D-Bus: Emit cast to avoid C warning for signal handling in clients
[vala-lang.git] / vapi / gnutls.vapi
bloba0bcf883584116101773b37b46545cbac669af23
1 /* gnutls.vapi
2  *
3  * Copyright (C) 2009  Jiří Zárevúcky
4  *
5  * This library is free software; you can redistribute it and/or
6  * modify it under the terms of the GNU Lesser General Public
7  * License as published by the Free Software Foundation; either
8  * version 2.1 of the License, or (at your option) any later version.
9  *
10  * This library is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
13  * Lesser General Public License for more details.
14  *
15  * You should have received a copy of the GNU Lesser General Public
16  * License along with this library; if not, write to the Free Software
17  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301  USA
18  *
19  * As a special exception, if you use inline functions from this file, this
20  * file does not by itself cause the resulting executable to be covered by
21  * the GNU Lesser General Public License.
22  *
23  * Author:
24  *      Jiří Zárevúcky <zarevucky.jiri@gmail.com>
25  *
26  */
28 [CCode (cprefix = "gnutls_", lower_case_cprefix = "gnutls_", cheader_filename = "gnutls/gnutls.h")]
29 namespace GnuTLS
31         [CCode (cname = "LIBGNUTLS_VERSION")]
32         public const string VERSION;
33         [CCode (cname = "LIBGNUTLS_VERSION_MAJOR")]
34         public const int VERSION_MAJOR;
35         [CCode (cname = "LIBGNUTLS_VERSION_MINOR")]
36         public const int VERSION_MINOR;
37         [CCode (cname = "LIBGNUTLS_VERSION_PATCH")]
38         public const int VERSION_PATCH;
39         [CCode (cname = "LIBGNUTLS_VERSION_NUMBER")]
40         public const int VERSION_NUMBER;
42         public unowned string? check_version (string? req_version);
44         [CCode (cname = "gnutls_cipher_algorithm_t", cprefix = "GNUTLS_CIPHER_")]
45         public enum CipherAlgorithm {
46                 UNKNOWN,
47                 NULL,
48                 ARCFOUR_128,
49                 3DES_CBC,
50                 AES_128_CBC,
51                 AES_256_CBC,
52                 ARCFOUR_40,
53                 CAMELLIA_128_CBC,
54                 CAMELLIA_256_CBC,
55                 RC2_40_CBC,
56                 DES_CBC,
58                 RIJNDAEL_128_CBC,    // == AES_128_CBC
59                 RIJNDAEL_256_CBC,    // == AES_256_CBC
60                 RIJNDAEL_CBC,        // == AES_128_CBC
61                 ARCFOUR;             // == ARCFOUR_128
63                 [CCode (cname = "gnutls_cipher_get_key_size")]
64                 public size_t get_key_size ();
65                 [CCode (cname = "gnutls_cipher_get_name")]
66                 public unowned string? get_name ();
67                 [CCode (cname = "gnutls_mac_get_id")]
68                 public static CipherAlgorithm from_name (string name);
69                 [CCode (cname = "gnutls_cipher_list", array_length = "false", array_null_terminated = "true")]
70                 public static unowned CipherAlgorithm[] list ();
71         }
73         [CCode (cname = "gnutls_kx_algorithm_t", cprefix = "GNUTLS_KX_")]
74         public enum KXAlgorithm {
75                 UNKNOWN,
76                 RSA,
77                 DHE_DSS,
78                 DHE_RSA,
79                 ANON_DH,
80                 SRP,
81                 RSA_EXPORT,
82                 SRP_RSA,
83                 SRP_DSS,
84                 PSK,
85                 DHE_PSK;
87                 [CCode (cname = "gnutls_kx_get_name")]
88                 public unowned string? get_name ();
89                 [CCode (cname = "gnutls_kx_get_id")]
90                 public static KXAlgorithm from_name (string name);
91                 [CCode (cname = "gnutls_kx_list", array_length = "false", array_null_terminated = "true")]
92                 public static unowned KXAlgorithm[] list ();
93         }
95         [CCode (cname = "gnutls_mac_algorithm_t", cprefix = "GNUTLS_MAC_")]
96         public enum MacAlgorithm {
97                 UNKNOWN,
98                 NULL,
99                 MD5,
100                 SHA1,
101                 RMD160,
102                 MD2,
103                 SHA256,
104                 SHA384,
105                 SHA512;
107                 [CCode (cname = "gnutls_mac_get_key_size")]
108                 public size_t get_key_size ();
109                 [CCode (cname = "gnutls_mac_get_name")]
110                 public unowned string? get_name ();
111                 [CCode (cname = "gnutls_mac_get_id")]
112                 public static MacAlgorithm from_name (string name);
113                 [CCode (cname = "gnutls_mac_list", array_length = "false", array_null_terminated = "true")]
114                 public static unowned MacAlgorithm[] list ();
115         }
117         [CCode (cname = "gnutls_digest_algorithm_t", cprefix = "GNUTLS_DIG_")]
118         public enum DigestAlgorithm {
119                 NULL,
120                 MD5,
121                 SHA1,
122                 RMD160,
123                 MD2,
124                 SHA224,
125                 SHA256,
126                 SHA384,
127                 SHA512;
129                 [CCode (cname = "gnutls_fingerprint")]
130                 public int fingerprint (/* const */ ref Datum data, void* result, ref size_t result_size);
131         }
133         [CCode (cname = "GNUTLS_MAX_ALGORITHM_NUM")]
134         public const int MAX_ALGORITHM_NUM;
136         [CCode (cname = "gnutls_pk_algorithm_t", cprefix = "GNUTLS_PK_")]
137         public enum PKAlgorithm {
138                 UNKNOWN,
139                 RSA,
140                 DSA;
142                 [CCode (cname = "gnutls_pk_algorithm_get_name")]
143                 public unowned string? get_name ();
144         }
146         [CCode (cname = "gnutls_sign_algorithm_t", cprefix = "GNUTLS_SIGN_")]
147         public enum SignAlgorithm {
148                 UNKNOWN,
149                 RSA_SHA1,
150                 DSA_SHA1,
151                 RSA_MD5,
152                 RSA_MD2,
153                 RSA_RMD160,
154                 RSA_SHA224,
155                 RSA_SHA256,
156                 RSA_SHA384,
157                 RSA_SHA512;
159                 [CCode (cname = "gnutls_sign_algorithm_get_name")]
160                 public unowned string? get_name ();
161         }
163         [CCode (cname = "gnutls_compression_method_t", cprefix = "GNUTLS_COMP_")]
164         public enum CompressionMethod {
165                 UNKNOWN,
166                 NULL,
167                 DEFLATE,
168                 ZLIB,     // == DEFLATE
169                 LZO;      // only available if gnutls-extra has been initialized
171                 [CCode (cname = "gnutls_compression_get_name")]
172                 public unowned string? get_name ();
173                 [CCode (cname = "gnutls_compression_get_id")]
174                 public static CompressionMethod from_name (string name);
175                 [CCode (cname = "gnutls_compression_list", array_length = "false", array_null_terminated = "true")]
176                 public static unowned CompressionMethod[] list ();
177         }
179         [CCode (cname = "gnutls_params_type_t", cprefix = "GNUTLS_PARAMS_")]
180         public enum ParamsType {
181                 RSA_EXPORT,
182                 DH
183         }
185         [CCode (cname = "gnutls_credentials_type_t", cprefix = "GNUTLS_CRD_")]
186         public enum CredentialsType {
187                 CERTIFICATE,
188                 ANON,
189                 SRP,
190                 PSK,
191                 IA
192         }
194         [CCode (cname = "gnutls_alert_level_t", cprefix = "GNUTLS_AL_")]
195         public enum AlertLevel {
196                 WARNING,
197                 FATAL
198         }
200         [CCode (cname = "gnutls_alert_description_t", cprefix = "GNUTLS_A_")]
201         public enum AlertDescription {
202                 CLOSE_NOTIFY,
203                 UNEXPECTED_MESSAGE,
204                 BAD_RECORD_MAC,
205                 DECRYPTION_FAILED,
206                 RECORD_OVERFLOW,
207                 DECOMPRESSION_FAILURE,
208                 HANDSHAKE_FAILURE,
209                 SSL3_NO_CERTIFICATE,
210                 BAD_CERTIFICATE,
211                 UNSUPPORTED_CERTIFICATE,
212                 CERTIFICATE_REVOKED,
213                 CERTIFICATE_EXPIRED,
214                 CERTIFICATE_UNKNOWN,
215                 ILLEGAL_PARAMETER,
216                 UNKNOWN_CA,
217                 ACCESS_DENIED,
218                 DECODE_ERROR,
219                 DECRYPT_ERROR,
220                 EXPORT_RESTRICTION,
221                 PROTOCOL_VERSION,
222                 INSUFFICIENT_SECURITY,
223                 INTERNAL_ERROR,
224                 USER_CANCELED,
225                 NO_RENEGOTIATION,
226                 UNSUPPORTED_EXTENSION,
227                 CERTIFICATE_UNOBTAINABLE,
228                 UNRECOGNIZED_NAME,
229                 UNKNOWN_PSK_IDENTITY,
230                 INNER_APPLICATION_FAILURE,
231                 INNER_APPLICATION_VERIFICATION;
233                 [CCode (cname = "gnutls_alert_get_name")]
234                 public unowned string? get_name ();
235         }
237         [CCode (cname = "gnutls_handshake_description_t", cprefix = "GNUTLS_HANDSHAKE_")]
238         public enum HandshakeDescription {
239                 HELLO_REQUEST,
240                 CLIENT_HELLO,
241                 SERVER_HELLO,
242                 CERTIFICATE_PKT,
243                 SERVER_KEY_EXCHANGE,
244                 CERTIFICATE_REQUEST,
245                 SERVER_HELLO_DONE,
246                 CERTIFICATE_VERIFY,
247                 CLIENT_KEY_EXCHANGE,
248                 FINISHED,
249                 SUPPLEMENTAL
250         }
252         /* Note that the status bits have different meanings
253          * in openpgp keys and x.509 certificate verification.
254          */
255         [Flags]
256         [CCode (cname = "gnutls_certificate_status_t", cprefix = "GNUTLS_CERT_")]
257         public enum CertificateStatus {
258                 INVALID,             // will be set if the certificate was not verified.
259                 REVOKED,             // in X.509 this will be set only if CRLs are checked
260                 SIGNER_NOT_FOUND,
261                 SIGNER_NOT_CA,
262                 INSECURE_ALGORITHM
263         }
265         [CCode (cname = "gnutls_certificate_request_t", cprefix = "GNUTLS_CERT_")]
266         public enum CertificateRequest {
267                 IGNORE,
268                 REQUEST,
269                 REQUIRE
270         }
272 //      [CCode (cname = "gnutls_openpgp_crt_status_t", cprefix = "GNUTLS_OPENPGP_")]
273 //      public enum OpenPGP.CertificateStatus {
274 //              CERT,
275 //              CERT_FINGERPRINT
276 //      }
278 //      [CCode (cname = "gnutls_connection_end_t", cprefix = "GNUTLS_")]
279 //      public enum ConnectionEnd {
280 //              SERVER,
281 //              CLIENT
282 //      }
284         [CCode (cname = "gnutls_close_request_t", cprefix = "GNUTLS_SHUT_")]
285         public enum CloseRequest {
286                 RDWR,
287                 WR
288         }
290         [CCode (cname = "gnutls_protocol_t", cprefix = "GNUTLS_")]
291         public enum Protocol {
292                 SSL3,
293                 TLS1,    // == TLS1_0
294                 TLS1_0,
295                 TLS1_1,
296                 TLS1_2,
297                 [CCode (cname = "GNUTLS_VERSION_UNKNOWN")]
298                 UNKNOWN;
300                 [CCode (cname = "gnutls_protocol_get_name")]
301                 public unowned string? get_name ();
302                 [CCode (cname = "gnutls_protocol_get_id")]
303                 public static Protocol from_name (string name);
304                 [CCode (cname = "gnutls_protocol_list", array_length = "false", array_null_terminated = "true")]
305                 public static unowned Protocol[] list ();
306         }
308         [CCode (cname = "gnutls_certificate_type_t", cprefix = "GNUTLS_CRT_")]
309         public enum CertificateType {
310                 UNKNOWN,
311                 X509,
312                 OPENPGP;
314                 [CCode (cname = "gnutls_certificate_type_get_name")]
315                 public unowned string? get_name ();
316                 [CCode (cname = "gnutls_certificate_type_get_id")]
317                 public static CertificateType from_name (string name);
318                 [CCode (cname = "gnutls_certificate_type_list", array_length = "false", array_null_terminated = "true")]
319                 public static unowned CertificateType[] list ();
320         }
322         [CCode (cname = "gnutls_certificate_print_formats_t", cprefix = "GNUTLS_CRT_PRINT_")]
323         public enum CertificatePrintFormats {
324                 FULL,
325                 ONELINE,
326                 UNSIGNED_FULL
327         }
329         [Flags]
330         [CCode (cname = "unsigned int", cprefix = "GNUTLS_KEY_")]
331         public enum KeyUsage
332         {
333                 DIGITAL_SIGNATURE,
334                 NON_REPUDIATION,
335                 KEY_ENCIPHERMENT,
336                 DATA_ENCIPHERMENT,
337                 KEY_AGREEMENT,
338                 KEY_CERT_SIGN,
339                 CRL_SIGN,
340                 ENCIPHER_ONLY,
341                 DECIPHER_ONLY
342         }
344         [CCode (cname = "gnutls_server_name_type_t", cprefix = "GNUTLS_NAME_")]
345         public enum ServerNameType {
346                 DNS;
347         }
349         // Diffie Hellman parameter handling.
350         [Compact]
351         [CCode (cname = "struct gnutls_dh_params_int", free_function = "gnutls_dh_params_deinit", lower_case_cprefix = "gnutls_dh_params_")]
352         public class DHParams {
353                 private static int init (out DHParams dh_params);
354                 public static DHParams create ()
355                 {
356                         DHParams result;
357                         var ret = init (out result);
358                         if (ret != 0)
359                                 GLib.error ("%s", ((ErrorCode)ret).to_string ());
360                         return result;
361                 }
363                 private int cpy (DHParams source);
365                 public int import_raw (/* const */ ref Datum prime, /* const */ ref Datum generator);
366                 public int export_raw (/* const */ ref Datum prime, /* const */ ref Datum generator, out uint bits);
367                 public int import_pkcs3 (/* const */ ref Datum pkcs3_params, X509.CertificateFormat format);
368                 public int export_pkcs3 (X509.CertificateFormat format, void* params_data, ref size_t params_data_size);
370                 [CCode (cname = "gnutls_dh_params_generate2")]
371                 public int generate (uint bits);
372         }
374         [Compact]
375         [CCode (cname = "struct gnutls_x509_privkey_int", free_function = "gnutls_rsa_params_deinit", lower_case_cprefix = "gnutls_rsa_params_")]
376         public class RSAParams {
377                 private static int init (out RSAParams dh_params);
378                 public static RSAParams create ()
379                 {
380                         RSAParams result = null;
381                         var ret = init (out result);
382                         if (ret != 0)
383                                 GLib.error ("%s", ((ErrorCode)ret).to_string ());
384                         return result;
385                 }
387                 private int cpy (RSAParams source);
389                 public int import_raw (/* const */ ref Datum m, /* const */ ref Datum e, /* const */ ref Datum d, /* const */ ref Datum p, /* const */ ref Datum q, /* const */ ref Datum u);
390                 public int export_raw (/* const */ ref Datum m, /* const */ ref Datum e, /* const */ ref Datum d, /* const */ ref Datum p, /* const */ ref Datum q, /* const */ ref Datum u, out uint bits);
391                 public int import_pkcs1 (/* const */ ref Datum pkcs1_params, X509.CertificateFormat format);
392                 public int export_pkcs1 (X509.CertificateFormat format, void* params_data, ref size_t params_data_size);
394                 public int generate2 (uint bits);
395         }
397         [Compact]
398         [CCode (cname = "struct gnutls_priority_st", free_function = "gnutls_priority_deinit")]
399         public class Priority {
400                 private static int init (out Priority self, string priority, out char* err_pos);
401                 public static Priority create (string priority, out ErrorCode err = null, out char* err_pos = null)
402                 {
403                         Priority result;
404                         var ret = init (out result, priority, out err_pos);
405                         if (&err != null)
406                                 err = (ErrorCode) ret;
407                         return result;
408                 }
409         }
411         [SimpleType]
412         [CCode (cname = "gnutls_datum_t")]
413         public struct Datum {
414                 public void* data;
415                 public uint size;
416         }
418         [CCode (cname = "gnutls_params_st")]
419         public struct Params {
420                 public ParamsType type;
421                 [CCode (cname = "params.dh")]
422                 public DHParams dh_params;
423                 [CCode (cname = "params.rsa_export")]
424                 public RSAParams rsa_params;
425                 public bool deinit;
426         }
428         [CCode (cname = "gnutls_params_function *", has_target = false)]
429         public delegate int ParamsFunction (Session session, ParamsType type, Params params);
431         [CCode (cname = "gnutls_oprfi_callback_func", instance_pos = "1.2")]
432         public delegate int OprfiCallbackFunc (Session session,
433                                                [CCode (array_length_pos = "1.8", array_length_type = "size_t")] /* const */ uint8[] in_oprfi,
434                                                [CCode (array_length_pos = "1.8", array_length_type = "size_t")] uint8[] out_oprfi);
436         /* Supplemental data, RFC 4680. */
437         [CCode (cname = "gnutls_supplemental_data_format_type_t")]
438         public enum SupplementalDataFormatType {
439                 USER_MAPPING_DATA;
441                 [CCode (cname = "gnutls_supplemental_get_name")]
442                 public unowned string? get_name ();
443         }
445         [CCode (cname = "TLS_MASTER_SIZE")]
446         public const int TLS_MASTER_SIZE;
447         [CCode (cname = "TLS_RANDOM_SIZE")]
448         public const int TLS_RANDOM_SIZE;
450         [CCode (cname = "gnutls_db_store_func", has_target = false)]
451         public delegate int DBStoreFunc (void* ptr, Datum key, Datum data);
452         [CCode (cname = "gnutls_db_remove_func", has_target = false)]
453         public delegate int DBRemoveFunc (void* ptr, Datum key);
454         [CCode (cname = "gnutls_db_retr_func", has_target = false)]
455         public delegate Datum DBRetrieveFunc (void* ptr, Datum key);
457         [CCode (cname = "gnutls_handshake_post_client_hello_func", has_target = false)]
458         public delegate int HandshakePostClientHelloFunc (Session session);
460         // External signing callback.  Experimental.
461         [CCode (cname = "gnutls_sign_func", instance_pos = "1.9")]
462         public delegate int SignFunc (Session session, CertificateType cert_type, /* const */ ref Datum cert, /* const */ ref Datum hash, out Datum signature);
464         [CCode (cname = "gnutls_pull_func", has_target = false)]
465         public delegate ssize_t PullFunc (void* transport_ptr, void* buffer, size_t count);
466         [CCode (cname = "gnutls_push_func", has_target = false)]
467         public delegate ssize_t PushFunc (void* transport_ptr, void* buffer, size_t count);
469         [Compact]
470         [CCode (cname = "struct gnutls_session_int", free_function = "gnutls_deinit")]
471         public class Session {
472                 [CCode (cname = "gnutls_init")]
473                 private static int init (out Session session, int con_end);
474                 protected static Session? create (int con_end)
475                 {
476                         Session result;
477                         var ret = init (out result, con_end);
478                         if (ret != 0)
479                                 GLib.error ("%s", ((ErrorCode)ret).to_string ());
480                         return result;
481                 }
483                 [CCode (cname = "gnutls_credentials_set")]
484                 public int set_credentials (CredentialsType type, void* cred);
485                 [CCode (cname = "gnutls_credentials_clear")]
486                 public void clear_credentials ();
488                 [CCode (cname = "gnutls_handshake")]
489                 public int handshake ();
490                 [CCode (cname = "gnutls_bye")]
491                 public int bye (CloseRequest how);
493                 [CCode (cname = "gnutls_session_is_resumed")]
494                 public bool is_resumed ();
496                 [CCode (cname = "gnutls_alert_get")]
497                 public AlertDescription get_last_alert ();
498                 [CCode (cname = "gnutls_alert_send")]
499                 public int send_alert (AlertLevel level, AlertDescription desc);
500                 [CCode (cname = "gnutls_alert_send_appropriate")]
501                 public int send_appropriate_alert (ErrorCode err);
503                 [CCode (cname = "gnutls_cipher_get")]
504                 public CipherAlgorithm get_cipher ();
505                 [CCode (cname = "gnutls_kx_get")]
506                 public KXAlgorithm get_kx ();
507                 [CCode (cname = "gnutls_mac_get")]
508                 public MacAlgorithm get_mac ();
509                 [CCode (cname = "gnutls_compression_get")]
510                 public CompressionMethod get_compression ();
511                 [CCode (cname = "gnutls_certificate_type_get")]
512                 public CertificateType get_certificate_type ();
513                 [CCode (cname = "gnutls_protocol_get_version")]
514                 public Protocol get_protocol_version ();
515                 [CCode (cname = "gnutls_record_get_max_size")]
516                 public size_t get_max_record_size ();
517                 [CCode (cname = "gnutls_dh_get_prime_bits")]
518                 public int get_dh_prime_bits ();
519                 [CCode (cname = "gnutls_dh_get_secret_bits")]
520                 public int get_dh_secret_bits ();
521                 [CCode (cname = "gnutls_dh_get_peers_public_bits")]
522                 public int get_peers_dh_public_bits ();
523                 [CCode (cname = "gnutls_dh_get_group")]
524                 public int get_dh_group (out Datum raw_gen, out Datum raw_prime);
525                 [CCode (cname = "gnutls_dh_get_pubkey")]
526                 public int get_dh_pubkey (out Datum raw_key);
527                 [CCode (cname = "gnutls_rsa_export_get_pubkey")]
528                 public int get_rsa_export_pubkey (out Datum exponent, out Datum modulus);
529                 [CCode (cname = "gnutls_rsa_export_get_modulus_bits")]
530                 public int get_rsa_export_modulus_bits ();
532                 [CCode (cname = "gnutls_handshake_set_private_extensions")]
533                 public void allow_private_extensions (bool allow);
534                 [CCode (cname = "gnutls_handshake_get_last_out")]
535                 public HandshakeDescription get_last_out_handshake ();
536                 [CCode (cname = "gnutls_handshake_get_last_in")]
537                 public HandshakeDescription get_last_in_handshake ();
539                 [CCode (cname = "gnutls_record_send")]
540                 public ssize_t send (void* buffer, size_t count);
541                 [CCode (cname = "gnutls_record_recv")]
542                 public ssize_t receive (void* buffer, size_t count);
544                 [CCode (cname = "gnutls_record_get_direction")]
545                 public int get_last_direction ();
547                 [CCode (cname = "gnutls_record_check_pending")]
548                 public size_t check_pending ();
550                 [CCode (cname = "gnutls_cipher_set_priority")]
551                 public int set_cipher_priority ([CCode (array_length = "false", array_null_terminated = "true")] CipherAlgorithm[] list);
552                 [CCode (cname = "gnutls_mac_set_priority")]
553                 public int set_mac_priority ([CCode (array_length = "false", array_null_terminated = "true")] MacAlgorithm[] list);
554                 [CCode (cname = "gnutls_compression_set_priority")]
555                 public int set_compression_priority ([CCode (array_length = "false", array_null_terminated = "true")] CompressionMethod[] list);
556                 [CCode (cname = "gnutls_kx_set_priority")]
557                 public int set_kx_priority ([CCode (array_length = "false", array_null_terminated = "true")] KXAlgorithm[] list);
558                 [CCode (cname = "gnutls_protocol_set_priority")]
559                 public int set_protocol_priority ([CCode (array_length = "false", array_null_terminated = "true")] Protocol[] list);
560                 [CCode (cname = "gnutls_certificate_type_set_priority")]
561                 public int set_certificate_type_priority ([CCode (array_length = "false", array_null_terminated = "true")] CertificateType[] list);
563                 [CCode (cname = "gnutls_priority_set")]
564                 public int set_priority (Priority priority);
565                 [CCode (cname = "gnutls_priority_set_direct")]
566                 public int set_priority_from_string (string priority, out unowned string err_pos = null);
567                 [CCode (cname = "gnutls_set_default_priority")]
568                 public int set_default_priority ();
569                 [CCode (cname = "gnutls_set_default_export_priority")]
570                 public int set_default_export_priority ();
572                 [CCode (cname = "GNUTLS_MAX_SESSION_ID")]
573                 public const int MAX_SESSION_ID;
575                 [CCode (cname = "gnutls_session_get_id")]
576                 public int get_id (void* session_id, ref size_t session_id_size);
578                 [CCode (cname = "gnutls_session_get_server_random")]
579                 public void* get_server_random ();
580                 [CCode (cname = "gnutls_session_get_client_random")]
581                 public void* get_client_random ();
582                 [CCode (cname = "gnutls_session_get_master_secret")]
583                 public void* get_master_secret ();
585                 [CCode (cname = "gnutls_transport_set_ptr")]
586                 public void set_transport_ptr (void* ptr);
587                 [CCode (cname = "gnutls_transport_set_ptr2")]
588                 public void set_transport_ptr2 (void* recv_ptr, void* send_ptr);
589                 [CCode (cname = "gnutls_transport_set_lowat")]
590                 public void set_lowat (int num);
591                 [CCode (cname = "gnutls_transport_set_push_function")]
592                 public void set_push_function (PushFunc func);
593                 [CCode (cname = "gnutls_transport_set_pull_function")]
594                 public void set_pull_function (PullFunc func);
596                 [CCode (cname = "gnutls_transport_set_errno")]
597                 public void set_errno (int err);
599                 [CCode (cname = "gnutls_session_set_ptr")]
600                 public void set_ptr (void* ptr);
601                 [CCode (cname = "gnutls_session_get_ptr")]
602                 public void* get_ptr ();
604                 [CCode (cname = "gnutls_auth_get_type")]
605                 public CredentialsType get_auth_type ();
606         //      [CCode (cname = "gnutls_auth_server_get_type")]
607         //      public CredentialsType get_server_auth_type ();
608         //      [CCode (cname = "gnutls_auth_client_get_type")]
609         //      public CredentialsType get_client_auth_type ();
611                 [CCode (cname = "gnutls_sign_callback_set")]
612                 public void set_sign_callback (SignFunc func);
613                 [CCode (cname = "gnutls_sign_callback_get")]
614                 public SignFunc get_sign_callback ();
616                 [CCode (cname = "gnutls_certificate_get_peers", array_length_type = "unsigned int")]
617                 public unowned Datum[]? get_peer_certificates ();
618                 [CCode (cname = "gnutls_certificate_get_ours")]
619                 public unowned Datum? get_our_certificate ();
621                 [CCode (cname = "gnutls_certificate_verify_peers2")]
622                 public int verify_peer_certificate (out CertificateStatus status);
623         }
625         [CCode (cname = "struct gnutls_session_int", lower_case_cprefix = "gnutls_", free_function = "gnutls_deinit")]
626         public class ClientSession: Session {
628                 public static ClientSession create ()
629                 {
630                         return (ClientSession) Session.create (2);
631                 }
633                 [CCode (cname = "gnutls_record_set_max_size")]
634                 public ssize_t set_max_record_size (size_t size);
636                 [CCode (cname = "gnutls_dh_set_prime_bits")]
637                 public void set_dh_prime_bits (uint bits);
639                 [CCode (cname = "gnutls_server_name_get")]
640                 public int get_server_name (void* data, out size_t data_length, out ServerNameType type, uint index);
642                 [CCode (cname = "gnutls_oprfi_enable_client")]
643                 public void enable_oprfi ([CCode (array_length_pos = "0.9", array_length_type = "size_t")] uint8[] data);
645                 [CCode (cname = "gnutls_session_set_data")]
646                 public int set_session_data (void* session_data, size_t session_data_size);
647                 [CCode (cname = "gnutls_session_get_data")]
648                 public int get_session_data (void* session_data, out size_t session_data_size);
649                 [CCode (cname = "gnutls_session_get_data2")]
650                 public int get_session_data2 (out Datum data);
652                 [CCode (cname = "gnutls_openpgp_send_cert")]
653                 public void set_openpgp_send_cert (bool fingerprint_only);
655                 [CCode (cname = "gnutls_psk_client_get_hint")]
656                 public unowned string get_psk_hint ();
658                 [CCode (cname = "gnutls_certificate_client_get_request_status")]
659                 public int get_certificate_request_status ();
660         }
662         [CCode (cname = "struct gnutls_session_int", lower_case_cprefix = "gnutls_", free_function = "gnutls_deinit")]
663         public class ServerSession: Session {
665                 public static ServerSession create ()
666                 {
667                         return (ServerSession) Session.create (1);
668                 }
670                 public int rehandshake ();
672                 [CCode (cname = "gnutls_session_enable_compatibility_mode")]
673                 public void enable_compatibility_mode ();
675                 [CCode (cname = "gnutls_record_disable_padding")]
676                 public void disable_record_padding ();
678                 [CCode (cname = "gnutls_server_name_set")]
679                 public int set_server_name (ServerNameType type, void* data, size_t data_length);
681                 [CCode (cname = "gnutls_oprfi_enable_server")]
682                 public void enable_oprfi (OprfiCallbackFunc cb);
684                 public void db_set_cache_expiration (int seconds);
685                 public void db_remove_session ();
686                 public void db_set_retrieve_function (DBRetrieveFunc func);
687                 public void db_set_remove_function (DBRemoveFunc func);
688                 public void db_set_store_function (DBStoreFunc func);
689                 public void db_set_ptr (void* ptr);
690                 public void* db_get_ptr ();
691                 public int db_check_entry (Datum session_entry);
693                 [CCode (cname = "gnutls_handshake_set_post_client_hello_function")]
694                 public void set_post_client_hello_function (HandshakePostClientHelloFunc func);
696                 [CCode (cname = "gnutls_handshake_set_max_packet_length")]
697                 public void set_max_handshake_packet_length (size_t max);
699                 [CCode (cname = "gnutls_certificate_server_set_request")]
700                 public void set_certificate_request (CertificateRequest req);
702                 [CCode (cname = "gnutls_certificate_send_x509_rdn_sequence")]
703                 public void disable_sending_x509_rdn_sequence (bool disable);
705                 [CCode (cname = "gnutls_psk_server_get_username")]
706                 public unowned string get_psk_username ();
708                 [CCode (cheader_filename = "gnutls/openpgp.h", cname = "gnutls_openpgp_set_recv_key_function")]
709                 public void set_openpgp_recv_key_function (OpenPGP.RecvKeyFunc func);
710         }
713         [Compact]
714         [CCode (cname = "struct gnutls_anon_server_credentials_st", free_function = "gnutls_anon_free_server_credentials")]
715         public class AnonServerCredentials
716         {
717                 [CCode (cname = "gnutls_anon_allocate_server_credentials")]
718                 private static int allocate (out AnonServerCredentials credentials);
719                 public static AnonServerCredentials create ()
720                 {
721                         AnonServerCredentials result;
722                         var ret = allocate (out result);
723                         if (ret != 0)
724                                 GLib.error ("%s", ((ErrorCode)ret).to_string ());
725                         return result;
726                 }
729                 [CCode (cname = "gnutls_anon_set_server_dh_params")]
730                 public void set_dh_params (DHParams dh_params);
732         //      [CCode (cname = "gnutls_anon_set_server_params_function")]
733         //      public void set_server_params_function (ParamsFunction func);
735                 [CCode (cname = "gnutls_anon_set_params_function")]
736                 public void set_params_function (ParamsFunction func);
737         }
739         [Compact]
740         [CCode (cname = "struct gnutls_anon_client_credentials_st", free_function = "gnutls_anon_free_client_credentials")]
741         public class AnonClientCredentials
742         {
743                 [CCode (cname = "gnutls_anon_allocate_client_credentials")]
744                 private static int allocate (out AnonClientCredentials credentials);
745                 public static AnonClientCredentials create ()
746                 {
747                         AnonClientCredentials result;
748                         var ret = allocate (out result);
749                         if (ret != 0)
750                                 GLib.error ("%s", ((ErrorCode)ret).to_string ());
751                         return result;
752                 }
753         }
755         [CCode (cheader_filename = "gnutls/x509.h", cprefix = "GNUTLS_")]
756         namespace X509
757         {
758                 // Some OIDs usually found in Distinguished names, or
759                 // in Subject Directory Attribute extensions.
761                 public const string OID_X520_COUNTRY_NAME;
762                 public const string OID_X520_ORGANIZATION_NAME;
763                 public const string OID_X520_ORGANIZATIONAL_UNIT_NAME;
764                 public const string OID_X520_COMMON_NAME;
765                 public const string OID_X520_LOCALITY_NAME;
766                 public const string OID_X520_STATE_OR_PROVINCE_NAME;
768                 public const string OID_X520_INITIALS;
769                 public const string OID_X520_GENERATION_QUALIFIER;
770                 public const string OID_X520_SURNAME;
771                 public const string OID_X520_GIVEN_NAME;
772                 public const string OID_X520_TITLE;
773                 public const string OID_X520_DN_QUALIFIER;
774                 public const string OID_X520_PSEUDONYM;
776                 public const string OID_LDAP_DC;
777                 public const string OID_LDAP_UID;
779                 // The following should not be included in DN.
781                 public const string OID_PKCS9_EMAIL;
783                 public const string OID_PKIX_DATE_OF_BIRTH;
784                 public const string OID_PKIX_PLACE_OF_BIRTH;
785                 public const string OID_PKIX_GENDER;
786                 public const string OID_PKIX_COUNTRY_OF_CITIZENSHIP;
787                 public const string OID_PKIX_COUNTRY_OF_RESIDENCE;
789                 // Key purpose Object Identifiers.
791                 public const string KP_TLS_WWW_SERVER;
792                 public const string KP_TLS_WWW_CLIENT;
793                 public const string KP_CODE_SIGNING;
794                 public const string KP_EMAIL_PROTECTION;
795                 public const string KP_TIME_STAMPING;
796                 public const string KP_OCSP_SIGNING;
797                 public const string KP_ANY;
800                 [CCode (cname = "gnutls_x509_crt_fmt_t", cprefix = "GNUTLS_X509_FMT_")]
801                 public enum CertificateFormat {
802                         DER,
803                         PEM
804                 }
806                 [Flags]
807                 [CCode (cname = "gnutls_certificate_import_flags", cprefix = "GNUTLS_X509_CRT_")]
808                 public enum CertificateImportFlags {
809                         /* Fail if the certificates in the buffer are more than the space
810                         * allocated for certificates. The error code will be
811                         * GNUTLS_E_SHORT_MEMORY_BUFFER.
812                         */
813                         LIST_IMPORT_FAIL_IF_EXCEED    // == 1
814                 }
816                 [Flags]
817                 [CCode (cname = "unsigned int", cprefix = "GNUTLS_CRL_REASON_")]
818                 public enum RevocationReasons {
819                         UNUSED,
820                         KEY_COMPROMISE,
821                         CA_COMPROMISE,
822                         AFFILIATION_CHANGED,
823                         SUPERSEEDED,
824                         CESSATION_OF_OPERATION,
825                         CERTIFICATE_HOLD,
826                         PRIVILEGE_WITHDRAWN,
827                         AA_COMPROMISE
828                 }
830                 [Flags]
831                 [CCode (cname = "gnutls_certificate_verify_flags", cprefix = "GNUTLS_VERIFY_")]
832                 public enum CertificateVerifyFlags
833                 {
834                         // If set a signer does not have to be a certificate authority. This
835                         // flag should normaly be disabled, unless you know what this means.
836                         DISABLE_CA_SIGN,
838                         // Allow only trusted CA certificates that have version 1.  This is
839                         // safer than GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT, and should be
840                         // used instead. That way only signers in your trusted list will be
841                         // allowed to have certificates of version 1.
842                         ALLOW_X509_V1_CA_CRT,
844                         // If a certificate is not signed by anyone trusted but exists in
845                         // the trusted CA list do not treat it as trusted.
846                         DO_NOT_ALLOW_SAME,
848                         // Allow CA certificates that have version 1 (both root and
849                         // intermediate). This might be dangerous since those haven't the
850                         // basicConstraints extension. Must be used in combination with
851                         // GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT.
852                         ALLOW_ANY_X509_V1_CA_CRT,
854                         // Allow certificates to be signed using the broken MD2 algorithm.
855                         ALLOW_SIGN_RSA_MD2,
857                         // Allow certificates to be signed using the broken MD5 algorithm.
858                         ALLOW_SIGN_RSA_MD5
859                 }
861                 [CCode (cname = "gnutls_x509_subject_alt_name_t")]
862                 public enum SubjectAltName {
863                         DNSNAME,
864                         RFC822NAME,
865                         URI,
866                         IPADDRESS,
867                         OTHERNAME,
868                         DN,
870                         OTHERNAME_XMPP
871                 }
873                 [Compact]
874                 [CCode (cname = "void", cprefix = "gnutls_x509_dn_", free_function = "gnutls_x509_dn_deinit")]
875                 public class DN
876                 {
877                         private static int init (out DN dn);
878                         public static DN create ()
879                         {
880                                 DN result;
881                                 var ret = init (out result);
882                                 if (ret != 0)
883                                         GLib.error ("%s", ((ErrorCode)ret).to_string ());
884                                 return result;
885                         }
887                         public int get_rdn_ava (int irdn, int iava, out unowned Ava ava);
889                         public int import (ref Datum data);
890                         public int export (CertificateFormat format, void* output, ref size_t output_size);
892                 }
894                 // RDN handling.
895                 public int rdn_get (ref Datum idn, char* buf, ref size_t buf_size);
896                 public int rdn_get_oid (ref Datum idn, int index, void* buf, ref size_t buf_size);
897                 public int rdn_get_by_oid (ref Datum idn, string oid, int index, uint raw_flag, void* buf, ref size_t buf_size);
899                 [SimpleType]
900                 [CCode (cname = "gnutls_x509_ava_st")]
901                 public struct Ava
902                 {
903                         [CCode (cname = "oid.data", array_length_cname = "oid.size")]
904                         uint8[] oid;
905                         [CCode (cname = "value.data", array_length_cname = "value.size")]
906                         uint8[] value;
907                         ulong value_tag;
908                 }
910                 [Compact]
911                 [CCode (cname = "struct gnutls_x509_crt_int", cprefix = "gnutls_x509_crt_", free_function = "gnutls_x509_crt_deinit ")]
912                 public class Certificate
913                 {
914                         private static int init (out Certificate cert);
915                         public static Certificate create ()
916                         {
917                                 Certificate result;
918                                 var ret = init (out result);
919                                 if (ret != 0)
920                                         GLib.error ("%s", ((ErrorCode)ret).to_string ());
921                                 return result;
922                         }
924                         public int import (ref Datum data, CertificateFormat format);
925                         public int export (CertificateFormat format, void* output, ref size_t output_size);
927                         public static int list_import ([CCode (array_length = "false")] Certificate[]? certs,
928                                                        ref uint cert_max, ref Datum data,
929                                                        CertificateFormat format, bool fail_if_exceed);
933                         public int get_issuer_dn (char* buf, ref size_t buf_size);
934                         public int get_issuer_dn_oid (int index, void* oid, ref size_t oid_size);
935                         public int get_issuer_dn_by_oid (string oid, int index, uint raw_flag, void* buf, ref size_t buf_size);
937                         public int get_dn (char* buf, ref size_t buf_size);
938                         public int get_dn_oid (int index, void* oid, ref size_t oid_size);
939                         public int get_dn_by_oid (string oid, int index, uint raw_flag, void* buf, ref size_t buf_size);
942                         public int get_subject (out DN dn);
943                         public int get_issuer (out DN dn);
945                         public bool check_hostname (string hostname);
947                         public SignAlgorithm get_signature_algorithm ();
949                         public int get_signature (char* sig, ref size_t sig_size);
951                         public int get_version ();
953                         public int get_key_id (uint flags, uchar* output, ref size_t output_size);
955                         public int set_authority_key_id (void* id, size_t id_size);
956                         public int get_authority_key_id (void* ret, ref size_t ret_size, out bool critical);
958                         public int get_subject_key_id (void* ret, ref size_t ret_size, out bool critical);
960                         public int get_crl_dist_points (uint seq, void* ret, ref size_t ret_size, out RevocationReasons reason_flags, out bool critical);
961                         public int set_crl_dist_points (SubjectAltName type, void* data_string, RevocationReasons reason_flags);
962                         public int cpy_crl_dist_points (Certificate source);
964                         public time_t get_activation_time ();
965                         public time_t get_expiration_time ();
967                         public int get_serial (void* result, ref size_t result_size);
969                         public PKAlgorithm get_pk_algorithm (out uint bits);
970                         public int get_pk_rsa_raw (out Datum modulus, out Datum exponent);
971                         public int get_pk_dsa_raw (out Datum p, out Datum q, out Datum g, out Datum y);
973                         public int get_subject_alt_name (uint seq, void* ret, ref size_t ret_size, out bool critical);
974                         public int get_subject_alt_name2 (uint seq, void* ret, ref size_t ret_size, out SubjectAltName ret_type, out bool critical);
976                         public int get_subject_alt_othername_oid (uint seq, void* ret, ref size_t ret_size);
978                         public int get_ca_status (out bool critical);
980                         public int get_basic_constraints (out bool critical, out int ca, out int pathlen);
982                         public int get_key_usage (out KeyUsage key_usage, out bool critical);
983                         public int set_key_usage (KeyUsage usage);
985                         public int get_proxy (out bool critical, out int pathlen, [CCode (array_length = "false")] out char[] policyLanguage, out char[] policy);
987                         public bool dn_oid_known (string oid);
989                         public int get_extension_oid (int index, void* oid, ref size_t oid_size);
990                         public int get_extension_by_oid (string oid, int index, void* buf, ref size_t buf_size, out bool critical);
992                         public int get_extension_info (int index, void* oid, ref size_t oid_size, out bool critical);
993                         public int get_extension_data (int index, void* data, ref size_t data_size);
995                         public int set_extension_by_oid (string oid, void* buf, size_t buf_size, bool critical);
996                         public int set_dn_by_oid (string oid, uint raw_flag, void* name, uint name_size);
997                         public int set_issuer_dn_by_oid (string oid, uint raw_flag, void* name, uint name_size);
998                         public int set_version (uint version);
999                         public int set_key (PrivateKey key);
1000                         public int set_ca_status (uint ca);
1001                         public int set_basic_constraints (uint ca, int pathLenConstraint);
1002                         public int set_subject_alternative_name (SubjectAltName type, string data_string);
1004                         public int sign (Certificate issuer, PrivateKey issuer_key);
1005                         public int sign2 (Certificate issuer, PrivateKey issuer_key, DigestAlgorithm alg, uint flags);
1007                         public int set_activation_time (time_t act_time);
1008                         public int set_expiration_time (time_t exp_time);
1009                         public int set_serial (void* serial, size_t serial_size);
1011                         public int set_subject_key_id (void* id, size_t id_size);
1012                         public int set_proxy_dn (Certificate eecrt, uint raw_flag, void* name, uint name_size);
1013                         public int set_proxy (int pathLenConstraint, string policyLanguage, [CCode (array_length_type = "size_t")] uint8[] policy);
1015                         public int print (CertificatePrintFormats format, out Datum output);
1017                         public int get_raw_issuer_dn (out unowned Datum start);
1018                         public int get_raw_dn (out unowned Datum start);
1020                         public int verify_data (uint flags, ref Datum data, ref Datum signature);
1022                         private int set_crq (CertificateRequest crq);
1024                         // verification
1026                         public int check_issuer (Certificate issuer);
1027                         public static int list_verify (Certificate[] cert_list, Certificate[] CA_list, Certificate[] CLR_list, CertificateVerifyFlags flags, out CertificateStatus verify);
1028                         public int verify (Certificate[] CA_list, CertificateVerifyFlags flags, out CertificateStatus verify);
1029                         public int check_revocation (CRL[] crl_list);
1030                         public int get_fingerprint (DigestAlgorithm algo, void* buf, ref size_t buf_size);
1031                         public int get_key_purpose_oid (int index, void* oid, ref size_t oid_size, out bool critical);
1032                         public int set_key_purpose_oid (string oid, bool critical);
1033                 }
1035                 [Compact]
1036                 [CCode (cname = "struct gnutls_x509_crl_int", free_function = "gnutls_x509_crl_deinit", cprefix = "gnutls_x509_crl_")]
1037                 public class CRL
1038                 {
1039                         private static int init (out CRL crl);
1040                         public static CRL create ()
1041                         {
1042                                 CRL result;
1043                                 var ret = init (out result);
1044                                 if (ret != 0)
1045                                         GLib.error ("%s", ((ErrorCode)ret).to_string ());
1046                                 return result;
1047                         }
1049                         public int import (ref Datum data, CertificateFormat format);
1050                         public int export (CertificateFormat format, void* output, ref size_t output_size);
1052                         public int get_issuer_dn (char* buf, ref size_t buf_size);
1053                         public int get_issuer_dn_by_oid (string oid, int index, uint raw_flag, void* buf, ref size_t buf_size);
1055                         public int get_dn_oid (int index, void* oid, ref size_t oid_size);
1057                         public int get_signature_algorithm ();
1058                         public int get_signature (char* sig, ref size_t sig_size);
1059                         public int get_version ();
1061                         public time_t get_this_update ();
1062                         public time_t get_next_update ();
1064                         public int get_crt_count ();
1065                         public int get_crt_serial (int index, uchar* serial, ref size_t serial_size, out time_t t);
1067                         // aliases for previous two
1068                         public int get_certificate_count ();
1069                         public int get_certificate (int index, uchar* serial, ref size_t serial_size, out time_t t);
1071                         public int check_issuer (Certificate issuer);
1073                         public int verify (Certificate[] ca_list, CertificateVerifyFlags flags, out CertificateStatus verify);
1075                         // CRL writing
1077                         public int set_version (uint version);
1078                         public int sign (Certificate issuer, PrivateKey issuer_key);
1079                         public int sign2 (Certificate issuer, PrivateKey issuer_key, DigestAlgorithm algo, uint flags);
1081                         public int set_this_update (time_t act_time);
1082                         public int set_next_update (time_t exp_time);
1084                         public int set_crt_serial (void* serial, size_t serial_size, time_t revocation_time);
1085                         public int set_crt (Certificate crt, time_t revocation_time);
1087                         public int print (CertificatePrintFormats format, out Datum output);
1088                 }
1090                 [Compact]
1091                 [CCode (cname = "struct gnutls_pkcs7_int", cprefix = "gnutls_pkcs7_", free_function = "gnutls_pkcs7_deinit")]
1092                 public class PKCS7
1093                 {
1094                         private static int init (out PKCS7 pkcs7);
1095                         public static PKCS7 create ()
1096                         {
1097                                 PKCS7 result;
1098                                 var ret = init (out result);
1099                                 if (ret != 0)
1100                                         GLib.error ("%s", ((ErrorCode)ret).to_string ());
1101                                 return result;
1102                         }
1104                         public int import (ref Datum data, CertificateFormat format);
1105                         public int export (CertificateFormat format, void* output, ref size_t output_size);
1107                         public int get_crt_count ();
1108                         public int get_crt_raw (int index, void* certificate, ref size_t certificate_size);
1109                         public int set_crt_raw (ref Datum crt);
1110                         public int set_crt (Certificate crt);
1111                         public int delete_crt (int index);
1113                         public int get_crl_count ();
1114                         public int get_crl_raw (int index, void* crl, ref size_t crl_size);
1115                         public int set_crl_raw (ref Datum crt);
1116                         public int set_crl (CRL crl);
1117                         public int delete_crl (int index);
1118                 }
1120                 // Flags for the gnutls_x509_privkey_export_pkcs8() function.
1121                 [Flags]
1122                 [CCode (cname = "gnutls_pkcs_encrypt_flags_t", cprefix = "GNUTLS_PKCS_")]
1123                 public enum PKCSEncryptFlags {
1124                         PLAIN,
1125                         USE_PKCS12_3DES,
1126                         USE_PKCS12_ARCFOUR,
1127                         USE_PKCS12_RC2_40,
1128                         USE_PBES2_3DES
1129                 }
1131                 [Compact]
1132                 [CCode (cname = "struct gnutls_x509_privkey_int", cprefix = "gnutls_x509_privkey_", free_function = "gnutls_x509_privkey_deinit")]
1133                 public class PrivateKey
1134                 {
1135                         private static int init (out PrivateKey key);
1136                         public static PrivateKey create ()
1137                         {
1138                                 PrivateKey result;
1139                                 var ret = init (out result);
1140                                 if (ret != 0)
1141                                         GLib.error ("%s", ((ErrorCode)ret).to_string ());
1142                                 return result;
1143                         }
1145                         public int cpy (PrivateKey source);
1147                         public int import (ref Datum data, CertificateFormat format);
1148                         public int import_pkcs8 (ref Datum data, CertificateFormat format, string? password, PKCSEncryptFlags flags);
1149                         public int import_rsa_raw (ref Datum m, ref Datum e, ref Datum d, ref Datum p, ref Datum q, ref Datum u);
1150                         public int import_dsa_raw (ref Datum p, ref Datum q, ref Datum g, ref Datum y, ref Datum x);
1152                         public int export (CertificateFormat format, void* output, ref size_t output_size);
1153                         public int export_pkcs8 (CertificateFormat format, string password, PKCSEncryptFlags flags, void* output, ref size_t output_size);
1154                         public int export_rsa_raw (out Datum m, out Datum e, out Datum d, out Datum p, out Datum q, out Datum u);
1155                         public int export_dsa_raw (out Datum p, out Datum q, out Datum g, out Datum y, out Datum x);
1157                         public int fix ();
1158                         public int generate (PKAlgorithm algo, uint bits, uint flags = 0);
1160                         public int get_pk_algorithm ();
1161                         public int get_key_id (uint flags, uchar* output, ref size_t output_size);
1163                         // Signing stuff
1165                         public int sign_data (DigestAlgorithm digest, uint flags, ref Datum data, void* signature, ref size_t signature_size);
1166                         public int verify_data (uint flags, ref Datum data, ref Datum signature);
1167                         public int sign_hash (ref Datum hash, out Datum signature);
1168                 }
1170                 [Compact]
1171                 [CCode (cname = "struct gnutls_x509_crq_int", cprefix = "gnutls_x509_crq_", free_function = "gnutls_x509_crq_deinit")]
1172                 public class CertificateRequest
1173                 {
1174                         private static int init (out CertificateRequest request);
1175                         public static CertificateRequest create ()
1176                         {
1177                                 CertificateRequest result;
1178                                 var ret = init (out result);
1179                                 if (ret != 0)
1180                                         GLib.error ("%s", ((ErrorCode)ret).to_string ());
1181                                 return result;
1182                         }
1184                         public int import (ref Datum data, CertificateFormat format);
1185                         public int export (CertificateFormat format, void* output, ref size_t output_size);
1187                         public int get_pk_algorithm (out uint bits);
1188                         public int get_dn (char* buf, ref size_t buf_size);
1189                         public int get_dn_oid (int index, void* oid, ref size_t oid_size);
1190                         public int get_dn_by_oid (string oid, int index, uint raw_flag, void* buf, ref size_t buf_size);
1191                         public int set_dn_by_oid (string oid, uint raw_flag, void* name, uint name_size);
1193                         public int set_version (uint version);
1195                         public int set_key (PrivateKey key);
1197                         public int sign (PrivateKey key);
1198                         public int sign2 (PrivateKey key, DigestAlgorithm algo, uint flags);
1200                         public int set_challenge_password (string pass);
1201                         public int get_challenge_password (char* pass, ref size_t pass_size);
1203                         public int set_attribute_by_oid (string oid, void* buf, size_t buf_size);
1204                         public int get_attribute_by_oid (string oid, int index, void* buf, ref size_t buf_size);
1205                 }
1207                 [Compact]
1208                 [CCode (cheader_filename = "gnutls/pkcs12.h", cname = "struct gnutls_pkcs12_int", cprefix = "gnutls_pkcs12_", free_function = "gnutls_pkcs12_deinit")]
1209                 public class PKCS12
1210                 {
1211                         private static int init (out PKCS12 request);
1212                         public static PKCS12 create ()
1213                         {
1214                                 PKCS12 result;
1215                                 var ret = init (out result);
1216                                 if (ret != 0)
1217                                         GLib.error ("%s", ((ErrorCode)ret).to_string ());
1218                                 return result;
1219                         }
1221                         public int import (ref Datum data, CertificateFormat format, uint flags);
1222                         public int export (CertificateFormat format, void* output, ref size_t output_size);
1224                         public int get_bag (int index, PKCS12Bag bag);
1225                         public int set_bag (PKCS12Bag bag);
1227                         public int generate_mac (string pass);
1228                         public int verify_mac (string pass);
1229                 }
1231                 [CCode (cheader_filename = "gnutls/pkcs12.h", cname = "gnutls_pkcs12_bag_type_t", cprefix = "GNUTLS_BAG_")]
1232                 public enum PKCS12BagType {
1233                         EMPTY,
1234                         PKCS8_ENCRYPTED_KEY,
1235                         PKCS8_KEY,
1236                         CERTIFICATE,
1237                         CRL,
1238                         ENCRYPTED,
1239                         UNKNOWN
1240                 }
1242                 [Compact]
1243                 [CCode (cheader_filename = "gnutls/pkcs12.h", cname = "struct gnutls_pkcs12_bag_int", cprefix = "gnutls_pkcs12_bag_", free_function = "gnutls_pkcs12_bag_deinit")]
1244                 public class PKCS12Bag {
1245                         private static int init (out PKCS12Bag request);
1246                         public static PKCS12Bag create ()
1247                         {
1248                                 PKCS12Bag result;
1249                                 var ret = init (out result);
1250                                 if (ret != 0)
1251                                         GLib.error ("%s", ((ErrorCode)ret).to_string ());
1252                                 return result;
1253                         }
1255                         public int decrypt (string pass);
1256                         public int encrypt (string pass, PKCSEncryptFlags flags);
1258                         public PKCS12BagType get_type (int index);
1259                         public int get_data (int index, out Datum data);
1260                         public int set_data (PKCS12BagType type, ref Datum data);
1261                         public int set_crl (CRL crl);
1262                         public int set_crt (Certificate crt);
1264                         public int get_count ();
1266                         public int get_key_id (int index, out Datum id);
1267                         public int set_key_id (int index, ref Datum id);
1269                         public int get_friendly_name (int index, out unowned string name);
1270                         public int set_friendly_name (int index, string name);
1271                 }
1272         }
1274         [CCode (cheader_filename = "gnutls/openpgp.h")]
1275         namespace OpenPGP
1276         {
1277                 /**
1278                 * gnutls_openpgp_recv_key_func - Callback prototype to get OpenPGP keys
1279                 * @session: a TLS session
1280                 * @keyfpr: key fingerprint
1281                 * @keyfpr_length: length of key fingerprint
1282                 * @key: output key.
1283                 *
1284                 * A callback of this type is used to retrieve OpenPGP keys.  Only
1285                 * useful on the server, and will only be used if the peer send a key
1286                 * fingerprint instead of a full key.  See also
1287                 * gnutls_openpgp_set_recv_key_function().
1288                 *
1289                 */
1290                 [CCode (has_target = false)]
1291                 public delegate int RecvKeyFunc (Session session, uint8[] keyfpr, out Datum key);
1293                 [CCode (cname = "gnutls_openpgp_crt_fmt_t", cprefix = "GNUTLS_OPENPGP_FMT_")]
1294                 public enum CertificateFormat {
1295                         RAW,
1296                         BASE64
1297                 }
1299                 [Compact]
1300                 [CCode (cname = "struct gnutls_openpgp_crt_int", cprefix = "gnutls_openpgp_crt_", free_function = "gnutls_openpgp_crt_deinit")]
1301                 public class Certificate
1302                 {
1303                         private static int init (out Certificate crt);
1304                         public static Certificate create ()
1305                         {
1306                                 Certificate result;
1307                                 var ret = init (out result);
1308                                 if (ret != 0)
1309                                         GLib.error ("%s", ((ErrorCode)ret).to_string ());
1310                                 return result;
1311                         }
1313                         public int import (ref Datum data, CertificateFormat format);
1314                         public int export (CertificateFormat format, void* output, ref size_t output_size);
1316                         public int print (CertificatePrintFormats format, out Datum output);
1318                         public int get_key_usage (out KeyUsage key_usage);
1319                         public int get_fingerprint (void* fpr, ref size_t fpr_size);
1320                         public int get_subkey_fingerprint (uint index, void* fpr, ref size_t fpr_size);
1322                         public int get_name (int index, char* buf, ref size_t buf_size);
1324                         public PKAlgorithm get_pk_algorithm (out uint bits);
1326                         public int get_version ();
1328                         public time_t get_creation_time ();
1329                         public time_t get_expiration_time ();
1331                         // keyid is 8 bytes
1332                         public int get_key_id (uchar* keyid);
1334                         public int check_hostname (string hostname);
1336                         public int get_revoked_status ();
1338                         public int get_subkey_count ();
1339                         public int get_subkey_idx (/*const*/ uchar* keyid);
1340                         public int get_subkey_revoked_status (uint idx);
1342                         public PKAlgorithm get_subkey_pk_algorithm (uint idx, out uint bits);
1344                         public time_t get_subkey_creation_time (uint idx);
1345                         public time_t get_subkey_expiration_time (uint idx);
1347                         public int get_subkey_id (uint idx, uchar* keyid);
1348                         public int get_subkey_usage (uint idx, out KeyUsage key_usage);
1350                         public int get_pk_dsa_raw (out Datum p, out Datum q, out Datum g, out Datum y);
1351                         public int get_pk_rsa_raw (out Datum m, out Datum e);
1353                         public int get_subkey_pk_dsa_raw (uint index, out Datum p, out Datum q, out Datum g, out Datum y);
1354                         public int get_subkey_pk_rsa_raw (uint index, out Datum m, out Datum e);
1356                         public int get_preferred_key_id (uchar* keyid);
1357                         public int set_preferred_key_id (/* const */ uchar* keyid);
1359                         public int verify_ring (Keyring keyring, uint flags, out CertificateStatus verify);
1360                         public int verify_self (uint flags, out CertificateStatus verify);
1361                 }
1363                 [Compact]
1364                 [CCode (cname = "struct gnutls_openpgp_privkey_int", cprefix = "gnutls_openpgp_privkey_", free_function = "gnutls_openpgp_privkey_deinit")]
1365                 public class PrivateKey
1366                 {
1367                         private static int init (out PrivateKey key);
1368                         public static PrivateKey create ()
1369                         {
1370                                 PrivateKey result = null;
1371                                 var ret = init (out result);
1372                                 if (ret != 0)
1373                                         GLib.error ("%s", ((ErrorCode)ret).to_string ());
1374                                 return result;
1375                         }
1377                         public PKAlgorithm get_pk_algorithm (out uint bits);
1379                         public int import (ref Datum data, CertificateFormat format, string pass, uint flags);
1380                         public int export (CertificateFormat format, string password, uint flags, void* output, ref size_t output_size);
1382                         public int sign_hash (ref Datum hash, out Datum signature);
1383                         public int get_fingerprint (void* fpr, ref size_t fpr_size);
1384                         public int get_subkey_fingerprint (uint idx, void* fpr, ref size_t fpr_size);
1386                         public int get_key_id (uchar* keyid);
1387                         public int get_subkey_count ();
1388                         public int get_subkey_idx (/*const*/ uchar* keyid);
1390                         public int get_subkey_revoked_status (uint index);
1391                         public int get_revoked_status ();
1393                         public PKAlgorithm get_subkey_pk_algorithm (uint idx, out uint bits);
1395                         public time_t get_subkey_expiration_time (uint idx);
1396                         public time_t get_subkey_creation_time (uint idx);
1398                         public int get_subkey_id (uint idx, uchar* keyid);
1400                         public int export_subkey_dsa_raw (uint idx, out Datum p, out Datum q, out Datum g, out Datum y, out Datum x);
1401                         public int export_subkey_rsa_raw (uint idx, out Datum m, out Datum e, out Datum d, out Datum p, out Datum q, out Datum u);
1403                         public int export_dsa_raw (out Datum p, out Datum q, out Datum g, out Datum y, out Datum x);
1404                         public int export_rsa_raw (out Datum m, out Datum e, out Datum d, out Datum p, out Datum q, out Datum u);
1406                         public int set_preferred_key_id (/*const*/ uchar* keyid);
1407                         public int get_preferred_key_id (uchar* keyid);
1409                         public int get_auth_subkey (uchar* keyid, uint flag);
1410                 }
1412                 [Compact]
1413                 [CCode (cname = "struct gnutls_openpgp_keyring_int", cprefix = "gnutls_openpgp_keyring_", free_function = "gnutls_openpgp_keyring_deinit")]
1414                 public class Keyring
1415                 {
1416                         private static int init (out Keyring keyring);
1417                         public static Keyring create ()
1418                         {
1419                                 Keyring result;
1420                                 var ret = init (out result);
1421                                 if (ret != 0)
1422                                         GLib.error ("%s", ((ErrorCode)ret).to_string ());
1423                                 return result;
1424                         }
1426                         public int import (ref Datum data, CertificateFormat format);
1427                         public int check_id (/*const*/ uchar* keyid, uint flags);
1429                         public int get_crt_count ();
1430                         public int get_crt (uint index, out Certificate cert);
1431                 }
1432         }
1435         [CCode (cname = "gnutls_certificate_client_retrieve_function *", has_target = false)]
1436         public delegate int ClientCertificateRetrieveFunction (Session session, Datum[] req_ca_rdn, PKAlgorithm[] pk_algos, out RetrStruct st);
1437         [CCode (cname = "gnutls_certificate_server_retrieve_function *", has_target = false)]
1438         public delegate int ServerCertificateRetrieveFunction (Session session, out RetrStruct st);
1440         [Compact]
1441         [CCode (cname = "struct gnutls_certificate_credentials_st",
1442                 free_function = "gnutls_certificate_free_credentials",
1443                 cprefix = "gnutls_certificate_")]
1444         public class CertificateCredentials
1445         {
1446                 [CCode (cname = "gnutls_certificate_allocate_credentials")]
1447                 private static int allocate (out CertificateCredentials credentials);
1448                 public static CertificateCredentials create ()
1449                 {
1450                         CertificateCredentials result;
1451                         var ret = allocate (out result);
1452                         if (ret != 0)
1453                                 GLib.error ("%s", ((ErrorCode)ret).to_string ());
1454                         return result;
1455                 }
1457                 public void free_keys ();
1458                 public void free_cas  ();
1459                 public void free_ca_names ();
1460                 public void free_crls ();
1462                 public void set_dh_params (DHParams dh_params);
1463                 public void set_rsa_export_params (RSAParams rsa_params);
1464                 public void set_verify_flags (X509.CertificateVerifyFlags flags);
1465                 public void set_verify_limits (uint max_bits, uint max_depth);
1467                 public int set_x509_trust (X509.Certificate[] ca_list);
1468                 public int set_x509_trust_file (string cafile, X509.CertificateFormat type);
1469                 public int set_x509_trust_mem (/* const */ ref Datum cadata, X509.CertificateFormat type);
1471                 public int set_x509_crl (X509.CRL[] crl_list);
1472                 public int set_x509_crl_file (string crlfile, X509.CertificateFormat type);
1473                 public int set_x509_crl_mem (/* const */ ref Datum crldata, X509.CertificateFormat type);
1475                 public int set_x509_key (X509.Certificate[] cert_list, X509.PrivateKey key);
1476                 public int set_x509_key_file (string certfile, string keyfile, X509.CertificateFormat type);
1477                 public int set_x509_key_mem (/* const */ ref Datum certdata, /* const */ ref Datum keydata, X509.CertificateFormat type);
1479                 public int set_x509_simple_pkcs12_file (string pkcs12file, X509.CertificateFormat type, string? password = null);
1481                 public void get_x509_cas ([CCode (array_length_type = "unsigned int")] out unowned X509.Certificate[] x509_ca_list);
1482                 public void get_x509_crls ([CCode (array_length_type = "unsigned int")] out unowned X509.CRL[] x509_crl_list);
1485                 [CCode (cname = "gnutls_certificate_client_set_retrieve_function")]
1486                 public void set_client_certificate_retrieve_function (ClientCertificateRetrieveFunction func);
1487                 [CCode (cname = "gnutls_certificate_server_set_retrieve_function")]
1488                 public void set_server_certificate_retrieve_function (ServerCertificateRetrieveFunction func);
1490                 [CCode (cname = "gnutls_certificate_set_params_function")]
1491                 public void set_params_function (ParamsFunction func);
1493                 // OpenPGP stuff
1495                 public int set_openpgp_key (OpenPGP.Certificate key, OpenPGP.PrivateKey pkey);
1497                 public int set_openpgp_key_file (string certfile, string keyfile, OpenPGP.CertificateFormat format);
1498                 public int set_openpgp_key_mem (ref Datum cert, ref Datum key, OpenPGP.CertificateFormat format);
1499                 public int set_openpgp_key_file2 (string certfile, string keyfile, string keyid, OpenPGP.CertificateFormat format);
1500                 public int set_openpgp_key_mem2 (ref Datum cert, ref Datum key, string keyid, OpenPGP.CertificateFormat format);
1502                 public int set_openpgp_keyring_mem (uchar* data, size_t data_size, OpenPGP.CertificateFormat format);
1503                 public int set_openpgp_keyring_file (string file, OpenPGP.CertificateFormat format);
1505                 public void get_openpgp_keyring (out unowned OpenPGP.Keyring keyring);
1506         }
1508         [CCode (cname = "gnutls_malloc")]
1509         public void* malloc (size_t size);
1510         [CCode (cname = "gnutls_secure_malloc")]
1511         public void* secure_malloc (size_t size);
1512         [CCode (cname = "gnutls_realloc")]
1513         public void* realloc (void* ptr, size_t new_size);
1514         [CCode (cname = "gnutls_calloc")]
1515         public void* calloc (size_t count, size_t block_size);
1516         [CCode (cname = "gnutls_free")]
1517         public void free (void* ptr);
1519         [CCode (cname = "gnutls_free")]
1520         public void free_data ([CCode (array_length = false)] owned uint[] data);
1522         [CCode (cname = "gnutls_strdup")]
1523         public string strdup (string str);
1525         [CCode (cname = "gnutls_alloc_function", has_target = false)]
1526         public delegate void* AllocFunction (size_t size);
1527         [CCode (cname = "gnutls_calloc_function", has_target = false)]
1528         public delegate void* CallocFunction (size_t count, size_t block_size);
1529         [CCode (cname = "gnutls_is_secure_function", has_target = false)]
1530         public delegate int IsSecureFunction (void* ptr);
1531         [CCode (cname = "gnutls_free_function", has_target = false)]
1532         public delegate void FreeFunction (void* ptr);
1533         [CCode (cname = "gnutls_realloc_function", has_target = false)]
1534         public delegate void* ReallocFunction (void* ptr, size_t new_size);
1536         public int global_init ();
1537         public void global_deinit ();
1539         [CCode (cname = "gnutls_global_set_mem_functions")]
1540         public void set_mem_functions (AllocFunction alloc_func, AllocFunction secure_alloc_func,
1541                                        IsSecureFunction is_secure_func, ReallocFunction realloc_func,
1542                                        FreeFunction free_func);
1544         [CCode (cname = "gnutls_log_func", has_target = false)]
1545         public delegate void LogFunc (int level, string msg);
1546         [CCode (cname = "gnutls_global_set_log_function")]
1547         public void set_log_function (LogFunc func);
1548         [CCode (cname = "gnutls_global_set_log_level")]
1549         public void set_log_level (int level);
1551         [CCode (cname = "gnutls_transport_set_global_errno")]
1552         public void set_global_errno (int err);
1554 // SRP stuff
1556         [CCode (cname = "gnutls_srp_server_credentials_function *", has_target = false)]
1557         public delegate int SRPServerCredentialsFunction (Session session, string username,
1558                                                        out Datum salt, out Datum verifier,
1559                                                        out Datum generator, out Datum prime);
1561         [Compact]
1562         [CCode (cname = "struct gnutls_srp_server_credentials_st", free_function = "gnutls_srp_free_server_credentials")]
1563         public class SRPServerCredentials
1564         {
1565                 [CCode (cname = "gnutls_srp_allocate_server_credentials")]
1566                 private static int allocate (out SRPServerCredentials sc);
1567                 public static SRPServerCredentials create ()
1568                 {
1569                         SRPServerCredentials result = null;
1570                         var ret = allocate (out result);
1571                         if (ret != 0)
1572                                 GLib.error ("%s", ((ErrorCode)ret).to_string ());
1573                         return result;
1574                 }
1576                 [CCode (cname = "gnutls_srp_set_server_credentials_file")]
1577                 public int set_credentials_file (string password_file, string password_conf_file);
1579                 [CCode (cname = "gnutls_srp_server_get_username")]
1580                 public string get_username ();
1582                 [CCode (cname = "gnutls_srp_set_server_credentials_function")]
1583                 public void set_credentials_function (SRPServerCredentialsFunction func);
1584         }
1586         [CCode (cname = "gnutls_srp_client_credentials_function *", has_target = false)]
1587         public delegate int SRPClientCredentialsFunction (Session session, out string username, out string password);
1589         [Compact]
1590         [CCode (cname = "struct gnutls_srp_client_credentials_st", free_function = "gnutls_srp_free_client_credentials")]
1591         public class SRPClientCredentials
1592         {
1593                 [CCode (cname = "gnutls_srp_allocate_client_credentials")]
1594                 private static int allocate (out SRPClientCredentials sc);
1595                 public static SRPClientCredentials create ()
1596                 {
1597                         SRPClientCredentials result;
1598                         var ret = allocate (out result);
1599                         if (ret != 0)
1600                                 GLib.error ("%s", ((ErrorCode)ret).to_string ());
1601                         return result;
1602                 }
1604                 [CCode (cname = "gnutls_srp_set_client_credentials")]
1605                 public int set_credentials (string username, string password);
1607                 [CCode (cname = "gnutls_srp_set_client_credentials_function")]
1608                 public void set_credentials_function (SRPClientCredentialsFunction func);
1609         }
1611         //  extern int gnutls_srp_verifier (const char *username,
1612         //                        const char *password,
1613         //                        const gnutls_datum_t * salt,
1614         //                        const gnutls_datum_t * generator,
1615         //                        const gnutls_datum_t * prime,
1616         //                        gnutls_datum_t * res);
1618         public int srp_verifier (string username, string password, /* const */ ref Datum salt, /* const */ ref Datum generator, /* const */ ref Datum prime, out Datum result);
1620         // The static parameters defined in draft-ietf-tls-srp-05
1621         // Those should be used as input to gnutls_srp_verifier().
1623         public const Datum srp_2048_group_prime;
1624         public const Datum srp_2048_group_generator;
1626         public const Datum srp_1536_group_prime;
1627         public const Datum srp_1536_group_generator;
1629         public const Datum srp_1024_group_prime;
1630         public const Datum srp_1024_group_generator;
1632         public int srp_base64_encode (/* const */ ref Datum data, [CCode (array_length = "false")] char[] result, ref size_t result_size);
1633         public int srp_base64_encode_alloc (/* const */ ref Datum data, out Datum result);
1635         public int srp_base64_decode (/* const */ ref Datum b64_data, [CCode (array_length = false)] uint8[] result, ref size_t result_size);
1636         public int srp_base64_decode_alloc (/* const */ ref Datum b64_data, out Datum result);
1643 // PSK stuff
1645         [CCode (cname = "gnutls_psk_key_flags", cprefix = "GNUTLS_PSK_KEY_")]
1646         public enum PSKKeyFlags
1647         {
1648                 RAW,
1649                 HEX
1650         }
1652         [CCode (cname = "gnutls_psk_server_credentials_function *", has_target = false)]
1653         public delegate int PSKServerCredentialsFunction (Session session, string username, /* const */ ref Datum key);
1655         [Compact]
1656         [CCode (cname = "struct gnutls_psk_server_credentials_st", free_function = "gnutls_psk_free_server_credentials")]
1657         public class PSKServerCredentials
1658         {
1659                 [CCode (cname = "gnutls_psk_allocate_server_credentials")]
1660                 private static int allocate (out PSKServerCredentials sc);
1661                 public static PSKServerCredentials create ()
1662                 {
1663                         PSKServerCredentials result;
1664                         var ret = allocate (out result);
1665                         if (ret != 0)
1666                                 GLib.error ("%s", ((ErrorCode)ret).to_string ());
1667                         return result;
1668                 }
1670                 [CCode (cname = "gnutls_psk_set_server_credentials_file")]
1671                 public int set_credentials_file (string password_file);
1673                 [CCode (cname = "gnutls_psk_set_server_credentials_hint")]
1674                 public int set_credentials_hint (string hint);
1676                 [CCode (cname = "gnutls_psk_set_server_credentials_function")]
1677                 public void set_credentials_function (PSKServerCredentialsFunction func);
1679                 [CCode (cname = "gnutls_psk_set_server_dh_params")]
1680                 public void set_dh_params (DHParams dh_params);
1682                 [CCode (cname = "gnutls_psk_set_server_params_function")] // also gnutls_psk_set_params_function
1683                 public void set_params_function (ParamsFunction func);
1684         }
1686         [CCode (cname = "gnutls_psk_client_credentials_function *", has_target = false)]
1687         public delegate int PSKClientCredentialsFunction (Session session, out string username, out Datum key);
1689         [Compact]
1690         [CCode (cname = "struct gnutls_psk_client_credentials_st", free_function = "gnutls_psk_free_client_credentials")]
1691         public class PSKClientCredentials
1692         {
1693                 [CCode (cname = "gnutls_psk_allocate_client_credentials")]
1694                 private static int allocate (out PSKClientCredentials sc);
1695                 public static PSKClientCredentials create ()
1696                 {
1697                         PSKClientCredentials result;
1698                         var ret = allocate (out result);
1699                         if (ret != 0)
1700                                 GLib.error ("%s", ((ErrorCode)ret).to_string ());
1701                         return result;
1702                 }
1704                 [CCode (cname = "gnutls_psk_set_client_credentials")]
1705                 public int set_credentials (string username, /* const */ ref Datum key, PSKKeyFlags format);
1707                 [CCode (cname = "gnutls_psk_set_client_credentials_function")]
1708                 public void set_credentials_function (PSKClientCredentialsFunction func);
1709         }
1711         public int hex_encode (/* const */ ref Datum data, [CCode (array_length = "false")] char[] result, ref size_t result_size);
1712         public int hex_decode (/* const */ ref Datum hex_data, [CCode (array_length = "false")] char[] result, ref size_t result_size);
1714         public int psk_netconf_derive_key (string password, string psk_identity, string psk_identity_hint, out Datum output_key);
1716 ////
1718         [SimpleType]
1719         [CCode (cname = "gnutls_retr_st")]
1720         public struct RetrStruct
1721         {
1722                 public CertificateType type;
1723                 [CCode (cname = "cert.x509", array_length_cname = "ncerts", array_length_type = "unsigned int")]
1724                 public X509.Certificate[] cert_x509;
1725                 [CCode (cname = "cert.pgp")]
1726                 public OpenPGP.Certificate cert_pgp;
1727                 [CCode (cname = "key.x509")]
1728                 public X509.PrivateKey key_x509;
1729                 [CCode (cname = "key.pgp")]
1730                 public OpenPGP.PrivateKey key_pgp;
1731                 public uint deinit_all;
1732         }
1734         public int pem_base64_encode (string msg, /* const */ ref Datum data, void* result, ref size_t result_size);
1735         public int pem_base64_decode (string header, /* const */ ref Datum b64_data, void* result, ref size_t result_size);
1737         public int pem_base64_encode_alloc (string msg, /* const */ ref Datum data, out Datum result);
1738         public int pem_base64_decode_alloc (string header, /* const */ ref Datum b64_data, out Datum result);
1740         public int hex2bin (string hex_data, size_t hex_size, void* bin_data, ref size_t bin_size);
1742         // returns cipher suite name or null if index is out of bounds
1743         public unowned string? cipher_suite_info (size_t index, [CCode (array_length = "false")] char[] cs_id, out KXAlgorithm kx,
1744                                                  out CipherAlgorithm cipher, out MacAlgorithm mac,
1745                                                  out Protocol version);
1747         public unowned string? cipher_suite_get_name (KXAlgorithm kx, CipherAlgorithm cipher, MacAlgorithm mac);
1749         public int prf (Session session, size_t label_size, string label, bool server_random_first,
1750                         size_t extra_size, void* extra, size_t output_size, void* output);
1752         public int prf_raw (Session session, size_t label_size, string label,
1753                             size_t seed_size, void* seed, size_t output_size, void* output);
1755         // Gnutls error codes. The mapping to a TLS alert is also shown in comments.
1756         [CCode (cname = "int", cprefix = "GNUTLS_E_", lower_case_cprefix = "gnutls_error_")]
1757         public enum ErrorCode {
1759                 SUCCESS,
1760                 UNKNOWN_COMPRESSION_ALGORITHM,
1761                 UNKNOWN_CIPHER_TYPE,
1762                 LARGE_PACKET,
1763                 UNSUPPORTED_VERSION_PACKET,     // GNUTLS_A_PROTOCOL_VERSION
1764                 UNEXPECTED_PACKET_LENGTH,       // GNUTLS_A_RECORD_OVERFLOW
1765                 INVALID_SESSION,
1766                 FATAL_ALERT_RECEIVED,
1767                 UNEXPECTED_PACKET,      // GNUTLS_A_UNEXPECTED_MESSAGE
1768                 WARNING_ALERT_RECEIVED,
1769                 ERROR_IN_FINISHED_PACKET,
1770                 UNEXPECTED_HANDSHAKE_PACKET,
1771                 UNKNOWN_CIPHER_SUITE,   // GNUTLS_A_HANDSHAKE_FAILURE
1772                 UNWANTED_ALGORITHM,
1773                 MPI_SCAN_FAILED,
1774                 DECRYPTION_FAILED,      // GNUTLS_A_DECRYPTION_FAILED, GNUTLS_A_BAD_RECORD_MAC
1775                 MEMORY_ERROR,
1776                 DECOMPRESSION_FAILED,  // GNUTLS_A_DECOMPRESSION_FAILURE
1777                 COMPRESSION_FAILED,
1778                 AGAIN,
1779                 EXPIRED,
1780                 DB_ERROR,
1781                 SRP_PWD_ERROR,
1782                 INSUFFICIENT_CREDENTIALS,
1784                 HASH_FAILED,
1785                 BASE64_DECODING_ERROR,
1787                 MPI_PRINT_FAILED,
1788                 REHANDSHAKE,     // GNUTLS_A_NO_RENEGOTIATION
1789                 GOT_APPLICATION_DATA,
1790                 RECORD_LIMIT_REACHED,
1791                 ENCRYPTION_FAILED,
1793                 PK_ENCRYPTION_FAILED,
1794                 PK_DECRYPTION_FAILED,
1795                 PK_SIGN_FAILED,
1796                 X509_UNSUPPORTED_CRITICAL_EXTENSION,
1797                 KEY_USAGE_VIOLATION,
1798                 NO_CERTIFICATE_FOUND,   // GNUTLS_A_BAD_CERTIFICATE
1799                 INVALID_REQUEST,
1800                 SHORT_MEMORY_BUFFER,
1801                 INTERRUPTED,
1802                 PUSH_ERROR,
1803                 PULL_ERROR,
1804                 RECEIVED_ILLEGAL_PARAMETER,    // GNUTLS_A_ILLEGAL_PARAMETER
1805                 REQUESTED_DATA_NOT_AVAILABLE,
1806                 PKCS1_WRONG_PAD,
1807                 RECEIVED_ILLEGAL_EXTENSION,
1808                 INTERNAL_ERROR,
1809                 DH_PRIME_UNACCEPTABLE,
1810                 FILE_ERROR,
1811                 TOO_MANY_EMPTY_PACKETS,
1812                 UNKNOWN_PK_ALGORITHM,
1814                 // returned if libextra functionality was requested but
1815                 // gnutls_global_init_extra() was not called.
1817                 INIT_LIBEXTRA,
1818                 LIBRARY_VERSION_MISMATCH,
1820                 // returned if you need to generate temporary RSA
1821                 // parameters. These are needed for export cipher suites.
1823                 NO_TEMPORARY_RSA_PARAMS,
1825                 LZO_INIT_FAILED,
1826                 NO_COMPRESSION_ALGORITHMS,
1827                 NO_CIPHER_SUITES,
1829                 OPENPGP_GETKEY_FAILED,
1830                 PK_SIG_VERIFY_FAILED,
1832                 ILLEGAL_SRP_USERNAME,
1833                 SRP_PWD_PARSING_ERROR,
1834                 NO_TEMPORARY_DH_PARAMS,
1836                 // For certificate and key stuff
1838                 ASN1_ELEMENT_NOT_FOUND,
1839                 ASN1_IDENTIFIER_NOT_FOUND,
1840                 ASN1_DER_ERROR,
1841                 ASN1_VALUE_NOT_FOUND,
1842                 ASN1_GENERIC_ERROR,
1843                 ASN1_VALUE_NOT_VALID,
1844                 ASN1_TAG_ERROR,
1845                 ASN1_TAG_IMPLICIT,
1846                 ASN1_TYPE_ANY_ERROR,
1847                 ASN1_SYNTAX_ERROR,
1848                 ASN1_DER_OVERFLOW,
1849                 OPENPGP_UID_REVOKED,
1850                 CERTIFICATE_ERROR,
1851                 CERTIFICATE_KEY_MISMATCH,
1852                 UNSUPPORTED_CERTIFICATE_TYPE,   // GNUTLS_A_UNSUPPORTED_CERTIFICATE
1853                 X509_UNKNOWN_SAN,
1854                 OPENPGP_FINGERPRINT_UNSUPPORTED,
1855                 X509_UNSUPPORTED_ATTRIBUTE,
1856                 UNKNOWN_HASH_ALGORITHM,
1857                 UNKNOWN_PKCS_CONTENT_TYPE,
1858                 UNKNOWN_PKCS_BAG_TYPE,
1859                 INVALID_PASSWORD,
1860                 MAC_VERIFY_FAILED,      // for PKCS #12 MAC
1861                 CONSTRAINT_ERROR,
1863                 WARNING_IA_IPHF_RECEIVED,
1864                 WARNING_IA_FPHF_RECEIVED,
1866                 IA_VERIFY_FAILED,
1868                 UNKNOWN_ALGORITHM,
1870                 BASE64_ENCODING_ERROR,
1871                 INCOMPATIBLE_CRYPTO_LIBRARY,
1872                 INCOMPATIBLE_LIBTASN1_LIBRARY,
1874                 OPENPGP_KEYRING_ERROR,
1875                 X509_UNSUPPORTED_OID,
1877                 RANDOM_FAILED,
1878                 BASE64_UNEXPECTED_HEADER_ERROR,
1880                 OPENPGP_SUBKEY_ERROR,
1882                 CRYPTO_ALREADY_REGISTERED,
1884                 HANDSHAKE_TOO_LARGE,
1886                 UNIMPLEMENTED_FEATURE,
1888                 APPLICATION_ERROR_MAX, // -65000
1889                 APPLICATION_ERROR_MIN;  // -65500
1891                 [CCode (cname = "gnutls_error_is_fatal")]
1892                 public bool is_fatal ();
1893                 [CCode (cname = "gnutls_error_to_alert")]
1894                 public AlertDescription to_alert (out AlertLevel level);
1895                 [CCode (cname = "gnutls_perror")]
1896                 public void print ();
1897                 [CCode (cname = "gnutls_strerror")]
1898                 public unowned string to_string ();
1899         }