1 ;;; GnuTLS --- Guile bindings for GnuTLS.
2 ;;; Copyright (C) 2007, 2010 Free Software Foundation, Inc.
4 ;;; GnuTLS is free software; you can redistribute it and/or
5 ;;; modify it under the terms of the GNU Lesser General Public
6 ;;; License as published by the Free Software Foundation; either
7 ;;; version 2.1 of the License, or (at your option) any later version.
9 ;;; GnuTLS is distributed in the hope that it will be useful,
10 ;;; but WITHOUT ANY WARRANTY; without even the implied warranty of
11 ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 ;;; Lesser General Public License for more details.
14 ;;; You should have received a copy of the GNU Lesser General Public
15 ;;; License along with GnuTLS; if not, write to the Free Software
16 ;;; Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
18 ;;; Written by Ludovic Courtès <ludo@chbouib.org>
20 (define-module (gnutls)
21 ;; Note: The export list must be manually kept in sync with the build
23 :export (;; versioning
28 make-session bye handshake rehandshake
30 session-cipher session-kx session-mac session-protocol
31 session-compression-method session-certificate-type
32 session-authentication-type session-server-authentication-type
33 session-client-authentication-type
34 session-peer-certificate-chain session-our-certificate-chain
35 set-session-transport-fd! set-session-transport-port!
36 set-session-credentials! set-server-session-certificate-request!
38 ;; anonymous credentials
39 anonymous-client-credentials? anonymous-server-credentials?
40 make-anonymous-client-credentials make-anonymous-server-credentials
41 set-anonymous-server-dh-parameters!
43 ;; certificate credentials
44 certificate-credentials? make-certificate-credentials
45 set-certificate-credentials-dh-parameters!
46 set-certificate-credentials-rsa-export-parameters!
47 set-certificate-credentials-x509-key-files!
48 set-certificate-credentials-x509-trust-file!
49 set-certificate-credentials-x509-crl-file!
50 set-certificate-credentials-x509-key-data!
51 set-certificate-credentials-x509-trust-data!
52 set-certificate-credentials-x509-crl-data!
53 set-certificate-credentials-x509-keys!
54 set-certificate-credentials-verify-limits!
55 set-certificate-credentials-verify-flags!
56 peer-certificate-status
59 srp-client-credentials? srp-server-credentials?
60 make-srp-client-credentials make-srp-server-credentials
61 set-srp-client-credentials!
62 set-srp-server-credentials-files!
63 server-session-srp-username
64 srp-base64-encode srp-base64-decode
67 psk-client-credentials? psk-server-credentials?
68 make-psk-client-credentials make-psk-server-credentials
69 set-psk-client-credentials!
70 set-psk-server-credentials-file!
71 server-session-psk-username
74 set-session-cipher-priority! set-session-mac-priority!
75 set-session-compression-method-priority!
76 set-session-kx-priority! set-session-protocol-priority!
77 set-session-certificate-type-priority!
78 set-session-default-priority! set-session-default-export-priority!
81 set-session-dh-prime-bits!
82 make-dh-parameters dh-parameters?
83 pkcs3-import-dh-parameters pkcs3-export-dh-parameters
86 make-rsa-parameters rsa-parameters?
87 pkcs1-import-rsa-parameters pkcs1-export-rsa-parameters
90 x509-certificate? x509-private-key?
91 import-x509-certificate x509-certificate-matches-hostname?
92 x509-certificate-dn x509-certificate-dn-oid
93 x509-certificate-issuer-dn x509-certificate-issuer-dn-oid
94 x509-certificate-signature-algorithm x509-certificate-version
95 x509-certificate-key-id x509-certificate-authority-key-id
96 x509-certificate-subject-key-id
97 x509-certificate-subject-alternative-name
98 x509-certificate-public-key-algorithm x509-certificate-key-usage
99 import-x509-private-key pkcs8-import-x509-private-key
102 record-send record-receive!
106 set-log-procedure! set-log-level!
108 ;; enum->string functions
109 cipher->string kx->string params->string credentials->string
110 mac->string digest->string compression-method->string
111 connection-end->string alert-level->string
112 alert-description->string handshake-description->string
113 certificate-status->string certificate-request->string
114 close-request->string
115 protocol->string certificate-type->string
116 x509-certificate-format->string
117 x509-subject-alternative-name->string pk-algorithm->string
118 sign-algorithm->string psk-key-format->string key-usage->string
119 certificate-verify->string error->string
124 cipher/arcfour cipher/arcfour-128
126 cipher/aes-128-cbc cipher/rijndael-cbc cipher/rijndael-128-cbc
127 cipher/aes-256-cbc cipher/rijndael-256-cbc
143 credentials/certificate
145 credentials/anonymous
160 compression-method/null
161 compression-method/deflate
162 compression-method/lzo
163 connection-end/server
164 connection-end/client
167 alert-description/close-notify
168 alert-description/unexpected-message
169 alert-description/bad-record-mac
170 alert-description/decryption-failed
171 alert-description/record-overflow
172 alert-description/decompression-failure
173 alert-description/handshake-failure
174 alert-description/ssl3-no-certificate
175 alert-description/bad-certificate
176 alert-description/unsupported-certificate
177 alert-description/certificate-revoked
178 alert-description/certificate-expired
179 alert-description/certificate-unknown
180 alert-description/illegal-parameter
181 alert-description/unknown-ca
182 alert-description/access-denied
183 alert-description/decode-error
184 alert-description/decrypt-error
185 alert-description/export-restriction
186 alert-description/protocol-version
187 alert-description/insufficient-security
188 alert-description/internal-error
189 alert-description/user-canceled
190 alert-description/no-renegotiation
191 alert-description/unsupported-extension
192 alert-description/certificate-unobtainable
193 alert-description/unrecognized-name
194 alert-description/unknown-psk-identity
195 alert-description/inner-application-failure
196 alert-description/inner-application-verification
197 handshake-description/hello-request
198 handshake-description/client-hello
199 handshake-description/server-hello
200 handshake-description/certificate-pkt
201 handshake-description/server-key-exchange
202 handshake-description/certificate-request
203 handshake-description/server-hello-done
204 handshake-description/certificate-verify
205 handshake-description/client-key-exchange
206 handshake-description/finished
207 certificate-status/invalid
208 certificate-status/revoked
209 certificate-status/signer-not-found
210 certificate-status/signer-not-ca
211 certificate-status/insecure-algorithm
212 certificate-request/ignore
213 certificate-request/request
214 certificate-request/require
220 protocol/version-unknown
221 certificate-type/x509
222 certificate-type/openpgp
223 x509-certificate-format/der
224 x509-certificate-format/pem
225 x509-subject-alternative-name/dnsname
226 x509-subject-alternative-name/rfc822name
227 x509-subject-alternative-name/uri
228 x509-subject-alternative-name/ipaddress
232 sign-algorithm/unknown
233 sign-algorithm/rsa-sha1
234 sign-algorithm/dsa-sha1
235 sign-algorithm/rsa-md5
236 sign-algorithm/rsa-md2
237 sign-algorithm/rsa-rmd160
240 key-usage/digital-signature
241 key-usage/non-repudiation
242 key-usage/key-encipherment
243 key-usage/data-encipherment
244 key-usage/key-agreement
245 key-usage/key-cert-sign
247 key-usage/encipher-only
248 key-usage/decipher-only
249 certificate-verify/disable-ca-sign
250 certificate-verify/allow-x509-v1-ca-crt
251 certificate-verify/allow-x509-v1-ca-certificate
252 certificate-verify/do-not-allow-same
253 certificate-verify/allow-any-x509-v1-ca-crt
254 certificate-verify/allow-any-x509-v1-ca-certificate
255 certificate-verify/allow-sign-rsa-md2
256 certificate-verify/allow-sign-rsa-md5
259 error/unknown-compression-algorithm
260 error/unknown-cipher-type
262 error/unsupported-version-packet
263 error/unexpected-packet-length
264 error/invalid-session
265 error/fatal-alert-received
266 error/unexpected-packet
267 error/warning-alert-received
268 error/error-in-finished-packet
269 error/unexpected-handshake-packet
270 error/unknown-cipher-suite
271 error/unwanted-algorithm
272 error/mpi-scan-failed
273 error/decryption-failed
275 error/decompression-failed
276 error/compression-failed
281 error/insufficient-credentials
282 error/insuficient-credentials
283 error/insufficient-cred
284 error/insuficient-cred
286 error/base64-decoding-error
287 error/mpi-print-failed
289 error/got-application-data
290 error/record-limit-reached
291 error/encryption-failed
292 error/pk-encryption-failed
293 error/pk-decryption-failed
295 error/x509-unsupported-critical-extension
296 error/key-usage-violation
297 error/no-certificate-found
298 error/invalid-request
299 error/short-memory-buffer
303 error/received-illegal-parameter
304 error/requested-data-not-available
305 error/pkcs1-wrong-pad
306 error/received-illegal-extension
308 error/dh-prime-unacceptable
310 error/too-many-empty-packets
311 error/unknown-pk-algorithm
313 error/library-version-mismatch
314 error/no-temporary-rsa-params
315 error/lzo-init-failed
316 error/no-compression-algorithms
317 error/no-cipher-suites
318 error/openpgp-getkey-failed
319 error/pk-sig-verify-failed
320 error/illegal-srp-username
321 error/srp-pwd-parsing-error
322 error/no-temporary-dh-params
323 error/asn1-element-not-found
324 error/asn1-identifier-not-found
326 error/asn1-value-not-found
327 error/asn1-generic-error
328 error/asn1-value-not-valid
330 error/asn1-tag-implicit
331 error/asn1-type-any-error
332 error/asn1-syntax-error
333 error/asn1-der-overflow
334 error/openpgp-uid-revoked
335 error/certificate-error
336 error/x509-certificate-error
337 error/certificate-key-mismatch
338 error/unsupported-certificate-type
339 error/x509-unknown-san
340 error/openpgp-fingerprint-unsupported
341 error/x509-unsupported-attribute
342 error/unknown-algorithm
343 error/unknown-hash-algorithm
344 error/unknown-pkcs-content-type
345 error/unknown-pkcs-bag-type
346 error/invalid-password
347 error/mac-verify-failed
348 error/constraint-error
349 error/warning-ia-iphf-received
350 error/warning-ia-fphf-received
351 error/ia-verify-failed
352 error/base64-encoding-error
353 error/incompatible-gcrypt-library
354 error/incompatible-crypto-library
355 error/incompatible-libtasn1-library
356 error/openpgp-keyring-error
357 error/x509-unsupported-oid
359 error/unimplemented-feature))
361 (load-extension "libguile-gnutls-v-1" "scm_init_gnutls")
364 (define protocol/ssl-3 protocol/ssl3)
365 (define protocol/tls-1.0 protocol/tls1-0)
366 (define protocol/tls-1.1 protocol/tls1-1)
369 (define credentials/anonymous credentials/anon)
370 (define cipher/rijndael-256-cbc cipher/aes-256-cbc)
371 (define cipher/rijndael-128-cbc cipher/aes-128-cbc)
372 (define cipher/rijndael-cbc cipher/aes-128-cbc)
373 (define cipher/arcfour-128 cipher/arcfour)
374 (define certificate-verify/allow-any-x509-v1-ca-certificate
375 certificate-verify/allow-any-x509-v1-ca-crt)
376 (define certificate-verify/allow-x509-v1-ca-certificate
377 certificate-verify/allow-x509-v1-ca-crt)
384 ;;; arch-tag: 3394732c-d9fa-48dd-a093-9fba3a325b8b