2 * Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free
3 * Software Foundation, Inc.
5 * Author: Nikos Mavrogiannopoulos
7 * This file is part of GnuTLS.
9 * The GnuTLS is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU Lesser General Public License
11 * as published by the Free Software Foundation; either version 2.1 of
12 * the License, or (at your option) any later version.
14 * This library is distributed in the hope that it will be useful, but
15 * WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 * Lesser General Public License for more details.
19 * You should have received a copy of the GNU Lesser General Public
20 * License along with this library; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
26 /* This file contains the types and prototypes for the OpenPGP
27 * key and private key parsing functions.
30 #ifndef GNUTLS_OPENPGP_H
31 #define GNUTLS_OPENPGP_H
33 #include <gnutls/gnutls.h>
40 /* Openpgp certificate stuff
44 * gnutls_openpgp_crt_fmt_t:
45 * @GNUTLS_OPENPGP_FMT_RAW: OpenPGP certificate in raw format.
46 * @GNUTLS_OPENPGP_FMT_BASE64: OpenPGP certificate in base64 format.
48 * Enumeration of different OpenPGP key formats.
50 typedef enum gnutls_openpgp_crt_fmt
52 GNUTLS_OPENPGP_FMT_RAW,
53 GNUTLS_OPENPGP_FMT_BASE64
54 } gnutls_openpgp_crt_fmt_t;
56 #define GNUTLS_OPENPGP_KEYID_SIZE 8
57 typedef unsigned char gnutls_openpgp_keyid_t[GNUTLS_OPENPGP_KEYID_SIZE];
59 /* gnutls_openpgp_cert_t should be defined in gnutls.h
62 /* initializes the memory for gnutls_openpgp_crt_t struct */
63 int gnutls_openpgp_crt_init (gnutls_openpgp_crt_t * key);
64 /* frees all memory */
65 void gnutls_openpgp_crt_deinit (gnutls_openpgp_crt_t key);
67 int gnutls_openpgp_crt_import (gnutls_openpgp_crt_t key,
68 const gnutls_datum_t * data,
69 gnutls_openpgp_crt_fmt_t format);
70 int gnutls_openpgp_crt_export (gnutls_openpgp_crt_t key,
71 gnutls_openpgp_crt_fmt_t format,
73 size_t * output_data_size);
75 int gnutls_openpgp_crt_print (gnutls_openpgp_crt_t cert,
76 gnutls_certificate_print_formats_t format,
77 gnutls_datum_t * out);
79 /* The key_usage flags are defined in gnutls.h. They are
80 * the GNUTLS_KEY_* definitions.
82 int gnutls_openpgp_crt_get_key_usage (gnutls_openpgp_crt_t key,
83 unsigned int *key_usage);
84 int gnutls_openpgp_crt_get_fingerprint (gnutls_openpgp_crt_t key, void *fpr,
86 int gnutls_openpgp_crt_get_subkey_fingerprint (gnutls_openpgp_crt_t key,
88 void *fpr, size_t * fprlen);
90 int gnutls_openpgp_crt_get_name (gnutls_openpgp_crt_t key,
91 int idx, char *buf, size_t * sizeof_buf);
94 gnutls_openpgp_crt_get_pk_algorithm (gnutls_openpgp_crt_t key,
97 int gnutls_openpgp_crt_get_version (gnutls_openpgp_crt_t key);
99 time_t gnutls_openpgp_crt_get_creation_time (gnutls_openpgp_crt_t key);
100 time_t gnutls_openpgp_crt_get_expiration_time (gnutls_openpgp_crt_t key);
102 int gnutls_openpgp_crt_get_key_id (gnutls_openpgp_crt_t key,
103 gnutls_openpgp_keyid_t keyid);
105 int gnutls_openpgp_crt_check_hostname (gnutls_openpgp_crt_t key,
106 const char *hostname);
108 int gnutls_openpgp_crt_get_revoked_status (gnutls_openpgp_crt_t key);
110 int gnutls_openpgp_crt_get_subkey_count (gnutls_openpgp_crt_t key);
111 int gnutls_openpgp_crt_get_subkey_idx (gnutls_openpgp_crt_t key,
112 const gnutls_openpgp_keyid_t keyid);
113 int gnutls_openpgp_crt_get_subkey_revoked_status (gnutls_openpgp_crt_t key,
115 gnutls_pk_algorithm_t
116 gnutls_openpgp_crt_get_subkey_pk_algorithm (gnutls_openpgp_crt_t key,
119 time_t gnutls_openpgp_crt_get_subkey_creation_time (gnutls_openpgp_crt_t
120 key, unsigned int idx);
121 time_t gnutls_openpgp_crt_get_subkey_expiration_time (gnutls_openpgp_crt_t
124 int gnutls_openpgp_crt_get_subkey_id (gnutls_openpgp_crt_t key,
126 gnutls_openpgp_keyid_t keyid);
127 int gnutls_openpgp_crt_get_subkey_usage (gnutls_openpgp_crt_t key,
129 unsigned int *key_usage);
131 int gnutls_openpgp_crt_get_subkey_pk_dsa_raw (gnutls_openpgp_crt_t crt,
137 int gnutls_openpgp_crt_get_subkey_pk_rsa_raw (gnutls_openpgp_crt_t crt,
141 int gnutls_openpgp_crt_get_pk_dsa_raw (gnutls_openpgp_crt_t crt,
146 int gnutls_openpgp_crt_get_pk_rsa_raw (gnutls_openpgp_crt_t crt,
150 int gnutls_openpgp_crt_get_preferred_key_id (gnutls_openpgp_crt_t key,
151 gnutls_openpgp_keyid_t keyid);
153 gnutls_openpgp_crt_set_preferred_key_id (gnutls_openpgp_crt_t key,
154 const gnutls_openpgp_keyid_t
159 int gnutls_openpgp_privkey_init (gnutls_openpgp_privkey_t * key);
160 void gnutls_openpgp_privkey_deinit (gnutls_openpgp_privkey_t key);
161 gnutls_pk_algorithm_t
162 gnutls_openpgp_privkey_get_pk_algorithm (gnutls_openpgp_privkey_t key,
166 gnutls_openpgp_privkey_sec_param (gnutls_openpgp_privkey_t key);
167 int gnutls_openpgp_privkey_import (gnutls_openpgp_privkey_t key,
168 const gnutls_datum_t * data,
169 gnutls_openpgp_crt_fmt_t format,
170 const char *password,
173 int gnutls_openpgp_privkey_get_fingerprint (gnutls_openpgp_privkey_t key,
174 void *fpr, size_t * fprlen);
175 int gnutls_openpgp_privkey_get_subkey_fingerprint (gnutls_openpgp_privkey_t
176 key, unsigned int idx,
179 int gnutls_openpgp_privkey_get_key_id (gnutls_openpgp_privkey_t key,
180 gnutls_openpgp_keyid_t keyid);
181 int gnutls_openpgp_privkey_get_subkey_count (gnutls_openpgp_privkey_t key);
182 int gnutls_openpgp_privkey_get_subkey_idx (gnutls_openpgp_privkey_t key,
183 const gnutls_openpgp_keyid_t
187 gnutls_openpgp_privkey_get_subkey_revoked_status (gnutls_openpgp_privkey_t
188 key, unsigned int idx);
190 int gnutls_openpgp_privkey_get_revoked_status (gnutls_openpgp_privkey_t
193 gnutls_pk_algorithm_t
194 gnutls_openpgp_privkey_get_subkey_pk_algorithm (gnutls_openpgp_privkey_t
195 key, unsigned int idx,
199 gnutls_openpgp_privkey_get_subkey_expiration_time
200 (gnutls_openpgp_privkey_t key, unsigned int idx);
202 int gnutls_openpgp_privkey_get_subkey_id (gnutls_openpgp_privkey_t key,
204 gnutls_openpgp_keyid_t keyid);
207 gnutls_openpgp_privkey_get_subkey_creation_time (gnutls_openpgp_privkey_t
208 key, unsigned int idx);
211 gnutls_openpgp_privkey_export_subkey_dsa_raw (gnutls_openpgp_privkey_t
212 pkey, unsigned int idx,
218 int gnutls_openpgp_privkey_export_subkey_rsa_raw (gnutls_openpgp_privkey_t
219 pkey, unsigned int idx,
227 int gnutls_openpgp_privkey_export_dsa_raw (gnutls_openpgp_privkey_t pkey,
233 int gnutls_openpgp_privkey_export_rsa_raw (gnutls_openpgp_privkey_t pkey,
241 int gnutls_openpgp_privkey_export (gnutls_openpgp_privkey_t key,
242 gnutls_openpgp_crt_fmt_t format,
243 const char *password,
246 size_t * output_data_size);
249 gnutls_openpgp_privkey_set_preferred_key_id (gnutls_openpgp_privkey_t key,
250 const gnutls_openpgp_keyid_t
252 int gnutls_openpgp_privkey_get_preferred_key_id (gnutls_openpgp_privkey_t
254 gnutls_openpgp_keyid_t
257 int gnutls_openpgp_crt_get_auth_subkey (gnutls_openpgp_crt_t crt,
258 gnutls_openpgp_keyid_t keyid,
264 int gnutls_openpgp_keyring_init (gnutls_openpgp_keyring_t * keyring);
265 void gnutls_openpgp_keyring_deinit (gnutls_openpgp_keyring_t keyring);
267 int gnutls_openpgp_keyring_import (gnutls_openpgp_keyring_t keyring,
268 const gnutls_datum_t * data,
269 gnutls_openpgp_crt_fmt_t format);
271 int gnutls_openpgp_keyring_check_id (gnutls_openpgp_keyring_t ring,
272 const gnutls_openpgp_keyid_t keyid,
276 int gnutls_openpgp_crt_verify_ring (gnutls_openpgp_crt_t key,
277 gnutls_openpgp_keyring_t keyring,
278 unsigned int flags, unsigned int *verify
279 /* the output of the verification */ );
281 int gnutls_openpgp_crt_verify_self (gnutls_openpgp_crt_t key,
283 unsigned int *verify);
285 int gnutls_openpgp_keyring_get_crt (gnutls_openpgp_keyring_t ring,
287 gnutls_openpgp_crt_t * cert);
289 int gnutls_openpgp_keyring_get_crt_count (gnutls_openpgp_keyring_t ring);
294 * gnutls_openpgp_recv_key_func:
295 * @session: a TLS session
296 * @keyfpr: key fingerprint
297 * @keyfpr_length: length of key fingerprint
300 * A callback of this type is used to retrieve OpenPGP keys. Only
301 * useful on the server, and will only be used if the peer send a key
302 * fingerprint instead of a full key. See also
303 * gnutls_openpgp_set_recv_key_function().
305 * Returns: On success, %GNUTLS_E_SUCCESS (zero) is returned,
306 * otherwise an error code is returned.
308 typedef int (*gnutls_openpgp_recv_key_func) (gnutls_session_t session,
309 const unsigned char *keyfpr,
310 unsigned int keyfpr_length,
311 gnutls_datum_t * key);
314 gnutls_openpgp_set_recv_key_function (gnutls_session_t session,
315 gnutls_openpgp_recv_key_func func);
319 /* certificate authentication stuff.
321 int gnutls_certificate_set_openpgp_key (gnutls_certificate_credentials_t
322 res, gnutls_openpgp_crt_t key,
323 gnutls_openpgp_privkey_t pkey);
326 gnutls_certificate_set_openpgp_key_file (gnutls_certificate_credentials_t
327 res, const char *certfile,
329 gnutls_openpgp_crt_fmt_t format);
330 int gnutls_certificate_set_openpgp_key_mem (gnutls_certificate_credentials_t
332 const gnutls_datum_t * cert,
333 const gnutls_datum_t * key,
334 gnutls_openpgp_crt_fmt_t
338 gnutls_certificate_set_openpgp_key_file2 (gnutls_certificate_credentials_t
339 res, const char *certfile,
341 const char *subkey_id,
342 gnutls_openpgp_crt_fmt_t
345 gnutls_certificate_set_openpgp_key_mem2 (gnutls_certificate_credentials_t
346 res, const gnutls_datum_t * cert,
347 const gnutls_datum_t * key,
348 const char *subkey_id,
349 gnutls_openpgp_crt_fmt_t format);
352 gnutls_certificate_set_openpgp_keyring_mem
353 (gnutls_certificate_credentials_t c, const unsigned char *data,
354 size_t dlen, gnutls_openpgp_crt_fmt_t format);
357 gnutls_certificate_set_openpgp_keyring_file
358 (gnutls_certificate_credentials_t c, const char *file,
359 gnutls_openpgp_crt_fmt_t format);
365 #endif /* GNUTLS_OPENPGP_H */