summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@redhat.com>2014-02-13 09:39:57 +0100
committerNikos Mavrogiannopoulos <nmav@redhat.com>2014-02-13 09:45:22 +0100
commitc201a62da6ec6a862f74ced2d967feddc12cef9c (patch)
treea120bcc602f63dd705b5c0703aefc3d8df5178aa
parentb404b039fa299d5465ec687205034ad2f33d7af2 (diff)
downloadgnutls-c201a62da6ec6a862f74ced2d967feddc12cef9c.tar.gz
Added flag GNUTLS_PKCS11_TOKEN_TRUSTED for gnutls_pkcs11_token_get_flags().
Diffstat
-rw-r--r--lib/includes/gnutls/pkcs11.h1
-rw-r--r--lib/pkcs11.c12
2 files changed, 11 insertions, 2 deletions
diff --git a/lib/includes/gnutls/pkcs11.h b/lib/includes/gnutls/pkcs11.h
index 86f391144b..26b86f2b1c 100644
--- a/lib/includes/gnutls/pkcs11.h
+++ b/lib/includes/gnutls/pkcs11.h
@@ -273,6 +273,7 @@ int gnutls_pkcs11_token_get_info(const char *url,
void *output, size_t * output_size);
#define GNUTLS_PKCS11_TOKEN_HW 1
+#define GNUTLS_PKCS11_TOKEN_TRUSTED (1<<1) /* p11-kit trusted */
int gnutls_pkcs11_token_get_flags(const char *url, unsigned int *flags);
int gnutls_pkcs11_obj_list_import_url(gnutls_pkcs11_obj_t * p_list,
diff --git a/lib/pkcs11.c b/lib/pkcs11.c
index fa8fb5e9c0..6163dfcf89 100644
--- a/lib/pkcs11.c
+++ b/lib/pkcs11.c
@@ -53,6 +53,7 @@ struct gnutls_pkcs11_provider_s {
struct find_flags_data_st {
struct p11_kit_uri *info;
unsigned int slot_flags;
+ unsigned int trusted;
};
struct find_url_data_st {
@@ -2796,7 +2797,10 @@ find_flags(struct pkcs11_session_info *sinfo,
}
/* found token! */
-
+ if (p11_kit_module_get_flags(sinfo->module) & P11_KIT_MODULE_TRUSTED)
+ find_data->trusted = 1;
+ else
+ find_data->trusted = 0;
find_data->slot_flags = info->sinfo.flags;
return 0;
@@ -2808,7 +2812,8 @@ find_flags(struct pkcs11_session_info *sinfo,
* @flags: The output flags (GNUTLS_PKCS11_TOKEN_*)
*
* This function will return information about the PKCS 11 token flags.
- * The flags from the %gnutls_pkcs11_token_info_t enumeration.
+ *
+ * The supported flags are: %GNUTLS_PKCS11_TOKEN_HW and %GNUTLS_PKCS11_TOKEN_TRUSTED.
*
* Returns: %GNUTLS_E_SUCCESS (0) on success or a negative error code on error.
*
@@ -2840,6 +2845,9 @@ int gnutls_pkcs11_token_get_flags(const char *url, unsigned int *flags)
if (find_data.slot_flags & CKF_HW_SLOT)
*flags |= GNUTLS_PKCS11_TOKEN_HW;
+ if (find_data.trusted != 0)
+ *flags |= GNUTLS_PKCS11_TOKEN_TRUSTED;
+
return 0;
}
View Lorry Controller Status