summaryrefslogtreecommitdiff
path: root/src/pkcs11.c
Commit message (Collapse)AuthorAgeFilesLines
* Fixed signed/unsigned warnings.Nikos Mavrogiannopoulos2012-01-211-2/+2
| | | | Dropped opaque type (replaced with uint8_t)
* Run 'make update-copyright'.Simon Josefsson2012-01-161-1/+1
|
* extra.h is no more.Nikos Mavrogiannopoulos2011-10-201-1/+0
|
* Added support to read elliptic curve public keys from PKCS #11 tokens ↵Nikos Mavrogiannopoulos2011-09-061-0/+7
| | | | (untested).
* Added gnutls_pkcs11_privkey_generate().Nikos Mavrogiannopoulos2011-09-061-0/+33
| | | | p11tool can be used to generate keys in tokens.
* Added new PKCS #11 flags to force an object being private or not.Nikos Mavrogiannopoulos2011-06-181-1/+7
| | | | | Those are GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE and GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE. p11tool supports now the --no-private and --private options.
* removed unneeded test.Nikos Mavrogiannopoulos2011-06-161-6/+1
|
* Use common code for PKCS #11 callbacks across clients.Nikos Mavrogiannopoulos2011-06-161-63/+3
| | | | Require SO login to write a trusted object.
* When setting the TRUSTED flag login as security officer.Nikos Mavrogiannopoulos2011-06-151-1/+6
|
* Fix up compiler warnings.Stef Walter2011-06-091-4/+0
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* certtool can now load private keys and public keys from PKCS #11 tokens (via ↵Nikos Mavrogiannopoulos2011-05-071-1/+1
| | | | URLs).
* Use getpass.h (from gnulib). Patch by LRN.Nikos Mavrogiannopoulos2011-04-101-0/+2
|
* check PIN size.Nikos Mavrogiannopoulos2011-04-071-4/+13
|
* Corrected types.Nikos Mavrogiannopoulos2011-03-121-1/+1
|
* Indented code. Use same indentation but with -nut to avoid usage of tabs. In ↵Nikos Mavrogiannopoulos2010-12-161-195/+195
| | | | several editors tabs can be configured not to be 8 spaces and this produces artifacts with the current indentation that is a mixture of tabs and spaces.
* Indent code.Simon Josefsson2010-12-061-39/+43
|
* Prefix mechanism number with 0x.Nikos Mavrogiannopoulos2010-11-301-1/+1
|
* Added camellia and SHA224.Nikos Mavrogiannopoulos2010-11-301-1/+15
|
* Added --list-mechanisms option to p11tool. Lists all mechanisms supported byNikos Mavrogiannopoulos2010-11-111-0/+229
| | | | a token.
* Corrected bug in secret key copy. Rationalized the --help of p11tool.Nikos Mavrogiannopoulos2010-11-111-1/+1
|
* Added gnutls_pkcs11_token_set_pin() and gnutls_pkcs11_token_init() to enableNikos Mavrogiannopoulos2010-11-071-1/+10
| | | | manipulating tokens purely from PKCS #11.
* Introduced p11tool to separate PKCS #11 functionality from certtool.Nikos Mavrogiannopoulos2010-11-071-12/+66
|
* Indent (using GNU indent 2.2.11).Simon Josefsson2010-10-141-362/+472
|
* Fix some syntax-check errors.Simon Josefsson2010-10-011-1/+1
|
* Added 3 levels of details in PKCS #11 URLs.Nikos Mavrogiannopoulos2010-09-101-1/+1
| | | | | | 1st level: Token level. Object is unique up to token. 2nd level: Object is unique up to token and module used to access it. 3rd level: Object is unique up to token and module and version of module used to access it.
* PKCS#11 URL support updated to conform to draft-pechanec-pkcs11uri-02.Nikos Mavrogiannopoulos2010-09-081-5/+5
| | | | | Now in the URL the pkcs11 provider library (module) can be specified thus restricting objects within a single provider.
* Show which option is the default for command line tools.Brad Hards2010-08-291-1/+1
| | | | | | | We use "y/N" is most places - this just adapts two places that use "Y/N" to match the behavior of read_yesno(). Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* PIN callback supplies the token URL. The callback function in common.cNikos Mavrogiannopoulos2010-07-021-6/+41
| | | | will cache PIN if requested for second time.
* When copying a private key the sensitive flag can be set or not. This allowsNikos Mavrogiannopoulos2010-06-281-1/+1
| | | | copying private keys that can be exported.
* Combined object flags. No implicit login any more. Login has to be specified ↵Nikos Mavrogiannopoulos2010-06-281-5/+13
| | | | | | with a flag on every call that could use it.
* Allow flags when importing objects from PKCS11 URLs. The only flag supportedNikos Mavrogiannopoulos2010-06-281-15/+24
| | | | | now is the PKCS11_OBJ_FLAG_LOGIN, which forces login before accessing object on a token. The reason is that some tokens do not allow access of any data without login.
* Allow listing of private keys only. Certtool has now the ↵Nikos Mavrogiannopoulos2010-06-181-1/+3
| | | | --pkcs11-list-privkeya option.
* Several fixes after big rebase.Nikos Mavrogiannopoulos2010-06-031-154/+10
|
* Added support to copy certificates and private keys to tokens.Nikos Mavrogiannopoulos2010-06-031-1/+36
| | | | | | | | | | | New functions: gnutls_pkcs11_copy_x509_crt() gnutls_pkcs11_copy_x509_privkey() gnutls_pkcs11_delete_url() Certtool was updated to allow copying certificates and private keys to tokens. Deleting an object has issues (segfault) but it seems to be related with libopensc and its pkcs11 API.
* Added gnutls_pubkey_import_pkcs11(), gnutls_pubkey_import_rsa_raw(),Nikos Mavrogiannopoulos2010-06-031-19/+69
| | | | gnutls_pubkey_import_dsa_raw(), gnutls_pkcs11_obj_export().
* Added gnutls_pubkey_t abstract type to handle public keys. It can currentlyNikos Mavrogiannopoulos2010-06-031-3/+3
| | | | | | | | | import/export public keys from existing certificate types as well as from PKCS #11 URL. This allows generating a certificate or certificate request from a given public key (currently one could only generate them from a given private key). PKCS#11 API augmented to allow reading arbitrary objects instead of just certificates. Certtool updated to list those objects.
* Added several helper functions, to allow printing of tokens.Nikos Mavrogiannopoulos2010-06-031-1/+78
|
* Added ability to export certificates from PKCS #11 tokens.Nikos Mavrogiannopoulos2010-06-031-0/+46
| | | | | Added ability to list trusted certificates, or only certificates with a corresponding private key or just all.
* Added initial PKCS #11 support. Certtool can now print lists of certificatesNikos Mavrogiannopoulos2010-06-031-2/+0
| | | | available in system.
* Added gnutls_pubkey_import_pkcs11(), gnutls_pubkey_import_rsa_raw(),Nikos Mavrogiannopoulos2010-06-031-19/+71
| | | | gnutls_pubkey_import_dsa_raw(), gnutls_pkcs11_obj_export().
* Added gnutls_pubkey_t abstract type to handle public keys. It can currentlyNikos Mavrogiannopoulos2010-06-031-30/+48
| | | | | | | | | import/export public keys from existing certificate types as well as from PKCS #11 URL. This allows generating a certificate or certificate request from a given public key (currently one could only generate them from a given private key). PKCS#11 API augmented to allow reading arbitrary objects instead of just certificates. Certtool updated to list those objects.
* Added gnutls_pkcs11_privkey_t and gnutls_privkey_t types. Those areNikos Mavrogiannopoulos2010-06-031-1/+5
| | | | | an abstract private key type that can be used to sign/encrypt any private key of pkcs11,x509 or openpgp types. Added support for PKCS11 in gnutls-cli/gnutls-serv.
* Added several helper functions, to allow printing of tokens.Nikos Mavrogiannopoulos2010-06-031-6/+138
|
* Added ability to export certificates from PKCS #11 tokens.Nikos Mavrogiannopoulos2010-06-031-4/+94
| | | | | Added ability to list trusted certificates, or only certificates with a corresponding private key or just all.
* Added initial PKCS #11 support. Certtool can now print lists of certificatesNikos Mavrogiannopoulos2010-06-031-0/+50
available in system.
View Lorry Controller Status