source-git / gnutls

Clone
Source Code
GIT

Blame doc/enums.texi

c8 c8s master
  1.   4684c19e6b623dac0517d3f3ac8f576d6fbfd0bb
  2.   doc
  3.   enums.texi
Blob History Raw
Packit Service 4684c1
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_cipher_algorithm_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-UNKNOWN
Packit Service 4684c1 
Value to identify an unknown/unsupported algorithm.
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-NULL
Packit Service 4684c1 
The NULL (identity) encryption algorithm.
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-ARCFOUR_@-128
Packit Service 4684c1 
ARCFOUR stream cipher with 128-bit keys.
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-3DES_@-CBC
Packit Service 4684c1 
3DES in CBC mode.
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-AES_@-128_@-CBC
Packit Service 4684c1 
AES in CBC mode with 128-bit keys.
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-AES_@-256_@-CBC
Packit Service 4684c1 
AES in CBC mode with 256-bit keys.
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-ARCFOUR_@-40
Packit Service 4684c1 
ARCFOUR stream cipher with 40-bit keys.
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-CAMELLIA_@-128_@-CBC
Packit Service 4684c1 
Camellia in CBC mode with 128-bit keys.
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-CAMELLIA_@-256_@-CBC
Packit Service 4684c1 
Camellia in CBC mode with 256-bit keys.
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-AES_@-192_@-CBC
Packit Service 4684c1 
AES in CBC mode with 192-bit keys.
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-AES_@-128_@-GCM
Packit Service 4684c1 
AES in GCM mode with 128-bit keys (AEAD).
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-AES_@-256_@-GCM
Packit Service 4684c1 
AES in GCM mode with 256-bit keys (AEAD).
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-CAMELLIA_@-192_@-CBC
Packit Service 4684c1 
Camellia in CBC mode with 192-bit keys.
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-SALSA20_@-256
Packit Service 4684c1 
Salsa20 with 256-bit keys.
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-ESTREAM_@-SALSA20_@-256
Packit Service 4684c1 
Estream's Salsa20 variant with 256-bit keys.
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-CAMELLIA_@-128_@-GCM
Packit Service 4684c1 
CAMELLIA in GCM mode with 128-bit keys (AEAD).
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-CAMELLIA_@-256_@-GCM
Packit Service 4684c1 
CAMELLIA in GCM mode with 256-bit keys (AEAD).
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-RC2_@-40_@-CBC
Packit Service 4684c1 
RC2 in CBC mode with 40-bit keys.
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-DES_@-CBC
Packit Service 4684c1 
DES in CBC mode (56-bit keys).
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-AES_@-128_@-CCM
Packit Service 4684c1 
AES in CCM mode with 128-bit keys (AEAD).
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-AES_@-256_@-CCM
Packit Service 4684c1 
AES in CCM mode with 256-bit keys (AEAD).
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-AES_@-128_@-CCM_@-8
Packit Service 4684c1 
AES in CCM mode with 64-bit tag and 128-bit keys (AEAD).
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-AES_@-256_@-CCM_@-8
Packit Service 4684c1 
AES in CCM mode with 64-bit tag and 256-bit keys (AEAD).
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-CHACHA20_@-POLY1305
Packit Service 4684c1 
The Chacha20 cipher with the Poly1305 authenticator (AEAD).
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-GOST28147_@-TC26Z_@-CFB
Packit Service 4684c1 
GOST 28147-89 (Magma) cipher in CFB mode with TC26 Z S-box.
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-GOST28147_@-CPA_@-CFB
Packit Service 4684c1 
GOST 28147-89 (Magma) cipher in CFB mode with CryptoPro A S-box.
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-GOST28147_@-CPB_@-CFB
Packit Service 4684c1 
GOST 28147-89 (Magma) cipher in CFB mode with CryptoPro B S-box.
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-GOST28147_@-CPC_@-CFB
Packit Service 4684c1 
GOST 28147-89 (Magma) cipher in CFB mode with CryptoPro C S-box.
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-GOST28147_@-CPD_@-CFB
Packit Service 4684c1 
GOST 28147-89 (Magma) cipher in CFB mode with CryptoPro D S-box.
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-AES_@-128_@-CFB8
Packit Service 4684c1 
AES in CFB8 mode with 128-bit keys.
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-AES_@-192_@-CFB8
Packit Service 4684c1 
AES in CFB8 mode with 192-bit keys.
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-AES_@-256_@-CFB8
Packit Service 4684c1 
AES in CFB8 mode with 256-bit keys.
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-AES_@-128_@-XTS
Packit Service 4684c1 
AES in XTS mode with 128-bit key + 128bit tweak key.
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-AES_@-256_@-XTS
Packit Service 4684c1 
AES in XTS mode with 256-bit key + 256bit tweak key.
Packit Service 4684c1 
Note that the XTS ciphers are message oriented.
Packit Service 4684c1 
The whole message needs to be provided with a single call, because
Packit Service 4684c1 
cipher-stealing requires to know where the message actually terminates
Packit Service 4684c1 
in order to be able to compute where the stealing occurs.
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-GOST28147_@-TC26Z_@-CNT
Packit Service 4684c1 
GOST 28147-89 (Magma) cipher in CNT mode with TC26 Z S-box.
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-CHACHA20_@-64
Packit Service 4684c1 
Chacha20 cipher with 64-bit nonces and 64-bit block counters.
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-CHACHA20_@-32
Packit Service 4684c1 
Chacha20 cipher with 96-bit nonces and 32-bit block counters.
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-AES_@-128_@-SIV
Packit Service 4684c1 
AES in SIV mode with 128-bit key.
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-AES_@-256_@-SIV
Packit Service 4684c1 
AES in SIV mode with 256-bit key.
Packit Service 4684c1 
Note that the SIV ciphers can only be used with
Packit Service 4684c1 
the AEAD interface, and the IV plays a role as
Packit Service 4684c1 
the authentication tag while it is prepended to
Packit Service 4684c1 
the cipher text.
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-AES_@-192_@-GCM
Packit Service 4684c1 
AES in GCM mode with 192-bit keys (AEAD).
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-IDEA_@-PGP_@-CFB
Packit Service 4684c1 
IDEA in CFB mode (placeholder - unsupported).
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-3DES_@-PGP_@-CFB
Packit Service 4684c1 
3DES in CFB mode (placeholder - unsupported).
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-CAST5_@-PGP_@-CFB
Packit Service 4684c1 
CAST5 in CFB mode (placeholder - unsupported).
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-BLOWFISH_@-PGP_@-CFB
Packit Service 4684c1 
Blowfish in CFB mode (placeholder - unsupported).
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-SAFER_@-SK128_@-PGP_@-CFB
Packit Service 4684c1 
Safer-SK in CFB mode with 128-bit keys (placeholder - unsupported).
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-AES128_@-PGP_@-CFB
Packit Service 4684c1 
AES in CFB mode with 128-bit keys (placeholder - unsupported).
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-AES192_@-PGP_@-CFB
Packit Service 4684c1 
AES in CFB mode with 192-bit keys (placeholder - unsupported).
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-AES256_@-PGP_@-CFB
Packit Service 4684c1 
AES in CFB mode with 256-bit keys (placeholder - unsupported).
Packit Service 4684c1 
@item GNUTLS_@-CIPHER_@-TWOFISH_@-PGP_@-CFB
Packit Service 4684c1 
Twofish in CFB mode (placeholder - unsupported).
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_kx_algorithm_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-KX_@-UNKNOWN
Packit Service 4684c1 
Unknown key-exchange algorithm.
Packit Service 4684c1 
@item GNUTLS_@-KX_@-RSA
Packit Service 4684c1 
RSA key-exchange algorithm.
Packit Service 4684c1 
@item GNUTLS_@-KX_@-DHE_@-DSS
Packit Service 4684c1 
DHE-DSS key-exchange algorithm.
Packit Service 4684c1 
@item GNUTLS_@-KX_@-DHE_@-RSA
Packit Service 4684c1 
DHE-RSA key-exchange algorithm.
Packit Service 4684c1 
@item GNUTLS_@-KX_@-ANON_@-DH
Packit Service 4684c1 
Anon-DH key-exchange algorithm.
Packit Service 4684c1 
@item GNUTLS_@-KX_@-SRP
Packit Service 4684c1 
SRP key-exchange algorithm.
Packit Service 4684c1 
@item GNUTLS_@-KX_@-RSA_@-EXPORT
Packit Service 4684c1 
RSA-EXPORT key-exchange algorithm (defunc).
Packit Service 4684c1 
@item GNUTLS_@-KX_@-SRP_@-RSA
Packit Service 4684c1 
SRP-RSA key-exchange algorithm.
Packit Service 4684c1 
@item GNUTLS_@-KX_@-SRP_@-DSS
Packit Service 4684c1 
SRP-DSS key-exchange algorithm.
Packit Service 4684c1 
@item GNUTLS_@-KX_@-PSK
Packit Service 4684c1 
PSK key-exchange algorithm.
Packit Service 4684c1 
@item GNUTLS_@-KX_@-DHE_@-PSK
Packit Service 4684c1 
DHE-PSK key-exchange algorithm.
Packit Service 4684c1 
@item GNUTLS_@-KX_@-ANON_@-ECDH
Packit Service 4684c1 
Anon-ECDH key-exchange algorithm.
Packit Service 4684c1 
@item GNUTLS_@-KX_@-ECDHE_@-RSA
Packit Service 4684c1 
ECDHE-RSA key-exchange algorithm.
Packit Service 4684c1 
@item GNUTLS_@-KX_@-ECDHE_@-ECDSA
Packit Service 4684c1 
ECDHE-ECDSA key-exchange algorithm.
Packit Service 4684c1 
@item GNUTLS_@-KX_@-ECDHE_@-PSK
Packit Service 4684c1 
ECDHE-PSK key-exchange algorithm.
Packit Service 4684c1 
@item GNUTLS_@-KX_@-RSA_@-PSK
Packit Service 4684c1 
RSA-PSK key-exchange algorithm.
Packit Service 4684c1 
@item GNUTLS_@-KX_@-VKO_@-GOST_@-12
Packit Service 4684c1 
VKO GOST R 34.10-2012 key-exchange algorithm.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_params_type_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-PARAMS_@-RSA_@-EXPORT
Packit Service 4684c1 
Session RSA-EXPORT parameters (defunc).
Packit Service 4684c1 
@item GNUTLS_@-PARAMS_@-DH
Packit Service 4684c1 
Session Diffie-Hellman parameters.
Packit Service 4684c1 
@item GNUTLS_@-PARAMS_@-ECDH
Packit Service 4684c1 
Session Elliptic-Curve Diffie-Hellman parameters.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_credentials_type_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-CRD_@-CERTIFICATE
Packit Service 4684c1 
Certificate credential.
Packit Service 4684c1 
@item GNUTLS_@-CRD_@-ANON
Packit Service 4684c1 
Anonymous credential.
Packit Service 4684c1 
@item GNUTLS_@-CRD_@-SRP
Packit Service 4684c1 
SRP credential.
Packit Service 4684c1 
@item GNUTLS_@-CRD_@-PSK
Packit Service 4684c1 
PSK credential.
Packit Service 4684c1 
@item GNUTLS_@-CRD_@-IA
Packit Service 4684c1 
IA credential.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_mac_algorithm_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-MAC_@-UNKNOWN
Packit Service 4684c1 
Unknown MAC algorithm.
Packit Service 4684c1 
@item GNUTLS_@-MAC_@-NULL
Packit Service 4684c1 
NULL MAC algorithm (empty output).
Packit Service 4684c1 
@item GNUTLS_@-MAC_@-MD5
Packit Service 4684c1 
HMAC-MD5 algorithm.
Packit Service 4684c1 
@item GNUTLS_@-MAC_@-SHA1
Packit Service 4684c1 
HMAC-SHA-1 algorithm.
Packit Service 4684c1 
@item GNUTLS_@-MAC_@-RMD160
Packit Service 4684c1 
HMAC-RMD160 algorithm.
Packit Service 4684c1 
@item GNUTLS_@-MAC_@-MD2
Packit Service 4684c1 
HMAC-MD2 algorithm.
Packit Service 4684c1 
@item GNUTLS_@-MAC_@-SHA256
Packit Service 4684c1 
HMAC-SHA-256 algorithm.
Packit Service 4684c1 
@item GNUTLS_@-MAC_@-SHA384
Packit Service 4684c1 
HMAC-SHA-384 algorithm.
Packit Service 4684c1 
@item GNUTLS_@-MAC_@-SHA512
Packit Service 4684c1 
HMAC-SHA-512 algorithm.
Packit Service 4684c1 
@item GNUTLS_@-MAC_@-SHA224
Packit Service 4684c1 
HMAC-SHA-224 algorithm.
Packit Service 4684c1 
@item GNUTLS_@-MAC_@-SHA3_@-224
Packit Service 4684c1 
Reserved; unimplemented.
Packit Service 4684c1 
@item GNUTLS_@-MAC_@-SHA3_@-256
Packit Service 4684c1 
Reserved; unimplemented.
Packit Service 4684c1 
@item GNUTLS_@-MAC_@-SHA3_@-384
Packit Service 4684c1 
Reserved; unimplemented.
Packit Service 4684c1 
@item GNUTLS_@-MAC_@-SHA3_@-512
Packit Service 4684c1 
Reserved; unimplemented.
Packit Service 4684c1 
@item GNUTLS_@-MAC_@-MD5_@-SHA1
Packit Service 4684c1 
Combined MD5+SHA1 MAC placeholder.
Packit Service 4684c1 
@item GNUTLS_@-MAC_@-GOSTR_@-94
Packit Service 4684c1 
HMAC GOST R 34.11-94 algorithm.
Packit Service 4684c1 
@item GNUTLS_@-MAC_@-STREEBOG_@-256
Packit Service 4684c1 
HMAC GOST R 34.11-2001 (Streebog) algorithm, 256 bit.
Packit Service 4684c1 
@item GNUTLS_@-MAC_@-STREEBOG_@-512
Packit Service 4684c1 
HMAC GOST R 34.11-2001 (Streebog) algorithm, 512 bit.
Packit Service 4684c1 
@item GNUTLS_@-MAC_@-AEAD
Packit Service 4684c1 
MAC implicit through AEAD cipher.
Packit Service 4684c1 
@item GNUTLS_@-MAC_@-UMAC_@-96
Packit Service 4684c1 
The UMAC-96 MAC algorithm (requires nonce).
Packit Service 4684c1 
@item GNUTLS_@-MAC_@-UMAC_@-128
Packit Service 4684c1 
The UMAC-128 MAC algorithm (requires nonce).
Packit Service 4684c1 
@item GNUTLS_@-MAC_@-AES_@-CMAC_@-128
Packit Service 4684c1 
The AES-CMAC-128 MAC algorithm.
Packit Service 4684c1 
@item GNUTLS_@-MAC_@-AES_@-CMAC_@-256
Packit Service 4684c1 
The AES-CMAC-256 MAC algorithm.
Packit Service 4684c1 
@item GNUTLS_@-MAC_@-AES_@-GMAC_@-128
Packit Service 4684c1 
The AES-GMAC-128 MAC algorithm (requires nonce).
Packit Service 4684c1 
@item GNUTLS_@-MAC_@-AES_@-GMAC_@-192
Packit Service 4684c1 
The AES-GMAC-192 MAC algorithm (requires nonce).
Packit Service 4684c1 
@item GNUTLS_@-MAC_@-AES_@-GMAC_@-256
Packit Service 4684c1 
The AES-GMAC-256 MAC algorithm (requires nonce).
Packit Service 4684c1 
@item GNUTLS_@-MAC_@-GOST28147_@-TC26Z_@-IMIT
Packit Service 4684c1 
The GOST 28147-89 working in IMIT mode with TC26 Z S-box.
Packit Service 4684c1 
@item GNUTLS_@-MAC_@-SHAKE_@-128
Packit Service 4684c1 
Reserved; unimplemented.
Packit Service 4684c1 
@item GNUTLS_@-MAC_@-SHAKE_@-256
Packit Service 4684c1 
Reserved; unimplemented.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_digest_algorithm_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-DIG_@-UNKNOWN
Packit Service 4684c1 
Unknown hash algorithm.
Packit Service 4684c1 
@item GNUTLS_@-DIG_@-NULL
Packit Service 4684c1 
NULL hash algorithm (empty output).
Packit Service 4684c1 
@item GNUTLS_@-DIG_@-MD5
Packit Service 4684c1 
MD5 algorithm.
Packit Service 4684c1 
@item GNUTLS_@-DIG_@-SHA1
Packit Service 4684c1 
SHA-1 algorithm.
Packit Service 4684c1 
@item GNUTLS_@-DIG_@-RMD160
Packit Service 4684c1 
RMD160 algorithm.
Packit Service 4684c1 
@item GNUTLS_@-DIG_@-MD2
Packit Service 4684c1 
MD2 algorithm.
Packit Service 4684c1 
@item GNUTLS_@-DIG_@-SHA256
Packit Service 4684c1 
SHA-256 algorithm.
Packit Service 4684c1 
@item GNUTLS_@-DIG_@-SHA384
Packit Service 4684c1 
SHA-384 algorithm.
Packit Service 4684c1 
@item GNUTLS_@-DIG_@-SHA512
Packit Service 4684c1 
SHA-512 algorithm.
Packit Service 4684c1 
@item GNUTLS_@-DIG_@-SHA224
Packit Service 4684c1 
SHA-224 algorithm.
Packit Service 4684c1 
@item GNUTLS_@-DIG_@-SHA3_@-224
Packit Service 4684c1 
SHA3-224 algorithm.
Packit Service 4684c1 
@item GNUTLS_@-DIG_@-SHA3_@-256
Packit Service 4684c1 
SHA3-256 algorithm.
Packit Service 4684c1 
@item GNUTLS_@-DIG_@-SHA3_@-384
Packit Service 4684c1 
SHA3-384 algorithm.
Packit Service 4684c1 
@item GNUTLS_@-DIG_@-SHA3_@-512
Packit Service 4684c1 
SHA3-512 algorithm.
Packit Service 4684c1 
@item GNUTLS_@-DIG_@-MD5_@-SHA1
Packit Service 4684c1 
Combined MD5+SHA1 algorithm.
Packit Service 4684c1 
@item GNUTLS_@-DIG_@-GOSTR_@-94
Packit Service 4684c1 
GOST R 34.11-94 algorithm.
Packit Service 4684c1 
@item GNUTLS_@-DIG_@-STREEBOG_@-256
Packit Service 4684c1 
GOST R 34.11-2001 (Streebog) algorithm, 256 bit.
Packit Service 4684c1 
@item GNUTLS_@-DIG_@-STREEBOG_@-512
Packit Service 4684c1 
GOST R 34.11-2001 (Streebog) algorithm, 512 bit.
Packit Service 4684c1 
@item GNUTLS_@-DIG_@-SHAKE_@-128
Packit Service 4684c1 
Reserved; unimplemented.
Packit Service 4684c1 
@item GNUTLS_@-DIG_@-SHAKE_@-256
Packit Service 4684c1 
Reserved; unimplemented.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_compression_method_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-COMP_@-UNKNOWN
Packit Service 4684c1 
Unknown compression method.
Packit Service 4684c1 
@item GNUTLS_@-COMP_@-NULL
Packit Service 4684c1 
The NULL compression method (no compression).
Packit Service 4684c1 
@item GNUTLS_@-COMP_@-DEFLATE
Packit Service 4684c1 
The DEFLATE compression method from zlib.
Packit Service 4684c1 
@item GNUTLS_@-COMP_@-ZLIB
Packit Service 4684c1 
Same as @code{GNUTLS_COMP_DEFLATE} .
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_init_flags_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-SERVER
Packit Service 4684c1 
Connection end is a server.
Packit Service 4684c1 
@item GNUTLS_@-CLIENT
Packit Service 4684c1 
Connection end is a client.
Packit Service 4684c1 
@item GNUTLS_@-DATAGRAM
Packit Service 4684c1 
Connection is datagram oriented (DTLS). Since 3.0.0.
Packit Service 4684c1 
@item GNUTLS_@-NONBLOCK
Packit Service 4684c1 
Connection should not block. Since 3.0.0.
Packit Service 4684c1 
@item GNUTLS_@-NO_@-EXTENSIONS
Packit Service 4684c1 
Do not enable any TLS extensions by default (since 3.1.2). As TLS 1.2 and later require extensions this option is considered obsolete and should not be used.
Packit Service 4684c1 
@item GNUTLS_@-NO_@-REPLAY_@-PROTECTION
Packit Service 4684c1 
Disable any replay protection in DTLS. This must only be used if  replay protection is achieved using other means. Since 3.2.2.
Packit Service 4684c1 
@item GNUTLS_@-NO_@-SIGNAL
Packit Service 4684c1 
In systems where SIGPIPE is delivered on send, it will be disabled. That flag has effect in systems which support the MSG_NOSIGNAL sockets flag (since 3.4.2).
Packit Service 4684c1 
@item GNUTLS_@-ALLOW_@-ID_@-CHANGE
Packit Service 4684c1 
Allow the peer to replace its certificate, or change its ID during a rehandshake. This change is often used in attacks and thus prohibited by default. Since 3.5.0.
Packit Service 4684c1 
@item GNUTLS_@-ENABLE_@-FALSE_@-START
Packit Service 4684c1 
Enable the TLS false start on client side if the negotiated ciphersuites allow it. This will enable sending data prior to the handshake being complete, and may introduce a risk of crypto failure when combined with certain key exchanged; for that GnuTLS may not enable that option in ciphersuites that are known to be not safe for false start. Since 3.5.0.
Packit Service 4684c1 
@item GNUTLS_@-FORCE_@-CLIENT_@-CERT
Packit Service 4684c1 
When in client side and only a single cert is specified, send that certificate irrespective of the issuers expected by the server. Since 3.5.0.
Packit Service 4684c1 
@item GNUTLS_@-NO_@-TICKETS
Packit Service 4684c1 
Flag to indicate that the session should not use resumption with session tickets.
Packit Service 4684c1 
@item GNUTLS_@-KEY_@-SHARE_@-TOP
Packit Service 4684c1 
Generate key share for the first group which is enabled.
Packit Service 4684c1 
For example x25519. This option is the most performant for client (less CPU spent
Packit Service 4684c1 
generating keys), but if the server doesn't support the advertized option it may
Packit Service 4684c1 
result to more roundtrips needed to discover the server's choice.
Packit Service 4684c1 
@item GNUTLS_@-KEY_@-SHARE_@-TOP2
Packit Service 4684c1 
Generate key shares for the top-2 different groups which are enabled.
Packit Service 4684c1 
For example (ECDH + x25519). This is the default.
Packit Service 4684c1 
@item GNUTLS_@-KEY_@-SHARE_@-TOP3
Packit Service 4684c1 
Generate key shares for the top-3 different groups which are enabled.
Packit Service 4684c1 
That is, as each group is associated with a key type (EC, finite field, x25519), generate
Packit Service 4684c1 
three keys using @code{GNUTLS_PK_DH} , @code{GNUTLS_PK_EC} , @code{GNUTLS_PK_ECDH_X25519}  if all of them are enabled.
Packit Service 4684c1 
@item GNUTLS_@-POST_@-HANDSHAKE_@-AUTH
Packit Service 4684c1 
Enable post handshake authentication for server and client. When set and
Packit Service 4684c1 
a server requests authentication after handshake @code{GNUTLS_E_REAUTH_REQUEST}  will be returned
Packit Service 4684c1 
by @code{gnutls_record_recv()} . A client should then call @code{gnutls_reauth()}  to re-authenticate.
Packit Service 4684c1 
@item GNUTLS_@-NO_@-AUTO_@-REKEY
Packit Service 4684c1 
Disable auto-rekeying under TLS1.3. If this option is not specified
Packit Service 4684c1 
gnutls will force a rekey after 2^24 records have been sent.
Packit Service 4684c1 
@item GNUTLS_@-SAFE_@-PADDING_@-CHECK
Packit Service 4684c1 
Flag to indicate that the TLS 1.3 padding check will be done in a
Packit Service 4684c1 
safe way which doesn't leak the pad size based on GnuTLS processing time. This is of use to
Packit Service 4684c1 
applications which hide the length of transferred data via the TLS1.3 padding mechanism and
Packit Service 4684c1 
are already taking steps to hide the data processing time. This comes at a performance
Packit Service 4684c1 
penalty.
Packit Service 4684c1 
@item GNUTLS_@-ENABLE_@-EARLY_@-START
Packit Service 4684c1 
Under TLS1.3 allow the server to return earlier than the full handshake
Packit Service 4684c1 
finish; similarly to false start the handshake will be completed once data are received by the
Packit Service 4684c1 
client, while the server is able to transmit sooner. This is not enabled by default as it could
Packit Service 4684c1 
break certain existing server assumptions and use-cases. Since 3.6.4.
Packit Service 4684c1 
@item GNUTLS_@-ENABLE_@-RAWPK
Packit Service 4684c1 
Allows raw public-keys to be negotiated during the handshake. Since 3.6.6.
Packit Service 4684c1 
@item GNUTLS_@-AUTO_@-REAUTH
Packit Service 4684c1 
Enable transparent re-authentication in client side when the server
Packit Service 4684c1 
requests to. That is, reauthentication is handled within @code{gnutls_record_recv()} , and
Packit Service 4684c1 
the @code{GNUTLS_E_REHANDSHAKE}  or @code{GNUTLS_E_REAUTH_REQUEST}  are not returned. This must be
Packit Service 4684c1 
enabled with @code{GNUTLS_POST_HANDSHAKE_AUTH}  for TLS1.3. Enabling this flag requires to restore
Packit Service 4684c1 
interrupted calls to @code{gnutls_record_recv()}  based on the output of @code{gnutls_record_get_direction()} ,
Packit Service 4684c1 
since @code{gnutls_record_recv()}  could be interrupted when sending when this flag is enabled.
Packit Service 4684c1 
Note this flag may not be used if you are using the same session for sending and receiving
Packit Service 4684c1 
in different threads.
Packit Service 4684c1 
@item GNUTLS_@-ENABLE_@-EARLY_@-DATA
Packit Service 4684c1 
Under TLS1.3 allow the server to receive early data sent as part of the initial ClientHello (0-RTT).
Packit Service 4684c1 
This is not enabled by default as early data has weaker security properties than other data. Since 3.6.5.
Packit Service 4684c1 
@item GNUTLS_@-NO_@-AUTO_@-SEND_@-TICKET
Packit Service 4684c1 
Under TLS1.3 disable auto-sending of
Packit Service 4684c1 
session tickets during the handshake.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_alert_level_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-AL_@-WARNING
Packit Service 4684c1 
Alert of warning severity.
Packit Service 4684c1 
@item GNUTLS_@-AL_@-FATAL
Packit Service 4684c1 
Alert of fatal severity.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_alert_description_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-A_@-CLOSE_@-NOTIFY
Packit Service 4684c1 
Close notify.
Packit Service 4684c1 
@item GNUTLS_@-A_@-UNEXPECTED_@-MESSAGE
Packit Service 4684c1 
Unexpected message.
Packit Service 4684c1 
@item GNUTLS_@-A_@-BAD_@-RECORD_@-MAC
Packit Service 4684c1 
Bad record MAC.
Packit Service 4684c1 
@item GNUTLS_@-A_@-DECRYPTION_@-FAILED
Packit Service 4684c1 
Decryption failed.
Packit Service 4684c1 
@item GNUTLS_@-A_@-RECORD_@-OVERFLOW
Packit Service 4684c1 
Record overflow.
Packit Service 4684c1 
@item GNUTLS_@-A_@-DECOMPRESSION_@-FAILURE
Packit Service 4684c1 
Decompression failed.
Packit Service 4684c1 
@item GNUTLS_@-A_@-HANDSHAKE_@-FAILURE
Packit Service 4684c1 
Handshake failed.
Packit Service 4684c1 
@item GNUTLS_@-A_@-SSL3_@-NO_@-CERTIFICATE
Packit Service 4684c1 
No certificate.
Packit Service 4684c1 
@item GNUTLS_@-A_@-BAD_@-CERTIFICATE
Packit Service 4684c1 
Certificate is bad.
Packit Service 4684c1 
@item GNUTLS_@-A_@-UNSUPPORTED_@-CERTIFICATE
Packit Service 4684c1 
Certificate is not supported.
Packit Service 4684c1 
@item GNUTLS_@-A_@-CERTIFICATE_@-REVOKED
Packit Service 4684c1 
Certificate was revoked.
Packit Service 4684c1 
@item GNUTLS_@-A_@-CERTIFICATE_@-EXPIRED
Packit Service 4684c1 
Certificate is expired.
Packit Service 4684c1 
@item GNUTLS_@-A_@-CERTIFICATE_@-UNKNOWN
Packit Service 4684c1 
Unknown certificate.
Packit Service 4684c1 
@item GNUTLS_@-A_@-ILLEGAL_@-PARAMETER
Packit Service 4684c1 
Illegal parameter.
Packit Service 4684c1 
@item GNUTLS_@-A_@-UNKNOWN_@-CA
Packit Service 4684c1 
CA is unknown.
Packit Service 4684c1 
@item GNUTLS_@-A_@-ACCESS_@-DENIED
Packit Service 4684c1 
Access was denied.
Packit Service 4684c1 
@item GNUTLS_@-A_@-DECODE_@-ERROR
Packit Service 4684c1 
Decode error.
Packit Service 4684c1 
@item GNUTLS_@-A_@-DECRYPT_@-ERROR
Packit Service 4684c1 
Decrypt error.
Packit Service 4684c1 
@item GNUTLS_@-A_@-EXPORT_@-RESTRICTION
Packit Service 4684c1 
Export restriction.
Packit Service 4684c1 
@item GNUTLS_@-A_@-PROTOCOL_@-VERSION
Packit Service 4684c1 
Error in protocol version.
Packit Service 4684c1 
@item GNUTLS_@-A_@-INSUFFICIENT_@-SECURITY
Packit Service 4684c1 
Insufficient security.
Packit Service 4684c1 
@item GNUTLS_@-A_@-INTERNAL_@-ERROR
Packit Service 4684c1 
Internal error.
Packit Service 4684c1 
@item GNUTLS_@-A_@-INAPPROPRIATE_@-FALLBACK
Packit Service 4684c1 
Inappropriate fallback,
Packit Service 4684c1 
@item GNUTLS_@-A_@-USER_@-CANCELED
Packit Service 4684c1 
User canceled.
Packit Service 4684c1 
@item GNUTLS_@-A_@-NO_@-RENEGOTIATION
Packit Service 4684c1 
No renegotiation is allowed.
Packit Service 4684c1 
@item GNUTLS_@-A_@-MISSING_@-EXTENSION
Packit Service 4684c1 
An extension was expected but was not seen
Packit Service 4684c1 
@item GNUTLS_@-A_@-UNSUPPORTED_@-EXTENSION
Packit Service 4684c1 
An unsupported extension was
Packit Service 4684c1 
sent.
Packit Service 4684c1 
@item GNUTLS_@-A_@-CERTIFICATE_@-UNOBTAINABLE
Packit Service 4684c1 
Could not retrieve the
Packit Service 4684c1 
specified certificate.
Packit Service 4684c1 
@item GNUTLS_@-A_@-UNRECOGNIZED_@-NAME
Packit Service 4684c1 
The server name sent was not
Packit Service 4684c1 
recognized.
Packit Service 4684c1 
@item GNUTLS_@-A_@-UNKNOWN_@-PSK_@-IDENTITY
Packit Service 4684c1 
The SRP/PSK username is missing
Packit Service 4684c1 
or not known.
Packit Service 4684c1 
@item GNUTLS_@-A_@-CERTIFICATE_@-REQUIRED
Packit Service 4684c1 
Certificate is required.
Packit Service 4684c1 
@item GNUTLS_@-A_@-NO_@-APPLICATION_@-PROTOCOL
Packit Service 4684c1 
The ALPN protocol requested is
Packit Service 4684c1 
not supported by the peer.
Packit Service 4684c1 
@item GNUTLS_@-A_@-MAX
Packit Service 4684c1 
-- undescribed --
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_handshake_description_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-HANDSHAKE_@-HELLO_@-REQUEST
Packit Service 4684c1 
Hello request.
Packit Service 4684c1 
@item GNUTLS_@-HANDSHAKE_@-CLIENT_@-HELLO
Packit Service 4684c1 
Client hello.
Packit Service 4684c1 
@item GNUTLS_@-HANDSHAKE_@-SERVER_@-HELLO
Packit Service 4684c1 
Server hello.
Packit Service 4684c1 
@item GNUTLS_@-HANDSHAKE_@-HELLO_@-VERIFY_@-REQUEST
Packit Service 4684c1 
DTLS Hello verify request.
Packit Service 4684c1 
@item GNUTLS_@-HANDSHAKE_@-NEW_@-SESSION_@-TICKET
Packit Service 4684c1 
New session ticket.
Packit Service 4684c1 
@item GNUTLS_@-HANDSHAKE_@-END_@-OF_@-EARLY_@-DATA
Packit Service 4684c1 
End of early data.
Packit Service 4684c1 
@item GNUTLS_@-HANDSHAKE_@-ENCRYPTED_@-EXTENSIONS
Packit Service 4684c1 
Encrypted extensions message.
Packit Service 4684c1 
@item GNUTLS_@-HANDSHAKE_@-CERTIFICATE_@-PKT
Packit Service 4684c1 
Certificate packet.
Packit Service 4684c1 
@item GNUTLS_@-HANDSHAKE_@-SERVER_@-KEY_@-EXCHANGE
Packit Service 4684c1 
Server key exchange.
Packit Service 4684c1 
@item GNUTLS_@-HANDSHAKE_@-CERTIFICATE_@-REQUEST
Packit Service 4684c1 
Certificate request.
Packit Service 4684c1 
@item GNUTLS_@-HANDSHAKE_@-SERVER_@-HELLO_@-DONE
Packit Service 4684c1 
Server hello done.
Packit Service 4684c1 
@item GNUTLS_@-HANDSHAKE_@-CERTIFICATE_@-VERIFY
Packit Service 4684c1 
Certificate verify.
Packit Service 4684c1 
@item GNUTLS_@-HANDSHAKE_@-CLIENT_@-KEY_@-EXCHANGE
Packit Service 4684c1 
Client key exchange.
Packit Service 4684c1 
@item GNUTLS_@-HANDSHAKE_@-FINISHED
Packit Service 4684c1 
Finished.
Packit Service 4684c1 
@item GNUTLS_@-HANDSHAKE_@-CERTIFICATE_@-STATUS
Packit Service 4684c1 
Certificate status (OCSP).
Packit Service 4684c1 
@item GNUTLS_@-HANDSHAKE_@-SUPPLEMENTAL
Packit Service 4684c1 
Supplemental.
Packit Service 4684c1 
@item GNUTLS_@-HANDSHAKE_@-KEY_@-UPDATE
Packit Service 4684c1 
TLS1.3 key update message.
Packit Service 4684c1 
@item GNUTLS_@-HANDSHAKE_@-CHANGE_@-CIPHER_@-SPEC
Packit Service 4684c1 
Change Cipher Spec.
Packit Service 4684c1 
@item GNUTLS_@-HANDSHAKE_@-CLIENT_@-HELLO_@-V2
Packit Service 4684c1 
SSLv2 Client Hello.
Packit Service 4684c1 
@item GNUTLS_@-HANDSHAKE_@-HELLO_@-RETRY_@-REQUEST
Packit Service 4684c1 
Hello retry request.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_certificate_status_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-CERT_@-INVALID
Packit Service 4684c1 
The certificate is not signed by one of the
Packit Service 4684c1 
known authorities or the signature is invalid (deprecated by the flags
Packit Service 4684c1 
@code{GNUTLS_CERT_SIGNATURE_FAILURE}  and @code{GNUTLS_CERT_SIGNER_NOT_FOUND} ).
Packit Service 4684c1 
@item GNUTLS_@-CERT_@-REVOKED
Packit Service 4684c1 
Certificate is revoked by its authority.  In X.509 this will be
Packit Service 4684c1 
set only if CRLs are checked.
Packit Service 4684c1 
@item GNUTLS_@-CERT_@-SIGNER_@-NOT_@-FOUND
Packit Service 4684c1 
The certificate's issuer is not known.
Packit Service 4684c1 
This is the case if the issuer is not included in the trusted certificate list.
Packit Service 4684c1 
@item GNUTLS_@-CERT_@-SIGNER_@-NOT_@-CA
Packit Service 4684c1 
The certificate's signer was not a CA. This
Packit Service 4684c1 
may happen if this was a version 1 certificate, which is common with
Packit Service 4684c1 
some CAs, or a version 3 certificate without the basic constrains extension.
Packit Service 4684c1 
@item GNUTLS_@-CERT_@-INSECURE_@-ALGORITHM
Packit Service 4684c1 
The certificate was signed using an insecure
Packit Service 4684c1 
algorithm such as MD2 or MD5. These algorithms have been broken and
Packit Service 4684c1 
should not be trusted.
Packit Service 4684c1 
@item GNUTLS_@-CERT_@-NOT_@-ACTIVATED
Packit Service 4684c1 
The certificate is not yet activated.
Packit Service 4684c1 
@item GNUTLS_@-CERT_@-EXPIRED
Packit Service 4684c1 
The certificate has expired.
Packit Service 4684c1 
@item GNUTLS_@-CERT_@-SIGNATURE_@-FAILURE
Packit Service 4684c1 
The signature verification failed.
Packit Service 4684c1 
@item GNUTLS_@-CERT_@-REVOCATION_@-DATA_@-SUPERSEDED
Packit Service 4684c1 
The revocation data are old and have been superseded.
Packit Service 4684c1 
@item GNUTLS_@-CERT_@-UNEXPECTED_@-OWNER
Packit Service 4684c1 
The owner is not the expected one.
Packit Service 4684c1 
@item GNUTLS_@-CERT_@-REVOCATION_@-DATA_@-ISSUED_@-IN_@-FUTURE
Packit Service 4684c1 
The revocation data have a future issue date.
Packit Service 4684c1 
@item GNUTLS_@-CERT_@-SIGNER_@-CONSTRAINTS_@-FAILURE
Packit Service 4684c1 
The certificate's signer constraints were
Packit Service 4684c1 
violated.
Packit Service 4684c1 
@item GNUTLS_@-CERT_@-MISMATCH
Packit Service 4684c1 
The certificate presented isn't the expected one (TOFU)
Packit Service 4684c1 
@item GNUTLS_@-CERT_@-PURPOSE_@-MISMATCH
Packit Service 4684c1 
The certificate or an intermediate does not match the intended purpose (extended key usage).
Packit Service 4684c1 
@item GNUTLS_@-CERT_@-MISSING_@-OCSP_@-STATUS
Packit Service 4684c1 
The certificate requires the server to send the certifiate status, but no status was received.
Packit Service 4684c1 
@item GNUTLS_@-CERT_@-INVALID_@-OCSP_@-STATUS
Packit Service 4684c1 
The received OCSP status response is invalid.
Packit Service 4684c1 
@item GNUTLS_@-CERT_@-UNKNOWN_@-CRIT_@-EXTENSIONS
Packit Service 4684c1 
The certificate has extensions marked as critical which are not supported.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_certificate_request_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-CERT_@-IGNORE
Packit Service 4684c1 
Ignore certificate.
Packit Service 4684c1 
@item GNUTLS_@-CERT_@-REQUEST
Packit Service 4684c1 
Request certificate.
Packit Service 4684c1 
@item GNUTLS_@-CERT_@-REQUIRE
Packit Service 4684c1 
Require certificate.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_openpgp_crt_status_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-OPENPGP_@-CERT
Packit Service 4684c1 
Send entire certificate.
Packit Service 4684c1 
@item GNUTLS_@-OPENPGP_@-CERT_@-FINGERPRINT
Packit Service 4684c1 
Send only certificate fingerprint.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_close_request_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-SHUT_@-RDWR
Packit Service 4684c1 
Disallow further receives/sends.
Packit Service 4684c1 
@item GNUTLS_@-SHUT_@-WR
Packit Service 4684c1 
Disallow further sends.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_protocol_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-SSL3
Packit Service 4684c1 
SSL version 3.0.
Packit Service 4684c1 
@item GNUTLS_@-TLS1_@-0
Packit Service 4684c1 
TLS version 1.0.
Packit Service 4684c1 
@item GNUTLS_@-TLS1
Packit Service 4684c1 
Same as @code{GNUTLS_TLS1_0} .
Packit Service 4684c1 
@item GNUTLS_@-TLS1_@-1
Packit Service 4684c1 
TLS version 1.1.
Packit Service 4684c1 
@item GNUTLS_@-TLS1_@-2
Packit Service 4684c1 
TLS version 1.2.
Packit Service 4684c1 
@item GNUTLS_@-TLS1_@-3
Packit Service 4684c1 
TLS version 1.3.
Packit Service 4684c1 
@item GNUTLS_@-DTLS0_@-9
Packit Service 4684c1 
DTLS version 0.9 (Cisco AnyConnect / OpenSSL 0.9.8e).
Packit Service 4684c1 
@item GNUTLS_@-DTLS1_@-0
Packit Service 4684c1 
DTLS version 1.0.
Packit Service 4684c1 
@item GNUTLS_@-DTLS1_@-2
Packit Service 4684c1 
DTLS version 1.2.
Packit Service 4684c1 
@item GNUTLS_@-DTLS_@-VERSION_@-MIN
Packit Service 4684c1 
-- undescribed --
Packit Service 4684c1 
@item GNUTLS_@-DTLS_@-VERSION_@-MAX
Packit Service 4684c1 
Maps to the highest supported DTLS version.
Packit Service 4684c1 
@item GNUTLS_@-TLS_@-VERSION_@-MAX
Packit Service 4684c1 
Maps to the highest supported TLS version.
Packit Service 4684c1 
@item GNUTLS_@-VERSION_@-UNKNOWN
Packit Service 4684c1 
Unknown SSL/TLS version.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_certificate_type_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-CRT_@-UNKNOWN
Packit Service 4684c1 
Unknown certificate type.
Packit Service 4684c1 
@item GNUTLS_@-CRT_@-X509
Packit Service 4684c1 
X.509 Certificate.
Packit Service 4684c1 
@item GNUTLS_@-CRT_@-OPENPGP
Packit Service 4684c1 
OpenPGP certificate.
Packit Service 4684c1 
@item GNUTLS_@-CRT_@-RAWPK
Packit Service 4684c1 
Raw public-key (SubjectPublicKeyInfo)
Packit Service 4684c1 
@item GNUTLS_@-CRT_@-MAX
Packit Service 4684c1 
-- undescribed --
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_x509_crt_fmt_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-X509_@-FMT_@-DER
Packit Service 4684c1 
X.509 certificate in DER format (binary).
Packit Service 4684c1 
@item GNUTLS_@-X509_@-FMT_@-PEM
Packit Service 4684c1 
X.509 certificate in PEM format (text).
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_certificate_print_formats_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-CRT_@-PRINT_@-FULL
Packit Service 4684c1 
Full information about certificate.
Packit Service 4684c1 
@item GNUTLS_@-CRT_@-PRINT_@-ONELINE
Packit Service 4684c1 
Information about certificate in one line.
Packit Service 4684c1 
@item GNUTLS_@-CRT_@-PRINT_@-UNSIGNED_@-FULL
Packit Service 4684c1 
All info for an unsigned certificate.
Packit Service 4684c1 
@item GNUTLS_@-CRT_@-PRINT_@-COMPACT
Packit Service 4684c1 
Information about certificate name in one line, plus identification of the public key.
Packit Service 4684c1 
@item GNUTLS_@-CRT_@-PRINT_@-FULL_@-NUMBERS
Packit Service 4684c1 
Full information about certificate and include easy to parse public key parameters.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_pk_algorithm_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-PK_@-UNKNOWN
Packit Service 4684c1 
Unknown public-key algorithm.
Packit Service 4684c1 
@item GNUTLS_@-PK_@-RSA
Packit Service 4684c1 
RSA public-key algorithm.
Packit Service 4684c1 
@item GNUTLS_@-PK_@-DSA
Packit Service 4684c1 
DSA public-key algorithm.
Packit Service 4684c1 
@item GNUTLS_@-PK_@-DH
Packit Service 4684c1 
Diffie-Hellman algorithm. Used to generate parameters.
Packit Service 4684c1 
@item GNUTLS_@-PK_@-ECDSA
Packit Service 4684c1 
Elliptic curve algorithm. These parameters are compatible with the ECDSA and ECDH algorithm.
Packit Service 4684c1 
@item GNUTLS_@-PK_@-ECDH_@-X25519
Packit Service 4684c1 
Elliptic curve algorithm, restricted to ECDH as per rfc7748.
Packit Service 4684c1 
@item GNUTLS_@-PK_@-RSA_@-PSS
Packit Service 4684c1 
RSA public-key algorithm, with PSS padding.
Packit Service 4684c1 
@item GNUTLS_@-PK_@-EDDSA_@-ED25519
Packit Service 4684c1 
Edwards curve Digital signature algorithm. Used with SHA512 on signatures.
Packit Service 4684c1 
@item GNUTLS_@-PK_@-GOST_@-01
Packit Service 4684c1 
GOST R 34.10-2001 algorithm per rfc5832.
Packit Service 4684c1 
@item GNUTLS_@-PK_@-GOST_@-12_@-256
Packit Service 4684c1 
GOST R 34.10-2012 algorithm, 256-bit key per rfc7091.
Packit Service 4684c1 
@item GNUTLS_@-PK_@-GOST_@-12_@-512
Packit Service 4684c1 
GOST R 34.10-2012 algorithm, 512-bit key per rfc7091.
Packit Service 4684c1 
@item GNUTLS_@-PK_@-ECDH_@-X448
Packit Service 4684c1 
Elliptic curve algorithm, restricted to ECDH as per rfc7748.
Packit Service 4684c1 
@item GNUTLS_@-PK_@-EDDSA_@-ED448
Packit Service 4684c1 
Edwards curve Digital signature algorithm. Used with SHAKE256 on signatures.
Packit Service 4684c1 
@item GNUTLS_@-PK_@-MAX
Packit Service 4684c1 
-- undescribed --
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_sign_algorithm_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-UNKNOWN
Packit Service 4684c1 
Unknown signature algorithm.
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-RSA_@-SHA1
Packit Service 4684c1 
Digital signature algorithm RSA with SHA-1
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-RSA_@-SHA
Packit Service 4684c1 
Same as @code{GNUTLS_SIGN_RSA_SHA1} .
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-DSA_@-SHA1
Packit Service 4684c1 
Digital signature algorithm DSA with SHA-1
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-DSA_@-SHA
Packit Service 4684c1 
Same as @code{GNUTLS_SIGN_DSA_SHA1} .
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-RSA_@-MD5
Packit Service 4684c1 
Digital signature algorithm RSA with MD5.
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-RSA_@-MD2
Packit Service 4684c1 
Digital signature algorithm RSA with MD2.
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-RSA_@-RMD160
Packit Service 4684c1 
Digital signature algorithm RSA with RMD-160.
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-RSA_@-SHA256
Packit Service 4684c1 
Digital signature algorithm RSA with SHA-256.
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-RSA_@-SHA384
Packit Service 4684c1 
Digital signature algorithm RSA with SHA-384.
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-RSA_@-SHA512
Packit Service 4684c1 
Digital signature algorithm RSA with SHA-512.
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-RSA_@-SHA224
Packit Service 4684c1 
Digital signature algorithm RSA with SHA-224.
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-DSA_@-SHA224
Packit Service 4684c1 
Digital signature algorithm DSA with SHA-224
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-DSA_@-SHA256
Packit Service 4684c1 
Digital signature algorithm DSA with SHA-256
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-ECDSA_@-SHA1
Packit Service 4684c1 
ECDSA with SHA1.
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-ECDSA_@-SHA224
Packit Service 4684c1 
Digital signature algorithm ECDSA with SHA-224.
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-ECDSA_@-SHA256
Packit Service 4684c1 
Digital signature algorithm ECDSA with SHA-256.
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-ECDSA_@-SHA384
Packit Service 4684c1 
Digital signature algorithm ECDSA with SHA-384.
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-ECDSA_@-SHA512
Packit Service 4684c1 
Digital signature algorithm ECDSA with SHA-512.
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-DSA_@-SHA384
Packit Service 4684c1 
Digital signature algorithm DSA with SHA-384
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-DSA_@-SHA512
Packit Service 4684c1 
Digital signature algorithm DSA with SHA-512
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-ECDSA_@-SHA3_@-224
Packit Service 4684c1 
Digital signature algorithm ECDSA with SHA3-224.
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-ECDSA_@-SHA3_@-256
Packit Service 4684c1 
Digital signature algorithm ECDSA with SHA3-256.
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-ECDSA_@-SHA3_@-384
Packit Service 4684c1 
Digital signature algorithm ECDSA with SHA3-384.
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-ECDSA_@-SHA3_@-512
Packit Service 4684c1 
Digital signature algorithm ECDSA with SHA3-512.
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-DSA_@-SHA3_@-224
Packit Service 4684c1 
Digital signature algorithm DSA with SHA3-224.
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-DSA_@-SHA3_@-256
Packit Service 4684c1 
Digital signature algorithm DSA with SHA3-256.
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-DSA_@-SHA3_@-384
Packit Service 4684c1 
Digital signature algorithm DSA with SHA3-384.
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-DSA_@-SHA3_@-512
Packit Service 4684c1 
Digital signature algorithm DSA with SHA3-512.
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-RSA_@-SHA3_@-224
Packit Service 4684c1 
Digital signature algorithm RSA with SHA3-224.
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-RSA_@-SHA3_@-256
Packit Service 4684c1 
Digital signature algorithm RSA with SHA3-256.
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-RSA_@-SHA3_@-384
Packit Service 4684c1 
Digital signature algorithm RSA with SHA3-384.
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-RSA_@-SHA3_@-512
Packit Service 4684c1 
Digital signature algorithm RSA with SHA3-512.
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-RSA_@-PSS_@-SHA256
Packit Service 4684c1 
Digital signature algorithm RSA with SHA-256, with PSS padding (RSA-PSS certificate).
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-RSA_@-PSS_@-SHA384
Packit Service 4684c1 
Digital signature algorithm RSA with SHA-384, with PSS padding (RSA-PSS certificate).
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-RSA_@-PSS_@-SHA512
Packit Service 4684c1 
Digital signature algorithm RSA with SHA-512, with PSS padding (RSA-PSS certificate).
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-EDDSA_@-ED25519
Packit Service 4684c1 
Digital signature algorithm EdDSA with Ed25519 curve.
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-RSA_@-RAW
Packit Service 4684c1 
Digital signature algorithm RSA with DigestInfo formatted data
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-ECDSA_@-SECP256R1_@-SHA256
Packit Service 4684c1 
Digital signature algorithm ECDSA-SECP256R1 with SHA-256 (used in TLS 1.3 but not PKIX).
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-ECDSA_@-SECP384R1_@-SHA384
Packit Service 4684c1 
Digital signature algorithm ECDSA-SECP384R1 with SHA-384 (used in TLS 1.3 but not PKIX).
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-ECDSA_@-SECP521R1_@-SHA512
Packit Service 4684c1 
Digital signature algorithm ECDSA-SECP521R1 with SHA-512 (used in TLS 1.3 but not PKIX).
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-RSA_@-PSS_@-RSAE_@-SHA256
Packit Service 4684c1 
Digital signature algorithm RSA with SHA-256,
Packit Service 4684c1 
with PSS padding (RSA PKCS@code{1}  1.5 certificate). This signature is identical
Packit Service 4684c1 
to @code{GNUTLS_SIGN_RSA_PSS_SHA256} , but they are distinct as the TLS1.3 protocol
Packit Service 4684c1 
treats them differently.
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-RSA_@-PSS_@-RSAE_@-SHA384
Packit Service 4684c1 
Digital signature algorithm RSA with SHA-384,
Packit Service 4684c1 
with PSS padding (RSA PKCS@code{1}  1.5 certificate). This signature is identical
Packit Service 4684c1 
to @code{GNUTLS_SIGN_RSA_PSS_SHA384} , but they are distinct as the TLS1.3 protocol
Packit Service 4684c1 
treats them differently.
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-RSA_@-PSS_@-RSAE_@-SHA512
Packit Service 4684c1 
Digital signature algorithm RSA with SHA-512,
Packit Service 4684c1 
with PSS padding (RSA PKCS@code{1}  1.5 certificate). This signature is identical
Packit Service 4684c1 
to @code{GNUTLS_SIGN_RSA_PSS_SHA512} , but they are distinct as the TLS1.3 protocol
Packit Service 4684c1 
treats them differently.
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-GOST_@-94
Packit Service 4684c1 
Digital signature algorithm GOST R 34.10-2001 with GOST R 34.11-94
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-GOST_@-256
Packit Service 4684c1 
Digital signature algorithm GOST R 34.10-2012 with GOST R 34.11-2012 256 bit
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-GOST_@-512
Packit Service 4684c1 
Digital signature algorithm GOST R 34.10-2012 with GOST R 34.11-2012 512 bit
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-EDDSA_@-ED448
Packit Service 4684c1 
Digital signature algorithm EdDSA with Ed448 curve.
Packit Service 4684c1 
@item GNUTLS_@-SIGN_@-MAX
Packit Service 4684c1 
-- undescribed --
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_ecc_curve_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-ECC_@-CURVE_@-INVALID
Packit Service 4684c1 
Cannot be known
Packit Service 4684c1 
@item GNUTLS_@-ECC_@-CURVE_@-SECP224R1
Packit Service 4684c1 
the SECP224R1 curve
Packit Service 4684c1 
@item GNUTLS_@-ECC_@-CURVE_@-SECP256R1
Packit Service 4684c1 
the SECP256R1 curve
Packit Service 4684c1 
@item GNUTLS_@-ECC_@-CURVE_@-SECP384R1
Packit Service 4684c1 
the SECP384R1 curve
Packit Service 4684c1 
@item GNUTLS_@-ECC_@-CURVE_@-SECP521R1
Packit Service 4684c1 
the SECP521R1 curve
Packit Service 4684c1 
@item GNUTLS_@-ECC_@-CURVE_@-SECP192R1
Packit Service 4684c1 
the SECP192R1 curve
Packit Service 4684c1 
@item GNUTLS_@-ECC_@-CURVE_@-X25519
Packit Service 4684c1 
the X25519 curve (ECDH only)
Packit Service 4684c1 
@item GNUTLS_@-ECC_@-CURVE_@-ED25519
Packit Service 4684c1 
the Ed25519 curve
Packit Service 4684c1 
@item GNUTLS_@-ECC_@-CURVE_@-GOST256CPA
Packit Service 4684c1 
GOST R 34.10 CryptoPro 256 A curve
Packit Service 4684c1 
@item GNUTLS_@-ECC_@-CURVE_@-GOST256CPB
Packit Service 4684c1 
GOST R 34.10 CryptoPro 256 B curve
Packit Service 4684c1 
@item GNUTLS_@-ECC_@-CURVE_@-GOST256CPC
Packit Service 4684c1 
GOST R 34.10 CryptoPro 256 C curve
Packit Service 4684c1 
@item GNUTLS_@-ECC_@-CURVE_@-GOST256CPXA
Packit Service 4684c1 
GOST R 34.10 CryptoPro 256 XchA curve
Packit Service 4684c1 
@item GNUTLS_@-ECC_@-CURVE_@-GOST256CPXB
Packit Service 4684c1 
GOST R 34.10 CryptoPro 256 XchB curve
Packit Service 4684c1 
@item GNUTLS_@-ECC_@-CURVE_@-GOST512A
Packit Service 4684c1 
GOST R 34.10 TC26 512 A curve
Packit Service 4684c1 
@item GNUTLS_@-ECC_@-CURVE_@-GOST512B
Packit Service 4684c1 
GOST R 34.10 TC26 512 B curve
Packit Service 4684c1 
@item GNUTLS_@-ECC_@-CURVE_@-GOST512C
Packit Service 4684c1 
GOST R 34.10 TC26 512 C curve
Packit Service 4684c1 
@item GNUTLS_@-ECC_@-CURVE_@-GOST256A
Packit Service 4684c1 
GOST R 34.10 TC26 256 A curve
Packit Service 4684c1 
@item GNUTLS_@-ECC_@-CURVE_@-GOST256B
Packit Service 4684c1 
GOST R 34.10 TC26 256 B curve
Packit Service 4684c1 
@item GNUTLS_@-ECC_@-CURVE_@-GOST256C
Packit Service 4684c1 
GOST R 34.10 TC26 256 C curve
Packit Service 4684c1 
@item GNUTLS_@-ECC_@-CURVE_@-GOST256D
Packit Service 4684c1 
GOST R 34.10 TC26 256 D curve
Packit Service 4684c1 
@item GNUTLS_@-ECC_@-CURVE_@-X448
Packit Service 4684c1 
the X448 curve (ECDH only)
Packit Service 4684c1 
@item GNUTLS_@-ECC_@-CURVE_@-ED448
Packit Service 4684c1 
the Ed448 curve
Packit Service 4684c1 
@item GNUTLS_@-ECC_@-CURVE_@-MAX
Packit Service 4684c1 
-- undescribed --
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_group_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-GROUP_@-INVALID
Packit Service 4684c1 
Indicates unknown/invalid group
Packit Service 4684c1 
@item GNUTLS_@-GROUP_@-SECP192R1
Packit Service 4684c1 
the SECP192R1 curve group (legacy, only for TLS 1.2 compatibility)
Packit Service 4684c1 
@item GNUTLS_@-GROUP_@-SECP224R1
Packit Service 4684c1 
the SECP224R1 curve group (legacy, only for TLS 1.2 compatibility)
Packit Service 4684c1 
@item GNUTLS_@-GROUP_@-SECP256R1
Packit Service 4684c1 
the SECP256R1 curve group
Packit Service 4684c1 
@item GNUTLS_@-GROUP_@-SECP384R1
Packit Service 4684c1 
the SECP384R1 curve group
Packit Service 4684c1 
@item GNUTLS_@-GROUP_@-SECP521R1
Packit Service 4684c1 
the SECP521R1 curve group
Packit Service 4684c1 
@item GNUTLS_@-GROUP_@-X25519
Packit Service 4684c1 
the X25519 curve group
Packit Service 4684c1 
@item GNUTLS_@-GROUP_@-X448
Packit Service 4684c1 
the X448 curve group
Packit Service 4684c1 
@item GNUTLS_@-GROUP_@-GC256A
Packit Service 4684c1 
the GOST R 34.10 TC26 256 A curve group
Packit Service 4684c1 
@item GNUTLS_@-GROUP_@-GC256B
Packit Service 4684c1 
the GOST R 34.10 TC26 256 B curve group
Packit Service 4684c1 
@item GNUTLS_@-GROUP_@-GC256C
Packit Service 4684c1 
the GOST R 34.10 TC26 256 C curve group
Packit Service 4684c1 
@item GNUTLS_@-GROUP_@-GC256D
Packit Service 4684c1 
the GOST R 34.10 TC26 256 D curve group
Packit Service 4684c1 
@item GNUTLS_@-GROUP_@-GC512A
Packit Service 4684c1 
the GOST R 34.10 TC26 512 A curve group
Packit Service 4684c1 
@item GNUTLS_@-GROUP_@-GC512B
Packit Service 4684c1 
the GOST R 34.10 TC26 512 B curve group
Packit Service 4684c1 
@item GNUTLS_@-GROUP_@-GC512C
Packit Service 4684c1 
the GOST R 34.10 TC26 512 C curve group
Packit Service 4684c1 
@item GNUTLS_@-GROUP_@-FFDHE2048
Packit Service 4684c1 
the FFDHE2048 group
Packit Service 4684c1 
@item GNUTLS_@-GROUP_@-FFDHE3072
Packit Service 4684c1 
the FFDHE3072 group
Packit Service 4684c1 
@item GNUTLS_@-GROUP_@-FFDHE4096
Packit Service 4684c1 
the FFDHE4096 group
Packit Service 4684c1 
@item GNUTLS_@-GROUP_@-FFDHE8192
Packit Service 4684c1 
the FFDHE8192 group
Packit Service 4684c1 
@item GNUTLS_@-GROUP_@-FFDHE6144
Packit Service 4684c1 
the FFDHE6144 group
Packit Service 4684c1 
@item GNUTLS_@-GROUP_@-MAX
Packit Service 4684c1 
-- undescribed --
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_sec_param_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-SEC_@-PARAM_@-UNKNOWN
Packit Service 4684c1 
Cannot be known
Packit Service 4684c1 
@item GNUTLS_@-SEC_@-PARAM_@-INSECURE
Packit Service 4684c1 
Less than 42 bits of security
Packit Service 4684c1 
@item GNUTLS_@-SEC_@-PARAM_@-EXPORT
Packit Service 4684c1 
42 bits of security
Packit Service 4684c1 
@item GNUTLS_@-SEC_@-PARAM_@-VERY_@-WEAK
Packit Service 4684c1 
64 bits of security
Packit Service 4684c1 
@item GNUTLS_@-SEC_@-PARAM_@-WEAK
Packit Service 4684c1 
72 bits of security
Packit Service 4684c1 
@item GNUTLS_@-SEC_@-PARAM_@-LOW
Packit Service 4684c1 
80 bits of security
Packit Service 4684c1 
@item GNUTLS_@-SEC_@-PARAM_@-LEGACY
Packit Service 4684c1 
96 bits of security
Packit Service 4684c1 
@item GNUTLS_@-SEC_@-PARAM_@-MEDIUM
Packit Service 4684c1 
112 bits of security (used to be @code{GNUTLS_SEC_PARAM_NORMAL} )
Packit Service 4684c1 
@item GNUTLS_@-SEC_@-PARAM_@-HIGH
Packit Service 4684c1 
128 bits of security
Packit Service 4684c1 
@item GNUTLS_@-SEC_@-PARAM_@-ULTRA
Packit Service 4684c1 
192 bits of security
Packit Service 4684c1 
@item GNUTLS_@-SEC_@-PARAM_@-FUTURE
Packit Service 4684c1 
256 bits of security
Packit Service 4684c1 
@item GNUTLS_@-SEC_@-PARAM_@-MAX
Packit Service 4684c1 
-- undescribed --
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_channel_binding_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-CB_@-TLS_@-UNIQUE
Packit Service 4684c1 
"tls-unique" (RFC 5929) channel binding
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_gost_paramset_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-GOST_@-PARAMSET_@-UNKNOWN
Packit Service 4684c1 
Unknown/default parameter set
Packit Service 4684c1 
@item GNUTLS_@-GOST_@-PARAMSET_@-TC26_@-Z
Packit Service 4684c1 
Specified by TC26, see rfc7836
Packit Service 4684c1 
@item GNUTLS_@-GOST_@-PARAMSET_@-CP_@-A
Packit Service 4684c1 
CryptoPro-A, see rfc4357
Packit Service 4684c1 
@item GNUTLS_@-GOST_@-PARAMSET_@-CP_@-B
Packit Service 4684c1 
CryptoPro-B, see rfc4357
Packit Service 4684c1 
@item GNUTLS_@-GOST_@-PARAMSET_@-CP_@-C
Packit Service 4684c1 
CryptoPro-C, see rfc4357
Packit Service 4684c1 
@item GNUTLS_@-GOST_@-PARAMSET_@-CP_@-D
Packit Service 4684c1 
CryptoPro-D, see rfc4357
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_ctype_target_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-CTYPE_@-CLIENT
Packit Service 4684c1 
for requesting client certificate type values.
Packit Service 4684c1 
@item GNUTLS_@-CTYPE_@-SERVER
Packit Service 4684c1 
for requesting server certificate type values.
Packit Service 4684c1 
@item GNUTLS_@-CTYPE_@-OURS
Packit Service 4684c1 
for requesting our certificate type values.
Packit Service 4684c1 
@item GNUTLS_@-CTYPE_@-PEERS
Packit Service 4684c1 
for requesting the peers' certificate type values.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_server_name_type_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-NAME_@-DNS
Packit Service 4684c1 
Domain Name System name type.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_session_flags_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-SFLAGS_@-SAFE_@-RENEGOTIATION
Packit Service 4684c1 
Safe renegotiation (RFC5746) was used
Packit Service 4684c1 
@item GNUTLS_@-SFLAGS_@-EXT_@-MASTER_@-SECRET
Packit Service 4684c1 
The extended master secret (RFC7627) extension was used
Packit Service 4684c1 
@item GNUTLS_@-SFLAGS_@-ETM
Packit Service 4684c1 
The encrypt then MAC (RFC7366) extension was used
Packit Service 4684c1 
@item GNUTLS_@-SFLAGS_@-HB_@-LOCAL_@-SEND
Packit Service 4684c1 
The heartbeat negotiation allows the local side to send heartbeat messages
Packit Service 4684c1 
@item GNUTLS_@-SFLAGS_@-HB_@-PEER_@-SEND
Packit Service 4684c1 
The heartbeat negotiation allows the peer to send heartbeat messages
Packit Service 4684c1 
@item GNUTLS_@-SFLAGS_@-FALSE_@-START
Packit Service 4684c1 
False start was used in this client session.
Packit Service 4684c1 
@item GNUTLS_@-SFLAGS_@-RFC7919
Packit Service 4684c1 
The RFC7919 Diffie-Hellman parameters were negotiated
Packit Service 4684c1 
@item GNUTLS_@-SFLAGS_@-SESSION_@-TICKET
Packit Service 4684c1 
A session ticket has been received by the server.
Packit Service 4684c1 
@item GNUTLS_@-SFLAGS_@-POST_@-HANDSHAKE_@-AUTH
Packit Service 4684c1 
Indicates client capability for post-handshake auth; set only on server side.
Packit Service 4684c1 
@item GNUTLS_@-SFLAGS_@-EARLY_@-START
Packit Service 4684c1 
The TLS1.3 server session returned early.
Packit Service 4684c1 
@item GNUTLS_@-SFLAGS_@-EARLY_@-DATA
Packit Service 4684c1 
The TLS1.3 early data has been received by the server.
Packit Service 4684c1 
@item GNUTLS_@-SFLAGS_@-CLI_@-REQUESTED_@-OCSP
Packit Service 4684c1 
Set when the client has requested OCSP staple during handshake.
Packit Service 4684c1 
@item GNUTLS_@-SFLAGS_@-SERV_@-REQUESTED_@-OCSP
Packit Service 4684c1 
Set when the server has requested OCSP staple during handshake.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_supplemental_data_format_type_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-SUPPLEMENTAL_@-UNKNOWN
Packit Service 4684c1 
Unknown data format
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_srtp_profile_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-SRTP_@-AES128_@-CM_@-HMAC_@-SHA1_@-80
Packit Service 4684c1 
128 bit AES with a 80 bit HMAC-SHA1
Packit Service 4684c1 
@item GNUTLS_@-SRTP_@-AES128_@-CM_@-HMAC_@-SHA1_@-32
Packit Service 4684c1 
128 bit AES with a 32 bit HMAC-SHA1
Packit Service 4684c1 
@item GNUTLS_@-SRTP_@-NULL_@-HMAC_@-SHA1_@-80
Packit Service 4684c1 
NULL cipher with a 80 bit HMAC-SHA1
Packit Service 4684c1 
@item GNUTLS_@-SRTP_@-NULL_@-HMAC_@-SHA1_@-32
Packit Service 4684c1 
NULL cipher with a 32 bit HMAC-SHA1
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_alpn_flags_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-ALPN_@-MANDATORY
Packit Service 4684c1 
Require ALPN negotiation. The connection will be
Packit Service 4684c1 
aborted if no matching ALPN protocol is found.
Packit Service 4684c1 
@item GNUTLS_@-ALPN_@-SERVER_@-PRECEDENCE
Packit Service 4684c1 
The choices set by the server
Packit Service 4684c1 
will take precedence over the client's.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_vdata_types_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-DT_@-UNKNOWN
Packit Service 4684c1 
Unknown data type.
Packit Service 4684c1 
@item GNUTLS_@-DT_@-DNS_@-HOSTNAME
Packit Service 4684c1 
The data contain a null-terminated DNS hostname; the hostname will be
Packit Service 4684c1 
matched using the RFC6125 rules. If the data contain a textual IP (v4 or v6) address it will
Packit Service 4684c1 
be marched against the IPAddress Alternative name, unless the verification flag @code{GNUTLS_VERIFY_DO_NOT_ALLOW_IP_MATCHES}
Packit Service 4684c1 
is specified.
Packit Service 4684c1 
@item GNUTLS_@-DT_@-KEY_@-PURPOSE_@-OID
Packit Service 4684c1 
The data contain a null-terminated key purpose OID. It will be matched
Packit Service 4684c1 
against the certificate's Extended Key Usage extension.
Packit Service 4684c1 
@item GNUTLS_@-DT_@-RFC822NAME
Packit Service 4684c1 
The data contain a null-terminated email address; the email will be
Packit Service 4684c1 
matched against the RFC822Name Alternative name of the certificate, or the EMAIL DN component if the
Packit Service 4684c1 
former isn't available. Prior to matching the email address will be converted to ACE
Packit Service 4684c1 
(ASCII-compatible-encoding).
Packit Service 4684c1 
@item GNUTLS_@-DT_@-IP_@-ADDRESS
Packit Service 4684c1 
The data contain a raw IP address (4 or 16 bytes). If will be matched
Packit Service 4684c1 
against the IPAddress Alternative name; option available since 3.6.0.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_certificate_flags
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-CERTIFICATE_@-SKIP_@-KEY_@-CERT_@-MATCH
Packit Service 4684c1 
Skip the key and certificate matching check.
Packit Service 4684c1 
@item GNUTLS_@-CERTIFICATE_@-API_@-V2
Packit Service 4684c1 
If set the gnutls_certificate_set_*key* functions will return an index of the added key pair instead of zero.
Packit Service 4684c1 
@item GNUTLS_@-CERTIFICATE_@-SKIP_@-OCSP_@-RESPONSE_@-CHECK
Packit Service 4684c1 
If set, the gnutls_certificate_set_ocsp_status_request_file
Packit Service 4684c1 
function, will not check whether the response set matches any of the certificates.
Packit Service 4684c1 
@item GNUTLS_@-CERTIFICATE_@-VERIFY_@-CRLS
Packit Service 4684c1 
This will enable CRL verification when added in the certificate structure.
Packit Service 4684c1 
When used, it requires CAs to be added before CRLs.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_psk_key_flags
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-PSK_@-KEY_@-RAW
Packit Service 4684c1 
PSK-key in raw format.
Packit Service 4684c1 
@item GNUTLS_@-PSK_@-KEY_@-HEX
Packit Service 4684c1 
PSK-key in hex format.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_x509_subject_alt_name_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-SAN_@-DNSNAME
Packit Service 4684c1 
DNS-name SAN.
Packit Service 4684c1 
@item GNUTLS_@-SAN_@-RFC822NAME
Packit Service 4684c1 
E-mail address SAN.
Packit Service 4684c1 
@item GNUTLS_@-SAN_@-URI
Packit Service 4684c1 
URI SAN.
Packit Service 4684c1 
@item GNUTLS_@-SAN_@-IPADDRESS
Packit Service 4684c1 
IP address SAN.
Packit Service 4684c1 
@item GNUTLS_@-SAN_@-OTHERNAME
Packit Service 4684c1 
OtherName SAN.
Packit Service 4684c1 
@item GNUTLS_@-SAN_@-DN
Packit Service 4684c1 
DN SAN.
Packit Service 4684c1 
@item GNUTLS_@-SAN_@-REGISTERED_@-ID
Packit Service 4684c1 
RegisteredID.
Packit Service 4684c1 
@item GNUTLS_@-SAN_@-MAX
Packit Service 4684c1 
-- undescribed --
Packit Service 4684c1 
@item GNUTLS_@-SAN_@-OTHERNAME_@-XMPP
Packit Service 4684c1 
Virtual SAN, used by certain functions for convenience.
Packit Service 4684c1 
@item GNUTLS_@-SAN_@-OTHERNAME_@-KRB5PRINCIPAL
Packit Service 4684c1 
Virtual SAN, used by certain functions for convenience.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_privkey_type_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-PRIVKEY_@-X509
Packit Service 4684c1 
X.509 private key, @code{gnutls_x509_privkey_t} .
Packit Service 4684c1 
@item GNUTLS_@-PRIVKEY_@-OPENPGP
Packit Service 4684c1 
OpenPGP private key, @code{gnutls_openpgp_privkey_t} .
Packit Service 4684c1 
@item GNUTLS_@-PRIVKEY_@-PKCS11
Packit Service 4684c1 
PKCS11 private key, @code{gnutls_pkcs11_privkey_t} .
Packit Service 4684c1 
@item GNUTLS_@-PRIVKEY_@-EXT
Packit Service 4684c1 
External private key, operating using callbacks.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_pin_flag_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-PIN_@-USER
Packit Service 4684c1 
The PIN for the user.
Packit Service 4684c1 
@item GNUTLS_@-PIN_@-SO
Packit Service 4684c1 
The PIN for the security officer (admin).
Packit Service 4684c1 
@item GNUTLS_@-PIN_@-FINAL_@-TRY
Packit Service 4684c1 
This is the final try before blocking.
Packit Service 4684c1 
@item GNUTLS_@-PIN_@-COUNT_@-LOW
Packit Service 4684c1 
Few tries remain before token blocks.
Packit Service 4684c1 
@item GNUTLS_@-PIN_@-CONTEXT_@-SPECIFIC
Packit Service 4684c1 
The PIN is for a specific action and key like signing.
Packit Service 4684c1 
@item GNUTLS_@-PIN_@-WRONG
Packit Service 4684c1 
Last given PIN was not correct.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_ext_parse_type_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-EXT_@-ANY
Packit Service 4684c1 
Any extension type (should not be used as it is used only internally).
Packit Service 4684c1 
@item GNUTLS_@-EXT_@-APPLICATION
Packit Service 4684c1 
Parsed after  @code{GNUTLS_EXT_MANDATORY}
Packit Service 4684c1 
@item GNUTLS_@-EXT_@-TLS
Packit Service 4684c1 
TLS-internal extensions, parsed after  @code{GNUTLS_EXT_APPLICATION} .
Packit Service 4684c1 
@item GNUTLS_@-EXT_@-MANDATORY
Packit Service 4684c1 
Parsed after  @code{GNUTLS_EXT_VERSION_NEG} and even when resuming.
Packit Service 4684c1 
@item GNUTLS_@-EXT_@-NONE
Packit Service 4684c1 
Never to be parsed
Packit Service 4684c1 
@item GNUTLS_@-EXT_@-VERSION_@-NEG
Packit Service 4684c1 
Extensions to be parsed first for TLS version negotiation.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_ext_flags_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-EXT_@-FLAG_@-OVERRIDE_@-INTERNAL
Packit Service 4684c1 
If specified the extension registered will override the internal; this does not work with extensions existing prior to 3.6.0.
Packit Service 4684c1 
@item GNUTLS_@-EXT_@-FLAG_@-CLIENT_@-HELLO
Packit Service 4684c1 
This extension can be present in a client hello
Packit Service 4684c1 
@item GNUTLS_@-EXT_@-FLAG_@-TLS12_@-SERVER_@-HELLO
Packit Service 4684c1 
This extension can be present in a TLS1.2 or earlier server hello
Packit Service 4684c1 
@item GNUTLS_@-EXT_@-FLAG_@-TLS13_@-SERVER_@-HELLO
Packit Service 4684c1 
This extension can be present in a TLS1.3 server hello
Packit Service 4684c1 
@item GNUTLS_@-EXT_@-FLAG_@-EE
Packit Service 4684c1 
This extension can be present in encrypted extensions message
Packit Service 4684c1 
@item GNUTLS_@-EXT_@-FLAG_@-HRR
Packit Service 4684c1 
This extension can be present in hello retry request message
Packit Service 4684c1 
@item GNUTLS_@-EXT_@-FLAG_@-IGNORE_@-CLIENT_@-REQUEST
Packit Service 4684c1 
When flag is present, this extension will be send even if the client didn't advertise it. An extension of this type is the Cookie TLS1.3 extension.
Packit Service 4684c1 
@item GNUTLS_@-EXT_@-FLAG_@-TLS
Packit Service 4684c1 
This extension can be present under TLS; otherwise ignored.
Packit Service 4684c1 
@item GNUTLS_@-EXT_@-FLAG_@-DTLS
Packit Service 4684c1 
This extension can be present under DTLS; otherwise ignored.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_fips_mode_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-FIPS140_@-DISABLED
Packit Service 4684c1 
The FIPS140-2 mode is disabled.
Packit Service 4684c1 
@item GNUTLS_@-FIPS140_@-STRICT
Packit Service 4684c1 
The default mode; all forbidden operations will cause an
Packit Service 4684c1 
operation failure via error code.
Packit Service 4684c1 
@item GNUTLS_@-FIPS140_@-SELFTESTS
Packit Service 4684c1 
A transient state during library initialization. That state
Packit Service 4684c1 
cannot be set or seen by applications.
Packit Service 4684c1 
@item GNUTLS_@-FIPS140_@-LAX
Packit Service 4684c1 
The library still uses the FIPS140-2 relevant algorithms but all
Packit Service 4684c1 
forbidden by FIPS140-2 operations are allowed; this is useful when the
Packit Service 4684c1 
application is aware of the followed security policy, and needs
Packit Service 4684c1 
to utilize disallowed operations for other reasons (e.g., compatibility).
Packit Service 4684c1 
@item GNUTLS_@-FIPS140_@-LOG
Packit Service 4684c1 
Similarly to @code{GNUTLS_FIPS140_LAX} , it allows forbidden operations; any use of them results
Packit Service 4684c1 
to a message to the audit callback functions.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_certificate_import_flags
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-X509_@-CRT_@-LIST_@-IMPORT_@-FAIL_@-IF_@-EXCEED
Packit Service 4684c1 
Fail if the
Packit Service 4684c1 
certificates in the buffer are more than the space allocated for
Packit Service 4684c1 
certificates. The error code will be @code{GNUTLS_E_SHORT_MEMORY_BUFFER} .
Packit Service 4684c1 
@item GNUTLS_@-X509_@-CRT_@-LIST_@-FAIL_@-IF_@-UNSORTED
Packit Service 4684c1 
Fail if the certificates
Packit Service 4684c1 
in the buffer are not ordered starting from subject to issuer.
Packit Service 4684c1 
The error code will be @code{GNUTLS_E_CERTIFICATE_LIST_UNSORTED} .
Packit Service 4684c1 
@item GNUTLS_@-X509_@-CRT_@-LIST_@-SORT
Packit Service 4684c1 
Sort the certificate chain if unsorted.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_x509_crt_flags
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-X509_@-CRT_@-FLAG_@-IGNORE_@-SANITY
Packit Service 4684c1 
Ignore any sanity checks at the
Packit Service 4684c1 
import of the certificate; i.e., ignore checks such as version/field
Packit Service 4684c1 
matching and strict time field checks. Intended to be used for debugging.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_keyid_flags_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-KEYID_@-USE_@-SHA1
Packit Service 4684c1 
Use SHA1 as the key ID algorithm (default).
Packit Service 4684c1 
@item GNUTLS_@-KEYID_@-USE_@-SHA256
Packit Service 4684c1 
Use SHA256 as the key ID algorithm.
Packit Service 4684c1 
@item GNUTLS_@-KEYID_@-USE_@-SHA512
Packit Service 4684c1 
Use SHA512 as the key ID algorithm.
Packit Service 4684c1 
@item GNUTLS_@-KEYID_@-USE_@-BEST_@-KNOWN
Packit Service 4684c1 
Use the best known algorithm to calculate key ID. Using that option will make your program behavior depend on the version of gnutls linked with. That option has a cap of 64-bytes key IDs.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_certificate_verify_flags
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-VERIFY_@-DISABLE_@-CA_@-SIGN
Packit Service 4684c1 
If set a signer does not have to be
Packit Service 4684c1 
a certificate authority. This flag should normally be disabled,
Packit Service 4684c1 
unless you know what this means.
Packit Service 4684c1 
@item GNUTLS_@-VERIFY_@-DO_@-NOT_@-ALLOW_@-IP_@-MATCHES
Packit Service 4684c1 
When verifying a hostname
Packit Service 4684c1 
prevent textual IP addresses from matching IP addresses in the
Packit Service 4684c1 
certificate. Treat the input only as a DNS name.
Packit Service 4684c1 
@item GNUTLS_@-VERIFY_@-DO_@-NOT_@-ALLOW_@-SAME
Packit Service 4684c1 
If a certificate is not signed by
Packit Service 4684c1 
anyone trusted but exists in the trusted CA list do not treat it
Packit Service 4684c1 
as trusted.
Packit Service 4684c1 
@item GNUTLS_@-VERIFY_@-ALLOW_@-ANY_@-X509_@-V1_@-CA_@-CRT
Packit Service 4684c1 
Allow CA certificates that
Packit Service 4684c1 
have version 1 (both root and intermediate). This might be
Packit Service 4684c1 
dangerous since those haven't the basicConstraints
Packit Service 4684c1 
extension.
Packit Service 4684c1 
@item GNUTLS_@-VERIFY_@-ALLOW_@-SIGN_@-RSA_@-MD2
Packit Service 4684c1 
Allow certificates to be signed
Packit Service 4684c1 
using the broken MD2 algorithm.
Packit Service 4684c1 
@item GNUTLS_@-VERIFY_@-ALLOW_@-SIGN_@-RSA_@-MD5
Packit Service 4684c1 
Allow certificates to be signed
Packit Service 4684c1 
using the broken MD5 algorithm.
Packit Service 4684c1 
@item GNUTLS_@-VERIFY_@-DISABLE_@-TIME_@-CHECKS
Packit Service 4684c1 
Disable checking of activation
Packit Service 4684c1 
and expiration validity periods of certificate chains. Don't set
Packit Service 4684c1 
this unless you understand the security implications.
Packit Service 4684c1 
@item GNUTLS_@-VERIFY_@-DISABLE_@-TRUSTED_@-TIME_@-CHECKS
Packit Service 4684c1 
If set a signer in the trusted
Packit Service 4684c1 
list is never checked for expiration or activation.
Packit Service 4684c1 
@item GNUTLS_@-VERIFY_@-DO_@-NOT_@-ALLOW_@-X509_@-V1_@-CA_@-CRT
Packit Service 4684c1 
Do not allow trusted CA
Packit Service 4684c1 
certificates that have version 1.  This option is to be used
Packit Service 4684c1 
to deprecate all certificates of version 1.
Packit Service 4684c1 
@item GNUTLS_@-VERIFY_@-DISABLE_@-CRL_@-CHECKS
Packit Service 4684c1 
Disable checking for validity
Packit Service 4684c1 
using certificate revocation lists or the available OCSP data.
Packit Service 4684c1 
@item GNUTLS_@-VERIFY_@-ALLOW_@-UNSORTED_@-CHAIN
Packit Service 4684c1 
A certificate chain is tolerated
Packit Service 4684c1 
if unsorted (the case with many TLS servers out there). This is the
Packit Service 4684c1 
default since GnuTLS 3.1.4.
Packit Service 4684c1 
@item GNUTLS_@-VERIFY_@-DO_@-NOT_@-ALLOW_@-UNSORTED_@-CHAIN
Packit Service 4684c1 
Do not tolerate an unsorted
Packit Service 4684c1 
certificate chain.
Packit Service 4684c1 
@item GNUTLS_@-VERIFY_@-DO_@-NOT_@-ALLOW_@-WILDCARDS
Packit Service 4684c1 
When including a hostname
Packit Service 4684c1 
check in the verification, do not consider any wildcards.
Packit Service 4684c1 
@item GNUTLS_@-VERIFY_@-USE_@-TLS1_@-RSA
Packit Service 4684c1 
This indicates that a (raw) RSA signature is provided
Packit Service 4684c1 
as in the TLS 1.0 protocol. Not all functions accept this flag.
Packit Service 4684c1 
@item GNUTLS_@-VERIFY_@-IGNORE_@-UNKNOWN_@-CRIT_@-EXTENSIONS
Packit Service 4684c1 
This signals the verification
Packit Service 4684c1 
process, not to fail on unknown critical extensions.
Packit Service 4684c1 
@item GNUTLS_@-VERIFY_@-ALLOW_@-SIGN_@-WITH_@-SHA1
Packit Service 4684c1 
Allow certificates to be signed
Packit Service 4684c1 
using the broken SHA1 hash algorithm.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_certificate_verification_profiles_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-PROFILE_@-UNKNOWN
Packit Service 4684c1 
An invalid/unknown profile.
Packit Service 4684c1 
@item GNUTLS_@-PROFILE_@-VERY_@-WEAK
Packit Service 4684c1 
A verification profile that
Packit Service 4684c1 
corresponds to  @code{GNUTLS_SEC_PARAM_VERY_WEAK} (64 bits)
Packit Service 4684c1 
@item GNUTLS_@-PROFILE_@-LOW
Packit Service 4684c1 
A verification profile that
Packit Service 4684c1 
corresponds to  @code{GNUTLS_SEC_PARAM_LOW} (80 bits)
Packit Service 4684c1 
@item GNUTLS_@-PROFILE_@-LEGACY
Packit Service 4684c1 
A verification profile that
Packit Service 4684c1 
corresponds to  @code{GNUTLS_SEC_PARAM_LEGACY} (96 bits)
Packit Service 4684c1 
@item GNUTLS_@-PROFILE_@-MEDIUM
Packit Service 4684c1 
A verification profile that
Packit Service 4684c1 
corresponds to  @code{GNUTLS_SEC_PARAM_MEDIUM} (112 bits)
Packit Service 4684c1 
@item GNUTLS_@-PROFILE_@-HIGH
Packit Service 4684c1 
A verification profile that
Packit Service 4684c1 
corresponds to  @code{GNUTLS_SEC_PARAM_HIGH} (128 bits)
Packit Service 4684c1 
@item GNUTLS_@-PROFILE_@-ULTRA
Packit Service 4684c1 
A verification profile that
Packit Service 4684c1 
corresponds to  @code{GNUTLS_SEC_PARAM_ULTRA} (192 bits)
Packit Service 4684c1 
@item GNUTLS_@-PROFILE_@-FUTURE
Packit Service 4684c1 
A verification profile that
Packit Service 4684c1 
corresponds to  @code{GNUTLS_SEC_PARAM_FUTURE} (256 bits)
Packit Service 4684c1 
@item GNUTLS_@-PROFILE_@-SUITEB128
Packit Service 4684c1 
A verification profile that
Packit Service 4684c1 
applies the SUITEB128 rules
Packit Service 4684c1 
@item GNUTLS_@-PROFILE_@-SUITEB192
Packit Service 4684c1 
A verification profile that
Packit Service 4684c1 
applies the SUITEB192 rules
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_pkcs_encrypt_flags_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-PKCS_@-PLAIN
Packit Service 4684c1 
Unencrypted private key.
Packit Service 4684c1 
@item GNUTLS_@-PKCS_@-PKCS12_@-3DES
Packit Service 4684c1 
PKCS-12 3DES.
Packit Service 4684c1 
@item GNUTLS_@-PKCS_@-PKCS12_@-ARCFOUR
Packit Service 4684c1 
PKCS-12 ARCFOUR.
Packit Service 4684c1 
@item GNUTLS_@-PKCS_@-PKCS12_@-RC2_@-40
Packit Service 4684c1 
PKCS-12 RC2-40.
Packit Service 4684c1 
@item GNUTLS_@-PKCS_@-PBES2_@-3DES
Packit Service 4684c1 
PBES2 3DES.
Packit Service 4684c1 
@item GNUTLS_@-PKCS_@-PBES2_@-AES_@-128
Packit Service 4684c1 
PBES2 AES-128.
Packit Service 4684c1 
@item GNUTLS_@-PKCS_@-PBES2_@-AES_@-192
Packit Service 4684c1 
PBES2 AES-192.
Packit Service 4684c1 
@item GNUTLS_@-PKCS_@-PBES2_@-AES_@-256
Packit Service 4684c1 
PBES2 AES-256.
Packit Service 4684c1 
@item GNUTLS_@-PKCS_@-NULL_@-PASSWORD
Packit Service 4684c1 
Some schemas distinguish between an empty and a NULL password.
Packit Service 4684c1 
@item GNUTLS_@-PKCS_@-PBES2_@-DES
Packit Service 4684c1 
PBES2 single DES.
Packit Service 4684c1 
@item GNUTLS_@-PKCS_@-PBES1_@-DES_@-MD5
Packit Service 4684c1 
PBES1 with single DES; for compatibility with openssl only.
Packit Service 4684c1 
@item GNUTLS_@-PKCS_@-PBES2_@-GOST_@-TC26Z
Packit Service 4684c1 
PBES2 GOST 28147-89 CFB with TC26-Z S-box.
Packit Service 4684c1 
@item GNUTLS_@-PKCS_@-PBES2_@-GOST_@-CPA
Packit Service 4684c1 
PBES2 GOST 28147-89 CFB with CryptoPro-A S-box.
Packit Service 4684c1 
@item GNUTLS_@-PKCS_@-PBES2_@-GOST_@-CPB
Packit Service 4684c1 
PBES2 GOST 28147-89 CFB with CryptoPro-B S-box.
Packit Service 4684c1 
@item GNUTLS_@-PKCS_@-PBES2_@-GOST_@-CPC
Packit Service 4684c1 
PBES2 GOST 28147-89 CFB with CryptoPro-C S-box.
Packit Service 4684c1 
@item GNUTLS_@-PKCS_@-PBES2_@-GOST_@-CPD
Packit Service 4684c1 
PBES2 GOST 28147-89 CFB with CryptoPro-D S-box.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_keygen_types_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-KEYGEN_@-SEED
Packit Service 4684c1 
Specifies the seed to be used in key generation.
Packit Service 4684c1 
@item GNUTLS_@-KEYGEN_@-DIGEST
Packit Service 4684c1 
The size field specifies the hash algorithm to be used in key generation.
Packit Service 4684c1 
@item GNUTLS_@-KEYGEN_@-SPKI
Packit Service 4684c1 
data points to a @code{gnutls_x509_spki_t}  structure; it is not used after the key generation call.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_pkcs12_bag_type_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-BAG_@-EMPTY
Packit Service 4684c1 
Empty PKCS-12 bag.
Packit Service 4684c1 
@item GNUTLS_@-BAG_@-PKCS8_@-ENCRYPTED_@-KEY
Packit Service 4684c1 
PKCS-12 bag with PKCS-8 encrypted key.
Packit Service 4684c1 
@item GNUTLS_@-BAG_@-PKCS8_@-KEY
Packit Service 4684c1 
PKCS-12 bag with PKCS-8 key.
Packit Service 4684c1 
@item GNUTLS_@-BAG_@-CERTIFICATE
Packit Service 4684c1 
PKCS-12 bag with certificate.
Packit Service 4684c1 
@item GNUTLS_@-BAG_@-CRL
Packit Service 4684c1 
PKCS-12 bag with CRL.
Packit Service 4684c1 
@item GNUTLS_@-BAG_@-SECRET
Packit Service 4684c1 
PKCS-12 bag with secret PKCS-9 keys.
Packit Service 4684c1 
@item GNUTLS_@-BAG_@-ENCRYPTED
Packit Service 4684c1 
Encrypted PKCS-12 bag.
Packit Service 4684c1 
@item GNUTLS_@-BAG_@-UNKNOWN
Packit Service 4684c1 
Unknown PKCS-12 bag.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_pkcs11_obj_flags
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-LOGIN
Packit Service 4684c1 
Force login in the token for the operation (seek+store).
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-MARK_@-TRUSTED
Packit Service 4684c1 
object marked as trusted (seek+store).
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-MARK_@-SENSITIVE
Packit Service 4684c1 
object is explicitly marked as sensitive -unexportable (store).
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-LOGIN_@-SO
Packit Service 4684c1 
force login as a security officer in the token for the operation (seek+store).
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-MARK_@-PRIVATE
Packit Service 4684c1 
marked as private -requires PIN to access (store).
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-MARK_@-NOT_@-PRIVATE
Packit Service 4684c1 
marked as not private (store).
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-RETRIEVE_@-ANY
Packit Service 4684c1 
When retrieving an object, do not set any requirements (store).
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-RETRIEVE_@-TRUSTED
Packit Service 4684c1 
When retrieving an object, only retrieve the marked as trusted (alias to @code{GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED} ).
Packit Service 4684c1 
In @code{gnutls_pkcs11_crt_is_known()}  it implies @code{GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_COMPARE}  if @code{GNUTLS_PKCS11_OBJ_FLAG_COMPARE_KEY}  is not given.
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-MARK_@-DISTRUSTED
Packit Service 4684c1 
When writing an object, mark it as distrusted (store).
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-RETRIEVE_@-DISTRUSTED
Packit Service 4684c1 
When retrieving an object, only retrieve the marked as distrusted (seek).
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-COMPARE
Packit Service 4684c1 
When checking an object's presence, fully compare it before returning any result (seek).
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-PRESENT_@-IN_@-TRUSTED_@-MODULE
Packit Service 4684c1 
The object must be present in a marked as trusted module (seek).
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-MARK_@-CA
Packit Service 4684c1 
Mark the object as a CA (seek+store).
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-MARK_@-KEY_@-WRAP
Packit Service 4684c1 
Mark the generated key pair as wrapping and unwrapping keys (store).
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-COMPARE_@-KEY
Packit Service 4684c1 
When checking an object's presence, compare the key before returning any result (seek).
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-OVERWRITE_@-TRUSTMOD_@-EXT
Packit Service 4684c1 
When an issuer is requested, override its extensions with the ones present in the trust module (seek).
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-MARK_@-ALWAYS_@-AUTH
Packit Service 4684c1 
Mark the key pair as requiring authentication (pin entry) before every operation (seek+store).
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-MARK_@-EXTRACTABLE
Packit Service 4684c1 
Mark the key pair as being extractable (store).
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-NEVER_@-EXTRACTABLE
Packit Service 4684c1 
If set, the object was never marked as extractable (store).
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-CRT
Packit Service 4684c1 
When searching, restrict to certificates only (seek).
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-WITH_@-PRIVKEY
Packit Service 4684c1 
-- undescribed --
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-PUBKEY
Packit Service 4684c1 
When searching, restrict to public key objects only (seek).
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-NO_@-STORE_@-PUBKEY
Packit Service 4684c1 
When generating a keypair don't store the public key (store).
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-PRIVKEY
Packit Service 4684c1 
When searching, restrict to private key objects only (seek).
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-MARK_@-NOT_@-SENSITIVE
Packit Service 4684c1 
object marked as not sensitive -exportable (store).
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_pkcs11_url_type_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-URL_@-GENERIC
Packit Service 4684c1 
A generic-purpose URL.
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-URL_@-LIB
Packit Service 4684c1 
A URL that specifies the library used as well.
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-URL_@-LIB_@-VERSION
Packit Service 4684c1 
A URL that specifies the library and its version.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_pkcs11_obj_info_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-ID_@-HEX
Packit Service 4684c1 
The object ID in hex. Null-terminated text.
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-LABEL
Packit Service 4684c1 
The object label. Null-terminated text.
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-TOKEN_@-LABEL
Packit Service 4684c1 
The token's label. Null-terminated text.
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-TOKEN_@-SERIAL
Packit Service 4684c1 
The token's serial number. Null-terminated text.
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-TOKEN_@-MANUFACTURER
Packit Service 4684c1 
The token's manufacturer. Null-terminated text.
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-TOKEN_@-MODEL
Packit Service 4684c1 
The token's model. Null-terminated text.
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-ID
Packit Service 4684c1 
The object ID. Raw bytes.
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-LIBRARY_@-VERSION
Packit Service 4684c1 
The library's version. Null-terminated text.
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-LIBRARY_@-DESCRIPTION
Packit Service 4684c1 
The library's description. Null-terminated text.
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-LIBRARY_@-MANUFACTURER
Packit Service 4684c1 
The library's manufacturer name. Null-terminated text.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_pkcs11_token_info_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-TOKEN_@-LABEL
Packit Service 4684c1 
The token's label (string)
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-TOKEN_@-SERIAL
Packit Service 4684c1 
The token's serial number (string)
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-TOKEN_@-MANUFACTURER
Packit Service 4684c1 
The token's manufacturer (string)
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-TOKEN_@-MODEL
Packit Service 4684c1 
The token's model (string)
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-TOKEN_@-MODNAME
Packit Service 4684c1 
The token's module name (string - since 3.4.3). This value is
Packit Service 4684c1 
unavailable for providers which were manually loaded.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_pkcs11_obj_type_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-UNKNOWN
Packit Service 4684c1 
Unknown PKCS11 object.
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-X509_@-CRT
Packit Service 4684c1 
X.509 certificate.
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-PUBKEY
Packit Service 4684c1 
Public key.
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-PRIVKEY
Packit Service 4684c1 
Private key.
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-SECRET_@-KEY
Packit Service 4684c1 
Secret key.
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-DATA
Packit Service 4684c1 
Data object.
Packit Service 4684c1 
@item GNUTLS_@-PKCS11_@-OBJ_@-X509_@-CRT_@-EXTENSION
Packit Service 4684c1 
X.509 certificate extension (supported by p11-kit trust module only).
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_pubkey_flags_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-PUBKEY_@-DISABLE_@-CALLBACKS
Packit Service 4684c1 
The following flag disables call to PIN callbacks. Only
Packit Service 4684c1 
relevant to TPM keys.
Packit Service 4684c1 
@item GNUTLS_@-PUBKEY_@-GET_@-OPENPGP_@-FINGERPRINT
Packit Service 4684c1 
request an OPENPGP fingerprint instead of the default.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_abstract_export_flags_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-EXPORT_@-FLAG_@-NO_@-LZ
Packit Service 4684c1 
do not prepend a leading zero to exported values
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_privkey_flags_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-PRIVKEY_@-IMPORT_@-AUTO_@-RELEASE
Packit Service 4684c1 
When importing a private key, automatically
Packit Service 4684c1 
release it when the structure it was imported is released.
Packit Service 4684c1 
@item GNUTLS_@-PRIVKEY_@-IMPORT_@-COPY
Packit Service 4684c1 
Copy required values during import.
Packit Service 4684c1 
@item GNUTLS_@-PRIVKEY_@-DISABLE_@-CALLBACKS
Packit Service 4684c1 
The following flag disables call to PIN callbacks etc.
Packit Service 4684c1 
Only relevant to TPM keys.
Packit Service 4684c1 
@item GNUTLS_@-PRIVKEY_@-SIGN_@-FLAG_@-TLS1_@-RSA
Packit Service 4684c1 
Make an RSA signature on the hashed data as in the TLS protocol.
Packit Service 4684c1 
@item GNUTLS_@-PRIVKEY_@-FLAG_@-PROVABLE
Packit Service 4684c1 
When generating a key involving prime numbers, use provable primes; a seed may be required.
Packit Service 4684c1 
@item GNUTLS_@-PRIVKEY_@-FLAG_@-EXPORT_@-COMPAT
Packit Service 4684c1 
Keys generated or imported as provable require an extended format which cannot be read by previous versions
Packit Service 4684c1 
of gnutls or other applications. By setting this flag the key will be exported in a backwards compatible way,
Packit Service 4684c1 
even if the information about the seed used will be lost.
Packit Service 4684c1 
@item GNUTLS_@-PRIVKEY_@-SIGN_@-FLAG_@-RSA_@-PSS
Packit Service 4684c1 
Make an RSA signature on the hashed data with the PSS padding.
Packit Service 4684c1 
@item GNUTLS_@-PRIVKEY_@-FLAG_@-REPRODUCIBLE
Packit Service 4684c1 
Make a signature on the hashed data with reproducible parameters.
Packit Service 4684c1 
For RSA-PSS, that means to use empty salt instead of random value. To
Packit Service 4684c1 
verify a signature created using this flag, the corresponding SPKI needs
Packit Service 4684c1 
to be set on the public key. Use @code{gnutls_pubkey_set_spki()}  for that.
Packit Service 4684c1 
For ECDSA/DSA, it uses the deterministic construction of random parameter
Packit Service 4684c1 
according to RFC 6979. Note that this only supports the NIST curves and DSA
Packit Service 4684c1 
subgroup bits up to 512.
Packit Service 4684c1 
@item GNUTLS_@-PRIVKEY_@-FLAG_@-CA
Packit Service 4684c1 
The generated private key is going to be used as a CA (relevant for RSA-PSS keys).
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_rnd_level_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-RND_@-NONCE
Packit Service 4684c1 
Non-predictable random number.  Fatal in parts
Packit Service 4684c1 
of session if broken, i.e., vulnerable to statistical analysis.
Packit Service 4684c1 
@item GNUTLS_@-RND_@-RANDOM
Packit Service 4684c1 
Pseudo-random cryptographic random number.
Packit Service 4684c1 
Fatal in session if broken. Example use: temporal keys.
Packit Service 4684c1 
@item GNUTLS_@-RND_@-KEY
Packit Service 4684c1 
Fatal in many sessions if broken. Example use:
Packit Service 4684c1 
Long-term keys.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_ocsp_print_formats_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-OCSP_@-PRINT_@-FULL
Packit Service 4684c1 
Full information about OCSP request/response.
Packit Service 4684c1 
@item GNUTLS_@-OCSP_@-PRINT_@-COMPACT
Packit Service 4684c1 
More compact information about OCSP request/response.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_ocsp_resp_status_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-OCSP_@-RESP_@-SUCCESSFUL
Packit Service 4684c1 
Response has valid confirmations.
Packit Service 4684c1 
@item GNUTLS_@-OCSP_@-RESP_@-MALFORMEDREQUEST
Packit Service 4684c1 
Illegal confirmation request
Packit Service 4684c1 
@item GNUTLS_@-OCSP_@-RESP_@-INTERNALERROR
Packit Service 4684c1 
Internal error in issuer
Packit Service 4684c1 
@item GNUTLS_@-OCSP_@-RESP_@-TRYLATER
Packit Service 4684c1 
Try again later
Packit Service 4684c1 
@item GNUTLS_@-OCSP_@-RESP_@-SIGREQUIRED
Packit Service 4684c1 
Must sign the request
Packit Service 4684c1 
@item GNUTLS_@-OCSP_@-RESP_@-UNAUTHORIZED
Packit Service 4684c1 
Request unauthorized
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_ocsp_cert_status_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-OCSP_@-CERT_@-GOOD
Packit Service 4684c1 
Positive response to status inquiry.
Packit Service 4684c1 
@item GNUTLS_@-OCSP_@-CERT_@-REVOKED
Packit Service 4684c1 
Certificate has been revoked.
Packit Service 4684c1 
@item GNUTLS_@-OCSP_@-CERT_@-UNKNOWN
Packit Service 4684c1 
The responder doesn't know about the
Packit Service 4684c1 
certificate.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_x509_crl_reason_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-X509_@-CRLREASON_@-UNSPECIFIED
Packit Service 4684c1 
Unspecified reason.
Packit Service 4684c1 
@item GNUTLS_@-X509_@-CRLREASON_@-KEYCOMPROMISE
Packit Service 4684c1 
Private key compromised.
Packit Service 4684c1 
@item GNUTLS_@-X509_@-CRLREASON_@-CACOMPROMISE
Packit Service 4684c1 
CA compromised.
Packit Service 4684c1 
@item GNUTLS_@-X509_@-CRLREASON_@-AFFILIATIONCHANGED
Packit Service 4684c1 
Affiliation has changed.
Packit Service 4684c1 
@item GNUTLS_@-X509_@-CRLREASON_@-SUPERSEDED
Packit Service 4684c1 
Certificate superseded.
Packit Service 4684c1 
@item GNUTLS_@-X509_@-CRLREASON_@-CESSATIONOFOPERATION
Packit Service 4684c1 
Operation has ceased.
Packit Service 4684c1 
@item GNUTLS_@-X509_@-CRLREASON_@-CERTIFICATEHOLD
Packit Service 4684c1 
Certificate is on hold.
Packit Service 4684c1 
@item GNUTLS_@-X509_@-CRLREASON_@-REMOVEFROMCRL
Packit Service 4684c1 
Will be removed from delta CRL.
Packit Service 4684c1 
@item GNUTLS_@-X509_@-CRLREASON_@-PRIVILEGEWITHDRAWN
Packit Service 4684c1 
Privilege withdrawn.
Packit Service 4684c1 
@item GNUTLS_@-X509_@-CRLREASON_@-AACOMPROMISE
Packit Service 4684c1 
AA compromised.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_ocsp_verify_reason_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-OCSP_@-VERIFY_@-SIGNER_@-NOT_@-FOUND
Packit Service 4684c1 
Signer cert not found.
Packit Service 4684c1 
@item GNUTLS_@-OCSP_@-VERIFY_@-SIGNER_@-KEYUSAGE_@-ERROR
Packit Service 4684c1 
Signer keyusage bits incorrect.
Packit Service 4684c1 
@item GNUTLS_@-OCSP_@-VERIFY_@-UNTRUSTED_@-SIGNER
Packit Service 4684c1 
Signer is not trusted.
Packit Service 4684c1 
@item GNUTLS_@-OCSP_@-VERIFY_@-INSECURE_@-ALGORITHM
Packit Service 4684c1 
Signature using insecure algorithm.
Packit Service 4684c1 
@item GNUTLS_@-OCSP_@-VERIFY_@-SIGNATURE_@-FAILURE
Packit Service 4684c1 
Signature mismatch.
Packit Service 4684c1 
@item GNUTLS_@-OCSP_@-VERIFY_@-CERT_@-NOT_@-ACTIVATED
Packit Service 4684c1 
Signer cert is not yet activated.
Packit Service 4684c1 
@item GNUTLS_@-OCSP_@-VERIFY_@-CERT_@-EXPIRED
Packit Service 4684c1 
Signer cert has expired.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_tpmkey_fmt_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-TPMKEY_@-FMT_@-RAW
Packit Service 4684c1 
The portable data format.
Packit Service 4684c1 
@item GNUTLS_@-TPMKEY_@-FMT_@-DER
Packit Service 4684c1 
An alias for the raw format.
Packit Service 4684c1 
@item GNUTLS_@-TPMKEY_@-FMT_@-CTK_@-PEM
Packit Service 4684c1 
A custom data format used by some TPM tools.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c dane_cert_usage_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item DANE_@-CERT_@-USAGE_@-CA
Packit Service 4684c1 
CA constraint. The certificate/key
Packit Service 4684c1 
presented must have signed the verified key.
Packit Service 4684c1 
@item DANE_@-CERT_@-USAGE_@-EE
Packit Service 4684c1 
The key or the certificate of the end
Packit Service 4684c1 
entity.
Packit Service 4684c1 
@item DANE_@-CERT_@-USAGE_@-LOCAL_@-CA
Packit Service 4684c1 
The remote CA is local and possibly
Packit Service 4684c1 
untrusted by the verifier.
Packit Service 4684c1 
@item DANE_@-CERT_@-USAGE_@-LOCAL_@-EE
Packit Service 4684c1 
The remote end-entity key is local
Packit Service 4684c1 
and possibly untrusted by the verifier (not signed by a CA).
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c dane_cert_type_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item DANE_@-CERT_@-X509
Packit Service 4684c1 
An X.509 certificate.
Packit Service 4684c1 
@item DANE_@-CERT_@-PK
Packit Service 4684c1 
A public key.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c dane_match_type_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item DANE_@-MATCH_@-EXACT
Packit Service 4684c1 
The full content.
Packit Service 4684c1 
@item DANE_@-MATCH_@-SHA2_@-256
Packit Service 4684c1 
A SHA-256 hash of the content.
Packit Service 4684c1 
@item DANE_@-MATCH_@-SHA2_@-512
Packit Service 4684c1 
A SHA-512 hash of the content.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c dane_query_status_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item DANE_@-QUERY_@-UNKNOWN
Packit Service 4684c1 
There was no query.
Packit Service 4684c1 
@item DANE_@-QUERY_@-DNSSEC_@-VERIFIED
Packit Service 4684c1 
The query was verified using DNSSEC.
Packit Service 4684c1 
@item DANE_@-QUERY_@-BOGUS
Packit Service 4684c1 
The query has wrong DNSSEC signature.
Packit Service 4684c1 
@item DANE_@-QUERY_@-NO_@-DNSSEC
Packit Service 4684c1 
The query has no DNSSEC data.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c dane_state_flags_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item DANE_@-F_@-IGNORE_@-LOCAL_@-RESOLVER
Packit Service 4684c1 
Many systems are not DNSSEC-ready. In that case the local resolver is ignored, and a direct recursive resolve occurs.
Packit Service 4684c1 
@item DANE_@-F_@-INSECURE
Packit Service 4684c1 
Ignore any DNSSEC signature verification errors.
Packit Service 4684c1 
@item DANE_@-F_@-IGNORE_@-DNSSEC
Packit Service 4684c1 
Do not try to initialize DNSSEC as we will not use it (will then not try to load the DNSSEC root certificate).  Useful if the TLSA data does not come from DNS.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c dane_verify_flags_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item DANE_@-VFLAG_@-FAIL_@-IF_@-NOT_@-CHECKED
Packit Service 4684c1 
If irrelevant to this certificate DANE entries are received fail instead of succeeding.
Packit Service 4684c1 
@item DANE_@-VFLAG_@-ONLY_@-CHECK_@-EE_@-USAGE
Packit Service 4684c1 
The provided certificates will be verified only against any EE field. Combine with @code{DANE_VFLAG_FAIL_IF_NOT_CHECKED}  to fail if EE entries are not present.
Packit Service 4684c1 
@item DANE_@-VFLAG_@-ONLY_@-CHECK_@-CA_@-USAGE
Packit Service 4684c1 
The provided certificates will be verified only against any CA field. Combine with @code{DANE_VFLAG_FAIL_IF_NOT_CHECKED}  to fail if CA entries are not present.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c dane_verify_status_t
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item DANE_@-VERIFY_@-CA_@-CONSTRAINTS_@-VIOLATED
Packit Service 4684c1 
The CA constraints were violated.
Packit Service 4684c1 
@item DANE_@-VERIFY_@-CERT_@-DIFFERS
Packit Service 4684c1 
The certificate obtained via DNS differs.
Packit Service 4684c1 
@item DANE_@-VERIFY_@-UNKNOWN_@-DANE_@-INFO
Packit Service 4684c1 
No known DANE data was found in the DNS record.
Packit Service 4684c1 
@end table
Packit Service 4684c1
Packit Service 4684c1 
@c gnutls_pkcs7_sign_flags
Packit Service 4684c1 
@table @code
Packit Service 4684c1 
@item GNUTLS_@-PKCS7_@-EMBED_@-DATA
Packit Service 4684c1 
The signed data will be embedded in the structure.
Packit Service 4684c1 
@item GNUTLS_@-PKCS7_@-INCLUDE_@-TIME
Packit Service 4684c1 
The signing time will be included in the structure.
Packit Service 4684c1 
@item GNUTLS_@-PKCS7_@-INCLUDE_@-CERT
Packit Service 4684c1 
The signer's certificate will be included in the cert list.
Packit Service 4684c1 
@item GNUTLS_@-PKCS7_@-WRITE_@-SPKI
Packit Service 4684c1 
Use the signer's key identifier instead of name.
Packit Service 4684c1 
@end table

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation