diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-10-07 11:01:29 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-10-07 11:07:25 +0200 |
| commit | 29d8329019ef8c17aecb8a757aea853ffb7f48c5 (patch) | |
| tree | f83b0be42e6eda121f1a81d20aa8af8acab8351a | |
| parent | 531bac41a0ee19158f0722937d0c9efafbc3bb14 (diff) | |
| download | gnutls-29d8329019ef8c17aecb8a757aea853ffb7f48c5.tar.gz | |
Added helper functions gnutls_pubkey_import_openpgp_raw() and gnutls_pubkey_import_x509_raw().
| -rw-r--r-- | NEWS | 2 | ||||
| -rw-r--r-- | doc/cha-tokens.texi | 5 | ||||
| -rw-r--r-- | lib/gnutls_privkey.c | 2 | ||||
| -rw-r--r-- | lib/gnutls_pubkey.c | 111 | ||||
| -rw-r--r-- | lib/includes/gnutls/abstract.h | 11 | ||||
| -rw-r--r-- | lib/libgnutls.map | 2 |
6 files changed, 131 insertions, 2 deletions
@@ -40,6 +40,8 @@ gnutls_openpgp_crt_export2: Added gnutls_openpgp_privkey_export2: Added gnutls_pkcs11_obj_export2: Added gnutls_pkcs12_export2: Added +gnutls_pubkey_import_openpgp_raw: Added +gnutls_pubkey_import_x509_raw: Added dane_query_init: Added dane_query_deinit: Added dane_query_resolve_tlsa: Added diff --git a/doc/cha-tokens.texi b/doc/cha-tokens.texi index b290ff52c7..ad61b152b9 100644 --- a/doc/cha-tokens.texi +++ b/doc/cha-tokens.texi @@ -73,6 +73,11 @@ sequence. @showfuncB{gnutls_pubkey_export,gnutls_pubkey_export2} +Other helper functions that allow directly importing from raw X.509 or +OpenPGP structures are shown below. + +@showfuncB{gnutls_pubkey_import_x509_raw,gnutls_pubkey_import_openpgp_raw} + An important function is @funcref{gnutls_pubkey_import_url} which will import public keys from URLs that identify objects stored in tokens (see @ref{Smart cards and HSMs} and @ref{Trusted Platform Module}). A function to check for a supported by GnuTLS URL is @funcref{gnutls_url_is_supported}. diff --git a/lib/gnutls_privkey.c b/lib/gnutls_privkey.c index 00187a5cd6..f718b7cf69 100644 --- a/lib/gnutls_privkey.c +++ b/lib/gnutls_privkey.c @@ -947,8 +947,6 @@ cleanup: return ret; } - - /** * gnutls_privkey_import_url: * @key: A key of type #gnutls_privkey_t diff --git a/lib/gnutls_pubkey.c b/lib/gnutls_pubkey.c index 21bea55ed9..36e9cee0da 100644 --- a/lib/gnutls_pubkey.c +++ b/lib/gnutls_pubkey.c @@ -467,6 +467,67 @@ gnutls_pubkey_get_openpgp_key_id (gnutls_pubkey_t key, unsigned int flags, return 0; } +/** + * gnutls_pubkey_import_openpgp_raw: + * @pkey: The public key + * @data: The public key data to be imported + * @format: The format of the public key + * @keyid: The key id to use (optional) + * @flags: Should be zero + * + * This function will import the given public key to the abstract + * #gnutls_pubkey_t structure. + * + * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a + * negative error value. + * + * Since: 3.1.3 + **/ +int gnutls_pubkey_import_openpgp_raw (gnutls_pubkey_t pkey, + const gnutls_datum_t * data, + gnutls_openpgp_crt_fmt_t format, + const gnutls_openpgp_keyid_t keyid, + unsigned int flags) +{ + gnutls_openpgp_crt_t xpriv; + int ret; + + ret = gnutls_openpgp_crt_init(&xpriv); + if (ret < 0) + return gnutls_assert_val(ret); + + ret = gnutls_openpgp_crt_import(xpriv, data, format); + if (ret < 0) + { + gnutls_assert(); + goto cleanup; + } + + if(keyid) + { + ret = gnutls_openpgp_crt_set_preferred_key_id(xpriv, keyid); + if (ret < 0) + { + gnutls_assert(); + goto cleanup; + } + } + + ret = gnutls_pubkey_import_openpgp(pkey, xpriv, flags); + if (ret < 0) + { + gnutls_assert(); + goto cleanup; + } + + ret = 0; + +cleanup: + gnutls_openpgp_crt_deinit(xpriv); + + return ret; +} + #endif /** @@ -1951,3 +2012,53 @@ void gnutls_pubkey_set_pin_function (gnutls_pubkey_t key, key->pin.cb = fn; key->pin.data = userdata; } + +/** + * gnutls_pubkey_import_x509_raw: + * @pkey: The public key + * @data: The public key data to be imported + * @format: The format of the public key + * @flags: should be zero + * + * This function will import the given public key to the abstract + * #gnutls_pubkey_t structure. + * + * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a + * negative error value. + * + * Since: 3.1.0 + **/ +int gnutls_pubkey_import_x509_raw (gnutls_pubkey_t pkey, + const gnutls_datum_t * data, + gnutls_x509_crt_fmt_t format, + unsigned int flags) +{ + gnutls_x509_crt_t xpriv; + int ret; + + ret = gnutls_x509_crt_init(&xpriv); + if (ret < 0) + return gnutls_assert_val(ret); + + ret = gnutls_x509_crt_import(xpriv, data, format); + if (ret < 0) + { + gnutls_assert(); + goto cleanup; + } + + ret = gnutls_pubkey_import_x509(pkey, xpriv, flags); + if (ret < 0) + { + gnutls_assert(); + goto cleanup; + } + + return 0; + +cleanup: + gnutls_x509_crt_deinit(xpriv); + + return ret; +} + diff --git a/lib/includes/gnutls/abstract.h b/lib/includes/gnutls/abstract.h index b96d6305e8..36aa89cb74 100644 --- a/lib/includes/gnutls/abstract.h +++ b/lib/includes/gnutls/abstract.h @@ -69,6 +69,17 @@ int gnutls_pubkey_import_pkcs11 (gnutls_pubkey_t key, int gnutls_pubkey_import_openpgp (gnutls_pubkey_t key, gnutls_openpgp_crt_t crt, unsigned int flags); + +int gnutls_pubkey_import_openpgp_raw (gnutls_pubkey_t pkey, + const gnutls_datum_t * data, + gnutls_openpgp_crt_fmt_t format, + const gnutls_openpgp_keyid_t keyid, + unsigned int flags); +int gnutls_pubkey_import_x509_raw (gnutls_pubkey_t pkey, + const gnutls_datum_t * data, + gnutls_x509_crt_fmt_t format, + unsigned int flags); + int gnutls_pubkey_import_privkey (gnutls_pubkey_t key, gnutls_privkey_t pkey, unsigned int usage, unsigned int flags); diff --git a/lib/libgnutls.map b/lib/libgnutls.map index 578e159f17..c795ab1843 100644 --- a/lib/libgnutls.map +++ b/lib/libgnutls.map @@ -854,6 +854,8 @@ GNUTLS_3_1_0 { gnutls_openpgp_privkey_export2; gnutls_pkcs11_obj_export2; gnutls_pkcs12_export2; + gnutls_pubkey_import_openpgp_raw; + gnutls_pubkey_import_x509_raw; } GNUTLS_3_0_0; GNUTLS_PRIVATE { |