|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_cipher_algorithm_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-UNKNOWN
|
|
Packit Service |
4684c1 |
Value to identify an unknown/unsupported algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-NULL
|
|
Packit Service |
4684c1 |
The NULL (identity) encryption algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-ARCFOUR_@-128
|
|
Packit Service |
4684c1 |
ARCFOUR stream cipher with 128-bit keys.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-3DES_@-CBC
|
|
Packit Service |
4684c1 |
3DES in CBC mode.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-AES_@-128_@-CBC
|
|
Packit Service |
4684c1 |
AES in CBC mode with 128-bit keys.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-AES_@-256_@-CBC
|
|
Packit Service |
4684c1 |
AES in CBC mode with 256-bit keys.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-ARCFOUR_@-40
|
|
Packit Service |
4684c1 |
ARCFOUR stream cipher with 40-bit keys.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-CAMELLIA_@-128_@-CBC
|
|
Packit Service |
4684c1 |
Camellia in CBC mode with 128-bit keys.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-CAMELLIA_@-256_@-CBC
|
|
Packit Service |
4684c1 |
Camellia in CBC mode with 256-bit keys.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-AES_@-192_@-CBC
|
|
Packit Service |
4684c1 |
AES in CBC mode with 192-bit keys.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-AES_@-128_@-GCM
|
|
Packit Service |
4684c1 |
AES in GCM mode with 128-bit keys (AEAD).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-AES_@-256_@-GCM
|
|
Packit Service |
4684c1 |
AES in GCM mode with 256-bit keys (AEAD).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-CAMELLIA_@-192_@-CBC
|
|
Packit Service |
4684c1 |
Camellia in CBC mode with 192-bit keys.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-SALSA20_@-256
|
|
Packit Service |
4684c1 |
Salsa20 with 256-bit keys.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-ESTREAM_@-SALSA20_@-256
|
|
Packit Service |
4684c1 |
Estream's Salsa20 variant with 256-bit keys.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-CAMELLIA_@-128_@-GCM
|
|
Packit Service |
4684c1 |
CAMELLIA in GCM mode with 128-bit keys (AEAD).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-CAMELLIA_@-256_@-GCM
|
|
Packit Service |
4684c1 |
CAMELLIA in GCM mode with 256-bit keys (AEAD).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-RC2_@-40_@-CBC
|
|
Packit Service |
4684c1 |
RC2 in CBC mode with 40-bit keys.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-DES_@-CBC
|
|
Packit Service |
4684c1 |
DES in CBC mode (56-bit keys).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-AES_@-128_@-CCM
|
|
Packit Service |
4684c1 |
AES in CCM mode with 128-bit keys (AEAD).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-AES_@-256_@-CCM
|
|
Packit Service |
4684c1 |
AES in CCM mode with 256-bit keys (AEAD).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-AES_@-128_@-CCM_@-8
|
|
Packit Service |
4684c1 |
AES in CCM mode with 64-bit tag and 128-bit keys (AEAD).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-AES_@-256_@-CCM_@-8
|
|
Packit Service |
4684c1 |
AES in CCM mode with 64-bit tag and 256-bit keys (AEAD).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-CHACHA20_@-POLY1305
|
|
Packit Service |
4684c1 |
The Chacha20 cipher with the Poly1305 authenticator (AEAD).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-GOST28147_@-TC26Z_@-CFB
|
|
Packit Service |
4684c1 |
GOST 28147-89 (Magma) cipher in CFB mode with TC26 Z S-box.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-GOST28147_@-CPA_@-CFB
|
|
Packit Service |
4684c1 |
GOST 28147-89 (Magma) cipher in CFB mode with CryptoPro A S-box.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-GOST28147_@-CPB_@-CFB
|
|
Packit Service |
4684c1 |
GOST 28147-89 (Magma) cipher in CFB mode with CryptoPro B S-box.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-GOST28147_@-CPC_@-CFB
|
|
Packit Service |
4684c1 |
GOST 28147-89 (Magma) cipher in CFB mode with CryptoPro C S-box.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-GOST28147_@-CPD_@-CFB
|
|
Packit Service |
4684c1 |
GOST 28147-89 (Magma) cipher in CFB mode with CryptoPro D S-box.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-AES_@-128_@-CFB8
|
|
Packit Service |
4684c1 |
AES in CFB8 mode with 128-bit keys.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-AES_@-192_@-CFB8
|
|
Packit Service |
4684c1 |
AES in CFB8 mode with 192-bit keys.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-AES_@-256_@-CFB8
|
|
Packit Service |
4684c1 |
AES in CFB8 mode with 256-bit keys.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-AES_@-128_@-XTS
|
|
Packit Service |
4684c1 |
AES in XTS mode with 128-bit key + 128bit tweak key.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-AES_@-256_@-XTS
|
|
Packit Service |
4684c1 |
AES in XTS mode with 256-bit key + 256bit tweak key.
|
|
Packit Service |
4684c1 |
Note that the XTS ciphers are message oriented.
|
|
Packit Service |
4684c1 |
The whole message needs to be provided with a single call, because
|
|
Packit Service |
4684c1 |
cipher-stealing requires to know where the message actually terminates
|
|
Packit Service |
4684c1 |
in order to be able to compute where the stealing occurs.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-GOST28147_@-TC26Z_@-CNT
|
|
Packit Service |
4684c1 |
GOST 28147-89 (Magma) cipher in CNT mode with TC26 Z S-box.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-CHACHA20_@-64
|
|
Packit Service |
4684c1 |
Chacha20 cipher with 64-bit nonces and 64-bit block counters.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-CHACHA20_@-32
|
|
Packit Service |
4684c1 |
Chacha20 cipher with 96-bit nonces and 32-bit block counters.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-AES_@-128_@-SIV
|
|
Packit Service |
4684c1 |
AES in SIV mode with 128-bit key.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-AES_@-256_@-SIV
|
|
Packit Service |
4684c1 |
AES in SIV mode with 256-bit key.
|
|
Packit Service |
4684c1 |
Note that the SIV ciphers can only be used with
|
|
Packit Service |
4684c1 |
the AEAD interface, and the IV plays a role as
|
|
Packit Service |
4684c1 |
the authentication tag while it is prepended to
|
|
Packit Service |
4684c1 |
the cipher text.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-AES_@-192_@-GCM
|
|
Packit Service |
4684c1 |
AES in GCM mode with 192-bit keys (AEAD).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-IDEA_@-PGP_@-CFB
|
|
Packit Service |
4684c1 |
IDEA in CFB mode (placeholder - unsupported).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-3DES_@-PGP_@-CFB
|
|
Packit Service |
4684c1 |
3DES in CFB mode (placeholder - unsupported).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-CAST5_@-PGP_@-CFB
|
|
Packit Service |
4684c1 |
CAST5 in CFB mode (placeholder - unsupported).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-BLOWFISH_@-PGP_@-CFB
|
|
Packit Service |
4684c1 |
Blowfish in CFB mode (placeholder - unsupported).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-SAFER_@-SK128_@-PGP_@-CFB
|
|
Packit Service |
4684c1 |
Safer-SK in CFB mode with 128-bit keys (placeholder - unsupported).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-AES128_@-PGP_@-CFB
|
|
Packit Service |
4684c1 |
AES in CFB mode with 128-bit keys (placeholder - unsupported).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-AES192_@-PGP_@-CFB
|
|
Packit Service |
4684c1 |
AES in CFB mode with 192-bit keys (placeholder - unsupported).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-AES256_@-PGP_@-CFB
|
|
Packit Service |
4684c1 |
AES in CFB mode with 256-bit keys (placeholder - unsupported).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CIPHER_@-TWOFISH_@-PGP_@-CFB
|
|
Packit Service |
4684c1 |
Twofish in CFB mode (placeholder - unsupported).
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_kx_algorithm_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-KX_@-UNKNOWN
|
|
Packit Service |
4684c1 |
Unknown key-exchange algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-KX_@-RSA
|
|
Packit Service |
4684c1 |
RSA key-exchange algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-KX_@-DHE_@-DSS
|
|
Packit Service |
4684c1 |
DHE-DSS key-exchange algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-KX_@-DHE_@-RSA
|
|
Packit Service |
4684c1 |
DHE-RSA key-exchange algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-KX_@-ANON_@-DH
|
|
Packit Service |
4684c1 |
Anon-DH key-exchange algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-KX_@-SRP
|
|
Packit Service |
4684c1 |
SRP key-exchange algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-KX_@-RSA_@-EXPORT
|
|
Packit Service |
4684c1 |
RSA-EXPORT key-exchange algorithm (defunc).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-KX_@-SRP_@-RSA
|
|
Packit Service |
4684c1 |
SRP-RSA key-exchange algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-KX_@-SRP_@-DSS
|
|
Packit Service |
4684c1 |
SRP-DSS key-exchange algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-KX_@-PSK
|
|
Packit Service |
4684c1 |
PSK key-exchange algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-KX_@-DHE_@-PSK
|
|
Packit Service |
4684c1 |
DHE-PSK key-exchange algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-KX_@-ANON_@-ECDH
|
|
Packit Service |
4684c1 |
Anon-ECDH key-exchange algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-KX_@-ECDHE_@-RSA
|
|
Packit Service |
4684c1 |
ECDHE-RSA key-exchange algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-KX_@-ECDHE_@-ECDSA
|
|
Packit Service |
4684c1 |
ECDHE-ECDSA key-exchange algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-KX_@-ECDHE_@-PSK
|
|
Packit Service |
4684c1 |
ECDHE-PSK key-exchange algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-KX_@-RSA_@-PSK
|
|
Packit Service |
4684c1 |
RSA-PSK key-exchange algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-KX_@-VKO_@-GOST_@-12
|
|
Packit Service |
4684c1 |
VKO GOST R 34.10-2012 key-exchange algorithm.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_params_type_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PARAMS_@-RSA_@-EXPORT
|
|
Packit Service |
4684c1 |
Session RSA-EXPORT parameters (defunc).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PARAMS_@-DH
|
|
Packit Service |
4684c1 |
Session Diffie-Hellman parameters.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PARAMS_@-ECDH
|
|
Packit Service |
4684c1 |
Session Elliptic-Curve Diffie-Hellman parameters.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_credentials_type_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CRD_@-CERTIFICATE
|
|
Packit Service |
4684c1 |
Certificate credential.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CRD_@-ANON
|
|
Packit Service |
4684c1 |
Anonymous credential.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CRD_@-SRP
|
|
Packit Service |
4684c1 |
SRP credential.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CRD_@-PSK
|
|
Packit Service |
4684c1 |
PSK credential.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CRD_@-IA
|
|
Packit Service |
4684c1 |
IA credential.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_mac_algorithm_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-MAC_@-UNKNOWN
|
|
Packit Service |
4684c1 |
Unknown MAC algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-MAC_@-NULL
|
|
Packit Service |
4684c1 |
NULL MAC algorithm (empty output).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-MAC_@-MD5
|
|
Packit Service |
4684c1 |
HMAC-MD5 algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-MAC_@-SHA1
|
|
Packit Service |
4684c1 |
HMAC-SHA-1 algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-MAC_@-RMD160
|
|
Packit Service |
4684c1 |
HMAC-RMD160 algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-MAC_@-MD2
|
|
Packit Service |
4684c1 |
HMAC-MD2 algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-MAC_@-SHA256
|
|
Packit Service |
4684c1 |
HMAC-SHA-256 algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-MAC_@-SHA384
|
|
Packit Service |
4684c1 |
HMAC-SHA-384 algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-MAC_@-SHA512
|
|
Packit Service |
4684c1 |
HMAC-SHA-512 algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-MAC_@-SHA224
|
|
Packit Service |
4684c1 |
HMAC-SHA-224 algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-MAC_@-SHA3_@-224
|
|
Packit Service |
4684c1 |
Reserved; unimplemented.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-MAC_@-SHA3_@-256
|
|
Packit Service |
4684c1 |
Reserved; unimplemented.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-MAC_@-SHA3_@-384
|
|
Packit Service |
4684c1 |
Reserved; unimplemented.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-MAC_@-SHA3_@-512
|
|
Packit Service |
4684c1 |
Reserved; unimplemented.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-MAC_@-MD5_@-SHA1
|
|
Packit Service |
4684c1 |
Combined MD5+SHA1 MAC placeholder.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-MAC_@-GOSTR_@-94
|
|
Packit Service |
4684c1 |
HMAC GOST R 34.11-94 algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-MAC_@-STREEBOG_@-256
|
|
Packit Service |
4684c1 |
HMAC GOST R 34.11-2001 (Streebog) algorithm, 256 bit.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-MAC_@-STREEBOG_@-512
|
|
Packit Service |
4684c1 |
HMAC GOST R 34.11-2001 (Streebog) algorithm, 512 bit.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-MAC_@-AEAD
|
|
Packit Service |
4684c1 |
MAC implicit through AEAD cipher.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-MAC_@-UMAC_@-96
|
|
Packit Service |
4684c1 |
The UMAC-96 MAC algorithm (requires nonce).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-MAC_@-UMAC_@-128
|
|
Packit Service |
4684c1 |
The UMAC-128 MAC algorithm (requires nonce).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-MAC_@-AES_@-CMAC_@-128
|
|
Packit Service |
4684c1 |
The AES-CMAC-128 MAC algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-MAC_@-AES_@-CMAC_@-256
|
|
Packit Service |
4684c1 |
The AES-CMAC-256 MAC algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-MAC_@-AES_@-GMAC_@-128
|
|
Packit Service |
4684c1 |
The AES-GMAC-128 MAC algorithm (requires nonce).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-MAC_@-AES_@-GMAC_@-192
|
|
Packit Service |
4684c1 |
The AES-GMAC-192 MAC algorithm (requires nonce).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-MAC_@-AES_@-GMAC_@-256
|
|
Packit Service |
4684c1 |
The AES-GMAC-256 MAC algorithm (requires nonce).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-MAC_@-GOST28147_@-TC26Z_@-IMIT
|
|
Packit Service |
4684c1 |
The GOST 28147-89 working in IMIT mode with TC26 Z S-box.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-MAC_@-SHAKE_@-128
|
|
Packit Service |
4684c1 |
Reserved; unimplemented.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-MAC_@-SHAKE_@-256
|
|
Packit Service |
4684c1 |
Reserved; unimplemented.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_digest_algorithm_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DIG_@-UNKNOWN
|
|
Packit Service |
4684c1 |
Unknown hash algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DIG_@-NULL
|
|
Packit Service |
4684c1 |
NULL hash algorithm (empty output).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DIG_@-MD5
|
|
Packit Service |
4684c1 |
MD5 algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DIG_@-SHA1
|
|
Packit Service |
4684c1 |
SHA-1 algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DIG_@-RMD160
|
|
Packit Service |
4684c1 |
RMD160 algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DIG_@-MD2
|
|
Packit Service |
4684c1 |
MD2 algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DIG_@-SHA256
|
|
Packit Service |
4684c1 |
SHA-256 algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DIG_@-SHA384
|
|
Packit Service |
4684c1 |
SHA-384 algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DIG_@-SHA512
|
|
Packit Service |
4684c1 |
SHA-512 algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DIG_@-SHA224
|
|
Packit Service |
4684c1 |
SHA-224 algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DIG_@-SHA3_@-224
|
|
Packit Service |
4684c1 |
SHA3-224 algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DIG_@-SHA3_@-256
|
|
Packit Service |
4684c1 |
SHA3-256 algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DIG_@-SHA3_@-384
|
|
Packit Service |
4684c1 |
SHA3-384 algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DIG_@-SHA3_@-512
|
|
Packit Service |
4684c1 |
SHA3-512 algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DIG_@-MD5_@-SHA1
|
|
Packit Service |
4684c1 |
Combined MD5+SHA1 algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DIG_@-GOSTR_@-94
|
|
Packit Service |
4684c1 |
GOST R 34.11-94 algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DIG_@-STREEBOG_@-256
|
|
Packit Service |
4684c1 |
GOST R 34.11-2001 (Streebog) algorithm, 256 bit.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DIG_@-STREEBOG_@-512
|
|
Packit Service |
4684c1 |
GOST R 34.11-2001 (Streebog) algorithm, 512 bit.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DIG_@-SHAKE_@-128
|
|
Packit Service |
4684c1 |
Reserved; unimplemented.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DIG_@-SHAKE_@-256
|
|
Packit Service |
4684c1 |
Reserved; unimplemented.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_compression_method_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-COMP_@-UNKNOWN
|
|
Packit Service |
4684c1 |
Unknown compression method.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-COMP_@-NULL
|
|
Packit Service |
4684c1 |
The NULL compression method (no compression).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-COMP_@-DEFLATE
|
|
Packit Service |
4684c1 |
The DEFLATE compression method from zlib.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-COMP_@-ZLIB
|
|
Packit Service |
4684c1 |
Same as @code{GNUTLS_COMP_DEFLATE} .
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_init_flags_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SERVER
|
|
Packit Service |
4684c1 |
Connection end is a server.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CLIENT
|
|
Packit Service |
4684c1 |
Connection end is a client.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DATAGRAM
|
|
Packit Service |
4684c1 |
Connection is datagram oriented (DTLS). Since 3.0.0.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-NONBLOCK
|
|
Packit Service |
4684c1 |
Connection should not block. Since 3.0.0.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-NO_@-EXTENSIONS
|
|
Packit Service |
4684c1 |
Do not enable any TLS extensions by default (since 3.1.2). As TLS 1.2 and later require extensions this option is considered obsolete and should not be used.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-NO_@-REPLAY_@-PROTECTION
|
|
Packit Service |
4684c1 |
Disable any replay protection in DTLS. This must only be used if replay protection is achieved using other means. Since 3.2.2.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-NO_@-SIGNAL
|
|
Packit Service |
4684c1 |
In systems where SIGPIPE is delivered on send, it will be disabled. That flag has effect in systems which support the MSG_NOSIGNAL sockets flag (since 3.4.2).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-ALLOW_@-ID_@-CHANGE
|
|
Packit Service |
4684c1 |
Allow the peer to replace its certificate, or change its ID during a rehandshake. This change is often used in attacks and thus prohibited by default. Since 3.5.0.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-ENABLE_@-FALSE_@-START
|
|
Packit Service |
4684c1 |
Enable the TLS false start on client side if the negotiated ciphersuites allow it. This will enable sending data prior to the handshake being complete, and may introduce a risk of crypto failure when combined with certain key exchanged; for that GnuTLS may not enable that option in ciphersuites that are known to be not safe for false start. Since 3.5.0.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-FORCE_@-CLIENT_@-CERT
|
|
Packit Service |
4684c1 |
When in client side and only a single cert is specified, send that certificate irrespective of the issuers expected by the server. Since 3.5.0.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-NO_@-TICKETS
|
|
Packit Service |
4684c1 |
Flag to indicate that the session should not use resumption with session tickets.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-KEY_@-SHARE_@-TOP
|
|
Packit Service |
4684c1 |
Generate key share for the first group which is enabled.
|
|
Packit Service |
4684c1 |
For example x25519. This option is the most performant for client (less CPU spent
|
|
Packit Service |
4684c1 |
generating keys), but if the server doesn't support the advertized option it may
|
|
Packit Service |
4684c1 |
result to more roundtrips needed to discover the server's choice.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-KEY_@-SHARE_@-TOP2
|
|
Packit Service |
4684c1 |
Generate key shares for the top-2 different groups which are enabled.
|
|
Packit Service |
4684c1 |
For example (ECDH + x25519). This is the default.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-KEY_@-SHARE_@-TOP3
|
|
Packit Service |
4684c1 |
Generate key shares for the top-3 different groups which are enabled.
|
|
Packit Service |
4684c1 |
That is, as each group is associated with a key type (EC, finite field, x25519), generate
|
|
Packit Service |
4684c1 |
three keys using @code{GNUTLS_PK_DH} , @code{GNUTLS_PK_EC} , @code{GNUTLS_PK_ECDH_X25519} if all of them are enabled.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-POST_@-HANDSHAKE_@-AUTH
|
|
Packit Service |
4684c1 |
Enable post handshake authentication for server and client. When set and
|
|
Packit Service |
4684c1 |
a server requests authentication after handshake @code{GNUTLS_E_REAUTH_REQUEST} will be returned
|
|
Packit Service |
4684c1 |
by @code{gnutls_record_recv()} . A client should then call @code{gnutls_reauth()} to re-authenticate.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-NO_@-AUTO_@-REKEY
|
|
Packit Service |
4684c1 |
Disable auto-rekeying under TLS1.3. If this option is not specified
|
|
Packit Service |
4684c1 |
gnutls will force a rekey after 2^24 records have been sent.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SAFE_@-PADDING_@-CHECK
|
|
Packit Service |
4684c1 |
Flag to indicate that the TLS 1.3 padding check will be done in a
|
|
Packit Service |
4684c1 |
safe way which doesn't leak the pad size based on GnuTLS processing time. This is of use to
|
|
Packit Service |
4684c1 |
applications which hide the length of transferred data via the TLS1.3 padding mechanism and
|
|
Packit Service |
4684c1 |
are already taking steps to hide the data processing time. This comes at a performance
|
|
Packit Service |
4684c1 |
penalty.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-ENABLE_@-EARLY_@-START
|
|
Packit Service |
4684c1 |
Under TLS1.3 allow the server to return earlier than the full handshake
|
|
Packit Service |
4684c1 |
finish; similarly to false start the handshake will be completed once data are received by the
|
|
Packit Service |
4684c1 |
client, while the server is able to transmit sooner. This is not enabled by default as it could
|
|
Packit Service |
4684c1 |
break certain existing server assumptions and use-cases. Since 3.6.4.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-ENABLE_@-RAWPK
|
|
Packit Service |
4684c1 |
Allows raw public-keys to be negotiated during the handshake. Since 3.6.6.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-AUTO_@-REAUTH
|
|
Packit Service |
4684c1 |
Enable transparent re-authentication in client side when the server
|
|
Packit Service |
4684c1 |
requests to. That is, reauthentication is handled within @code{gnutls_record_recv()} , and
|
|
Packit Service |
4684c1 |
the @code{GNUTLS_E_REHANDSHAKE} or @code{GNUTLS_E_REAUTH_REQUEST} are not returned. This must be
|
|
Packit Service |
4684c1 |
enabled with @code{GNUTLS_POST_HANDSHAKE_AUTH} for TLS1.3. Enabling this flag requires to restore
|
|
Packit Service |
4684c1 |
interrupted calls to @code{gnutls_record_recv()} based on the output of @code{gnutls_record_get_direction()} ,
|
|
Packit Service |
4684c1 |
since @code{gnutls_record_recv()} could be interrupted when sending when this flag is enabled.
|
|
Packit Service |
4684c1 |
Note this flag may not be used if you are using the same session for sending and receiving
|
|
Packit Service |
4684c1 |
in different threads.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-ENABLE_@-EARLY_@-DATA
|
|
Packit Service |
4684c1 |
Under TLS1.3 allow the server to receive early data sent as part of the initial ClientHello (0-RTT).
|
|
Packit Service |
4684c1 |
This is not enabled by default as early data has weaker security properties than other data. Since 3.6.5.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-NO_@-AUTO_@-SEND_@-TICKET
|
|
Packit Service |
4684c1 |
Under TLS1.3 disable auto-sending of
|
|
Packit Service |
4684c1 |
session tickets during the handshake.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_alert_level_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-AL_@-WARNING
|
|
Packit Service |
4684c1 |
Alert of warning severity.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-AL_@-FATAL
|
|
Packit Service |
4684c1 |
Alert of fatal severity.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_alert_description_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-CLOSE_@-NOTIFY
|
|
Packit Service |
4684c1 |
Close notify.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-UNEXPECTED_@-MESSAGE
|
|
Packit Service |
4684c1 |
Unexpected message.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-BAD_@-RECORD_@-MAC
|
|
Packit Service |
4684c1 |
Bad record MAC.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-DECRYPTION_@-FAILED
|
|
Packit Service |
4684c1 |
Decryption failed.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-RECORD_@-OVERFLOW
|
|
Packit Service |
4684c1 |
Record overflow.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-DECOMPRESSION_@-FAILURE
|
|
Packit Service |
4684c1 |
Decompression failed.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-HANDSHAKE_@-FAILURE
|
|
Packit Service |
4684c1 |
Handshake failed.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-SSL3_@-NO_@-CERTIFICATE
|
|
Packit Service |
4684c1 |
No certificate.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-BAD_@-CERTIFICATE
|
|
Packit Service |
4684c1 |
Certificate is bad.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-UNSUPPORTED_@-CERTIFICATE
|
|
Packit Service |
4684c1 |
Certificate is not supported.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-CERTIFICATE_@-REVOKED
|
|
Packit Service |
4684c1 |
Certificate was revoked.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-CERTIFICATE_@-EXPIRED
|
|
Packit Service |
4684c1 |
Certificate is expired.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-CERTIFICATE_@-UNKNOWN
|
|
Packit Service |
4684c1 |
Unknown certificate.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-ILLEGAL_@-PARAMETER
|
|
Packit Service |
4684c1 |
Illegal parameter.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-UNKNOWN_@-CA
|
|
Packit Service |
4684c1 |
CA is unknown.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-ACCESS_@-DENIED
|
|
Packit Service |
4684c1 |
Access was denied.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-DECODE_@-ERROR
|
|
Packit Service |
4684c1 |
Decode error.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-DECRYPT_@-ERROR
|
|
Packit Service |
4684c1 |
Decrypt error.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-EXPORT_@-RESTRICTION
|
|
Packit Service |
4684c1 |
Export restriction.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-PROTOCOL_@-VERSION
|
|
Packit Service |
4684c1 |
Error in protocol version.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-INSUFFICIENT_@-SECURITY
|
|
Packit Service |
4684c1 |
Insufficient security.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-INTERNAL_@-ERROR
|
|
Packit Service |
4684c1 |
Internal error.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-INAPPROPRIATE_@-FALLBACK
|
|
Packit Service |
4684c1 |
Inappropriate fallback,
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-USER_@-CANCELED
|
|
Packit Service |
4684c1 |
User canceled.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-NO_@-RENEGOTIATION
|
|
Packit Service |
4684c1 |
No renegotiation is allowed.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-MISSING_@-EXTENSION
|
|
Packit Service |
4684c1 |
An extension was expected but was not seen
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-UNSUPPORTED_@-EXTENSION
|
|
Packit Service |
4684c1 |
An unsupported extension was
|
|
Packit Service |
4684c1 |
sent.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-CERTIFICATE_@-UNOBTAINABLE
|
|
Packit Service |
4684c1 |
Could not retrieve the
|
|
Packit Service |
4684c1 |
specified certificate.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-UNRECOGNIZED_@-NAME
|
|
Packit Service |
4684c1 |
The server name sent was not
|
|
Packit Service |
4684c1 |
recognized.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-UNKNOWN_@-PSK_@-IDENTITY
|
|
Packit Service |
4684c1 |
The SRP/PSK username is missing
|
|
Packit Service |
4684c1 |
or not known.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-CERTIFICATE_@-REQUIRED
|
|
Packit Service |
4684c1 |
Certificate is required.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-NO_@-APPLICATION_@-PROTOCOL
|
|
Packit Service |
4684c1 |
The ALPN protocol requested is
|
|
Packit Service |
4684c1 |
not supported by the peer.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-A_@-MAX
|
|
Packit Service |
4684c1 |
-- undescribed --
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_handshake_description_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-HANDSHAKE_@-HELLO_@-REQUEST
|
|
Packit Service |
4684c1 |
Hello request.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-HANDSHAKE_@-CLIENT_@-HELLO
|
|
Packit Service |
4684c1 |
Client hello.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-HANDSHAKE_@-SERVER_@-HELLO
|
|
Packit Service |
4684c1 |
Server hello.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-HANDSHAKE_@-HELLO_@-VERIFY_@-REQUEST
|
|
Packit Service |
4684c1 |
DTLS Hello verify request.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-HANDSHAKE_@-NEW_@-SESSION_@-TICKET
|
|
Packit Service |
4684c1 |
New session ticket.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-HANDSHAKE_@-END_@-OF_@-EARLY_@-DATA
|
|
Packit Service |
4684c1 |
End of early data.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-HANDSHAKE_@-ENCRYPTED_@-EXTENSIONS
|
|
Packit Service |
4684c1 |
Encrypted extensions message.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-HANDSHAKE_@-CERTIFICATE_@-PKT
|
|
Packit Service |
4684c1 |
Certificate packet.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-HANDSHAKE_@-SERVER_@-KEY_@-EXCHANGE
|
|
Packit Service |
4684c1 |
Server key exchange.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-HANDSHAKE_@-CERTIFICATE_@-REQUEST
|
|
Packit Service |
4684c1 |
Certificate request.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-HANDSHAKE_@-SERVER_@-HELLO_@-DONE
|
|
Packit Service |
4684c1 |
Server hello done.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-HANDSHAKE_@-CERTIFICATE_@-VERIFY
|
|
Packit Service |
4684c1 |
Certificate verify.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-HANDSHAKE_@-CLIENT_@-KEY_@-EXCHANGE
|
|
Packit Service |
4684c1 |
Client key exchange.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-HANDSHAKE_@-FINISHED
|
|
Packit Service |
4684c1 |
Finished.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-HANDSHAKE_@-CERTIFICATE_@-STATUS
|
|
Packit Service |
4684c1 |
Certificate status (OCSP).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-HANDSHAKE_@-SUPPLEMENTAL
|
|
Packit Service |
4684c1 |
Supplemental.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-HANDSHAKE_@-KEY_@-UPDATE
|
|
Packit Service |
4684c1 |
TLS1.3 key update message.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-HANDSHAKE_@-CHANGE_@-CIPHER_@-SPEC
|
|
Packit Service |
4684c1 |
Change Cipher Spec.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-HANDSHAKE_@-CLIENT_@-HELLO_@-V2
|
|
Packit Service |
4684c1 |
SSLv2 Client Hello.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-HANDSHAKE_@-HELLO_@-RETRY_@-REQUEST
|
|
Packit Service |
4684c1 |
Hello retry request.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_certificate_status_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CERT_@-INVALID
|
|
Packit Service |
4684c1 |
The certificate is not signed by one of the
|
|
Packit Service |
4684c1 |
known authorities or the signature is invalid (deprecated by the flags
|
|
Packit Service |
4684c1 |
@code{GNUTLS_CERT_SIGNATURE_FAILURE} and @code{GNUTLS_CERT_SIGNER_NOT_FOUND} ).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CERT_@-REVOKED
|
|
Packit Service |
4684c1 |
Certificate is revoked by its authority. In X.509 this will be
|
|
Packit Service |
4684c1 |
set only if CRLs are checked.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CERT_@-SIGNER_@-NOT_@-FOUND
|
|
Packit Service |
4684c1 |
The certificate's issuer is not known.
|
|
Packit Service |
4684c1 |
This is the case if the issuer is not included in the trusted certificate list.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CERT_@-SIGNER_@-NOT_@-CA
|
|
Packit Service |
4684c1 |
The certificate's signer was not a CA. This
|
|
Packit Service |
4684c1 |
may happen if this was a version 1 certificate, which is common with
|
|
Packit Service |
4684c1 |
some CAs, or a version 3 certificate without the basic constrains extension.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CERT_@-INSECURE_@-ALGORITHM
|
|
Packit Service |
4684c1 |
The certificate was signed using an insecure
|
|
Packit Service |
4684c1 |
algorithm such as MD2 or MD5. These algorithms have been broken and
|
|
Packit Service |
4684c1 |
should not be trusted.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CERT_@-NOT_@-ACTIVATED
|
|
Packit Service |
4684c1 |
The certificate is not yet activated.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CERT_@-EXPIRED
|
|
Packit Service |
4684c1 |
The certificate has expired.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CERT_@-SIGNATURE_@-FAILURE
|
|
Packit Service |
4684c1 |
The signature verification failed.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CERT_@-REVOCATION_@-DATA_@-SUPERSEDED
|
|
Packit Service |
4684c1 |
The revocation data are old and have been superseded.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CERT_@-UNEXPECTED_@-OWNER
|
|
Packit Service |
4684c1 |
The owner is not the expected one.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CERT_@-REVOCATION_@-DATA_@-ISSUED_@-IN_@-FUTURE
|
|
Packit Service |
4684c1 |
The revocation data have a future issue date.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CERT_@-SIGNER_@-CONSTRAINTS_@-FAILURE
|
|
Packit Service |
4684c1 |
The certificate's signer constraints were
|
|
Packit Service |
4684c1 |
violated.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CERT_@-MISMATCH
|
|
Packit Service |
4684c1 |
The certificate presented isn't the expected one (TOFU)
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CERT_@-PURPOSE_@-MISMATCH
|
|
Packit Service |
4684c1 |
The certificate or an intermediate does not match the intended purpose (extended key usage).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CERT_@-MISSING_@-OCSP_@-STATUS
|
|
Packit Service |
4684c1 |
The certificate requires the server to send the certifiate status, but no status was received.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CERT_@-INVALID_@-OCSP_@-STATUS
|
|
Packit Service |
4684c1 |
The received OCSP status response is invalid.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CERT_@-UNKNOWN_@-CRIT_@-EXTENSIONS
|
|
Packit Service |
4684c1 |
The certificate has extensions marked as critical which are not supported.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_certificate_request_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CERT_@-IGNORE
|
|
Packit Service |
4684c1 |
Ignore certificate.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CERT_@-REQUEST
|
|
Packit Service |
4684c1 |
Request certificate.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CERT_@-REQUIRE
|
|
Packit Service |
4684c1 |
Require certificate.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_openpgp_crt_status_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-OPENPGP_@-CERT
|
|
Packit Service |
4684c1 |
Send entire certificate.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-OPENPGP_@-CERT_@-FINGERPRINT
|
|
Packit Service |
4684c1 |
Send only certificate fingerprint.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_close_request_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SHUT_@-RDWR
|
|
Packit Service |
4684c1 |
Disallow further receives/sends.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SHUT_@-WR
|
|
Packit Service |
4684c1 |
Disallow further sends.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_protocol_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SSL3
|
|
Packit Service |
4684c1 |
SSL version 3.0.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-TLS1_@-0
|
|
Packit Service |
4684c1 |
TLS version 1.0.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-TLS1
|
|
Packit Service |
4684c1 |
Same as @code{GNUTLS_TLS1_0} .
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-TLS1_@-1
|
|
Packit Service |
4684c1 |
TLS version 1.1.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-TLS1_@-2
|
|
Packit Service |
4684c1 |
TLS version 1.2.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-TLS1_@-3
|
|
Packit Service |
4684c1 |
TLS version 1.3.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DTLS0_@-9
|
|
Packit Service |
4684c1 |
DTLS version 0.9 (Cisco AnyConnect / OpenSSL 0.9.8e).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DTLS1_@-0
|
|
Packit Service |
4684c1 |
DTLS version 1.0.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DTLS1_@-2
|
|
Packit Service |
4684c1 |
DTLS version 1.2.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DTLS_@-VERSION_@-MIN
|
|
Packit Service |
4684c1 |
-- undescribed --
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DTLS_@-VERSION_@-MAX
|
|
Packit Service |
4684c1 |
Maps to the highest supported DTLS version.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-TLS_@-VERSION_@-MAX
|
|
Packit Service |
4684c1 |
Maps to the highest supported TLS version.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-VERSION_@-UNKNOWN
|
|
Packit Service |
4684c1 |
Unknown SSL/TLS version.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_certificate_type_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CRT_@-UNKNOWN
|
|
Packit Service |
4684c1 |
Unknown certificate type.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CRT_@-X509
|
|
Packit Service |
4684c1 |
X.509 Certificate.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CRT_@-OPENPGP
|
|
Packit Service |
4684c1 |
OpenPGP certificate.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CRT_@-RAWPK
|
|
Packit Service |
4684c1 |
Raw public-key (SubjectPublicKeyInfo)
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CRT_@-MAX
|
|
Packit Service |
4684c1 |
-- undescribed --
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_x509_crt_fmt_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-X509_@-FMT_@-DER
|
|
Packit Service |
4684c1 |
X.509 certificate in DER format (binary).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-X509_@-FMT_@-PEM
|
|
Packit Service |
4684c1 |
X.509 certificate in PEM format (text).
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_certificate_print_formats_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CRT_@-PRINT_@-FULL
|
|
Packit Service |
4684c1 |
Full information about certificate.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CRT_@-PRINT_@-ONELINE
|
|
Packit Service |
4684c1 |
Information about certificate in one line.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CRT_@-PRINT_@-UNSIGNED_@-FULL
|
|
Packit Service |
4684c1 |
All info for an unsigned certificate.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CRT_@-PRINT_@-COMPACT
|
|
Packit Service |
4684c1 |
Information about certificate name in one line, plus identification of the public key.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CRT_@-PRINT_@-FULL_@-NUMBERS
|
|
Packit Service |
4684c1 |
Full information about certificate and include easy to parse public key parameters.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_pk_algorithm_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PK_@-UNKNOWN
|
|
Packit Service |
4684c1 |
Unknown public-key algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PK_@-RSA
|
|
Packit Service |
4684c1 |
RSA public-key algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PK_@-DSA
|
|
Packit Service |
4684c1 |
DSA public-key algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PK_@-DH
|
|
Packit Service |
4684c1 |
Diffie-Hellman algorithm. Used to generate parameters.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PK_@-ECDSA
|
|
Packit Service |
4684c1 |
Elliptic curve algorithm. These parameters are compatible with the ECDSA and ECDH algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PK_@-ECDH_@-X25519
|
|
Packit Service |
4684c1 |
Elliptic curve algorithm, restricted to ECDH as per rfc7748.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PK_@-RSA_@-PSS
|
|
Packit Service |
4684c1 |
RSA public-key algorithm, with PSS padding.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PK_@-EDDSA_@-ED25519
|
|
Packit Service |
4684c1 |
Edwards curve Digital signature algorithm. Used with SHA512 on signatures.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PK_@-GOST_@-01
|
|
Packit Service |
4684c1 |
GOST R 34.10-2001 algorithm per rfc5832.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PK_@-GOST_@-12_@-256
|
|
Packit Service |
4684c1 |
GOST R 34.10-2012 algorithm, 256-bit key per rfc7091.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PK_@-GOST_@-12_@-512
|
|
Packit Service |
4684c1 |
GOST R 34.10-2012 algorithm, 512-bit key per rfc7091.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PK_@-ECDH_@-X448
|
|
Packit Service |
4684c1 |
Elliptic curve algorithm, restricted to ECDH as per rfc7748.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PK_@-EDDSA_@-ED448
|
|
Packit Service |
4684c1 |
Edwards curve Digital signature algorithm. Used with SHAKE256 on signatures.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PK_@-MAX
|
|
Packit Service |
4684c1 |
-- undescribed --
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_sign_algorithm_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-UNKNOWN
|
|
Packit Service |
4684c1 |
Unknown signature algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-RSA_@-SHA1
|
|
Packit Service |
4684c1 |
Digital signature algorithm RSA with SHA-1
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-RSA_@-SHA
|
|
Packit Service |
4684c1 |
Same as @code{GNUTLS_SIGN_RSA_SHA1} .
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-DSA_@-SHA1
|
|
Packit Service |
4684c1 |
Digital signature algorithm DSA with SHA-1
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-DSA_@-SHA
|
|
Packit Service |
4684c1 |
Same as @code{GNUTLS_SIGN_DSA_SHA1} .
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-RSA_@-MD5
|
|
Packit Service |
4684c1 |
Digital signature algorithm RSA with MD5.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-RSA_@-MD2
|
|
Packit Service |
4684c1 |
Digital signature algorithm RSA with MD2.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-RSA_@-RMD160
|
|
Packit Service |
4684c1 |
Digital signature algorithm RSA with RMD-160.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-RSA_@-SHA256
|
|
Packit Service |
4684c1 |
Digital signature algorithm RSA with SHA-256.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-RSA_@-SHA384
|
|
Packit Service |
4684c1 |
Digital signature algorithm RSA with SHA-384.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-RSA_@-SHA512
|
|
Packit Service |
4684c1 |
Digital signature algorithm RSA with SHA-512.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-RSA_@-SHA224
|
|
Packit Service |
4684c1 |
Digital signature algorithm RSA with SHA-224.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-DSA_@-SHA224
|
|
Packit Service |
4684c1 |
Digital signature algorithm DSA with SHA-224
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-DSA_@-SHA256
|
|
Packit Service |
4684c1 |
Digital signature algorithm DSA with SHA-256
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-ECDSA_@-SHA1
|
|
Packit Service |
4684c1 |
ECDSA with SHA1.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-ECDSA_@-SHA224
|
|
Packit Service |
4684c1 |
Digital signature algorithm ECDSA with SHA-224.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-ECDSA_@-SHA256
|
|
Packit Service |
4684c1 |
Digital signature algorithm ECDSA with SHA-256.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-ECDSA_@-SHA384
|
|
Packit Service |
4684c1 |
Digital signature algorithm ECDSA with SHA-384.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-ECDSA_@-SHA512
|
|
Packit Service |
4684c1 |
Digital signature algorithm ECDSA with SHA-512.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-DSA_@-SHA384
|
|
Packit Service |
4684c1 |
Digital signature algorithm DSA with SHA-384
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-DSA_@-SHA512
|
|
Packit Service |
4684c1 |
Digital signature algorithm DSA with SHA-512
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-ECDSA_@-SHA3_@-224
|
|
Packit Service |
4684c1 |
Digital signature algorithm ECDSA with SHA3-224.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-ECDSA_@-SHA3_@-256
|
|
Packit Service |
4684c1 |
Digital signature algorithm ECDSA with SHA3-256.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-ECDSA_@-SHA3_@-384
|
|
Packit Service |
4684c1 |
Digital signature algorithm ECDSA with SHA3-384.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-ECDSA_@-SHA3_@-512
|
|
Packit Service |
4684c1 |
Digital signature algorithm ECDSA with SHA3-512.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-DSA_@-SHA3_@-224
|
|
Packit Service |
4684c1 |
Digital signature algorithm DSA with SHA3-224.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-DSA_@-SHA3_@-256
|
|
Packit Service |
4684c1 |
Digital signature algorithm DSA with SHA3-256.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-DSA_@-SHA3_@-384
|
|
Packit Service |
4684c1 |
Digital signature algorithm DSA with SHA3-384.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-DSA_@-SHA3_@-512
|
|
Packit Service |
4684c1 |
Digital signature algorithm DSA with SHA3-512.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-RSA_@-SHA3_@-224
|
|
Packit Service |
4684c1 |
Digital signature algorithm RSA with SHA3-224.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-RSA_@-SHA3_@-256
|
|
Packit Service |
4684c1 |
Digital signature algorithm RSA with SHA3-256.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-RSA_@-SHA3_@-384
|
|
Packit Service |
4684c1 |
Digital signature algorithm RSA with SHA3-384.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-RSA_@-SHA3_@-512
|
|
Packit Service |
4684c1 |
Digital signature algorithm RSA with SHA3-512.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-RSA_@-PSS_@-SHA256
|
|
Packit Service |
4684c1 |
Digital signature algorithm RSA with SHA-256, with PSS padding (RSA-PSS certificate).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-RSA_@-PSS_@-SHA384
|
|
Packit Service |
4684c1 |
Digital signature algorithm RSA with SHA-384, with PSS padding (RSA-PSS certificate).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-RSA_@-PSS_@-SHA512
|
|
Packit Service |
4684c1 |
Digital signature algorithm RSA with SHA-512, with PSS padding (RSA-PSS certificate).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-EDDSA_@-ED25519
|
|
Packit Service |
4684c1 |
Digital signature algorithm EdDSA with Ed25519 curve.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-RSA_@-RAW
|
|
Packit Service |
4684c1 |
Digital signature algorithm RSA with DigestInfo formatted data
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-ECDSA_@-SECP256R1_@-SHA256
|
|
Packit Service |
4684c1 |
Digital signature algorithm ECDSA-SECP256R1 with SHA-256 (used in TLS 1.3 but not PKIX).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-ECDSA_@-SECP384R1_@-SHA384
|
|
Packit Service |
4684c1 |
Digital signature algorithm ECDSA-SECP384R1 with SHA-384 (used in TLS 1.3 but not PKIX).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-ECDSA_@-SECP521R1_@-SHA512
|
|
Packit Service |
4684c1 |
Digital signature algorithm ECDSA-SECP521R1 with SHA-512 (used in TLS 1.3 but not PKIX).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-RSA_@-PSS_@-RSAE_@-SHA256
|
|
Packit Service |
4684c1 |
Digital signature algorithm RSA with SHA-256,
|
|
Packit Service |
4684c1 |
with PSS padding (RSA PKCS@code{1} 1.5 certificate). This signature is identical
|
|
Packit Service |
4684c1 |
to @code{GNUTLS_SIGN_RSA_PSS_SHA256} , but they are distinct as the TLS1.3 protocol
|
|
Packit Service |
4684c1 |
treats them differently.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-RSA_@-PSS_@-RSAE_@-SHA384
|
|
Packit Service |
4684c1 |
Digital signature algorithm RSA with SHA-384,
|
|
Packit Service |
4684c1 |
with PSS padding (RSA PKCS@code{1} 1.5 certificate). This signature is identical
|
|
Packit Service |
4684c1 |
to @code{GNUTLS_SIGN_RSA_PSS_SHA384} , but they are distinct as the TLS1.3 protocol
|
|
Packit Service |
4684c1 |
treats them differently.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-RSA_@-PSS_@-RSAE_@-SHA512
|
|
Packit Service |
4684c1 |
Digital signature algorithm RSA with SHA-512,
|
|
Packit Service |
4684c1 |
with PSS padding (RSA PKCS@code{1} 1.5 certificate). This signature is identical
|
|
Packit Service |
4684c1 |
to @code{GNUTLS_SIGN_RSA_PSS_SHA512} , but they are distinct as the TLS1.3 protocol
|
|
Packit Service |
4684c1 |
treats them differently.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-GOST_@-94
|
|
Packit Service |
4684c1 |
Digital signature algorithm GOST R 34.10-2001 with GOST R 34.11-94
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-GOST_@-256
|
|
Packit Service |
4684c1 |
Digital signature algorithm GOST R 34.10-2012 with GOST R 34.11-2012 256 bit
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-GOST_@-512
|
|
Packit Service |
4684c1 |
Digital signature algorithm GOST R 34.10-2012 with GOST R 34.11-2012 512 bit
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-EDDSA_@-ED448
|
|
Packit Service |
4684c1 |
Digital signature algorithm EdDSA with Ed448 curve.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SIGN_@-MAX
|
|
Packit Service |
4684c1 |
-- undescribed --
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_ecc_curve_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-ECC_@-CURVE_@-INVALID
|
|
Packit Service |
4684c1 |
Cannot be known
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-ECC_@-CURVE_@-SECP224R1
|
|
Packit Service |
4684c1 |
the SECP224R1 curve
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-ECC_@-CURVE_@-SECP256R1
|
|
Packit Service |
4684c1 |
the SECP256R1 curve
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-ECC_@-CURVE_@-SECP384R1
|
|
Packit Service |
4684c1 |
the SECP384R1 curve
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-ECC_@-CURVE_@-SECP521R1
|
|
Packit Service |
4684c1 |
the SECP521R1 curve
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-ECC_@-CURVE_@-SECP192R1
|
|
Packit Service |
4684c1 |
the SECP192R1 curve
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-ECC_@-CURVE_@-X25519
|
|
Packit Service |
4684c1 |
the X25519 curve (ECDH only)
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-ECC_@-CURVE_@-ED25519
|
|
Packit Service |
4684c1 |
the Ed25519 curve
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-ECC_@-CURVE_@-GOST256CPA
|
|
Packit Service |
4684c1 |
GOST R 34.10 CryptoPro 256 A curve
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-ECC_@-CURVE_@-GOST256CPB
|
|
Packit Service |
4684c1 |
GOST R 34.10 CryptoPro 256 B curve
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-ECC_@-CURVE_@-GOST256CPC
|
|
Packit Service |
4684c1 |
GOST R 34.10 CryptoPro 256 C curve
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-ECC_@-CURVE_@-GOST256CPXA
|
|
Packit Service |
4684c1 |
GOST R 34.10 CryptoPro 256 XchA curve
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-ECC_@-CURVE_@-GOST256CPXB
|
|
Packit Service |
4684c1 |
GOST R 34.10 CryptoPro 256 XchB curve
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-ECC_@-CURVE_@-GOST512A
|
|
Packit Service |
4684c1 |
GOST R 34.10 TC26 512 A curve
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-ECC_@-CURVE_@-GOST512B
|
|
Packit Service |
4684c1 |
GOST R 34.10 TC26 512 B curve
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-ECC_@-CURVE_@-GOST512C
|
|
Packit Service |
4684c1 |
GOST R 34.10 TC26 512 C curve
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-ECC_@-CURVE_@-GOST256A
|
|
Packit Service |
4684c1 |
GOST R 34.10 TC26 256 A curve
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-ECC_@-CURVE_@-GOST256B
|
|
Packit Service |
4684c1 |
GOST R 34.10 TC26 256 B curve
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-ECC_@-CURVE_@-GOST256C
|
|
Packit Service |
4684c1 |
GOST R 34.10 TC26 256 C curve
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-ECC_@-CURVE_@-GOST256D
|
|
Packit Service |
4684c1 |
GOST R 34.10 TC26 256 D curve
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-ECC_@-CURVE_@-X448
|
|
Packit Service |
4684c1 |
the X448 curve (ECDH only)
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-ECC_@-CURVE_@-ED448
|
|
Packit Service |
4684c1 |
the Ed448 curve
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-ECC_@-CURVE_@-MAX
|
|
Packit Service |
4684c1 |
-- undescribed --
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_group_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-GROUP_@-INVALID
|
|
Packit Service |
4684c1 |
Indicates unknown/invalid group
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-GROUP_@-SECP192R1
|
|
Packit Service |
4684c1 |
the SECP192R1 curve group (legacy, only for TLS 1.2 compatibility)
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-GROUP_@-SECP224R1
|
|
Packit Service |
4684c1 |
the SECP224R1 curve group (legacy, only for TLS 1.2 compatibility)
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-GROUP_@-SECP256R1
|
|
Packit Service |
4684c1 |
the SECP256R1 curve group
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-GROUP_@-SECP384R1
|
|
Packit Service |
4684c1 |
the SECP384R1 curve group
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-GROUP_@-SECP521R1
|
|
Packit Service |
4684c1 |
the SECP521R1 curve group
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-GROUP_@-X25519
|
|
Packit Service |
4684c1 |
the X25519 curve group
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-GROUP_@-X448
|
|
Packit Service |
4684c1 |
the X448 curve group
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-GROUP_@-GC256A
|
|
Packit Service |
4684c1 |
the GOST R 34.10 TC26 256 A curve group
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-GROUP_@-GC256B
|
|
Packit Service |
4684c1 |
the GOST R 34.10 TC26 256 B curve group
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-GROUP_@-GC256C
|
|
Packit Service |
4684c1 |
the GOST R 34.10 TC26 256 C curve group
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-GROUP_@-GC256D
|
|
Packit Service |
4684c1 |
the GOST R 34.10 TC26 256 D curve group
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-GROUP_@-GC512A
|
|
Packit Service |
4684c1 |
the GOST R 34.10 TC26 512 A curve group
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-GROUP_@-GC512B
|
|
Packit Service |
4684c1 |
the GOST R 34.10 TC26 512 B curve group
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-GROUP_@-GC512C
|
|
Packit Service |
4684c1 |
the GOST R 34.10 TC26 512 C curve group
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-GROUP_@-FFDHE2048
|
|
Packit Service |
4684c1 |
the FFDHE2048 group
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-GROUP_@-FFDHE3072
|
|
Packit Service |
4684c1 |
the FFDHE3072 group
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-GROUP_@-FFDHE4096
|
|
Packit Service |
4684c1 |
the FFDHE4096 group
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-GROUP_@-FFDHE8192
|
|
Packit Service |
4684c1 |
the FFDHE8192 group
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-GROUP_@-FFDHE6144
|
|
Packit Service |
4684c1 |
the FFDHE6144 group
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-GROUP_@-MAX
|
|
Packit Service |
4684c1 |
-- undescribed --
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_sec_param_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SEC_@-PARAM_@-UNKNOWN
|
|
Packit Service |
4684c1 |
Cannot be known
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SEC_@-PARAM_@-INSECURE
|
|
Packit Service |
4684c1 |
Less than 42 bits of security
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SEC_@-PARAM_@-EXPORT
|
|
Packit Service |
4684c1 |
42 bits of security
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SEC_@-PARAM_@-VERY_@-WEAK
|
|
Packit Service |
4684c1 |
64 bits of security
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SEC_@-PARAM_@-WEAK
|
|
Packit Service |
4684c1 |
72 bits of security
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SEC_@-PARAM_@-LOW
|
|
Packit Service |
4684c1 |
80 bits of security
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SEC_@-PARAM_@-LEGACY
|
|
Packit Service |
4684c1 |
96 bits of security
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SEC_@-PARAM_@-MEDIUM
|
|
Packit Service |
4684c1 |
112 bits of security (used to be @code{GNUTLS_SEC_PARAM_NORMAL} )
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SEC_@-PARAM_@-HIGH
|
|
Packit Service |
4684c1 |
128 bits of security
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SEC_@-PARAM_@-ULTRA
|
|
Packit Service |
4684c1 |
192 bits of security
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SEC_@-PARAM_@-FUTURE
|
|
Packit Service |
4684c1 |
256 bits of security
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SEC_@-PARAM_@-MAX
|
|
Packit Service |
4684c1 |
-- undescribed --
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_channel_binding_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CB_@-TLS_@-UNIQUE
|
|
Packit Service |
4684c1 |
"tls-unique" (RFC 5929) channel binding
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_gost_paramset_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-GOST_@-PARAMSET_@-UNKNOWN
|
|
Packit Service |
4684c1 |
Unknown/default parameter set
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-GOST_@-PARAMSET_@-TC26_@-Z
|
|
Packit Service |
4684c1 |
Specified by TC26, see rfc7836
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-GOST_@-PARAMSET_@-CP_@-A
|
|
Packit Service |
4684c1 |
CryptoPro-A, see rfc4357
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-GOST_@-PARAMSET_@-CP_@-B
|
|
Packit Service |
4684c1 |
CryptoPro-B, see rfc4357
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-GOST_@-PARAMSET_@-CP_@-C
|
|
Packit Service |
4684c1 |
CryptoPro-C, see rfc4357
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-GOST_@-PARAMSET_@-CP_@-D
|
|
Packit Service |
4684c1 |
CryptoPro-D, see rfc4357
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_ctype_target_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CTYPE_@-CLIENT
|
|
Packit Service |
4684c1 |
for requesting client certificate type values.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CTYPE_@-SERVER
|
|
Packit Service |
4684c1 |
for requesting server certificate type values.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CTYPE_@-OURS
|
|
Packit Service |
4684c1 |
for requesting our certificate type values.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CTYPE_@-PEERS
|
|
Packit Service |
4684c1 |
for requesting the peers' certificate type values.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_server_name_type_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-NAME_@-DNS
|
|
Packit Service |
4684c1 |
Domain Name System name type.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_session_flags_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SFLAGS_@-SAFE_@-RENEGOTIATION
|
|
Packit Service |
4684c1 |
Safe renegotiation (RFC5746) was used
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SFLAGS_@-EXT_@-MASTER_@-SECRET
|
|
Packit Service |
4684c1 |
The extended master secret (RFC7627) extension was used
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SFLAGS_@-ETM
|
|
Packit Service |
4684c1 |
The encrypt then MAC (RFC7366) extension was used
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SFLAGS_@-HB_@-LOCAL_@-SEND
|
|
Packit Service |
4684c1 |
The heartbeat negotiation allows the local side to send heartbeat messages
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SFLAGS_@-HB_@-PEER_@-SEND
|
|
Packit Service |
4684c1 |
The heartbeat negotiation allows the peer to send heartbeat messages
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SFLAGS_@-FALSE_@-START
|
|
Packit Service |
4684c1 |
False start was used in this client session.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SFLAGS_@-RFC7919
|
|
Packit Service |
4684c1 |
The RFC7919 Diffie-Hellman parameters were negotiated
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SFLAGS_@-SESSION_@-TICKET
|
|
Packit Service |
4684c1 |
A session ticket has been received by the server.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SFLAGS_@-POST_@-HANDSHAKE_@-AUTH
|
|
Packit Service |
4684c1 |
Indicates client capability for post-handshake auth; set only on server side.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SFLAGS_@-EARLY_@-START
|
|
Packit Service |
4684c1 |
The TLS1.3 server session returned early.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SFLAGS_@-EARLY_@-DATA
|
|
Packit Service |
4684c1 |
The TLS1.3 early data has been received by the server.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SFLAGS_@-CLI_@-REQUESTED_@-OCSP
|
|
Packit Service |
4684c1 |
Set when the client has requested OCSP staple during handshake.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SFLAGS_@-SERV_@-REQUESTED_@-OCSP
|
|
Packit Service |
4684c1 |
Set when the server has requested OCSP staple during handshake.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_supplemental_data_format_type_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SUPPLEMENTAL_@-UNKNOWN
|
|
Packit Service |
4684c1 |
Unknown data format
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_srtp_profile_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SRTP_@-AES128_@-CM_@-HMAC_@-SHA1_@-80
|
|
Packit Service |
4684c1 |
128 bit AES with a 80 bit HMAC-SHA1
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SRTP_@-AES128_@-CM_@-HMAC_@-SHA1_@-32
|
|
Packit Service |
4684c1 |
128 bit AES with a 32 bit HMAC-SHA1
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SRTP_@-NULL_@-HMAC_@-SHA1_@-80
|
|
Packit Service |
4684c1 |
NULL cipher with a 80 bit HMAC-SHA1
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SRTP_@-NULL_@-HMAC_@-SHA1_@-32
|
|
Packit Service |
4684c1 |
NULL cipher with a 32 bit HMAC-SHA1
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_alpn_flags_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-ALPN_@-MANDATORY
|
|
Packit Service |
4684c1 |
Require ALPN negotiation. The connection will be
|
|
Packit Service |
4684c1 |
aborted if no matching ALPN protocol is found.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-ALPN_@-SERVER_@-PRECEDENCE
|
|
Packit Service |
4684c1 |
The choices set by the server
|
|
Packit Service |
4684c1 |
will take precedence over the client's.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_vdata_types_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DT_@-UNKNOWN
|
|
Packit Service |
4684c1 |
Unknown data type.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DT_@-DNS_@-HOSTNAME
|
|
Packit Service |
4684c1 |
The data contain a null-terminated DNS hostname; the hostname will be
|
|
Packit Service |
4684c1 |
matched using the RFC6125 rules. If the data contain a textual IP (v4 or v6) address it will
|
|
Packit Service |
4684c1 |
be marched against the IPAddress Alternative name, unless the verification flag @code{GNUTLS_VERIFY_DO_NOT_ALLOW_IP_MATCHES}
|
|
Packit Service |
4684c1 |
is specified.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DT_@-KEY_@-PURPOSE_@-OID
|
|
Packit Service |
4684c1 |
The data contain a null-terminated key purpose OID. It will be matched
|
|
Packit Service |
4684c1 |
against the certificate's Extended Key Usage extension.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DT_@-RFC822NAME
|
|
Packit Service |
4684c1 |
The data contain a null-terminated email address; the email will be
|
|
Packit Service |
4684c1 |
matched against the RFC822Name Alternative name of the certificate, or the EMAIL DN component if the
|
|
Packit Service |
4684c1 |
former isn't available. Prior to matching the email address will be converted to ACE
|
|
Packit Service |
4684c1 |
(ASCII-compatible-encoding).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-DT_@-IP_@-ADDRESS
|
|
Packit Service |
4684c1 |
The data contain a raw IP address (4 or 16 bytes). If will be matched
|
|
Packit Service |
4684c1 |
against the IPAddress Alternative name; option available since 3.6.0.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_certificate_flags
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CERTIFICATE_@-SKIP_@-KEY_@-CERT_@-MATCH
|
|
Packit Service |
4684c1 |
Skip the key and certificate matching check.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CERTIFICATE_@-API_@-V2
|
|
Packit Service |
4684c1 |
If set the gnutls_certificate_set_*key* functions will return an index of the added key pair instead of zero.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CERTIFICATE_@-SKIP_@-OCSP_@-RESPONSE_@-CHECK
|
|
Packit Service |
4684c1 |
If set, the gnutls_certificate_set_ocsp_status_request_file
|
|
Packit Service |
4684c1 |
function, will not check whether the response set matches any of the certificates.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-CERTIFICATE_@-VERIFY_@-CRLS
|
|
Packit Service |
4684c1 |
This will enable CRL verification when added in the certificate structure.
|
|
Packit Service |
4684c1 |
When used, it requires CAs to be added before CRLs.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_psk_key_flags
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PSK_@-KEY_@-RAW
|
|
Packit Service |
4684c1 |
PSK-key in raw format.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PSK_@-KEY_@-HEX
|
|
Packit Service |
4684c1 |
PSK-key in hex format.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_x509_subject_alt_name_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SAN_@-DNSNAME
|
|
Packit Service |
4684c1 |
DNS-name SAN.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SAN_@-RFC822NAME
|
|
Packit Service |
4684c1 |
E-mail address SAN.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SAN_@-URI
|
|
Packit Service |
4684c1 |
URI SAN.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SAN_@-IPADDRESS
|
|
Packit Service |
4684c1 |
IP address SAN.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SAN_@-OTHERNAME
|
|
Packit Service |
4684c1 |
OtherName SAN.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SAN_@-DN
|
|
Packit Service |
4684c1 |
DN SAN.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SAN_@-REGISTERED_@-ID
|
|
Packit Service |
4684c1 |
RegisteredID.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SAN_@-MAX
|
|
Packit Service |
4684c1 |
-- undescribed --
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SAN_@-OTHERNAME_@-XMPP
|
|
Packit Service |
4684c1 |
Virtual SAN, used by certain functions for convenience.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-SAN_@-OTHERNAME_@-KRB5PRINCIPAL
|
|
Packit Service |
4684c1 |
Virtual SAN, used by certain functions for convenience.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_privkey_type_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PRIVKEY_@-X509
|
|
Packit Service |
4684c1 |
X.509 private key, @code{gnutls_x509_privkey_t} .
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PRIVKEY_@-OPENPGP
|
|
Packit Service |
4684c1 |
OpenPGP private key, @code{gnutls_openpgp_privkey_t} .
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PRIVKEY_@-PKCS11
|
|
Packit Service |
4684c1 |
PKCS11 private key, @code{gnutls_pkcs11_privkey_t} .
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PRIVKEY_@-EXT
|
|
Packit Service |
4684c1 |
External private key, operating using callbacks.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_pin_flag_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PIN_@-USER
|
|
Packit Service |
4684c1 |
The PIN for the user.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PIN_@-SO
|
|
Packit Service |
4684c1 |
The PIN for the security officer (admin).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PIN_@-FINAL_@-TRY
|
|
Packit Service |
4684c1 |
This is the final try before blocking.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PIN_@-COUNT_@-LOW
|
|
Packit Service |
4684c1 |
Few tries remain before token blocks.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PIN_@-CONTEXT_@-SPECIFIC
|
|
Packit Service |
4684c1 |
The PIN is for a specific action and key like signing.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PIN_@-WRONG
|
|
Packit Service |
4684c1 |
Last given PIN was not correct.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_ext_parse_type_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-EXT_@-ANY
|
|
Packit Service |
4684c1 |
Any extension type (should not be used as it is used only internally).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-EXT_@-APPLICATION
|
|
Packit Service |
4684c1 |
Parsed after @code{GNUTLS_EXT_MANDATORY}
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-EXT_@-TLS
|
|
Packit Service |
4684c1 |
TLS-internal extensions, parsed after @code{GNUTLS_EXT_APPLICATION} .
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-EXT_@-MANDATORY
|
|
Packit Service |
4684c1 |
Parsed after @code{GNUTLS_EXT_VERSION_NEG} and even when resuming.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-EXT_@-NONE
|
|
Packit Service |
4684c1 |
Never to be parsed
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-EXT_@-VERSION_@-NEG
|
|
Packit Service |
4684c1 |
Extensions to be parsed first for TLS version negotiation.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_ext_flags_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-EXT_@-FLAG_@-OVERRIDE_@-INTERNAL
|
|
Packit Service |
4684c1 |
If specified the extension registered will override the internal; this does not work with extensions existing prior to 3.6.0.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-EXT_@-FLAG_@-CLIENT_@-HELLO
|
|
Packit Service |
4684c1 |
This extension can be present in a client hello
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-EXT_@-FLAG_@-TLS12_@-SERVER_@-HELLO
|
|
Packit Service |
4684c1 |
This extension can be present in a TLS1.2 or earlier server hello
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-EXT_@-FLAG_@-TLS13_@-SERVER_@-HELLO
|
|
Packit Service |
4684c1 |
This extension can be present in a TLS1.3 server hello
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-EXT_@-FLAG_@-EE
|
|
Packit Service |
4684c1 |
This extension can be present in encrypted extensions message
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-EXT_@-FLAG_@-HRR
|
|
Packit Service |
4684c1 |
This extension can be present in hello retry request message
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-EXT_@-FLAG_@-IGNORE_@-CLIENT_@-REQUEST
|
|
Packit Service |
4684c1 |
When flag is present, this extension will be send even if the client didn't advertise it. An extension of this type is the Cookie TLS1.3 extension.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-EXT_@-FLAG_@-TLS
|
|
Packit Service |
4684c1 |
This extension can be present under TLS; otherwise ignored.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-EXT_@-FLAG_@-DTLS
|
|
Packit Service |
4684c1 |
This extension can be present under DTLS; otherwise ignored.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_fips_mode_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-FIPS140_@-DISABLED
|
|
Packit Service |
4684c1 |
The FIPS140-2 mode is disabled.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-FIPS140_@-STRICT
|
|
Packit Service |
4684c1 |
The default mode; all forbidden operations will cause an
|
|
Packit Service |
4684c1 |
operation failure via error code.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-FIPS140_@-SELFTESTS
|
|
Packit Service |
4684c1 |
A transient state during library initialization. That state
|
|
Packit Service |
4684c1 |
cannot be set or seen by applications.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-FIPS140_@-LAX
|
|
Packit Service |
4684c1 |
The library still uses the FIPS140-2 relevant algorithms but all
|
|
Packit Service |
4684c1 |
forbidden by FIPS140-2 operations are allowed; this is useful when the
|
|
Packit Service |
4684c1 |
application is aware of the followed security policy, and needs
|
|
Packit Service |
4684c1 |
to utilize disallowed operations for other reasons (e.g., compatibility).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-FIPS140_@-LOG
|
|
Packit Service |
4684c1 |
Similarly to @code{GNUTLS_FIPS140_LAX} , it allows forbidden operations; any use of them results
|
|
Packit Service |
4684c1 |
to a message to the audit callback functions.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_certificate_import_flags
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-X509_@-CRT_@-LIST_@-IMPORT_@-FAIL_@-IF_@-EXCEED
|
|
Packit Service |
4684c1 |
Fail if the
|
|
Packit Service |
4684c1 |
certificates in the buffer are more than the space allocated for
|
|
Packit Service |
4684c1 |
certificates. The error code will be @code{GNUTLS_E_SHORT_MEMORY_BUFFER} .
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-X509_@-CRT_@-LIST_@-FAIL_@-IF_@-UNSORTED
|
|
Packit Service |
4684c1 |
Fail if the certificates
|
|
Packit Service |
4684c1 |
in the buffer are not ordered starting from subject to issuer.
|
|
Packit Service |
4684c1 |
The error code will be @code{GNUTLS_E_CERTIFICATE_LIST_UNSORTED} .
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-X509_@-CRT_@-LIST_@-SORT
|
|
Packit Service |
4684c1 |
Sort the certificate chain if unsorted.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_x509_crt_flags
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-X509_@-CRT_@-FLAG_@-IGNORE_@-SANITY
|
|
Packit Service |
4684c1 |
Ignore any sanity checks at the
|
|
Packit Service |
4684c1 |
import of the certificate; i.e., ignore checks such as version/field
|
|
Packit Service |
4684c1 |
matching and strict time field checks. Intended to be used for debugging.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_keyid_flags_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-KEYID_@-USE_@-SHA1
|
|
Packit Service |
4684c1 |
Use SHA1 as the key ID algorithm (default).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-KEYID_@-USE_@-SHA256
|
|
Packit Service |
4684c1 |
Use SHA256 as the key ID algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-KEYID_@-USE_@-SHA512
|
|
Packit Service |
4684c1 |
Use SHA512 as the key ID algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-KEYID_@-USE_@-BEST_@-KNOWN
|
|
Packit Service |
4684c1 |
Use the best known algorithm to calculate key ID. Using that option will make your program behavior depend on the version of gnutls linked with. That option has a cap of 64-bytes key IDs.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_certificate_verify_flags
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-VERIFY_@-DISABLE_@-CA_@-SIGN
|
|
Packit Service |
4684c1 |
If set a signer does not have to be
|
|
Packit Service |
4684c1 |
a certificate authority. This flag should normally be disabled,
|
|
Packit Service |
4684c1 |
unless you know what this means.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-VERIFY_@-DO_@-NOT_@-ALLOW_@-IP_@-MATCHES
|
|
Packit Service |
4684c1 |
When verifying a hostname
|
|
Packit Service |
4684c1 |
prevent textual IP addresses from matching IP addresses in the
|
|
Packit Service |
4684c1 |
certificate. Treat the input only as a DNS name.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-VERIFY_@-DO_@-NOT_@-ALLOW_@-SAME
|
|
Packit Service |
4684c1 |
If a certificate is not signed by
|
|
Packit Service |
4684c1 |
anyone trusted but exists in the trusted CA list do not treat it
|
|
Packit Service |
4684c1 |
as trusted.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-VERIFY_@-ALLOW_@-ANY_@-X509_@-V1_@-CA_@-CRT
|
|
Packit Service |
4684c1 |
Allow CA certificates that
|
|
Packit Service |
4684c1 |
have version 1 (both root and intermediate). This might be
|
|
Packit Service |
4684c1 |
dangerous since those haven't the basicConstraints
|
|
Packit Service |
4684c1 |
extension.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-VERIFY_@-ALLOW_@-SIGN_@-RSA_@-MD2
|
|
Packit Service |
4684c1 |
Allow certificates to be signed
|
|
Packit Service |
4684c1 |
using the broken MD2 algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-VERIFY_@-ALLOW_@-SIGN_@-RSA_@-MD5
|
|
Packit Service |
4684c1 |
Allow certificates to be signed
|
|
Packit Service |
4684c1 |
using the broken MD5 algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-VERIFY_@-DISABLE_@-TIME_@-CHECKS
|
|
Packit Service |
4684c1 |
Disable checking of activation
|
|
Packit Service |
4684c1 |
and expiration validity periods of certificate chains. Don't set
|
|
Packit Service |
4684c1 |
this unless you understand the security implications.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-VERIFY_@-DISABLE_@-TRUSTED_@-TIME_@-CHECKS
|
|
Packit Service |
4684c1 |
If set a signer in the trusted
|
|
Packit Service |
4684c1 |
list is never checked for expiration or activation.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-VERIFY_@-DO_@-NOT_@-ALLOW_@-X509_@-V1_@-CA_@-CRT
|
|
Packit Service |
4684c1 |
Do not allow trusted CA
|
|
Packit Service |
4684c1 |
certificates that have version 1. This option is to be used
|
|
Packit Service |
4684c1 |
to deprecate all certificates of version 1.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-VERIFY_@-DISABLE_@-CRL_@-CHECKS
|
|
Packit Service |
4684c1 |
Disable checking for validity
|
|
Packit Service |
4684c1 |
using certificate revocation lists or the available OCSP data.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-VERIFY_@-ALLOW_@-UNSORTED_@-CHAIN
|
|
Packit Service |
4684c1 |
A certificate chain is tolerated
|
|
Packit Service |
4684c1 |
if unsorted (the case with many TLS servers out there). This is the
|
|
Packit Service |
4684c1 |
default since GnuTLS 3.1.4.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-VERIFY_@-DO_@-NOT_@-ALLOW_@-UNSORTED_@-CHAIN
|
|
Packit Service |
4684c1 |
Do not tolerate an unsorted
|
|
Packit Service |
4684c1 |
certificate chain.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-VERIFY_@-DO_@-NOT_@-ALLOW_@-WILDCARDS
|
|
Packit Service |
4684c1 |
When including a hostname
|
|
Packit Service |
4684c1 |
check in the verification, do not consider any wildcards.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-VERIFY_@-USE_@-TLS1_@-RSA
|
|
Packit Service |
4684c1 |
This indicates that a (raw) RSA signature is provided
|
|
Packit Service |
4684c1 |
as in the TLS 1.0 protocol. Not all functions accept this flag.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-VERIFY_@-IGNORE_@-UNKNOWN_@-CRIT_@-EXTENSIONS
|
|
Packit Service |
4684c1 |
This signals the verification
|
|
Packit Service |
4684c1 |
process, not to fail on unknown critical extensions.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-VERIFY_@-ALLOW_@-SIGN_@-WITH_@-SHA1
|
|
Packit Service |
4684c1 |
Allow certificates to be signed
|
|
Packit Service |
4684c1 |
using the broken SHA1 hash algorithm.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_certificate_verification_profiles_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PROFILE_@-UNKNOWN
|
|
Packit Service |
4684c1 |
An invalid/unknown profile.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PROFILE_@-VERY_@-WEAK
|
|
Packit Service |
4684c1 |
A verification profile that
|
|
Packit Service |
4684c1 |
corresponds to @code{GNUTLS_SEC_PARAM_VERY_WEAK} (64 bits)
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PROFILE_@-LOW
|
|
Packit Service |
4684c1 |
A verification profile that
|
|
Packit Service |
4684c1 |
corresponds to @code{GNUTLS_SEC_PARAM_LOW} (80 bits)
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PROFILE_@-LEGACY
|
|
Packit Service |
4684c1 |
A verification profile that
|
|
Packit Service |
4684c1 |
corresponds to @code{GNUTLS_SEC_PARAM_LEGACY} (96 bits)
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PROFILE_@-MEDIUM
|
|
Packit Service |
4684c1 |
A verification profile that
|
|
Packit Service |
4684c1 |
corresponds to @code{GNUTLS_SEC_PARAM_MEDIUM} (112 bits)
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PROFILE_@-HIGH
|
|
Packit Service |
4684c1 |
A verification profile that
|
|
Packit Service |
4684c1 |
corresponds to @code{GNUTLS_SEC_PARAM_HIGH} (128 bits)
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PROFILE_@-ULTRA
|
|
Packit Service |
4684c1 |
A verification profile that
|
|
Packit Service |
4684c1 |
corresponds to @code{GNUTLS_SEC_PARAM_ULTRA} (192 bits)
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PROFILE_@-FUTURE
|
|
Packit Service |
4684c1 |
A verification profile that
|
|
Packit Service |
4684c1 |
corresponds to @code{GNUTLS_SEC_PARAM_FUTURE} (256 bits)
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PROFILE_@-SUITEB128
|
|
Packit Service |
4684c1 |
A verification profile that
|
|
Packit Service |
4684c1 |
applies the SUITEB128 rules
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PROFILE_@-SUITEB192
|
|
Packit Service |
4684c1 |
A verification profile that
|
|
Packit Service |
4684c1 |
applies the SUITEB192 rules
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_pkcs_encrypt_flags_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS_@-PLAIN
|
|
Packit Service |
4684c1 |
Unencrypted private key.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS_@-PKCS12_@-3DES
|
|
Packit Service |
4684c1 |
PKCS-12 3DES.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS_@-PKCS12_@-ARCFOUR
|
|
Packit Service |
4684c1 |
PKCS-12 ARCFOUR.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS_@-PKCS12_@-RC2_@-40
|
|
Packit Service |
4684c1 |
PKCS-12 RC2-40.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS_@-PBES2_@-3DES
|
|
Packit Service |
4684c1 |
PBES2 3DES.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS_@-PBES2_@-AES_@-128
|
|
Packit Service |
4684c1 |
PBES2 AES-128.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS_@-PBES2_@-AES_@-192
|
|
Packit Service |
4684c1 |
PBES2 AES-192.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS_@-PBES2_@-AES_@-256
|
|
Packit Service |
4684c1 |
PBES2 AES-256.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS_@-NULL_@-PASSWORD
|
|
Packit Service |
4684c1 |
Some schemas distinguish between an empty and a NULL password.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS_@-PBES2_@-DES
|
|
Packit Service |
4684c1 |
PBES2 single DES.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS_@-PBES1_@-DES_@-MD5
|
|
Packit Service |
4684c1 |
PBES1 with single DES; for compatibility with openssl only.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS_@-PBES2_@-GOST_@-TC26Z
|
|
Packit Service |
4684c1 |
PBES2 GOST 28147-89 CFB with TC26-Z S-box.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS_@-PBES2_@-GOST_@-CPA
|
|
Packit Service |
4684c1 |
PBES2 GOST 28147-89 CFB with CryptoPro-A S-box.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS_@-PBES2_@-GOST_@-CPB
|
|
Packit Service |
4684c1 |
PBES2 GOST 28147-89 CFB with CryptoPro-B S-box.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS_@-PBES2_@-GOST_@-CPC
|
|
Packit Service |
4684c1 |
PBES2 GOST 28147-89 CFB with CryptoPro-C S-box.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS_@-PBES2_@-GOST_@-CPD
|
|
Packit Service |
4684c1 |
PBES2 GOST 28147-89 CFB with CryptoPro-D S-box.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_keygen_types_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-KEYGEN_@-SEED
|
|
Packit Service |
4684c1 |
Specifies the seed to be used in key generation.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-KEYGEN_@-DIGEST
|
|
Packit Service |
4684c1 |
The size field specifies the hash algorithm to be used in key generation.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-KEYGEN_@-SPKI
|
|
Packit Service |
4684c1 |
data points to a @code{gnutls_x509_spki_t} structure; it is not used after the key generation call.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_pkcs12_bag_type_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-BAG_@-EMPTY
|
|
Packit Service |
4684c1 |
Empty PKCS-12 bag.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-BAG_@-PKCS8_@-ENCRYPTED_@-KEY
|
|
Packit Service |
4684c1 |
PKCS-12 bag with PKCS-8 encrypted key.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-BAG_@-PKCS8_@-KEY
|
|
Packit Service |
4684c1 |
PKCS-12 bag with PKCS-8 key.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-BAG_@-CERTIFICATE
|
|
Packit Service |
4684c1 |
PKCS-12 bag with certificate.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-BAG_@-CRL
|
|
Packit Service |
4684c1 |
PKCS-12 bag with CRL.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-BAG_@-SECRET
|
|
Packit Service |
4684c1 |
PKCS-12 bag with secret PKCS-9 keys.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-BAG_@-ENCRYPTED
|
|
Packit Service |
4684c1 |
Encrypted PKCS-12 bag.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-BAG_@-UNKNOWN
|
|
Packit Service |
4684c1 |
Unknown PKCS-12 bag.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_pkcs11_obj_flags
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-LOGIN
|
|
Packit Service |
4684c1 |
Force login in the token for the operation (seek+store).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-MARK_@-TRUSTED
|
|
Packit Service |
4684c1 |
object marked as trusted (seek+store).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-MARK_@-SENSITIVE
|
|
Packit Service |
4684c1 |
object is explicitly marked as sensitive -unexportable (store).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-LOGIN_@-SO
|
|
Packit Service |
4684c1 |
force login as a security officer in the token for the operation (seek+store).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-MARK_@-PRIVATE
|
|
Packit Service |
4684c1 |
marked as private -requires PIN to access (store).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-MARK_@-NOT_@-PRIVATE
|
|
Packit Service |
4684c1 |
marked as not private (store).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-RETRIEVE_@-ANY
|
|
Packit Service |
4684c1 |
When retrieving an object, do not set any requirements (store).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-RETRIEVE_@-TRUSTED
|
|
Packit Service |
4684c1 |
When retrieving an object, only retrieve the marked as trusted (alias to @code{GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED} ).
|
|
Packit Service |
4684c1 |
In @code{gnutls_pkcs11_crt_is_known()} it implies @code{GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_COMPARE} if @code{GNUTLS_PKCS11_OBJ_FLAG_COMPARE_KEY} is not given.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-MARK_@-DISTRUSTED
|
|
Packit Service |
4684c1 |
When writing an object, mark it as distrusted (store).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-RETRIEVE_@-DISTRUSTED
|
|
Packit Service |
4684c1 |
When retrieving an object, only retrieve the marked as distrusted (seek).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-COMPARE
|
|
Packit Service |
4684c1 |
When checking an object's presence, fully compare it before returning any result (seek).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-PRESENT_@-IN_@-TRUSTED_@-MODULE
|
|
Packit Service |
4684c1 |
The object must be present in a marked as trusted module (seek).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-MARK_@-CA
|
|
Packit Service |
4684c1 |
Mark the object as a CA (seek+store).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-MARK_@-KEY_@-WRAP
|
|
Packit Service |
4684c1 |
Mark the generated key pair as wrapping and unwrapping keys (store).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-COMPARE_@-KEY
|
|
Packit Service |
4684c1 |
When checking an object's presence, compare the key before returning any result (seek).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-OVERWRITE_@-TRUSTMOD_@-EXT
|
|
Packit Service |
4684c1 |
When an issuer is requested, override its extensions with the ones present in the trust module (seek).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-MARK_@-ALWAYS_@-AUTH
|
|
Packit Service |
4684c1 |
Mark the key pair as requiring authentication (pin entry) before every operation (seek+store).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-MARK_@-EXTRACTABLE
|
|
Packit Service |
4684c1 |
Mark the key pair as being extractable (store).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-NEVER_@-EXTRACTABLE
|
|
Packit Service |
4684c1 |
If set, the object was never marked as extractable (store).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-CRT
|
|
Packit Service |
4684c1 |
When searching, restrict to certificates only (seek).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-WITH_@-PRIVKEY
|
|
Packit Service |
4684c1 |
-- undescribed --
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-PUBKEY
|
|
Packit Service |
4684c1 |
When searching, restrict to public key objects only (seek).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-NO_@-STORE_@-PUBKEY
|
|
Packit Service |
4684c1 |
When generating a keypair don't store the public key (store).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-PRIVKEY
|
|
Packit Service |
4684c1 |
When searching, restrict to private key objects only (seek).
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-FLAG_@-MARK_@-NOT_@-SENSITIVE
|
|
Packit Service |
4684c1 |
object marked as not sensitive -exportable (store).
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_pkcs11_url_type_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-URL_@-GENERIC
|
|
Packit Service |
4684c1 |
A generic-purpose URL.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-URL_@-LIB
|
|
Packit Service |
4684c1 |
A URL that specifies the library used as well.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-URL_@-LIB_@-VERSION
|
|
Packit Service |
4684c1 |
A URL that specifies the library and its version.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_pkcs11_obj_info_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-ID_@-HEX
|
|
Packit Service |
4684c1 |
The object ID in hex. Null-terminated text.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-LABEL
|
|
Packit Service |
4684c1 |
The object label. Null-terminated text.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-TOKEN_@-LABEL
|
|
Packit Service |
4684c1 |
The token's label. Null-terminated text.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-TOKEN_@-SERIAL
|
|
Packit Service |
4684c1 |
The token's serial number. Null-terminated text.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-TOKEN_@-MANUFACTURER
|
|
Packit Service |
4684c1 |
The token's manufacturer. Null-terminated text.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-TOKEN_@-MODEL
|
|
Packit Service |
4684c1 |
The token's model. Null-terminated text.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-ID
|
|
Packit Service |
4684c1 |
The object ID. Raw bytes.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-LIBRARY_@-VERSION
|
|
Packit Service |
4684c1 |
The library's version. Null-terminated text.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-LIBRARY_@-DESCRIPTION
|
|
Packit Service |
4684c1 |
The library's description. Null-terminated text.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-LIBRARY_@-MANUFACTURER
|
|
Packit Service |
4684c1 |
The library's manufacturer name. Null-terminated text.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_pkcs11_token_info_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-TOKEN_@-LABEL
|
|
Packit Service |
4684c1 |
The token's label (string)
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-TOKEN_@-SERIAL
|
|
Packit Service |
4684c1 |
The token's serial number (string)
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-TOKEN_@-MANUFACTURER
|
|
Packit Service |
4684c1 |
The token's manufacturer (string)
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-TOKEN_@-MODEL
|
|
Packit Service |
4684c1 |
The token's model (string)
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-TOKEN_@-MODNAME
|
|
Packit Service |
4684c1 |
The token's module name (string - since 3.4.3). This value is
|
|
Packit Service |
4684c1 |
unavailable for providers which were manually loaded.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_pkcs11_obj_type_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-UNKNOWN
|
|
Packit Service |
4684c1 |
Unknown PKCS11 object.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-X509_@-CRT
|
|
Packit Service |
4684c1 |
X.509 certificate.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-PUBKEY
|
|
Packit Service |
4684c1 |
Public key.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-PRIVKEY
|
|
Packit Service |
4684c1 |
Private key.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-SECRET_@-KEY
|
|
Packit Service |
4684c1 |
Secret key.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-DATA
|
|
Packit Service |
4684c1 |
Data object.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS11_@-OBJ_@-X509_@-CRT_@-EXTENSION
|
|
Packit Service |
4684c1 |
X.509 certificate extension (supported by p11-kit trust module only).
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_pubkey_flags_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PUBKEY_@-DISABLE_@-CALLBACKS
|
|
Packit Service |
4684c1 |
The following flag disables call to PIN callbacks. Only
|
|
Packit Service |
4684c1 |
relevant to TPM keys.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PUBKEY_@-GET_@-OPENPGP_@-FINGERPRINT
|
|
Packit Service |
4684c1 |
request an OPENPGP fingerprint instead of the default.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_abstract_export_flags_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-EXPORT_@-FLAG_@-NO_@-LZ
|
|
Packit Service |
4684c1 |
do not prepend a leading zero to exported values
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_privkey_flags_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PRIVKEY_@-IMPORT_@-AUTO_@-RELEASE
|
|
Packit Service |
4684c1 |
When importing a private key, automatically
|
|
Packit Service |
4684c1 |
release it when the structure it was imported is released.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PRIVKEY_@-IMPORT_@-COPY
|
|
Packit Service |
4684c1 |
Copy required values during import.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PRIVKEY_@-DISABLE_@-CALLBACKS
|
|
Packit Service |
4684c1 |
The following flag disables call to PIN callbacks etc.
|
|
Packit Service |
4684c1 |
Only relevant to TPM keys.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PRIVKEY_@-SIGN_@-FLAG_@-TLS1_@-RSA
|
|
Packit Service |
4684c1 |
Make an RSA signature on the hashed data as in the TLS protocol.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PRIVKEY_@-FLAG_@-PROVABLE
|
|
Packit Service |
4684c1 |
When generating a key involving prime numbers, use provable primes; a seed may be required.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PRIVKEY_@-FLAG_@-EXPORT_@-COMPAT
|
|
Packit Service |
4684c1 |
Keys generated or imported as provable require an extended format which cannot be read by previous versions
|
|
Packit Service |
4684c1 |
of gnutls or other applications. By setting this flag the key will be exported in a backwards compatible way,
|
|
Packit Service |
4684c1 |
even if the information about the seed used will be lost.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PRIVKEY_@-SIGN_@-FLAG_@-RSA_@-PSS
|
|
Packit Service |
4684c1 |
Make an RSA signature on the hashed data with the PSS padding.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PRIVKEY_@-FLAG_@-REPRODUCIBLE
|
|
Packit Service |
4684c1 |
Make a signature on the hashed data with reproducible parameters.
|
|
Packit Service |
4684c1 |
For RSA-PSS, that means to use empty salt instead of random value. To
|
|
Packit Service |
4684c1 |
verify a signature created using this flag, the corresponding SPKI needs
|
|
Packit Service |
4684c1 |
to be set on the public key. Use @code{gnutls_pubkey_set_spki()} for that.
|
|
Packit Service |
4684c1 |
For ECDSA/DSA, it uses the deterministic construction of random parameter
|
|
Packit Service |
4684c1 |
according to RFC 6979. Note that this only supports the NIST curves and DSA
|
|
Packit Service |
4684c1 |
subgroup bits up to 512.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PRIVKEY_@-FLAG_@-CA
|
|
Packit Service |
4684c1 |
The generated private key is going to be used as a CA (relevant for RSA-PSS keys).
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_rnd_level_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-RND_@-NONCE
|
|
Packit Service |
4684c1 |
Non-predictable random number. Fatal in parts
|
|
Packit Service |
4684c1 |
of session if broken, i.e., vulnerable to statistical analysis.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-RND_@-RANDOM
|
|
Packit Service |
4684c1 |
Pseudo-random cryptographic random number.
|
|
Packit Service |
4684c1 |
Fatal in session if broken. Example use: temporal keys.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-RND_@-KEY
|
|
Packit Service |
4684c1 |
Fatal in many sessions if broken. Example use:
|
|
Packit Service |
4684c1 |
Long-term keys.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_ocsp_print_formats_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-OCSP_@-PRINT_@-FULL
|
|
Packit Service |
4684c1 |
Full information about OCSP request/response.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-OCSP_@-PRINT_@-COMPACT
|
|
Packit Service |
4684c1 |
More compact information about OCSP request/response.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_ocsp_resp_status_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-OCSP_@-RESP_@-SUCCESSFUL
|
|
Packit Service |
4684c1 |
Response has valid confirmations.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-OCSP_@-RESP_@-MALFORMEDREQUEST
|
|
Packit Service |
4684c1 |
Illegal confirmation request
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-OCSP_@-RESP_@-INTERNALERROR
|
|
Packit Service |
4684c1 |
Internal error in issuer
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-OCSP_@-RESP_@-TRYLATER
|
|
Packit Service |
4684c1 |
Try again later
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-OCSP_@-RESP_@-SIGREQUIRED
|
|
Packit Service |
4684c1 |
Must sign the request
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-OCSP_@-RESP_@-UNAUTHORIZED
|
|
Packit Service |
4684c1 |
Request unauthorized
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_ocsp_cert_status_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-OCSP_@-CERT_@-GOOD
|
|
Packit Service |
4684c1 |
Positive response to status inquiry.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-OCSP_@-CERT_@-REVOKED
|
|
Packit Service |
4684c1 |
Certificate has been revoked.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-OCSP_@-CERT_@-UNKNOWN
|
|
Packit Service |
4684c1 |
The responder doesn't know about the
|
|
Packit Service |
4684c1 |
certificate.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_x509_crl_reason_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-X509_@-CRLREASON_@-UNSPECIFIED
|
|
Packit Service |
4684c1 |
Unspecified reason.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-X509_@-CRLREASON_@-KEYCOMPROMISE
|
|
Packit Service |
4684c1 |
Private key compromised.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-X509_@-CRLREASON_@-CACOMPROMISE
|
|
Packit Service |
4684c1 |
CA compromised.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-X509_@-CRLREASON_@-AFFILIATIONCHANGED
|
|
Packit Service |
4684c1 |
Affiliation has changed.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-X509_@-CRLREASON_@-SUPERSEDED
|
|
Packit Service |
4684c1 |
Certificate superseded.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-X509_@-CRLREASON_@-CESSATIONOFOPERATION
|
|
Packit Service |
4684c1 |
Operation has ceased.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-X509_@-CRLREASON_@-CERTIFICATEHOLD
|
|
Packit Service |
4684c1 |
Certificate is on hold.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-X509_@-CRLREASON_@-REMOVEFROMCRL
|
|
Packit Service |
4684c1 |
Will be removed from delta CRL.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-X509_@-CRLREASON_@-PRIVILEGEWITHDRAWN
|
|
Packit Service |
4684c1 |
Privilege withdrawn.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-X509_@-CRLREASON_@-AACOMPROMISE
|
|
Packit Service |
4684c1 |
AA compromised.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_ocsp_verify_reason_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-OCSP_@-VERIFY_@-SIGNER_@-NOT_@-FOUND
|
|
Packit Service |
4684c1 |
Signer cert not found.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-OCSP_@-VERIFY_@-SIGNER_@-KEYUSAGE_@-ERROR
|
|
Packit Service |
4684c1 |
Signer keyusage bits incorrect.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-OCSP_@-VERIFY_@-UNTRUSTED_@-SIGNER
|
|
Packit Service |
4684c1 |
Signer is not trusted.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-OCSP_@-VERIFY_@-INSECURE_@-ALGORITHM
|
|
Packit Service |
4684c1 |
Signature using insecure algorithm.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-OCSP_@-VERIFY_@-SIGNATURE_@-FAILURE
|
|
Packit Service |
4684c1 |
Signature mismatch.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-OCSP_@-VERIFY_@-CERT_@-NOT_@-ACTIVATED
|
|
Packit Service |
4684c1 |
Signer cert is not yet activated.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-OCSP_@-VERIFY_@-CERT_@-EXPIRED
|
|
Packit Service |
4684c1 |
Signer cert has expired.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_tpmkey_fmt_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-TPMKEY_@-FMT_@-RAW
|
|
Packit Service |
4684c1 |
The portable data format.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-TPMKEY_@-FMT_@-DER
|
|
Packit Service |
4684c1 |
An alias for the raw format.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-TPMKEY_@-FMT_@-CTK_@-PEM
|
|
Packit Service |
4684c1 |
A custom data format used by some TPM tools.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c dane_cert_usage_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item DANE_@-CERT_@-USAGE_@-CA
|
|
Packit Service |
4684c1 |
CA constraint. The certificate/key
|
|
Packit Service |
4684c1 |
presented must have signed the verified key.
|
|
Packit Service |
4684c1 |
@item DANE_@-CERT_@-USAGE_@-EE
|
|
Packit Service |
4684c1 |
The key or the certificate of the end
|
|
Packit Service |
4684c1 |
entity.
|
|
Packit Service |
4684c1 |
@item DANE_@-CERT_@-USAGE_@-LOCAL_@-CA
|
|
Packit Service |
4684c1 |
The remote CA is local and possibly
|
|
Packit Service |
4684c1 |
untrusted by the verifier.
|
|
Packit Service |
4684c1 |
@item DANE_@-CERT_@-USAGE_@-LOCAL_@-EE
|
|
Packit Service |
4684c1 |
The remote end-entity key is local
|
|
Packit Service |
4684c1 |
and possibly untrusted by the verifier (not signed by a CA).
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c dane_cert_type_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item DANE_@-CERT_@-X509
|
|
Packit Service |
4684c1 |
An X.509 certificate.
|
|
Packit Service |
4684c1 |
@item DANE_@-CERT_@-PK
|
|
Packit Service |
4684c1 |
A public key.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c dane_match_type_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item DANE_@-MATCH_@-EXACT
|
|
Packit Service |
4684c1 |
The full content.
|
|
Packit Service |
4684c1 |
@item DANE_@-MATCH_@-SHA2_@-256
|
|
Packit Service |
4684c1 |
A SHA-256 hash of the content.
|
|
Packit Service |
4684c1 |
@item DANE_@-MATCH_@-SHA2_@-512
|
|
Packit Service |
4684c1 |
A SHA-512 hash of the content.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c dane_query_status_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item DANE_@-QUERY_@-UNKNOWN
|
|
Packit Service |
4684c1 |
There was no query.
|
|
Packit Service |
4684c1 |
@item DANE_@-QUERY_@-DNSSEC_@-VERIFIED
|
|
Packit Service |
4684c1 |
The query was verified using DNSSEC.
|
|
Packit Service |
4684c1 |
@item DANE_@-QUERY_@-BOGUS
|
|
Packit Service |
4684c1 |
The query has wrong DNSSEC signature.
|
|
Packit Service |
4684c1 |
@item DANE_@-QUERY_@-NO_@-DNSSEC
|
|
Packit Service |
4684c1 |
The query has no DNSSEC data.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c dane_state_flags_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item DANE_@-F_@-IGNORE_@-LOCAL_@-RESOLVER
|
|
Packit Service |
4684c1 |
Many systems are not DNSSEC-ready. In that case the local resolver is ignored, and a direct recursive resolve occurs.
|
|
Packit Service |
4684c1 |
@item DANE_@-F_@-INSECURE
|
|
Packit Service |
4684c1 |
Ignore any DNSSEC signature verification errors.
|
|
Packit Service |
4684c1 |
@item DANE_@-F_@-IGNORE_@-DNSSEC
|
|
Packit Service |
4684c1 |
Do not try to initialize DNSSEC as we will not use it (will then not try to load the DNSSEC root certificate). Useful if the TLSA data does not come from DNS.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c dane_verify_flags_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item DANE_@-VFLAG_@-FAIL_@-IF_@-NOT_@-CHECKED
|
|
Packit Service |
4684c1 |
If irrelevant to this certificate DANE entries are received fail instead of succeeding.
|
|
Packit Service |
4684c1 |
@item DANE_@-VFLAG_@-ONLY_@-CHECK_@-EE_@-USAGE
|
|
Packit Service |
4684c1 |
The provided certificates will be verified only against any EE field. Combine with @code{DANE_VFLAG_FAIL_IF_NOT_CHECKED} to fail if EE entries are not present.
|
|
Packit Service |
4684c1 |
@item DANE_@-VFLAG_@-ONLY_@-CHECK_@-CA_@-USAGE
|
|
Packit Service |
4684c1 |
The provided certificates will be verified only against any CA field. Combine with @code{DANE_VFLAG_FAIL_IF_NOT_CHECKED} to fail if CA entries are not present.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c dane_verify_status_t
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item DANE_@-VERIFY_@-CA_@-CONSTRAINTS_@-VIOLATED
|
|
Packit Service |
4684c1 |
The CA constraints were violated.
|
|
Packit Service |
4684c1 |
@item DANE_@-VERIFY_@-CERT_@-DIFFERS
|
|
Packit Service |
4684c1 |
The certificate obtained via DNS differs.
|
|
Packit Service |
4684c1 |
@item DANE_@-VERIFY_@-UNKNOWN_@-DANE_@-INFO
|
|
Packit Service |
4684c1 |
No known DANE data was found in the DNS record.
|
|
Packit Service |
4684c1 |
@end table
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@c gnutls_pkcs7_sign_flags
|
|
Packit Service |
4684c1 |
@table @code
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS7_@-EMBED_@-DATA
|
|
Packit Service |
4684c1 |
The signed data will be embedded in the structure.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS7_@-INCLUDE_@-TIME
|
|
Packit Service |
4684c1 |
The signing time will be included in the structure.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS7_@-INCLUDE_@-CERT
|
|
Packit Service |
4684c1 |
The signer's certificate will be included in the cert list.
|
|
Packit Service |
4684c1 |
@item GNUTLS_@-PKCS7_@-WRITE_@-SPKI
|
|
Packit Service |
4684c1 |
Use the signer's key identifier instead of name.
|
|
Packit Service |
4684c1 |
@end table
|