Added gnutls_pubkey_t abstract type to handle public keys. It can currently

import/export public keys from existing certificate types as well as from PKCS #11
URL. This allows generating a certificate or certificate request from a given public key
(currently one could only generate them from a given private key).

PKCS#11 API augmented to allow reading arbitrary objects instead of just certificates.
Certtool updated to list those objects.

1 files changed, 8 insertions, 1 deletions

diff --git a/lib/pkcs11_int.h b/lib/pkcs11_int.h
index c0708321f1..86cbba1ce4 100644
--- a/lib/pkcs11_int.h
+++ b/lib/pkcs11_int.h
@@ -29,6 +29,12 @@ struct pkcs11_url_info
     size_t certid_raw_size;
 };
 
+struct gnutls_pkcs11_obj_st {
+    gnutls_datum_t raw;
+    gnutls_pkcs11_obj_type_t type;
+    struct pkcs11_url_info info;
+};
+
 /* thus function is called for every token in the traverse_tokens
  * function. Once everything is traversed it is called with NULL tinfo.
  * It should return 0 if found what it was looking for.
@@ -38,7 +44,7 @@ typedef int (*find_func_t)(pakchois_session_t *pks, struct token_info* tinfo, vo
 int _pkcs11_traverse_tokens (find_func_t find_func, void* input, int leave_session);
 int pkcs11_url_to_info(const char* url, struct pkcs11_url_info* info);
 
-int pkcs11_get_info(struct pkcs11_url_info *info, gnutls_pkcs11_cert_info_t itype, 
+int pkcs11_get_info(struct pkcs11_url_info *info, gnutls_pkcs11_obj_info_t itype, 
     void* output, size_t* output_size);
 int pkcs11_login(pakchois_session_t *pks, struct token_info *info);
 
@@ -48,4 +54,5 @@ extern void* token_data;
 void pkcs11_rescan_slots(void);
 int pkcs11_info_to_url(const struct pkcs11_url_info* info, char** url);
 
+
 #endif