/** * gnutls_pubkey_import_tpm_url: * @pkey: The public key * @url: The URL of the TPM key to be imported * @srk_password: The password for the SRK key (optional) * @flags: should be zero * * This function will import the given private key to the abstract * #gnutls_privkey_t type. * * Note that unless %GNUTLS_PUBKEY_DISABLE_CALLBACKS * is specified, if incorrect (or NULL) passwords are given * the PKCS11 callback functions will be used to obtain the * correct passwords. Otherwise if the SRK password is wrong * %GNUTLS_E_TPM_SRK_PASSWORD_ERROR is returned. * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a * negative error value. * * Since: 3.1.0 * **/ int gnutls_pubkey_import_tpm_url(gnutls_pubkey_t pkey, const char *url, const char *srk_password, unsigned int flags) { struct tpmkey_url_st durl; gnutls_datum_t fdata = { NULL, 0 }; int ret; CHECK_INIT; ret = decode_tpmkey_url(url, &durl); if (ret < 0) return gnutls_assert_val(ret); if (durl.filename) { ret = gnutls_load_file(durl.filename, &fdata); if (ret < 0) { gnutls_assert(); goto cleanup; } ret = gnutls_pubkey_import_tpm_raw(pkey, &fdata, GNUTLS_TPMKEY_FMT_CTK_PEM, srk_password, flags); if (ret == GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR) ret = gnutls_pubkey_import_tpm_raw(pkey, &fdata, GNUTLS_TPMKEY_FMT_RAW, srk_password, flags); if (ret < 0) { gnutls_assert(); goto cleanup; } } else if (durl.uuid_set) { if (flags & GNUTLS_PUBKEY_DISABLE_CALLBACKS) ret = import_tpm_pubkey(pkey, NULL, 0, &durl.uuid, durl.storage, srk_password); else ret = import_tpm_pubkey_cb(pkey, NULL, 0, &durl.uuid, durl.storage, srk_password); if (ret < 0) { gnutls_assert(); goto cleanup; } } ret = 0; cleanup: gnutls_free(fdata.data); clear_tpmkey_url(&durl); return ret; }
/** * gnutls_pubkey_import_tpm_raw: * @pkey: The public key * @fdata: The TPM key to be imported * @format: The format of the private key * @srk_password: The password for the SRK key (optional) * @flags: One of the GNUTLS_PUBKEY_* flags * * This function will import the public key from the provided TPM key * structure. * * With respect to passwords the same as in * gnutls_pubkey_import_tpm_url() apply. * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a * negative error value. * * Since: 3.1.0 **/ int gnutls_pubkey_import_tpm_raw(gnutls_pubkey_t pkey, const gnutls_datum_t * fdata, gnutls_tpmkey_fmt_t format, const char *srk_password, unsigned int flags) { if (flags & GNUTLS_PUBKEY_DISABLE_CALLBACKS) return import_tpm_pubkey_cb(pkey, fdata, format, NULL, 0, srk_password); else return import_tpm_pubkey(pkey, fdata, format, NULL, 0, srk_password); }