diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-06-28 18:07:01 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-06-28 18:23:24 +0200 |
commit | 21e200fdfe407108ff58b8a26a2f827bf0bf38d3 (patch) | |
tree | 5b1513396883b628d08ee66fa167bbea00482491 /lib/pkcs11_write.c | |
parent | 8d5ef8910cd5e80346c5aab2399c57532c1175cd (diff) | |
download | gnutls-21e200fdfe407108ff58b8a26a2f827bf0bf38d3.tar.gz |
Allow flags when importing objects from PKCS11 URLs. The only flag supported
now is the PKCS11_OBJ_FLAG_LOGIN, which forces login before accessing object on
a token. The reason is that some tokens do not allow access of any data without login.
Diffstat (limited to 'lib/pkcs11_write.c')
-rw-r--r-- | lib/pkcs11_write.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/lib/pkcs11_write.c b/lib/pkcs11_write.c index b93623ab1c..b41f9bbff8 100644 --- a/lib/pkcs11_write.c +++ b/lib/pkcs11_write.c @@ -33,7 +33,7 @@ * @token_url: A PKCS #11 URL specifying a token * @crt: A certificate * @label: A name to be used for the stored data - * @flags: One of GNUTLS_PKCS11_OBJ_FLAG_* + * @flags: One of GNUTLS_PKCS11_COPY_FLAG_* * * This function will copy a certificate into a PKCS #11 token specified by * a URL. The certificate can be marked as trusted or not. @@ -127,7 +127,7 @@ int gnutls_pkcs11_copy_x509_crt(const char* token_url, gnutls_x509_crt_t crt, a_val++; } - if (flags & GNUTLS_PKCS11_OBJ_FLAG_TRUSTED) { + if (flags & GNUTLS_PKCS11_COPY_FLAG_MARK_TRUSTED) { a[a_val].type = CKA_TRUSTED; a[a_val].value = &tval; a[a_val].value_len = sizeof(tval); @@ -161,6 +161,7 @@ cleanup: * @key: A private key * @label: A name to be used for the stored data * @key_usage: One of GNUTLS_KEY_* + * @flags: One of GNUTLS_PKCS11_COPY_* flags * * This function will copy a private key into a PKCS #11 token specified by * a URL. @@ -169,7 +170,8 @@ cleanup: * negative error value. **/ int gnutls_pkcs11_copy_x509_privkey(const char* token_url, - gnutls_x509_privkey_t key, const char* label, unsigned int key_usage) + gnutls_x509_privkey_t key, const char* label, unsigned int key_usage, + unsigned int flags) { int ret; pakchois_session_t *pks; |