diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-05-31 00:17:14 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-06-03 19:55:02 +0200 |
| commit | f0bb0ff371418b5a32fefd50e329733a9afc4b6d (patch) | |
| tree | a51abb196c93f7d06764423e8bccd913beb3cebe /src | |
| parent | 0a120e76db70a0db2713d7bcddda07b027ca1842 (diff) | |
| download | gnutls-f0bb0ff371418b5a32fefd50e329733a9afc4b6d.tar.gz | |
Several fixes after big rebase.
Diffstat (limited to 'src')
| -rw-r--r-- | src/pkcs11.c | 164 |
1 files changed, 10 insertions, 154 deletions
diff --git a/src/pkcs11.c b/src/pkcs11.c index c27dd03e25..dc3e8a355a 100644 --- a/src/pkcs11.c +++ b/src/pkcs11.c @@ -372,177 +372,33 @@ int ret; unsigned int flags = 0; unsigned int key_usage; -} - -void pkcs11_export(FILE* outfile, const char* url) -{ -gnutls_pkcs11_crt_t crt; -gnutls_x509_crt_t xcrt; -int ret; -size_t size; - pkcs11_common(); if (url == NULL) url = "pkcs11:"; - ret = gnutls_pkcs11_obj_init(&crt); - if (ret < 0) { - fprintf(stderr, "Error in %s:%d: %s\n", __func__, __LINE__, gnutls_strerror(ret)); - exit(1); - } - - ret = gnutls_pkcs11_obj_import_url( crt, url); - if (ret < 0) { - fprintf(stderr, "Error in %s:%d: %s\n", __func__, __LINE__, gnutls_strerror(ret)); - exit(1); - } - - switch(gnutls_pkcs11_obj_get_type(crt)) { - case GNUTLS_PKCS11_OBJ_X509_CRT: - ret = gnutls_x509_crt_init(&xcrt); - if (ret < 0) { - fprintf(stderr, "Error in %s:%d: %s\n", __func__, __LINE__, gnutls_strerror(ret)); - exit(1); - } - - ret = gnutls_x509_crt_import_pkcs11(xcrt, crt); - if (ret < 0) { - fprintf(stderr, "Error in %s:%d: %s\n", __func__, __LINE__, gnutls_strerror(ret)); - exit(1); - } - - size = buffer_size; - ret = gnutls_x509_crt_export (xcrt, GNUTLS_X509_FMT_PEM, buffer, &size); - if (ret < 0) { - fprintf(stderr, "Error in %s:%d: %s\n", __func__, __LINE__, gnutls_strerror(ret)); - exit(1); - } - fwrite (buffer, 1, size, outfile); - - gnutls_x509_crt_deinit(xcrt); - break; - case GNUTLS_PKCS11_OBJ_PUBKEY: - ret = gnutls_pubkey_init(&pubkey); - if (ret < 0) { - fprintf(stderr, "Error in %s:%d: %s\n", __func__, __LINE__, gnutls_strerror(ret)); - exit(1); - } - - ret = gnutls_pubkey_import_pkcs11(pubkey, crt, 0); - if (ret < 0) { - fprintf(stderr, "Error in %s:%d: %s\n", __func__, __LINE__, gnutls_strerror(ret)); - exit(1); - } - - size = buffer_size; - ret = gnutls_pubkey_export (pubkey, GNUTLS_X509_FMT_PEM, buffer, &size); - if (ret < 0) { - fprintf(stderr, "Error in %s:%d: %s\n", __func__, __LINE__, gnutls_strerror(ret)); - exit(1); - } - fwrite (buffer, 1, size, outfile); - - gnutls_pubkey_deinit(pubkey); - break; - default: { - gnutls_datum data, enc; - - size = buffer_size; - ret = gnutls_pkcs11_obj_export (crt, buffer, &size); - if (ret < 0) { - break; - } - - data.data = buffer; - data.size = size; - - ret = gnutls_pem_base64_encode_alloc("DATA", &data, &enc); - if (ret < 0) { - fprintf(stderr, "Error in %s:%d: %s\n", __func__, __LINE__, gnutls_strerror(ret)); - exit(1); - } - - fwrite (enc.data, 1, enc.size, outfile); - - gnutls_free(enc.data); - break; - } - } - fputs("\n\n", outfile); - - - gnutls_pkcs11_obj_deinit(crt); - - return; - -} - -void pkcs11_token_list(FILE* outfile) -{ -int ret; -int i; -char *url; -char buf[128]; -size_t size; - - pkcs11_common(); - - for (i=0;;i++) { - ret = gnutls_pkcs11_token_get_url(i, &url); - if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) - break; - + xcrt = load_cert(0); + if (xcrt != NULL) { + if (trusted) + flags |= GNUTLS_PKCS11_OBJ_FLAG_TRUSTED; + ret = gnutls_pkcs11_copy_x509_crt(url, xcrt, label, flags); if (ret < 0) { fprintf(stderr, "Error in %s:%d: %s\n", __func__, __LINE__, gnutls_strerror(ret)); exit(1); } - fprintf(outfile, "Token %d:\n\tURL: %s\n", i, url); - - size = sizeof(buf); - ret = gnutls_pkcs11_token_get_info(url, GNUTLS_PKCS11_TOKEN_LABEL, buf, &size); - if (ret < 0) { - fprintf(stderr, "Error in %s:%d: %s\n", __func__, __LINE__, gnutls_strerror(ret)); - exit(1); - } - - fprintf(outfile, "\tLabel: %s\n", buf); - - size = sizeof(buf); - ret = gnutls_pkcs11_token_get_info(url, GNUTLS_PKCS11_TOKEN_MANUFACTURER, buf, &size); - if (ret < 0) { - fprintf(stderr, "Error in %s:%d: %s\n", __func__, __LINE__, gnutls_strerror(ret)); - exit(1); - } - - fprintf(outfile, "\tManufacturer: %s\n", buf); - - size = sizeof(buf); - ret = gnutls_pkcs11_token_get_info(url, GNUTLS_PKCS11_TOKEN_MODEL, buf, &size); - if (ret < 0) { - fprintf(stderr, "Error in %s:%d: %s\n", __func__, __LINE__, gnutls_strerror(ret)); - exit(1); - } - - fprintf(outfile, "\tModel: %s\n", buf); + gnutls_x509_crt_get_key_usage(xcrt, &key_usage, NULL); + } - size = sizeof(buf); - ret = gnutls_pkcs11_token_get_info(url, GNUTLS_PKCS11_TOKEN_SERIAL, buf, &size); + xkey = load_private_key(0); + if (xkey != NULL) { + ret = gnutls_pkcs11_copy_x509_privkey(url, xkey, label, key_usage); if (ret < 0) { fprintf(stderr, "Error in %s:%d: %s\n", __func__, __LINE__, gnutls_strerror(ret)); exit(1); } - - fprintf(outfile, "\tSerial: %s\n", buf); - fprintf(outfile, "\n\n"); - - gnutls_free(url); - } - return; - if (xkey == NULL && xcrt == NULL) { fprintf(stderr, "You must use --load-privkey or --load-certificate to load the file to be copied\n"); exit (1); |