openpgp

openpgp

Synopsis

enum                gnutls_openpgp_crt_fmt_t;
typedef             gnutls_openpgp_keyid_t;
int                 gnutls_openpgp_crt_init             (gnutls_openpgp_crt_t *key);
void                gnutls_openpgp_crt_deinit           (gnutls_openpgp_crt_t key);
int                 gnutls_openpgp_crt_import           (gnutls_openpgp_crt_t key,
                                                         const gnutls_datum_t *data,
                                                         gnutls_openpgp_crt_fmt_t format);
int                 gnutls_openpgp_crt_export           (gnutls_openpgp_crt_t key,
                                                         gnutls_openpgp_crt_fmt_t format,
                                                         void *output_data,
                                                         size_t *output_data_size);
int                 gnutls_openpgp_crt_print            (gnutls_openpgp_crt_t cert,
                                                         gnutls_certificate_print_formats_t format,
                                                         gnutls_datum_t *out);
int                 gnutls_openpgp_crt_get_key_usage    (gnutls_openpgp_crt_t cert,
                                                         unsigned int *key_usage);
int                 gnutls_openpgp_crt_get_fingerprint  (gnutls_openpgp_crt_t key,
                                                         void *fpr,
                                                         size_t *fprlen);
int                 gnutls_openpgp_crt_get_subkey_fingerprint
                                                        (gnutls_openpgp_crt_t key,
                                                         unsigned int idx,
                                                         void *fpr,
                                                         size_t *fprlen);
int                 gnutls_openpgp_crt_get_name         (gnutls_openpgp_crt_t key,
                                                         int idx,
                                                         char *buf,
                                                         size_t *sizeof_buf);
gnutls_pk_algorithm_t  gnutls_openpgp_crt_get_pk_algorithm
                                                        (gnutls_openpgp_crt_t key,
                                                         unsigned int *bits);
int                 gnutls_openpgp_crt_get_version      (gnutls_openpgp_crt_t key);
time_t              gnutls_openpgp_crt_get_creation_time
                                                        (gnutls_openpgp_crt_t key);
time_t              gnutls_openpgp_crt_get_expiration_time
                                                        (gnutls_openpgp_crt_t key);
int                 gnutls_openpgp_crt_get_key_id       (gnutls_openpgp_crt_t key,
                                                         gnutls_openpgp_keyid_t keyid);
int                 gnutls_openpgp_crt_check_hostname   (gnutls_openpgp_crt_t key,
                                                         const char *hostname);
int                 gnutls_openpgp_crt_get_revoked_status
                                                        (gnutls_openpgp_crt_t key);
int                 gnutls_openpgp_crt_get_subkey_count (gnutls_openpgp_crt_t key);
int                 gnutls_openpgp_crt_get_subkey_idx   (gnutls_openpgp_crt_t key,
                                                         const gnutls_openpgp_keyid_t keyid);
int                 gnutls_openpgp_crt_get_subkey_revoked_status
                                                        (gnutls_openpgp_crt_t key,
                                                         unsigned int idx);
gnutls_pk_algorithm_t  gnutls_openpgp_crt_get_subkey_pk_algorithm
                                                        (gnutls_openpgp_crt_t key,
                                                         unsigned int idx,
                                                         unsigned int *bits);
time_t              gnutls_openpgp_crt_get_subkey_creation_time
                                                        (gnutls_openpgp_crt_t key,
                                                         unsigned int idx);
time_t              gnutls_openpgp_crt_get_subkey_expiration_time
                                                        (gnutls_openpgp_crt_t key,
                                                         unsigned int idx);
int                 gnutls_openpgp_crt_get_subkey_id    (gnutls_openpgp_crt_t key,
                                                         unsigned int idx,
                                                         gnutls_openpgp_keyid_t keyid);
int                 gnutls_openpgp_crt_get_subkey_usage (gnutls_openpgp_crt_t key,
                                                         unsigned int idx,
                                                         unsigned int *key_usage);
int                 gnutls_openpgp_crt_get_subkey_pk_dsa_raw
                                                        (gnutls_openpgp_crt_t crt,
                                                         unsigned int idx,
                                                         gnutls_datum_t *p,
                                                         gnutls_datum_t *q,
                                                         gnutls_datum_t *g,
                                                         gnutls_datum_t *y);
int                 gnutls_openpgp_crt_get_subkey_pk_rsa_raw
                                                        (gnutls_openpgp_crt_t crt,
                                                         unsigned int idx,
                                                         gnutls_datum_t *m,
                                                         gnutls_datum_t *e);
int                 gnutls_openpgp_crt_get_pk_dsa_raw   (gnutls_openpgp_crt_t crt,
                                                         gnutls_datum_t *p,
                                                         gnutls_datum_t *q,
                                                         gnutls_datum_t *g,
                                                         gnutls_datum_t *y);
int                 gnutls_openpgp_crt_get_pk_rsa_raw   (gnutls_openpgp_crt_t crt,
                                                         gnutls_datum_t *m,
                                                         gnutls_datum_t *e);
int                 gnutls_openpgp_crt_get_preferred_key_id
                                                        (gnutls_openpgp_crt_t key,
                                                         gnutls_openpgp_keyid_t keyid);
int                 gnutls_openpgp_crt_set_preferred_key_id
                                                        (gnutls_openpgp_crt_t key,
                                                         const gnutls_openpgp_keyid_t keyid);
int                 gnutls_openpgp_privkey_init         (gnutls_openpgp_privkey_t *key);
void                gnutls_openpgp_privkey_deinit       (gnutls_openpgp_privkey_t key);
gnutls_pk_algorithm_t  gnutls_openpgp_privkey_get_pk_algorithm
                                                        (gnutls_openpgp_privkey_t key,
                                                         unsigned int *bits);
int                 gnutls_openpgp_privkey_import       (gnutls_openpgp_privkey_t key,
                                                         const gnutls_datum_t *data,
                                                         gnutls_openpgp_crt_fmt_t format,
                                                         const char *pass,
                                                         unsigned int flags);
int                 gnutls_openpgp_privkey_sign_hash    (gnutls_openpgp_privkey_t key,
                                                         const gnutls_datum_t *hash,
                                                         gnutls_datum_t *signature);
int                 gnutls_openpgp_privkey_get_fingerprint
                                                        (gnutls_openpgp_privkey_t key,
                                                         void *fpr,
                                                         size_t *fprlen);
int                 gnutls_openpgp_privkey_get_subkey_fingerprint
                                                        (gnutls_openpgp_privkey_t key,
                                                         unsigned int idx,
                                                         void *fpr,
                                                         size_t *fprlen);
int                 gnutls_openpgp_privkey_get_key_id   (gnutls_openpgp_privkey_t key,
                                                         gnutls_openpgp_keyid_t keyid);
int                 gnutls_openpgp_privkey_get_subkey_count
                                                        (gnutls_openpgp_privkey_t key);
int                 gnutls_openpgp_privkey_get_subkey_idx
                                                        (gnutls_openpgp_privkey_t key,
                                                         const gnutls_openpgp_keyid_t keyid);
int                 gnutls_openpgp_privkey_get_subkey_revoked_status
                                                        (gnutls_openpgp_privkey_t key,
                                                         unsigned int idx);
int                 gnutls_openpgp_privkey_get_revoked_status
                                                        (gnutls_openpgp_privkey_t key);
gnutls_pk_algorithm_t  gnutls_openpgp_privkey_get_subkey_pk_algorithm
                                                        (gnutls_openpgp_privkey_t key,
                                                         unsigned int idx,
                                                         unsigned int *bits);
time_t              gnutls_openpgp_privkey_get_subkey_expiration_time
                                                        (gnutls_openpgp_privkey_t key,
                                                         unsigned int idx);
int                 gnutls_openpgp_privkey_get_subkey_id
                                                        (gnutls_openpgp_privkey_t key,
                                                         unsigned int idx,
                                                         gnutls_openpgp_keyid_t keyid);
time_t              gnutls_openpgp_privkey_get_subkey_creation_time
                                                        (gnutls_openpgp_privkey_t key,
                                                         unsigned int idx);
int                 gnutls_openpgp_privkey_export_subkey_dsa_raw
                                                        (gnutls_openpgp_privkey_t crt,
                                                         unsigned int idx,
                                                         gnutls_datum_t *p,
                                                         gnutls_datum_t *q,
                                                         gnutls_datum_t *g,
                                                         gnutls_datum_t *y,
                                                         gnutls_datum_t *x);
int                 gnutls_openpgp_privkey_export_subkey_rsa_raw
                                                        (gnutls_openpgp_privkey_t crt,
                                                         unsigned int idx,
                                                         gnutls_datum_t *m,
                                                         gnutls_datum_t *e,
                                                         gnutls_datum_t *d,
                                                         gnutls_datum_t *p,
                                                         gnutls_datum_t *q,
                                                         gnutls_datum_t *u);
int                 gnutls_openpgp_privkey_export_dsa_raw
                                                        (gnutls_openpgp_privkey_t crt,
                                                         gnutls_datum_t *p,
                                                         gnutls_datum_t *q,
                                                         gnutls_datum_t *g,
                                                         gnutls_datum_t *y,
                                                         gnutls_datum_t *x);
int                 gnutls_openpgp_privkey_export_rsa_raw
                                                        (gnutls_openpgp_privkey_t crt,
                                                         gnutls_datum_t *m,
                                                         gnutls_datum_t *e,
                                                         gnutls_datum_t *d,
                                                         gnutls_datum_t *p,
                                                         gnutls_datum_t *q,
                                                         gnutls_datum_t *u);
int                 gnutls_openpgp_privkey_export       (gnutls_openpgp_privkey_t key,
                                                         gnutls_openpgp_crt_fmt_t format,
                                                         const char *password,
                                                         unsigned int flags,
                                                         void *output_data,
                                                         size_t *output_data_size);
int                 gnutls_openpgp_privkey_set_preferred_key_id
                                                        (gnutls_openpgp_privkey_t key,
                                                         const gnutls_openpgp_keyid_t keyid);
int                 gnutls_openpgp_privkey_get_preferred_key_id
                                                        (gnutls_openpgp_privkey_t key,
                                                         gnutls_openpgp_keyid_t keyid);
int                 gnutls_openpgp_crt_get_auth_subkey  (gnutls_openpgp_crt_t crt,
                                                         gnutls_openpgp_keyid_t keyid,
                                                         unsigned int flag);
int                 gnutls_openpgp_keyring_init         (gnutls_openpgp_keyring_t *keyring);
void                gnutls_openpgp_keyring_deinit       (gnutls_openpgp_keyring_t keyring);
int                 gnutls_openpgp_keyring_import       (gnutls_openpgp_keyring_t keyring,
                                                         const gnutls_datum_t *data,
                                                         gnutls_openpgp_crt_fmt_t format);
int                 gnutls_openpgp_keyring_check_id     (gnutls_openpgp_keyring_t ring,
                                                         const gnutls_openpgp_keyid_t keyid,
                                                         unsigned int flags);
int                 gnutls_openpgp_crt_verify_ring      (gnutls_openpgp_crt_t key,
                                                         gnutls_openpgp_keyring_t keyring,
                                                         unsigned int flags,
                                                         unsigned int *verify);
int                 gnutls_openpgp_crt_verify_self      (gnutls_openpgp_crt_t key,
                                                         unsigned int flags,
                                                         unsigned int *verify);
int                 gnutls_openpgp_keyring_get_crt      (gnutls_openpgp_keyring_t ring,
                                                         unsigned int idx,
                                                         gnutls_openpgp_crt_t *cert);
int                 gnutls_openpgp_keyring_get_crt_count
                                                        (gnutls_openpgp_keyring_t ring);
int                 (*gnutls_openpgp_recv_key_func)     (gnutls_session_t session,
                                                         unsigned char *keyfpr,
                                                         unsigned int keyfpr_length,
                                                         gnutls_datum_t *key);
void                gnutls_openpgp_set_recv_key_function
                                                        (gnutls_session_t session,
                                                         gnutls_openpgp_recv_key_funcfunc );
int                 gnutls_certificate_set_openpgp_key  (gnutls_certificate_credentials_tres ,
                                                         gnutls_openpgp_crt_t key,
                                                         gnutls_openpgp_privkey_t pkey);
int                 gnutls_certificate_set_openpgp_key_file
                                                        (gnutls_certificate_credentials_tres ,
                                                         const char *CERTFILE,
                                                         const char *KEYFILE,
                                                         gnutls_openpgp_crt_fmt_t );
int                 gnutls_certificate_set_openpgp_key_mem
                                                        (gnutls_certificate_credentials_tres ,
                                                         const gnutls_datum_t *CERT,
                                                         const gnutls_datum_t *KEY,
                                                         gnutls_openpgp_crt_fmt_t );
int                 gnutls_certificate_set_openpgp_key_file2
                                                        (gnutls_certificate_credentials_tres ,
                                                         const char *CERTFILE,
                                                         const char *KEYFILE,
                                                         const char *keyid,
                                                         gnutls_openpgp_crt_fmt_t );
int                 gnutls_certificate_set_openpgp_key_mem2
                                                        (gnutls_certificate_credentials_tres ,
                                                         const gnutls_datum_t *CERT,
                                                         const gnutls_datum_t *KEY,
                                                         const char *keyid,
                                                         gnutls_openpgp_crt_fmt_t );
int                 gnutls_certificate_set_openpgp_keyring_mem
                                                        (gnutls_certificate_credentials_t c,
                                                         unsigned char *data,
                                                         size_t dlen,
                                                         gnutls_openpgp_crt_fmt_t );
int                 gnutls_certificate_set_openpgp_keyring_file
                                                        (gnutls_certificate_credentials_t c,
                                                         const char *file,
                                                         gnutls_openpgp_crt_fmt_t );

Description

Details

enum gnutls_openpgp_crt_fmt_t

  typedef enum gnutls_openpgp_crt_fmt
  { GNUTLS_OPENPGP_FMT_RAW,
    GNUTLS_OPENPGP_FMT_BASE64
  } gnutls_openpgp_crt_fmt_t;

gnutls_openpgp_keyid_t

  typedef unsigned char gnutls_openpgp_keyid_t[8];

gnutls_openpgp_crt_init ()

int                 gnutls_openpgp_crt_init             (gnutls_openpgp_crt_t *key);

This function will initialize an OpenPGP key structure.

key :

The structure to be initialized

Returns :

GNUTLS_E_SUCCESS on success, or an error code.

gnutls_openpgp_crt_deinit ()

void                gnutls_openpgp_crt_deinit           (gnutls_openpgp_crt_t key);

This function will deinitialize a key structure.

key :

The structure to be initialized

gnutls_openpgp_crt_import ()

int                 gnutls_openpgp_crt_import           (gnutls_openpgp_crt_t key,
                                                         const gnutls_datum_t *data,
                                                         gnutls_openpgp_crt_fmt_t format);

This function will convert the given RAW or Base64 encoded key to the native gnutls_openpgp_crt_t format. The output will be stored in 'key'.

key :

The structure to store the parsed key.

data :

The RAW or BASE64 encoded key.

format :

One of gnutls_openpgp_crt_fmt_t elements.

Returns :

GNUTLS_E_SUCCESS on success, or an error code.

gnutls_openpgp_crt_export ()

int                 gnutls_openpgp_crt_export           (gnutls_openpgp_crt_t key,
                                                         gnutls_openpgp_crt_fmt_t format,
                                                         void *output_data,
                                                         size_t *output_data_size);

This function will convert the given key to RAW or Base64 format. If the buffer provided is not long enough to hold the output, then GNUTLS_E_SHORT_MEMORY_BUFFER will be returned.

key :

Holds the key.

format :

One of gnutls_openpgp_crt_fmt_t elements.

output_data :

will contain the key base64 encoded or raw

output_data_size :

holds the size of output_data (and will be replaced by the actual size of parameters)

Returns :

GNUTLS_E_SUCCESS on success, or an error code.

gnutls_openpgp_crt_print ()

int                 gnutls_openpgp_crt_print            (gnutls_openpgp_crt_t cert,
                                                         gnutls_certificate_print_formats_t format,
                                                         gnutls_datum_t *out);

This function will pretty print an OpenPGP certificate, suitable for display to a human.

The format should be zero for future compatibility.

The output out needs to be deallocate using gnutls_free().

cert :

The structure to be printed

format :

Indicate the format to use

out :

Newly allocated datum with zero terminated string.

Returns :

GNUTLS_E_SUCCESS on success, or an error code.

gnutls_openpgp_crt_get_key_usage ()

int                 gnutls_openpgp_crt_get_key_usage    (gnutls_openpgp_crt_t cert,
                                                         unsigned int *key_usage);

This function will return certificate's key usage, by checking the key algorithm. The key usage value will ORed values of the: GNUTLS_KEY_DIGITAL_SIGNATURE, GNUTLS_KEY_KEY_ENCIPHERMENT.

key :

should contain a gnutls_openpgp_crt_t structure

key_usage :

where the key usage bits will be stored

Returns :

GNUTLS_E_SUCCESS on success, or an error code.

gnutls_openpgp_crt_get_fingerprint ()

int                 gnutls_openpgp_crt_get_fingerprint  (gnutls_openpgp_crt_t key,
                                                         void *fpr,
                                                         size_t *fprlen);

Get key fingerprint. Depending on the algorithm, the fingerprint can be 16 or 20 bytes.

key :

the raw data that contains the OpenPGP public key.

fpr :

the buffer to save the fingerprint, must hold at least 20 bytes.

fprlen :

the integer to save the length of the fingerprint.

Returns :

On success, 0 is returned. Otherwise, an error code.

gnutls_openpgp_crt_get_subkey_fingerprint ()

int                 gnutls_openpgp_crt_get_subkey_fingerprint
                                                        (gnutls_openpgp_crt_t key,
                                                         unsigned int idx,
                                                         void *fpr,
                                                         size_t *fprlen);

Get key fingerprint of a subkey. Depending on the algorithm, the fingerprint can be 16 or 20 bytes.

key :

the raw data that contains the OpenPGP public key.

idx :

the subkey index

fpr :

the buffer to save the fingerprint, must hold at least 20 bytes.

fprlen :

the integer to save the length of the fingerprint.

Returns :

On success, 0 is returned. Otherwise, an error code.

Since 2.4.0


gnutls_openpgp_crt_get_name ()

int                 gnutls_openpgp_crt_get_name         (gnutls_openpgp_crt_t key,
                                                         int idx,
                                                         char *buf,
                                                         size_t *sizeof_buf);

Extracts the userID from the parsed OpenPGP key.

key :

the structure that contains the OpenPGP public key.

idx :

the index of the ID to extract

buf :

a pointer to a structure to hold the name

sizeof_buf :

holds the maximum size of buf, on return hold the actual/required size of buf.

Returns :

GNUTLS_E_SUCCESS on success, and if the index of the ID does not exist GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE, or an error code.

gnutls_openpgp_crt_get_pk_algorithm ()

gnutls_pk_algorithm_t  gnutls_openpgp_crt_get_pk_algorithm
                                                        (gnutls_openpgp_crt_t key,
                                                         unsigned int *bits);

This function will return the public key algorithm of an OpenPGP certificate.

If bits is non null, it should have enough size to hold the parameters size in bits. For RSA the bits returned is the modulus. For DSA the bits returned are of the public exponent.

key :

is an OpenPGP key

bits :

if bits is non null it will hold the size of the parameters' in bits

Returns :

a member of the gnutls_pk_algorithm_t enumeration on success, or a negative value on error.

gnutls_openpgp_crt_get_version ()

int                 gnutls_openpgp_crt_get_version      (gnutls_openpgp_crt_t key);

Extract the version of the OpenPGP key.

key :

the structure that contains the OpenPGP public key.

Returns :

the version number is returned, or a negative value on errors.

gnutls_openpgp_crt_get_creation_time ()

time_t              gnutls_openpgp_crt_get_creation_time
                                                        (gnutls_openpgp_crt_t key);

Get key creation time.

key :

the structure that contains the OpenPGP public key.

Returns :

the timestamp when the OpenPGP key was created.

gnutls_openpgp_crt_get_expiration_time ()

time_t              gnutls_openpgp_crt_get_expiration_time
                                                        (gnutls_openpgp_crt_t key);

Get key expiration time. A value of '0' means that the key doesn't expire at all.

key :

the structure that contains the OpenPGP public key.

Returns :

the time when the OpenPGP key expires.

gnutls_openpgp_crt_get_key_id ()

int                 gnutls_openpgp_crt_get_key_id       (gnutls_openpgp_crt_t key,
                                                         gnutls_openpgp_keyid_t keyid);

Get key id string.

key :

the structure that contains the OpenPGP public key.

keyid :

the buffer to save the keyid.

Returns :

the 64-bit keyID of the OpenPGP key.

Since 2.4.0


gnutls_openpgp_crt_check_hostname ()

int                 gnutls_openpgp_crt_check_hostname   (gnutls_openpgp_crt_t key,
                                                         const char *hostname);

This function will check if the given key's owner matches the given hostname. This is a basic implementation of the matching described in RFC2818 (HTTPS), which takes into account wildcards.

key :

should contain an gnutls_openpgp_crt_t structure

hostname :

A null terminated string that contains a DNS name

Returns :

GNUTLS_E_SUCCESS on success, or an error code.

gnutls_openpgp_crt_get_revoked_status ()

int                 gnutls_openpgp_crt_get_revoked_status
                                                        (gnutls_openpgp_crt_t key);

Get revocation status of key.

key :

the structure that contains the OpenPGP public key.

Returns :

true (1) if the key has been revoked, or false (0) if it has not.

Since 2.4.0


gnutls_openpgp_crt_get_subkey_count ()

int                 gnutls_openpgp_crt_get_subkey_count (gnutls_openpgp_crt_t key);

This function will return the number of subkeys present in the given OpenPGP certificate.

key :

is an OpenPGP key

Returns :

the number of subkeys, or a negative value on error.

Since 2.4.0


gnutls_openpgp_crt_get_subkey_idx ()

int                 gnutls_openpgp_crt_get_subkey_idx   (gnutls_openpgp_crt_t key,
                                                         const gnutls_openpgp_keyid_t keyid);

Get subkey's index.

key :

the structure that contains the OpenPGP public key.

keyid :

the keyid.

Returns :

the index of the subkey or a negative error value.

Since 2.4.0


gnutls_openpgp_crt_get_subkey_revoked_status ()

int                 gnutls_openpgp_crt_get_subkey_revoked_status
                                                        (gnutls_openpgp_crt_t key,
                                                         unsigned int idx);

Get subkey revocation status. A negative value indicates an error.

key :

the structure that contains the OpenPGP public key.

idx :

is the subkey index

Returns :

true (1) if the key has been revoked, or false (0) if it has not.

Since 2.4.0


gnutls_openpgp_crt_get_subkey_pk_algorithm ()

gnutls_pk_algorithm_t  gnutls_openpgp_crt_get_subkey_pk_algorithm
                                                        (gnutls_openpgp_crt_t key,
                                                         unsigned int idx,
                                                         unsigned int *bits);

This function will return the public key algorithm of a subkey of an OpenPGP certificate.

If bits is non null, it should have enough size to hold the parameters size in bits. For RSA the bits returned is the modulus. For DSA the bits returned are of the public exponent.

key :

is an OpenPGP key

idx :

is the subkey index

bits :

if bits is non null it will hold the size of the parameters' in bits

Returns :

a member of the gnutls_pk_algorithm_t enumeration on success, or a negative value on error.

Since 2.4.0


gnutls_openpgp_crt_get_subkey_creation_time ()

time_t              gnutls_openpgp_crt_get_subkey_creation_time
                                                        (gnutls_openpgp_crt_t key,
                                                         unsigned int idx);

Get subkey creation time.

key :

the structure that contains the OpenPGP public key.

idx :

the subkey index

Returns :

the timestamp when the OpenPGP sub-key was created.

Since 2.4.0


gnutls_openpgp_crt_get_subkey_expiration_time ()

time_t              gnutls_openpgp_crt_get_subkey_expiration_time
                                                        (gnutls_openpgp_crt_t key,
                                                         unsigned int idx);

Get subkey expiration time. A value of '0' means that the key doesn't expire at all.

key :

the structure that contains the OpenPGP public key.

idx :

the subkey index

Returns :

the time when the OpenPGP key expires.

Since 2.4.0


gnutls_openpgp_crt_get_subkey_id ()

int                 gnutls_openpgp_crt_get_subkey_id    (gnutls_openpgp_crt_t key,
                                                         unsigned int idx,
                                                         gnutls_openpgp_keyid_t keyid);

Get the subkey's key-id.

key :

the structure that contains the OpenPGP public key.

idx :

the subkey index

keyid :

the buffer to save the keyid.

Returns :

the 64-bit keyID of the OpenPGP key.

gnutls_openpgp_crt_get_subkey_usage ()

int                 gnutls_openpgp_crt_get_subkey_usage (gnutls_openpgp_crt_t key,
                                                         unsigned int idx,
                                                         unsigned int *key_usage);

This function will return certificate's key usage, by checking the key algorithm. The key usage value will ORed values of GNUTLS_KEY_DIGITAL_SIGNATURE or GNUTLS_KEY_KEY_ENCIPHERMENT.

A negative value may be returned in case of parsing error.

key :

should contain a gnutls_openpgp_crt_t structure

idx :

the subkey index

key_usage :

where the key usage bits will be stored

Returns :

key usage value.

Since 2.4.0


gnutls_openpgp_crt_get_subkey_pk_dsa_raw ()

int                 gnutls_openpgp_crt_get_subkey_pk_dsa_raw
                                                        (gnutls_openpgp_crt_t crt,
                                                         unsigned int idx,
                                                         gnutls_datum_t *p,
                                                         gnutls_datum_t *q,
                                                         gnutls_datum_t *g,
                                                         gnutls_datum_t *y);

This function will export the DSA public key's parameters found in the given certificate. The new parameters will be allocated using gnutls_malloc() and will be stored in the appropriate datum.

crt :

Holds the certificate

idx :

Is the subkey index

p :

will hold the p

q :

will hold the q

g :

will hold the g

y :

will hold the y

Returns :

GNUTLS_E_SUCCESS on success, otherwise an error.

Since 2.4.0


gnutls_openpgp_crt_get_subkey_pk_rsa_raw ()

int                 gnutls_openpgp_crt_get_subkey_pk_rsa_raw
                                                        (gnutls_openpgp_crt_t crt,
                                                         unsigned int idx,
                                                         gnutls_datum_t *m,
                                                         gnutls_datum_t *e);

This function will export the RSA public key's parameters found in the given structure. The new parameters will be allocated using gnutls_malloc() and will be stored in the appropriate datum.

crt :

Holds the certificate

idx :

Is the subkey index

m :

will hold the modulus

e :

will hold the public exponent

Returns :

GNUTLS_E_SUCCESS on success, otherwise an error.

Since 2.4.0


gnutls_openpgp_crt_get_pk_dsa_raw ()

int                 gnutls_openpgp_crt_get_pk_dsa_raw   (gnutls_openpgp_crt_t crt,
                                                         gnutls_datum_t *p,
                                                         gnutls_datum_t *q,
                                                         gnutls_datum_t *g,
                                                         gnutls_datum_t *y);

This function will export the DSA public key's parameters found in the given certificate. The new parameters will be allocated using gnutls_malloc() and will be stored in the appropriate datum.

crt :

Holds the certificate

p :

will hold the p

q :

will hold the q

g :

will hold the g

y :

will hold the y

Returns :

GNUTLS_E_SUCCESS on success, otherwise an error.

Since 2.4.0


gnutls_openpgp_crt_get_pk_rsa_raw ()

int                 gnutls_openpgp_crt_get_pk_rsa_raw   (gnutls_openpgp_crt_t crt,
                                                         gnutls_datum_t *m,
                                                         gnutls_datum_t *e);

This function will export the RSA public key's parameters found in the given structure. The new parameters will be allocated using gnutls_malloc() and will be stored in the appropriate datum.

crt :

Holds the certificate

m :

will hold the modulus

e :

will hold the public exponent

Returns :

GNUTLS_E_SUCCESS on success, otherwise an error.

Since 2.4.0


gnutls_openpgp_crt_get_preferred_key_id ()

int                 gnutls_openpgp_crt_get_preferred_key_id
                                                        (gnutls_openpgp_crt_t key,
                                                         gnutls_openpgp_keyid_t keyid);

Get preferred key id. If it hasn't been set it returns GNUTLS_E_INVALID_REQUEST.

key :

the structure that contains the OpenPGP public key.

keyid :

the struct to save the keyid.

Returns :

the 64-bit preferred keyID of the OpenPGP key.

gnutls_openpgp_crt_set_preferred_key_id ()

int                 gnutls_openpgp_crt_set_preferred_key_id
                                                        (gnutls_openpgp_crt_t key,
                                                         const gnutls_openpgp_keyid_t keyid);

This allows setting a preferred key id for the given certificate. This key will be used by functions that involve key handling.

key :

the structure that contains the OpenPGP public key.

keyid :

the selected keyid

gnutls_openpgp_privkey_init ()

int                 gnutls_openpgp_privkey_init         (gnutls_openpgp_privkey_t *key);

This function will initialize an OpenPGP key structure.

key :

The structure to be initialized

Returns :

GNUTLS_E_SUCCESS on success, or an error code.

gnutls_openpgp_privkey_deinit ()

void                gnutls_openpgp_privkey_deinit       (gnutls_openpgp_privkey_t key);

This function will deinitialize a key structure.

key :

The structure to be initialized

gnutls_openpgp_privkey_get_pk_algorithm ()

gnutls_pk_algorithm_t  gnutls_openpgp_privkey_get_pk_algorithm
                                                        (gnutls_openpgp_privkey_t key,
                                                         unsigned int *bits);

This function will return the public key algorithm of an OpenPGP certificate.

If bits is non null, it should have enough size to hold the parameters size in bits. For RSA the bits returned is the modulus. For DSA the bits returned are of the public exponent.

key :

is an OpenPGP key

bits :

if bits is non null it will hold the size of the parameters' in bits

Returns :

a member of the gnutls_pk_algorithm_t enumeration on success, or a negative value on error.

Since 2.4.0


gnutls_openpgp_privkey_import ()

int                 gnutls_openpgp_privkey_import       (gnutls_openpgp_privkey_t key,
                                                         const gnutls_datum_t *data,
                                                         gnutls_openpgp_crt_fmt_t format,
                                                         const char *pass,
                                                         unsigned int flags);

This function will convert the given RAW or Base64 encoded key to the native gnutls_openpgp_privkey_t format. The output will be stored in 'key'.

key :

The structure to store the parsed key.

data :

The RAW or BASE64 encoded key.

format :

One of gnutls_openpgp_crt_fmt_t elements.

password :

(unused for now)

flags :

should be zero

Returns :

GNUTLS_E_SUCCESS on success, or an error code.

gnutls_openpgp_privkey_sign_hash ()

int                 gnutls_openpgp_privkey_sign_hash    (gnutls_openpgp_privkey_t key,
                                                         const gnutls_datum_t *hash,
                                                         gnutls_datum_t *signature);

This function will sign the given hash using the private key. You should use gnutls_openpgp_privkey_set_subkey() before calling this function to set the subkey to use.

key :

Holds the key

hash :

holds the data to be signed

signature :

will contain newly allocated signature

Returns :

On success, GNUTLS_E_SUCCESS is returned, otherwise a negative error value.

gnutls_openpgp_privkey_get_fingerprint ()

int                 gnutls_openpgp_privkey_get_fingerprint
                                                        (gnutls_openpgp_privkey_t key,
                                                         void *fpr,
                                                         size_t *fprlen);

Get the fingerprint of the OpenPGP key. Depends on the algorithm, the fingerprint can be 16 or 20 bytes.

key :

the raw data that contains the OpenPGP secret key.

fpr :

the buffer to save the fingerprint, must hold at least 20 bytes.

fprlen :

the integer to save the length of the fingerprint.

Returns :

On success, 0 is returned, or an error code.

Since 2.4.0


gnutls_openpgp_privkey_get_subkey_fingerprint ()

int                 gnutls_openpgp_privkey_get_subkey_fingerprint
                                                        (gnutls_openpgp_privkey_t key,
                                                         unsigned int idx,
                                                         void *fpr,
                                                         size_t *fprlen);

Get the fingerprint of an OpenPGP subkey. Depends on the algorithm, the fingerprint can be 16 or 20 bytes.

key :

the raw data that contains the OpenPGP secret key.

idx :

the subkey index

fpr :

the buffer to save the fingerprint, must hold at least 20 bytes.

fprlen :

the integer to save the length of the fingerprint.

Returns :

On success, 0 is returned, or an error code.

Since 2.4.0


gnutls_openpgp_privkey_get_key_id ()

int                 gnutls_openpgp_privkey_get_key_id   (gnutls_openpgp_privkey_t key,
                                                         gnutls_openpgp_keyid_t keyid);

Get key-id.

key :

the structure that contains the OpenPGP secret key.

keyid :

the buffer to save the keyid.

Returns :

the 64-bit keyID of the OpenPGP key.

Since 2.4.0


gnutls_openpgp_privkey_get_subkey_count ()

int                 gnutls_openpgp_privkey_get_subkey_count
                                                        (gnutls_openpgp_privkey_t key);

This function will return the number of subkeys present in the given OpenPGP certificate.

key :

is an OpenPGP key

Returns :

the number of subkeys, or a negative value on error.

Since 2.4.0


gnutls_openpgp_privkey_get_subkey_idx ()

int                 gnutls_openpgp_privkey_get_subkey_idx
                                                        (gnutls_openpgp_privkey_t key,
                                                         const gnutls_openpgp_keyid_t keyid);

Get index of subkey.

key :

the structure that contains the OpenPGP private key.

keyid :

the keyid.

Returns :

the index of the subkey or a negative error value.

Since 2.4.0


gnutls_openpgp_privkey_get_subkey_revoked_status ()

int                 gnutls_openpgp_privkey_get_subkey_revoked_status
                                                        (gnutls_openpgp_privkey_t key,
                                                         unsigned int idx);

gnutls_openpgp_privkey_get_revoked_status ()

int                 gnutls_openpgp_privkey_get_revoked_status
                                                        (gnutls_openpgp_privkey_t key);

gnutls_openpgp_privkey_get_subkey_pk_algorithm ()

gnutls_pk_algorithm_t  gnutls_openpgp_privkey_get_subkey_pk_algorithm
                                                        (gnutls_openpgp_privkey_t key,
                                                         unsigned int idx,
                                                         unsigned int *bits);

This function will return the public key algorithm of a subkey of an OpenPGP certificate.

If bits is non null, it should have enough size to hold the parameters size in bits. For RSA the bits returned is the modulus. For DSA the bits returned are of the public exponent.

key :

is an OpenPGP key

idx :

is the subkey index

bits :

if bits is non null it will hold the size of the parameters' in bits

Returns :

a member of the gnutls_pk_algorithm_t enumeration on success, or a negative value on error.

Since 2.4.0


gnutls_openpgp_privkey_get_subkey_expiration_time ()

time_t              gnutls_openpgp_privkey_get_subkey_expiration_time
                                                        (gnutls_openpgp_privkey_t key,
                                                         unsigned int idx);

Get subkey expiration time. A value of '0' means that the key doesn't expire at all.

key :

the structure that contains the OpenPGP private key.

idx :

the subkey index

Returns :

the time when the OpenPGP key expires.

Since 2.4.0


gnutls_openpgp_privkey_get_subkey_id ()

int                 gnutls_openpgp_privkey_get_subkey_id
                                                        (gnutls_openpgp_privkey_t key,
                                                         unsigned int idx,
                                                         gnutls_openpgp_keyid_t keyid);

Get the key-id for the subkey.

key :

the structure that contains the OpenPGP secret key.

idx :

the subkey index

keyid :

the buffer to save the keyid.

Returns :

the 64-bit keyID of the OpenPGP key.

Since 2.4.0


gnutls_openpgp_privkey_get_subkey_creation_time ()

time_t              gnutls_openpgp_privkey_get_subkey_creation_time
                                                        (gnutls_openpgp_privkey_t key,
                                                         unsigned int idx);

Get subkey creation time.

key :

the structure that contains the OpenPGP private key.

idx :

the subkey index

Returns :

the timestamp when the OpenPGP key was created.

Since 2.4.0


gnutls_openpgp_privkey_export_subkey_dsa_raw ()

int                 gnutls_openpgp_privkey_export_subkey_dsa_raw
                                                        (gnutls_openpgp_privkey_t crt,
                                                         unsigned int idx,
                                                         gnutls_datum_t *p,
                                                         gnutls_datum_t *q,
                                                         gnutls_datum_t *g,
                                                         gnutls_datum_t *y,
                                                         gnutls_datum_t *x);

This function will export the DSA private key's parameters found in the given certificate. The new parameters will be allocated using gnutls_malloc() and will be stored in the appropriate datum.

pkey :

Holds the certificate

idx :

Is the subkey index

p :

will hold the p

q :

will hold the q

g :

will hold the g

y :

will hold the y

x :

will hold the x

Returns :

GNUTLS_E_SUCCESS on success, otherwise an error.

Since 2.4.0


gnutls_openpgp_privkey_export_subkey_rsa_raw ()

int                 gnutls_openpgp_privkey_export_subkey_rsa_raw
                                                        (gnutls_openpgp_privkey_t crt,
                                                         unsigned int idx,
                                                         gnutls_datum_t *m,
                                                         gnutls_datum_t *e,
                                                         gnutls_datum_t *d,
                                                         gnutls_datum_t *p,
                                                         gnutls_datum_t *q,
                                                         gnutls_datum_t *u);

This function will export the RSA private key's parameters found in the given structure. The new parameters will be allocated using gnutls_malloc() and will be stored in the appropriate datum.

pkey :

Holds the certificate

idx :

Is the subkey index

m :

will hold the modulus

e :

will hold the public exponent

d :

will hold the private exponent

p :

will hold the first prime (p)

q :

will hold the second prime (q)

u :

will hold the coefficient

Returns :

GNUTLS_E_SUCCESS on success, otherwise an error.

Since 2.4.0


gnutls_openpgp_privkey_export_dsa_raw ()

int                 gnutls_openpgp_privkey_export_dsa_raw
                                                        (gnutls_openpgp_privkey_t crt,
                                                         gnutls_datum_t *p,
                                                         gnutls_datum_t *q,
                                                         gnutls_datum_t *g,
                                                         gnutls_datum_t *y,
                                                         gnutls_datum_t *x);

This function will export the DSA private key's parameters found in the given certificate. The new parameters will be allocated using gnutls_malloc() and will be stored in the appropriate datum.

pkey :

Holds the certificate

p :

will hold the p

q :

will hold the q

g :

will hold the g

y :

will hold the y

x :

will hold the x

Returns :

GNUTLS_E_SUCCESS on success, otherwise an error.

Since 2.4.0


gnutls_openpgp_privkey_export_rsa_raw ()

int                 gnutls_openpgp_privkey_export_rsa_raw
                                                        (gnutls_openpgp_privkey_t crt,
                                                         gnutls_datum_t *m,
                                                         gnutls_datum_t *e,
                                                         gnutls_datum_t *d,
                                                         gnutls_datum_t *p,
                                                         gnutls_datum_t *q,
                                                         gnutls_datum_t *u);

This function will export the RSA private key's parameters found in the given structure. The new parameters will be allocated using gnutls_malloc() and will be stored in the appropriate datum.

pkey :

Holds the certificate

m :

will hold the modulus

e :

will hold the public exponent

d :

will hold the private exponent

p :

will hold the first prime (p)

q :

will hold the second prime (q)

u :

will hold the coefficient

Returns :

GNUTLS_E_SUCCESS on success, otherwise an error.

Since 2.4.0


gnutls_openpgp_privkey_export ()

int                 gnutls_openpgp_privkey_export       (gnutls_openpgp_privkey_t key,
                                                         gnutls_openpgp_crt_fmt_t format,
                                                         const char *password,
                                                         unsigned int flags,
                                                         void *output_data,
                                                         size_t *output_data_size);

This function will convert the given key to RAW or Base64 format. If the buffer provided is not long enough to hold the output, then GNUTLS_E_SHORT_MEMORY_BUFFER will be returned.

key :

Holds the key.

format :

One of gnutls_openpgp_crt_fmt_t elements.

password :

the password that will be used to encrypt the key. (unused for now)

flags :

zero for future compatibility

output_data :

will contain the key base64 encoded or raw

output_data_size :

holds the size of output_data (and will be replaced by the actual size of parameters)

Returns :

GNUTLS_E_SUCCESS on success, or an error code.

Since 2.4.0


gnutls_openpgp_privkey_set_preferred_key_id ()

int                 gnutls_openpgp_privkey_set_preferred_key_id
                                                        (gnutls_openpgp_privkey_t key,
                                                         const gnutls_openpgp_keyid_t keyid);

This allows setting a preferred key id for the given certificate. This key will be used by functions that involve key handling.

key :

the structure that contains the OpenPGP public key.

keyid :

the selected keyid

Returns :

On success, 0 is returned, or an error code.

gnutls_openpgp_privkey_get_preferred_key_id ()

int                 gnutls_openpgp_privkey_get_preferred_key_id
                                                        (gnutls_openpgp_privkey_t key,
                                                         gnutls_openpgp_keyid_t keyid);

Get the preferred key-id for the key.

key :

the structure that contains the OpenPGP public key.

keyid :

the struct to save the keyid.

Returns :

the 64-bit preferred keyID of the OpenPGP key, or if it hasn't been set it returns GNUTLS_E_INVALID_REQUEST.

gnutls_openpgp_crt_get_auth_subkey ()

int                 gnutls_openpgp_crt_get_auth_subkey  (gnutls_openpgp_crt_t crt,
                                                         gnutls_openpgp_keyid_t keyid,
                                                         unsigned int flag);

Returns the 64-bit keyID of the first valid OpenPGP subkey marked for authentication. If flag is non zero and no authentication subkey exists, then a valid subkey will be returned even if it is not marked for authentication. Returns the 64-bit keyID of the first valid OpenPGP subkey marked for authentication. If flag is non zero and no authentication subkey exists, then a valid subkey will be returned even if it is not marked for authentication.

key :

the structure that contains the OpenPGP public key.

keyid :

the struct to save the keyid.

flag :

Non zero indicates that a valid subkey is always returned.

Returns :

GNUTLS_E_SUCCESS on success, or an error code.

gnutls_openpgp_keyring_init ()

int                 gnutls_openpgp_keyring_init         (gnutls_openpgp_keyring_t *keyring);

This function will initialize an keyring structure.

keyring :

The structure to be initialized

Returns :

GNUTLS_E_SUCCESS on success, or an error code.

gnutls_openpgp_keyring_deinit ()

void                gnutls_openpgp_keyring_deinit       (gnutls_openpgp_keyring_t keyring);

This function will deinitialize a keyring structure.

keyring :

The structure to be initialized

gnutls_openpgp_keyring_import ()

int                 gnutls_openpgp_keyring_import       (gnutls_openpgp_keyring_t keyring,
                                                         const gnutls_datum_t *data,
                                                         gnutls_openpgp_crt_fmt_t format);

This function will convert the given RAW or Base64 encoded keyring to the native gnutls_openpgp_keyring_t format. The output will be stored in 'keyring'.

keyring :

The structure to store the parsed key.

data :

The RAW or BASE64 encoded keyring.

format :

One of gnutls_openpgp_keyring_fmt elements.

Returns :

GNUTLS_E_SUCCESS on success, or an error code.

gnutls_openpgp_keyring_check_id ()

int                 gnutls_openpgp_keyring_check_id     (gnutls_openpgp_keyring_t ring,
                                                         const gnutls_openpgp_keyid_t keyid,
                                                         unsigned int flags);

Check if a given key ID exists in the keyring.

ring :

holds the keyring to check against

keyid :

will hold the keyid to check for.

flags :

unused (should be 0)

Returns :

GNUTLS_E_SUCCESS on success (if keyid exists) and a negative error code on failure.

gnutls_openpgp_crt_verify_ring ()

int                 gnutls_openpgp_crt_verify_ring      (gnutls_openpgp_crt_t key,
                                                         gnutls_openpgp_keyring_t keyring,
                                                         unsigned int flags,
                                                         unsigned int *verify);

Verify all signatures in the key, using the given set of keys (keyring).

The key verification output will be put in verify and will be one or more of the gnutls_certificate_status_t enumerated elements bitwise or'd.

GNUTLS_CERT_INVALID: A signature on the key is invalid.

GNUTLS_CERT_REVOKED: The key has been revoked.

Note that this function does not verify using any "web of trust". You may use GnuPG for that purpose, or any other external PGP application.

key :

the structure that holds the key.

keyring :

holds the keyring to check against

flags :

unused (should be 0)

verify :

will hold the certificate verification output.

Returns :

GNUTLS_E_SUCCESS on success, or an error code.

gnutls_openpgp_crt_verify_self ()

int                 gnutls_openpgp_crt_verify_self      (gnutls_openpgp_crt_t key,
                                                         unsigned int flags,
                                                         unsigned int *verify);

Verifies the self signature in the key. The key verification output will be put in verify and will be one or more of the gnutls_certificate_status_t enumerated elements bitwise or'd.

GNUTLS_CERT_INVALID: The self signature on the key is invalid.

key :

the structure that holds the key.

flags :

unused (should be 0)

verify :

will hold the key verification output.

Returns :

GNUTLS_E_SUCCESS on success, or an error code.

gnutls_openpgp_keyring_get_crt ()

int                 gnutls_openpgp_keyring_get_crt      (gnutls_openpgp_keyring_t ring,
                                                         unsigned int idx,
                                                         gnutls_openpgp_crt_t *cert);

This function will extract an OpenPGP certificate from the given keyring. If the index given is out of range GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned. The returned structure needs to be deinited.

key :

Holds the key.

idx :

the index of the certificate to export

crt :

An uninitialized gnutls_openpgp_crt_t structure

Returns :

GNUTLS_E_SUCCESS on success, or an error code.

gnutls_openpgp_keyring_get_crt_count ()

int                 gnutls_openpgp_keyring_get_crt_count
                                                        (gnutls_openpgp_keyring_t ring);

This function will return the number of OpenPGP certificates present in the given keyring.

ring :

is an OpenPGP key ring

Returns :

the number of subkeys, or a negative value on error.

gnutls_openpgp_recv_key_func ()

int                 (*gnutls_openpgp_recv_key_func)     (gnutls_session_t session,
                                                         unsigned char *keyfpr,
                                                         unsigned int keyfpr_length,
                                                         gnutls_datum_t *key);

A callback of this type is used to retrieve OpenPGP keys. Only useful on the server, and will only be used if the peer send a key fingerprint instead of a full key. See also gnutls_openpgp_set_recv_key_function().

session :

a TLS session

keyfpr :

key fingerprint

keyfpr_length :

length of key fingerprint

key :

output key.

gnutls_openpgp_set_recv_key_function ()

void                gnutls_openpgp_set_recv_key_function
                                                        (gnutls_session_t session,
                                                         gnutls_openpgp_recv_key_funcfunc );

This funtion will set a key retrieval function for OpenPGP keys. This callback is only useful in server side, and will be used if the peer sent a key fingerprint instead of a full key.

session :

a TLS session

func :

the callback

gnutls_certificate_set_openpgp_key ()

int                 gnutls_certificate_set_openpgp_key  (gnutls_certificate_credentials_tres ,
                                                         gnutls_openpgp_crt_t key,
                                                         gnutls_openpgp_privkey_t pkey);

This function sets a certificate/private key pair in the gnutls_certificate_credentials_t structure. This function may be called more than once (in case multiple keys/certificates exist for the server).

With this function the subkeys of the certificate are not used.

res :

is an gnutls_certificate_credentials_t structure.

key :

contains an openpgp public key

pkey :

is an openpgp private key

gnutls_certificate_set_openpgp_key_file ()

int                 gnutls_certificate_set_openpgp_key_file
                                                        (gnutls_certificate_credentials_tres ,
                                                         const char *CERTFILE,
                                                         const char *KEYFILE,
                                                         gnutls_openpgp_crt_fmt_t );

This funtion is used to load OpenPGP keys into the GnuTLS credentials structure. The files should only contain one key which is not encrypted.

res :

the destination context to save the data.

certfile :

the file that contains the public key.

keyfile :

the file that contains the secret key.

format :

the format of the keys

Returns :

On success, GNUTLS_E_SUCCESS is returned, otherwise a negative error value.

gnutls_certificate_set_openpgp_key_mem ()

int                 gnutls_certificate_set_openpgp_key_mem
                                                        (gnutls_certificate_credentials_tres ,
                                                         const gnutls_datum_t *CERT,
                                                         const gnutls_datum_t *KEY,
                                                         gnutls_openpgp_crt_fmt_t );

This funtion is used to load OpenPGP keys into the GnuTLS credential structure. The files should contain non encrypted keys.

res :

the destination context to save the data.

cert :

the datum that contains the public key.

key :

the datum that contains the secret key.

format :

the format of the keys

Returns :

On success, GNUTLS_E_SUCCESS is returned, otherwise a negative error value.

gnutls_certificate_set_openpgp_key_file2 ()

int                 gnutls_certificate_set_openpgp_key_file2
                                                        (gnutls_certificate_credentials_tres ,
                                                         const char *CERTFILE,
                                                         const char *KEYFILE,
                                                         const char *keyid,
                                                         gnutls_openpgp_crt_fmt_t );

This funtion is used to load OpenPGP keys into the GnuTLS credential structure. The files should contain non encrypted keys.

The special keyword "auto" is also accepted as &subkey_id. In that case the gnutls_openpgp_crt_get_auth_subkey() will be used to retrieve the subkey.

res :

the destination context to save the data.

certfile :

the file that contains the public key.

keyfile :

the file that contains the secret key.

subkey_id :

a hex encoded subkey id

format :

the format of the keys

Returns :

On success, GNUTLS_E_SUCCESS is returned, otherwise a negative error value.

Since 2.4.0


gnutls_certificate_set_openpgp_key_mem2 ()

int                 gnutls_certificate_set_openpgp_key_mem2
                                                        (gnutls_certificate_credentials_tres ,
                                                         const gnutls_datum_t *CERT,
                                                         const gnutls_datum_t *KEY,
                                                         const char *keyid,
                                                         gnutls_openpgp_crt_fmt_t );

This funtion is used to load OpenPGP keys into the GnuTLS credentials structure. The files should only contain one key which is not encrypted.

The special keyword "auto" is also accepted as &subkey_id. In that case the gnutls_openpgp_crt_get_auth_subkey() will be used to retrieve the subkey.

res :

the destination context to save the data.

cert :

the datum that contains the public key.

key :

the datum that contains the secret key.

subkey_id :

a hex encoded subkey id

format :

the format of the keys

Returns :

On success, GNUTLS_E_SUCCESS is returned, otherwise a negative error value.

Since 2.4.0


gnutls_certificate_set_openpgp_keyring_mem ()

int                 gnutls_certificate_set_openpgp_keyring_mem
                                                        (gnutls_certificate_credentials_t c,
                                                         unsigned char *data,
                                                         size_t dlen,
                                                         gnutls_openpgp_crt_fmt_t );

The function is used to set keyrings that will be used internally by various OpenPGP functions. For example to find a key when it is needed for an operations. The keyring will also be used at the verification functions.

c :

A certificate credentials structure

data :

buffer with keyring data.

dlen :

length of data buffer.

Returns :

On success, GNUTLS_E_SUCCESS is returned, otherwise a negative error value.

gnutls_certificate_set_openpgp_keyring_file ()

int                 gnutls_certificate_set_openpgp_keyring_file
                                                        (gnutls_certificate_credentials_t c,
                                                         const char *file,
                                                         gnutls_openpgp_crt_fmt_t );

The function is used to set keyrings that will be used internally by various OpenPGP functions. For example to find a key when it is needed for an operations. The keyring will also be used at the verification functions.

c :

A certificate credentials structure

file :

filename of the keyring.

Returns :

On success, GNUTLS_E_SUCCESS is returned, otherwise a negative error value.