diff options
| author | Stef Walter <stefw@collabora.co.uk> | 2011-06-07 20:20:17 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2011-06-07 20:21:13 +0200 |
| commit | 18cb0a89d3eb08847fc3ecc8cd9438bb88c7b4fa (patch) | |
| tree | 1c5362536fc4df64222c6b837d9e1bae5d958456 /src/certtool-common.c | |
| parent | 91b0db8967863694dee39d9722895e153ca8d580 (diff) | |
| download | gnutls-18cb0a89d3eb08847fc3ecc8cd9438bb88c7b4fa.tar.gz | |
The attached patch ports gnutls to p11-kit.
p11-kit is added as a dependency. p11-kit itself has no dependencies outside of basic libc stuff. The source code for p11-kit is available both in git and tarball form. [3]
If the gnutls dependency on p11-kit is disabled (via a configure option) then the PKCS#11 support is disabled. This is useful in bare bones embedded systems or places where very minimal dependencies are limited.
Diffstat (limited to 'src/certtool-common.c')
| -rw-r--r-- | src/certtool-common.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/certtool-common.c b/src/certtool-common.c index 91fbbeb314..1482d34b68 100644 --- a/src/certtool-common.c +++ b/src/certtool-common.c @@ -146,6 +146,8 @@ gnutls_x509_privkey_t xkey; return key; } +#ifdef ENABLE_PKCS11 + static gnutls_privkey_t _load_pkcs11_privkey(const char* url) { int ret; @@ -257,6 +259,7 @@ unsigned int obj_flags = 0; return pubkey; } +#endif /* ENABLE_PKCS11 */ /* Load the private key. * @mand should be non zero if it is required to read a private key. @@ -274,8 +277,10 @@ load_private_key (int mand, common_info_st * info) if (info->privkey == NULL) error (EXIT_FAILURE, 0, "missing --load-privkey"); +#ifdef ENABLE_PKCS11 if (strncmp(info->privkey, "pkcs11:", 7) == 0) return _load_pkcs11_privkey(info->privkey); +#endif dat.data = read_binary_file (info->privkey, &size); dat.size = size; @@ -480,8 +485,10 @@ load_ca_private_key (common_info_st * info) if (info->ca_privkey == NULL) error (EXIT_FAILURE, 0, "missing --load-ca-privkey"); +#ifdef ENABLE_PKCS11 if (strncmp(info->ca_privkey, "pkcs11:", 7) == 0) return _load_pkcs11_privkey(info->ca_privkey); +#endif dat.data = read_binary_file (info->ca_privkey, &size); dat.size = size; @@ -547,8 +554,10 @@ load_pubkey (int mand, common_info_st * info) if (info->pubkey == NULL) error (EXIT_FAILURE, 0, "missing --load-pubkey"); +#ifdef ENABLE_PKCS11 if (strncmp(info->pubkey, "pkcs11:", 7) == 0) return _load_pkcs11_pubkey(info->pubkey); +#endif ret = gnutls_pubkey_init (&key); if (ret < 0) |