diff options
author | Armin Burgmeier <armin@arbur.net> | 2014-09-18 10:13:55 -0400 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2014-09-24 10:07:39 +0200 |
commit | d80d9e3908c0785d403c2e7f475d951fec1003c9 (patch) | |
tree | 77c9fcdbf9aeafd66561ad18c9c47ce791c003a8 | |
parent | 967092ce312760be0ae40067c0ffc6f2d7b095f1 (diff) | |
download | gnutls-d80d9e3908c0785d403c2e7f475d951fec1003c9.tar.gz |
Add getter functions for openpgp keys and certificates
Signed-off-by: Armin Burgmeier <armin@arbur.net>
-rw-r--r-- | lib/includes/gnutls/openpgp.h | 10 | ||||
-rw-r--r-- | lib/libgnutls.map | 2 | ||||
-rw-r--r-- | lib/openpgp/gnutls_openpgp.c | 98 |
3 files changed, 110 insertions, 0 deletions
diff --git a/lib/includes/gnutls/openpgp.h b/lib/includes/gnutls/openpgp.h index 11958b3764..b7b64ad788 100644 --- a/lib/includes/gnutls/openpgp.h +++ b/lib/includes/gnutls/openpgp.h @@ -333,6 +333,16 @@ int gnutls_certificate_set_openpgp_key gnutls_openpgp_crt_t crt, gnutls_openpgp_privkey_t pkey); int +gnutls_certificate_get_openpgp_key(gnutls_certificate_credentials_t res, + int index, + gnutls_openpgp_privkey_t *key); +int +gnutls_certificate_get_openpgp_crt(gnutls_certificate_credentials_t res, + int index, + gnutls_openpgp_crt_t **crt_list, + int *crt_list_size); + +int gnutls_certificate_set_openpgp_key_file (gnutls_certificate_credentials_t res, const char *certfile, const char *keyfile, gnutls_openpgp_crt_fmt_t format); diff --git a/lib/libgnutls.map b/lib/libgnutls.map index 062a55bd46..dffd364582 100644 --- a/lib/libgnutls.map +++ b/lib/libgnutls.map @@ -1016,6 +1016,8 @@ GNUTLS_3_1_0 { gnutls_certificate_get_verify_flags; gnutls_certificate_get_x509_key; gnutls_certificate_get_x509_crt; + gnutls_certificate_get_openpgp_key; + gnutls_certificate_get_openpgp_crt; gnutls_credentials_get; gnutls_x509_crl_iter_crt_serial; gnutls_x509_crl_iter_deinit; diff --git a/lib/openpgp/gnutls_openpgp.c b/lib/openpgp/gnutls_openpgp.c index 7c05e1fbfc..bbb101ec8a 100644 --- a/lib/openpgp/gnutls_openpgp.c +++ b/lib/openpgp/gnutls_openpgp.c @@ -166,6 +166,104 @@ gnutls_certificate_set_openpgp_key(gnutls_certificate_credentials_t res, return ret; } +/** + * gnutls_certificate_get_openpgp_key: + * @res: is a #gnutls_certificate_credentials_t structure. + * @index: The index of the key to obtain. + * @key: Location to store the key. + * + * Obtains a OpenPGP private key that has been stored in @res with one of + * gnutls_certificate_set_openpgp_key(), + * gnutls_certificate_set_openpgp_key_file(), + * gnutls_certificate_set_openpgp_key_file2(), + * gnutls_certificate_set_openpgp_key_mem(), or + * gnutls_certificate_set_openpgp_key_mem2(). + * The returned key must be deallocated with gnutls_openpgp_privkey_deinit() + * when no longer needed. + * + * If there is no key with the given index, + * %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE is returned. If the key with the + * given index is not a X.509 key, %GNUTLS_E_INVALID_REQUEST is returned. + * + * Returns: %GNUTLS_E_SUCCESS (0) on success, or a negative error code. + * + * Since: 3.4.0 + */ +int +gnutls_certificate_get_openpgp_key(gnutls_certificate_credentials_t res, + int index, + gnutls_openpgp_privkey_t *key) +{ + if (index >= res->ncerts) { + gnutls_assert(); + return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE; + } + + return gnutls_privkey_export_openpgp(res->pkey[index], key); +} + +/** + * gnutls_certificate_get_openpgp_crt: + * @res: is a #gnutls_certificate_credentials_t structure. + * @index: The index of the certificate list to obtain. + * @crt_list: Where to store the certificate list. + * @key: Will hold the number of certificates. + * + * Obtains a X.509 certificate list that has been stored in @res with one of + * gnutls_certificate_set_openpgp_key(), + * gnutls_certificate_set_openpgp_key_file(), + * gnutls_certificate_set_openpgp_key_file2(), + * gnutls_certificate_set_openpgp_key_mem(), or + * gnutls_certificate_set_openpgp_key_mem2(). Each certificate in the + * returned certificate list must be deallocated with + * gnutls_openpgp_crt_deinit(), and the list itself must be freed with + * gnutls_free(). + * + * If there is no certificate with the given index, + * %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE is returned. If the certificate + * with the given index is not a X.509 certificate, %GNUTLS_E_INVALID_REQUEST + * is returned. + * + * Returns: %GNUTLS_E_SUCCESS (0) on success, or a negative error code. + * + * Since: 3.4.0 + */ +int +gnutls_certificate_get_openpgp_crt(gnutls_certificate_credentials_t res, + int index, + gnutls_openpgp_crt_t **crt_list, + int *crt_list_size) +{ + int ret, i; + + if (index >= res->ncerts) { + gnutls_assert(); + return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE; + } + + *crt_list_size = res->certs[index].cert_list_length; + *crt_list = gnutls_malloc( + res->certs[index].cert_list_length * sizeof (gnutls_openpgp_crt_t)); + if (*crt_list == NULL) { + gnutls_assert(); + return GNUTLS_E_MEMORY_ERROR; + } + + for (i = 0; i < res->certs[index].cert_list_length; ++i) { + ret = gnutls_pcert_export_openpgp(&res->certs[index].cert_list[i], crt_list[i]); + if (ret < 0) { + while (i--) + gnutls_openpgp_crt_deinit(*crt_list[i]); + gnutls_free(*crt_list); + *crt_list = NULL; + + return gnutls_assert_val(ret); + } + } + + return 0; +} + /*- * gnutls_openpgp_get_key: * @key: the destination context to save the key. |