gnutls_x509.c File Reference

#include <gnutls_int.h>
#include "gnutls_auth_int.h"
#include "gnutls_errors.h"
#include <gnutls_cert.h>
#include <auth_cert.h>
#include "gnutls_dh.h"
#include "gnutls_num.h"
#include "gnutls_datum.h"
#include <gnutls_pk.h>
#include <gnutls_algorithms.h>
#include <gnutls_global.h>
#include <gnutls_record.h>
#include <gnutls_sig.h>
#include <gnutls_state.h>
#include <gnutls_str.h>
#include <debug.h>
#include <x509_b64.h>
#include <gnutls_x509.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include "common.h"
#include "x509.h"
#include "mpi.h"
#include "privkey.h"

Go to the source code of this file.

Defines

#define CLEAR_CERTS

Functions

static int check_bits (MHD_gnutls_x509_crt_t crt, unsigned int max_bits)
static int MHD__gnutls_check_key_cert_match (MHD_gtls_cert_credentials_t res)
static int parse_crt_mem (MHD_gnutls_cert **cert_list, unsigned *ncerts, MHD_gnutls_x509_crt_t cert)
static int parse_der_cert_mem (MHD_gnutls_cert **cert_list, unsigned *ncerts, const void *input_cert, int input_cert_size)
static int parse_pem_cert_mem (MHD_gnutls_cert **cert_list, unsigned *ncerts, const char *input_cert, int input_cert_size)
static int read_cert_mem (MHD_gtls_cert_credentials_t res, const void *cert, int cert_size, MHD_gnutls_x509_crt_fmt_t type)
int MHD__gnutls_x509_privkey_to_gkey (MHD_gnutls_privkey *dest, MHD_gnutls_x509_privkey_t src)
void MHD_gtls_gkey_deinit (MHD_gnutls_privkey *key)
int MHD__gnutls_x509_raw_privkey_to_gkey (MHD_gnutls_privkey *privkey, const MHD_gnutls_datum_t *raw_key, MHD_gnutls_x509_crt_fmt_t type)
static int read_key_mem (MHD_gtls_cert_credentials_t res, const void *key, int key_size, MHD_gnutls_x509_crt_fmt_t type)
int MHD__gnutls_certificate_set_x509_key_mem (MHD_gtls_cert_credentials_t res, const MHD_gnutls_datum_t *cert, const MHD_gnutls_datum_t *key, MHD_gnutls_x509_crt_fmt_t type)
int MHD__gnutls_check_key_usage (const MHD_gnutls_cert *cert, enum MHD_GNUTLS_KeyExchangeAlgorithm alg)

Define Documentation

#define CLEAR_CERTS
Value:
for(x=0;x<peer_certificate_list_size;x++) { \
        if (peer_certificate_list[x]) \
                MHD_gnutls_x509_crt_deinit(peer_certificate_list[x]); \
        } \
        MHD_gnutls_free( peer_certificate_list)

Definition at line 85 of file gnutls_x509.c.


Function Documentation

static int check_bits ( MHD_gnutls_x509_crt_t  crt,
unsigned int  max_bits 
) [inline, static]

Definition at line 63 of file gnutls_x509.c.

References GNUTLS_E_CONSTRAINT_ERROR, MHD_gnutls_assert, and MHD_gnutls_x509_crt_get_pk_algorithm().

Here is the call graph for this function:

int MHD__gnutls_certificate_set_x509_key_mem ( MHD_gtls_cert_credentials_t  res,
const MHD_gnutls_datum_t cert,
const MHD_gnutls_datum_t key,
MHD_gnutls_x509_crt_fmt_t  type 
)

MHD__gnutls_certificate_set_x509_key_mem - Used to set keys in a MHD_gtls_cert_credentials_t structure : is an MHD_gtls_cert_credentials_t structure. : contains a certificate list (path) for the specified private key : is the private key, or NULL : is PEM or DER

This function sets a certificate/private key pair in the MHD_gtls_cert_credentials_t structure. This function may be called more than once (in case multiple keys/certificates exist for the server).

Currently are supported: RSA PKCS-1 encoded private keys, DSA private keys.

DSA private keys are encoded the OpenSSL way, which is an ASN.1 DER sequence of 6 INTEGERs - version, p, q, g, pub, priv.

Note that the keyUsage (2.5.29.15) PKIX extension in X.509 certificates is supported. This means that certificates intended for signing cannot be used for ciphersuites that require encryption.

If the certificate and the private key are given in PEM encoding then the strings that hold their values must be null terminated.

The may be NULL if you are using a sign callback, see MHD_gtls_sign_callback_set().

Returns: GNUTLS_E_SUCCESS on success, or an error code.

Definition at line 521 of file gnutls_x509.c.

References MHD_gnutls_datum_t::data, MHD__gnutls_check_key_cert_match(), MHD_gnutls_assert, MHD_gtls_certificate_credentials_st::ncerts, read_cert_mem(), read_key_mem(), and MHD_gnutls_datum_t::size.

Here is the call graph for this function:

static int MHD__gnutls_check_key_cert_match ( MHD_gtls_cert_credentials_t  res  )  [static]
int MHD__gnutls_check_key_usage ( const MHD_gnutls_cert cert,
enum MHD_GNUTLS_KeyExchangeAlgorithm  alg 
)
int MHD__gnutls_x509_privkey_to_gkey ( MHD_gnutls_privkey dest,
MHD_gnutls_x509_privkey_t  src 
)
int MHD__gnutls_x509_raw_privkey_to_gkey ( MHD_gnutls_privkey privkey,
const MHD_gnutls_datum_t raw_key,
MHD_gnutls_x509_crt_fmt_t  type 
)

Definition at line 413 of file gnutls_x509.c.

References MHD__gnutls_x509_privkey_to_gkey(), MHD_gnutls_assert, MHD_gnutls_x509_privkey_deinit(), MHD_gnutls_x509_privkey_import(), and MHD_gnutls_x509_privkey_init().

Referenced by read_key_mem().

Here is the call graph for this function:

Here is the caller graph for this function:

void MHD_gtls_gkey_deinit ( MHD_gnutls_privkey key  ) 

Definition at line 400 of file gnutls_x509.c.

References MHD_gtls_mpi_release(), MHD_gnutls_privkey_int::params, and MHD_gnutls_privkey_int::params_size.

Referenced by MHD__gnutls_certificate_free_keys(), and MHD_gtls_selected_certs_deinit().

Here is the call graph for this function:

Here is the caller graph for this function:

static int parse_crt_mem ( MHD_gnutls_cert **  cert_list,
unsigned *  ncerts,
MHD_gnutls_x509_crt_t  cert 
) [static]

Definition at line 147 of file gnutls_x509.c.

References GNUTLS_E_MEMORY_ERROR, MHD_gnutls_assert, MHD_gtls_realloc_fast(), and MHD_gtls_x509_crt_to_gcert().

Referenced by parse_der_cert_mem().

Here is the call graph for this function:

Here is the caller graph for this function:

static int parse_der_cert_mem ( MHD_gnutls_cert **  cert_list,
unsigned *  ncerts,
const void *  input_cert,
int  input_cert_size 
) [static]

Definition at line 182 of file gnutls_x509.c.

References MHD_gnutls_datum_t::data, GNUTLS_X509_FMT_DER, MHD_gnutls_assert, MHD_gnutls_x509_crt_deinit(), MHD_gnutls_x509_crt_import(), MHD_gnutls_x509_crt_init(), parse_crt_mem(), and MHD_gnutls_datum_t::size.

Referenced by read_cert_mem().

Here is the call graph for this function:

Here is the caller graph for this function:

static int parse_pem_cert_mem ( MHD_gnutls_cert **  cert_list,
unsigned *  ncerts,
const char *  input_cert,
int  input_cert_size 
) [static]
static int read_cert_mem ( MHD_gtls_cert_credentials_t  res,
const void *  cert,
int  cert_size,
MHD_gnutls_x509_crt_fmt_t  type 
) [static]
static int read_key_mem ( MHD_gtls_cert_credentials_t  res,
const void *  key,
int  key_size,
MHD_gnutls_x509_crt_fmt_t  type 
) [static]
Generated by  doxygen 1.6.2-20100208