[INCLUDE]
authorJérôme Gardou <jerome.gardou@reactos.org>
Sat, 30 Aug 2014 21:32:52 +0000 (21:32 +0000)
committerJérôme Gardou <jerome.gardou@reactos.org>
Sat, 30 Aug 2014 21:32:52 +0000 (21:32 +0000)
 - import GNUTLS headers
 - define wine's SONAME_LIBGNUTLS to a relevant value

svn path=/trunk/; revision=63995

70 files changed:
reactos/include/reactos/libs/gnutls/gmp.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/gnutls/abstract.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/gnutls/compat.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/gnutls/crypto.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/gnutls/dtls.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/gnutls/gnutls.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/gnutls/gnutlsxx.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/gnutls/ocsp.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/gnutls/openpgp.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/gnutls/pkcs11.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/gnutls/pkcs12.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/gnutls/tpm.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/gnutls/x509.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/gnutls/xssl.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/aes.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/arcfour.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/arctwo.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/asn1.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/base16.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/base64.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/bignum.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/blowfish.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/buffer.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/camellia.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/cast128.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/cbc.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/ctr.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/des-compat.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/des.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/dsa.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/ecc-curve.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/ecc.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/ecdsa.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/gcm.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/gosthash94.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/hmac.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/knuth-lfib.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/macros.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/md2.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/md4.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/md5-compat.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/md5.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/memxor.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/nettle-meta.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/nettle-stdint.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/nettle-types.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/pbkdf2.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/pgp.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/pkcs1.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/realloc.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/ripemd160.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/rsa-compat.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/rsa.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/salsa20.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/serpent.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/sexp.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/sha.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/sha1.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/sha2.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/sha3.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/twofish.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/umac.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/nettle/yarrow.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/p11-kit/deprecated.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/p11-kit/iter.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/p11-kit/p11-kit.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/p11-kit/pin.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/p11-kit/pkcs11.h [new file with mode: 0644]
reactos/include/reactos/libs/gnutls/p11-kit/uri.h [new file with mode: 0644]
reactos/include/reactos/wine/config.h

diff --git a/reactos/include/reactos/libs/gnutls/gmp.h b/reactos/include/reactos/libs/gnutls/gmp.h
new file mode 100644 (file)
index 0000000..c40699b
--- /dev/null
@@ -0,0 +1,2301 @@
+/* Definitions for GNU multiple precision functions.   -*- mode: c -*-
+
+Copyright 1991, 1993-1997, 1999-2014 Free Software Foundation, Inc.
+
+This file is part of the GNU MP Library.
+
+The GNU MP Library is free software; you can redistribute it and/or modify
+it under the terms of either:
+
+  * the GNU Lesser General Public License as published by the Free
+    Software Foundation; either version 3 of the License, or (at your
+    option) any later version.
+
+or
+
+  * the GNU General Public License as published by the Free Software
+    Foundation; either version 2 of the License, or (at your option) any
+    later version.
+
+or both in parallel, as here.
+
+The GNU MP Library is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+for more details.
+
+You should have received copies of the GNU General Public License and the
+GNU Lesser General Public License along with the GNU MP Library.  If not,
+see https://www.gnu.org/licenses/.  */
+
+#ifndef __GMP_H__
+
+#if defined (__cplusplus)
+#include <iosfwd>   /* for std::istream, std::ostream, std::string */
+#include <cstdio>
+#endif
+
+
+/* Instantiated by configure. */
+#if ! defined (__GMP_WITHIN_CONFIGURE)
+#define __GMP_HAVE_HOST_CPU_FAMILY_power   0
+#define __GMP_HAVE_HOST_CPU_FAMILY_powerpc 0
+#define GMP_LIMB_BITS                      32
+#define GMP_NAIL_BITS                      0
+#endif
+#define GMP_NUMB_BITS     (GMP_LIMB_BITS - GMP_NAIL_BITS)
+#define GMP_NUMB_MASK     ((~ __GMP_CAST (mp_limb_t, 0)) >> GMP_NAIL_BITS)
+#define GMP_NUMB_MAX      GMP_NUMB_MASK
+#define GMP_NAIL_MASK     (~ GMP_NUMB_MASK)
+
+
+/* The following (everything under ifndef __GNU_MP__) must be identical in
+   gmp.h and mp.h to allow both to be included in an application or during
+   the library build.  */
+#ifndef __GNU_MP__
+#define __GNU_MP__ 5
+
+#include <stddef.h>    /* for size_t */
+
+/* Instantiated by configure. */
+#if ! defined (__GMP_WITHIN_CONFIGURE)
+/* #undef _LONG_LONG_LIMB */
+#define __GMP_LIBGMP_DLL  1
+#endif
+
+
+/* __GMP_DECLSPEC supports Windows DLL versions of libgmp, and is empty in
+   all other circumstances.
+
+   When compiling objects for libgmp, __GMP_DECLSPEC is an export directive,
+   or when compiling for an application it's an import directive.  The two
+   cases are differentiated by __GMP_WITHIN_GMP defined by the GMP Makefiles
+   (and not defined from an application).
+
+   __GMP_DECLSPEC_XX is similarly used for libgmpxx.  __GMP_WITHIN_GMPXX
+   indicates when building libgmpxx, and in that case libgmpxx functions are
+   exports, but libgmp functions which might get called are imports.
+
+   Libtool DLL_EXPORT define is not used.
+
+   There's no attempt to support GMP built both static and DLL.  Doing so
+   would mean applications would have to tell us which of the two is going
+   to be used when linking, and that seems very tedious and error prone if
+   using GMP by hand, and equally tedious from a package since autoconf and
+   automake don't give much help.
+
+   __GMP_DECLSPEC is required on all documented global functions and
+   variables, the various internals in gmp-impl.h etc can be left unadorned.
+   But internals used by the test programs or speed measuring programs
+   should have __GMP_DECLSPEC, and certainly constants or variables must
+   have it or the wrong address will be resolved.
+
+   In gcc __declspec can go at either the start or end of a prototype.
+
+   In Microsoft C __declspec must go at the start, or after the type like
+   void __declspec(...) *foo()".  There's no __dllexport or anything to
+   guard against someone foolish #defining dllexport.  _export used to be
+   available, but no longer.
+
+   In Borland C _export still exists, but needs to go after the type, like
+   "void _export foo();".  Would have to change the __GMP_DECLSPEC syntax to
+   make use of that.  Probably more trouble than it's worth.  */
+
+#if defined (__GNUC__)
+#define __GMP_DECLSPEC_EXPORT  __declspec(__dllexport__)
+#define __GMP_DECLSPEC_IMPORT  __declspec(__dllimport__)
+#endif
+#if defined (_MSC_VER) || defined (__BORLANDC__)
+#define __GMP_DECLSPEC_EXPORT  __declspec(dllexport)
+#define __GMP_DECLSPEC_IMPORT  __declspec(dllimport)
+#endif
+#ifdef __WATCOMC__
+#define __GMP_DECLSPEC_EXPORT  __export
+#define __GMP_DECLSPEC_IMPORT  __import
+#endif
+#ifdef __IBMC__
+#define __GMP_DECLSPEC_EXPORT  _Export
+#define __GMP_DECLSPEC_IMPORT  _Import
+#endif
+
+#if __GMP_LIBGMP_DLL
+#ifdef __GMP_WITHIN_GMP
+/* compiling to go into a DLL libgmp */
+#define __GMP_DECLSPEC  __GMP_DECLSPEC_EXPORT
+#else
+/* compiling to go into an application which will link to a DLL libgmp */
+#define __GMP_DECLSPEC  __GMP_DECLSPEC_IMPORT
+#endif
+#else
+/* all other cases */
+#define __GMP_DECLSPEC
+#endif
+
+
+#ifdef __GMP_SHORT_LIMB
+typedef unsigned int           mp_limb_t;
+typedef int                    mp_limb_signed_t;
+#else
+#ifdef _LONG_LONG_LIMB
+typedef unsigned long long int mp_limb_t;
+typedef long long int          mp_limb_signed_t;
+#else
+typedef unsigned long int      mp_limb_t;
+typedef long int               mp_limb_signed_t;
+#endif
+#endif
+typedef unsigned long int      mp_bitcnt_t;
+
+/* For reference, note that the name __mpz_struct gets into C++ mangled
+   function names, which means although the "__" suggests an internal, we
+   must leave this name for binary compatibility.  */
+typedef struct
+{
+  int _mp_alloc;               /* Number of *limbs* allocated and pointed
+                                  to by the _mp_d field.  */
+  int _mp_size;                        /* abs(_mp_size) is the number of limbs the
+                                  last field points to.  If _mp_size is
+                                  negative this is a negative number.  */
+  mp_limb_t *_mp_d;            /* Pointer to the limbs.  */
+} __mpz_struct;
+
+#endif /* __GNU_MP__ */
+
+
+typedef __mpz_struct MP_INT;    /* gmp 1 source compatibility */
+typedef __mpz_struct mpz_t[1];
+
+typedef mp_limb_t *            mp_ptr;
+typedef const mp_limb_t *      mp_srcptr;
+#if defined (_CRAY) && ! defined (_CRAYMPP)
+/* plain `int' is much faster (48 bits) */
+#define __GMP_MP_SIZE_T_INT     1
+typedef int                    mp_size_t;
+typedef int                    mp_exp_t;
+#else
+#define __GMP_MP_SIZE_T_INT     0
+typedef long int               mp_size_t;
+typedef long int               mp_exp_t;
+#endif
+
+typedef struct
+{
+  __mpz_struct _mp_num;
+  __mpz_struct _mp_den;
+} __mpq_struct;
+
+typedef __mpq_struct MP_RAT;    /* gmp 1 source compatibility */
+typedef __mpq_struct mpq_t[1];
+
+typedef struct
+{
+  int _mp_prec;                        /* Max precision, in number of `mp_limb_t's.
+                                  Set by mpf_init and modified by
+                                  mpf_set_prec.  The area pointed to by the
+                                  _mp_d field contains `prec' + 1 limbs.  */
+  int _mp_size;                        /* abs(_mp_size) is the number of limbs the
+                                  last field points to.  If _mp_size is
+                                  negative this is a negative number.  */
+  mp_exp_t _mp_exp;            /* Exponent, in the base of `mp_limb_t'.  */
+  mp_limb_t *_mp_d;            /* Pointer to the limbs.  */
+} __mpf_struct;
+
+/* typedef __mpf_struct MP_FLOAT; */
+typedef __mpf_struct mpf_t[1];
+
+/* Available random number generation algorithms.  */
+typedef enum
+{
+  GMP_RAND_ALG_DEFAULT = 0,
+  GMP_RAND_ALG_LC = GMP_RAND_ALG_DEFAULT /* Linear congruential.  */
+} gmp_randalg_t;
+
+/* Random state struct.  */
+typedef struct
+{
+  mpz_t _mp_seed;        /* _mp_d member points to state of the generator. */
+  gmp_randalg_t _mp_alg;  /* Currently unused. */
+  union {
+    void *_mp_lc;         /* Pointer to function pointers structure.  */
+  } _mp_algdata;
+} __gmp_randstate_struct;
+typedef __gmp_randstate_struct gmp_randstate_t[1];
+
+/* Types for function declarations in gmp files.  */
+/* ??? Should not pollute user name space with these ??? */
+typedef const __mpz_struct *mpz_srcptr;
+typedef __mpz_struct *mpz_ptr;
+typedef const __mpf_struct *mpf_srcptr;
+typedef __mpf_struct *mpf_ptr;
+typedef const __mpq_struct *mpq_srcptr;
+typedef __mpq_struct *mpq_ptr;
+
+
+/* This is not wanted in mp.h, so put it outside the __GNU_MP__ common
+   section. */
+#if __GMP_LIBGMP_DLL
+#ifdef __GMP_WITHIN_GMPXX
+/* compiling to go into a DLL libgmpxx */
+#define __GMP_DECLSPEC_XX  __GMP_DECLSPEC_EXPORT
+#else
+/* compiling to go into a application which will link to a DLL libgmpxx */
+#define __GMP_DECLSPEC_XX  __GMP_DECLSPEC_IMPORT
+#endif
+#else
+/* all other cases */
+#define __GMP_DECLSPEC_XX
+#endif
+
+
+#ifndef __MPN
+#define __MPN(x) __gmpn_##x
+#endif
+
+/* For reference, "defined(EOF)" cannot be used here.  In g++ 2.95.4,
+   <iostream> defines EOF but not FILE.  */
+#if defined (FILE)                                              \
+  || defined (H_STDIO)                                          \
+  || defined (_H_STDIO)               /* AIX */                 \
+  || defined (_STDIO_H)               /* glibc, Sun, SCO */     \
+  || defined (_STDIO_H_)              /* BSD, OSF */            \
+  || defined (__STDIO_H)              /* Borland */             \
+  || defined (__STDIO_H__)            /* IRIX */                \
+  || defined (_STDIO_INCLUDED)        /* HPUX */                \
+  || defined (__dj_include_stdio_h_)  /* DJGPP */               \
+  || defined (_FILE_DEFINED)          /* Microsoft */           \
+  || defined (__STDIO__)              /* Apple MPW MrC */       \
+  || defined (_MSL_STDIO_H)           /* Metrowerks */          \
+  || defined (_STDIO_H_INCLUDED)      /* QNX4 */               \
+  || defined (_ISO_STDIO_ISO_H)       /* Sun C++ */            \
+  || defined (__STDIO_LOADED)         /* VMS */
+#define _GMP_H_HAVE_FILE 1
+#endif
+
+/* In ISO C, if a prototype involving "struct obstack *" is given without
+   that structure defined, then the struct is scoped down to just the
+   prototype, causing a conflict if it's subsequently defined for real.  So
+   only give prototypes if we've got obstack.h.  */
+#if defined (_OBSTACK_H)   /* glibc <obstack.h> */
+#define _GMP_H_HAVE_OBSTACK 1
+#endif
+
+/* The prototypes for gmp_vprintf etc are provided only if va_list is defined,
+   via an application having included <stdarg.h>.  Usually va_list is a typedef
+   so can't be tested directly, but C99 specifies that va_start is a macro.
+
+   <stdio.h> will define some sort of va_list for vprintf and vfprintf, but
+   let's not bother trying to use that since it's not standard and since
+   application uses for gmp_vprintf etc will almost certainly require the
+   whole <stdarg.h> anyway.  */
+
+#ifdef va_start
+#define _GMP_H_HAVE_VA_LIST 1
+#endif
+
+/* Test for gcc >= maj.min, as per __GNUC_PREREQ in glibc */
+#if defined (__GNUC__) && defined (__GNUC_MINOR__)
+#define __GMP_GNUC_PREREQ(maj, min) \
+  ((__GNUC__ << 16) + __GNUC_MINOR__ >= ((maj) << 16) + (min))
+#else
+#define __GMP_GNUC_PREREQ(maj, min)  0
+#endif
+
+/* "pure" is in gcc 2.96 and up, see "(gcc)Function Attributes".  Basically
+   it means a function does nothing but examine its arguments and memory
+   (global or via arguments) to generate a return value, but changes nothing
+   and has no side-effects.  __GMP_NO_ATTRIBUTE_CONST_PURE lets
+   tune/common.c etc turn this off when trying to write timing loops.  */
+#if __GMP_GNUC_PREREQ (2,96) && ! defined (__GMP_NO_ATTRIBUTE_CONST_PURE)
+#define __GMP_ATTRIBUTE_PURE   __attribute__ ((__pure__))
+#else
+#define __GMP_ATTRIBUTE_PURE
+#endif
+
+
+/* __GMP_CAST allows us to use static_cast in C++, so our macros are clean
+   to "g++ -Wold-style-cast".
+
+   Casts in "extern inline" code within an extern "C" block don't induce
+   these warnings, so __GMP_CAST only needs to be used on documented
+   macros.  */
+
+#ifdef __cplusplus
+#define __GMP_CAST(type, expr)  (static_cast<type> (expr))
+#else
+#define __GMP_CAST(type, expr)  ((type) (expr))
+#endif
+
+
+/* An empty "throw ()" means the function doesn't throw any C++ exceptions,
+   this can save some stack frame info in applications.
+
+   Currently it's given only on functions which never divide-by-zero etc,
+   don't allocate memory, and are expected to never need to allocate memory.
+   This leaves open the possibility of a C++ throw from a future GMP
+   exceptions scheme.
+
+   mpz_set_ui etc are omitted to leave open the lazy allocation scheme
+   described in doc/tasks.html.  mpz_get_d etc are omitted to leave open
+   exceptions for float overflows.
+
+   Note that __GMP_NOTHROW must be given on any inlines the same as on their
+   prototypes (for g++ at least, where they're used together).  Note also
+   that g++ 3.0 demands that __GMP_NOTHROW is before other attributes like
+   __GMP_ATTRIBUTE_PURE.  */
+
+#if defined (__cplusplus)
+#define __GMP_NOTHROW  throw ()
+#else
+#define __GMP_NOTHROW
+#endif
+
+
+/* PORTME: What other compilers have a useful "extern inline"?  "static
+   inline" would be an acceptable substitute if the compiler (or linker)
+   discards unused statics.  */
+
+ /* gcc has __inline__ in all modes, including strict ansi.  Give a prototype
+    for an inline too, so as to correctly specify "dllimport" on windows, in
+    case the function is called rather than inlined.
+    GCC 4.3 and above with -std=c99 or -std=gnu99 implements ISO C99
+    inline semantics, unless -fgnu89-inline is used.  */
+#ifdef __GNUC__
+#if (defined __GNUC_STDC_INLINE__) || (__GNUC__ == 4 && __GNUC_MINOR__ == 2) \
+  || (defined __GNUC_GNU_INLINE__ && defined __cplusplus)
+#define __GMP_EXTERN_INLINE extern __inline__ __attribute__ ((__gnu_inline__))
+#else
+#define __GMP_EXTERN_INLINE      extern __inline__
+#endif
+#define __GMP_INLINE_PROTOTYPES  1
+#endif
+
+/* DEC C (eg. version 5.9) supports "static __inline foo()", even in -std1
+   strict ANSI mode.  Inlining is done even when not optimizing (ie. -O0
+   mode, which is the default), but an unnecessary local copy of foo is
+   emitted unless -O is used.  "extern __inline" is accepted, but the
+   "extern" appears to be ignored, ie. it becomes a plain global function
+   but which is inlined within its file.  Don't know if all old versions of
+   DEC C supported __inline, but as a start let's do the right thing for
+   current versions.  */
+#ifdef __DECC
+#define __GMP_EXTERN_INLINE  static __inline
+#endif
+
+/* SCO OpenUNIX 8 cc supports "static inline foo()" but not in -Xc strict
+   ANSI mode (__STDC__ is 1 in that mode).  Inlining only actually takes
+   place under -O.  Without -O "foo" seems to be emitted whether it's used
+   or not, which is wasteful.  "extern inline foo()" isn't useful, the
+   "extern" is apparently ignored, so foo is inlined if possible but also
+   emitted as a global, which causes multiple definition errors when
+   building a shared libgmp.  */
+#ifdef __SCO_VERSION__
+#if __SCO_VERSION__ > 400000000 && __STDC__ != 1 \
+  && ! defined (__GMP_EXTERN_INLINE)
+#define __GMP_EXTERN_INLINE  static inline
+#endif
+#endif
+
+/* Microsoft's C compiler accepts __inline */
+#ifdef _MSC_VER
+#define __GMP_EXTERN_INLINE  __inline
+#endif
+
+/* Recent enough Sun C compilers want "inline" */
+#if defined (__SUNPRO_C) && __SUNPRO_C >= 0x560 \
+  && ! defined (__GMP_EXTERN_INLINE)
+#define __GMP_EXTERN_INLINE  inline
+#endif
+
+/* Somewhat older Sun C compilers want "static inline" */
+#if defined (__SUNPRO_C) && __SUNPRO_C >= 0x540 \
+  && ! defined (__GMP_EXTERN_INLINE)
+#define __GMP_EXTERN_INLINE  static inline
+#endif
+
+
+/* C++ always has "inline" and since it's a normal feature the linker should
+   discard duplicate non-inlined copies, or if it doesn't then that's a
+   problem for everyone, not just GMP.  */
+#if defined (__cplusplus) && ! defined (__GMP_EXTERN_INLINE)
+#define __GMP_EXTERN_INLINE  inline
+#endif
+
+/* Don't do any inlining within a configure run, since if the compiler ends
+   up emitting copies of the code into the object file it can end up
+   demanding the various support routines (like mpn_popcount) for linking,
+   making the "alloca" test and perhaps others fail.  And on hppa ia64 a
+   pre-release gcc 3.2 was seen not respecting the "extern" in "extern
+   __inline__", triggering this problem too.  */
+#if defined (__GMP_WITHIN_CONFIGURE) && ! __GMP_WITHIN_CONFIGURE_INLINE
+#undef __GMP_EXTERN_INLINE
+#endif
+
+/* By default, don't give a prototype when there's going to be an inline
+   version.  Note in particular that Cray C++ objects to the combination of
+   prototype and inline.  */
+#ifdef __GMP_EXTERN_INLINE
+#ifndef __GMP_INLINE_PROTOTYPES
+#define __GMP_INLINE_PROTOTYPES  0
+#endif
+#else
+#define __GMP_INLINE_PROTOTYPES  1
+#endif
+
+
+#define __GMP_ABS(x)   ((x) >= 0 ? (x) : -(x))
+#define __GMP_MAX(h,i) ((h) > (i) ? (h) : (i))
+
+/* __GMP_USHRT_MAX is not "~ (unsigned short) 0" because short is promoted
+   to int by "~". It still needs to have the promoted type.  */
+#define __GMP_UINT_MAX   (~ (unsigned) 0)
+#define __GMP_ULONG_MAX  (~ (unsigned long) 0)
+#define __GMP_USHRT_MAX  (0 + (unsigned short) ~0)
+
+
+/* __builtin_expect is in gcc 3.0, and not in 2.95. */
+#if __GMP_GNUC_PREREQ (3,0)
+#define __GMP_LIKELY(cond)    __builtin_expect ((cond) != 0, 1)
+#define __GMP_UNLIKELY(cond)  __builtin_expect ((cond) != 0, 0)
+#else
+#define __GMP_LIKELY(cond)    (cond)
+#define __GMP_UNLIKELY(cond)  (cond)
+#endif
+
+#ifdef _CRAY
+#define __GMP_CRAY_Pragma(str)  _Pragma (str)
+#else
+#define __GMP_CRAY_Pragma(str)
+#endif
+
+
+/* Allow direct user access to numerator and denominator of a mpq_t object.  */
+#define mpq_numref(Q) (&((Q)->_mp_num))
+#define mpq_denref(Q) (&((Q)->_mp_den))
+
+
+#if defined (__cplusplus)
+extern "C" {
+using std::FILE;
+#endif
+
+#define mp_set_memory_functions __gmp_set_memory_functions
+__GMP_DECLSPEC void mp_set_memory_functions (void *(*) (size_t),
+                                     void *(*) (void *, size_t, size_t),
+                                     void (*) (void *, size_t)) __GMP_NOTHROW;
+
+#define mp_get_memory_functions __gmp_get_memory_functions
+__GMP_DECLSPEC void mp_get_memory_functions (void *(**) (size_t),
+                                     void *(**) (void *, size_t, size_t),
+                                     void (**) (void *, size_t)) __GMP_NOTHROW;
+
+#define mp_bits_per_limb __gmp_bits_per_limb
+__GMP_DECLSPEC extern const int mp_bits_per_limb;
+
+#define gmp_errno __gmp_errno
+__GMP_DECLSPEC extern int gmp_errno;
+
+#define gmp_version __gmp_version
+__GMP_DECLSPEC extern const char * const gmp_version;
+
+
+/**************** Random number routines.  ****************/
+
+/* obsolete */
+#define gmp_randinit __gmp_randinit
+__GMP_DECLSPEC void gmp_randinit (gmp_randstate_t, gmp_randalg_t, ...);
+
+#define gmp_randinit_default __gmp_randinit_default
+__GMP_DECLSPEC void gmp_randinit_default (gmp_randstate_t);
+
+#define gmp_randinit_lc_2exp __gmp_randinit_lc_2exp
+__GMP_DECLSPEC void gmp_randinit_lc_2exp (gmp_randstate_t, mpz_srcptr, unsigned long int, mp_bitcnt_t);
+
+#define gmp_randinit_lc_2exp_size __gmp_randinit_lc_2exp_size
+__GMP_DECLSPEC int gmp_randinit_lc_2exp_size (gmp_randstate_t, mp_bitcnt_t);
+
+#define gmp_randinit_mt __gmp_randinit_mt
+__GMP_DECLSPEC void gmp_randinit_mt (gmp_randstate_t);
+
+#define gmp_randinit_set __gmp_randinit_set
+__GMP_DECLSPEC void gmp_randinit_set (gmp_randstate_t, const __gmp_randstate_struct *);
+
+#define gmp_randseed __gmp_randseed
+__GMP_DECLSPEC void gmp_randseed (gmp_randstate_t, mpz_srcptr);
+
+#define gmp_randseed_ui __gmp_randseed_ui
+__GMP_DECLSPEC void gmp_randseed_ui (gmp_randstate_t, unsigned long int);
+
+#define gmp_randclear __gmp_randclear
+__GMP_DECLSPEC void gmp_randclear (gmp_randstate_t);
+
+#define gmp_urandomb_ui __gmp_urandomb_ui
+__GMP_DECLSPEC unsigned long gmp_urandomb_ui (gmp_randstate_t, unsigned long);
+
+#define gmp_urandomm_ui __gmp_urandomm_ui
+__GMP_DECLSPEC unsigned long gmp_urandomm_ui (gmp_randstate_t, unsigned long);
+
+
+/**************** Formatted output routines.  ****************/
+
+#define gmp_asprintf __gmp_asprintf
+__GMP_DECLSPEC int gmp_asprintf (char **, const char *, ...);
+
+#define gmp_fprintf __gmp_fprintf
+#ifdef _GMP_H_HAVE_FILE
+__GMP_DECLSPEC int gmp_fprintf (FILE *, const char *, ...);
+#endif
+
+#define gmp_obstack_printf __gmp_obstack_printf
+#if defined (_GMP_H_HAVE_OBSTACK)
+__GMP_DECLSPEC int gmp_obstack_printf (struct obstack *, const char *, ...);
+#endif
+
+#define gmp_obstack_vprintf __gmp_obstack_vprintf
+#if defined (_GMP_H_HAVE_OBSTACK) && defined (_GMP_H_HAVE_VA_LIST)
+__GMP_DECLSPEC int gmp_obstack_vprintf (struct obstack *, const char *, va_list);
+#endif
+
+#define gmp_printf __gmp_printf
+__GMP_DECLSPEC int gmp_printf (const char *, ...);
+
+#define gmp_snprintf __gmp_snprintf
+__GMP_DECLSPEC int gmp_snprintf (char *, size_t, const char *, ...);
+
+#define gmp_sprintf __gmp_sprintf
+__GMP_DECLSPEC int gmp_sprintf (char *, const char *, ...);
+
+#define gmp_vasprintf __gmp_vasprintf
+#if defined (_GMP_H_HAVE_VA_LIST)
+__GMP_DECLSPEC int gmp_vasprintf (char **, const char *, va_list);
+#endif
+
+#define gmp_vfprintf __gmp_vfprintf
+#if defined (_GMP_H_HAVE_FILE) && defined (_GMP_H_HAVE_VA_LIST)
+__GMP_DECLSPEC int gmp_vfprintf (FILE *, const char *, va_list);
+#endif
+
+#define gmp_vprintf __gmp_vprintf
+#if defined (_GMP_H_HAVE_VA_LIST)
+__GMP_DECLSPEC int gmp_vprintf (const char *, va_list);
+#endif
+
+#define gmp_vsnprintf __gmp_vsnprintf
+#if defined (_GMP_H_HAVE_VA_LIST)
+__GMP_DECLSPEC int gmp_vsnprintf (char *, size_t, const char *, va_list);
+#endif
+
+#define gmp_vsprintf __gmp_vsprintf
+#if defined (_GMP_H_HAVE_VA_LIST)
+__GMP_DECLSPEC int gmp_vsprintf (char *, const char *, va_list);
+#endif
+
+
+/**************** Formatted input routines.  ****************/
+
+#define gmp_fscanf __gmp_fscanf
+#ifdef _GMP_H_HAVE_FILE
+__GMP_DECLSPEC int gmp_fscanf (FILE *, const char *, ...);
+#endif
+
+#define gmp_scanf __gmp_scanf
+__GMP_DECLSPEC int gmp_scanf (const char *, ...);
+
+#define gmp_sscanf __gmp_sscanf
+__GMP_DECLSPEC int gmp_sscanf (const char *, const char *, ...);
+
+#define gmp_vfscanf __gmp_vfscanf
+#if defined (_GMP_H_HAVE_FILE) && defined (_GMP_H_HAVE_VA_LIST)
+__GMP_DECLSPEC int gmp_vfscanf (FILE *, const char *, va_list);
+#endif
+
+#define gmp_vscanf __gmp_vscanf
+#if defined (_GMP_H_HAVE_VA_LIST)
+__GMP_DECLSPEC int gmp_vscanf (const char *, va_list);
+#endif
+
+#define gmp_vsscanf __gmp_vsscanf
+#if defined (_GMP_H_HAVE_VA_LIST)
+__GMP_DECLSPEC int gmp_vsscanf (const char *, const char *, va_list);
+#endif
+
+
+/**************** Integer (i.e. Z) routines.  ****************/
+
+#define _mpz_realloc __gmpz_realloc
+#define mpz_realloc __gmpz_realloc
+__GMP_DECLSPEC void *_mpz_realloc (mpz_ptr, mp_size_t);
+
+#define mpz_abs __gmpz_abs
+#if __GMP_INLINE_PROTOTYPES || defined (__GMP_FORCE_mpz_abs)
+__GMP_DECLSPEC void mpz_abs (mpz_ptr, mpz_srcptr);
+#endif
+
+#define mpz_add __gmpz_add
+__GMP_DECLSPEC void mpz_add (mpz_ptr, mpz_srcptr, mpz_srcptr);
+
+#define mpz_add_ui __gmpz_add_ui
+__GMP_DECLSPEC void mpz_add_ui (mpz_ptr, mpz_srcptr, unsigned long int);
+
+#define mpz_addmul __gmpz_addmul
+__GMP_DECLSPEC void mpz_addmul (mpz_ptr, mpz_srcptr, mpz_srcptr);
+
+#define mpz_addmul_ui __gmpz_addmul_ui
+__GMP_DECLSPEC void mpz_addmul_ui (mpz_ptr, mpz_srcptr, unsigned long int);
+
+#define mpz_and __gmpz_and
+__GMP_DECLSPEC void mpz_and (mpz_ptr, mpz_srcptr, mpz_srcptr);
+
+#define mpz_array_init __gmpz_array_init
+__GMP_DECLSPEC void mpz_array_init (mpz_ptr, mp_size_t, mp_size_t);
+
+#define mpz_bin_ui __gmpz_bin_ui
+__GMP_DECLSPEC void mpz_bin_ui (mpz_ptr, mpz_srcptr, unsigned long int);
+
+#define mpz_bin_uiui __gmpz_bin_uiui
+__GMP_DECLSPEC void mpz_bin_uiui (mpz_ptr, unsigned long int, unsigned long int);
+
+#define mpz_cdiv_q __gmpz_cdiv_q
+__GMP_DECLSPEC void mpz_cdiv_q (mpz_ptr, mpz_srcptr, mpz_srcptr);
+
+#define mpz_cdiv_q_2exp __gmpz_cdiv_q_2exp
+__GMP_DECLSPEC void mpz_cdiv_q_2exp (mpz_ptr, mpz_srcptr, mp_bitcnt_t);
+
+#define mpz_cdiv_q_ui __gmpz_cdiv_q_ui
+__GMP_DECLSPEC unsigned long int mpz_cdiv_q_ui (mpz_ptr, mpz_srcptr, unsigned long int);
+
+#define mpz_cdiv_qr __gmpz_cdiv_qr
+__GMP_DECLSPEC void mpz_cdiv_qr (mpz_ptr, mpz_ptr, mpz_srcptr, mpz_srcptr);
+
+#define mpz_cdiv_qr_ui __gmpz_cdiv_qr_ui
+__GMP_DECLSPEC unsigned long int mpz_cdiv_qr_ui (mpz_ptr, mpz_ptr, mpz_srcptr, unsigned long int);
+
+#define mpz_cdiv_r __gmpz_cdiv_r
+__GMP_DECLSPEC void mpz_cdiv_r (mpz_ptr, mpz_srcptr, mpz_srcptr);
+
+#define mpz_cdiv_r_2exp __gmpz_cdiv_r_2exp
+__GMP_DECLSPEC void mpz_cdiv_r_2exp (mpz_ptr, mpz_srcptr, mp_bitcnt_t);
+
+#define mpz_cdiv_r_ui __gmpz_cdiv_r_ui
+__GMP_DECLSPEC unsigned long int mpz_cdiv_r_ui (mpz_ptr, mpz_srcptr, unsigned long int);
+
+#define mpz_cdiv_ui __gmpz_cdiv_ui
+__GMP_DECLSPEC unsigned long int mpz_cdiv_ui (mpz_srcptr, unsigned long int) __GMP_ATTRIBUTE_PURE;
+
+#define mpz_clear __gmpz_clear
+__GMP_DECLSPEC void mpz_clear (mpz_ptr);
+
+#define mpz_clears __gmpz_clears
+__GMP_DECLSPEC void mpz_clears (mpz_ptr, ...);
+
+#define mpz_clrbit __gmpz_clrbit
+__GMP_DECLSPEC void mpz_clrbit (mpz_ptr, mp_bitcnt_t);
+
+#define mpz_cmp __gmpz_cmp
+__GMP_DECLSPEC int mpz_cmp (mpz_srcptr, mpz_srcptr) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpz_cmp_d __gmpz_cmp_d
+__GMP_DECLSPEC int mpz_cmp_d (mpz_srcptr, double) __GMP_ATTRIBUTE_PURE;
+
+#define _mpz_cmp_si __gmpz_cmp_si
+__GMP_DECLSPEC int _mpz_cmp_si (mpz_srcptr, signed long int) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define _mpz_cmp_ui __gmpz_cmp_ui
+__GMP_DECLSPEC int _mpz_cmp_ui (mpz_srcptr, unsigned long int) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpz_cmpabs __gmpz_cmpabs
+__GMP_DECLSPEC int mpz_cmpabs (mpz_srcptr, mpz_srcptr) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpz_cmpabs_d __gmpz_cmpabs_d
+__GMP_DECLSPEC int mpz_cmpabs_d (mpz_srcptr, double) __GMP_ATTRIBUTE_PURE;
+
+#define mpz_cmpabs_ui __gmpz_cmpabs_ui
+__GMP_DECLSPEC int mpz_cmpabs_ui (mpz_srcptr, unsigned long int) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpz_com __gmpz_com
+__GMP_DECLSPEC void mpz_com (mpz_ptr, mpz_srcptr);
+
+#define mpz_combit __gmpz_combit
+__GMP_DECLSPEC void mpz_combit (mpz_ptr, mp_bitcnt_t);
+
+#define mpz_congruent_p __gmpz_congruent_p
+__GMP_DECLSPEC int mpz_congruent_p (mpz_srcptr, mpz_srcptr, mpz_srcptr) __GMP_ATTRIBUTE_PURE;
+
+#define mpz_congruent_2exp_p __gmpz_congruent_2exp_p
+__GMP_DECLSPEC int mpz_congruent_2exp_p (mpz_srcptr, mpz_srcptr, mp_bitcnt_t) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpz_congruent_ui_p __gmpz_congruent_ui_p
+__GMP_DECLSPEC int mpz_congruent_ui_p (mpz_srcptr, unsigned long, unsigned long) __GMP_ATTRIBUTE_PURE;
+
+#define mpz_divexact __gmpz_divexact
+__GMP_DECLSPEC void mpz_divexact (mpz_ptr, mpz_srcptr, mpz_srcptr);
+
+#define mpz_divexact_ui __gmpz_divexact_ui
+__GMP_DECLSPEC void mpz_divexact_ui (mpz_ptr, mpz_srcptr, unsigned long);
+
+#define mpz_divisible_p __gmpz_divisible_p
+__GMP_DECLSPEC int mpz_divisible_p (mpz_srcptr, mpz_srcptr) __GMP_ATTRIBUTE_PURE;
+
+#define mpz_divisible_ui_p __gmpz_divisible_ui_p
+__GMP_DECLSPEC int mpz_divisible_ui_p (mpz_srcptr, unsigned long) __GMP_ATTRIBUTE_PURE;
+
+#define mpz_divisible_2exp_p __gmpz_divisible_2exp_p
+__GMP_DECLSPEC int mpz_divisible_2exp_p (mpz_srcptr, mp_bitcnt_t) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpz_dump __gmpz_dump
+__GMP_DECLSPEC void mpz_dump (mpz_srcptr);
+
+#define mpz_export __gmpz_export
+__GMP_DECLSPEC void *mpz_export (void *, size_t *, int, size_t, int, size_t, mpz_srcptr);
+
+#define mpz_fac_ui __gmpz_fac_ui
+__GMP_DECLSPEC void mpz_fac_ui (mpz_ptr, unsigned long int);
+
+#define mpz_2fac_ui __gmpz_2fac_ui
+__GMP_DECLSPEC void mpz_2fac_ui (mpz_ptr, unsigned long int);
+
+#define mpz_mfac_uiui __gmpz_mfac_uiui
+__GMP_DECLSPEC void mpz_mfac_uiui (mpz_ptr, unsigned long int, unsigned long int);
+
+#define mpz_primorial_ui __gmpz_primorial_ui
+__GMP_DECLSPEC void mpz_primorial_ui (mpz_ptr, unsigned long int);
+
+#define mpz_fdiv_q __gmpz_fdiv_q
+__GMP_DECLSPEC void mpz_fdiv_q (mpz_ptr, mpz_srcptr, mpz_srcptr);
+
+#define mpz_fdiv_q_2exp __gmpz_fdiv_q_2exp
+__GMP_DECLSPEC void mpz_fdiv_q_2exp (mpz_ptr, mpz_srcptr, mp_bitcnt_t);
+
+#define mpz_fdiv_q_ui __gmpz_fdiv_q_ui
+__GMP_DECLSPEC unsigned long int mpz_fdiv_q_ui (mpz_ptr, mpz_srcptr, unsigned long int);
+
+#define mpz_fdiv_qr __gmpz_fdiv_qr
+__GMP_DECLSPEC void mpz_fdiv_qr (mpz_ptr, mpz_ptr, mpz_srcptr, mpz_srcptr);
+
+#define mpz_fdiv_qr_ui __gmpz_fdiv_qr_ui
+__GMP_DECLSPEC unsigned long int mpz_fdiv_qr_ui (mpz_ptr, mpz_ptr, mpz_srcptr, unsigned long int);
+
+#define mpz_fdiv_r __gmpz_fdiv_r
+__GMP_DECLSPEC void mpz_fdiv_r (mpz_ptr, mpz_srcptr, mpz_srcptr);
+
+#define mpz_fdiv_r_2exp __gmpz_fdiv_r_2exp
+__GMP_DECLSPEC void mpz_fdiv_r_2exp (mpz_ptr, mpz_srcptr, mp_bitcnt_t);
+
+#define mpz_fdiv_r_ui __gmpz_fdiv_r_ui
+__GMP_DECLSPEC unsigned long int mpz_fdiv_r_ui (mpz_ptr, mpz_srcptr, unsigned long int);
+
+#define mpz_fdiv_ui __gmpz_fdiv_ui
+__GMP_DECLSPEC unsigned long int mpz_fdiv_ui (mpz_srcptr, unsigned long int) __GMP_ATTRIBUTE_PURE;
+
+#define mpz_fib_ui __gmpz_fib_ui
+__GMP_DECLSPEC void mpz_fib_ui (mpz_ptr, unsigned long int);
+
+#define mpz_fib2_ui __gmpz_fib2_ui
+__GMP_DECLSPEC void mpz_fib2_ui (mpz_ptr, mpz_ptr, unsigned long int);
+
+#define mpz_fits_sint_p __gmpz_fits_sint_p
+__GMP_DECLSPEC int mpz_fits_sint_p (mpz_srcptr) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpz_fits_slong_p __gmpz_fits_slong_p
+__GMP_DECLSPEC int mpz_fits_slong_p (mpz_srcptr) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpz_fits_sshort_p __gmpz_fits_sshort_p
+__GMP_DECLSPEC int mpz_fits_sshort_p (mpz_srcptr) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpz_fits_uint_p __gmpz_fits_uint_p
+#if __GMP_INLINE_PROTOTYPES || defined (__GMP_FORCE_mpz_fits_uint_p)
+__GMP_DECLSPEC int mpz_fits_uint_p (mpz_srcptr) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+#endif
+
+#define mpz_fits_ulong_p __gmpz_fits_ulong_p
+#if __GMP_INLINE_PROTOTYPES || defined (__GMP_FORCE_mpz_fits_ulong_p)
+__GMP_DECLSPEC int mpz_fits_ulong_p (mpz_srcptr) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+#endif
+
+#define mpz_fits_ushort_p __gmpz_fits_ushort_p
+#if __GMP_INLINE_PROTOTYPES || defined (__GMP_FORCE_mpz_fits_ushort_p)
+__GMP_DECLSPEC int mpz_fits_ushort_p (mpz_srcptr) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+#endif
+
+#define mpz_gcd __gmpz_gcd
+__GMP_DECLSPEC void mpz_gcd (mpz_ptr, mpz_srcptr, mpz_srcptr);
+
+#define mpz_gcd_ui __gmpz_gcd_ui
+__GMP_DECLSPEC unsigned long int mpz_gcd_ui (mpz_ptr, mpz_srcptr, unsigned long int);
+
+#define mpz_gcdext __gmpz_gcdext
+__GMP_DECLSPEC void mpz_gcdext (mpz_ptr, mpz_ptr, mpz_ptr, mpz_srcptr, mpz_srcptr);
+
+#define mpz_get_d __gmpz_get_d
+__GMP_DECLSPEC double mpz_get_d (mpz_srcptr) __GMP_ATTRIBUTE_PURE;
+
+#define mpz_get_d_2exp __gmpz_get_d_2exp
+__GMP_DECLSPEC double mpz_get_d_2exp (signed long int *, mpz_srcptr);
+
+#define mpz_get_si __gmpz_get_si
+__GMP_DECLSPEC /* signed */ long int mpz_get_si (mpz_srcptr) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpz_get_str __gmpz_get_str
+__GMP_DECLSPEC char *mpz_get_str (char *, int, mpz_srcptr);
+
+#define mpz_get_ui __gmpz_get_ui
+#if __GMP_INLINE_PROTOTYPES || defined (__GMP_FORCE_mpz_get_ui)
+__GMP_DECLSPEC unsigned long int mpz_get_ui (mpz_srcptr) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+#endif
+
+#define mpz_getlimbn __gmpz_getlimbn
+#if __GMP_INLINE_PROTOTYPES || defined (__GMP_FORCE_mpz_getlimbn)
+__GMP_DECLSPEC mp_limb_t mpz_getlimbn (mpz_srcptr, mp_size_t) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+#endif
+
+#define mpz_hamdist __gmpz_hamdist
+__GMP_DECLSPEC mp_bitcnt_t mpz_hamdist (mpz_srcptr, mpz_srcptr) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpz_import __gmpz_import
+__GMP_DECLSPEC void mpz_import (mpz_ptr, size_t, int, size_t, int, size_t, const void *);
+
+#define mpz_init __gmpz_init
+__GMP_DECLSPEC void mpz_init (mpz_ptr);
+
+#define mpz_init2 __gmpz_init2
+__GMP_DECLSPEC void mpz_init2 (mpz_ptr, mp_bitcnt_t);
+
+#define mpz_inits __gmpz_inits
+__GMP_DECLSPEC void mpz_inits (mpz_ptr, ...);
+
+#define mpz_init_set __gmpz_init_set
+__GMP_DECLSPEC void mpz_init_set (mpz_ptr, mpz_srcptr);
+
+#define mpz_init_set_d __gmpz_init_set_d
+__GMP_DECLSPEC void mpz_init_set_d (mpz_ptr, double);
+
+#define mpz_init_set_si __gmpz_init_set_si
+__GMP_DECLSPEC void mpz_init_set_si (mpz_ptr, signed long int);
+
+#define mpz_init_set_str __gmpz_init_set_str
+__GMP_DECLSPEC int mpz_init_set_str (mpz_ptr, const char *, int);
+
+#define mpz_init_set_ui __gmpz_init_set_ui
+__GMP_DECLSPEC void mpz_init_set_ui (mpz_ptr, unsigned long int);
+
+#define mpz_inp_raw __gmpz_inp_raw
+#ifdef _GMP_H_HAVE_FILE
+__GMP_DECLSPEC size_t mpz_inp_raw (mpz_ptr, FILE *);
+#endif
+
+#define mpz_inp_str __gmpz_inp_str
+#ifdef _GMP_H_HAVE_FILE
+__GMP_DECLSPEC size_t mpz_inp_str (mpz_ptr, FILE *, int);
+#endif
+
+#define mpz_invert __gmpz_invert
+__GMP_DECLSPEC int mpz_invert (mpz_ptr, mpz_srcptr, mpz_srcptr);
+
+#define mpz_ior __gmpz_ior
+__GMP_DECLSPEC void mpz_ior (mpz_ptr, mpz_srcptr, mpz_srcptr);
+
+#define mpz_jacobi __gmpz_jacobi
+__GMP_DECLSPEC int mpz_jacobi (mpz_srcptr, mpz_srcptr) __GMP_ATTRIBUTE_PURE;
+
+#define mpz_kronecker mpz_jacobi  /* alias */
+
+#define mpz_kronecker_si __gmpz_kronecker_si
+__GMP_DECLSPEC int mpz_kronecker_si (mpz_srcptr, long) __GMP_ATTRIBUTE_PURE;
+
+#define mpz_kronecker_ui __gmpz_kronecker_ui
+__GMP_DECLSPEC int mpz_kronecker_ui (mpz_srcptr, unsigned long) __GMP_ATTRIBUTE_PURE;
+
+#define mpz_si_kronecker __gmpz_si_kronecker
+__GMP_DECLSPEC int mpz_si_kronecker (long, mpz_srcptr) __GMP_ATTRIBUTE_PURE;
+
+#define mpz_ui_kronecker __gmpz_ui_kronecker
+__GMP_DECLSPEC int mpz_ui_kronecker (unsigned long, mpz_srcptr) __GMP_ATTRIBUTE_PURE;
+
+#define mpz_lcm __gmpz_lcm
+__GMP_DECLSPEC void mpz_lcm (mpz_ptr, mpz_srcptr, mpz_srcptr);
+
+#define mpz_lcm_ui __gmpz_lcm_ui
+__GMP_DECLSPEC void mpz_lcm_ui (mpz_ptr, mpz_srcptr, unsigned long);
+
+#define mpz_legendre mpz_jacobi  /* alias */
+
+#define mpz_lucnum_ui __gmpz_lucnum_ui
+__GMP_DECLSPEC void mpz_lucnum_ui (mpz_ptr, unsigned long int);
+
+#define mpz_lucnum2_ui __gmpz_lucnum2_ui
+__GMP_DECLSPEC void mpz_lucnum2_ui (mpz_ptr, mpz_ptr, unsigned long int);
+
+#define mpz_millerrabin __gmpz_millerrabin
+__GMP_DECLSPEC int mpz_millerrabin (mpz_srcptr, int) __GMP_ATTRIBUTE_PURE;
+
+#define mpz_mod __gmpz_mod
+__GMP_DECLSPEC void mpz_mod (mpz_ptr, mpz_srcptr, mpz_srcptr);
+
+#define mpz_mod_ui mpz_fdiv_r_ui /* same as fdiv_r because divisor unsigned */
+
+#define mpz_mul __gmpz_mul
+__GMP_DECLSPEC void mpz_mul (mpz_ptr, mpz_srcptr, mpz_srcptr);
+
+#define mpz_mul_2exp __gmpz_mul_2exp
+__GMP_DECLSPEC void mpz_mul_2exp (mpz_ptr, mpz_srcptr, mp_bitcnt_t);
+
+#define mpz_mul_si __gmpz_mul_si
+__GMP_DECLSPEC void mpz_mul_si (mpz_ptr, mpz_srcptr, long int);
+
+#define mpz_mul_ui __gmpz_mul_ui
+__GMP_DECLSPEC void mpz_mul_ui (mpz_ptr, mpz_srcptr, unsigned long int);
+
+#define mpz_neg __gmpz_neg
+#if __GMP_INLINE_PROTOTYPES || defined (__GMP_FORCE_mpz_neg)
+__GMP_DECLSPEC void mpz_neg (mpz_ptr, mpz_srcptr);
+#endif
+
+#define mpz_nextprime __gmpz_nextprime
+__GMP_DECLSPEC void mpz_nextprime (mpz_ptr, mpz_srcptr);
+
+#define mpz_out_raw __gmpz_out_raw
+#ifdef _GMP_H_HAVE_FILE
+__GMP_DECLSPEC size_t mpz_out_raw (FILE *, mpz_srcptr);
+#endif
+
+#define mpz_out_str __gmpz_out_str
+#ifdef _GMP_H_HAVE_FILE
+__GMP_DECLSPEC size_t mpz_out_str (FILE *, int, mpz_srcptr);
+#endif
+
+#define mpz_perfect_power_p __gmpz_perfect_power_p
+__GMP_DECLSPEC int mpz_perfect_power_p (mpz_srcptr) __GMP_ATTRIBUTE_PURE;
+
+#define mpz_perfect_square_p __gmpz_perfect_square_p
+#if __GMP_INLINE_PROTOTYPES || defined (__GMP_FORCE_mpz_perfect_square_p)
+__GMP_DECLSPEC int mpz_perfect_square_p (mpz_srcptr) __GMP_ATTRIBUTE_PURE;
+#endif
+
+#define mpz_popcount __gmpz_popcount
+#if __GMP_INLINE_PROTOTYPES || defined (__GMP_FORCE_mpz_popcount)
+__GMP_DECLSPEC mp_bitcnt_t mpz_popcount (mpz_srcptr) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+#endif
+
+#define mpz_pow_ui __gmpz_pow_ui
+__GMP_DECLSPEC void mpz_pow_ui (mpz_ptr, mpz_srcptr, unsigned long int);
+
+#define mpz_powm __gmpz_powm
+__GMP_DECLSPEC void mpz_powm (mpz_ptr, mpz_srcptr, mpz_srcptr, mpz_srcptr);
+
+#define mpz_powm_sec __gmpz_powm_sec
+__GMP_DECLSPEC void mpz_powm_sec (mpz_ptr, mpz_srcptr, mpz_srcptr, mpz_srcptr);
+
+#define mpz_powm_ui __gmpz_powm_ui
+__GMP_DECLSPEC void mpz_powm_ui (mpz_ptr, mpz_srcptr, unsigned long int, mpz_srcptr);
+
+#define mpz_probab_prime_p __gmpz_probab_prime_p
+__GMP_DECLSPEC int mpz_probab_prime_p (mpz_srcptr, int) __GMP_ATTRIBUTE_PURE;
+
+#define mpz_random __gmpz_random
+__GMP_DECLSPEC void mpz_random (mpz_ptr, mp_size_t);
+
+#define mpz_random2 __gmpz_random2
+__GMP_DECLSPEC void mpz_random2 (mpz_ptr, mp_size_t);
+
+#define mpz_realloc2 __gmpz_realloc2
+__GMP_DECLSPEC void mpz_realloc2 (mpz_ptr, mp_bitcnt_t);
+
+#define mpz_remove __gmpz_remove
+__GMP_DECLSPEC mp_bitcnt_t mpz_remove (mpz_ptr, mpz_srcptr, mpz_srcptr);
+
+#define mpz_root __gmpz_root
+__GMP_DECLSPEC int mpz_root (mpz_ptr, mpz_srcptr, unsigned long int);
+
+#define mpz_rootrem __gmpz_rootrem
+__GMP_DECLSPEC void mpz_rootrem (mpz_ptr, mpz_ptr, mpz_srcptr, unsigned long int);
+
+#define mpz_rrandomb __gmpz_rrandomb
+__GMP_DECLSPEC void mpz_rrandomb (mpz_ptr, gmp_randstate_t, mp_bitcnt_t);
+
+#define mpz_scan0 __gmpz_scan0
+__GMP_DECLSPEC mp_bitcnt_t mpz_scan0 (mpz_srcptr, mp_bitcnt_t) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpz_scan1 __gmpz_scan1
+__GMP_DECLSPEC mp_bitcnt_t mpz_scan1 (mpz_srcptr, mp_bitcnt_t) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpz_set __gmpz_set
+__GMP_DECLSPEC void mpz_set (mpz_ptr, mpz_srcptr);
+
+#define mpz_set_d __gmpz_set_d
+__GMP_DECLSPEC void mpz_set_d (mpz_ptr, double);
+
+#define mpz_set_f __gmpz_set_f
+__GMP_DECLSPEC void mpz_set_f (mpz_ptr, mpf_srcptr);
+
+#define mpz_set_q __gmpz_set_q
+#if __GMP_INLINE_PROTOTYPES || defined (__GMP_FORCE_mpz_set_q)
+__GMP_DECLSPEC void mpz_set_q (mpz_ptr, mpq_srcptr);
+#endif
+
+#define mpz_set_si __gmpz_set_si
+__GMP_DECLSPEC void mpz_set_si (mpz_ptr, signed long int);
+
+#define mpz_set_str __gmpz_set_str
+__GMP_DECLSPEC int mpz_set_str (mpz_ptr, const char *, int);
+
+#define mpz_set_ui __gmpz_set_ui
+__GMP_DECLSPEC void mpz_set_ui (mpz_ptr, unsigned long int);
+
+#define mpz_setbit __gmpz_setbit
+__GMP_DECLSPEC void mpz_setbit (mpz_ptr, mp_bitcnt_t);
+
+#define mpz_size __gmpz_size
+#if __GMP_INLINE_PROTOTYPES || defined (__GMP_FORCE_mpz_size)
+__GMP_DECLSPEC size_t mpz_size (mpz_srcptr) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+#endif
+
+#define mpz_sizeinbase __gmpz_sizeinbase
+__GMP_DECLSPEC size_t mpz_sizeinbase (mpz_srcptr, int) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpz_sqrt __gmpz_sqrt
+__GMP_DECLSPEC void mpz_sqrt (mpz_ptr, mpz_srcptr);
+
+#define mpz_sqrtrem __gmpz_sqrtrem
+__GMP_DECLSPEC void mpz_sqrtrem (mpz_ptr, mpz_ptr, mpz_srcptr);
+
+#define mpz_sub __gmpz_sub
+__GMP_DECLSPEC void mpz_sub (mpz_ptr, mpz_srcptr, mpz_srcptr);
+
+#define mpz_sub_ui __gmpz_sub_ui
+__GMP_DECLSPEC void mpz_sub_ui (mpz_ptr, mpz_srcptr, unsigned long int);
+
+#define mpz_ui_sub __gmpz_ui_sub
+__GMP_DECLSPEC void mpz_ui_sub (mpz_ptr, unsigned long int, mpz_srcptr);
+
+#define mpz_submul __gmpz_submul
+__GMP_DECLSPEC void mpz_submul (mpz_ptr, mpz_srcptr, mpz_srcptr);
+
+#define mpz_submul_ui __gmpz_submul_ui
+__GMP_DECLSPEC void mpz_submul_ui (mpz_ptr, mpz_srcptr, unsigned long int);
+
+#define mpz_swap __gmpz_swap
+__GMP_DECLSPEC void mpz_swap (mpz_ptr, mpz_ptr) __GMP_NOTHROW;
+
+#define mpz_tdiv_ui __gmpz_tdiv_ui
+__GMP_DECLSPEC unsigned long int mpz_tdiv_ui (mpz_srcptr, unsigned long int) __GMP_ATTRIBUTE_PURE;
+
+#define mpz_tdiv_q __gmpz_tdiv_q
+__GMP_DECLSPEC void mpz_tdiv_q (mpz_ptr, mpz_srcptr, mpz_srcptr);
+
+#define mpz_tdiv_q_2exp __gmpz_tdiv_q_2exp
+__GMP_DECLSPEC void mpz_tdiv_q_2exp (mpz_ptr, mpz_srcptr, mp_bitcnt_t);
+
+#define mpz_tdiv_q_ui __gmpz_tdiv_q_ui
+__GMP_DECLSPEC unsigned long int mpz_tdiv_q_ui (mpz_ptr, mpz_srcptr, unsigned long int);
+
+#define mpz_tdiv_qr __gmpz_tdiv_qr
+__GMP_DECLSPEC void mpz_tdiv_qr (mpz_ptr, mpz_ptr, mpz_srcptr, mpz_srcptr);
+
+#define mpz_tdiv_qr_ui __gmpz_tdiv_qr_ui
+__GMP_DECLSPEC unsigned long int mpz_tdiv_qr_ui (mpz_ptr, mpz_ptr, mpz_srcptr, unsigned long int);
+
+#define mpz_tdiv_r __gmpz_tdiv_r
+__GMP_DECLSPEC void mpz_tdiv_r (mpz_ptr, mpz_srcptr, mpz_srcptr);
+
+#define mpz_tdiv_r_2exp __gmpz_tdiv_r_2exp
+__GMP_DECLSPEC void mpz_tdiv_r_2exp (mpz_ptr, mpz_srcptr, mp_bitcnt_t);
+
+#define mpz_tdiv_r_ui __gmpz_tdiv_r_ui
+__GMP_DECLSPEC unsigned long int mpz_tdiv_r_ui (mpz_ptr, mpz_srcptr, unsigned long int);
+
+#define mpz_tstbit __gmpz_tstbit
+__GMP_DECLSPEC int mpz_tstbit (mpz_srcptr, mp_bitcnt_t) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpz_ui_pow_ui __gmpz_ui_pow_ui
+__GMP_DECLSPEC void mpz_ui_pow_ui (mpz_ptr, unsigned long int, unsigned long int);
+
+#define mpz_urandomb __gmpz_urandomb
+__GMP_DECLSPEC void mpz_urandomb (mpz_ptr, gmp_randstate_t, mp_bitcnt_t);
+
+#define mpz_urandomm __gmpz_urandomm
+__GMP_DECLSPEC void mpz_urandomm (mpz_ptr, gmp_randstate_t, mpz_srcptr);
+
+#define mpz_xor __gmpz_xor
+#define mpz_eor __gmpz_xor
+__GMP_DECLSPEC void mpz_xor (mpz_ptr, mpz_srcptr, mpz_srcptr);
+
+#define mpz_limbs_read __gmpz_limbs_read
+__GMP_DECLSPEC mp_srcptr mpz_limbs_read (mpz_srcptr);
+
+#define mpz_limbs_write __gmpz_limbs_write
+__GMP_DECLSPEC mp_ptr mpz_limbs_write (mpz_ptr, mp_size_t);
+
+#define mpz_limbs_modify __gmpz_limbs_modify
+__GMP_DECLSPEC mp_ptr mpz_limbs_modify (mpz_ptr, mp_size_t);
+
+#define mpz_limbs_finish __gmpz_limbs_finish
+__GMP_DECLSPEC void mpz_limbs_finish (mpz_ptr, mp_size_t);
+
+#define mpz_roinit_n __gmpz_roinit_n
+__GMP_DECLSPEC mpz_srcptr mpz_roinit_n (mpz_ptr, mp_srcptr, mp_size_t);
+
+#define MPZ_ROINIT_N(xp, xs) {{0, (xs),(xp) }}
+
+/**************** Rational (i.e. Q) routines.  ****************/
+
+#define mpq_abs __gmpq_abs
+#if __GMP_INLINE_PROTOTYPES || defined (__GMP_FORCE_mpq_abs)
+__GMP_DECLSPEC void mpq_abs (mpq_ptr, mpq_srcptr);
+#endif
+
+#define mpq_add __gmpq_add
+__GMP_DECLSPEC void mpq_add (mpq_ptr, mpq_srcptr, mpq_srcptr);
+
+#define mpq_canonicalize __gmpq_canonicalize
+__GMP_DECLSPEC void mpq_canonicalize (mpq_ptr);
+
+#define mpq_clear __gmpq_clear
+__GMP_DECLSPEC void mpq_clear (mpq_ptr);
+
+#define mpq_clears __gmpq_clears
+__GMP_DECLSPEC void mpq_clears (mpq_ptr, ...);
+
+#define mpq_cmp __gmpq_cmp
+__GMP_DECLSPEC int mpq_cmp (mpq_srcptr, mpq_srcptr) __GMP_ATTRIBUTE_PURE;
+
+#define _mpq_cmp_si __gmpq_cmp_si
+__GMP_DECLSPEC int _mpq_cmp_si (mpq_srcptr, long, unsigned long) __GMP_ATTRIBUTE_PURE;
+
+#define _mpq_cmp_ui __gmpq_cmp_ui
+__GMP_DECLSPEC int _mpq_cmp_ui (mpq_srcptr, unsigned long int, unsigned long int) __GMP_ATTRIBUTE_PURE;
+
+#define mpq_div __gmpq_div
+__GMP_DECLSPEC void mpq_div (mpq_ptr, mpq_srcptr, mpq_srcptr);
+
+#define mpq_div_2exp __gmpq_div_2exp
+__GMP_DECLSPEC void mpq_div_2exp (mpq_ptr, mpq_srcptr, mp_bitcnt_t);
+
+#define mpq_equal __gmpq_equal
+__GMP_DECLSPEC int mpq_equal (mpq_srcptr, mpq_srcptr) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpq_get_num __gmpq_get_num
+__GMP_DECLSPEC void mpq_get_num (mpz_ptr, mpq_srcptr);
+
+#define mpq_get_den __gmpq_get_den
+__GMP_DECLSPEC void mpq_get_den (mpz_ptr, mpq_srcptr);
+
+#define mpq_get_d __gmpq_get_d
+__GMP_DECLSPEC double mpq_get_d (mpq_srcptr) __GMP_ATTRIBUTE_PURE;
+
+#define mpq_get_str __gmpq_get_str
+__GMP_DECLSPEC char *mpq_get_str (char *, int, mpq_srcptr);
+
+#define mpq_init __gmpq_init
+__GMP_DECLSPEC void mpq_init (mpq_ptr);
+
+#define mpq_inits __gmpq_inits
+__GMP_DECLSPEC void mpq_inits (mpq_ptr, ...);
+
+#define mpq_inp_str __gmpq_inp_str
+#ifdef _GMP_H_HAVE_FILE
+__GMP_DECLSPEC size_t mpq_inp_str (mpq_ptr, FILE *, int);
+#endif
+
+#define mpq_inv __gmpq_inv
+__GMP_DECLSPEC void mpq_inv (mpq_ptr, mpq_srcptr);
+
+#define mpq_mul __gmpq_mul
+__GMP_DECLSPEC void mpq_mul (mpq_ptr, mpq_srcptr, mpq_srcptr);
+
+#define mpq_mul_2exp __gmpq_mul_2exp
+__GMP_DECLSPEC void mpq_mul_2exp (mpq_ptr, mpq_srcptr, mp_bitcnt_t);
+
+#define mpq_neg __gmpq_neg
+#if __GMP_INLINE_PROTOTYPES || defined (__GMP_FORCE_mpq_neg)
+__GMP_DECLSPEC void mpq_neg (mpq_ptr, mpq_srcptr);
+#endif
+
+#define mpq_out_str __gmpq_out_str
+#ifdef _GMP_H_HAVE_FILE
+__GMP_DECLSPEC size_t mpq_out_str (FILE *, int, mpq_srcptr);
+#endif
+
+#define mpq_set __gmpq_set
+__GMP_DECLSPEC void mpq_set (mpq_ptr, mpq_srcptr);
+
+#define mpq_set_d __gmpq_set_d
+__GMP_DECLSPEC void mpq_set_d (mpq_ptr, double);
+
+#define mpq_set_den __gmpq_set_den
+__GMP_DECLSPEC void mpq_set_den (mpq_ptr, mpz_srcptr);
+
+#define mpq_set_f __gmpq_set_f
+__GMP_DECLSPEC void mpq_set_f (mpq_ptr, mpf_srcptr);
+
+#define mpq_set_num __gmpq_set_num
+__GMP_DECLSPEC void mpq_set_num (mpq_ptr, mpz_srcptr);
+
+#define mpq_set_si __gmpq_set_si
+__GMP_DECLSPEC void mpq_set_si (mpq_ptr, signed long int, unsigned long int);
+
+#define mpq_set_str __gmpq_set_str
+__GMP_DECLSPEC int mpq_set_str (mpq_ptr, const char *, int);
+
+#define mpq_set_ui __gmpq_set_ui
+__GMP_DECLSPEC void mpq_set_ui (mpq_ptr, unsigned long int, unsigned long int);
+
+#define mpq_set_z __gmpq_set_z
+__GMP_DECLSPEC void mpq_set_z (mpq_ptr, mpz_srcptr);
+
+#define mpq_sub __gmpq_sub
+__GMP_DECLSPEC void mpq_sub (mpq_ptr, mpq_srcptr, mpq_srcptr);
+
+#define mpq_swap __gmpq_swap
+__GMP_DECLSPEC void mpq_swap (mpq_ptr, mpq_ptr) __GMP_NOTHROW;
+
+
+/**************** Float (i.e. F) routines.  ****************/
+
+#define mpf_abs __gmpf_abs
+__GMP_DECLSPEC void mpf_abs (mpf_ptr, mpf_srcptr);
+
+#define mpf_add __gmpf_add
+__GMP_DECLSPEC void mpf_add (mpf_ptr, mpf_srcptr, mpf_srcptr);
+
+#define mpf_add_ui __gmpf_add_ui
+__GMP_DECLSPEC void mpf_add_ui (mpf_ptr, mpf_srcptr, unsigned long int);
+#define mpf_ceil __gmpf_ceil
+__GMP_DECLSPEC void mpf_ceil (mpf_ptr, mpf_srcptr);
+
+#define mpf_clear __gmpf_clear
+__GMP_DECLSPEC void mpf_clear (mpf_ptr);
+
+#define mpf_clears __gmpf_clears
+__GMP_DECLSPEC void mpf_clears (mpf_ptr, ...);
+
+#define mpf_cmp __gmpf_cmp
+__GMP_DECLSPEC int mpf_cmp (mpf_srcptr, mpf_srcptr) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpf_cmp_d __gmpf_cmp_d
+__GMP_DECLSPEC int mpf_cmp_d (mpf_srcptr, double) __GMP_ATTRIBUTE_PURE;
+
+#define mpf_cmp_si __gmpf_cmp_si
+__GMP_DECLSPEC int mpf_cmp_si (mpf_srcptr, signed long int) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpf_cmp_ui __gmpf_cmp_ui
+__GMP_DECLSPEC int mpf_cmp_ui (mpf_srcptr, unsigned long int) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpf_div __gmpf_div
+__GMP_DECLSPEC void mpf_div (mpf_ptr, mpf_srcptr, mpf_srcptr);
+
+#define mpf_div_2exp __gmpf_div_2exp
+__GMP_DECLSPEC void mpf_div_2exp (mpf_ptr, mpf_srcptr, mp_bitcnt_t);
+
+#define mpf_div_ui __gmpf_div_ui
+__GMP_DECLSPEC void mpf_div_ui (mpf_ptr, mpf_srcptr, unsigned long int);
+
+#define mpf_dump __gmpf_dump
+__GMP_DECLSPEC void mpf_dump (mpf_srcptr);
+
+#define mpf_eq __gmpf_eq
+__GMP_DECLSPEC int mpf_eq (mpf_srcptr, mpf_srcptr, mp_bitcnt_t) __GMP_ATTRIBUTE_PURE;
+
+#define mpf_fits_sint_p __gmpf_fits_sint_p
+__GMP_DECLSPEC int mpf_fits_sint_p (mpf_srcptr) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpf_fits_slong_p __gmpf_fits_slong_p
+__GMP_DECLSPEC int mpf_fits_slong_p (mpf_srcptr) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpf_fits_sshort_p __gmpf_fits_sshort_p
+__GMP_DECLSPEC int mpf_fits_sshort_p (mpf_srcptr) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpf_fits_uint_p __gmpf_fits_uint_p
+__GMP_DECLSPEC int mpf_fits_uint_p (mpf_srcptr) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpf_fits_ulong_p __gmpf_fits_ulong_p
+__GMP_DECLSPEC int mpf_fits_ulong_p (mpf_srcptr) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpf_fits_ushort_p __gmpf_fits_ushort_p
+__GMP_DECLSPEC int mpf_fits_ushort_p (mpf_srcptr) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpf_floor __gmpf_floor
+__GMP_DECLSPEC void mpf_floor (mpf_ptr, mpf_srcptr);
+
+#define mpf_get_d __gmpf_get_d
+__GMP_DECLSPEC double mpf_get_d (mpf_srcptr) __GMP_ATTRIBUTE_PURE;
+
+#define mpf_get_d_2exp __gmpf_get_d_2exp
+__GMP_DECLSPEC double mpf_get_d_2exp (signed long int *, mpf_srcptr);
+
+#define mpf_get_default_prec __gmpf_get_default_prec
+__GMP_DECLSPEC mp_bitcnt_t mpf_get_default_prec (void) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpf_get_prec __gmpf_get_prec
+__GMP_DECLSPEC mp_bitcnt_t mpf_get_prec (mpf_srcptr) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpf_get_si __gmpf_get_si
+__GMP_DECLSPEC long mpf_get_si (mpf_srcptr) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpf_get_str __gmpf_get_str
+__GMP_DECLSPEC char *mpf_get_str (char *, mp_exp_t *, int, size_t, mpf_srcptr);
+
+#define mpf_get_ui __gmpf_get_ui
+__GMP_DECLSPEC unsigned long mpf_get_ui (mpf_srcptr) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpf_init __gmpf_init
+__GMP_DECLSPEC void mpf_init (mpf_ptr);
+
+#define mpf_init2 __gmpf_init2
+__GMP_DECLSPEC void mpf_init2 (mpf_ptr, mp_bitcnt_t);
+
+#define mpf_inits __gmpf_inits
+__GMP_DECLSPEC void mpf_inits (mpf_ptr, ...);
+
+#define mpf_init_set __gmpf_init_set
+__GMP_DECLSPEC void mpf_init_set (mpf_ptr, mpf_srcptr);
+
+#define mpf_init_set_d __gmpf_init_set_d
+__GMP_DECLSPEC void mpf_init_set_d (mpf_ptr, double);
+
+#define mpf_init_set_si __gmpf_init_set_si
+__GMP_DECLSPEC void mpf_init_set_si (mpf_ptr, signed long int);
+
+#define mpf_init_set_str __gmpf_init_set_str
+__GMP_DECLSPEC int mpf_init_set_str (mpf_ptr, const char *, int);
+
+#define mpf_init_set_ui __gmpf_init_set_ui
+__GMP_DECLSPEC void mpf_init_set_ui (mpf_ptr, unsigned long int);
+
+#define mpf_inp_str __gmpf_inp_str
+#ifdef _GMP_H_HAVE_FILE
+__GMP_DECLSPEC size_t mpf_inp_str (mpf_ptr, FILE *, int);
+#endif
+
+#define mpf_integer_p __gmpf_integer_p
+__GMP_DECLSPEC int mpf_integer_p (mpf_srcptr) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpf_mul __gmpf_mul
+__GMP_DECLSPEC void mpf_mul (mpf_ptr, mpf_srcptr, mpf_srcptr);
+
+#define mpf_mul_2exp __gmpf_mul_2exp
+__GMP_DECLSPEC void mpf_mul_2exp (mpf_ptr, mpf_srcptr, mp_bitcnt_t);
+
+#define mpf_mul_ui __gmpf_mul_ui
+__GMP_DECLSPEC void mpf_mul_ui (mpf_ptr, mpf_srcptr, unsigned long int);
+
+#define mpf_neg __gmpf_neg
+__GMP_DECLSPEC void mpf_neg (mpf_ptr, mpf_srcptr);
+
+#define mpf_out_str __gmpf_out_str
+#ifdef _GMP_H_HAVE_FILE
+__GMP_DECLSPEC size_t mpf_out_str (FILE *, int, size_t, mpf_srcptr);
+#endif
+
+#define mpf_pow_ui __gmpf_pow_ui
+__GMP_DECLSPEC void mpf_pow_ui (mpf_ptr, mpf_srcptr, unsigned long int);
+
+#define mpf_random2 __gmpf_random2
+__GMP_DECLSPEC void mpf_random2 (mpf_ptr, mp_size_t, mp_exp_t);
+
+#define mpf_reldiff __gmpf_reldiff
+__GMP_DECLSPEC void mpf_reldiff (mpf_ptr, mpf_srcptr, mpf_srcptr);
+
+#define mpf_set __gmpf_set
+__GMP_DECLSPEC void mpf_set (mpf_ptr, mpf_srcptr);
+
+#define mpf_set_d __gmpf_set_d
+__GMP_DECLSPEC void mpf_set_d (mpf_ptr, double);
+
+#define mpf_set_default_prec __gmpf_set_default_prec
+__GMP_DECLSPEC void mpf_set_default_prec (mp_bitcnt_t) __GMP_NOTHROW;
+
+#define mpf_set_prec __gmpf_set_prec
+__GMP_DECLSPEC void mpf_set_prec (mpf_ptr, mp_bitcnt_t);
+
+#define mpf_set_prec_raw __gmpf_set_prec_raw
+__GMP_DECLSPEC void mpf_set_prec_raw (mpf_ptr, mp_bitcnt_t) __GMP_NOTHROW;
+
+#define mpf_set_q __gmpf_set_q
+__GMP_DECLSPEC void mpf_set_q (mpf_ptr, mpq_srcptr);
+
+#define mpf_set_si __gmpf_set_si
+__GMP_DECLSPEC void mpf_set_si (mpf_ptr, signed long int);
+
+#define mpf_set_str __gmpf_set_str
+__GMP_DECLSPEC int mpf_set_str (mpf_ptr, const char *, int);
+
+#define mpf_set_ui __gmpf_set_ui
+__GMP_DECLSPEC void mpf_set_ui (mpf_ptr, unsigned long int);
+
+#define mpf_set_z __gmpf_set_z
+__GMP_DECLSPEC void mpf_set_z (mpf_ptr, mpz_srcptr);
+
+#define mpf_size __gmpf_size
+__GMP_DECLSPEC size_t mpf_size (mpf_srcptr) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpf_sqrt __gmpf_sqrt
+__GMP_DECLSPEC void mpf_sqrt (mpf_ptr, mpf_srcptr);
+
+#define mpf_sqrt_ui __gmpf_sqrt_ui
+__GMP_DECLSPEC void mpf_sqrt_ui (mpf_ptr, unsigned long int);
+
+#define mpf_sub __gmpf_sub
+__GMP_DECLSPEC void mpf_sub (mpf_ptr, mpf_srcptr, mpf_srcptr);
+
+#define mpf_sub_ui __gmpf_sub_ui
+__GMP_DECLSPEC void mpf_sub_ui (mpf_ptr, mpf_srcptr, unsigned long int);
+
+#define mpf_swap __gmpf_swap
+__GMP_DECLSPEC void mpf_swap (mpf_ptr, mpf_ptr) __GMP_NOTHROW;
+
+#define mpf_trunc __gmpf_trunc
+__GMP_DECLSPEC void mpf_trunc (mpf_ptr, mpf_srcptr);
+
+#define mpf_ui_div __gmpf_ui_div
+__GMP_DECLSPEC void mpf_ui_div (mpf_ptr, unsigned long int, mpf_srcptr);
+
+#define mpf_ui_sub __gmpf_ui_sub
+__GMP_DECLSPEC void mpf_ui_sub (mpf_ptr, unsigned long int, mpf_srcptr);
+
+#define mpf_urandomb __gmpf_urandomb
+__GMP_DECLSPEC void mpf_urandomb (mpf_t, gmp_randstate_t, mp_bitcnt_t);
+
+
+/************ Low level positive-integer (i.e. N) routines.  ************/
+
+/* This is ugly, but we need to make user calls reach the prefixed function. */
+
+#define mpn_add __MPN(add)
+#if __GMP_INLINE_PROTOTYPES || defined (__GMP_FORCE_mpn_add)
+__GMP_DECLSPEC mp_limb_t mpn_add (mp_ptr, mp_srcptr, mp_size_t, mp_srcptr, mp_size_t);
+#endif
+
+#define mpn_add_1 __MPN(add_1)
+#if __GMP_INLINE_PROTOTYPES || defined (__GMP_FORCE_mpn_add_1)
+__GMP_DECLSPEC mp_limb_t mpn_add_1 (mp_ptr, mp_srcptr, mp_size_t, mp_limb_t) __GMP_NOTHROW;
+#endif
+
+#define mpn_add_n __MPN(add_n)
+__GMP_DECLSPEC mp_limb_t mpn_add_n (mp_ptr, mp_srcptr, mp_srcptr, mp_size_t);
+
+#define mpn_addmul_1 __MPN(addmul_1)
+__GMP_DECLSPEC mp_limb_t mpn_addmul_1 (mp_ptr, mp_srcptr, mp_size_t, mp_limb_t);
+
+#define mpn_cmp __MPN(cmp)
+#if __GMP_INLINE_PROTOTYPES || defined (__GMP_FORCE_mpn_cmp)
+__GMP_DECLSPEC int mpn_cmp (mp_srcptr, mp_srcptr, mp_size_t) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+#endif
+
+#define mpn_divexact_by3(dst,src,size) \
+  mpn_divexact_by3c (dst, src, size, __GMP_CAST (mp_limb_t, 0))
+
+#define mpn_divexact_by3c __MPN(divexact_by3c)
+__GMP_DECLSPEC mp_limb_t mpn_divexact_by3c (mp_ptr, mp_srcptr, mp_size_t, mp_limb_t);
+
+#define mpn_divmod_1(qp,np,nsize,dlimb) \
+  mpn_divrem_1 (qp, __GMP_CAST (mp_size_t, 0), np, nsize, dlimb)
+
+#define mpn_divrem __MPN(divrem)
+__GMP_DECLSPEC mp_limb_t mpn_divrem (mp_ptr, mp_size_t, mp_ptr, mp_size_t, mp_srcptr, mp_size_t);
+
+#define mpn_divrem_1 __MPN(divrem_1)
+__GMP_DECLSPEC mp_limb_t mpn_divrem_1 (mp_ptr, mp_size_t, mp_srcptr, mp_size_t, mp_limb_t);
+
+#define mpn_divrem_2 __MPN(divrem_2)
+__GMP_DECLSPEC mp_limb_t mpn_divrem_2 (mp_ptr, mp_size_t, mp_ptr, mp_size_t, mp_srcptr);
+
+#define mpn_div_qr_1 __MPN(div_qr_1)
+__GMP_DECLSPEC mp_limb_t mpn_div_qr_1 (mp_ptr, mp_limb_t *, mp_srcptr, mp_size_t, mp_limb_t);
+
+#define mpn_div_qr_2 __MPN(div_qr_2)
+__GMP_DECLSPEC mp_limb_t mpn_div_qr_2 (mp_ptr, mp_ptr, mp_srcptr, mp_size_t, mp_srcptr);
+
+#define mpn_gcd __MPN(gcd)
+__GMP_DECLSPEC mp_size_t mpn_gcd (mp_ptr, mp_ptr, mp_size_t, mp_ptr, mp_size_t);
+
+#define mpn_gcd_1 __MPN(gcd_1)
+__GMP_DECLSPEC mp_limb_t mpn_gcd_1 (mp_srcptr, mp_size_t, mp_limb_t) __GMP_ATTRIBUTE_PURE;
+
+#define mpn_gcdext_1 __MPN(gcdext_1)
+__GMP_DECLSPEC mp_limb_t mpn_gcdext_1 (mp_limb_signed_t *, mp_limb_signed_t *, mp_limb_t, mp_limb_t);
+
+#define mpn_gcdext __MPN(gcdext)
+__GMP_DECLSPEC mp_size_t mpn_gcdext (mp_ptr, mp_ptr, mp_size_t *, mp_ptr, mp_size_t, mp_ptr, mp_size_t);
+
+#define mpn_get_str __MPN(get_str)
+__GMP_DECLSPEC size_t mpn_get_str (unsigned char *, int, mp_ptr, mp_size_t);
+
+#define mpn_hamdist __MPN(hamdist)
+__GMP_DECLSPEC mp_bitcnt_t mpn_hamdist (mp_srcptr, mp_srcptr, mp_size_t) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpn_lshift __MPN(lshift)
+__GMP_DECLSPEC mp_limb_t mpn_lshift (mp_ptr, mp_srcptr, mp_size_t, unsigned int);
+
+#define mpn_mod_1 __MPN(mod_1)
+__GMP_DECLSPEC mp_limb_t mpn_mod_1 (mp_srcptr, mp_size_t, mp_limb_t) __GMP_ATTRIBUTE_PURE;
+
+#define mpn_mul __MPN(mul)
+__GMP_DECLSPEC mp_limb_t mpn_mul (mp_ptr, mp_srcptr, mp_size_t, mp_srcptr, mp_size_t);
+
+#define mpn_mul_1 __MPN(mul_1)
+__GMP_DECLSPEC mp_limb_t mpn_mul_1 (mp_ptr, mp_srcptr, mp_size_t, mp_limb_t);
+
+#define mpn_mul_n __MPN(mul_n)
+__GMP_DECLSPEC void mpn_mul_n (mp_ptr, mp_srcptr, mp_srcptr, mp_size_t);
+
+#define mpn_sqr __MPN(sqr)
+__GMP_DECLSPEC void mpn_sqr (mp_ptr, mp_srcptr, mp_size_t);
+
+#define mpn_neg __MPN(neg)
+#if __GMP_INLINE_PROTOTYPES || defined (__GMP_FORCE_mpn_neg)
+__GMP_DECLSPEC mp_limb_t mpn_neg (mp_ptr, mp_srcptr, mp_size_t);
+#endif
+
+#define mpn_com __MPN(com)
+#if __GMP_INLINE_PROTOTYPES || defined (__GMP_FORCE_mpn_com)
+__GMP_DECLSPEC void mpn_com (mp_ptr, mp_srcptr, mp_size_t);
+#endif
+
+#define mpn_perfect_square_p __MPN(perfect_square_p)
+__GMP_DECLSPEC int mpn_perfect_square_p (mp_srcptr, mp_size_t) __GMP_ATTRIBUTE_PURE;
+
+#define mpn_perfect_power_p __MPN(perfect_power_p)
+__GMP_DECLSPEC int mpn_perfect_power_p (mp_srcptr, mp_size_t) __GMP_ATTRIBUTE_PURE;
+
+#define mpn_popcount __MPN(popcount)
+__GMP_DECLSPEC mp_bitcnt_t mpn_popcount (mp_srcptr, mp_size_t) __GMP_NOTHROW __GMP_ATTRIBUTE_PURE;
+
+#define mpn_pow_1 __MPN(pow_1)
+__GMP_DECLSPEC mp_size_t mpn_pow_1 (mp_ptr, mp_srcptr, mp_size_t, mp_limb_t, mp_ptr);
+
+/* undocumented now, but retained here for upward compatibility */
+#define mpn_preinv_mod_1 __MPN(preinv_mod_1)
+__GMP_DECLSPEC mp_limb_t mpn_preinv_mod_1 (mp_srcptr, mp_size_t, mp_limb_t, mp_limb_t) __GMP_ATTRIBUTE_PURE;
+
+#define mpn_random __MPN(random)
+__GMP_DECLSPEC void mpn_random (mp_ptr, mp_size_t);
+
+#define mpn_random2 __MPN(random2)
+__GMP_DECLSPEC void mpn_random2 (mp_ptr, mp_size_t);
+
+#define mpn_rshift __MPN(rshift)
+__GMP_DECLSPEC mp_limb_t mpn_rshift (mp_ptr, mp_srcptr, mp_size_t, unsigned int);
+
+#define mpn_scan0 __MPN(scan0)
+__GMP_DECLSPEC mp_bitcnt_t mpn_scan0 (mp_srcptr, mp_bitcnt_t) __GMP_ATTRIBUTE_PURE;
+
+#define mpn_scan1 __MPN(scan1)
+__GMP_DECLSPEC mp_bitcnt_t mpn_scan1 (mp_srcptr, mp_bitcnt_t) __GMP_ATTRIBUTE_PURE;
+
+#define mpn_set_str __MPN(set_str)
+__GMP_DECLSPEC mp_size_t mpn_set_str (mp_ptr, const unsigned char *, size_t, int);
+
+#define mpn_sizeinbase __MPN(sizeinbase)
+__GMP_DECLSPEC size_t mpn_sizeinbase (mp_srcptr, mp_size_t, int);
+
+#define mpn_sqrtrem __MPN(sqrtrem)
+__GMP_DECLSPEC mp_size_t mpn_sqrtrem (mp_ptr, mp_ptr, mp_srcptr, mp_size_t);
+
+#define mpn_sub __MPN(sub)
+#if __GMP_INLINE_PROTOTYPES || defined (__GMP_FORCE_mpn_sub)
+__GMP_DECLSPEC mp_limb_t mpn_sub (mp_ptr, mp_srcptr, mp_size_t, mp_srcptr, mp_size_t);
+#endif
+
+#define mpn_sub_1 __MPN(sub_1)
+#if __GMP_INLINE_PROTOTYPES || defined (__GMP_FORCE_mpn_sub_1)
+__GMP_DECLSPEC mp_limb_t mpn_sub_1 (mp_ptr, mp_srcptr, mp_size_t, mp_limb_t) __GMP_NOTHROW;
+#endif
+
+#define mpn_sub_n __MPN(sub_n)
+__GMP_DECLSPEC mp_limb_t mpn_sub_n (mp_ptr, mp_srcptr, mp_srcptr, mp_size_t);
+
+#define mpn_submul_1 __MPN(submul_1)
+__GMP_DECLSPEC mp_limb_t mpn_submul_1 (mp_ptr, mp_srcptr, mp_size_t, mp_limb_t);
+
+#define mpn_tdiv_qr __MPN(tdiv_qr)
+__GMP_DECLSPEC void mpn_tdiv_qr (mp_ptr, mp_ptr, mp_size_t, mp_srcptr, mp_size_t, mp_srcptr, mp_size_t);
+
+#define mpn_and_n __MPN(and_n)
+__GMP_DECLSPEC void mpn_and_n (mp_ptr, mp_srcptr, mp_srcptr, mp_size_t);
+#define mpn_andn_n __MPN(andn_n)
+__GMP_DECLSPEC void mpn_andn_n (mp_ptr, mp_srcptr, mp_srcptr, mp_size_t);
+#define mpn_nand_n __MPN(nand_n)
+__GMP_DECLSPEC void mpn_nand_n (mp_ptr, mp_srcptr, mp_srcptr, mp_size_t);
+#define mpn_ior_n __MPN(ior_n)
+__GMP_DECLSPEC void mpn_ior_n (mp_ptr, mp_srcptr, mp_srcptr, mp_size_t);
+#define mpn_iorn_n __MPN(iorn_n)
+__GMP_DECLSPEC void mpn_iorn_n (mp_ptr, mp_srcptr, mp_srcptr, mp_size_t);
+#define mpn_nior_n __MPN(nior_n)
+__GMP_DECLSPEC void mpn_nior_n (mp_ptr, mp_srcptr, mp_srcptr, mp_size_t);
+#define mpn_xor_n __MPN(xor_n)
+__GMP_DECLSPEC void mpn_xor_n (mp_ptr, mp_srcptr, mp_srcptr, mp_size_t);
+#define mpn_xnor_n __MPN(xnor_n)
+__GMP_DECLSPEC void mpn_xnor_n (mp_ptr, mp_srcptr, mp_srcptr, mp_size_t);
+
+#define mpn_copyi __MPN(copyi)
+__GMP_DECLSPEC void mpn_copyi (mp_ptr, mp_srcptr, mp_size_t);
+#define mpn_copyd __MPN(copyd)
+__GMP_DECLSPEC void mpn_copyd (mp_ptr, mp_srcptr, mp_size_t);
+#define mpn_zero __MPN(zero)
+__GMP_DECLSPEC void mpn_zero (mp_ptr, mp_size_t);
+
+#define mpn_cnd_add_n __MPN(cnd_add_n)
+__GMP_DECLSPEC mp_limb_t mpn_cnd_add_n (mp_limb_t, mp_ptr, mp_srcptr, mp_srcptr, mp_size_t);
+#define mpn_cnd_sub_n __MPN(cnd_sub_n)
+__GMP_DECLSPEC mp_limb_t mpn_cnd_sub_n (mp_limb_t, mp_ptr, mp_srcptr, mp_srcptr, mp_size_t);
+
+#define mpn_sec_add_1 __MPN(sec_add_1)
+__GMP_DECLSPEC mp_limb_t mpn_sec_add_1 (mp_ptr, mp_srcptr, mp_size_t, mp_limb_t, mp_ptr);
+#define mpn_sec_add_1_itch __MPN(sec_add_1_itch)
+__GMP_DECLSPEC mp_size_t mpn_sec_add_1_itch (mp_size_t) __GMP_ATTRIBUTE_PURE;
+
+#define mpn_sec_sub_1 __MPN(sec_sub_1)
+__GMP_DECLSPEC mp_limb_t mpn_sec_sub_1 (mp_ptr, mp_srcptr, mp_size_t, mp_limb_t, mp_ptr);
+#define mpn_sec_sub_1_itch __MPN(sec_sub_1_itch)
+__GMP_DECLSPEC mp_size_t mpn_sec_sub_1_itch (mp_size_t) __GMP_ATTRIBUTE_PURE;
+
+#define mpn_sec_mul __MPN(sec_mul)
+__GMP_DECLSPEC void mpn_sec_mul (mp_ptr, mp_srcptr, mp_size_t, mp_srcptr, mp_size_t, mp_ptr);
+#define mpn_sec_mul_itch __MPN(sec_mul_itch)
+__GMP_DECLSPEC mp_size_t mpn_sec_mul_itch (mp_size_t, mp_size_t) __GMP_ATTRIBUTE_PURE;
+
+#define mpn_sec_sqr __MPN(sec_sqr)
+__GMP_DECLSPEC void mpn_sec_sqr (mp_ptr, mp_srcptr, mp_size_t, mp_ptr);
+#define mpn_sec_sqr_itch __MPN(sec_sqr_itch)
+__GMP_DECLSPEC mp_size_t mpn_sec_sqr_itch (mp_size_t) __GMP_ATTRIBUTE_PURE;
+
+#define mpn_sec_powm __MPN(sec_powm)
+__GMP_DECLSPEC void mpn_sec_powm (mp_ptr, mp_srcptr, mp_size_t, mp_srcptr, mp_bitcnt_t, mp_srcptr, mp_size_t, mp_ptr);
+#define mpn_sec_powm_itch __MPN(sec_powm_itch)
+__GMP_DECLSPEC mp_size_t mpn_sec_powm_itch (mp_size_t, mp_bitcnt_t, mp_size_t) __GMP_ATTRIBUTE_PURE;
+
+#define mpn_sec_tabselect __MPN(sec_tabselect)
+__GMP_DECLSPEC void mpn_sec_tabselect (volatile mp_limb_t *, volatile const mp_limb_t *, mp_size_t, mp_size_t, mp_size_t);
+
+#define mpn_sec_div_qr __MPN(sec_div_qr)
+__GMP_DECLSPEC mp_limb_t mpn_sec_div_qr (mp_ptr, mp_ptr, mp_size_t, mp_srcptr, mp_size_t, mp_ptr);
+#define mpn_sec_div_qr_itch __MPN(sec_div_qr_itch)
+__GMP_DECLSPEC mp_size_t mpn_sec_div_qr_itch (mp_size_t, mp_size_t) __GMP_ATTRIBUTE_PURE;
+#define mpn_sec_div_r __MPN(sec_div_r)
+__GMP_DECLSPEC void mpn_sec_div_r (mp_ptr, mp_size_t, mp_srcptr, mp_size_t, mp_ptr);
+#define mpn_sec_div_r_itch __MPN(sec_div_r_itch)
+__GMP_DECLSPEC mp_size_t mpn_sec_div_r_itch (mp_size_t, mp_size_t) __GMP_ATTRIBUTE_PURE;
+
+#define mpn_sec_invert __MPN(sec_invert)
+__GMP_DECLSPEC int mpn_sec_invert (mp_ptr, mp_ptr, mp_srcptr, mp_size_t, mp_bitcnt_t, mp_ptr);
+#define mpn_sec_invert_itch __MPN(sec_invert_itch)
+__GMP_DECLSPEC mp_size_t mpn_sec_invert_itch (mp_size_t) __GMP_ATTRIBUTE_PURE;
+
+
+/**************** mpz inlines ****************/
+
+/* The following are provided as inlines where possible, but always exist as
+   library functions too, for binary compatibility.
+
+   Within gmp itself this inlining generally isn't relied on, since it
+   doesn't get done for all compilers, whereas if something is worth
+   inlining then it's worth arranging always.
+
+   There are two styles of inlining here.  When the same bit of code is
+   wanted for the inline as for the library version, then __GMP_FORCE_foo
+   arranges for that code to be emitted and the __GMP_EXTERN_INLINE
+   directive suppressed, eg. mpz_fits_uint_p.  When a different bit of code
+   is wanted for the inline than for the library version, then
+   __GMP_FORCE_foo arranges the inline to be suppressed, eg. mpz_abs.  */
+
+#if defined (__GMP_EXTERN_INLINE) && ! defined (__GMP_FORCE_mpz_abs)
+__GMP_EXTERN_INLINE void
+mpz_abs (mpz_ptr __gmp_w, mpz_srcptr __gmp_u)
+{
+  if (__gmp_w != __gmp_u)
+    mpz_set (__gmp_w, __gmp_u);
+  __gmp_w->_mp_size = __GMP_ABS (__gmp_w->_mp_size);
+}
+#endif
+
+#if GMP_NAIL_BITS == 0
+#define __GMPZ_FITS_UTYPE_P(z,maxval)                                  \
+  mp_size_t  __gmp_n = z->_mp_size;                                    \
+  mp_ptr  __gmp_p = z->_mp_d;                                          \
+  return (__gmp_n == 0 || (__gmp_n == 1 && __gmp_p[0] <= maxval));
+#else
+#define __GMPZ_FITS_UTYPE_P(z,maxval)                                  \
+  mp_size_t  __gmp_n = z->_mp_size;                                    \
+  mp_ptr  __gmp_p = z->_mp_d;                                          \
+  return (__gmp_n == 0 || (__gmp_n == 1 && __gmp_p[0] <= maxval)       \
+         || (__gmp_n == 2 && __gmp_p[1] <= ((mp_limb_t) maxval >> GMP_NUMB_BITS)));
+#endif
+
+#if defined (__GMP_EXTERN_INLINE) || defined (__GMP_FORCE_mpz_fits_uint_p)
+#if ! defined (__GMP_FORCE_mpz_fits_uint_p)
+__GMP_EXTERN_INLINE
+#endif
+int
+mpz_fits_uint_p (mpz_srcptr __gmp_z) __GMP_NOTHROW
+{
+  __GMPZ_FITS_UTYPE_P (__gmp_z, __GMP_UINT_MAX);
+}
+#endif
+
+#if defined (__GMP_EXTERN_INLINE) || defined (__GMP_FORCE_mpz_fits_ulong_p)
+#if ! defined (__GMP_FORCE_mpz_fits_ulong_p)
+__GMP_EXTERN_INLINE
+#endif
+int
+mpz_fits_ulong_p (mpz_srcptr __gmp_z) __GMP_NOTHROW
+{
+  __GMPZ_FITS_UTYPE_P (__gmp_z, __GMP_ULONG_MAX);
+}
+#endif
+
+#if defined (__GMP_EXTERN_INLINE) || defined (__GMP_FORCE_mpz_fits_ushort_p)
+#if ! defined (__GMP_FORCE_mpz_fits_ushort_p)
+__GMP_EXTERN_INLINE
+#endif
+int
+mpz_fits_ushort_p (mpz_srcptr __gmp_z) __GMP_NOTHROW
+{
+  __GMPZ_FITS_UTYPE_P (__gmp_z, __GMP_USHRT_MAX);
+}
+#endif
+
+#if defined (__GMP_EXTERN_INLINE) || defined (__GMP_FORCE_mpz_get_ui)
+#if ! defined (__GMP_FORCE_mpz_get_ui)
+__GMP_EXTERN_INLINE
+#endif
+unsigned long
+mpz_get_ui (mpz_srcptr __gmp_z) __GMP_NOTHROW
+{
+  mp_ptr __gmp_p = __gmp_z->_mp_d;
+  mp_size_t __gmp_n = __gmp_z->_mp_size;
+  mp_limb_t __gmp_l = __gmp_p[0];
+  /* This is a "#if" rather than a plain "if" so as to avoid gcc warnings
+     about "<< GMP_NUMB_BITS" exceeding the type size, and to avoid Borland
+     C++ 6.0 warnings about condition always true for something like
+     "__GMP_ULONG_MAX < GMP_NUMB_MASK".  */
+#if GMP_NAIL_BITS == 0 || defined (_LONG_LONG_LIMB)
+  /* limb==long and no nails, or limb==longlong, one limb is enough */
+  return (__gmp_n != 0 ? __gmp_l : 0);
+#else
+  /* limb==long and nails, need two limbs when available */
+  __gmp_n = __GMP_ABS (__gmp_n);
+  if (__gmp_n <= 1)
+    return (__gmp_n != 0 ? __gmp_l : 0);
+  else
+    return __gmp_l + (__gmp_p[1] << GMP_NUMB_BITS);
+#endif
+}
+#endif
+
+#if defined (__GMP_EXTERN_INLINE) || defined (__GMP_FORCE_mpz_getlimbn)
+#if ! defined (__GMP_FORCE_mpz_getlimbn)
+__GMP_EXTERN_INLINE
+#endif
+mp_limb_t
+mpz_getlimbn (mpz_srcptr __gmp_z, mp_size_t __gmp_n) __GMP_NOTHROW
+{
+  mp_limb_t  __gmp_result = 0;
+  if (__GMP_LIKELY (__gmp_n >= 0 && __gmp_n < __GMP_ABS (__gmp_z->_mp_size)))
+    __gmp_result = __gmp_z->_mp_d[__gmp_n];
+  return __gmp_result;
+}
+#endif
+
+#if defined (__GMP_EXTERN_INLINE) && ! defined (__GMP_FORCE_mpz_neg)
+__GMP_EXTERN_INLINE void
+mpz_neg (mpz_ptr __gmp_w, mpz_srcptr __gmp_u)
+{
+  if (__gmp_w != __gmp_u)
+    mpz_set (__gmp_w, __gmp_u);
+  __gmp_w->_mp_size = - __gmp_w->_mp_size;
+}
+#endif
+
+#if defined (__GMP_EXTERN_INLINE) || defined (__GMP_FORCE_mpz_perfect_square_p)
+#if ! defined (__GMP_FORCE_mpz_perfect_square_p)
+__GMP_EXTERN_INLINE
+#endif
+int
+mpz_perfect_square_p (mpz_srcptr __gmp_a)
+{
+  mp_size_t __gmp_asize;
+  int       __gmp_result;
+
+  __gmp_asize = __gmp_a->_mp_size;
+  __gmp_result = (__gmp_asize >= 0);  /* zero is a square, negatives are not */
+  if (__GMP_LIKELY (__gmp_asize > 0))
+    __gmp_result = mpn_perfect_square_p (__gmp_a->_mp_d, __gmp_asize);
+  return __gmp_result;
+}
+#endif
+
+#if defined (__GMP_EXTERN_INLINE) || defined (__GMP_FORCE_mpz_popcount)
+#if ! defined (__GMP_FORCE_mpz_popcount)
+__GMP_EXTERN_INLINE
+#endif
+mp_bitcnt_t
+mpz_popcount (mpz_srcptr __gmp_u) __GMP_NOTHROW
+{
+  mp_size_t      __gmp_usize;
+  mp_bitcnt_t    __gmp_result;
+
+  __gmp_usize = __gmp_u->_mp_size;
+  __gmp_result = (__gmp_usize < 0 ? __GMP_ULONG_MAX : 0);
+  if (__GMP_LIKELY (__gmp_usize > 0))
+    __gmp_result =  mpn_popcount (__gmp_u->_mp_d, __gmp_usize);
+  return __gmp_result;
+}
+#endif
+
+#if defined (__GMP_EXTERN_INLINE) || defined (__GMP_FORCE_mpz_set_q)
+#if ! defined (__GMP_FORCE_mpz_set_q)
+__GMP_EXTERN_INLINE
+#endif
+void
+mpz_set_q (mpz_ptr __gmp_w, mpq_srcptr __gmp_u)
+{
+  mpz_tdiv_q (__gmp_w, mpq_numref (__gmp_u), mpq_denref (__gmp_u));
+}
+#endif
+
+#if defined (__GMP_EXTERN_INLINE) || defined (__GMP_FORCE_mpz_size)
+#if ! defined (__GMP_FORCE_mpz_size)
+__GMP_EXTERN_INLINE
+#endif
+size_t
+mpz_size (mpz_srcptr __gmp_z) __GMP_NOTHROW
+{
+  return __GMP_ABS (__gmp_z->_mp_size);
+}
+#endif
+
+
+/**************** mpq inlines ****************/
+
+#if defined (__GMP_EXTERN_INLINE) && ! defined (__GMP_FORCE_mpq_abs)
+__GMP_EXTERN_INLINE void
+mpq_abs (mpq_ptr __gmp_w, mpq_srcptr __gmp_u)
+{
+  if (__gmp_w != __gmp_u)
+    mpq_set (__gmp_w, __gmp_u);
+  __gmp_w->_mp_num._mp_size = __GMP_ABS (__gmp_w->_mp_num._mp_size);
+}
+#endif
+
+#if defined (__GMP_EXTERN_INLINE) && ! defined (__GMP_FORCE_mpq_neg)
+__GMP_EXTERN_INLINE void
+mpq_neg (mpq_ptr __gmp_w, mpq_srcptr __gmp_u)
+{
+  if (__gmp_w != __gmp_u)
+    mpq_set (__gmp_w, __gmp_u);
+  __gmp_w->_mp_num._mp_size = - __gmp_w->_mp_num._mp_size;
+}
+#endif
+
+
+/**************** mpn inlines ****************/
+
+/* The comments with __GMPN_ADD_1 below apply here too.
+
+   The test for FUNCTION returning 0 should predict well.  If it's assumed
+   {yp,ysize} will usually have a random number of bits then the high limb
+   won't be full and a carry out will occur a good deal less than 50% of the
+   time.
+
+   ysize==0 isn't a documented feature, but is used internally in a few
+   places.
+
+   Producing cout last stops it using up a register during the main part of
+   the calculation, though gcc (as of 3.0) on an "if (mpn_add (...))"
+   doesn't seem able to move the true and false legs of the conditional up
+   to the two places cout is generated.  */
+
+#define __GMPN_AORS(cout, wp, xp, xsize, yp, ysize, FUNCTION, TEST)     \
+  do {                                                                  \
+    mp_size_t  __gmp_i;                                                 \
+    mp_limb_t  __gmp_x;                                                 \
+                                                                        \
+    /* ASSERT ((ysize) >= 0); */                                        \
+    /* ASSERT ((xsize) >= (ysize)); */                                  \
+    /* ASSERT (MPN_SAME_OR_SEPARATE2_P (wp, xsize, xp, xsize)); */      \
+    /* ASSERT (MPN_SAME_OR_SEPARATE2_P (wp, xsize, yp, ysize)); */      \
+                                                                        \
+    __gmp_i = (ysize);                                                  \
+    if (__gmp_i != 0)                                                   \
+      {                                                                 \
+        if (FUNCTION (wp, xp, yp, __gmp_i))                             \
+          {                                                             \
+            do                                                          \
+              {                                                         \
+                if (__gmp_i >= (xsize))                                 \
+                  {                                                     \
+                    (cout) = 1;                                         \
+                    goto __gmp_done;                                    \
+                  }                                                     \
+                __gmp_x = (xp)[__gmp_i];                                \
+              }                                                         \
+            while (TEST);                                               \
+          }                                                             \
+      }                                                                 \
+    if ((wp) != (xp))                                                   \
+      __GMPN_COPY_REST (wp, xp, xsize, __gmp_i);                        \
+    (cout) = 0;                                                         \
+  __gmp_done:                                                           \
+    ;                                                                   \
+  } while (0)
+
+#define __GMPN_ADD(cout, wp, xp, xsize, yp, ysize)              \
+  __GMPN_AORS (cout, wp, xp, xsize, yp, ysize, mpn_add_n,       \
+               (((wp)[__gmp_i++] = (__gmp_x + 1) & GMP_NUMB_MASK) == 0))
+#define __GMPN_SUB(cout, wp, xp, xsize, yp, ysize)              \
+  __GMPN_AORS (cout, wp, xp, xsize, yp, ysize, mpn_sub_n,       \
+               (((wp)[__gmp_i++] = (__gmp_x - 1) & GMP_NUMB_MASK), __gmp_x == 0))
+
+
+/* The use of __gmp_i indexing is designed to ensure a compile time src==dst
+   remains nice and clear to the compiler, so that __GMPN_COPY_REST can
+   disappear, and the load/add/store gets a chance to become a
+   read-modify-write on CISC CPUs.
+
+   Alternatives:
+
+   Using a pair of pointers instead of indexing would be possible, but gcc
+   isn't able to recognise compile-time src==dst in that case, even when the
+   pointers are incremented more or less together.  Other compilers would
+   very likely have similar difficulty.
+
+   gcc could use "if (__builtin_constant_p(src==dst) && src==dst)" or
+   similar to detect a compile-time src==dst.  This works nicely on gcc
+   2.95.x, it's not good on gcc 3.0 where __builtin_constant_p(p==p) seems
+   to be always false, for a pointer p.  But the current code form seems
+   good enough for src==dst anyway.
+
+   gcc on x86 as usual doesn't give particularly good flags handling for the
+   carry/borrow detection.  It's tempting to want some multi instruction asm
+   blocks to help it, and this was tried, but in truth there's only a few
+   instructions to save and any gain is all too easily lost by register
+   juggling setting up for the asm.  */
+
+#if GMP_NAIL_BITS == 0
+#define __GMPN_AORS_1(cout, dst, src, n, v, OP, CB)            \
+  do {                                                         \
+    mp_size_t  __gmp_i;                                                \
+    mp_limb_t  __gmp_x, __gmp_r;                                \
+                                                               \
+    /* ASSERT ((n) >= 1); */                                   \
+    /* ASSERT (MPN_SAME_OR_SEPARATE_P (dst, src, n)); */       \
+                                                               \
+    __gmp_x = (src)[0];                                                \
+    __gmp_r = __gmp_x OP (v);                                   \
+    (dst)[0] = __gmp_r;                                                \
+    if (CB (__gmp_r, __gmp_x, (v)))                             \
+      {                                                                \
+       (cout) = 1;                                             \
+       for (__gmp_i = 1; __gmp_i < (n);)                       \
+         {                                                     \
+           __gmp_x = (src)[__gmp_i];                           \
+           __gmp_r = __gmp_x OP 1;                             \
+           (dst)[__gmp_i] = __gmp_r;                           \
+           ++__gmp_i;                                          \
+           if (!CB (__gmp_r, __gmp_x, 1))                      \
+             {                                                 \
+               if ((src) != (dst))                             \
+                 __GMPN_COPY_REST (dst, src, n, __gmp_i);      \
+               (cout) = 0;                                     \
+               break;                                          \
+             }                                                 \
+         }                                                     \
+      }                                                                \
+    else                                                       \
+      {                                                                \
+       if ((src) != (dst))                                     \
+         __GMPN_COPY_REST (dst, src, n, 1);                    \
+       (cout) = 0;                                             \
+      }                                                                \
+  } while (0)
+#endif
+
+#if GMP_NAIL_BITS >= 1
+#define __GMPN_AORS_1(cout, dst, src, n, v, OP, CB)            \
+  do {                                                         \
+    mp_size_t  __gmp_i;                                                \
+    mp_limb_t  __gmp_x, __gmp_r;                               \
+                                                               \
+    /* ASSERT ((n) >= 1); */                                   \
+    /* ASSERT (MPN_SAME_OR_SEPARATE_P (dst, src, n)); */       \
+                                                               \
+    __gmp_x = (src)[0];                                                \
+    __gmp_r = __gmp_x OP (v);                                  \
+    (dst)[0] = __gmp_r & GMP_NUMB_MASK;                                \
+    if (__gmp_r >> GMP_NUMB_BITS != 0)                         \
+      {                                                                \
+       (cout) = 1;                                             \
+       for (__gmp_i = 1; __gmp_i < (n);)                       \
+         {                                                     \
+           __gmp_x = (src)[__gmp_i];                           \
+           __gmp_r = __gmp_x OP 1;                             \
+           (dst)[__gmp_i] = __gmp_r & GMP_NUMB_MASK;           \
+           ++__gmp_i;                                          \
+           if (__gmp_r >> GMP_NUMB_BITS == 0)                  \
+             {                                                 \
+               if ((src) != (dst))                             \
+                 __GMPN_COPY_REST (dst, src, n, __gmp_i);      \
+               (cout) = 0;                                     \
+               break;                                          \
+             }                                                 \
+         }                                                     \
+      }                                                                \
+    else                                                       \
+      {                                                                \
+       if ((src) != (dst))                                     \
+         __GMPN_COPY_REST (dst, src, n, 1);                    \
+       (cout) = 0;                                             \
+      }                                                                \
+  } while (0)
+#endif
+
+#define __GMPN_ADDCB(r,x,y) ((r) < (y))
+#define __GMPN_SUBCB(r,x,y) ((x) < (y))
+
+#define __GMPN_ADD_1(cout, dst, src, n, v)          \
+  __GMPN_AORS_1(cout, dst, src, n, v, +, __GMPN_ADDCB)
+#define __GMPN_SUB_1(cout, dst, src, n, v)          \
+  __GMPN_AORS_1(cout, dst, src, n, v, -, __GMPN_SUBCB)
+
+
+/* Compare {xp,size} and {yp,size}, setting "result" to positive, zero or
+   negative.  size==0 is allowed.  On random data usually only one limb will
+   need to be examined to get a result, so it's worth having it inline.  */
+#define __GMPN_CMP(result, xp, yp, size)                                \
+  do {                                                                  \
+    mp_size_t  __gmp_i;                                                 \
+    mp_limb_t  __gmp_x, __gmp_y;                                        \
+                                                                        \
+    /* ASSERT ((size) >= 0); */                                         \
+                                                                        \
+    (result) = 0;                                                       \
+    __gmp_i = (size);                                                   \
+    while (--__gmp_i >= 0)                                              \
+      {                                                                 \
+        __gmp_x = (xp)[__gmp_i];                                        \
+        __gmp_y = (yp)[__gmp_i];                                        \
+        if (__gmp_x != __gmp_y)                                         \
+          {                                                             \
+            /* Cannot use __gmp_x - __gmp_y, may overflow an "int" */   \
+            (result) = (__gmp_x > __gmp_y ? 1 : -1);                    \
+            break;                                                      \
+          }                                                             \
+      }                                                                 \
+  } while (0)
+
+
+#if defined (__GMPN_COPY) && ! defined (__GMPN_COPY_REST)
+#define __GMPN_COPY_REST(dst, src, size, start)                 \
+  do {                                                          \
+    /* ASSERT ((start) >= 0); */                                \
+    /* ASSERT ((start) <= (size)); */                           \
+    __GMPN_COPY ((dst)+(start), (src)+(start), (size)-(start)); \
+  } while (0)
+#endif
+
+/* Copy {src,size} to {dst,size}, starting at "start".  This is designed to
+   keep the indexing dst[j] and src[j] nice and simple for __GMPN_ADD_1,
+   __GMPN_ADD, etc.  */
+#if ! defined (__GMPN_COPY_REST)
+#define __GMPN_COPY_REST(dst, src, size, start)                 \
+  do {                                                          \
+    mp_size_t __gmp_j;                                          \
+    /* ASSERT ((size) >= 0); */                                 \
+    /* ASSERT ((start) >= 0); */                                \
+    /* ASSERT ((start) <= (size)); */                           \
+    /* ASSERT (MPN_SAME_OR_SEPARATE_P (dst, src, size)); */     \
+    __GMP_CRAY_Pragma ("_CRI ivdep");                           \
+    for (__gmp_j = (start); __gmp_j < (size); __gmp_j++)        \
+      (dst)[__gmp_j] = (src)[__gmp_j];                          \
+  } while (0)
+#endif
+
+/* Enhancement: Use some of the smarter code from gmp-impl.h.  Maybe use
+   mpn_copyi if there's a native version, and if we don't mind demanding
+   binary compatibility for it (on targets which use it).  */
+
+#if ! defined (__GMPN_COPY)
+#define __GMPN_COPY(dst, src, size)   __GMPN_COPY_REST (dst, src, size, 0)
+#endif
+
+
+#if defined (__GMP_EXTERN_INLINE) || defined (__GMP_FORCE_mpn_add)
+#if ! defined (__GMP_FORCE_mpn_add)
+__GMP_EXTERN_INLINE
+#endif
+mp_limb_t
+mpn_add (mp_ptr __gmp_wp, mp_srcptr __gmp_xp, mp_size_t __gmp_xsize, mp_srcptr __gmp_yp, mp_size_t __gmp_ysize)
+{
+  mp_limb_t  __gmp_c;
+  __GMPN_ADD (__gmp_c, __gmp_wp, __gmp_xp, __gmp_xsize, __gmp_yp, __gmp_ysize);
+  return __gmp_c;
+}
+#endif
+
+#if defined (__GMP_EXTERN_INLINE) || defined (__GMP_FORCE_mpn_add_1)
+#if ! defined (__GMP_FORCE_mpn_add_1)
+__GMP_EXTERN_INLINE
+#endif
+mp_limb_t
+mpn_add_1 (mp_ptr __gmp_dst, mp_srcptr __gmp_src, mp_size_t __gmp_size, mp_limb_t __gmp_n) __GMP_NOTHROW
+{
+  mp_limb_t  __gmp_c;
+  __GMPN_ADD_1 (__gmp_c, __gmp_dst, __gmp_src, __gmp_size, __gmp_n);
+  return __gmp_c;
+}
+#endif
+
+#if defined (__GMP_EXTERN_INLINE) || defined (__GMP_FORCE_mpn_cmp)
+#if ! defined (__GMP_FORCE_mpn_cmp)
+__GMP_EXTERN_INLINE
+#endif
+int
+mpn_cmp (mp_srcptr __gmp_xp, mp_srcptr __gmp_yp, mp_size_t __gmp_size) __GMP_NOTHROW
+{
+  int __gmp_result;
+  __GMPN_CMP (__gmp_result, __gmp_xp, __gmp_yp, __gmp_size);
+  return __gmp_result;
+}
+#endif
+
+#if defined (__GMP_EXTERN_INLINE) || defined (__GMP_FORCE_mpn_sub)
+#if ! defined (__GMP_FORCE_mpn_sub)
+__GMP_EXTERN_INLINE
+#endif
+mp_limb_t
+mpn_sub (mp_ptr __gmp_wp, mp_srcptr __gmp_xp, mp_size_t __gmp_xsize, mp_srcptr __gmp_yp, mp_size_t __gmp_ysize)
+{
+  mp_limb_t  __gmp_c;
+  __GMPN_SUB (__gmp_c, __gmp_wp, __gmp_xp, __gmp_xsize, __gmp_yp, __gmp_ysize);
+  return __gmp_c;
+}
+#endif
+
+#if defined (__GMP_EXTERN_INLINE) || defined (__GMP_FORCE_mpn_sub_1)
+#if ! defined (__GMP_FORCE_mpn_sub_1)
+__GMP_EXTERN_INLINE
+#endif
+mp_limb_t
+mpn_sub_1 (mp_ptr __gmp_dst, mp_srcptr __gmp_src, mp_size_t __gmp_size, mp_limb_t __gmp_n) __GMP_NOTHROW
+{
+  mp_limb_t  __gmp_c;
+  __GMPN_SUB_1 (__gmp_c, __gmp_dst, __gmp_src, __gmp_size, __gmp_n);
+  return __gmp_c;
+}
+#endif
+
+#if defined (__GMP_EXTERN_INLINE) || defined (__GMP_FORCE_mpn_neg)
+#if ! defined (__GMP_FORCE_mpn_neg)
+__GMP_EXTERN_INLINE
+#endif
+mp_limb_t
+mpn_neg (mp_ptr __gmp_rp, mp_srcptr __gmp_up, mp_size_t __gmp_n)
+{
+  mp_limb_t __gmp_ul, __gmp_cy;
+  __gmp_cy = 0;
+  do {
+      __gmp_ul = *__gmp_up++;
+      *__gmp_rp++ = -__gmp_ul - __gmp_cy;
+      __gmp_cy |= __gmp_ul != 0;
+  } while (--__gmp_n != 0);
+  return __gmp_cy;
+}
+#endif
+
+#if defined (__cplusplus)
+}
+#endif
+
+
+/* Allow faster testing for negative, zero, and positive.  */
+#define mpz_sgn(Z) ((Z)->_mp_size < 0 ? -1 : (Z)->_mp_size > 0)
+#define mpf_sgn(F) ((F)->_mp_size < 0 ? -1 : (F)->_mp_size > 0)
+#define mpq_sgn(Q) ((Q)->_mp_num._mp_size < 0 ? -1 : (Q)->_mp_num._mp_size > 0)
+
+/* When using GCC, optimize certain common comparisons.  */
+#if defined (__GNUC__) && __GNUC__ >= 2
+#define mpz_cmp_ui(Z,UI) \
+  (__builtin_constant_p (UI) && (UI) == 0                              \
+   ? mpz_sgn (Z) : _mpz_cmp_ui (Z,UI))
+#define mpz_cmp_si(Z,SI)                                               \
+  (__builtin_constant_p ((SI) >= 0) && (SI) >= 0                       \
+   ? mpz_cmp_ui (Z, __GMP_CAST (unsigned long, SI))                    \
+   : _mpz_cmp_si (Z,SI))
+#define mpq_cmp_ui(Q,NUI,DUI)                                  \
+  (__builtin_constant_p (NUI) && (NUI) == 0 ? mpq_sgn (Q)      \
+   : __builtin_constant_p ((NUI) == (DUI)) && (NUI) == (DUI)   \
+   ? mpz_cmp (mpq_numref (Q), mpq_denref (Q))                  \
+   : _mpq_cmp_ui (Q,NUI,DUI))
+#define mpq_cmp_si(q,n,d)                              \
+  (__builtin_constant_p ((n) >= 0) && (n) >= 0         \
+   ? mpq_cmp_ui (q, __GMP_CAST (unsigned long, n), d)  \
+   : _mpq_cmp_si (q, n, d))
+#else
+#define mpz_cmp_ui(Z,UI) _mpz_cmp_ui (Z,UI)
+#define mpz_cmp_si(Z,UI) _mpz_cmp_si (Z,UI)
+#define mpq_cmp_ui(Q,NUI,DUI) _mpq_cmp_ui (Q,NUI,DUI)
+#define mpq_cmp_si(q,n,d)  _mpq_cmp_si(q,n,d)
+#endif
+
+
+/* Using "&" rather than "&&" means these can come out branch-free.  Every
+   mpz_t has at least one limb allocated, so fetching the low limb is always
+   allowed.  */
+#define mpz_odd_p(z)   (((z)->_mp_size != 0) & __GMP_CAST (int, (z)->_mp_d[0]))
+#define mpz_even_p(z)  (! mpz_odd_p (z))
+
+
+/**************** C++ routines ****************/
+
+#ifdef __cplusplus
+__GMP_DECLSPEC_XX std::ostream& operator<< (std::ostream &, mpz_srcptr);
+__GMP_DECLSPEC_XX std::ostream& operator<< (std::ostream &, mpq_srcptr);
+__GMP_DECLSPEC_XX std::ostream& operator<< (std::ostream &, mpf_srcptr);
+__GMP_DECLSPEC_XX std::istream& operator>> (std::istream &, mpz_ptr);
+__GMP_DECLSPEC_XX std::istream& operator>> (std::istream &, mpq_ptr);
+__GMP_DECLSPEC_XX std::istream& operator>> (std::istream &, mpf_ptr);
+#endif
+
+
+/* Source-level compatibility with GMP 2 and earlier. */
+#define mpn_divmod(qp,np,nsize,dp,dsize) \
+  mpn_divrem (qp, __GMP_CAST (mp_size_t, 0), np, nsize, dp, dsize)
+
+/* Source-level compatibility with GMP 1.  */
+#define mpz_mdiv       mpz_fdiv_q
+#define mpz_mdivmod    mpz_fdiv_qr
+#define mpz_mmod       mpz_fdiv_r
+#define mpz_mdiv_ui    mpz_fdiv_q_ui
+#define mpz_mdivmod_ui(q,r,n,d) \
+  (((r) == 0) ? mpz_fdiv_q_ui (q,n,d) : mpz_fdiv_qr_ui (q,r,n,d))
+#define mpz_mmod_ui(r,n,d) \
+  (((r) == 0) ? mpz_fdiv_ui (n,d) : mpz_fdiv_r_ui (r,n,d))
+
+/* Useful synonyms, but not quite compatible with GMP 1.  */
+#define mpz_div                mpz_fdiv_q
+#define mpz_divmod     mpz_fdiv_qr
+#define mpz_div_ui     mpz_fdiv_q_ui
+#define mpz_divmod_ui  mpz_fdiv_qr_ui
+#define mpz_div_2exp   mpz_fdiv_q_2exp
+#define mpz_mod_2exp   mpz_fdiv_r_2exp
+
+enum
+{
+  GMP_ERROR_NONE = 0,
+  GMP_ERROR_UNSUPPORTED_ARGUMENT = 1,
+  GMP_ERROR_DIVISION_BY_ZERO = 2,
+  GMP_ERROR_SQRT_OF_NEGATIVE = 4,
+  GMP_ERROR_INVALID_ARGUMENT = 8
+};
+
+/* Define CC and CFLAGS which were used to build this version of GMP */
+#define __GMP_CC "i686-w64-mingw32-gcc -std=gnu99"
+#define __GMP_CFLAGS "-m32 -O2 -pedantic -fomit-frame-pointer"
+
+/* Major version number is the value of __GNU_MP__ too, above and in mp.h. */
+#define __GNU_MP_VERSION            6
+#define __GNU_MP_VERSION_MINOR      0
+#define __GNU_MP_VERSION_PATCHLEVEL 0
+#define __GNU_MP_RELEASE (__GNU_MP_VERSION * 10000 + __GNU_MP_VERSION_MINOR * 100 + __GNU_MP_VERSION_PATCHLEVEL)
+
+#define __GMP_H__
+#endif /* __GMP_H__ */
diff --git a/reactos/include/reactos/libs/gnutls/gnutls/abstract.h b/reactos/include/reactos/libs/gnutls/gnutls/abstract.h
new file mode 100644 (file)
index 0000000..4f52bdd
--- /dev/null
@@ -0,0 +1,454 @@
+/*
+ * Copyright (C) 2010-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef __GNUTLS_ABSTRACT_H
+#define __GNUTLS_ABSTRACT_H
+
+#include <gnutls/gnutls.h>
+#include <gnutls/x509.h>
+#include <gnutls/pkcs11.h>
+#include <gnutls/openpgp.h>
+#include <gnutls/tpm.h>
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+extern "C" {
+#endif
+/* *INDENT-ON* */
+
+/* Public key operations */
+
+#define GNUTLS_PUBKEY_VERIFY_FLAG_TLS_RSA GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA
+/**
+ * gnutls_pubkey_flags:
+ * @GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA: This indicates that a (raw) RSA signature is provided
+ *   as in the TLS 1.0 protocol.
+ * @GNUTLS_PUBKEY_DISABLE_CALLBACKS: The following flag disables call to PIN callbacks. Only
+ *   relevant to TPM keys.
+ * @GNUTLS_PUBKEY_GET_OPENPGP_FINGERPRINT: request an OPENPGP fingerprint instead of the default.
+ *
+ * Enumeration of different certificate import flags.
+ */
+typedef enum gnutls_pubkey_flags {
+       GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA = 1,
+       GNUTLS_PUBKEY_DISABLE_CALLBACKS = 1 << 2,
+       GNUTLS_PUBKEY_GET_OPENPGP_FINGERPRINT = 1 << 3,
+} gnutls_pubkey_flags_t;
+
+typedef int (*gnutls_privkey_sign_func) (gnutls_privkey_t key,
+                                        void *userdata,
+                                        const gnutls_datum_t *
+                                        raw_data,
+                                        gnutls_datum_t * signature);
+typedef int (*gnutls_privkey_decrypt_func) (gnutls_privkey_t key,
+                                           void *userdata,
+                                           const gnutls_datum_t *
+                                           ciphertext,
+                                           gnutls_datum_t * plaintext);
+
+typedef void (*gnutls_privkey_deinit_func) (gnutls_privkey_t key,
+                                           void *userdata);
+
+int gnutls_pubkey_init(gnutls_pubkey_t * key);
+void gnutls_pubkey_deinit(gnutls_pubkey_t key);
+
+void gnutls_pubkey_set_pin_function(gnutls_pubkey_t key,
+                                   gnutls_pin_callback_t fn,
+                                   void *userdata);
+
+int gnutls_pubkey_get_pk_algorithm(gnutls_pubkey_t key,
+                                  unsigned int *bits);
+
+int gnutls_pubkey_import_x509(gnutls_pubkey_t key,
+                             gnutls_x509_crt_t crt, unsigned int flags);
+int gnutls_pubkey_import_x509_crq(gnutls_pubkey_t key,
+                                 gnutls_x509_crq_t crq,
+                                 unsigned int flags);
+int gnutls_pubkey_import_pkcs11(gnutls_pubkey_t key,
+                               gnutls_pkcs11_obj_t obj,
+                               unsigned int flags);
+int gnutls_pubkey_import_openpgp(gnutls_pubkey_t key,
+                                gnutls_openpgp_crt_t crt,
+                                unsigned int flags);
+
+int gnutls_pubkey_import_openpgp_raw(gnutls_pubkey_t pkey,
+                                    const gnutls_datum_t * data,
+                                    gnutls_openpgp_crt_fmt_t
+                                    format,
+                                    const gnutls_openpgp_keyid_t
+                                    keyid, unsigned int flags);
+int gnutls_pubkey_import_x509_raw(gnutls_pubkey_t pkey,
+                                 const gnutls_datum_t * data,
+                                 gnutls_x509_crt_fmt_t format,
+                                 unsigned int flags);
+
+int
+gnutls_pubkey_import_privkey(gnutls_pubkey_t key,
+                            gnutls_privkey_t pkey,
+                            unsigned int usage, unsigned int flags);
+
+int
+gnutls_pubkey_import_tpm_url(gnutls_pubkey_t pkey,
+                            const char *url,
+                            const char *srk_password, unsigned int flags);
+
+int
+gnutls_pubkey_import_url(gnutls_pubkey_t key, const char *url,
+                        unsigned int flags);
+
+int
+gnutls_pubkey_import_tpm_raw(gnutls_pubkey_t pkey,
+                            const gnutls_datum_t * fdata,
+                            gnutls_tpmkey_fmt_t format,
+                            const char *srk_password, unsigned int flags);
+
+int gnutls_pubkey_get_preferred_hash_algorithm(gnutls_pubkey_t key,
+                                              gnutls_digest_algorithm_t
+                                              * hash, unsigned int *mand);
+
+int gnutls_pubkey_get_pk_rsa_raw(gnutls_pubkey_t key,
+                                gnutls_datum_t * m, gnutls_datum_t * e);
+int gnutls_pubkey_get_pk_dsa_raw(gnutls_pubkey_t key,
+                                gnutls_datum_t * p,
+                                gnutls_datum_t * q,
+                                gnutls_datum_t * g, gnutls_datum_t * y);
+int gnutls_pubkey_get_pk_ecc_raw(gnutls_pubkey_t key,
+                                gnutls_ecc_curve_t * curve,
+                                gnutls_datum_t * x, gnutls_datum_t * y);
+int gnutls_pubkey_get_pk_ecc_x962(gnutls_pubkey_t key,
+                                 gnutls_datum_t * parameters,
+                                 gnutls_datum_t * ecpoint);
+
+int gnutls_pubkey_export(gnutls_pubkey_t key,
+                        gnutls_x509_crt_fmt_t format,
+                        void *output_data, size_t * output_data_size);
+
+int gnutls_pubkey_export2(gnutls_pubkey_t key,
+                         gnutls_x509_crt_fmt_t format,
+                         gnutls_datum_t * out);
+
+int gnutls_pubkey_get_key_id(gnutls_pubkey_t key,
+                            unsigned int flags,
+                            unsigned char *output_data,
+                            size_t * output_data_size);
+
+int
+gnutls_pubkey_get_openpgp_key_id(gnutls_pubkey_t key,
+                                unsigned int flags,
+                                unsigned char *output_data,
+                                size_t * output_data_size,
+                                unsigned int *subkey);
+
+int gnutls_pubkey_get_key_usage(gnutls_pubkey_t key, unsigned int *usage);
+int gnutls_pubkey_set_key_usage(gnutls_pubkey_t key, unsigned int usage);
+
+int gnutls_pubkey_import(gnutls_pubkey_t key,
+                        const gnutls_datum_t * data,
+                        gnutls_x509_crt_fmt_t format);
+
+
+int gnutls_pubkey_import_pkcs11_url(gnutls_pubkey_t key,
+                                   const char *url, unsigned int flags
+                                   /* GNUTLS_PKCS11_OBJ_FLAG_* */
+    );
+int gnutls_pubkey_import_dsa_raw(gnutls_pubkey_t key,
+                                const gnutls_datum_t * p,
+                                const gnutls_datum_t * q,
+                                const gnutls_datum_t * g,
+                                const gnutls_datum_t * y);
+int gnutls_pubkey_import_rsa_raw(gnutls_pubkey_t key,
+                                const gnutls_datum_t * m,
+                                const gnutls_datum_t * e);
+
+int
+gnutls_pubkey_import_ecc_x962(gnutls_pubkey_t key,
+                             const gnutls_datum_t * parameters,
+                             const gnutls_datum_t * ecpoint);
+
+int
+gnutls_pubkey_import_ecc_raw(gnutls_pubkey_t key,
+                            gnutls_ecc_curve_t curve,
+                            const gnutls_datum_t * x,
+                            const gnutls_datum_t * y);
+
+int
+gnutls_pubkey_encrypt_data(gnutls_pubkey_t key,
+                          unsigned int flags,
+                          const gnutls_datum_t * plaintext,
+                          gnutls_datum_t * ciphertext);
+
+int gnutls_x509_crt_set_pubkey(gnutls_x509_crt_t crt, gnutls_pubkey_t key);
+
+int gnutls_x509_crq_set_pubkey(gnutls_x509_crq_t crq, gnutls_pubkey_t key);
+
+int
+gnutls_pubkey_verify_hash2(gnutls_pubkey_t key,
+                          gnutls_sign_algorithm_t algo,
+                          unsigned int flags,
+                          const gnutls_datum_t * hash,
+                          const gnutls_datum_t * signature);
+
+int
+gnutls_pubkey_get_verify_algorithm(gnutls_pubkey_t key,
+                                  const gnutls_datum_t *
+                                  signature,
+                                  gnutls_digest_algorithm_t * hash);
+
+int
+gnutls_pubkey_verify_data2(gnutls_pubkey_t pubkey,
+                          gnutls_sign_algorithm_t algo,
+                          unsigned int flags,
+                          const gnutls_datum_t * data,
+                          const gnutls_datum_t * signature);
+
+/* Private key operations */
+
+int gnutls_privkey_init(gnutls_privkey_t * key);
+void gnutls_privkey_deinit(gnutls_privkey_t key);
+
+void gnutls_privkey_set_pin_function(gnutls_privkey_t key,
+                                    gnutls_pin_callback_t fn,
+                                    void *userdata);
+
+int gnutls_privkey_get_pk_algorithm(gnutls_privkey_t key,
+                                   unsigned int *bits);
+gnutls_privkey_type_t gnutls_privkey_get_type(gnutls_privkey_t key);
+int gnutls_privkey_status(gnutls_privkey_t key);
+
+/**
+ * gnutls_privkey_flags:
+ * @GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA: Make an RSA signature on the hashed data as in the TLS protocol.
+ * @GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE: When importing a private key, automatically
+ *   release it when the structure it was imported is released.
+ * @GNUTLS_PRIVKEY_IMPORT_COPY: Copy required values during import.
+ * @GNUTLS_PRIVKEY_DISABLE_CALLBACKS: The following flag disables call to PIN callbacks etc.
+ *   Only relevant to TPM keys.
+ *
+ * Enumeration of different certificate import flags.
+ */
+typedef enum gnutls_privkey_flags {
+       GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE = 1,
+       GNUTLS_PRIVKEY_IMPORT_COPY = 1 << 1,
+       GNUTLS_PRIVKEY_DISABLE_CALLBACKS = 1 << 2,
+       GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA = 1 << 4,
+} gnutls_privkey_flags_t;
+
+int gnutls_privkey_import_pkcs11(gnutls_privkey_t pkey,
+                                gnutls_pkcs11_privkey_t key,
+                                unsigned int flags);
+int gnutls_privkey_import_x509(gnutls_privkey_t pkey,
+                              gnutls_x509_privkey_t key,
+                              unsigned int flags);
+int gnutls_privkey_import_openpgp(gnutls_privkey_t pkey,
+                                 gnutls_openpgp_privkey_t key,
+                                 unsigned int flags);
+
+int gnutls_privkey_import_openpgp_raw(gnutls_privkey_t pkey,
+                                     const gnutls_datum_t * data,
+                                     gnutls_openpgp_crt_fmt_t
+                                     format,
+                                     const gnutls_openpgp_keyid_t
+                                     keyid, const char *password);
+
+int gnutls_privkey_import_x509_raw(gnutls_privkey_t pkey,
+                                  const gnutls_datum_t * data,
+                                  gnutls_x509_crt_fmt_t format,
+                                  const char *password,
+                                  unsigned int flags);
+
+int
+gnutls_privkey_import_tpm_raw(gnutls_privkey_t pkey,
+                             const gnutls_datum_t * fdata,
+                             gnutls_tpmkey_fmt_t format,
+                             const char *srk_password,
+                             const char *key_password,
+                             unsigned int flags);
+
+int
+gnutls_privkey_import_tpm_url(gnutls_privkey_t pkey,
+                             const char *url,
+                             const char *srk_password,
+                             const char *key_password,
+                             unsigned int flags);
+
+int gnutls_privkey_import_url(gnutls_privkey_t key,
+                             const char *url, unsigned int flags);
+
+int gnutls_privkey_import_pkcs11_url(gnutls_privkey_t key,
+                                    const char *url);
+
+int
+gnutls_privkey_import_ext(gnutls_privkey_t pkey,
+                         gnutls_pk_algorithm_t pk,
+                         void *userdata,
+                         gnutls_privkey_sign_func sign_func,
+                         gnutls_privkey_decrypt_func
+                         decrypt_func, unsigned int flags);
+
+int
+gnutls_privkey_import_ext2(gnutls_privkey_t pkey,
+                          gnutls_pk_algorithm_t pk,
+                          void *userdata,
+                          gnutls_privkey_sign_func sign_func,
+                          gnutls_privkey_decrypt_func
+                          decrypt_func,
+                          gnutls_privkey_deinit_func deinit_func,
+                          unsigned int flags);
+
+int gnutls_privkey_sign_data(gnutls_privkey_t signer,
+                            gnutls_digest_algorithm_t hash,
+                            unsigned int flags,
+                            const gnutls_datum_t * data,
+                            gnutls_datum_t * signature);
+
+int gnutls_privkey_sign_hash(gnutls_privkey_t signer,
+                            gnutls_digest_algorithm_t hash_algo,
+                            unsigned int flags,
+                            const gnutls_datum_t * hash_data,
+                            gnutls_datum_t * signature);
+
+
+int gnutls_privkey_decrypt_data(gnutls_privkey_t key,
+                               unsigned int flags,
+                               const gnutls_datum_t * ciphertext,
+                               gnutls_datum_t * plaintext);
+
+int gnutls_x509_crt_privkey_sign(gnutls_x509_crt_t crt,
+                                gnutls_x509_crt_t issuer,
+                                gnutls_privkey_t issuer_key,
+                                gnutls_digest_algorithm_t dig,
+                                unsigned int flags);
+
+int gnutls_x509_crl_privkey_sign(gnutls_x509_crl_t crl,
+                                gnutls_x509_crt_t issuer,
+                                gnutls_privkey_t issuer_key,
+                                gnutls_digest_algorithm_t dig,
+                                unsigned int flags);
+
+int gnutls_x509_crq_privkey_sign(gnutls_x509_crq_t crq,
+                                gnutls_privkey_t key,
+                                gnutls_digest_algorithm_t dig,
+                                unsigned int flags);
+
+/**
+ * gnutls_pcert_st:
+ * @pubkey: public key of parsed certificate.
+ * @cert: certificate itself of parsed certificate
+ * @type: type of certificate, a #gnutls_certificate_type_t type.
+ *
+ * A parsed certificate.
+ */
+typedef struct gnutls_pcert_st {
+       gnutls_pubkey_t pubkey;
+       gnutls_datum_t cert;
+       gnutls_certificate_type_t type;
+} gnutls_pcert_st;
+
+/* Do not initialize the "cert" element of
+ * the certificate */
+#define GNUTLS_PCERT_NO_CERT 1
+
+int gnutls_pcert_import_x509(gnutls_pcert_st * pcert,
+                            gnutls_x509_crt_t crt, unsigned int flags);
+
+int
+gnutls_pcert_list_import_x509_raw(gnutls_pcert_st * pcerts,
+                                 unsigned int *pcert_max,
+                                 const gnutls_datum_t * data,
+                                 gnutls_x509_crt_fmt_t format,
+                                 unsigned int flags);
+
+int gnutls_pcert_import_x509_raw(gnutls_pcert_st * pcert,
+                                const gnutls_datum_t * cert,
+                                gnutls_x509_crt_fmt_t format,
+                                unsigned int flags);
+
+int gnutls_pcert_import_openpgp_raw(gnutls_pcert_st * pcert,
+                                   const gnutls_datum_t * cert,
+                                   gnutls_openpgp_crt_fmt_t
+                                   format,
+                                   gnutls_openpgp_keyid_t keyid,
+                                   unsigned int flags);
+
+int gnutls_pcert_import_openpgp(gnutls_pcert_st * pcert,
+                               gnutls_openpgp_crt_t crt,
+                               unsigned int flags);
+
+void gnutls_pcert_deinit(gnutls_pcert_st * pcert);
+
+/* For certificate credentials */
+       /* This is the same as gnutls_certificate_retrieve_function()
+        * but retrieves a gnutls_pcert_st which requires much less processing
+        * within the library.
+        */
+typedef int gnutls_certificate_retrieve_function2(gnutls_session_t,
+                                                 const
+                                                 gnutls_datum_t *
+                                                 req_ca_rdn,
+                                                 int nreqs, const
+                                                 gnutls_pk_algorithm_t
+                                                 * pk_algos,
+                                                 int
+                                                 pk_algos_length,
+                                                 gnutls_pcert_st
+                                                 **, unsigned int
+                                                 *pcert_length,
+                                                 gnutls_privkey_t
+                                                 * privkey);
+
+
+void gnutls_certificate_set_retrieve_function2
+    (gnutls_certificate_credentials_t cred,
+     gnutls_certificate_retrieve_function2 * func);
+
+int
+gnutls_certificate_set_key(gnutls_certificate_credentials_t res,
+                          const char **names,
+                          int names_size,
+                          gnutls_pcert_st * pcert_list,
+                          int pcert_list_size, gnutls_privkey_t key);
+
+#include <gnutls/compat.h>
+
+int gnutls_pubkey_verify_data(gnutls_pubkey_t pubkey,
+                             unsigned int flags,
+                             const gnutls_datum_t * data,
+                             const gnutls_datum_t *
+                             signature) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_pubkey_verify_hash(gnutls_pubkey_t key,
+                             unsigned int flags,
+                             const gnutls_datum_t * hash,
+                             const gnutls_datum_t *
+                             signature) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int
+gnutls_pubkey_print(gnutls_pubkey_t pubkey,
+                   gnutls_certificate_print_formats_t format,
+                   gnutls_datum_t * out);
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+}
+#endif
+/* *INDENT-ON* */
+#endif
diff --git a/reactos/include/reactos/libs/gnutls/gnutls/compat.h b/reactos/include/reactos/libs/gnutls/gnutls/compat.h
new file mode 100644 (file)
index 0000000..7fa7a91
--- /dev/null
@@ -0,0 +1,401 @@
+/*
+ * Copyright (C) 2008-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+/* Typedefs for more compatibility with older GnuTLS. */
+
+#ifndef _GNUTLS_COMPAT_H
+#define _GNUTLS_COMPAT_H
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+extern "C" {
+#endif
+/* *INDENT-ON* */
+
+#ifdef __GNUC__
+
+#define _GNUTLS_GCC_VERSION (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__)
+
+#if !defined GNUTLS_INTERNAL_BUILD
+#if _GNUTLS_GCC_VERSION >= 30100
+#define _GNUTLS_GCC_ATTR_DEPRECATED __attribute__ ((__deprecated__))
+#endif
+#endif
+
+#endif                         /* __GNUC__ */
+
+#ifndef _GNUTLS_GCC_ATTR_DEPRECATED
+#define _GNUTLS_GCC_ATTR_DEPRECATED
+#endif
+
+/* gnutls_connection_end_t was made redundant in 2.99.0 */
+typedef unsigned int gnutls_connection_end_t _GNUTLS_GCC_ATTR_DEPRECATED;
+
+/* Stuff deprected in 2.x */
+typedef gnutls_cipher_algorithm_t gnutls_cipher_algorithm
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_kx_algorithm_t gnutls_kx_algorithm
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_mac_algorithm_t gnutls_mac_algorithm
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_digest_algorithm_t gnutls_digest_algorithm
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_compression_method_t gnutls_compression_method
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_connection_end_t gnutls_connection_end
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_x509_crt_fmt_t gnutls_x509_crt_fmt
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_pk_algorithm_t gnutls_pk_algorithm
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_sign_algorithm_t gnutls_sign_algorithm
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_close_request_t gnutls_close_request
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_certificate_request_t gnutls_certificate_request
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_certificate_status_t gnutls_certificate_status
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_session_t gnutls_session _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_alert_level_t gnutls_alert_level
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_alert_description_t gnutls_alert_description
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_x509_subject_alt_name_t gnutls_x509_subject_alt_name
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_openpgp_privkey_t gnutls_openpgp_privkey
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_openpgp_keyring_t gnutls_openpgp_keyring
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_x509_crt_t gnutls_x509_crt _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_x509_privkey_t gnutls_x509_privkey
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_x509_crl_t gnutls_x509_crl _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_x509_crq_t gnutls_x509_crq _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_certificate_credentials_t
+    gnutls_certificate_credentials _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_anon_server_credentials_t
+    gnutls_anon_server_credentials _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_anon_client_credentials_t
+    gnutls_anon_client_credentials _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_srp_client_credentials_t
+    gnutls_srp_client_credentials _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_srp_server_credentials_t
+    gnutls_srp_server_credentials _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_dh_params_t gnutls_dh_params _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_rsa_params_t gnutls_rsa_params _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_params_type_t gnutls_params_type
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_credentials_type_t gnutls_credentials_type
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_certificate_type_t gnutls_certificate_type
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_datum_t gnutls_datum _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_transport_ptr_t gnutls_transport_ptr
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+
+/* Old SRP alerts removed in 2.1.x because the TLS-SRP RFC was
+   modified to use the PSK alert. */
+#define GNUTLS_A_MISSING_SRP_USERNAME GNUTLS_A_UNKNOWN_PSK_IDENTITY
+#define GNUTLS_A_UNKNOWN_SRP_USERNAME GNUTLS_A_UNKNOWN_PSK_IDENTITY
+
+/* OpenPGP stuff renamed in 2.1.x. */
+#define GNUTLS_OPENPGP_KEY GNUTLS_OPENPGP_CERT
+#define GNUTLS_OPENPGP_KEY_FINGERPRINT GNUTLS_OPENPGP_CERT_FINGERPRINT
+#define gnutls_openpgp_send_key gnutls_openpgp_send_cert
+typedef gnutls_openpgp_crt_status_t gnutls_openpgp_key_status_t
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+typedef gnutls_openpgp_crt_t gnutls_openpgp_key_t
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+#define gnutls_openpgp_key_init gnutls_openpgp_crt_init
+#define gnutls_openpgp_key_deinit gnutls_openpgp_crt_deinit
+#define gnutls_openpgp_key_import gnutls_openpgp_crt_import
+#define gnutls_openpgp_key_export gnutls_openpgp_crt_export
+#define gnutls_openpgp_key_get_key_usage gnutls_openpgp_crt_get_key_usage
+#define gnutls_openpgp_key_get_fingerprint gnutls_openpgp_crt_get_fingerprint
+#define gnutls_openpgp_key_get_pk_algorithm gnutls_openpgp_crt_get_pk_algorithm
+#define gnutls_openpgp_key_get_name gnutls_openpgp_crt_get_name
+#define gnutls_openpgp_key_get_version gnutls_openpgp_crt_get_version
+#define gnutls_openpgp_key_get_creation_time gnutls_openpgp_crt_get_creation_time
+#define gnutls_openpgp_key_get_expiration_time gnutls_openpgp_crt_get_expiration_time
+#define gnutls_openpgp_key_get_id gnutls_openpgp_crt_get_id
+#define gnutls_openpgp_key_check_hostname gnutls_openpgp_crt_check_hostname
+
+/* OpenPGP stuff renamed in 2.3.x. */
+#define gnutls_openpgp_crt_get_id gnutls_openpgp_crt_get_key_id
+
+/* New better names renamed in 2.3.x, add these for backwards
+   compatibility with old poor names.*/
+#define GNUTLS_X509_CRT_FULL GNUTLS_CRT_PRINT_FULL
+#define GNUTLS_X509_CRT_ONELINE GNUTLS_CRT_PRINT_ONELINE
+#define GNUTLS_X509_CRT_UNSIGNED_FULL GNUTLS_CRT_PRINT_UNSIGNED_FULL
+
+/* Namespace problems. */
+#define LIBGNUTLS_VERSION GNUTLS_VERSION
+#define LIBGNUTLS_VERSION_MAJOR GNUTLS_VERSION_MAJOR
+#define LIBGNUTLS_VERSION_MINOR GNUTLS_VERSION_MINOR
+#define LIBGNUTLS_VERSION_PATCH GNUTLS_VERSION_PATCH
+#define LIBGNUTLS_VERSION_NUMBER GNUTLS_VERSION_NUMBER
+#define LIBGNUTLS_EXTRA_VERSION GNUTLS_VERSION
+
+/* The gnutls_retr_st was deprecated by gnutls_certificate_retrieve_function()
+ * and gnutls_retr2_st.
+ */
+typedef struct gnutls_retr_st {
+       gnutls_certificate_type_t type;
+       union {
+               gnutls_x509_crt_t *x509;
+               gnutls_openpgp_crt_t pgp;
+       } cert;
+       unsigned int ncerts;    /* one for pgp keys */
+
+       union {
+               gnutls_x509_privkey_t x509;
+               gnutls_openpgp_privkey_t pgp;
+       } key;
+
+       unsigned int deinit_all;        /* if non zero all keys will be deinited */
+} gnutls_retr_st;
+
+typedef int
+gnutls_certificate_client_retrieve_function(gnutls_session_t,
+                                           const
+                                           gnutls_datum_t *
+                                           req_ca_rdn,
+                                           int nreqs, const
+                                           gnutls_pk_algorithm_t
+                                           * pk_algos, int
+                                           pk_algos_length,
+                                           gnutls_retr_st *);
+typedef int
+gnutls_certificate_server_retrieve_function(gnutls_session_t,
+                                           gnutls_retr_st *);
+
+void gnutls_certificate_client_set_retrieve_function
+    (gnutls_certificate_credentials_t cred,
+     gnutls_certificate_client_retrieve_function *
+     func) _GNUTLS_GCC_ATTR_DEPRECATED;
+void
+ gnutls_certificate_server_set_retrieve_function
+    (gnutls_certificate_credentials_t cred,
+     gnutls_certificate_server_retrieve_function *
+     func) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+       /* External signing callback.  No longer supported because it
+        * was deprecated by the PKCS #11 API or gnutls_privkey_import_ext. */
+typedef int (*gnutls_sign_func) (gnutls_session_t session,
+                                void *userdata,
+                                gnutls_certificate_type_t
+                                cert_type,
+                                const gnutls_datum_t * cert,
+                                const gnutls_datum_t * hash,
+                                gnutls_datum_t * signature);
+
+void
+gnutls_sign_callback_set(gnutls_session_t session,
+                        gnutls_sign_func sign_func,
+                        void *userdata) _GNUTLS_GCC_ATTR_DEPRECATED;
+gnutls_sign_func
+gnutls_sign_callback_get(gnutls_session_t session,
+                        void **userdata) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+/* This is a very dangerous and error-prone function.
+ * Use gnutls_privkey_sign_hash() instead.
+ */
+int gnutls_x509_privkey_sign_hash(gnutls_x509_privkey_t key,
+                                 const gnutls_datum_t * hash,
+                                 gnutls_datum_t * signature)
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_openpgp_privkey_sign_hash(gnutls_openpgp_privkey_t key,
+                                    const gnutls_datum_t * hash,
+                                    gnutls_datum_t * signature)
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+
+/* we support the gnutls_privkey_sign_data() instead.
+ */
+int gnutls_x509_privkey_sign_data(gnutls_x509_privkey_t key,
+                                 gnutls_digest_algorithm_t digest,
+                                 unsigned int flags,
+                                 const gnutls_datum_t * data,
+                                 void *signature,
+                                 size_t * signature_size)
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+
+       /* gnutls_pubkey_verify_data() */
+int gnutls_x509_crt_verify_data(gnutls_x509_crt_t crt,
+                               unsigned int flags,
+                               const gnutls_datum_t * data,
+                               const gnutls_datum_t * signature)
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+
+
+       /* gnutls_pubkey_verify_hash() */
+int gnutls_x509_crt_verify_hash(gnutls_x509_crt_t crt,
+                               unsigned int flags,
+                               const gnutls_datum_t * hash,
+                               const gnutls_datum_t * signature)
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+
+       /* gnutls_pubkey_get_verify_algorithm() */
+int gnutls_x509_crt_get_verify_algorithm(gnutls_x509_crt_t crt,
+                                        const gnutls_datum_t *
+                                        signature,
+                                        gnutls_digest_algorithm_t
+                                        * hash)
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+
+       /* gnutls_pubkey_get_preferred_hash_algorithm() */
+int gnutls_x509_crt_get_preferred_hash_algorithm(gnutls_x509_crt_t
+                                                crt,
+                                                gnutls_digest_algorithm_t
+                                                * hash, unsigned int
+                                                *mand)
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+
+       /* gnutls_x509_crq_privkey_sign() */
+int gnutls_x509_crq_sign(gnutls_x509_crq_t crq,
+                        gnutls_x509_privkey_t key)
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+
+
+
+       /* gnutls_x509_crl_privkey_sign */
+int gnutls_x509_crl_sign(gnutls_x509_crl_t crl,
+                        gnutls_x509_crt_t issuer,
+                        gnutls_x509_privkey_t issuer_key)
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+
+       /* functions to set priority of cipher suites
+        */
+int gnutls_cipher_set_priority(gnutls_session_t session,
+                              const int *list)
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_mac_set_priority(gnutls_session_t session,
+                           const int *list) _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_compression_set_priority(gnutls_session_t session,
+                                   const int *list)
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_kx_set_priority(gnutls_session_t session,
+                          const int *list) _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_protocol_set_priority(gnutls_session_t session,
+                                const int *list)
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_certificate_type_set_priority(gnutls_session_t session,
+                                        const int *list)
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+
+/* RSA params 
+ */
+int gnutls_rsa_params_init(gnutls_rsa_params_t *
+                          rsa_params) _GNUTLS_GCC_ATTR_DEPRECATED;
+void gnutls_rsa_params_deinit(gnutls_rsa_params_t rsa_params)
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_rsa_params_cpy(gnutls_rsa_params_t dst,
+                         gnutls_rsa_params_t src)
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_rsa_params_import_raw(gnutls_rsa_params_t rsa_params,
+                                const gnutls_datum_t * m,
+                                const gnutls_datum_t * e,
+                                const gnutls_datum_t * d,
+                                const gnutls_datum_t * p,
+                                const gnutls_datum_t * q,
+                                const gnutls_datum_t * u);
+int gnutls_rsa_params_generate2(gnutls_rsa_params_t params,
+                               unsigned int bits)
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_rsa_params_export_raw(gnutls_rsa_params_t rsa,
+                                gnutls_datum_t * m,
+                                gnutls_datum_t * e,
+                                gnutls_datum_t * d,
+                                gnutls_datum_t * p,
+                                gnutls_datum_t * q,
+                                gnutls_datum_t * u,
+                                unsigned int *bits)
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_rsa_params_export_pkcs1(gnutls_rsa_params_t params,
+                                  gnutls_x509_crt_fmt_t format,
+                                  unsigned char *params_data,
+                                  size_t *
+                                  params_data_size)
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_rsa_params_import_pkcs1(gnutls_rsa_params_t params,
+                                  const gnutls_datum_t *
+                                  pkcs1_params,
+                                  gnutls_x509_crt_fmt_t format)
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+
+int gnutls_rsa_export_get_pubkey(gnutls_session_t session,
+                                gnutls_datum_t * exponent,
+                                gnutls_datum_t *
+                                modulus) _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_rsa_export_get_modulus_bits(gnutls_session_t session)
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+int gnutls_set_default_export_priority(gnutls_session_t session)
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+
+void gnutls_certificate_set_rsa_export_params
+    (gnutls_certificate_credentials_t res,
+     gnutls_rsa_params_t rsa_params) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+       /* use gnutls_privkey_sign_hash() with the GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA flag */
+int gnutls_privkey_sign_raw_data(gnutls_privkey_t key,
+                                unsigned flags,
+                                const gnutls_datum_t * data,
+                                gnutls_datum_t *
+                                signature) _GNUTLS_GCC_ATTR_DEPRECATED;
+
+#ifdef _ISOC99_SOURCE
+/* we provide older functions for compatibility as inline functions that
+ * depend on gnutls_session_get_random. */
+
+static inline const void
+*gnutls_session_get_server_random(gnutls_session_t session)
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+static inline const void
+*gnutls_session_get_server_random(gnutls_session_t session)
+{
+       gnutls_datum_t rnd;
+       gnutls_session_get_random(session, NULL, &rnd); /*doc-skip */
+       return rnd.data;
+}
+
+static inline const void
+*gnutls_session_get_client_random(gnutls_session_t session)
+    _GNUTLS_GCC_ATTR_DEPRECATED;
+static inline const void
+*gnutls_session_get_client_random(gnutls_session_t session)
+{
+       gnutls_datum_t rnd;
+       gnutls_session_get_random(session, &rnd, NULL); /*doc-skip */
+       return rnd.data;
+}
+#endif
+
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+}
+#endif
+/* *INDENT-ON* */
+
+#endif                         /* _GNUTLS_COMPAT_H */
diff --git a/reactos/include/reactos/libs/gnutls/gnutls/crypto.h b/reactos/include/reactos/libs/gnutls/gnutls/crypto.h
new file mode 100644 (file)
index 0000000..bb589df
--- /dev/null
@@ -0,0 +1,117 @@
+/*
+ * Copyright (C) 2008-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_CRYPTO_H
+#define GNUTLS_CRYPTO_H
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+extern "C" {
+#endif
+/* *INDENT-ON* */
+
+typedef struct api_cipher_hd_st *gnutls_cipher_hd_t;
+
+int gnutls_cipher_init(gnutls_cipher_hd_t * handle,
+                      gnutls_cipher_algorithm_t cipher,
+                      const gnutls_datum_t * key,
+                      const gnutls_datum_t * iv);
+int gnutls_cipher_encrypt(const gnutls_cipher_hd_t handle,
+                         void *text, size_t textlen);
+int gnutls_cipher_decrypt(const gnutls_cipher_hd_t handle,
+                         void *ciphertext, size_t ciphertextlen);
+int gnutls_cipher_decrypt2(gnutls_cipher_hd_t handle,
+                          const void *ciphertext,
+                          size_t ciphertextlen, void *text,
+                          size_t textlen);
+int gnutls_cipher_encrypt2(gnutls_cipher_hd_t handle,
+                          const void *text, size_t textlen,
+                          void *ciphertext, size_t ciphertextlen);
+
+void gnutls_cipher_set_iv(gnutls_cipher_hd_t handle, void *iv,
+                         size_t ivlen);
+
+int gnutls_cipher_tag(gnutls_cipher_hd_t handle, void *tag,
+                     size_t tag_size);
+int gnutls_cipher_add_auth(gnutls_cipher_hd_t handle,
+                          const void *text, size_t text_size);
+
+void gnutls_cipher_deinit(gnutls_cipher_hd_t handle);
+int gnutls_cipher_get_block_size(gnutls_cipher_algorithm_t algorithm);
+int gnutls_cipher_get_iv_size(gnutls_cipher_algorithm_t algorithm);
+int gnutls_cipher_get_tag_size(gnutls_cipher_algorithm_t algorithm);
+
+typedef struct hash_hd_st *gnutls_hash_hd_t;
+typedef struct hmac_hd_st *gnutls_hmac_hd_t;
+
+size_t gnutls_mac_get_nonce_size(gnutls_mac_algorithm_t algorithm);
+int gnutls_hmac_init(gnutls_hmac_hd_t * dig,
+                    gnutls_mac_algorithm_t algorithm,
+                    const void *key, size_t keylen);
+void gnutls_hmac_set_nonce(gnutls_hmac_hd_t handle,
+                          const void *nonce, size_t nonce_len);
+int gnutls_hmac(gnutls_hmac_hd_t handle, const void *text, size_t textlen);
+void gnutls_hmac_output(gnutls_hmac_hd_t handle, void *digest);
+void gnutls_hmac_deinit(gnutls_hmac_hd_t handle, void *digest);
+int gnutls_hmac_get_len(gnutls_mac_algorithm_t algorithm);
+int gnutls_hmac_fast(gnutls_mac_algorithm_t algorithm,
+                    const void *key, size_t keylen,
+                    const void *text, size_t textlen, void *digest);
+
+int gnutls_hash_init(gnutls_hash_hd_t * dig,
+                    gnutls_digest_algorithm_t algorithm);
+int gnutls_hash(gnutls_hash_hd_t handle, const void *text, size_t textlen);
+void gnutls_hash_output(gnutls_hash_hd_t handle, void *digest);
+void gnutls_hash_deinit(gnutls_hash_hd_t handle, void *digest);
+int gnutls_hash_get_len(gnutls_digest_algorithm_t algorithm);
+int gnutls_hash_fast(gnutls_digest_algorithm_t algorithm,
+                    const void *text, size_t textlen, void *digest);
+
+/* register ciphers */
+
+
+/**
+ * gnutls_rnd_level_t:
+ * @GNUTLS_RND_NONCE: Non-predictable random number.  Fatal in parts
+ *   of session if broken, i.e., vulnerable to statistical analysis.
+ * @GNUTLS_RND_RANDOM: Pseudo-random cryptographic random number.
+ *   Fatal in session if broken.
+ * @GNUTLS_RND_KEY: Fatal in many sessions if broken.
+ *
+ * Enumeration of random quality levels.
+ */
+typedef enum gnutls_rnd_level {
+       GNUTLS_RND_NONCE = 0,
+       GNUTLS_RND_RANDOM = 1,
+       GNUTLS_RND_KEY = 2
+} gnutls_rnd_level_t;
+
+int gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t len);
+
+void gnutls_rnd_refresh(void);
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+}
+#endif
+/* *INDENT-ON* */
+#endif
diff --git a/reactos/include/reactos/libs/gnutls/gnutls/dtls.h b/reactos/include/reactos/libs/gnutls/gnutls/dtls.h
new file mode 100644 (file)
index 0000000..46d0b59
--- /dev/null
@@ -0,0 +1,92 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains the types and prototypes for the X.509
+ * certificate and CRL handling functions.
+ */
+
+#ifndef GNUTLS_DTLS_H
+#define GNUTLS_DTLS_H
+
+#include <gnutls/gnutls.h>
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+extern "C" {
+#endif
+/* *INDENT-ON* */
+
+#define GNUTLS_COOKIE_KEY_SIZE 16
+
+void gnutls_dtls_set_timeouts(gnutls_session_t session,
+                             unsigned int retrans_timeout,
+                             unsigned int total_timeout);
+
+unsigned int gnutls_dtls_get_mtu(gnutls_session_t session);
+unsigned int gnutls_dtls_get_data_mtu(gnutls_session_t session);
+
+void gnutls_dtls_set_mtu(gnutls_session_t session, unsigned int mtu);
+int gnutls_dtls_set_data_mtu(gnutls_session_t session, unsigned int mtu);
+
+unsigned int gnutls_dtls_get_timeout(gnutls_session_t session);
+
+/**
+ * gnutls_dtls_prestate_st:
+ * @record_seq: record sequence number
+ * @hsk_read_seq: handshake read sequence number
+ * @hsk_write_seq: handshake write sequence number
+ *
+ * DTLS cookie prestate struct.  This is usually never modified by
+ * the application, it is used to carry the cookie data between
+ * gnutls_dtls_cookie_send(), gnutls_dtls_cookie_verify() and
+ * gnutls_dtls_prestate_set().
+ */
+typedef struct {
+       unsigned int record_seq;
+       unsigned int hsk_read_seq;
+       unsigned int hsk_write_seq;
+} gnutls_dtls_prestate_st;
+
+int gnutls_dtls_cookie_send(gnutls_datum_t * key,
+                           void *client_data,
+                           size_t client_data_size,
+                           gnutls_dtls_prestate_st * prestate,
+                           gnutls_transport_ptr_t ptr,
+                           gnutls_push_func push_func);
+
+int gnutls_dtls_cookie_verify(gnutls_datum_t * key,
+                             void *client_data,
+                             size_t client_data_size, void *_msg,
+                             size_t msg_size,
+                             gnutls_dtls_prestate_st * prestate);
+
+void gnutls_dtls_prestate_set(gnutls_session_t session,
+                             gnutls_dtls_prestate_st * prestate);
+
+unsigned int gnutls_record_get_discarded(gnutls_session_t session);
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+}
+#endif
+/* *INDENT-ON* */
+#endif                         /* GNUTLS_DTLS_H */
diff --git a/reactos/include/reactos/libs/gnutls/gnutls/gnutls.h b/reactos/include/reactos/libs/gnutls/gnutls/gnutls.h
new file mode 100644 (file)
index 0000000..d502328
--- /dev/null
@@ -0,0 +1,2299 @@
+/* -*- c -*-
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains the types and prototypes for all the
+ * high level functionality of the gnutls main library.
+ *
+ * If the optional C++ binding was built, it is available in
+ * gnutls/gnutlsxx.h.
+ *
+ * The openssl compatibility layer (which is under the GNU GPL
+ * license) is in gnutls/openssl.h.
+ *
+ * The low level cipher functionality is in gnutls/crypto.h.
+ */
+
+
+#ifndef GNUTLS_H
+#define GNUTLS_H
+
+/* Get size_t. */
+#include <stddef.h>
+/* Get ssize_t. */
+#ifndef HAVE_SSIZE_T
+#define HAVE_SSIZE_T
+/* *INDENT-OFF* */
+#include <sys/types.h>
+/* *INDENT-ON* */
+#endif
+/* Get time_t. */
+#include <time.h>
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+extern "C" {
+#endif
+/* *INDENT-ON* */
+
+#define GNUTLS_VERSION "3.2.16"
+
+#define GNUTLS_VERSION_MAJOR 3
+#define GNUTLS_VERSION_MINOR 2
+#define GNUTLS_VERSION_PATCH 16
+
+#define GNUTLS_VERSION_NUMBER 0x030210
+
+#define GNUTLS_CIPHER_RIJNDAEL_128_CBC GNUTLS_CIPHER_AES_128_CBC
+#define GNUTLS_CIPHER_RIJNDAEL_256_CBC GNUTLS_CIPHER_AES_256_CBC
+#define GNUTLS_CIPHER_RIJNDAEL_CBC GNUTLS_CIPHER_AES_128_CBC
+#define GNUTLS_CIPHER_ARCFOUR GNUTLS_CIPHER_ARCFOUR_128
+
+/**
+ * gnutls_cipher_algorithm_t:
+ * @GNUTLS_CIPHER_UNKNOWN: Unknown algorithm.
+ * @GNUTLS_CIPHER_NULL: NULL algorithm.
+ * @GNUTLS_CIPHER_ARCFOUR_128: ARCFOUR stream cipher with 128-bit keys.
+ * @GNUTLS_CIPHER_3DES_CBC: 3DES in CBC mode.
+ * @GNUTLS_CIPHER_AES_128_CBC: AES in CBC mode with 128-bit keys.
+ * @GNUTLS_CIPHER_AES_192_CBC: AES in CBC mode with 192-bit keys.
+ * @GNUTLS_CIPHER_AES_256_CBC: AES in CBC mode with 256-bit keys.
+ * @GNUTLS_CIPHER_ARCFOUR_40: ARCFOUR stream cipher with 40-bit keys.
+ * @GNUTLS_CIPHER_CAMELLIA_128_CBC: Camellia in CBC mode with 128-bit keys.
+ * @GNUTLS_CIPHER_CAMELLIA_192_CBC: Camellia in CBC mode with 192-bit keys.
+ * @GNUTLS_CIPHER_CAMELLIA_256_CBC: Camellia in CBC mode with 256-bit keys.
+ * @GNUTLS_CIPHER_RC2_40_CBC: RC2 in CBC mode with 40-bit keys.
+ * @GNUTLS_CIPHER_DES_CBC: DES in CBC mode (56-bit keys).
+ * @GNUTLS_CIPHER_AES_128_GCM: AES in GCM mode with 128-bit keys.
+ * @GNUTLS_CIPHER_AES_256_GCM: AES in GCM mode with 256-bit keys.
+ * @GNUTLS_CIPHER_CAMELLIA_128_GCM: CAMELLIA in GCM mode with 128-bit keys.
+ * @GNUTLS_CIPHER_CAMELLIA_256_GCM: CAMELLIA in GCM mode with 256-bit keys.
+ * @GNUTLS_CIPHER_IDEA_PGP_CFB: IDEA in CFB mode.
+ * @GNUTLS_CIPHER_3DES_PGP_CFB: 3DES in CFB mode.
+ * @GNUTLS_CIPHER_CAST5_PGP_CFB: CAST5 in CFB mode.
+ * @GNUTLS_CIPHER_BLOWFISH_PGP_CFB: Blowfish in CFB mode.
+ * @GNUTLS_CIPHER_SAFER_SK128_PGP_CFB: Safer-SK in CFB mode with 128-bit keys.
+ * @GNUTLS_CIPHER_AES128_PGP_CFB: AES in CFB mode with 128-bit keys.
+ * @GNUTLS_CIPHER_AES192_PGP_CFB: AES in CFB mode with 192-bit keys.
+ * @GNUTLS_CIPHER_AES256_PGP_CFB: AES in CFB mode with 256-bit keys.
+ * @GNUTLS_CIPHER_TWOFISH_PGP_CFB: Twofish in CFB mode.
+ *
+ * Enumeration of different symmetric encryption algorithms.
+ */
+typedef enum gnutls_cipher_algorithm {
+       GNUTLS_CIPHER_UNKNOWN = 0,
+       GNUTLS_CIPHER_NULL = 1,
+       GNUTLS_CIPHER_ARCFOUR_128 = 2,
+       GNUTLS_CIPHER_3DES_CBC = 3,
+       GNUTLS_CIPHER_AES_128_CBC = 4,
+       GNUTLS_CIPHER_AES_256_CBC = 5,
+       GNUTLS_CIPHER_ARCFOUR_40 = 6,
+       GNUTLS_CIPHER_CAMELLIA_128_CBC = 7,
+       GNUTLS_CIPHER_CAMELLIA_256_CBC = 8,
+       GNUTLS_CIPHER_RC2_40_CBC = 90,
+       GNUTLS_CIPHER_DES_CBC = 91,
+       GNUTLS_CIPHER_AES_192_CBC = 92,
+       GNUTLS_CIPHER_AES_128_GCM = 93,
+       GNUTLS_CIPHER_AES_256_GCM = 94,
+       GNUTLS_CIPHER_CAMELLIA_192_CBC = 95,
+       GNUTLS_CIPHER_SALSA20_256 = 96,
+       GNUTLS_CIPHER_ESTREAM_SALSA20_256 = 97,
+       GNUTLS_CIPHER_CAMELLIA_128_GCM = 98,
+       GNUTLS_CIPHER_CAMELLIA_256_GCM = 99,
+
+       /* used only for PGP internals. Ignored in TLS/SSL
+        */
+       GNUTLS_CIPHER_IDEA_PGP_CFB = 200,
+       GNUTLS_CIPHER_3DES_PGP_CFB = 201,
+       GNUTLS_CIPHER_CAST5_PGP_CFB = 202,
+       GNUTLS_CIPHER_BLOWFISH_PGP_CFB = 203,
+       GNUTLS_CIPHER_SAFER_SK128_PGP_CFB = 204,
+       GNUTLS_CIPHER_AES128_PGP_CFB = 205,
+       GNUTLS_CIPHER_AES192_PGP_CFB = 206,
+       GNUTLS_CIPHER_AES256_PGP_CFB = 207,
+       GNUTLS_CIPHER_TWOFISH_PGP_CFB = 208
+} gnutls_cipher_algorithm_t;
+
+/**
+ * gnutls_kx_algorithm_t:
+ * @GNUTLS_KX_UNKNOWN: Unknown key-exchange algorithm.
+ * @GNUTLS_KX_RSA: RSA key-exchange algorithm.
+ * @GNUTLS_KX_DHE_DSS: DHE-DSS key-exchange algorithm.
+ * @GNUTLS_KX_DHE_RSA: DHE-RSA key-exchange algorithm.
+ * @GNUTLS_KX_ECDHE_RSA: ECDHE-RSA key-exchange algorithm.
+ * @GNUTLS_KX_ECDHE_ECDSA: ECDHE-ECDSA key-exchange algorithm.
+ * @GNUTLS_KX_ANON_DH: Anon-DH key-exchange algorithm.
+ * @GNUTLS_KX_ANON_ECDH: Anon-ECDH key-exchange algorithm.
+ * @GNUTLS_KX_SRP: SRP key-exchange algorithm.
+ * @GNUTLS_KX_RSA_EXPORT: RSA-EXPORT key-exchange algorithm (defunc).
+ * @GNUTLS_KX_SRP_RSA: SRP-RSA key-exchange algorithm.
+ * @GNUTLS_KX_SRP_DSS: SRP-DSS key-exchange algorithm.
+ * @GNUTLS_KX_PSK: PSK key-exchange algorithm.
+ * @GNUTLS_KX_DHE_PSK: DHE-PSK key-exchange algorithm.
+ * @GNUTLS_KX_ECDHE_PSK: ECDHE-PSK key-exchange algorithm.
+ * @GNUTLS_KX_RSA_PSK: RSA-PSK key-exchange algorithm.
+ *
+ * Enumeration of different key exchange algorithms.
+ */
+typedef enum {
+       GNUTLS_KX_UNKNOWN = 0,
+       GNUTLS_KX_RSA = 1,
+       GNUTLS_KX_DHE_DSS = 2,
+       GNUTLS_KX_DHE_RSA = 3,
+       GNUTLS_KX_ANON_DH = 4,
+       GNUTLS_KX_SRP = 5,
+       GNUTLS_KX_RSA_EXPORT = 6,
+       GNUTLS_KX_SRP_RSA = 7,
+       GNUTLS_KX_SRP_DSS = 8,
+       GNUTLS_KX_PSK = 9,
+       GNUTLS_KX_DHE_PSK = 10,
+       GNUTLS_KX_ANON_ECDH = 11,
+       GNUTLS_KX_ECDHE_RSA = 12,
+       GNUTLS_KX_ECDHE_ECDSA = 13,
+       GNUTLS_KX_ECDHE_PSK = 14,
+       GNUTLS_KX_RSA_PSK = 15,
+} gnutls_kx_algorithm_t;
+
+/**
+ * gnutls_params_type_t:
+ * @GNUTLS_PARAMS_RSA_EXPORT: Session RSA-EXPORT parameters (defunc).
+ * @GNUTLS_PARAMS_DH: Session Diffie-Hellman parameters.
+ * @GNUTLS_PARAMS_ECDH: Session Elliptic-Curve Diffie-Hellman parameters.
+ *
+ * Enumeration of different TLS session parameter types.
+ */
+typedef enum {
+       GNUTLS_PARAMS_RSA_EXPORT = 1,
+       GNUTLS_PARAMS_DH = 2,
+       GNUTLS_PARAMS_ECDH = 3,
+} gnutls_params_type_t;
+
+/**
+ * gnutls_credentials_type_t:
+ * @GNUTLS_CRD_CERTIFICATE: Certificate credential.
+ * @GNUTLS_CRD_ANON: Anonymous credential.
+ * @GNUTLS_CRD_SRP: SRP credential.
+ * @GNUTLS_CRD_PSK: PSK credential.
+ * @GNUTLS_CRD_IA: IA credential.
+ *
+ * Enumeration of different credential types.
+ */
+typedef enum {
+       GNUTLS_CRD_CERTIFICATE = 1,
+       GNUTLS_CRD_ANON,
+       GNUTLS_CRD_SRP,
+       GNUTLS_CRD_PSK,
+       GNUTLS_CRD_IA
+} gnutls_credentials_type_t;
+
+#define GNUTLS_MAC_SHA GNUTLS_MAC_SHA1
+#define GNUTLS_DIG_SHA GNUTLS_DIG_SHA1
+
+/**
+ * gnutls_mac_algorithm_t:
+ * @GNUTLS_MAC_UNKNOWN: Unknown MAC algorithm.
+ * @GNUTLS_MAC_NULL: NULL MAC algorithm (empty output).
+ * @GNUTLS_MAC_MD5: HMAC-MD5 algorithm.
+ * @GNUTLS_MAC_SHA1: HMAC-SHA-1 algorithm.
+ * @GNUTLS_MAC_RMD160: HMAC-RMD160 algorithm.
+ * @GNUTLS_MAC_MD2: HMAC-MD2 algorithm.
+ * @GNUTLS_MAC_SHA256: HMAC-SHA-256 algorithm.
+ * @GNUTLS_MAC_SHA384: HMAC-SHA-384 algorithm.
+ * @GNUTLS_MAC_SHA512: HMAC-SHA-512 algorithm.
+ * @GNUTLS_MAC_SHA224: HMAC-SHA-224 algorithm.
+ * @GNUTLS_MAC_AEAD: MAC implicit through AEAD cipher.
+ * @GNUTLS_MAC_UMAC_96: The UMAC-96 MAC algorithm.
+ * @GNUTLS_MAC_UMAC_128: The UMAC-128 MAC algorithm.
+ *
+ * Enumeration of different Message Authentication Code (MAC)
+ * algorithms.
+ */
+typedef enum {
+       GNUTLS_MAC_UNKNOWN = 0,
+       GNUTLS_MAC_NULL = 1,
+       GNUTLS_MAC_MD5 = 2,
+       GNUTLS_MAC_SHA1 = 3,
+       GNUTLS_MAC_RMD160 = 4,
+       GNUTLS_MAC_MD2 = 5,
+       GNUTLS_MAC_SHA256 = 6,
+       GNUTLS_MAC_SHA384 = 7,
+       GNUTLS_MAC_SHA512 = 8,
+       GNUTLS_MAC_SHA224 = 9,
+       /* If you add anything here, make sure you align with
+          gnutls_digest_algorithm_t. */
+       GNUTLS_MAC_AEAD = 200,  /* indicates that MAC is on the cipher */
+       GNUTLS_MAC_UMAC_96 = 201,
+       GNUTLS_MAC_UMAC_128 = 202,
+} gnutls_mac_algorithm_t;
+
+/**
+ * gnutls_digest_algorithm_t:
+ * @GNUTLS_DIG_UNKNOWN: Unknown hash algorithm.
+ * @GNUTLS_DIG_NULL: NULL hash algorithm (empty output).
+ * @GNUTLS_DIG_MD5: MD5 algorithm.
+ * @GNUTLS_DIG_SHA1: SHA-1 algorithm.
+ * @GNUTLS_DIG_RMD160: RMD160 algorithm.
+ * @GNUTLS_DIG_MD2: MD2 algorithm.
+ * @GNUTLS_DIG_SHA256: SHA-256 algorithm.
+ * @GNUTLS_DIG_SHA384: SHA-384 algorithm.
+ * @GNUTLS_DIG_SHA512: SHA-512 algorithm.
+ * @GNUTLS_DIG_SHA224: SHA-224 algorithm.
+ *
+ * Enumeration of different digest (hash) algorithms.
+ */
+typedef enum {
+       GNUTLS_DIG_UNKNOWN = GNUTLS_MAC_UNKNOWN,
+       GNUTLS_DIG_NULL = GNUTLS_MAC_NULL,
+       GNUTLS_DIG_MD5 = GNUTLS_MAC_MD5,
+       GNUTLS_DIG_SHA1 = GNUTLS_MAC_SHA1,
+       GNUTLS_DIG_RMD160 = GNUTLS_MAC_RMD160,
+       GNUTLS_DIG_MD2 = GNUTLS_MAC_MD2,
+       GNUTLS_DIG_SHA256 = GNUTLS_MAC_SHA256,
+       GNUTLS_DIG_SHA384 = GNUTLS_MAC_SHA384,
+       GNUTLS_DIG_SHA512 = GNUTLS_MAC_SHA512,
+       GNUTLS_DIG_SHA224 = GNUTLS_MAC_SHA224
+           /* If you add anything here, make sure you align with
+              gnutls_mac_algorithm_t. */
+} gnutls_digest_algorithm_t;
+
+  /* exported for other gnutls headers. This is the maximum number of
+   * algorithms (ciphers, kx or macs).
+   */
+#define GNUTLS_MAX_ALGORITHM_NUM 32
+
+/**
+ * gnutls_compression_method_t:
+ * @GNUTLS_COMP_UNKNOWN: Unknown compression method.
+ * @GNUTLS_COMP_NULL: The NULL compression method (no compression).
+ * @GNUTLS_COMP_DEFLATE: The DEFLATE compression method from zlib.
+ * @GNUTLS_COMP_ZLIB: Same as %GNUTLS_COMP_DEFLATE.
+ *
+ * Enumeration of different TLS compression methods.
+ */
+typedef enum {
+       GNUTLS_COMP_UNKNOWN = 0,
+       GNUTLS_COMP_NULL = 1,
+       GNUTLS_COMP_DEFLATE = 2,
+       GNUTLS_COMP_ZLIB = GNUTLS_COMP_DEFLATE,
+} gnutls_compression_method_t;
+
+  /*
+   * Flags for gnutls_init()
+   *
+   * @GNUTLS_SERVER: Connection end is a server.
+   * @GNUTLS_CLIENT: Connection end is a client.
+   * @GNUTLS_DATAGRAM: Connection is datagram oriented (DTLS).
+   * @GNUTLS_NONBLOCK: Connection should not block (DTLS).
+   * @GNUTLS_NO_EXTENSIONS: Do not enable any TLS extensions by default.
+   * @GNUTLS_NO_REPLAY_PROTECTION: Disable any replay protection in DTLS.
+   *
+   */
+#define GNUTLS_SERVER 1
+#define GNUTLS_CLIENT (1<<1)
+#define GNUTLS_DATAGRAM (1<<2)
+#define GNUTLS_NONBLOCK (1<<3)
+#define GNUTLS_NO_EXTENSIONS (1<<4)
+#define GNUTLS_NO_REPLAY_PROTECTION (1<<5)
+
+/**
+ * gnutls_alert_level_t:
+ * @GNUTLS_AL_WARNING: Alert of warning severity.
+ * @GNUTLS_AL_FATAL: Alert of fatal severity.
+ *
+ * Enumeration of different TLS alert severities.
+ */
+typedef enum {
+       GNUTLS_AL_WARNING = 1,
+       GNUTLS_AL_FATAL
+} gnutls_alert_level_t;
+
+/**
+ * gnutls_alert_description_t:
+ * @GNUTLS_A_CLOSE_NOTIFY: Close notify.
+ * @GNUTLS_A_UNEXPECTED_MESSAGE: Unexpected message.
+ * @GNUTLS_A_BAD_RECORD_MAC: Bad record MAC.
+ * @GNUTLS_A_DECRYPTION_FAILED: Decryption failed.
+ * @GNUTLS_A_RECORD_OVERFLOW: Record overflow.
+ * @GNUTLS_A_DECOMPRESSION_FAILURE: Decompression failed.
+ * @GNUTLS_A_HANDSHAKE_FAILURE: Handshake failed.
+ * @GNUTLS_A_SSL3_NO_CERTIFICATE: No certificate.
+ * @GNUTLS_A_BAD_CERTIFICATE: Certificate is bad.
+ * @GNUTLS_A_UNSUPPORTED_CERTIFICATE: Certificate is not supported.
+ * @GNUTLS_A_CERTIFICATE_REVOKED: Certificate was revoked.
+ * @GNUTLS_A_CERTIFICATE_EXPIRED: Certificate is expired.
+ * @GNUTLS_A_CERTIFICATE_UNKNOWN: Unknown certificate.
+ * @GNUTLS_A_ILLEGAL_PARAMETER: Illegal parameter.
+ * @GNUTLS_A_UNKNOWN_CA: CA is unknown.
+ * @GNUTLS_A_ACCESS_DENIED: Access was denied.
+ * @GNUTLS_A_DECODE_ERROR: Decode error.
+ * @GNUTLS_A_DECRYPT_ERROR: Decrypt error.
+ * @GNUTLS_A_EXPORT_RESTRICTION: Export restriction.
+ * @GNUTLS_A_PROTOCOL_VERSION: Error in protocol version.
+ * @GNUTLS_A_INSUFFICIENT_SECURITY: Insufficient security.
+ * @GNUTLS_A_USER_CANCELED: User canceled.
+ * @GNUTLS_A_INTERNAL_ERROR: Internal error.
+ * @GNUTLS_A_NO_RENEGOTIATION: No renegotiation is allowed.
+ * @GNUTLS_A_CERTIFICATE_UNOBTAINABLE: Could not retrieve the
+ *   specified certificate.
+ * @GNUTLS_A_UNSUPPORTED_EXTENSION: An unsupported extension was
+ *   sent.
+ * @GNUTLS_A_UNRECOGNIZED_NAME: The server name sent was not
+ *   recognized.
+ * @GNUTLS_A_UNKNOWN_PSK_IDENTITY: The SRP/PSK username is missing
+ *   or not known.
+ *
+ * Enumeration of different TLS alerts.
+ */
+typedef enum {
+       GNUTLS_A_CLOSE_NOTIFY,
+       GNUTLS_A_UNEXPECTED_MESSAGE = 10,
+       GNUTLS_A_BAD_RECORD_MAC = 20,
+       GNUTLS_A_DECRYPTION_FAILED,
+       GNUTLS_A_RECORD_OVERFLOW,
+       GNUTLS_A_DECOMPRESSION_FAILURE = 30,
+       GNUTLS_A_HANDSHAKE_FAILURE = 40,
+       GNUTLS_A_SSL3_NO_CERTIFICATE = 41,
+       GNUTLS_A_BAD_CERTIFICATE = 42,
+       GNUTLS_A_UNSUPPORTED_CERTIFICATE,
+       GNUTLS_A_CERTIFICATE_REVOKED,
+       GNUTLS_A_CERTIFICATE_EXPIRED,
+       GNUTLS_A_CERTIFICATE_UNKNOWN,
+       GNUTLS_A_ILLEGAL_PARAMETER,
+       GNUTLS_A_UNKNOWN_CA,
+       GNUTLS_A_ACCESS_DENIED,
+       GNUTLS_A_DECODE_ERROR = 50,
+       GNUTLS_A_DECRYPT_ERROR,
+       GNUTLS_A_EXPORT_RESTRICTION = 60,
+       GNUTLS_A_PROTOCOL_VERSION = 70,
+       GNUTLS_A_INSUFFICIENT_SECURITY,
+       GNUTLS_A_INTERNAL_ERROR = 80,
+       GNUTLS_A_USER_CANCELED = 90,
+       GNUTLS_A_NO_RENEGOTIATION = 100,
+       GNUTLS_A_UNSUPPORTED_EXTENSION = 110,
+       GNUTLS_A_CERTIFICATE_UNOBTAINABLE = 111,
+       GNUTLS_A_UNRECOGNIZED_NAME = 112,
+       GNUTLS_A_UNKNOWN_PSK_IDENTITY = 115,
+       GNUTLS_A_NO_APPLICATION_PROTOCOL = 120,
+} gnutls_alert_description_t;
+
+/**
+ * gnutls_handshake_description_t:
+ * @GNUTLS_HANDSHAKE_HELLO_REQUEST: Hello request.
+ * @GNUTLS_HANDSHAKE_HELLO_VERIFY_REQUEST: DTLS Hello verify request.
+ * @GNUTLS_HANDSHAKE_CLIENT_HELLO: Client hello.
+ * @GNUTLS_HANDSHAKE_SERVER_HELLO: Server hello.
+ * @GNUTLS_HANDSHAKE_NEW_SESSION_TICKET: New session ticket.
+ * @GNUTLS_HANDSHAKE_CERTIFICATE_PKT: Certificate packet.
+ * @GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE: Server key exchange.
+ * @GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST: Certificate request.
+ * @GNUTLS_HANDSHAKE_SERVER_HELLO_DONE: Server hello done.
+ * @GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY: Certificate verify.
+ * @GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE: Client key exchange.
+ * @GNUTLS_HANDSHAKE_FINISHED: Finished.
+ * @GNUTLS_HANDSHAKE_CERTIFICATE_STATUS: Certificate status (OCSP).
+ * @GNUTLS_HANDSHAKE_SUPPLEMENTAL: Supplemental.
+ * @GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC: Change Cipher Spec.
+ * @GNUTLS_HANDSHAKE_CLIENT_HELLO_V2: SSLv2 Client Hello.
+ *
+ * Enumeration of different TLS handshake packets.
+ */
+typedef enum {
+       GNUTLS_HANDSHAKE_HELLO_REQUEST = 0,
+       GNUTLS_HANDSHAKE_CLIENT_HELLO = 1,
+       GNUTLS_HANDSHAKE_SERVER_HELLO = 2,
+       GNUTLS_HANDSHAKE_HELLO_VERIFY_REQUEST = 3,
+       GNUTLS_HANDSHAKE_NEW_SESSION_TICKET = 4,
+       GNUTLS_HANDSHAKE_CERTIFICATE_PKT = 11,
+       GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE = 12,
+       GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST = 13,
+       GNUTLS_HANDSHAKE_SERVER_HELLO_DONE = 14,
+       GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY = 15,
+       GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE = 16,
+       GNUTLS_HANDSHAKE_FINISHED = 20,
+       GNUTLS_HANDSHAKE_CERTIFICATE_STATUS = 22,
+       GNUTLS_HANDSHAKE_SUPPLEMENTAL = 23,
+       GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC = 254,
+       GNUTLS_HANDSHAKE_CLIENT_HELLO_V2 = 1024,
+} gnutls_handshake_description_t;
+
+#define GNUTLS_HANDSHAKE_ANY ((unsigned int)-1)
+
+const char
+    *gnutls_handshake_description_get_name(gnutls_handshake_description_t
+                                          type);
+
+/**
+ * gnutls_certificate_status_t:
+ * @GNUTLS_CERT_INVALID: The certificate is not signed by one of the
+ *   known authorities or the signature is invalid (deprecated by the flags 
+ *   %GNUTLS_CERT_SIGNATURE_FAILURE and %GNUTLS_CERT_SIGNER_NOT_FOUND).
+ * @GNUTLS_CERT_SIGNATURE_FAILURE: The signature verification failed.
+ * @GNUTLS_CERT_REVOKED: Certificate is revoked by its authority.  In X.509 this will be
+ *   set only if CRLs are checked.
+ * @GNUTLS_CERT_SIGNER_NOT_FOUND: The certificate's issuer is not known. 
+ *   This is the case if the issuer is not included in the trusted certificate list.
+ * @GNUTLS_CERT_SIGNER_NOT_CA: The certificate's signer was not a CA. This
+ *   may happen if this was a version 1 certificate, which is common with 
+ *   some CAs, or a version 3 certificate without the basic constrains extension.
+ * @GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE: The certificate's signer constraints were
+ *   violated.
+ * @GNUTLS_CERT_INSECURE_ALGORITHM:  The certificate was signed using an insecure
+ *   algorithm such as MD2 or MD5. These algorithms have been broken and
+ *   should not be trusted.
+ * @GNUTLS_CERT_NOT_ACTIVATED: The certificate is not yet activated.
+ * @GNUTLS_CERT_EXPIRED: The certificate has expired.
+ * @GNUTLS_CERT_REVOCATION_DATA_SUPERSEDED: The revocation data are old and have been superseded.
+ * @GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE: The revocation data have a future issue date.
+ * @GNUTLS_CERT_UNEXPECTED_OWNER: The owner is not the expected one.
+ * @GNUTLS_CERT_MISMATCH: The certificate presented isn't the expected one (TOFU)
+ *
+ * Enumeration of certificate status codes.  Note that the status
+ * bits may have different meanings in OpenPGP keys and X.509
+ * certificate verification.
+ */
+typedef enum {
+       GNUTLS_CERT_INVALID = 1 << 1,
+       GNUTLS_CERT_REVOKED = 1 << 5,
+       GNUTLS_CERT_SIGNER_NOT_FOUND = 1 << 6,
+       GNUTLS_CERT_SIGNER_NOT_CA = 1 << 7,
+       GNUTLS_CERT_INSECURE_ALGORITHM = 1 << 8,
+       GNUTLS_CERT_NOT_ACTIVATED = 1 << 9,
+       GNUTLS_CERT_EXPIRED = 1 << 10,
+       GNUTLS_CERT_SIGNATURE_FAILURE = 1 << 11,
+       GNUTLS_CERT_REVOCATION_DATA_SUPERSEDED = 1 << 12,
+       GNUTLS_CERT_UNEXPECTED_OWNER = 1 << 14,
+       GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE = 1 << 15,
+       GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE = 1 << 16,
+       GNUTLS_CERT_MISMATCH = 1 << 17,
+} gnutls_certificate_status_t;
+
+/**
+ * gnutls_certificate_request_t:
+ * @GNUTLS_CERT_IGNORE: Ignore certificate.
+ * @GNUTLS_CERT_REQUEST: Request certificate.
+ * @GNUTLS_CERT_REQUIRE: Require certificate.
+ *
+ * Enumeration of certificate request types.
+ */
+typedef enum {
+       GNUTLS_CERT_IGNORE = 0,
+       GNUTLS_CERT_REQUEST = 1,
+       GNUTLS_CERT_REQUIRE = 2
+} gnutls_certificate_request_t;
+
+/**
+ * gnutls_openpgp_crt_status_t:
+ * @GNUTLS_OPENPGP_CERT: Send entire certificate.
+ * @GNUTLS_OPENPGP_CERT_FINGERPRINT: Send only certificate fingerprint.
+ *
+ * Enumeration of ways to send OpenPGP certificate.
+ */
+typedef enum {
+       GNUTLS_OPENPGP_CERT = 0,
+       GNUTLS_OPENPGP_CERT_FINGERPRINT = 1
+} gnutls_openpgp_crt_status_t;
+
+/**
+ * gnutls_close_request_t:
+ * @GNUTLS_SHUT_RDWR: Disallow further receives/sends.
+ * @GNUTLS_SHUT_WR: Disallow further sends.
+ *
+ * Enumeration of how TLS session should be terminated.  See gnutls_bye().
+ */
+typedef enum {
+       GNUTLS_SHUT_RDWR = 0,
+       GNUTLS_SHUT_WR = 1
+} gnutls_close_request_t;
+
+/**
+ * gnutls_protocol_t:
+ * @GNUTLS_SSL3: SSL version 3.0.
+ * @GNUTLS_TLS1_0: TLS version 1.0.
+ * @GNUTLS_TLS1: Same as %GNUTLS_TLS1_0.
+ * @GNUTLS_TLS1_1: TLS version 1.1.
+ * @GNUTLS_TLS1_2: TLS version 1.2.
+ * @GNUTLS_DTLS1_0: DTLS version 1.0.
+ * @GNUTLS_DTLS1_2: DTLS version 1.2.
+ * @GNUTLS_DTLS0_9: DTLS version 0.9 (Cisco AnyConnect / OpenSSL 0.9.8e).
+ * @GNUTLS_VERSION_MAX: Maps to the highest supported TLS version.
+ * @GNUTLS_VERSION_UNKNOWN: Unknown SSL/TLS version.
+ *
+ * Enumeration of different SSL/TLS protocol versions.
+ */
+typedef enum {
+       GNUTLS_SSL3 = 1,
+       GNUTLS_TLS1_0 = 2,
+       GNUTLS_TLS1 = GNUTLS_TLS1_0,
+       GNUTLS_TLS1_1 = 3,
+       GNUTLS_TLS1_2 = 4,
+       GNUTLS_DTLS0_9 = 6,     /* FIXME: at some point change it to 200 */
+       GNUTLS_DTLS1_0 = 5,     /* 201 */
+       GNUTLS_DTLS1_2 = 202,
+       GNUTLS_DTLS_VERSION_MIN = GNUTLS_DTLS1_0,
+       GNUTLS_DTLS_VERSION_MAX = GNUTLS_DTLS1_2,
+       GNUTLS_TLS_VERSION_MAX = GNUTLS_TLS1_2,
+       GNUTLS_VERSION_UNKNOWN = 0xff   /* change it to 0xffff */
+} gnutls_protocol_t;
+
+/**
+ * gnutls_certificate_type_t:
+ * @GNUTLS_CRT_UNKNOWN: Unknown certificate type.
+ * @GNUTLS_CRT_X509: X.509 Certificate.
+ * @GNUTLS_CRT_OPENPGP: OpenPGP certificate.
+ * @GNUTLS_CRT_RAW: Raw public key (SubjectPublicKey)
+ *
+ * Enumeration of different certificate types.
+ */
+typedef enum {
+       GNUTLS_CRT_UNKNOWN = 0,
+       GNUTLS_CRT_X509 = 1,
+       GNUTLS_CRT_OPENPGP = 2,
+       GNUTLS_CRT_RAW = 3
+} gnutls_certificate_type_t;
+
+/**
+ * gnutls_x509_crt_fmt_t:
+ * @GNUTLS_X509_FMT_DER: X.509 certificate in DER format (binary).
+ * @GNUTLS_X509_FMT_PEM: X.509 certificate in PEM format (text).
+ *
+ * Enumeration of different certificate encoding formats.
+ */
+typedef enum {
+       GNUTLS_X509_FMT_DER = 0,
+       GNUTLS_X509_FMT_PEM = 1
+} gnutls_x509_crt_fmt_t;
+
+/**
+ * gnutls_certificate_print_formats_t:
+ * @GNUTLS_CRT_PRINT_FULL: Full information about certificate.
+ * @GNUTLS_CRT_PRINT_FULL_NUMBERS: Full information about certificate and include easy to parse public key parameters.
+ * @GNUTLS_CRT_PRINT_COMPACT: Information about certificate name in one line, plus identification of the public key.
+ * @GNUTLS_CRT_PRINT_ONELINE: Information about certificate in one line.
+ * @GNUTLS_CRT_PRINT_UNSIGNED_FULL: All info for an unsigned certificate.
+ *
+ * Enumeration of different certificate printing variants.
+ */
+typedef enum gnutls_certificate_print_formats {
+       GNUTLS_CRT_PRINT_FULL = 0,
+       GNUTLS_CRT_PRINT_ONELINE = 1,
+       GNUTLS_CRT_PRINT_UNSIGNED_FULL = 2,
+       GNUTLS_CRT_PRINT_COMPACT = 3,
+       GNUTLS_CRT_PRINT_FULL_NUMBERS = 4,
+} gnutls_certificate_print_formats_t;
+
+#define GNUTLS_PK_ECC GNUTLS_PK_EC
+/**
+ * gnutls_pk_algorithm_t:
+ * @GNUTLS_PK_UNKNOWN: Unknown public-key algorithm.
+ * @GNUTLS_PK_RSA: RSA public-key algorithm.
+ * @GNUTLS_PK_DSA: DSA public-key algorithm.
+ * @GNUTLS_PK_DH: Diffie-Hellman algorithm. Used to generate parameters.
+ * @GNUTLS_PK_EC: Elliptic curve algorithm. Used to generate parameters.
+ *
+ * Enumeration of different public-key algorithms.
+ */
+typedef enum {
+       GNUTLS_PK_UNKNOWN = 0,
+       GNUTLS_PK_RSA = 1,
+       GNUTLS_PK_DSA = 2,
+       GNUTLS_PK_DH = 3,
+       GNUTLS_PK_EC = 4,
+} gnutls_pk_algorithm_t;
+
+const char *gnutls_pk_algorithm_get_name(gnutls_pk_algorithm_t algorithm);
+
+/**
+ * gnutls_sign_algorithm_t:
+ * @GNUTLS_SIGN_UNKNOWN: Unknown signature algorithm.
+ * @GNUTLS_SIGN_RSA_SHA1: Digital signature algorithm RSA with SHA-1
+ * @GNUTLS_SIGN_RSA_SHA: Same as %GNUTLS_SIGN_RSA_SHA1.
+ * @GNUTLS_SIGN_DSA_SHA1: Digital signature algorithm DSA with SHA-1
+ * @GNUTLS_SIGN_DSA_SHA224: Digital signature algorithm DSA with SHA-224
+ * @GNUTLS_SIGN_DSA_SHA256: Digital signature algorithm DSA with SHA-256
+ * @GNUTLS_SIGN_DSA_SHA: Same as %GNUTLS_SIGN_DSA_SHA1.
+ * @GNUTLS_SIGN_RSA_MD5: Digital signature algorithm RSA with MD5.
+ * @GNUTLS_SIGN_RSA_MD2: Digital signature algorithm RSA with MD2.
+ * @GNUTLS_SIGN_RSA_RMD160: Digital signature algorithm RSA with RMD-160.
+ * @GNUTLS_SIGN_RSA_SHA256: Digital signature algorithm RSA with SHA-256.
+ * @GNUTLS_SIGN_RSA_SHA384: Digital signature algorithm RSA with SHA-384.
+ * @GNUTLS_SIGN_RSA_SHA512: Digital signature algorithm RSA with SHA-512.
+ * @GNUTLS_SIGN_RSA_SHA224: Digital signature algorithm RSA with SHA-224.
+ * @GNUTLS_SIGN_ECDSA_SHA1: ECDSA with SHA1.
+ * @GNUTLS_SIGN_ECDSA_SHA256: Digital signature algorithm ECDSA with SHA-256.
+ * @GNUTLS_SIGN_ECDSA_SHA384: Digital signature algorithm ECDSA with SHA-384.
+ * @GNUTLS_SIGN_ECDSA_SHA512: Digital signature algorithm ECDSA with SHA-512.
+ * @GNUTLS_SIGN_ECDSA_SHA224: Digital signature algorithm ECDSA with SHA-224.
+ *
+ * Enumeration of different digital signature algorithms.
+ */
+typedef enum {
+       GNUTLS_SIGN_UNKNOWN = 0,
+       GNUTLS_SIGN_RSA_SHA1 = 1,
+       GNUTLS_SIGN_RSA_SHA = GNUTLS_SIGN_RSA_SHA1,
+       GNUTLS_SIGN_DSA_SHA1 = 2,
+       GNUTLS_SIGN_DSA_SHA = GNUTLS_SIGN_DSA_SHA1,
+       GNUTLS_SIGN_RSA_MD5 = 3,
+       GNUTLS_SIGN_RSA_MD2 = 4,
+       GNUTLS_SIGN_RSA_RMD160 = 5,
+       GNUTLS_SIGN_RSA_SHA256 = 6,
+       GNUTLS_SIGN_RSA_SHA384 = 7,
+       GNUTLS_SIGN_RSA_SHA512 = 8,
+       GNUTLS_SIGN_RSA_SHA224 = 9,
+       GNUTLS_SIGN_DSA_SHA224 = 10,
+       GNUTLS_SIGN_DSA_SHA256 = 11,
+       GNUTLS_SIGN_ECDSA_SHA1 = 12,
+       GNUTLS_SIGN_ECDSA_SHA224 = 13,
+       GNUTLS_SIGN_ECDSA_SHA256 = 14,
+       GNUTLS_SIGN_ECDSA_SHA384 = 15,
+       GNUTLS_SIGN_ECDSA_SHA512 = 16,
+} gnutls_sign_algorithm_t;
+
+/**
+ * gnutls_ecc_curve_t:
+ * @GNUTLS_ECC_CURVE_INVALID: Cannot be known
+ * @GNUTLS_ECC_CURVE_SECP192R1: the SECP192R1 curve
+ * @GNUTLS_ECC_CURVE_SECP224R1: the SECP224R1 curve
+ * @GNUTLS_ECC_CURVE_SECP256R1: the SECP256R1 curve
+ * @GNUTLS_ECC_CURVE_SECP384R1: the SECP384R1 curve
+ * @GNUTLS_ECC_CURVE_SECP521R1: the SECP521R1 curve
+ *
+ * Enumeration of ECC curves.
+ */
+typedef enum {
+       GNUTLS_ECC_CURVE_INVALID = 0,
+       GNUTLS_ECC_CURVE_SECP224R1,
+       GNUTLS_ECC_CURVE_SECP256R1,
+       GNUTLS_ECC_CURVE_SECP384R1,
+       GNUTLS_ECC_CURVE_SECP521R1,
+       GNUTLS_ECC_CURVE_SECP192R1,
+} gnutls_ecc_curve_t;
+
+/* macros to allow specifying a specific curve in gnutls_privkey_generate()
+ * and gnutls_x509_privkey_generate() */
+#define GNUTLS_CURVE_TO_BITS(curve) (unsigned int)((1<<31)|(curve))
+#define GNUTLS_BITS_TO_CURVE(bits) ((bits) & 0x7FFFFFFF)
+#define GNUTLS_BITS_ARE_CURVE(bits) ((bits) & 0x80000000)
+
+/**
+ * gnutls_sec_param_t:
+ * @GNUTLS_SEC_PARAM_UNKNOWN: Cannot be known
+ * @GNUTLS_SEC_PARAM_INSECURE: Less than 42 bits of security
+ * @GNUTLS_SEC_PARAM_EXPORT: 42 bits of security
+ * @GNUTLS_SEC_PARAM_VERY_WEAK: 64 bits of security
+ * @GNUTLS_SEC_PARAM_WEAK: 72 bits of security
+ * @GNUTLS_SEC_PARAM_LOW: 80 bits of security
+ * @GNUTLS_SEC_PARAM_LEGACY: 96 bits of security
+ * @GNUTLS_SEC_PARAM_NORMAL: 112 bits of security
+ * @GNUTLS_SEC_PARAM_HIGH: 128 bits of security
+ * @GNUTLS_SEC_PARAM_ULTRA: 192 bits of security
+ *
+ * Enumeration of security parameters for passive attacks.
+ */
+typedef enum {
+       GNUTLS_SEC_PARAM_INSECURE = -20,
+       GNUTLS_SEC_PARAM_EXPORT = -15,
+       GNUTLS_SEC_PARAM_VERY_WEAK = -12,
+       GNUTLS_SEC_PARAM_WEAK = -10,
+       GNUTLS_SEC_PARAM_UNKNOWN = 0,
+       GNUTLS_SEC_PARAM_LOW = 1,
+       GNUTLS_SEC_PARAM_LEGACY = 2,
+       GNUTLS_SEC_PARAM_NORMAL = 3,
+       GNUTLS_SEC_PARAM_HIGH = 4,
+       GNUTLS_SEC_PARAM_ULTRA = 5,
+} gnutls_sec_param_t;
+
+/**
+ * gnutls_channel_binding_t:
+ * @GNUTLS_CB_TLS_UNIQUE: "tls-unique" (RFC 5929) channel binding
+ *
+ * Enumeration of support channel binding types.
+ */
+typedef enum {
+       GNUTLS_CB_TLS_UNIQUE
+} gnutls_channel_binding_t;
+
+
+/* If you want to change this, then also change the define in
+ * gnutls_int.h, and recompile.
+ */
+typedef void *gnutls_transport_ptr_t;
+
+struct gnutls_session_int;
+typedef struct gnutls_session_int *gnutls_session_t;
+
+struct gnutls_dh_params_int;
+typedef struct gnutls_dh_params_int *gnutls_dh_params_t;
+
+struct gnutls_ecdh_params_int;
+typedef struct gnutls_ecdh_params_int *gnutls_ecdh_params_t;
+
+  /* XXX ugly. */
+struct gnutls_x509_privkey_int;
+typedef struct gnutls_x509_privkey_int *gnutls_rsa_params_t;
+
+struct gnutls_priority_st;
+typedef struct gnutls_priority_st *gnutls_priority_t;
+
+typedef struct {
+       unsigned char *data;
+       unsigned int size;
+} gnutls_datum_t;
+
+
+typedef struct gnutls_params_st {
+       gnutls_params_type_t type;
+       union params {
+               gnutls_dh_params_t dh;
+               gnutls_ecdh_params_t ecdh;
+               gnutls_rsa_params_t rsa_export;
+       } params;
+       int deinit;
+} gnutls_params_st;
+
+typedef int gnutls_params_function(gnutls_session_t, gnutls_params_type_t,
+                                  gnutls_params_st *);
+
+/* internal functions */
+
+int gnutls_init(gnutls_session_t * session, unsigned int flags);
+void gnutls_deinit(gnutls_session_t session);
+#define _gnutls_deinit(x) gnutls_deinit(x)
+
+int gnutls_bye(gnutls_session_t session, gnutls_close_request_t how);
+
+int gnutls_handshake(gnutls_session_t session);
+
+#define GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT ((unsigned int)-1)
+void gnutls_handshake_set_timeout(gnutls_session_t session,
+                                 unsigned int ms);
+int gnutls_rehandshake(gnutls_session_t session);
+
+gnutls_alert_description_t gnutls_alert_get(gnutls_session_t session);
+int gnutls_alert_send(gnutls_session_t session,
+                     gnutls_alert_level_t level,
+                     gnutls_alert_description_t desc);
+int gnutls_alert_send_appropriate(gnutls_session_t session, int err);
+const char *gnutls_alert_get_name(gnutls_alert_description_t alert);
+const char *gnutls_alert_get_strname(gnutls_alert_description_t alert);
+
+gnutls_sec_param_t gnutls_pk_bits_to_sec_param(gnutls_pk_algorithm_t algo,
+                                              unsigned int bits);
+const char *gnutls_sec_param_get_name(gnutls_sec_param_t param);
+unsigned int gnutls_sec_param_to_pk_bits(gnutls_pk_algorithm_t algo,
+                                        gnutls_sec_param_t param);
+
+/* Elliptic curves */
+const char *gnutls_ecc_curve_get_name(gnutls_ecc_curve_t curve);
+int gnutls_ecc_curve_get_size(gnutls_ecc_curve_t curve);
+gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t session);
+
+/* get information on the current session */
+gnutls_cipher_algorithm_t gnutls_cipher_get(gnutls_session_t session);
+gnutls_kx_algorithm_t gnutls_kx_get(gnutls_session_t session);
+gnutls_mac_algorithm_t gnutls_mac_get(gnutls_session_t session);
+gnutls_compression_method_t
+gnutls_compression_get(gnutls_session_t session);
+gnutls_certificate_type_t
+gnutls_certificate_type_get(gnutls_session_t session);
+
+int gnutls_sign_algorithm_get(gnutls_session_t session);
+int gnutls_sign_algorithm_get_client(gnutls_session_t session);
+
+int gnutls_sign_algorithm_get_requested(gnutls_session_t session,
+                                       size_t indx,
+                                       gnutls_sign_algorithm_t * algo);
+
+/* the name of the specified algorithms */
+const char *gnutls_cipher_get_name(gnutls_cipher_algorithm_t algorithm);
+const char *gnutls_mac_get_name(gnutls_mac_algorithm_t algorithm);
+const char *gnutls_digest_get_name(gnutls_digest_algorithm_t algorithm);
+const char *gnutls_compression_get_name(gnutls_compression_method_t
+                                       algorithm);
+const char *gnutls_kx_get_name(gnutls_kx_algorithm_t algorithm);
+const char *gnutls_certificate_type_get_name(gnutls_certificate_type_t
+                                            type);
+const char *gnutls_pk_get_name(gnutls_pk_algorithm_t algorithm);
+const char *gnutls_sign_get_name(gnutls_sign_algorithm_t algorithm);
+
+size_t gnutls_cipher_get_key_size(gnutls_cipher_algorithm_t algorithm);
+size_t gnutls_mac_get_key_size(gnutls_mac_algorithm_t algorithm);
+
+int gnutls_sign_is_secure(gnutls_sign_algorithm_t algorithm);
+gnutls_digest_algorithm_t
+gnutls_sign_get_hash_algorithm(gnutls_sign_algorithm_t sign);
+gnutls_pk_algorithm_t
+gnutls_sign_get_pk_algorithm(gnutls_sign_algorithm_t sign);
+gnutls_sign_algorithm_t
+gnutls_pk_to_sign(gnutls_pk_algorithm_t pk,
+                 gnutls_digest_algorithm_t hash);
+
+#define gnutls_sign_algorithm_get_name gnutls_sign_get_name
+
+gnutls_mac_algorithm_t gnutls_mac_get_id(const char *name);
+gnutls_digest_algorithm_t gnutls_digest_get_id(const char *name);
+gnutls_compression_method_t gnutls_compression_get_id(const char *name);
+gnutls_cipher_algorithm_t gnutls_cipher_get_id(const char *name);
+gnutls_kx_algorithm_t gnutls_kx_get_id(const char *name);
+gnutls_protocol_t gnutls_protocol_get_id(const char *name);
+gnutls_certificate_type_t gnutls_certificate_type_get_id(const char *name);
+gnutls_pk_algorithm_t gnutls_pk_get_id(const char *name);
+gnutls_sign_algorithm_t gnutls_sign_get_id(const char *name);
+
+  /* list supported algorithms */
+const gnutls_ecc_curve_t *gnutls_ecc_curve_list(void);
+const gnutls_cipher_algorithm_t *gnutls_cipher_list(void);
+const gnutls_mac_algorithm_t *gnutls_mac_list(void);
+const gnutls_digest_algorithm_t *gnutls_digest_list(void);
+const gnutls_compression_method_t *gnutls_compression_list(void);
+const gnutls_protocol_t *gnutls_protocol_list(void);
+const gnutls_certificate_type_t *gnutls_certificate_type_list(void);
+const gnutls_kx_algorithm_t *gnutls_kx_list(void);
+const gnutls_pk_algorithm_t *gnutls_pk_list(void);
+const gnutls_sign_algorithm_t *gnutls_sign_list(void);
+const char *gnutls_cipher_suite_info(size_t idx,
+                                    unsigned char *cs_id,
+                                    gnutls_kx_algorithm_t * kx,
+                                    gnutls_cipher_algorithm_t * cipher,
+                                    gnutls_mac_algorithm_t * mac,
+                                    gnutls_protocol_t * min_version);
+
+  /* error functions */
+int gnutls_error_is_fatal(int error);
+int gnutls_error_to_alert(int err, int *level);
+
+void gnutls_perror(int error);
+const char *gnutls_strerror(int error);
+const char *gnutls_strerror_name(int error);
+
+/* Semi-internal functions.
+ */
+void gnutls_handshake_set_private_extensions(gnutls_session_t session,
+                                            int allow);
+int gnutls_handshake_set_random(gnutls_session_t session,
+                               const gnutls_datum_t * random);
+
+gnutls_handshake_description_t
+gnutls_handshake_get_last_out(gnutls_session_t session);
+gnutls_handshake_description_t
+gnutls_handshake_get_last_in(gnutls_session_t session);
+
+/* Record layer functions.
+ */
+#define GNUTLS_HEARTBEAT_WAIT 1
+int gnutls_heartbeat_ping(gnutls_session_t session, size_t data_size,
+                         unsigned int max_tries, unsigned int flags);
+int gnutls_heartbeat_pong(gnutls_session_t session, unsigned int flags);
+
+void gnutls_record_set_timeout(gnutls_session_t session, unsigned int ms);
+void gnutls_record_disable_padding(gnutls_session_t session);
+
+void gnutls_record_cork(gnutls_session_t session);
+#define GNUTLS_RECORD_WAIT 1
+int gnutls_record_uncork(gnutls_session_t session, unsigned int flags);
+
+typedef struct {
+       size_t low;
+       size_t high;
+} gnutls_range_st;
+
+int gnutls_range_split(gnutls_session_t session,
+                      const gnutls_range_st * orig,
+                      gnutls_range_st * small_range,
+                      gnutls_range_st * rem_range);
+
+ssize_t gnutls_record_send(gnutls_session_t session, const void *data,
+                          size_t data_size);
+ssize_t gnutls_record_send_range(gnutls_session_t session,
+                                const void *data, size_t data_size,
+                                const gnutls_range_st * range);
+ssize_t gnutls_record_recv(gnutls_session_t session, void *data,
+                          size_t data_size);
+#define gnutls_read gnutls_record_recv
+#define gnutls_write gnutls_record_send
+ssize_t gnutls_record_recv_seq(gnutls_session_t session, void *data,
+                              size_t data_size, unsigned char *seq);
+
+size_t gnutls_record_overhead_size(gnutls_session_t session);
+
+size_t gnutls_est_record_overhead_size(gnutls_protocol_t version,
+                                      gnutls_cipher_algorithm_t cipher,
+                                      gnutls_mac_algorithm_t mac,
+                                      gnutls_compression_method_t comp,
+                                      unsigned int flags);
+
+void gnutls_session_enable_compatibility_mode(gnutls_session_t session);
+void gnutls_record_set_max_empty_records(gnutls_session_t session,
+                                        const unsigned int i);
+
+int gnutls_record_can_use_length_hiding(gnutls_session_t session);
+
+int gnutls_record_get_direction(gnutls_session_t session);
+
+size_t gnutls_record_get_max_size(gnutls_session_t session);
+ssize_t gnutls_record_set_max_size(gnutls_session_t session, size_t size);
+
+size_t gnutls_record_check_pending(gnutls_session_t session);
+size_t gnutls_record_check_corked(gnutls_session_t session);
+
+void gnutls_session_force_valid(gnutls_session_t session);
+
+int gnutls_prf(gnutls_session_t session,
+              size_t label_size, const char *label,
+              int server_random_first,
+              size_t extra_size, const char *extra,
+              size_t outsize, char *out);
+
+int gnutls_prf_raw(gnutls_session_t session,
+                  size_t label_size, const char *label,
+                  size_t seed_size, const char *seed,
+                  size_t outsize, char *out);
+
+/**
+ * gnutls_server_name_type_t:
+ * @GNUTLS_NAME_DNS: Domain Name System name type.
+ *
+ * Enumeration of different server name types.
+ */
+typedef enum {
+       GNUTLS_NAME_DNS = 1
+} gnutls_server_name_type_t;
+
+int gnutls_server_name_set(gnutls_session_t session,
+                          gnutls_server_name_type_t type,
+                          const void *name, size_t name_length);
+
+int gnutls_server_name_get(gnutls_session_t session,
+                          void *data, size_t * data_length,
+                          unsigned int *type, unsigned int indx);
+
+unsigned int gnutls_heartbeat_get_timeout(gnutls_session_t session);
+void gnutls_heartbeat_set_timeouts(gnutls_session_t session,
+                                  unsigned int retrans_timeout,
+                                  unsigned int total_timeout);
+
+#define GNUTLS_HB_PEER_ALLOWED_TO_SEND (1)
+#define GNUTLS_HB_PEER_NOT_ALLOWED_TO_SEND (1<<1)
+
+  /* Heartbeat */
+void gnutls_heartbeat_enable(gnutls_session_t session, unsigned int type);
+
+#define GNUTLS_HB_LOCAL_ALLOWED_TO_SEND (1<<2)
+int gnutls_heartbeat_allowed(gnutls_session_t session, unsigned int type);
+
+  /* Safe renegotiation */
+int gnutls_safe_renegotiation_status(gnutls_session_t session);
+
+/**
+ * gnutls_supplemental_data_format_type_t:
+ * @GNUTLS_SUPPLEMENTAL_USER_MAPPING_DATA: Supplemental user mapping data.
+ *
+ * Enumeration of different supplemental data types (RFC 4680).
+ */
+typedef enum {
+       GNUTLS_SUPPLEMENTAL_USER_MAPPING_DATA = 0
+} gnutls_supplemental_data_format_type_t;
+
+const char
+*gnutls_supplemental_get_name(gnutls_supplemental_data_format_type_t type);
+
+  /* SessionTicket, RFC 5077. */
+int gnutls_session_ticket_key_generate(gnutls_datum_t * key);
+int gnutls_session_ticket_enable_client(gnutls_session_t session);
+int gnutls_session_ticket_enable_server(gnutls_session_t session,
+                                       const gnutls_datum_t * key);
+
+  /* SRTP, RFC 5764 */
+
+/**
+ * gnutls_srtp_profile_t:
+ * @GNUTLS_SRTP_AES128_CM_HMAC_SHA1_80: 128 bit AES with a 80 bit HMAC-SHA1
+ * @GNUTLS_SRTP_AES128_CM_HMAC_SHA1_32: 128 bit AES with a 32 bit HMAC-SHA1
+ * @GNUTLS_SRTP_NULL_HMAC_SHA1_80: NULL cipher with a 80 bit HMAC-SHA1
+ * @GNUTLS_SRTP_NULL_HMAC_SHA1_32: NULL cipher with a 32 bit HMAC-SHA1
+ *
+ * Enumeration of different SRTP protection profiles.
+ */
+typedef enum {
+       GNUTLS_SRTP_AES128_CM_HMAC_SHA1_80 = 0x0001,
+       GNUTLS_SRTP_AES128_CM_HMAC_SHA1_32 = 0x0002,
+       GNUTLS_SRTP_NULL_HMAC_SHA1_80 = 0x0005,
+       GNUTLS_SRTP_NULL_HMAC_SHA1_32 = 0x0006
+} gnutls_srtp_profile_t;
+
+int gnutls_srtp_set_profile(gnutls_session_t session,
+                           gnutls_srtp_profile_t profile);
+int gnutls_srtp_set_profile_direct(gnutls_session_t session,
+                                  const char *profiles,
+                                  const char **err_pos);
+int gnutls_srtp_get_selected_profile(gnutls_session_t session,
+                                    gnutls_srtp_profile_t * profile);
+
+const char *gnutls_srtp_get_profile_name(gnutls_srtp_profile_t profile);
+int gnutls_srtp_get_profile_id(const char *name,
+                              gnutls_srtp_profile_t * profile);
+int gnutls_srtp_get_keys(gnutls_session_t session,
+                        void *key_material,
+                        unsigned int key_material_size,
+                        gnutls_datum_t * client_key,
+                        gnutls_datum_t * client_salt,
+                        gnutls_datum_t * server_key,
+                        gnutls_datum_t * server_salt);
+
+int gnutls_srtp_set_mki(gnutls_session_t session,
+                       const gnutls_datum_t * mki);
+int gnutls_srtp_get_mki(gnutls_session_t session, gnutls_datum_t * mki);
+
+/* ALPN TLS extension */
+#define GNUTLS_ALPN_MAND 1
+int gnutls_alpn_get_selected_protocol(gnutls_session_t session,
+                                     gnutls_datum_t * protocol);
+int gnutls_alpn_set_protocols(gnutls_session_t session,
+                             const gnutls_datum_t * protocols,
+                             unsigned protocols_size, unsigned flags);
+
+int gnutls_key_generate(gnutls_datum_t * key, unsigned int key_size);
+
+/* if you just want some defaults, use the following.
+ */
+int gnutls_priority_init(gnutls_priority_t * priority_cache,
+                        const char *priorities, const char **err_pos);
+void gnutls_priority_deinit(gnutls_priority_t priority_cache);
+int gnutls_priority_get_cipher_suite_index(gnutls_priority_t pcache,
+                                          unsigned int idx,
+                                          unsigned int *sidx);
+
+int gnutls_priority_set(gnutls_session_t session,
+                       gnutls_priority_t priority);
+int gnutls_priority_set_direct(gnutls_session_t session,
+                              const char *priorities,
+                              const char **err_pos);
+
+int gnutls_priority_certificate_type_list(gnutls_priority_t pcache,
+                                         const unsigned int **list);
+int gnutls_priority_sign_list(gnutls_priority_t pcache,
+                             const unsigned int **list);
+int gnutls_priority_protocol_list(gnutls_priority_t pcache,
+                                 const unsigned int **list);
+int gnutls_priority_compression_list(gnutls_priority_t pcache,
+                                    const unsigned int **list);
+int gnutls_priority_ecc_curve_list(gnutls_priority_t pcache,
+                                  const unsigned int **list);
+
+int gnutls_priority_kx_list(gnutls_priority_t pcache,
+                           const unsigned int **list);
+int gnutls_priority_cipher_list(gnutls_priority_t pcache,
+                               const unsigned int **list);
+int gnutls_priority_mac_list(gnutls_priority_t pcache,
+                            const unsigned int **list);
+
+  /* for compatibility
+   */
+int gnutls_set_default_priority(gnutls_session_t session);
+
+/* Returns the name of a cipher suite */
+const char *gnutls_cipher_suite_get_name(gnutls_kx_algorithm_t
+                                        kx_algorithm,
+                                        gnutls_cipher_algorithm_t
+                                        cipher_algorithm,
+                                        gnutls_mac_algorithm_t
+                                        mac_algorithm);
+
+/* get the currently used protocol version */
+gnutls_protocol_t gnutls_protocol_get_version(gnutls_session_t session);
+
+const char *gnutls_protocol_get_name(gnutls_protocol_t version);
+
+
+/* get/set session 
+ */
+int gnutls_session_set_data(gnutls_session_t session,
+                           const void *session_data,
+                           size_t session_data_size);
+int gnutls_session_get_data(gnutls_session_t session, void *session_data,
+                           size_t * session_data_size);
+int gnutls_session_get_data2(gnutls_session_t session,
+                            gnutls_datum_t * data);
+void gnutls_session_get_random(gnutls_session_t session,
+                              gnutls_datum_t * client,
+                              gnutls_datum_t * server);
+char *gnutls_session_get_desc(gnutls_session_t session);
+
+int gnutls_session_set_premaster(gnutls_session_t session,
+                                unsigned int entity,
+                                gnutls_protocol_t version,
+                                gnutls_kx_algorithm_t kx,
+                                gnutls_cipher_algorithm_t cipher,
+                                gnutls_mac_algorithm_t mac,
+                                gnutls_compression_method_t comp,
+                                const gnutls_datum_t * master,
+                                const gnutls_datum_t * session_id);
+
+/* returns the session ID */
+#define GNUTLS_MAX_SESSION_ID 32
+int gnutls_session_get_id(gnutls_session_t session, void *session_id,
+                         size_t * session_id_size);
+int gnutls_session_get_id2(gnutls_session_t session,
+                          gnutls_datum_t * session_id);
+
+int gnutls_session_set_id(gnutls_session_t session,
+                         const gnutls_datum_t * sid);
+
+int gnutls_session_channel_binding(gnutls_session_t session,
+                                  gnutls_channel_binding_t cbtype,
+                                  gnutls_datum_t * cb);
+
+/* checks if this session is a resumed one 
+ */
+int gnutls_session_is_resumed(gnutls_session_t session);
+int gnutls_session_resumption_requested(gnutls_session_t session);
+
+typedef int (*gnutls_db_store_func) (void *, gnutls_datum_t key,
+                                    gnutls_datum_t data);
+typedef int (*gnutls_db_remove_func) (void *, gnutls_datum_t key);
+typedef gnutls_datum_t(*gnutls_db_retr_func) (void *, gnutls_datum_t key);
+
+void gnutls_db_set_cache_expiration(gnutls_session_t session, int seconds);
+unsigned gnutls_db_get_default_cache_expiration(void);
+
+void gnutls_db_remove_session(gnutls_session_t session);
+void gnutls_db_set_retrieve_function(gnutls_session_t session,
+                                    gnutls_db_retr_func retr_func);
+void gnutls_db_set_remove_function(gnutls_session_t session,
+                                  gnutls_db_remove_func rem_func);
+void gnutls_db_set_store_function(gnutls_session_t session,
+                                 gnutls_db_store_func store_func);
+void gnutls_db_set_ptr(gnutls_session_t session, void *ptr);
+void *gnutls_db_get_ptr(gnutls_session_t session);
+int gnutls_db_check_entry(gnutls_session_t session,
+                         gnutls_datum_t session_entry);
+time_t gnutls_db_check_entry_time(gnutls_datum_t * entry);
+
+  /**
+   * gnutls_handshake_hook_func:
+   * @session: the current session
+   * @htype: the type of the handshake message (%gnutls_handshake_description_t)
+   * @post: non zero if this is a post-process/generation call and zero otherwise
+   * @incoming: non zero if this is an incoming message and zero if this is an outgoing message
+   *
+   * Function prototype for handshake hooks. It is set using
+   * gnutls_handshake_set_hook_function().
+   *
+   * Returns: Non zero on error.
+   */
+#define GNUTLS_HOOK_POST (1)
+#define GNUTLS_HOOK_PRE (0)
+#define GNUTLS_HOOK_BOTH (-1)
+
+typedef int (*gnutls_handshake_hook_func) (gnutls_session_t,
+                                          unsigned int htype,
+                                          unsigned post,
+                                          unsigned int incoming);
+void gnutls_handshake_set_hook_function(gnutls_session_t session,
+                                       unsigned int htype, int post,
+                                       gnutls_handshake_hook_func func);
+
+typedef int (*gnutls_handshake_post_client_hello_func) (gnutls_session_t);
+void
+gnutls_handshake_set_post_client_hello_function(gnutls_session_t session,
+                                               gnutls_handshake_post_client_hello_func
+                                               func);
+
+void gnutls_handshake_set_max_packet_length(gnutls_session_t session,
+                                           size_t max);
+
+/* returns libgnutls version (call it with a NULL argument)
+ */
+const char *gnutls_check_version(const char *req_version);
+
+/* Functions for setting/clearing credentials
+ */
+void gnutls_credentials_clear(gnutls_session_t session);
+
+/* cred is a structure defined by the kx algorithm
+ */
+int gnutls_credentials_set(gnutls_session_t session,
+                          gnutls_credentials_type_t type, void *cred);
+#define gnutls_cred_set        gnutls_credentials_set
+
+/* x.509 types */
+
+struct gnutls_pubkey_st;
+typedef struct gnutls_pubkey_st *gnutls_pubkey_t;
+
+struct gnutls_privkey_st;
+typedef struct gnutls_privkey_st *gnutls_privkey_t;
+
+struct gnutls_x509_privkey_int;
+typedef struct gnutls_x509_privkey_int *gnutls_x509_privkey_t;
+
+struct gnutls_x509_crl_int;
+typedef struct gnutls_x509_crl_int *gnutls_x509_crl_t;
+
+struct gnutls_x509_crt_int;
+typedef struct gnutls_x509_crt_int *gnutls_x509_crt_t;
+
+struct gnutls_x509_crq_int;
+typedef struct gnutls_x509_crq_int *gnutls_x509_crq_t;
+
+struct gnutls_openpgp_keyring_int;
+typedef struct gnutls_openpgp_keyring_int *gnutls_openpgp_keyring_t;
+
+
+/* Credential structures - used in gnutls_credentials_set(); */
+
+struct gnutls_certificate_credentials_st;
+typedef struct gnutls_certificate_credentials_st
+*gnutls_certificate_credentials_t;
+typedef gnutls_certificate_credentials_t
+    gnutls_certificate_server_credentials;
+typedef gnutls_certificate_credentials_t
+    gnutls_certificate_client_credentials;
+
+typedef struct gnutls_anon_server_credentials_st
+*gnutls_anon_server_credentials_t;
+typedef struct gnutls_anon_client_credentials_st
+*gnutls_anon_client_credentials_t;
+
+void gnutls_anon_free_server_credentials(gnutls_anon_server_credentials_t
+                                        sc);
+int
+gnutls_anon_allocate_server_credentials(gnutls_anon_server_credentials_t
+                                       * sc);
+
+void gnutls_anon_set_server_dh_params(gnutls_anon_server_credentials_t res,
+                                     gnutls_dh_params_t dh_params);
+
+void
+gnutls_anon_set_server_params_function(gnutls_anon_server_credentials_t
+                                      res, gnutls_params_function * func);
+
+void
+gnutls_anon_free_client_credentials(gnutls_anon_client_credentials_t sc);
+int
+gnutls_anon_allocate_client_credentials(gnutls_anon_client_credentials_t
+                                       * sc);
+
+/* CERTFILE is an x509 certificate in PEM form.
+ * KEYFILE is a pkcs-1 private key in PEM form (for RSA keys).
+ */
+void
+gnutls_certificate_free_credentials(gnutls_certificate_credentials_t sc);
+int
+gnutls_certificate_allocate_credentials(gnutls_certificate_credentials_t
+                                       * res);
+
+int
+gnutls_certificate_get_issuer(gnutls_certificate_credentials_t sc,
+                             gnutls_x509_crt_t cert,
+                             gnutls_x509_crt_t * issuer,
+                             unsigned int flags);
+
+int gnutls_certificate_get_crt_raw(gnutls_certificate_credentials_t sc,
+                                  unsigned idx1, unsigned idx2,
+                                  gnutls_datum_t * cert);
+
+void gnutls_certificate_free_keys(gnutls_certificate_credentials_t sc);
+void gnutls_certificate_free_cas(gnutls_certificate_credentials_t sc);
+void gnutls_certificate_free_ca_names(gnutls_certificate_credentials_t sc);
+void gnutls_certificate_free_crls(gnutls_certificate_credentials_t sc);
+
+void gnutls_certificate_set_dh_params(gnutls_certificate_credentials_t res,
+                                     gnutls_dh_params_t dh_params);
+void gnutls_certificate_set_verify_flags(gnutls_certificate_credentials_t
+                                        res, unsigned int flags);
+void gnutls_certificate_set_verify_limits(gnutls_certificate_credentials_t
+                                         res, unsigned int max_bits,
+                                         unsigned int max_depth);
+
+int
+gnutls_certificate_set_x509_system_trust(gnutls_certificate_credentials_t
+                                        cred);
+
+int
+gnutls_certificate_set_x509_trust_file(gnutls_certificate_credentials_t
+                                      cred, const char *cafile,
+                                      gnutls_x509_crt_fmt_t type);
+int gnutls_certificate_set_x509_trust_mem(gnutls_certificate_credentials_t
+                                         res, const gnutls_datum_t * ca,
+                                         gnutls_x509_crt_fmt_t type);
+
+int
+gnutls_certificate_set_x509_crl_file(gnutls_certificate_credentials_t
+                                    res, const char *crlfile,
+                                    gnutls_x509_crt_fmt_t type);
+int gnutls_certificate_set_x509_crl_mem(gnutls_certificate_credentials_t
+                                       res, const gnutls_datum_t * CRL,
+                                       gnutls_x509_crt_fmt_t type);
+
+int
+gnutls_certificate_set_x509_key_file(gnutls_certificate_credentials_t
+                                    res, const char *certfile,
+                                    const char *keyfile,
+                                    gnutls_x509_crt_fmt_t type);
+
+int
+gnutls_certificate_set_x509_key_file2(gnutls_certificate_credentials_t
+                                     res, const char *certfile,
+                                     const char *keyfile,
+                                     gnutls_x509_crt_fmt_t type,
+                                     const char *pass,
+                                     unsigned int flags);
+
+int gnutls_certificate_set_x509_key_mem(gnutls_certificate_credentials_t
+                                       res, const gnutls_datum_t * cert,
+                                       const gnutls_datum_t * key,
+                                       gnutls_x509_crt_fmt_t type);
+
+int gnutls_certificate_set_x509_key_mem2(gnutls_certificate_credentials_t
+                                        res, const gnutls_datum_t * cert,
+                                        const gnutls_datum_t * key,
+                                        gnutls_x509_crt_fmt_t type,
+                                        const char *pass,
+                                        unsigned int flags);
+
+void gnutls_certificate_send_x509_rdn_sequence(gnutls_session_t session,
+                                              int status);
+
+int
+gnutls_certificate_set_x509_simple_pkcs12_file
+(gnutls_certificate_credentials_t res, const char *pkcs12file,
+ gnutls_x509_crt_fmt_t type, const char *password);
+int
+gnutls_certificate_set_x509_simple_pkcs12_mem
+(gnutls_certificate_credentials_t res, const gnutls_datum_t * p12blob,
+ gnutls_x509_crt_fmt_t type, const char *password);
+
+/* New functions to allow setting already parsed X.509 stuff.
+ */
+
+int gnutls_certificate_set_x509_key(gnutls_certificate_credentials_t res,
+                                   gnutls_x509_crt_t * cert_list,
+                                   int cert_list_size,
+                                   gnutls_x509_privkey_t key);
+int gnutls_certificate_set_x509_trust(gnutls_certificate_credentials_t res,
+                                     gnutls_x509_crt_t * ca_list,
+                                     int ca_list_size);
+int gnutls_certificate_set_x509_crl(gnutls_certificate_credentials_t res,
+                                   gnutls_x509_crl_t * crl_list,
+                                   int crl_list_size);
+
+  /* OCSP status request extension, RFC 6066 */
+typedef int (*gnutls_status_request_ocsp_func)
+ (gnutls_session_t session, void *ptr, gnutls_datum_t * ocsp_response);
+
+void
+gnutls_certificate_set_ocsp_status_request_function
+(gnutls_certificate_credentials_t res,
+gnutls_status_request_ocsp_func ocsp_func, void *ptr);
+
+int
+gnutls_certificate_set_ocsp_status_request_file
+(gnutls_certificate_credentials_t res, const char *response_file,
+ unsigned int flags);
+
+int gnutls_ocsp_status_request_enable_client(gnutls_session_t session,
+                                            gnutls_datum_t * responder_id,
+                                            size_t responder_id_size,
+                                            gnutls_datum_t *
+                                            request_extensions);
+
+int gnutls_ocsp_status_request_get(gnutls_session_t session,
+                                  gnutls_datum_t * response);
+
+int gnutls_ocsp_status_request_is_checked(gnutls_session_t session,
+                                         unsigned int flags);
+
+/* global state functions
+ */
+int gnutls_global_init(void);
+void gnutls_global_deinit(void);
+
+  /**
+   * gnutls_time_func:
+   * @t: where to store time.
+   *
+   * Function prototype for time()-like function.  Set with
+   * gnutls_global_set_time_function().
+   *
+   * Returns: Number of seconds since the epoch, or (time_t)-1 on errors.
+   */
+typedef time_t(*gnutls_time_func) (time_t * t);
+
+typedef int (*mutex_init_func) (void **mutex);
+typedef int (*mutex_lock_func) (void **mutex);
+typedef int (*mutex_unlock_func) (void **mutex);
+typedef int (*mutex_deinit_func) (void **mutex);
+
+void gnutls_global_set_mutex(mutex_init_func init,
+                            mutex_deinit_func deinit,
+                            mutex_lock_func lock,
+                            mutex_unlock_func unlock);
+
+typedef void *(*gnutls_alloc_function) (size_t);
+typedef void *(*gnutls_calloc_function) (size_t, size_t);
+typedef int (*gnutls_is_secure_function) (const void *);
+typedef void (*gnutls_free_function) (void *);
+typedef void *(*gnutls_realloc_function) (void *, size_t);
+
+void
+gnutls_global_set_mem_functions(gnutls_alloc_function alloc_func,
+                               gnutls_alloc_function secure_alloc_func,
+                               gnutls_is_secure_function is_secure_func,
+                               gnutls_realloc_function realloc_func,
+                               gnutls_free_function free_func);
+
+void gnutls_global_set_time_function(gnutls_time_func time_func);
+
+/* For use in callbacks */
+extern gnutls_alloc_function gnutls_malloc;
+extern gnutls_alloc_function gnutls_secure_malloc;
+extern gnutls_realloc_function gnutls_realloc;
+extern gnutls_calloc_function gnutls_calloc;
+extern gnutls_free_function gnutls_free;
+
+extern char *(*gnutls_strdup) (const char *);
+
+typedef void (*gnutls_log_func) (int, const char *);
+typedef void (*gnutls_audit_log_func) (gnutls_session_t, const char *);
+void gnutls_global_set_log_function(gnutls_log_func log_func);
+void gnutls_global_set_audit_log_function(gnutls_audit_log_func log_func);
+void gnutls_global_set_log_level(int level);
+
+/* Diffie-Hellman parameter handling.
+ */
+int gnutls_dh_params_init(gnutls_dh_params_t * dh_params);
+void gnutls_dh_params_deinit(gnutls_dh_params_t dh_params);
+int gnutls_dh_params_import_raw(gnutls_dh_params_t dh_params,
+                               const gnutls_datum_t * prime,
+                               const gnutls_datum_t * generator);
+int gnutls_dh_params_import_pkcs3(gnutls_dh_params_t params,
+                                 const gnutls_datum_t * pkcs3_params,
+                                 gnutls_x509_crt_fmt_t format);
+int gnutls_dh_params_generate2(gnutls_dh_params_t params,
+                              unsigned int bits);
+int gnutls_dh_params_export_pkcs3(gnutls_dh_params_t params,
+                                 gnutls_x509_crt_fmt_t format,
+                                 unsigned char *params_data,
+                                 size_t * params_data_size);
+int gnutls_dh_params_export2_pkcs3(gnutls_dh_params_t params,
+                                  gnutls_x509_crt_fmt_t format,
+                                  gnutls_datum_t * out);
+int gnutls_dh_params_export_raw(gnutls_dh_params_t params,
+                               gnutls_datum_t * prime,
+                               gnutls_datum_t * generator,
+                               unsigned int *bits);
+int gnutls_dh_params_cpy(gnutls_dh_params_t dst, gnutls_dh_params_t src);
+
+
+
+/* Session stuff
+ */
+typedef struct {
+       void *iov_base;         /* Starting address */
+       size_t iov_len;         /* Number of bytes to transfer */
+} giovec_t;
+
+typedef ssize_t(*gnutls_pull_func) (gnutls_transport_ptr_t, void *,
+                                   size_t);
+typedef ssize_t(*gnutls_push_func) (gnutls_transport_ptr_t, const void *,
+                                   size_t);
+
+typedef int (*gnutls_pull_timeout_func) (gnutls_transport_ptr_t,
+                                        unsigned int ms);
+
+typedef ssize_t(*gnutls_vec_push_func) (gnutls_transport_ptr_t,
+                                       const giovec_t * iov, int iovcnt);
+
+typedef int (*gnutls_errno_func) (gnutls_transport_ptr_t);
+
+#if 0
+ /* This will be defined as macro. */
+  void gnutls_transport_set_int (gnutls_session_t session, int r);
+#endif
+
+void gnutls_transport_set_int2(gnutls_session_t session, int r, int s);
+#define gnutls_transport_set_int(s, i) gnutls_transport_set_int2(s, i, i)
+
+void gnutls_transport_get_int2(gnutls_session_t session, int *r, int *s);
+int gnutls_transport_get_int(gnutls_session_t session);
+
+void gnutls_transport_set_ptr(gnutls_session_t session,
+                             gnutls_transport_ptr_t ptr);
+void gnutls_transport_set_ptr2(gnutls_session_t session,
+                              gnutls_transport_ptr_t recv_ptr,
+                              gnutls_transport_ptr_t send_ptr);
+
+gnutls_transport_ptr_t gnutls_transport_get_ptr(gnutls_session_t session);
+void gnutls_transport_get_ptr2(gnutls_session_t session,
+                              gnutls_transport_ptr_t * recv_ptr,
+                              gnutls_transport_ptr_t * send_ptr);
+
+void gnutls_transport_set_vec_push_function(gnutls_session_t session,
+                                           gnutls_vec_push_func vec_func);
+void gnutls_transport_set_push_function(gnutls_session_t session,
+                                       gnutls_push_func push_func);
+void gnutls_transport_set_pull_function(gnutls_session_t session,
+                                       gnutls_pull_func pull_func);
+
+void gnutls_transport_set_pull_timeout_function(gnutls_session_t session,
+                                               gnutls_pull_timeout_func
+                                               func);
+
+void gnutls_transport_set_errno_function(gnutls_session_t session,
+                                        gnutls_errno_func errno_func);
+
+void gnutls_transport_set_errno(gnutls_session_t session, int err);
+
+/* session specific 
+ */
+void gnutls_session_set_ptr(gnutls_session_t session, void *ptr);
+void *gnutls_session_get_ptr(gnutls_session_t session);
+
+void gnutls_openpgp_send_cert(gnutls_session_t session,
+                             gnutls_openpgp_crt_status_t status);
+
+/* This function returns the hash of the given data.
+ */
+int gnutls_fingerprint(gnutls_digest_algorithm_t algo,
+                      const gnutls_datum_t * data, void *result,
+                      size_t * result_size);
+
+  /**
+   * gnutls_random_art_t:
+   * @GNUTLS_RANDOM_ART_OPENSSH: OpenSSH-style random art.
+   *
+   * Enumeration of different random art types.
+   */
+typedef enum gnutls_random_art {
+       GNUTLS_RANDOM_ART_OPENSSH = 1,
+} gnutls_random_art_t;
+
+int gnutls_random_art(gnutls_random_art_t type,
+                     const char *key_type, unsigned int key_size,
+                     void *fpr, size_t fpr_size, gnutls_datum_t * art);
+
+/* SRP 
+ */
+
+typedef struct gnutls_srp_server_credentials_st
+*gnutls_srp_server_credentials_t;
+typedef struct gnutls_srp_client_credentials_st
+*gnutls_srp_client_credentials_t;
+
+void
+gnutls_srp_free_client_credentials(gnutls_srp_client_credentials_t sc);
+int
+gnutls_srp_allocate_client_credentials(gnutls_srp_client_credentials_t *
+                                      sc);
+int gnutls_srp_set_client_credentials(gnutls_srp_client_credentials_t res,
+                                     const char *username,
+                                     const char *password);
+
+void
+gnutls_srp_free_server_credentials(gnutls_srp_server_credentials_t sc);
+int
+gnutls_srp_allocate_server_credentials(gnutls_srp_server_credentials_t *
+                                      sc);
+int gnutls_srp_set_server_credentials_file(gnutls_srp_server_credentials_t
+                                          res, const char *password_file,
+                                          const char *password_conf_file);
+
+const char *gnutls_srp_server_get_username(gnutls_session_t session);
+
+void gnutls_srp_set_prime_bits(gnutls_session_t session,
+                               unsigned int bits);
+
+int gnutls_srp_verifier(const char *username,
+                       const char *password,
+                       const gnutls_datum_t * salt,
+                       const gnutls_datum_t * generator,
+                       const gnutls_datum_t * prime,
+                       gnutls_datum_t * res);
+
+/* The static parameters defined in draft-ietf-tls-srp-05
+ * Those should be used as input to gnutls_srp_verifier().
+ */
+extern const gnutls_datum_t gnutls_srp_4096_group_prime;
+extern const gnutls_datum_t gnutls_srp_4096_group_generator;
+
+extern const gnutls_datum_t gnutls_srp_3072_group_prime;
+extern const gnutls_datum_t gnutls_srp_3072_group_generator;
+
+extern const gnutls_datum_t gnutls_srp_2048_group_prime;
+extern const gnutls_datum_t gnutls_srp_2048_group_generator;
+
+extern const gnutls_datum_t gnutls_srp_1536_group_prime;
+extern const gnutls_datum_t gnutls_srp_1536_group_generator;
+
+extern const gnutls_datum_t gnutls_srp_1024_group_prime;
+extern const gnutls_datum_t gnutls_srp_1024_group_generator;
+
+typedef int gnutls_srp_server_credentials_function(gnutls_session_t,
+                                                  const char *username,
+                                                  gnutls_datum_t * salt,
+                                                  gnutls_datum_t *
+                                                  verifier,
+                                                  gnutls_datum_t *
+                                                  generator,
+                                                  gnutls_datum_t * prime);
+void
+gnutls_srp_set_server_credentials_function(gnutls_srp_server_credentials_t
+                                          cred,
+                                          gnutls_srp_server_credentials_function
+                                          * func);
+
+typedef int gnutls_srp_client_credentials_function(gnutls_session_t,
+                                                  char **, char **);
+void
+gnutls_srp_set_client_credentials_function(gnutls_srp_client_credentials_t
+                                          cred,
+                                          gnutls_srp_client_credentials_function
+                                          * func);
+
+int gnutls_srp_base64_encode(const gnutls_datum_t * data, char *result,
+                            size_t * result_size);
+int gnutls_srp_base64_encode_alloc(const gnutls_datum_t * data,
+                                  gnutls_datum_t * result);
+
+int gnutls_srp_base64_decode(const gnutls_datum_t * b64_data, char *result,
+                            size_t * result_size);
+int gnutls_srp_base64_decode_alloc(const gnutls_datum_t * b64_data,
+                                  gnutls_datum_t * result);
+
+/* PSK stuff */
+typedef struct gnutls_psk_server_credentials_st
+*gnutls_psk_server_credentials_t;
+typedef struct gnutls_psk_client_credentials_st
+*gnutls_psk_client_credentials_t;
+
+/**
+ * gnutls_psk_key_flags:
+ * @GNUTLS_PSK_KEY_RAW: PSK-key in raw format.
+ * @GNUTLS_PSK_KEY_HEX: PSK-key in hex format.
+ *
+ * Enumeration of different PSK key flags.
+ */
+typedef enum gnutls_psk_key_flags {
+       GNUTLS_PSK_KEY_RAW = 0,
+       GNUTLS_PSK_KEY_HEX
+} gnutls_psk_key_flags;
+
+void
+gnutls_psk_free_client_credentials(gnutls_psk_client_credentials_t sc);
+int
+gnutls_psk_allocate_client_credentials(gnutls_psk_client_credentials_t *
+                                      sc);
+int gnutls_psk_set_client_credentials(gnutls_psk_client_credentials_t res,
+                                     const char *username,
+                                     const gnutls_datum_t * key,
+                                     gnutls_psk_key_flags flags);
+
+void
+gnutls_psk_free_server_credentials(gnutls_psk_server_credentials_t sc);
+int
+gnutls_psk_allocate_server_credentials(gnutls_psk_server_credentials_t *
+                                      sc);
+int gnutls_psk_set_server_credentials_file(gnutls_psk_server_credentials_t
+                                          res, const char *password_file);
+
+int
+gnutls_psk_set_server_credentials_hint(gnutls_psk_server_credentials_t
+                                      res, const char *hint);
+
+const char *gnutls_psk_server_get_username(gnutls_session_t session);
+const char *gnutls_psk_client_get_hint(gnutls_session_t session);
+
+typedef int gnutls_psk_server_credentials_function(gnutls_session_t,
+                                                  const char *username,
+                                                  gnutls_datum_t * key);
+void
+gnutls_psk_set_server_credentials_function(gnutls_psk_server_credentials_t
+                                          cred,
+                                          gnutls_psk_server_credentials_function
+                                          * func);
+
+typedef int gnutls_psk_client_credentials_function(gnutls_session_t,
+                                                  char **username,
+                                                  gnutls_datum_t * key);
+void
+gnutls_psk_set_client_credentials_function(gnutls_psk_client_credentials_t
+                                          cred,
+                                          gnutls_psk_client_credentials_function
+                                          * func);
+
+int gnutls_hex_encode(const gnutls_datum_t * data, char *result,
+                     size_t * result_size);
+int gnutls_hex_decode(const gnutls_datum_t * hex_data, void *result,
+                     size_t * result_size);
+
+void
+gnutls_psk_set_server_dh_params(gnutls_psk_server_credentials_t res,
+                               gnutls_dh_params_t dh_params);
+
+void
+gnutls_psk_set_server_params_function(gnutls_psk_server_credentials_t
+                                     res, gnutls_params_function * func);
+
+/**
+ * gnutls_x509_subject_alt_name_t:
+ * @GNUTLS_SAN_DNSNAME: DNS-name SAN.
+ * @GNUTLS_SAN_RFC822NAME: E-mail address SAN.
+ * @GNUTLS_SAN_URI: URI SAN.
+ * @GNUTLS_SAN_IPADDRESS: IP address SAN.
+ * @GNUTLS_SAN_OTHERNAME: OtherName SAN.
+ * @GNUTLS_SAN_DN: DN SAN.
+ * @GNUTLS_SAN_OTHERNAME_XMPP: Virtual SAN, used by
+ *   gnutls_x509_crt_get_subject_alt_othername_oid.
+ *
+ * Enumeration of different subject alternative names types.
+ */
+typedef enum gnutls_x509_subject_alt_name_t {
+       GNUTLS_SAN_DNSNAME = 1,
+       GNUTLS_SAN_RFC822NAME = 2,
+       GNUTLS_SAN_URI = 3,
+       GNUTLS_SAN_IPADDRESS = 4,
+       GNUTLS_SAN_OTHERNAME = 5,
+       GNUTLS_SAN_DN = 6,
+       /* The following are "virtual" subject alternative name types, in
+          that they are represented by an otherName value and an OID.
+          Used by gnutls_x509_crt_get_subject_alt_othername_oid.  */
+       GNUTLS_SAN_OTHERNAME_XMPP = 1000
+} gnutls_x509_subject_alt_name_t;
+
+struct gnutls_openpgp_crt_int;
+typedef struct gnutls_openpgp_crt_int *gnutls_openpgp_crt_t;
+
+struct gnutls_openpgp_privkey_int;
+typedef struct gnutls_openpgp_privkey_int *gnutls_openpgp_privkey_t;
+
+struct gnutls_pkcs11_privkey_st;
+typedef struct gnutls_pkcs11_privkey_st *gnutls_pkcs11_privkey_t;
+
+/**
+ * gnutls_privkey_type_t:
+ * @GNUTLS_PRIVKEY_X509: X.509 private key, #gnutls_x509_privkey_t.
+ * @GNUTLS_PRIVKEY_OPENPGP: OpenPGP private key, #gnutls_openpgp_privkey_t.
+ * @GNUTLS_PRIVKEY_PKCS11: PKCS11 private key, #gnutls_pkcs11_privkey_t.
+ * @GNUTLS_PRIVKEY_EXT: External private key, operating using callbacks.
+ *
+ * Enumeration of different private key types.
+ */
+typedef enum {
+       GNUTLS_PRIVKEY_X509,
+       GNUTLS_PRIVKEY_OPENPGP,
+       GNUTLS_PRIVKEY_PKCS11,
+       GNUTLS_PRIVKEY_EXT
+} gnutls_privkey_type_t;
+
+typedef struct gnutls_retr2_st {
+       gnutls_certificate_type_t cert_type;
+       gnutls_privkey_type_t key_type;
+
+       union {
+               gnutls_x509_crt_t *x509;
+               gnutls_openpgp_crt_t pgp;
+       } cert;
+       unsigned int ncerts;    /* one for pgp keys */
+
+       union {
+               gnutls_x509_privkey_t x509;
+               gnutls_openpgp_privkey_t pgp;
+               gnutls_pkcs11_privkey_t pkcs11;
+       } key;
+
+       unsigned int deinit_all;        /* if non zero all keys will be deinited */
+} gnutls_retr2_st;
+
+
+  /* Functions that allow auth_info_t structures handling
+   */
+
+gnutls_credentials_type_t gnutls_auth_get_type(gnutls_session_t session);
+gnutls_credentials_type_t
+gnutls_auth_server_get_type(gnutls_session_t session);
+gnutls_credentials_type_t
+gnutls_auth_client_get_type(gnutls_session_t session);
+
+  /* DH */
+
+void gnutls_dh_set_prime_bits(gnutls_session_t session, unsigned int bits);
+int gnutls_dh_get_secret_bits(gnutls_session_t session);
+int gnutls_dh_get_peers_public_bits(gnutls_session_t session);
+int gnutls_dh_get_prime_bits(gnutls_session_t session);
+
+int gnutls_dh_get_group(gnutls_session_t session, gnutls_datum_t * raw_gen,
+                       gnutls_datum_t * raw_prime);
+int gnutls_dh_get_pubkey(gnutls_session_t session,
+                        gnutls_datum_t * raw_key);
+
+  /* X509PKI */
+
+
+  /* These are set on the credentials structure.
+   */
+
+  /* use gnutls_certificate_set_retrieve_function2() in abstract.h
+   * instead. It's much more efficient.
+   */
+
+typedef int gnutls_certificate_retrieve_function(gnutls_session_t,
+                                                const
+                                                gnutls_datum_t *
+                                                req_ca_rdn,
+                                                int nreqs,
+                                                const
+                                                gnutls_pk_algorithm_t
+                                                * pk_algos,
+                                                int
+                                                pk_algos_length,
+                                                gnutls_retr2_st *);
+
+
+void
+gnutls_certificate_set_retrieve_function(gnutls_certificate_credentials_t
+                                        cred,
+                                        gnutls_certificate_retrieve_function
+                                        * func);
+
+typedef int gnutls_certificate_verify_function(gnutls_session_t);
+void
+gnutls_certificate_set_verify_function(gnutls_certificate_credentials_t
+                                      cred,
+                                      gnutls_certificate_verify_function
+                                      * func);
+
+void
+gnutls_certificate_server_set_request(gnutls_session_t session,
+                                     gnutls_certificate_request_t req);
+
+  /* get data from the session
+   */
+const gnutls_datum_t *gnutls_certificate_get_peers(gnutls_session_t
+                                                  session, unsigned int
+                                                  *list_size);
+const gnutls_datum_t *gnutls_certificate_get_ours(gnutls_session_t
+                                                 session);
+
+int gnutls_certificate_get_peers_subkey_id(gnutls_session_t session,
+                                          gnutls_datum_t * id);
+
+time_t gnutls_certificate_activation_time_peers(gnutls_session_t session);
+time_t gnutls_certificate_expiration_time_peers(gnutls_session_t session);
+
+int gnutls_certificate_client_get_request_status(gnutls_session_t session);
+int gnutls_certificate_verify_peers2(gnutls_session_t session,
+                                    unsigned int *status);
+int gnutls_certificate_verify_peers3(gnutls_session_t session,
+                                    const char *hostname,
+                                    unsigned int *status);
+
+int gnutls_certificate_verification_status_print(unsigned int status,
+                                                gnutls_certificate_type_t
+                                                type,
+                                                gnutls_datum_t * out,
+                                                unsigned int flags);
+
+int gnutls_pem_base64_encode(const char *msg, const gnutls_datum_t * data,
+                            char *result, size_t * result_size);
+int gnutls_pem_base64_decode(const char *header,
+                            const gnutls_datum_t * b64_data,
+                            unsigned char *result, size_t * result_size);
+
+int gnutls_pem_base64_encode_alloc(const char *msg,
+                                  const gnutls_datum_t * data,
+                                  gnutls_datum_t * result);
+int gnutls_pem_base64_decode_alloc(const char *header,
+                                  const gnutls_datum_t * b64_data,
+                                  gnutls_datum_t * result);
+
+  /* key_usage will be an OR of the following values:
+   */
+
+  /* when the key is to be used for signing: */
+#define GNUTLS_KEY_DIGITAL_SIGNATURE   128
+#define GNUTLS_KEY_NON_REPUDIATION     64
+  /* when the key is to be used for encryption: */
+#define GNUTLS_KEY_KEY_ENCIPHERMENT    32
+#define GNUTLS_KEY_DATA_ENCIPHERMENT   16
+#define GNUTLS_KEY_KEY_AGREEMENT       8
+#define GNUTLS_KEY_KEY_CERT_SIGN       4
+#define GNUTLS_KEY_CRL_SIGN            2
+#define GNUTLS_KEY_ENCIPHER_ONLY       1
+#define GNUTLS_KEY_DECIPHER_ONLY       32768
+
+void
+gnutls_certificate_set_params_function(gnutls_certificate_credentials_t
+                                      res, gnutls_params_function * func);
+void gnutls_anon_set_params_function(gnutls_anon_server_credentials_t res,
+                                    gnutls_params_function * func);
+void gnutls_psk_set_params_function(gnutls_psk_server_credentials_t res,
+                                   gnutls_params_function * func);
+
+int gnutls_hex2bin(const char *hex_data, size_t hex_size,
+                  void *bin_data, size_t * bin_size);
+
+  /* Trust on first use (or ssh like) functions */
+
+  /* stores the provided information to a database
+   */
+typedef int (*gnutls_tdb_store_func) (const char *db_name,
+                                     const char *host,
+                                     const char *service,
+                                     time_t expiration,
+                                     const gnutls_datum_t * pubkey);
+
+typedef int (*gnutls_tdb_store_commitment_func) (const char *db_name,
+                                                const char *host,
+                                                const char *service,
+                                                time_t expiration,
+                                                gnutls_digest_algorithm_t
+                                                hash_algo,
+                                                const gnutls_datum_t *
+                                                hash);
+
+  /* searches for the provided host/service pair that match the
+   * provided public key in the database. */
+typedef int (*gnutls_tdb_verify_func) (const char *db_name,
+                                      const char *host,
+                                      const char *service,
+                                      const gnutls_datum_t * pubkey);
+
+
+struct gnutls_tdb_int;
+typedef struct gnutls_tdb_int *gnutls_tdb_t;
+
+int gnutls_tdb_init(gnutls_tdb_t * tdb);
+void gnutls_tdb_set_store_func(gnutls_tdb_t tdb,
+                              gnutls_tdb_store_func store);
+void gnutls_tdb_set_store_commitment_func(gnutls_tdb_t tdb,
+                                         gnutls_tdb_store_commitment_func
+                                         cstore);
+void gnutls_tdb_set_verify_func(gnutls_tdb_t tdb,
+                               gnutls_tdb_verify_func verify);
+void gnutls_tdb_deinit(gnutls_tdb_t tdb);
+
+int gnutls_verify_stored_pubkey(const char *db_name,
+                               gnutls_tdb_t tdb,
+                               const char *host,
+                               const char *service,
+                               gnutls_certificate_type_t cert_type,
+                               const gnutls_datum_t * cert,
+                               unsigned int flags);
+
+int gnutls_store_commitment(const char *db_name,
+                           gnutls_tdb_t tdb,
+                           const char *host,
+                           const char *service,
+                           gnutls_digest_algorithm_t hash_algo,
+                           const gnutls_datum_t * hash,
+                           time_t expiration, unsigned int flags);
+
+int gnutls_store_pubkey(const char *db_name,
+                       gnutls_tdb_t tdb,
+                       const char *host,
+                       const char *service,
+                       gnutls_certificate_type_t cert_type,
+                       const gnutls_datum_t * cert,
+                       time_t expiration, unsigned int flags);
+
+  /* Other helper functions */
+int gnutls_load_file(const char *filename, gnutls_datum_t * data);
+
+int gnutls_url_is_supported(const char *url);
+
+  /* PIN callback */
+
+/**
+ * gnutls_pin_flag_t:
+ * @GNUTLS_PIN_USER: The PIN for the user.
+ * @GNUTLS_PIN_SO: The PIN for the security officer (admin).
+ * @GNUTLS_PIN_CONTEXT_SPECIFIC: The PIN is for a specific action and key like signing.
+ * @GNUTLS_PIN_FINAL_TRY: This is the final try before blocking.
+ * @GNUTLS_PIN_COUNT_LOW: Few tries remain before token blocks.
+ * @GNUTLS_PIN_WRONG: Last given PIN was not correct.
+ *
+ * Enumeration of different flags that are input to the PIN function.
+ */
+typedef enum {
+       GNUTLS_PIN_USER = (1 << 0),
+       GNUTLS_PIN_SO = (1 << 1),
+       GNUTLS_PIN_FINAL_TRY = (1 << 2),
+       GNUTLS_PIN_COUNT_LOW = (1 << 3),
+       GNUTLS_PIN_CONTEXT_SPECIFIC = (1 << 4),
+       GNUTLS_PIN_WRONG = (1 << 5),
+} gnutls_pin_flag_t;
+
+#define GNUTLS_PKCS11_PIN_USER GNUTLS_PIN_USER
+#define GNUTLS_PKCS11_PIN_SO GNUTLS_PIN_SO
+#define GNUTLS_PKCS11_PIN_FINAL_TRY GNUTLS_PIN_FINAL_TRY
+#define GNUTLS_PKCS11_PIN_COUNT_LOW  GNUTLS_PIN_COUNT_LOW
+#define GNUTLS_PKCS11_PIN_CONTEXT_SPECIFIC GNUTLS_PIN_CONTEXT_SPECIFIC
+#define GNUTLS_PKCS11_PIN_WRONG GNUTLS_PIN_WRONG
+
+/**
+ * gnutls_pin_callback_t:
+ * @userdata: user-controlled data from gnutls_pkcs11_set_pin_function().
+ * @attempt: pin-attempt counter, initially 0.
+ * @token_url: URL of token.
+ * @token_label: label of token.
+ * @flags: a #gnutls_pin_flag_t flag.
+ * @pin: buffer to hold PIN, of size @pin_max.
+ * @pin_max: size of @pin buffer.
+ *
+ * Callback function type for PKCS#11 or TPM PIN entry.  It is set by
+ * functions like gnutls_pkcs11_set_pin_function().
+ *
+ * The callback should provides the PIN code to unlock the token with
+ * label @token_label, specified by the URL @token_url.
+ *
+ * The PIN code, as a NUL-terminated ASCII string, should be copied
+ * into the @pin buffer (of maximum size @pin_max), and return 0 to
+ * indicate success.  Alternatively, the callback may return a
+ * negative gnutls error code to indicate failure and cancel PIN entry
+ * (in which case, the contents of the @pin parameter are ignored).
+ *
+ * When a PIN is required, the callback will be invoked repeatedly
+ * (and indefinitely) until either the returned PIN code is correct,
+ * the callback returns failure, or the token refuses login (e.g. when
+ * the token is locked due to too many incorrect PINs!).  For the
+ * first such invocation, the @attempt counter will have value zero;
+ * it will increase by one for each subsequent attempt.
+ *
+ * Returns: %GNUTLS_E_SUCCESS (0) on success or a negative error code on error.
+ *
+ * Since: 2.12.0
+ **/
+typedef int (*gnutls_pin_callback_t) (void *userdata, int attempt,
+                                     const char *token_url,
+                                     const char *token_label,
+                                     unsigned int flags,
+                                     char *pin, size_t pin_max);
+
+void gnutls_certificate_set_pin_function(gnutls_certificate_credentials_t,
+                                        gnutls_pin_callback_t fn,
+                                        void *userdata);
+
+  /* Gnutls error codes. The mapping to a TLS alert is also shown in
+   * comments.
+   */
+
+#define GNUTLS_E_SUCCESS 0
+#define        GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM -3
+#define        GNUTLS_E_UNKNOWN_CIPHER_TYPE -6
+#define        GNUTLS_E_LARGE_PACKET -7
+#define GNUTLS_E_UNSUPPORTED_VERSION_PACKET -8 /* GNUTLS_A_PROTOCOL_VERSION */
+#define GNUTLS_E_UNEXPECTED_PACKET_LENGTH -9   /* GNUTLS_A_RECORD_OVERFLOW */
+#define GNUTLS_E_INVALID_SESSION -10
+#define GNUTLS_E_FATAL_ALERT_RECEIVED -12
+#define GNUTLS_E_UNEXPECTED_PACKET -15 /* GNUTLS_A_UNEXPECTED_MESSAGE */
+#define GNUTLS_E_WARNING_ALERT_RECEIVED -16
+#define GNUTLS_E_ERROR_IN_FINISHED_PACKET -18
+#define GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET -19
+#define        GNUTLS_E_UNKNOWN_CIPHER_SUITE -21       /* GNUTLS_A_HANDSHAKE_FAILURE */
+#define        GNUTLS_E_UNWANTED_ALGORITHM -22
+#define        GNUTLS_E_MPI_SCAN_FAILED -23
+#define GNUTLS_E_DECRYPTION_FAILED -24 /* GNUTLS_A_DECRYPTION_FAILED, GNUTLS_A_BAD_RECORD_MAC */
+#define GNUTLS_E_MEMORY_ERROR -25
+#define GNUTLS_E_DECOMPRESSION_FAILED -26      /* GNUTLS_A_DECOMPRESSION_FAILURE */
+#define GNUTLS_E_COMPRESSION_FAILED -27
+#define GNUTLS_E_AGAIN -28
+#define GNUTLS_E_EXPIRED -29
+#define GNUTLS_E_DB_ERROR -30
+#define GNUTLS_E_SRP_PWD_ERROR -31
+#define GNUTLS_E_INSUFFICIENT_CREDENTIALS -32
+#define GNUTLS_E_INSUFICIENT_CREDENTIALS GNUTLS_E_INSUFFICIENT_CREDENTIALS     /* for backwards compatibility only */
+#define GNUTLS_E_INSUFFICIENT_CRED GNUTLS_E_INSUFFICIENT_CREDENTIALS
+#define GNUTLS_E_INSUFICIENT_CRED GNUTLS_E_INSUFFICIENT_CREDENTIALS    /* for backwards compatibility only */
+
+#define GNUTLS_E_HASH_FAILED -33
+#define GNUTLS_E_BASE64_DECODING_ERROR -34
+
+#define        GNUTLS_E_MPI_PRINT_FAILED -35
+#define GNUTLS_E_REHANDSHAKE -37       /* GNUTLS_A_NO_RENEGOTIATION */
+#define GNUTLS_E_GOT_APPLICATION_DATA -38
+#define GNUTLS_E_RECORD_LIMIT_REACHED -39
+#define GNUTLS_E_ENCRYPTION_FAILED -40
+
+#define GNUTLS_E_PK_ENCRYPTION_FAILED -44
+#define GNUTLS_E_PK_DECRYPTION_FAILED -45
+#define GNUTLS_E_PK_SIGN_FAILED -46
+#define GNUTLS_E_X509_UNSUPPORTED_CRITICAL_EXTENSION -47
+#define GNUTLS_E_KEY_USAGE_VIOLATION -48
+#define GNUTLS_E_NO_CERTIFICATE_FOUND -49      /* GNUTLS_A_BAD_CERTIFICATE */
+#define GNUTLS_E_INVALID_REQUEST -50
+#define GNUTLS_E_SHORT_MEMORY_BUFFER -51
+#define GNUTLS_E_INTERRUPTED -52
+#define GNUTLS_E_PUSH_ERROR -53
+#define GNUTLS_E_PULL_ERROR -54
+#define GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER -55        /* GNUTLS_A_ILLEGAL_PARAMETER */
+#define GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE -56
+#define GNUTLS_E_PKCS1_WRONG_PAD -57
+#define GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION -58
+#define GNUTLS_E_INTERNAL_ERROR -59
+#define GNUTLS_E_DH_PRIME_UNACCEPTABLE -63
+#define GNUTLS_E_FILE_ERROR -64
+#define GNUTLS_E_TOO_MANY_EMPTY_PACKETS -78
+#define GNUTLS_E_UNKNOWN_PK_ALGORITHM -80
+#define GNUTLS_E_TOO_MANY_HANDSHAKE_PACKETS -81
+
+  /* returned if you need to generate temporary RSA
+   * parameters. These are needed for export cipher suites.
+   */
+#define GNUTLS_E_NO_TEMPORARY_RSA_PARAMS -84
+
+#define GNUTLS_E_NO_COMPRESSION_ALGORITHMS -86
+#define GNUTLS_E_NO_CIPHER_SUITES -87
+
+#define GNUTLS_E_OPENPGP_GETKEY_FAILED -88
+#define GNUTLS_E_PK_SIG_VERIFY_FAILED -89
+
+#define GNUTLS_E_ILLEGAL_SRP_USERNAME -90
+#define GNUTLS_E_SRP_PWD_PARSING_ERROR -91
+#define GNUTLS_E_NO_TEMPORARY_DH_PARAMS -93
+
+  /* For certificate and key stuff
+   */
+#define GNUTLS_E_ASN1_ELEMENT_NOT_FOUND -67
+#define GNUTLS_E_ASN1_IDENTIFIER_NOT_FOUND -68
+#define GNUTLS_E_ASN1_DER_ERROR -69
+#define GNUTLS_E_ASN1_VALUE_NOT_FOUND -70
+#define GNUTLS_E_ASN1_GENERIC_ERROR -71
+#define GNUTLS_E_ASN1_VALUE_NOT_VALID -72
+#define GNUTLS_E_ASN1_TAG_ERROR -73
+#define GNUTLS_E_ASN1_TAG_IMPLICIT -74
+#define GNUTLS_E_ASN1_TYPE_ANY_ERROR -75
+#define GNUTLS_E_ASN1_SYNTAX_ERROR -76
+#define GNUTLS_E_ASN1_DER_OVERFLOW -77
+#define GNUTLS_E_OPENPGP_UID_REVOKED -79
+#define GNUTLS_E_CERTIFICATE_ERROR -43
+#define GNUTLS_E_X509_CERTIFICATE_ERROR GNUTLS_E_CERTIFICATE_ERROR
+#define GNUTLS_E_CERTIFICATE_KEY_MISMATCH -60
+#define GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE -61      /* GNUTLS_A_UNSUPPORTED_CERTIFICATE */
+#define GNUTLS_E_X509_UNKNOWN_SAN -62
+#define GNUTLS_E_OPENPGP_FINGERPRINT_UNSUPPORTED -94
+#define GNUTLS_E_X509_UNSUPPORTED_ATTRIBUTE -95
+#define GNUTLS_E_UNKNOWN_HASH_ALGORITHM -96
+#define GNUTLS_E_UNKNOWN_PKCS_CONTENT_TYPE -97
+#define GNUTLS_E_UNKNOWN_PKCS_BAG_TYPE -98
+#define GNUTLS_E_INVALID_PASSWORD -99
+#define GNUTLS_E_MAC_VERIFY_FAILED -100        /* for PKCS #12 MAC */
+#define GNUTLS_E_CONSTRAINT_ERROR -101
+
+#define GNUTLS_E_WARNING_IA_IPHF_RECEIVED -102
+#define GNUTLS_E_WARNING_IA_FPHF_RECEIVED -103
+
+#define GNUTLS_E_IA_VERIFY_FAILED -104
+#define GNUTLS_E_UNKNOWN_ALGORITHM -105
+#define GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM -106
+#define GNUTLS_E_SAFE_RENEGOTIATION_FAILED -107
+#define GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED -108
+#define GNUTLS_E_UNKNOWN_SRP_USERNAME -109
+#define GNUTLS_E_PREMATURE_TERMINATION -110
+
+#define GNUTLS_E_BASE64_ENCODING_ERROR -201
+#define GNUTLS_E_INCOMPATIBLE_GCRYPT_LIBRARY -202      /* obsolete */
+#define GNUTLS_E_INCOMPATIBLE_CRYPTO_LIBRARY -202
+#define GNUTLS_E_INCOMPATIBLE_LIBTASN1_LIBRARY -203
+
+#define GNUTLS_E_OPENPGP_KEYRING_ERROR -204
+#define GNUTLS_E_X509_UNSUPPORTED_OID -205
+
+#define GNUTLS_E_RANDOM_FAILED -206
+#define GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR -207
+
+#define GNUTLS_E_OPENPGP_SUBKEY_ERROR -208
+
+#define GNUTLS_E_CRYPTO_ALREADY_REGISTERED -209
+
+#define GNUTLS_E_HANDSHAKE_TOO_LARGE -210
+
+#define GNUTLS_E_CRYPTODEV_IOCTL_ERROR -211
+#define GNUTLS_E_CRYPTODEV_DEVICE_ERROR -212
+
+#define GNUTLS_E_CHANNEL_BINDING_NOT_AVAILABLE -213
+#define GNUTLS_E_BAD_COOKIE -214
+#define GNUTLS_E_OPENPGP_PREFERRED_KEY_ERROR -215
+#define GNUTLS_E_INCOMPAT_DSA_KEY_WITH_TLS_PROTOCOL -216
+
+#define GNUTLS_E_HEARTBEAT_PONG_RECEIVED -292
+#define GNUTLS_E_HEARTBEAT_PING_RECEIVED -293
+
+/* PKCS11 related */
+#define GNUTLS_E_PKCS11_ERROR -300
+#define GNUTLS_E_PKCS11_LOAD_ERROR -301
+#define GNUTLS_E_PARSING_ERROR -302
+#define GNUTLS_E_PKCS11_PIN_ERROR -303
+
+#define GNUTLS_E_PKCS11_SLOT_ERROR -305
+#define GNUTLS_E_LOCKING_ERROR -306
+#define GNUTLS_E_PKCS11_ATTRIBUTE_ERROR -307
+#define GNUTLS_E_PKCS11_DEVICE_ERROR -308
+#define GNUTLS_E_PKCS11_DATA_ERROR -309
+#define GNUTLS_E_PKCS11_UNSUPPORTED_FEATURE_ERROR -310
+#define GNUTLS_E_PKCS11_KEY_ERROR -311
+#define GNUTLS_E_PKCS11_PIN_EXPIRED -312
+#define GNUTLS_E_PKCS11_PIN_LOCKED -313
+#define GNUTLS_E_PKCS11_SESSION_ERROR -314
+#define GNUTLS_E_PKCS11_SIGNATURE_ERROR -315
+#define GNUTLS_E_PKCS11_TOKEN_ERROR -316
+#define GNUTLS_E_PKCS11_USER_ERROR -317
+
+#define GNUTLS_E_CRYPTO_INIT_FAILED -318
+#define GNUTLS_E_TIMEDOUT -319
+#define GNUTLS_E_USER_ERROR -320
+#define GNUTLS_E_ECC_NO_SUPPORTED_CURVES -321
+#define GNUTLS_E_ECC_UNSUPPORTED_CURVE -322
+#define GNUTLS_E_PKCS11_REQUESTED_OBJECT_NOT_AVAILBLE -323
+#define GNUTLS_E_CERTIFICATE_LIST_UNSORTED -324
+#define GNUTLS_E_ILLEGAL_PARAMETER -325
+#define GNUTLS_E_NO_PRIORITIES_WERE_SET -326
+#define GNUTLS_E_X509_UNSUPPORTED_EXTENSION -327
+#define GNUTLS_E_SESSION_EOF -328
+
+#define GNUTLS_E_TPM_ERROR -329
+#define GNUTLS_E_TPM_KEY_PASSWORD_ERROR -330
+#define GNUTLS_E_TPM_SRK_PASSWORD_ERROR -331
+#define GNUTLS_E_TPM_SESSION_ERROR -332
+#define GNUTLS_E_TPM_KEY_NOT_FOUND -333
+#define GNUTLS_E_TPM_UNINITIALIZED -334
+
+#define GNUTLS_E_NO_CERTIFICATE_STATUS -340
+#define GNUTLS_E_OCSP_RESPONSE_ERROR -341
+#define GNUTLS_E_RANDOM_DEVICE_ERROR -342
+#define GNUTLS_E_AUTH_ERROR -343
+#define GNUTLS_E_NO_APPLICATION_PROTOCOL -344
+
+#define GNUTLS_E_UNIMPLEMENTED_FEATURE -1250
+
+
+
+#define GNUTLS_E_APPLICATION_ERROR_MAX -65000
+#define GNUTLS_E_APPLICATION_ERROR_MIN -65500
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+}
+#endif
+/* *INDENT-ON* */
+
+#include <gnutls/compat.h>
+
+#endif                         /* GNUTLS_H */
diff --git a/reactos/include/reactos/libs/gnutls/gnutls/gnutlsxx.h b/reactos/include/reactos/libs/gnutls/gnutls/gnutlsxx.h
new file mode 100644 (file)
index 0000000..1ed83fb
--- /dev/null
@@ -0,0 +1,426 @@
+/*
+ * Copyright (C) 2006-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLSXX_H
+#define GNUTLSXX_H
+
+#include <exception>
+#include <vector>
+#include <gnutls/gnutls.h>
+
+namespace gnutls {
+
+       class noncopyable {
+             protected:
+               noncopyable() {
+               } ~noncopyable() {
+             } private:
+               // These are non-implemented.
+                noncopyable(const noncopyable &);
+               noncopyable & operator=(const noncopyable &);
+       };
+
+
+       class exception:public std::exception {
+             public:
+               exception(int x);
+               const char *what() const throw();
+               int get_code();
+             protected:
+               int retcode;
+       };
+
+
+       class dh_params:private noncopyable {
+             public:
+               dh_params();
+               ~dh_params();
+               void import_raw(const gnutls_datum_t & prime,
+                               const gnutls_datum_t & generator);
+               void import_pkcs3(const gnutls_datum_t & pkcs3_params,
+                                 gnutls_x509_crt_fmt_t format);
+               void generate(unsigned int bits);
+
+               void export_pkcs3(gnutls_x509_crt_fmt_t format,
+                                 unsigned char *params_data,
+                                 size_t * params_data_size);
+               void export_raw(gnutls_datum_t & prime,
+                               gnutls_datum_t & generator);
+
+               gnutls_dh_params_t get_params_t() const;
+                dh_params & operator=(const dh_params & src);
+             protected:
+                gnutls_dh_params_t params;
+       };
+
+
+       class rsa_params:private noncopyable {
+             public:
+               rsa_params();
+               ~rsa_params();
+               void import_raw(const gnutls_datum_t & m,
+                               const gnutls_datum_t & e,
+                               const gnutls_datum_t & d,
+                               const gnutls_datum_t & p,
+                               const gnutls_datum_t & q,
+                               const gnutls_datum_t & u);
+               void import_pkcs1(const gnutls_datum_t & pkcs1_params,
+                                 gnutls_x509_crt_fmt_t format);
+               void generate(unsigned int bits);
+
+               void export_pkcs1(gnutls_x509_crt_fmt_t format,
+                                 unsigned char *params_data,
+                                 size_t * params_data_size);
+               void export_raw(gnutls_datum_t & m, gnutls_datum_t & e,
+                               gnutls_datum_t & d, gnutls_datum_t & p,
+                               gnutls_datum_t & q, gnutls_datum_t & u);
+               gnutls_rsa_params_t get_params_t() const;
+                rsa_params & operator=(const rsa_params & src);
+
+             protected:
+                gnutls_rsa_params_t params;
+       };
+
+       class session:private noncopyable {
+             protected:
+               gnutls_session_t s;
+             public:
+               session(unsigned int);
+                virtual ~ session();
+
+               int bye(gnutls_close_request_t how);
+               int handshake();
+
+               gnutls_alert_description_t get_alert() const;
+
+               int send_alert(gnutls_alert_level_t level,
+                              gnutls_alert_description_t desc);
+               int send_appropriate_alert(int err);
+
+               gnutls_cipher_algorithm_t get_cipher() const;
+               gnutls_kx_algorithm_t get_kx() const;
+               gnutls_mac_algorithm_t get_mac() const;
+               gnutls_compression_method_t get_compression() const;
+               gnutls_certificate_type_t get_certificate_type() const;
+
+               // for the handshake
+               void set_private_extensions(bool allow);
+
+               gnutls_handshake_description_t get_handshake_last_out()
+                   const;
+               gnutls_handshake_description_t get_handshake_last_in()
+                   const;
+
+               ssize_t send(const void *data, size_t sizeofdata);
+               ssize_t recv(void *data, size_t sizeofdata);
+
+               bool get_record_direction() const;
+
+               // maximum packet size
+               size_t get_max_size() const;
+               void set_max_size(size_t size);
+
+               size_t check_pending() const;
+
+               void prf(size_t label_size, const char *label,
+                        int server_random_first,
+                        size_t extra_size, const char *extra,
+                        size_t outsize, char *out);
+
+               void prf_raw(size_t label_size, const char *label,
+                            size_t seed_size, const char *seed,
+                            size_t outsize, char *out);
+
+               /* if you just want some defaults, use the following.
+                */
+               void set_priority(const char *prio, const char **err_pos);
+               void set_priority(gnutls_priority_t p);
+
+               gnutls_protocol_t get_protocol_version() const;
+
+               // for resuming sessions
+               void set_data(const void *session_data,
+                             size_t session_data_size);
+               void get_data(void *session_data,
+                             size_t * session_data_size) const;
+               void get_data(gnutls_session_t session,
+                             gnutls_datum_t & data) const;
+               void get_id(void *session_id,
+                           size_t * session_id_size) const;
+
+               bool is_resumed() const;
+
+               void set_max_handshake_packet_length(size_t max);
+
+               void clear_credentials();
+               void set_credentials(class credentials & cred);
+
+               void set_transport_ptr(gnutls_transport_ptr_t ptr);
+               void set_transport_ptr(gnutls_transport_ptr_t recv_ptr,
+                                      gnutls_transport_ptr_t send_ptr);
+               gnutls_transport_ptr_t get_transport_ptr() const;
+               void get_transport_ptr(gnutls_transport_ptr_t & recv_ptr,
+                                      gnutls_transport_ptr_t & send_ptr)
+                   const;
+
+               void set_transport_lowat(size_t num);
+               void set_transport_push_function(gnutls_push_func
+                                                push_func);
+               void set_transport_vec_push_function(gnutls_vec_push_func
+                                                    vec_push_func);
+               void set_transport_pull_function(gnutls_pull_func
+                                                pull_func);
+
+               void set_user_ptr(void *ptr);
+               void *get_user_ptr() const;
+
+               void send_openpgp_cert(gnutls_openpgp_crt_status_t status);
+
+               gnutls_credentials_type_t get_auth_type() const;
+               gnutls_credentials_type_t get_server_auth_type() const;
+               gnutls_credentials_type_t get_client_auth_type() const;
+
+               // informational stuff
+               void set_dh_prime_bits(unsigned int bits);
+               unsigned int get_dh_secret_bits() const;
+               unsigned int get_dh_peers_public_bits() const;
+               unsigned int get_dh_prime_bits() const;
+               void get_dh_group(gnutls_datum_t & gen,
+                                 gnutls_datum_t & prime) const;
+               void get_dh_pubkey(gnutls_datum_t & raw_key) const;
+               void get_rsa_export_pubkey(gnutls_datum_t & exponent,
+                                          gnutls_datum_t & modulus) const;
+               unsigned int get_rsa_export_modulus_bits() const;
+
+               void get_our_certificate(gnutls_datum_t & cert) const;
+               bool get_peers_certificate(std::vector < gnutls_datum_t >
+                                          &out_certs) const;
+               bool get_peers_certificate(const gnutls_datum_t ** certs,
+                                          unsigned int *certs_size) const;
+
+               time_t get_peers_certificate_activation_time() const;
+               time_t get_peers_certificate_expiration_time() const;
+               void verify_peers_certificate(unsigned int &status) const;
+
+       };
+
+// interface for databases
+       class DB:private noncopyable {
+             public:
+               virtual ~ DB() = 0;
+               virtual bool store(const gnutls_datum_t & key,
+                                  const gnutls_datum_t & data) = 0;
+               virtual bool retrieve(const gnutls_datum_t & key,
+                                     gnutls_datum_t & data) = 0;
+               virtual bool remove(const gnutls_datum_t & key) = 0;
+       };
+
+       class server_session:public session {
+             public:
+               server_session();
+               ~server_session();
+               void db_remove() const;
+
+               void set_db_cache_expiration(unsigned int seconds);
+               void set_db(const DB & db);
+
+               // returns true if session is expired
+               bool db_check_entry(gnutls_datum_t & session_data) const;
+
+               // server side only
+               const char *get_srp_username() const;
+               const char *get_psk_username() const;
+
+               void get_server_name(void *data, size_t * data_length,
+                                    unsigned int *type,
+                                    unsigned int indx) const;
+
+               int rehandshake();
+               void set_certificate_request(gnutls_certificate_request_t);
+       };
+
+       class client_session:public session {
+             public:
+               client_session();
+               ~client_session();
+
+               void set_server_name(gnutls_server_name_type_t type,
+                                    const void *name, size_t name_length);
+
+               bool get_request_status();
+       };
+
+
+       class credentials:private noncopyable {
+             public:
+               virtual ~ credentials() {
+               } gnutls_credentials_type_t get_type() const;
+             protected:
+               friend class session;
+               credentials(gnutls_credentials_type_t t);
+               void *ptr() const;
+               void set_ptr(void *ptr);
+               gnutls_credentials_type_t type;
+             private:
+               void *cred;
+       };
+
+       class certificate_credentials:public credentials {
+             public:
+               ~certificate_credentials();
+               certificate_credentials();
+
+               void free_keys();
+               void free_cas();
+               void free_ca_names();
+               void free_crls();
+
+               void set_dh_params(const dh_params & params);
+               void set_rsa_export_params(const rsa_params & params);
+               void set_verify_flags(unsigned int flags);
+               void set_verify_limits(unsigned int max_bits,
+                                      unsigned int max_depth);
+
+               void set_x509_trust_file(const char *cafile,
+                                        gnutls_x509_crt_fmt_t type);
+               void set_x509_trust(const gnutls_datum_t & CA,
+                                   gnutls_x509_crt_fmt_t type);
+               // FIXME: use classes instead of gnutls_x509_crt_t
+               void set_x509_trust(gnutls_x509_crt_t * ca_list,
+                                   int ca_list_size);
+
+               void set_x509_crl_file(const char *crlfile,
+                                      gnutls_x509_crt_fmt_t type);
+               void set_x509_crl(const gnutls_datum_t & CRL,
+                                 gnutls_x509_crt_fmt_t type);
+               void set_x509_crl(gnutls_x509_crl_t * crl_list,
+                                 int crl_list_size);
+
+               void set_x509_key_file(const char *certfile,
+                                      const char *KEYFILE,
+                                      gnutls_x509_crt_fmt_t type);
+               void set_x509_key(const gnutls_datum_t & CERT,
+                                 const gnutls_datum_t & KEY,
+                                 gnutls_x509_crt_fmt_t type);
+               // FIXME: use classes
+               void set_x509_key(gnutls_x509_crt_t * cert_list,
+                                 int cert_list_size,
+                                 gnutls_x509_privkey_t key);
+
+
+               void set_simple_pkcs12_file(const char *pkcs12file,
+                                           gnutls_x509_crt_fmt_t type,
+                                           const char *password);
+
+               void set_retrieve_function
+                   (gnutls_certificate_retrieve_function * func);
+
+             protected:
+                gnutls_certificate_credentials_t cred;
+       };
+
+       class certificate_server_credentials:public certificate_credentials {
+             public:
+               void set_params_function(gnutls_params_function * func);
+       };
+
+       class certificate_client_credentials:public certificate_credentials {
+             public:
+       };
+
+
+
+
+       class anon_server_credentials:public credentials {
+             public:
+               anon_server_credentials();
+               ~anon_server_credentials();
+               void set_dh_params(const dh_params & params);
+               void set_params_function(gnutls_params_function * func);
+             protected:
+                gnutls_anon_server_credentials_t cred;
+       };
+
+       class anon_client_credentials:public credentials {
+             public:
+               anon_client_credentials();
+               ~anon_client_credentials();
+             protected:
+               gnutls_anon_client_credentials_t cred;
+       };
+
+
+       class srp_server_credentials:public credentials {
+             public:
+               srp_server_credentials();
+               ~srp_server_credentials();
+               void set_credentials_file(const char *password_file,
+                                         const char *password_conf_file);
+               void set_credentials_function
+                   (gnutls_srp_server_credentials_function * func);
+             protected:
+                gnutls_srp_server_credentials_t cred;
+       };
+
+       class srp_client_credentials:public credentials {
+             public:
+               srp_client_credentials();
+               ~srp_client_credentials();
+               void set_credentials(const char *username,
+                                    const char *password);
+               void set_credentials_function
+                   (gnutls_srp_client_credentials_function * func);
+             protected:
+                gnutls_srp_client_credentials_t cred;
+       };
+
+
+       class psk_server_credentials:public credentials {
+             public:
+               psk_server_credentials();
+               ~psk_server_credentials();
+               void set_credentials_file(const char *password_file);
+               void set_credentials_function
+                   (gnutls_psk_server_credentials_function * func);
+               void set_dh_params(const dh_params & params);
+               void set_params_function(gnutls_params_function * func);
+             protected:
+                gnutls_psk_server_credentials_t cred;
+       };
+
+       class psk_client_credentials:public credentials {
+             public:
+               psk_client_credentials();
+               ~psk_client_credentials();
+               void set_credentials(const char *username,
+                                    const gnutls_datum_t & key,
+                                    gnutls_psk_key_flags flags);
+               void set_credentials_function
+                   (gnutls_psk_client_credentials_function * func);
+             protected:
+                gnutls_psk_client_credentials_t cred;
+       };
+
+
+}                              /* namespace */
+
+#endif                         /* GNUTLSXX_H */
diff --git a/reactos/include/reactos/libs/gnutls/gnutls/ocsp.h b/reactos/include/reactos/libs/gnutls/gnutls/ocsp.h
new file mode 100644 (file)
index 0000000..2f8976f
--- /dev/null
@@ -0,0 +1,257 @@
+/*
+ * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ *
+ * Author: Simon Josefsson
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+/* Online Certificate Status Protocol - RFC 2560
+ */
+
+#ifndef GNUTLS_OCSP_H
+#define GNUTLS_OCSP_H
+
+#include <gnutls/gnutls.h>
+#include <gnutls/x509.h>
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+extern "C" {
+#endif
+/* *INDENT-ON* */
+
+#define GNUTLS_OCSP_NONCE "1.3.6.1.5.5.7.48.1.2"
+
+/**
+ * gnutls_ocsp_print_formats_t:
+ * @GNUTLS_OCSP_PRINT_FULL: Full information about OCSP request/response.
+ * @GNUTLS_OCSP_PRINT_COMPACT: More compact information about OCSP request/response.
+ *
+ * Enumeration of different OCSP printing variants.
+ */
+typedef enum gnutls_ocsp_print_formats_t {
+       GNUTLS_OCSP_PRINT_FULL = 0,
+       GNUTLS_OCSP_PRINT_COMPACT = 1,
+} gnutls_ocsp_print_formats_t;
+
+/**
+ * gnutls_ocsp_resp_status_t:
+ * @GNUTLS_OCSP_RESP_SUCCESSFUL: Response has valid confirmations.
+ * @GNUTLS_OCSP_RESP_MALFORMEDREQUEST: Illegal confirmation request
+ * @GNUTLS_OCSP_RESP_INTERNALERROR: Internal error in issuer
+ * @GNUTLS_OCSP_RESP_TRYLATER: Try again later
+ * @GNUTLS_OCSP_RESP_SIGREQUIRED: Must sign the request
+ * @GNUTLS_OCSP_RESP_UNAUTHORIZED: Request unauthorized
+ *
+ * Enumeration of different OCSP response status codes.
+ */
+typedef enum gnutls_ocsp_resp_status_t {
+       GNUTLS_OCSP_RESP_SUCCESSFUL = 0,
+       GNUTLS_OCSP_RESP_MALFORMEDREQUEST = 1,
+       GNUTLS_OCSP_RESP_INTERNALERROR = 2,
+       GNUTLS_OCSP_RESP_TRYLATER = 3,
+       GNUTLS_OCSP_RESP_SIGREQUIRED = 5,
+       GNUTLS_OCSP_RESP_UNAUTHORIZED = 6
+} gnutls_ocsp_resp_status_t;
+
+/**
+ * gnutls_ocsp_cert_status_t:
+ * @GNUTLS_OCSP_CERT_GOOD: Positive response to status inquiry.
+ * @GNUTLS_OCSP_CERT_REVOKED: Certificate has been revoked.
+ * @GNUTLS_OCSP_CERT_UNKNOWN: The responder doesn't know about the
+ *   certificate.
+ *
+ * Enumeration of different OCSP response certificate status codes.
+ */
+typedef enum gnutls_ocsp_cert_status_t {
+       GNUTLS_OCSP_CERT_GOOD = 0,
+       GNUTLS_OCSP_CERT_REVOKED = 1,
+       GNUTLS_OCSP_CERT_UNKNOWN = 2
+} gnutls_ocsp_cert_status_t;
+
+/**
+ * gnutls_x509_crl_reason_t:
+ * @GNUTLS_X509_CRLREASON_UNSPECIFIED: Unspecified reason.
+ * @GNUTLS_X509_CRLREASON_KEYCOMPROMISE: Private key compromised.
+ * @GNUTLS_X509_CRLREASON_CACOMPROMISE: CA compromised.
+ * @GNUTLS_X509_CRLREASON_AFFILIATIONCHANGED: Affiliation has changed.
+ * @GNUTLS_X509_CRLREASON_SUPERSEDED: Certificate superseded.
+ * @GNUTLS_X509_CRLREASON_CESSATIONOFOPERATION: Operation has ceased.
+ * @GNUTLS_X509_CRLREASON_CERTIFICATEHOLD: Certificate is on hold.
+ * @GNUTLS_X509_CRLREASON_REMOVEFROMCRL: Will be removed from delta CRL.
+ * @GNUTLS_X509_CRLREASON_PRIVILEGEWITHDRAWN: Privilege withdrawn.
+ * @GNUTLS_X509_CRLREASON_AACOMPROMISE: AA compromised.
+ *
+ * Enumeration of different reason codes.  Note that this
+ * corresponds to the CRLReason ASN.1 enumeration type, and not the
+ * ReasonFlags ASN.1 bit string.
+ */
+typedef enum gnutls_x509_crl_reason_t {
+       GNUTLS_X509_CRLREASON_UNSPECIFIED = 0,
+       GNUTLS_X509_CRLREASON_KEYCOMPROMISE = 1,
+       GNUTLS_X509_CRLREASON_CACOMPROMISE = 2,
+       GNUTLS_X509_CRLREASON_AFFILIATIONCHANGED = 3,
+       GNUTLS_X509_CRLREASON_SUPERSEDED = 4,
+       GNUTLS_X509_CRLREASON_CESSATIONOFOPERATION = 5,
+       GNUTLS_X509_CRLREASON_CERTIFICATEHOLD = 6,
+       GNUTLS_X509_CRLREASON_REMOVEFROMCRL = 8,
+       GNUTLS_X509_CRLREASON_PRIVILEGEWITHDRAWN = 9,
+       GNUTLS_X509_CRLREASON_AACOMPROMISE = 10
+} gnutls_x509_crl_reason_t;
+
+/**
+ * gnutls_ocsp_verify_reason_t:
+ * @GNUTLS_OCSP_VERIFY_SIGNER_NOT_FOUND: Signer cert not found.
+ * @GNUTLS_OCSP_VERIFY_SIGNER_KEYUSAGE_ERROR: Signer keyusage bits incorrect.
+ * @GNUTLS_OCSP_VERIFY_UNTRUSTED_SIGNER: Signer is not trusted.
+ * @GNUTLS_OCSP_VERIFY_INSECURE_ALGORITHM: Signature using insecure algorithm.
+ * @GNUTLS_OCSP_VERIFY_SIGNATURE_FAILURE: Signature mismatch.
+ * @GNUTLS_OCSP_VERIFY_CERT_NOT_ACTIVATED: Signer cert is not yet activated.
+ * @GNUTLS_OCSP_VERIFY_CERT_EXPIRED: Signer cert has expired.
+ *
+ * Enumeration of OCSP verify status codes, used by
+ * gnutls_ocsp_resp_verify() and gnutls_ocsp_resp_verify_direct().
+ */
+typedef enum gnutls_ocsp_verify_reason_t {
+       GNUTLS_OCSP_VERIFY_SIGNER_NOT_FOUND = 1,
+       GNUTLS_OCSP_VERIFY_SIGNER_KEYUSAGE_ERROR = 2,
+       GNUTLS_OCSP_VERIFY_UNTRUSTED_SIGNER = 4,
+       GNUTLS_OCSP_VERIFY_INSECURE_ALGORITHM = 8,
+       GNUTLS_OCSP_VERIFY_SIGNATURE_FAILURE = 16,
+       GNUTLS_OCSP_VERIFY_CERT_NOT_ACTIVATED = 32,
+       GNUTLS_OCSP_VERIFY_CERT_EXPIRED = 64
+} gnutls_ocsp_verify_reason_t;
+
+struct gnutls_ocsp_req_int;
+typedef struct gnutls_ocsp_req_int *gnutls_ocsp_req_t;
+
+int gnutls_ocsp_req_init(gnutls_ocsp_req_t * req);
+void gnutls_ocsp_req_deinit(gnutls_ocsp_req_t req);
+
+int gnutls_ocsp_req_import(gnutls_ocsp_req_t req,
+                          const gnutls_datum_t * data);
+int gnutls_ocsp_req_export(gnutls_ocsp_req_t req, gnutls_datum_t * data);
+int gnutls_ocsp_req_print(gnutls_ocsp_req_t req,
+                         gnutls_ocsp_print_formats_t format,
+                         gnutls_datum_t * out);
+
+int gnutls_ocsp_req_get_version(gnutls_ocsp_req_t req);
+
+int gnutls_ocsp_req_get_cert_id(gnutls_ocsp_req_t req,
+                               unsigned indx,
+                               gnutls_digest_algorithm_t * digest,
+                               gnutls_datum_t * issuer_name_hash,
+                               gnutls_datum_t * issuer_key_hash,
+                               gnutls_datum_t * serial_number);
+int gnutls_ocsp_req_add_cert_id(gnutls_ocsp_req_t req,
+                               gnutls_digest_algorithm_t digest,
+                               const gnutls_datum_t *
+                               issuer_name_hash,
+                               const gnutls_datum_t *
+                               issuer_key_hash,
+                               const gnutls_datum_t * serial_number);
+int gnutls_ocsp_req_add_cert(gnutls_ocsp_req_t req,
+                            gnutls_digest_algorithm_t digest,
+                            gnutls_x509_crt_t issuer,
+                            gnutls_x509_crt_t cert);
+
+int gnutls_ocsp_req_get_extension(gnutls_ocsp_req_t req,
+                                 unsigned indx,
+                                 gnutls_datum_t * oid,
+                                 unsigned int *critical,
+                                 gnutls_datum_t * data);
+int gnutls_ocsp_req_set_extension(gnutls_ocsp_req_t req,
+                                 const char *oid,
+                                 unsigned int critical,
+                                 const gnutls_datum_t * data);
+
+int gnutls_ocsp_req_get_nonce(gnutls_ocsp_req_t req,
+                             unsigned int *critical,
+                             gnutls_datum_t * nonce);
+int gnutls_ocsp_req_set_nonce(gnutls_ocsp_req_t req,
+                             unsigned int critical,
+                             const gnutls_datum_t * nonce);
+int gnutls_ocsp_req_randomize_nonce(gnutls_ocsp_req_t req);
+
+struct gnutls_ocsp_resp_int;
+typedef struct gnutls_ocsp_resp_int *gnutls_ocsp_resp_t;
+
+int gnutls_ocsp_resp_init(gnutls_ocsp_resp_t * resp);
+void gnutls_ocsp_resp_deinit(gnutls_ocsp_resp_t resp);
+
+int gnutls_ocsp_resp_import(gnutls_ocsp_resp_t resp,
+                           const gnutls_datum_t * data);
+int gnutls_ocsp_resp_export(gnutls_ocsp_resp_t resp,
+                           gnutls_datum_t * data);
+int gnutls_ocsp_resp_print(gnutls_ocsp_resp_t resp,
+                          gnutls_ocsp_print_formats_t format,
+                          gnutls_datum_t * out);
+
+int gnutls_ocsp_resp_get_status(gnutls_ocsp_resp_t resp);
+int gnutls_ocsp_resp_get_response(gnutls_ocsp_resp_t resp,
+                                 gnutls_datum_t *
+                                 response_type_oid,
+                                 gnutls_datum_t * response);
+
+int gnutls_ocsp_resp_get_version(gnutls_ocsp_resp_t resp);
+int gnutls_ocsp_resp_get_responder(gnutls_ocsp_resp_t resp,
+                                  gnutls_datum_t * dn);
+time_t gnutls_ocsp_resp_get_produced(gnutls_ocsp_resp_t resp);
+int gnutls_ocsp_resp_get_single(gnutls_ocsp_resp_t resp,
+                               unsigned indx,
+                               gnutls_digest_algorithm_t * digest,
+                               gnutls_datum_t * issuer_name_hash,
+                               gnutls_datum_t * issuer_key_hash,
+                               gnutls_datum_t * serial_number,
+                               unsigned int *cert_status,
+                               time_t * this_update,
+                               time_t * next_update,
+                               time_t * revocation_time,
+                               unsigned int *revocation_reason);
+int gnutls_ocsp_resp_get_extension(gnutls_ocsp_resp_t resp,
+                                  unsigned indx,
+                                  gnutls_datum_t * oid,
+                                  unsigned int *critical,
+                                  gnutls_datum_t * data);
+int gnutls_ocsp_resp_get_nonce(gnutls_ocsp_resp_t resp,
+                              unsigned int *critical,
+                              gnutls_datum_t * nonce);
+int gnutls_ocsp_resp_get_signature_algorithm(gnutls_ocsp_resp_t resp);
+int gnutls_ocsp_resp_get_signature(gnutls_ocsp_resp_t resp,
+                                  gnutls_datum_t * sig);
+int gnutls_ocsp_resp_get_certs(gnutls_ocsp_resp_t resp,
+                              gnutls_x509_crt_t ** certs,
+                              size_t * ncerts);
+
+int gnutls_ocsp_resp_verify_direct(gnutls_ocsp_resp_t resp,
+                                  gnutls_x509_crt_t issuer,
+                                  unsigned int *verify,
+                                  unsigned int flags);
+int gnutls_ocsp_resp_verify(gnutls_ocsp_resp_t resp,
+                           gnutls_x509_trust_list_t trustlist,
+                           unsigned int *verify, unsigned int flags);
+
+int gnutls_ocsp_resp_check_crt(gnutls_ocsp_resp_t resp,
+                              unsigned int indx, gnutls_x509_crt_t crt);
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+}
+#endif
+/* *INDENT-ON* */
+#endif                         /* GNUTLS_OCSP_H */
diff --git a/reactos/include/reactos/libs/gnutls/gnutls/openpgp.h b/reactos/include/reactos/libs/gnutls/gnutls/openpgp.h
new file mode 100644 (file)
index 0000000..1fee58f
--- /dev/null
@@ -0,0 +1,366 @@
+/*
+ * Copyright (C) 2003-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains the types and prototypes for the OpenPGP
+ * key and private key parsing functions.
+ */
+
+#ifndef GNUTLS_OPENPGP_H
+#define GNUTLS_OPENPGP_H
+
+#include <gnutls/gnutls.h>
+#include <limits.h>
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+extern "C" {
+#endif
+/* *INDENT-ON* */
+
+/* Openpgp certificate stuff
+ */
+
+/**
+ * gnutls_openpgp_crt_fmt_t:
+ * @GNUTLS_OPENPGP_FMT_RAW: OpenPGP certificate in raw format.
+ * @GNUTLS_OPENPGP_FMT_BASE64: OpenPGP certificate in base64 format.
+ *
+ * Enumeration of different OpenPGP key formats.
+ */
+typedef enum gnutls_openpgp_crt_fmt {
+       GNUTLS_OPENPGP_FMT_RAW,
+       GNUTLS_OPENPGP_FMT_BASE64
+} gnutls_openpgp_crt_fmt_t;
+
+#define GNUTLS_OPENPGP_KEYID_SIZE 8
+#define GNUTLS_OPENPGP_V4_FINGERPRINT_SIZE 20
+typedef unsigned char
+ gnutls_openpgp_keyid_t[GNUTLS_OPENPGP_KEYID_SIZE];
+
+/* gnutls_openpgp_cert_t should be defined in gnutls.h
+ */
+
+       /* initializes the memory for gnutls_openpgp_crt_t struct */
+int gnutls_openpgp_crt_init(gnutls_openpgp_crt_t * key);
+       /* frees all memory */
+void gnutls_openpgp_crt_deinit(gnutls_openpgp_crt_t key);
+
+int gnutls_openpgp_crt_import(gnutls_openpgp_crt_t key,
+                             const gnutls_datum_t * data,
+                             gnutls_openpgp_crt_fmt_t format);
+int gnutls_openpgp_crt_export(gnutls_openpgp_crt_t key,
+                             gnutls_openpgp_crt_fmt_t format,
+                             void *output_data,
+                             size_t * output_data_size);
+int gnutls_openpgp_crt_export2(gnutls_openpgp_crt_t key,
+                              gnutls_openpgp_crt_fmt_t format,
+                              gnutls_datum_t * out);
+
+int gnutls_openpgp_crt_print(gnutls_openpgp_crt_t cert,
+                            gnutls_certificate_print_formats_t
+                            format, gnutls_datum_t * out);
+
+/* The key_usage flags are defined in gnutls.h. They are
+ * the GNUTLS_KEY_* definitions.
+ */
+#define GNUTLS_OPENPGP_MASTER_KEYID_IDX INT_MAX
+
+int gnutls_openpgp_crt_get_key_usage(gnutls_openpgp_crt_t key,
+                                    unsigned int *key_usage);
+int gnutls_openpgp_crt_get_fingerprint(gnutls_openpgp_crt_t key,
+                                      void *fpr, size_t * fprlen);
+int gnutls_openpgp_crt_get_subkey_fingerprint(gnutls_openpgp_crt_t
+                                             key,
+                                             unsigned int idx,
+                                             void *fpr, size_t * fprlen);
+
+int gnutls_openpgp_crt_get_name(gnutls_openpgp_crt_t key,
+                               int idx, char *buf, size_t * sizeof_buf);
+
+gnutls_pk_algorithm_t
+gnutls_openpgp_crt_get_pk_algorithm(gnutls_openpgp_crt_t key,
+                                   unsigned int *bits);
+
+int gnutls_openpgp_crt_get_version(gnutls_openpgp_crt_t key);
+
+time_t gnutls_openpgp_crt_get_creation_time(gnutls_openpgp_crt_t key);
+time_t gnutls_openpgp_crt_get_expiration_time(gnutls_openpgp_crt_t key);
+
+int gnutls_openpgp_crt_get_key_id(gnutls_openpgp_crt_t key,
+                                 gnutls_openpgp_keyid_t keyid);
+
+int gnutls_openpgp_crt_check_hostname(gnutls_openpgp_crt_t key,
+                                     const char *hostname);
+
+int gnutls_openpgp_crt_get_revoked_status(gnutls_openpgp_crt_t key);
+
+int gnutls_openpgp_crt_get_subkey_count(gnutls_openpgp_crt_t key);
+int gnutls_openpgp_crt_get_subkey_idx(gnutls_openpgp_crt_t key,
+                                     const gnutls_openpgp_keyid_t keyid);
+int gnutls_openpgp_crt_get_subkey_revoked_status
+    (gnutls_openpgp_crt_t key, unsigned int idx);
+gnutls_pk_algorithm_t
+gnutls_openpgp_crt_get_subkey_pk_algorithm(gnutls_openpgp_crt_t
+                                          key,
+                                          unsigned int idx,
+                                          unsigned int *bits);
+time_t
+    gnutls_openpgp_crt_get_subkey_creation_time
+    (gnutls_openpgp_crt_t key, unsigned int idx);
+time_t
+    gnutls_openpgp_crt_get_subkey_expiration_time
+    (gnutls_openpgp_crt_t key, unsigned int idx);
+int gnutls_openpgp_crt_get_subkey_id(gnutls_openpgp_crt_t key,
+                                    unsigned int idx,
+                                    gnutls_openpgp_keyid_t keyid);
+int gnutls_openpgp_crt_get_subkey_usage(gnutls_openpgp_crt_t key,
+                                       unsigned int idx,
+                                       unsigned int *key_usage);
+
+int gnutls_openpgp_crt_get_subkey_pk_dsa_raw(gnutls_openpgp_crt_t
+                                            crt, unsigned int idx,
+                                            gnutls_datum_t * p,
+                                            gnutls_datum_t * q,
+                                            gnutls_datum_t * g,
+                                            gnutls_datum_t * y);
+int gnutls_openpgp_crt_get_subkey_pk_rsa_raw(gnutls_openpgp_crt_t
+                                            crt, unsigned int idx,
+                                            gnutls_datum_t * m,
+                                            gnutls_datum_t * e);
+int gnutls_openpgp_crt_get_pk_dsa_raw(gnutls_openpgp_crt_t crt,
+                                     gnutls_datum_t * p,
+                                     gnutls_datum_t * q,
+                                     gnutls_datum_t * g,
+                                     gnutls_datum_t * y);
+int gnutls_openpgp_crt_get_pk_rsa_raw(gnutls_openpgp_crt_t crt,
+                                     gnutls_datum_t * m,
+                                     gnutls_datum_t * e);
+
+int gnutls_openpgp_crt_get_preferred_key_id(gnutls_openpgp_crt_t
+                                           key,
+                                           gnutls_openpgp_keyid_t keyid);
+int
+gnutls_openpgp_crt_set_preferred_key_id(gnutls_openpgp_crt_t key,
+                                       const
+                                       gnutls_openpgp_keyid_t keyid);
+
+/* privkey stuff.
+ */
+int gnutls_openpgp_privkey_init(gnutls_openpgp_privkey_t * key);
+void gnutls_openpgp_privkey_deinit(gnutls_openpgp_privkey_t key);
+gnutls_pk_algorithm_t
+    gnutls_openpgp_privkey_get_pk_algorithm
+    (gnutls_openpgp_privkey_t key, unsigned int *bits);
+
+gnutls_sec_param_t
+gnutls_openpgp_privkey_sec_param(gnutls_openpgp_privkey_t key);
+int gnutls_openpgp_privkey_import(gnutls_openpgp_privkey_t key,
+                                 const gnutls_datum_t * data,
+                                 gnutls_openpgp_crt_fmt_t format,
+                                 const char *password,
+                                 unsigned int flags);
+
+int gnutls_openpgp_privkey_get_fingerprint(gnutls_openpgp_privkey_t
+                                          key, void *fpr,
+                                          size_t * fprlen);
+int gnutls_openpgp_privkey_get_subkey_fingerprint
+    (gnutls_openpgp_privkey_t key, unsigned int idx, void *fpr,
+     size_t * fprlen);
+int gnutls_openpgp_privkey_get_key_id(gnutls_openpgp_privkey_t key,
+                                     gnutls_openpgp_keyid_t keyid);
+int gnutls_openpgp_privkey_get_subkey_count(gnutls_openpgp_privkey_t key);
+int gnutls_openpgp_privkey_get_subkey_idx(gnutls_openpgp_privkey_t
+                                         key,
+                                         const
+                                         gnutls_openpgp_keyid_t keyid);
+
+int gnutls_openpgp_privkey_get_subkey_revoked_status
+    (gnutls_openpgp_privkey_t key, unsigned int idx);
+
+int gnutls_openpgp_privkey_get_revoked_status
+    (gnutls_openpgp_privkey_t key);
+
+gnutls_pk_algorithm_t
+    gnutls_openpgp_privkey_get_subkey_pk_algorithm
+    (gnutls_openpgp_privkey_t key, unsigned int idx, unsigned int *bits);
+
+time_t
+    gnutls_openpgp_privkey_get_subkey_expiration_time
+    (gnutls_openpgp_privkey_t key, unsigned int idx);
+
+int gnutls_openpgp_privkey_get_subkey_id(gnutls_openpgp_privkey_t
+                                        key, unsigned int idx,
+                                        gnutls_openpgp_keyid_t keyid);
+
+time_t
+    gnutls_openpgp_privkey_get_subkey_creation_time
+    (gnutls_openpgp_privkey_t key, unsigned int idx);
+
+int gnutls_openpgp_privkey_export_subkey_dsa_raw
+    (gnutls_openpgp_privkey_t pkey, unsigned int idx,
+     gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * g,
+     gnutls_datum_t * y, gnutls_datum_t * x);
+int gnutls_openpgp_privkey_export_subkey_rsa_raw
+    (gnutls_openpgp_privkey_t pkey, unsigned int idx,
+     gnutls_datum_t * m, gnutls_datum_t * e, gnutls_datum_t * d,
+     gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * u);
+
+int gnutls_openpgp_privkey_export_dsa_raw(gnutls_openpgp_privkey_t
+                                         pkey, gnutls_datum_t * p,
+                                         gnutls_datum_t * q,
+                                         gnutls_datum_t * g,
+                                         gnutls_datum_t * y,
+                                         gnutls_datum_t * x);
+int gnutls_openpgp_privkey_export_rsa_raw(gnutls_openpgp_privkey_t
+                                         pkey, gnutls_datum_t * m,
+                                         gnutls_datum_t * e,
+                                         gnutls_datum_t * d,
+                                         gnutls_datum_t * p,
+                                         gnutls_datum_t * q,
+                                         gnutls_datum_t * u);
+
+int gnutls_openpgp_privkey_export(gnutls_openpgp_privkey_t key,
+                                 gnutls_openpgp_crt_fmt_t format,
+                                 const char *password,
+                                 unsigned int flags,
+                                 void *output_data,
+                                 size_t * output_data_size);
+int gnutls_openpgp_privkey_export2(gnutls_openpgp_privkey_t key,
+                                  gnutls_openpgp_crt_fmt_t format,
+                                  const char *password,
+                                  unsigned int flags,
+                                  gnutls_datum_t * out);
+
+int gnutls_openpgp_privkey_set_preferred_key_id
+    (gnutls_openpgp_privkey_t key, const gnutls_openpgp_keyid_t keyid);
+int gnutls_openpgp_privkey_get_preferred_key_id
+    (gnutls_openpgp_privkey_t key, gnutls_openpgp_keyid_t keyid);
+
+int gnutls_openpgp_crt_get_auth_subkey(gnutls_openpgp_crt_t crt,
+                                      gnutls_openpgp_keyid_t
+                                      keyid, unsigned int flag);
+
+/* Keyring stuff.
+ */
+
+int gnutls_openpgp_keyring_init(gnutls_openpgp_keyring_t * keyring);
+void gnutls_openpgp_keyring_deinit(gnutls_openpgp_keyring_t keyring);
+
+int gnutls_openpgp_keyring_import(gnutls_openpgp_keyring_t keyring,
+                                 const gnutls_datum_t * data,
+                                 gnutls_openpgp_crt_fmt_t format);
+
+int gnutls_openpgp_keyring_check_id(gnutls_openpgp_keyring_t ring,
+                                   const gnutls_openpgp_keyid_t
+                                   keyid, unsigned int flags);
+
+
+int gnutls_openpgp_crt_verify_ring(gnutls_openpgp_crt_t key,
+                                  gnutls_openpgp_keyring_t
+                                  keyring, unsigned int flags,
+                                  unsigned int *verify
+                                  /* the output of the verification */
+    );
+
+int gnutls_openpgp_crt_verify_self(gnutls_openpgp_crt_t key,
+                                  unsigned int flags,
+                                  unsigned int *verify);
+
+int gnutls_openpgp_keyring_get_crt(gnutls_openpgp_keyring_t ring,
+                                  unsigned int idx,
+                                  gnutls_openpgp_crt_t * cert);
+
+int gnutls_openpgp_keyring_get_crt_count(gnutls_openpgp_keyring_t ring);
+
+
+
+/**
+ * gnutls_openpgp_recv_key_func:
+ * @session: a TLS session
+ * @keyfpr: key fingerprint
+ * @keyfpr_length: length of key fingerprint
+ * @key: output key.
+ *
+ * A callback of this type is used to retrieve OpenPGP keys.  Only
+ * useful on the server, and will only be used if the peer send a key
+ * fingerprint instead of a full key.  See also
+ * gnutls_openpgp_set_recv_key_function().
+ *
+ * The variable @key must be allocated using gnutls_malloc().
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (zero) is returned,
+ *   otherwise an error code is returned.
+ */
+typedef int (*gnutls_openpgp_recv_key_func) (gnutls_session_t
+                                            session,
+                                            const unsigned char
+                                            *keyfpr,
+                                            unsigned int
+                                            keyfpr_length,
+                                            gnutls_datum_t * key);
+
+void
+gnutls_openpgp_set_recv_key_function(gnutls_session_t session,
+                                    gnutls_openpgp_recv_key_func func);
+
+
+
+/* certificate authentication stuff.
+ */
+int gnutls_certificate_set_openpgp_key
+    (gnutls_certificate_credentials_t res,
+     gnutls_openpgp_crt_t crt, gnutls_openpgp_privkey_t pkey);
+
+int
+ gnutls_certificate_set_openpgp_key_file
+    (gnutls_certificate_credentials_t res, const char *certfile,
+     const char *keyfile, gnutls_openpgp_crt_fmt_t format);
+int gnutls_certificate_set_openpgp_key_mem
+    (gnutls_certificate_credentials_t res,
+     const gnutls_datum_t * cert, const gnutls_datum_t * key,
+     gnutls_openpgp_crt_fmt_t format);
+
+int
+ gnutls_certificate_set_openpgp_key_file2
+    (gnutls_certificate_credentials_t res, const char *certfile,
+     const char *keyfile, const char *subkey_id,
+     gnutls_openpgp_crt_fmt_t format);
+int
+ gnutls_certificate_set_openpgp_key_mem2
+    (gnutls_certificate_credentials_t res,
+     const gnutls_datum_t * cert, const gnutls_datum_t * key,
+     const char *subkey_id, gnutls_openpgp_crt_fmt_t format);
+
+int gnutls_certificate_set_openpgp_keyring_mem
+    (gnutls_certificate_credentials_t c, const unsigned char *data,
+     size_t dlen, gnutls_openpgp_crt_fmt_t format);
+
+int gnutls_certificate_set_openpgp_keyring_file
+    (gnutls_certificate_credentials_t c, const char *file,
+     gnutls_openpgp_crt_fmt_t format);
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+}
+#endif
+/* *INDENT-ON* */
+#endif                         /* GNUTLS_OPENPGP_H */
diff --git a/reactos/include/reactos/libs/gnutls/gnutls/pkcs11.h b/reactos/include/reactos/libs/gnutls/gnutls/pkcs11.h
new file mode 100644 (file)
index 0000000..77a410f
--- /dev/null
@@ -0,0 +1,356 @@
+/*
+ * Copyright (C) 2010-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef __GNUTLS_PKCS11_H
+#define __GNUTLS_PKCS11_H
+
+
+#include <stdarg.h>
+#include <gnutls/gnutls.h>
+#include <gnutls/x509.h>
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+extern "C" {
+#endif
+/* *INDENT-ON* */
+
+#define GNUTLS_PKCS11_MAX_PIN_LEN 32
+
+/**
+ * gnutls_pkcs11_token_callback_t:
+ * @userdata: user-controlled data from gnutls_pkcs11_set_token_function().
+ * @label: token label.
+ * @retry: retry counter, initially 0.
+ *
+ * Token callback function. The callback will be used to ask the user
+ * to re-insert the token with given (null terminated) label.  The
+ * callback should return zero if token has been inserted by user and
+ * a negative error code otherwise.  It might be called multiple times
+ * if the token is not detected and the retry counter will be
+ * increased.
+ *
+ * Returns: %GNUTLS_E_SUCCESS (0) on success or a negative error code
+ * on error.
+ *
+ * Since: 2.12.0
+ **/
+typedef int (*gnutls_pkcs11_token_callback_t) (void *const
+                                              userdata,
+                                              const char *const
+                                              label, unsigned retry);
+
+
+struct gnutls_pkcs11_obj_st;
+typedef struct gnutls_pkcs11_obj_st *gnutls_pkcs11_obj_t;
+
+
+#define GNUTLS_PKCS11_FLAG_MANUAL 0    /* Manual loading of libraries */
+#define GNUTLS_PKCS11_FLAG_AUTO 1      /* Automatically load libraries by reading /etc/gnutls/pkcs11.conf */
+
+/* pkcs11.conf format:
+ * load = /lib/xxx-pkcs11.so
+ * load = /lib/yyy-pkcs11.so
+ */
+
+int gnutls_pkcs11_init(unsigned int flags,
+                      const char *deprecated_config_file);
+int gnutls_pkcs11_reinit(void);
+void gnutls_pkcs11_deinit(void);
+void gnutls_pkcs11_set_token_function
+    (gnutls_pkcs11_token_callback_t fn, void *userdata);
+
+void gnutls_pkcs11_set_pin_function(gnutls_pin_callback_t fn,
+                                   void *userdata);
+
+gnutls_pin_callback_t gnutls_pkcs11_get_pin_function(void
+                                                    **userdata);
+
+int gnutls_pkcs11_add_provider(const char *name, const char *params);
+int gnutls_pkcs11_obj_init(gnutls_pkcs11_obj_t * obj);
+void gnutls_pkcs11_obj_set_pin_function(gnutls_pkcs11_obj_t obj,
+                                       gnutls_pin_callback_t fn,
+                                       void *userdata);
+
+#define GNUTLS_PKCS11_OBJ_FLAG_LOGIN (1<<0)    /* force login in the token for the operation */
+#define GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED (1<<1)     /* object marked as trusted */
+#define GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE (1<<2)   /* object marked as sensitive (unexportable) */
+#define GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO (1<<3) /* force login as a security officer in the token for the operation */
+#define GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE (1<<4)     /* marked as private (requires PIN to access) */
+#define GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE (1<<5) /* marked as not private */
+#define GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_ANY (1<<6) /* No need for the object to be a trusted one */
+#define GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED (1<<7) /* The object must be marked as trusted 
+       * in gnutls_pkcs11_crt_is_known() it implies GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_COMPARE */
+#define GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED (1<<8) /* The object must be marked as distrusted */
+#define GNUTLS_PKCS11_OBJ_FLAG_COMPARE (1<<9) /* The object must be fully compared */
+#define GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE (1<<10) /* The object must be present in a marked as trusted module */
+
+/**
+ * gnutls_pkcs11_url_type_t:
+ * @GNUTLS_PKCS11_URL_GENERIC: A generic-purpose URL.
+ * @GNUTLS_PKCS11_URL_LIB: A URL that specifies the library used as well.
+ * @GNUTLS_PKCS11_URL_LIB_VERSION: A URL that specifies the library and its version.
+ *
+ * Enumeration of different URL extraction flags.
+ */
+typedef enum {
+       GNUTLS_PKCS11_URL_GENERIC,      /* URL specifies the object on token level */
+       GNUTLS_PKCS11_URL_LIB,  /* URL specifies the object on module level */
+       GNUTLS_PKCS11_URL_LIB_VERSION   /* URL specifies the object on module and version level */
+} gnutls_pkcs11_url_type_t;
+
+int gnutls_pkcs11_obj_import_url(gnutls_pkcs11_obj_t obj,
+                                const char *url, unsigned int flags
+                                /* GNUTLS_PKCS11_OBJ_FLAG_* */ );
+int gnutls_pkcs11_obj_export_url(gnutls_pkcs11_obj_t obj,
+                                gnutls_pkcs11_url_type_t detailed,
+                                char **url);
+void gnutls_pkcs11_obj_deinit(gnutls_pkcs11_obj_t obj);
+
+int gnutls_pkcs11_obj_export(gnutls_pkcs11_obj_t obj,
+                            void *output_data, size_t * output_data_size);
+int gnutls_pkcs11_obj_export2(gnutls_pkcs11_obj_t obj,
+                             gnutls_datum_t * out);
+
+int gnutls_pkcs11_obj_export3(gnutls_pkcs11_obj_t obj, gnutls_x509_crt_fmt_t fmt,
+                             gnutls_datum_t * out);
+
+int gnutls_pkcs11_get_raw_issuer(const char *url, gnutls_x509_crt_t cert,
+                            gnutls_datum_t * issuer,
+                            gnutls_x509_crt_fmt_t fmt,
+                            unsigned int flags);
+
+int gnutls_pkcs11_copy_x509_crt(const char *token_url,
+                               gnutls_x509_crt_t crt,
+                               const char *label, unsigned int flags
+                               /* GNUTLS_PKCS11_OBJ_FLAG_* */ );
+int gnutls_pkcs11_copy_x509_privkey(const char *token_url,
+                                   gnutls_x509_privkey_t key,
+                                   const char *label,
+                                   unsigned int key_usage
+                                   /*GNUTLS_KEY_* */ ,
+                                   unsigned int flags
+                                   /* GNUTLS_PKCS11_OBJ_FLAG_* */
+    );
+int gnutls_pkcs11_delete_url(const char *object_url, unsigned int flags
+                            /* GNUTLS_PKCS11_OBJ_FLAG_* */ );
+
+int gnutls_pkcs11_copy_secret_key(const char *token_url,
+                                 gnutls_datum_t * key,
+                                 const char *label, unsigned int key_usage
+                                 /* GNUTLS_KEY_* */ ,
+                                 unsigned int flags
+                                 /* GNUTLS_PKCS11_OBJ_FLAG_* */ );
+
+/**
+ * gnutls_pkcs11_obj_info_t:
+ * @GNUTLS_PKCS11_OBJ_ID_HEX: The object ID in hex.
+ * @GNUTLS_PKCS11_OBJ_LABEL: The object label.
+ * @GNUTLS_PKCS11_OBJ_TOKEN_LABEL: The token's label.
+ * @GNUTLS_PKCS11_OBJ_TOKEN_SERIAL: The token's serial number.
+ * @GNUTLS_PKCS11_OBJ_TOKEN_MANUFACTURER: The token's manufacturer.
+ * @GNUTLS_PKCS11_OBJ_TOKEN_MODEL: The token's model.
+ * @GNUTLS_PKCS11_OBJ_ID: The object ID.
+ * @GNUTLS_PKCS11_OBJ_LIBRARY_VERSION: The library's used to access the object version.
+ * @GNUTLS_PKCS11_OBJ_LIBRARY_DESCRIPTION: The library's used to access the object description (name).
+ * @GNUTLS_PKCS11_OBJ_LIBRARY_MANUFACTURER: The library's used to access the object manufacturer name.
+ *
+ * Enumeration of several object information types.
+ */
+typedef enum {
+       GNUTLS_PKCS11_OBJ_ID_HEX = 1,
+       GNUTLS_PKCS11_OBJ_LABEL,
+       GNUTLS_PKCS11_OBJ_TOKEN_LABEL,
+       GNUTLS_PKCS11_OBJ_TOKEN_SERIAL,
+       GNUTLS_PKCS11_OBJ_TOKEN_MANUFACTURER,
+       GNUTLS_PKCS11_OBJ_TOKEN_MODEL,
+       GNUTLS_PKCS11_OBJ_ID,
+       /* the pkcs11 provider library info  */
+       GNUTLS_PKCS11_OBJ_LIBRARY_VERSION,
+       GNUTLS_PKCS11_OBJ_LIBRARY_DESCRIPTION,
+       GNUTLS_PKCS11_OBJ_LIBRARY_MANUFACTURER
+} gnutls_pkcs11_obj_info_t;
+
+int gnutls_pkcs11_obj_get_info(gnutls_pkcs11_obj_t crt,
+                              gnutls_pkcs11_obj_info_t itype,
+                              void *output, size_t * output_size);
+
+/**
+ * gnutls_pkcs11_obj_attr_t:
+ * @GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL: Specify all certificates.
+ * @GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED: Specify all certificates marked as trusted.
+ * @GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED_CA: Specify all certificates marked as trusted and are CAs.
+ * @GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY: Specify all certificates with a corresponding private key.
+ * @GNUTLS_PKCS11_OBJ_ATTR_PUBKEY: Specify all public keys.
+ * @GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY: Specify all private keys.
+ * @GNUTLS_PKCS11_OBJ_ATTR_ALL: Specify all objects.
+ *
+ * Enumeration of several attributes for object enumeration.
+ */
+typedef enum {
+       GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL = 1,     /* all certificates */
+       GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED,     /* certificates marked as trusted */
+       GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY,        /* certificates with corresponding private key */
+       GNUTLS_PKCS11_OBJ_ATTR_PUBKEY,  /* public keys */
+       GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY, /* private keys */
+       GNUTLS_PKCS11_OBJ_ATTR_ALL,     /* everything! */
+       GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED_CA,  /* CAs */
+} gnutls_pkcs11_obj_attr_t;
+
+/**
+ * gnutls_pkcs11_token_info_t:
+ * @GNUTLS_PKCS11_TOKEN_LABEL: The token's label (string)
+ * @GNUTLS_PKCS11_TOKEN_SERIAL: The token's serial number (string)
+ * @GNUTLS_PKCS11_TOKEN_MANUFACTURER: The token's manufacturer (string)
+ * @GNUTLS_PKCS11_TOKEN_MODEL: The token's model (string)
+ * @GNUTLS_PKCS11_TOKEN_TRUSTED: Whether the token is marked as trusted in p11-kit (unsigned int)
+ *
+ * Enumeration of types for retrieving token information.
+ */
+typedef enum {
+       GNUTLS_PKCS11_TOKEN_LABEL,
+       GNUTLS_PKCS11_TOKEN_SERIAL,
+       GNUTLS_PKCS11_TOKEN_MANUFACTURER,
+       GNUTLS_PKCS11_TOKEN_MODEL,
+} gnutls_pkcs11_token_info_t;
+
+/**
+ * gnutls_pkcs11_obj_type_t:
+ * @GNUTLS_PKCS11_OBJ_UNKNOWN: Unknown PKCS11 object.
+ * @GNUTLS_PKCS11_OBJ_X509_CRT: X.509 certificate.
+ * @GNUTLS_PKCS11_OBJ_PUBKEY: Public key.
+ * @GNUTLS_PKCS11_OBJ_PRIVKEY: Private key.
+ * @GNUTLS_PKCS11_OBJ_SECRET_KEY: Secret key.
+ * @GNUTLS_PKCS11_OBJ_DATA: Data object.
+ *
+ * Enumeration of object types.
+ */
+typedef enum {
+       GNUTLS_PKCS11_OBJ_UNKNOWN,
+       GNUTLS_PKCS11_OBJ_X509_CRT,
+       GNUTLS_PKCS11_OBJ_PUBKEY,
+       GNUTLS_PKCS11_OBJ_PRIVKEY,
+       GNUTLS_PKCS11_OBJ_SECRET_KEY,
+       GNUTLS_PKCS11_OBJ_DATA
+} gnutls_pkcs11_obj_type_t;
+
+int
+gnutls_pkcs11_token_init(const char *token_url,
+                        const char *so_pin, const char *label);
+
+int
+gnutls_pkcs11_token_get_mechanism(const char *url,
+                                 unsigned int idx,
+                                 unsigned long *mechanism);
+
+int gnutls_pkcs11_token_set_pin(const char *token_url, const char *oldpin, const char *newpin, unsigned int flags      /*gnutls_pin_flag_t */);
+
+int gnutls_pkcs11_token_get_url(unsigned int seq,
+                               gnutls_pkcs11_url_type_t detailed,
+                               char **url);
+int gnutls_pkcs11_token_get_info(const char *url,
+                                gnutls_pkcs11_token_info_t ttype,
+                                void *output, size_t * output_size);
+
+#define GNUTLS_PKCS11_TOKEN_HW 1
+#define GNUTLS_PKCS11_TOKEN_TRUSTED (1<<1) /* p11-kit trusted */
+int gnutls_pkcs11_token_get_flags(const char *url, unsigned int *flags);
+
+int gnutls_pkcs11_obj_list_import_url(gnutls_pkcs11_obj_t * p_list,
+                                     unsigned int *const n_list,
+                                     const char *url,
+                                     gnutls_pkcs11_obj_attr_t
+                                     attrs, unsigned int flags
+                                     /* GNUTLS_PKCS11_OBJ_FLAG_* */
+    );
+
+int
+gnutls_pkcs11_obj_list_import_url2(gnutls_pkcs11_obj_t ** p_list,
+                                  unsigned int *n_list,
+                                  const char *url,
+                                  gnutls_pkcs11_obj_attr_t attrs,
+                                  unsigned int flags
+                                  /* GNUTLS_PKCS11_OBJ_FLAG_* */
+    );
+
+int gnutls_x509_crt_import_pkcs11(gnutls_x509_crt_t crt,
+                                 gnutls_pkcs11_obj_t pkcs11_crt);
+int gnutls_x509_crt_import_pkcs11_url(gnutls_x509_crt_t crt,
+                                     const char *url, unsigned int flags
+                                     /* GNUTLS_PKCS11_OBJ_FLAG_* */
+    );
+
+gnutls_pkcs11_obj_type_t
+gnutls_pkcs11_obj_get_type(gnutls_pkcs11_obj_t obj);
+const char *gnutls_pkcs11_type_get_name(gnutls_pkcs11_obj_type_t type);
+
+int gnutls_x509_crt_list_import_pkcs11(gnutls_x509_crt_t * certs,
+                                      unsigned int cert_max,
+                                      gnutls_pkcs11_obj_t *
+                                      const objs, unsigned int flags
+                                      /* must be zero */ );
+
+/* private key functions...*/
+int gnutls_pkcs11_privkey_init(gnutls_pkcs11_privkey_t * key);
+void gnutls_pkcs11_privkey_set_pin_function(gnutls_pkcs11_privkey_t
+                                           key,
+                                           gnutls_pin_callback_t
+                                           fn, void *userdata);
+void gnutls_pkcs11_privkey_deinit(gnutls_pkcs11_privkey_t key);
+int gnutls_pkcs11_privkey_get_pk_algorithm(gnutls_pkcs11_privkey_t
+                                          key, unsigned int *bits);
+int gnutls_pkcs11_privkey_get_info(gnutls_pkcs11_privkey_t pkey,
+                                  gnutls_pkcs11_obj_info_t itype,
+                                  void *output, size_t * output_size);
+
+int gnutls_pkcs11_privkey_import_url(gnutls_pkcs11_privkey_t pkey,
+                                    const char *url, unsigned int flags);
+
+int gnutls_pkcs11_privkey_export_url(gnutls_pkcs11_privkey_t key,
+                                    gnutls_pkcs11_url_type_t
+                                    detailed, char **url);
+int gnutls_pkcs11_privkey_status(gnutls_pkcs11_privkey_t key);
+
+int gnutls_pkcs11_privkey_generate(const char *url,
+                                  gnutls_pk_algorithm_t pk,
+                                  unsigned int bits,
+                                  const char *label, unsigned int flags);
+
+int
+gnutls_pkcs11_privkey_generate2(const char *url,
+                               gnutls_pk_algorithm_t pk,
+                               unsigned int bits,
+                               const char *label,
+                               gnutls_x509_crt_fmt_t fmt,
+                               gnutls_datum_t * pubkey,
+                               unsigned int flags);
+
+int
+gnutls_pkcs11_token_get_random(const char *token_url,
+                              void *data, size_t len);
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+}
+#endif
+/* *INDENT-ON* */
+#endif
diff --git a/reactos/include/reactos/libs/gnutls/gnutls/pkcs12.h b/reactos/include/reactos/libs/gnutls/gnutls/pkcs12.h
new file mode 100644 (file)
index 0000000..8b024e5
--- /dev/null
@@ -0,0 +1,135 @@
+/*
+ * Copyright (C) 2003-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef GNUTLS_PKCS12_H
+#define GNUTLS_PKCS12_H
+
+#include <gnutls/x509.h>
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+extern "C" {
+#endif
+/* *INDENT-ON* */
+
+       /* PKCS12 structures handling
+        */
+struct gnutls_pkcs12_int;
+typedef struct gnutls_pkcs12_int *gnutls_pkcs12_t;
+
+struct gnutls_pkcs12_bag_int;
+typedef struct gnutls_pkcs12_bag_int *gnutls_pkcs12_bag_t;
+
+int gnutls_pkcs12_init(gnutls_pkcs12_t * pkcs12);
+void gnutls_pkcs12_deinit(gnutls_pkcs12_t pkcs12);
+int gnutls_pkcs12_import(gnutls_pkcs12_t pkcs12,
+                        const gnutls_datum_t * data,
+                        gnutls_x509_crt_fmt_t format, unsigned int flags);
+int gnutls_pkcs12_export(gnutls_pkcs12_t pkcs12,
+                        gnutls_x509_crt_fmt_t format,
+                        void *output_data, size_t * output_data_size);
+int gnutls_pkcs12_export2(gnutls_pkcs12_t pkcs12,
+                         gnutls_x509_crt_fmt_t format,
+                         gnutls_datum_t * out);
+
+int gnutls_pkcs12_get_bag(gnutls_pkcs12_t pkcs12,
+                         int indx, gnutls_pkcs12_bag_t bag);
+int gnutls_pkcs12_set_bag(gnutls_pkcs12_t pkcs12, gnutls_pkcs12_bag_t bag);
+
+int gnutls_pkcs12_generate_mac(gnutls_pkcs12_t pkcs12, const char *pass);
+int gnutls_pkcs12_verify_mac(gnutls_pkcs12_t pkcs12, const char *pass);
+
+int gnutls_pkcs12_bag_decrypt(gnutls_pkcs12_bag_t bag, const char *pass);
+int gnutls_pkcs12_bag_encrypt(gnutls_pkcs12_bag_t bag,
+                             const char *pass, unsigned int flags);
+
+#define GNUTLS_PKCS12_SP_INCLUDE_SELF_SIGNED 1
+int gnutls_pkcs12_simple_parse(gnutls_pkcs12_t p12,
+                              const char *password,
+                              gnutls_x509_privkey_t * key,
+                              gnutls_x509_crt_t ** chain,
+                              unsigned int *chain_len,
+                              gnutls_x509_crt_t ** extra_certs,
+                              unsigned int *extra_certs_len,
+                              gnutls_x509_crl_t * crl,
+                              unsigned int flags);
+
+/**
+ * gnutls_pkcs12_bag_type_t:
+ * @GNUTLS_BAG_EMPTY: Empty PKCS-12 bag.
+ * @GNUTLS_BAG_PKCS8_ENCRYPTED_KEY: PKCS-12 bag with PKCS-8 encrypted key.
+ * @GNUTLS_BAG_PKCS8_KEY: PKCS-12 bag with PKCS-8 key.
+ * @GNUTLS_BAG_CERTIFICATE: PKCS-12 bag with certificate.
+ * @GNUTLS_BAG_CRL: PKCS-12 bag with CRL.
+ * @GNUTLS_BAG_SECRET: PKCS-12 bag with secret PKCS-9 keys.
+ * @GNUTLS_BAG_ENCRYPTED: Encrypted PKCS-12 bag.
+ * @GNUTLS_BAG_UNKNOWN: Unknown PKCS-12 bag.
+ *
+ * Enumeration of different PKCS 12 bag types.
+ */
+typedef enum gnutls_pkcs12_bag_type_t {
+       GNUTLS_BAG_EMPTY = 0,
+       GNUTLS_BAG_PKCS8_ENCRYPTED_KEY = 1,
+       GNUTLS_BAG_PKCS8_KEY = 2,
+       GNUTLS_BAG_CERTIFICATE = 3,
+       GNUTLS_BAG_CRL = 4,
+       GNUTLS_BAG_SECRET = 5,  /* Secret data. Underspecified in pkcs-12,
+                                * gnutls extension. We use the PKCS-9
+                                * random nonce ID 1.2.840.113549.1.9.25.3
+                                * to store randomly generated keys.
+                                */
+       GNUTLS_BAG_ENCRYPTED = 10,
+       GNUTLS_BAG_UNKNOWN = 20
+} gnutls_pkcs12_bag_type_t;
+
+gnutls_pkcs12_bag_type_t
+gnutls_pkcs12_bag_get_type(gnutls_pkcs12_bag_t bag, int indx);
+int gnutls_pkcs12_bag_get_data(gnutls_pkcs12_bag_t bag, int indx,
+                              gnutls_datum_t * data);
+int gnutls_pkcs12_bag_set_data(gnutls_pkcs12_bag_t bag,
+                              gnutls_pkcs12_bag_type_t type,
+                              const gnutls_datum_t * data);
+int gnutls_pkcs12_bag_set_crl(gnutls_pkcs12_bag_t bag,
+                             gnutls_x509_crl_t crl);
+int gnutls_pkcs12_bag_set_crt(gnutls_pkcs12_bag_t bag,
+                             gnutls_x509_crt_t crt);
+
+int gnutls_pkcs12_bag_init(gnutls_pkcs12_bag_t * bag);
+void gnutls_pkcs12_bag_deinit(gnutls_pkcs12_bag_t bag);
+int gnutls_pkcs12_bag_get_count(gnutls_pkcs12_bag_t bag);
+
+int gnutls_pkcs12_bag_get_key_id(gnutls_pkcs12_bag_t bag, int indx,
+                                gnutls_datum_t * id);
+int gnutls_pkcs12_bag_set_key_id(gnutls_pkcs12_bag_t bag, int indx,
+                                const gnutls_datum_t * id);
+
+int gnutls_pkcs12_bag_get_friendly_name(gnutls_pkcs12_bag_t bag,
+                                       int indx, char **name);
+int gnutls_pkcs12_bag_set_friendly_name(gnutls_pkcs12_bag_t bag,
+                                       int indx, const char *name);
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+}
+#endif
+/* *INDENT-ON* */
+#endif                         /* GNUTLS_PKCS12_H */
diff --git a/reactos/include/reactos/libs/gnutls/gnutls/tpm.h b/reactos/include/reactos/libs/gnutls/gnutls/tpm.h
new file mode 100644 (file)
index 0000000..17becf3
--- /dev/null
@@ -0,0 +1,79 @@
+/*
+ * Copyright (C) 2010-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef __GNUTLS_TPM_H
+#define __GNUTLS_TPM_H
+
+#include <gnutls/gnutls.h>
+#include <gnutls/x509.h>
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+extern "C" {
+#endif
+/* *INDENT-ON* */
+
+struct tpm_key_list_st;
+typedef struct tpm_key_list_st *gnutls_tpm_key_list_t;
+
+#define GNUTLS_TPM_KEY_SIGNING (1<<1)
+#define GNUTLS_TPM_REGISTER_KEY (1<<2)
+#define GNUTLS_TPM_KEY_USER (1<<3)
+
+/**
+ * gnutls_tpmkey_fmt_t:
+ * @GNUTLS_TPMKEY_FMT_RAW: The portable data format.
+ * @GNUTLS_TPMKEY_FMT_DER: An alias for the raw format.
+ * @GNUTLS_TPMKEY_FMT_CTK_PEM: A custom data format used by some TPM tools.
+ *
+ * Enumeration of different certificate encoding formats.
+ */
+typedef enum {
+       GNUTLS_TPMKEY_FMT_RAW = 0,
+       GNUTLS_TPMKEY_FMT_DER = GNUTLS_TPMKEY_FMT_RAW,
+       GNUTLS_TPMKEY_FMT_CTK_PEM = 1
+} gnutls_tpmkey_fmt_t;
+
+int
+gnutls_tpm_privkey_generate(gnutls_pk_algorithm_t pk,
+                           unsigned int bits,
+                           const char *srk_password,
+                           const char *key_password,
+                           gnutls_tpmkey_fmt_t format,
+                           gnutls_x509_crt_fmt_t pub_format,
+                           gnutls_datum_t * privkey,
+                           gnutls_datum_t * pubkey, unsigned int flags);
+
+void gnutls_tpm_key_list_deinit(gnutls_tpm_key_list_t list);
+int gnutls_tpm_key_list_get_url(gnutls_tpm_key_list_t list,
+                               unsigned int idx, char **url,
+                               unsigned int flags);
+int gnutls_tpm_get_registered(gnutls_tpm_key_list_t * list);
+int gnutls_tpm_privkey_delete(const char *url, const char *srk_password);
+
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+}
+#endif
+/* *INDENT-ON* */
+#endif
diff --git a/reactos/include/reactos/libs/gnutls/gnutls/x509.h b/reactos/include/reactos/libs/gnutls/gnutls/x509.h
new file mode 100644 (file)
index 0000000..6da65a5
--- /dev/null
@@ -0,0 +1,1192 @@
+/*
+ * Copyright (C) 2003-2012 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains the types and prototypes for the X.509
+ * certificate and CRL handling functions.
+ */
+
+#ifndef GNUTLS_X509_H
+#define GNUTLS_X509_H
+
+#include <gnutls/gnutls.h>
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+extern "C" {
+#endif
+/* *INDENT-ON* */
+
+/* Some OIDs usually found in Distinguished names, or
+ * in Subject Directory Attribute extensions.
+ */
+#define GNUTLS_OID_X520_COUNTRY_NAME           "2.5.4.6"
+#define GNUTLS_OID_X520_ORGANIZATION_NAME      "2.5.4.10"
+#define GNUTLS_OID_X520_ORGANIZATIONAL_UNIT_NAME "2.5.4.11"
+#define GNUTLS_OID_X520_COMMON_NAME            "2.5.4.3"
+#define GNUTLS_OID_X520_LOCALITY_NAME          "2.5.4.7"
+#define GNUTLS_OID_X520_STATE_OR_PROVINCE_NAME "2.5.4.8"
+
+#define GNUTLS_OID_X520_INITIALS               "2.5.4.43"
+#define GNUTLS_OID_X520_GENERATION_QUALIFIER   "2.5.4.44"
+#define GNUTLS_OID_X520_SURNAME                        "2.5.4.4"
+#define GNUTLS_OID_X520_GIVEN_NAME             "2.5.4.42"
+#define GNUTLS_OID_X520_TITLE                  "2.5.4.12"
+#define GNUTLS_OID_X520_DN_QUALIFIER           "2.5.4.46"
+#define GNUTLS_OID_X520_PSEUDONYM              "2.5.4.65"
+#define GNUTLS_OID_X520_POSTALCODE              "2.5.4.17"
+#define GNUTLS_OID_X520_NAME                    "2.5.4.41"
+
+#define GNUTLS_OID_LDAP_DC                     "0.9.2342.19200300.100.1.25"
+#define GNUTLS_OID_LDAP_UID                    "0.9.2342.19200300.100.1.1"
+
+/* The following should not be included in DN.
+ */
+#define GNUTLS_OID_PKCS9_EMAIL                 "1.2.840.113549.1.9.1"
+
+#define GNUTLS_OID_PKIX_DATE_OF_BIRTH          "1.3.6.1.5.5.7.9.1"
+#define GNUTLS_OID_PKIX_PLACE_OF_BIRTH         "1.3.6.1.5.5.7.9.2"
+#define GNUTLS_OID_PKIX_GENDER                 "1.3.6.1.5.5.7.9.3"
+#define GNUTLS_OID_PKIX_COUNTRY_OF_CITIZENSHIP "1.3.6.1.5.5.7.9.4"
+#define GNUTLS_OID_PKIX_COUNTRY_OF_RESIDENCE   "1.3.6.1.5.5.7.9.5"
+
+/* Key purpose Object Identifiers.
+ */
+#define GNUTLS_KP_TLS_WWW_SERVER               "1.3.6.1.5.5.7.3.1"
+#define GNUTLS_KP_TLS_WWW_CLIENT                "1.3.6.1.5.5.7.3.2"
+#define GNUTLS_KP_CODE_SIGNING                 "1.3.6.1.5.5.7.3.3"
+#define GNUTLS_KP_MS_SMART_CARD_LOGON          "1.3.6.1.4.1.311.20.2.2"
+#define GNUTLS_KP_EMAIL_PROTECTION             "1.3.6.1.5.5.7.3.4"
+#define GNUTLS_KP_TIME_STAMPING                        "1.3.6.1.5.5.7.3.8"
+#define GNUTLS_KP_OCSP_SIGNING                 "1.3.6.1.5.5.7.3.9"
+#define GNUTLS_KP_IPSEC_IKE                    "1.3.6.1.5.5.7.3.17"
+#define GNUTLS_KP_ANY                          "2.5.29.37.0"
+
+#define GNUTLS_OID_AIA                         "1.3.6.1.5.5.7.1.1"
+#define GNUTLS_OID_AD_OCSP                     "1.3.6.1.5.5.7.48.1"
+#define GNUTLS_OID_AD_CAISSUERS                        "1.3.6.1.5.5.7.48.2"
+
+#define GNUTLS_FSAN_SET 0
+#define GNUTLS_FSAN_APPEND 1
+
+/* Certificate handling functions.
+ */
+
+/**
+ * gnutls_certificate_import_flags:
+ * @GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED: Fail if the
+ *   certificates in the buffer are more than the space allocated for
+ *   certificates. The error code will be %GNUTLS_E_SHORT_MEMORY_BUFFER.
+ * @GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED: Fail if the certificates
+ *   in the buffer are not ordered starting from subject to issuer.
+ *   The error code will be %GNUTLS_E_CERTIFICATE_LIST_UNSORTED.
+ *
+ * Enumeration of different certificate import flags.
+ */
+typedef enum gnutls_certificate_import_flags {
+       GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED = 1,
+       GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED = 2
+} gnutls_certificate_import_flags;
+
+int gnutls_x509_crt_init(gnutls_x509_crt_t * cert);
+void gnutls_x509_crt_deinit(gnutls_x509_crt_t cert);
+int gnutls_x509_crt_import(gnutls_x509_crt_t cert,
+                          const gnutls_datum_t * data,
+                          gnutls_x509_crt_fmt_t format);
+int gnutls_x509_crt_list_import2(gnutls_x509_crt_t ** certs,
+                                unsigned int *size,
+                                const gnutls_datum_t * data,
+                                gnutls_x509_crt_fmt_t format,
+                                unsigned int flags);
+int gnutls_x509_crt_list_import(gnutls_x509_crt_t * certs,
+                               unsigned int *cert_max,
+                               const gnutls_datum_t * data,
+                               gnutls_x509_crt_fmt_t format,
+                               unsigned int flags);
+int gnutls_x509_crt_export(gnutls_x509_crt_t cert,
+                          gnutls_x509_crt_fmt_t format,
+                          void *output_data, size_t * output_data_size);
+int gnutls_x509_crt_export2(gnutls_x509_crt_t cert,
+                           gnutls_x509_crt_fmt_t format,
+                           gnutls_datum_t * out);
+int gnutls_x509_crt_get_private_key_usage_period(gnutls_x509_crt_t
+                                                cert,
+                                                time_t *
+                                                activation,
+                                                time_t *
+                                                expiration, unsigned int
+                                                *critical);
+
+int gnutls_x509_crt_get_issuer_dn(gnutls_x509_crt_t cert,
+                                 char *buf, size_t * buf_size);
+int gnutls_x509_crt_get_issuer_dn2(gnutls_x509_crt_t cert,
+                                  gnutls_datum_t * dn);
+int gnutls_x509_crt_get_issuer_dn_oid(gnutls_x509_crt_t cert,
+                                     int indx, void *oid,
+                                     size_t * oid_size);
+int gnutls_x509_crt_get_issuer_dn_by_oid(gnutls_x509_crt_t cert,
+                                        const char *oid, int indx,
+                                        unsigned int raw_flag,
+                                        void *buf, size_t * buf_size);
+int gnutls_x509_crt_get_dn(gnutls_x509_crt_t cert, char *buf,
+                          size_t * buf_size);
+int gnutls_x509_crt_get_dn2(gnutls_x509_crt_t cert, gnutls_datum_t * dn);
+int gnutls_x509_crt_get_dn_oid(gnutls_x509_crt_t cert, int indx,
+                              void *oid, size_t * oid_size);
+int gnutls_x509_crt_get_dn_by_oid(gnutls_x509_crt_t cert,
+                                 const char *oid, int indx,
+                                 unsigned int raw_flag, void *buf,
+                                 size_t * buf_size);
+int gnutls_x509_crt_check_hostname(gnutls_x509_crt_t cert,
+                                  const char *hostname);
+
+int gnutls_x509_crt_get_signature_algorithm(gnutls_x509_crt_t cert);
+int gnutls_x509_crt_get_signature(gnutls_x509_crt_t cert,
+                                 char *sig, size_t * sizeof_sig);
+int gnutls_x509_crt_get_version(gnutls_x509_crt_t cert);
+int gnutls_x509_crt_get_key_id(gnutls_x509_crt_t crt,
+                              unsigned int flags,
+                              unsigned char *output_data,
+                              size_t * output_data_size);
+
+int gnutls_x509_crt_set_private_key_usage_period(gnutls_x509_crt_t
+                                                crt,
+                                                time_t activation,
+                                                time_t expiration);
+int gnutls_x509_crt_set_authority_key_id(gnutls_x509_crt_t cert,
+                                        const void *id, size_t id_size);
+int gnutls_x509_crt_get_authority_key_id(gnutls_x509_crt_t cert,
+                                        void *id,
+                                        size_t * id_size,
+                                        unsigned int *critical);
+int gnutls_x509_crt_get_authority_key_gn_serial(gnutls_x509_crt_t
+                                               cert,
+                                               unsigned int seq,
+                                               void *alt,
+                                               size_t * alt_size,
+                                               unsigned int
+                                               *alt_type,
+                                               void *serial,
+                                               size_t *
+                                               serial_size, unsigned int
+                                               *critical);
+
+int gnutls_x509_crt_get_subject_key_id(gnutls_x509_crt_t cert,
+                                      void *ret,
+                                      size_t * ret_size,
+                                      unsigned int *critical);
+
+int gnutls_x509_crt_get_subject_unique_id(gnutls_x509_crt_t crt,
+                                         char *buf, size_t * buf_size);
+
+int gnutls_x509_crt_get_issuer_unique_id(gnutls_x509_crt_t crt,
+                                        char *buf, size_t * buf_size);
+
+void gnutls_x509_crt_set_pin_function(gnutls_x509_crt_t crt,
+                                     gnutls_pin_callback_t fn,
+                                     void *userdata);
+
+  /**
+   * gnutls_info_access_what_t:
+   * @GNUTLS_IA_ACCESSMETHOD_OID: Get accessMethod OID.
+   * @GNUTLS_IA_ACCESSLOCATION_GENERALNAME_TYPE: Get accessLocation name type.
+   * @GNUTLS_IA_URI: Get accessLocation URI value.
+   * @GNUTLS_IA_OCSP_URI: get accessLocation URI value for OCSP.
+   * @GNUTLS_IA_CAISSUERS_URI: get accessLocation URI value for caIssuers.
+   *
+   * Enumeration of types for the @what parameter of
+   * gnutls_x509_crt_get_authority_info_access().
+   */
+typedef enum gnutls_info_access_what_t {
+       GNUTLS_IA_ACCESSMETHOD_OID = 1,
+       GNUTLS_IA_ACCESSLOCATION_GENERALNAME_TYPE = 2,
+       /* use 100-108 for the generalName types, populate as needed */
+       GNUTLS_IA_URI = 106,
+       /* quick-access variants that match both OID and name type. */
+       GNUTLS_IA_OCSP_URI = 10006,
+       GNUTLS_IA_CAISSUERS_URI = 10106
+} gnutls_info_access_what_t;
+
+int gnutls_x509_crt_get_authority_info_access(gnutls_x509_crt_t
+                                             crt,
+                                             unsigned int seq,
+                                             int what,
+                                             gnutls_datum_t *
+                                             data, unsigned int
+                                             *critical);
+
+#define GNUTLS_CRL_REASON_SUPERSEEDED GNUTLS_CRL_REASON_SUPERSEDED,
+  /**
+   * gnutls_x509_crl_reason_flags_t:
+   * @GNUTLS_CRL_REASON_PRIVILEGE_WITHDRAWN: The privileges were withdrawn from the owner.
+   * @GNUTLS_CRL_REASON_CERTIFICATE_HOLD: The certificate is on hold.
+   * @GNUTLS_CRL_REASON_CESSATION_OF_OPERATION: The end-entity is no longer operating.
+   * @GNUTLS_CRL_REASON_SUPERSEDED: There is a newer certificate of the owner.
+   * @GNUTLS_CRL_REASON_AFFILIATION_CHANGED: The end-entity affiliation has changed.
+   * @GNUTLS_CRL_REASON_CA_COMPROMISE: The CA was compromised.
+   * @GNUTLS_CRL_REASON_KEY_COMPROMISE: The certificate's key was compromised.
+   * @GNUTLS_CRL_REASON_UNUSED: The key was never used.
+   * @GNUTLS_CRL_REASON_AA_COMPROMISE: AA compromised.
+   *
+   * Enumeration of types for the CRL revocation reasons. 
+   */
+typedef enum gnutls_x509_crl_reason_flags_t {
+       GNUTLS_CRL_REASON_UNSPECIFIED = 0,
+       GNUTLS_CRL_REASON_PRIVILEGE_WITHDRAWN = 1,
+       GNUTLS_CRL_REASON_CERTIFICATE_HOLD = 2,
+       GNUTLS_CRL_REASON_CESSATION_OF_OPERATION = 4,
+       GNUTLS_CRL_REASON_SUPERSEDED = 8,
+       GNUTLS_CRL_REASON_AFFILIATION_CHANGED = 16,
+       GNUTLS_CRL_REASON_CA_COMPROMISE = 32,
+       GNUTLS_CRL_REASON_KEY_COMPROMISE = 64,
+       GNUTLS_CRL_REASON_UNUSED = 128,
+       GNUTLS_CRL_REASON_AA_COMPROMISE = 32768
+} gnutls_x509_crl_reason_flags_t;
+
+int gnutls_x509_crt_get_crl_dist_points(gnutls_x509_crt_t cert,
+                                       unsigned int seq,
+                                       void *ret,
+                                       size_t * ret_size,
+                                       unsigned int *reason_flags,
+                                       unsigned int *critical);
+int gnutls_x509_crt_set_crl_dist_points2(gnutls_x509_crt_t crt,
+                                        gnutls_x509_subject_alt_name_t
+                                        type, const void *data,
+                                        unsigned int data_size,
+                                        unsigned int reason_flags);
+int gnutls_x509_crt_set_crl_dist_points(gnutls_x509_crt_t crt,
+                                       gnutls_x509_subject_alt_name_t
+                                       type,
+                                       const void *data_string,
+                                       unsigned int reason_flags);
+int gnutls_x509_crt_cpy_crl_dist_points(gnutls_x509_crt_t dst,
+                                       gnutls_x509_crt_t src);
+
+int gnutls_x509_crl_sign2(gnutls_x509_crl_t crl,
+                         gnutls_x509_crt_t issuer,
+                         gnutls_x509_privkey_t issuer_key,
+                         gnutls_digest_algorithm_t dig,
+                         unsigned int flags);
+
+time_t gnutls_x509_crt_get_activation_time(gnutls_x509_crt_t cert);
+
+#define GNUTLS_X509_NO_WELL_DEFINED_EXPIRATION ((time_t)4294197631)
+
+time_t gnutls_x509_crt_get_expiration_time(gnutls_x509_crt_t cert);
+int gnutls_x509_crt_get_serial(gnutls_x509_crt_t cert,
+                              void *result, size_t * result_size);
+
+int gnutls_x509_crt_get_pk_algorithm(gnutls_x509_crt_t cert,
+                                    unsigned int *bits);
+int gnutls_x509_crt_get_pk_rsa_raw(gnutls_x509_crt_t crt,
+                                  gnutls_datum_t * m, gnutls_datum_t * e);
+int gnutls_x509_crt_get_pk_dsa_raw(gnutls_x509_crt_t crt,
+                                  gnutls_datum_t * p,
+                                  gnutls_datum_t * q,
+                                  gnutls_datum_t * g, gnutls_datum_t * y);
+
+int gnutls_x509_crt_get_subject_alt_name(gnutls_x509_crt_t cert,
+                                        unsigned int seq,
+                                        void *san,
+                                        size_t * san_size,
+                                        unsigned int *critical);
+int gnutls_x509_crt_get_subject_alt_name2(gnutls_x509_crt_t cert,
+                                         unsigned int seq,
+                                         void *san,
+                                         size_t * san_size,
+                                         unsigned int *san_type,
+                                         unsigned int *critical);
+
+int gnutls_x509_crt_get_subject_alt_othername_oid(gnutls_x509_crt_t
+                                                 cert,
+                                                 unsigned int seq,
+                                                 void *oid,
+                                                 size_t * oid_size);
+
+int gnutls_x509_crt_get_issuer_alt_name(gnutls_x509_crt_t cert,
+                                       unsigned int seq,
+                                       void *ian,
+                                       size_t * ian_size,
+                                       unsigned int *critical);
+int gnutls_x509_crt_get_issuer_alt_name2(gnutls_x509_crt_t cert,
+                                        unsigned int seq,
+                                        void *ian,
+                                        size_t * ian_size,
+                                        unsigned int *ian_type,
+                                        unsigned int *critical);
+
+int gnutls_x509_crt_get_issuer_alt_othername_oid(gnutls_x509_crt_t
+                                                cert,
+                                                unsigned int seq,
+                                                void *ret,
+                                                size_t * ret_size);
+
+int gnutls_x509_crt_get_ca_status(gnutls_x509_crt_t cert,
+                                 unsigned int *critical);
+int gnutls_x509_crt_get_basic_constraints(gnutls_x509_crt_t cert,
+                                         unsigned int *critical,
+                                         unsigned int *ca, int *pathlen);
+
+/* The key_usage flags are defined in gnutls.h. They are the
+ * GNUTLS_KEY_* definitions.
+ */
+int gnutls_x509_crt_get_key_usage(gnutls_x509_crt_t cert,
+                                 unsigned int *key_usage,
+                                 unsigned int *critical);
+int gnutls_x509_crt_set_key_usage(gnutls_x509_crt_t crt,
+                                 unsigned int usage);
+int gnutls_x509_crt_set_authority_info_access(gnutls_x509_crt_t
+                                             crt, int what,
+                                             gnutls_datum_t * data);
+
+int gnutls_x509_crt_get_proxy(gnutls_x509_crt_t cert,
+                             unsigned int *critical,
+                             int *pathlen,
+                             char **policyLanguage,
+                             char **policy, size_t * sizeof_policy);
+
+#define GNUTLS_MAX_QUALIFIERS 8
+
+  /**
+   * gnutls_x509_qualifier_t:
+   * @GNUTLS_X509_QUALIFIER_UNKNOWN: Unknown qualifier.
+   * @GNUTLS_X509_QUALIFIER_URI: A URL
+   * @GNUTLS_X509_QUALIFIER_NOICE: A text notice.
+   *
+   * Enumeration of types for the X.509 qualifiers, of the certificate policy extension. 
+   */
+typedef enum gnutls_x509_qualifier_t {
+       GNUTLS_X509_QUALIFIER_UNKNOWN = 0, GNUTLS_X509_QUALIFIER_URI,
+       GNUTLS_X509_QUALIFIER_NOTICE
+} gnutls_x509_qualifier_t;
+
+typedef struct gnutls_x509_policy_st {
+       char *oid;
+       unsigned int qualifiers;
+       struct {
+               gnutls_x509_qualifier_t type;
+               char *data;
+               unsigned int size;
+       } qualifier[GNUTLS_MAX_QUALIFIERS];
+} gnutls_x509_policy_st;
+
+void gnutls_x509_policy_release(struct gnutls_x509_policy_st
+                               *policy);
+int gnutls_x509_crt_get_policy(gnutls_x509_crt_t crt, int indx, struct gnutls_x509_policy_st
+                              *policy, unsigned int *critical);
+int gnutls_x509_crt_set_policy(gnutls_x509_crt_t crt, struct gnutls_x509_policy_st
+                              *policy, unsigned int critical);
+
+int gnutls_x509_dn_oid_known(const char *oid);
+
+#define GNUTLS_X509_DN_OID_RETURN_OID 1
+const char *gnutls_x509_dn_oid_name(const char *oid, unsigned int flags);
+
+       /* Read extensions by OID. */
+int gnutls_x509_crt_get_extension_oid(gnutls_x509_crt_t cert,
+                                     int indx, void *oid,
+                                     size_t * oid_size);
+int gnutls_x509_crt_get_extension_by_oid(gnutls_x509_crt_t cert,
+                                        const char *oid, int indx,
+                                        void *buf,
+                                        size_t * buf_size,
+                                        unsigned int *critical);
+
+       /* Read extensions by sequence number. */
+int gnutls_x509_crt_get_extension_info(gnutls_x509_crt_t cert,
+                                      int indx, void *oid,
+                                      size_t * oid_size,
+                                      unsigned int *critical);
+int gnutls_x509_crt_get_extension_data(gnutls_x509_crt_t cert,
+                                      int indx, void *data,
+                                      size_t * sizeof_data);
+
+int gnutls_x509_crt_set_extension_by_oid(gnutls_x509_crt_t crt,
+                                        const char *oid,
+                                        const void *buf,
+                                        size_t sizeof_buf,
+                                        unsigned int critical);
+
+/* X.509 Certificate writing.
+ */
+int gnutls_x509_crt_set_dn(gnutls_x509_crt_t crt, const char *dn,
+                          const char **err);
+
+int gnutls_x509_crt_set_dn_by_oid(gnutls_x509_crt_t crt,
+                                 const char *oid,
+                                 unsigned int raw_flag,
+                                 const void *name,
+                                 unsigned int sizeof_name);
+int gnutls_x509_crt_set_issuer_dn_by_oid(gnutls_x509_crt_t crt,
+                                        const char *oid,
+                                        unsigned int raw_flag,
+                                        const void *name,
+                                        unsigned int sizeof_name);
+int gnutls_x509_crt_set_issuer_dn(gnutls_x509_crt_t crt,
+                                 const char *dn, const char **err);
+
+int gnutls_x509_crt_set_version(gnutls_x509_crt_t crt,
+                               unsigned int version);
+int gnutls_x509_crt_set_key(gnutls_x509_crt_t crt,
+                           gnutls_x509_privkey_t key);
+int gnutls_x509_crt_set_ca_status(gnutls_x509_crt_t crt, unsigned int ca);
+int gnutls_x509_crt_set_basic_constraints(gnutls_x509_crt_t crt,
+                                         unsigned int ca,
+                                         int pathLenConstraint);
+int gnutls_x509_crt_set_subject_alternative_name(gnutls_x509_crt_t
+                                                crt,
+                                                gnutls_x509_subject_alt_name_t
+                                                type, const char
+                                                *data_string);
+int gnutls_x509_crt_set_subject_alt_name(gnutls_x509_crt_t crt,
+                                        gnutls_x509_subject_alt_name_t
+                                        type, const void *data,
+                                        unsigned int data_size,
+                                        unsigned int flags);
+int gnutls_x509_crt_sign(gnutls_x509_crt_t crt,
+                        gnutls_x509_crt_t issuer,
+                        gnutls_x509_privkey_t issuer_key);
+int gnutls_x509_crt_sign2(gnutls_x509_crt_t crt,
+                         gnutls_x509_crt_t issuer,
+                         gnutls_x509_privkey_t issuer_key,
+                         gnutls_digest_algorithm_t dig,
+                         unsigned int flags);
+int gnutls_x509_crt_set_activation_time(gnutls_x509_crt_t cert,
+                                       time_t act_time);
+int gnutls_x509_crt_set_expiration_time(gnutls_x509_crt_t cert,
+                                       time_t exp_time);
+int gnutls_x509_crt_set_serial(gnutls_x509_crt_t cert,
+                              const void *serial, size_t serial_size);
+
+int gnutls_x509_crt_set_subject_key_id(gnutls_x509_crt_t cert,
+                                      const void *id, size_t id_size);
+
+int gnutls_x509_crt_set_proxy_dn(gnutls_x509_crt_t crt,
+                                gnutls_x509_crt_t eecrt,
+                                unsigned int raw_flag,
+                                const void *name,
+                                unsigned int sizeof_name);
+int gnutls_x509_crt_set_proxy(gnutls_x509_crt_t crt,
+                             int pathLenConstraint,
+                             const char *policyLanguage,
+                             const char *policy, size_t sizeof_policy);
+
+int gnutls_x509_crt_print(gnutls_x509_crt_t cert,
+                         gnutls_certificate_print_formats_t
+                         format, gnutls_datum_t * out);
+int gnutls_x509_crl_print(gnutls_x509_crl_t crl,
+                         gnutls_certificate_print_formats_t
+                         format, gnutls_datum_t * out);
+
+       /* Access to internal Certificate fields.
+        */
+int gnutls_x509_crt_get_raw_issuer_dn(gnutls_x509_crt_t cert,
+                                     gnutls_datum_t * start);
+int gnutls_x509_crt_get_raw_dn(gnutls_x509_crt_t cert,
+                              gnutls_datum_t * start);
+
+/* RDN handling.
+ */
+int gnutls_x509_rdn_get(const gnutls_datum_t * idn,
+                       char *buf, size_t * sizeof_buf);
+int gnutls_x509_rdn_get_oid(const gnutls_datum_t * idn,
+                           int indx, void *buf, size_t * sizeof_buf);
+
+int gnutls_x509_rdn_get_by_oid(const gnutls_datum_t * idn,
+                              const char *oid, int indx,
+                              unsigned int raw_flag, void *buf,
+                              size_t * sizeof_buf);
+
+typedef void *gnutls_x509_dn_t;
+
+typedef struct gnutls_x509_ava_st {
+       gnutls_datum_t oid;
+       gnutls_datum_t value;
+       unsigned long value_tag;
+} gnutls_x509_ava_st;
+
+int gnutls_x509_crt_get_subject(gnutls_x509_crt_t cert,
+                               gnutls_x509_dn_t * dn);
+int gnutls_x509_crt_get_issuer(gnutls_x509_crt_t cert,
+                              gnutls_x509_dn_t * dn);
+int gnutls_x509_dn_get_rdn_ava(gnutls_x509_dn_t dn, int irdn,
+                              int iava, gnutls_x509_ava_st * ava);
+
+int gnutls_x509_dn_init(gnutls_x509_dn_t * dn);
+
+int gnutls_x509_dn_import(gnutls_x509_dn_t dn,
+                         const gnutls_datum_t * data);
+
+int gnutls_x509_dn_export(gnutls_x509_dn_t dn,
+                         gnutls_x509_crt_fmt_t format,
+                         void *output_data, size_t * output_data_size);
+int gnutls_x509_dn_export2(gnutls_x509_dn_t dn,
+                          gnutls_x509_crt_fmt_t format,
+                          gnutls_datum_t * out);
+
+void gnutls_x509_dn_deinit(gnutls_x509_dn_t dn);
+
+
+/* CRL handling functions.
+ */
+int gnutls_x509_crl_init(gnutls_x509_crl_t * crl);
+void gnutls_x509_crl_deinit(gnutls_x509_crl_t crl);
+
+int gnutls_x509_crl_import(gnutls_x509_crl_t crl,
+                          const gnutls_datum_t * data,
+                          gnutls_x509_crt_fmt_t format);
+int gnutls_x509_crl_export(gnutls_x509_crl_t crl,
+                          gnutls_x509_crt_fmt_t format,
+                          void *output_data, size_t * output_data_size);
+int gnutls_x509_crl_export2(gnutls_x509_crl_t crl,
+                           gnutls_x509_crt_fmt_t format,
+                           gnutls_datum_t * out);
+
+int
+gnutls_x509_crl_get_raw_issuer_dn(gnutls_x509_crl_t crl,
+                                 gnutls_datum_t * dn);
+
+int gnutls_x509_crl_get_issuer_dn(gnutls_x509_crl_t crl,
+                                 char *buf, size_t * sizeof_buf);
+int gnutls_x509_crl_get_issuer_dn2(gnutls_x509_crl_t crl,
+                                  gnutls_datum_t * dn);
+int gnutls_x509_crl_get_issuer_dn_by_oid(gnutls_x509_crl_t crl,
+                                        const char *oid, int indx,
+                                        unsigned int raw_flag,
+                                        void *buf, size_t * sizeof_buf);
+int gnutls_x509_crl_get_dn_oid(gnutls_x509_crl_t crl, int indx,
+                              void *oid, size_t * sizeof_oid);
+
+int gnutls_x509_crl_get_signature_algorithm(gnutls_x509_crl_t crl);
+int gnutls_x509_crl_get_signature(gnutls_x509_crl_t crl,
+                                 char *sig, size_t * sizeof_sig);
+int gnutls_x509_crl_get_version(gnutls_x509_crl_t crl);
+
+time_t gnutls_x509_crl_get_this_update(gnutls_x509_crl_t crl);
+time_t gnutls_x509_crl_get_next_update(gnutls_x509_crl_t crl);
+
+int gnutls_x509_crl_get_crt_count(gnutls_x509_crl_t crl);
+int gnutls_x509_crl_get_crt_serial(gnutls_x509_crl_t crl, int indx,
+                                  unsigned char *serial,
+                                  size_t * serial_size, time_t * t);
+#define gnutls_x509_crl_get_certificate_count gnutls_x509_crl_get_crt_count
+#define gnutls_x509_crl_get_certificate gnutls_x509_crl_get_crt_serial
+
+int gnutls_x509_crl_check_issuer(gnutls_x509_crl_t crl,
+                                gnutls_x509_crt_t issuer);
+
+int gnutls_x509_crl_list_import2(gnutls_x509_crl_t ** crls,
+                                unsigned int *size,
+                                const gnutls_datum_t * data,
+                                gnutls_x509_crt_fmt_t format,
+                                unsigned int flags);
+
+int gnutls_x509_crl_list_import(gnutls_x509_crl_t * crls,
+                               unsigned int *crl_max,
+                               const gnutls_datum_t * data,
+                               gnutls_x509_crt_fmt_t format,
+                               unsigned int flags);
+/* CRL writing.
+ */
+int gnutls_x509_crl_set_version(gnutls_x509_crl_t crl,
+                               unsigned int version);
+int gnutls_x509_crl_set_this_update(gnutls_x509_crl_t crl,
+                                   time_t act_time);
+int gnutls_x509_crl_set_next_update(gnutls_x509_crl_t crl,
+                                   time_t exp_time);
+int gnutls_x509_crl_set_crt_serial(gnutls_x509_crl_t crl,
+                                  const void *serial,
+                                  size_t serial_size,
+                                  time_t revocation_time);
+int gnutls_x509_crl_set_crt(gnutls_x509_crl_t crl,
+                           gnutls_x509_crt_t crt, time_t revocation_time);
+
+int gnutls_x509_crl_get_authority_key_id(gnutls_x509_crl_t crl,
+                                        void *id,
+                                        size_t * id_size,
+                                        unsigned int *critical);
+int gnutls_x509_crl_get_authority_key_gn_serial(gnutls_x509_crl_t
+                                               crl,
+                                               unsigned int seq,
+                                               void *alt,
+                                               size_t * alt_size,
+                                               unsigned int
+                                               *alt_type,
+                                               void *serial,
+                                               size_t *
+                                               serial_size, unsigned int
+                                               *critical);
+
+int gnutls_x509_crl_get_number(gnutls_x509_crl_t crl, void *ret,
+                              size_t * ret_size, unsigned int *critical);
+
+int gnutls_x509_crl_get_extension_oid(gnutls_x509_crl_t crl,
+                                     int indx, void *oid,
+                                     size_t * sizeof_oid);
+
+int gnutls_x509_crl_get_extension_info(gnutls_x509_crl_t crl,
+                                      int indx, void *oid,
+                                      size_t * sizeof_oid,
+                                      unsigned int *critical);
+
+int gnutls_x509_crl_get_extension_data(gnutls_x509_crl_t crl,
+                                      int indx, void *data,
+                                      size_t * sizeof_data);
+
+int gnutls_x509_crl_set_authority_key_id(gnutls_x509_crl_t crl,
+                                        const void *id, size_t id_size);
+
+int gnutls_x509_crl_set_number(gnutls_x509_crl_t crl,
+                              const void *nr, size_t nr_size);
+
+
+/* PKCS7 structures handling
+ */
+struct gnutls_pkcs7_int;
+typedef struct gnutls_pkcs7_int *gnutls_pkcs7_t;
+
+int gnutls_pkcs7_init(gnutls_pkcs7_t * pkcs7);
+void gnutls_pkcs7_deinit(gnutls_pkcs7_t pkcs7);
+int gnutls_pkcs7_import(gnutls_pkcs7_t pkcs7,
+                       const gnutls_datum_t * data,
+                       gnutls_x509_crt_fmt_t format);
+int gnutls_pkcs7_export(gnutls_pkcs7_t pkcs7,
+                       gnutls_x509_crt_fmt_t format,
+                       void *output_data, size_t * output_data_size);
+int gnutls_pkcs7_export2(gnutls_pkcs7_t pkcs7,
+                        gnutls_x509_crt_fmt_t format,
+                        gnutls_datum_t * out);
+
+int gnutls_pkcs7_get_crt_count(gnutls_pkcs7_t pkcs7);
+int gnutls_pkcs7_get_crt_raw(gnutls_pkcs7_t pkcs7, int indx,
+                            void *certificate, size_t * certificate_size);
+
+int gnutls_pkcs7_set_crt_raw(gnutls_pkcs7_t pkcs7,
+                            const gnutls_datum_t * crt);
+int gnutls_pkcs7_set_crt(gnutls_pkcs7_t pkcs7, gnutls_x509_crt_t crt);
+int gnutls_pkcs7_delete_crt(gnutls_pkcs7_t pkcs7, int indx);
+
+int gnutls_pkcs7_get_crl_raw(gnutls_pkcs7_t pkcs7,
+                            int indx, void *crl, size_t * crl_size);
+int gnutls_pkcs7_get_crl_count(gnutls_pkcs7_t pkcs7);
+
+int gnutls_pkcs7_set_crl_raw(gnutls_pkcs7_t pkcs7,
+                            const gnutls_datum_t * crl);
+int gnutls_pkcs7_set_crl(gnutls_pkcs7_t pkcs7, gnutls_x509_crl_t crl);
+int gnutls_pkcs7_delete_crl(gnutls_pkcs7_t pkcs7, int indx);
+
+/* X.509 Certificate verification functions.
+ */
+
+/**
+ * gnutls_certificate_verify_flags:
+ * @GNUTLS_VERIFY_DISABLE_CA_SIGN: If set a signer does not have to be
+ *   a certificate authority. This flag should normally be disabled,
+ *   unless you know what this means.
+ * @GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS: If set a signer in the trusted
+ *   list is never checked for expiration or activation.
+ * @GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT: Allow trusted CA certificates
+ *   with version 1. This is safer than %GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT,
+ *   and should be used instead. That way only signers in your trusted list
+ *   will be allowed to have certificates of version 1. This is the default.
+ * @GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT: Do not allow trusted CA
+ *   certificates that have version 1.  This option is to be used
+ *   to deprecate all certificates of version 1.
+ * @GNUTLS_VERIFY_DO_NOT_ALLOW_SAME: If a certificate is not signed by
+ *   anyone trusted but exists in the trusted CA list do not treat it
+ *   as trusted.
+ * @GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN: A certificate chain is tolerated
+ *   if unsorted (the case with many TLS servers out there). This is the
+ *   default since GnuTLS 3.1.4.
+ * @GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN: Do not tolerate an unsorted
+ *   certificate chain.
+ * @GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT: Allow CA certificates that
+ *   have version 1 (both root and intermediate). This might be
+ *   dangerous since those haven't the basicConstraints
+ *   extension. Must be used in combination with
+ *   %GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT.
+ * @GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2: Allow certificates to be signed
+ *   using the broken MD2 algorithm.
+ * @GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5: Allow certificates to be signed
+ *   using the broken MD5 algorithm.
+ * @GNUTLS_VERIFY_DISABLE_TIME_CHECKS: Disable checking of activation
+ *   and expiration validity periods of certificate chains. Don't set
+ *   this unless you understand the security implications.
+ * @GNUTLS_VERIFY_DISABLE_CRL_CHECKS: Disable checking for validity
+ *   using certificate revocation lists or the available OCSP data.
+ *
+ * Enumeration of different certificate verify flags.
+ */
+typedef enum gnutls_certificate_verify_flags {
+       GNUTLS_VERIFY_DISABLE_CA_SIGN = 1 << 0,
+       GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT = 1 << 1,
+       GNUTLS_VERIFY_DO_NOT_ALLOW_SAME = 1 << 2,
+       GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT = 1 << 3,
+       GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2 = 1 << 4,
+       GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5 = 1 << 5,
+       GNUTLS_VERIFY_DISABLE_TIME_CHECKS = 1 << 6,
+       GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS = 1 << 7,
+       GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT = 1 << 8,
+       GNUTLS_VERIFY_DISABLE_CRL_CHECKS = 1 << 9,
+       GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN = 1 << 10,
+       GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN = 1 << 11,
+} gnutls_certificate_verify_flags;
+
+int gnutls_x509_crt_check_issuer(gnutls_x509_crt_t cert,
+                                gnutls_x509_crt_t issuer);
+
+int gnutls_x509_crt_list_verify(const gnutls_x509_crt_t *
+                               cert_list, int cert_list_length,
+                               const gnutls_x509_crt_t * CA_list,
+                               int CA_list_length,
+                               const gnutls_x509_crl_t * CRL_list,
+                               int CRL_list_length,
+                               unsigned int flags, unsigned int *verify);
+
+int gnutls_x509_crt_verify(gnutls_x509_crt_t cert,
+                          const gnutls_x509_crt_t * CA_list,
+                          int CA_list_length, unsigned int flags,
+                          unsigned int *verify);
+int gnutls_x509_crl_verify(gnutls_x509_crl_t crl,
+                          const gnutls_x509_crt_t * CA_list,
+                          int CA_list_length, unsigned int flags,
+                          unsigned int *verify);
+
+int gnutls_x509_crt_check_revocation(gnutls_x509_crt_t cert,
+                                    const gnutls_x509_crl_t *
+                                    crl_list, int crl_list_length);
+
+int gnutls_x509_crt_get_fingerprint(gnutls_x509_crt_t cert,
+                                   gnutls_digest_algorithm_t algo,
+                                   void *buf, size_t * buf_size);
+
+int gnutls_x509_crt_get_key_purpose_oid(gnutls_x509_crt_t cert,
+                                       int indx, void *oid,
+                                       size_t * oid_size,
+                                       unsigned int *critical);
+int gnutls_x509_crt_set_key_purpose_oid(gnutls_x509_crt_t cert,
+                                       const void *oid,
+                                       unsigned int critical);
+
+/* Private key handling.
+ */
+
+/* Flags for the gnutls_x509_privkey_export_pkcs8() function.
+ */
+
+#define GNUTLS_PKCS8_PLAIN GNUTLS_PKCS_PLAIN
+#define GNUTLS_PKCS8_USE_PKCS12_3DES GNUTLS_PKCS_USE_PKCS12_3DES
+#define GNUTLS_PKCS8_USE_PKCS12_ARCFOUR GNUTLS_PKCS_USE_PKCS12_ARCFOUR
+#define GNUTLS_PKCS8_USE_PKCS12_RC2_40 GNUTLS_PKCS_USE_PKCS12_RC2_40
+
+/**
+ * gnutls_pkcs_encrypt_flags_t:
+ * @GNUTLS_PKCS_PLAIN: Unencrypted private key.
+ * @GNUTLS_PKCS_NULL_PASSWORD: Some schemas distinguish between an empty and a NULL password.
+ * @GNUTLS_PKCS_USE_PKCS12_3DES: PKCS-12 3DES.
+ * @GNUTLS_PKCS_USE_PKCS12_ARCFOUR: PKCS-12 ARCFOUR.
+ * @GNUTLS_PKCS_USE_PKCS12_RC2_40: PKCS-12 RC2-40.
+ * @GNUTLS_PKCS_USE_PBES2_3DES: PBES2 3DES.
+ * @GNUTLS_PKCS_USE_PBES2_AES_128: PBES2 AES-128.
+ * @GNUTLS_PKCS_USE_PBES2_AES_192: PBES2 AES-192.
+ * @GNUTLS_PKCS_USE_PBES2_AES_256: PBES2 AES-256.
+ *
+ * Enumeration of different PKCS encryption flags.
+ */
+typedef enum gnutls_pkcs_encrypt_flags_t {
+       GNUTLS_PKCS_PLAIN = 1,
+       GNUTLS_PKCS_USE_PKCS12_3DES = 2,
+       GNUTLS_PKCS_USE_PKCS12_ARCFOUR = 4,
+       GNUTLS_PKCS_USE_PKCS12_RC2_40 = 8,
+       GNUTLS_PKCS_USE_PBES2_3DES = 16,
+       GNUTLS_PKCS_USE_PBES2_AES_128 = 32,
+       GNUTLS_PKCS_USE_PBES2_AES_192 = 64,
+       GNUTLS_PKCS_USE_PBES2_AES_256 = 128,
+       GNUTLS_PKCS_NULL_PASSWORD = 256
+} gnutls_pkcs_encrypt_flags_t;
+
+int gnutls_x509_privkey_init(gnutls_x509_privkey_t * key);
+void gnutls_x509_privkey_deinit(gnutls_x509_privkey_t key);
+gnutls_sec_param_t
+gnutls_x509_privkey_sec_param(gnutls_x509_privkey_t key);
+int gnutls_x509_privkey_cpy(gnutls_x509_privkey_t dst,
+                           gnutls_x509_privkey_t src);
+int gnutls_x509_privkey_import(gnutls_x509_privkey_t key,
+                              const gnutls_datum_t * data,
+                              gnutls_x509_crt_fmt_t format);
+int gnutls_x509_privkey_import_pkcs8(gnutls_x509_privkey_t key,
+                                    const gnutls_datum_t * data,
+                                    gnutls_x509_crt_fmt_t format,
+                                    const char *password,
+                                    unsigned int flags);
+int gnutls_x509_privkey_import_openssl(gnutls_x509_privkey_t key,
+                                      const gnutls_datum_t * data,
+                                      const char *password);
+
+int gnutls_x509_privkey_import2(gnutls_x509_privkey_t key,
+                               const gnutls_datum_t * data,
+                               gnutls_x509_crt_fmt_t format,
+   &n