diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-07-20 22:06:24 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-07-20 22:06:24 +0200 |
commit | fc15e91b7bb8cfa4d1744e40a7712d4c457b9a80 (patch) | |
tree | 8732553ff23295abdb4cd8818a90209899895a66 /lib | |
parent | a46604ec6c3932c413d631fd2e847892bbfdb0e1 (diff) | |
download | gnutls-fc15e91b7bb8cfa4d1744e40a7712d4c457b9a80.tar.gz |
PKCS #11 PIN handling fixes.
Added gnutls_x509_crt_set_pin_function() and set the PIN
handling function in gnutls_privkey_import_pkcs11_url().
Diffstat (limited to 'lib')
-rw-r--r-- | lib/gnutls_privkey.c | 3 | ||||
-rw-r--r-- | lib/includes/gnutls/x509.h | 3 | ||||
-rw-r--r-- | lib/libgnutls.map | 1 | ||||
-rw-r--r-- | lib/pkcs11.c | 4 | ||||
-rw-r--r-- | lib/x509/x509.c | 23 | ||||
-rw-r--r-- | lib/x509/x509_int.h | 2 |
6 files changed, 35 insertions, 1 deletions
diff --git a/lib/gnutls_privkey.c b/lib/gnutls_privkey.c index 92809b637e..816e941a7d 100644 --- a/lib/gnutls_privkey.c +++ b/lib/gnutls_privkey.c @@ -375,6 +375,9 @@ gnutls_privkey_import_pkcs11_url (gnutls_privkey_t key, const char *url) gnutls_assert (); return ret; } + + if (key->pin.cb) + gnutls_pkcs11_privkey_set_pin_function(pkey, key->pin.cb, key->pin.data); ret = gnutls_pkcs11_privkey_import_url (pkey, url, 0); if (ret < 0) diff --git a/lib/includes/gnutls/x509.h b/lib/includes/gnutls/x509.h index 5923aca72a..0ec4f218ca 100644 --- a/lib/includes/gnutls/x509.h +++ b/lib/includes/gnutls/x509.h @@ -181,6 +181,9 @@ extern "C" int gnutls_x509_crt_get_issuer_unique_id (gnutls_x509_crt_t crt, char *buf, size_t * buf_size); + void gnutls_x509_crt_set_pin_function (gnutls_x509_crt_t crt, + gnutls_pin_callback_t fn, void *userdata); + /** * gnutls_info_access_what_t: * @GNUTLS_IA_ACCESSMETHOD_OID: Get accessMethod OID. diff --git a/lib/libgnutls.map b/lib/libgnutls.map index 2bfc2f60e0..19f63c3ce8 100644 --- a/lib/libgnutls.map +++ b/lib/libgnutls.map @@ -824,6 +824,7 @@ GNUTLS_3_1_0 { gnutls_pkcs11_obj_set_pin_function; gnutls_pkcs11_privkey_set_pin_function; gnutls_certificate_set_pin_function; + gnutls_x509_crt_set_pin_function; } GNUTLS_3_0_0; GNUTLS_PRIVATE { diff --git a/lib/pkcs11.c b/lib/pkcs11.c index a5a9c92b2a..32f6a8ae1b 100644 --- a/lib/pkcs11.c +++ b/lib/pkcs11.c @@ -2705,6 +2705,9 @@ gnutls_x509_crt_import_pkcs11_url (gnutls_x509_crt_t crt, gnutls_assert (); return ret; } + + if (crt->pin.cb) + gnutls_pkcs11_obj_set_pin_function (pcrt, crt->pin.cb, crt->pin.data); ret = gnutls_pkcs11_obj_import_url (pcrt, url, flags); if (ret < 0) @@ -2728,7 +2731,6 @@ cleanup: return ret; } - /** * gnutls_x509_crt_import_pkcs11: * @crt: A certificate of type #gnutls_x509_crt_t diff --git a/lib/x509/x509.c b/lib/x509/x509.c index ab8bac0bce..1158b4bd68 100644 --- a/lib/x509/x509.c +++ b/lib/x509/x509.c @@ -3692,3 +3692,26 @@ gnutls_x509_crt_get_authority_info_access (gnutls_x509_crt_t crt, return ret; } + +/** + * gnutls_x509_crt_set_pin_function: + * @crt: The certificate structure + * @fn: the callback + * @userdata: data associated with the callback + * + * This function will set a callback function to be used when + * it is required to access a protected object. This function overrides + * the global function set using gnutls_pkcs11_set_pin_function(). + * + * Note that this callback is currently used only during the import + * of a PKCS #11 certificate with gnutls_x509_crt_import_pkcs11_url(). + * + * Since: 3.1.0 + * + **/ +void gnutls_x509_crt_set_pin_function (gnutls_x509_crt_t crt, + gnutls_pin_callback_t fn, void *userdata) +{ + crt->pin.cb = fn; + crt->pin.data = userdata; +} diff --git a/lib/x509/x509_int.h b/lib/x509/x509_int.h index 3cc18e4bb0..c83edb0fb1 100644 --- a/lib/x509/x509_int.h +++ b/lib/x509/x509_int.h @@ -58,6 +58,8 @@ typedef struct gnutls_x509_crt_int { ASN1_TYPE cert; int use_extensions; + + struct pin_info_st pin; } gnutls_x509_crt_int; typedef struct gnutls_x509_crq_int |