/**
* gnutls_privkey_import_x509:
* @pkey: The private key
* @key: The private key to be imported
* @flags: Flags for the import
*
* This function will import the given private key to the abstract
* #gnutls_privkey_t type.
*
* The #gnutls_x509_privkey_t object must not be deallocated
* during the lifetime of this structure.
*
* @flags might be zero or one of %GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE
* and %GNUTLS_PRIVKEY_IMPORT_COPY.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
* negative error value.
*
* Since: 2.12.0
**/
int
gnutls_privkey_import_x509(gnutls_privkey_t pkey,
gnutls_x509_privkey_t key, unsigned int flags)
{
int ret;
ret = check_if_clean(pkey);
if (ret < 0) {
gnutls_assert();
return ret;
}
if (flags & GNUTLS_PRIVKEY_IMPORT_COPY) {
ret = gnutls_x509_privkey_init(&pkey->key.x509);
if (ret < 0)
return gnutls_assert_val(ret);
ret = gnutls_x509_privkey_cpy(pkey->key.x509, key);
if (ret < 0) {
gnutls_x509_privkey_deinit(pkey->key.x509);
return gnutls_assert_val(ret);
}
} else
pkey->key.x509 = key;
pkey->type = GNUTLS_PRIVKEY_X509;
pkey->pk_algorithm = gnutls_x509_privkey_get_pk_algorithm(key);
pkey->flags = flags;
return 0;
}
/**
* gnutls_privkey_import_pkcs11:
* @pkey: The private key
* @key: The private key to be imported
* @flags: Flags for the import
*
* This function will import the given private key to the abstract
* #gnutls_privkey_t type.
*
* The #gnutls_pkcs11_privkey_t object must not be deallocated
* during the lifetime of this structure.
*
* @flags might be zero or one of %GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE
* and %GNUTLS_PRIVKEY_IMPORT_COPY.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
* negative error value.
*
* Since: 2.12.0
**/
int
gnutls_privkey_import_pkcs11(gnutls_privkey_t pkey,
gnutls_pkcs11_privkey_t key, unsigned int flags)
{
int ret;
ret = check_if_clean(pkey);
if (ret < 0) {
gnutls_assert();
return ret;
}
if (flags & GNUTLS_PRIVKEY_IMPORT_COPY)
return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
pkey->key.pkcs11 = key;
pkey->type = GNUTLS_PRIVKEY_PKCS11;
pkey->pk_algorithm = gnutls_pkcs11_privkey_get_pk_algorithm(key, NULL);
pkey->flags = flags;
if (pkey->pin.data)
gnutls_pkcs11_privkey_set_pin_function(key, pkey->pin.cb,
pkey->pin.data);
return 0;
}
/**
* gnutls_privkey_import_ext2:
* @pkey: The private key
* @pk: The public key algorithm
* @userdata: private data to be provided to the callbacks
* @sign_fn: callback for signature operations
* @decrypt_fn: callback for decryption operations
* @deinit_fn: a deinitialization function
* @flags: Flags for the import
*
* This function will associate the given callbacks with the
* #gnutls_privkey_t type. At least one of the two callbacks
* must be non-null. If a deinitialization function is provided
* then flags is assumed to contain %GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE.
*
* Note that the signing function is supposed to "raw" sign data, i.e.,
* without any hashing or preprocessing. In case of RSA the DigestInfo
* will be provided, and the signing function is expected to do the PKCS #1
* 1.5 padding and the exponentiation.
*
* See also gnutls_privkey_import_ext3().
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
* negative error value.
*
* Since: 3.1
**/
int
gnutls_privkey_import_ext2(gnutls_privkey_t pkey,
gnutls_pk_algorithm_t pk,
void *userdata,
gnutls_privkey_sign_func sign_fn,
gnutls_privkey_decrypt_func decrypt_fn,
gnutls_privkey_deinit_func deinit_fn,
unsigned int flags)
{
int ret;
ret = check_if_clean(pkey);
if (ret < 0) {
gnutls_assert();
return ret;
}
if (sign_fn == NULL && decrypt_fn == NULL)
return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
pkey->key.ext.sign_func = sign_fn;
pkey->key.ext.decrypt_func = decrypt_fn;
pkey->key.ext.deinit_func = deinit_fn;
pkey->key.ext.userdata = userdata;
pkey->type = GNUTLS_PRIVKEY_EXT;
pkey->pk_algorithm = pk;
pkey->flags = flags;
/* Ensure gnutls_privkey_deinit() calls the deinit_func */
if (deinit_fn)
pkey->flags |= GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE;
return 0;
}
/**
* gnutls_privkey_import_openpgp:
* @pkey: The private key
* @key: The private key to be imported
* @flags: Flags for the import
*
* This function will import the given private key to the abstract
* #gnutls_privkey_t structure.
*
* The #gnutls_openpgp_privkey_t object must not be deallocated
* during the lifetime of this structure. The subkey set as
* preferred will be used, or the master key otherwise.
*
* @flags might be zero or one of %GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE
* and %GNUTLS_PRIVKEY_IMPORT_COPY.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
* negative error value.
*
* Since: 2.12.0
**/
int
gnutls_privkey_import_openpgp(gnutls_privkey_t pkey,
gnutls_openpgp_privkey_t key,
unsigned int flags)
{
int ret, idx;
uint8_t keyid[GNUTLS_OPENPGP_KEYID_SIZE];
ret = check_if_clean(pkey);
if (ret < 0) {
gnutls_assert();
return ret;
}
if (flags & GNUTLS_PRIVKEY_IMPORT_COPY) {
ret = gnutls_openpgp_privkey_init(&pkey->key.openpgp);
if (ret < 0)
return gnutls_assert_val(ret);
ret = _gnutls_openpgp_privkey_cpy(pkey->key.openpgp, key);
if (ret < 0) {
gnutls_openpgp_privkey_deinit(pkey->key.openpgp);
return gnutls_assert_val(ret);
}
} else
pkey->key.openpgp = key;
pkey->type = GNUTLS_PRIVKEY_OPENPGP;
ret = gnutls_openpgp_privkey_get_preferred_key_id(key, keyid);
if (ret == GNUTLS_E_OPENPGP_PREFERRED_KEY_ERROR) {
pkey->pk_algorithm =
gnutls_openpgp_privkey_get_pk_algorithm(key, NULL);
} else {
if (ret < 0)
return gnutls_assert_val(ret);
idx = gnutls_openpgp_privkey_get_subkey_idx(key, keyid);
pkey->pk_algorithm =
gnutls_openpgp_privkey_get_subkey_pk_algorithm(key,
idx,
NULL);
}
pkey->flags = flags;
return 0;
}
