X-Git-Url: https://bearssl.org/gitweb//home/git/?p=BearSSL;a=blobdiff_plain;f=tools%2Fbrssl.h;h=e93ed4c7d527b456dd73fa99a3384b1cfd4154dc;hp=99ce38dc2a525e471db1f58ffd49524b6139b22c;hb=e61ad42191511226309bad2cbde8cd9e8cc743cb;hpb=3210f38e0491b39aec1ef419cb4114e9483089fb

diff --git a/tools/brssl.h b/tools/brssl.h
index 99ce38d..e93ed4c 100644
--- a/tools/brssl.h
+++ b/tools/brssl.h
@@ -163,6 +163,12 @@ typedef VECTOR(unsigned char) bvector;
  */
 int eqstr(const char *s1, const char *s2);
 
+/*
+ * Convert a string to a positive integer (size_t). Returned value is
+ * (size_t)-1 on error. On error, an explicit error message is printed.
+ */
+size_t parse_size(const char *s);
+
 /*
  * Structure for a known protocol version.
  */
@@ -273,6 +279,11 @@ void list_names(void);
  */
 const char *ec_curve_name(int curve);
 
+/*
+ * Get the symbolic name for a hash function name (by ID).
+ */
+const char *hash_function_name(int id);
+
 /*
  * Read a file completely. The returned block is allocated with xmalloc()
  * and must be released by the caller.
@@ -336,6 +347,12 @@ pem_object *decode_pem(const void *src, size_t len, size_t *num);
  */
 br_x509_certificate *read_certificates(const char *fname, size_t *num);
 
+/*
+ * Release certificates. This releases all certificate data arrays,
+ * and the whole array as well.
+ */
+void free_certificates(br_x509_certificate *certs, size_t num);
+
 /*
  * Interpret a certificate as a trust anchor. The trust anchor is
  * newly allocated with xmalloc() and the caller must release it.
@@ -363,6 +380,12 @@ void free_ta_contents(br_x509_trust_anchor *ta);
  */
 size_t read_trust_anchors(anchor_list *dst, const char *fname);
 
+/*
+ * Get the "signer key type" for the certificate (key type of the
+ * issuing CA). On error, this prints a message on stderr, and returns 0.
+ */
+int get_cert_signer_algo(br_x509_certificate *xc);
+
 /*
  * Special "no anchor" X.509 validator that wraps around another X.509
  * validator and turns "not trusted" error codes into success. This is
@@ -402,6 +425,20 @@ private_key *read_private_key(const char *fname);
  */
 void free_private_key(private_key *sk);
 
+/*
+ * Get the encoded OID for a given hash function (to use with PKCS#1
+ * signatures). If the hash function ID is 0 (for MD5+SHA-1), or if
+ * the ID is not one of the SHA-* functions (SHA-1, SHA-224, SHA-256,
+ * SHA-384, SHA-512), then this function returns NULL.
+ */
+const unsigned char *get_hash_oid(int id);
+
+/*
+ * Get a hash implementation by ID. This returns NULL if the hash
+ * implementation is not available.
+ */
+const br_hash_class *get_hash_impl(int id);
+
 /*
  * Find the symbolic name and the description for an error. If 'err' is
  * recognised then the error symbolic name is returned; if 'comment' is