gnutls_cert.h

Go to the documentation of this file.
00001 /*
00002  * Copyright (C) 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation
00003  *
00004  * Author: Nikos Mavrogiannopoulos
00005  *
00006  * This file is part of GNUTLS.
00007  *
00008  * The GNUTLS library is free software; you can redistribute it and/or
00009  * modify it under the terms of the GNU Lesser General Public License
00010  * as published by the Free Software Foundation; either version 2.1 of
00011  * the License, or (at your option) any later version.
00012  *
00013  * This library is distributed in the hope that it will be useful, but
00014  * WITHOUT ANY WARRANTY; without even the implied warranty of
00015  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
00016  * Lesser General Public License for more details.
00017  *
00018  * You should have received a copy of the GNU Lesser General Public
00019  * License along with this library; if not, write to the Free Software
00020  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
00021  * USA
00022  *
00023  */
00024 
00025 #ifndef GNUTLS_CERT_H
00026 # define GNUTLS_CERT_H
00027 
00028 #include <gnutls_pk.h>
00029 #include "x509.h"
00030 
00031 #define MAX_PUBLIC_PARAMS_SIZE 4        /* ok for RSA and DSA */
00032 
00033 /* parameters should not be larger than this limit */
00034 #define DSA_PUBLIC_PARAMS 4
00035 #define RSA_PUBLIC_PARAMS 2
00036 
00037 /* For key Usage, test as:
00038  * if (st.key_usage & KEY_DIGITAL_SIGNATURE) ...
00039  */
00040 #define KEY_DIGITAL_SIGNATURE           128
00041 #define KEY_NON_REPUDIATION             64
00042 #define KEY_KEY_ENCIPHERMENT            32
00043 #define KEY_DATA_ENCIPHERMENT           16
00044 #define KEY_KEY_AGREEMENT               8
00045 #define KEY_KEY_CERT_SIGN               4
00046 #define KEY_CRL_SIGN                    2
00047 #define KEY_ENCIPHER_ONLY               1
00048 #define KEY_DECIPHER_ONLY               32768
00049 
00050 typedef struct MHD_gnutls_cert
00051 {
00052   mpi_t params[MAX_PUBLIC_PARAMS_SIZE]; /* the size of params depends on the public
00053                                          * key algorithm
00054                                          * RSA: [0] is modulus
00055                                          *      [1] is public exponent
00056                                          * DSA: [0] is p
00057                                          *      [1] is q
00058                                          *      [2] is g
00059                                          *      [3] is public key
00060                                          */
00061   int params_size;              /* holds the size of MPI params */
00062 
00063   enum MHD_GNUTLS_PublicKeyAlgorithm subject_pk_algorithm;
00064 
00065   unsigned int key_usage;       /* bits from KEY_*
00066                                  */
00067 
00068   unsigned int version;
00069   /* holds the type (PGP, X509)
00070    */
00071   enum MHD_GNUTLS_CertificateType cert_type;
00072 
00073   MHD_gnutls_datum_t raw;
00074 
00075 } MHD_gnutls_cert;
00076 
00077 typedef struct MHD_gnutls_privkey_int
00078 {
00079   mpi_t params[MAX_PRIV_PARAMS_SIZE];   /* the size of params depends on the public
00080                                          * key algorithm
00081                                          */
00082   /*
00083    * RSA: [0] is modulus
00084    *      [1] is public exponent
00085    *      [2] is private exponent
00086    *      [3] is prime1 (p)
00087    *      [4] is prime2 (q)
00088    *      [5] is coefficient (u == inverse of p mod q)
00089    * DSA: [0] is p
00090    *      [1] is q
00091    *      [2] is g
00092    *      [3] is y (public key)
00093    *      [4] is x (private key)
00094    */
00095   int params_size;              /* holds the number of params */
00096 
00097   enum MHD_GNUTLS_PublicKeyAlgorithm pk_algorithm;
00098 } MHD_gnutls_privkey;
00099 
00100 struct MHD_gtls_session_int;    /* because MHD_gtls_session_t is not defined when this file is included */
00101 
00102 typedef enum ConvFlags
00103 {
00104   CERT_NO_COPY = 2,
00105   CERT_ONLY_PUBKEY = 4,
00106   CERT_ONLY_EXTENSIONS = 16
00107 } ConvFlags;
00108 
00109 int MHD_gtls_x509_raw_cert_to_gcert (MHD_gnutls_cert * gcert,
00110                                      const MHD_gnutls_datum_t * derCert,
00111                                      int flags);
00112 int MHD_gtls_x509_crt_to_gcert (MHD_gnutls_cert * gcert,
00113                                 MHD_gnutls_x509_crt_t cert,
00114                                 unsigned int flags);
00115 
00116 void MHD_gtls_gkey_deinit (MHD_gnutls_privkey * key);
00117 void MHD_gtls_gcert_deinit (MHD_gnutls_cert * cert);
00118 
00119 int MHD_gtls_selected_cert_supported_kx (struct MHD_gtls_session_int *session,
00120                                          enum MHD_GNUTLS_KeyExchangeAlgorithm
00121                                          **alg, int *alg_size);
00122 
00123 int MHD_gtls_raw_cert_to_gcert (MHD_gnutls_cert * gcert,
00124                                 enum MHD_GNUTLS_CertificateType type,
00125                                 const MHD_gnutls_datum_t * raw_cert,
00126                                 int flags /* OR of ConvFlags */ );
00127 #endif

Generated by  doxygen 1.6.2