diff options
author | Rickard Bellgrim <rickard@opendnssec.org> | 2011-06-16 08:43:31 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2011-06-16 08:44:25 +0200 |
commit | f1c371eb1ddc4eeba32473124b9ac2f650defcb4 (patch) | |
tree | 600b8336ac3c3a2200781636bf63c4319f8fa654 | |
parent | 3830d1309f4cd15c0394f9a0344b54234723161e (diff) | |
download | gnutls-f1c371eb1ddc4eeba32473124b9ac2f650defcb4.tar.gz |
The CKA_SUBJECT must be specified for a certificate.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
-rw-r--r-- | lib/pkcs11_write.c | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/lib/pkcs11_write.c b/lib/pkcs11_write.c index fb161ac608..e9b5f404ce 100644 --- a/lib/pkcs11_write.c +++ b/lib/pkcs11_write.c @@ -53,12 +53,13 @@ gnutls_pkcs11_copy_x509_crt (const char *token_url, size_t der_size, id_size; opaque *der = NULL; opaque id[20]; - struct ck_attribute a[8]; + struct ck_attribute a[10]; ck_object_class_t class = CKO_CERTIFICATE; ck_certificate_type_t type = CKC_X_509; ck_object_handle_t obj; ck_bool_t tval = 1; int a_val; + gnutls_datum_t subject = { NULL, 0 }; ret = pkcs11_url_to_info (token_url, &info); if (ret < 0) @@ -105,6 +106,13 @@ gnutls_pkcs11_copy_x509_crt (const char *token_url, gnutls_assert (); goto cleanup; } + + ret = gnutls_x509_crt_get_raw_dn (crt, &subject); + if (ret < 0) + { + gnutls_assert (); + goto cleanup; + } /* FIXME: copy key usage flags */ @@ -126,6 +134,11 @@ gnutls_pkcs11_copy_x509_crt (const char *token_url, a_val = 5; + a[a_val].type = CKA_SUBJECT; + a[a_val].value = subject.data; + a[a_val].value_len = subject.size; + a_val++; + if (label) { a[a_val].type = CKA_LABEL; @@ -158,6 +171,7 @@ gnutls_pkcs11_copy_x509_crt (const char *token_url, cleanup: gnutls_free (der); + _gnutls_free_datum(&subject); pakchois_close_session (pks); return ret; |