/** * gnutls_privkey_export_x509: * @pkey: The private key * @key: Location for the key to be exported. * * Converts the given abstract private key to a #gnutls_x509_privkey_t * type. The key must be of type %GNUTLS_PRIVKEY_X509. The key returned * in @key must be deinitialized with gnutls_x509_privkey_deinit(). * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a * negative error value. * * Since: 3.4.0 */ int gnutls_privkey_export_x509(gnutls_privkey_t pkey, gnutls_x509_privkey_t *key) { int ret; if (pkey->type != GNUTLS_PRIVKEY_X509) { gnutls_assert(); return GNUTLS_E_INVALID_REQUEST; } ret = gnutls_x509_privkey_init(key); if (ret < 0) return gnutls_assert_val(ret); ret = gnutls_x509_privkey_cpy(*key, pkey->key.x509); if (ret < 0) { gnutls_x509_privkey_deinit(*key); *key = NULL; return gnutls_assert_val(ret); } return 0; }
/** * gnutls_privkey_import_x509: * @pkey: The private key * @key: The private key to be imported * @flags: Flags for the import * * This function will import the given private key to the abstract * #gnutls_privkey_t type. * * The #gnutls_x509_privkey_t object must not be deallocated * during the lifetime of this structure. * * @flags might be zero or one of %GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE * and %GNUTLS_PRIVKEY_IMPORT_COPY. * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a * negative error value. * * Since: 2.12.0 **/ int gnutls_privkey_import_x509(gnutls_privkey_t pkey, gnutls_x509_privkey_t key, unsigned int flags) { int ret; ret = check_if_clean(pkey); if (ret < 0) { gnutls_assert(); return ret; } if (flags & GNUTLS_PRIVKEY_IMPORT_COPY) { ret = gnutls_x509_privkey_init(&pkey->key.x509); if (ret < 0) return gnutls_assert_val(ret); ret = gnutls_x509_privkey_cpy(pkey->key.x509, key); if (ret < 0) { gnutls_x509_privkey_deinit(pkey->key.x509); return gnutls_assert_val(ret); } } else pkey->key.x509 = key; pkey->type = GNUTLS_PRIVKEY_X509; pkey->pk_algorithm = gnutls_x509_privkey_get_pk_algorithm(key); pkey->flags = flags; return 0; }
/* Duplicate a client certificate, which must be in the decrypted state. */ static ne_ssl_client_cert *dup_client_cert(const ne_ssl_client_cert *cc) { int ret; ne_ssl_client_cert *newcc = ne_calloc(sizeof *newcc); newcc->decrypted = 1; if (cc->keyless) { newcc->keyless = 1; } else { ret = gnutls_x509_privkey_init(&newcc->pkey); if (ret != 0) goto dup_error; ret = gnutls_x509_privkey_cpy(newcc->pkey, cc->pkey); if (ret != 0) goto dup_error; } newcc->cert.subject = x509_crt_copy(cc->cert.subject); if (!newcc->cert.subject) goto dup_error; if (cc->friendly_name) newcc->friendly_name = ne_strdup(cc->friendly_name); populate_cert(&newcc->cert, newcc->cert.subject); return newcc; dup_error: if (newcc->pkey) gnutls_x509_privkey_deinit(newcc->pkey); if (newcc->cert.subject) gnutls_x509_crt_deinit(newcc->cert.subject); ne_free(newcc); return NULL; }
static int import_pkcs12_privkey (gnutls_x509_privkey_t key, const gnutls_datum_t * data, gnutls_x509_crt_fmt_t format, const char* password, unsigned int flags) { int ret; gnutls_pkcs12_t p12; gnutls_x509_privkey_t newkey; ret = gnutls_pkcs12_init(&p12); if (ret < 0) return gnutls_assert_val(ret); ret = gnutls_pkcs12_import(p12, data, format, flags); if (ret < 0) { gnutls_assert(); goto fail; } ret = gnutls_pkcs12_simple_parse (p12, password, &newkey, NULL, NULL, NULL, NULL, NULL, 0); if (ret < 0) { gnutls_assert(); goto fail; } ret = gnutls_x509_privkey_cpy (key, newkey); gnutls_x509_privkey_deinit (newkey); if (ret < 0) { gnutls_assert(); goto fail; } ret = 0; fail: gnutls_pkcs12_deinit(p12); return ret; }
/** * gnutls_rsa_params_cpy - This function will copy an RSA parameters structure * @dst: Is the destination structure, which should be initialized. * @src: Is the source structure * * This function will copy the RSA parameters structure from source * to destination. * **/ int gnutls_rsa_params_cpy (gnutls_rsa_params_t dst, gnutls_rsa_params_t src) { return gnutls_x509_privkey_cpy (dst, src); }