Added support to copy certificates and private keys to tokens.

New functions:
gnutls_pkcs11_copy_x509_crt()
gnutls_pkcs11_copy_x509_privkey()
gnutls_pkcs11_delete_url()

Certtool was updated to allow copying certificates and private keys
to tokens. Deleting an object has issues (segfault) but it seems to be related
with libopensc and its pkcs11 API.

1 files changed, 10 insertions, 1 deletions

diff --git a/src/certtool.gaa b/src/certtool.gaa
index 7ad13a114a..04b2eac695 100644
--- a/src/certtool.gaa
+++ b/src/certtool.gaa
@@ -146,6 +146,14 @@ option (pkcs11-list-all-certs) { $action = ACTION_PKCS11_LIST; $pkcs11_type=PKCS
 option (pkcs11-list-all) { $action = ACTION_PKCS11_LIST; $pkcs11_type=PKCS11_TYPE_ALL; } "List all objects specified by a PKCS#11 URL"
 option (pkcs11-list-tokens) { $action = ACTION_PKCS11_TOKENS; } "List all available tokens"
 
+#char* pkcs11_label;
+option (pkcs11-write) STR "URL" { $action = ACTION_PKCS11_WRITE_URL; $pkcs11_url = $1; } "Writes loaded certificates or private keys to a PKCS11 token."
+option (pkcs11-write-label) STR "label" { $pkcs11_label = $1; } "Sets a label for the write operation."
+#int pkcs11_trusted;
+option (pkcs11-write-trusted) { $pkcs11_trusted = 1; } "Marks the certificate to be imported as trusted."
+
+option (pkcs11-delete-url) STR "URL" { $action = ACTION_PKCS11_DELETE_URL; $pkcs11_url = $1; } "Deletes objects matching the URL."
+
 #int debug;
 option (d, debug) INT "LEVEL" { $debug = $1 } "specify the debug level. Default is 1."
 
@@ -158,4 +166,5 @@ init { $bits = 2048; $pkcs8 = 0; $privkey = NULL; $ca=NULL; $ca_privkey = NULL;
 	$incert_format = 0; $outcert_format = 0; $action=-1; $pass = NULL; $v1_cert = 0;
 	$export = 0; $template = NULL; $hash=NULL; $fix_key = 0; $quick_random=1; 
 	$privkey_op = 0; $pkcs_cipher = "3des"; $crq_extensions=1; $pkcs11_provider= NULL;
-	$pkcs11_url = NULL; $pkcs11_type = PKCS11_TYPE_PK; $pubkey=NULL; }
+	$pkcs11_url = NULL; $pkcs11_type = PKCS11_TYPE_PK; $pubkey=NULL; $pkcs11_label = NULL; 
+	$pkcs11_trusted=0; }