diff options
Diffstat (limited to 'lib/x509/privkey.c')
| -rw-r--r-- | lib/x509/privkey.c | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c index b777caa656..51981eeb9b 100644 --- a/lib/x509/privkey.c +++ b/lib/x509/privkey.c @@ -559,6 +559,70 @@ failover: } /** + * gnutls_x509_privkey_import2: + * @key: The structure to store the parsed key + * @data: The DER or PEM encoded certificate. + * @format: One of DER or PEM + * @password: A password (optional) + * + * This function will import the given DER or PEM encoded key, to + * the native #gnutls_x509_privkey_t format, irrespective of the + * input format. The input format is auto-detected. + * + * The supported formats are typical X.509, PKCS #8 and the openssl + * format. + * + * If the provided key is encrypted but no password was given, then + * %GNUTLS_E_DECRYPTION_FAILED is returned. + * + * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a + * negative error value. + **/ +int +gnutls_x509_privkey_import2 (gnutls_x509_privkey_t key, + const gnutls_datum_t * data, + gnutls_x509_crt_fmt_t format, + const char* password) +{ + int ret = 0; + + if (password == NULL) + { + ret = gnutls_x509_privkey_import(key, data, format); + if (ret < 0) + { + gnutls_assert(); + } + } + + if (password != NULL || ret < 0) + { + ret = gnutls_x509_privkey_import_pkcs8(key, data, format, password, 0); + if (ret < 0) + { + if (format == GNUTLS_X509_FMT_PEM) + { + int err; + err = gnutls_x509_privkey_import_openssl(key, data, format, password); + if (err < 0) + { + if (err == GNUTLS_E_DECRYPTION_FAILED) ret = err; + gnutls_assert(); + goto cleanup; + } + } + } + + } + + ret = 0; + +cleanup: + return ret; +} + + +/** * gnutls_x509_privkey_import_rsa_raw: * @key: The structure to store the parsed key * @m: holds the modulus |