6 #include <gnutls/gnutls.h>
22 // These are non-implemented.
23 noncopyable (const noncopyable &);
24 noncopyable & operator= (const noncopyable &);
28 class exception:public std::exception
32 const char *what () const throw ();
39 class dh_params:private noncopyable
44 void import_raw (const gnutls_datum_t & prime,
45 const gnutls_datum_t & generator);
46 void import_pkcs3 (const gnutls_datum_t & pkcs3_params,
47 gnutls_x509_crt_fmt_t format);
48 void generate (unsigned int bits);
50 void export_pkcs3 (gnutls_x509_crt_fmt_t format,
51 unsigned char *params_data, size_t * params_data_size);
52 void export_raw (gnutls_datum_t & prime, gnutls_datum_t & generator);
54 gnutls_dh_params_t get_params_t () const;
55 dh_params & operator= (const dh_params & src);
57 gnutls_dh_params_t params;
61 class rsa_params:private noncopyable
66 void import_raw (const gnutls_datum_t & m,
67 const gnutls_datum_t & e,
68 const gnutls_datum_t & d,
69 const gnutls_datum_t & p,
70 const gnutls_datum_t & q, const gnutls_datum_t & u);
71 void import_pkcs1 (const gnutls_datum_t & pkcs1_params,
72 gnutls_x509_crt_fmt_t format);
73 void generate (unsigned int bits);
75 void export_pkcs1 (gnutls_x509_crt_fmt_t format,
76 unsigned char *params_data, size_t * params_data_size);
77 void export_raw (gnutls_datum_t & m, gnutls_datum_t & e,
78 gnutls_datum_t & d, gnutls_datum_t & p,
79 gnutls_datum_t & q, gnutls_datum_t & u);
80 gnutls_rsa_params_t get_params_t () const;
81 rsa_params & operator= (const rsa_params & src);
84 gnutls_rsa_params_t params;
87 class session:private noncopyable
92 session (gnutls_connection_end_t);
95 int bye (gnutls_close_request_t how);
98 gnutls_alert_description_t get_alert () const;
100 int send_alert (gnutls_alert_level_t level,
101 gnutls_alert_description_t desc);
102 int send_appropriate_alert (int err);
104 gnutls_cipher_algorithm_t get_cipher () const;
105 gnutls_kx_algorithm_t get_kx () const;
106 gnutls_mac_algorithm_t get_mac () const;
107 gnutls_compression_method_t get_compression () const;
108 gnutls_certificate_type_t get_certificate_type () const;
111 void set_private_extensions (bool allow);
113 gnutls_handshake_description_t get_handshake_last_out () const;
114 gnutls_handshake_description_t get_handshake_last_in () const;
116 ssize_t send (const void *data, size_t sizeofdata);
117 ssize_t recv (void *data, size_t sizeofdata);
119 bool get_record_direction () const;
121 // maximum packet size
122 size_t get_max_size () const;
123 void set_max_size (size_t size);
125 size_t check_pending () const;
127 void prf (size_t label_size, const char *label,
128 int server_random_first,
129 size_t extra_size, const char *extra,
130 size_t outsize, char *out);
132 void prf_raw (size_t label_size, const char *label,
133 size_t seed_size, const char *seed,
134 size_t outsize, char *out);
136 void set_cipher_priority (const int *list);
137 void set_mac_priority (const int *list);
138 void set_compression_priority (const int *list);
139 void set_kx_priority (const int *list);
140 void set_protocol_priority (const int *list);
141 void set_certificate_type_priority (const int *list);
143 /* if you just want some defaults, use the following.
145 void set_priority (const char *prio, const char **err_pos);
146 void set_priority (gnutls_priority_t p);
148 gnutls_protocol_t get_protocol_version () const;
150 // for resuming sessions
151 void set_data (const void *session_data, size_t session_data_size);
152 void get_data (void *session_data, size_t * session_data_size) const;
153 void get_data (gnutls_session_t session, gnutls_datum_t & data) const;
154 void get_id (void *session_id, size_t * session_id_size) const;
156 bool is_resumed () const;
158 void set_max_handshake_packet_length (size_t max);
160 void clear_credentials ();
161 void set_credentials (class credentials & cred);
163 void set_transport_ptr (gnutls_transport_ptr_t ptr);
164 void set_transport_ptr (gnutls_transport_ptr_t recv_ptr,
165 gnutls_transport_ptr_t send_ptr);
166 gnutls_transport_ptr_t get_transport_ptr () const;
167 void get_transport_ptr (gnutls_transport_ptr_t & recv_ptr,
168 gnutls_transport_ptr_t & send_ptr) const;
170 void set_transport_lowat (size_t num);
171 void set_transport_push_function (gnutls_push_func push_func);
172 void set_transport_pull_function (gnutls_pull_func pull_func);
174 void set_user_ptr (void *ptr);
175 void *get_user_ptr () const;
177 void send_openpgp_cert (gnutls_openpgp_crt_status_t status);
179 gnutls_credentials_type_t get_auth_type () const;
180 gnutls_credentials_type_t get_server_auth_type () const;
181 gnutls_credentials_type_t get_client_auth_type () const;
183 // informational stuff
184 void set_dh_prime_bits (unsigned int bits);
185 unsigned int get_dh_secret_bits () const;
186 unsigned int get_dh_peers_public_bits () const;
187 unsigned int get_dh_prime_bits () const;
188 void get_dh_group (gnutls_datum_t & gen, gnutls_datum_t & prime) const;
189 void get_dh_pubkey (gnutls_datum_t & raw_key) const;
190 void get_rsa_export_pubkey (gnutls_datum_t & exponent,
191 gnutls_datum_t & modulus) const;
192 unsigned int get_rsa_export_modulus_bits () const;
194 void get_our_certificate (gnutls_datum_t & cert) const;
195 bool get_peers_certificate (std::vector < gnutls_datum_t >
197 bool get_peers_certificate (const gnutls_datum_t ** certs,
198 unsigned int *certs_size) const;
200 time_t get_peers_certificate_activation_time () const;
201 time_t get_peers_certificate_expiration_time () const;
202 void verify_peers_certificate (unsigned int &status) const;
206 // interface for databases
207 class DB:private noncopyable
211 virtual bool store (const gnutls_datum_t & key,
212 const gnutls_datum_t & data) = 0;
213 virtual bool retrieve (const gnutls_datum_t & key,
214 gnutls_datum_t & data) = 0;
215 virtual bool remove (const gnutls_datum_t & key) = 0;
218 class server_session:public session
223 void db_remove () const;
225 void set_db_cache_expiration (unsigned int seconds);
226 void set_db (const DB & db);
228 // returns true if session is expired
229 bool db_check_entry (gnutls_datum_t & session_data) const;
232 const char *get_srp_username () const;
233 const char *get_psk_username () const;
235 void get_server_name (void *data, size_t * data_length,
236 unsigned int *type, unsigned int indx) const;
239 void set_certificate_request (gnutls_certificate_request_t);
242 class client_session:public session
248 void set_server_name (gnutls_server_name_type_t type,
249 const void *name, size_t name_length);
251 bool get_request_status ();
255 class credentials:private noncopyable
258 virtual ~ credentials ()
261 gnutls_credentials_type_t get_type () const;
263 friend class session;
264 credentials (gnutls_credentials_type_t t);
266 void set_ptr (void *ptr);
267 gnutls_credentials_type_t type;
272 class certificate_credentials:public credentials
275 ~certificate_credentials ();
276 certificate_credentials ();
280 void free_ca_names ();
283 void set_dh_params (const dh_params & params);
284 void set_rsa_export_params (const rsa_params & params);
285 void set_verify_flags (unsigned int flags);
286 void set_verify_limits (unsigned int max_bits, unsigned int max_depth);
288 void set_x509_trust_file (const char *cafile, gnutls_x509_crt_fmt_t type);
289 void set_x509_trust (const gnutls_datum_t & CA,
290 gnutls_x509_crt_fmt_t type);
291 // FIXME: use classes instead of gnutls_x509_crt_t
292 void set_x509_trust (gnutls_x509_crt_t * ca_list, int ca_list_size);
294 void set_x509_crl_file (const char *crlfile, gnutls_x509_crt_fmt_t type);
295 void set_x509_crl (const gnutls_datum_t & CRL,
296 gnutls_x509_crt_fmt_t type);
297 void set_x509_crl (gnutls_x509_crl_t * crl_list, int crl_list_size);
299 void set_x509_key_file (const char *certfile, const char *KEYFILE,
300 gnutls_x509_crt_fmt_t type);
301 void set_x509_key (const gnutls_datum_t & CERT,
302 const gnutls_datum_t & KEY,
303 gnutls_x509_crt_fmt_t type);
304 // FIXME: use classes
305 void set_x509_key (gnutls_x509_crt_t * cert_list, int cert_list_size,
306 gnutls_x509_privkey_t key);
309 void set_simple_pkcs12_file (const char *pkcs12file,
310 gnutls_x509_crt_fmt_t type,
311 const char *password);
313 void set_retrieve_function (gnutls_certificate_retrieve_function * func);
316 gnutls_certificate_credentials_t cred;
319 class certificate_server_credentials:public certificate_credentials
322 void set_params_function (gnutls_params_function * func);
325 class certificate_client_credentials:public certificate_credentials
333 class anon_server_credentials:public credentials
336 anon_server_credentials ();
337 ~anon_server_credentials ();
338 void set_dh_params (const dh_params & params);
339 void set_params_function (gnutls_params_function * func);
341 gnutls_anon_server_credentials_t cred;
344 class anon_client_credentials:public credentials
347 anon_client_credentials ();
348 ~anon_client_credentials ();
350 gnutls_anon_client_credentials_t cred;
354 class srp_server_credentials:public credentials
357 srp_server_credentials ();
358 ~srp_server_credentials ();
359 void set_credentials_file (const char *password_file,
360 const char *password_conf_file);
361 void set_credentials_function (gnutls_srp_server_credentials_function *
364 gnutls_srp_server_credentials_t cred;
367 class srp_client_credentials:public credentials
370 srp_client_credentials ();
371 ~srp_client_credentials ();
372 void set_credentials (const char *username, const char *password);
373 void set_credentials_function (gnutls_srp_client_credentials_function *
376 gnutls_srp_client_credentials_t cred;
380 class psk_server_credentials:public credentials
383 psk_server_credentials ();
384 ~psk_server_credentials ();
385 void set_credentials_file (const char *password_file);
386 void set_credentials_function (gnutls_psk_server_credentials_function *
388 void set_dh_params (const dh_params & params);
389 void set_params_function (gnutls_params_function * func);
391 gnutls_psk_server_credentials_t cred;
394 class psk_client_credentials:public credentials
397 psk_client_credentials ();
398 ~psk_client_credentials ();
399 void set_credentials (const char *username, const gnutls_datum_t & key,
400 gnutls_psk_key_flags flags);
401 void set_credentials_function (gnutls_psk_client_credentials_function *
404 gnutls_psk_client_credentials_t cred;
410 #endif /* GNUTLSXX_H */