#include <gnutls_int.h>
#include <gnutls_errors.h>
#include <auth_cert.h>
#include <gnutls_cert.h>
#include <gnutls_datum.h>
#include <gnutls_mpi.h>
#include <gnutls_global.h>
#include <gnutls_algorithms.h>
#include <gnutls_dh.h>
#include <gnutls_str.h>
#include <gnutls_state.h>
#include <gnutls_auth_int.h>
#include <gnutls_x509.h>
#include "x509.h"
#include "mpi.h"
Go to the source code of this file.
#define SMALL_DER 512 |
Referenced by MHD_gtls_x509_crt_to_gcert().
int MHD__gnutls_certificate_allocate_credentials | ( | MHD_gtls_cert_credentials_t * | res | ) |
MHD__gnutls_certificate_allocate_credentials - Used to allocate a MHD_gtls_cert_credentials_t structure : is a pointer to an MHD_gtls_cert_credentials_t structure.
This structure is complex enough to manipulate directly thus this helper function is provided in order to allocate it.
Returns: GNUTLS_E_SUCCESS on success, or an error code.
Definition at line 207 of file gnutls_cert.c.
References DEFAULT_VERIFY_BITS, DEFAULT_VERIFY_DEPTH, GNUTLS_E_MEMORY_ERROR, and MHD_gnutls_calloc.
Referenced by MHD_TLS_init().
void MHD__gnutls_certificate_free_ca_names | ( | MHD_gtls_cert_credentials_t | sc | ) |
MHD__gnutls_certificate_free_ca_names - Used to free all the CA names from a MHD_gtls_cert_credentials_t structure : is an MHD_gtls_cert_credentials_t structure.
This function will delete all the CA name in the given credentials. Clients may call this to save some memory since in client side the CA names are not used.
CA names are used by servers to advertize the CAs they support to clients.
Definition at line 127 of file gnutls_cert.c.
References MHD__gnutls_free_datum, and MHD_gtls_certificate_credentials_st::x509_rdn_sequence.
Referenced by MHD__gnutls_certificate_free_credentials().
void MHD__gnutls_certificate_free_cas | ( | MHD_gtls_cert_credentials_t | sc | ) |
MHD__gnutls_certificate_free_cas - Used to free all the CAs from a MHD_gtls_cert_credentials_t structure : is an MHD_gtls_cert_credentials_t structure.
This function will delete all the CAs associated with the given credentials. Servers that do not use MHD_gtls_certificate_verify_peers2() may call this to save some memory.
Definition at line 98 of file gnutls_cert.c.
References MHD_gnutls_free, MHD_gnutls_x509_crt_deinit(), MHD_gtls_certificate_credentials_st::x509_ca_list, and MHD_gtls_certificate_credentials_st::x509_ncas.
Referenced by MHD__gnutls_certificate_free_credentials().
void MHD__gnutls_certificate_free_credentials | ( | MHD_gtls_cert_credentials_t | sc | ) |
MHD__gnutls_certificate_free_credentials - Used to free an allocated MHD_gtls_cert_credentials_t structure : is an MHD_gtls_cert_credentials_t structure.
This structure is complex enough to manipulate directly thus this helper function is provided in order to free (deallocate) it.
This function does not free any temporary parameters associated with this structure (ie RSA and DH parameters are not freed by this function).
Definition at line 184 of file gnutls_cert.c.
References MHD_gtls_certificate_credentials_st::keyring, MHD__gnutls_certificate_free_ca_names(), MHD__gnutls_certificate_free_cas(), MHD__gnutls_certificate_free_keys(), MHD__gnutls_free_datum, and MHD_gnutls_free.
Referenced by MHD_stop_daemon().
void MHD__gnutls_certificate_free_keys | ( | MHD_gtls_cert_credentials_t | sc | ) |
MHD__gnutls_certificate_free_keys - Used to free all the keys from a MHD_gtls_cert_credentials_t structure : is an MHD_gtls_cert_credentials_t structure.
This function will delete all the keys and the certificates associated with the given credentials. This function must not be called when a TLS negotiation that uses the credentials is in progress.
Definition at line 56 of file gnutls_cert.c.
References MHD_gtls_certificate_credentials_st::cert_list, MHD_gtls_certificate_credentials_st::cert_list_length, MHD_gnutls_free, MHD_gtls_gcert_deinit(), MHD_gtls_gkey_deinit(), MHD_gtls_certificate_credentials_st::ncerts, and MHD_gtls_certificate_credentials_st::pkey.
Referenced by MHD__gnutls_certificate_free_credentials().
MHD_gtls_rsa_params_t MHD_gtls_certificate_get_rsa_params | ( | MHD_gtls_rsa_params_t | rsa_params, | |
MHD_gnutls_params_function * | func, | |||
MHD_gtls_session_t | session | |||
) |
Definition at line 142 of file gnutls_cert.c.
References MHD_gnutls_params_st::deinit, MHD_gtls_internal_params_st::free_rsa_params, GNUTLS_PARAMS_RSA_EXPORT, MHD_gtls_session_int::internals, MHD_gnutls_params_st::params, MHD_gtls_internals_st::params, MHD_gnutls_params_st::params::rsa_export, MHD_gtls_internal_params_st::rsa_params, and MHD_gnutls_params_st::type.
Referenced by check_server_params(), gen_rsa_export_server_kx(), and MHD__gnutls_get_private_rsa_params().
void MHD_gtls_gcert_deinit | ( | MHD_gnutls_cert * | cert | ) |
Definition at line 428 of file gnutls_cert.c.
References MHD__gnutls_free_datum, MHD_gtls_mpi_release(), MHD_gnutls_cert::params, MHD_gnutls_cert::params_size, and MHD_gnutls_cert::raw.
Referenced by alloc_and_load_x509_certs(), MHD__gnutls_certificate_free_keys(), MHD__gnutls_get_public_rsa_params(), MHD__gnutls_peers_cert_less_512(), MHD_gtls_proc_cert_client_cert_vrfy(), MHD_gtls_selected_certs_deinit(), proc_dhe_server_kx(), and proc_rsa_export_server_kx().
int MHD_gtls_raw_cert_to_gcert | ( | MHD_gnutls_cert * | gcert, | |
enum MHD_GNUTLS_CertificateType | type, | |||
const MHD_gnutls_datum_t * | raw_cert, | |||
int | flags | |||
) |
Definition at line 284 of file gnutls_cert.c.
References GNUTLS_E_INTERNAL_ERROR, MHD_gnutls_assert, MHD_GNUTLS_CRT_X509, and MHD_gtls_x509_raw_cert_to_gcert().
Referenced by MHD__gnutls_get_public_rsa_params(), MHD__gnutls_peers_cert_less_512(), MHD_gtls_proc_cert_client_cert_vrfy(), proc_dhe_server_kx(), and proc_rsa_export_server_kx().
int MHD_gtls_selected_cert_supported_kx | ( | MHD_gtls_session_t | session, | |
enum MHD_GNUTLS_KeyExchangeAlgorithm ** | alg, | |||
int * | alg_size | |||
) |
Definition at line 229 of file gnutls_cert.c.
References GNUTLS_E_INVALID_REQUEST, GNUTLS_E_MEMORY_ERROR, MHD_gtls_session_int::internals, MAX_ALGOS, MHD__gnutls_check_key_usage(), MHD_gnutls_assert, MHD_gnutls_calloc, MHD_gtls_map_pk_get_pk(), MHD_gtls_internals_st::selected_cert_list, MHD_gtls_internals_st::selected_cert_list_length, and MHD_gnutls_cert::subject_pk_algorithm.
Referenced by MHD_gtls_remove_unwanted_ciphersuites().
int MHD_gtls_x509_crt_to_gcert | ( | MHD_gnutls_cert * | gcert, | |
MHD_gnutls_x509_crt_t | cert, | |||
unsigned int | flags | |||
) |
Definition at line 340 of file gnutls_cert.c.
References CERT_NO_COPY, CERT_ONLY_EXTENSIONS, CERT_ONLY_PUBKEY, MHD_gnutls_cert::cert_type, MHD_gnutls_datum_t::data, GNUTLS_E_MEMORY_ERROR, GNUTLS_E_SHORT_MEMORY_BUFFER, GNUTLS_X509_FMT_DER, MHD_gnutls_cert::key_usage, MAX_PUBLIC_PARAMS_SIZE, MHD__gnutls_x509_crt_get_mpis(), MHD_gnutls_assert, MHD_GNUTLS_CRT_X509, MHD_gnutls_free, MHD_gnutls_malloc, MHD_gnutls_realloc, MHD_gnutls_x509_crt_export(), MHD_gnutls_x509_crt_get_key_usage(), MHD_gnutls_x509_crt_get_pk_algorithm(), MHD_gnutls_x509_crt_get_version(), MHD_gnutls_cert::params, MHD_gnutls_cert::params_size, MHD_gnutls_cert::raw, MHD_gnutls_datum_t::size, SMALL_DER, MHD_gnutls_cert::subject_pk_algorithm, and MHD_gnutls_cert::version.
Referenced by alloc_and_load_x509_certs(), MHD_gtls_x509_raw_cert_to_gcert(), and parse_crt_mem().
int MHD_gtls_x509_raw_cert_to_gcert | ( | MHD_gnutls_cert * | gcert, | |
const MHD_gnutls_datum_t * | derCert, | |||
int | flags | |||
) |
Definition at line 309 of file gnutls_cert.c.
References GNUTLS_X509_FMT_DER, MHD_gnutls_assert, MHD_gnutls_x509_crt_deinit(), MHD_gnutls_x509_crt_import(), MHD_gnutls_x509_crt_init(), and MHD_gtls_x509_crt_to_gcert().
Referenced by MHD_gtls_proc_x509_server_certificate(), MHD_gtls_raw_cert_to_gcert(), and parse_pem_cert_mem().