diff options
author | Simon Josefsson <simon@josefsson.org> | 2007-05-02 10:25:28 +0000 |
---|---|---|
committer | Simon Josefsson <simon@josefsson.org> | 2007-05-02 10:25:28 +0000 |
commit | 01012ec589c55ffc21ec9056b36ab73e049d4d4b (patch) | |
tree | 1839c16a839e9bd3f4b20844810ff55ccb6a033c | |
parent | 54128afb17fb579165698684e427ebabfd917b6a (diff) | |
download | gnutls-01012ec589c55ffc21ec9056b36ab73e049d4d4b.tar.gz |
Add code snippet.
-rw-r--r-- | doc/gnutls.texi | 19 |
1 files changed, 18 insertions, 1 deletions
diff --git a/doc/gnutls.texi b/doc/gnutls.texi index 75604e9efe..baf93585b5 100644 --- a/doc/gnutls.texi +++ b/doc/gnutls.texi @@ -2939,7 +2939,24 @@ client functions with the corresponding server functions. GnuTLS can use the PKCS#11 provider Scute (@url{http://www.scute.org/}) to load trusted CA certificates from, -e.g., smartcards. +e.g., smartcards. You'd typically use this functionality together +with @code{gnutls_certificate_set_x509_trust} as follows: + +@example +#include <gnutls/pkcs11.h> +... + gnutls_x509_crt_t * ca_list; + unsigned int ncas; + int ret; +... + ret = gnutls_pkcs11_get_ca_certificates (&ca_list, &ncas); + if (ret < 0) + // Error handling... + + ret = gnutls_certificate_set_x509_trust (xcred, ca_list, ncas); + if (ret < 0) + // Error handling... +@end example In the future, this functionality may be extended to allow off-loading the signing operation to the PKCS#11 provider too, and to support |