_retrieve_function *", has_target = false)]
1425 public delegate int ServerCertificateRetrieveFunction (Session session, out RetrStruct st);
1427 [Compact]
1428 [CCode (cname = "struct gnutls_certificate_credentials_st",
1429 free_function = "gnutls_certificate_free_credentials",
1430 cprefix = "gnutls_certificate_")]
1431 public class CertificateCredentials
1432 {
1433 [CCode (cname = "gnutls_certificate_allocate_credentials")]
1434 private static int allocate (out CertificateCredentials credentials);
1435 public static CertificateCredentials create ()
1436 {
1437 CertificateCredentials result;
1438 var ret = allocate (out result);
1439 if (ret != 0)
1440 GLib.error ("%s", ((ErrorCode)ret).to_string ());
1441 return result;
1442 }
1444 public void free_keys ();
1445 public void free_cas ();
1446 public void free_ca_names ();
1447 public void free_crls ();
1449 public void set_dh_params (DHParams dh_params);
1450 public void set_rsa_export_params (RSAParams rsa_params);
1451 public void set_verify_flags (X509.CertificateVerifyFlags flags);
1452 public void set_verify_limits (uint max_bits, uint max_depth);
1454 public int set_x509_trust (X509.Certificate[] ca_list);
1455 public int set_x509_trust_file (string cafile, X509.CertificateFormat type);
1456 public int set_x509_trust_mem (/* const */ ref Datum cadata, X509.CertificateFormat type);
1458 public int set_x509_crl (X509.CRL[] crl_list);
1459 public int set_x509_crl_file (string crlfile, X509.CertificateFormat type);
1460 public int set_x509_crl_mem (/* const */ ref Datum crldata, X509.CertificateFormat type);
1462 public int set_x509_key (X509.Certificate[] cert_list, X509.PrivateKey key);
1463 public int set_x509_key_file (string certfile, string keyfile, X509.CertificateFormat type);
1464 public int set_x509_key_mem (/* const */ ref Datum certdata, /* const */ ref Datum keydata, X509.CertificateFormat type);
1466 public int set_x509_simple_pkcs12_file (string pkcs12file, X509.CertificateFormat type, string? password = null);
1468 public void get_x509_cas ([CCode (array_length_type = "unsigned int")] out unowned X509.Certificate[] x509_ca_list);
1469 public void get_x509_crls ([CCode (array_length_type = "unsigned int")] out unowned X509.CRL[] x509_crl_list);
1472 [CCode (cname = "gnutls_certificate_client_set_retrieve_function")]
1473 public void set_client_certificate_retrieve_function (ClientCertificateRetrieveFunction func);
1474 [CCode (cname = "gnutls_certificate_server_set_retrieve_function")]
1475 public void set_server_certificate_retrieve_function (ServerCertificateRetrieveFunction func);
1477 [CCode (cname = "gnutls_certificate_set_params_function")]
1478 public void set_params_function (ParamsFunction func);
1480 // OpenPGP stuff
1482 public int set_openpgp_key (OpenPGP.Certificate key, OpenPGP.PrivateKey pkey);
1484 public int set_openpgp_key_file (string certfile, string keyfile, OpenPGP.CertificateFormat format);
1485 public int set_openpgp_key_mem (ref Datum cert, ref Datum key, OpenPGP.CertificateFormat format);
1486 public int set_openpgp_key_file2 (string certfile, string keyfile, string keyid, OpenPGP.CertificateFormat format);
1487 public int set_openpgp_key_mem2 (ref Datum cert, ref Datum key, string keyid, OpenPGP.CertificateFormat format);
1489 public int set_openpgp_keyring_mem (uchar* data, size_t data_size, OpenPGP.CertificateFormat format);
1490 public int set_openpgp_keyring_file (string file, OpenPGP.CertificateFormat format);
1492 public void get_openpgp_keyring (out unowned OpenPGP.Keyring keyring);
1493 }
1495 [CCode (cname = "gnutls_malloc")]
1496 public void* malloc (size_t size);
1497 [CCode (cname = "gnutls_secure_malloc")]
1498 public void* secure_malloc (size_t size);
1499 [CCode (cname = "gnutls_realloc")]
1500 public void* realloc (void* ptr, size_t new_size);
1501 [CCode (cname = "gnutls_calloc")]
1502 public void* calloc (size_t count, size_t block_size);
1503 [CCode (cname = "gnutls_free")]
1504 public void free (void* ptr);
1506 [CCode (cname = "gnutls_free")]
1507 public void free_data ([CCode (array_length = false)] owned uint[] data);
1509 [CCode (cname = "gnutls_strdup")]
1510 public string strdup (string str);
1512 [CCode (cname = "gnutls_alloc_function", has_target = false)]
1513 public delegate void* AllocFunction (size_t size);
1514 [CCode (cname = "gnutls_calloc_function", has_target = false)]
1515 public delegate void* CallocFunction (size_t count, size_t block_size);
1516 [CCode (cname = "gnutls_is_secure_function", has_target = false)]
1517 public delegate int IsSecureFunction (void* ptr);
1518 [CCode (cname = "gnutls_free_function", has_target = false)]
1519 public delegate void FreeFunction (void* ptr);
1520 [CCode (cname = "gnutls_realloc_function", has_target = false)]
1521 public delegate void* ReallocFunction (void* ptr, size_t new_size);
1523 public int global_init ();
1524 public void global_deinit ();
1526 [CCode (cname = "gnutls_global_set_mem_functions")]
1527 public void set_mem_functions (AllocFunction alloc_func, AllocFunction secure_alloc_func,
1528 IsSecureFunction is_secure_func, ReallocFunction realloc_func,
1529 FreeFunction free_func);
1531 [CCode (cname = "gnutls_log_func", has_target = false)]
1532 public delegate void LogFunc (int level, string msg);
1533 [CCode (cname = "gnutls_global_set_log_function")]
1534 public void set_log_function (LogFunc func);
1535 [CCode (cname = "gnutls_global_set_log_level")]
1536 public void set_log_level (int level);
1538 [CCode (cname = "gnutls_transport_set_global_errno")]
1539 public void set_global_errno (int err);
1541 // SRP stuff
1543 [CCode (cname = "gnutls_srp_server_credentials_function *", has_target = false)]
1544 public delegate int SRPServerCredentialsFunction (Session session, string username,
1545 out Datum salt, out Datum verifier,
1546 out Datum generator, out Datum prime);
1548 [Compact]
1549 [CCode (cname = "struct gnutls_srp_server_credentials_st", free_function = "gnutls_srp_free_server_credentials")]
1550 public class SRPServerCredentials
1551 {
1552 [CCode (cname = "gnutls_srp_allocate_server_credentials")]
1553 private static int allocate (out SRPServerCredentials sc);
1554 public static SRPServerCredentials create ()
1555 {
1556 SRPServerCredentials result = null;
1557 var ret = allocate (out result);
1558 if (ret != 0)
1559 GLib.error ("%s", ((ErrorCode)ret).to_string ());
1560 return result;
1561 }
1563 [CCode (cname = "gnutls_srp_set_server_credentials_file")]
1564 public int set_credentials_file (string password_file, string password_conf_file);
1566 [CCode (cname = "gnutls_srp_server_get_username")]
1567 public string get_username ();
1569 [CCode (cname = "gnutls_srp_set_server_credentials_function")]
1570 public void set_credentials_function (SRPServerCredentialsFunction func);
1571 }
1573 [CCode (cname = "gnutls_srp_client_credentials_function *", has_target = false)]
1574 public delegate int SRPClientCredentialsFunction (Session session, out string username, out string password);
1576 [Compact]
1577 [CCode (cname = "struct gnutls_srp_client_credentials_st", free_function = "gnutls_srp_free_client_credentials")]
1578 public class SRPClientCredentials
1579 {
1580 [CCode (cname = "gnutls_srp_allocate_client_credentials")]
1581 private static int allocate (out SRPClientCredentials sc);
1582 public static SRPClientCredentials create ()
1583 {
1584 SRPClientCredentials result;
1585 var ret = allocate (out result);
1586 if (ret != 0)
1587 GLib.error ("%s", ((ErrorCode)ret).to_string ());
1588 return result;
1589 }
1591 [CCode (cname = "gnutls_srp_set_client_credentials")]
1592 public int set_credentials (string username, string password);
1594 [CCode (cname = "gnutls_srp_set_client_credentials_function")]
1595 public void set_credentials_function (SRPClientCredentialsFunction func);
1596 }
1598 // extern int gnutls_srp_verifier (const char *username,
1599 // const char *password,
1600 // const gnutls_datum_t * salt,
1601 // const gnutls_datum_t * generator,
1602 // const gnutls_datum_t * prime,
1603 // gnutls_datum_t * res);
1605 public int srp_verifier (string username, string password, /* const */ ref Datum salt, /* const */ ref Datum generator, /* const */ ref Datum prime, out Datum result);
1607 // The static parameters defined in draft-ietf-tls-srp-05
1608 // Those should be used as input to gnutls_srp_verifier().
1610 public const Datum srp_2048_group_prime;
1611 public const Datum srp_2048_group_generator;
1613 public const Datum srp_1536_group_prime;
1614 public const Datum srp_1536_group_generator;
1616 public const Datum srp_1024_group_prime;
1617 public const Datum srp_1024_group_generator;
1619 public int srp_base64_encode (/* const */ ref Datum data, [CCode (array_length = "false")] char[] result, ref size_t result_size);
1620 public int srp_base64_encode_alloc (/* const */ ref Datum data, out Datum result);
1622 public int srp_base64_decode (/* const */ ref Datum b64_data, [CCode (array_length = false)] uint8[] result, ref size_t result_size);
1623 public int srp_base64_decode_alloc (/* const */ ref Datum b64_data, out Datum result);
1630 // PSK stuff
1632 [CCode (cname = "gnutls_psk_key_flags", cprefix = "GNUTLS_PSK_KEY_", has_type_id = false)]
1633 public enum PSKKeyFlags
1634 {
1635 RAW,
1636 HEX
1637 }
1639 [CCode (cname = "gnutls_psk_server_credentials_function *", has_target = false)]
1640 public delegate int PSKServerCredentialsFunction (Session session, string username, /* const */ ref Datum key);
1642 [Compact]
1643 [CCode (cname = "struct gnutls_psk_server_credentials_st", free_function = "gnutls_psk_free_server_credentials")]
1644 public class PSKServerCredentials
1645 {
1646 [CCode (cname = "gnutls_psk_allocate_server_credentials")]
1647 private static int allocate (out PSKServerCredentials sc);
1648 public static PSKServerCredentials create ()
1649 {
1650 PSKServerCredentials result;
1651 var ret = allocate (out result);
1652 if (ret != 0)
1653 GLib.error ("%s", ((ErrorCode)ret).to_string ());
1654 return result;
1655 }
1657 [CCode (cname = "gnutls_psk_set_server_credentials_file")]
1658 public int set_credentials_file (string password_file);
1660 [CCode (cname = "gnutls_psk_set_server_credentials_hint")]
1661 public int set_credentials_hint (string hint);
1663 [CCode (cname = "gnutls_psk_set_server_credentials_function")]
1664 public void set_credentials_function (PSKServerCredentialsFunction func);
1666 [CCode (cname = "gnutls_psk_set_server_dh_params")]
1667 public void set_dh_params (DHParams dh_params);
1669 [CCode (cname = "gnutls_psk_set_server_params_function")] // also gnutls_psk_set_params_function
1670 public void set_params_function (ParamsFunction func);
1671 }
1673 [CCode (cname = "gnutls_psk_client_credentials_function *", has_target = false)]
1674 public delegate int PSKClientCredentialsFunction (Session session, out string username, out Datum key);
1676 [Compact]
1677 [CCode (cname = "struct gnutls_psk_client_credentials_st", free_function = "gnutls_psk_free_client_credentials")]
1678 public class PSKClientCredentials
1679 {
1680 [CCode (cname = "gnutls_psk_allocate_client_credentials")]
1681 private static int allocate (out PSKClientCredentials sc);
1682 public static PSKClientCredentials create ()
1683 {
1684 PSKClientCredentials result;
1685 var ret = allocate (out result);
1686 if (ret != 0)
1687 GLib.error ("%s", ((ErrorCode)ret).to_string ());
1688 return result;
1689 }
1691 [CCode (cname = "gnutls_psk_set_client_credentials")]
1692 public int set_credentials (string username, /* const */ ref Datum key, PSKKeyFlags format);
1694 [CCode (cname = "gnutls_psk_set_client_credentials_function")]
1695 public void set_credentials_function (PSKClientCredentialsFunction func);
1696 }
1698 public int hex_encode (/* const */ ref Datum data, [CCode (array_length = "false")] char[] result, ref size_t result_size);
1699 public int hex_decode (/* const */ ref Datum hex_data, [CCode (array_length = "false")] char[] result, ref size_t result_size);
1701 public int psk_netconf_derive_key (string password, string psk_identity, string psk_identity_hint, out Datum output_key);
1703 ////
1705 [SimpleType]
1706 [CCode (cname = "gnutls_retr_st", has_type_id = false)]
1707 public struct RetrStruct
1708 {
1709 public CertificateType type;
1710 [CCode (cname = "cert.x509", array_length_cname = "ncerts", array_length_type = "unsigned int")]
1711 public X509.Certificate[] cert_x509;
1712 [CCode (cname = "cert.pgp")]
1713 public OpenPGP.Certificate cert_pgp;
1714 [CCode (cname = "key.x509")]
1715 public X509.PrivateKey key_x509;
1716 [CCode (cname = "key.pgp")]
1717 public OpenPGP.PrivateKey key_pgp;
1718 public uint deinit_all;
1719 }
1721 public int pem_base64_encode (string msg, /* const */ ref Datum data, void* result, ref size_t result_size);
1722 public int pem_base64_decode (string header, /* const */ ref Datum b64_data, void* result, ref size_t result_size);
1724 public int pem_base64_encode_alloc (string msg, /* const */ ref Datum data, out Datum result);
1725 public int pem_base64_decode_alloc (string header, /* const */ ref Datum b64_data, out Datum result);
1727 public int hex2bin (string hex_data, size_t hex_size, void* bin_data, ref size_t bin_size);
1729 // returns cipher suite name or null if index is out of bounds
1730 public unowned string? cipher_suite_info (size_t index, [CCode (array_length = "false")] char[] cs_id, out KXAlgorithm kx,
1731 out CipherAlgorithm cipher, out MacAlgorithm mac,
1732 out Protocol version);
1734 public unowned string? cipher_suite_get_name (KXAlgorithm kx, CipherAlgorithm cipher, MacAlgorithm mac);
1736 public int prf (Session session, size_t label_size, string label, bool server_random_first,
1737 size_t extra_size, void* extra, size_t output_size, void* output);
1739 public int prf_raw (Session session, size_t label_size, string label,
1740 size_t seed_size, void* seed, size_t output_size, void* output);
1742 // Gnutls error codes. The mapping to a TLS alert is also shown in comments.
1743 [CCode (cname = "int", cprefix = "GNUTLS_E_", lower_case_cprefix = "gnutls_error_", has_type_id = false)]
1744 public enum ErrorCode {
1746 SUCCESS,
1747 UNKNOWN_COMPRESSION_ALGORITHM,
1748 UNKNOWN_CIPHER_TYPE,
1749 LARGE_PACKET,
1750 UNSUPPORTED_VERSION_PACKET, // GNUTLS_A_PROTOCOL_VERSION
1751 UNEXPECTED_PACKET_LENGTH, // GNUTLS_A_RECORD_OVERFLOW
1752 INVALID_SESSION,
1753 FATAL_ALERT_RECEIVED,
1754 UNEXPECTED_PACKET, // GNUTLS_A_UNEXPECTED_MESSAGE
1755 WARNING_ALERT_RECEIVED,
1756 ERROR_IN_FINISHED_PACKET,
1757 UNEXPECTED_HANDSHAKE_PACKET,
1758 UNKNOWN_CIPHER_SUITE, // GNUTLS_A_HANDSHAKE_FAILURE
1759 UNWANTED_ALGORITHM,
1760 MPI_SCAN_FAILED,
1761 DECRYPTION_FAILED, // GNUTLS_A_DECRYPTION_FAILED, GNUTLS_A_BAD_RECORD_MAC
1762 MEMORY_ERROR,
1763 DECOMPRESSION_FAILED, // GNUTLS_A_DECOMPRESSION_FAILURE
1764 COMPRESSION_FAILED,
1765 AGAIN,
1766 EXPIRED,
1767 DB_ERROR,
1768 SRP_PWD_ERROR,
1769 INSUFFICIENT_CREDENTIALS,
1771 HASH_FAILED,
1772 BASE64_DECODING_ERROR,
1774 MPI_PRINT_FAILED,
1775 REHANDSHAKE, // GNUTLS_A_NO_RENEGOTIATION
1776 GOT_APPLICATION_DATA,
1777 RECORD_LIMIT_REACHED,
1778 ENCRYPTION_FAILED,
1780 PK_ENCRYPTION_FAILED,
1781 PK_DECRYPTION_FAILED,
1782 PK_SIGN_FAILED,
1783 X509_UNSUPPORTED_CRITICAL_EXTENSION,
1784 KEY_USAGE_VIOLATION,
1785 NO_CERTIFICATE_FOUND, // GNUTLS_A_BAD_CERTIFICATE
1786 INVALID_REQUEST,
1787 SHORT_MEMORY_BUFFER,
1788 INTERRUPTED,
1789 PUSH_ERROR,
1790 PULL_ERROR,
1791 RECEIVED_ILLEGAL_PARAMETER, // GNUTLS_A_ILLEGAL_PARAMETER
1792 REQUESTED_DATA_NOT_AVAILABLE,
1793 PKCS1_WRONG_PAD,
1794 RECEIVED_ILLEGAL_EXTENSION,
1795 INTERNAL_ERROR,
1796 DH_PRIME_UNACCEPTABLE,
1797 FILE_ERROR,
1798 TOO_MANY_EMPTY_PACKETS,
1799 UNKNOWN_PK_ALGORITHM,
1801 // returned if libextra functionality was requested but
1802 // gnutls_global_init_extra() was not called.
1804 INIT_LIBEXTRA,
1805 LIBRARY_VERSION_MISMATCH,
1807 // returned if you need to generate temporary RSA
1808 // parameters. These are needed for export cipher suites.
1810 NO_TEMPORARY_RSA_PARAMS,
1812 LZO_INIT_FAILED,
1813 NO_COMPRESSION_ALGORITHMS,
1814 NO_CIPHER_SUITES,
1816 OPENPGP_GETKEY_FAILED,
1817 PK_SIG_VERIFY_FAILED,
1819 ILLEGAL_SRP_USERNAME,
1820 SRP_PWD_PARSING_ERROR,
1821 NO_TEMPORARY_DH_PARAMS,
1823 // For certificate and key stuff
1825 ASN1_ELEMENT_NOT_FOUND,
1826 ASN1_IDENTIFIER_NOT_FOUND,
1827 ASN1_DER_ERROR,
1828 ASN1_VALUE_NOT_FOUND,
1829 ASN1_GENERIC_ERROR,
1830 ASN1_VALUE_NOT_VALID,
1831 ASN1_TAG_ERROR,
1832 ASN1_TAG_IMPLICIT,
1833 ASN1_TYPE_ANY_ERROR,
1834 ASN1_SYNTAX_ERROR,
1835 ASN1_DER_OVERFLOW,
1836 OPENPGP_UID_REVOKED,
1837 CERTIFICATE_ERROR,
1838 CERTIFICATE_KEY_MISMATCH,
1839 UNSUPPORTED_CERTIFICATE_TYPE, // GNUTLS_A_UNSUPPORTED_CERTIFICATE
1840 X509_UNKNOWN_SAN,
1841 OPENPGP_FINGERPRINT_UNSUPPORTED,
1842 X509_UNSUPPORTED_ATTRIBUTE,
1843 UNKNOWN_HASH_ALGORITHM,
1844 UNKNOWN_PKCS_CONTENT_TYPE,
1845 UNKNOWN_PKCS_BAG_TYPE,
1846 INVALID_PASSWORD,
1847 MAC_VERIFY_FAILED, // for PKCS #12 MAC
1848 CONSTRAINT_ERROR,
1850 WARNING_IA_IPHF_RECEIVED,
1851 WARNING_IA_FPHF_RECEIVED,
1853 IA_VERIFY_FAILED,
1855 UNKNOWN_ALGORITHM,
1857 BASE64_ENCODING_ERROR,
1858 INCOMPATIBLE_CRYPTO_LIBRARY,
1859 INCOMPATIBLE_LIBTASN1_LIBRARY,
1861 OPENPGP_KEYRING_ERROR,
1862 X509_UNSUPPORTED_OID,
1864 RANDOM_FAILED,
1865 BASE64_UNEXPECTED_HEADER_ERROR,
1867 OPENPGP_SUBKEY_ERROR,
1869 CRYPTO_ALREADY_REGISTERED,
1871 HANDSHAKE_TOO_LARGE,
1873 UNIMPLEMENTED_FEATURE,
1875 APPLICATION_ERROR_MAX, // -65000
1876 APPLICATION_ERROR_MIN; // -65500
1878 [CCode (cname = "gnutls_error_is_fatal")]
1879 public bool is_fatal ();
1880 [CCode (cname = "gnutls_error_to_alert")]
1881 public AlertDescription to_alert (out AlertLevel level);
1882 [CCode (cname = "gnutls_perror")]
1883 public void print ();
1884 [CCode (cname = "gnutls_strerror")]
1885 public unowned string to_string ();
1886 }
1887 }