#include <gnutls.h>
#include <libtasn1.h>
#include "gnutls_mpi.h"
Go to the source code of this file.
#define GNUTLS_OID_PKIX_COUNTRY_OF_CITIZENSHIP "1.3.6.1.5.5.7.9.4" |
#define GNUTLS_OID_PKIX_COUNTRY_OF_RESIDENCE "1.3.6.1.5.5.7.9.5" |
#define GNUTLS_PKCS8_USE_PKCS12_3DES GNUTLS_PKCS_USE_PKCS12_3DES |
#define GNUTLS_PKCS8_USE_PKCS12_ARCFOUR GNUTLS_PKCS_USE_PKCS12_ARCFOUR |
#define GNUTLS_PKCS8_USE_PKCS12_RC2_40 GNUTLS_PKCS_USE_PKCS12_RC2_40 |
#define RSA_PRIVATE_PARAMS 6 |
Definition at line 314 of file x509.h.
Referenced by MHD__gnutls_get_private_rsa_params(), MHD__gnutls_privkey_decode_pkcs1_rsa_key(), and MHD_gtls_pkcs1_rsa_encrypt().
typedef void* MHD_gnutls_x509_dn_t |
typedef struct MHD_gtls_x509_privkey_int MHD_gnutls_x509_privkey_int |
void MHD_gnutls_x509_crt_deinit | ( | MHD_gnutls_x509_crt_t | cert | ) |
MHD_gnutls_x509_crt_deinit - This function deinitializes memory used by a MHD_gnutls_x509_crt_t structure : The structure to be initialized
This function will deinitialize a CRL structure.
Definition at line 81 of file x509.c.
References MHD_gnutls_x509_crt_int::cert, MHD__asn1_delete_structure(), and MHD_gnutls_free.
Referenced by call_get_cert_callback(), MHD__gnutls_certificate_free_cas(), MHD_gtls_x509_raw_cert_to_gcert(), and parse_der_cert_mem().
int MHD_gnutls_x509_crt_export | ( | MHD_gnutls_x509_crt_t | cert, | |
MHD_gnutls_x509_crt_fmt_t | format, | |||
void * | output_data, | |||
size_t * | output_data_size | |||
) |
MHD_gnutls_x509_crt_export - This function will export the certificate : Holds the certificate : the format of output params. One of PEM or DER. : will contain a certificate PEM or DER encoded : holds the size of output_data (and will be replaced by the actual size of parameters)
This function will export the certificate to DER or PEM format.
If the buffer provided is not long enough to hold the output, then *output_data_size is updated and GNUTLS_E_SHORT_MEMORY_BUFFER will be returned.
If the structure is PEM encoded, it will have a header of "BEGIN CERTIFICATE".
Return value: In case of failure a negative value will be returned, and 0 on success.
Definition at line 352 of file x509.c.
References MHD_gnutls_x509_crt_int::cert, GNUTLS_E_INVALID_REQUEST, MHD__gnutls_x509_export_int(), and MHD_gnutls_assert.
Referenced by MHD_gtls_x509_crt_to_gcert().
int MHD_gnutls_x509_crt_get_ca_status | ( | MHD_gnutls_x509_crt_t | cert, | |
unsigned int * | critical | |||
) |
int MHD_gnutls_x509_crt_get_key_usage | ( | MHD_gnutls_x509_crt_t | cert, | |
unsigned int * | key_usage, | |||
unsigned int * | critical | |||
) |
MHD_gnutls_x509_crt_get_key_usage - This function returns the certificate's key usage : should contain a MHD_gnutls_x509_crt_t structure : where the key usage bits will be stored : will be non zero if the extension is marked as critical
This function will return certificate's key usage, by reading the keyUsage X.509 extension (2.5.29.15). The key usage value will ORed values of the: GNUTLS_KEY_DIGITAL_SIGNATURE, GNUTLS_KEY_NON_REPUDIATION, GNUTLS_KEY_KEY_ENCIPHERMENT, GNUTLS_KEY_DATA_ENCIPHERMENT, GNUTLS_KEY_KEY_AGREEMENT, GNUTLS_KEY_KEY_CERT_SIGN, GNUTLS_KEY_CRL_SIGN, GNUTLS_KEY_ENCIPHER_ONLY, GNUTLS_KEY_DECIPHER_ONLY.
A negative value may be returned in case of parsing error. If the certificate does not contain the keyUsage extension GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned.
Definition at line 288 of file x509.c.
References MHD_gnutls_datum_t::data, GNUTLS_E_INVALID_REQUEST, GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE, MHD__gnutls_free_datum, MHD__gnutls_x509_crt_get_extension(), MHD__gnutls_x509_ext_extract_keyUsage(), MHD_gnutls_assert, and MHD_gnutls_datum_t::size.
Referenced by MHD_gtls_x509_crt_to_gcert().
int MHD_gnutls_x509_crt_get_pk_algorithm | ( | MHD_gnutls_x509_crt_t | cert, | |
unsigned int * | bits | |||
) |
MHD_gnutls_x509_crt_get_pk_algorithm - This function returns the certificate's PublicKey algorithm : should contain a MHD_gnutls_x509_crt_t structure : if bits is non null it will hold the size of the parameters' in bits
This function will return the public key algorithm of an X.509 certificate.
If bits is non null, it should have enough size to hold the parameters size in bits. For RSA the bits returned is the modulus. For DSA the bits returned are of the public exponent.
Returns a member of the enum MHD_GNUTLS_PublicKeyAlgorithm enumeration on success, or a negative value on error.
Definition at line 233 of file x509.c.
References MHD_gnutls_x509_crt_int::cert, GNUTLS_E_INVALID_REQUEST, MHD__gnutls_x509_get_pk_algorithm(), and MHD_gnutls_assert.
Referenced by check_bits(), MHD__gnutls_x509_crt_get_mpis(), and MHD_gtls_x509_crt_to_gcert().
int MHD_gnutls_x509_crt_get_serial | ( | MHD_gnutls_x509_crt_t | cert, | |
void * | result, | |||
size_t * | result_size | |||
) |
int MHD_gnutls_x509_crt_get_version | ( | MHD_gnutls_x509_crt_t | cert | ) |
MHD_gnutls_x509_crt_get_version - This function returns the Certificate's version number : should contain a MHD_gnutls_x509_crt_t structure
This function will return the version of the specified Certificate.
Returns a negative value on error.
Definition at line 189 of file x509.c.
References ASN1_ELEMENT_NOT_FOUND, ASN1_SUCCESS, MHD_gnutls_x509_crt_int::cert, GNUTLS_E_INVALID_REQUEST, MHD__asn1_read_value(), MHD_gnutls_assert, and MHD_gtls_asn2err().
Referenced by MHD_gtls_x509_crt_to_gcert().
int MHD_gnutls_x509_crt_import | ( | MHD_gnutls_x509_crt_t | cert, | |
const MHD_gnutls_datum_t * | data, | |||
MHD_gnutls_x509_crt_fmt_t | format | |||
) |
MHD_gnutls_x509_crt_import - This function will import a DER or PEM encoded Certificate : The structure to store the parsed certificate. : The DER or PEM encoded certificate. : One of DER or PEM
This function will convert the given DER or PEM encoded Certificate to the native MHD_gnutls_x509_crt_t format. The output will be stored in .
If the Certificate is PEM encoded it should have a header of "X509 CERTIFICATE", or "CERTIFICATE".
Returns 0 on success.
Definition at line 108 of file x509.c.
References ASN1_SUCCESS, MHD_gnutls_x509_crt_int::cert, MHD_gnutls_datum_t::data, GNUTLS_E_INTERNAL_ERROR, GNUTLS_E_INVALID_REQUEST, GNUTLS_X509_FMT_PEM, MHD__asn1_der_decoding(), MHD__gnutls_fbase64_decode(), MHD__gnutls_free_datum, MHD_gnutls_assert, MHD_gnutls_free, MHD_gtls_asn2err(), PEM_X509_CERT, PEM_X509_CERT2, MHD_gnutls_datum_t::size, and MHD_gnutls_x509_crt_int::use_extensions.
Referenced by MHD_gtls_x509_raw_cert_to_gcert(), and parse_der_cert_mem().
int MHD_gnutls_x509_crt_init | ( | MHD_gnutls_x509_crt_t * | cert | ) |
MHD_gnutls_x509_crt_init - This function initializes a MHD_gnutls_x509_crt_t structure : The structure to be initialized
This function will initialize an X.509 certificate structure.
Returns 0 on success.
Definition at line 50 of file x509.c.
References ASN1_SUCCESS, MHD_gnutls_x509_crt_int::cert, GNUTLS_E_MEMORY_ERROR, MHD__asn1_create_element(), MHD__gnutls_get_pkix, MHD_gnutls_assert, MHD_gnutls_calloc, MHD_gnutls_free, and MHD_gtls_asn2err().
Referenced by MHD_gtls_x509_raw_cert_to_gcert(), and parse_der_cert_mem().
int MHD_gnutls_x509_crt_print | ( | MHD_gnutls_x509_crt_t | cert, | |
MHD_gnutls_certificate_print_formats_t | format, | |||
MHD_gnutls_datum_t * | out | |||
) |
int MHD_gnutls_x509_crt_set_basic_constraints | ( | MHD_gnutls_x509_crt_t | crt, | |
unsigned int | ca, | |||
int | pathLenConstraint | |||
) |
int MHD_gnutls_x509_crt_set_ca_status | ( | MHD_gnutls_x509_crt_t | crt, | |
unsigned int | ca | |||
) |
int MHD_gnutls_x509_crt_set_dn_by_oid | ( | MHD_gnutls_x509_crt_t | crt, | |
const char * | oid, | |||
unsigned int | raw_flag, | |||
const void * | name, | |||
unsigned int | sizeof_name | |||
) |
int MHD_gnutls_x509_crt_set_extension_by_oid | ( | MHD_gnutls_x509_crt_t | crt, | |
const char * | oid, | |||
const void * | buf, | |||
size_t | sizeof_buf, | |||
unsigned int | critical | |||
) |
int MHD_gnutls_x509_crt_set_issuer_dn_by_oid | ( | MHD_gnutls_x509_crt_t | crt, | |
const char * | oid, | |||
unsigned int | raw_flag, | |||
const void * | name, | |||
unsigned int | sizeof_name | |||
) |
int MHD_gnutls_x509_crt_set_key | ( | MHD_gnutls_x509_crt_t | crt, | |
MHD_gnutls_x509_privkey_t | key | |||
) |
int MHD_gnutls_x509_crt_set_key_usage | ( | MHD_gnutls_x509_crt_t | crt, | |
unsigned int | usage | |||
) |
int MHD_gnutls_x509_crt_set_proxy | ( | MHD_gnutls_x509_crt_t | crt, | |
int | pathLenConstraint, | |||
const char * | policyLanguage, | |||
const char * | policy, | |||
size_t | sizeof_policy | |||
) |
int MHD_gnutls_x509_crt_set_proxy_dn | ( | MHD_gnutls_x509_crt_t | crt, | |
MHD_gnutls_x509_crt_t | eecrt, | |||
unsigned int | raw_flag, | |||
const void * | name, | |||
unsigned int | sizeof_name | |||
) |
int MHD_gnutls_x509_crt_set_serial | ( | MHD_gnutls_x509_crt_t | cert, | |
const void * | serial, | |||
size_t | serial_size | |||
) |
int MHD_gnutls_x509_crt_set_subject_alternative_name | ( | MHD_gnutls_x509_crt_t | crt, | |
MHD_gnutls_x509_subject_alt_name_t | type, | |||
const char * | data_string | |||
) |
int MHD_gnutls_x509_crt_set_subject_key_id | ( | MHD_gnutls_x509_crt_t | cert, | |
const void * | id, | |||
size_t | id_size | |||
) |
int MHD_gnutls_x509_crt_set_version | ( | MHD_gnutls_x509_crt_t | crt, | |
unsigned int | version | |||
) |
int MHD_gnutls_x509_crt_sign | ( | MHD_gnutls_x509_crt_t | crt, | |
MHD_gnutls_x509_crt_t | issuer, | |||
MHD_gnutls_x509_privkey_t | issuer_key | |||
) |
int MHD_gnutls_x509_crt_sign2 | ( | MHD_gnutls_x509_crt_t | crt, | |
MHD_gnutls_x509_crt_t | issuer, | |||
MHD_gnutls_x509_privkey_t | issuer_key, | |||
enum | MHD_GNUTLS_HashAlgorithm, | |||
unsigned int | flags | |||
) |
void MHD_gnutls_x509_privkey_deinit | ( | MHD_gnutls_x509_privkey_t | key | ) |
MHD_gnutls_x509_privkey_deinit - This function deinitializes memory used by a MHD_gnutls_x509_privkey_t structure : The structure to be initialized
This function will deinitialize a private key structure.
Definition at line 75 of file x509_privkey.c.
References MHD_gtls_x509_privkey_int::key, MHD__asn1_delete_structure(), MHD_gnutls_free, MHD_gtls_mpi_release(), MHD_gtls_x509_privkey_int::params, and MHD_gtls_x509_privkey_int::params_size.
Referenced by call_get_cert_callback(), MHD__gnutls_rsa_params_deinit(), and MHD__gnutls_x509_raw_privkey_to_gkey().
int MHD_gnutls_x509_privkey_export | ( | MHD_gnutls_x509_privkey_t | key, | |
MHD_gnutls_x509_crt_fmt_t | format, | |||
void * | output_data, | |||
size_t * | output_data_size | |||
) |
int MHD_gnutls_x509_privkey_export_pkcs8 | ( | MHD_gnutls_x509_privkey_t | key, | |
MHD_gnutls_x509_crt_fmt_t | format, | |||
const char * | password, | |||
unsigned int | flags, | |||
void * | output_data, | |||
size_t * | output_data_size | |||
) |
int MHD_gnutls_x509_privkey_export_rsa_raw | ( | MHD_gnutls_x509_privkey_t | key, | |
MHD_gnutls_datum_t * | m, | |||
MHD_gnutls_datum_t * | e, | |||
MHD_gnutls_datum_t * | d, | |||
MHD_gnutls_datum_t * | p, | |||
MHD_gnutls_datum_t * | q, | |||
MHD_gnutls_datum_t * | u | |||
) |
int MHD_gnutls_x509_privkey_generate | ( | MHD_gnutls_x509_privkey_t | key, | |
enum MHD_GNUTLS_PublicKeyAlgorithm | algo, | |||
unsigned int | bits, | |||
unsigned int | flags | |||
) |
int MHD_gnutls_x509_privkey_get_key_id | ( | MHD_gnutls_x509_privkey_t | key, | |
unsigned int | flags, | |||
unsigned char * | output_data, | |||
size_t * | output_data_size | |||
) |
int MHD_gnutls_x509_privkey_import | ( | MHD_gnutls_x509_privkey_t | key, | |
const MHD_gnutls_datum_t * | data, | |||
MHD_gnutls_x509_crt_fmt_t | format | |||
) |
MHD_gnutls_x509_privkey_import - This function will import a DER or PEM encoded key : The structure to store the parsed key : The DER or PEM encoded certificate. : One of DER or PEM
This function will convert the given DER or PEM encoded key to the native MHD_gnutls_x509_privkey_t format. The output will be stored in .
If the key is PEM encoded it should have a header of "RSA PRIVATE KEY", or "DSA PRIVATE KEY".
Returns 0 on success.
Definition at line 216 of file x509_privkey.c.
References MHD_gnutls_datum_t::data, GNUTLS_E_ASN1_DER_ERROR, GNUTLS_E_INVALID_REQUEST, GNUTLS_X509_FMT_PEM, MHD_gtls_x509_privkey_int::key, MHD__gnutls_fbase64_decode(), MHD__gnutls_free_datum, MHD__gnutls_privkey_decode_pkcs1_rsa_key(), MHD_gnutls_assert, MHD_GNUTLS_PK_RSA, MHD_GNUTLS_PK_UNKNOWN, PEM_KEY_RSA, MHD_gtls_x509_privkey_int::pk_algorithm, and MHD_gnutls_datum_t::size.
Referenced by MHD__gnutls_x509_raw_privkey_to_gkey().
int MHD_gnutls_x509_privkey_init | ( | MHD_gnutls_x509_privkey_t * | key | ) |
MHD_gnutls_x509_privkey_init - This function initializes a MHD_gnutls_crl structure : The structure to be initialized
This function will initialize an private key structure.
Returns 0 on success.
Definition at line 53 of file x509_privkey.c.
References ASN1_TYPE_EMPTY, GNUTLS_E_MEMORY_ERROR, MHD_gnutls_calloc, and MHD_GNUTLS_PK_UNKNOWN.
Referenced by MHD__gnutls_x509_raw_privkey_to_gkey().
int MHD_gnutls_x509_privkey_verify_data | ( | MHD_gnutls_x509_privkey_t | key, | |
unsigned int | flags, | |||
const MHD_gnutls_datum_t * | data, | |||
const MHD_gnutls_datum_t * | signature | |||
) |