63
63
#define GNUTLS_CIPHER_RIJNDAEL_CBC GNUTLS_CIPHER_AES_128_CBC
64
64
#define GNUTLS_CIPHER_ARCFOUR GNUTLS_CIPHER_ARCFOUR_128
67
* gnutls_cipher_algorithm_t:
68
* @GNUTLS_CIPHER_UNKNOWN: Unknown algorithm.
69
* @GNUTLS_CIPHER_NULL: NULL algorithm.
70
* @GNUTLS_CIPHER_ARCFOUR_128: ARCFOUR stream cipher with 128-bit keys.
71
* @GNUTLS_CIPHER_3DES_CBC: 3DES in CBC mode.
72
* @GNUTLS_CIPHER_AES_128_CBC: AES in CBC mode with 128-bit keys.
73
* @GNUTLS_CIPHER_AES_192_CBC: AES in CBC mode with 192-bit keys.
74
* @GNUTLS_CIPHER_AES_256_CBC: AES in CBC mode with 256-bit keys.
75
* @GNUTLS_CIPHER_ARCFOUR_40: ARCFOUR stream cipher with 40-bit keys.
76
* @GNUTLS_CIPHER_CAMELLIA_128_CBC: Camellia in CBC mode with 128-bit keys.
77
* @GNUTLS_CIPHER_CAMELLIA_256_CBC: Camellia in CBC mode with 256-bit keys.
78
* @GNUTLS_CIPHER_RC2_40_CBC: RC2 in CBC mode with 40-bit keys.
79
* @GNUTLS_CIPHER_DES_CBC: DES in CBC mode (56-bit keys).
80
* @GNUTLS_CIPHER_AES_128_GCM: AES in GCM mode with 128-bit keys.
81
* @GNUTLS_CIPHER_AES_256_GCM: AES in GCM mode with 256-bit keys.
82
* @GNUTLS_CIPHER_IDEA_PGP_CFB: IDEA in CFB mode.
83
* @GNUTLS_CIPHER_3DES_PGP_CFB: 3DES in CFB mode.
84
* @GNUTLS_CIPHER_CAST5_PGP_CFB: CAST5 in CFB mode.
85
* @GNUTLS_CIPHER_BLOWFISH_PGP_CFB: Blowfish in CFB mode.
86
* @GNUTLS_CIPHER_SAFER_SK128_PGP_CFB: Safer-SK in CFB mode with 128-bit keys.
87
* @GNUTLS_CIPHER_AES128_PGP_CFB: AES in CFB mode with 128-bit keys.
88
* @GNUTLS_CIPHER_AES192_PGP_CFB: AES in CFB mode with 192-bit keys.
89
* @GNUTLS_CIPHER_AES256_PGP_CFB: AES in CFB mode with 256-bit keys.
90
* @GNUTLS_CIPHER_TWOFISH_PGP_CFB: Twofish in CFB mode.
92
* Enumeration of different symmetric encryption algorithms.
67
* gnutls_cipher_algorithm_t:
68
* @GNUTLS_CIPHER_UNKNOWN: Unknown algorithm.
69
* @GNUTLS_CIPHER_NULL: NULL algorithm.
70
* @GNUTLS_CIPHER_ARCFOUR_128: ARCFOUR stream cipher with 128-bit keys.
71
* @GNUTLS_CIPHER_3DES_CBC: 3DES in CBC mode.
72
* @GNUTLS_CIPHER_AES_128_CBC: AES in CBC mode with 128-bit keys.
73
* @GNUTLS_CIPHER_AES_192_CBC: AES in CBC mode with 192-bit keys.
74
* @GNUTLS_CIPHER_AES_256_CBC: AES in CBC mode with 256-bit keys.
75
* @GNUTLS_CIPHER_ARCFOUR_40: ARCFOUR stream cipher with 40-bit keys.
76
* @GNUTLS_CIPHER_CAMELLIA_128_CBC: Camellia in CBC mode with 128-bit keys.
77
* @GNUTLS_CIPHER_CAMELLIA_256_CBC: Camellia in CBC mode with 256-bit keys.
78
* @GNUTLS_CIPHER_RC2_40_CBC: RC2 in CBC mode with 40-bit keys.
79
* @GNUTLS_CIPHER_DES_CBC: DES in CBC mode (56-bit keys).
80
* @GNUTLS_CIPHER_AES_128_GCM: AES in GCM mode with 128-bit keys.
81
* @GNUTLS_CIPHER_AES_256_GCM: AES in GCM mode with 256-bit keys.
82
* @GNUTLS_CIPHER_IDEA_PGP_CFB: IDEA in CFB mode.
83
* @GNUTLS_CIPHER_3DES_PGP_CFB: 3DES in CFB mode.
84
* @GNUTLS_CIPHER_CAST5_PGP_CFB: CAST5 in CFB mode.
85
* @GNUTLS_CIPHER_BLOWFISH_PGP_CFB: Blowfish in CFB mode.
86
* @GNUTLS_CIPHER_SAFER_SK128_PGP_CFB: Safer-SK in CFB mode with 128-bit keys.
87
* @GNUTLS_CIPHER_AES128_PGP_CFB: AES in CFB mode with 128-bit keys.
88
* @GNUTLS_CIPHER_AES192_PGP_CFB: AES in CFB mode with 192-bit keys.
89
* @GNUTLS_CIPHER_AES256_PGP_CFB: AES in CFB mode with 256-bit keys.
90
* @GNUTLS_CIPHER_TWOFISH_PGP_CFB: Twofish in CFB mode.
92
* Enumeration of different symmetric encryption algorithms.
94
94
typedef enum gnutls_cipher_algorithm
96
96
GNUTLS_CIPHER_UNKNOWN = 0,
121
121
GNUTLS_CIPHER_TWOFISH_PGP_CFB = 208
122
122
} gnutls_cipher_algorithm_t;
125
* gnutls_kx_algorithm_t:
126
* @GNUTLS_KX_UNKNOWN: Unknown key-exchange algorithm.
127
* @GNUTLS_KX_RSA: RSA key-exchange algorithm.
128
* @GNUTLS_KX_DHE_DSS: DHE-DSS key-exchange algorithm.
129
* @GNUTLS_KX_DHE_RSA: DHE-RSA key-exchange algorithm.
130
* @GNUTLS_KX_ECDHE_RSA: ECDHE-RSA key-exchange algorithm.
131
* @GNUTLS_KX_ECDHE_ECDSA: ECDHE-ECDSA key-exchange algorithm.
132
* @GNUTLS_KX_ANON_DH: Anon-DH key-exchange algorithm.
133
* @GNUTLS_KX_ANON_ECDH: Anon-ECDH key-exchange algorithm.
134
* @GNUTLS_KX_SRP: SRP key-exchange algorithm.
135
* @GNUTLS_KX_RSA_EXPORT: RSA-EXPORT key-exchange algorithm.
136
* @GNUTLS_KX_SRP_RSA: SRP-RSA key-exchange algorithm.
137
* @GNUTLS_KX_SRP_DSS: SRP-DSS key-exchange algorithm.
138
* @GNUTLS_KX_PSK: PSK key-exchange algorithm.
139
* @GNUTLS_KX_DHE_PSK: DHE-PSK key-exchange algorithm.
140
* @GNUTLS_KX_ECDHE_PSK: ECDHE-PSK key-exchange algorithm.
142
* Enumeration of different key exchange algorithms.
125
* gnutls_kx_algorithm_t:
126
* @GNUTLS_KX_UNKNOWN: Unknown key-exchange algorithm.
127
* @GNUTLS_KX_RSA: RSA key-exchange algorithm.
128
* @GNUTLS_KX_DHE_DSS: DHE-DSS key-exchange algorithm.
129
* @GNUTLS_KX_DHE_RSA: DHE-RSA key-exchange algorithm.
130
* @GNUTLS_KX_ECDHE_RSA: ECDHE-RSA key-exchange algorithm.
131
* @GNUTLS_KX_ECDHE_ECDSA: ECDHE-ECDSA key-exchange algorithm.
132
* @GNUTLS_KX_ANON_DH: Anon-DH key-exchange algorithm.
133
* @GNUTLS_KX_ANON_ECDH: Anon-ECDH key-exchange algorithm.
134
* @GNUTLS_KX_SRP: SRP key-exchange algorithm.
135
* @GNUTLS_KX_RSA_EXPORT: RSA-EXPORT key-exchange algorithm.
136
* @GNUTLS_KX_SRP_RSA: SRP-RSA key-exchange algorithm.
137
* @GNUTLS_KX_SRP_DSS: SRP-DSS key-exchange algorithm.
138
* @GNUTLS_KX_PSK: PSK key-exchange algorithm.
139
* @GNUTLS_KX_DHE_PSK: DHE-PSK key-exchange algorithm.
140
* @GNUTLS_KX_ECDHE_PSK: ECDHE-PSK key-exchange algorithm.
142
* Enumeration of different key exchange algorithms.
146
146
GNUTLS_KX_UNKNOWN = 0,
160
160
GNUTLS_KX_ECDHE_PSK = 14,
161
161
} gnutls_kx_algorithm_t;
164
* gnutls_params_type_t:
165
* @GNUTLS_PARAMS_RSA_EXPORT: Session RSA-EXPORT parameters.
166
* @GNUTLS_PARAMS_DH: Session Diffie-Hellman parameters.
167
* @GNUTLS_PARAMS_ECDH: Session Elliptic-Curve Diffie-Hellman parameters.
169
* Enumeration of different TLS session parameter types.
164
* gnutls_params_type_t:
165
* @GNUTLS_PARAMS_RSA_EXPORT: Session RSA-EXPORT parameters.
166
* @GNUTLS_PARAMS_DH: Session Diffie-Hellman parameters.
167
* @GNUTLS_PARAMS_ECDH: Session Elliptic-Curve Diffie-Hellman parameters.
169
* Enumeration of different TLS session parameter types.
173
173
GNUTLS_PARAMS_RSA_EXPORT = 1,
175
175
GNUTLS_PARAMS_ECDH = 3,
176
176
} gnutls_params_type_t;
179
* gnutls_credentials_type_t:
180
* @GNUTLS_CRD_CERTIFICATE: Certificate credential.
181
* @GNUTLS_CRD_ANON: Anonymous credential.
182
* @GNUTLS_CRD_SRP: SRP credential.
183
* @GNUTLS_CRD_PSK: PSK credential.
184
* @GNUTLS_CRD_IA: IA credential.
186
* Enumeration of different credential types.
179
* gnutls_credentials_type_t:
180
* @GNUTLS_CRD_CERTIFICATE: Certificate credential.
181
* @GNUTLS_CRD_ANON: Anonymous credential.
182
* @GNUTLS_CRD_SRP: SRP credential.
183
* @GNUTLS_CRD_PSK: PSK credential.
184
* @GNUTLS_CRD_IA: IA credential.
186
* Enumeration of different credential types.
190
190
GNUTLS_CRD_CERTIFICATE = 1,
197
197
#define GNUTLS_MAC_SHA GNUTLS_MAC_SHA1
198
198
#define GNUTLS_DIG_SHA GNUTLS_DIG_SHA1
201
* gnutls_mac_algorithm_t:
202
* @GNUTLS_MAC_UNKNOWN: Unknown MAC algorithm.
203
* @GNUTLS_MAC_NULL: NULL MAC algorithm (empty output).
204
* @GNUTLS_MAC_MD5: HMAC-MD5 algorithm.
205
* @GNUTLS_MAC_SHA1: HMAC-SHA-1 algorithm.
206
* @GNUTLS_MAC_RMD160: HMAC-RMD160 algorithm.
207
* @GNUTLS_MAC_MD2: HMAC-MD2 algorithm.
208
* @GNUTLS_MAC_SHA256: HMAC-SHA-256 algorithm.
209
* @GNUTLS_MAC_SHA384: HMAC-SHA-384 algorithm.
210
* @GNUTLS_MAC_SHA512: HMAC-SHA-512 algorithm.
211
* @GNUTLS_MAC_SHA224: HMAC-SHA-224 algorithm.
212
* @GNUTLS_MAC_AEAD: MAC implicit through AEAD cipher.
214
* Enumeration of different Message Authentication Code (MAC)
201
* gnutls_mac_algorithm_t:
202
* @GNUTLS_MAC_UNKNOWN: Unknown MAC algorithm.
203
* @GNUTLS_MAC_NULL: NULL MAC algorithm (empty output).
204
* @GNUTLS_MAC_MD5: HMAC-MD5 algorithm.
205
* @GNUTLS_MAC_SHA1: HMAC-SHA-1 algorithm.
206
* @GNUTLS_MAC_RMD160: HMAC-RMD160 algorithm.
207
* @GNUTLS_MAC_MD2: HMAC-MD2 algorithm.
208
* @GNUTLS_MAC_SHA256: HMAC-SHA-256 algorithm.
209
* @GNUTLS_MAC_SHA384: HMAC-SHA-384 algorithm.
210
* @GNUTLS_MAC_SHA512: HMAC-SHA-512 algorithm.
211
* @GNUTLS_MAC_SHA224: HMAC-SHA-224 algorithm.
212
* @GNUTLS_MAC_AEAD: MAC implicit through AEAD cipher.
214
* Enumeration of different Message Authentication Code (MAC)
219
219
GNUTLS_MAC_UNKNOWN = 0,
231
231
GNUTLS_MAC_AEAD = 200 /* indicates that MAC is on the cipher */
232
232
} gnutls_mac_algorithm_t;
235
* gnutls_digest_algorithm_t:
236
* @GNUTLS_DIG_UNKNOWN: Unknown hash algorithm.
237
* @GNUTLS_DIG_NULL: NULL hash algorithm (empty output).
238
* @GNUTLS_DIG_MD5: MD5 algorithm.
239
* @GNUTLS_DIG_SHA1: SHA-1 algorithm.
240
* @GNUTLS_DIG_RMD160: RMD160 algorithm.
241
* @GNUTLS_DIG_MD2: MD2 algorithm.
242
* @GNUTLS_DIG_SHA256: SHA-256 algorithm.
243
* @GNUTLS_DIG_SHA384: SHA-384 algorithm.
244
* @GNUTLS_DIG_SHA512: SHA-512 algorithm.
245
* @GNUTLS_DIG_SHA224: SHA-224 algorithm.
247
* Enumeration of different digest (hash) algorithms.
235
* gnutls_digest_algorithm_t:
236
* @GNUTLS_DIG_UNKNOWN: Unknown hash algorithm.
237
* @GNUTLS_DIG_NULL: NULL hash algorithm (empty output).
238
* @GNUTLS_DIG_MD5: MD5 algorithm.
239
* @GNUTLS_DIG_SHA1: SHA-1 algorithm.
240
* @GNUTLS_DIG_RMD160: RMD160 algorithm.
241
* @GNUTLS_DIG_MD2: MD2 algorithm.
242
* @GNUTLS_DIG_SHA256: SHA-256 algorithm.
243
* @GNUTLS_DIG_SHA384: SHA-384 algorithm.
244
* @GNUTLS_DIG_SHA512: SHA-512 algorithm.
245
* @GNUTLS_DIG_SHA224: SHA-224 algorithm.
247
* Enumeration of different digest (hash) algorithms.
251
251
GNUTLS_DIG_UNKNOWN = GNUTLS_MAC_UNKNOWN,
268
268
#define GNUTLS_MAX_ALGORITHM_NUM 32
271
* gnutls_compression_method_t:
272
* @GNUTLS_COMP_UNKNOWN: Unknown compression method.
273
* @GNUTLS_COMP_NULL: The NULL compression method (uncompressed).
274
* @GNUTLS_COMP_DEFLATE: The deflate/zlib compression method.
275
* @GNUTLS_COMP_ZLIB: Same as %GNUTLS_COMP_DEFLATE.
277
* Enumeration of different TLS compression methods.
271
* gnutls_compression_method_t:
272
* @GNUTLS_COMP_UNKNOWN: Unknown compression method.
273
* @GNUTLS_COMP_NULL: The NULL compression method (no compression).
274
* @GNUTLS_COMP_DEFLATE: The DEFLATE compression method from zlib.
275
* @GNUTLS_COMP_ZLIB: Same as %GNUTLS_COMP_DEFLATE.
277
* Enumeration of different TLS compression methods.
281
281
GNUTLS_COMP_UNKNOWN = 0,
299
299
#define GNUTLS_DATAGRAM (1<<2)
300
300
#define GNUTLS_NONBLOCK (1<<3)
303
* gnutls_alert_level_t:
304
* @GNUTLS_AL_WARNING: Alert of warning severity.
305
* @GNUTLS_AL_FATAL: Alert of fatal severity.
307
* Enumeration of different TLS alert severities.
303
* gnutls_alert_level_t:
304
* @GNUTLS_AL_WARNING: Alert of warning severity.
305
* @GNUTLS_AL_FATAL: Alert of fatal severity.
307
* Enumeration of different TLS alert severities.
311
311
GNUTLS_AL_WARNING = 1,
313
313
} gnutls_alert_level_t;
316
* gnutls_alert_description_t:
317
* @GNUTLS_A_CLOSE_NOTIFY: Close notify.
318
* @GNUTLS_A_UNEXPECTED_MESSAGE: Unexpected message.
319
* @GNUTLS_A_BAD_RECORD_MAC: Bad record MAC.
320
* @GNUTLS_A_DECRYPTION_FAILED: Decryption failed.
321
* @GNUTLS_A_RECORD_OVERFLOW: Record overflow.
322
* @GNUTLS_A_DECOMPRESSION_FAILURE: Decompression failed.
323
* @GNUTLS_A_HANDSHAKE_FAILURE: Handshake failed.
324
* @GNUTLS_A_SSL3_NO_CERTIFICATE: No certificate.
325
* @GNUTLS_A_BAD_CERTIFICATE: Certificate is bad.
326
* @GNUTLS_A_UNSUPPORTED_CERTIFICATE: Certificate is not supported.
327
* @GNUTLS_A_CERTIFICATE_REVOKED: Certificate was revoked.
328
* @GNUTLS_A_CERTIFICATE_EXPIRED: Certificate is expired.
329
* @GNUTLS_A_CERTIFICATE_UNKNOWN: Unknown certificate.
330
* @GNUTLS_A_ILLEGAL_PARAMETER: Illegal parameter.
331
* @GNUTLS_A_UNKNOWN_CA: CA is unknown.
332
* @GNUTLS_A_ACCESS_DENIED: Access was denied.
333
* @GNUTLS_A_DECODE_ERROR: Decode error.
334
* @GNUTLS_A_DECRYPT_ERROR: Decrypt error.
335
* @GNUTLS_A_EXPORT_RESTRICTION: Export restriction.
336
* @GNUTLS_A_PROTOCOL_VERSION: Error in protocol version.
337
* @GNUTLS_A_INSUFFICIENT_SECURITY: Insufficient security.
338
* @GNUTLS_A_USER_CANCELED: User canceled.
339
* @GNUTLS_A_INTERNAL_ERROR: Internal error.
340
* @GNUTLS_A_NO_RENEGOTIATION: No renegotiation is allowed.
341
* @GNUTLS_A_CERTIFICATE_UNOBTAINABLE: Could not retrieve the
342
* specified certificate.
343
* @GNUTLS_A_UNSUPPORTED_EXTENSION: An unsupported extension was
345
* @GNUTLS_A_UNRECOGNIZED_NAME: The server name sent was not
347
* @GNUTLS_A_UNKNOWN_PSK_IDENTITY: The SRP/PSK username is missing
350
* Enumeration of different TLS alerts.
316
* gnutls_alert_description_t:
317
* @GNUTLS_A_CLOSE_NOTIFY: Close notify.
318
* @GNUTLS_A_UNEXPECTED_MESSAGE: Unexpected message.
319
* @GNUTLS_A_BAD_RECORD_MAC: Bad record MAC.
320
* @GNUTLS_A_DECRYPTION_FAILED: Decryption failed.
321
* @GNUTLS_A_RECORD_OVERFLOW: Record overflow.
322
* @GNUTLS_A_DECOMPRESSION_FAILURE: Decompression failed.
323
* @GNUTLS_A_HANDSHAKE_FAILURE: Handshake failed.
324
* @GNUTLS_A_SSL3_NO_CERTIFICATE: No certificate.
325
* @GNUTLS_A_BAD_CERTIFICATE: Certificate is bad.
326
* @GNUTLS_A_UNSUPPORTED_CERTIFICATE: Certificate is not supported.
327
* @GNUTLS_A_CERTIFICATE_REVOKED: Certificate was revoked.
328
* @GNUTLS_A_CERTIFICATE_EXPIRED: Certificate is expired.
329
* @GNUTLS_A_CERTIFICATE_UNKNOWN: Unknown certificate.
330
* @GNUTLS_A_ILLEGAL_PARAMETER: Illegal parameter.
331
* @GNUTLS_A_UNKNOWN_CA: CA is unknown.
332
* @GNUTLS_A_ACCESS_DENIED: Access was denied.
333
* @GNUTLS_A_DECODE_ERROR: Decode error.
334
* @GNUTLS_A_DECRYPT_ERROR: Decrypt error.
335
* @GNUTLS_A_EXPORT_RESTRICTION: Export restriction.
336
* @GNUTLS_A_PROTOCOL_VERSION: Error in protocol version.
337
* @GNUTLS_A_INSUFFICIENT_SECURITY: Insufficient security.
338
* @GNUTLS_A_USER_CANCELED: User canceled.
339
* @GNUTLS_A_INTERNAL_ERROR: Internal error.
340
* @GNUTLS_A_NO_RENEGOTIATION: No renegotiation is allowed.
341
* @GNUTLS_A_CERTIFICATE_UNOBTAINABLE: Could not retrieve the
342
* specified certificate.
343
* @GNUTLS_A_UNSUPPORTED_EXTENSION: An unsupported extension was
345
* @GNUTLS_A_UNRECOGNIZED_NAME: The server name sent was not
347
* @GNUTLS_A_UNKNOWN_PSK_IDENTITY: The SRP/PSK username is missing
350
* Enumeration of different TLS alerts.
354
354
GNUTLS_A_CLOSE_NOTIFY,
381
381
GNUTLS_A_UNKNOWN_PSK_IDENTITY = 115,
382
382
} gnutls_alert_description_t;
385
* gnutls_handshake_description_t:
386
* @GNUTLS_HANDSHAKE_HELLO_REQUEST: Hello request.
387
* @GNUTLS_HANDSHAKE_HELLO_VERIFY_REQUEST: DTLS Hello verify request.
388
* @GNUTLS_HANDSHAKE_CLIENT_HELLO: Client hello.
389
* @GNUTLS_HANDSHAKE_SERVER_HELLO: Server hello.
390
* @GNUTLS_HANDSHAKE_NEW_SESSION_TICKET: New session ticket.
391
* @GNUTLS_HANDSHAKE_CERTIFICATE_PKT: Certificate packet.
392
* @GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE: Server key exchange.
393
* @GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST: Certificate request.
394
* @GNUTLS_HANDSHAKE_SERVER_HELLO_DONE: Server hello done.
395
* @GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY: Certificate verify.
396
* @GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE: Client key exchange.
397
* @GNUTLS_HANDSHAKE_FINISHED: Finished.
398
* @GNUTLS_HANDSHAKE_SUPPLEMENTAL: Supplemental.
399
* @GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC: Change Cipher Spec
400
* @GNUTLS_HANDSHAKE_CLIENT_HELLO_V2: SSLv2 Client Hello.
402
* Enumeration of different TLS handshake packets.
385
* gnutls_handshake_description_t:
386
* @GNUTLS_HANDSHAKE_HELLO_REQUEST: Hello request.
387
* @GNUTLS_HANDSHAKE_HELLO_VERIFY_REQUEST: DTLS Hello verify request.
388
* @GNUTLS_HANDSHAKE_CLIENT_HELLO: Client hello.
389
* @GNUTLS_HANDSHAKE_SERVER_HELLO: Server hello.
390
* @GNUTLS_HANDSHAKE_NEW_SESSION_TICKET: New session ticket.
391
* @GNUTLS_HANDSHAKE_CERTIFICATE_PKT: Certificate packet.
392
* @GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE: Server key exchange.
393
* @GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST: Certificate request.
394
* @GNUTLS_HANDSHAKE_SERVER_HELLO_DONE: Server hello done.
395
* @GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY: Certificate verify.
396
* @GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE: Client key exchange.
397
* @GNUTLS_HANDSHAKE_FINISHED: Finished.
398
* @GNUTLS_HANDSHAKE_SUPPLEMENTAL: Supplemental.
399
* @GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC: Change Cipher Spec
400
* @GNUTLS_HANDSHAKE_CLIENT_HELLO_V2: SSLv2 Client Hello.
402
* Enumeration of different TLS handshake packets.
406
406
GNUTLS_HANDSHAKE_HELLO_REQUEST = 0,
420
420
GNUTLS_HANDSHAKE_CLIENT_HELLO_V2 = 1024,
421
421
} gnutls_handshake_description_t;
424
* gnutls_certificate_status_t:
425
* @GNUTLS_CERT_INVALID: Will be set if the certificate was not
427
* @GNUTLS_CERT_REVOKED: Certificate revoked. In X.509 this will be
428
* set only if CRLs are checked.
429
* @GNUTLS_CERT_SIGNER_NOT_FOUND: Certificate not verified. Signer
431
* @GNUTLS_CERT_SIGNER_NOT_CA: Certificate not verified. Signer
432
* not a CA certificate.
433
* @GNUTLS_CERT_INSECURE_ALGORITHM: Certificate not verified,
434
* insecure algorithm.
435
* @GNUTLS_CERT_NOT_ACTIVATED: Certificate not yet activated.
436
* @GNUTLS_CERT_EXPIRED: Certificate expired.
438
* Enumeration of certificate status codes. Note that the status
439
* bits have different meanings in OpenPGP keys and X.509
440
* certificate verification.
424
* gnutls_certificate_status_t:
425
* @GNUTLS_CERT_INVALID: The certificate is not signed by one of the
426
* known authorities or the signature is invalid.
427
* @GNUTLS_CERT_REVOKED: Certificate is revoked by its authority. In X.509 this will be
428
* set only if CRLs are checked.
429
* @GNUTLS_CERT_SIGNER_NOT_FOUND: The certificate's issuer is not known.
430
* This is the case if the issue is not included in the trusted certificate list.
432
* @GNUTLS_CERT_SIGNER_NOT_CA: The certificate’s signer was not a CA. This
433
* may happen if this was a version 1 certificate, which is common with
434
* some CAs, or a version 3 certificate without the basic constrains extension.
435
* @GNUTLS_CERT_INSECURE_ALGORITHM: The certificate was signed using an in-
436
* secure algorithm such as MD2 or MD5. These algorithms have been broken and
437
* should not be trusted.
438
* @GNUTLS_CERT_NOT_ACTIVATED: The certificate is not yet activated.
439
* @GNUTLS_CERT_EXPIRED: The certificate has expired.
441
* Enumeration of certificate status codes. Note that the status
442
* bits have different meanings in OpenPGP keys and X.509
443
* certificate verification.
444
447
GNUTLS_CERT_INVALID = 2,
450
453
GNUTLS_CERT_EXPIRED = 1024
451
454
} gnutls_certificate_status_t;
454
* gnutls_certificate_request_t:
455
* @GNUTLS_CERT_IGNORE: Ignore certificate.
456
* @GNUTLS_CERT_REQUEST: Request certificate.
457
* @GNUTLS_CERT_REQUIRE: Require certificate.
459
* Enumeration of certificate request types.
457
* gnutls_certificate_request_t:
458
* @GNUTLS_CERT_IGNORE: Ignore certificate.
459
* @GNUTLS_CERT_REQUEST: Request certificate.
460
* @GNUTLS_CERT_REQUIRE: Require certificate.
462
* Enumeration of certificate request types.
463
466
GNUTLS_CERT_IGNORE = 0,
465
468
GNUTLS_CERT_REQUIRE = 2
466
469
} gnutls_certificate_request_t;
469
* gnutls_openpgp_crt_status_t:
470
* @GNUTLS_OPENPGP_CERT: Send entire certificate.
471
* @GNUTLS_OPENPGP_CERT_FINGERPRINT: Send only certificate fingerprint.
473
* Enumeration of ways to send OpenPGP certificate.
472
* gnutls_openpgp_crt_status_t:
473
* @GNUTLS_OPENPGP_CERT: Send entire certificate.
474
* @GNUTLS_OPENPGP_CERT_FINGERPRINT: Send only certificate fingerprint.
476
* Enumeration of ways to send OpenPGP certificate.
477
480
GNUTLS_OPENPGP_CERT = 0,
478
481
GNUTLS_OPENPGP_CERT_FINGERPRINT = 1
479
482
} gnutls_openpgp_crt_status_t;
482
* gnutls_close_request_t:
483
* @GNUTLS_SHUT_RDWR: Disallow further receives/sends.
484
* @GNUTLS_SHUT_WR: Disallow further sends.
486
* Enumeration of how TLS session should be terminated. See gnutls_bye().
485
* gnutls_close_request_t:
486
* @GNUTLS_SHUT_RDWR: Disallow further receives/sends.
487
* @GNUTLS_SHUT_WR: Disallow further sends.
489
* Enumeration of how TLS session should be terminated. See gnutls_bye().
490
493
GNUTLS_SHUT_RDWR = 0,
491
494
GNUTLS_SHUT_WR = 1
492
495
} gnutls_close_request_t;
496
* @GNUTLS_SSL3: SSL version 3.0.
497
* @GNUTLS_TLS1_0: TLS version 1.0.
498
* @GNUTLS_TLS1: Same as %GNUTLS_TLS1_0.
499
* @GNUTLS_TLS1_1: TLS version 1.1.
500
* @GNUTLS_TLS1_2: TLS version 1.2.
501
* @GNUTLS_DTLS1_0: DTLS version 1.0.
502
* @GNUTLS_VERSION_MAX: Maps to the highest supported TLS version.
503
* @GNUTLS_VERSION_UNKNOWN: Unknown SSL/TLS version.
505
* Enumeration of different SSL/TLS protocol versions.
499
* @GNUTLS_SSL3: SSL version 3.0.
500
* @GNUTLS_TLS1_0: TLS version 1.0.
501
* @GNUTLS_TLS1: Same as %GNUTLS_TLS1_0.
502
* @GNUTLS_TLS1_1: TLS version 1.1.
503
* @GNUTLS_TLS1_2: TLS version 1.2.
504
* @GNUTLS_DTLS1_0: DTLS version 1.0.
505
* @GNUTLS_VERSION_MAX: Maps to the highest supported TLS version.
506
* @GNUTLS_VERSION_UNKNOWN: Unknown SSL/TLS version.
508
* Enumeration of different SSL/TLS protocol versions.
516
519
GNUTLS_VERSION_UNKNOWN = 0xff
517
520
} gnutls_protocol_t;
520
* gnutls_certificate_type_t:
521
* @GNUTLS_CRT_UNKNOWN: Unknown certificate type.
522
* @GNUTLS_CRT_X509: X.509 Certificate.
523
* @GNUTLS_CRT_OPENPGP: OpenPGP certificate.
525
* Enumeration of different certificate types.
523
* gnutls_certificate_type_t:
524
* @GNUTLS_CRT_UNKNOWN: Unknown certificate type.
525
* @GNUTLS_CRT_X509: X.509 Certificate.
526
* @GNUTLS_CRT_OPENPGP: OpenPGP certificate.
528
* Enumeration of different certificate types.
529
532
GNUTLS_CRT_UNKNOWN = 0,
531
534
GNUTLS_CRT_OPENPGP = 2
532
535
} gnutls_certificate_type_t;
535
* gnutls_x509_crt_fmt_t:
536
* @GNUTLS_X509_FMT_DER: X.509 certificate in DER format (binary).
537
* @GNUTLS_X509_FMT_PEM: X.509 certificate in PEM format (text).
539
* Enumeration of different certificate encoding formats.
538
* gnutls_x509_crt_fmt_t:
539
* @GNUTLS_X509_FMT_DER: X.509 certificate in DER format (binary).
540
* @GNUTLS_X509_FMT_PEM: X.509 certificate in PEM format (text).
542
* Enumeration of different certificate encoding formats.
543
546
GNUTLS_X509_FMT_DER = 0,
544
547
GNUTLS_X509_FMT_PEM = 1
545
548
} gnutls_x509_crt_fmt_t;
548
* gnutls_certificate_print_formats_t:
549
* @GNUTLS_CRT_PRINT_FULL: Full information about certificate.
550
* @GNUTLS_CRT_PRINT_ONELINE: Information about certificate in one line.
551
* @GNUTLS_CRT_PRINT_UNSIGNED_FULL: All info for an unsigned certificate.
553
* Enumeration of different certificate printing variants.
551
* gnutls_certificate_print_formats_t:
552
* @GNUTLS_CRT_PRINT_FULL: Full information about certificate.
553
* @GNUTLS_CRT_PRINT_ONELINE: Information about certificate in one line.
554
* @GNUTLS_CRT_PRINT_UNSIGNED_FULL: All info for an unsigned certificate.
556
* Enumeration of different certificate printing variants.
555
558
typedef enum gnutls_certificate_print_formats
557
560
GNUTLS_CRT_PRINT_FULL = 0,
559
562
GNUTLS_CRT_PRINT_UNSIGNED_FULL = 2
560
563
} gnutls_certificate_print_formats_t;
563
* gnutls_pk_algorithm_t:
564
* @GNUTLS_PK_UNKNOWN: Unknown public-key algorithm.
565
* @GNUTLS_PK_RSA: RSA public-key algorithm.
566
* @GNUTLS_PK_DSA: DSA public-key algorithm.
567
* @GNUTLS_PK_DH: Diffie-Hellman algorithm. Used to generate parameters.
568
* @GNUTLS_PK_ECC: Elliptic curve algorithm. Used to generate parameters.
570
* Enumeration of different public-key algorithms.
566
* gnutls_pk_algorithm_t:
567
* @GNUTLS_PK_UNKNOWN: Unknown public-key algorithm.
568
* @GNUTLS_PK_RSA: RSA public-key algorithm.
569
* @GNUTLS_PK_DSA: DSA public-key algorithm.
570
* @GNUTLS_PK_DH: Diffie-Hellman algorithm. Used to generate parameters.
571
* @GNUTLS_PK_ECC: Elliptic curve algorithm. Used to generate parameters.
573
* Enumeration of different public-key algorithms.
574
577
GNUTLS_PK_UNKNOWN = 0,
581
584
const char *gnutls_pk_algorithm_get_name (gnutls_pk_algorithm_t algorithm);
584
* gnutls_sign_algorithm_t:
585
* @GNUTLS_SIGN_UNKNOWN: Unknown signature algorithm.
586
* @GNUTLS_SIGN_RSA_SHA1: Digital signature algorithm RSA with SHA-1
587
* @GNUTLS_SIGN_RSA_SHA: Same as %GNUTLS_SIGN_RSA_SHA1.
588
* @GNUTLS_SIGN_DSA_SHA1: Digital signature algorithm DSA with SHA-1
589
* @GNUTLS_SIGN_DSA_SHA224: Digital signature algorithm DSA with SHA-224
590
* @GNUTLS_SIGN_DSA_SHA256: Digital signature algorithm DSA with SHA-256
591
* @GNUTLS_SIGN_DSA_SHA: Same as %GNUTLS_SIGN_DSA_SHA1.
592
* @GNUTLS_SIGN_RSA_MD5: Digital signature algorithm RSA with MD5.
593
* @GNUTLS_SIGN_RSA_MD2: Digital signature algorithm RSA with MD2.
594
* @GNUTLS_SIGN_RSA_RMD160: Digital signature algorithm RSA with RMD-160.
595
* @GNUTLS_SIGN_RSA_SHA256: Digital signature algorithm RSA with SHA-256.
596
* @GNUTLS_SIGN_RSA_SHA384: Digital signature algorithm RSA with SHA-384.
597
* @GNUTLS_SIGN_RSA_SHA512: Digital signature algorithm RSA with SHA-512.
598
* @GNUTLS_SIGN_RSA_SHA224: Digital signature algorithm RSA with SHA-224.
599
* @GNUTLS_SIGN_ECDSA_SHA1: ECDSA with SHA1.
600
* @GNUTLS_SIGN_ECDSA_SHA256: Digital signature algorithm ECDSA with SHA-256.
601
* @GNUTLS_SIGN_ECDSA_SHA384: Digital signature algorithm ECDSA with SHA-384.
602
* @GNUTLS_SIGN_ECDSA_SHA512: Digital signature algorithm ECDSA with SHA-512.
603
* @GNUTLS_SIGN_ECDSA_SHA224: Digital signature algorithm ECDSA with SHA-224.
605
* Enumeration of different digital signature algorithms.
587
* gnutls_sign_algorithm_t:
588
* @GNUTLS_SIGN_UNKNOWN: Unknown signature algorithm.
589
* @GNUTLS_SIGN_RSA_SHA1: Digital signature algorithm RSA with SHA-1
590
* @GNUTLS_SIGN_RSA_SHA: Same as %GNUTLS_SIGN_RSA_SHA1.
591
* @GNUTLS_SIGN_DSA_SHA1: Digital signature algorithm DSA with SHA-1
592
* @GNUTLS_SIGN_DSA_SHA224: Digital signature algorithm DSA with SHA-224
593
* @GNUTLS_SIGN_DSA_SHA256: Digital signature algorithm DSA with SHA-256
594
* @GNUTLS_SIGN_DSA_SHA: Same as %GNUTLS_SIGN_DSA_SHA1.
595
* @GNUTLS_SIGN_RSA_MD5: Digital signature algorithm RSA with MD5.
596
* @GNUTLS_SIGN_RSA_MD2: Digital signature algorithm RSA with MD2.
597
* @GNUTLS_SIGN_RSA_RMD160: Digital signature algorithm RSA with RMD-160.
598
* @GNUTLS_SIGN_RSA_SHA256: Digital signature algorithm RSA with SHA-256.
599
* @GNUTLS_SIGN_RSA_SHA384: Digital signature algorithm RSA with SHA-384.
600
* @GNUTLS_SIGN_RSA_SHA512: Digital signature algorithm RSA with SHA-512.
601
* @GNUTLS_SIGN_RSA_SHA224: Digital signature algorithm RSA with SHA-224.
602
* @GNUTLS_SIGN_ECDSA_SHA1: ECDSA with SHA1.
603
* @GNUTLS_SIGN_ECDSA_SHA256: Digital signature algorithm ECDSA with SHA-256.
604
* @GNUTLS_SIGN_ECDSA_SHA384: Digital signature algorithm ECDSA with SHA-384.
605
* @GNUTLS_SIGN_ECDSA_SHA512: Digital signature algorithm ECDSA with SHA-512.
606
* @GNUTLS_SIGN_ECDSA_SHA224: Digital signature algorithm ECDSA with SHA-224.
608
* Enumeration of different digital signature algorithms.
609
612
GNUTLS_SIGN_UNKNOWN = 0,
627
630
GNUTLS_SIGN_ECDSA_SHA512 = 16,
628
631
} gnutls_sign_algorithm_t;
631
* gnutls_ecc_curve_t:
632
* @GNUTLS_ECC_CURVE_INVALID: Cannot be known
633
* @GNUTLS_ECC_CURVE_SECP224R1: the SECP224R1 curve
634
* @GNUTLS_ECC_CURVE_SECP256R1: the SECP256R1 curve
635
* @GNUTLS_ECC_CURVE_SECP384R1: the SECP384R1 curve
636
* @GNUTLS_ECC_CURVE_SECP521R1: the SECP521R1 curve
638
* Enumeration of ECC curves.
634
* gnutls_ecc_curve_t:
635
* @GNUTLS_ECC_CURVE_INVALID: Cannot be known
636
* @GNUTLS_ECC_CURVE_SECP224R1: the SECP224R1 curve
637
* @GNUTLS_ECC_CURVE_SECP256R1: the SECP256R1 curve
638
* @GNUTLS_ECC_CURVE_SECP384R1: the SECP384R1 curve
639
* @GNUTLS_ECC_CURVE_SECP521R1: the SECP521R1 curve
641
* Enumeration of ECC curves.
642
645
GNUTLS_ECC_CURVE_INVALID=0,
646
649
GNUTLS_ECC_CURVE_SECP521R1,
647
650
} gnutls_ecc_curve_t;
650
* gnutls_sec_param_t:
651
* @GNUTLS_SEC_PARAM_UNKNOWN: Cannot be known
652
* @GNUTLS_SEC_PARAM_WEAK: 50 or less bits of security
653
* @GNUTLS_SEC_PARAM_LOW: 80 bits of security
654
* @GNUTLS_SEC_PARAM_NORMAL: 112 bits of security
655
* @GNUTLS_SEC_PARAM_HIGH: 128 bits of security
656
* @GNUTLS_SEC_PARAM_ULTRA: 192 bits of security
658
* Enumeration of security parameters for passive attacks
653
* gnutls_sec_param_t:
654
* @GNUTLS_SEC_PARAM_UNKNOWN: Cannot be known
655
* @GNUTLS_SEC_PARAM_WEAK: 50 or less bits of security
656
* @GNUTLS_SEC_PARAM_LOW: 80 bits of security
657
* @GNUTLS_SEC_PARAM_NORMAL: 112 bits of security
658
* @GNUTLS_SEC_PARAM_HIGH: 128 bits of security
659
* @GNUTLS_SEC_PARAM_ULTRA: 192 bits of security
661
* Enumeration of security parameters for passive attacks
662
665
GNUTLS_SEC_PARAM_UNKNOWN,
1212
1210
int gnutls_dh_params_cpy (gnutls_dh_params_t dst, gnutls_dh_params_t src);
1217
int gnutls_rsa_params_init (gnutls_rsa_params_t * rsa_params);
1218
void gnutls_rsa_params_deinit (gnutls_rsa_params_t rsa_params);
1219
int gnutls_rsa_params_cpy (gnutls_rsa_params_t dst,
1220
gnutls_rsa_params_t src);
1221
int gnutls_rsa_params_import_raw (gnutls_rsa_params_t rsa_params,
1222
const gnutls_datum_t * m,
1223
const gnutls_datum_t * e,
1224
const gnutls_datum_t * d,
1225
const gnutls_datum_t * p,
1226
const gnutls_datum_t * q,
1227
const gnutls_datum_t * u);
1228
int gnutls_rsa_params_generate2 (gnutls_rsa_params_t params,
1230
int gnutls_rsa_params_export_raw (gnutls_rsa_params_t rsa,
1231
gnutls_datum_t * m, gnutls_datum_t * e,
1232
gnutls_datum_t * d, gnutls_datum_t * p,
1233
gnutls_datum_t * q, gnutls_datum_t * u,
1234
unsigned int *bits);
1235
int gnutls_rsa_params_export_pkcs1 (gnutls_rsa_params_t params,
1236
gnutls_x509_crt_fmt_t format,
1237
unsigned char *params_data,
1238
size_t * params_data_size);
1239
int gnutls_rsa_params_import_pkcs1 (gnutls_rsa_params_t params,
1240
const gnutls_datum_t * pkcs1_params,
1241
gnutls_x509_crt_fmt_t format);
1243
1214
/* Session stuff
1457
1428
gnutls_params_function * func);
1460
* gnutls_x509_subject_alt_name_t:
1461
* @GNUTLS_SAN_DNSNAME: DNS-name SAN.
1462
* @GNUTLS_SAN_RFC822NAME: E-mail address SAN.
1463
* @GNUTLS_SAN_URI: URI SAN.
1464
* @GNUTLS_SAN_IPADDRESS: IP address SAN.
1465
* @GNUTLS_SAN_OTHERNAME: OtherName SAN.
1466
* @GNUTLS_SAN_DN: DN SAN.
1467
* @GNUTLS_SAN_OTHERNAME_XMPP: Virtual SAN, used by
1468
* gnutls_x509_crt_get_subject_alt_othername_oid().
1470
* Enumeration of different subject alternative names types.
1431
* gnutls_x509_subject_alt_name_t:
1432
* @GNUTLS_SAN_DNSNAME: DNS-name SAN.
1433
* @GNUTLS_SAN_RFC822NAME: E-mail address SAN.
1434
* @GNUTLS_SAN_URI: URI SAN.
1435
* @GNUTLS_SAN_IPADDRESS: IP address SAN.
1436
* @GNUTLS_SAN_OTHERNAME: OtherName SAN.
1437
* @GNUTLS_SAN_DN: DN SAN.
1438
* @GNUTLS_SAN_OTHERNAME_XMPP: Virtual SAN, used by
1439
* gnutls_x509_crt_get_subject_alt_othername_oid().
1441
* Enumeration of different subject alternative names types.
1472
1443
typedef enum gnutls_x509_subject_alt_name_t
1474
1445
GNUTLS_SAN_DNSNAME = 1,
1492
1463
struct gnutls_pkcs11_privkey_st;
1493
1464
typedef struct gnutls_pkcs11_privkey_st *gnutls_pkcs11_privkey_t;
1496
* gnutls_privkey_type_t:
1497
* @GNUTLS_PRIVKEY_X509: X.509 private key, #gnutls_x509_privkey_t.
1498
* @GNUTLS_PRIVKEY_OPENPGP: OpenPGP private key, #gnutls_openpgp_privkey_t.
1499
* @GNUTLS_PRIVKEY_PKCS11: PKCS11 private key, #gnutls_pkcs11_privkey_t.
1501
* Enumeration of different private key types.
1467
* gnutls_privkey_type_t:
1468
* @GNUTLS_PRIVKEY_X509: X.509 private key, #gnutls_x509_privkey_t.
1469
* @GNUTLS_PRIVKEY_OPENPGP: OpenPGP private key, #gnutls_openpgp_privkey_t.
1470
* @GNUTLS_PRIVKEY_PKCS11: PKCS11 private key, #gnutls_pkcs11_privkey_t.
1472
* Enumeration of different private key types.
1505
1476
GNUTLS_PRIVKEY_X509,