+
+/**
+ * DNS CERT types as defined in RFC 4398.
+ */
+enum GNUNET_DNSPARSER_CertType
+{
+ /**
+ * Reserved value
+ */
+ GNUNET_DNSPARSER_CERTTYPE_RESERVED = 0,
+
+ /**
+ * An x509 PKIX certificate
+ */
+ GNUNET_DNSPARSER_CERTTYPE_PKIX = 1,
+
+ /**
+ * A SKPI certificate
+ */
+ GNUNET_DNSPARSER_CERTTYPE_SKPI = 2,
+
+ /**
+ * A PGP certificate
+ */
+ GNUNET_DNSPARSER_CERTTYPE_PGP = 3,
+
+ /**
+ * An x509 PKIX cert URL
+ */
+ GNUNET_DNSPARSER_CERTTYPE_IPKIX = 4,
+
+ /**
+ * A SKPI cert URL
+ */
+ GNUNET_DNSPARSER_CERTTYPE_ISKPI = 5,
+
+ /**
+ * A PGP cert fingerprint and URL
+ */
+ GNUNET_DNSPARSER_CERTTYPE_IPGP = 6,
+
+ /**
+ * An attribute Certificate
+ */
+ GNUNET_DNSPARSER_CERTTYPE_ACPKIX = 7,
+
+ /**
+ * An attribute cert URL
+ */
+ GNUNET_DNSPARSER_CERTTYPE_IACKPIX = 8
+};
+
+
+/**
+ * DNSCERT algorithms as defined in http://www.iana.org/assignments/
+ * dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml, under dns-sec-alg-numbers-1
+ */
+enum GNUNET_DNSPARSER_CertAlgorithm
+{
+ /**
+ * No defined
+ */
+ GNUNET_DNSPARSER_CERTALGO_UNDEFINED = 0,
+
+ /**
+ * RSA/MD5
+ */
+ GNUNET_DNSPARSER_CERTALGO_RSAMD5 = 1,
+
+ /**
+ * Diffie-Hellman
+ */
+ GNUNET_DNSPARSER_CERTALGO_DH = 2,
+
+ /**
+ * DSA/SHA1
+ */
+ GNUNET_DNSPARSER_CERTALGO_DSASHA = 3,
+
+ /**
+ * Reserved
+ */
+ GNUNET_DNSPARSER_CERTALGO_RSRVD4 = 4,
+
+ /**
+ * RSA/SHA1
+ */
+ GNUNET_DNSPARSER_CERTALGO_RSASHA = 5,
+
+ /**
+ * DSA/NSEC3/SHA
+ */
+ GNUNET_DNSPARSER_CERTALGO_DSANSEC3 = 6,
+
+ /**
+ * RSA/NSEC3/SHA
+ */
+ GNUNET_DNSPARSER_CERTALGO_RSANSEC3 = 7,
+
+ /**
+ * RSA/SHA256
+ */
+ GNUNET_DNSPARSER_CERTALGO_RSASHA256 = 8,
+
+ /**
+ * Reserved
+ */
+ GNUNET_DNSPARSER_CERTALGO_RSRVD9 = 9,
+
+ /**
+ * RSA/SHA512
+ */
+ GNUNET_DNSPARSER_CERTALGO_RSASHA512 = 10,
+
+ /**
+ * GOST R 34.10-2001
+ */
+ GNUNET_DNSPARSER_CERTALGO_GOST_R34 = 12,
+
+ /**
+ * ECDSA Curve P-256/SHA256
+ */
+ GNUNET_DNSPARSER_CERTALGO_ECDSA_P256SHA256 = 13,
+
+ /**
+ * ECDSA Curve P-384/SHA384
+ */
+ GNUNET_DNSPARSER_CERTALGO_ECDSA_P384SHA384 = 14
+
+};
+
+
+/**
+ * Information from CERT records (RFC 4034).
+ */
+struct GNUNET_DNSPARSER_CertRecord
+{
+
+ /**
+ * Certificate type
+ */
+ enum GNUNET_DNSPARSER_CertType cert_type;
+
+ /**
+ * Certificate KeyTag
+ */
+ uint16_t cert_tag;
+
+ /**
+ * Algorithm
+ */
+ enum GNUNET_DNSPARSER_CertAlgorithm algorithm;
+
+ /**
+ * Number of bytes in @e certificate_data
+ */
+ size_t certificate_size;
+
+ /**
+ * Data of the certificate.
+ */
+ char *certificate_data;
+
+};
+
+