/** * gnutls_privkey_export_pkcs11: * @pkey: The private key * @key: Location for the key to be exported. * * Converts the given abstract private key to a #gnutls_pkcs11_privkey_t * type. The key must be of type %GNUTLS_PRIVKEY_PKCS11. The key * returned in @key must be deinitialized with * gnutls_pkcs11_privkey_deinit(). * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a * negative error value. * * Since: 3.4.0 */ int gnutls_privkey_export_pkcs11(gnutls_privkey_t pkey, gnutls_pkcs11_privkey_t *key) { int ret; if (pkey->type != GNUTLS_PRIVKEY_PKCS11) { gnutls_assert(); return GNUTLS_E_INVALID_REQUEST; } ret = gnutls_pkcs11_privkey_init(key); if (ret < 0) return gnutls_assert_val(ret); ret = gnutls_pkcs11_privkey_cpy(*key, pkey->key.pkcs11); if (ret < 0) { gnutls_pkcs11_privkey_deinit(*key); *key = NULL; return gnutls_assert_val(ret); } return 0; }
/** * gnutls_privkey_deinit: * @key: The key to be deinitialized * * This function will deinitialize a private key structure. * * Since: 2.12.0 **/ void gnutls_privkey_deinit(gnutls_privkey_t key) { if (key == NULL) return; if (key->flags & GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE || key->flags & GNUTLS_PRIVKEY_IMPORT_COPY) switch (key->type) { #ifdef ENABLE_OPENPGP case GNUTLS_PRIVKEY_OPENPGP: gnutls_openpgp_privkey_deinit(key->key.openpgp); break; #endif #ifdef ENABLE_PKCS11 case GNUTLS_PRIVKEY_PKCS11: gnutls_pkcs11_privkey_deinit(key->key.pkcs11); break; #endif case GNUTLS_PRIVKEY_X509: gnutls_x509_privkey_deinit(key->key.x509); break; case GNUTLS_PRIVKEY_EXT: if (key->key.ext.deinit_func != NULL) key->key.ext.deinit_func(key, key->key.ext.userdata); break; default: break; } gnutls_free(key); }
void pkcs11_export_pubkey(FILE * outfile, const char *url, int detailed, unsigned int flags, common_info_st * info) { int ret; gnutls_datum_t pubkey; gnutls_pkcs11_privkey_t pkey; pkcs11_common(info); FIX(url, outfile, detailed, info); CHECK_LOGIN_FLAG(flags); if (outfile == stderr || outfile == stdout) { fprintf(stderr, "warning: no --outfile was specified and the public key will be printed on screen.\n"); sleep(3); } ret = gnutls_pkcs11_privkey_init(&pkey); if (ret < 0) { fprintf(stderr, "Error in %s:%d: %s\n", __func__, __LINE__, gnutls_strerror(ret)); exit(1); } ret = gnutls_pkcs11_privkey_import_url(pkey, url, 0); if (ret < 0) { fprintf(stderr, "Error in %s:%d: %s\n", __func__, __LINE__, gnutls_strerror(ret)); exit(1); } ret = gnutls_pkcs11_privkey_export_pubkey(pkey, GNUTLS_X509_FMT_PEM, &pubkey, flags); if (ret < 0) { fprintf(stderr, "Error in %s:%d: %s\n", __func__, __LINE__, gnutls_strerror(ret)); exit(1); } gnutls_pkcs11_privkey_deinit(pkey); fwrite(pubkey.data, 1, pubkey.size, outfile); gnutls_free(pubkey.data); UNFIX; return; }
/** * gnutls_privkey_deinit: * @key: The structure to be deinitialized * * This function will deinitialize a private key structure. **/ void gnutls_privkey_deinit (gnutls_privkey_t key) { if (key->flags & GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE) switch (key->type) { #ifdef ENABLE_OPENPGP case GNUTLS_PRIVKEY_OPENPGP: return gnutls_openpgp_privkey_deinit (key->key.openpgp); #endif case GNUTLS_PRIVKEY_PKCS11: return gnutls_pkcs11_privkey_deinit (key->key.pkcs11); case GNUTLS_PRIVKEY_X509: return gnutls_x509_privkey_deinit (key->key.x509); } gnutls_free (key); }
static int _gnutls_privkey_import_pkcs11_url(gnutls_privkey_t key, const char *url, unsigned flags) { gnutls_pkcs11_privkey_t pkey; int ret; ret = gnutls_pkcs11_privkey_init(&pkey); if (ret < 0) { gnutls_assert(); return ret; } if (key->pin.cb) gnutls_pkcs11_privkey_set_pin_function(pkey, key->pin.cb, key->pin.data); ret = gnutls_pkcs11_privkey_import_url(pkey, url, flags); if (ret < 0) { gnutls_assert(); goto cleanup; } ret = gnutls_privkey_import_pkcs11(key, pkey, GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE); if (ret < 0) { gnutls_assert(); goto cleanup; } return 0; cleanup: gnutls_pkcs11_privkey_deinit(pkey); return ret; }