diff options
author | Simon Josefsson <simon@josefsson.org> | 2007-05-02 10:48:08 +0000 |
---|---|---|
committer | Simon Josefsson <simon@josefsson.org> | 2007-05-02 10:48:08 +0000 |
commit | b54174a972d9bc4b666a44419cf4d8a7c62115cb (patch) | |
tree | 7e63e7c308a08dc1eae321cbf4ef75842acd7b78 | |
parent | b69ab98b8c410e13a60b5fc2a39c4fb6c8994984 (diff) | |
download | gnutls-b54174a972d9bc4b666a44419cf4d8a7c62115cb.tar.gz |
Doc fix.
-rw-r--r-- | pkcs11/gnutls_pkcs11.c | 24 |
1 files changed, 14 insertions, 10 deletions
diff --git a/pkcs11/gnutls_pkcs11.c b/pkcs11/gnutls_pkcs11.c index 334df268d7..adec159fed 100644 --- a/pkcs11/gnutls_pkcs11.c +++ b/pkcs11/gnutls_pkcs11.c @@ -29,22 +29,26 @@ #include "pkcs11.h" -/* The logic of PKCS#11 support in GnuTLS is as follows. Enable debug - * logging to trace the details. +/* The logic of PKCS#11 support in GnuTLS is as follows, for the + * gnutls_pkcs11_get_ca_certificates() function. Enable debug logging + * to trace the details. * - * 0) Initialize the PKCS#11 provider. (startup_pkcs11()) + * 1) Initialize the PKCS#11 provider. (startup_pkcs11()) * - * 1) Enumerate the CKA_ID's of all private keys. (find_keys()) + * 2) Iterate through certificates, and if the certificate has the + * CKA_TRUSTED flag, treat the certificate as a trusted CA + * certificate. (search_certificates()) * - * 2) Iterate through certificates, and + * The function gnutls_pkcs11_get_user_certificates will behave as + * follows. * - * a) if the certificate CKA_ID matches a private key CKA_ID, - * treat the certificate as a user certificate, + * 0) Initialize the PKCS#11 provider. (startup_pkcs11()) * - * -or- + * 1) Enumerate the CKA_ID's of all private keys. (find_keys()) * - * b) if the certificate has the CKA_TRUSTED flag, - * treat the certificate as a trusted CA certificate. + * 2) Iterate through certificates, and if the certificate CKA_ID + * matches a private key CKA_ID, treat the certificate as a user + * certificate. (search_certificates()) */ static int |