~ubuntu-branches/ubuntu/oneiric/gnutls26/oneiric
» Revision
26
: doc/reference/html/gnutls-gnutls.html
« back to all changes in this revision
Viewing changes to doc/reference/html/gnutls-gnutls.html
- browse files at revision 26
- compare with another revision
- download diff
- download tarball
- view history from revision 26
- Committer: Bazaar Package Importer
- Author(s): Steve Langasek
- Date: 2011-05-20 13:07:18 UTC
- mfrom: (12.1.11 sid)
- Revision ID: james.westby@ubuntu.com-20110520130718-db41dybbanzfvlji
Tags: 2.10.5-1ubuntu1
* Merge from Debian unstable, remaining changes:
- Fix build failure with --no-add-needed.
- Build for multiarch.
- Fix build failure with --no-add-needed.
- Build for multiarch.
- files added:
- build-aux/arg-nonnull.h
- tests/safe-renegotiation
- files removed:
- .pc/15_fixgnutlspc.diff
- .pc/15_fixgnutlspc.diff/lib
- doc/reference/xml
- files modified:
- .clcopying
added
removed
doc/reference/html/gnutls-gnutls.html
4
4
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
5
5
<title>gnutls</title>
6
6
<meta name="generator" content="DocBook XSL Stylesheets V1.75.2">
7
<link rel="home" href="index.html" title="GNU TLS API Reference Manual">
8
<link rel="up" href="ch01.html" title="GNU TLS API Reference Manual">
9
<link rel="prev" href="ch01.html" title="GNU TLS API Reference Manual">
7
<link rel="home" href="index.html" title="GnuTLS API Reference Manual">
8
<link rel="up" href="intro.html" title="GnuTLS API Reference Manual">
9
<link rel="prev" href="intro.html" title="GnuTLS API Reference Manual">
10
10
<link rel="next" href="gnutls-extra.html" title="extra">
11
<meta name="generator" content="GTK-Doc V1.14 (XML mode)">
11
<meta name="generator" content="GTK-Doc V1.15 (XML mode)">
12
12
<link rel="stylesheet" href="style.css" type="text/css">
13
13
</head>
14
14
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
15
15
<table class="navigation" id="top" width="100%" summary="Navigation header" cellpadding="2" cellspacing="2">
16
16
<tr valign="middle">
17
<td><a accesskey="p" href="ch01.html"><img src="left.png" width="24" height="24" border="0" alt="Prev"></a></td>
18
<td><a accesskey="u" href="ch01.html"><img src="up.png" width="24" height="24" border="0" alt="Up"></a></td>
17
<td><a accesskey="p" href="intro.html"><img src="left.png" width="24" height="24" border="0" alt="Prev"></a></td>
18
<td><a accesskey="u" href="intro.html"><img src="up.png" width="24" height="24" border="0" alt="Up"></a></td>
19
19
<td><a accesskey="h" href="index.html"><img src="home.png" width="24" height="24" border="0" alt="Home"></a></td>
20
<th width="100%" align="center">GNU TLS API Reference Manual</th>
20
<th width="100%" align="center">GnuTLS API Reference Manual</th>
21
21
<td><a accesskey="n" href="gnutls-extra.html"><img src="right.png" width="24" height="24" border="0" alt="Next"></a></td>
22
22
</tr>
23
23
<tr><td colspan="5" class="shortcuts">
56
56
enum <a class="link" href="gnutls-gnutls.html#gnutls-mac-algorithm-t" title="enum gnutls_mac_algorithm_t">gnutls_mac_algorithm_t</a>;
57
57
enum <a class="link" href="gnutls-gnutls.html#gnutls-digest-algorithm-t" title="enum gnutls_digest_algorithm_t">gnutls_digest_algorithm_t</a>;
58
58
#define <a class="link" href="gnutls-gnutls.html#GNUTLS-MAX-ALGORITHM-NUM:CAPS" title="GNUTLS_MAX_ALGORITHM_NUM">GNUTLS_MAX_ALGORITHM_NUM</a>
59
#define <a class="link" href="gnutls-gnutls.html#GNUTLS-COMP-ZLIB:CAPS" title="GNUTLS_COMP_ZLIB">GNUTLS_COMP_ZLIB</a>
60
59
enum <a class="link" href="gnutls-gnutls.html#gnutls-compression-method-t" title="enum gnutls_compression_method_t">gnutls_compression_method_t</a>;
61
60
enum <a class="link" href="gnutls-gnutls.html#gnutls-connection-end-t" title="enum gnutls_connection_end_t">gnutls_connection_end_t</a>;
62
61
enum <a class="link" href="gnutls-gnutls.html#gnutls-alert-level-t" title="enum gnutls_alert_level_t">gnutls_alert_level_t</a>;
66
65
enum <a class="link" href="gnutls-gnutls.html#gnutls-certificate-request-t" title="enum gnutls_certificate_request_t">gnutls_certificate_request_t</a>;
67
66
enum <a class="link" href="gnutls-gnutls.html#gnutls-openpgp-crt-status-t" title="enum gnutls_openpgp_crt_status_t">gnutls_openpgp_crt_status_t</a>;
68
67
enum <a class="link" href="gnutls-gnutls.html#gnutls-close-request-t" title="enum gnutls_close_request_t">gnutls_close_request_t</a>;
69
#define <a class="link" href="gnutls-gnutls.html#GNUTLS-TLS1:CAPS" title="GNUTLS_TLS1">GNUTLS_TLS1</a>
70
68
enum <a class="link" href="gnutls-gnutls.html#gnutls-protocol-t" title="enum gnutls_protocol_t">gnutls_protocol_t</a>;
71
69
enum <a class="link" href="gnutls-gnutls.html#gnutls-certificate-type-t" title="enum gnutls_certificate_type_t">gnutls_certificate_type_t</a>;
72
70
enum <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t">gnutls_x509_crt_fmt_t</a>;
73
71
enum <a class="link" href="gnutls-gnutls.html#gnutls-certificate-print-formats-t" title="enum gnutls_certificate_print_formats_t">gnutls_certificate_print_formats_t</a>;
74
72
enum <a class="link" href="gnutls-gnutls.html#gnutls-pk-algorithm-t" title="enum gnutls_pk_algorithm_t">gnutls_pk_algorithm_t</a>;
75
73
const <span class="returnvalue">char</span> * <a class="link" href="gnutls-gnutls.html#gnutls-pk-algorithm-get-name" title="gnutls_pk_algorithm_get_name ()">gnutls_pk_algorithm_get_name</a> (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pk-algorithm-t" title="enum gnutls_pk_algorithm_t"><span class="type">gnutls_pk_algorithm_t</span></a> algorithm</code></em>);
76
#define <a class="link" href="gnutls-gnutls.html#GNUTLS-SIGN-RSA-SHA:CAPS" title="GNUTLS_SIGN_RSA_SHA">GNUTLS_SIGN_RSA_SHA</a>
77
#define <a class="link" href="gnutls-gnutls.html#GNUTLS-SIGN-DSA-SHA:CAPS" title="GNUTLS_SIGN_DSA_SHA">GNUTLS_SIGN_DSA_SHA</a>
78
74
enum <a class="link" href="gnutls-gnutls.html#gnutls-sign-algorithm-t" title="enum gnutls_sign_algorithm_t">gnutls_sign_algorithm_t</a>;
79
75
const <span class="returnvalue">char</span> * <a class="link" href="gnutls-gnutls.html#gnutls-sign-algorithm-get-name" title="gnutls_sign_algorithm_get_name ()">gnutls_sign_algorithm_get_name</a> (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-sign-algorithm-t" title="enum gnutls_sign_algorithm_t"><span class="type">gnutls_sign_algorithm_t</span></a> sign</code></em>);
80
76
typedef <a class="link" href="gnutls-gnutls.html#gnutls-transport-ptr-t" title="gnutls_transport_ptr_t">gnutls_transport_ptr_t</a>;
105
101
<a class="link" href="gnutls-gnutls.html#gnutls-mac-algorithm-t" title="enum gnutls_mac_algorithm_t"><span class="returnvalue">gnutls_mac_algorithm_t</span></a> <a class="link" href="gnutls-gnutls.html#gnutls-mac-get" title="gnutls_mac_get ()">gnutls_mac_get</a> (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);
106
102
<a class="link" href="gnutls-gnutls.html#gnutls-compression-method-t" title="enum gnutls_compression_method_t"><span class="returnvalue">gnutls_compression_method_t</span></a> <a class="link" href="gnutls-gnutls.html#gnutls-compression-get" title="gnutls_compression_get ()">gnutls_compression_get</a> (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);
107
103
<a class="link" href="gnutls-gnutls.html#gnutls-certificate-type-t" title="enum gnutls_certificate_type_t"><span class="returnvalue">gnutls_certificate_type_t</span></a> <a class="link" href="gnutls-gnutls.html#gnutls-certificate-type-get" title="gnutls_certificate_type_get ()">gnutls_certificate_type_get</a> (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);
104
<a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-gnutls.html#gnutls-sign-algorithm-get-requested" title="gnutls_sign_algorithm_get_requested ()">gnutls_sign_algorithm_get_requested</a> (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
105
<em class="parameter"><code><span class="type">size_t</span> indx</code></em>,
106
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-sign-algorithm-t" title="enum gnutls_sign_algorithm_t"><span class="type">gnutls_sign_algorithm_t</span></a> *algo</code></em>);
108
107
<span class="returnvalue">size_t</span> <a class="link" href="gnutls-gnutls.html#gnutls-cipher-get-key-size" title="gnutls_cipher_get_key_size ()">gnutls_cipher_get_key_size</a> (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-cipher-algorithm-t" title="enum gnutls_cipher_algorithm_t"><span class="type">gnutls_cipher_algorithm_t</span></a> algorithm</code></em>);
109
108
<span class="returnvalue">size_t</span> <a class="link" href="gnutls-gnutls.html#gnutls-mac-get-key-size" title="gnutls_mac_get_key_size ()">gnutls_mac_get_key_size</a> (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-mac-algorithm-t" title="enum gnutls_mac_algorithm_t"><span class="type">gnutls_mac_algorithm_t</span></a> algorithm</code></em>);
110
109
const <span class="returnvalue">char</span> * <a class="link" href="gnutls-gnutls.html#gnutls-cipher-get-name" title="gnutls_cipher_get_name ()">gnutls_cipher_get_name</a> (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-cipher-algorithm-t" title="enum gnutls_cipher_algorithm_t"><span class="type">gnutls_cipher_algorithm_t</span></a> algorithm</code></em>);
205
204
<em class="parameter"><code><span class="type">size_t</span> *data_length</code></em>,
206
205
<em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> *type</code></em>,
207
206
<em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> indx</code></em>);
207
<a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-gnutls.html#gnutls-safe-renegotiation-status" title="gnutls_safe_renegotiation_status ()">gnutls_safe_renegotiation_status</a> (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);
208
208
<span class="returnvalue">void</span> <a class="link" href="gnutls-gnutls.html#gnutls-oprfi-enable-client" title="gnutls_oprfi_enable_client ()">gnutls_oprfi_enable_client</a> (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
209
209
<em class="parameter"><code><span class="type">size_t</span> len</code></em>,
210
210
<em class="parameter"><code>unsigned <span class="type">char</span> *data</code></em>);
217
217
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-oprfi-callback-func" title="gnutls_oprfi_callback_func ()"><span class="type">gnutls_oprfi_callback_func</span></a> cb</code></em>,
218
218
<em class="parameter"><code><span class="type">void</span> *userdata</code></em>);
219
219
enum <a class="link" href="gnutls-gnutls.html#gnutls-supplemental-data-format-type-t" title="enum gnutls_supplemental_data_format_type_t">gnutls_supplemental_data_format_type_t</a>;
220
const <span class="returnvalue">char</span> * <a class="link" href="gnutls-gnutls.html#gnutls-supplemental-get-name" title="gnutls_supplemental_get_name ()">gnutls_supplemental_get_name</a> (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-supplemental-data-format-type-t" title="enum gnutls_supplemental_data_format_type_t"><span class="type">gnutls_supplemental_data_format_type_t</span></a> type</code></em>);
220
<a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-gnutls.html#gnutls-session-ticket-key-generate" title="gnutls_session_ticket_key_generate ()">gnutls_session_ticket_key_generate</a> (<em class="parameter"><code><span class="type">gnutls_datum_t</span> *key</code></em>);
221
<a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-gnutls.html#gnutls-session-ticket-enable-client" title="gnutls_session_ticket_enable_client ()">gnutls_session_ticket_enable_client</a> (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);
222
<a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-gnutls.html#gnutls-session-ticket-enable-server" title="gnutls_session_ticket_enable_server ()">gnutls_session_ticket_enable_server</a> (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
223
<em class="parameter"><code>const <span class="type">gnutls_datum_t</span> *key</code></em>);
221
224
<a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-gnutls.html#gnutls-cipher-set-priority" title="gnutls_cipher_set_priority ()">gnutls_cipher_set_priority</a> (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
222
225
<em class="parameter"><code>const <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> *list</code></em>);
223
226
<a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-gnutls.html#gnutls-mac-set-priority" title="gnutls_mac_set_priority ()">gnutls_mac_set_priority</a> (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
370
373
<em class="parameter"><code>const <span class="type">char</span> *password</code></em>);
371
374
<a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-gnutls.html#gnutls-certificate-set-x509-simple-pkcs12-mem" title="gnutls_certificate_set_x509_simple_pkcs12_mem ()">gnutls_certificate_set_x509_simple_pkcs12_mem</a>
372
375
(<em class="parameter"><code><span class="type">gnutls_certificate_credentials_t</span> res</code></em>,
373
<em class="parameter"><code>const <span class="type">gnutls_datum</span> *p12blob</code></em>,
376
<em class="parameter"><code>const <span class="type">gnutls_datum_t</span> *p12blob</code></em>,
374
377
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> type</code></em>,
375
378
<em class="parameter"><code>const <span class="type">char</span> *password</code></em>);
376
379
typedef <a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t">gnutls_x509_privkey_t</a>;
627
630
<span class="returnvalue">void</span> <a class="link" href="gnutls-gnutls.html#gnutls-certificate-server-set-retrieve-function" title="gnutls_certificate_server_set_retrieve_function ()">gnutls_certificate_server_set_retrieve_function</a>
628
631
(<em class="parameter"><code><span class="type">gnutls_certificate_credentials_t</span> cred</code></em>,
629
632
<em class="parameter"><code><span class="type">gnutls_certificate_server_retrieve_function</span> *func</code></em>);
633
<span class="returnvalue">void</span> <a class="link" href="gnutls-gnutls.html#gnutls-certificate-set-verify-function" title="gnutls_certificate_set_verify_function ()">gnutls_certificate_set_verify_function</a>
634
(<em class="parameter"><code><span class="type">gnutls_certificate_credentials_t</span> cred</code></em>,
635
<em class="parameter"><code><span class="type">gnutls_certificate_verify_function</span> *func</code></em>);
630
636
<span class="returnvalue">void</span> <a class="link" href="gnutls-gnutls.html#gnutls-certificate-server-set-request" title="gnutls_certificate_server_set_request ()">gnutls_certificate_server_set_request</a>
631
637
(<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
632
638
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-certificate-request-t" title="enum gnutls_certificate_request_t"><span class="type">gnutls_certificate_request_t</span></a> req</code></em>);
770
776
#define <a class="link" href="gnutls-gnutls.html#GNUTLS-E-WARNING-IA-FPHF-RECEIVED:CAPS" title="GNUTLS_E_WARNING_IA_FPHF_RECEIVED">GNUTLS_E_WARNING_IA_FPHF_RECEIVED</a>
771
777
#define <a class="link" href="gnutls-gnutls.html#GNUTLS-E-IA-VERIFY-FAILED:CAPS" title="GNUTLS_E_IA_VERIFY_FAILED">GNUTLS_E_IA_VERIFY_FAILED</a>
772
778
#define <a class="link" href="gnutls-gnutls.html#GNUTLS-E-UNKNOWN-ALGORITHM:CAPS" title="GNUTLS_E_UNKNOWN_ALGORITHM">GNUTLS_E_UNKNOWN_ALGORITHM</a>
779
#define <a class="link" href="gnutls-gnutls.html#GNUTLS-E-UNSUPPORTED-SIGNATURE-ALGORITHM:CAPS" title="GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM">GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM</a>
780
#define <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SAFE-RENEGOTIATION-FAILED:CAPS" title="GNUTLS_E_SAFE_RENEGOTIATION_FAILED">GNUTLS_E_SAFE_RENEGOTIATION_FAILED</a>
781
#define <a class="link" href="gnutls-gnutls.html#GNUTLS-E-UNSAFE-RENEGOTIATION-DENIED:CAPS" title="GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED">GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED</a>
782
#define <a class="link" href="gnutls-gnutls.html#GNUTLS-E-UNKNOWN-SRP-USERNAME:CAPS" title="GNUTLS_E_UNKNOWN_SRP_USERNAME">GNUTLS_E_UNKNOWN_SRP_USERNAME</a>
773
783
#define <a class="link" href="gnutls-gnutls.html#GNUTLS-E-BASE64-ENCODING-ERROR:CAPS" title="GNUTLS_E_BASE64_ENCODING_ERROR">GNUTLS_E_BASE64_ENCODING_ERROR</a>
774
784
#define <a class="link" href="gnutls-gnutls.html#GNUTLS-E-INCOMPATIBLE-GCRYPT-LIBRARY:CAPS" title="GNUTLS_E_INCOMPATIBLE_GCRYPT_LIBRARY">GNUTLS_E_INCOMPATIBLE_GCRYPT_LIBRARY</a>
775
785
#define <a class="link" href="gnutls-gnutls.html#GNUTLS-E-INCOMPATIBLE-CRYPTO-LIBRARY:CAPS" title="GNUTLS_E_INCOMPATIBLE_CRYPTO_LIBRARY">GNUTLS_E_INCOMPATIBLE_CRYPTO_LIBRARY</a>
781
791
#define <a class="link" href="gnutls-gnutls.html#GNUTLS-E-OPENPGP-SUBKEY-ERROR:CAPS" title="GNUTLS_E_OPENPGP_SUBKEY_ERROR">GNUTLS_E_OPENPGP_SUBKEY_ERROR</a>
782
792
#define <a class="link" href="gnutls-gnutls.html#GNUTLS-E-CRYPTO-ALREADY-REGISTERED:CAPS" title="GNUTLS_E_CRYPTO_ALREADY_REGISTERED">GNUTLS_E_CRYPTO_ALREADY_REGISTERED</a>
783
793
#define <a class="link" href="gnutls-gnutls.html#GNUTLS-E-HANDSHAKE-TOO-LARGE:CAPS" title="GNUTLS_E_HANDSHAKE_TOO_LARGE">GNUTLS_E_HANDSHAKE_TOO_LARGE</a>
794
#define <a class="link" href="gnutls-gnutls.html#GNUTLS-E-CRYPTODEV-IOCTL-ERROR:CAPS" title="GNUTLS_E_CRYPTODEV_IOCTL_ERROR">GNUTLS_E_CRYPTODEV_IOCTL_ERROR</a>
795
#define <a class="link" href="gnutls-gnutls.html#GNUTLS-E-CRYPTODEV-DEVICE-ERROR:CAPS" title="GNUTLS_E_CRYPTODEV_DEVICE_ERROR">GNUTLS_E_CRYPTODEV_DEVICE_ERROR</a>
784
796
#define <a class="link" href="gnutls-gnutls.html#GNUTLS-E-UNIMPLEMENTED-FEATURE:CAPS" title="GNUTLS_E_UNIMPLEMENTED_FEATURE">GNUTLS_E_UNIMPLEMENTED_FEATURE</a>
785
797
#define <a class="link" href="gnutls-gnutls.html#GNUTLS-E-APPLICATION-ERROR-MAX:CAPS" title="GNUTLS_E_APPLICATION_ERROR_MAX">GNUTLS_E_APPLICATION_ERROR_MAX</a>
786
798
#define <a class="link" href="gnutls-gnutls.html#GNUTLS-E-APPLICATION-ERROR-MIN:CAPS" title="GNUTLS_E_APPLICATION_ERROR_MIN">GNUTLS_E_APPLICATION_ERROR_MIN</a>
803
815
<hr>
804
816
<div class="refsect2" title="GNUTLS_VERSION">
805
817
<a name="GNUTLS-VERSION:CAPS"></a><h3>GNUTLS_VERSION</h3>
806
<pre class="programlisting">#define GNUTLS_VERSION "2.8.6"
818
<pre class="programlisting">#define GNUTLS_VERSION "2.10.5"
807
819
</pre>
808
820
<p>
809
821
</p>
819
831
<hr>
820
832
<div class="refsect2" title="GNUTLS_VERSION_MINOR">
821
833
<a name="GNUTLS-VERSION-MINOR:CAPS"></a><h3>GNUTLS_VERSION_MINOR</h3>
822
<pre class="programlisting">#define GNUTLS_VERSION_MINOR 8
834
<pre class="programlisting">#define GNUTLS_VERSION_MINOR 10
823
835
</pre>
824
836
<p>
825
837
</p>
827
839
<hr>
828
840
<div class="refsect2" title="GNUTLS_VERSION_PATCH">
829
841
<a name="GNUTLS-VERSION-PATCH:CAPS"></a><h3>GNUTLS_VERSION_PATCH</h3>
830
<pre class="programlisting">#define GNUTLS_VERSION_PATCH 6
842
<pre class="programlisting">#define GNUTLS_VERSION_PATCH 5
831
843
</pre>
832
844
<p>
833
845
</p>
835
847
<hr>
836
848
<div class="refsect2" title="GNUTLS_VERSION_NUMBER">
837
849
<a name="GNUTLS-VERSION-NUMBER:CAPS"></a><h3>GNUTLS_VERSION_NUMBER</h3>
838
<pre class="programlisting">#define GNUTLS_VERSION_NUMBER 0x020806
850
<pre class="programlisting">#define GNUTLS_VERSION_NUMBER 0x020a05
839
851
</pre>
840
852
<p>
841
853
</p>
879
891
{
880
892
GNUTLS_CIPHER_UNKNOWN = 0,
881
893
GNUTLS_CIPHER_NULL = 1,
882
GNUTLS_CIPHER_ARCFOUR_128,
883
GNUTLS_CIPHER_3DES_CBC,
884
GNUTLS_CIPHER_AES_128_CBC,
885
GNUTLS_CIPHER_AES_256_CBC,
886
GNUTLS_CIPHER_ARCFOUR_40,
887
GNUTLS_CIPHER_CAMELLIA_128_CBC,
888
GNUTLS_CIPHER_CAMELLIA_256_CBC,
894
GNUTLS_CIPHER_ARCFOUR_128 = 2,
895
GNUTLS_CIPHER_3DES_CBC = 3,
896
GNUTLS_CIPHER_AES_128_CBC = 4,
897
GNUTLS_CIPHER_AES_256_CBC = 5,
898
GNUTLS_CIPHER_ARCFOUR_40 = 6,
899
GNUTLS_CIPHER_CAMELLIA_128_CBC = 7,
900
GNUTLS_CIPHER_CAMELLIA_256_CBC = 8,
889
901
GNUTLS_CIPHER_RC2_40_CBC = 90,
890
GNUTLS_CIPHER_DES_CBC,
902
GNUTLS_CIPHER_DES_CBC = 91,
903
GNUTLS_CIPHER_AES_192_CBC = 92,
891
904
892
/* used only for PGP internals. Ignored in TLS/SSL
905
/* used only for PGP internals. Ignored in TLS/SSL
893
906
*/
894
907
GNUTLS_CIPHER_IDEA_PGP_CFB = 200,
895
GNUTLS_CIPHER_3DES_PGP_CFB,
896
GNUTLS_CIPHER_CAST5_PGP_CFB,
897
GNUTLS_CIPHER_BLOWFISH_PGP_CFB,
898
GNUTLS_CIPHER_SAFER_SK128_PGP_CFB,
899
GNUTLS_CIPHER_AES128_PGP_CFB,
900
GNUTLS_CIPHER_AES192_PGP_CFB,
901
GNUTLS_CIPHER_AES256_PGP_CFB,
902
GNUTLS_CIPHER_TWOFISH_PGP_CFB
908
GNUTLS_CIPHER_3DES_PGP_CFB = 201,
909
GNUTLS_CIPHER_CAST5_PGP_CFB = 202,
910
GNUTLS_CIPHER_BLOWFISH_PGP_CFB = 203,
911
GNUTLS_CIPHER_SAFER_SK128_PGP_CFB = 204,
912
GNUTLS_CIPHER_AES128_PGP_CFB = 205,
913
GNUTLS_CIPHER_AES192_PGP_CFB = 206,
914
GNUTLS_CIPHER_AES256_PGP_CFB = 207,
915
GNUTLS_CIPHER_TWOFISH_PGP_CFB = 208
903
916
} gnutls_cipher_algorithm_t;
904
917
</pre>
905
918
<p>
919
Enumeration of different symmetric encryption algorithms.
906
920
</p>
921
<div class="variablelist"><table border="0">
922
<col align="left" valign="top">
923
<tbody>
924
<tr>
925
<td><p><a name="GNUTLS-CIPHER-UNKNOWN:CAPS"></a><span class="term"><code class="literal">GNUTLS_CIPHER_UNKNOWN</code></span></p></td>
926
<td>Unknown algorithm.
927
</td>
928
</tr>
929
<tr>
930
<td><p><a name="GNUTLS-CIPHER-NULL:CAPS"></a><span class="term"><code class="literal">GNUTLS_CIPHER_NULL</code></span></p></td>
931
<td>NULL algorithm.
932
</td>
933
</tr>
934
<tr>
935
<td><p><a name="GNUTLS-CIPHER-ARCFOUR-128:CAPS"></a><span class="term"><code class="literal">GNUTLS_CIPHER_ARCFOUR_128</code></span></p></td>
936
<td>ARCFOUR stream cipher with 128-bit keys.
937
</td>
938
</tr>
939
<tr>
940
<td><p><a name="GNUTLS-CIPHER-3DES-CBC:CAPS"></a><span class="term"><code class="literal">GNUTLS_CIPHER_3DES_CBC</code></span></p></td>
941
<td>3DES in CBC mode.
942
</td>
943
</tr>
944
<tr>
945
<td><p><a name="GNUTLS-CIPHER-AES-128-CBC:CAPS"></a><span class="term"><code class="literal">GNUTLS_CIPHER_AES_128_CBC</code></span></p></td>
946
<td>AES in CBC mode with 128-bit keys.
947
</td>
948
</tr>
949
<tr>
950
<td><p><a name="GNUTLS-CIPHER-AES-256-CBC:CAPS"></a><span class="term"><code class="literal">GNUTLS_CIPHER_AES_256_CBC</code></span></p></td>
951
<td>AES in CBC mode with 256-bit keys.
952
</td>
953
</tr>
954
<tr>
955
<td><p><a name="GNUTLS-CIPHER-ARCFOUR-40:CAPS"></a><span class="term"><code class="literal">GNUTLS_CIPHER_ARCFOUR_40</code></span></p></td>
956
<td>ARCFOUR stream cipher with 40-bit keys.
957
</td>
958
</tr>
959
<tr>
960
<td><p><a name="GNUTLS-CIPHER-CAMELLIA-128-CBC:CAPS"></a><span class="term"><code class="literal">GNUTLS_CIPHER_CAMELLIA_128_CBC</code></span></p></td>
961
<td>Camellia in CBC mode with 128-bit keys.
962
</td>
963
</tr>
964
<tr>
965
<td><p><a name="GNUTLS-CIPHER-CAMELLIA-256-CBC:CAPS"></a><span class="term"><code class="literal">GNUTLS_CIPHER_CAMELLIA_256_CBC</code></span></p></td>
966
<td>Camellia in CBC mode with 256-bit keys.
967
</td>
968
</tr>
969
<tr>
970
<td><p><a name="GNUTLS-CIPHER-RC2-40-CBC:CAPS"></a><span class="term"><code class="literal">GNUTLS_CIPHER_RC2_40_CBC</code></span></p></td>
971
<td>RC2 in CBC mode with 40-bit keys.
972
</td>
973
</tr>
974
<tr>
975
<td><p><a name="GNUTLS-CIPHER-DES-CBC:CAPS"></a><span class="term"><code class="literal">GNUTLS_CIPHER_DES_CBC</code></span></p></td>
976
<td>DES in CBC mode (56-bit keys).
977
</td>
978
</tr>
979
<tr>
980
<td><p><a name="GNUTLS-CIPHER-AES-192-CBC:CAPS"></a><span class="term"><code class="literal">GNUTLS_CIPHER_AES_192_CBC</code></span></p></td>
981
<td>AES in CBC mode with 192-bit keys.
982
</td>
983
</tr>
984
<tr>
985
<td><p><a name="GNUTLS-CIPHER-IDEA-PGP-CFB:CAPS"></a><span class="term"><code class="literal">GNUTLS_CIPHER_IDEA_PGP_CFB</code></span></p></td>
986
<td>IDEA in CFB mode.
987
</td>
988
</tr>
989
<tr>
990
<td><p><a name="GNUTLS-CIPHER-3DES-PGP-CFB:CAPS"></a><span class="term"><code class="literal">GNUTLS_CIPHER_3DES_PGP_CFB</code></span></p></td>
991
<td>3DES in CFB mode.
992
</td>
993
</tr>
994
<tr>
995
<td><p><a name="GNUTLS-CIPHER-CAST5-PGP-CFB:CAPS"></a><span class="term"><code class="literal">GNUTLS_CIPHER_CAST5_PGP_CFB</code></span></p></td>
996
<td>CAST5 in CFB mode.
997
</td>
998
</tr>
999
<tr>
1000
<td><p><a name="GNUTLS-CIPHER-BLOWFISH-PGP-CFB:CAPS"></a><span class="term"><code class="literal">GNUTLS_CIPHER_BLOWFISH_PGP_CFB</code></span></p></td>
1001
<td>Blowfish in CFB mode.
1002
</td>
1003
</tr>
1004
<tr>
1005
<td><p><a name="GNUTLS-CIPHER-SAFER-SK128-PGP-CFB:CAPS"></a><span class="term"><code class="literal">GNUTLS_CIPHER_SAFER_SK128_PGP_CFB</code></span></p></td>
1006
<td>Safer-SK in CFB mode with 128-bit keys.
1007
</td>
1008
</tr>
1009
<tr>
1010
<td><p><a name="GNUTLS-CIPHER-AES128-PGP-CFB:CAPS"></a><span class="term"><code class="literal">GNUTLS_CIPHER_AES128_PGP_CFB</code></span></p></td>
1011
<td>AES in CFB mode with 128-bit keys.
1012
</td>
1013
</tr>
1014
<tr>
1015
<td><p><a name="GNUTLS-CIPHER-AES192-PGP-CFB:CAPS"></a><span class="term"><code class="literal">GNUTLS_CIPHER_AES192_PGP_CFB</code></span></p></td>
1016
<td>AES in CFB mode with 192-bit keys.
1017
</td>
1018
</tr>
1019
<tr>
1020
<td><p><a name="GNUTLS-CIPHER-AES256-PGP-CFB:CAPS"></a><span class="term"><code class="literal">GNUTLS_CIPHER_AES256_PGP_CFB</code></span></p></td>
1021
<td>AES in CFB mode with 256-bit keys.
1022
</td>
1023
</tr>
1024
<tr>
1025
<td><p><a name="GNUTLS-CIPHER-TWOFISH-PGP-CFB:CAPS"></a><span class="term"><code class="literal">GNUTLS_CIPHER_TWOFISH_PGP_CFB</code></span></p></td>
1026
<td>Twofish in CFB mode.
1027
</td>
1028
</tr>
1029
</tbody>
1030
</table></div>
907
1031
</div>
908
1032
<hr>
909
1033
<div class="refsect2" title="enum gnutls_kx_algorithm_t">
912
1036
{
913
1037
GNUTLS_KX_UNKNOWN = 0,
914
1038
GNUTLS_KX_RSA = 1,
915
GNUTLS_KX_DHE_DSS,
916
GNUTLS_KX_DHE_RSA,
917
GNUTLS_KX_ANON_DH,
918
GNUTLS_KX_SRP,
919
GNUTLS_KX_RSA_EXPORT,
920
GNUTLS_KX_SRP_RSA,
921
GNUTLS_KX_SRP_DSS,
922
GNUTLS_KX_PSK,
923
GNUTLS_KX_DHE_PSK
1039
GNUTLS_KX_DHE_DSS = 2,
1040
GNUTLS_KX_DHE_RSA = 3,
1041
GNUTLS_KX_ANON_DH = 4,
1042
GNUTLS_KX_SRP = 5,
1043
GNUTLS_KX_RSA_EXPORT = 6,
1044
GNUTLS_KX_SRP_RSA = 7,
1045
GNUTLS_KX_SRP_DSS = 8,
1046
GNUTLS_KX_PSK = 9,
1047
GNUTLS_KX_DHE_PSK = 10
924
1048
} gnutls_kx_algorithm_t;
925
1049
</pre>
926
1050
<p>
1051
Enumeration of different key exchange algorithms.
927
1052
</p>
1053
<div class="variablelist"><table border="0">
1054
<col align="left" valign="top">
1055
<tbody>
1056
<tr>
1057
<td><p><a name="GNUTLS-KX-UNKNOWN:CAPS"></a><span class="term"><code class="literal">GNUTLS_KX_UNKNOWN</code></span></p></td>
1058
<td>Unknown key-exchange algorithm.
1059
</td>
1060
</tr>
1061
<tr>
1062
<td><p><a name="GNUTLS-KX-RSA:CAPS"></a><span class="term"><code class="literal">GNUTLS_KX_RSA</code></span></p></td>
1063
<td>RSA key-exchange algorithm.
1064
</td>
1065
</tr>
1066
<tr>
1067
<td><p><a name="GNUTLS-KX-DHE-DSS:CAPS"></a><span class="term"><code class="literal">GNUTLS_KX_DHE_DSS</code></span></p></td>
1068
<td>DHE-DSS key-exchange algorithm.
1069
</td>
1070
</tr>
1071
<tr>
1072
<td><p><a name="GNUTLS-KX-DHE-RSA:CAPS"></a><span class="term"><code class="literal">GNUTLS_KX_DHE_RSA</code></span></p></td>
1073
<td>DHE-RSA key-exchange algorithm.
1074
</td>
1075
</tr>
1076
<tr>
1077
<td><p><a name="GNUTLS-KX-ANON-DH:CAPS"></a><span class="term"><code class="literal">GNUTLS_KX_ANON_DH</code></span></p></td>
1078
<td>Anon-DH key-exchange algorithm.
1079
</td>
1080
</tr>
1081
<tr>
1082
<td><p><a name="GNUTLS-KX-SRP:CAPS"></a><span class="term"><code class="literal">GNUTLS_KX_SRP</code></span></p></td>
1083
<td>SRP key-exchange algorithm.
1084
</td>
1085
</tr>
1086
<tr>
1087
<td><p><a name="GNUTLS-KX-RSA-EXPORT:CAPS"></a><span class="term"><code class="literal">GNUTLS_KX_RSA_EXPORT</code></span></p></td>
1088
<td>RSA-EXPORT key-exchange algorithm.
1089
</td>
1090
</tr>
1091
<tr>
1092
<td><p><a name="GNUTLS-KX-SRP-RSA:CAPS"></a><span class="term"><code class="literal">GNUTLS_KX_SRP_RSA</code></span></p></td>
1093
<td>SRP-RSA key-exchange algorithm.
1094
</td>
1095
</tr>
1096
<tr>
1097
<td><p><a name="GNUTLS-KX-SRP-DSS:CAPS"></a><span class="term"><code class="literal">GNUTLS_KX_SRP_DSS</code></span></p></td>
1098
<td>SRP-DSS key-exchange algorithm.
1099
</td>
1100
</tr>
1101
<tr>
1102
<td><p><a name="GNUTLS-KX-PSK:CAPS"></a><span class="term"><code class="literal">GNUTLS_KX_PSK</code></span></p></td>
1103
<td>PSK key-exchange algorithm.
1104
</td>
1105
</tr>
1106
<tr>
1107
<td><p><a name="GNUTLS-KX-DHE-PSK:CAPS"></a><span class="term"><code class="literal">GNUTLS_KX_DHE_PSK</code></span></p></td>
1108
<td>DHE-PSK key-exchange algorithm.
1109
</td>
1110
</tr>
1111
</tbody>
1112
</table></div>
928
1113
</div>
929
1114
<hr>
930
1115
<div class="refsect2" title="enum gnutls_params_type_t">
932
1117
<pre class="programlisting"> typedef enum
933
1118
{
934
1119
GNUTLS_PARAMS_RSA_EXPORT = 1,
935
GNUTLS_PARAMS_DH
1120
GNUTLS_PARAMS_DH = 2
936
1121
} gnutls_params_type_t;
937
1122
</pre>
938
1123
<p>
1124
Enumeration of different TLS session parameter types.
939
1125
</p>
1126
<div class="variablelist"><table border="0">
1127
<col align="left" valign="top">
1128
<tbody>
1129
<tr>
1130
<td><p><a name="GNUTLS-PARAMS-RSA-EXPORT:CAPS"></a><span class="term"><code class="literal">GNUTLS_PARAMS_RSA_EXPORT</code></span></p></td>
1131
<td>Session RSA-EXPORT parameters.
1132
</td>
1133
</tr>
1134
<tr>
1135
<td><p><a name="GNUTLS-PARAMS-DH:CAPS"></a><span class="term"><code class="literal">GNUTLS_PARAMS_DH</code></span></p></td>
1136
<td>Session Diffie-Hellman parameters.
1137
</td>
1138
</tr>
1139
</tbody>
1140
</table></div>
940
1141
</div>
941
1142
<hr>
942
1143
<div class="refsect2" title="enum gnutls_credentials_type_t">
951
1152
} gnutls_credentials_type_t;
952
1153
</pre>
953
1154
<p>
1155
Enumeration of different credential types.
954
1156
</p>
1157
<div class="variablelist"><table border="0">
1158
<col align="left" valign="top">
1159
<tbody>
1160
<tr>
1161
<td><p><a name="GNUTLS-CRD-CERTIFICATE:CAPS"></a><span class="term"><code class="literal">GNUTLS_CRD_CERTIFICATE</code></span></p></td>
1162
<td>Certificate credential.
1163
</td>
1164
</tr>
1165
<tr>
1166
<td><p><a name="GNUTLS-CRD-ANON:CAPS"></a><span class="term"><code class="literal">GNUTLS_CRD_ANON</code></span></p></td>
1167
<td>Anonymous credential.
1168
</td>
1169
</tr>
1170
<tr>
1171
<td><p><a name="GNUTLS-CRD-SRP:CAPS"></a><span class="term"><code class="literal">GNUTLS_CRD_SRP</code></span></p></td>
1172
<td>SRP credential.
1173
</td>
1174
</tr>
1175
<tr>
1176
<td><p><a name="GNUTLS-CRD-PSK:CAPS"></a><span class="term"><code class="literal">GNUTLS_CRD_PSK</code></span></p></td>
1177
<td>PSK credential.
1178
</td>
1179
</tr>
1180
<tr>
1181
<td><p><a name="GNUTLS-CRD-IA:CAPS"></a><span class="term"><code class="literal">GNUTLS_CRD_IA</code></span></p></td>
1182
<td>IA credential.
1183
</td>
1184
</tr>
1185
</tbody>
1186
</table></div>
955
1187
</div>
956
1188
<hr>
957
1189
<div class="refsect2" title="GNUTLS_MAC_SHA">
976
1208
{
977
1209
GNUTLS_MAC_UNKNOWN = 0,
978
1210
GNUTLS_MAC_NULL = 1,
979
GNUTLS_MAC_MD5,
980
GNUTLS_MAC_SHA1,
981
GNUTLS_MAC_RMD160,
982
GNUTLS_MAC_MD2,
983
GNUTLS_MAC_SHA256,
984
GNUTLS_MAC_SHA384,
985
GNUTLS_MAC_SHA512
986
/* If you add anything here, make sure you align with
987
gnutls_digest_algorithm_t, in particular SHA-224. */
1211
GNUTLS_MAC_MD5 = 2,
1212
GNUTLS_MAC_SHA1 = 3,
1213
GNUTLS_MAC_RMD160 = 4,
1214
GNUTLS_MAC_MD2 = 5,
1215
GNUTLS_MAC_SHA256 = 6,
1216
GNUTLS_MAC_SHA384 = 7,
1217
GNUTLS_MAC_SHA512 = 8,
1218
GNUTLS_MAC_SHA224 = 9
1219
/* If you add anything here, make sure you align with
1220
gnutls_digest_algorithm_t. */
988
1221
} gnutls_mac_algorithm_t;
989
1222
</pre>
990
1223
<p>
1224
Enumeration of different Message Authentication Code (MAC)
1225
algorithms.
991
1226
</p>
1227
<div class="variablelist"><table border="0">
1228
<col align="left" valign="top">
1229
<tbody>
1230
<tr>
1231
<td><p><a name="GNUTLS-MAC-UNKNOWN:CAPS"></a><span class="term"><code class="literal">GNUTLS_MAC_UNKNOWN</code></span></p></td>
1232
<td>Unknown MAC algorithm.
1233
</td>
1234
</tr>
1235
<tr>
1236
<td><p><a name="GNUTLS-MAC-NULL:CAPS"></a><span class="term"><code class="literal">GNUTLS_MAC_NULL</code></span></p></td>
1237
<td>NULL MAC algorithm (empty output).
1238
</td>
1239
</tr>
1240
<tr>
1241
<td><p><a name="GNUTLS-MAC-MD5:CAPS"></a><span class="term"><code class="literal">GNUTLS_MAC_MD5</code></span></p></td>
1242
<td>HMAC-MD5 algorithm.
1243
</td>
1244
</tr>
1245
<tr>
1246
<td><p><a name="GNUTLS-MAC-SHA1:CAPS"></a><span class="term"><code class="literal">GNUTLS_MAC_SHA1</code></span></p></td>
1247
<td>HMAC-SHA-1 algorithm.
1248
</td>
1249
</tr>
1250
<tr>
1251
<td><p><a name="GNUTLS-MAC-RMD160:CAPS"></a><span class="term"><code class="literal">GNUTLS_MAC_RMD160</code></span></p></td>
1252
<td>HMAC-RMD160 algorithm.
1253
</td>
1254
</tr>
1255
<tr>
1256
<td><p><a name="GNUTLS-MAC-MD2:CAPS"></a><span class="term"><code class="literal">GNUTLS_MAC_MD2</code></span></p></td>
1257
<td>HMAC-MD2 algorithm.
1258
</td>
1259
</tr>
1260
<tr>
1261
<td><p><a name="GNUTLS-MAC-SHA256:CAPS"></a><span class="term"><code class="literal">GNUTLS_MAC_SHA256</code></span></p></td>
1262
<td>HMAC-SHA-256 algorithm.
1263
</td>
1264
</tr>
1265
<tr>
1266
<td><p><a name="GNUTLS-MAC-SHA384:CAPS"></a><span class="term"><code class="literal">GNUTLS_MAC_SHA384</code></span></p></td>
1267
<td>HMAC-SHA-384 algorithm.
1268
</td>
1269
</tr>
1270
<tr>
1271
<td><p><a name="GNUTLS-MAC-SHA512:CAPS"></a><span class="term"><code class="literal">GNUTLS_MAC_SHA512</code></span></p></td>
1272
<td>HMAC-SHA-512 algorithm.
1273
</td>
1274
</tr>
1275
<tr>
1276
<td><p><a name="GNUTLS-MAC-SHA224:CAPS"></a><span class="term"><code class="literal">GNUTLS_MAC_SHA224</code></span></p></td>
1277
<td>HMAC-SHA-224 algorithm.
1278
</td>
1279
</tr>
1280
</tbody>
1281
</table></div>
992
1282
</div>
993
1283
<hr>
994
1284
<div class="refsect2" title="enum gnutls_digest_algorithm_t">
995
1285
<a name="gnutls-digest-algorithm-t"></a><h3>enum gnutls_digest_algorithm_t</h3>
996
1286
<pre class="programlisting"> typedef enum
997
1287
{
1288
GNUTLS_DIG_UNKNOWN = GNUTLS_MAC_UNKNOWN,
998
1289
GNUTLS_DIG_NULL = GNUTLS_MAC_NULL,
999
1290
GNUTLS_DIG_MD5 = GNUTLS_MAC_MD5,
1000
1291
GNUTLS_DIG_SHA1 = GNUTLS_MAC_SHA1,
1003
1294
GNUTLS_DIG_SHA256 = GNUTLS_MAC_SHA256,
1004
1295
GNUTLS_DIG_SHA384 = GNUTLS_MAC_SHA384,
1005
1296
GNUTLS_DIG_SHA512 = GNUTLS_MAC_SHA512,
1006
GNUTLS_DIG_SHA224
1297
GNUTLS_DIG_SHA224 = GNUTLS_MAC_SHA224
1298
/* If you add anything here, make sure you align with
1299
gnutls_mac_algorithm_t. */
1007
1300
} gnutls_digest_algorithm_t;
1008
1301
</pre>
1009
1302
<p>
1303
Enumeration of different digest (hash) algorithms.
1010
1304
</p>
1305
<div class="variablelist"><table border="0">
1306
<col align="left" valign="top">
1307
<tbody>
1308
<tr>
1309
<td><p><a name="GNUTLS-DIG-UNKNOWN:CAPS"></a><span class="term"><code class="literal">GNUTLS_DIG_UNKNOWN</code></span></p></td>
1310
<td>Unknown hash algorithm.
1311
</td>
1312
</tr>
1313
<tr>
1314
<td><p><a name="GNUTLS-DIG-NULL:CAPS"></a><span class="term"><code class="literal">GNUTLS_DIG_NULL</code></span></p></td>
1315
<td>NULL hash algorithm (empty output).
1316
</td>
1317
</tr>
1318
<tr>
1319
<td><p><a name="GNUTLS-DIG-MD5:CAPS"></a><span class="term"><code class="literal">GNUTLS_DIG_MD5</code></span></p></td>
1320
<td>MD5 algorithm.
1321
</td>
1322
</tr>
1323
<tr>
1324
<td><p><a name="GNUTLS-DIG-SHA1:CAPS"></a><span class="term"><code class="literal">GNUTLS_DIG_SHA1</code></span></p></td>
1325
<td>SHA-1 algorithm.
1326
</td>
1327
</tr>
1328
<tr>
1329
<td><p><a name="GNUTLS-DIG-RMD160:CAPS"></a><span class="term"><code class="literal">GNUTLS_DIG_RMD160</code></span></p></td>
1330
<td>RMD160 algorithm.
1331
</td>
1332
</tr>
1333
<tr>
1334
<td><p><a name="GNUTLS-DIG-MD2:CAPS"></a><span class="term"><code class="literal">GNUTLS_DIG_MD2</code></span></p></td>
1335
<td>MD2 algorithm.
1336
</td>
1337
</tr>
1338
<tr>
1339
<td><p><a name="GNUTLS-DIG-SHA256:CAPS"></a><span class="term"><code class="literal">GNUTLS_DIG_SHA256</code></span></p></td>
1340
<td>SHA-256 algorithm.
1341
</td>
1342
</tr>
1343
<tr>
1344
<td><p><a name="GNUTLS-DIG-SHA384:CAPS"></a><span class="term"><code class="literal">GNUTLS_DIG_SHA384</code></span></p></td>
1345
<td>SHA-384 algorithm.
1346
</td>
1347
</tr>
1348
<tr>
1349
<td><p><a name="GNUTLS-DIG-SHA512:CAPS"></a><span class="term"><code class="literal">GNUTLS_DIG_SHA512</code></span></p></td>
1350
<td>SHA-512 algorithm.
1351
</td>
1352
</tr>
1353
<tr>
1354
<td><p><a name="GNUTLS-DIG-SHA224:CAPS"></a><span class="term"><code class="literal">GNUTLS_DIG_SHA224</code></span></p></td>
1355
<td>SHA-224 algorithm.
1356
</td>
1357
</tr>
1358
</tbody>
1359
</table></div>
1011
1360
</div>
1012
1361
<hr>
1013
1362
<div class="refsect2" title="GNUTLS_MAX_ALGORITHM_NUM">
1018
1367
</p>
1019
1368
</div>
1020
1369
<hr>
1021
<div class="refsect2" title="GNUTLS_COMP_ZLIB">
1022
<a name="GNUTLS-COMP-ZLIB:CAPS"></a><h3>GNUTLS_COMP_ZLIB</h3>
1023
<pre class="programlisting">#define GNUTLS_COMP_ZLIB GNUTLS_COMP_DEFLATE
1024
</pre>
1025
<p>
1026
</p>
1027
</div>
1028
<hr>
1029
1370
<div class="refsect2" title="enum gnutls_compression_method_t">
1030
1371
<a name="gnutls-compression-method-t"></a><h3>enum gnutls_compression_method_t</h3>
1031
1372
<pre class="programlisting"> typedef enum
1032
1373
{
1033
1374
GNUTLS_COMP_UNKNOWN = 0,
1034
1375
GNUTLS_COMP_NULL = 1,
1035
GNUTLS_COMP_DEFLATE,
1036
GNUTLS_COMP_LZO /* only available if gnutls-extra has
1376
GNUTLS_COMP_DEFLATE = 2,
1377
GNUTLS_COMP_ZLIB = GNUTLS_COMP_DEFLATE,
1378
GNUTLS_COMP_LZO = 3 /* only available if gnutls-extra has
1037
1379
been initialized
1038
1380
*/
1039
1381
} gnutls_compression_method_t;
1040
1382
</pre>
1041
1383
<p>
1384
Enumeration of different TLS compression methods.
1042
1385
</p>
1386
<div class="variablelist"><table border="0">
1387
<col align="left" valign="top">
1388
<tbody>
1389
<tr>
1390
<td><p><a name="GNUTLS-COMP-UNKNOWN:CAPS"></a><span class="term"><code class="literal">GNUTLS_COMP_UNKNOWN</code></span></p></td>
1391
<td>Unknown compression method.
1392
</td>
1393
</tr>
1394
<tr>
1395
<td><p><a name="GNUTLS-COMP-NULL:CAPS"></a><span class="term"><code class="literal">GNUTLS_COMP_NULL</code></span></p></td>
1396
<td>The NULL compression method (uncompressed).
1397
</td>
1398
</tr>
1399
<tr>
1400
<td><p><a name="GNUTLS-COMP-DEFLATE:CAPS"></a><span class="term"><code class="literal">GNUTLS_COMP_DEFLATE</code></span></p></td>
1401
<td>The deflate/zlib compression method.
1402
</td>
1403
</tr>
1404
<tr>
1405
<td><p><a name="GNUTLS-COMP-ZLIB:CAPS"></a><span class="term"><code class="literal">GNUTLS_COMP_ZLIB</code></span></p></td>
1406
<td>Same as <a class="link" href="gnutls-gnutls.html#GNUTLS-COMP-DEFLATE:CAPS"><code class="literal">GNUTLS_COMP_DEFLATE</code></a>.
1407
</td>
1408
</tr>
1409
<tr>
1410
<td><p><a name="GNUTLS-COMP-LZO:CAPS"></a><span class="term"><code class="literal">GNUTLS_COMP_LZO</code></span></p></td>
1411
<td>The non-standard LZO compression method.
1412
</td>
1413
</tr>
1414
</tbody>
1415
</table></div>
1043
1416
</div>
1044
1417
<hr>
1045
1418
<div class="refsect2" title="enum gnutls_connection_end_t">
1051
1424
} gnutls_connection_end_t;
1052
1425
</pre>
1053
1426
<p>
1427
Enumeration of different TLS connection end types.
1054
1428
</p>
1429
<div class="variablelist"><table border="0">
1430
<col align="left" valign="top">
1431
<tbody>
1432
<tr>
1433
<td><p><a name="GNUTLS-SERVER:CAPS"></a><span class="term"><code class="literal">GNUTLS_SERVER</code></span></p></td>
1434
<td>Connection end is a server.
1435
</td>
1436
</tr>
1437
<tr>
1438
<td><p><a name="GNUTLS-CLIENT:CAPS"></a><span class="term"><code class="literal">GNUTLS_CLIENT</code></span></p></td>
1439
<td>Connection end is a client.
1440
</td>
1441
</tr>
1442
</tbody>
1443
</table></div>
1055
1444
</div>
1056
1445
<hr>
1057
1446
<div class="refsect2" title="enum gnutls_alert_level_t">
1063
1452
} gnutls_alert_level_t;
1064
1453
</pre>
1065
1454
<p>
1455
Enumeration of different TLS alert severities.
1066
1456
</p>
1457
<div class="variablelist"><table border="0">
1458
<col align="left" valign="top">
1459
<tbody>
1460
<tr>
1461
<td><p><a name="GNUTLS-AL-WARNING:CAPS"></a><span class="term"><code class="literal">GNUTLS_AL_WARNING</code></span></p></td>
1462
<td>Alert of warning severity.
1463
</td>
1464
</tr>
1465
<tr>
1466
<td><p><a name="GNUTLS-AL-FATAL:CAPS"></a><span class="term"><code class="literal">GNUTLS_AL_FATAL</code></span></p></td>
1467
<td>Alert of fatal severity.
1468
</td>
1469
</tr>
1470
</tbody>
1471
</table></div>
1067
1472
</div>
1068
1473
<hr>
1069
1474
<div class="refsect2" title="enum gnutls_alert_description_t">
1103
1508
} gnutls_alert_description_t;
1104
1509
</pre>
1105
1510
<p>
1511
Enumeration of different TLS alerts.
1106
1512
</p>
1513
<div class="variablelist"><table border="0">
1514
<col align="left" valign="top">
1515
<tbody>
1516
<tr>
1517
<td><p><a name="GNUTLS-A-CLOSE-NOTIFY:CAPS"></a><span class="term"><code class="literal">GNUTLS_A_CLOSE_NOTIFY</code></span></p></td>
1518
<td>Close notify.
1519
</td>
1520
</tr>
1521
<tr>
1522
<td><p><a name="GNUTLS-A-UNEXPECTED-MESSAGE:CAPS"></a><span class="term"><code class="literal">GNUTLS_A_UNEXPECTED_MESSAGE</code></span></p></td>
1523
<td>Unexpected message.
1524
</td>
1525
</tr>
1526
<tr>
1527
<td><p><a name="GNUTLS-A-BAD-RECORD-MAC:CAPS"></a><span class="term"><code class="literal">GNUTLS_A_BAD_RECORD_MAC</code></span></p></td>
1528
<td>Bad record MAC.
1529
</td>
1530
</tr>
1531
<tr>
1532
<td><p><a name="GNUTLS-A-DECRYPTION-FAILED:CAPS"></a><span class="term"><code class="literal">GNUTLS_A_DECRYPTION_FAILED</code></span></p></td>
1533
<td>Decryption failed.
1534
</td>
1535
</tr>
1536
<tr>
1537
<td><p><a name="GNUTLS-A-RECORD-OVERFLOW:CAPS"></a><span class="term"><code class="literal">GNUTLS_A_RECORD_OVERFLOW</code></span></p></td>
1538
<td>Record overflow.
1539
</td>
1540
</tr>
1541
<tr>
1542
<td><p><a name="GNUTLS-A-DECOMPRESSION-FAILURE:CAPS"></a><span class="term"><code class="literal">GNUTLS_A_DECOMPRESSION_FAILURE</code></span></p></td>
1543
<td>Decompression failed.
1544
</td>
1545
</tr>
1546
<tr>
1547
<td><p><a name="GNUTLS-A-HANDSHAKE-FAILURE:CAPS"></a><span class="term"><code class="literal">GNUTLS_A_HANDSHAKE_FAILURE</code></span></p></td>
1548
<td>Handshake failed.
1549
</td>
1550
</tr>
1551
<tr>
1552
<td><p><a name="GNUTLS-A-SSL3-NO-CERTIFICATE:CAPS"></a><span class="term"><code class="literal">GNUTLS_A_SSL3_NO_CERTIFICATE</code></span></p></td>
1553
<td>No certificate.
1554
</td>
1555
</tr>
1556
<tr>
1557
<td><p><a name="GNUTLS-A-BAD-CERTIFICATE:CAPS"></a><span class="term"><code class="literal">GNUTLS_A_BAD_CERTIFICATE</code></span></p></td>
1558
<td>Certificate is bad.
1559
</td>
1560
</tr>
1561
<tr>
1562
<td><p><a name="GNUTLS-A-UNSUPPORTED-CERTIFICATE:CAPS"></a><span class="term"><code class="literal">GNUTLS_A_UNSUPPORTED_CERTIFICATE</code></span></p></td>
1563
<td>Certificate is not supported.
1564
</td>
1565
</tr>
1566
<tr>
1567
<td><p><a name="GNUTLS-A-CERTIFICATE-REVOKED:CAPS"></a><span class="term"><code class="literal">GNUTLS_A_CERTIFICATE_REVOKED</code></span></p></td>
1568
<td>Certificate was revoked.
1569
</td>
1570
</tr>
1571
<tr>
1572
<td><p><a name="GNUTLS-A-CERTIFICATE-EXPIRED:CAPS"></a><span class="term"><code class="literal">GNUTLS_A_CERTIFICATE_EXPIRED</code></span></p></td>
1573
<td>Certificate is expired.
1574
</td>
1575
</tr>
1576
<tr>
1577
<td><p><a name="GNUTLS-A-CERTIFICATE-UNKNOWN:CAPS"></a><span class="term"><code class="literal">GNUTLS_A_CERTIFICATE_UNKNOWN</code></span></p></td>
1578
<td>Unknown certificate.
1579
</td>
1580
</tr>
1581
<tr>
1582
<td><p><a name="GNUTLS-A-ILLEGAL-PARAMETER:CAPS"></a><span class="term"><code class="literal">GNUTLS_A_ILLEGAL_PARAMETER</code></span></p></td>
1583
<td>Illegal parameter.
1584
</td>
1585
</tr>
1586
<tr>
1587
<td><p><a name="GNUTLS-A-UNKNOWN-CA:CAPS"></a><span class="term"><code class="literal">GNUTLS_A_UNKNOWN_CA</code></span></p></td>
1588
<td>CA is unknown.
1589
</td>
1590
</tr>
1591
<tr>
1592
<td><p><a name="GNUTLS-A-ACCESS-DENIED:CAPS"></a><span class="term"><code class="literal">GNUTLS_A_ACCESS_DENIED</code></span></p></td>
1593
<td>Access was denied.
1594
</td>
1595
</tr>
1596
<tr>
1597
<td><p><a name="GNUTLS-A-DECODE-ERROR:CAPS"></a><span class="term"><code class="literal">GNUTLS_A_DECODE_ERROR</code></span></p></td>
1598
<td>Decode error.
1599
</td>
1600
</tr>
1601
<tr>
1602
<td><p><a name="GNUTLS-A-DECRYPT-ERROR:CAPS"></a><span class="term"><code class="literal">GNUTLS_A_DECRYPT_ERROR</code></span></p></td>
1603
<td>Decrypt error.
1604
</td>
1605
</tr>
1606
<tr>
1607
<td><p><a name="GNUTLS-A-EXPORT-RESTRICTION:CAPS"></a><span class="term"><code class="literal">GNUTLS_A_EXPORT_RESTRICTION</code></span></p></td>
1608
<td>Export restriction.
1609
</td>
1610
</tr>
1611
<tr>
1612
<td><p><a name="GNUTLS-A-PROTOCOL-VERSION:CAPS"></a><span class="term"><code class="literal">GNUTLS_A_PROTOCOL_VERSION</code></span></p></td>
1613
<td>Error in protocol version.
1614
</td>
1615
</tr>
1616
<tr>
1617
<td><p><a name="GNUTLS-A-INSUFFICIENT-SECURITY:CAPS"></a><span class="term"><code class="literal">GNUTLS_A_INSUFFICIENT_SECURITY</code></span></p></td>
1618
<td>Insufficient security.
1619
</td>
1620
</tr>
1621
<tr>
1622
<td><p><a name="GNUTLS-A-INTERNAL-ERROR:CAPS"></a><span class="term"><code class="literal">GNUTLS_A_INTERNAL_ERROR</code></span></p></td>
1623
<td>Internal error.
1624
</td>
1625
</tr>
1626
<tr>
1627
<td><p><a name="GNUTLS-A-USER-CANCELED:CAPS"></a><span class="term"><code class="literal">GNUTLS_A_USER_CANCELED</code></span></p></td>
1628
<td>User canceled.
1629
</td>
1630
</tr>
1631
<tr>
1632
<td><p><a name="GNUTLS-A-NO-RENEGOTIATION:CAPS"></a><span class="term"><code class="literal">GNUTLS_A_NO_RENEGOTIATION</code></span></p></td>
1633
<td>No renegotiation is allowed.
1634
</td>
1635
</tr>
1636
<tr>
1637
<td><p><a name="GNUTLS-A-UNSUPPORTED-EXTENSION:CAPS"></a><span class="term"><code class="literal">GNUTLS_A_UNSUPPORTED_EXTENSION</code></span></p></td>
1638
<td>An unsupported extension was
1639
sent.
1640
</td>
1641
</tr>
1642
<tr>
1643
<td><p><a name="GNUTLS-A-CERTIFICATE-UNOBTAINABLE:CAPS"></a><span class="term"><code class="literal">GNUTLS_A_CERTIFICATE_UNOBTAINABLE</code></span></p></td>
1644
<td>Could not retrieve the
1645
specified certificate.
1646
</td>
1647
</tr>
1648
<tr>
1649
<td><p><a name="GNUTLS-A-UNRECOGNIZED-NAME:CAPS"></a><span class="term"><code class="literal">GNUTLS_A_UNRECOGNIZED_NAME</code></span></p></td>
1650
<td>The server name sent was not
1651
recognized.
1652
</td>
1653
</tr>
1654
<tr>
1655
<td><p><a name="GNUTLS-A-UNKNOWN-PSK-IDENTITY:CAPS"></a><span class="term"><code class="literal">GNUTLS_A_UNKNOWN_PSK_IDENTITY</code></span></p></td>
1656
<td>The SRP/PSK username is missing
1657
or not known.
1658
</td>
1659
</tr>
1660
<tr>
1661
<td><p><a name="GNUTLS-A-INNER-APPLICATION-FAILURE:CAPS"></a><span class="term"><code class="literal">GNUTLS_A_INNER_APPLICATION_FAILURE</code></span></p></td>
1662
<td>Inner application
1663
negotiation failed.
1664
</td>
1665
</tr>
1666
<tr>
1667
<td><p><a name="GNUTLS-A-INNER-APPLICATION-VERIFICATION:CAPS"></a><span class="term"><code class="literal">GNUTLS_A_INNER_APPLICATION_VERIFICATION</code></span></p></td>
1668
<td>Inner application
1669
verification failed.
1670
</td>
1671
</tr>
1672
</tbody>
1673
</table></div>
1107
1674
</div>
1108
1675
<hr>
1109
1676
<div class="refsect2" title="enum gnutls_handshake_description_t">
1110
1677
<a name="gnutls-handshake-description-t"></a><h3>enum gnutls_handshake_description_t</h3>
1111
1678
<pre class="programlisting"> typedef enum
1112
{ GNUTLS_HANDSHAKE_HELLO_REQUEST = 0,
1679
{
1680
GNUTLS_HANDSHAKE_HELLO_REQUEST = 0,
1113
1681
GNUTLS_HANDSHAKE_CLIENT_HELLO = 1,
1114
1682
GNUTLS_HANDSHAKE_SERVER_HELLO = 2,
1683
GNUTLS_HANDSHAKE_NEW_SESSION_TICKET = 4,
1115
1684
GNUTLS_HANDSHAKE_CERTIFICATE_PKT = 11,
1116
1685
GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE = 12,
1117
1686
GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST = 13,
1123
1692
} gnutls_handshake_description_t;
1124
1693
</pre>
1125
1694
<p>
1695
Enumeration of different TLS handshake packets.
1126
1696
</p>
1697
<div class="variablelist"><table border="0">
1698
<col align="left" valign="top">
1699
<tbody>
1700
<tr>
1701
<td><p><a name="GNUTLS-HANDSHAKE-HELLO-REQUEST:CAPS"></a><span class="term"><code class="literal">GNUTLS_HANDSHAKE_HELLO_REQUEST</code></span></p></td>
1702
<td>Hello request.
1703
</td>
1704
</tr>
1705
<tr>
1706
<td><p><a name="GNUTLS-HANDSHAKE-CLIENT-HELLO:CAPS"></a><span class="term"><code class="literal">GNUTLS_HANDSHAKE_CLIENT_HELLO</code></span></p></td>
1707
<td>Client hello.
1708
</td>
1709
</tr>
1710
<tr>
1711
<td><p><a name="GNUTLS-HANDSHAKE-SERVER-HELLO:CAPS"></a><span class="term"><code class="literal">GNUTLS_HANDSHAKE_SERVER_HELLO</code></span></p></td>
1712
<td>Server hello.
1713
</td>
1714
</tr>
1715
<tr>
1716
<td><p><a name="GNUTLS-HANDSHAKE-NEW-SESSION-TICKET:CAPS"></a><span class="term"><code class="literal">GNUTLS_HANDSHAKE_NEW_SESSION_TICKET</code></span></p></td>
1717
<td>New session ticket.
1718
</td>
1719
</tr>
1720
<tr>
1721
<td><p><a name="GNUTLS-HANDSHAKE-CERTIFICATE-PKT:CAPS"></a><span class="term"><code class="literal">GNUTLS_HANDSHAKE_CERTIFICATE_PKT</code></span></p></td>
1722
<td>Certificate packet.
1723
</td>
1724
</tr>
1725
<tr>
1726
<td><p><a name="GNUTLS-HANDSHAKE-SERVER-KEY-EXCHANGE:CAPS"></a><span class="term"><code class="literal">GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE</code></span></p></td>
1727
<td>Server key exchange.
1728
</td>
1729
</tr>
1730
<tr>
1731
<td><p><a name="GNUTLS-HANDSHAKE-CERTIFICATE-REQUEST:CAPS"></a><span class="term"><code class="literal">GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST</code></span></p></td>
1732
<td>Certificate request.
1733
</td>
1734
</tr>
1735
<tr>
1736
<td><p><a name="GNUTLS-HANDSHAKE-SERVER-HELLO-DONE:CAPS"></a><span class="term"><code class="literal">GNUTLS_HANDSHAKE_SERVER_HELLO_DONE</code></span></p></td>
1737
<td>Server hello done.
1738
</td>
1739
</tr>
1740
<tr>
1741
<td><p><a name="GNUTLS-HANDSHAKE-CERTIFICATE-VERIFY:CAPS"></a><span class="term"><code class="literal">GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY</code></span></p></td>
1742
<td>Certificate verify.
1743
</td>
1744
</tr>
1745
<tr>
1746
<td><p><a name="GNUTLS-HANDSHAKE-CLIENT-KEY-EXCHANGE:CAPS"></a><span class="term"><code class="literal">GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE</code></span></p></td>
1747
<td>Client key exchange.
1748
</td>
1749
</tr>
1750
<tr>
1751
<td><p><a name="GNUTLS-HANDSHAKE-FINISHED:CAPS"></a><span class="term"><code class="literal">GNUTLS_HANDSHAKE_FINISHED</code></span></p></td>
1752
<td>Finished.
1753
</td>
1754
</tr>
1755
<tr>
1756
<td><p><a name="GNUTLS-HANDSHAKE-SUPPLEMENTAL:CAPS"></a><span class="term"><code class="literal">GNUTLS_HANDSHAKE_SUPPLEMENTAL</code></span></p></td>
1757
<td>Supplemental.
1758
</td>
1759
</tr>
1760
</tbody>
1761
</table></div>
1127
1762
</div>
1128
1763
<hr>
1129
1764
<div class="refsect2" title="enum gnutls_certificate_status_t">
1130
1765
<a name="gnutls-certificate-status-t"></a><h3>enum gnutls_certificate_status_t</h3>
1131
1766
<pre class="programlisting"> typedef enum
1132
1767
{
1133
GNUTLS_CERT_INVALID = 2, /* will be set if the certificate
1134
* was not verified.
1135
*/
1136
GNUTLS_CERT_REVOKED = 32, /* in X.509 this will be set only if CRLs are checked
1137
*/
1138
1139
/* Those are extra information about the verification
1140
* process. Will be set only if the certificate was
1141
* not verified.
1142
*/
1768
GNUTLS_CERT_INVALID = 2,
1769
GNUTLS_CERT_REVOKED = 32,
1143
1770
GNUTLS_CERT_SIGNER_NOT_FOUND = 64,
1144
1771
GNUTLS_CERT_SIGNER_NOT_CA = 128,
1145
1772
GNUTLS_CERT_INSECURE_ALGORITHM = 256,
1146
1147
/* Time verification.
1148
*/
1149
1773
GNUTLS_CERT_NOT_ACTIVATED = 512,
1150
1774
GNUTLS_CERT_EXPIRED = 1024
1151
1152
1775
} gnutls_certificate_status_t;
1153
1776
</pre>
1154
1777
<p>
1778
Enumeration of certificate status codes. Note that the status
1779
bits have different meanings in OpenPGP keys and X.509
1780
certificate verification.
1155
1781
</p>
1782
<div class="variablelist"><table border="0">
1783
<col align="left" valign="top">
1784
<tbody>
1785
<tr>
1786
<td><p><a name="GNUTLS-CERT-INVALID:CAPS"></a><span class="term"><code class="literal">GNUTLS_CERT_INVALID</code></span></p></td>
1787
<td>Will be set if the certificate was not
1788
verified.
1789
</td>
1790
</tr>
1791
<tr>
1792
<td><p><a name="GNUTLS-CERT-REVOKED:CAPS"></a><span class="term"><code class="literal">GNUTLS_CERT_REVOKED</code></span></p></td>
1793
<td>Certificate revoked. In X.509 this will be
1794
set only if CRLs are checked.
1795
</td>
1796
</tr>
1797
<tr>
1798
<td><p><a name="GNUTLS-CERT-SIGNER-NOT-FOUND:CAPS"></a><span class="term"><code class="literal">GNUTLS_CERT_SIGNER_NOT_FOUND</code></span></p></td>
1799
<td>Certificate not verified. Signer
1800
not found.
1801
</td>
1802
</tr>
1803
<tr>
1804
<td><p><a name="GNUTLS-CERT-SIGNER-NOT-CA:CAPS"></a><span class="term"><code class="literal">GNUTLS_CERT_SIGNER_NOT_CA</code></span></p></td>
1805
<td>Certificate not verified. Signer
1806
not a CA certificate.
1807
</td>
1808
</tr>
1809
<tr>
1810
<td><p><a name="GNUTLS-CERT-INSECURE-ALGORITHM:CAPS"></a><span class="term"><code class="literal">GNUTLS_CERT_INSECURE_ALGORITHM</code></span></p></td>
1811
<td>Certificate not verified,
1812
insecure algorithm.
1813
</td>
1814
</tr>
1815
<tr>
1816
<td><p><a name="GNUTLS-CERT-NOT-ACTIVATED:CAPS"></a><span class="term"><code class="literal">GNUTLS_CERT_NOT_ACTIVATED</code></span></p></td>
1817
<td>Certificate not yet activated.
1818
</td>
1819
</tr>
1820
<tr>
1821
<td><p><a name="GNUTLS-CERT-EXPIRED:CAPS"></a><span class="term"><code class="literal">GNUTLS_CERT_EXPIRED</code></span></p></td>
1822
<td>Certificate expired.
1823
</td>
1824
</tr>
1825
</tbody>
1826
</table></div>
1156
1827
</div>
1157
1828
<hr>
1158
1829
<div class="refsect2" title="enum gnutls_certificate_request_t">
1159
1830
<a name="gnutls-certificate-request-t"></a><h3>enum gnutls_certificate_request_t</h3>
1160
1831
<pre class="programlisting"> typedef enum
1161
1832
{
1162
GNUTLS_CERT_IGNORE,
1833
GNUTLS_CERT_IGNORE = 0,
1163
1834
GNUTLS_CERT_REQUEST = 1,
1164
GNUTLS_CERT_REQUIRE
1835
GNUTLS_CERT_REQUIRE = 2
1165
1836
} gnutls_certificate_request_t;
1166
1837
</pre>
1167
1838
<p>
1839
Enumeration of certificate request types.
1168
1840
</p>
1841
<div class="variablelist"><table border="0">
1842
<col align="left" valign="top">
1843
<tbody>
1844
<tr>
1845
<td><p><a name="GNUTLS-CERT-IGNORE:CAPS"></a><span class="term"><code class="literal">GNUTLS_CERT_IGNORE</code></span></p></td>
1846
<td>Ignore certificate.
1847
</td>
1848
</tr>
1849
<tr>
1850
<td><p><a name="GNUTLS-CERT-REQUEST:CAPS"></a><span class="term"><code class="literal">GNUTLS_CERT_REQUEST</code></span></p></td>
1851
<td>Request certificate.
1852
</td>
1853
</tr>
1854
<tr>
1855
<td><p><a name="GNUTLS-CERT-REQUIRE:CAPS"></a><span class="term"><code class="literal">GNUTLS_CERT_REQUIRE</code></span></p></td>
1856
<td>Require certificate.
1857
</td>
1858
</tr>
1859
</tbody>
1860
</table></div>
1169
1861
</div>
1170
1862
<hr>
1171
1863
<div class="refsect2" title="enum gnutls_openpgp_crt_status_t">
1172
1864
<a name="gnutls-openpgp-crt-status-t"></a><h3>enum gnutls_openpgp_crt_status_t</h3>
1173
1865
<pre class="programlisting"> typedef enum
1174
{ GNUTLS_OPENPGP_CERT,
1175
GNUTLS_OPENPGP_CERT_FINGERPRINT
1866
{
1867
GNUTLS_OPENPGP_CERT = 0,
1868
GNUTLS_OPENPGP_CERT_FINGERPRINT = 1
1176
1869
} gnutls_openpgp_crt_status_t;
1177
1870
</pre>
1178
1871
<p>
1872
Enumeration of ways to send OpenPGP certificate.
1179
1873
</p>
1874
<div class="variablelist"><table border="0">
1875
<col align="left" valign="top">
1876
<tbody>
1877
<tr>
1878
<td><p><a name="GNUTLS-OPENPGP-CERT:CAPS"></a><span class="term"><code class="literal">GNUTLS_OPENPGP_CERT</code></span></p></td>
1879
<td>Send entire certificate.
1880
</td>
1881
</tr>
1882
<tr>
1883
<td><p><a name="GNUTLS-OPENPGP-CERT-FINGERPRINT:CAPS"></a><span class="term"><code class="literal">GNUTLS_OPENPGP_CERT_FINGERPRINT</code></span></p></td>
1884
<td>Send only certificate fingerprint.
1885
</td>
1886
</tr>
1887
</tbody>
1888
</table></div>
1180
1889
</div>
1181
1890
<hr>
1182
1891
<div class="refsect2" title="enum gnutls_close_request_t">
1188
1897
} gnutls_close_request_t;
1189
1898
</pre>
1190
1899
<p>
1191
</p>
1192
</div>
1193
<hr>
1194
<div class="refsect2" title="GNUTLS_TLS1">
1195
<a name="GNUTLS-TLS1:CAPS"></a><h3>GNUTLS_TLS1</h3>
1196
<pre class="programlisting">#define GNUTLS_TLS1 GNUTLS_TLS1_0
1197
</pre>
1198
<p>
1199
</p>
1900
Enumeration of how TLS session should be terminated. See <a class="link" href="gnutls-gnutls.html#gnutls-bye" title="gnutls_bye ()"><code class="function">gnutls_bye()</code></a>.
1901
</p>
1902
<div class="variablelist"><table border="0">
1903
<col align="left" valign="top">
1904
<tbody>
1905
<tr>
1906
<td><p><a name="GNUTLS-SHUT-RDWR:CAPS"></a><span class="term"><code class="literal">GNUTLS_SHUT_RDWR</code></span></p></td>
1907
<td>Disallow further receives/sends.
1908
</td>
1909
</tr>
1910
<tr>
1911
<td><p><a name="GNUTLS-SHUT-WR:CAPS"></a><span class="term"><code class="literal">GNUTLS_SHUT_WR</code></span></p></td>
1912
<td>Disallow further sends.
1913
</td>
1914
</tr>
1915
</tbody>
1916
</table></div>
1200
1917
</div>
1201
1918
<hr>
1202
1919
<div class="refsect2" title="enum gnutls_protocol_t">
1204
1921
<pre class="programlisting"> typedef enum
1205
1922
{
1206
1923
GNUTLS_SSL3 = 1,
1207
GNUTLS_TLS1_0,
1208
GNUTLS_TLS1_1,
1209
GNUTLS_TLS1_2,
1924
GNUTLS_TLS1_0 = 2,
1925
GNUTLS_TLS1 = GNUTLS_TLS1_0,
1926
GNUTLS_TLS1_1 = 3,
1927
GNUTLS_TLS1_2 = 4,
1928
GNUTLS_VERSION_MAX = GNUTLS_TLS1_2,
1210
1929
GNUTLS_VERSION_UNKNOWN = 0xff
1211
1930
} gnutls_protocol_t;
1212
1931
</pre>
1213
1932
<p>
1933
Enumeration of different SSL/TLS protocol versions.
1214
1934
</p>
1935
<div class="variablelist"><table border="0">
1936
<col align="left" valign="top">
1937
<tbody>
1938
<tr>
1939
<td><p><a name="GNUTLS-SSL3:CAPS"></a><span class="term"><code class="literal">GNUTLS_SSL3</code></span></p></td>
1940
<td>SSL version 3.0.
1941
</td>
1942
</tr>
1943
<tr>
1944
<td><p><a name="GNUTLS-TLS1-0:CAPS"></a><span class="term"><code class="literal">GNUTLS_TLS1_0</code></span></p></td>
1945
<td>TLS version 1.0.
1946
</td>
1947
</tr>
1948
<tr>
1949
<td><p><a name="GNUTLS-TLS1:CAPS"></a><span class="term"><code class="literal">GNUTLS_TLS1</code></span></p></td>
1950
<td>Same as <a class="link" href="gnutls-gnutls.html#GNUTLS-TLS1-0:CAPS"><code class="literal">GNUTLS_TLS1_0</code></a>.
1951
</td>
1952
</tr>
1953
<tr>
1954
<td><p><a name="GNUTLS-TLS1-1:CAPS"></a><span class="term"><code class="literal">GNUTLS_TLS1_1</code></span></p></td>
1955
<td>TLS version 1.1.
1956
</td>
1957
</tr>
1958
<tr>
1959
<td><p><a name="GNUTLS-TLS1-2:CAPS"></a><span class="term"><code class="literal">GNUTLS_TLS1_2</code></span></p></td>
1960
<td>TLS version 1.2.
1961
</td>
1962
</tr>
1963
<tr>
1964
<td><p><a name="GNUTLS-VERSION-MAX:CAPS"></a><span class="term"><code class="literal">GNUTLS_VERSION_MAX</code></span></p></td>
1965
<td>Maps to the highest supported TLS version.
1966
</td>
1967
</tr>
1968
<tr>
1969
<td><p><a name="GNUTLS-VERSION-UNKNOWN:CAPS"></a><span class="term"><code class="literal">GNUTLS_VERSION_UNKNOWN</code></span></p></td>
1970
<td>Unknown SSL/TLS version.
1971
</td>
1972
</tr>
1973
</tbody>
1974
</table></div>
1215
1975
</div>
1216
1976
<hr>
1217
1977
<div class="refsect2" title="enum gnutls_certificate_type_t">
1220
1980
{
1221
1981
GNUTLS_CRT_UNKNOWN = 0,
1222
1982
GNUTLS_CRT_X509 = 1,
1223
GNUTLS_CRT_OPENPGP
1983
GNUTLS_CRT_OPENPGP = 2
1224
1984
} gnutls_certificate_type_t;
1225
1985
</pre>
1226
1986
<p>
1987
Enumeration of different certificate types.
1227
1988
</p>
1989
<div class="variablelist"><table border="0">
1990
<col align="left" valign="top">
1991
<tbody>
1992
<tr>
1993
<td><p><a name="GNUTLS-CRT-UNKNOWN:CAPS"></a><span class="term"><code class="literal">GNUTLS_CRT_UNKNOWN</code></span></p></td>
1994
<td>Unknown certificate type.
1995
</td>
1996
</tr>
1997
<tr>
1998
<td><p><a name="GNUTLS-CRT-X509:CAPS"></a><span class="term"><code class="literal">GNUTLS_CRT_X509</code></span></p></td>
1999
<td>X.509 Certificate.
2000
</td>
2001
</tr>
2002
<tr>
2003
<td><p><a name="GNUTLS-CRT-OPENPGP:CAPS"></a><span class="term"><code class="literal">GNUTLS_CRT_OPENPGP</code></span></p></td>
2004
<td>OpenPGP certificate.
2005
</td>
2006
</tr>
2007
</tbody>
2008
</table></div>
1228
2009
</div>
1229
2010
<hr>
1230
2011
<div class="refsect2" title="enum gnutls_x509_crt_fmt_t">
1231
2012
<a name="gnutls-x509-crt-fmt-t"></a><h3>enum gnutls_x509_crt_fmt_t</h3>
1232
2013
<pre class="programlisting"> typedef enum
1233
2014
{
1234
GNUTLS_X509_FMT_DER,
1235
GNUTLS_X509_FMT_PEM
2015
GNUTLS_X509_FMT_DER = 0,
2016
GNUTLS_X509_FMT_PEM = 1
1236
2017
} gnutls_x509_crt_fmt_t;
1237
2018
</pre>
1238
2019
<p>
2020
Enumeration of different certificate encoding formats.
1239
2021
</p>
2022
<div class="variablelist"><table border="0">
2023
<col align="left" valign="top">
2024
<tbody>
2025
<tr>
2026
<td><p><a name="GNUTLS-X509-FMT-DER:CAPS"></a><span class="term"><code class="literal">GNUTLS_X509_FMT_DER</code></span></p></td>
2027
<td>X.509 certificate in DER format (binary).
2028
</td>
2029
</tr>
2030
<tr>
2031
<td><p><a name="GNUTLS-X509-FMT-PEM:CAPS"></a><span class="term"><code class="literal">GNUTLS_X509_FMT_PEM</code></span></p></td>
2032
<td>X.509 certificate in PEM format (text).
2033
</td>
2034
</tr>
2035
</tbody>
2036
</table></div>
1240
2037
</div>
1241
2038
<hr>
1242
2039
<div class="refsect2" title="enum gnutls_certificate_print_formats_t">
1243
2040
<a name="gnutls-certificate-print-formats-t"></a><h3>enum gnutls_certificate_print_formats_t</h3>
1244
2041
<pre class="programlisting"> typedef enum gnutls_certificate_print_formats
1245
{
1246
GNUTLS_CRT_PRINT_FULL,
1247
GNUTLS_CRT_PRINT_ONELINE,
1248
GNUTLS_CRT_PRINT_UNSIGNED_FULL
1249
} gnutls_certificate_print_formats_t;
2042
{
2043
GNUTLS_CRT_PRINT_FULL = 0,
2044
GNUTLS_CRT_PRINT_ONELINE = 1,
2045
GNUTLS_CRT_PRINT_UNSIGNED_FULL = 2
2046
} gnutls_certificate_print_formats_t;
1250
2047
</pre>
1251
2048
<p>
2049
Enumeration of different certificate printing variants.
1252
2050
</p>
2051
<div class="variablelist"><table border="0">
2052
<col align="left" valign="top">
2053
<tbody>
2054
<tr>
2055
<td><p><a name="GNUTLS-CRT-PRINT-FULL:CAPS"></a><span class="term"><code class="literal">GNUTLS_CRT_PRINT_FULL</code></span></p></td>
2056
<td>Full information about certificate.
2057
</td>
2058
</tr>
2059
<tr>
2060
<td><p><a name="GNUTLS-CRT-PRINT-ONELINE:CAPS"></a><span class="term"><code class="literal">GNUTLS_CRT_PRINT_ONELINE</code></span></p></td>
2061
<td>Information about certificate in one line.
2062
</td>
2063
</tr>
2064
<tr>
2065
<td><p><a name="GNUTLS-CRT-PRINT-UNSIGNED-FULL:CAPS"></a><span class="term"><code class="literal">GNUTLS_CRT_PRINT_UNSIGNED_FULL</code></span></p></td>
2066
<td>All info for an unsigned certificate.
2067
</td>
2068
</tr>
2069
</tbody>
2070
</table></div>
1253
2071
</div>
1254
2072
<hr>
1255
2073
<div class="refsect2" title="enum gnutls_pk_algorithm_t">
1258
2076
{
1259
2077
GNUTLS_PK_UNKNOWN = 0,
1260
2078
GNUTLS_PK_RSA = 1,
1261
GNUTLS_PK_DSA
2079
GNUTLS_PK_DSA = 2
1262
2080
} gnutls_pk_algorithm_t;
1263
2081
</pre>
1264
2082
<p>
2083
Enumeration of different public-key algorithms.
1265
2084
</p>
2085
<div class="variablelist"><table border="0">
2086
<col align="left" valign="top">
2087
<tbody>
2088
<tr>
2089
<td><p><a name="GNUTLS-PK-UNKNOWN:CAPS"></a><span class="term"><code class="literal">GNUTLS_PK_UNKNOWN</code></span></p></td>
2090
<td>Unknown public-key algorithm.
2091
</td>
2092
</tr>
2093
<tr>
2094
<td><p><a name="GNUTLS-PK-RSA:CAPS"></a><span class="term"><code class="literal">GNUTLS_PK_RSA</code></span></p></td>
2095
<td>RSA public-key algorithm.
2096
</td>
2097
</tr>
2098
<tr>
2099
<td><p><a name="GNUTLS-PK-DSA:CAPS"></a><span class="term"><code class="literal">GNUTLS_PK_DSA</code></span></p></td>
2100
<td>DSA public-key algorithm.
2101
</td>
2102
</tr>
2103
</tbody>
2104
</table></div>
1266
2105
</div>
1267
2106
<hr>
1268
2107
<div class="refsect2" title="gnutls_pk_algorithm_get_name ()">
1269
2108
<a name="gnutls-pk-algorithm-get-name"></a><h3>gnutls_pk_algorithm_get_name ()</h3>
1270
2109
<pre class="programlisting">const <span class="returnvalue">char</span> * gnutls_pk_algorithm_get_name (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pk-algorithm-t" title="enum gnutls_pk_algorithm_t"><span class="type">gnutls_pk_algorithm_t</span></a> algorithm</code></em>);</pre>
1271
2110
<p>
2111
Convert a <a class="link" href="gnutls-gnutls.html#gnutls-pk-algorithm-t" title="enum gnutls_pk_algorithm_t"><span class="type">gnutls_pk_algorithm_t</span></a> value to a string.
1272
2112
</p>
1273
2113
<div class="variablelist"><table border="0">
1274
2114
<col align="left" valign="top">
1275
2115
<tbody>
1276
2116
<tr>
1277
2117
<td><p><span class="term"><em class="parameter"><code>algorithm</code></em> :</span></p></td>
1278
<td>
2118
<td>is a pk algorithm
1279
2119
</td>
1280
2120
</tr>
1281
2121
<tr>
1282
2122
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1283
<td>
2123
<td> a string that contains the name of the specified public
2124
key algorithm, or <code class="literal">NULL</code>.
1284
2125
</td>
1285
2126
</tr>
1286
2127
</tbody>
1287
2128
</table></div>
1288
2129
</div>
1289
2130
<hr>
1290
<div class="refsect2" title="GNUTLS_SIGN_RSA_SHA">
1291
<a name="GNUTLS-SIGN-RSA-SHA:CAPS"></a><h3>GNUTLS_SIGN_RSA_SHA</h3>
1292
<pre class="programlisting">#define GNUTLS_SIGN_RSA_SHA GNUTLS_SIGN_RSA_SHA1
1293
</pre>
1294
<p>
1295
</p>
1296
</div>
1297
<hr>
1298
<div class="refsect2" title="GNUTLS_SIGN_DSA_SHA">
1299
<a name="GNUTLS-SIGN-DSA-SHA:CAPS"></a><h3>GNUTLS_SIGN_DSA_SHA</h3>
1300
<pre class="programlisting">#define GNUTLS_SIGN_DSA_SHA GNUTLS_SIGN_DSA_SHA1
1301
</pre>
1302
<p>
1303
</p>
1304
</div>
1305
<hr>
1306
2131
<div class="refsect2" title="enum gnutls_sign_algorithm_t">
1307
2132
<a name="gnutls-sign-algorithm-t"></a><h3>enum gnutls_sign_algorithm_t</h3>
1308
2133
<pre class="programlisting"> typedef enum
1309
2134
{
1310
2135
GNUTLS_SIGN_UNKNOWN = 0,
1311
2136
GNUTLS_SIGN_RSA_SHA1 = 1,
1312
GNUTLS_SIGN_DSA_SHA1,
1313
GNUTLS_SIGN_RSA_MD5,
1314
GNUTLS_SIGN_RSA_MD2,
1315
GNUTLS_SIGN_RSA_RMD160,
1316
GNUTLS_SIGN_RSA_SHA256,
1317
GNUTLS_SIGN_RSA_SHA384,
1318
GNUTLS_SIGN_RSA_SHA512,
1319
GNUTLS_SIGN_RSA_SHA224
2137
GNUTLS_SIGN_RSA_SHA = GNUTLS_SIGN_RSA_SHA1,
2138
GNUTLS_SIGN_DSA_SHA1 = 2,
2139
GNUTLS_SIGN_DSA_SHA = GNUTLS_SIGN_DSA_SHA1,
2140
GNUTLS_SIGN_RSA_MD5 = 3,
2141
GNUTLS_SIGN_RSA_MD2 = 4,
2142
GNUTLS_SIGN_RSA_RMD160 = 5,
2143
GNUTLS_SIGN_RSA_SHA256 = 6,
2144
GNUTLS_SIGN_RSA_SHA384 = 7,
2145
GNUTLS_SIGN_RSA_SHA512 = 8,
2146
GNUTLS_SIGN_RSA_SHA224 = 9
1320
2147
} gnutls_sign_algorithm_t;
1321
2148
</pre>
1322
2149
<p>
2150
Enumeration of different digital signature algorithms.
1323
2151
</p>
2152
<div class="variablelist"><table border="0">
2153
<col align="left" valign="top">
2154
<tbody>
2155
<tr>
2156
<td><p><a name="GNUTLS-SIGN-UNKNOWN:CAPS"></a><span class="term"><code class="literal">GNUTLS_SIGN_UNKNOWN</code></span></p></td>
2157
<td>Unknown signature algorithm.
2158
</td>
2159
</tr>
2160
<tr>
2161
<td><p><a name="GNUTLS-SIGN-RSA-SHA1:CAPS"></a><span class="term"><code class="literal">GNUTLS_SIGN_RSA_SHA1</code></span></p></td>
2162
<td>Digital signature algorithm RSA with SHA-1
2163
</td>
2164
</tr>
2165
<tr>
2166
<td><p><a name="GNUTLS-SIGN-RSA-SHA:CAPS"></a><span class="term"><code class="literal">GNUTLS_SIGN_RSA_SHA</code></span></p></td>
2167
<td>Same as <a class="link" href="gnutls-gnutls.html#GNUTLS-SIGN-RSA-SHA1:CAPS"><code class="literal">GNUTLS_SIGN_RSA_SHA1</code></a>.
2168
</td>
2169
</tr>
2170
<tr>
2171
<td><p><a name="GNUTLS-SIGN-DSA-SHA1:CAPS"></a><span class="term"><code class="literal">GNUTLS_SIGN_DSA_SHA1</code></span></p></td>
2172
<td>Digital signature algorithm DSA with SHA-1
2173
</td>
2174
</tr>
2175
<tr>
2176
<td><p><a name="GNUTLS-SIGN-DSA-SHA:CAPS"></a><span class="term"><code class="literal">GNUTLS_SIGN_DSA_SHA</code></span></p></td>
2177
<td>Same as <a class="link" href="gnutls-gnutls.html#GNUTLS-SIGN-DSA-SHA1:CAPS"><code class="literal">GNUTLS_SIGN_DSA_SHA1</code></a>.
2178
</td>
2179
</tr>
2180
<tr>
2181
<td><p><a name="GNUTLS-SIGN-RSA-MD5:CAPS"></a><span class="term"><code class="literal">GNUTLS_SIGN_RSA_MD5</code></span></p></td>
2182
<td>Digital signature algorithm RSA with MD5.
2183
</td>
2184
</tr>
2185
<tr>
2186
<td><p><a name="GNUTLS-SIGN-RSA-MD2:CAPS"></a><span class="term"><code class="literal">GNUTLS_SIGN_RSA_MD2</code></span></p></td>
2187
<td>Digital signature algorithm RSA with MD2.
2188
</td>
2189
</tr>
2190
<tr>
2191
<td><p><a name="GNUTLS-SIGN-RSA-RMD160:CAPS"></a><span class="term"><code class="literal">GNUTLS_SIGN_RSA_RMD160</code></span></p></td>
2192
<td>Digital signature algorithm RSA with RMD-160.
2193
</td>
2194
</tr>
2195
<tr>
2196
<td><p><a name="GNUTLS-SIGN-RSA-SHA256:CAPS"></a><span class="term"><code class="literal">GNUTLS_SIGN_RSA_SHA256</code></span></p></td>
2197
<td>Digital signature algorithm RSA with SHA-256.
2198
</td>
2199
</tr>
2200
<tr>
2201
<td><p><a name="GNUTLS-SIGN-RSA-SHA384:CAPS"></a><span class="term"><code class="literal">GNUTLS_SIGN_RSA_SHA384</code></span></p></td>
2202
<td>Digital signature algorithm RSA with SHA-384.
2203
</td>
2204
</tr>
2205
<tr>
2206
<td><p><a name="GNUTLS-SIGN-RSA-SHA512:CAPS"></a><span class="term"><code class="literal">GNUTLS_SIGN_RSA_SHA512</code></span></p></td>
2207
<td>Digital signature algorithm RSA with SHA-512.
2208
</td>
2209
</tr>
2210
<tr>
2211
<td><p><a name="GNUTLS-SIGN-RSA-SHA224:CAPS"></a><span class="term"><code class="literal">GNUTLS_SIGN_RSA_SHA224</code></span></p></td>
2212
<td>Digital signature algorithm RSA with SHA-224.
2213
</td>
2214
</tr>
2215
</tbody>
2216
</table></div>
1324
2217
</div>
1325
2218
<hr>
1326
2219
<div class="refsect2" title="gnutls_sign_algorithm_get_name ()">
1327
2220
<a name="gnutls-sign-algorithm-get-name"></a><h3>gnutls_sign_algorithm_get_name ()</h3>
1328
2221
<pre class="programlisting">const <span class="returnvalue">char</span> * gnutls_sign_algorithm_get_name (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-sign-algorithm-t" title="enum gnutls_sign_algorithm_t"><span class="type">gnutls_sign_algorithm_t</span></a> sign</code></em>);</pre>
1329
2222
<p>
2223
Convert a <a class="link" href="gnutls-gnutls.html#gnutls-sign-algorithm-t" title="enum gnutls_sign_algorithm_t"><span class="type">gnutls_sign_algorithm_t</span></a> value to a string.
1330
2224
</p>
1331
2225
<div class="variablelist"><table border="0">
1332
2226
<col align="left" valign="top">
1333
2227
<tbody>
1334
2228
<tr>
1335
2229
<td><p><span class="term"><em class="parameter"><code>sign</code></em> :</span></p></td>
1336
<td>
2230
<td>is a sign algorithm
1337
2231
</td>
1338
2232
</tr>
1339
2233
<tr>
1340
2234
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1341
<td>
2235
<td> a string that contains the name of the specified sign
2236
algorithm, or <code class="literal">NULL</code>.
1342
2237
</td>
1343
2238
</tr>
1344
2239
</tbody>
1418
2313
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_init (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> *session</code></em>,
1419
2314
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-connection-end-t" title="enum gnutls_connection_end_t"><span class="type">gnutls_connection_end_t</span></a> con_end</code></em>);</pre>
1420
2315
<p>
2316
This function initializes the current session to null. Every
2317
session must be initialized before use, so internal structures can
2318
be allocated. This function allocates structures which can only
2319
be free'd by calling <a class="link" href="gnutls-gnutls.html#gnutls-deinit" title="gnutls_deinit ()"><code class="function">gnutls_deinit()</code></a>. Returns zero on success.
2320
</p>
2321
<p>
2322
<em class="parameter"><code>con_end</code></em> can be one of <a class="link" href="gnutls-gnutls.html#GNUTLS-CLIENT:CAPS"><code class="literal">GNUTLS_CLIENT</code></a> and <a class="link" href="gnutls-gnutls.html#GNUTLS-SERVER:CAPS"><code class="literal">GNUTLS_SERVER</code></a>.
1421
2323
</p>
1422
2324
<div class="variablelist"><table border="0">
1423
2325
<col align="left" valign="top">
1424
2326
<tbody>
1425
2327
<tr>
1426
2328
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
1427
<td>
2329
<td>is a pointer to a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
1428
2330
</td>
1429
2331
</tr>
1430
2332
<tr>
1431
2333
<td><p><span class="term"><em class="parameter"><code>con_end</code></em> :</span></p></td>
1432
<td>
2334
<td>indicate if this session is to be used for server or client.
1433
2335
</td>
1434
2336
</tr>
1435
2337
<tr>
1436
2338
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1437
<td>
2339
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an error code.
1438
2340
</td>
1439
2341
</tr>
1440
2342
</tbody>
1445
2347
<a name="gnutls-deinit"></a><h3>gnutls_deinit ()</h3>
1446
2348
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_deinit (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
1447
2349
<p>
2350
This function clears all buffers associated with the <em class="parameter"><code>session</code></em>.
2351
This function will also remove session data from the session
2352
database if the session was terminated abnormally.
1448
2353
</p>
1449
2354
<div class="variablelist"><table border="0">
1450
2355
<col align="left" valign="top">
1451
2356
<tbody><tr>
1452
2357
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
1453
<td>
2358
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
1454
2359
</td>
1455
2360
</tr></tbody>
1456
2361
</table></div>
1461
2366
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_bye (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
1462
2367
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-close-request-t" title="enum gnutls_close_request_t"><span class="type">gnutls_close_request_t</span></a> how</code></em>);</pre>
1463
2368
<p>
2369
Terminates the current TLS/SSL connection. The connection should
2370
have been initiated using <a class="link" href="gnutls-gnutls.html#gnutls-handshake" title="gnutls_handshake ()"><code class="function">gnutls_handshake()</code></a>. <em class="parameter"><code>how</code></em> should be one
2371
of <a class="link" href="gnutls-gnutls.html#GNUTLS-SHUT-RDWR:CAPS"><code class="literal">GNUTLS_SHUT_RDWR</code></a>, <a class="link" href="gnutls-gnutls.html#GNUTLS-SHUT-WR:CAPS"><code class="literal">GNUTLS_SHUT_WR</code></a>.
2372
</p>
2373
<p>
2374
In case of <a class="link" href="gnutls-gnutls.html#GNUTLS-SHUT-RDWR:CAPS"><code class="literal">GNUTLS_SHUT_RDWR</code></a> then the TLS connection gets
2375
terminated and further receives and sends will be disallowed. If
2376
the return value is zero you may continue using the connection.
2377
<a class="link" href="gnutls-gnutls.html#GNUTLS-SHUT-RDWR:CAPS"><code class="literal">GNUTLS_SHUT_RDWR</code></a> actually sends an alert containing a close
2378
request and waits for the peer to reply with the same message.
2379
</p>
2380
<p>
2381
In case of <a class="link" href="gnutls-gnutls.html#GNUTLS-SHUT-WR:CAPS"><code class="literal">GNUTLS_SHUT_WR</code></a> then the TLS connection gets terminated
2382
and further sends will be disallowed. In order to reuse the
2383
connection you should wait for an EOF from the peer.
2384
<a class="link" href="gnutls-gnutls.html#GNUTLS-SHUT-WR:CAPS"><code class="literal">GNUTLS_SHUT_WR</code></a> sends an alert containing a close request.
2385
</p>
2386
<p>
2387
Note that not all implementations will properly terminate a TLS
2388
connection. Some of them, usually for performance reasons, will
2389
terminate only the underlying transport layer, thus causing a
2390
transmission error to the peer. This error cannot be
2391
distinguished from a malicious party prematurely terminating the
2392
session, thus this behavior is not recommended.
2393
</p>
2394
<p>
2395
This function may also return <a class="link" href="gnutls-gnutls.html#GNUTLS-E-AGAIN:CAPS" title="GNUTLS_E_AGAIN"><code class="literal">GNUTLS_E_AGAIN</code></a> or
2396
<a class="link" href="gnutls-gnutls.html#GNUTLS-E-INTERRUPTED:CAPS" title="GNUTLS_E_INTERRUPTED"><code class="literal">GNUTLS_E_INTERRUPTED</code></a>; cf. <a class="link" href="gnutls-gnutls.html#gnutls-record-get-direction" title="gnutls_record_get_direction ()"><code class="function">gnutls_record_get_direction()</code></a>.
1464
2397
</p>
1465
2398
<div class="variablelist"><table border="0">
1466
2399
<col align="left" valign="top">
1467
2400
<tbody>
1468
2401
<tr>
1469
2402
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
1470
<td>
2403
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
1471
2404
</td>
1472
2405
</tr>
1473
2406
<tr>
1474
2407
<td><p><span class="term"><em class="parameter"><code>how</code></em> :</span></p></td>
1475
<td>
2408
<td>is an integer
1476
2409
</td>
1477
2410
</tr>
1478
2411
<tr>
1479
2412
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1480
<td>
2413
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an error code, see
2414
function documentation for entire semantics.
1481
2415
</td>
1482
2416
</tr>
1483
2417
</tbody>
1488
2422
<a name="gnutls-handshake"></a><h3>gnutls_handshake ()</h3>
1489
2423
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_handshake (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
1490
2424
<p>
2425
This function does the handshake of the TLS/SSL protocol, and
2426
initializes the TLS connection.
2427
</p>
2428
<p>
2429
This function will fail if any problem is encountered, and will
2430
return a negative error code. In case of a client, if the client
2431
has asked to resume a session, but the server couldn't, then a
2432
full handshake will be performed.
2433
</p>
2434
<p>
2435
The non-fatal errors such as <a class="link" href="gnutls-gnutls.html#GNUTLS-E-AGAIN:CAPS" title="GNUTLS_E_AGAIN"><code class="literal">GNUTLS_E_AGAIN</code></a> and
2436
<a class="link" href="gnutls-gnutls.html#GNUTLS-E-INTERRUPTED:CAPS" title="GNUTLS_E_INTERRUPTED"><code class="literal">GNUTLS_E_INTERRUPTED</code></a> interrupt the handshake procedure, which
2437
should be later be resumed. Call this function again, until it
2438
returns 0; cf. <a class="link" href="gnutls-gnutls.html#gnutls-record-get-direction" title="gnutls_record_get_direction ()"><code class="function">gnutls_record_get_direction()</code></a> and
2439
<a class="link" href="gnutls-gnutls.html#gnutls-error-is-fatal" title="gnutls_error_is_fatal ()"><code class="function">gnutls_error_is_fatal()</code></a>.
2440
</p>
2441
<p>
2442
If this function is called by a server after a rehandshake request
2443
then <a class="link" href="gnutls-gnutls.html#GNUTLS-E-GOT-APPLICATION-DATA:CAPS" title="GNUTLS_E_GOT_APPLICATION_DATA"><code class="literal">GNUTLS_E_GOT_APPLICATION_DATA</code></a> or
2444
<a class="link" href="gnutls-gnutls.html#GNUTLS-E-WARNING-ALERT-RECEIVED:CAPS" title="GNUTLS_E_WARNING_ALERT_RECEIVED"><code class="literal">GNUTLS_E_WARNING_ALERT_RECEIVED</code></a> may be returned. Note that these
2445
are non fatal errors, only in the specific case of a rehandshake.
2446
Their meaning is that the client rejected the rehandshake request or
2447
in the case of <a class="link" href="gnutls-gnutls.html#GNUTLS-E-GOT-APPLICATION-DATA:CAPS" title="GNUTLS_E_GOT_APPLICATION_DATA"><code class="literal">GNUTLS_E_GOT_APPLICATION_DATA</code></a> it might also mean that
2448
some data were pending.
1491
2449
</p>
1492
2450
<div class="variablelist"><table border="0">
1493
2451
<col align="left" valign="top">
1494
2452
<tbody>
1495
2453
<tr>
1496
2454
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
1497
<td>
2455
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
1498
2456
</td>
1499
2457
</tr>
1500
2458
<tr>
1501
2459
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1502
<td>
2460
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, otherwise an error.
1503
2461
</td>
1504
2462
</tr>
1505
2463
</tbody>
1510
2468
<a name="gnutls-rehandshake"></a><h3>gnutls_rehandshake ()</h3>
1511
2469
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_rehandshake (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
1512
2470
<p>
2471
This function will renegotiate security parameters with the
2472
client. This should only be called in case of a server.
2473
</p>
2474
<p>
2475
This message informs the peer that we want to renegotiate
2476
parameters (perform a handshake).
2477
</p>
2478
<p>
2479
If this function succeeds (returns 0), you must call the
2480
<a class="link" href="gnutls-gnutls.html#gnutls-handshake" title="gnutls_handshake ()"><code class="function">gnutls_handshake()</code></a> function in order to negotiate the new
2481
parameters.
2482
</p>
2483
<p>
2484
Since TLS is full duplex some application data might have been
2485
sent during peer's processing of this message. In that case
2486
one should call <a class="link" href="gnutls-gnutls.html#gnutls-record-recv" title="gnutls_record_recv ()"><code class="function">gnutls_record_recv()</code></a> until GNUTLS_E_REHANDSHAKE
2487
is returned to clear any pending data. Care must be taken if
2488
rehandshake is mandatory to terminate if it does not start after
2489
some threshold.
2490
</p>
2491
<p>
2492
If the client does not wish to renegotiate parameters he will
2493
should with an alert message, thus the return code will be
2494
<a class="link" href="gnutls-gnutls.html#GNUTLS-E-WARNING-ALERT-RECEIVED:CAPS" title="GNUTLS_E_WARNING_ALERT_RECEIVED"><code class="literal">GNUTLS_E_WARNING_ALERT_RECEIVED</code></a> and the alert will be
2495
<a class="link" href="gnutls-gnutls.html#GNUTLS-A-NO-RENEGOTIATION:CAPS"><code class="literal">GNUTLS_A_NO_RENEGOTIATION</code></a>. A client may also choose to ignore
2496
this message.
1513
2497
</p>
1514
2498
<div class="variablelist"><table border="0">
1515
2499
<col align="left" valign="top">
1516
2500
<tbody>
1517
2501
<tr>
1518
2502
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
1519
<td>
2503
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
1520
2504
</td>
1521
2505
</tr>
1522
2506
<tr>
1523
2507
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1524
<td>
2508
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, otherwise an error.
1525
2509
</td>
1526
2510
</tr>
1527
2511
</tbody>
1532
2516
<a name="gnutls-alert-get"></a><h3>gnutls_alert_get ()</h3>
1533
2517
<pre class="programlisting"><a class="link" href="gnutls-gnutls.html#gnutls-alert-description-t" title="enum gnutls_alert_description_t"><span class="returnvalue">gnutls_alert_description_t</span></a> gnutls_alert_get (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
1534
2518
<p>
2519
This function will return the last alert number received. This
2520
function should be called if <a class="link" href="gnutls-gnutls.html#GNUTLS-E-WARNING-ALERT-RECEIVED:CAPS" title="GNUTLS_E_WARNING_ALERT_RECEIVED"><code class="literal">GNUTLS_E_WARNING_ALERT_RECEIVED</code></a> or
2521
<a class="link" href="gnutls-gnutls.html#GNUTLS-E-FATAL-ALERT-RECEIVED:CAPS" title="GNUTLS_E_FATAL_ALERT_RECEIVED"><code class="literal">GNUTLS_E_FATAL_ALERT_RECEIVED</code></a> has been returned by a gnutls
2522
function. The peer may send alerts if he thinks some things were
2523
not right. Check gnutls.h for the available alert descriptions.
2524
</p>
2525
<p>
2526
If no alert has been received the returned value is undefined.
1535
2527
</p>
1536
2528
<div class="variablelist"><table border="0">
1537
2529
<col align="left" valign="top">
1538
2530
<tbody>
1539
2531
<tr>
1540
2532
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
1541
<td>
2533
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
1542
2534
</td>
1543
2535
</tr>
1544
2536
<tr>
1545
2537
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1546
<td>
2538
<td> returns the last alert received, a
2539
<a class="link" href="gnutls-gnutls.html#gnutls-alert-description-t" title="enum gnutls_alert_description_t"><span class="type">gnutls_alert_description_t</span></a> value.
1547
2540
</td>
1548
2541
</tr>
1549
2542
</tbody>
1556
2549
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-alert-level-t" title="enum gnutls_alert_level_t"><span class="type">gnutls_alert_level_t</span></a> level</code></em>,
1557
2550
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-alert-description-t" title="enum gnutls_alert_description_t"><span class="type">gnutls_alert_description_t</span></a> desc</code></em>);</pre>
1558
2551
<p>
2552
This function will send an alert to the peer in order to inform
2553
him of something important (eg. his Certificate could not be verified).
2554
If the alert level is Fatal then the peer is expected to close the
2555
connection, otherwise he may ignore the alert and continue.
2556
</p>
2557
<p>
2558
The error code of the underlying record send function will be
2559
returned, so you may also receive <a class="link" href="gnutls-gnutls.html#GNUTLS-E-INTERRUPTED:CAPS" title="GNUTLS_E_INTERRUPTED"><code class="literal">GNUTLS_E_INTERRUPTED</code></a> or
2560
<a class="link" href="gnutls-gnutls.html#GNUTLS-E-AGAIN:CAPS" title="GNUTLS_E_AGAIN"><code class="literal">GNUTLS_E_AGAIN</code></a> as well.
1559
2561
</p>
1560
2562
<div class="variablelist"><table border="0">
1561
2563
<col align="left" valign="top">
1562
2564
<tbody>
1563
2565
<tr>
1564
2566
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
1565
<td>
2567
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
1566
2568
</td>
1567
2569
</tr>
1568
2570
<tr>
1569
2571
<td><p><span class="term"><em class="parameter"><code>level</code></em> :</span></p></td>
1570
<td>
2572
<td>is the level of the alert
1571
2573
</td>
1572
2574
</tr>
1573
2575
<tr>
1574
2576
<td><p><span class="term"><em class="parameter"><code>desc</code></em> :</span></p></td>
1575
<td>
2577
<td>is the alert description
1576
2578
</td>
1577
2579
</tr>
1578
2580
<tr>
1579
2581
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1580
<td>
2582
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise
2583
an error code is returned.
1581
2584
</td>
1582
2585
</tr>
1583
2586
</tbody>
1589
2592
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_alert_send_appropriate (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
1590
2593
<em class="parameter"><code><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> err</code></em>);</pre>
1591
2594
<p>
2595
Sends an alert to the peer depending on the error code returned by
2596
a gnutls function. This function will call <a class="link" href="gnutls-gnutls.html#gnutls-error-to-alert" title="gnutls_error_to_alert ()"><code class="function">gnutls_error_to_alert()</code></a>
2597
to determine the appropriate alert to send.
2598
</p>
2599
<p>
2600
This function may also return <a class="link" href="gnutls-gnutls.html#GNUTLS-E-AGAIN:CAPS" title="GNUTLS_E_AGAIN"><code class="literal">GNUTLS_E_AGAIN</code></a>, or
2601
<a class="link" href="gnutls-gnutls.html#GNUTLS-E-INTERRUPTED:CAPS" title="GNUTLS_E_INTERRUPTED"><code class="literal">GNUTLS_E_INTERRUPTED</code></a>.
2602
</p>
2603
<p>
2604
If the return value is <a class="link" href="gnutls-gnutls.html#GNUTLS-E-INVALID-REQUEST:CAPS" title="GNUTLS_E_INVALID_REQUEST"><code class="literal">GNUTLS_E_INVALID_REQUEST</code></a>, then no alert has
2605
been sent to the peer.
1592
2606
</p>
1593
2607
<div class="variablelist"><table border="0">
1594
2608
<col align="left" valign="top">
1595
2609
<tbody>
1596
2610
<tr>
1597
2611
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
1598
<td>
2612
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
1599
2613
</td>
1600
2614
</tr>
1601
2615
<tr>
1602
2616
<td><p><span class="term"><em class="parameter"><code>err</code></em> :</span></p></td>
1603
<td>
2617
<td>is an integer
1604
2618
</td>
1605
2619
</tr>
1606
2620
<tr>
1607
2621
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1608
<td>
2622
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise
2623
an error code is returned.
1609
2624
</td>
1610
2625
</tr>
1611
2626
</tbody>
1616
2631
<a name="gnutls-alert-get-name"></a><h3>gnutls_alert_get_name ()</h3>
1617
2632
<pre class="programlisting">const <span class="returnvalue">char</span> * gnutls_alert_get_name (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-alert-description-t" title="enum gnutls_alert_description_t"><span class="type">gnutls_alert_description_t</span></a> alert</code></em>);</pre>
1618
2633
<p>
2634
This function will return a string that describes the given alert
2635
number, or <code class="literal">NULL</code>. See <a class="link" href="gnutls-gnutls.html#gnutls-alert-get" title="gnutls_alert_get ()"><code class="function">gnutls_alert_get()</code></a>.
1619
2636
</p>
1620
2637
<div class="variablelist"><table border="0">
1621
2638
<col align="left" valign="top">
1622
2639
<tbody>
1623
2640
<tr>
1624
2641
<td><p><span class="term"><em class="parameter"><code>alert</code></em> :</span></p></td>
1625
<td>
2642
<td>is an alert number <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
1626
2643
</td>
1627
2644
</tr>
1628
2645
<tr>
1629
2646
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1630
<td>
2647
<td> string corresponding to <a class="link" href="gnutls-gnutls.html#gnutls-alert-description-t" title="enum gnutls_alert_description_t"><span class="type">gnutls_alert_description_t</span></a> value.
1631
2648
</td>
1632
2649
</tr>
1633
2650
</tbody>
1638
2655
<a name="gnutls-cipher-get"></a><h3>gnutls_cipher_get ()</h3>
1639
2656
<pre class="programlisting"><a class="link" href="gnutls-gnutls.html#gnutls-cipher-algorithm-t" title="enum gnutls_cipher_algorithm_t"><span class="returnvalue">gnutls_cipher_algorithm_t</span></a> gnutls_cipher_get (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
1640
2657
<p>
2658
Get currently used cipher.
1641
2659
</p>
1642
2660
<div class="variablelist"><table border="0">
1643
2661
<col align="left" valign="top">
1644
2662
<tbody>
1645
2663
<tr>
1646
2664
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
1647
<td>
2665
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
1648
2666
</td>
1649
2667
</tr>
1650
2668
<tr>
1651
2669
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1652
<td>
2670
<td> the currently used cipher, a <a class="link" href="gnutls-gnutls.html#gnutls-cipher-algorithm-t" title="enum gnutls_cipher_algorithm_t"><span class="type">gnutls_cipher_algorithm_t</span></a>
2671
type.
1653
2672
</td>
1654
2673
</tr>
1655
2674
</tbody>
1660
2679
<a name="gnutls-kx-get"></a><h3>gnutls_kx_get ()</h3>
1661
2680
<pre class="programlisting"><a class="link" href="gnutls-gnutls.html#gnutls-kx-algorithm-t" title="enum gnutls_kx_algorithm_t"><span class="returnvalue">gnutls_kx_algorithm_t</span></a> gnutls_kx_get (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
1662
2681
<p>
2682
Get currently used key exchange algorithm.
1663
2683
</p>
1664
2684
<div class="variablelist"><table border="0">
1665
2685
<col align="left" valign="top">
1666
2686
<tbody>
1667
2687
<tr>
1668
2688
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
1669
<td>
2689
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
1670
2690
</td>
1671
2691
</tr>
1672
2692
<tr>
1673
2693
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1674
<td>
2694
<td> the key exchange algorithm used in the last handshake, a
2695
<a class="link" href="gnutls-gnutls.html#gnutls-kx-algorithm-t" title="enum gnutls_kx_algorithm_t"><span class="type">gnutls_kx_algorithm_t</span></a> value.
1675
2696
</td>
1676
2697
</tr>
1677
2698
</tbody>
1682
2703
<a name="gnutls-mac-get"></a><h3>gnutls_mac_get ()</h3>
1683
2704
<pre class="programlisting"><a class="link" href="gnutls-gnutls.html#gnutls-mac-algorithm-t" title="enum gnutls_mac_algorithm_t"><span class="returnvalue">gnutls_mac_algorithm_t</span></a> gnutls_mac_get (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
1684
2705
<p>
2706
Get currently used MAC algorithm.
1685
2707
</p>
1686
2708
<div class="variablelist"><table border="0">
1687
2709
<col align="left" valign="top">
1688
2710
<tbody>
1689
2711
<tr>
1690
2712
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
1691
<td>
2713
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
1692
2714
</td>
1693
2715
</tr>
1694
2716
<tr>
1695
2717
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1696
<td>
2718
<td> the currently used mac algorithm, a
2719
<a class="link" href="gnutls-gnutls.html#gnutls-mac-algorithm-t" title="enum gnutls_mac_algorithm_t"><span class="type">gnutls_mac_algorithm_t</span></a> value.
1697
2720
</td>
1698
2721
</tr>
1699
2722
</tbody>
1704
2727
<a name="gnutls-compression-get"></a><h3>gnutls_compression_get ()</h3>
1705
2728
<pre class="programlisting"><a class="link" href="gnutls-gnutls.html#gnutls-compression-method-t" title="enum gnutls_compression_method_t"><span class="returnvalue">gnutls_compression_method_t</span></a> gnutls_compression_get (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
1706
2729
<p>
2730
Get currently used compression algorithm.
1707
2731
</p>
1708
2732
<div class="variablelist"><table border="0">
1709
2733
<col align="left" valign="top">
1710
2734
<tbody>
1711
2735
<tr>
1712
2736
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
1713
<td>
2737
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
1714
2738
</td>
1715
2739
</tr>
1716
2740
<tr>
1717
2741
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1718
<td>
2742
<td> the currently used compression method, a
2743
<a class="link" href="gnutls-gnutls.html#gnutls-compression-method-t" title="enum gnutls_compression_method_t"><span class="type">gnutls_compression_method_t</span></a> value.
1719
2744
</td>
1720
2745
</tr>
1721
2746
</tbody>
1726
2751
<a name="gnutls-certificate-type-get"></a><h3>gnutls_certificate_type_get ()</h3>
1727
2752
<pre class="programlisting"><a class="link" href="gnutls-gnutls.html#gnutls-certificate-type-t" title="enum gnutls_certificate_type_t"><span class="returnvalue">gnutls_certificate_type_t</span></a> gnutls_certificate_type_get (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
1728
2753
<p>
1729
</p>
1730
<div class="variablelist"><table border="0">
1731
<col align="left" valign="top">
1732
<tbody>
1733
<tr>
1734
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
1735
<td>
1736
</td>
1737
</tr>
1738
<tr>
1739
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1740
<td>
1741
</td>
1742
</tr>
1743
</tbody>
1744
</table></div>
2754
The certificate type is by default X.509, unless it is negotiated
2755
as a TLS extension.
2756
</p>
2757
<div class="variablelist"><table border="0">
2758
<col align="left" valign="top">
2759
<tbody>
2760
<tr>
2761
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
2762
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
2763
</td>
2764
</tr>
2765
<tr>
2766
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2767
<td> the currently used <a class="link" href="gnutls-gnutls.html#gnutls-certificate-type-t" title="enum gnutls_certificate_type_t"><span class="type">gnutls_certificate_type_t</span></a> certificate
2768
type.
2769
</td>
2770
</tr>
2771
</tbody>
2772
</table></div>
2773
</div>
2774
<hr>
2775
<div class="refsect2" title="gnutls_sign_algorithm_get_requested ()">
2776
<a name="gnutls-sign-algorithm-get-requested"></a><h3>gnutls_sign_algorithm_get_requested ()</h3>
2777
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_sign_algorithm_get_requested (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
2778
<em class="parameter"><code><span class="type">size_t</span> indx</code></em>,
2779
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-sign-algorithm-t" title="enum gnutls_sign_algorithm_t"><span class="type">gnutls_sign_algorithm_t</span></a> *algo</code></em>);</pre>
2780
<p>
2781
Returns the signature algorithm specified by index that was
2782
requested by the peer. If the specified index has no data available
2783
this function returns <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a>. If
2784
the negotiated TLS version does not support signature algorithms
2785
then <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> will be returned even
2786
for the first index. The first index is 0.
2787
</p>
2788
<p>
2789
This function is useful in the certificate callback functions
2790
to assist in selecting the correct certificate.
2791
</p>
2792
<div class="variablelist"><table border="0">
2793
<col align="left" valign="top">
2794
<tbody>
2795
<tr>
2796
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
2797
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
2798
</td>
2799
</tr>
2800
<tr>
2801
<td><p><span class="term"><em class="parameter"><code>indx</code></em> :</span></p></td>
2802
<td>is an index of the signature algorithm to return
2803
</td>
2804
</tr>
2805
<tr>
2806
<td><p><span class="term"><em class="parameter"><code>algo</code></em> :</span></p></td>
2807
<td>the returned certificate type will be stored there
2808
</td>
2809
</tr>
2810
<tr>
2811
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2812
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise
2813
an error code is returned.
2814
2815
</td>
2816
</tr>
2817
</tbody>
2818
</table></div>
2819
<p class="since">Since 2.10.0</p>
1745
2820
</div>
1746
2821
<hr>
1747
2822
<div class="refsect2" title="gnutls_cipher_get_key_size ()">
1748
2823
<a name="gnutls-cipher-get-key-size"></a><h3>gnutls_cipher_get_key_size ()</h3>
1749
2824
<pre class="programlisting"><span class="returnvalue">size_t</span> gnutls_cipher_get_key_size (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-cipher-algorithm-t" title="enum gnutls_cipher_algorithm_t"><span class="type">gnutls_cipher_algorithm_t</span></a> algorithm</code></em>);</pre>
1750
2825
<p>
2826
Get key size for cipher.
1751
2827
</p>
1752
2828
<div class="variablelist"><table border="0">
1753
2829
<col align="left" valign="top">
1754
2830
<tbody>
1755
2831
<tr>
1756
2832
<td><p><span class="term"><em class="parameter"><code>algorithm</code></em> :</span></p></td>
1757
<td>
2833
<td>is an encryption algorithm
1758
2834
</td>
1759
2835
</tr>
1760
2836
<tr>
1761
2837
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1762
<td>
2838
<td> length (in bytes) of the given cipher's key size, or 0 if
2839
the given cipher is invalid.
1763
2840
</td>
1764
2841
</tr>
1765
2842
</tbody>
1770
2847
<a name="gnutls-mac-get-key-size"></a><h3>gnutls_mac_get_key_size ()</h3>
1771
2848
<pre class="programlisting"><span class="returnvalue">size_t</span> gnutls_mac_get_key_size (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-mac-algorithm-t" title="enum gnutls_mac_algorithm_t"><span class="type">gnutls_mac_algorithm_t</span></a> algorithm</code></em>);</pre>
1772
2849
<p>
2850
Get size of MAC key.
1773
2851
</p>
1774
2852
<div class="variablelist"><table border="0">
1775
2853
<col align="left" valign="top">
1776
2854
<tbody>
1777
2855
<tr>
1778
2856
<td><p><span class="term"><em class="parameter"><code>algorithm</code></em> :</span></p></td>
1779
<td>
2857
<td>is an encryption algorithm
1780
2858
</td>
1781
2859
</tr>
1782
2860
<tr>
1783
2861
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1784
<td>
2862
<td> length (in bytes) of the given MAC key size, or 0 if the
2863
given MAC algorithm is invalid.
1785
2864
</td>
1786
2865
</tr>
1787
2866
</tbody>
1792
2871
<a name="gnutls-cipher-get-name"></a><h3>gnutls_cipher_get_name ()</h3>
1793
2872
<pre class="programlisting">const <span class="returnvalue">char</span> * gnutls_cipher_get_name (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-cipher-algorithm-t" title="enum gnutls_cipher_algorithm_t"><span class="type">gnutls_cipher_algorithm_t</span></a> algorithm</code></em>);</pre>
1794
2873
<p>
2874
Convert a <a class="link" href="gnutls-gnutls.html#gnutls-cipher-algorithm-t" title="enum gnutls_cipher_algorithm_t"><span class="type">gnutls_cipher_algorithm_t</span></a> type to a string.
1795
2875
</p>
1796
2876
<div class="variablelist"><table border="0">
1797
2877
<col align="left" valign="top">
1798
2878
<tbody>
1799
2879
<tr>
1800
2880
<td><p><span class="term"><em class="parameter"><code>algorithm</code></em> :</span></p></td>
1801
<td>
2881
<td>is an encryption algorithm
1802
2882
</td>
1803
2883
</tr>
1804
2884
<tr>
1805
2885
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1806
<td>
2886
<td> a pointer to a string that contains the name of the
2887
specified cipher, or <code class="literal">NULL</code>.
1807
2888
</td>
1808
2889
</tr>
1809
2890
</tbody>
1814
2895
<a name="gnutls-mac-get-name"></a><h3>gnutls_mac_get_name ()</h3>
1815
2896
<pre class="programlisting">const <span class="returnvalue">char</span> * gnutls_mac_get_name (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-mac-algorithm-t" title="enum gnutls_mac_algorithm_t"><span class="type">gnutls_mac_algorithm_t</span></a> algorithm</code></em>);</pre>
1816
2897
<p>
2898
Convert a <a class="link" href="gnutls-gnutls.html#gnutls-mac-algorithm-t" title="enum gnutls_mac_algorithm_t"><span class="type">gnutls_mac_algorithm_t</span></a> value to a string.
1817
2899
</p>
1818
2900
<div class="variablelist"><table border="0">
1819
2901
<col align="left" valign="top">
1820
2902
<tbody>
1821
2903
<tr>
1822
2904
<td><p><span class="term"><em class="parameter"><code>algorithm</code></em> :</span></p></td>
1823
<td>
2905
<td>is a MAC algorithm
1824
2906
</td>
1825
2907
</tr>
1826
2908
<tr>
1827
2909
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1828
<td>
2910
<td> a string that contains the name of the specified MAC
2911
algorithm, or <code class="literal">NULL</code>.
1829
2912
</td>
1830
2913
</tr>
1831
2914
</tbody>
1836
2919
<a name="gnutls-compression-get-name"></a><h3>gnutls_compression_get_name ()</h3>
1837
2920
<pre class="programlisting">const <span class="returnvalue">char</span> * gnutls_compression_get_name (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-compression-method-t" title="enum gnutls_compression_method_t"><span class="type">gnutls_compression_method_t</span></a> algorithm</code></em>);</pre>
1838
2921
<p>
2922
Convert a <a class="link" href="gnutls-gnutls.html#gnutls-compression-method-t" title="enum gnutls_compression_method_t"><span class="type">gnutls_compression_method_t</span></a> value to a string.
1839
2923
</p>
1840
2924
<div class="variablelist"><table border="0">
1841
2925
<col align="left" valign="top">
1842
2926
<tbody>
1843
2927
<tr>
1844
2928
<td><p><span class="term"><em class="parameter"><code>algorithm</code></em> :</span></p></td>
1845
<td>
2929
<td>is a Compression algorithm
1846
2930
</td>
1847
2931
</tr>
1848
2932
<tr>
1849
2933
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1850
<td>
2934
<td> a pointer to a string that contains the name of the
2935
specified compression algorithm, or <code class="literal">NULL</code>.
1851
2936
</td>
1852
2937
</tr>
1853
2938
</tbody>
1858
2943
<a name="gnutls-kx-get-name"></a><h3>gnutls_kx_get_name ()</h3>
1859
2944
<pre class="programlisting">const <span class="returnvalue">char</span> * gnutls_kx_get_name (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-kx-algorithm-t" title="enum gnutls_kx_algorithm_t"><span class="type">gnutls_kx_algorithm_t</span></a> algorithm</code></em>);</pre>
1860
2945
<p>
2946
Convert a <a class="link" href="gnutls-gnutls.html#gnutls-kx-algorithm-t" title="enum gnutls_kx_algorithm_t"><span class="type">gnutls_kx_algorithm_t</span></a> value to a string.
1861
2947
</p>
1862
2948
<div class="variablelist"><table border="0">
1863
2949
<col align="left" valign="top">
1864
2950
<tbody>
1865
2951
<tr>
1866
2952
<td><p><span class="term"><em class="parameter"><code>algorithm</code></em> :</span></p></td>
1867
<td>
2953
<td>is a key exchange algorithm
1868
2954
</td>
1869
2955
</tr>
1870
2956
<tr>
1871
2957
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1872
<td>
2958
<td> a pointer to a string that contains the name of the
2959
specified key exchange algorithm, or <code class="literal">NULL</code>.
1873
2960
</td>
1874
2961
</tr>
1875
2962
</tbody>
1880
2967
<a name="gnutls-certificate-type-get-name"></a><h3>gnutls_certificate_type_get_name ()</h3>
1881
2968
<pre class="programlisting">const <span class="returnvalue">char</span> * gnutls_certificate_type_get_name (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-certificate-type-t" title="enum gnutls_certificate_type_t"><span class="type">gnutls_certificate_type_t</span></a> type</code></em>);</pre>
1882
2969
<p>
2970
Convert a <a class="link" href="gnutls-gnutls.html#gnutls-certificate-type-t" title="enum gnutls_certificate_type_t"><span class="type">gnutls_certificate_type_t</span></a> type to a string.
1883
2971
</p>
1884
2972
<div class="variablelist"><table border="0">
1885
2973
<col align="left" valign="top">
1886
2974
<tbody>
1887
2975
<tr>
1888
2976
<td><p><span class="term"><em class="parameter"><code>type</code></em> :</span></p></td>
1889
<td>
2977
<td>is a certificate type
1890
2978
</td>
1891
2979
</tr>
1892
2980
<tr>
1893
2981
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1894
<td>
2982
<td> a string that contains the name of the specified
2983
certificate type, or <code class="literal">NULL</code> in case of unknown types.
1895
2984
</td>
1896
2985
</tr>
1897
2986
</tbody>
1902
2991
<a name="gnutls-pk-get-name"></a><h3>gnutls_pk_get_name ()</h3>
1903
2992
<pre class="programlisting">const <span class="returnvalue">char</span> * gnutls_pk_get_name (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pk-algorithm-t" title="enum gnutls_pk_algorithm_t"><span class="type">gnutls_pk_algorithm_t</span></a> algorithm</code></em>);</pre>
1904
2993
<p>
2994
Convert a <a class="link" href="gnutls-gnutls.html#gnutls-pk-algorithm-t" title="enum gnutls_pk_algorithm_t"><span class="type">gnutls_pk_algorithm_t</span></a> value to a string.
1905
2995
</p>
1906
2996
<div class="variablelist"><table border="0">
1907
2997
<col align="left" valign="top">
1908
2998
<tbody>
1909
2999
<tr>
1910
3000
<td><p><span class="term"><em class="parameter"><code>algorithm</code></em> :</span></p></td>
1911
<td>
3001
<td>is a public key algorithm
1912
3002
</td>
1913
3003
</tr>
1914
3004
<tr>
1915
3005
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1916
<td>
3006
<td> a pointer to a string that contains the name of the
3007
specified public key algorithm, or <code class="literal">NULL</code>.
3008
1917
3009
</td>
1918
3010
</tr>
1919
3011
</tbody>
1920
3012
</table></div>
3013
<p class="since">Since 2.6.0</p>
1921
3014
</div>
1922
3015
<hr>
1923
3016
<div class="refsect2" title="gnutls_sign_get_name ()">
1924
3017
<a name="gnutls-sign-get-name"></a><h3>gnutls_sign_get_name ()</h3>
1925
3018
<pre class="programlisting">const <span class="returnvalue">char</span> * gnutls_sign_get_name (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-sign-algorithm-t" title="enum gnutls_sign_algorithm_t"><span class="type">gnutls_sign_algorithm_t</span></a> algorithm</code></em>);</pre>
1926
3019
<p>
3020
Convert a <a class="link" href="gnutls-gnutls.html#gnutls-sign-algorithm-t" title="enum gnutls_sign_algorithm_t"><span class="type">gnutls_sign_algorithm_t</span></a> value to a string.
1927
3021
</p>
1928
3022
<div class="variablelist"><table border="0">
1929
3023
<col align="left" valign="top">
1930
3024
<tbody>
1931
3025
<tr>
1932
3026
<td><p><span class="term"><em class="parameter"><code>algorithm</code></em> :</span></p></td>
1933
<td>
3027
<td>is a public key signature algorithm
1934
3028
</td>
1935
3029
</tr>
1936
3030
<tr>
1937
3031
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1938
<td>
3032
<td> a pointer to a string that contains the name of the
3033
specified public key signature algorithm, or <code class="literal">NULL</code>.
3034
1939
3035
</td>
1940
3036
</tr>
1941
3037
</tbody>
1942
3038
</table></div>
3039
<p class="since">Since 2.6.0</p>
1943
3040
</div>
1944
3041
<hr>
1945
3042
<div class="refsect2" title="gnutls_mac_get_id ()">
1946
3043
<a name="gnutls-mac-get-id"></a><h3>gnutls_mac_get_id ()</h3>
1947
3044
<pre class="programlisting"><a class="link" href="gnutls-gnutls.html#gnutls-mac-algorithm-t" title="enum gnutls_mac_algorithm_t"><span class="returnvalue">gnutls_mac_algorithm_t</span></a> gnutls_mac_get_id (<em class="parameter"><code>const <span class="type">char</span> *name</code></em>);</pre>
1948
3045
<p>
3046
Convert a string to a <a class="link" href="gnutls-gnutls.html#gnutls-mac-algorithm-t" title="enum gnutls_mac_algorithm_t"><span class="type">gnutls_mac_algorithm_t</span></a> value. The names are
3047
compared in a case insensitive way.
1949
3048
</p>
1950
3049
<div class="variablelist"><table border="0">
1951
3050
<col align="left" valign="top">
1952
3051
<tbody>
1953
3052
<tr>
1954
3053
<td><p><span class="term"><em class="parameter"><code>name</code></em> :</span></p></td>
1955
<td>
3054
<td>is a MAC algorithm name
1956
3055
</td>
1957
3056
</tr>
1958
3057
<tr>
1959
3058
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1960
<td>
3059
<td> a <a class="link" href="gnutls-gnutls.html#gnutls-mac-algorithm-t" title="enum gnutls_mac_algorithm_t"><span class="type">gnutls_mac_algorithm_t</span></a> id of the specified MAC
3060
algorithm string, or <a class="link" href="gnutls-gnutls.html#GNUTLS-MAC-UNKNOWN:CAPS"><code class="literal">GNUTLS_MAC_UNKNOWN</code></a> on failures.
1961
3061
</td>
1962
3062
</tr>
1963
3063
</tbody>
1968
3068
<a name="gnutls-compression-get-id"></a><h3>gnutls_compression_get_id ()</h3>
1969
3069
<pre class="programlisting"><a class="link" href="gnutls-gnutls.html#gnutls-compression-method-t" title="enum gnutls_compression_method_t"><span class="returnvalue">gnutls_compression_method_t</span></a> gnutls_compression_get_id (<em class="parameter"><code>const <span class="type">char</span> *name</code></em>);</pre>
1970
3070
<p>
3071
The names are compared in a case insensitive way.
1971
3072
</p>
1972
3073
<div class="variablelist"><table border="0">
1973
3074
<col align="left" valign="top">
1974
3075
<tbody>
1975
3076
<tr>
1976
3077
<td><p><span class="term"><em class="parameter"><code>name</code></em> :</span></p></td>
1977
<td>
3078
<td>is a compression method name
1978
3079
</td>
1979
3080
</tr>
1980
3081
<tr>
1981
3082
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1982
<td>
3083
<td> an id of the specified in a string compression method, or
3084
<a class="link" href="gnutls-gnutls.html#GNUTLS-COMP-UNKNOWN:CAPS"><code class="literal">GNUTLS_COMP_UNKNOWN</code></a> on error.
1983
3085
</td>
1984
3086
</tr>
1985
3087
</tbody>
1990
3092
<a name="gnutls-cipher-get-id"></a><h3>gnutls_cipher_get_id ()</h3>
1991
3093
<pre class="programlisting"><a class="link" href="gnutls-gnutls.html#gnutls-cipher-algorithm-t" title="enum gnutls_cipher_algorithm_t"><span class="returnvalue">gnutls_cipher_algorithm_t</span></a> gnutls_cipher_get_id (<em class="parameter"><code>const <span class="type">char</span> *name</code></em>);</pre>
1992
3094
<p>
3095
The names are compared in a case insensitive way.
1993
3096
</p>
1994
3097
<div class="variablelist"><table border="0">
1995
3098
<col align="left" valign="top">
1996
3099
<tbody>
1997
3100
<tr>
1998
3101
<td><p><span class="term"><em class="parameter"><code>name</code></em> :</span></p></td>
1999
<td>
3102
<td>is a MAC algorithm name
2000
3103
</td>
2001
3104
</tr>
2002
3105
<tr>
2003
3106
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2004
<td>
3107
<td> return a <a class="link" href="gnutls-gnutls.html#gnutls-cipher-algorithm-t" title="enum gnutls_cipher_algorithm_t"><span class="type">gnutls_cipher_algorithm_t</span></a> value corresponding to
3108
the specified cipher, or <a class="link" href="gnutls-gnutls.html#GNUTLS-CIPHER-UNKNOWN:CAPS"><code class="literal">GNUTLS_CIPHER_UNKNOWN</code></a> on error.
2005
3109
</td>
2006
3110
</tr>
2007
3111
</tbody>
2012
3116
<a name="gnutls-kx-get-id"></a><h3>gnutls_kx_get_id ()</h3>
2013
3117
<pre class="programlisting"><a class="link" href="gnutls-gnutls.html#gnutls-kx-algorithm-t" title="enum gnutls_kx_algorithm_t"><span class="returnvalue">gnutls_kx_algorithm_t</span></a> gnutls_kx_get_id (<em class="parameter"><code>const <span class="type">char</span> *name</code></em>);</pre>
2014
3118
<p>
3119
Convert a string to a <a class="link" href="gnutls-gnutls.html#gnutls-kx-algorithm-t" title="enum gnutls_kx_algorithm_t"><span class="type">gnutls_kx_algorithm_t</span></a> value. The names are
3120
compared in a case insensitive way.
2015
3121
</p>
2016
3122
<div class="variablelist"><table border="0">
2017
3123
<col align="left" valign="top">
2018
3124
<tbody>
2019
3125
<tr>
2020
3126
<td><p><span class="term"><em class="parameter"><code>name</code></em> :</span></p></td>
2021
<td>
3127
<td>is a KX name
2022
3128
</td>
2023
3129
</tr>
2024
3130
<tr>
2025
3131
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2026
<td>
3132
<td> an id of the specified KX algorithm, or <a class="link" href="gnutls-gnutls.html#GNUTLS-KX-UNKNOWN:CAPS"><code class="literal">GNUTLS_KX_UNKNOWN</code></a>
3133
on error.
2027
3134
</td>
2028
3135
</tr>
2029
3136
</tbody>
2034
3141
<a name="gnutls-protocol-get-id"></a><h3>gnutls_protocol_get_id ()</h3>
2035
3142
<pre class="programlisting"><a class="link" href="gnutls-gnutls.html#gnutls-protocol-t" title="enum gnutls_protocol_t"><span class="returnvalue">gnutls_protocol_t</span></a> gnutls_protocol_get_id (<em class="parameter"><code>const <span class="type">char</span> *name</code></em>);</pre>
2036
3143
<p>
3144
The names are compared in a case insensitive way.
2037
3145
</p>
2038
3146
<div class="variablelist"><table border="0">
2039
3147
<col align="left" valign="top">
2040
3148
<tbody>
2041
3149
<tr>
2042
3150
<td><p><span class="term"><em class="parameter"><code>name</code></em> :</span></p></td>
2043
<td>
3151
<td>is a protocol name
2044
3152
</td>
2045
3153
</tr>
2046
3154
<tr>
2047
3155
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2048
<td>
3156
<td> an id of the specified protocol, or
3157
<a class="link" href="gnutls-gnutls.html#GNUTLS-VERSION-UNKNOWN:CAPS"><code class="literal">GNUTLS_VERSION_UNKNOWN</code></a> on error.
2049
3158
</td>
2050
3159
</tr>
2051
3160
</tbody>
2057
3166
<pre class="programlisting"><a class="link" href="gnutls-gnutls.html#gnutls-certificate-type-t" title="enum gnutls_certificate_type_t"><span class="returnvalue">gnutls_certificate_type_t</span></a> gnutls_certificate_type_get_id
2058
3167
(<em class="parameter"><code>const <span class="type">char</span> *name</code></em>);</pre>
2059
3168
<p>
3169
The names are compared in a case insensitive way.
2060
3170
</p>
2061
3171
<div class="variablelist"><table border="0">
2062
3172
<col align="left" valign="top">
2063
3173
<tbody>
2064
3174
<tr>
2065
3175
<td><p><span class="term"><em class="parameter"><code>name</code></em> :</span></p></td>
2066
<td>
3176
<td>is a certificate type name
2067
3177
</td>
2068
3178
</tr>
2069
3179
<tr>
2070
3180
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2071
<td>
3181
<td> a <a class="link" href="gnutls-gnutls.html#gnutls-certificate-type-t" title="enum gnutls_certificate_type_t"><span class="type">gnutls_certificate_type_t</span></a> for the specified in a
3182
string certificate type, or <a class="link" href="gnutls-gnutls.html#GNUTLS-CRT-UNKNOWN:CAPS"><code class="literal">GNUTLS_CRT_UNKNOWN</code></a> on error.
2072
3183
</td>
2073
3184
</tr>
2074
3185
</tbody>
2079
3190
<a name="gnutls-pk-get-id"></a><h3>gnutls_pk_get_id ()</h3>
2080
3191
<pre class="programlisting"><a class="link" href="gnutls-gnutls.html#gnutls-pk-algorithm-t" title="enum gnutls_pk_algorithm_t"><span class="returnvalue">gnutls_pk_algorithm_t</span></a> gnutls_pk_get_id (<em class="parameter"><code>const <span class="type">char</span> *name</code></em>);</pre>
2081
3192
<p>
3193
Convert a string to a <a class="link" href="gnutls-gnutls.html#gnutls-pk-algorithm-t" title="enum gnutls_pk_algorithm_t"><span class="type">gnutls_pk_algorithm_t</span></a> value. The names are
3194
compared in a case insensitive way. For example,
3195
gnutls_pk_get_id("RSA") will return <a class="link" href="gnutls-gnutls.html#GNUTLS-PK-RSA:CAPS"><code class="literal">GNUTLS_PK_RSA</code></a>.
2082
3196
</p>
2083
3197
<div class="variablelist"><table border="0">
2084
3198
<col align="left" valign="top">
2085
3199
<tbody>
2086
3200
<tr>
2087
3201
<td><p><span class="term"><em class="parameter"><code>name</code></em> :</span></p></td>
2088
<td>
3202
<td>is a string containing a public key algorithm name.
2089
3203
</td>
2090
3204
</tr>
2091
3205
<tr>
2092
3206
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2093
<td>
3207
<td> a <a class="link" href="gnutls-gnutls.html#gnutls-pk-algorithm-t" title="enum gnutls_pk_algorithm_t"><span class="type">gnutls_pk_algorithm_t</span></a> id of the specified public key
3208
algorithm string, or <a class="link" href="gnutls-gnutls.html#GNUTLS-PK-UNKNOWN:CAPS"><code class="literal">GNUTLS_PK_UNKNOWN</code></a> on failures.
3209
2094
3210
</td>
2095
3211
</tr>
2096
3212
</tbody>
2097
3213
</table></div>
3214
<p class="since">Since 2.6.0</p>
2098
3215
</div>
2099
3216
<hr>
2100
3217
<div class="refsect2" title="gnutls_sign_get_id ()">
2101
3218
<a name="gnutls-sign-get-id"></a><h3>gnutls_sign_get_id ()</h3>
2102
3219
<pre class="programlisting"><a class="link" href="gnutls-gnutls.html#gnutls-sign-algorithm-t" title="enum gnutls_sign_algorithm_t"><span class="returnvalue">gnutls_sign_algorithm_t</span></a> gnutls_sign_get_id (<em class="parameter"><code>const <span class="type">char</span> *name</code></em>);</pre>
2103
3220
<p>
3221
The names are compared in a case insensitive way.
2104
3222
</p>
2105
3223
<div class="variablelist"><table border="0">
2106
3224
<col align="left" valign="top">
2107
3225
<tbody>
2108
3226
<tr>
2109
3227
<td><p><span class="term"><em class="parameter"><code>name</code></em> :</span></p></td>
2110
<td>
3228
<td>is a MAC algorithm name
2111
3229
</td>
2112
3230
</tr>
2113
3231
<tr>
2114
3232
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2115
<td>
3233
<td> return a <a class="link" href="gnutls-gnutls.html#gnutls-sign-algorithm-t" title="enum gnutls_sign_algorithm_t"><span class="type">gnutls_sign_algorithm_t</span></a> value corresponding to
3234
the specified cipher, or <a class="link" href="gnutls-gnutls.html#GNUTLS-SIGN-UNKNOWN:CAPS"><code class="literal">GNUTLS_SIGN_UNKNOWN</code></a> on error.
2116
3235
</td>
2117
3236
</tr>
2118
3237
</tbody>
2123
3242
<a name="gnutls-cipher-list"></a><h3>gnutls_cipher_list ()</h3>
2124
3243
<pre class="programlisting">const <a class="link" href="gnutls-gnutls.html#gnutls-cipher-algorithm-t" title="enum gnutls_cipher_algorithm_t"><span class="returnvalue">gnutls_cipher_algorithm_t</span></a> * gnutls_cipher_list (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
2125
3244
<p>
3245
Get a list of supported cipher algorithms. Note that not
3246
necessarily all ciphers are supported as TLS cipher suites. For
3247
example, DES is not supported as a cipher suite, but is supported
3248
for other purposes (e.g., PKCS#8 or similar).
2126
3249
</p>
2127
3250
<div class="variablelist"><table border="0">
2128
3251
<col align="left" valign="top">
2129
3252
<tbody><tr>
2130
3253
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2131
<td>
3254
<td> a zero-terminated list of <a class="link" href="gnutls-gnutls.html#gnutls-cipher-algorithm-t" title="enum gnutls_cipher_algorithm_t"><span class="type">gnutls_cipher_algorithm_t</span></a>
3255
integers indicating the available ciphers.
3256
2132
3257
</td>
2133
3258
</tr></tbody>
2134
3259
</table></div>
2138
3263
<a name="gnutls-mac-list"></a><h3>gnutls_mac_list ()</h3>
2139
3264
<pre class="programlisting">const <a class="link" href="gnutls-gnutls.html#gnutls-mac-algorithm-t" title="enum gnutls_mac_algorithm_t"><span class="returnvalue">gnutls_mac_algorithm_t</span></a> * gnutls_mac_list (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
2140
3265
<p>
3266
Get a list of hash algorithms for use as MACs. Note that not
3267
necessarily all MACs are supported in TLS cipher suites. For
3268
example, MD2 is not supported as a cipher suite, but is supported
3269
for other purposes (e.g., X.509 signature verification or similar).
2141
3270
</p>
2142
3271
<div class="variablelist"><table border="0">
2143
3272
<col align="left" valign="top">
2144
3273
<tbody><tr>
2145
3274
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2146
<td>
3275
<td> Return a zero-terminated list of <a class="link" href="gnutls-gnutls.html#gnutls-mac-algorithm-t" title="enum gnutls_mac_algorithm_t"><span class="type">gnutls_mac_algorithm_t</span></a>
3276
integers indicating the available MACs.
2147
3277
</td>
2148
3278
</tr></tbody>
2149
3279
</table></div>
2154
3284
<pre class="programlisting">const <a class="link" href="gnutls-gnutls.html#gnutls-compression-method-t" title="enum gnutls_compression_method_t"><span class="returnvalue">gnutls_compression_method_t</span></a> * gnutls_compression_list
2155
3285
(<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
2156
3286
<p>
3287
Get a list of compression methods. Note that to be able to use LZO
3288
compression, you must link to libgnutls-extra and call
3289
<a class="link" href="gnutls-extra.html#gnutls-global-init-extra" title="gnutls_global_init_extra ()"><code class="function">gnutls_global_init_extra()</code></a>.
2157
3290
</p>
2158
3291
<div class="variablelist"><table border="0">
2159
3292
<col align="left" valign="top">
2160
3293
<tbody><tr>
2161
3294
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2162
<td>
3295
<td> a zero-terminated list of <a class="link" href="gnutls-gnutls.html#gnutls-compression-method-t" title="enum gnutls_compression_method_t"><span class="type">gnutls_compression_method_t</span></a>
3296
integers indicating the available compression methods.
2163
3297
</td>
2164
3298
</tr></tbody>
2165
3299
</table></div>
2169
3303
<a name="gnutls-protocol-list"></a><h3>gnutls_protocol_list ()</h3>
2170
3304
<pre class="programlisting">const <a class="link" href="gnutls-gnutls.html#gnutls-protocol-t" title="enum gnutls_protocol_t"><span class="returnvalue">gnutls_protocol_t</span></a> * gnutls_protocol_list (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
2171
3305
<p>
3306
Get a list of supported protocols, e.g. SSL 3.0, TLS 1.0 etc.
2172
3307
</p>
2173
3308
<div class="variablelist"><table border="0">
2174
3309
<col align="left" valign="top">
2175
3310
<tbody><tr>
2176
3311
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2177
<td>
3312
<td> a zero-terminated list of <a class="link" href="gnutls-gnutls.html#gnutls-protocol-t" title="enum gnutls_protocol_t"><span class="type">gnutls_protocol_t</span></a> integers
3313
indicating the available protocols.
3314
2178
3315
</td>
2179
3316
</tr></tbody>
2180
3317
</table></div>
2185
3322
<pre class="programlisting">const <a class="link" href="gnutls-gnutls.html#gnutls-certificate-type-t" title="enum gnutls_certificate_type_t"><span class="returnvalue">gnutls_certificate_type_t</span></a> * gnutls_certificate_type_list
2186
3323
(<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
2187
3324
<p>
3325
Get a list of certificate types. Note that to be able to use
3326
OpenPGP certificates, you must link to libgnutls-extra and call
3327
<a class="link" href="gnutls-extra.html#gnutls-global-init-extra" title="gnutls_global_init_extra ()"><code class="function">gnutls_global_init_extra()</code></a>.
2188
3328
</p>
2189
3329
<div class="variablelist"><table border="0">
2190
3330
<col align="left" valign="top">
2191
3331
<tbody><tr>
2192
3332
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2193
<td>
3333
<td> a zero-terminated list of <a class="link" href="gnutls-gnutls.html#gnutls-certificate-type-t" title="enum gnutls_certificate_type_t"><span class="type">gnutls_certificate_type_t</span></a>
3334
integers indicating the available certificate types.
2194
3335
</td>
2195
3336
</tr></tbody>
2196
3337
</table></div>
2200
3341
<a name="gnutls-kx-list"></a><h3>gnutls_kx_list ()</h3>
2201
3342
<pre class="programlisting">const <a class="link" href="gnutls-gnutls.html#gnutls-kx-algorithm-t" title="enum gnutls_kx_algorithm_t"><span class="returnvalue">gnutls_kx_algorithm_t</span></a> * gnutls_kx_list (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
2202
3343
<p>
3344
Get a list of supported key exchange algorithms.
2203
3345
</p>
2204
3346
<div class="variablelist"><table border="0">
2205
3347
<col align="left" valign="top">
2206
3348
<tbody><tr>
2207
3349
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2208
<td>
3350
<td> a zero-terminated list of <a class="link" href="gnutls-gnutls.html#gnutls-kx-algorithm-t" title="enum gnutls_kx_algorithm_t"><span class="type">gnutls_kx_algorithm_t</span></a> integers
3351
indicating the available key exchange algorithms.
2209
3352
</td>
2210
3353
</tr></tbody>
2211
3354
</table></div>
2215
3358
<a name="gnutls-pk-list"></a><h3>gnutls_pk_list ()</h3>
2216
3359
<pre class="programlisting">const <a class="link" href="gnutls-gnutls.html#gnutls-pk-algorithm-t" title="enum gnutls_pk_algorithm_t"><span class="returnvalue">gnutls_pk_algorithm_t</span></a> * gnutls_pk_list (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
2217
3360
<p>
3361
Get a list of supported public key algorithms.
2218
3362
</p>
2219
3363
<div class="variablelist"><table border="0">
2220
3364
<col align="left" valign="top">
2221
3365
<tbody><tr>
2222
3366
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2223
<td>
3367
<td> a zero-terminated list of <a class="link" href="gnutls-gnutls.html#gnutls-pk-algorithm-t" title="enum gnutls_pk_algorithm_t"><span class="type">gnutls_pk_algorithm_t</span></a> integers
3368
indicating the available ciphers.
3369
2224
3370
</td>
2225
3371
</tr></tbody>
2226
3372
</table></div>
3373
<p class="since">Since 2.6.0</p>
2227
3374
</div>
2228
3375
<hr>
2229
3376
<div class="refsect2" title="gnutls_sign_list ()">
2230
3377
<a name="gnutls-sign-list"></a><h3>gnutls_sign_list ()</h3>
2231
3378
<pre class="programlisting">const <a class="link" href="gnutls-gnutls.html#gnutls-sign-algorithm-t" title="enum gnutls_sign_algorithm_t"><span class="returnvalue">gnutls_sign_algorithm_t</span></a> * gnutls_sign_list (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
2232
3379
<p>
3380
Get a list of supported public key signature algorithms.
2233
3381
</p>
2234
3382
<div class="variablelist"><table border="0">
2235
3383
<col align="left" valign="top">
2236
3384
<tbody><tr>
2237
3385
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2238
<td>
3386
<td> a zero-terminated list of <a class="link" href="gnutls-gnutls.html#gnutls-sign-algorithm-t" title="enum gnutls_sign_algorithm_t"><span class="type">gnutls_sign_algorithm_t</span></a>
3387
integers indicating the available ciphers.
3388
2239
3389
</td>
2240
3390
</tr></tbody>
2241
3391
</table></div>
2253
3403
Get information about supported cipher suites. Use the function
2254
3404
iteratively to get information about all supported cipher suites.
2255
3405
Call with idx=0 to get information about first cipher suite, then
2256
idx=1 and so on until the function returns NULL.</p>
3406
idx=1 and so on until the function returns NULL.
3407
</p>
2257
3408
<div class="variablelist"><table border="0">
2258
3409
<col align="left" valign="top">
2259
3410
<tbody>
2302
3453
<a name="gnutls-error-is-fatal"></a><h3>gnutls_error_is_fatal ()</h3>
2303
3454
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_error_is_fatal (<em class="parameter"><code><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> error</code></em>);</pre>
2304
3455
<p>
3456
If a GnuTLS function returns a negative value you may feed that
3457
value to this function to see if the error condition is fatal.
3458
</p>
3459
<p>
3460
Note that you may want to check the error code manually, since some
3461
non-fatal errors to the protocol may be fatal for you program.
3462
</p>
3463
<p>
3464
This function is only useful if you are dealing with errors from
3465
the record layer or the handshake layer.
2305
3466
</p>
2306
3467
<div class="variablelist"><table border="0">
2307
3468
<col align="left" valign="top">
2308
3469
<tbody>
2309
3470
<tr>
2310
3471
<td><p><span class="term"><em class="parameter"><code>error</code></em> :</span></p></td>
2311
<td>
3472
<td>is a GnuTLS error code, a negative value
2312
3473
</td>
2313
3474
</tr>
2314
3475
<tr>
2315
3476
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2316
<td>
3477
<td> 1 if the error code is fatal, for positive <em class="parameter"><code>error</code></em> values,
3478
0 is returned. For unknown <em class="parameter"><code>error</code></em> values, -1 is returned.
2317
3479
</td>
2318
3480
</tr>
2319
3481
</tbody>
2325
3487
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_error_to_alert (<em class="parameter"><code><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> err</code></em>,
2326
3488
<em class="parameter"><code><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> *level</code></em>);</pre>
2327
3489
<p>
3490
Get an alert depending on the error code returned by a gnutls
3491
function. All alerts sent by this function should be considered
3492
fatal. The only exception is when <em class="parameter"><code>err</code></em> is <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REHANDSHAKE:CAPS" title="GNUTLS_E_REHANDSHAKE"><code class="literal">GNUTLS_E_REHANDSHAKE</code></a>,
3493
where a warning alert should be sent to the peer indicating that no
3494
renegotiation will be performed.
3495
</p>
3496
<p>
3497
If there is no mapping to a valid alert the alert to indicate
3498
internal error is returned.
2328
3499
</p>
2329
3500
<div class="variablelist"><table border="0">
2330
3501
<col align="left" valign="top">
2331
3502
<tbody>
2332
3503
<tr>
2333
3504
<td><p><span class="term"><em class="parameter"><code>err</code></em> :</span></p></td>
2334
<td>
3505
<td>is a negative integer
2335
3506
</td>
2336
3507
</tr>
2337
3508
<tr>
2338
3509
<td><p><span class="term"><em class="parameter"><code>level</code></em> :</span></p></td>
2339
<td>
3510
<td>the alert level will be stored there
2340
3511
</td>
2341
3512
</tr>
2342
3513
<tr>
2343
3514
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2344
<td>
3515
<td> the alert code to use for a particular error code.
2345
3516
</td>
2346
3517
</tr>
2347
3518
</tbody>
2352
3523
<a name="gnutls-perror"></a><h3>gnutls_perror ()</h3>
2353
3524
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_perror (<em class="parameter"><code><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> error</code></em>);</pre>
2354
3525
<p>
3526
This function is like <code class="function">perror()</code>. The only difference is that it
3527
accepts an error number returned by a gnutls function.
2355
3528
</p>
2356
3529
<div class="variablelist"><table border="0">
2357
3530
<col align="left" valign="top">
2358
3531
<tbody><tr>
2359
3532
<td><p><span class="term"><em class="parameter"><code>error</code></em> :</span></p></td>
2360
<td>
3533
<td>is a GnuTLS error code, a negative value
2361
3534
</td>
2362
3535
</tr></tbody>
2363
3536
</table></div>
2367
3540
<a name="gnutls-strerror"></a><h3>gnutls_strerror ()</h3>
2368
3541
<pre class="programlisting">const <span class="returnvalue">char</span> * gnutls_strerror (<em class="parameter"><code><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> error</code></em>);</pre>
2369
3542
<p>
3543
This function is similar to strerror. The difference is that it
3544
accepts an error number returned by a gnutls function; In case of
3545
an unknown error a descriptive string is sent instead of <code class="literal">NULL</code>.
3546
</p>
3547
<p>
3548
Error codes are always a negative value.
2370
3549
</p>
2371
3550
<div class="variablelist"><table border="0">
2372
3551
<col align="left" valign="top">
2373
3552
<tbody>
2374
3553
<tr>
2375
3554
<td><p><span class="term"><em class="parameter"><code>error</code></em> :</span></p></td>
2376
<td>
3555
<td>is a GnuTLS error code, a negative value
2377
3556
</td>
2378
3557
</tr>
2379
3558
<tr>
2380
3559
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2381
<td>
3560
<td> A string explaining the GnuTLS error message.
2382
3561
</td>
2383
3562
</tr>
2384
3563
</tbody>
2391
3570
<p>
2392
3571
Return the GnuTLS error code define as a string. For example,
2393
3572
gnutls_strerror_name (GNUTLS_E_DH_PRIME_UNACCEPTABLE) will return
2394
the string "GNUTLS_E_DH_PRIME_UNACCEPTABLE".</p>
3573
the string "GNUTLS_E_DH_PRIME_UNACCEPTABLE".
3574
</p>
2395
3575
<div class="variablelist"><table border="0">
2396
3576
<col align="left" valign="top">
2397
3577
<tbody>
2418
3598
(<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
2419
3599
<em class="parameter"><code><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> allow</code></em>);</pre>
2420
3600
<p>
3601
This function will enable or disable the use of private cipher
3602
suites (the ones that start with 0xFF). By default or if <em class="parameter"><code>allow</code></em>
3603
is 0 then these cipher suites will not be advertized nor used.
3604
</p>
3605
<p>
3606
Unless this function is called with the option to allow (1), then
3607
no compression algorithms, like LZO. That is because these
3608
algorithms are not yet defined in any RFC or even internet draft.
3609
</p>
3610
<p>
3611
Enabling the private ciphersuites when talking to other than
3612
gnutls servers and clients may cause interoperability problems.
2421
3613
</p>
2422
3614
<div class="variablelist"><table border="0">
2423
3615
<col align="left" valign="top">
2424
3616
<tbody>
2425
3617
<tr>
2426
3618
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
2427
<td>
3619
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
2428
3620
</td>
2429
3621
</tr>
2430
3622
<tr>
2431
3623
<td><p><span class="term"><em class="parameter"><code>allow</code></em> :</span></p></td>
2432
<td>
3624
<td>is an integer (0 or 1)
2433
3625
</td>
2434
3626
</tr>
2435
3627
</tbody>
2441
3633
<pre class="programlisting"><a class="link" href="gnutls-gnutls.html#gnutls-handshake-description-t" title="enum gnutls_handshake_description_t"><span class="returnvalue">gnutls_handshake_description_t</span></a> gnutls_handshake_get_last_out
2442
3634
(<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
2443
3635
<p>
3636
This function is only useful to check where the last performed
3637
handshake failed. If the previous handshake succeed or was not
3638
performed at all then no meaningful value will be returned.
3639
</p>
3640
<p>
3641
Check <a class="link" href="gnutls-gnutls.html#gnutls-handshake-description-t" title="enum gnutls_handshake_description_t"><code class="literal">gnutls_handshake_description_t</code></a> in gnutls.h for the
3642
available handshake descriptions.
2444
3643
</p>
2445
3644
<div class="variablelist"><table border="0">
2446
3645
<col align="left" valign="top">
2447
3646
<tbody>
2448
3647
<tr>
2449
3648
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
2450
<td>
3649
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
2451
3650
</td>
2452
3651
</tr>
2453
3652
<tr>
2454
3653
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2455
<td>
3654
<td> the last handshake message type sent, a
3655
<a class="link" href="gnutls-gnutls.html#gnutls-handshake-description-t" title="enum gnutls_handshake_description_t"><code class="literal">gnutls_handshake_description_t</code></a>.
2456
3656
</td>
2457
3657
</tr>
2458
3658
</tbody>
2464
3664
<pre class="programlisting"><a class="link" href="gnutls-gnutls.html#gnutls-handshake-description-t" title="enum gnutls_handshake_description_t"><span class="returnvalue">gnutls_handshake_description_t</span></a> gnutls_handshake_get_last_in
2465
3665
(<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
2466
3666
<p>
3667
This function is only useful to check where the last performed
3668
handshake failed. If the previous handshake succeed or was not
3669
performed at all then no meaningful value will be returned.
3670
</p>
3671
<p>
3672
Check <a class="link" href="gnutls-gnutls.html#gnutls-handshake-description-t" title="enum gnutls_handshake_description_t"><code class="literal">gnutls_handshake_description_t</code></a> in gnutls.h for the
3673
available handshake descriptions.
2467
3674
</p>
2468
3675
<div class="variablelist"><table border="0">
2469
3676
<col align="left" valign="top">
2470
3677
<tbody>
2471
3678
<tr>
2472
3679
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
2473
<td>
3680
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
2474
3681
</td>
2475
3682
</tr>
2476
3683
<tr>
2477
3684
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2478
<td>
3685
<td> the last handshake message type received, a
3686
<a class="link" href="gnutls-gnutls.html#gnutls-handshake-description-t" title="enum gnutls_handshake_description_t"><code class="literal">gnutls_handshake_description_t</code></a>.
2479
3687
</td>
2480
3688
</tr>
2481
3689
</tbody>
2488
3696
<em class="parameter"><code>const <span class="type">void</span> *data</code></em>,
2489
3697
<em class="parameter"><code><span class="type">size_t</span> sizeofdata</code></em>);</pre>
2490
3698
<p>
3699
This function has the similar semantics with <code class="function">send()</code>. The only
3700
difference is that it accepts a GnuTLS session, and uses different
3701
error codes.
3702
</p>
3703
<p>
3704
Note that if the send buffer is full, <code class="function">send()</code> will block this
3705
function. See the <code class="function">send()</code> documentation for full information. You
3706
can replace the default push function by using
3707
<a class="link" href="gnutls-gnutls.html#gnutls-transport-set-ptr2" title="gnutls_transport_set_ptr2 ()"><code class="function">gnutls_transport_set_ptr2()</code></a> with a call to <code class="function">send()</code> with a
3708
MSG_DONTWAIT flag if blocking is a problem.
3709
</p>
3710
<p>
3711
If the EINTR is returned by the internal push function (the
3712
default is <code class="function">send()</code>} then <a class="link" href="gnutls-gnutls.html#GNUTLS-E-INTERRUPTED:CAPS" title="GNUTLS_E_INTERRUPTED"><code class="literal">GNUTLS_E_INTERRUPTED</code></a> will be returned. If
3713
<a class="link" href="gnutls-gnutls.html#GNUTLS-E-INTERRUPTED:CAPS" title="GNUTLS_E_INTERRUPTED"><code class="literal">GNUTLS_E_INTERRUPTED</code></a> or <a class="link" href="gnutls-gnutls.html#GNUTLS-E-AGAIN:CAPS" title="GNUTLS_E_AGAIN"><code class="literal">GNUTLS_E_AGAIN</code></a> is returned, you must
3714
call this function again, with the same parameters; alternatively
3715
you could provide a <code class="literal">NULL</code> pointer for data, and 0 for
3716
size. cf. <a class="link" href="gnutls-gnutls.html#gnutls-record-get-direction" title="gnutls_record_get_direction ()"><code class="function">gnutls_record_get_direction()</code></a>.
2491
3717
</p>
2492
3718
<div class="variablelist"><table border="0">
2493
3719
<col align="left" valign="top">
2494
3720
<tbody>
2495
3721
<tr>
2496
3722
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
2497
<td>
3723
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
2498
3724
</td>
2499
3725
</tr>
2500
3726
<tr>
2501
3727
<td><p><span class="term"><em class="parameter"><code>data</code></em> :</span></p></td>
2502
<td>
3728
<td>contains the data to send
2503
3729
</td>
2504
3730
</tr>
2505
3731
<tr>
2506
3732
<td><p><span class="term"><em class="parameter"><code>sizeofdata</code></em> :</span></p></td>
2507
<td>
3733
<td>is the length of the data
2508
3734
</td>
2509
3735
</tr>
2510
3736
<tr>
2511
3737
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2512
<td>
3738
<td> the number of bytes sent, or a negative error code. The
3739
number of bytes sent might be less than <em class="parameter"><code>sizeofdata</code></em>. The maximum
3740
number of bytes this function can send in a single call depends
3741
on the negotiated maximum record size.
2513
3742
</td>
2514
3743
</tr>
2515
3744
</tbody>
2522
3751
<em class="parameter"><code><span class="type">void</span> *data</code></em>,
2523
3752
<em class="parameter"><code><span class="type">size_t</span> sizeofdata</code></em>);</pre>
2524
3753
<p>
3754
This function has the similar semantics with <code class="function">recv()</code>. The only
3755
difference is that it accepts a GnuTLS session, and uses different
3756
error codes.
3757
</p>
3758
<p>
3759
In the special case that a server requests a renegotiation, the
3760
client may receive an error code of <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REHANDSHAKE:CAPS" title="GNUTLS_E_REHANDSHAKE"><code class="literal">GNUTLS_E_REHANDSHAKE</code></a>. This
3761
message may be simply ignored, replied with an alert
3762
<a class="link" href="gnutls-gnutls.html#GNUTLS-A-NO-RENEGOTIATION:CAPS"><code class="literal">GNUTLS_A_NO_RENEGOTIATION</code></a>, or replied with a new handshake,
3763
depending on the client's will.
3764
</p>
3765
<p>
3766
If <code class="literal">EINTR</code> is returned by the internal push function (the default
3767
is <code class="function">recv()</code>) then <a class="link" href="gnutls-gnutls.html#GNUTLS-E-INTERRUPTED:CAPS" title="GNUTLS_E_INTERRUPTED"><code class="literal">GNUTLS_E_INTERRUPTED</code></a> will be returned. If
3768
<a class="link" href="gnutls-gnutls.html#GNUTLS-E-INTERRUPTED:CAPS" title="GNUTLS_E_INTERRUPTED"><code class="literal">GNUTLS_E_INTERRUPTED</code></a> or <a class="link" href="gnutls-gnutls.html#GNUTLS-E-AGAIN:CAPS" title="GNUTLS_E_AGAIN"><code class="literal">GNUTLS_E_AGAIN</code></a> is returned, you must
3769
call this function again to get the data. See also
3770
<a class="link" href="gnutls-gnutls.html#gnutls-record-get-direction" title="gnutls_record_get_direction ()"><code class="function">gnutls_record_get_direction()</code></a>.
3771
</p>
3772
<p>
3773
A server may also receive <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REHANDSHAKE:CAPS" title="GNUTLS_E_REHANDSHAKE"><code class="literal">GNUTLS_E_REHANDSHAKE</code></a> when a client has
3774
initiated a handshake. In that case the server can only initiate a
3775
handshake or terminate the connection.
2525
3776
</p>
2526
3777
<div class="variablelist"><table border="0">
2527
3778
<col align="left" valign="top">
2528
3779
<tbody>
2529
3780
<tr>
2530
3781
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
2531
<td>
3782
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
2532
3783
</td>
2533
3784
</tr>
2534
3785
<tr>
2535
3786
<td><p><span class="term"><em class="parameter"><code>data</code></em> :</span></p></td>
2536
<td>
3787
<td>the buffer that the data will be read into
2537
3788
</td>
2538
3789
</tr>
2539
3790
<tr>
2540
3791
<td><p><span class="term"><em class="parameter"><code>sizeofdata</code></em> :</span></p></td>
2541
<td>
3792
<td>the number of requested bytes
2542
3793
</td>
2543
3794
</tr>
2544
3795
<tr>
2545
3796
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2546
<td>
3797
<td> the number of bytes received and zero on EOF. A negative
3798
error code is returned in case of an error. The number of bytes
3799
received might be less than <em class="parameter"><code>sizeofdata</code></em>.
2547
3800
</td>
2548
3801
</tr>
2549
3802
</tbody>
2571
3824
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_session_enable_compatibility_mode
2572
3825
(<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
2573
3826
<p>
3827
This function can be used to disable certain (security) features in
3828
TLS in order to maintain maximum compatibility with buggy
3829
clients. It is equivalent to calling:
3830
<a class="link" href="gnutls-gnutls.html#gnutls-record-disable-padding" title="gnutls_record_disable_padding ()"><code class="function">gnutls_record_disable_padding()</code></a>
3831
</p>
3832
<p>
3833
Normally only servers that require maximum compatibility with
3834
everything out there, need to call this function.
2574
3835
</p>
2575
3836
<div class="variablelist"><table border="0">
2576
3837
<col align="left" valign="top">
2577
3838
<tbody><tr>
2578
3839
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
2579
<td>
3840
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
2580
3841
</td>
2581
3842
</tr></tbody>
2582
3843
</table></div>
2586
3847
<a name="gnutls-record-disable-padding"></a><h3>gnutls_record_disable_padding ()</h3>
2587
3848
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_record_disable_padding (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
2588
3849
<p>
3850
Used to disabled padding in TLS 1.0 and above. Normally you do not
3851
need to use this function, but there are buggy clients that
3852
complain if a server pads the encrypted data. This of course will
3853
disable protection against statistical attacks on the data.
3854
</p>
3855
<p>
3856
Normally only servers that require maximum compatibility with everything
3857
out there, need to call this function.
2589
3858
</p>
2590
3859
<div class="variablelist"><table border="0">
2591
3860
<col align="left" valign="top">
2592
3861
<tbody><tr>
2593
3862
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
2594
<td>
3863
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
2595
3864
</td>
2596
3865
</tr></tbody>
2597
3866
</table></div>
2601
3870
<a name="gnutls-record-get-direction"></a><h3>gnutls_record_get_direction ()</h3>
2602
3871
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_record_get_direction (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
2603
3872
<p>
3873
This function provides information about the internals of the
3874
record protocol and is only useful if a prior gnutls function call
3875
(e.g. <a class="link" href="gnutls-gnutls.html#gnutls-handshake" title="gnutls_handshake ()"><code class="function">gnutls_handshake()</code></a>) was interrupted for some reason, that
3876
is, if a function returned <a class="link" href="gnutls-gnutls.html#GNUTLS-E-INTERRUPTED:CAPS" title="GNUTLS_E_INTERRUPTED"><code class="literal">GNUTLS_E_INTERRUPTED</code></a> or
3877
<a class="link" href="gnutls-gnutls.html#GNUTLS-E-AGAIN:CAPS" title="GNUTLS_E_AGAIN"><code class="literal">GNUTLS_E_AGAIN</code></a>. In such a case, you might want to call <code class="function">select()</code>
3878
or <code class="function">poll()</code> before calling the interrupted gnutls function again. To
3879
tell you whether a file descriptor should be selected for either
3880
reading or writing, <a class="link" href="gnutls-gnutls.html#gnutls-record-get-direction" title="gnutls_record_get_direction ()"><code class="function">gnutls_record_get_direction()</code></a> returns 0 if the
3881
interrupted function was trying to read data, and 1 if it was
3882
trying to write data.
2604
3883
</p>
2605
3884
<div class="variablelist"><table border="0">
2606
3885
<col align="left" valign="top">
2607
3886
<tbody>
2608
3887
<tr>
2609
3888
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
2610
<td>
3889
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
2611
3890
</td>
2612
3891
</tr>
2613
3892
<tr>
2614
3893
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2615
<td>
3894
<td> 0 if trying to read data, 1 if trying to write data.
2616
3895
</td>
2617
3896
</tr>
2618
3897
</tbody>
2623
3902
<a name="gnutls-record-get-max-size"></a><h3>gnutls_record_get_max_size ()</h3>
2624
3903
<pre class="programlisting"><span class="returnvalue">size_t</span> gnutls_record_get_max_size (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
2625
3904
<p>
3905
Get the record size. The maximum record size is negotiated by the
3906
client after the first handshake message.
2626
3907
</p>
2627
3908
<div class="variablelist"><table border="0">
2628
3909
<col align="left" valign="top">
2629
3910
<tbody>
2630
3911
<tr>
2631
3912
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
2632
<td>
3913
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
2633
3914
</td>
2634
3915
</tr>
2635
3916
<tr>
2636
3917
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2637
<td>
3918
<td> The maximum record packet size in this connection.
2638
3919
</td>
2639
3920
</tr>
2640
3921
</tbody>
2646
3927
<pre class="programlisting"><span class="returnvalue">ssize_t</span> gnutls_record_set_max_size (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
2647
3928
<em class="parameter"><code><span class="type">size_t</span> size</code></em>);</pre>
2648
3929
<p>
3930
This function sets the maximum record packet size in this
3931
connection. This property can only be set to clients. The server
3932
may choose not to accept the requested size.
3933
</p>
3934
<p>
3935
Acceptable values are 512(=2^9), 1024(=2^10), 2048(=2^11) and
3936
4096(=2^12). The requested record size does get in effect
3937
immediately only while sending data. The receive part will take
3938
effect after a successful handshake.
3939
</p>
3940
<p>
3941
This function uses a TLS extension called 'max record size'. Not
3942
all TLS implementations use or even understand this extension.
2649
3943
</p>
2650
3944
<div class="variablelist"><table border="0">
2651
3945
<col align="left" valign="top">
2652
3946
<tbody>
2653
3947
<tr>
2654
3948
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
2655
<td>
3949
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
2656
3950
</td>
2657
3951
</tr>
2658
3952
<tr>
2659
3953
<td><p><span class="term"><em class="parameter"><code>size</code></em> :</span></p></td>
2660
<td>
3954
<td>is the new size
2661
3955
</td>
2662
3956
</tr>
2663
3957
<tr>
2664
3958
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2665
<td>
3959
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (zero) is returned,
3960
otherwise an error code is returned.
2666
3961
</td>
2667
3962
</tr>
2668
3963
</tbody>
2673
3968
<a name="gnutls-record-check-pending"></a><h3>gnutls_record_check_pending ()</h3>
2674
3969
<pre class="programlisting"><span class="returnvalue">size_t</span> gnutls_record_check_pending (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
2675
3970
<p>
3971
This function checks if there are any data to receive in the gnutls
3972
buffers.
3973
</p>
3974
<p>
3975
Notice that you may also use <code class="function">select()</code> to check for data in a TCP
3976
connection, instead of this function. GnuTLS leaves some data in
3977
the tcp buffer in order for select to work.
2676
3978
</p>
2677
3979
<div class="variablelist"><table border="0">
2678
3980
<col align="left" valign="top">
2679
3981
<tbody>
2680
3982
<tr>
2681
3983
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
2682
<td>
3984
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
2683
3985
</td>
2684
3986
</tr>
2685
3987
<tr>
2686
3988
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2687
<td>
3989
<td> the size of that data or 0.
2688
3990
</td>
2689
3991
</tr>
2690
3992
</tbody>
2702
4004
<em class="parameter"><code><span class="type">size_t</span> outsize</code></em>,
2703
4005
<em class="parameter"><code><span class="type">char</span> *out</code></em>);</pre>
2704
4006
<p>
4007
Apply the TLS Pseudo-Random-Function (PRF) using the master secret
4008
on some data, seeded with the client and server random fields.
4009
</p>
4010
<p>
4011
The <em class="parameter"><code>label</code></em> variable usually contain a string denoting the purpose
4012
for the generated data. The <em class="parameter"><code>server_random_first</code></em> indicate whether
4013
the client random field or the server random field should be first
4014
in the seed. Non-0 indicate that the server random field is first,
4015
0 that the client random field is first.
4016
</p>
4017
<p>
4018
The <em class="parameter"><code>extra</code></em> variable can be used to add more data to the seed, after
4019
the random variables. It can be used to tie make sure the
4020
generated output is strongly connected to some additional data
4021
(e.g., a string used in user authentication).
4022
</p>
4023
<p>
4024
The output is placed in *<em class="parameter"><code>OUT</code></em>, which must be pre-allocated.
2705
4025
</p>
2706
4026
<div class="variablelist"><table border="0">
2707
4027
<col align="left" valign="top">
2708
4028
<tbody>
2709
4029
<tr>
2710
4030
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
2711
<td>
4031
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
2712
4032
</td>
2713
4033
</tr>
2714
4034
<tr>
2715
4035
<td><p><span class="term"><em class="parameter"><code>label_size</code></em> :</span></p></td>
2716
<td>
4036
<td>length of the <em class="parameter"><code>label</code></em> variable.
2717
4037
</td>
2718
4038
</tr>
2719
4039
<tr>
2720
4040
<td><p><span class="term"><em class="parameter"><code>label</code></em> :</span></p></td>
2721
<td>
4041
<td>label used in PRF computation, typically a short string.
2722
4042
</td>
2723
4043
</tr>
2724
4044
<tr>
2725
4045
<td><p><span class="term"><em class="parameter"><code>server_random_first</code></em> :</span></p></td>
2726
<td>
4046
<td>non-0 if server random field should be first in seed
2727
4047
</td>
2728
4048
</tr>
2729
4049
<tr>
2730
4050
<td><p><span class="term"><em class="parameter"><code>extra_size</code></em> :</span></p></td>
2731
<td>
4051
<td>length of the <em class="parameter"><code>extra</code></em> variable.
2732
4052
</td>
2733
4053
</tr>
2734
4054
<tr>
2735
4055
<td><p><span class="term"><em class="parameter"><code>extra</code></em> :</span></p></td>
2736
<td>
4056
<td>optional extra data to seed the PRF with.
2737
4057
</td>
2738
4058
</tr>
2739
4059
<tr>
2740
4060
<td><p><span class="term"><em class="parameter"><code>outsize</code></em> :</span></p></td>
2741
<td>
4061
<td>size of pre-allocated output buffer to hold the output.
2742
4062
</td>
2743
4063
</tr>
2744
4064
<tr>
2745
4065
<td><p><span class="term"><em class="parameter"><code>out</code></em> :</span></p></td>
2746
<td>
4066
<td>pre-allocate buffer to hold the generated data.
2747
4067
</td>
2748
4068
</tr>
2749
4069
<tr>
2750
4070
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2751
<td>
4071
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an error code.
2752
4072
</td>
2753
4073
</tr>
2754
4074
</tbody>
2765
4085
<em class="parameter"><code><span class="type">size_t</span> outsize</code></em>,
2766
4086
<em class="parameter"><code><span class="type">char</span> *out</code></em>);</pre>
2767
4087
<p>
4088
Apply the TLS Pseudo-Random-Function (PRF) using the master secret
4089
on some data.
4090
</p>
4091
<p>
4092
The <em class="parameter"><code>label</code></em> variable usually contain a string denoting the purpose
4093
for the generated data. The <em class="parameter"><code>seed</code></em> usually contain data such as the
4094
client and server random, perhaps together with some additional
4095
data that is added to guarantee uniqueness of the output for a
4096
particular purpose.
4097
</p>
4098
<p>
4099
Because the output is not guaranteed to be unique for a particular
4100
session unless <em class="parameter"><code>seed</code></em> include the client random and server random
4101
fields (the PRF would output the same data on another connection
4102
resumed from the first one), it is not recommended to use this
4103
function directly. The <a class="link" href="gnutls-gnutls.html#gnutls-prf" title="gnutls_prf ()"><code class="function">gnutls_prf()</code></a> function seed the PRF with the
4104
client and server random fields directly, and is recommended if you
4105
want to generate pseudo random data unique for each session.
2768
4106
</p>
2769
4107
<div class="variablelist"><table border="0">
2770
4108
<col align="left" valign="top">
2771
4109
<tbody>
2772
4110
<tr>
2773
4111
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
2774
<td>
4112
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
2775
4113
</td>
2776
4114
</tr>
2777
4115
<tr>
2778
4116
<td><p><span class="term"><em class="parameter"><code>label_size</code></em> :</span></p></td>
2779
<td>
4117
<td>length of the <em class="parameter"><code>label</code></em> variable.
2780
4118
</td>
2781
4119
</tr>
2782
4120
<tr>
2783
4121
<td><p><span class="term"><em class="parameter"><code>label</code></em> :</span></p></td>
2784
<td>
4122
<td>label used in PRF computation, typically a short string.
2785
4123
</td>
2786
4124
</tr>
2787
4125
<tr>
2788
4126
<td><p><span class="term"><em class="parameter"><code>seed_size</code></em> :</span></p></td>
2789
<td>
4127
<td>length of the <em class="parameter"><code>seed</code></em> variable.
2790
4128
</td>
2791
4129
</tr>
2792
4130
<tr>
2793
4131
<td><p><span class="term"><em class="parameter"><code>seed</code></em> :</span></p></td>
2794
<td>
4132
<td>optional extra data to seed the PRF with.
2795
4133
</td>
2796
4134
</tr>
2797
4135
<tr>
2798
4136
<td><p><span class="term"><em class="parameter"><code>outsize</code></em> :</span></p></td>
2799
<td>
4137
<td>size of pre-allocated output buffer to hold the output.
2800
4138
</td>
2801
4139
</tr>
2802
4140
<tr>
2803
4141
<td><p><span class="term"><em class="parameter"><code>out</code></em> :</span></p></td>
2804
<td>
4142
<td>pre-allocate buffer to hold the generated data.
2805
4143
</td>
2806
4144
</tr>
2807
4145
<tr>
2808
4146
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2809
<td>
4147
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an error code.
2810
4148
</td>
2811
4149
</tr>
2812
4150
</tbody>
2884
4222
<div class="refsect2" title="enum gnutls_ext_parse_type_t">
2885
4223
<a name="gnutls-ext-parse-type-t"></a><h3>enum gnutls_ext_parse_type_t</h3>
2886
4224
<pre class="programlisting"> typedef enum
2887
{
2888
GNUTLS_EXT_ANY,
2889
GNUTLS_EXT_APPLICATION,
2890
GNUTLS_EXT_TLS
2891
} gnutls_ext_parse_type_t;
4225
{
4226
GNUTLS_EXT_ANY = 0,
4227
GNUTLS_EXT_APPLICATION = 1,
4228
GNUTLS_EXT_TLS = 2,
4229
GNUTLS_EXT_MANDATORY = 3,
4230
GNUTLS_EXT_NONE = 4
4231
} gnutls_ext_parse_type_t;
2892
4232
</pre>
2893
4233
<p>
4234
Enumeration of different TLS extension types. This flag
4235
indicates for an extension whether it is useful to application
4236
level or TLS level only. This is (only) used to parse the
4237
application level extensions before the "client_hello" callback
4238
is called.
2894
4239
</p>
4240
<div class="variablelist"><table border="0">
4241
<col align="left" valign="top">
4242
<tbody>
4243
<tr>
4244
<td><p><a name="GNUTLS-EXT-ANY:CAPS"></a><span class="term"><code class="literal">GNUTLS_EXT_ANY</code></span></p></td>
4245
<td>Any extension type.
4246
</td>
4247
</tr>
4248
<tr>
4249
<td><p><a name="GNUTLS-EXT-APPLICATION:CAPS"></a><span class="term"><code class="literal">GNUTLS_EXT_APPLICATION</code></span></p></td>
4250
<td>Application extension.
4251
</td>
4252
</tr>
4253
<tr>
4254
<td><p><a name="GNUTLS-EXT-TLS:CAPS"></a><span class="term"><code class="literal">GNUTLS_EXT_TLS</code></span></p></td>
4255
<td>TLS-internal extension.
4256
</td>
4257
</tr>
4258
<tr>
4259
<td><p><a name="GNUTLS-EXT-MANDATORY:CAPS"></a><span class="term"><code class="literal">GNUTLS_EXT_MANDATORY</code></span></p></td>
4260
<td>Extension parsed even if resuming (or extensions are disabled).
4261
</td>
4262
</tr>
4263
<tr>
4264
<td><p><a name="GNUTLS-EXT-NONE:CAPS"></a><span class="term"><code class="literal">GNUTLS_EXT_NONE</code></span></p></td>
4265
<td>Never parsed
4266
</td>
4267
</tr>
4268
</tbody>
4269
</table></div>
2895
4270
</div>
2896
4271
<hr>
2897
4272
<div class="refsect2" title="gnutls_ext_register ()">
2902
4277
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-ext-recv-func" title="gnutls_ext_recv_func ()"><span class="type">gnutls_ext_recv_func</span></a> recv_func</code></em>,
2903
4278
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-ext-send-func" title="gnutls_ext_send_func ()"><span class="type">gnutls_ext_send_func</span></a> send_func</code></em>);</pre>
2904
4279
<p>
4280
This function is used to register a new TLS extension handler.
2905
4281
</p>
2906
4282
<div class="variablelist"><table border="0">
2907
4283
<col align="left" valign="top">
2908
4284
<tbody>
2909
4285
<tr>
2910
4286
<td><p><span class="term"><em class="parameter"><code>type</code></em> :</span></p></td>
2911
<td>
4287
<td>the 16-bit integer referring to the extension type
2912
4288
</td>
2913
4289
</tr>
2914
4290
<tr>
2915
4291
<td><p><span class="term"><em class="parameter"><code>name</code></em> :</span></p></td>
2916
<td>
4292
<td>human printable name of the extension used for debugging
2917
4293
</td>
2918
4294
</tr>
2919
4295
<tr>
2920
4296
<td><p><span class="term"><em class="parameter"><code>parse_type</code></em> :</span></p></td>
2921
<td>
4297
<td>either <a class="link" href="gnutls-gnutls.html#GNUTLS-EXT-TLS:CAPS"><span class="type">GNUTLS_EXT_TLS</span></a> or <a class="link" href="gnutls-gnutls.html#GNUTLS-EXT-APPLICATION:CAPS"><code class="literal">GNUTLS_EXT_APPLICATION</code></a>.
2922
4298
</td>
2923
4299
</tr>
2924
4300
<tr>
2925
4301
<td><p><span class="term"><em class="parameter"><code>recv_func</code></em> :</span></p></td>
2926
<td>
4302
<td>a function to receive extension data
2927
4303
</td>
2928
4304
</tr>
2929
4305
<tr>
2930
4306
<td><p><span class="term"><em class="parameter"><code>send_func</code></em> :</span></p></td>
2931
<td>
4307
<td>a function to send extension data
2932
4308
</td>
2933
4309
</tr>
2934
4310
<tr>
2935
4311
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2936
<td>
4312
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an error code.
4313
2937
4314
</td>
2938
4315
</tr>
2939
4316
</tbody>
2940
4317
</table></div>
4318
<p class="since">Since 2.6.0</p>
2941
4319
</div>
2942
4320
<hr>
2943
4321
<div class="refsect2" title="enum gnutls_server_name_type_t">
2948
4326
} gnutls_server_name_type_t;
2949
4327
</pre>
2950
4328
<p>
4329
Enumeration of different server name types.
2951
4330
</p>
4331
<div class="variablelist"><table border="0">
4332
<col align="left" valign="top">
4333
<tbody><tr>
4334
<td><p><a name="GNUTLS-NAME-DNS:CAPS"></a><span class="term"><code class="literal">GNUTLS_NAME_DNS</code></span></p></td>
4335
<td>Domain Name System name type.
4336
</td>
4337
</tr></tbody>
4338
</table></div>
2952
4339
</div>
2953
4340
<hr>
2954
4341
<div class="refsect2" title="gnutls_server_name_set ()">
2958
4345
<em class="parameter"><code>const <span class="type">void</span> *name</code></em>,
2959
4346
<em class="parameter"><code><span class="type">size_t</span> name_length</code></em>);</pre>
2960
4347
<p>
4348
This function is to be used by clients that want to inform (via a
4349
TLS extension mechanism) the server of the name they connected to.
4350
This should be used by clients that connect to servers that do
4351
virtual hosting.
4352
</p>
4353
<p>
4354
The value of <em class="parameter"><code>name</code></em> depends on the <em class="parameter"><code>type</code></em> type. In case of
4355
<a class="link" href="gnutls-gnutls.html#GNUTLS-NAME-DNS:CAPS"><code class="literal">GNUTLS_NAME_DNS</code></a>, an ASCII zero-terminated domain name string,
4356
without the trailing dot, is expected. IPv4 or IPv6 addresses are
4357
not permitted.
2961
4358
</p>
2962
4359
<div class="variablelist"><table border="0">
2963
4360
<col align="left" valign="top">
2964
4361
<tbody>
2965
4362
<tr>
2966
4363
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
2967
<td>
4364
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
2968
4365
</td>
2969
4366
</tr>
2970
4367
<tr>
2971
4368
<td><p><span class="term"><em class="parameter"><code>type</code></em> :</span></p></td>
2972
<td>
4369
<td>specifies the indicator type
2973
4370
</td>
2974
4371
</tr>
2975
4372
<tr>
2976
4373
<td><p><span class="term"><em class="parameter"><code>name</code></em> :</span></p></td>
2977
<td>
4374
<td>is a string that contains the server name.
2978
4375
</td>
2979
4376
</tr>
2980
4377
<tr>
2981
4378
<td><p><span class="term"><em class="parameter"><code>name_length</code></em> :</span></p></td>
2982
<td>
4379
<td>holds the length of name
2983
4380
</td>
2984
4381
</tr>
2985
4382
<tr>
2986
4383
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
2987
<td>
4384
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (zero) is returned,
4385
otherwise an error code is returned.
2988
4386
</td>
2989
4387
</tr>
2990
4388
</tbody>
2999
4397
<em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> *type</code></em>,
3000
4398
<em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> indx</code></em>);</pre>
3001
4399
<p>
4400
This function will allow you to get the name indication (if any), a
4401
client has sent. The name indication may be any of the enumeration
4402
gnutls_server_name_type_t.
4403
</p>
4404
<p>
4405
If <em class="parameter"><code>type</code></em> is GNUTLS_NAME_DNS, then this function is to be used by
4406
servers that support virtual hosting, and the data will be a null
4407
terminated UTF-8 string.
4408
</p>
4409
<p>
4410
If <em class="parameter"><code>data</code></em> has not enough size to hold the server name
4411
GNUTLS_E_SHORT_MEMORY_BUFFER is returned, and <em class="parameter"><code>data_length</code></em> will
4412
hold the required size.
4413
</p>
4414
<p>
4415
<em class="parameter"><code>index</code></em> is used to retrieve more than one server names (if sent by
4416
the client). The first server name has an index of 0, the second 1
4417
and so on. If no name with the given index exists
4418
GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE is returned.
3002
4419
</p>
3003
4420
<div class="variablelist"><table border="0">
3004
4421
<col align="left" valign="top">
3005
4422
<tbody>
3006
4423
<tr>
3007
4424
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
3008
<td>
4425
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
3009
4426
</td>
3010
4427
</tr>
3011
4428
<tr>
3012
4429
<td><p><span class="term"><em class="parameter"><code>data</code></em> :</span></p></td>
3013
<td>
4430
<td>will hold the data
3014
4431
</td>
3015
4432
</tr>
3016
4433
<tr>
3017
4434
<td><p><span class="term"><em class="parameter"><code>data_length</code></em> :</span></p></td>
3018
<td>
4435
<td>will hold the data length. Must hold the maximum size of data.
3019
4436
</td>
3020
4437
</tr>
3021
4438
<tr>
3022
4439
<td><p><span class="term"><em class="parameter"><code>type</code></em> :</span></p></td>
3023
<td>
4440
<td>will hold the server name indicator type
3024
4441
</td>
3025
4442
</tr>
3026
4443
<tr>
3027
4444
<td><p><span class="term"><em class="parameter"><code>indx</code></em> :</span></p></td>
3028
<td>
3029
</td>
3030
</tr>
3031
<tr>
3032
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
3033
<td>
3034
</td>
3035
</tr>
3036
</tbody>
3037
</table></div>
4445
<td>is the index of the server_name
4446
</td>
4447
</tr>
4448
<tr>
4449
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
4450
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (zero) is returned,
4451
otherwise an error code is returned.
4452
</td>
4453
</tr>
4454
</tbody>
4455
</table></div>
4456
</div>
4457
<hr>
4458
<div class="refsect2" title="gnutls_safe_renegotiation_status ()">
4459
<a name="gnutls-safe-renegotiation-status"></a><h3>gnutls_safe_renegotiation_status ()</h3>
4460
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_safe_renegotiation_status (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
4461
<p>
4462
Can be used to check whether safe renegotiation is being used
4463
in the current session.
4464
</p>
4465
<div class="variablelist"><table border="0">
4466
<col align="left" valign="top">
4467
<tbody>
4468
<tr>
4469
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
4470
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
4471
</td>
4472
</tr>
4473
<tr>
4474
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
4475
<td> 0 when safe renegotiation is not used and non zero when
4476
safe renegotiation is used.
4477
4478
</td>
4479
</tr>
4480
</tbody>
4481
</table></div>
4482
<p class="since">Since 2.10.0</p>
3038
4483
</div>
3039
4484
<hr>
3040
4485
<div class="refsect2" title="gnutls_oprfi_enable_client ()">
3049
4494
</p>
3050
4495
<p>
3051
4496
The data is copied into the session context after this call, so you
3052
may de-allocate it immediately after calling this function.</p>
4497
may de-allocate it immediately after calling this function.
4498
</p>
3053
4499
<div class="variablelist"><table border="0">
3054
4500
<col align="left" valign="top">
3055
4501
<tbody>
3138
4584
The callback can inspect the client-provided data in the input
3139
4585
parameters, and specify its own opaque prf input data in the output
3140
4586
variable. The function must return 0 on success, otherwise the
3141
handshake will be aborted.</p>
4587
handshake will be aborted.
4588
</p>
3142
4589
<div class="variablelist"><table border="0">
3143
4590
<col align="left" valign="top">
3144
4591
<tbody>
3164
4611
<div class="refsect2" title="enum gnutls_supplemental_data_format_type_t">
3165
4612
<a name="gnutls-supplemental-data-format-type-t"></a><h3>enum gnutls_supplemental_data_format_type_t</h3>
3166
4613
<pre class="programlisting"> typedef enum
3167
{
3168
GNUTLS_SUPPLEMENTAL_USER_MAPPING_DATA = 0
3169
} gnutls_supplemental_data_format_type_t;
4614
{
4615
GNUTLS_SUPPLEMENTAL_USER_MAPPING_DATA = 0
4616
} gnutls_supplemental_data_format_type_t;
3170
4617
</pre>
3171
4618
<p>
3172
</p>
3173
</div>
3174
<hr>
3175
<div class="refsect2" title="gnutls_supplemental_get_name ()">
3176
<a name="gnutls-supplemental-get-name"></a><h3>gnutls_supplemental_get_name ()</h3>
3177
<pre class="programlisting">const <span class="returnvalue">char</span> * gnutls_supplemental_get_name (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-supplemental-data-format-type-t" title="enum gnutls_supplemental_data_format_type_t"><span class="type">gnutls_supplemental_data_format_type_t</span></a> type</code></em>);</pre>
3178
<p>
3179
</p>
3180
<div class="variablelist"><table border="0">
3181
<col align="left" valign="top">
3182
<tbody>
3183
<tr>
3184
<td><p><span class="term"><em class="parameter"><code>type</code></em> :</span></p></td>
3185
<td>
3186
</td>
3187
</tr>
3188
<tr>
3189
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
3190
<td>
3191
</td>
3192
</tr>
3193
</tbody>
3194
</table></div>
4619
Enumeration of different supplemental data types (RFC 4680).
4620
</p>
4621
<div class="variablelist"><table border="0">
4622
<col align="left" valign="top">
4623
<tbody><tr>
4624
<td><p><a name="GNUTLS-SUPPLEMENTAL-USER-MAPPING-DATA:CAPS"></a><span class="term"><code class="literal">GNUTLS_SUPPLEMENTAL_USER_MAPPING_DATA</code></span></p></td>
4625
<td>Supplemental user mapping data.
4626
</td>
4627
</tr></tbody>
4628
</table></div>
4629
</div>
4630
<hr>
4631
<div class="refsect2" title="gnutls_session_ticket_key_generate ()">
4632
<a name="gnutls-session-ticket-key-generate"></a><h3>gnutls_session_ticket_key_generate ()</h3>
4633
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_session_ticket_key_generate (<em class="parameter"><code><span class="type">gnutls_datum_t</span> *key</code></em>);</pre>
4634
<p>
4635
Generate a random key to encrypt security parameters within
4636
SessionTicket.
4637
</p>
4638
<div class="variablelist"><table border="0">
4639
<col align="left" valign="top">
4640
<tbody>
4641
<tr>
4642
<td><p><span class="term"><em class="parameter"><code>key</code></em> :</span></p></td>
4643
<td>is a pointer to a <span class="type">gnutls_datum_t</span> which will contain a newly
4644
created key.
4645
</td>
4646
</tr>
4647
<tr>
4648
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
4649
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, or an
4650
error code.
4651
4652
</td>
4653
</tr>
4654
</tbody>
4655
</table></div>
4656
<p class="since">Since 2.10.0</p>
4657
</div>
4658
<hr>
4659
<div class="refsect2" title="gnutls_session_ticket_enable_client ()">
4660
<a name="gnutls-session-ticket-enable-client"></a><h3>gnutls_session_ticket_enable_client ()</h3>
4661
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_session_ticket_enable_client (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
4662
<p>
4663
Request that the client should attempt session resumption using
4664
SessionTicket.
4665
</p>
4666
<div class="variablelist"><table border="0">
4667
<col align="left" valign="top">
4668
<tbody>
4669
<tr>
4670
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
4671
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
4672
</td>
4673
</tr>
4674
<tr>
4675
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
4676
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, or an
4677
error code.
4678
4679
</td>
4680
</tr>
4681
</tbody>
4682
</table></div>
4683
<p class="since">Since 2.10.0</p>
4684
</div>
4685
<hr>
4686
<div class="refsect2" title="gnutls_session_ticket_enable_server ()">
4687
<a name="gnutls-session-ticket-enable-server"></a><h3>gnutls_session_ticket_enable_server ()</h3>
4688
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_session_ticket_enable_server (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
4689
<em class="parameter"><code>const <span class="type">gnutls_datum_t</span> *key</code></em>);</pre>
4690
<p>
4691
Request that the server should attempt session resumption using
4692
SessionTicket. <em class="parameter"><code>key</code></em> must be initialized with
4693
<a class="link" href="gnutls-gnutls.html#gnutls-session-ticket-key-generate" title="gnutls_session_ticket_key_generate ()"><code class="function">gnutls_session_ticket_key_generate()</code></a>.
4694
</p>
4695
<div class="variablelist"><table border="0">
4696
<col align="left" valign="top">
4697
<tbody>
4698
<tr>
4699
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
4700
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
4701
</td>
4702
</tr>
4703
<tr>
4704
<td><p><span class="term"><em class="parameter"><code>key</code></em> :</span></p></td>
4705
<td>key to encrypt session parameters.
4706
</td>
4707
</tr>
4708
<tr>
4709
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
4710
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, or an
4711
error code.
4712
4713
</td>
4714
</tr>
4715
</tbody>
4716
</table></div>
4717
<p class="since">Since 2.10.0</p>
3195
4718
</div>
3196
4719
<hr>
3197
4720
<div class="refsect2" title="gnutls_cipher_set_priority ()">
3199
4722
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_cipher_set_priority (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
3200
4723
<em class="parameter"><code>const <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> *list</code></em>);</pre>
3201
4724
<p>
4725
Sets the priority on the ciphers supported by gnutls. Priority is
4726
higher for elements specified before others. After specifying the
4727
ciphers you want, you must append a 0. Note that the priority is
4728
set on the client. The server does not use the algorithm's
4729
priority except for disabling algorithms that were not specified.
3202
4730
</p>
3203
4731
<div class="variablelist"><table border="0">
3204
4732
<col align="left" valign="top">
3205
4733
<tbody>
3206
4734
<tr>
3207
4735
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
3208
<td>
4736
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
3209
4737
</td>
3210
4738
</tr>
3211
4739
<tr>
3212
4740
<td><p><span class="term"><em class="parameter"><code>list</code></em> :</span></p></td>
3213
<td>
4741
<td>is a 0 terminated list of gnutls_cipher_algorithm_t elements.
3214
4742
</td>
3215
4743
</tr>
3216
4744
<tr>
3217
4745
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
3218
<td>
4746
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an error code.
3219
4747
</td>
3220
4748
</tr>
3221
4749
</tbody>
3227
4755
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_mac_set_priority (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
3228
4756
<em class="parameter"><code>const <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> *list</code></em>);</pre>
3229
4757
<p>
4758
Sets the priority on the mac algorithms supported by gnutls.
4759
Priority is higher for elements specified before others. After
4760
specifying the algorithms you want, you must append a 0. Note
4761
that the priority is set on the client. The server does not use
4762
the algorithm's priority except for disabling algorithms that were
4763
not specified.
3230
4764
</p>
3231
4765
<div class="variablelist"><table border="0">
3232
4766
<col align="left" valign="top">
3233
4767
<tbody>
3234
4768
<tr>
3235
4769
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
3236
<td>
4770
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
3237
4771
</td>
3238
4772
</tr>
3239
4773
<tr>
3240
4774
<td><p><span class="term"><em class="parameter"><code>list</code></em> :</span></p></td>
3241
<td>
4775
<td>is a 0 terminated list of gnutls_mac_algorithm_t elements.
3242
4776
</td>
3243
4777
</tr>
3244
4778
<tr>
3245
4779
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
3246
<td>
4780
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an error code.
3247
4781
</td>
3248
4782
</tr>
3249
4783
</tbody>
3255
4789
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_compression_set_priority (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
3256
4790
<em class="parameter"><code>const <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> *list</code></em>);</pre>
3257
4791
<p>
4792
Sets the priority on the compression algorithms supported by
4793
gnutls. Priority is higher for elements specified before others.
4794
After specifying the algorithms you want, you must append a 0.
4795
Note that the priority is set on the client. The server does not
4796
use the algorithm's priority except for disabling algorithms that
4797
were not specified.
4798
</p>
4799
<p>
4800
TLS 1.0 does not define any compression algorithms except
4801
NULL. Other compression algorithms are to be considered as gnutls
4802
extensions.
3258
4803
</p>
3259
4804
<div class="variablelist"><table border="0">
3260
4805
<col align="left" valign="top">
3261
4806
<tbody>
3262
4807
<tr>
3263
4808
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
3264
<td>
4809
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
3265
4810
</td>
3266
4811
</tr>
3267
4812
<tr>
3268
4813
<td><p><span class="term"><em class="parameter"><code>list</code></em> :</span></p></td>
3269
<td>
4814
<td>is a 0 terminated list of gnutls_compression_method_t elements.
3270
4815
</td>
3271
4816
</tr>
3272
4817
<tr>
3273
4818
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
3274
<td>
4819
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an error code.
3275
4820
</td>
3276
4821
</tr>
3277
4822
</tbody>
3283
4828
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_kx_set_priority (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
3284
4829
<em class="parameter"><code>const <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> *list</code></em>);</pre>
3285
4830
<p>
4831
Sets the priority on the key exchange algorithms supported by
4832
gnutls. Priority is higher for elements specified before others.
4833
After specifying the algorithms you want, you must append a 0.
4834
Note that the priority is set on the client. The server does not
4835
use the algorithm's priority except for disabling algorithms that
4836
were not specified.
3286
4837
</p>
3287
4838
<div class="variablelist"><table border="0">
3288
4839
<col align="left" valign="top">
3289
4840
<tbody>
3290
4841
<tr>
3291
4842
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
3292
<td>
4843
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
3293
4844
</td>
3294
4845
</tr>
3295
4846
<tr>
3296
4847
<td><p><span class="term"><em class="parameter"><code>list</code></em> :</span></p></td>
3297
<td>
4848
<td>is a 0 terminated list of gnutls_kx_algorithm_t elements.
3298
4849
</td>
3299
4850
</tr>
3300
4851
<tr>
3301
4852
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
3302
<td>
4853
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an error code.
3303
4854
</td>
3304
4855
</tr>
3305
4856
</tbody>
3311
4862
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_protocol_set_priority (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
3312
4863
<em class="parameter"><code>const <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> *list</code></em>);</pre>
3313
4864
<p>
4865
Sets the priority on the protocol versions supported by gnutls.
4866
This function actually enables or disables protocols. Newer protocol
4867
versions always have highest priority.
3314
4868
</p>
3315
4869
<div class="variablelist"><table border="0">
3316
4870
<col align="left" valign="top">
3317
4871
<tbody>
3318
4872
<tr>
3319
4873
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
3320
<td>
4874
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
3321
4875
</td>
3322
4876
</tr>
3323
4877
<tr>
3324
4878
<td><p><span class="term"><em class="parameter"><code>list</code></em> :</span></p></td>
3325
<td>
4879
<td>is a 0 terminated list of gnutls_protocol_t elements.
3326
4880
</td>
3327
4881
</tr>
3328
4882
<tr>
3329
4883
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
3330
<td>
4884
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an error code.
3331
4885
</td>
3332
4886
</tr>
3333
4887
</tbody>
3340
4894
(<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
3341
4895
<em class="parameter"><code>const <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> *list</code></em>);</pre>
3342
4896
<p>
4897
Sets the priority on the certificate types supported by gnutls.
4898
Priority is higher for elements specified before others.
4899
After specifying the types you want, you must append a 0.
4900
Note that the certificate type priority is set on the client.
4901
The server does not use the cert type priority except for disabling
4902
types that were not specified.
3343
4903
</p>
3344
4904
<div class="variablelist"><table border="0">
3345
4905
<col align="left" valign="top">
3346
4906
<tbody>
3347
4907
<tr>
3348
4908
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
3349
<td>
4909
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
3350
4910
</td>
3351
4911
</tr>
3352
4912
<tr>
3353
4913
<td><p><span class="term"><em class="parameter"><code>list</code></em> :</span></p></td>
3354
<td>
4914
<td>is a 0 terminated list of gnutls_certificate_type_t elements.
3355
4915
</td>
3356
4916
</tr>
3357
4917
<tr>
3358
4918
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
3359
<td>
4919
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an error code.
3360
4920
</td>
3361
4921
</tr>
3362
4922
</tbody>
3369
4929
<em class="parameter"><code>const <span class="type">char</span> *priorities</code></em>,
3370
4930
<em class="parameter"><code>const <span class="type">char</span> **err_pos</code></em>);</pre>
3371
4931
<p>
4932
Sets priorities for the ciphers, key exchange methods, MACs and
4933
compression methods. This provides a more flexible interface
4934
compared to the gnutls_*_priority functions.
4935
</p>
4936
<p>
4937
The <em class="parameter"><code>priorities</code></em> parameter allows you to specify a colon separated
4938
list of the cipher priorities to enable.
4939
</p>
4940
<p>
4941
Unless the first keyword is "NONE" the defaults (in preference
4942
order) are for TLS protocols TLS1.1, TLS1.0, SSL3.0; for
4943
compression NULL; for certificate types X.509, OpenPGP.
4944
</p>
4945
<p>
4946
For key exchange algorithms when in NORMAL or SECURE levels the
4947
perfect forward secrecy algorithms take precedence of the other
4948
protocols. In all cases all the supported key exchange algorithms
4949
are enabled (except for the RSA-EXPORT which is only enabled in
4950
EXPORT level).
4951
</p>
4952
<p>
4953
Note that although one can select very long key sizes (such as 256
4954
bits) for symmetric algorithms, to actually increase security the
4955
public key algorithms have to use longer key sizes as well.
4956
</p>
4957
<p>
4958
For all the current available algorithms and protocols use
4959
"gnutls-cli -l" to get a listing.
4960
</p>
4961
<p>
4962
Common keywords: Some keywords are defined to provide quick access
4963
to common preferences.
4964
</p>
4965
<p>
4966
"PERFORMANCE" means all the "secure" ciphersuites are enabled,
4967
limited to 128 bit ciphers and sorted by terms of speed
4968
performance.
4969
</p>
4970
<p>
4971
"NORMAL" means all "secure" ciphersuites. The 256-bit ciphers are
4972
included as a fallback only. The ciphers are sorted by security
4973
margin.
4974
</p>
4975
<p>
4976
"SECURE128" means all "secure" ciphersuites with ciphers up to 128
4977
bits, sorted by security margin.
4978
</p>
4979
<p>
4980
"SECURE256" means all "secure" ciphersuites including the 256 bit
4981
ciphers, sorted by security margin.
4982
</p>
4983
<p>
4984
"EXPORT" means all ciphersuites are enabled, including the
4985
low-security 40 bit ciphers.
4986
</p>
4987
<p>
4988
"NONE" means nothing is enabled. This disables even protocols and
4989
compression methods.
4990
</p>
4991
<p>
4992
Special keywords:
4993
"!" or "-" appended with an algorithm will remove this algorithm.
4994
</p>
4995
<p>
4996
"+" appended with an algorithm will add this algorithm.
4997
</p>
4998
<p>
4999
"<code class="literal">COMPAT</code>" will enable compatibility features for a server.
5000
</p>
5001
<p>
5002
"<code class="literal">DISABLE_SAFE_RENEGOTIATION</code>" will disable safe renegotiation
5003
completely. Do not use unless you know what you are doing.
5004
Testing purposes only.
5005
</p>
5006
<p>
5007
"<code class="literal">UNSAFE_RENEGOTIATION</code>" will allow handshakes and rehandshakes
5008
without the safe renegotiation extension. Note that for clients
5009
this mode is insecure (you may be under attack), and for servers it
5010
will allow insecure clients to connect (which could be fooled by an
5011
attacker). Do not use unless you know what you are doing and want
5012
maximum compatibility.
5013
</p>
5014
<p>
5015
"<code class="literal">PARTIAL_RENEGOTIATION</code>" will allow initial handshakes to proceed,
5016
but not rehandshakes. This leaves the client vulnerable to attack,
5017
and servers will be compatible with non-upgraded clients for
5018
initial handshakes. This is currently the default for clients and
5019
servers, for compatibility reasons.
5020
</p>
5021
<p>
5022
"<code class="literal">SAFE_RENEGOTIATION</code>" will enforce safe renegotiation. Clients and
5023
servers will refuse to talk to an insecure peer. Currently this
5024
causes operability problems, but is required for full protection.
5025
</p>
5026
<p>
5027
"<code class="literal">SSL3_RECORD_VERSION</code>" will use SSL3.0 record version in client
5028
hello.
5029
</p>
5030
<p>
5031
"<code class="literal">VERIFY_ALLOW_SIGN_RSA_MD5</code>" will allow RSA-MD5 signatures in
5032
certificate chains.
5033
</p>
5034
<p>
5035
"<code class="literal">VERIFY_ALLOW_X509_V1_CA_CRT</code>" will allow V1 CAs in chains.
5036
</p>
5037
<p>
5038
Namespace:
5039
To avoid collisions in order to specify a compression algorithm in
5040
this string you have to prefix it with "COMP-", protocol versions
5041
with "VERS-", signature algorithms with "SIGN-" and certificate
5042
types with "CTYPE-". Other algorithms don't need a prefix.
5043
</p>
5044
<p>
5045
Examples:
5046
"NORMAL:!AES-128-CBC" means normal ciphers except for AES-128.
5047
</p>
5048
<p>
5049
"EXPORT:!VERS-TLS1.0:+COMP-DEFLATE" means that export ciphers are
5050
enabled, TLS 1.0 is disabled, and libz compression enabled.
5051
</p>
5052
<p>
5053
"NONE:+VERS-TLS1.0:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL", "NORMAL",
5054
"<code class="literal">COMPAT</code>".
3372
5055
</p>
3373
5056
<div class="variablelist"><table border="0">
3374
5057
<col align="left" valign="top">
3375
5058
<tbody>
3376
5059
<tr>
3377
5060
<td><p><span class="term"><em class="parameter"><code>priority_cache</code></em> :</span></p></td>
3378
<td>
5061
<td>is a <span class="type">gnutls_prioritity_t</span> structure.
3379
5062
</td>
3380
5063
</tr>
3381
5064
<tr>
3382
5065
<td><p><span class="term"><em class="parameter"><code>priorities</code></em> :</span></p></td>
3383
<td>
5066
<td>is a string describing priorities
3384
5067
</td>
3385
5068
</tr>
3386
5069
<tr>
3387
5070
<td><p><span class="term"><em class="parameter"><code>err_pos</code></em> :</span></p></td>
3388
<td>
5071
<td>In case of an error this will have the position in the string the error occured
3389
5072
</td>
3390
5073
</tr>
3391
5074
<tr>
3392
5075
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
3393
<td>
5076
<td> On syntax error <a class="link" href="gnutls-gnutls.html#GNUTLS-E-INVALID-REQUEST:CAPS" title="GNUTLS_E_INVALID_REQUEST"><code class="literal">GNUTLS_E_INVALID_REQUEST</code></a> is returned,
5077
<a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an error code.
3394
5078
</td>
3395
5079
</tr>
3396
5080
</tbody>
3401
5085
<a name="gnutls-priority-deinit"></a><h3>gnutls_priority_deinit ()</h3>
3402
5086
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_priority_deinit (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-priority-t" title="gnutls_priority_t"><span class="type">gnutls_priority_t</span></a> priority_cache</code></em>);</pre>
3403
5087
<p>
5088
Deinitializes the priority cache.
3404
5089
</p>
3405
5090
<div class="variablelist"><table border="0">
3406
5091
<col align="left" valign="top">
3407
5092
<tbody><tr>
3408
5093
<td><p><span class="term"><em class="parameter"><code>priority_cache</code></em> :</span></p></td>
3409
<td>
5094
<td>is a <span class="type">gnutls_prioritity_t</span> structure.
3410
5095
</td>
3411
5096
</tr></tbody>
3412
5097
</table></div>
3417
5102
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_priority_set (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
3418
5103
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-priority-t" title="gnutls_priority_t"><span class="type">gnutls_priority_t</span></a> priority</code></em>);</pre>
3419
5104
<p>
5105
Sets the priorities to use on the ciphers, key exchange methods,
5106
macs and compression methods.
3420
5107
</p>
3421
5108
<div class="variablelist"><table border="0">
3422
5109
<col align="left" valign="top">
3423
5110
<tbody>
3424
5111
<tr>
3425
5112
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
3426
<td>
5113
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
3427
5114
</td>
3428
5115
</tr>
3429
5116
<tr>
3430
5117
<td><p><span class="term"><em class="parameter"><code>priority</code></em> :</span></p></td>
3431
<td>
5118
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-priority-t" title="gnutls_priority_t"><span class="type">gnutls_priority_t</span></a> structure.
3432
5119
</td>
3433
5120
</tr>
3434
5121
<tr>
3435
5122
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
3436
<td>
5123
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an error code.
3437
5124
</td>
3438
5125
</tr>
3439
5126
</tbody>
3446
5133
<em class="parameter"><code>const <span class="type">char</span> *priorities</code></em>,
3447
5134
<em class="parameter"><code>const <span class="type">char</span> **err_pos</code></em>);</pre>
3448
5135
<p>
5136
Sets the priorities to use on the ciphers, key exchange methods,
5137
macs and compression methods. This function avoids keeping a
5138
priority cache and is used to directly set string priorities to a
5139
TLS session. For documentation check the <a class="link" href="gnutls-gnutls.html#gnutls-priority-init" title="gnutls_priority_init ()"><code class="function">gnutls_priority_init()</code></a>.
3449
5140
</p>
3450
5141
<div class="variablelist"><table border="0">
3451
5142
<col align="left" valign="top">
3452
5143
<tbody>
3453
5144
<tr>
3454
5145
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
3455
<td>
5146
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
3456
5147
</td>
3457
5148
</tr>
3458
5149
<tr>
3459
5150
<td><p><span class="term"><em class="parameter"><code>priorities</code></em> :</span></p></td>
3460
<td>
5151
<td>is a string describing priorities
3461
5152
</td>
3462
5153
</tr>
3463
5154
<tr>
3464
5155
<td><p><span class="term"><em class="parameter"><code>err_pos</code></em> :</span></p></td>
3465
<td>
5156
<td>In case of an error this will have the position in the string the error occured
3466
5157
</td>
3467
5158
</tr>
3468
5159
<tr>
3469
5160
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
3470
<td>
5161
<td> On syntax error <a class="link" href="gnutls-gnutls.html#GNUTLS-E-INVALID-REQUEST:CAPS" title="GNUTLS_E_INVALID_REQUEST"><code class="literal">GNUTLS_E_INVALID_REQUEST</code></a> is returned,
5162
<a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an error code.
3471
5163
</td>
3472
5164
</tr>
3473
5165
</tbody>
3478
5170
<a name="gnutls-set-default-priority"></a><h3>gnutls_set_default_priority ()</h3>
3479
5171
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_set_default_priority (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
3480
5172
<p>
5173
Sets some default priority on the ciphers, key exchange methods,
5174
macs and compression methods.
5175
</p>
5176
<p>
5177
This is the same as calling:
5178
</p>
5179
<p>
5180
gnutls_priority_set_direct (session, "NORMAL", NULL);
5181
</p>
5182
<p>
5183
This function is kept around for backwards compatibility, but
5184
because of its wide use it is still fully supported. If you wish
5185
to allow users to provide a string that specify which ciphers to
5186
use (which is recommended), you should use
5187
<a class="link" href="gnutls-gnutls.html#gnutls-priority-set-direct" title="gnutls_priority_set_direct ()"><code class="function">gnutls_priority_set_direct()</code></a> or <a class="link" href="gnutls-gnutls.html#gnutls-priority-set" title="gnutls_priority_set ()"><code class="function">gnutls_priority_set()</code></a> instead.
3481
5188
</p>
3482
5189
<div class="variablelist"><table border="0">
3483
5190
<col align="left" valign="top">
3484
5191
<tbody>
3485
5192
<tr>
3486
5193
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
3487
<td>
5194
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
3488
5195
</td>
3489
5196
</tr>
3490
5197
<tr>
3491
5198
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
3492
<td>
5199
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an error code.
3493
5200
</td>
3494
5201
</tr>
3495
5202
</tbody>
3500
5207
<a name="gnutls-set-default-export-priority"></a><h3>gnutls_set_default_export_priority ()</h3>
3501
5208
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_set_default_export_priority (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
3502
5209
<p>
5210
Sets some default priority on the ciphers, key exchange methods, macs
5211
and compression methods. This function also includes weak algorithms.
5212
</p>
5213
<p>
5214
This is the same as calling:
5215
</p>
5216
<p>
5217
gnutls_priority_set_direct (session, "EXPORT", NULL);
5218
</p>
5219
<p>
5220
This function is kept around for backwards compatibility, but
5221
because of its wide use it is still fully supported. If you wish
5222
to allow users to provide a string that specify which ciphers to
5223
use (which is recommended), you should use
5224
<a class="link" href="gnutls-gnutls.html#gnutls-priority-set-direct" title="gnutls_priority_set_direct ()"><code class="function">gnutls_priority_set_direct()</code></a> or <a class="link" href="gnutls-gnutls.html#gnutls-priority-set" title="gnutls_priority_set ()"><code class="function">gnutls_priority_set()</code></a> instead.
3503
5225
</p>
3504
5226
<div class="variablelist"><table border="0">
3505
5227
<col align="left" valign="top">
3506
5228
<tbody>
3507
5229
<tr>
3508
5230
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
3509
<td>
5231
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
3510
5232
</td>
3511
5233
</tr>
3512
5234
<tr>
3513
5235
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
3514
<td>
5236
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an error code.
3515
5237
</td>
3516
5238
</tr>
3517
5239
</tbody>
3524
5246
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-cipher-algorithm-t" title="enum gnutls_cipher_algorithm_t"><span class="type">gnutls_cipher_algorithm_t</span></a> cipher_algorithm</code></em>,
3525
5247
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-mac-algorithm-t" title="enum gnutls_mac_algorithm_t"><span class="type">gnutls_mac_algorithm_t</span></a> mac_algorithm</code></em>);</pre>
3526
5248
<p>
5249
Note that the full cipher suite name must be prepended by TLS or
5250
SSL depending of the protocol in use.
3527
5251
</p>
3528
5252
<div class="variablelist"><table border="0">
3529
5253
<col align="left" valign="top">
3530
5254
<tbody>
3531
5255
<tr>
3532
5256
<td><p><span class="term"><em class="parameter"><code>kx_algorithm</code></em> :</span></p></td>
3533
<td>
5257
<td>is a Key exchange algorithm
3534
5258
</td>
3535
5259
</tr>
3536
5260
<tr>
3537
5261
<td><p><span class="term"><em class="parameter"><code>cipher_algorithm</code></em> :</span></p></td>
3538
<td>
5262
<td>is a cipher algorithm
3539
5263
</td>
3540
5264
</tr>
3541
5265
<tr>
3542
5266
<td><p><span class="term"><em class="parameter"><code>mac_algorithm</code></em> :</span></p></td>
3543
<td>
5267
<td>is a MAC algorithm
3544
5268
</td>
3545
5269
</tr>
3546
5270
<tr>
3547
5271
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
3548
<td>
5272
<td> a string that contains the name of a TLS cipher suite,
5273
specified by the given algorithms, or <code class="literal">NULL</code>.
3549
5274
</td>
3550
5275
</tr>
3551
5276
</tbody>
3556
5281
<a name="gnutls-protocol-get-version"></a><h3>gnutls_protocol_get_version ()</h3>
3557
5282
<pre class="programlisting"><a class="link" href="gnutls-gnutls.html#gnutls-protocol-t" title="enum gnutls_protocol_t"><span class="returnvalue">gnutls_protocol_t</span></a> gnutls_protocol_get_version (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
3558
5283
<p>
5284
Get TLS version, a <a class="link" href="gnutls-gnutls.html#gnutls-protocol-t" title="enum gnutls_protocol_t"><span class="type">gnutls_protocol_t</span></a> value.
3559
5285
</p>
3560
5286
<div class="variablelist"><table border="0">
3561
5287
<col align="left" valign="top">
3562
5288
<tbody>
3563
5289
<tr>
3564
5290
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
3565
<td>
5291
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
3566
5292
</td>
3567
5293
</tr>
3568
5294
<tr>
3569
5295
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
3570
<td>
5296
<td> the version of the currently used protocol.
3571
5297
</td>
3572
5298
</tr>
3573
5299
</tbody>
3578
5304
<a name="gnutls-protocol-get-name"></a><h3>gnutls_protocol_get_name ()</h3>
3579
5305
<pre class="programlisting">const <span class="returnvalue">char</span> * gnutls_protocol_get_name (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-protocol-t" title="enum gnutls_protocol_t"><span class="type">gnutls_protocol_t</span></a> version</code></em>);</pre>
3580
5306
<p>
5307
Convert a <a class="link" href="gnutls-gnutls.html#gnutls-protocol-t" title="enum gnutls_protocol_t"><span class="type">gnutls_protocol_t</span></a> value to a string.
3581
5308
</p>
3582
5309
<div class="variablelist"><table border="0">
3583
5310
<col align="left" valign="top">
3584
5311
<tbody>
3585
5312
<tr>
3586
5313
<td><p><span class="term"><em class="parameter"><code>version</code></em> :</span></p></td>
3587
<td>
5314
<td>is a (gnutls) version number
3588
5315
</td>
3589
5316
</tr>
3590
5317
<tr>
3591
5318
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
3592
<td>
5319
<td> a string that contains the name of the specified TLS
5320
version (e.g., "TLS1.0"), or <code class="literal">NULL</code>.
3593
5321
</td>
3594
5322
</tr>
3595
5323
</tbody>
3602
5330
<em class="parameter"><code>const <span class="type">void</span> *session_data</code></em>,
3603
5331
<em class="parameter"><code><span class="type">size_t</span> session_data_size</code></em>);</pre>
3604
5332
<p>
5333
Sets all session parameters, in order to resume a previously
5334
established session. The session data given must be the one
5335
returned by <a class="link" href="gnutls-gnutls.html#gnutls-session-get-data" title="gnutls_session_get_data ()"><code class="function">gnutls_session_get_data()</code></a>. This function should be
5336
called before <a class="link" href="gnutls-gnutls.html#gnutls-handshake" title="gnutls_handshake ()"><code class="function">gnutls_handshake()</code></a>.
5337
</p>
5338
<p>
5339
Keep in mind that session resuming is advisory. The server may
5340
choose not to resume the session, thus a full handshake will be
5341
performed.
3605
5342
</p>
3606
5343
<div class="variablelist"><table border="0">
3607
5344
<col align="left" valign="top">
3608
5345
<tbody>
3609
5346
<tr>
3610
5347
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
3611
<td>
5348
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
3612
5349
</td>
3613
5350
</tr>
3614
5351
<tr>
3615
5352
<td><p><span class="term"><em class="parameter"><code>session_data</code></em> :</span></p></td>
3616
<td>
5353
<td>is a pointer to space to hold the session.
3617
5354
</td>
3618
5355
</tr>
3619
5356
<tr>
3620
5357
<td><p><span class="term"><em class="parameter"><code>session_data_size</code></em> :</span></p></td>
3621
<td>
5358
<td>is the session's size
3622
5359
</td>
3623
5360
</tr>
3624
5361
<tr>
3625
5362
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
3626
<td>
5363
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise
5364
an error code is returned.
3627
5365
</td>
3628
5366
</tr>
3629
5367
</tbody>
3636
5374
<em class="parameter"><code><span class="type">void</span> *session_data</code></em>,
3637
5375
<em class="parameter"><code><span class="type">size_t</span> *session_data_size</code></em>);</pre>
3638
5376
<p>
5377
Returns all session parameters, in order to support resuming. The
5378
client should call this, and keep the returned session, if he
5379
wants to resume that current version later by calling
5380
<a class="link" href="gnutls-gnutls.html#gnutls-session-set-data" title="gnutls_session_set_data ()"><code class="function">gnutls_session_set_data()</code></a> This function must be called after a
5381
successful handshake.
5382
</p>
5383
<p>
5384
Resuming sessions is really useful and speedups connections after
5385
a successful one.
3639
5386
</p>
3640
5387
<div class="variablelist"><table border="0">
3641
5388
<col align="left" valign="top">
3642
5389
<tbody>
3643
5390
<tr>
3644
5391
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
3645
<td>
5392
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
3646
5393
</td>
3647
5394
</tr>
3648
5395
<tr>
3649
5396
<td><p><span class="term"><em class="parameter"><code>session_data</code></em> :</span></p></td>
3650
<td>
5397
<td>is a pointer to space to hold the session.
3651
5398
</td>
3652
5399
</tr>
3653
5400
<tr>
3654
5401
<td><p><span class="term"><em class="parameter"><code>session_data_size</code></em> :</span></p></td>
3655
<td>
5402
<td>is the session_data's size, or it will be set by the function.
3656
5403
</td>
3657
5404
</tr>
3658
5405
<tr>
3659
5406
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
3660
<td>
5407
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise
5408
an error code is returned.
3661
5409
</td>
3662
5410
</tr>
3663
5411
</tbody>
3669
5417
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_session_get_data2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
3670
5418
<em class="parameter"><code><span class="type">gnutls_datum_t</span> *data</code></em>);</pre>
3671
5419
<p>
5420
Returns all session parameters, in order to support resuming. The
5421
client should call this, and keep the returned session, if he wants
5422
to resume that current version later by calling
5423
<a class="link" href="gnutls-gnutls.html#gnutls-session-set-data" title="gnutls_session_set_data ()"><code class="function">gnutls_session_set_data()</code></a>. This function must be called after a
5424
successful handshake. The returned datum must be freed with
5425
<a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free"><code class="function">gnutls_free()</code></a>.
5426
</p>
5427
<p>
5428
Resuming sessions is really useful and speedups connections after
5429
a successful one.
3672
5430
</p>
3673
5431
<div class="variablelist"><table border="0">
3674
5432
<col align="left" valign="top">
3675
5433
<tbody>
3676
5434
<tr>
3677
5435
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
3678
<td>
5436
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
3679
5437
</td>
3680
5438
</tr>
3681
5439
<tr>
3682
5440
<td><p><span class="term"><em class="parameter"><code>data</code></em> :</span></p></td>
3683
<td>
5441
<td>is a pointer to a datum that will hold the session.
3684
5442
</td>
3685
5443
</tr>
3686
5444
<tr>
3687
5445
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
3688
<td>
5446
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise
5447
an error code is returned.
3689
5448
</td>
3690
5449
</tr>
3691
5450
</tbody>
3706
5465
<em class="parameter"><code><span class="type">void</span> *session_id</code></em>,
3707
5466
<em class="parameter"><code><span class="type">size_t</span> *session_id_size</code></em>);</pre>
3708
5467
<p>
5468
Returns the current session id. This can be used if you want to
5469
check if the next session you tried to resume was actually
5470
resumed. This is because resumed sessions have the same sessionID
5471
with the original session.
5472
</p>
5473
<p>
5474
Session id is some data set by the server, that identify the
5475
current session. In TLS 1.0 and SSL 3.0 session id is always less
5476
than 32 bytes.
3709
5477
</p>
3710
5478
<div class="variablelist"><table border="0">
3711
5479
<col align="left" valign="top">
3712
5480
<tbody>
3713
5481
<tr>
3714
5482
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
3715
<td>
5483
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
3716
5484
</td>
3717
5485
</tr>
3718
5486
<tr>
3719
5487
<td><p><span class="term"><em class="parameter"><code>session_id</code></em> :</span></p></td>
3720
<td>
5488
<td>is a pointer to space to hold the session id.
3721
5489
</td>
3722
5490
</tr>
3723
5491
<tr>
3724
5492
<td><p><span class="term"><em class="parameter"><code>session_id_size</code></em> :</span></p></td>
3725
<td>
5493
<td>is the session id's size, or it will be set by the function.
3726
5494
</td>
3727
5495
</tr>
3728
5496
<tr>
3729
5497
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
3730
<td>
5498
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise
5499
an error code is returned.
3731
5500
</td>
3732
5501
</tr>
3733
5502
</tbody>
3754
5523
<a name="gnutls-session-get-server-random"></a><h3>gnutls_session_get_server_random ()</h3>
3755
5524
<pre class="programlisting">const <span class="returnvalue">void</span> * gnutls_session_get_server_random (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
3756
5525
<p>
5526
Return a pointer to the 32-byte server random field used in the
5527
session. The pointer must not be modified or deallocated.
5528
</p>
5529
<p>
5530
If a server random value has not yet been established, the output
5531
will be garbage; in particular, a <code class="literal">NULL</code> return value should not be
5532
expected.
3757
5533
</p>
3758
5534
<div class="variablelist"><table border="0">
3759
5535
<col align="left" valign="top">
3760
5536
<tbody>
3761
5537
<tr>
3762
5538
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
3763
<td>
5539
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
3764
5540
</td>
3765
5541
</tr>
3766
5542
<tr>
3767
5543
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
3768
<td>
5544
<td> pointer to server random data.
3769
5545
</td>
3770
5546
</tr>
3771
5547
</tbody>
3776
5552
<a name="gnutls-session-get-client-random"></a><h3>gnutls_session_get_client_random ()</h3>
3777
5553
<pre class="programlisting">const <span class="returnvalue">void</span> * gnutls_session_get_client_random (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
3778
5554
<p>
5555
Return a pointer to the 32-byte client random field used in the
5556
session. The pointer must not be modified or deallocated.
5557
</p>
5558
<p>
5559
If a client random value has not yet been established, the output
5560
will be garbage; in particular, a <code class="literal">NULL</code> return value should not be
5561
expected.
3779
5562
</p>
3780
5563
<div class="variablelist"><table border="0">
3781
5564
<col align="left" valign="top">
3782
5565
<tbody>
3783
5566
<tr>
3784
5567
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
3785
<td>
5568
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
3786
5569
</td>
3787
5570
</tr>
3788
5571
<tr>
3789
5572
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
3790
<td>
5573
<td> pointer to client random data.
3791
5574
</td>
3792
5575
</tr>
3793
5576
</tbody>
3798
5581
<a name="gnutls-session-get-master-secret"></a><h3>gnutls_session_get_master_secret ()</h3>
3799
5582
<pre class="programlisting">const <span class="returnvalue">void</span> * gnutls_session_get_master_secret (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
3800
5583
<p>
5584
Return a pointer to the 48-byte master secret in the session. The
5585
pointer must not be modified or deallocated.
5586
</p>
5587
<p>
5588
If a master secret value has not yet been established, the output
5589
will be garbage; in particular, a <code class="literal">NULL</code> return value should not be
5590
expected.
5591
</p>
5592
<p>
5593
Consider using <a class="link" href="gnutls-gnutls.html#gnutls-prf" title="gnutls_prf ()"><code class="function">gnutls_prf()</code></a> rather than extracting the master
5594
secret and use it to derive further data.
3801
5595
</p>
3802
5596
<div class="variablelist"><table border="0">
3803
5597
<col align="left" valign="top">
3804
5598
<tbody>
3805
5599
<tr>
3806
5600
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
3807
<td>
5601
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
3808
5602
</td>
3809
5603
</tr>
3810
5604
<tr>
3811
5605
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
3812
<td>
5606
<td> pointer to master secret data.
3813
5607
</td>
3814
5608
</tr>
3815
5609
</tbody>
3871
5665
<p>
3872
5666
It is recommended that the function returns quickly in order to not
3873
5667
delay the handshake. Use the function to store a copy of the TLS
3874
finished message for later use.</p>
5668
finished message for later use.
5669
</p>
3875
5670
<div class="variablelist"><table border="0">
3876
5671
<col align="left" valign="top">
3877
5672
<tbody>
3894
5689
<a name="gnutls-session-is-resumed"></a><h3>gnutls_session_is_resumed ()</h3>
3895
5690
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_session_is_resumed (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
3896
5691
<p>
5692
Check whether session is resumed or not.
3897
5693
</p>
3898
5694
<div class="variablelist"><table border="0">
3899
5695
<col align="left" valign="top">
3900
5696
<tbody>
3901
5697
<tr>
3902
5698
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
3903
<td>
5699
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
3904
5700
</td>
3905
5701
</tr>
3906
5702
<tr>
3907
5703
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
3908
<td>
5704
<td> non zero if this session is resumed, or a zero if this is
5705
a new session.
3909
5706
</td>
3910
5707
</tr>
3911
5708
</tbody>
4007
5804
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_db_set_cache_expiration (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
4008
5805
<em class="parameter"><code><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> seconds</code></em>);</pre>
4009
5806
<p>
5807
Set the expiration time for resumed sessions. The default is 3600
5808
(one hour) at the time writing this.
4010
5809
</p>
4011
5810
<div class="variablelist"><table border="0">
4012
5811
<col align="left" valign="top">
4013
5812
<tbody>
4014
5813
<tr>
4015
5814
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
4016
<td>
5815
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
4017
5816
</td>
4018
5817
</tr>
4019
5818
<tr>
4020
5819
<td><p><span class="term"><em class="parameter"><code>seconds</code></em> :</span></p></td>
4021
<td>
5820
<td>is the number of seconds.
4022
5821
</td>
4023
5822
</tr>
4024
5823
</tbody>
4029
5828
<a name="gnutls-db-remove-session"></a><h3>gnutls_db_remove_session ()</h3>
4030
5829
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_db_remove_session (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
4031
5830
<p>
5831
This function will remove the current session data from the
5832
session database. This will prevent future handshakes reusing
5833
these session data. This function should be called if a session
5834
was terminated abnormally, and before <a class="link" href="gnutls-gnutls.html#gnutls-deinit" title="gnutls_deinit ()"><code class="function">gnutls_deinit()</code></a> is called.
5835
</p>
5836
<p>
5837
Normally <a class="link" href="gnutls-gnutls.html#gnutls-deinit" title="gnutls_deinit ()"><code class="function">gnutls_deinit()</code></a> will remove abnormally terminated
5838
sessions.
4032
5839
</p>
4033
5840
<div class="variablelist"><table border="0">
4034
5841
<col align="left" valign="top">
4035
5842
<tbody><tr>
4036
5843
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
4037
<td>
5844
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
4038
5845
</td>
4039
5846
</tr></tbody>
4040
5847
</table></div>
4045
5852
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_db_set_retrieve_function (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
4046
5853
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-db-retr-func" title="gnutls_db_retr_func ()"><span class="type">gnutls_db_retr_func</span></a> retr_func</code></em>);</pre>
4047
5854
<p>
5855
Sets the function that will be used to retrieve data from the
5856
resumed sessions database. This function must return a
5857
gnutls_datum_t containing the data on success, or a gnutls_datum_t
5858
containing null and 0 on failure.
5859
</p>
5860
<p>
5861
The datum's data must be allocated using the function
5862
<a class="link" href="gnutls-gnutls.html#gnutls-malloc" title="gnutls_malloc"><code class="function">gnutls_malloc()</code></a>.
5863
</p>
5864
<p>
5865
The first argument to <em class="parameter"><code>retr_func</code></em> will be null unless
5866
<a class="link" href="gnutls-gnutls.html#gnutls-db-set-ptr" title="gnutls_db_set_ptr ()"><code class="function">gnutls_db_set_ptr()</code></a> has been called.
4048
5867
</p>
4049
5868
<div class="variablelist"><table border="0">
4050
5869
<col align="left" valign="top">
4051
5870
<tbody>
4052
5871
<tr>
4053
5872
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
4054
<td>
5873
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
4055
5874
</td>
4056
5875
</tr>
4057
5876
<tr>
4058
5877
<td><p><span class="term"><em class="parameter"><code>retr_func</code></em> :</span></p></td>
4059
<td>
5878
<td>is the function.
4060
5879
</td>
4061
5880
</tr>
4062
5881
</tbody>
4068
5887
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_db_set_remove_function (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
4069
5888
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-db-remove-func" title="gnutls_db_remove_func ()"><span class="type">gnutls_db_remove_func</span></a> rem_func</code></em>);</pre>
4070
5889
<p>
5890
Sets the function that will be used to remove data from the
5891
resumed sessions database. This function must return 0 on success.
5892
</p>
5893
<p>
5894
The first argument to <em class="parameter"><code>rem_func</code></em> will be null unless
5895
<a class="link" href="gnutls-gnutls.html#gnutls-db-set-ptr" title="gnutls_db_set_ptr ()"><code class="function">gnutls_db_set_ptr()</code></a> has been called.
4071
5896
</p>
4072
5897
<div class="variablelist"><table border="0">
4073
5898
<col align="left" valign="top">
4074
5899
<tbody>
4075
5900
<tr>
4076
5901
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
4077
<td>
5902
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
4078
5903
</td>
4079
5904
</tr>
4080
5905
<tr>
4081
5906
<td><p><span class="term"><em class="parameter"><code>rem_func</code></em> :</span></p></td>
4082
<td>
5907
<td>is the function.
4083
5908
</td>
4084
5909
</tr>
4085
5910
</tbody>
4091
5916
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_db_set_store_function (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
4092
5917
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-db-store-func" title="gnutls_db_store_func ()"><span class="type">gnutls_db_store_func</span></a> store_func</code></em>);</pre>
4093
5918
<p>
5919
Sets the function that will be used to store data from the resumed
5920
sessions database. This function must remove 0 on success.
5921
</p>
5922
<p>
5923
The first argument to <code class="function">store_func()</code> will be null unless
5924
<a class="link" href="gnutls-gnutls.html#gnutls-db-set-ptr" title="gnutls_db_set_ptr ()"><code class="function">gnutls_db_set_ptr()</code></a> has been called.
4094
5925
</p>
4095
5926
<div class="variablelist"><table border="0">
4096
5927
<col align="left" valign="top">
4097
5928
<tbody>
4098
5929
<tr>
4099
5930
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
4100
<td>
5931
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
4101
5932
</td>
4102
5933
</tr>
4103
5934
<tr>
4104
5935
<td><p><span class="term"><em class="parameter"><code>store_func</code></em> :</span></p></td>
4105
<td>
5936
<td>is the function
4106
5937
</td>
4107
5938
</tr>
4108
5939
</tbody>
4114
5945
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_db_set_ptr (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
4115
5946
<em class="parameter"><code><span class="type">void</span> *ptr</code></em>);</pre>
4116
5947
<p>
5948
Sets the pointer that will be provided to db store, retrieve and
5949
delete functions, as the first argument.
4117
5950
</p>
4118
5951
<div class="variablelist"><table border="0">
4119
5952
<col align="left" valign="top">
4120
5953
<tbody>
4121
5954
<tr>
4122
5955
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
4123
<td>
5956
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
4124
5957
</td>
4125
5958
</tr>
4126
5959
<tr>
4127
5960
<td><p><span class="term"><em class="parameter"><code>ptr</code></em> :</span></p></td>
4128
<td>
5961
<td>is the pointer
4129
5962
</td>
4130
5963
</tr>
4131
5964
</tbody>
4136
5969
<a name="gnutls-db-get-ptr"></a><h3>gnutls_db_get_ptr ()</h3>
4137
5970
<pre class="programlisting"><span class="returnvalue">void</span> * gnutls_db_get_ptr (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
4138
5971
<p>
5972
Get db function pointer.
4139
5973
</p>
4140
5974
<div class="variablelist"><table border="0">
4141
5975
<col align="left" valign="top">
4142
5976
<tbody>
4143
5977
<tr>
4144
5978
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
4145
<td>
5979
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
4146
5980
</td>
4147
5981
</tr>
4148
5982
<tr>
4149
5983
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
4150
<td>
5984
<td> the pointer that will be sent to db store, retrieve and
5985
delete functions, as the first argument.
4151
5986
</td>
4152
5987
</tr>
4153
5988
</tbody>
4159
5994
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_db_check_entry (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
4160
5995
<em class="parameter"><code><span class="type">gnutls_datum_t</span> session_entry</code></em>);</pre>
4161
5996
<p>
5997
Check if database entry has expired. This function is to be used
5998
when you want to clear unnesessary session which occupy space in
5999
your backend.
4162
6000
</p>
4163
6001
<div class="variablelist"><table border="0">
4164
6002
<col align="left" valign="top">
4165
6003
<tbody>
4166
6004
<tr>
4167
6005
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
4168
<td>
6006
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
4169
6007
</td>
4170
6008
</tr>
4171
6009
<tr>
4172
6010
<td><p><span class="term"><em class="parameter"><code>session_entry</code></em> :</span></p></td>
4173
<td>
6011
<td>is the session data (not key)
4174
6012
</td>
4175
6013
</tr>
4176
6014
<tr>
4177
6015
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
4178
<td>
6016
<td> Returns <a class="link" href="gnutls-gnutls.html#GNUTLS-E-EXPIRED:CAPS" title="GNUTLS_E_EXPIRED"><code class="literal">GNUTLS_E_EXPIRED</code></a>, if the database entry has
6017
expired or 0 otherwise.
4179
6018
</td>
4180
6019
</tr>
4181
6020
</tbody>
4211
6050
(<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
4212
6051
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-handshake-post-client-hello-func" title="gnutls_handshake_post_client_hello_func ()"><span class="type">gnutls_handshake_post_client_hello_func</span></a> func</code></em>);</pre>
4213
6052
<p>
6053
This function will set a callback to be called after the client
6054
hello has been received (callback valid in server side only). This
6055
allows the server to adjust settings based on received extensions.
6056
</p>
6057
<p>
6058
Those settings could be ciphersuites, requesting certificate, or
6059
anything else except for version negotiation (this is done before
6060
the hello message is parsed).
6061
</p>
6062
<p>
6063
This callback must return 0 on success or a gnutls error code to
6064
terminate the handshake.
6065
</p>
6066
<p>
6067
Warning: You should not use this function to terminate the
6068
handshake based on client input unless you know what you are
6069
doing. Before the handshake is finished there is no way to know if
6070
there is a man-in-the-middle attack being performed.
4214
6071
</p>
4215
6072
<div class="variablelist"><table border="0">
4216
6073
<col align="left" valign="top">
4217
6074
<tbody>
4218
6075
<tr>
4219
6076
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
4220
<td>
6077
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
4221
6078
</td>
4222
6079
</tr>
4223
6080
<tr>
4224
6081
<td><p><span class="term"><em class="parameter"><code>func</code></em> :</span></p></td>
4225
<td>
6082
<td>is the function to be called
4226
6083
</td>
4227
6084
</tr>
4228
6085
</tbody>
4235
6092
(<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
4236
6093
<em class="parameter"><code><span class="type">size_t</span> max</code></em>);</pre>
4237
6094
<p>
6095
This function will set the maximum size of all handshake messages.
6096
Handshakes over this size are rejected with
6097
<a class="link" href="gnutls-gnutls.html#GNUTLS-E-HANDSHAKE-TOO-LARGE:CAPS" title="GNUTLS_E_HANDSHAKE_TOO_LARGE"><code class="literal">GNUTLS_E_HANDSHAKE_TOO_LARGE</code></a> error code. The default value is
6098
48kb which is typically large enough. Set this to 0 if you do not
6099
want to set an upper limit.
6100
</p>
6101
<p>
6102
The reason for restricting the handshake message sizes are to
6103
limit Denial of Service attacks.
4238
6104
</p>
4239
6105
<div class="variablelist"><table border="0">
4240
6106
<col align="left" valign="top">
4241
6107
<tbody>
4242
6108
<tr>
4243
6109
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
4244
<td>
6110
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
4245
6111
</td>
4246
6112
</tr>
4247
6113
<tr>
4248
6114
<td><p><span class="term"><em class="parameter"><code>max</code></em> :</span></p></td>
4249
<td>
6115
<td>is the maximum number.
4250
6116
</td>
4251
6117
</tr>
4252
6118
</tbody>
4257
6123
<a name="gnutls-check-version"></a><h3>gnutls_check_version ()</h3>
4258
6124
<pre class="programlisting">const <span class="returnvalue">char</span> * gnutls_check_version (<em class="parameter"><code>const <span class="type">char</span> *req_version</code></em>);</pre>
4259
6125
<p>
6126
Check GnuTLS Library version.
6127
</p>
6128
<p>
6129
See <a class="link" href="gnutls-gnutls.html#GNUTLS-VERSION:CAPS" title="GNUTLS_VERSION"><code class="literal">GNUTLS_VERSION</code></a> for a suitable <em class="parameter"><code>req_version</code></em> string.
4260
6130
</p>
4261
6131
<div class="variablelist"><table border="0">
4262
6132
<col align="left" valign="top">
4263
6133
<tbody>
4264
6134
<tr>
4265
6135
<td><p><span class="term"><em class="parameter"><code>req_version</code></em> :</span></p></td>
4266
<td>
6136
<td>version string to compare with, or <code class="literal">NULL</code>.
4267
6137
</td>
4268
6138
</tr>
4269
6139
<tr>
4270
6140
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
4271
<td>
6141
<td> Check that the version of the library is at
6142
minimum the one given as a string in <em class="parameter"><code>req_version</code></em> and return the
6143
actual version string of the library; return <code class="literal">NULL</code> if the
6144
condition is not met. If <code class="literal">NULL</code> is passed to this function no
6145
check is done and only the version string is returned.
4272
6146
</td>
4273
6147
</tr>
4274
6148
</tbody>
4279
6153
<a name="gnutls-credentials-clear"></a><h3>gnutls_credentials_clear ()</h3>
4280
6154
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_credentials_clear (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
4281
6155
<p>
6156
Clears all the credentials previously set in this session.
4282
6157
</p>
4283
6158
<div class="variablelist"><table border="0">
4284
6159
<col align="left" valign="top">
4285
6160
<tbody><tr>
4286
6161
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
4287
<td>
6162
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
4288
6163
</td>
4289
6164
</tr></tbody>
4290
6165
</table></div>
4296
6171
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-credentials-type-t" title="enum gnutls_credentials_type_t"><span class="type">gnutls_credentials_type_t</span></a> type</code></em>,
4297
6172
<em class="parameter"><code><span class="type">void</span> *cred</code></em>);</pre>
4298
6173
<p>
6174
Sets the needed credentials for the specified type. Eg username,
6175
password - or public and private keys etc. The <em class="parameter"><code>cred</code></em> parameter is
6176
a structure that depends on the specified type and on the current
6177
session (client or server).
6178
</p>
6179
<p>
6180
In order to minimize memory usage, and share credentials between
6181
several threads gnutls keeps a pointer to cred, and not the whole
6182
cred structure. Thus you will have to keep the structure allocated
6183
until you call <a class="link" href="gnutls-gnutls.html#gnutls-deinit" title="gnutls_deinit ()"><code class="function">gnutls_deinit()</code></a>.
6184
</p>
6185
<p>
6186
For <a class="link" href="gnutls-gnutls.html#GNUTLS-CRD-ANON:CAPS"><code class="literal">GNUTLS_CRD_ANON</code></a>, <em class="parameter"><code>cred</code></em> should be
6187
<span class="type">gnutls_anon_client_credentials_t</span> in case of a client. In case of
6188
a server it should be <span class="type">gnutls_anon_server_credentials_t</span>.
6189
</p>
6190
<p>
6191
For <a class="link" href="gnutls-gnutls.html#GNUTLS-CRD-SRP:CAPS"><code class="literal">GNUTLS_CRD_SRP</code></a>, <em class="parameter"><code>cred</code></em> should be <span class="type">gnutls_srp_client_credentials_t</span>
6192
in case of a client, and <span class="type">gnutls_srp_server_credentials_t</span>, in case
6193
of a server.
6194
</p>
6195
<p>
6196
For <a class="link" href="gnutls-gnutls.html#GNUTLS-CRD-CERTIFICATE:CAPS"><code class="literal">GNUTLS_CRD_CERTIFICATE</code></a>, <em class="parameter"><code>cred</code></em> should be
6197
<span class="type">gnutls_certificate_credentials_t</span>.
4299
6198
</p>
4300
6199
<div class="variablelist"><table border="0">
4301
6200
<col align="left" valign="top">
4302
6201
<tbody>
4303
6202
<tr>
4304
6203
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
4305
<td>
6204
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
4306
6205
</td>
4307
6206
</tr>
4308
6207
<tr>
4309
6208
<td><p><span class="term"><em class="parameter"><code>type</code></em> :</span></p></td>
4310
<td>
6209
<td>is the type of the credentials
4311
6210
</td>
4312
6211
</tr>
4313
6212
<tr>
4314
6213
<td><p><span class="term"><em class="parameter"><code>cred</code></em> :</span></p></td>
4315
<td>
6214
<td>is a pointer to a structure.
4316
6215
</td>
4317
6216
</tr>
4318
6217
<tr>
4319
6218
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
4320
<td>
6219
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (zero) is returned,
6220
otherwise an error code is returned.
4321
6221
</td>
4322
6222
</tr>
4323
6223
</tbody>
4343
6243
<a name="gnutls-anon-free-server-credentials"></a><h3>gnutls_anon_free_server_credentials ()</h3>
4344
6244
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_anon_free_server_credentials (<em class="parameter"><code><span class="type">gnutls_anon_server_credentials_t</span> sc</code></em>);</pre>
4345
6245
<p>
6246
This structure is complex enough to manipulate directly thus this
6247
helper function is provided in order to free (deallocate) it.
4346
6248
</p>
4347
6249
<div class="variablelist"><table border="0">
4348
6250
<col align="left" valign="top">
4349
6251
<tbody><tr>
4350
6252
<td><p><span class="term"><em class="parameter"><code>sc</code></em> :</span></p></td>
4351
<td>
6253
<td>is a <span class="type">gnutls_anon_server_credentials_t</span> structure.
4352
6254
</td>
4353
6255
</tr></tbody>
4354
6256
</table></div>
4359
6261
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_anon_allocate_server_credentials
4360
6262
(<em class="parameter"><code><span class="type">gnutls_anon_server_credentials_t</span> *sc</code></em>);</pre>
4361
6263
<p>
6264
This structure is complex enough to manipulate directly thus this
6265
helper function is provided in order to allocate it.
4362
6266
</p>
4363
6267
<div class="variablelist"><table border="0">
4364
6268
<col align="left" valign="top">
4365
6269
<tbody>
4366
6270
<tr>
4367
6271
<td><p><span class="term"><em class="parameter"><code>sc</code></em> :</span></p></td>
4368
<td>
6272
<td>is a pointer to a <span class="type">gnutls_anon_server_credentials_t</span> structure.
4369
6273
</td>
4370
6274
</tr>
4371
6275
<tr>
4372
6276
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
4373
<td>
6277
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an error code.
4374
6278
</td>
4375
6279
</tr>
4376
6280
</tbody>
4382
6286
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_anon_set_server_dh_params (<em class="parameter"><code><span class="type">gnutls_anon_server_credentials_t</span> res</code></em>,
4383
6287
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-dh-params-t" title="gnutls_dh_params_t"><span class="type">gnutls_dh_params_t</span></a> dh_params</code></em>);</pre>
4384
6288
<p>
6289
This function will set the Diffie-Hellman parameters for an
6290
anonymous server to use. These parameters will be used in
6291
Anonymous Diffie-Hellman cipher suites.
4385
6292
</p>
4386
6293
<div class="variablelist"><table border="0">
4387
6294
<col align="left" valign="top">
4388
6295
<tbody>
4389
6296
<tr>
4390
6297
<td><p><span class="term"><em class="parameter"><code>res</code></em> :</span></p></td>
4391
<td>
6298
<td>is a gnutls_anon_server_credentials_t structure
4392
6299
</td>
4393
6300
</tr>
4394
6301
<tr>
4395
6302
<td><p><span class="term"><em class="parameter"><code>dh_params</code></em> :</span></p></td>
4396
<td>
6303
<td>is a structure that holds Diffie-Hellman parameters.
4397
6304
</td>
4398
6305
</tr>
4399
6306
</tbody>
4406
6313
(<em class="parameter"><code><span class="type">gnutls_anon_server_credentials_t</span> res</code></em>,
4407
6314
<em class="parameter"><code><span class="type">gnutls_params_function</span> *func</code></em>);</pre>
4408
6315
<p>
6316
This function will set a callback in order for the server to get
6317
the Diffie-Hellman parameters for anonymous authentication. The
6318
callback should return zero on success.
4409
6319
</p>
4410
6320
<div class="variablelist"><table border="0">
4411
6321
<col align="left" valign="top">
4412
6322
<tbody>
4413
6323
<tr>
4414
6324
<td><p><span class="term"><em class="parameter"><code>res</code></em> :</span></p></td>
4415
<td>
6325
<td>is a gnutls_certificate_credentials_t structure
4416
6326
</td>
4417
6327
</tr>
4418
6328
<tr>
4419
6329
<td><p><span class="term"><em class="parameter"><code>func</code></em> :</span></p></td>
4420
<td>
6330
<td>is the function to be called
4421
6331
</td>
4422
6332
</tr>
4423
6333
</tbody>
4428
6338
<a name="gnutls-anon-free-client-credentials"></a><h3>gnutls_anon_free_client_credentials ()</h3>
4429
6339
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_anon_free_client_credentials (<em class="parameter"><code><span class="type">gnutls_anon_client_credentials_t</span> sc</code></em>);</pre>
4430
6340
<p>
6341
This structure is complex enough to manipulate directly thus this
6342
helper function is provided in order to free (deallocate) it.
4431
6343
</p>
4432
6344
<div class="variablelist"><table border="0">
4433
6345
<col align="left" valign="top">
4434
6346
<tbody><tr>
4435
6347
<td><p><span class="term"><em class="parameter"><code>sc</code></em> :</span></p></td>
4436
<td>
6348
<td>is a <span class="type">gnutls_anon_client_credentials_t</span> structure.
4437
6349
</td>
4438
6350
</tr></tbody>
4439
6351
</table></div>
4444
6356
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_anon_allocate_client_credentials
4445
6357
(<em class="parameter"><code><span class="type">gnutls_anon_client_credentials_t</span> *sc</code></em>);</pre>
4446
6358
<p>
6359
This structure is complex enough to manipulate directly thus
6360
this helper function is provided in order to allocate it.
4447
6361
</p>
4448
6362
<div class="variablelist"><table border="0">
4449
6363
<col align="left" valign="top">
4450
6364
<tbody>
4451
6365
<tr>
4452
6366
<td><p><span class="term"><em class="parameter"><code>sc</code></em> :</span></p></td>
4453
<td>
6367
<td>is a pointer to a <span class="type">gnutls_anon_client_credentials_t</span> structure.
4454
6368
</td>
4455
6369
</tr>
4456
6370
<tr>
4457
6371
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
4458
<td>
6372
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an error code.
4459
6373
</td>
4460
6374
</tr>
4461
6375
</tbody>
4466
6380
<a name="gnutls-certificate-free-credentials"></a><h3>gnutls_certificate_free_credentials ()</h3>
4467
6381
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_certificate_free_credentials (<em class="parameter"><code><span class="type">gnutls_certificate_credentials_t</span> sc</code></em>);</pre>
4468
6382
<p>
6383
This structure is complex enough to manipulate directly thus this
6384
helper function is provided in order to free (deallocate) it.
6385
</p>
6386
<p>
6387
This function does not free any temporary parameters associated
6388
with this structure (ie RSA and DH parameters are not freed by this
6389
function).
4469
6390
</p>
4470
6391
<div class="variablelist"><table border="0">
4471
6392
<col align="left" valign="top">
4472
6393
<tbody><tr>
4473
6394
<td><p><span class="term"><em class="parameter"><code>sc</code></em> :</span></p></td>
4474
<td>
6395
<td>is a <span class="type">gnutls_certificate_credentials_t</span> structure.
4475
6396
</td>
4476
6397
</tr></tbody>
4477
6398
</table></div>
4482
6403
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_certificate_allocate_credentials
4483
6404
(<em class="parameter"><code><span class="type">gnutls_certificate_credentials_t</span> *res</code></em>);</pre>
4484
6405
<p>
6406
This structure is complex enough to manipulate directly thus this
6407
helper function is provided in order to allocate it.
4485
6408
</p>
4486
6409
<div class="variablelist"><table border="0">
4487
6410
<col align="left" valign="top">
4488
6411
<tbody>
4489
6412
<tr>
4490
6413
<td><p><span class="term"><em class="parameter"><code>res</code></em> :</span></p></td>
4491
<td>
6414
<td>is a pointer to a <span class="type">gnutls_certificate_credentials_t</span> structure.
4492
6415
</td>
4493
6416
</tr>
4494
6417
<tr>
4495
6418
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
4496
<td>
6419
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an error code.
4497
6420
</td>
4498
6421
</tr>
4499
6422
</tbody>
4504
6427
<a name="gnutls-certificate-free-keys"></a><h3>gnutls_certificate_free_keys ()</h3>
4505
6428
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_certificate_free_keys (<em class="parameter"><code><span class="type">gnutls_certificate_credentials_t</span> sc</code></em>);</pre>
4506
6429
<p>
6430
This function will delete all the keys and the certificates associated
6431
with the given credentials. This function must not be called when a
6432
TLS negotiation that uses the credentials is in progress.
4507
6433
</p>
4508
6434
<div class="variablelist"><table border="0">
4509
6435
<col align="left" valign="top">
4510
6436
<tbody><tr>
4511
6437
<td><p><span class="term"><em class="parameter"><code>sc</code></em> :</span></p></td>
4512
<td>
6438
<td>is a <span class="type">gnutls_certificate_credentials_t</span> structure.
4513
6439
</td>
4514
6440
</tr></tbody>
4515
6441
</table></div>
4519
6445
<a name="gnutls-certificate-free-cas"></a><h3>gnutls_certificate_free_cas ()</h3>
4520
6446
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_certificate_free_cas (<em class="parameter"><code><span class="type">gnutls_certificate_credentials_t</span> sc</code></em>);</pre>
4521
6447
<p>
6448
This function will delete all the CAs associated with the given
6449
credentials. Servers that do not use
6450
<a class="link" href="gnutls-gnutls.html#gnutls-certificate-verify-peers2" title="gnutls_certificate_verify_peers2 ()"><code class="function">gnutls_certificate_verify_peers2()</code></a> may call this to save some
6451
memory.
4522
6452
</p>
4523
6453
<div class="variablelist"><table border="0">
4524
6454
<col align="left" valign="top">
4525
6455
<tbody><tr>
4526
6456
<td><p><span class="term"><em class="parameter"><code>sc</code></em> :</span></p></td>
4527
<td>
6457
<td>is a <span class="type">gnutls_certificate_credentials_t</span> structure.
4528
6458
</td>
4529
6459
</tr></tbody>
4530
6460
</table></div>
4534
6464
<a name="gnutls-certificate-free-ca-names"></a><h3>gnutls_certificate_free_ca_names ()</h3>
4535
6465
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_certificate_free_ca_names (<em class="parameter"><code><span class="type">gnutls_certificate_credentials_t</span> sc</code></em>);</pre>
4536
6466
<p>
6467
This function will delete all the CA name in the given
6468
credentials. Clients may call this to save some memory since in
6469
client side the CA names are not used.
6470
</p>
6471
<p>
6472
CA names are used by servers to advertize the CAs they support to
6473
clients.
4537
6474
</p>
4538
6475
<div class="variablelist"><table border="0">
4539
6476
<col align="left" valign="top">
4540
6477
<tbody><tr>
4541
6478
<td><p><span class="term"><em class="parameter"><code>sc</code></em> :</span></p></td>
4542
<td>
6479
<td>is a <span class="type">gnutls_certificate_credentials_t</span> structure.
4543
6480
</td>
4544
6481
</tr></tbody>
4545
6482
</table></div>
4549
6486
<a name="gnutls-certificate-free-crls"></a><h3>gnutls_certificate_free_crls ()</h3>
4550
6487
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_certificate_free_crls (<em class="parameter"><code><span class="type">gnutls_certificate_credentials_t</span> sc</code></em>);</pre>
4551
6488
<p>
6489
This function will delete all the CRLs associated
6490
with the given credentials.
4552
6491
</p>
4553
6492
<div class="variablelist"><table border="0">
4554
6493
<col align="left" valign="top">
4555
6494
<tbody><tr>
4556
6495
<td><p><span class="term"><em class="parameter"><code>sc</code></em> :</span></p></td>
4557
<td>
6496
<td>is a <span class="type">gnutls_certificate_credentials_t</span> structure.
4558
6497
</td>
4559
6498
</tr></tbody>
4560
6499
</table></div>
4565
6504
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_certificate_set_dh_params (<em class="parameter"><code><span class="type">gnutls_certificate_credentials_t</span> res</code></em>,
4566
6505
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-dh-params-t" title="gnutls_dh_params_t"><span class="type">gnutls_dh_params_t</span></a> dh_params</code></em>);</pre>
4567
6506
<p>
6507
This function will set the Diffie-Hellman parameters for a
6508
certificate server to use. These parameters will be used in
6509
Ephemeral Diffie-Hellman cipher suites. Note that only a pointer
6510
to the parameters are stored in the certificate handle, so if you
6511
deallocate the parameters before the certificate is deallocated,
6512
you must change the parameters stored in the certificate first.
4568
6513
</p>
4569
6514
<div class="variablelist"><table border="0">
4570
6515
<col align="left" valign="top">
4571
6516
<tbody>
4572
6517
<tr>
4573
6518
<td><p><span class="term"><em class="parameter"><code>res</code></em> :</span></p></td>
4574
<td>
6519
<td>is a gnutls_certificate_credentials_t structure
4575
6520
</td>
4576
6521
</tr>
4577
6522
<tr>
4578
6523
<td><p><span class="term"><em class="parameter"><code>dh_params</code></em> :</span></p></td>
4579
<td>
6524
<td>is a structure that holds Diffie-Hellman parameters.
4580
6525
</td>
4581
6526
</tr>
4582
6527
</tbody>
4589
6534
(<em class="parameter"><code><span class="type">gnutls_certificate_credentials_t</span> res</code></em>,
4590
6535
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-rsa-params-t" title="gnutls_rsa_params_t"><span class="type">gnutls_rsa_params_t</span></a> rsa_params</code></em>);</pre>
4591
6536
<p>
6537
This function will set the temporary RSA parameters for a
6538
certificate server to use. These parameters will be used in
6539
RSA-EXPORT cipher suites.
4592
6540
</p>
4593
6541
<div class="variablelist"><table border="0">
4594
6542
<col align="left" valign="top">
4595
6543
<tbody>
4596
6544
<tr>
4597
6545
<td><p><span class="term"><em class="parameter"><code>res</code></em> :</span></p></td>
4598
<td>
6546
<td>is a gnutls_certificate_credentials_t structure
4599
6547
</td>
4600
6548
</tr>
4601
6549
<tr>
4602
6550
<td><p><span class="term"><em class="parameter"><code>rsa_params</code></em> :</span></p></td>
4603
<td>
6551
<td>is a structure that holds temporary RSA parameters.
4604
6552
</td>
4605
6553
</tr>
4606
6554
</tbody>
4612
6560
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_certificate_set_verify_flags (<em class="parameter"><code><span class="type">gnutls_certificate_credentials_t</span> res</code></em>,
4613
6561
<em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> flags</code></em>);</pre>
4614
6562
<p>
6563
This function will set the flags to be used at verification of the
6564
certificates. Flags must be OR of the
6565
<a class="link" href="gnutls-x509.html#gnutls-certificate-verify-flags" title="enum gnutls_certificate_verify_flags"><span class="type">gnutls_certificate_verify_flags</span></a> enumerations.
4615
6566
</p>
4616
6567
<div class="variablelist"><table border="0">
4617
6568
<col align="left" valign="top">
4618
6569
<tbody>
4619
6570
<tr>
4620
6571
<td><p><span class="term"><em class="parameter"><code>res</code></em> :</span></p></td>
4621
<td>
6572
<td>is a gnutls_certificate_credentials_t structure
4622
6573
</td>
4623
6574
</tr>
4624
6575
<tr>
4625
6576
<td><p><span class="term"><em class="parameter"><code>flags</code></em> :</span></p></td>
4626
<td>
6577
<td>are the flags
4627
6578
</td>
4628
6579
</tr>
4629
6580
</tbody>
4637
6588
<em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> max_bits</code></em>,
4638
6589
<em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> max_depth</code></em>);</pre>
4639
6590
<p>
6591
This function will set some upper limits for the default
6592
verification function, <a class="link" href="gnutls-gnutls.html#gnutls-certificate-verify-peers2" title="gnutls_certificate_verify_peers2 ()"><code class="function">gnutls_certificate_verify_peers2()</code></a>, to avoid
6593
denial of service attacks. You can set them to zero to disable
6594
limits.
4640
6595
</p>
4641
6596
<div class="variablelist"><table border="0">
4642
6597
<col align="left" valign="top">
4643
6598
<tbody>
4644
6599
<tr>
4645
6600
<td><p><span class="term"><em class="parameter"><code>res</code></em> :</span></p></td>
4646
<td>
6601
<td>is a gnutls_certificate_credentials structure
4647
6602
</td>
4648
6603
</tr>
4649
6604
<tr>
4650
6605
<td><p><span class="term"><em class="parameter"><code>max_bits</code></em> :</span></p></td>
4651
<td>
6606
<td>is the number of bits of an acceptable certificate (default 8200)
4652
6607
</td>
4653
6608
</tr>
4654
6609
<tr>
4655
6610
<td><p><span class="term"><em class="parameter"><code>max_depth</code></em> :</span></p></td>
4656
<td>
6611
<td>is maximum depth of the verification of a certificate chain (default 5)
4657
6612
</td>
4658
6613
</tr>
4659
6614
</tbody>
4667
6622
<em class="parameter"><code>const <span class="type">char</span> *cafile</code></em>,
4668
6623
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> type</code></em>);</pre>
4669
6624
<p>
6625
This function adds the trusted CAs in order to verify client or
6626
server certificates. In case of a client this is not required to
6627
be called if the certificates are not verified using
6628
<a class="link" href="gnutls-gnutls.html#gnutls-certificate-verify-peers2" title="gnutls_certificate_verify_peers2 ()"><code class="function">gnutls_certificate_verify_peers2()</code></a>. This function may be called
6629
multiple times.
6630
</p>
6631
<p>
6632
In case of a server the names of the CAs set here will be sent to
6633
the client if a certificate request is sent. This can be disabled
6634
using <a class="link" href="gnutls-gnutls.html#gnutls-certificate-send-x509-rdn-sequence" title="gnutls_certificate_send_x509_rdn_sequence ()"><code class="function">gnutls_certificate_send_x509_rdn_sequence()</code></a>.
4670
6635
</p>
4671
6636
<div class="variablelist"><table border="0">
4672
6637
<col align="left" valign="top">
4673
6638
<tbody>
4674
6639
<tr>
4675
6640
<td><p><span class="term"><em class="parameter"><code>res</code></em> :</span></p></td>
4676
<td>
6641
<td>is a <span class="type">gnutls_certificate_credentials_t</span> structure.
4677
6642
</td>
4678
6643
</tr>
4679
6644
<tr>
4680
6645
<td><p><span class="term"><em class="parameter"><code>cafile</code></em> :</span></p></td>
4681
<td>
6646
<td>is a file containing the list of trusted CAs (DER or PEM list)
4682
6647
</td>
4683
6648
</tr>
4684
6649
<tr>
4685
6650
<td><p><span class="term"><em class="parameter"><code>type</code></em> :</span></p></td>
4686
<td>
6651
<td>is PEM or DER
4687
6652
</td>
4688
6653
</tr>
4689
6654
<tr>
4690
6655
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
4691
<td>
6656
<td> number of certificates processed, or a negative value on
6657
error.
4692
6658
</td>
4693
6659
</tr>
4694
6660
</tbody>
4702
6668
<em class="parameter"><code>const <span class="type">gnutls_datum_t</span> *ca</code></em>,
4703
6669
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> type</code></em>);</pre>
4704
6670
<p>
6671
This function adds the trusted CAs in order to verify client or
6672
server certificates. In case of a client this is not required to be
6673
called if the certificates are not verified using
6674
<a class="link" href="gnutls-gnutls.html#gnutls-certificate-verify-peers2" title="gnutls_certificate_verify_peers2 ()"><code class="function">gnutls_certificate_verify_peers2()</code></a>. This function may be called
6675
multiple times.
6676
</p>
6677
<p>
6678
In case of a server the CAs set here will be sent to the client if
6679
a certificate request is sent. This can be disabled using
6680
<a class="link" href="gnutls-gnutls.html#gnutls-certificate-send-x509-rdn-sequence" title="gnutls_certificate_send_x509_rdn_sequence ()"><code class="function">gnutls_certificate_send_x509_rdn_sequence()</code></a>.
4705
6681
</p>
4706
6682
<div class="variablelist"><table border="0">
4707
6683
<col align="left" valign="top">
4708
6684
<tbody>
4709
6685
<tr>
4710
6686
<td><p><span class="term"><em class="parameter"><code>res</code></em> :</span></p></td>
4711
<td>
6687
<td>is a <span class="type">gnutls_certificate_credentials_t</span> structure.
4712
6688
</td>
4713
6689
</tr>
4714
6690
<tr>
4715
6691
<td><p><span class="term"><em class="parameter"><code>ca</code></em> :</span></p></td>
4716
<td>
6692
<td>is a list of trusted CAs or a DER certificate
4717
6693
</td>
4718
6694
</tr>
4719
6695
<tr>
4720
6696
<td><p><span class="term"><em class="parameter"><code>type</code></em> :</span></p></td>
4721
<td>
6697
<td>is DER or PEM
4722
6698
</td>
4723
6699
</tr>
4724
6700
<tr>
4725
6701
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
4726
<td>
6702
<td> the number of certificates processed or a negative value
6703
on error.
4727
6704
</td>
4728
6705
</tr>
4729
6706
</tbody>
4737
6714
<em class="parameter"><code>const <span class="type">char</span> *crlfile</code></em>,
4738
6715
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> type</code></em>);</pre>
4739
6716
<p>
6717
This function adds the trusted CRLs in order to verify client or server
6718
certificates. In case of a client this is not required
6719
to be called if the certificates are not verified using
6720
<a class="link" href="gnutls-gnutls.html#gnutls-certificate-verify-peers2" title="gnutls_certificate_verify_peers2 ()"><code class="function">gnutls_certificate_verify_peers2()</code></a>.
6721
This function may be called multiple times.
4740
6722
</p>
4741
6723
<div class="variablelist"><table border="0">
4742
6724
<col align="left" valign="top">
4743
6725
<tbody>
4744
6726
<tr>
4745
6727
<td><p><span class="term"><em class="parameter"><code>res</code></em> :</span></p></td>
4746
<td>
6728
<td>is a <span class="type">gnutls_certificate_credentials_t</span> structure.
4747
6729
</td>
4748
6730
</tr>
4749
6731
<tr>
4750
6732
<td><p><span class="term"><em class="parameter"><code>crlfile</code></em> :</span></p></td>
4751
<td>
6733
<td>is a file containing the list of verified CRLs (DER or PEM list)
4752
6734
</td>
4753
6735
</tr>
4754
6736
<tr>
4755
6737
<td><p><span class="term"><em class="parameter"><code>type</code></em> :</span></p></td>
4756
<td>
6738
<td>is PEM or DER
4757
6739
</td>
4758
6740
</tr>
4759
6741
<tr>
4760
6742
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
4761
<td>
6743
<td> number of CRLs processed or a negative value on error.
4762
6744
</td>
4763
6745
</tr>
4764
6746
</tbody>
4771
6753
<em class="parameter"><code>const <span class="type">gnutls_datum_t</span> *CRL</code></em>,
4772
6754
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> type</code></em>);</pre>
4773
6755
<p>
6756
This function adds the trusted CRLs in order to verify client or
6757
server certificates. In case of a client this is not required to
6758
be called if the certificates are not verified using
6759
<a class="link" href="gnutls-gnutls.html#gnutls-certificate-verify-peers2" title="gnutls_certificate_verify_peers2 ()"><code class="function">gnutls_certificate_verify_peers2()</code></a>. This function may be called
6760
multiple times.
4774
6761
</p>
4775
6762
<div class="variablelist"><table border="0">
4776
6763
<col align="left" valign="top">
4777
6764
<tbody>
4778
6765
<tr>
4779
6766
<td><p><span class="term"><em class="parameter"><code>res</code></em> :</span></p></td>
4780
<td>
6767
<td>is a <span class="type">gnutls_certificate_credentials_t</span> structure.
4781
6768
</td>
4782
6769
</tr>
4783
6770
<tr>
4784
6771
<td><p><span class="term"><em class="parameter"><code>CRL</code></em> :</span></p></td>
4785
<td>
6772
<td>is a list of trusted CRLs. They should have been verified before.
4786
6773
</td>
4787
6774
</tr>
4788
6775
<tr>
4789
6776
<td><p><span class="term"><em class="parameter"><code>type</code></em> :</span></p></td>
4790
<td>
6777
<td>is DER or PEM
4791
6778
</td>
4792
6779
</tr>
4793
6780
<tr>
4794
6781
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
4795
<td>
6782
<td> number of CRLs processed, or a negative value on error.
4796
6783
</td>
4797
6784
</tr>
4798
6785
</tbody>
4807
6794
<em class="parameter"><code>const <span class="type">char</span> *keyfile</code></em>,
4808
6795
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> type</code></em>);</pre>
4809
6796
<p>
6797
This function sets a certificate/private key pair in the
6798
gnutls_certificate_credentials_t structure. This function may be
6799
called more than once (in case multiple keys/certificates exist for
6800
the server). For clients that wants to send more than its own end
6801
entity certificate (e.g., also an intermediate CA cert) then put
6802
the certificate chain in <em class="parameter"><code>certfile</code></em>.
6803
</p>
6804
<p>
6805
Currently only PKCS-1 encoded RSA and DSA private keys are accepted by
6806
this function.
4810
6807
</p>
4811
6808
<div class="variablelist"><table border="0">
4812
6809
<col align="left" valign="top">
4813
6810
<tbody>
4814
6811
<tr>
4815
6812
<td><p><span class="term"><em class="parameter"><code>res</code></em> :</span></p></td>
4816
<td>
6813
<td>is a <span class="type">gnutls_certificate_credentials_t</span> structure.
4817
6814
</td>
4818
6815
</tr>
4819
6816
<tr>
4820
6817
<td><p><span class="term"><em class="parameter"><code>certfile</code></em> :</span></p></td>
4821
<td>
6818
<td>is a file that containing the certificate list (path) for
6819
the specified private key, in PKCS7 format, or a list of certificates
4822
6820
</td>
4823
6821
</tr>
4824
6822
<tr>
4825
6823
<td><p><span class="term"><em class="parameter"><code>keyfile</code></em> :</span></p></td>
4826
<td>
6824
<td>is a file that contains the private key
4827
6825
</td>
4828
6826
</tr>
4829
6827
<tr>
4830
6828
<td><p><span class="term"><em class="parameter"><code>type</code></em> :</span></p></td>
4831
<td>
6829
<td>is PEM or DER
4832
6830
</td>
4833
6831
</tr>
4834
6832
<tr>
4835
6833
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
4836
<td>
6834
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an error code.
4837
6835
</td>
4838
6836
</tr>
4839
6837
</tbody>
4847
6845
<em class="parameter"><code>const <span class="type">gnutls_datum_t</span> *key</code></em>,
4848
6846
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> type</code></em>);</pre>
4849
6847
<p>
6848
This function sets a certificate/private key pair in the
6849
gnutls_certificate_credentials_t structure. This function may be called
6850
more than once (in case multiple keys/certificates exist for the
6851
server).
6852
</p>
6853
<p>
6854
Currently are supported: RSA PKCS-1 encoded private keys,
6855
DSA private keys.
6856
</p>
6857
<p>
6858
DSA private keys are encoded the OpenSSL way, which is an ASN.1
6859
DER sequence of 6 INTEGERs - version, p, q, g, pub, priv.
6860
</p>
6861
<p>
6862
Note that the keyUsage (2.5.29.15) PKIX extension in X.509 certificates
6863
is supported. This means that certificates intended for signing cannot
6864
be used for ciphersuites that require encryption.
6865
</p>
6866
<p>
6867
If the certificate and the private key are given in PEM encoding
6868
then the strings that hold their values must be null terminated.
6869
</p>
6870
<p>
6871
The <em class="parameter"><code>key</code></em> may be <code class="literal">NULL</code> if you are using a sign callback, see
6872
<a class="link" href="gnutls-gnutls.html#gnutls-sign-callback-set" title="gnutls_sign_callback_set ()"><code class="function">gnutls_sign_callback_set()</code></a>.
4850
6873
</p>
4851
6874
<div class="variablelist"><table border="0">
4852
6875
<col align="left" valign="top">
4853
6876
<tbody>
4854
6877
<tr>
4855
6878
<td><p><span class="term"><em class="parameter"><code>res</code></em> :</span></p></td>
4856
<td>
6879
<td>is a <span class="type">gnutls_certificate_credentials_t</span> structure.
4857
6880
</td>
4858
6881
</tr>
4859
6882
<tr>
4860
6883
<td><p><span class="term"><em class="parameter"><code>cert</code></em> :</span></p></td>
4861
<td>
6884
<td>contains a certificate list (path) for the specified private key
4862
6885
</td>
4863
6886
</tr>
4864
6887
<tr>
4865
6888
<td><p><span class="term"><em class="parameter"><code>key</code></em> :</span></p></td>
4866
<td>
6889
<td>is the private key, or <code class="literal">NULL</code>
4867
6890
</td>
4868
6891
</tr>
4869
6892
<tr>
4870
6893
<td><p><span class="term"><em class="parameter"><code>type</code></em> :</span></p></td>
4871
<td>
6894
<td>is PEM or DER
4872
6895
</td>
4873
6896
</tr>
4874
6897
<tr>
4875
6898
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
4876
<td>
6899
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an error code.
4877
6900
</td>
4878
6901
</tr>
4879
6902
</tbody>
4886
6909
(<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
4887
6910
<em class="parameter"><code><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> status</code></em>);</pre>
4888
6911
<p>
6912
If status is non zero, this function will order gnutls not to send
6913
the rdnSequence in the certificate request message. That is the
6914
server will not advertize it's trusted CAs to the peer. If status
6915
is zero then the default behaviour will take effect, which is to
6916
advertize the server's trusted CAs.
6917
</p>
6918
<p>
6919
This function has no effect in clients, and in authentication
6920
methods other than certificate with X.509 certificates.
4889
6921
</p>
4890
6922
<div class="variablelist"><table border="0">
4891
6923
<col align="left" valign="top">
4892
6924
<tbody>
4893
6925
<tr>
4894
6926
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
4895
<td>
6927
<td>is a pointer to a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
4896
6928
</td>
4897
6929
</tr>
4898
6930
<tr>
4899
6931
<td><p><span class="term"><em class="parameter"><code>status</code></em> :</span></p></td>
4900
<td>
6932
<td>is 0 or 1
4901
6933
</td>
4902
6934
</tr>
4903
6935
</tbody>
4937
6969
It is believed that the limitations of this function is acceptable
4938
6970
for most usage, and that any more flexibility would introduce
4939
6971
complexity that would make it harder to use this functionality at
4940
all.</p>
6972
all.
6973
</p>
4941
6974
<div class="variablelist"><table border="0">
4942
6975
<col align="left" valign="top">
4943
6976
<tbody>
4974
7007
<a name="gnutls-certificate-set-x509-simple-pkcs12-mem"></a><h3>gnutls_certificate_set_x509_simple_pkcs12_mem ()</h3>
4975
7008
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_certificate_set_x509_simple_pkcs12_mem
4976
7009
(<em class="parameter"><code><span class="type">gnutls_certificate_credentials_t</span> res</code></em>,
4977
<em class="parameter"><code>const <span class="type">gnutls_datum</span> *p12blob</code></em>,
7010
<em class="parameter"><code>const <span class="type">gnutls_datum_t</span> *p12blob</code></em>,
4978
7011
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> type</code></em>,
4979
7012
<em class="parameter"><code>const <span class="type">char</span> *password</code></em>);</pre>
4980
7013
<p>
5003
7036
It is believed that the limitations of this function is acceptable
5004
7037
for most usage, and that any more flexibility would introduce
5005
7038
complexity that would make it harder to use this functionality at
5006
all.</p>
7039
all.
7040
</p>
5007
7041
<div class="variablelist"><table border="0">
5008
7042
<col align="left" valign="top">
5009
7043
<tbody>
5098
7132
<em class="parameter"><code><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> cert_list_size</code></em>,
5099
7133
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>);</pre>
5100
7134
<p>
7135
This function sets a certificate/private key pair in the
7136
gnutls_certificate_credentials_t structure. This function may be
7137
called more than once (in case multiple keys/certificates exist for
7138
the server). For clients that wants to send more than its own end
7139
entity certificate (e.g., also an intermediate CA cert) then put
7140
the certificate chain in <em class="parameter"><code>cert_list</code></em>.
5101
7141
</p>
5102
7142
<div class="variablelist"><table border="0">
5103
7143
<col align="left" valign="top">
5104
7144
<tbody>
5105
7145
<tr>
5106
7146
<td><p><span class="term"><em class="parameter"><code>res</code></em> :</span></p></td>
5107
<td>
7147
<td>is a <span class="type">gnutls_certificate_credentials_t</span> structure.
5108
7148
</td>
5109
7149
</tr>
5110
7150
<tr>
5111
7151
<td><p><span class="term"><em class="parameter"><code>cert_list</code></em> :</span></p></td>
5112
<td>
7152
<td>contains a certificate list (path) for the specified private key
5113
7153
</td>
5114
7154
</tr>
5115
7155
<tr>
5116
7156
<td><p><span class="term"><em class="parameter"><code>cert_list_size</code></em> :</span></p></td>
5117
<td>
7157
<td>holds the size of the certificate list
5118
7158
</td>
5119
7159
</tr>
5120
7160
<tr>
5121
7161
<td><p><span class="term"><em class="parameter"><code>key</code></em> :</span></p></td>
5122
<td>
7162
<td>is a gnutls_x509_privkey_t key
5123
7163
</td>
5124
7164
</tr>
5125
7165
<tr>
5126
7166
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
5127
<td>
7167
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an error code.
7168
5128
7169
</td>
5129
7170
</tr>
5130
7171
</tbody>
5131
7172
</table></div>
7173
<p class="since">Since 2.4.0</p>
5132
7174
</div>
5133
7175
<hr>
5134
7176
<div class="refsect2" title="gnutls_certificate_set_x509_trust ()">
5137
7179
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> *ca_list</code></em>,
5138
7180
<em class="parameter"><code><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> ca_list_size</code></em>);</pre>
5139
7181
<p>
7182
This function adds the trusted CAs in order to verify client
7183
or server certificates. In case of a client this is not required
7184
to be called if the certificates are not verified using
7185
<a class="link" href="gnutls-gnutls.html#gnutls-certificate-verify-peers2" title="gnutls_certificate_verify_peers2 ()"><code class="function">gnutls_certificate_verify_peers2()</code></a>.
7186
This function may be called multiple times.
7187
</p>
7188
<p>
7189
In case of a server the CAs set here will be sent to the client if
7190
a certificate request is sent. This can be disabled using
7191
<a class="link" href="gnutls-gnutls.html#gnutls-certificate-send-x509-rdn-sequence" title="gnutls_certificate_send_x509_rdn_sequence ()"><code class="function">gnutls_certificate_send_x509_rdn_sequence()</code></a>.
5140
7192
</p>
5141
7193
<div class="variablelist"><table border="0">
5142
7194
<col align="left" valign="top">
5143
7195
<tbody>
5144
7196
<tr>
5145
7197
<td><p><span class="term"><em class="parameter"><code>res</code></em> :</span></p></td>
5146
<td>
7198
<td>is a <span class="type">gnutls_certificate_credentials_t</span> structure.
5147
7199
</td>
5148
7200
</tr>
5149
7201
<tr>
5150
7202
<td><p><span class="term"><em class="parameter"><code>ca_list</code></em> :</span></p></td>
5151
<td>
7203
<td>is a list of trusted CAs
5152
7204
</td>
5153
7205
</tr>
5154
7206
<tr>
5155
7207
<td><p><span class="term"><em class="parameter"><code>ca_list_size</code></em> :</span></p></td>
5156
<td>
7208
<td>holds the size of the CA list
5157
7209
</td>
5158
7210
</tr>
5159
7211
<tr>
5160
7212
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
5161
<td>
7213
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an error code.
7214
5162
7215
</td>
5163
7216
</tr>
5164
7217
</tbody>
5165
7218
</table></div>
7219
<p class="since">Since 2.4.0</p>
5166
7220
</div>
5167
7221
<hr>
5168
7222
<div class="refsect2" title="gnutls_certificate_set_x509_crl ()">
5171
7225
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> *crl_list</code></em>,
5172
7226
<em class="parameter"><code><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> crl_list_size</code></em>);</pre>
5173
7227
<p>
7228
This function adds the trusted CRLs in order to verify client or
7229
server certificates. In case of a client this is not required to
7230
be called if the certificates are not verified using
7231
<a class="link" href="gnutls-gnutls.html#gnutls-certificate-verify-peers2" title="gnutls_certificate_verify_peers2 ()"><code class="function">gnutls_certificate_verify_peers2()</code></a>. This function may be called
7232
multiple times.
5174
7233
</p>
5175
7234
<div class="variablelist"><table border="0">
5176
7235
<col align="left" valign="top">
5177
7236
<tbody>
5178
7237
<tr>
5179
7238
<td><p><span class="term"><em class="parameter"><code>res</code></em> :</span></p></td>
5180
<td>
7239
<td>is a <span class="type">gnutls_certificate_credentials_t</span> structure.
5181
7240
</td>
5182
7241
</tr>
5183
7242
<tr>
5184
7243
<td><p><span class="term"><em class="parameter"><code>crl_list</code></em> :</span></p></td>
5185
<td>
7244
<td>is a list of trusted CRLs. They should have been verified before.
5186
7245
</td>
5187
7246
</tr>
5188
7247
<tr>
5189
7248
<td><p><span class="term"><em class="parameter"><code>crl_list_size</code></em> :</span></p></td>
5190
<td>
7249
<td>holds the size of the crl_list
5191
7250
</td>
5192
7251
</tr>
5193
7252
<tr>
5194
7253
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
5195
<td>
7254
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an error code.
7255
5196
7256
</td>
5197
7257
</tr>
5198
7258
</tbody>
5199
7259
</table></div>
7260
<p class="since">Since 2.4.0</p>
5200
7261
</div>
5201
7262
<hr>
5202
7263
<div class="refsect2" title="gnutls_certificate_get_x509_cas ()">
5205
7266
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> **x509_ca_list</code></em>,
5206
7267
<em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> *ncas</code></em>);</pre>
5207
7268
<p>
7269
This function will export all the CAs associated with the given
7270
credentials.
5208
7271
</p>
5209
7272
<div class="variablelist"><table border="0">
5210
7273
<col align="left" valign="top">
5211
7274
<tbody>
5212
7275
<tr>
5213
7276
<td><p><span class="term"><em class="parameter"><code>sc</code></em> :</span></p></td>
5214
<td>
7277
<td>is a <span class="type">gnutls_certificate_credentials_t</span> structure.
5215
7278
</td>
5216
7279
</tr>
5217
7280
<tr>
5218
7281
<td><p><span class="term"><em class="parameter"><code>x509_ca_list</code></em> :</span></p></td>
5219
<td>
7282
<td>will point to the CA list. Should be treated as constant
5220
7283
</td>
5221
7284
</tr>
5222
7285
<tr>
5223
7286
<td><p><span class="term"><em class="parameter"><code>ncas</code></em> :</span></p></td>
5224
<td>
7287
<td>the number of CAs
5225
7288
</td>
5226
7289
</tr>
5227
7290
</tbody>
5228
7291
</table></div>
7292
<p class="since">Since 2.4.0</p>
5229
7293
</div>
5230
7294
<hr>
5231
7295
<div class="refsect2" title="gnutls_certificate_get_x509_crls ()">
5234
7298
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crl-t" title="gnutls_x509_crl_t"><span class="type">gnutls_x509_crl_t</span></a> **x509_crl_list</code></em>,
5235
7299
<em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> *ncrls</code></em>);</pre>
5236
7300
<p>
7301
This function will export all the CRLs associated with the given
7302
credentials.
5237
7303
</p>
5238
7304
<div class="variablelist"><table border="0">
5239
7305
<col align="left" valign="top">
5240
7306
<tbody>
5241
7307
<tr>
5242
7308
<td><p><span class="term"><em class="parameter"><code>sc</code></em> :</span></p></td>
5243
<td>
7309
<td>is a <span class="type">gnutls_certificate_credentials_t</span> structure.
5244
7310
</td>
5245
7311
</tr>
5246
7312
<tr>
5247
7313
<td><p><span class="term"><em class="parameter"><code>x509_crl_list</code></em> :</span></p></td>
5248
<td>
7314
<td>the exported CRL list. Should be treated as constant
5249
7315
</td>
5250
7316
</tr>
5251
7317
<tr>
5252
7318
<td><p><span class="term"><em class="parameter"><code>ncrls</code></em> :</span></p></td>
5253
<td>
7319
<td>the number of exported CRLs
5254
7320
</td>
5255
7321
</tr>
5256
7322
</tbody>
5257
7323
</table></div>
7324
<p class="since">Since 2.4.0</p>
5258
7325
</div>
5259
7326
<hr>
5260
7327
<div class="refsect2" title="gnutls_certificate_get_openpgp_keyring ()">
5263
7330
(<em class="parameter"><code><span class="type">gnutls_certificate_credentials_t</span> sc</code></em>,
5264
7331
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-openpgp-keyring-t" title="gnutls_openpgp_keyring_t"><span class="type">gnutls_openpgp_keyring_t</span></a> *keyring</code></em>);</pre>
5265
7332
<p>
7333
This function will export the OpenPGP keyring associated with the
7334
given credentials.
5266
7335
</p>
5267
7336
<div class="variablelist"><table border="0">
5268
7337
<col align="left" valign="top">
5269
7338
<tbody>
5270
7339
<tr>
5271
7340
<td><p><span class="term"><em class="parameter"><code>sc</code></em> :</span></p></td>
5272
<td>
7341
<td>is a <span class="type">gnutls_certificate_credentials_t</span> structure.
5273
7342
</td>
5274
7343
</tr>
5275
7344
<tr>
5276
7345
<td><p><span class="term"><em class="parameter"><code>keyring</code></em> :</span></p></td>
5277
<td>
7346
<td>the exported keyring. Should be treated as constant
5278
7347
</td>
5279
7348
</tr>
5280
7349
</tbody>
5281
7350
</table></div>
7351
<p class="since">Since 2.4.0</p>
5282
7352
</div>
5283
7353
<hr>
5284
7354
<div class="refsect2" title="gnutls_global_init ()">
5285
7355
<a name="gnutls-global-init"></a><h3>gnutls_global_init ()</h3>
5286
7356
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_global_init (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
5287
7357
<p>
7358
This function initializes the global data to defaults. Every
7359
gnutls application has a global data which holds common parameters
7360
shared by gnutls session structures. You should call
7361
<a class="link" href="gnutls-gnutls.html#gnutls-global-deinit" title="gnutls_global_deinit ()"><code class="function">gnutls_global_deinit()</code></a> when gnutls usage is no longer needed
7362
</p>
7363
<p>
7364
Note that this function will also initialize libgcrypt, if it has
7365
not been initialized before. Thus if you want to manually
7366
initialize libgcrypt you must do it before calling this function.
7367
This is useful in cases you want to disable libgcrypt's internal
7368
lockings etc.
7369
</p>
7370
<p>
7371
This function increment a global counter, so that
7372
<a class="link" href="gnutls-gnutls.html#gnutls-global-deinit" title="gnutls_global_deinit ()"><code class="function">gnutls_global_deinit()</code></a> only releases resources when it has been
7373
called as many times as <a class="link" href="gnutls-gnutls.html#gnutls-global-init" title="gnutls_global_init ()"><code class="function">gnutls_global_init()</code></a>. This is useful when
7374
GnuTLS is used by more than one library in an application. This
7375
function can be called many times, but will only do something the
7376
first time.
7377
</p>
7378
<p>
7379
Note! This function is not thread safe. If two threads call this
7380
function simultaneously, they can cause a race between checking
7381
the global counter and incrementing it, causing both threads to
7382
execute the library initialization code. That would lead to a
7383
memory leak. To handle this, your application could invoke this
7384
function after aquiring a thread mutex. To ignore the potential
7385
memory leak is also an option.
5288
7386
</p>
5289
7387
<div class="variablelist"><table border="0">
5290
7388
<col align="left" valign="top">
5291
7389
<tbody><tr>
5292
7390
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
5293
<td>
7391
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (zero) is returned,
7392
otherwise an error code is returned.
5294
7393
</td>
5295
7394
</tr></tbody>
5296
7395
</table></div>
5300
7399
<a name="gnutls-global-deinit"></a><h3>gnutls_global_deinit ()</h3>
5301
7400
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_global_deinit (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
5302
7401
<p>
7402
This function deinitializes the global data, that were initialized
7403
using <a class="link" href="gnutls-gnutls.html#gnutls-global-init" title="gnutls_global_init ()"><code class="function">gnutls_global_init()</code></a>.
7404
</p>
7405
<p>
7406
Note! This function is not thread safe. See the discussion for
7407
<a class="link" href="gnutls-gnutls.html#gnutls-global-init" title="gnutls_global_init ()"><code class="function">gnutls_global_init()</code></a> for more information.
5303
7408
</p>
5304
7409
</div>
5305
7410
<hr>
5426
7531
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-realloc-function" title="gnutls_realloc_function ()"><span class="type">gnutls_realloc_function</span></a> realloc_func</code></em>,
5427
7532
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-free-function" title="gnutls_free_function ()"><span class="type">gnutls_free_function</span></a> free_func</code></em>);</pre>
5428
7533
<p>
7534
This is the function were you set the memory allocation functions
7535
gnutls is going to use. By default the libc's allocation functions
7536
(<code class="function">malloc()</code>, <code class="function">free()</code>), are used by gnutls, to allocate both sensitive
7537
and not sensitive data. This function is provided to set the
7538
memory allocation functions to something other than the defaults
7539
(ie the gcrypt allocation functions).
7540
</p>
7541
<p>
7542
This function must be called before <a class="link" href="gnutls-gnutls.html#gnutls-global-init" title="gnutls_global_init ()"><code class="function">gnutls_global_init()</code></a> is called.
7543
This function is not thread safe.
5429
7544
</p>
5430
7545
<div class="variablelist"><table border="0">
5431
7546
<col align="left" valign="top">
5432
7547
<tbody>
5433
7548
<tr>
5434
7549
<td><p><span class="term"><em class="parameter"><code>alloc_func</code></em> :</span></p></td>
5435
<td>
7550
<td>it's the default memory allocation function. Like <code class="function">malloc()</code>.
5436
7551
</td>
5437
7552
</tr>
5438
7553
<tr>
5439
7554
<td><p><span class="term"><em class="parameter"><code>secure_alloc_func</code></em> :</span></p></td>
5440
<td>
7555
<td>This is the memory allocation function that will be used for sensitive data.
5441
7556
</td>
5442
7557
</tr>
5443
7558
<tr>
5444
7559
<td><p><span class="term"><em class="parameter"><code>is_secure_func</code></em> :</span></p></td>
5445
<td>
7560
<td>a function that returns 0 if the memory given is not secure. May be NULL.
5446
7561
</td>
5447
7562
</tr>
5448
7563
<tr>
5449
7564
<td><p><span class="term"><em class="parameter"><code>realloc_func</code></em> :</span></p></td>
5450
<td>
7565
<td>A realloc function
5451
7566
</td>
5452
7567
</tr>
5453
7568
<tr>
5454
7569
<td><p><span class="term"><em class="parameter"><code>free_func</code></em> :</span></p></td>
5455
<td>
7570
<td>The function that frees allocated data. Must accept a NULL pointer.
5456
7571
</td>
5457
7572
</tr>
5458
7573
</tbody>
5464
7579
<pre class="programlisting"> extern gnutls_alloc_function gnutls_malloc;
5465
7580
</pre>
5466
7581
<p>
7582
This function will allocate 's' bytes data, and
7583
return a pointer to memory. This function is supposed
7584
to be used by callbacks.
7585
</p>
7586
<p>
7587
The allocation function used is the one set by
7588
<a class="link" href="gnutls-gnutls.html#gnutls-global-set-mem-functions" title="gnutls_global_set_mem_functions ()"><code class="function">gnutls_global_set_mem_functions()</code></a>.
5467
7589
</p>
5468
7590
</div>
5469
7591
<hr>
5496
7618
<pre class="programlisting"> extern gnutls_free_function gnutls_free;
5497
7619
</pre>
5498
7620
<p>
7621
This function will free data pointed by ptr.
7622
</p>
7623
<p>
7624
The deallocation function used is the one set by
7625
<a class="link" href="gnutls-gnutls.html#gnutls-global-set-mem-functions" title="gnutls_global_set_mem_functions ()"><code class="function">gnutls_global_set_mem_functions()</code></a>.
5499
7626
</p>
5500
7627
</div>
5501
7628
<hr>
5548
7675
<a name="gnutls-global-set-log-function"></a><h3>gnutls_global_set_log_function ()</h3>
5549
7676
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_global_set_log_function (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-log-func" title="gnutls_log_func ()"><span class="type">gnutls_log_func</span></a> log_func</code></em>);</pre>
5550
7677
<p>
7678
This is the function where you set the logging function gnutls is
7679
going to use. This function only accepts a character array.
7680
Normally you may not use this function since it is only used for
7681
debugging purposes.
7682
</p>
7683
<p>
7684
gnutls_log_func is of the form,
7685
void (*gnutls_log_func)( int level, const char*);
5551
7686
</p>
5552
7687
<div class="variablelist"><table border="0">
5553
7688
<col align="left" valign="top">
5554
7689
<tbody><tr>
5555
7690
<td><p><span class="term"><em class="parameter"><code>log_func</code></em> :</span></p></td>
5556
<td>
7691
<td>it's a log function
5557
7692
</td>
5558
7693
</tr></tbody>
5559
7694
</table></div>
5563
7698
<a name="gnutls-global-set-log-level"></a><h3>gnutls_global_set_log_level ()</h3>
5564
7699
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_global_set_log_level (<em class="parameter"><code><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> level</code></em>);</pre>
5565
7700
<p>
7701
This is the function that allows you to set the log level. The
7702
level is an integer between 0 and 9. Higher values mean more
7703
verbosity. The default value is 0. Larger values should only be
7704
used with care, since they may reveal sensitive information.
7705
</p>
7706
<p>
7707
Use a log level over 10 to enable all debugging options.
5566
7708
</p>
5567
7709
<div class="variablelist"><table border="0">
5568
7710
<col align="left" valign="top">
5569
7711
<tbody><tr>
5570
7712
<td><p><span class="term"><em class="parameter"><code>level</code></em> :</span></p></td>
5571
<td>
7713
<td>it's an integer from 0 to 9.
5572
7714
</td>
5573
7715
</tr></tbody>
5574
7716
</table></div>
5578
7720
<a name="gnutls-dh-params-init"></a><h3>gnutls_dh_params_init ()</h3>
5579
7721
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_dh_params_init (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-dh-params-t" title="gnutls_dh_params_t"><span class="type">gnutls_dh_params_t</span></a> *dh_params</code></em>);</pre>
5580
7722
<p>
7723
This function will initialize the DH parameters structure.
5581
7724
</p>
5582
7725
<div class="variablelist"><table border="0">
5583
7726
<col align="left" valign="top">
5584
7727
<tbody>
5585
7728
<tr>
5586
7729
<td><p><span class="term"><em class="parameter"><code>dh_params</code></em> :</span></p></td>
5587
<td>
7730
<td>Is a structure that will hold the prime numbers
5588
7731
</td>
5589
7732
</tr>
5590
7733
<tr>
5591
7734
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
5592
<td>
7735
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (zero) is returned,
7736
otherwise an error code is returned.
5593
7737
</td>
5594
7738
</tr>
5595
7739
</tbody>
5600
7744
<a name="gnutls-dh-params-deinit"></a><h3>gnutls_dh_params_deinit ()</h3>
5601
7745
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_dh_params_deinit (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-dh-params-t" title="gnutls_dh_params_t"><span class="type">gnutls_dh_params_t</span></a> dh_params</code></em>);</pre>
5602
7746
<p>
7747
This function will deinitialize the DH parameters structure.
5603
7748
</p>
5604
7749
<div class="variablelist"><table border="0">
5605
7750
<col align="left" valign="top">
5606
7751
<tbody><tr>
5607
7752
<td><p><span class="term"><em class="parameter"><code>dh_params</code></em> :</span></p></td>
5608
<td>
7753
<td>Is a structure that holds the prime numbers
5609
7754
</td>
5610
7755
</tr></tbody>
5611
7756
</table></div>
5617
7762
<em class="parameter"><code>const <span class="type">gnutls_datum_t</span> *prime</code></em>,
5618
7763
<em class="parameter"><code>const <span class="type">gnutls_datum_t</span> *generator</code></em>);</pre>
5619
7764
<p>
7765
This function will replace the pair of prime and generator for use
7766
in the Diffie-Hellman key exchange. The new parameters should be
7767
stored in the appropriate gnutls_datum.
5620
7768
</p>
5621
7769
<div class="variablelist"><table border="0">
5622
7770
<col align="left" valign="top">
5623
7771
<tbody>
5624
7772
<tr>
5625
7773
<td><p><span class="term"><em class="parameter"><code>dh_params</code></em> :</span></p></td>
5626
<td>
7774
<td>Is a structure that will hold the prime numbers
5627
7775
</td>
5628
7776
</tr>
5629
7777
<tr>
5630
7778
<td><p><span class="term"><em class="parameter"><code>prime</code></em> :</span></p></td>
5631
<td>
7779
<td>holds the new prime
5632
7780
</td>
5633
7781
</tr>
5634
7782
<tr>
5635
7783
<td><p><span class="term"><em class="parameter"><code>generator</code></em> :</span></p></td>
5636
<td>
7784
<td>holds the new generator
5637
7785
</td>
5638
7786
</tr>
5639
7787
<tr>
5640
7788
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
5641
<td>
7789
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (zero) is returned,
7790
otherwise an error code is returned.
5642
7791
</td>
5643
7792
</tr>
5644
7793
</tbody>
5651
7800
<em class="parameter"><code>const <span class="type">gnutls_datum_t</span> *pkcs3_params</code></em>,
5652
7801
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> format</code></em>);</pre>
5653
7802
<p>
7803
This function will extract the DHParams found in a PKCS3 formatted
7804
structure. This is the format generated by "openssl dhparam" tool.
7805
</p>
7806
<p>
7807
If the structure is PEM encoded, it should have a header
7808
of "BEGIN DH PARAMETERS".
5654
7809
</p>
5655
7810
<div class="variablelist"><table border="0">
5656
7811
<col align="left" valign="top">
5657
7812
<tbody>
5658
7813
<tr>
5659
7814
<td><p><span class="term"><em class="parameter"><code>params</code></em> :</span></p></td>
5660
<td>
7815
<td>A structure where the parameters will be copied to
5661
7816
</td>
5662
7817
</tr>
5663
7818
<tr>
5664
7819
<td><p><span class="term"><em class="parameter"><code>pkcs3_params</code></em> :</span></p></td>
5665
<td>
7820
<td>should contain a PKCS3 DHParams structure PEM or DER encoded
5666
7821
</td>
5667
7822
</tr>
5668
7823
<tr>
5669
7824
<td><p><span class="term"><em class="parameter"><code>format</code></em> :</span></p></td>
5670
<td>
7825
<td>the format of params. PEM or DER.
5671
7826
</td>
5672
7827
</tr>
5673
7828
<tr>
5674
7829
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
5675
<td>
7830
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (zero) is returned,
7831
otherwise an error code is returned.
5676
7832
</td>
5677
7833
</tr>
5678
7834
</tbody>
5684
7840
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_dh_params_generate2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-dh-params-t" title="gnutls_dh_params_t"><span class="type">gnutls_dh_params_t</span></a> params</code></em>,
5685
7841
<em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> bits</code></em>);</pre>
5686
7842
<p>
7843
This function will generate a new pair of prime and generator for use in
7844
the Diffie-Hellman key exchange. The new parameters will be allocated using
7845
<a class="link" href="gnutls-gnutls.html#gnutls-malloc" title="gnutls_malloc"><code class="function">gnutls_malloc()</code></a> and will be stored in the appropriate datum.
7846
This function is normally slow.
7847
</p>
7848
<p>
7849
Note that the bits value should be one of 768, 1024, 2048, 3072 or 4096.
7850
Also note that the DH parameters are only useful to servers.
7851
Since clients use the parameters sent by the server, it's of
7852
no use to call this in client side.
5687
7853
</p>
5688
7854
<div class="variablelist"><table border="0">
5689
7855
<col align="left" valign="top">
5690
7856
<tbody>
5691
7857
<tr>
5692
7858
<td><p><span class="term"><em class="parameter"><code>params</code></em> :</span></p></td>
5693
<td>
7859
<td>Is the structure that the DH parameters will be stored
5694
7860
</td>
5695
7861
</tr>
5696
7862
<tr>
5697
7863
<td><p><span class="term"><em class="parameter"><code>bits</code></em> :</span></p></td>
5698
<td>
7864
<td>is the prime's number of bits
5699
7865
</td>
5700
7866
</tr>
5701
7867
<tr>
5702
7868
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
5703
<td>
7869
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (zero) is returned,
7870
otherwise an error code is returned.
5704
7871
</td>
5705
7872
</tr>
5706
7873
</tbody>
5714
7881
<em class="parameter"><code>unsigned <span class="type">char</span> *params_data</code></em>,
5715
7882
<em class="parameter"><code><span class="type">size_t</span> *params_data_size</code></em>);</pre>
5716
7883
<p>
7884
This function will export the given dh parameters to a PKCS3
7885
DHParams structure. This is the format generated by "openssl dhparam" tool.
7886
If the buffer provided is not long enough to hold the output, then
7887
GNUTLS_E_SHORT_MEMORY_BUFFER will be returned.
7888
</p>
7889
<p>
7890
If the structure is PEM encoded, it will have a header
7891
of "BEGIN DH PARAMETERS".
5717
7892
</p>
5718
7893
<div class="variablelist"><table border="0">
5719
7894
<col align="left" valign="top">
5720
7895
<tbody>
5721
7896
<tr>
5722
7897
<td><p><span class="term"><em class="parameter"><code>params</code></em> :</span></p></td>
5723
<td>
7898
<td>Holds the DH parameters
5724
7899
</td>
5725
7900
</tr>
5726
7901
<tr>
5727
7902
<td><p><span class="term"><em class="parameter"><code>format</code></em> :</span></p></td>
5728
<td>
7903
<td>the format of output params. One of PEM or DER.
5729
7904
</td>
5730
7905
</tr>
5731
7906
<tr>
5732
7907
<td><p><span class="term"><em class="parameter"><code>params_data</code></em> :</span></p></td>
5733
<td>
7908
<td>will contain a PKCS3 DHParams structure PEM or DER encoded
5734
7909
</td>
5735
7910
</tr>
5736
7911
<tr>
5737
7912
<td><p><span class="term"><em class="parameter"><code>params_data_size</code></em> :</span></p></td>
5738
<td>
7913
<td>holds the size of params_data (and will be replaced by the actual size of parameters)
5739
7914
</td>
5740
7915
</tr>
5741
7916
<tr>
5742
7917
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
5743
<td>
7918
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (zero) is returned,
7919
otherwise an error code is returned.
5744
7920
</td>
5745
7921
</tr>
5746
7922
</tbody>
5754
7930
<em class="parameter"><code><span class="type">gnutls_datum_t</span> *generator</code></em>,
5755
7931
<em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> *bits</code></em>);</pre>
5756
7932
<p>
7933
This function will export the pair of prime and generator for use
7934
in the Diffie-Hellman key exchange. The new parameters will be
7935
allocated using <a class="link" href="gnutls-gnutls.html#gnutls-malloc" title="gnutls_malloc"><code class="function">gnutls_malloc()</code></a> and will be stored in the
7936
appropriate datum.
5757
7937
</p>
5758
7938
<div class="variablelist"><table border="0">
5759
7939
<col align="left" valign="top">
5760
7940
<tbody>
5761
7941
<tr>
5762
7942
<td><p><span class="term"><em class="parameter"><code>params</code></em> :</span></p></td>
5763
<td>
7943
<td>Holds the DH parameters
5764
7944
</td>
5765
7945
</tr>
5766
7946
<tr>
5767
7947
<td><p><span class="term"><em class="parameter"><code>prime</code></em> :</span></p></td>
5768
<td>
7948
<td>will hold the new prime
5769
7949
</td>
5770
7950
</tr>
5771
7951
<tr>
5772
7952
<td><p><span class="term"><em class="parameter"><code>generator</code></em> :</span></p></td>
5773
<td>
7953
<td>will hold the new generator
5774
7954
</td>
5775
7955
</tr>
5776
7956
<tr>
5777
7957
<td><p><span class="term"><em class="parameter"><code>bits</code></em> :</span></p></td>
5778
<td>
7958
<td>if non null will hold is the prime's number of bits
5779
7959
</td>
5780
7960
</tr>
5781
7961
<tr>
5782
7962
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
5783
<td>
7963
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (zero) is returned,
7964
otherwise an error code is returned.
5784
7965
</td>
5785
7966
</tr>
5786
7967
</tbody>
5792
7973
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_dh_params_cpy (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-dh-params-t" title="gnutls_dh_params_t"><span class="type">gnutls_dh_params_t</span></a> dst</code></em>,
5793
7974
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-dh-params-t" title="gnutls_dh_params_t"><span class="type">gnutls_dh_params_t</span></a> src</code></em>);</pre>
5794
7975
<p>
7976
This function will copy the DH parameters structure from source
7977
to destination.
5795
7978
</p>
5796
7979
<div class="variablelist"><table border="0">
5797
7980
<col align="left" valign="top">
5798
7981
<tbody>
5799
7982
<tr>
5800
7983
<td><p><span class="term"><em class="parameter"><code>dst</code></em> :</span></p></td>
5801
<td>
7984
<td>Is the destination structure, which should be initialized.
5802
7985
</td>
5803
7986
</tr>
5804
7987
<tr>
5805
7988
<td><p><span class="term"><em class="parameter"><code>src</code></em> :</span></p></td>
5806
<td>
7989
<td>Is the source structure
5807
7990
</td>
5808
7991
</tr>
5809
7992
<tr>
5810
7993
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
5811
<td>
7994
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (zero) is returned,
7995
otherwise an error code is returned.
5812
7996
</td>
5813
7997
</tr>
5814
7998
</tbody>
5819
8003
<a name="gnutls-rsa-params-init"></a><h3>gnutls_rsa_params_init ()</h3>
5820
8004
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_rsa_params_init (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-rsa-params-t" title="gnutls_rsa_params_t"><span class="type">gnutls_rsa_params_t</span></a> *rsa_params</code></em>);</pre>
5821
8005
<p>
8006
This function will initialize the temporary RSA parameters structure.
5822
8007
</p>
5823
8008
<div class="variablelist"><table border="0">
5824
8009
<col align="left" valign="top">
5825
8010
<tbody>
5826
8011
<tr>
5827
8012
<td><p><span class="term"><em class="parameter"><code>rsa_params</code></em> :</span></p></td>
5828
<td>
8013
<td>Is a structure that will hold the parameters
5829
8014
</td>
5830
8015
</tr>
5831
8016
<tr>
5832
8017
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
5833
<td>
8018
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an negative error code.
5834
8019
</td>
5835
8020
</tr>
5836
8021
</tbody>
5841
8026
<a name="gnutls-rsa-params-deinit"></a><h3>gnutls_rsa_params_deinit ()</h3>
5842
8027
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_rsa_params_deinit (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-rsa-params-t" title="gnutls_rsa_params_t"><span class="type">gnutls_rsa_params_t</span></a> rsa_params</code></em>);</pre>
5843
8028
<p>
8029
This function will deinitialize the RSA parameters structure.
5844
8030
</p>
5845
8031
<div class="variablelist"><table border="0">
5846
8032
<col align="left" valign="top">
5847
8033
<tbody><tr>
5848
8034
<td><p><span class="term"><em class="parameter"><code>rsa_params</code></em> :</span></p></td>
5849
<td>
8035
<td>Is a structure that holds the parameters
5850
8036
</td>
5851
8037
</tr></tbody>
5852
8038
</table></div>
5857
8043
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_rsa_params_cpy (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-rsa-params-t" title="gnutls_rsa_params_t"><span class="type">gnutls_rsa_params_t</span></a> dst</code></em>,
5858
8044
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-rsa-params-t" title="gnutls_rsa_params_t"><span class="type">gnutls_rsa_params_t</span></a> src</code></em>);</pre>
5859
8045
<p>
8046
This function will copy the RSA parameters structure from source
8047
to destination.
5860
8048
</p>
5861
8049
<div class="variablelist"><table border="0">
5862
8050
<col align="left" valign="top">
5863
8051
<tbody>
5864
8052
<tr>
5865
8053
<td><p><span class="term"><em class="parameter"><code>dst</code></em> :</span></p></td>
5866
<td>
8054
<td>Is the destination structure, which should be initialized.
5867
8055
</td>
5868
8056
</tr>
5869
8057
<tr>
5870
8058
<td><p><span class="term"><em class="parameter"><code>src</code></em> :</span></p></td>
5871
<td>
8059
<td>Is the source structure
5872
8060
</td>
5873
8061
</tr>
5874
8062
<tr>
5875
8063
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
5876
<td>
8064
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an negative error code.
5877
8065
</td>
5878
8066
</tr>
5879
8067
</tbody>
5890
8078
<em class="parameter"><code>const <span class="type">gnutls_datum_t</span> *q</code></em>,
5891
8079
<em class="parameter"><code>const <span class="type">gnutls_datum_t</span> *u</code></em>);</pre>
5892
8080
<p>
8081
This function will replace the parameters in the given structure.
8082
The new parameters should be stored in the appropriate
8083
gnutls_datum.
5893
8084
</p>
5894
8085
<div class="variablelist"><table border="0">
5895
8086
<col align="left" valign="top">
5896
8087
<tbody>
5897
8088
<tr>
5898
8089
<td><p><span class="term"><em class="parameter"><code>rsa_params</code></em> :</span></p></td>
5899
<td>
8090
<td>Is a structure will hold the parameters
5900
8091
</td>
5901
8092
</tr>
5902
8093
<tr>
5903
8094
<td><p><span class="term"><em class="parameter"><code>m</code></em> :</span></p></td>
5904
<td>
8095
<td>holds the modulus
5905
8096
</td>
5906
8097
</tr>
5907
8098
<tr>
5908
8099
<td><p><span class="term"><em class="parameter"><code>e</code></em> :</span></p></td>
5909
<td>
8100
<td>holds the public exponent
5910
8101
</td>
5911
8102
</tr>
5912
8103
<tr>
5913
8104
<td><p><span class="term"><em class="parameter"><code>d</code></em> :</span></p></td>
5914
<td>
8105
<td>holds the private exponent
5915
8106
</td>
5916
8107
</tr>
5917
8108
<tr>
5918
8109
<td><p><span class="term"><em class="parameter"><code>p</code></em> :</span></p></td>
5919
<td>
8110
<td>holds the first prime (p)
5920
8111
</td>
5921
8112
</tr>
5922
8113
<tr>
5923
8114
<td><p><span class="term"><em class="parameter"><code>q</code></em> :</span></p></td>
5924
<td>
8115
<td>holds the second prime (q)
5925
8116
</td>
5926
8117
</tr>
5927
8118
<tr>
5928
8119
<td><p><span class="term"><em class="parameter"><code>u</code></em> :</span></p></td>
5929
<td>
8120
<td>holds the coefficient
5930
8121
</td>
5931
8122
</tr>
5932
8123
<tr>
5933
8124
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
5934
<td>
8125
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an negative error code.
5935
8126
</td>
5936
8127
</tr>
5937
8128
</tbody>
5943
8134
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_rsa_params_generate2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-rsa-params-t" title="gnutls_rsa_params_t"><span class="type">gnutls_rsa_params_t</span></a> params</code></em>,
5944
8135
<em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> bits</code></em>);</pre>
5945
8136
<p>
8137
This function will generate new temporary RSA parameters for use in
8138
RSA-EXPORT ciphersuites. This function is normally slow.
8139
</p>
8140
<p>
8141
Note that if the parameters are to be used in export cipher suites the
8142
bits value should be 512 or less.
8143
Also note that the generation of new RSA parameters is only useful
8144
to servers. Clients use the parameters sent by the server, thus it's
8145
no use calling this in client side.
5946
8146
</p>
5947
8147
<div class="variablelist"><table border="0">
5948
8148
<col align="left" valign="top">
5949
8149
<tbody>
5950
8150
<tr>
5951
8151
<td><p><span class="term"><em class="parameter"><code>params</code></em> :</span></p></td>
5952
<td>
8152
<td>The structure where the parameters will be stored
5953
8153
</td>
5954
8154
</tr>
5955
8155
<tr>
5956
8156
<td><p><span class="term"><em class="parameter"><code>bits</code></em> :</span></p></td>
5957
<td>
8157
<td>is the prime's number of bits
5958
8158
</td>
5959
8159
</tr>
5960
8160
<tr>
5961
8161
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
5962
<td>
8162
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an negative error code.
5963
8163
</td>
5964
8164
</tr>
5965
8165
</tbody>
5977
8177
<em class="parameter"><code><span class="type">gnutls_datum_t</span> *u</code></em>,
5978
8178
<em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> *bits</code></em>);</pre>
5979
8179
<p>
8180
This function will export the RSA parameters found in the given
8181
structure. The new parameters will be allocated using
8182
<a class="link" href="gnutls-gnutls.html#gnutls-malloc" title="gnutls_malloc"><code class="function">gnutls_malloc()</code></a> and will be stored in the appropriate datum.
5980
8183
</p>
5981
8184
<div class="variablelist"><table border="0">
5982
8185
<col align="left" valign="top">
5983
8186
<tbody>
5984
8187
<tr>
5985
8188
<td><p><span class="term"><em class="parameter"><code>params</code></em> :</span></p></td>
5986
<td>
8189
<td>a structure that holds the rsa parameters
5987
8190
</td>
5988
8191
</tr>
5989
8192
<tr>
5990
8193
<td><p><span class="term"><em class="parameter"><code>m</code></em> :</span></p></td>
5991
<td>
8194
<td>will hold the modulus
5992
8195
</td>
5993
8196
</tr>
5994
8197
<tr>
5995
8198
<td><p><span class="term"><em class="parameter"><code>e</code></em> :</span></p></td>
5996
<td>
8199
<td>will hold the public exponent
5997
8200
</td>
5998
8201
</tr>
5999
8202
<tr>
6000
8203
<td><p><span class="term"><em class="parameter"><code>d</code></em> :</span></p></td>
6001
<td>
8204
<td>will hold the private exponent
6002
8205
</td>
6003
8206
</tr>
6004
8207
<tr>
6005
8208
<td><p><span class="term"><em class="parameter"><code>p</code></em> :</span></p></td>
6006
<td>
8209
<td>will hold the first prime (p)
6007
8210
</td>
6008
8211
</tr>
6009
8212
<tr>
6010
8213
<td><p><span class="term"><em class="parameter"><code>q</code></em> :</span></p></td>
6011
<td>
8214
<td>will hold the second prime (q)
6012
8215
</td>
6013
8216
</tr>
6014
8217
<tr>
6015
8218
<td><p><span class="term"><em class="parameter"><code>u</code></em> :</span></p></td>
6016
<td>
8219
<td>will hold the coefficient
6017
8220
</td>
6018
8221
</tr>
6019
8222
<tr>
6020
8223
<td><p><span class="term"><em class="parameter"><code>bits</code></em> :</span></p></td>
6021
<td>
8224
<td>if non null will hold the prime's number of bits
6022
8225
</td>
6023
8226
</tr>
6024
8227
<tr>
6025
8228
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
6026
<td>
8229
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an negative error code.
6027
8230
</td>
6028
8231
</tr>
6029
8232
</tbody>
6037
8240
<em class="parameter"><code>unsigned <span class="type">char</span> *params_data</code></em>,
6038
8241
<em class="parameter"><code><span class="type">size_t</span> *params_data_size</code></em>);</pre>
6039
8242
<p>
8243
This function will export the given RSA parameters to a PKCS1
8244
RSAPublicKey structure. If the buffer provided is not long enough to
8245
hold the output, then GNUTLS_E_SHORT_MEMORY_BUFFER will be returned.
8246
</p>
8247
<p>
8248
If the structure is PEM encoded, it will have a header
8249
of "BEGIN RSA PRIVATE KEY".
6040
8250
</p>
6041
8251
<div class="variablelist"><table border="0">
6042
8252
<col align="left" valign="top">
6043
8253
<tbody>
6044
8254
<tr>
6045
8255
<td><p><span class="term"><em class="parameter"><code>params</code></em> :</span></p></td>
6046
<td>
8256
<td>Holds the RSA parameters
6047
8257
</td>
6048
8258
</tr>
6049
8259
<tr>
6050
8260
<td><p><span class="term"><em class="parameter"><code>format</code></em> :</span></p></td>
6051
<td>
8261
<td>the format of output params. One of PEM or DER.
6052
8262
</td>
6053
8263
</tr>
6054
8264
<tr>
6055
8265
<td><p><span class="term"><em class="parameter"><code>params_data</code></em> :</span></p></td>
6056
<td>
8266
<td>will contain a PKCS1 RSAPublicKey structure PEM or DER encoded
6057
8267
</td>
6058
8268
</tr>
6059
8269
<tr>
6060
8270
<td><p><span class="term"><em class="parameter"><code>params_data_size</code></em> :</span></p></td>
6061
<td>
8271
<td>holds the size of params_data (and will be replaced by the actual size of parameters)
6062
8272
</td>
6063
8273
</tr>
6064
8274
<tr>
6065
8275
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
6066
<td>
8276
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an negative error code.
6067
8277
</td>
6068
8278
</tr>
6069
8279
</tbody>
6076
8286
<em class="parameter"><code>const <span class="type">gnutls_datum_t</span> *pkcs1_params</code></em>,
6077
8287
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> format</code></em>);</pre>
6078
8288
<p>
8289
This function will extract the RSAPublicKey found in a PKCS1 formatted
8290
structure.
8291
</p>
8292
<p>
8293
If the structure is PEM encoded, it should have a header
8294
of "BEGIN RSA PRIVATE KEY".
6079
8295
</p>
6080
8296
<div class="variablelist"><table border="0">
6081
8297
<col align="left" valign="top">
6082
8298
<tbody>
6083
8299
<tr>
6084
8300
<td><p><span class="term"><em class="parameter"><code>params</code></em> :</span></p></td>
6085
<td>
8301
<td>A structure where the parameters will be copied to
6086
8302
</td>
6087
8303
</tr>
6088
8304
<tr>
6089
8305
<td><p><span class="term"><em class="parameter"><code>pkcs1_params</code></em> :</span></p></td>
6090
<td>
8306
<td>should contain a PKCS1 RSAPublicKey structure PEM or DER encoded
6091
8307
</td>
6092
8308
</tr>
6093
8309
<tr>
6094
8310
<td><p><span class="term"><em class="parameter"><code>format</code></em> :</span></p></td>
6095
<td>
8311
<td>the format of params. PEM or DER.
6096
8312
</td>
6097
8313
</tr>
6098
8314
<tr>
6099
8315
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
6100
<td>
8316
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an negative error code.
6101
8317
</td>
6102
8318
</tr>
6103
8319
</tbody>
6177
8393
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_transport_set_ptr (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
6178
8394
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-transport-ptr-t" title="gnutls_transport_ptr_t"><span class="type">gnutls_transport_ptr_t</span></a> ptr</code></em>);</pre>
6179
8395
<p>
8396
Used to set the first argument of the transport function (like PUSH
8397
and PULL). In berkeley style sockets this function will set the
8398
connection handle.
6180
8399
</p>
6181
8400
<div class="variablelist"><table border="0">
6182
8401
<col align="left" valign="top">
6183
8402
<tbody>
6184
8403
<tr>
6185
8404
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
6186
<td>
8405
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
6187
8406
</td>
6188
8407
</tr>
6189
8408
<tr>
6190
8409
<td><p><span class="term"><em class="parameter"><code>ptr</code></em> :</span></p></td>
6191
<td>
8410
<td>is the value.
6192
8411
</td>
6193
8412
</tr>
6194
8413
</tbody>
6201
8420
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-transport-ptr-t" title="gnutls_transport_ptr_t"><span class="type">gnutls_transport_ptr_t</span></a> recv_ptr</code></em>,
6202
8421
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-transport-ptr-t" title="gnutls_transport_ptr_t"><span class="type">gnutls_transport_ptr_t</span></a> send_ptr</code></em>);</pre>
6203
8422
<p>
8423
Used to set the first argument of the transport function (like PUSH
8424
and PULL). In berkeley style sockets this function will set the
8425
connection handle. With this function you can use two different
8426
pointers for receiving and sending.
6204
8427
</p>
6205
8428
<div class="variablelist"><table border="0">
6206
8429
<col align="left" valign="top">
6207
8430
<tbody>
6208
8431
<tr>
6209
8432
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
6210
<td>
8433
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
6211
8434
</td>
6212
8435
</tr>
6213
8436
<tr>
6214
8437
<td><p><span class="term"><em class="parameter"><code>recv_ptr</code></em> :</span></p></td>
6215
<td>
8438
<td>is the value for the pull function
6216
8439
</td>
6217
8440
</tr>
6218
8441
<tr>
6219
8442
<td><p><span class="term"><em class="parameter"><code>send_ptr</code></em> :</span></p></td>
6220
<td>
8443
<td>is the value for the push function
6221
8444
</td>
6222
8445
</tr>
6223
8446
</tbody>
6228
8451
<a name="gnutls-transport-get-ptr"></a><h3>gnutls_transport_get_ptr ()</h3>
6229
8452
<pre class="programlisting"><a class="link" href="gnutls-gnutls.html#gnutls-transport-ptr-t" title="gnutls_transport_ptr_t"><span class="returnvalue">gnutls_transport_ptr_t</span></a> gnutls_transport_get_ptr (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
6230
8453
<p>
8454
Used to get the first argument of the transport function (like
8455
PUSH and PULL). This must have been set using
8456
<a class="link" href="gnutls-gnutls.html#gnutls-transport-set-ptr" title="gnutls_transport_set_ptr ()"><code class="function">gnutls_transport_set_ptr()</code></a>.
6231
8457
</p>
6232
8458
<div class="variablelist"><table border="0">
6233
8459
<col align="left" valign="top">
6234
8460
<tbody>
6235
8461
<tr>
6236
8462
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
6237
<td>
8463
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
6238
8464
</td>
6239
8465
</tr>
6240
8466
<tr>
6241
8467
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
6242
<td>
8468
<td> first argument of the transport function.
6243
8469
</td>
6244
8470
</tr>
6245
8471
</tbody>
6252
8478
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-transport-ptr-t" title="gnutls_transport_ptr_t"><span class="type">gnutls_transport_ptr_t</span></a> *recv_ptr</code></em>,
6253
8479
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-transport-ptr-t" title="gnutls_transport_ptr_t"><span class="type">gnutls_transport_ptr_t</span></a> *send_ptr</code></em>);</pre>
6254
8480
<p>
8481
Used to get the arguments of the transport functions (like PUSH
8482
and PULL). These should have been set using
8483
<a class="link" href="gnutls-gnutls.html#gnutls-transport-set-ptr2" title="gnutls_transport_set_ptr2 ()"><code class="function">gnutls_transport_set_ptr2()</code></a>.
6255
8484
</p>
6256
8485
<div class="variablelist"><table border="0">
6257
8486
<col align="left" valign="top">
6258
8487
<tbody>
6259
8488
<tr>
6260
8489
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
6261
<td>
8490
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
6262
8491
</td>
6263
8492
</tr>
6264
8493
<tr>
6265
8494
<td><p><span class="term"><em class="parameter"><code>recv_ptr</code></em> :</span></p></td>
6266
<td>
8495
<td>will hold the value for the pull function
6267
8496
</td>
6268
8497
</tr>
6269
8498
<tr>
6270
8499
<td><p><span class="term"><em class="parameter"><code>send_ptr</code></em> :</span></p></td>
6271
<td>
8500
<td>will hold the value for the push function
6272
8501
</td>
6273
8502
</tr>
6274
8503
</tbody>
6280
8509
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_transport_set_lowat (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
6281
8510
<em class="parameter"><code><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> num</code></em>);</pre>
6282
8511
<p>
8512
Used to set the lowat value in order for select to check if there
8513
are pending data to socket buffer. Used only if you have changed
8514
the default low water value (default is 1). Normally you will not
8515
need that function. This function is only useful if using
8516
berkeley style sockets. Otherwise it must be called and set lowat
8517
to zero.
6283
8518
</p>
6284
8519
<div class="variablelist"><table border="0">
6285
8520
<col align="left" valign="top">
6286
8521
<tbody>
6287
8522
<tr>
6288
8523
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
6289
<td>
8524
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
6290
8525
</td>
6291
8526
</tr>
6292
8527
<tr>
6293
8528
<td><p><span class="term"><em class="parameter"><code>num</code></em> :</span></p></td>
6294
<td>
8529
<td>is the low water value.
6295
8530
</td>
6296
8531
</tr>
6297
8532
</tbody>
6303
8538
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_transport_set_push_function (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
6304
8539
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-push-func" title="gnutls_push_func ()"><span class="type">gnutls_push_func</span></a> push_func</code></em>);</pre>
6305
8540
<p>
8541
This is the function where you set a push function for gnutls to
8542
use in order to send data. If you are going to use berkeley style
8543
sockets, you do not need to use this function since the default
8544
(send(2)) will probably be ok. Otherwise you should specify this
8545
function for gnutls to be able to send data.
8546
</p>
8547
<p>
8548
PUSH_FUNC is of the form,
8549
ssize_t (*gnutls_push_func)(gnutls_transport_ptr_t, const void*, size_t);
6306
8550
</p>
6307
8551
<div class="variablelist"><table border="0">
6308
8552
<col align="left" valign="top">
6309
8553
<tbody>
6310
8554
<tr>
6311
8555
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
6312
<td>
8556
<td>gnutls session
6313
8557
</td>
6314
8558
</tr>
6315
8559
<tr>
6316
8560
<td><p><span class="term"><em class="parameter"><code>push_func</code></em> :</span></p></td>
6317
<td>
8561
<td>a callback function similar to <code class="function">write()</code>
6318
8562
</td>
6319
8563
</tr>
6320
8564
</tbody>
6326
8570
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_transport_set_pull_function (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
6327
8571
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pull-func" title="gnutls_pull_func ()"><span class="type">gnutls_pull_func</span></a> pull_func</code></em>);</pre>
6328
8572
<p>
8573
This is the function where you set a function for gnutls to receive
8574
data. Normally, if you use berkeley style sockets, do not need to
8575
use this function since the default (recv(2)) will probably be ok.
8576
</p>
8577
<p>
8578
PULL_FUNC is of the form,
8579
ssize_t (*gnutls_pull_func)(gnutls_transport_ptr_t, void*, size_t);
6329
8580
</p>
6330
8581
<div class="variablelist"><table border="0">
6331
8582
<col align="left" valign="top">
6332
8583
<tbody>
6333
8584
<tr>
6334
8585
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
6335
<td>
8586
<td>gnutls session
6336
8587
</td>
6337
8588
</tr>
6338
8589
<tr>
6339
8590
<td><p><span class="term"><em class="parameter"><code>pull_func</code></em> :</span></p></td>
6340
<td>
8591
<td>a callback function similar to <code class="function">read()</code>
6341
8592
</td>
6342
8593
</tr>
6343
8594
</tbody>
6364
8615
<p>
6365
8616
If you don't have the <em class="parameter"><code>session</code></em> variable easily accessible from the
6366
8617
push/pull function, and don't worry about thread conflicts, you can
6367
also use <a class="link" href="gnutls-gnutls.html#gnutls-transport-set-global-errno" title="gnutls_transport_set_global_errno ()"><code class="function">gnutls_transport_set_global_errno()</code></a>.</p>
8618
also use <a class="link" href="gnutls-gnutls.html#gnutls-transport-set-global-errno" title="gnutls_transport_set_global_errno ()"><code class="function">gnutls_transport_set_global_errno()</code></a>.
8619
</p>
6368
8620
<div class="variablelist"><table border="0">
6369
8621
<col align="left" valign="top">
6370
8622
<tbody>
6402
8654
Whether this function is thread safe or not depends on whether the
6403
8655
global variable errno is thread safe, some system libraries make it
6404
8656
a thread-local variable. When feasible, using the guaranteed
6405
thread-safe <a class="link" href="gnutls-gnutls.html#gnutls-transport-set-errno" title="gnutls_transport_set_errno ()"><code class="function">gnutls_transport_set_errno()</code></a> may be better.</p>
8657
thread-safe <a class="link" href="gnutls-gnutls.html#gnutls-transport-set-errno" title="gnutls_transport_set_errno ()"><code class="function">gnutls_transport_set_errno()</code></a> may be better.
8658
</p>
6406
8659
<div class="variablelist"><table border="0">
6407
8660
<col align="left" valign="top">
6408
8661
<tbody><tr>
6418
8671
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_session_set_ptr (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
6419
8672
<em class="parameter"><code><span class="type">void</span> *ptr</code></em>);</pre>
6420
8673
<p>
8674
This function will set (associate) the user given pointer <em class="parameter"><code>ptr</code></em> to
8675
the session structure. This is pointer can be accessed with
8676
<a class="link" href="gnutls-gnutls.html#gnutls-session-get-ptr" title="gnutls_session_get_ptr ()"><code class="function">gnutls_session_get_ptr()</code></a>.
6421
8677
</p>
6422
8678
<div class="variablelist"><table border="0">
6423
8679
<col align="left" valign="top">
6424
8680
<tbody>
6425
8681
<tr>
6426
8682
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
6427
<td>
8683
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
6428
8684
</td>
6429
8685
</tr>
6430
8686
<tr>
6431
8687
<td><p><span class="term"><em class="parameter"><code>ptr</code></em> :</span></p></td>
6432
<td>
8688
<td>is the user pointer
6433
8689
</td>
6434
8690
</tr>
6435
8691
</tbody>
6440
8696
<a name="gnutls-session-get-ptr"></a><h3>gnutls_session_get_ptr ()</h3>
6441
8697
<pre class="programlisting"><span class="returnvalue">void</span> * gnutls_session_get_ptr (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
6442
8698
<p>
8699
Get user pointer for session. Useful in callbacks. This is the
8700
pointer set with <a class="link" href="gnutls-gnutls.html#gnutls-session-set-ptr" title="gnutls_session_set_ptr ()"><code class="function">gnutls_session_set_ptr()</code></a>.
6443
8701
</p>
6444
8702
<div class="variablelist"><table border="0">
6445
8703
<col align="left" valign="top">
6446
8704
<tbody>
6447
8705
<tr>
6448
8706
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
6449
<td>
8707
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
6450
8708
</td>
6451
8709
</tr>
6452
8710
<tr>
6453
8711
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
6454
<td>
8712
<td> the user given pointer from the session structure, or
8713
<code class="literal">NULL</code> if it was never set.
6455
8714
</td>
6456
8715
</tr>
6457
8716
</tbody>
6463
8722
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_openpgp_send_cert (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
6464
8723
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-openpgp-crt-status-t" title="enum gnutls_openpgp_crt_status_t"><span class="type">gnutls_openpgp_crt_status_t</span></a> status</code></em>);</pre>
6465
8724
<p>
8725
This function will order gnutls to send the key fingerprint
8726
instead of the key in the initial handshake procedure. This should
8727
be used with care and only when there is indication or knowledge
8728
that the server can obtain the client's key.
6466
8729
</p>
6467
8730
<div class="variablelist"><table border="0">
6468
8731
<col align="left" valign="top">
6469
8732
<tbody>
6470
8733
<tr>
6471
8734
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
6472
<td>
8735
<td>is a pointer to a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
6473
8736
</td>
6474
8737
</tr>
6475
8738
<tr>
6476
8739
<td><p><span class="term"><em class="parameter"><code>status</code></em> :</span></p></td>
6477
<td>
8740
<td>is one of GNUTLS_OPENPGP_CERT, or GNUTLS_OPENPGP_CERT_FINGERPRINT
6478
8741
</td>
6479
8742
</tr>
6480
8743
</tbody>
6488
8751
<em class="parameter"><code><span class="type">void</span> *result</code></em>,
6489
8752
<em class="parameter"><code><span class="type">size_t</span> *result_size</code></em>);</pre>
6490
8753
<p>
8754
This function will calculate a fingerprint (actually a hash), of
8755
the given data. The result is not printable data. You should
8756
convert it to hex, or to something else printable.
8757
</p>
8758
<p>
8759
This is the usual way to calculate a fingerprint of an X.509 DER
8760
encoded certificate. Note however that the fingerprint of an
8761
OpenPGP is not just a hash and cannot be calculated with this
8762
function.
6491
8763
</p>
6492
8764
<div class="variablelist"><table border="0">
6493
8765
<col align="left" valign="top">
6494
8766
<tbody>
6495
8767
<tr>
6496
8768
<td><p><span class="term"><em class="parameter"><code>algo</code></em> :</span></p></td>
6497
<td>
8769
<td>is a digest algorithm
6498
8770
</td>
6499
8771
</tr>
6500
8772
<tr>
6501
8773
<td><p><span class="term"><em class="parameter"><code>data</code></em> :</span></p></td>
6502
<td>
8774
<td>is the data
6503
8775
</td>
6504
8776
</tr>
6505
8777
<tr>
6506
8778
<td><p><span class="term"><em class="parameter"><code>result</code></em> :</span></p></td>
6507
<td>
8779
<td>is the place where the result will be copied (may be null).
6508
8780
</td>
6509
8781
</tr>
6510
8782
<tr>
6511
8783
<td><p><span class="term"><em class="parameter"><code>result_size</code></em> :</span></p></td>
6512
<td>
8784
<td>should hold the size of the result. The actual size
8785
of the returned result will also be copied there.
6513
8786
</td>
6514
8787
</tr>
6515
8788
<tr>
6516
8789
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
6517
<td>
8790
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise
8791
an error code is returned.
6518
8792
</td>
6519
8793
</tr>
6520
8794
</tbody>
6525
8799
<a name="gnutls-srp-free-client-credentials"></a><h3>gnutls_srp_free_client_credentials ()</h3>
6526
8800
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_srp_free_client_credentials (<em class="parameter"><code><span class="type">gnutls_srp_client_credentials_t</span> sc</code></em>);</pre>
6527
8801
<p>
8802
This structure is complex enough to manipulate directly thus
8803
this helper function is provided in order to free (deallocate) it.
6528
8804
</p>
6529
8805
<div class="variablelist"><table border="0">
6530
8806
<col align="left" valign="top">
6531
8807
<tbody><tr>
6532
8808
<td><p><span class="term"><em class="parameter"><code>sc</code></em> :</span></p></td>
6533
<td>
8809
<td>is a <span class="type">gnutls_srp_client_credentials_t</span> structure.
6534
8810
</td>
6535
8811
</tr></tbody>
6536
8812
</table></div>
6541
8817
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_srp_allocate_client_credentials
6542
8818
(<em class="parameter"><code><span class="type">gnutls_srp_client_credentials_t</span> *sc</code></em>);</pre>
6543
8819
<p>
8820
This structure is complex enough to manipulate directly thus
8821
this helper function is provided in order to allocate it.
6544
8822
</p>
6545
8823
<div class="variablelist"><table border="0">
6546
8824
<col align="left" valign="top">
6547
8825
<tbody>
6548
8826
<tr>
6549
8827
<td><p><span class="term"><em class="parameter"><code>sc</code></em> :</span></p></td>
6550
<td>
8828
<td>is a pointer to a <span class="type">gnutls_srp_server_credentials_t</span> structure.
6551
8829
</td>
6552
8830
</tr>
6553
8831
<tr>
6554
8832
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
6555
<td>
8833
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, or an
8834
error code.
6556
8835
</td>
6557
8836
</tr>
6558
8837
</tbody>
6565
8844
<em class="parameter"><code>const <span class="type">char</span> *username</code></em>,
6566
8845
<em class="parameter"><code>const <span class="type">char</span> *password</code></em>);</pre>
6567
8846
<p>
8847
This function sets the username and password, in a
8848
<span class="type">gnutls_srp_client_credentials_t</span> structure. Those will be used in
8849
SRP authentication. <em class="parameter"><code>username</code></em> and <em class="parameter"><code>password</code></em> should be ASCII
8850
strings or UTF-8 strings prepared using the "SASLprep" profile of
8851
"stringprep".
6568
8852
</p>
6569
8853
<div class="variablelist"><table border="0">
6570
8854
<col align="left" valign="top">
6571
8855
<tbody>
6572
8856
<tr>
6573
8857
<td><p><span class="term"><em class="parameter"><code>res</code></em> :</span></p></td>
6574
<td>
8858
<td>is a <span class="type">gnutls_srp_client_credentials_t</span> structure.
6575
8859
</td>
6576
8860
</tr>
6577
8861
<tr>
6578
8862
<td><p><span class="term"><em class="parameter"><code>username</code></em> :</span></p></td>
6579
<td>
8863
<td>is the user's userid
6580
8864
</td>
6581
8865
</tr>
6582
8866
<tr>
6583
8867
<td><p><span class="term"><em class="parameter"><code>password</code></em> :</span></p></td>
6584
<td>
8868
<td>is the user's password
6585
8869
</td>
6586
8870
</tr>
6587
8871
<tr>
6588
8872
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
6589
<td>
8873
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, or an
8874
error code.
6590
8875
</td>
6591
8876
</tr>
6592
8877
</tbody>
6597
8882
<a name="gnutls-srp-free-server-credentials"></a><h3>gnutls_srp_free_server_credentials ()</h3>
6598
8883
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_srp_free_server_credentials (<em class="parameter"><code><span class="type">gnutls_srp_server_credentials_t</span> sc</code></em>);</pre>
6599
8884
<p>
8885
This structure is complex enough to manipulate directly thus
8886
this helper function is provided in order to free (deallocate) it.
6600
8887
</p>
6601
8888
<div class="variablelist"><table border="0">
6602
8889
<col align="left" valign="top">
6603
8890
<tbody><tr>
6604
8891
<td><p><span class="term"><em class="parameter"><code>sc</code></em> :</span></p></td>
6605
<td>
8892
<td>is a <span class="type">gnutls_srp_server_credentials_t</span> structure.
6606
8893
</td>
6607
8894
</tr></tbody>
6608
8895
</table></div>
6613
8900
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_srp_allocate_server_credentials
6614
8901
(<em class="parameter"><code><span class="type">gnutls_srp_server_credentials_t</span> *sc</code></em>);</pre>
6615
8902
<p>
8903
This structure is complex enough to manipulate directly thus this
8904
helper function is provided in order to allocate it.
6616
8905
</p>
6617
8906
<div class="variablelist"><table border="0">
6618
8907
<col align="left" valign="top">
6619
8908
<tbody>
6620
8909
<tr>
6621
8910
<td><p><span class="term"><em class="parameter"><code>sc</code></em> :</span></p></td>
6622
<td>
8911
<td>is a pointer to a <span class="type">gnutls_srp_server_credentials_t</span> structure.
6623
8912
</td>
6624
8913
</tr>
6625
8914
<tr>
6626
8915
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
6627
<td>
8916
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, or an
8917
error code.
6628
8918
</td>
6629
8919
</tr>
6630
8920
</tbody>
6638
8928
<em class="parameter"><code>const <span class="type">char</span> *password_file</code></em>,
6639
8929
<em class="parameter"><code>const <span class="type">char</span> *password_conf_file</code></em>);</pre>
6640
8930
<p>
8931
This function sets the password files, in a
8932
<span class="type">gnutls_srp_server_credentials_t</span> structure. Those password files
8933
hold usernames and verifiers and will be used for SRP
8934
authentication.
6641
8935
</p>
6642
8936
<div class="variablelist"><table border="0">
6643
8937
<col align="left" valign="top">
6644
8938
<tbody>
6645
8939
<tr>
6646
8940
<td><p><span class="term"><em class="parameter"><code>res</code></em> :</span></p></td>
6647
<td>
8941
<td>is a <span class="type">gnutls_srp_server_credentials_t</span> structure.
6648
8942
</td>
6649
8943
</tr>
6650
8944
<tr>
6651
8945
<td><p><span class="term"><em class="parameter"><code>password_file</code></em> :</span></p></td>
6652
<td>
8946
<td>is the SRP password file (tpasswd)
6653
8947
</td>
6654
8948
</tr>
6655
8949
<tr>
6656
8950
<td><p><span class="term"><em class="parameter"><code>password_conf_file</code></em> :</span></p></td>
6657
<td>
8951
<td>is the SRP password conf file (tpasswd.conf)
6658
8952
</td>
6659
8953
</tr>
6660
8954
<tr>
6661
8955
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
6662
<td>
8956
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, or an
8957
error code.
6663
8958
</td>
6664
8959
</tr>
6665
8960
</tbody>
6670
8965
<a name="gnutls-srp-server-get-username"></a><h3>gnutls_srp_server_get_username ()</h3>
6671
8966
<pre class="programlisting">const <span class="returnvalue">char</span> * gnutls_srp_server_get_username (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
6672
8967
<p>
8968
This function will return the username of the peer. This should
8969
only be called in case of SRP authentication and in case of a
8970
server. Returns NULL in case of an error.
6673
8971
</p>
6674
8972
<div class="variablelist"><table border="0">
6675
8973
<col align="left" valign="top">
6676
8974
<tbody>
6677
8975
<tr>
6678
8976
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
6679
<td>
8977
<td>is a gnutls session
6680
8978
</td>
6681
8979
</tr>
6682
8980
<tr>
6683
8981
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
6684
<td>
8982
<td> SRP username of the peer, or NULL in case of error.
6685
8983
</td>
6686
8984
</tr>
6687
8985
</tbody>
6693
8991
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_srp_set_prime_bits (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
6694
8992
<em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> bits</code></em>);</pre>
6695
8993
<p>
8994
This function sets the minimum accepted number of bits, for use in
8995
an SRP key exchange. If zero, the default 2048 bits will be used.
8996
</p>
8997
<p>
8998
In the client side it sets the minimum accepted number of bits. If
8999
a server sends a prime with less bits than that
9000
<a class="link" href="gnutls-gnutls.html#GNUTLS-E-RECEIVED-ILLEGAL-PARAMETER:CAPS" title="GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER"><code class="literal">GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER</code></a> will be returned by the
9001
handshake.
9002
</p>
9003
<p>
9004
This function has no effect in server side.
6696
9005
</p>
6697
9006
<div class="variablelist"><table border="0">
6698
9007
<col align="left" valign="top">
6699
9008
<tbody>
6700
9009
<tr>
6701
9010
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
6702
<td>
9011
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
6703
9012
</td>
6704
9013
</tr>
6705
9014
<tr>
6706
9015
<td><p><span class="term"><em class="parameter"><code>bits</code></em> :</span></p></td>
6707
<td>
9016
<td>is the number of bits
6708
9017
</td>
6709
9018
</tr>
6710
9019
</tbody>
6711
9020
</table></div>
9021
<p class="since">Since 2.6.0</p>
6712
9022
</div>
6713
9023
<hr>
6714
9024
<div class="refsect2" title="gnutls_srp_verifier ()">
6720
9030
<em class="parameter"><code>const <span class="type">gnutls_datum_t</span> *prime</code></em>,
6721
9031
<em class="parameter"><code><span class="type">gnutls_datum_t</span> *res</code></em>);</pre>
6722
9032
<p>
9033
This function will create an SRP verifier, as specified in
9034
RFC2945. The <em class="parameter"><code>prime</code></em> and <em class="parameter"><code>generator</code></em> should be one of the static
9035
parameters defined in gnutls/extra.h or may be generated using the
9036
libgcrypt functions <code class="function">gcry_prime_generate()</code> and
9037
<code class="function">gcry_prime_group_generator()</code>.
9038
</p>
9039
<p>
9040
The verifier will be allocated with <em class="parameter"><code>malloc</code></em> and will be stored in
9041
<em class="parameter"><code>res</code></em> using binary format.
6723
9042
</p>
6724
9043
<div class="variablelist"><table border="0">
6725
9044
<col align="left" valign="top">
6726
9045
<tbody>
6727
9046
<tr>
6728
9047
<td><p><span class="term"><em class="parameter"><code>username</code></em> :</span></p></td>
6729
<td>
9048
<td>is the user's name
6730
9049
</td>
6731
9050
</tr>
6732
9051
<tr>
6733
9052
<td><p><span class="term"><em class="parameter"><code>password</code></em> :</span></p></td>
6734
<td>
9053
<td>is the user's password
6735
9054
</td>
6736
9055
</tr>
6737
9056
<tr>
6738
9057
<td><p><span class="term"><em class="parameter"><code>salt</code></em> :</span></p></td>
6739
<td>
9058
<td>should be some randomly generated bytes
6740
9059
</td>
6741
9060
</tr>
6742
9061
<tr>
6743
9062
<td><p><span class="term"><em class="parameter"><code>generator</code></em> :</span></p></td>
6744
<td>
9063
<td>is the generator of the group
6745
9064
</td>
6746
9065
</tr>
6747
9066
<tr>
6748
9067
<td><p><span class="term"><em class="parameter"><code>prime</code></em> :</span></p></td>
6749
<td>
9068
<td>is the group's prime
6750
9069
</td>
6751
9070
</tr>
6752
9071
<tr>
6753
9072
<td><p><span class="term"><em class="parameter"><code>res</code></em> :</span></p></td>
6754
<td>
9073
<td>where the verifier will be stored.
6755
9074
</td>
6756
9075
</tr>
6757
9076
<tr>
6758
9077
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
6759
<td>
9078
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, or an
9079
error code.
6760
9080
</td>
6761
9081
</tr>
6762
9082
</tbody>
6817
9137
(<em class="parameter"><code><span class="type">gnutls_srp_server_credentials_t</span> cred</code></em>,
6818
9138
<em class="parameter"><code><span class="type">gnutls_srp_server_credentials_function</span> *func</code></em>);</pre>
6819
9139
<p>
9140
This function can be used to set a callback to retrieve the user's
9141
SRP credentials. The callback's function form is:
9142
</p>
9143
<p>
9144
int (*callback)(gnutls_session_t, const char* username,
9145
gnutls_datum_t* salt, gnutls_datum_t *verifier, gnutls_datum_t* g,
9146
gnutls_datum_t* n);
9147
</p>
9148
<p>
9149
<em class="parameter"><code>username</code></em> contains the actual username.
9150
The <em class="parameter"><code>salt</code></em>, <em class="parameter"><code>verifier</code></em>, <em class="parameter"><code>generator</code></em> and <em class="parameter"><code>prime</code></em> must be filled
9151
in using the <a class="link" href="gnutls-gnutls.html#gnutls-malloc" title="gnutls_malloc"><code class="function">gnutls_malloc()</code></a>. For convenience <em class="parameter"><code>prime</code></em> and <em class="parameter"><code>generator</code></em>
9152
may also be one of the static parameters defined in extra.h.
9153
</p>
9154
<p>
9155
In case the callback returned a negative number then gnutls will
9156
assume that the username does not exist.
9157
</p>
9158
<p>
9159
In order to prevent attackers from guessing valid usernames,
9160
if a user does not exist, g and n values should be filled in
9161
using a random user's parameters. In that case the callback must
9162
return the special value (1).
9163
</p>
9164
<p>
9165
The callback function will only be called once per handshake.
9166
The callback function should return 0 on success, while
9167
-1 indicates an error.
6820
9168
</p>
6821
9169
<div class="variablelist"><table border="0">
6822
9170
<col align="left" valign="top">
6823
9171
<tbody>
6824
9172
<tr>
6825
9173
<td><p><span class="term"><em class="parameter"><code>cred</code></em> :</span></p></td>
6826
<td>
9174
<td>is a <span class="type">gnutls_srp_server_credentials_t</span> structure.
6827
9175
</td>
6828
9176
</tr>
6829
9177
<tr>
6830
9178
<td><p><span class="term"><em class="parameter"><code>func</code></em> :</span></p></td>
6831
<td>
9179
<td>is the callback function
6832
9180
</td>
6833
9181
</tr>
6834
9182
</tbody>
6841
9189
(<em class="parameter"><code><span class="type">gnutls_srp_client_credentials_t</span> cred</code></em>,
6842
9190
<em class="parameter"><code><span class="type">gnutls_srp_client_credentials_function</span> *func</code></em>);</pre>
6843
9191
<p>
9192
This function can be used to set a callback to retrieve the
9193
username and password for client SRP authentication. The
9194
callback's function form is:
9195
</p>
9196
<p>
9197
int (*callback)(gnutls_session_t, char** username, char**password);
9198
</p>
9199
<p>
9200
The <em class="parameter"><code>username</code></em> and <em class="parameter"><code>password</code></em> must be allocated using
9201
<a class="link" href="gnutls-gnutls.html#gnutls-malloc" title="gnutls_malloc"><code class="function">gnutls_malloc()</code></a>. <em class="parameter"><code>username</code></em> and <em class="parameter"><code>password</code></em> should be ASCII strings
9202
or UTF-8 strings prepared using the "SASLprep" profile of
9203
"stringprep".
9204
</p>
9205
<p>
9206
The callback function will be called once per handshake before the
9207
initial hello message is sent.
9208
</p>
9209
<p>
9210
The callback should not return a negative error code the second
9211
time called, since the handshake procedure will be aborted.
9212
</p>
9213
<p>
9214
The callback function should return 0 on success.
9215
-1 indicates an error.
6844
9216
</p>
6845
9217
<div class="variablelist"><table border="0">
6846
9218
<col align="left" valign="top">
6847
9219
<tbody>
6848
9220
<tr>
6849
9221
<td><p><span class="term"><em class="parameter"><code>cred</code></em> :</span></p></td>
6850
<td>
9222
<td>is a <span class="type">gnutls_srp_server_credentials_t</span> structure.
6851
9223
</td>
6852
9224
</tr>
6853
9225
<tr>
6854
9226
<td><p><span class="term"><em class="parameter"><code>func</code></em> :</span></p></td>
6855
<td>
9227
<td>is the callback function
6856
9228
</td>
6857
9229
</tr>
6858
9230
</tbody>
6865
9237
<em class="parameter"><code><span class="type">char</span> *result</code></em>,
6866
9238
<em class="parameter"><code><span class="type">size_t</span> *result_size</code></em>);</pre>
6867
9239
<p>
9240
This function will convert the given data to printable data, using
9241
the base64 encoding, as used in the libsrp. This is the encoding
9242
used in SRP password files. If the provided buffer is not long
9243
enough GNUTLS_E_SHORT_MEMORY_BUFFER is returned.
9244
</p>
9245
<p>
9246
Warning! This base64 encoding is not the "standard" encoding, so
9247
do not use it for non-SRP purposes.
6868
9248
</p>
6869
9249
<div class="variablelist"><table border="0">
6870
9250
<col align="left" valign="top">
6871
9251
<tbody>
6872
9252
<tr>
6873
9253
<td><p><span class="term"><em class="parameter"><code>data</code></em> :</span></p></td>
6874
<td>
9254
<td>contain the raw data
6875
9255
</td>
6876
9256
</tr>
6877
9257
<tr>
6878
9258
<td><p><span class="term"><em class="parameter"><code>result</code></em> :</span></p></td>
6879
<td>
9259
<td>the place where base64 data will be copied
6880
9260
</td>
6881
9261
</tr>
6882
9262
<tr>
6883
9263
<td><p><span class="term"><em class="parameter"><code>result_size</code></em> :</span></p></td>
6884
<td>
9264
<td>holds the size of the result
6885
9265
</td>
6886
9266
</tr>
6887
9267
<tr>
6888
9268
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
6889
<td>
9269
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> if the buffer given is not
9270
long enough, or 0 on success.
6890
9271
</td>
6891
9272
</tr>
6892
9273
</tbody>
6898
9279
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_srp_base64_encode_alloc (<em class="parameter"><code>const <span class="type">gnutls_datum_t</span> *data</code></em>,
6899
9280
<em class="parameter"><code><span class="type">gnutls_datum_t</span> *result</code></em>);</pre>
6900
9281
<p>
9282
This function will convert the given data to printable data, using
9283
the base64 encoding. This is the encoding used in SRP password
9284
files. This function will allocate the required memory to hold
9285
the encoded data.
9286
</p>
9287
<p>
9288
You should use <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free"><code class="function">gnutls_free()</code></a> to free the returned data.
9289
</p>
9290
<p>
9291
Warning! This base64 encoding is not the "standard" encoding, so
9292
do not use it for non-SRP purposes.
6901
9293
</p>
6902
9294
<div class="variablelist"><table border="0">
6903
9295
<col align="left" valign="top">
6904
9296
<tbody>
6905
9297
<tr>
6906
9298
<td><p><span class="term"><em class="parameter"><code>data</code></em> :</span></p></td>
6907
<td>
9299
<td>contains the raw data
6908
9300
</td>
6909
9301
</tr>
6910
9302
<tr>
6911
9303
<td><p><span class="term"><em class="parameter"><code>result</code></em> :</span></p></td>
6912
<td>
9304
<td>will hold the newly allocated encoded data
6913
9305
</td>
6914
9306
</tr>
6915
9307
<tr>
6916
9308
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
6917
<td>
9309
<td> 0 on success, or an error code.
6918
9310
</td>
6919
9311
</tr>
6920
9312
</tbody>
6927
9319
<em class="parameter"><code><span class="type">char</span> *result</code></em>,
6928
9320
<em class="parameter"><code><span class="type">size_t</span> *result_size</code></em>);</pre>
6929
9321
<p>
9322
This function will decode the given encoded data, using the base64
9323
encoding found in libsrp.
9324
</p>
9325
<p>
9326
Note that <em class="parameter"><code>b64_data</code></em> should be null terminated.
9327
</p>
9328
<p>
9329
Warning! This base64 encoding is not the "standard" encoding, so
9330
do not use it for non-SRP purposes.
6930
9331
</p>
6931
9332
<div class="variablelist"><table border="0">
6932
9333
<col align="left" valign="top">
6933
9334
<tbody>
6934
9335
<tr>
6935
9336
<td><p><span class="term"><em class="parameter"><code>b64_data</code></em> :</span></p></td>
6936
<td>
9337
<td>contain the encoded data
6937
9338
</td>
6938
9339
</tr>
6939
9340
<tr>
6940
9341
<td><p><span class="term"><em class="parameter"><code>result</code></em> :</span></p></td>
6941
<td>
9342
<td>the place where decoded data will be copied
6942
9343
</td>
6943
9344
</tr>
6944
9345
<tr>
6945
9346
<td><p><span class="term"><em class="parameter"><code>result_size</code></em> :</span></p></td>
6946
<td>
9347
<td>holds the size of the result
6947
9348
</td>
6948
9349
</tr>
6949
9350
<tr>
6950
9351
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
6951
<td>
9352
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> if the buffer given is not
9353
long enough, or 0 on success.
6952
9354
</td>
6953
9355
</tr>
6954
9356
</tbody>
6960
9362
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_srp_base64_decode_alloc (<em class="parameter"><code>const <span class="type">gnutls_datum_t</span> *b64_data</code></em>,
6961
9363
<em class="parameter"><code><span class="type">gnutls_datum_t</span> *result</code></em>);</pre>
6962
9364
<p>
9365
This function will decode the given encoded data. The decoded data
9366
will be allocated, and stored into result. It will decode using
9367
the base64 algorithm as used in libsrp.
9368
</p>
9369
<p>
9370
You should use <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free"><code class="function">gnutls_free()</code></a> to free the returned data.
9371
</p>
9372
<p>
9373
Warning! This base64 encoding is not the "standard" encoding, so
9374
do not use it for non-SRP purposes.
6963
9375
</p>
6964
9376
<div class="variablelist"><table border="0">
6965
9377
<col align="left" valign="top">
6966
9378
<tbody>
6967
9379
<tr>
6968
9380
<td><p><span class="term"><em class="parameter"><code>b64_data</code></em> :</span></p></td>
6969
<td>
9381
<td>contains the encoded data
6970
9382
</td>
6971
9383
</tr>
6972
9384
<tr>
6973
9385
<td><p><span class="term"><em class="parameter"><code>result</code></em> :</span></p></td>
6974
<td>
9386
<td>the place where decoded data lie
6975
9387
</td>
6976
9388
</tr>
6977
9389
<tr>
6978
9390
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
6979
<td>
9391
<td> 0 on success, or an error code.
6980
9392
</td>
6981
9393
</tr>
6982
9394
</tbody>
6986
9398
<div class="refsect2" title="enum gnutls_psk_key_flags">
6987
9399
<a name="gnutls-psk-key-flags"></a><h3>enum gnutls_psk_key_flags</h3>
6988
9400
<pre class="programlisting"> typedef enum gnutls_psk_key_flags
6989
{
6990
GNUTLS_PSK_KEY_RAW = 0,
6991
GNUTLS_PSK_KEY_HEX
6992
} gnutls_psk_key_flags;
9401
{
9402
GNUTLS_PSK_KEY_RAW = 0,
9403
GNUTLS_PSK_KEY_HEX
9404
} gnutls_psk_key_flags;
6993
9405
</pre>
6994
9406
<p>
9407
Enumeration of different PSK key flags.
6995
9408
</p>
9409
<div class="variablelist"><table border="0">
9410
<col align="left" valign="top">
9411
<tbody>
9412
<tr>
9413
<td><p><a name="GNUTLS-PSK-KEY-RAW:CAPS"></a><span class="term"><code class="literal">GNUTLS_PSK_KEY_RAW</code></span></p></td>
9414
<td>PSK-key in raw format.
9415
</td>
9416
</tr>
9417
<tr>
9418
<td><p><a name="GNUTLS-PSK-KEY-HEX:CAPS"></a><span class="term"><code class="literal">GNUTLS_PSK_KEY_HEX</code></span></p></td>
9419
<td>PSK-key in hex format.
9420
</td>
9421
</tr>
9422
</tbody>
9423
</table></div>
6996
9424
</div>
6997
9425
<hr>
6998
9426
<div class="refsect2" title="gnutls_psk_free_client_credentials ()">
6999
9427
<a name="gnutls-psk-free-client-credentials"></a><h3>gnutls_psk_free_client_credentials ()</h3>
7000
9428
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_psk_free_client_credentials (<em class="parameter"><code><span class="type">gnutls_psk_client_credentials_t</span> sc</code></em>);</pre>
7001
9429
<p>
9430
This structure is complex enough to manipulate directly thus this
9431
helper function is provided in order to free (deallocate) it.
7002
9432
</p>
7003
9433
<div class="variablelist"><table border="0">
7004
9434
<col align="left" valign="top">
7005
9435
<tbody><tr>
7006
9436
<td><p><span class="term"><em class="parameter"><code>sc</code></em> :</span></p></td>
7007
<td>
9437
<td>is a <span class="type">gnutls_psk_client_credentials_t</span> structure.
7008
9438
</td>
7009
9439
</tr></tbody>
7010
9440
</table></div>
7015
9445
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_psk_allocate_client_credentials
7016
9446
(<em class="parameter"><code><span class="type">gnutls_psk_client_credentials_t</span> *sc</code></em>);</pre>
7017
9447
<p>
9448
This structure is complex enough to manipulate directly thus this
9449
helper function is provided in order to allocate it.
7018
9450
</p>
7019
9451
<div class="variablelist"><table border="0">
7020
9452
<col align="left" valign="top">
7021
9453
<tbody>
7022
9454
<tr>
7023
9455
<td><p><span class="term"><em class="parameter"><code>sc</code></em> :</span></p></td>
7024
<td>
9456
<td>is a pointer to a <span class="type">gnutls_psk_server_credentials_t</span> structure.
7025
9457
</td>
7026
9458
</tr>
7027
9459
<tr>
7028
9460
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
7029
<td>
9461
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an error code.
7030
9462
</td>
7031
9463
</tr>
7032
9464
</tbody>
7040
9472
<em class="parameter"><code>const <span class="type">gnutls_datum_t</span> *key</code></em>,
7041
9473
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-psk-key-flags" title="enum gnutls_psk_key_flags"><span class="type">gnutls_psk_key_flags</span></a> format</code></em>);</pre>
7042
9474
<p>
9475
This function sets the username and password, in a
9476
gnutls_psk_client_credentials_t structure. Those will be used in
9477
PSK authentication. <em class="parameter"><code>username</code></em> should be an ASCII string or UTF-8
9478
strings prepared using the "SASLprep" profile of "stringprep". The
9479
key can be either in raw byte format or in Hex format (without the
9480
0x prefix).
7043
9481
</p>
7044
9482
<div class="variablelist"><table border="0">
7045
9483
<col align="left" valign="top">
7046
9484
<tbody>
7047
9485
<tr>
7048
9486
<td><p><span class="term"><em class="parameter"><code>res</code></em> :</span></p></td>
7049
<td>
9487
<td>is a <span class="type">gnutls_psk_client_credentials_t</span> structure.
7050
9488
</td>
7051
9489
</tr>
7052
9490
<tr>
7053
9491
<td><p><span class="term"><em class="parameter"><code>username</code></em> :</span></p></td>
7054
<td>
9492
<td>is the user's zero-terminated userid
7055
9493
</td>
7056
9494
</tr>
7057
9495
<tr>
7058
9496
<td><p><span class="term"><em class="parameter"><code>key</code></em> :</span></p></td>
7059
<td>
9497
<td>is the user's key
7060
9498
</td>
7061
9499
</tr>
7062
9500
<tr>
7063
9501
<td><p><span class="term"><em class="parameter"><code>format</code></em> :</span></p></td>
7064
<td>
9502
<td>indicate the format of the key, either
9503
<a class="link" href="gnutls-gnutls.html#GNUTLS-PSK-KEY-RAW:CAPS"><code class="literal">GNUTLS_PSK_KEY_RAW</code></a> or <a class="link" href="gnutls-gnutls.html#GNUTLS-PSK-KEY-HEX:CAPS"><code class="literal">GNUTLS_PSK_KEY_HEX</code></a>.
7065
9504
</td>
7066
9505
</tr>
7067
9506
<tr>
7068
9507
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
7069
<td>
9508
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an error code.
7070
9509
</td>
7071
9510
</tr>
7072
9511
</tbody>
7077
9516
<a name="gnutls-psk-free-server-credentials"></a><h3>gnutls_psk_free_server_credentials ()</h3>
7078
9517
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_psk_free_server_credentials (<em class="parameter"><code><span class="type">gnutls_psk_server_credentials_t</span> sc</code></em>);</pre>
7079
9518
<p>
9519
This structure is complex enough to manipulate directly thus this
9520
helper function is provided in order to free (deallocate) it.
7080
9521
</p>
7081
9522
<div class="variablelist"><table border="0">
7082
9523
<col align="left" valign="top">
7083
9524
<tbody><tr>
7084
9525
<td><p><span class="term"><em class="parameter"><code>sc</code></em> :</span></p></td>
7085
<td>
9526
<td>is a <span class="type">gnutls_psk_server_credentials_t</span> structure.
7086
9527
</td>
7087
9528
</tr></tbody>
7088
9529
</table></div>
7093
9534
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_psk_allocate_server_credentials
7094
9535
(<em class="parameter"><code><span class="type">gnutls_psk_server_credentials_t</span> *sc</code></em>);</pre>
7095
9536
<p>
9537
This structure is complex enough to manipulate directly thus this
9538
helper function is provided in order to allocate it.
7096
9539
</p>
7097
9540
<div class="variablelist"><table border="0">
7098
9541
<col align="left" valign="top">
7099
9542
<tbody>
7100
9543
<tr>
7101
9544
<td><p><span class="term"><em class="parameter"><code>sc</code></em> :</span></p></td>
7102
<td>
9545
<td>is a pointer to a <span class="type">gnutls_psk_server_credentials_t</span> structure.
7103
9546
</td>
7104
9547
</tr>
7105
9548
<tr>
7106
9549
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
7107
<td>
9550
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an error code.
7108
9551
</td>
7109
9552
</tr>
7110
9553
</tbody>
7117
9560
(<em class="parameter"><code><span class="type">gnutls_psk_server_credentials_t</span> res</code></em>,
7118
9561
<em class="parameter"><code>const <span class="type">char</span> *password_file</code></em>);</pre>
7119
9562
<p>
9563
This function sets the password file, in a
9564
<code class="literal">gnutls_psk_server_credentials_t</code> structure. This password file
9565
holds usernames and keys and will be used for PSK authentication.
7120
9566
</p>
7121
9567
<div class="variablelist"><table border="0">
7122
9568
<col align="left" valign="top">
7123
9569
<tbody>
7124
9570
<tr>
7125
9571
<td><p><span class="term"><em class="parameter"><code>res</code></em> :</span></p></td>
7126
<td>
9572
<td>is a <span class="type">gnutls_psk_server_credentials_t</span> structure.
7127
9573
</td>
7128
9574
</tr>
7129
9575
<tr>
7130
9576
<td><p><span class="term"><em class="parameter"><code>password_file</code></em> :</span></p></td>
7131
<td>
9577
<td>is the PSK password file (passwd.psk)
7132
9578
</td>
7133
9579
</tr>
7134
9580
<tr>
7135
9581
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
7136
<td>
9582
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an error code.
7137
9583
</td>
7138
9584
</tr>
7139
9585
</tbody>
7146
9592
(<em class="parameter"><code><span class="type">gnutls_psk_server_credentials_t</span> res</code></em>,
7147
9593
<em class="parameter"><code>const <span class="type">char</span> *hint</code></em>);</pre>
7148
9594
<p>
9595
This function sets the identity hint, in a
9596
<code class="literal">gnutls_psk_server_credentials_t</code> structure. This hint is sent to
9597
the client to help it chose a good PSK credential (i.e., username
9598
and password).
7149
9599
</p>
7150
9600
<div class="variablelist"><table border="0">
7151
9601
<col align="left" valign="top">
7152
9602
<tbody>
7153
9603
<tr>
7154
9604
<td><p><span class="term"><em class="parameter"><code>res</code></em> :</span></p></td>
7155
<td>
9605
<td>is a <span class="type">gnutls_psk_server_credentials_t</span> structure.
7156
9606
</td>
7157
9607
</tr>
7158
9608
<tr>
7159
9609
<td><p><span class="term"><em class="parameter"><code>hint</code></em> :</span></p></td>
7160
<td>
9610
<td>is the PSK identity hint string
7161
9611
</td>
7162
9612
</tr>
7163
9613
<tr>
7164
9614
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
7165
<td>
9615
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an error code.
9616
7166
9617
</td>
7167
9618
</tr>
7168
9619
</tbody>
7169
9620
</table></div>
9621
<p class="since">Since 2.4.0</p>
7170
9622
</div>
7171
9623
<hr>
7172
9624
<div class="refsect2" title="gnutls_psk_server_get_username ()">
7173
9625
<a name="gnutls-psk-server-get-username"></a><h3>gnutls_psk_server_get_username ()</h3>
7174
9626
<pre class="programlisting">const <span class="returnvalue">char</span> * gnutls_psk_server_get_username (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
7175
9627
<p>
9628
This should only be called in case of PSK authentication and in
9629
case of a server.
7176
9630
</p>
7177
9631
<div class="variablelist"><table border="0">
7178
9632
<col align="left" valign="top">
7179
9633
<tbody>
7180
9634
<tr>
7181
9635
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
7182
<td>
9636
<td>is a gnutls session
7183
9637
</td>
7184
9638
</tr>
7185
9639
<tr>
7186
9640
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
7187
<td>
9641
<td> the username of the peer, or <code class="literal">NULL</code> in case of an error.
7188
9642
</td>
7189
9643
</tr>
7190
9644
</tbody>
7195
9649
<a name="gnutls-psk-client-get-hint"></a><h3>gnutls_psk_client_get_hint ()</h3>
7196
9650
<pre class="programlisting">const <span class="returnvalue">char</span> * gnutls_psk_client_get_hint (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
7197
9651
<p>
9652
The PSK identity hint may give the client help in deciding which
9653
username to use. This should only be called in case of PSK
9654
authentication and in case of a client.
7198
9655
</p>
7199
9656
<div class="variablelist"><table border="0">
7200
9657
<col align="left" valign="top">
7201
9658
<tbody>
7202
9659
<tr>
7203
9660
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
7204
<td>
9661
<td>is a gnutls session
7205
9662
</td>
7206
9663
</tr>
7207
9664
<tr>
7208
9665
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
7209
<td>
9666
<td> the identity hint of the peer, or <code class="literal">NULL</code> in case of an error.
9667
7210
9668
</td>
7211
9669
</tr>
7212
9670
</tbody>
7213
9671
</table></div>
9672
<p class="since">Since 2.4.0</p>
7214
9673
</div>
7215
9674
<hr>
7216
9675
<div class="refsect2" title="gnutls_psk_set_server_credentials_function ()">
7219
9678
(<em class="parameter"><code><span class="type">gnutls_psk_server_credentials_t</span> cred</code></em>,
7220
9679
<em class="parameter"><code><span class="type">gnutls_psk_server_credentials_function</span> *func</code></em>);</pre>
7221
9680
<p>
9681
This function can be used to set a callback to retrieve the user's PSK credentials.
9682
The callback's function form is:
9683
int (*callback)(gnutls_session_t, const char* username,
9684
gnutls_datum_t* key);
9685
</p>
9686
<p>
9687
<em class="parameter"><code>username</code></em> contains the actual username.
9688
The <em class="parameter"><code>key</code></em> must be filled in using the <a class="link" href="gnutls-gnutls.html#gnutls-malloc" title="gnutls_malloc"><code class="function">gnutls_malloc()</code></a>.
9689
</p>
9690
<p>
9691
In case the callback returned a negative number then gnutls will
9692
assume that the username does not exist.
9693
</p>
9694
<p>
9695
The callback function will only be called once per handshake. The
9696
callback function should return 0 on success, while -1 indicates
9697
an error.
7222
9698
</p>
7223
9699
<div class="variablelist"><table border="0">
7224
9700
<col align="left" valign="top">
7225
9701
<tbody>
7226
9702
<tr>
7227
9703
<td><p><span class="term"><em class="parameter"><code>cred</code></em> :</span></p></td>
7228
<td>
9704
<td>is a <span class="type">gnutls_psk_server_credentials_t</span> structure.
7229
9705
</td>
7230
9706
</tr>
7231
9707
<tr>
7232
9708
<td><p><span class="term"><em class="parameter"><code>func</code></em> :</span></p></td>
7233
<td>
9709
<td>is the callback function
7234
9710
</td>
7235
9711
</tr>
7236
9712
</tbody>
7243
9719
(<em class="parameter"><code><span class="type">gnutls_psk_client_credentials_t</span> cred</code></em>,
7244
9720
<em class="parameter"><code><span class="type">gnutls_psk_client_credentials_function</span> *func</code></em>);</pre>
7245
9721
<p>
9722
This function can be used to set a callback to retrieve the username and
9723
password for client PSK authentication.
9724
The callback's function form is:
9725
int (*callback)(gnutls_session_t, char** username,
9726
gnutls_datum_t* key);
9727
</p>
9728
<p>
9729
The <em class="parameter"><code>username</code></em> and <em class="parameter"><code>key->data</code></em> must be allocated using <a class="link" href="gnutls-gnutls.html#gnutls-malloc" title="gnutls_malloc"><code class="function">gnutls_malloc()</code></a>.
9730
<em class="parameter"><code>username</code></em> should be ASCII strings or UTF-8 strings prepared using
9731
the "SASLprep" profile of "stringprep".
9732
</p>
9733
<p>
9734
The callback function will be called once per handshake.
9735
</p>
9736
<p>
9737
The callback function should return 0 on success.
9738
-1 indicates an error.
7246
9739
</p>
7247
9740
<div class="variablelist"><table border="0">
7248
9741
<col align="left" valign="top">
7249
9742
<tbody>
7250
9743
<tr>
7251
9744
<td><p><span class="term"><em class="parameter"><code>cred</code></em> :</span></p></td>
7252
<td>
9745
<td>is a <span class="type">gnutls_psk_server_credentials_t</span> structure.
7253
9746
</td>
7254
9747
</tr>
7255
9748
<tr>
7256
9749
<td><p><span class="term"><em class="parameter"><code>func</code></em> :</span></p></td>
7257
<td>
9750
<td>is the callback function
7258
9751
</td>
7259
9752
</tr>
7260
9753
</tbody>
7267
9760
<em class="parameter"><code><span class="type">char</span> *result</code></em>,
7268
9761
<em class="parameter"><code><span class="type">size_t</span> *result_size</code></em>);</pre>
7269
9762
<p>
9763
This function will convert the given data to printable data, using
9764
the hex encoding, as used in the PSK password files.
7270
9765
</p>
7271
9766
<div class="variablelist"><table border="0">
7272
9767
<col align="left" valign="top">
7273
9768
<tbody>
7274
9769
<tr>
7275
9770
<td><p><span class="term"><em class="parameter"><code>data</code></em> :</span></p></td>
7276
<td>
9771
<td>contain the raw data
7277
9772
</td>
7278
9773
</tr>
7279
9774
<tr>
7280
9775
<td><p><span class="term"><em class="parameter"><code>result</code></em> :</span></p></td>
7281
<td>
9776
<td>the place where hex data will be copied
7282
9777
</td>
7283
9778
</tr>
7284
9779
<tr>
7285
9780
<td><p><span class="term"><em class="parameter"><code>result_size</code></em> :</span></p></td>
7286
<td>
9781
<td>holds the size of the result
7287
9782
</td>
7288
9783
</tr>
7289
9784
<tr>
7290
9785
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
7291
<td>
9786
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> if the buffer given is not
9787
long enough, or 0 on success.
7292
9788
</td>
7293
9789
</tr>
7294
9790
</tbody>
7301
9797
<em class="parameter"><code><span class="type">char</span> *result</code></em>,
7302
9798
<em class="parameter"><code><span class="type">size_t</span> *result_size</code></em>);</pre>
7303
9799
<p>
9800
This function will decode the given encoded data, using the hex
9801
encoding used by PSK password files.
9802
</p>
9803
<p>
9804
Note that hex_data should be null terminated.
7304
9805
</p>
7305
9806
<div class="variablelist"><table border="0">
7306
9807
<col align="left" valign="top">
7307
9808
<tbody>
7308
9809
<tr>
7309
9810
<td><p><span class="term"><em class="parameter"><code>hex_data</code></em> :</span></p></td>
7310
<td>
9811
<td>contain the encoded data
7311
9812
</td>
7312
9813
</tr>
7313
9814
<tr>
7314
9815
<td><p><span class="term"><em class="parameter"><code>result</code></em> :</span></p></td>
7315
<td>
9816
<td>the place where decoded data will be copied
7316
9817
</td>
7317
9818
</tr>
7318
9819
<tr>
7319
9820
<td><p><span class="term"><em class="parameter"><code>result_size</code></em> :</span></p></td>
7320
<td>
9821
<td>holds the size of the result
7321
9822
</td>
7322
9823
</tr>
7323
9824
<tr>
7324
9825
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
7325
<td>
9826
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> if the buffer given is not
9827
long enough, or 0 on success.
7326
9828
</td>
7327
9829
</tr>
7328
9830
</tbody>
7334
9836
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_psk_set_server_dh_params (<em class="parameter"><code><span class="type">gnutls_psk_server_credentials_t</span> res</code></em>,
7335
9837
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-dh-params-t" title="gnutls_dh_params_t"><span class="type">gnutls_dh_params_t</span></a> dh_params</code></em>);</pre>
7336
9838
<p>
9839
This function will set the Diffie-Hellman parameters for an
9840
anonymous server to use. These parameters will be used in
9841
Diffie-Hellman exchange with PSK cipher suites.
7337
9842
</p>
7338
9843
<div class="variablelist"><table border="0">
7339
9844
<col align="left" valign="top">
7340
9845
<tbody>
7341
9846
<tr>
7342
9847
<td><p><span class="term"><em class="parameter"><code>res</code></em> :</span></p></td>
7343
<td>
9848
<td>is a gnutls_psk_server_credentials_t structure
7344
9849
</td>
7345
9850
</tr>
7346
9851
<tr>
7347
9852
<td><p><span class="term"><em class="parameter"><code>dh_params</code></em> :</span></p></td>
7348
<td>
9853
<td>is a structure that holds Diffie-Hellman parameters.
7349
9854
</td>
7350
9855
</tr>
7351
9856
</tbody>
7358
9863
(<em class="parameter"><code><span class="type">gnutls_psk_server_credentials_t</span> res</code></em>,
7359
9864
<em class="parameter"><code><span class="type">gnutls_params_function</span> *func</code></em>);</pre>
7360
9865
<p>
9866
This function will set a callback in order for the server to get
9867
the Diffie-Hellman parameters for PSK authentication. The callback
9868
should return zero on success.
7361
9869
</p>
7362
9870
<div class="variablelist"><table border="0">
7363
9871
<col align="left" valign="top">
7364
9872
<tbody>
7365
9873
<tr>
7366
9874
<td><p><span class="term"><em class="parameter"><code>res</code></em> :</span></p></td>
7367
<td>
9875
<td>is a <span class="type">gnutls_certificate_credentials_t</span> structure
7368
9876
</td>
7369
9877
</tr>
7370
9878
<tr>
7371
9879
<td><p><span class="term"><em class="parameter"><code>func</code></em> :</span></p></td>
7372
<td>
9880
<td>is the function to be called
7373
9881
</td>
7374
9882
</tr>
7375
9883
</tbody>
7383
9891
<em class="parameter"><code>const <span class="type">char</span> *psk_identity_hint</code></em>,
7384
9892
<em class="parameter"><code><span class="type">gnutls_datum_t</span> *output_key</code></em>);</pre>
7385
9893
<p>
9894
This function will derive a PSK key from a password, for use with
9895
the Netconf protocol.
7386
9896
</p>
7387
9897
<div class="variablelist"><table border="0">
7388
9898
<col align="left" valign="top">
7389
9899
<tbody>
7390
9900
<tr>
7391
9901
<td><p><span class="term"><em class="parameter"><code>password</code></em> :</span></p></td>
7392
<td>
9902
<td>zero terminated string containing password.
7393
9903
</td>
7394
9904
</tr>
7395
9905
<tr>
7396
9906
<td><p><span class="term"><em class="parameter"><code>psk_identity</code></em> :</span></p></td>
7397
<td>
9907
<td>zero terminated string with PSK identity.
7398
9908
</td>
7399
9909
</tr>
7400
9910
<tr>
7401
9911
<td><p><span class="term"><em class="parameter"><code>psk_identity_hint</code></em> :</span></p></td>
7402
<td>
9912
<td>zero terminated string with PSK identity hint.
7403
9913
</td>
7404
9914
</tr>
7405
9915
<tr>
7406
9916
<td><p><span class="term"><em class="parameter"><code>output_key</code></em> :</span></p></td>
7407
<td>
9917
<td>output variable, contains newly allocated *data pointer.
7408
9918
</td>
7409
9919
</tr>
7410
9920
<tr>
7411
9921
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
7412
<td>
9922
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, or an error code.
9923
7413
9924
</td>
7414
9925
</tr>
7415
9926
</tbody>
7416
9927
</table></div>
9928
<p class="since">Since 2.4.0</p>
7417
9929
</div>
7418
9930
<hr>
7419
9931
<div class="refsect2" title="enum gnutls_x509_subject_alt_name_t">
7421
9933
<pre class="programlisting"> typedef enum gnutls_x509_subject_alt_name_t
7422
9934
{
7423
9935
GNUTLS_SAN_DNSNAME = 1,
7424
GNUTLS_SAN_RFC822NAME,
7425
GNUTLS_SAN_URI,
7426
GNUTLS_SAN_IPADDRESS,
7427
GNUTLS_SAN_OTHERNAME,
7428
GNUTLS_SAN_DN,
9936
GNUTLS_SAN_RFC822NAME = 2,
9937
GNUTLS_SAN_URI = 3,
9938
GNUTLS_SAN_IPADDRESS = 4,
9939
GNUTLS_SAN_OTHERNAME = 5,
9940
GNUTLS_SAN_DN = 6,
7429
9941
/* The following are "virtual" subject alternative name types, in
7430
9942
that they are represented by an otherName value and an OID.
7431
9943
Used by gnutls_x509_crt_get_subject_alt_othername_oid(). */
7433
9945
} gnutls_x509_subject_alt_name_t;
7434
9946
</pre>
7435
9947
<p>
9948
Enumeration of different subject alternative names types.
7436
9949
</p>
9950
<div class="variablelist"><table border="0">
9951
<col align="left" valign="top">
9952
<tbody>
9953
<tr>
9954
<td><p><a name="GNUTLS-SAN-DNSNAME:CAPS"></a><span class="term"><code class="literal">GNUTLS_SAN_DNSNAME</code></span></p></td>
9955
<td>DNS-name SAN.
9956
</td>
9957
</tr>
9958
<tr>
9959
<td><p><a name="GNUTLS-SAN-RFC822NAME:CAPS"></a><span class="term"><code class="literal">GNUTLS_SAN_RFC822NAME</code></span></p></td>
9960
<td>E-mail address SAN.
9961
</td>
9962
</tr>
9963
<tr>
9964
<td><p><a name="GNUTLS-SAN-URI:CAPS"></a><span class="term"><code class="literal">GNUTLS_SAN_URI</code></span></p></td>
9965
<td>URI SAN.
9966
</td>
9967
</tr>
9968
<tr>
9969
<td><p><a name="GNUTLS-SAN-IPADDRESS:CAPS"></a><span class="term"><code class="literal">GNUTLS_SAN_IPADDRESS</code></span></p></td>
9970
<td>IP address SAN.
9971
</td>
9972
</tr>
9973
<tr>
9974
<td><p><a name="GNUTLS-SAN-OTHERNAME:CAPS"></a><span class="term"><code class="literal">GNUTLS_SAN_OTHERNAME</code></span></p></td>
9975
<td>OtherName SAN.
9976
</td>
9977
</tr>
9978
<tr>
9979
<td><p><a name="GNUTLS-SAN-DN:CAPS"></a><span class="term"><code class="literal">GNUTLS_SAN_DN</code></span></p></td>
9980
<td>DN SAN.
9981
</td>
9982
</tr>
9983
<tr>
9984
<td><p><a name="GNUTLS-SAN-OTHERNAME-XMPP:CAPS"></a><span class="term"><code class="literal">GNUTLS_SAN_OTHERNAME_XMPP</code></span></p></td>
9985
<td>Virtual SAN, used by
9986
<a class="link" href="gnutls-x509.html#gnutls-x509-crt-get-subject-alt-othername-oid" title="gnutls_x509_crt_get_subject_alt_othername_oid ()"><code class="function">gnutls_x509_crt_get_subject_alt_othername_oid()</code></a>.
9987
</td>
9988
</tr>
9989
</tbody>
9990
</table></div>
7437
9991
</div>
7438
9992
<hr>
7439
9993
<div class="refsect2" title="struct gnutls_openpgp_crt_int">
7470
10024
<a name="gnutls-auth-get-type"></a><h3>gnutls_auth_get_type ()</h3>
7471
10025
<pre class="programlisting"><a class="link" href="gnutls-gnutls.html#gnutls-credentials-type-t" title="enum gnutls_credentials_type_t"><span class="returnvalue">gnutls_credentials_type_t</span></a> gnutls_auth_get_type (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
7472
10026
<p>
10027
Returns type of credentials for the current authentication schema.
10028
The returned information is to be used to distinguish the function used
10029
to access authentication data.
10030
</p>
10031
<p>
10032
Eg. for CERTIFICATE ciphersuites (key exchange algorithms:
10033
<a class="link" href="gnutls-gnutls.html#GNUTLS-KX-RSA:CAPS"><code class="literal">GNUTLS_KX_RSA</code></a>, <a class="link" href="gnutls-gnutls.html#GNUTLS-KX-DHE-RSA:CAPS"><code class="literal">GNUTLS_KX_DHE_RSA</code></a>), the same function are to be
10034
used to access the authentication data.
7473
10035
</p>
7474
10036
<div class="variablelist"><table border="0">
7475
10037
<col align="left" valign="top">
7476
10038
<tbody>
7477
10039
<tr>
7478
10040
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
7479
<td>
10041
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
7480
10042
</td>
7481
10043
</tr>
7482
10044
<tr>
7483
10045
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
7484
<td>
10046
<td> The type of credentials for the current authentication
10047
schema, a <a class="link" href="gnutls-gnutls.html#gnutls-credentials-type-t" title="enum gnutls_credentials_type_t"><span class="type">gnutls_credentials_type_t</span></a> type.
7485
10048
</td>
7486
10049
</tr>
7487
10050
</tbody>
7492
10055
<a name="gnutls-auth-server-get-type"></a><h3>gnutls_auth_server_get_type ()</h3>
7493
10056
<pre class="programlisting"><a class="link" href="gnutls-gnutls.html#gnutls-credentials-type-t" title="enum gnutls_credentials_type_t"><span class="returnvalue">gnutls_credentials_type_t</span></a> gnutls_auth_server_get_type (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
7494
10057
<p>
10058
Returns the type of credentials that were used for server authentication.
10059
The returned information is to be used to distinguish the function used
10060
to access authentication data.
7495
10061
</p>
7496
10062
<div class="variablelist"><table border="0">
7497
10063
<col align="left" valign="top">
7498
10064
<tbody>
7499
10065
<tr>
7500
10066
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
7501
<td>
10067
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
7502
10068
</td>
7503
10069
</tr>
7504
10070
<tr>
7505
10071
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
7506
<td>
10072
<td> The type of credentials for the server authentication
10073
schema, a <a class="link" href="gnutls-gnutls.html#gnutls-credentials-type-t" title="enum gnutls_credentials_type_t"><span class="type">gnutls_credentials_type_t</span></a> type.
7507
10074
</td>
7508
10075
</tr>
7509
10076
</tbody>
7514
10081
<a name="gnutls-auth-client-get-type"></a><h3>gnutls_auth_client_get_type ()</h3>
7515
10082
<pre class="programlisting"><a class="link" href="gnutls-gnutls.html#gnutls-credentials-type-t" title="enum gnutls_credentials_type_t"><span class="returnvalue">gnutls_credentials_type_t</span></a> gnutls_auth_client_get_type (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
7516
10083
<p>
10084
Returns the type of credentials that were used for client authentication.
10085
The returned information is to be used to distinguish the function used
10086
to access authentication data.
7517
10087
</p>
7518
10088
<div class="variablelist"><table border="0">
7519
10089
<col align="left" valign="top">
7520
10090
<tbody>
7521
10091
<tr>
7522
10092
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
7523
<td>
10093
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
7524
10094
</td>
7525
10095
</tr>
7526
10096
<tr>
7527
10097
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
7528
<td>
10098
<td> The type of credentials for the client authentication
10099
schema, a <a class="link" href="gnutls-gnutls.html#gnutls-credentials-type-t" title="enum gnutls_credentials_type_t"><span class="type">gnutls_credentials_type_t</span></a> type.
7529
10100
</td>
7530
10101
</tr>
7531
10102
</tbody>
7537
10108
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_dh_set_prime_bits (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
7538
10109
<em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> bits</code></em>);</pre>
7539
10110
<p>
10111
This function sets the number of bits, for use in an Diffie-Hellman
10112
key exchange. This is used both in DH ephemeral and DH anonymous
10113
cipher suites. This will set the minimum size of the prime that
10114
will be used for the handshake.
10115
</p>
10116
<p>
10117
In the client side it sets the minimum accepted number of bits. If
10118
a server sends a prime with less bits than that
10119
<a class="link" href="gnutls-gnutls.html#GNUTLS-E-DH-PRIME-UNACCEPTABLE:CAPS" title="GNUTLS_E_DH_PRIME_UNACCEPTABLE"><code class="literal">GNUTLS_E_DH_PRIME_UNACCEPTABLE</code></a> will be returned by the handshake.
10120
</p>
10121
<p>
10122
This function has no effect in server side.
7540
10123
</p>
7541
10124
<div class="variablelist"><table border="0">
7542
10125
<col align="left" valign="top">
7543
10126
<tbody>
7544
10127
<tr>
7545
10128
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
7546
<td>
10129
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
7547
10130
</td>
7548
10131
</tr>
7549
10132
<tr>
7550
10133
<td><p><span class="term"><em class="parameter"><code>bits</code></em> :</span></p></td>
7551
<td>
10134
<td>is the number of bits
7552
10135
</td>
7553
10136
</tr>
7554
10137
</tbody>
7559
10142
<a name="gnutls-dh-get-secret-bits"></a><h3>gnutls_dh_get_secret_bits ()</h3>
7560
10143
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_dh_get_secret_bits (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
7561
10144
<p>
10145
This function will return the bits used in the last Diffie-Hellman
10146
key exchange with the peer. Should be used for both anonymous and
10147
ephemeral Diffie-Hellman.
7562
10148
</p>
7563
10149
<div class="variablelist"><table border="0">
7564
10150
<col align="left" valign="top">
7565
10151
<tbody>
7566
10152
<tr>
7567
10153
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
7568
<td>
10154
<td>is a gnutls session
7569
10155
</td>
7570
10156
</tr>
7571
10157
<tr>
7572
10158
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
7573
<td>
10159
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise
10160
an error code is returned.
7574
10161
</td>
7575
10162
</tr>
7576
10163
</tbody>
7581
10168
<a name="gnutls-dh-get-peers-public-bits"></a><h3>gnutls_dh_get_peers_public_bits ()</h3>
7582
10169
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_dh_get_peers_public_bits (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
7583
10170
<p>
10171
Get the Diffie-Hellman public key bit size. Can be used for both
10172
anonymous and ephemeral Diffie-Hellman.
7584
10173
</p>
7585
10174
<div class="variablelist"><table border="0">
7586
10175
<col align="left" valign="top">
7587
10176
<tbody>
7588
10177
<tr>
7589
10178
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
7590
<td>
10179
<td>is a gnutls session
7591
10180
</td>
7592
10181
</tr>
7593
10182
<tr>
7594
10183
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
7595
<td>
10184
<td> the public key bit size used in the last Diffie-Hellman
10185
key exchange with the peer, or a negative value in case of error.
7596
10186
</td>
7597
10187
</tr>
7598
10188
</tbody>
7603
10193
<a name="gnutls-dh-get-prime-bits"></a><h3>gnutls_dh_get_prime_bits ()</h3>
7604
10194
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_dh_get_prime_bits (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
7605
10195
<p>
10196
This function will return the bits of the prime used in the last
10197
Diffie-Hellman key exchange with the peer. Should be used for both
10198
anonymous and ephemeral Diffie-Hellman. Note that some ciphers,
10199
like RSA and DSA without DHE, does not use a Diffie-Hellman key
10200
exchange, and then this function will return 0.
7606
10201
</p>
7607
10202
<div class="variablelist"><table border="0">
7608
10203
<col align="left" valign="top">
7609
10204
<tbody>
7610
10205
<tr>
7611
10206
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
7612
<td>
10207
<td>is a gnutls session
7613
10208
</td>
7614
10209
</tr>
7615
10210
<tr>
7616
10211
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
7617
<td>
10212
<td> The Diffie-Hellman bit strength is returned, or 0 if no
10213
Diffie-Hellman key exchange was done, or a negative error code on
10214
failure.
7618
10215
</td>
7619
10216
</tr>
7620
10217
</tbody>
7627
10224
<em class="parameter"><code><span class="type">gnutls_datum_t</span> *raw_gen</code></em>,
7628
10225
<em class="parameter"><code><span class="type">gnutls_datum_t</span> *raw_prime</code></em>);</pre>
7629
10226
<p>
10227
This function will return the group parameters used in the last
10228
Diffie-Hellman key exchange with the peer. These are the prime and
10229
the generator used. This function should be used for both
10230
anonymous and ephemeral Diffie-Hellman. The output parameters must
10231
be freed with <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free"><code class="function">gnutls_free()</code></a>.
7630
10232
</p>
7631
10233
<div class="variablelist"><table border="0">
7632
10234
<col align="left" valign="top">
7633
10235
<tbody>
7634
10236
<tr>
7635
10237
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
7636
<td>
10238
<td>is a gnutls session
7637
10239
</td>
7638
10240
</tr>
7639
10241
<tr>
7640
10242
<td><p><span class="term"><em class="parameter"><code>raw_gen</code></em> :</span></p></td>
7641
<td>
10243
<td>will hold the generator.
7642
10244
</td>
7643
10245
</tr>
7644
10246
<tr>
7645
10247
<td><p><span class="term"><em class="parameter"><code>raw_prime</code></em> :</span></p></td>
7646
<td>
10248
<td>will hold the prime.
7647
10249
</td>
7648
10250
</tr>
7649
10251
<tr>
7650
10252
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
7651
<td>
10253
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise
10254
an error code is returned.
7652
10255
</td>
7653
10256
</tr>
7654
10257
</tbody>
7660
10263
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_dh_get_pubkey (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
7661
10264
<em class="parameter"><code><span class="type">gnutls_datum_t</span> *raw_key</code></em>);</pre>
7662
10265
<p>
10266
This function will return the peer's public key used in the last
10267
Diffie-Hellman key exchange. This function should be used for both
10268
anonymous and ephemeral Diffie-Hellman. The output parameters must
10269
be freed with <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free"><code class="function">gnutls_free()</code></a>.
7663
10270
</p>
7664
10271
<div class="variablelist"><table border="0">
7665
10272
<col align="left" valign="top">
7666
10273
<tbody>
7667
10274
<tr>
7668
10275
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
7669
<td>
10276
<td>is a gnutls session
7670
10277
</td>
7671
10278
</tr>
7672
10279
<tr>
7673
10280
<td><p><span class="term"><em class="parameter"><code>raw_key</code></em> :</span></p></td>
7674
<td>
10281
<td>will hold the public key.
7675
10282
</td>
7676
10283
</tr>
7677
10284
<tr>
7678
10285
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
7679
<td>
10286
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise
10287
an error code is returned.
7680
10288
</td>
7681
10289
</tr>
7682
10290
</tbody>
7689
10297
<em class="parameter"><code><span class="type">gnutls_datum_t</span> *exponent</code></em>,
7690
10298
<em class="parameter"><code><span class="type">gnutls_datum_t</span> *modulus</code></em>);</pre>
7691
10299
<p>
10300
This function will return the peer's public key exponent and
10301
modulus used in the last RSA-EXPORT authentication. The output
10302
parameters must be freed with <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free"><code class="function">gnutls_free()</code></a>.
7692
10303
</p>
7693
10304
<div class="variablelist"><table border="0">
7694
10305
<col align="left" valign="top">
7695
10306
<tbody>
7696
10307
<tr>
7697
10308
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
7698
<td>
10309
<td>is a gnutls session
7699
10310
</td>
7700
10311
</tr>
7701
10312
<tr>
7702
10313
<td><p><span class="term"><em class="parameter"><code>exponent</code></em> :</span></p></td>
7703
<td>
10314
<td>will hold the exponent.
7704
10315
</td>
7705
10316
</tr>
7706
10317
<tr>
7707
10318
<td><p><span class="term"><em class="parameter"><code>modulus</code></em> :</span></p></td>
7708
<td>
10319
<td>will hold the modulus.
7709
10320
</td>
7710
10321
</tr>
7711
10322
<tr>
7712
10323
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
7713
<td>
10324
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise
10325
an error code is returned.
7714
10326
</td>
7715
10327
</tr>
7716
10328
</tbody>
7721
10333
<a name="gnutls-rsa-export-get-modulus-bits"></a><h3>gnutls_rsa_export_get_modulus_bits ()</h3>
7722
10334
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_rsa_export_get_modulus_bits (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
7723
10335
<p>
10336
Get the export RSA parameter's modulus size.
7724
10337
</p>
7725
10338
<div class="variablelist"><table border="0">
7726
10339
<col align="left" valign="top">
7727
10340
<tbody>
7728
10341
<tr>
7729
10342
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
7730
<td>
10343
<td>is a gnutls session
7731
10344
</td>
7732
10345
</tr>
7733
10346
<tr>
7734
10347
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
7735
<td>
10348
<td> the bits used in the last RSA-EXPORT key exchange with the
10349
peer, or a negative value in case of error.
7736
10350
</td>
7737
10351
</tr>
7738
10352
</tbody>
7810
10424
<p>
7811
10425
The <em class="parameter"><code>userdata</code></em> parameter is passed to the <em class="parameter"><code>sign_func</code></em> verbatim, and
7812
10426
can be used to store application-specific data needed in the
7813
callback function. See also <a class="link" href="gnutls-gnutls.html#gnutls-sign-callback-get" title="gnutls_sign_callback_get ()"><code class="function">gnutls_sign_callback_get()</code></a>.</p>
10427
callback function. See also <a class="link" href="gnutls-gnutls.html#gnutls-sign-callback-get" title="gnutls_sign_callback_get ()"><code class="function">gnutls_sign_callback_get()</code></a>.
10428
</p>
7814
10429
<div class="variablelist"><table border="0">
7815
10430
<col align="left" valign="top">
7816
10431
<tbody>
7838
10453
<pre class="programlisting"><a class="link" href="gnutls-gnutls.html#gnutls-sign-func" title="gnutls_sign_func ()"><span class="returnvalue">gnutls_sign_func</span></a> gnutls_sign_callback_get (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
7839
10454
<em class="parameter"><code><span class="type">void</span> **userdata</code></em>);</pre>
7840
10455
<p>
7841
Retrieve the callback function, and its userdata pointer.</p>
10456
Retrieve the callback function, and its userdata pointer.
10457
</p>
7842
10458
<div class="variablelist"><table border="0">
7843
10459
<col align="left" valign="top">
7844
10460
<tbody>
7868
10484
(<em class="parameter"><code><span class="type">gnutls_certificate_credentials_t</span> cred</code></em>,
7869
10485
<em class="parameter"><code><span class="type">gnutls_certificate_client_retrieve_function</span> *func</code></em>);</pre>
7870
10486
<p>
10487
This function sets a callback to be called in order to retrieve the
10488
certificate to be used in the handshake.
10489
</p>
10490
<p>
10491
The callback's function prototype is:
10492
int (*callback)(gnutls_session_t, const gnutls_datum_t* req_ca_dn, int nreqs,
10493
const gnutls_pk_algorithm_t* pk_algos, int pk_algos_length, gnutls_retr_st* st);
10494
</p>
10495
<p>
10496
<em class="parameter"><code>req_ca_cert</code></em> is only used in X.509 certificates.
10497
Contains a list with the CA names that the server considers trusted.
10498
Normally we should send a certificate that is signed
10499
by one of these CAs. These names are DER encoded. To get a more
10500
meaningful value use the function <a class="link" href="gnutls-x509.html#gnutls-x509-rdn-get" title="gnutls_x509_rdn_get ()"><code class="function">gnutls_x509_rdn_get()</code></a>.
10501
</p>
10502
<p>
10503
<em class="parameter"><code>pk_algos</code></em> contains a list with server's acceptable signature algorithms.
10504
The certificate returned should support the server's given algorithms.
10505
</p>
10506
<p>
10507
<em class="parameter"><code>st</code></em> should contain the certificates and private keys.
10508
</p>
10509
<p>
10510
If the callback function is provided then gnutls will call it, in the
10511
handshake, after the certificate request message has been received.
10512
</p>
10513
<p>
10514
The callback function should set the certificate list to be sent,
10515
and return 0 on success. If no certificate was selected then the
10516
number of certificates should be set to zero. The value (-1)
10517
indicates error and the handshake will be terminated.
7871
10518
</p>
7872
10519
<div class="variablelist"><table border="0">
7873
10520
<col align="left" valign="top">
7874
10521
<tbody>
7875
10522
<tr>
7876
10523
<td><p><span class="term"><em class="parameter"><code>cred</code></em> :</span></p></td>
7877
<td>
10524
<td>is a <span class="type">gnutls_certificate_credentials_t</span> structure.
7878
10525
</td>
7879
10526
</tr>
7880
10527
<tr>
7881
10528
<td><p><span class="term"><em class="parameter"><code>func</code></em> :</span></p></td>
7882
<td>
10529
<td>is the callback function
7883
10530
</td>
7884
10531
</tr>
7885
10532
</tbody>
7892
10539
(<em class="parameter"><code><span class="type">gnutls_certificate_credentials_t</span> cred</code></em>,
7893
10540
<em class="parameter"><code><span class="type">gnutls_certificate_server_retrieve_function</span> *func</code></em>);</pre>
7894
10541
<p>
7895
</p>
7896
<div class="variablelist"><table border="0">
7897
<col align="left" valign="top">
7898
<tbody>
7899
<tr>
7900
<td><p><span class="term"><em class="parameter"><code>cred</code></em> :</span></p></td>
7901
<td>
7902
</td>
7903
</tr>
7904
<tr>
7905
<td><p><span class="term"><em class="parameter"><code>func</code></em> :</span></p></td>
7906
<td>
7907
</td>
7908
</tr>
7909
</tbody>
7910
</table></div>
10542
This function sets a callback to be called in order to retrieve the
10543
certificate to be used in the handshake.
10544
</p>
10545
<p>
10546
The callback's function prototype is:
10547
int (*callback)(gnutls_session_t, gnutls_retr_st* st);
10548
</p>
10549
<p>
10550
<em class="parameter"><code>st</code></em> should contain the certificates and private keys.
10551
</p>
10552
<p>
10553
If the callback function is provided then gnutls will call it, in the
10554
handshake, after the certificate request message has been received.
10555
</p>
10556
<p>
10557
The callback function should set the certificate list to be sent, and
10558
return 0 on success. The value (-1) indicates error and the handshake
10559
will be terminated.
10560
</p>
10561
<div class="variablelist"><table border="0">
10562
<col align="left" valign="top">
10563
<tbody>
10564
<tr>
10565
<td><p><span class="term"><em class="parameter"><code>cred</code></em> :</span></p></td>
10566
<td>is a <span class="type">gnutls_certificate_credentials_t</span> structure.
10567
</td>
10568
</tr>
10569
<tr>
10570
<td><p><span class="term"><em class="parameter"><code>func</code></em> :</span></p></td>
10571
<td>is the callback function
10572
</td>
10573
</tr>
10574
</tbody>
10575
</table></div>
10576
</div>
10577
<hr>
10578
<div class="refsect2" title="gnutls_certificate_set_verify_function ()">
10579
<a name="gnutls-certificate-set-verify-function"></a><h3>gnutls_certificate_set_verify_function ()</h3>
10580
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_certificate_set_verify_function
10581
(<em class="parameter"><code><span class="type">gnutls_certificate_credentials_t</span> cred</code></em>,
10582
<em class="parameter"><code><span class="type">gnutls_certificate_verify_function</span> *func</code></em>);</pre>
10583
<p>
10584
This function sets a callback to be called when peer's certificate
10585
has been received in order to verify it on receipt rather than
10586
doing after the handshake is completed.
10587
</p>
10588
<p>
10589
The callback's function prototype is:
10590
int (*callback)(gnutls_session_t);
10591
</p>
10592
<p>
10593
If the callback function is provided then gnutls will call it, in the
10594
handshake, just after the certificate message has been received.
10595
To verify or obtain the certificate the <a class="link" href="gnutls-gnutls.html#gnutls-certificate-verify-peers2" title="gnutls_certificate_verify_peers2 ()"><code class="function">gnutls_certificate_verify_peers2()</code></a>,
10596
<a class="link" href="gnutls-gnutls.html#gnutls-certificate-type-get" title="gnutls_certificate_type_get ()"><code class="function">gnutls_certificate_type_get()</code></a>, <a class="link" href="gnutls-gnutls.html#gnutls-certificate-get-peers" title="gnutls_certificate_get_peers ()"><code class="function">gnutls_certificate_get_peers()</code></a> functions
10597
can be used.
10598
</p>
10599
<p>
10600
The callback function should return 0 for the handshake to continue
10601
or non-zero to terminate.
10602
</p>
10603
<div class="variablelist"><table border="0">
10604
<col align="left" valign="top">
10605
<tbody>
10606
<tr>
10607
<td><p><span class="term"><em class="parameter"><code>cred</code></em> :</span></p></td>
10608
<td>is a <span class="type">gnutls_certificate_credentials_t</span> structure.
10609
</td>
10610
</tr>
10611
<tr>
10612
<td><p><span class="term"><em class="parameter"><code>func</code></em> :</span></p></td>
10613
<td>is the callback function
10614
</td>
10615
</tr>
10616
</tbody>
10617
</table></div>
10618
<p class="since">Since 2.10.0</p>
7911
10619
</div>
7912
10620
<hr>
7913
10621
<div class="refsect2" title="gnutls_certificate_server_set_request ()">
7916
10624
(<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
7917
10625
<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-certificate-request-t" title="enum gnutls_certificate_request_t"><span class="type">gnutls_certificate_request_t</span></a> req</code></em>);</pre>
7918
10626
<p>
10627
This function specifies if we (in case of a server) are going to
10628
send a certificate request message to the client. If <em class="parameter"><code>req</code></em> is
10629
GNUTLS_CERT_REQUIRE then the server will return an error if the
10630
peer does not provide a certificate. If you do not call this
10631
function then the client will not be asked to send a certificate.
7919
10632
</p>
7920
10633
<div class="variablelist"><table border="0">
7921
10634
<col align="left" valign="top">
7922
10635
<tbody>
7923
10636
<tr>
7924
10637
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
7925
<td>
10638
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
7926
10639
</td>
7927
10640
</tr>
7928
10641
<tr>
7929
10642
<td><p><span class="term"><em class="parameter"><code>req</code></em> :</span></p></td>
7930
<td>
10643
<td>is one of GNUTLS_CERT_REQUEST, GNUTLS_CERT_REQUIRE
7931
10644
</td>
7932
10645
</tr>
7933
10646
</tbody>
7939
10652
<pre class="programlisting">const <span class="returnvalue">gnutls_datum_t</span> * gnutls_certificate_get_peers (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
7940
10653
<em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> *list_size</code></em>);</pre>
7941
10654
<p>
10655
Get the peer's raw certificate (chain) as sent by the peer. These
10656
certificates are in raw format (DER encoded for X.509). In case of
10657
a X.509 then a certificate list may be present. The first
10658
certificate in the list is the peer's certificate, following the
10659
issuer's certificate, then the issuer's issuer etc.
10660
</p>
10661
<p>
10662
In case of OpenPGP keys a single key will be returned in raw
10663
format.
7942
10664
</p>
7943
10665
<div class="variablelist"><table border="0">
7944
10666
<col align="left" valign="top">
7945
10667
<tbody>
7946
10668
<tr>
7947
10669
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
7948
<td>
10670
<td>is a gnutls session
7949
10671
</td>
7950
10672
</tr>
7951
10673
<tr>
7952
10674
<td><p><span class="term"><em class="parameter"><code>list_size</code></em> :</span></p></td>
7953
<td>
10675
<td>is the length of the certificate list
7954
10676
</td>
7955
10677
</tr>
7956
10678
<tr>
7957
10679
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
7958
<td>
10680
<td> return a pointer to a <span class="type">gnutls_datum_t</span> containing our
10681
certificates, or <code class="literal">NULL</code> in case of an error or if no certificate
10682
was used.
7959
10683
</td>
7960
10684
</tr>
7961
10685
</tbody>
7966
10690
<a name="gnutls-certificate-get-ours"></a><h3>gnutls_certificate_get_ours ()</h3>
7967
10691
<pre class="programlisting">const <span class="returnvalue">gnutls_datum_t</span> * gnutls_certificate_get_ours (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
7968
10692
<p>
10693
Get the certificate as sent to the peer, in the last handshake.
10694
These certificates are in raw format. In X.509 this is a
10695
certificate list. In OpenPGP this is a single certificate.
7969
10696
</p>
7970
10697
<div class="variablelist"><table border="0">
7971
10698
<col align="left" valign="top">
7972
10699
<tbody>
7973
10700
<tr>
7974
10701
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
7975
<td>
10702
<td>is a gnutls session
7976
10703
</td>
7977
10704
</tr>
7978
10705
<tr>
7979
10706
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
7980
<td>
10707
<td> return a pointer to a <span class="type">gnutls_datum_t</span> containing our
10708
certificates, or <code class="literal">NULL</code> in case of an error or if no certificate
10709
was used.
7981
10710
</td>
7982
10711
</tr>
7983
10712
</tbody>
7988
10717
<a name="gnutls-certificate-activation-time-peers"></a><h3>gnutls_certificate_activation_time_peers ()</h3>
7989
10718
<pre class="programlisting"><span class="returnvalue">time_t</span> gnutls_certificate_activation_time_peers
7990
10719
(<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
10720
<div class="warning" title="Warning" style="margin-left: 0.5in; margin-right: 0.5in;">
10721
<h3 class="title">Warning</h3>
10722
<p><code class="literal">gnutls_certificate_activation_time_peers</code> is deprecated and should not be used in newly-written code. <a class="link" href="gnutls-gnutls.html#gnutls-certificate-verify-peers2" title="gnutls_certificate_verify_peers2 ()"><code class="function">gnutls_certificate_verify_peers2()</code></a> now verifies activation times.</p>
10723
</div>
7991
10724
<p>
10725
This function will return the peer's certificate activation time.
10726
This is the creation time for openpgp keys.
7992
10727
</p>
7993
10728
<div class="variablelist"><table border="0">
7994
10729
<col align="left" valign="top">
7995
10730
<tbody>
7996
10731
<tr>
7997
10732
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
7998
<td>
10733
<td>is a gnutls session
7999
10734
</td>
8000
10735
</tr>
8001
10736
<tr>
8002
10737
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
8003
<td>
10738
<td> (time_t)-1 on error.
10739
8004
10740
</td>
8005
10741
</tr>
8006
10742
</tbody>
8011
10747
<a name="gnutls-certificate-expiration-time-peers"></a><h3>gnutls_certificate_expiration_time_peers ()</h3>
8012
10748
<pre class="programlisting"><span class="returnvalue">time_t</span> gnutls_certificate_expiration_time_peers
8013
10749
(<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
10750
<div class="warning" title="Warning" style="margin-left: 0.5in; margin-right: 0.5in;">
10751
<h3 class="title">Warning</h3>
10752
<p><code class="literal">gnutls_certificate_expiration_time_peers</code> is deprecated and should not be used in newly-written code. <a class="link" href="gnutls-gnutls.html#gnutls-certificate-verify-peers2" title="gnutls_certificate_verify_peers2 ()"><code class="function">gnutls_certificate_verify_peers2()</code></a> now verifies expiration times.</p>
10753
</div>
8014
10754
<p>
10755
This function will return the peer's certificate expiration time.
8015
10756
</p>
8016
10757
<div class="variablelist"><table border="0">
8017
10758
<col align="left" valign="top">
8018
10759
<tbody>
8019
10760
<tr>
8020
10761
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
8021
<td>
10762
<td>is a gnutls session
8022
10763
</td>
8023
10764
</tr>
8024
10765
<tr>
8025
10766
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
8026
<td>
10767
<td> (time_t)-1 on error.
10768
8027
10769
</td>
8028
10770
</tr>
8029
10771
</tbody>
8035
10777
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_certificate_client_get_request_status
8036
10778
(<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
8037
10779
<p>
10780
Get whether client certificate is requested or not.
8038
10781
</p>
8039
10782
<div class="variablelist"><table border="0">
8040
10783
<col align="left" valign="top">
8041
10784
<tbody>
8042
10785
<tr>
8043
10786
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
8044
<td>
10787
<td>is a gnutls session
8045
10788
</td>
8046
10789
</tr>
8047
10790
<tr>
8048
10791
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
8049
<td>
10792
<td> 0 if the peer (server) did not request client
10793
authentication or 1 otherwise, or a negative value in case of
10794
error.
8050
10795
</td>
8051
10796
</tr>
8052
10797
</tbody>
8058
10803
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_certificate_verify_peers2 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
8059
10804
<em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> *status</code></em>);</pre>
8060
10805
<p>
10806
This function will try to verify the peer's certificate and return
10807
its status (trusted, invalid etc.). The value of <em class="parameter"><code>status</code></em> should
10808
be one or more of the gnutls_certificate_status_t enumerated
10809
elements bitwise or'd. To avoid denial of service attacks some
10810
default upper limits regarding the certificate key size and chain
10811
size are set. To override them use
10812
<a class="link" href="gnutls-gnutls.html#gnutls-certificate-set-verify-limits" title="gnutls_certificate_set_verify_limits ()"><code class="function">gnutls_certificate_set_verify_limits()</code></a>.
10813
</p>
10814
<p>
10815
Note that you must also check the peer's name in order to check if
10816
the verified certificate belongs to the actual peer.
10817
</p>
10818
<p>
10819
This function uses <a class="link" href="gnutls-x509.html#gnutls-x509-crt-list-verify" title="gnutls_x509_crt_list_verify ()"><code class="function">gnutls_x509_crt_list_verify()</code></a> with the CAs in
10820
the credentials as trusted CAs.
8061
10821
</p>
8062
10822
<div class="variablelist"><table border="0">
8063
10823
<col align="left" valign="top">
8064
10824
<tbody>
8065
10825
<tr>
8066
10826
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
8067
<td>
10827
<td>is a gnutls session
8068
10828
</td>
8069
10829
</tr>
8070
10830
<tr>
8071
10831
<td><p><span class="term"><em class="parameter"><code>status</code></em> :</span></p></td>
8072
<td>
10832
<td>is the output of the verification
8073
10833
</td>
8074
10834
</tr>
8075
10835
<tr>
8076
10836
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
8077
<td>
10837
<td> a negative error code on error and zero on success.
8078
10838
</td>
8079
10839
</tr>
8080
10840
</tbody>
8084
10844
<div class="refsect2" title="gnutls_certificate_verify_peers ()">
8085
10845
<a name="gnutls-certificate-verify-peers"></a><h3>gnutls_certificate_verify_peers ()</h3>
8086
10846
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_certificate_verify_peers (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
8087
<p>
10847
<div class="warning" title="Warning" style="margin-left: 0.5in; margin-right: 0.5in;">
10848
<h3 class="title">Warning</h3>
10849
<p><code class="literal">gnutls_certificate_verify_peers</code> is deprecated and should not be used in newly-written code. Use <a class="link" href="gnutls-gnutls.html#gnutls-certificate-verify-peers2" title="gnutls_certificate_verify_peers2 ()"><code class="function">gnutls_certificate_verify_peers2()</code></a> instead.</p>
10850
</div>
10851
<p>
10852
This function will try to verify the peer's certificate and return
10853
its status (trusted, invalid etc.). However you must also check
10854
the peer's name in order to check if the verified certificate
10855
belongs to the actual peer.
10856
</p>
10857
<p>
10858
This function uses <a class="link" href="gnutls-x509.html#gnutls-x509-crt-list-verify" title="gnutls_x509_crt_list_verify ()"><code class="function">gnutls_x509_crt_list_verify()</code></a>.
8088
10859
</p>
8089
10860
<div class="variablelist"><table border="0">
8090
10861
<col align="left" valign="top">
8091
10862
<tbody>
8092
10863
<tr>
8093
10864
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
8094
<td>
10865
<td>is a gnutls session
8095
10866
</td>
8096
10867
</tr>
8097
10868
<tr>
8098
10869
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
8099
<td>
10870
<td> one or more of the <a class="link" href="gnutls-gnutls.html#gnutls-certificate-status-t" title="enum gnutls_certificate_status_t"><span class="type">gnutls_certificate_status_t</span></a>
10871
enumerated elements bitwise or'd, or a negative value on error.
10872
8100
10873
</td>
8101
10874
</tr>
8102
10875
</tbody>
8110
10883
<em class="parameter"><code><span class="type">char</span> *result</code></em>,
8111
10884
<em class="parameter"><code><span class="type">size_t</span> *result_size</code></em>);</pre>
8112
10885
<p>
10886
This function will convert the given data to printable data, using
10887
the base64 encoding. This is the encoding used in PEM messages.
10888
</p>
10889
<p>
10890
The output string will be null terminated, although the size will
10891
not include the terminating null.
8113
10892
</p>
8114
10893
<div class="variablelist"><table border="0">
8115
10894
<col align="left" valign="top">
8116
10895
<tbody>
8117
10896
<tr>
8118
10897
<td><p><span class="term"><em class="parameter"><code>msg</code></em> :</span></p></td>
8119
<td>
10898
<td>is a message to be put in the header
8120
10899
</td>
8121
10900
</tr>
8122
10901
<tr>
8123
10902
<td><p><span class="term"><em class="parameter"><code>data</code></em> :</span></p></td>
8124
<td>
10903
<td>contain the raw data
8125
10904
</td>
8126
10905
</tr>
8127
10906
<tr>
8128
10907
<td><p><span class="term"><em class="parameter"><code>result</code></em> :</span></p></td>
8129
<td>
10908
<td>the place where base64 data will be copied
8130
10909
</td>
8131
10910
</tr>
8132
10911
<tr>
8133
10912
<td><p><span class="term"><em class="parameter"><code>result_size</code></em> :</span></p></td>
8134
<td>
10913
<td>holds the size of the result
8135
10914
</td>
8136
10915
</tr>
8137
10916
<tr>
8138
10917
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
8139
<td>
10918
<td> On success <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned,
10919
<a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> is returned if the buffer given is
10920
not long enough, or 0 on success.
8140
10921
</td>
8141
10922
</tr>
8142
10923
</tbody>
8150
10931
<em class="parameter"><code>unsigned <span class="type">char</span> *result</code></em>,
8151
10932
<em class="parameter"><code><span class="type">size_t</span> *result_size</code></em>);</pre>
8152
10933
<p>
10934
This function will decode the given encoded data. If the header
10935
given is non null this function will search for "-----BEGIN header"
10936
and decode only this part. Otherwise it will decode the first PEM
10937
packet found.
8153
10938
</p>
8154
10939
<div class="variablelist"><table border="0">
8155
10940
<col align="left" valign="top">
8156
10941
<tbody>
8157
10942
<tr>
8158
10943
<td><p><span class="term"><em class="parameter"><code>header</code></em> :</span></p></td>
8159
<td>
10944
<td>A null terminated string with the PEM header (eg. CERTIFICATE)
8160
10945
</td>
8161
10946
</tr>
8162
10947
<tr>
8163
10948
<td><p><span class="term"><em class="parameter"><code>b64_data</code></em> :</span></p></td>
8164
<td>
10949
<td>contain the encoded data
8165
10950
</td>
8166
10951
</tr>
8167
10952
<tr>
8168
10953
<td><p><span class="term"><em class="parameter"><code>result</code></em> :</span></p></td>
8169
<td>
10954
<td>the place where decoded data will be copied
8170
10955
</td>
8171
10956
</tr>
8172
10957
<tr>
8173
10958
<td><p><span class="term"><em class="parameter"><code>result_size</code></em> :</span></p></td>
8174
<td>
10959
<td>holds the size of the result
8175
10960
</td>
8176
10961
</tr>
8177
10962
<tr>
8178
10963
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
8179
<td>
10964
<td> On success <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned,
10965
<a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a> is returned if the buffer given is
10966
not long enough, or 0 on success.
8180
10967
</td>
8181
10968
</tr>
8182
10969
</tbody>
8189
10976
<em class="parameter"><code>const <span class="type">gnutls_datum_t</span> *data</code></em>,
8190
10977
<em class="parameter"><code><span class="type">gnutls_datum_t</span> *result</code></em>);</pre>
8191
10978
<p>
10979
This function will convert the given data to printable data, using
10980
the base64 encoding. This is the encoding used in PEM messages.
10981
This function will allocate the required memory to hold the encoded
10982
data.
10983
</p>
10984
<p>
10985
You should use <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free"><code class="function">gnutls_free()</code></a> to free the returned data.
8192
10986
</p>
8193
10987
<div class="variablelist"><table border="0">
8194
10988
<col align="left" valign="top">
8195
10989
<tbody>
8196
10990
<tr>
8197
10991
<td><p><span class="term"><em class="parameter"><code>msg</code></em> :</span></p></td>
8198
<td>
10992
<td>is a message to be put in the encoded header
8199
10993
</td>
8200
10994
</tr>
8201
10995
<tr>
8202
10996
<td><p><span class="term"><em class="parameter"><code>data</code></em> :</span></p></td>
8203
<td>
10997
<td>contains the raw data
8204
10998
</td>
8205
10999
</tr>
8206
11000
<tr>
8207
11001
<td><p><span class="term"><em class="parameter"><code>result</code></em> :</span></p></td>
8208
<td>
11002
<td>will hold the newly allocated encoded data
8209
11003
</td>
8210
11004
</tr>
8211
11005
<tr>
8212
11006
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
8213
<td>
11007
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise
11008
an error code is returned.
8214
11009
</td>
8215
11010
</tr>
8216
11011
</tbody>
8223
11018
<em class="parameter"><code>const <span class="type">gnutls_datum_t</span> *b64_data</code></em>,
8224
11019
<em class="parameter"><code><span class="type">gnutls_datum_t</span> *result</code></em>);</pre>
8225
11020
<p>
11021
This function will decode the given encoded data. The decoded data
11022
will be allocated, and stored into result. If the header given is
11023
non null this function will search for "-----BEGIN header" and
11024
decode only this part. Otherwise it will decode the first PEM
11025
packet found.
11026
</p>
11027
<p>
11028
You should use <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free"><code class="function">gnutls_free()</code></a> to free the returned data.
8226
11029
</p>
8227
11030
<div class="variablelist"><table border="0">
8228
11031
<col align="left" valign="top">
8229
11032
<tbody>
8230
11033
<tr>
8231
11034
<td><p><span class="term"><em class="parameter"><code>header</code></em> :</span></p></td>
8232
<td>
11035
<td>The PEM header (eg. CERTIFICATE)
8233
11036
</td>
8234
11037
</tr>
8235
11038
<tr>
8236
11039
<td><p><span class="term"><em class="parameter"><code>b64_data</code></em> :</span></p></td>
8237
<td>
11040
<td>contains the encoded data
8238
11041
</td>
8239
11042
</tr>
8240
11043
<tr>
8241
11044
<td><p><span class="term"><em class="parameter"><code>result</code></em> :</span></p></td>
8242
<td>
11045
<td>the place where decoded data lie
8243
11046
</td>
8244
11047
</tr>
8245
11048
<tr>
8246
11049
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
8247
<td>
11050
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise
11051
an error code is returned.
8248
11052
</td>
8249
11053
</tr>
8250
11054
</tbody>
8329
11133
(<em class="parameter"><code><span class="type">gnutls_certificate_credentials_t</span> res</code></em>,
8330
11134
<em class="parameter"><code><span class="type">gnutls_params_function</span> *func</code></em>);</pre>
8331
11135
<p>
11136
This function will set a callback in order for the server to get
11137
the Diffie-Hellman or RSA parameters for certificate
11138
authentication. The callback should return zero on success.
8332
11139
</p>
8333
11140
<div class="variablelist"><table border="0">
8334
11141
<col align="left" valign="top">
8335
11142
<tbody>
8336
11143
<tr>
8337
11144
<td><p><span class="term"><em class="parameter"><code>res</code></em> :</span></p></td>
8338
<td>
11145
<td>is a gnutls_certificate_credentials_t structure
8339
11146
</td>
8340
11147
</tr>
8341
11148
<tr>
8342
11149
<td><p><span class="term"><em class="parameter"><code>func</code></em> :</span></p></td>
8343
<td>
11150
<td>is the function to be called
8344
11151
</td>
8345
11152
</tr>
8346
11153
</tbody>
8352
11159
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_anon_set_params_function (<em class="parameter"><code><span class="type">gnutls_anon_server_credentials_t</span> res</code></em>,
8353
11160
<em class="parameter"><code><span class="type">gnutls_params_function</span> *func</code></em>);</pre>
8354
11161
<p>
11162
This function will set a callback in order for the server to get
11163
the Diffie-Hellman or RSA parameters for anonymous authentication.
11164
The callback should return zero on success.
8355
11165
</p>
8356
11166
<div class="variablelist"><table border="0">
8357
11167
<col align="left" valign="top">
8358
11168
<tbody>
8359
11169
<tr>
8360
11170
<td><p><span class="term"><em class="parameter"><code>res</code></em> :</span></p></td>
8361
<td>
11171
<td>is a gnutls_anon_server_credentials_t structure
8362
11172
</td>
8363
11173
</tr>
8364
11174
<tr>
8365
11175
<td><p><span class="term"><em class="parameter"><code>func</code></em> :</span></p></td>
8366
<td>
11176
<td>is the function to be called
8367
11177
</td>
8368
11178
</tr>
8369
11179
</tbody>
8375
11185
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_psk_set_params_function (<em class="parameter"><code><span class="type">gnutls_psk_server_credentials_t</span> res</code></em>,
8376
11186
<em class="parameter"><code><span class="type">gnutls_params_function</span> *func</code></em>);</pre>
8377
11187
<p>
11188
This function will set a callback in order for the server to get
11189
the Diffie-Hellman or RSA parameters for PSK authentication. The
11190
callback should return zero on success.
8378
11191
</p>
8379
11192
<div class="variablelist"><table border="0">
8380
11193
<col align="left" valign="top">
8381
11194
<tbody>
8382
11195
<tr>
8383
11196
<td><p><span class="term"><em class="parameter"><code>res</code></em> :</span></p></td>
8384
<td>
11197
<td>is a gnutls_psk_server_credentials_t structure
8385
11198
</td>
8386
11199
</tr>
8387
11200
<tr>
8388
11201
<td><p><span class="term"><em class="parameter"><code>func</code></em> :</span></p></td>
8389
<td>
11202
<td>is the function to be called
8390
11203
</td>
8391
11204
</tr>
8392
11205
</tbody>
8400
11213
<em class="parameter"><code><span class="type">char</span> *bin_data</code></em>,
8401
11214
<em class="parameter"><code><span class="type">size_t</span> *bin_size</code></em>);</pre>
8402
11215
<p>
11216
Convert a buffer with hex data to binary data.
8403
11217
</p>
8404
11218
<div class="variablelist"><table border="0">
8405
11219
<col align="left" valign="top">
8406
11220
<tbody>
8407
11221
<tr>
8408
11222
<td><p><span class="term"><em class="parameter"><code>hex_data</code></em> :</span></p></td>
8409
<td>
11223
<td>string with data in hex format
8410
11224
</td>
8411
11225
</tr>
8412
11226
<tr>
8413
11227
<td><p><span class="term"><em class="parameter"><code>hex_size</code></em> :</span></p></td>
8414
<td>
11228
<td>size of hex data
8415
11229
</td>
8416
11230
</tr>
8417
11231
<tr>
8418
11232
<td><p><span class="term"><em class="parameter"><code>bin_data</code></em> :</span></p></td>
8419
<td>
11233
<td>output array with binary data
8420
11234
</td>
8421
11235
</tr>
8422
11236
<tr>
8423
11237
<td><p><span class="term"><em class="parameter"><code>bin_size</code></em> :</span></p></td>
8424
<td>
11238
<td>when calling *<em class="parameter"><code>bin_size</code></em> should hold size of <em class="parameter"><code>bin_data</code></em>,
11239
on return will hold actual size of <em class="parameter"><code>bin_data</code></em>.
8425
11240
</td>
8426
11241
</tr>
8427
11242
<tr>
8428
11243
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
8429
<td>
11244
<td> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> on success, otherwise an error.
11245
8430
11246
</td>
8431
11247
</tr>
8432
11248
</tbody>
8433
11249
</table></div>
11250
<p class="since">Since 2.4.0</p>
8434
11251
</div>
8435
11252
<hr>
8436
11253
<div class="refsect2" title="GNUTLS_E_SUCCESS">
9185
12002
</p>
9186
12003
</div>
9187
12004
<hr>
12005
<div class="refsect2" title="GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM">
12006
<a name="GNUTLS-E-UNSUPPORTED-SIGNATURE-ALGORITHM:CAPS"></a><h3>GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM</h3>
12007
<pre class="programlisting">#define GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM -106
12008
</pre>
12009
<p>
12010
</p>
12011
</div>
12012
<hr>
12013
<div class="refsect2" title="GNUTLS_E_SAFE_RENEGOTIATION_FAILED">
12014
<a name="GNUTLS-E-SAFE-RENEGOTIATION-FAILED:CAPS"></a><h3>GNUTLS_E_SAFE_RENEGOTIATION_FAILED</h3>
12015
<pre class="programlisting">#define GNUTLS_E_SAFE_RENEGOTIATION_FAILED -107
12016
</pre>
12017
<p>
12018
</p>
12019
</div>
12020
<hr>
12021
<div class="refsect2" title="GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED">
12022
<a name="GNUTLS-E-UNSAFE-RENEGOTIATION-DENIED:CAPS"></a><h3>GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED</h3>
12023
<pre class="programlisting">#define GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED -108
12024
</pre>
12025
<p>
12026
</p>
12027
</div>
12028
<hr>
12029
<div class="refsect2" title="GNUTLS_E_UNKNOWN_SRP_USERNAME">
12030
<a name="GNUTLS-E-UNKNOWN-SRP-USERNAME:CAPS"></a><h3>GNUTLS_E_UNKNOWN_SRP_USERNAME</h3>
12031
<pre class="programlisting">#define GNUTLS_E_UNKNOWN_SRP_USERNAME -109
12032
</pre>
12033
<p>
12034
</p>
12035
</div>
12036
<hr>
9188
12037
<div class="refsect2" title="GNUTLS_E_BASE64_ENCODING_ERROR">
9189
12038
<a name="GNUTLS-E-BASE64-ENCODING-ERROR:CAPS"></a><h3>GNUTLS_E_BASE64_ENCODING_ERROR</h3>
9190
12039
<pre class="programlisting">#define GNUTLS_E_BASE64_ENCODING_ERROR -201
9273
12122
</p>
9274
12123
</div>
9275
12124
<hr>
12125
<div class="refsect2" title="GNUTLS_E_CRYPTODEV_IOCTL_ERROR">
12126
<a name="GNUTLS-E-CRYPTODEV-IOCTL-ERROR:CAPS"></a><h3>GNUTLS_E_CRYPTODEV_IOCTL_ERROR</h3>
12127
<pre class="programlisting">#define GNUTLS_E_CRYPTODEV_IOCTL_ERROR -211
12128
</pre>
12129
<p>
12130
</p>
12131
</div>
12132
<hr>
12133
<div class="refsect2" title="GNUTLS_E_CRYPTODEV_DEVICE_ERROR">
12134
<a name="GNUTLS-E-CRYPTODEV-DEVICE-ERROR:CAPS"></a><h3>GNUTLS_E_CRYPTODEV_DEVICE_ERROR</h3>
12135
<pre class="programlisting">#define GNUTLS_E_CRYPTODEV_DEVICE_ERROR -212
12136
</pre>
12137
<p>
12138
</p>
12139
</div>
12140
<hr>
9276
12141
<div class="refsect2" title="GNUTLS_E_UNIMPLEMENTED_FEATURE">
9277
12142
<a name="GNUTLS-E-UNIMPLEMENTED-FEATURE:CAPS"></a><h3>GNUTLS_E_UNIMPLEMENTED_FEATURE</h3>
9278
12143
<pre class="programlisting">#define GNUTLS_E_UNIMPLEMENTED_FEATURE -1250
9300
12165
</div>
9301
12166
<div class="footer">
9302
12167
<hr>
9303
Generated by GTK-Doc V1.14</div>
12168
Generated by GTK-Doc V1.15</div>
9304
12169
</body>
9305
12170
</html>
b'\\ No newline at end of file'
Loggerhead is a web-based interface for Breezy
Version: 2.0.1