pkcs11: added new functions to query the object's flags

gnutls_pkcs11_obj_get_flags() allows obtaining an object's flags,
and gnutls_pkcs11_flags_get_str() allows printing them.

2 files changed, 16 insertions, 2 deletions

diff --git a/src/p11tool.c b/src/p11tool.c
index 5980d7f58b..93fe15153f 100644
--- a/src/p11tool.c
+++ b/src/p11tool.c
@@ -89,7 +89,7 @@ unsigned opt_to_flags(void)
 		    GNUTLS_PKCS11_OBJ_FLAG_MARK_CA;
 
 	if (ENABLED_OPT(MARK_WRAP))
-		flags |= GNUTLS_PKCS11_OBJ_FLAG_KEY_WRAP;
+		flags |= GNUTLS_PKCS11_OBJ_FLAG_MARK_KEY_WRAP;
 
 	if (ENABLED_OPT(LOGIN))
 		flags |= GNUTLS_PKCS11_OBJ_FLAG_LOGIN;
diff --git a/src/pkcs11.c b/src/pkcs11.c
index 401ce7b133..893fc1ef9c 100644
--- a/src/pkcs11.c
+++ b/src/pkcs11.c
@@ -94,7 +94,7 @@ pkcs11_list(FILE * outfile, const char *url, int type, unsigned int flags,
 	gnutls_pkcs11_obj_t *crt_list;
 	unsigned int crt_list_size = 0, i;
 	int ret, otype;
-	char *output;
+	char *output, *str;
 	int attrs;
 	unsigned int obj_flags = flags;
 
@@ -133,6 +133,7 @@ pkcs11_list(FILE * outfile, const char *url, int type, unsigned int flags,
 	for (i = 0; i < crt_list_size; i++) {
 		char buf[128];
 		size_t size;
+		unsigned int oflags;
 
 		ret =
 		    gnutls_pkcs11_obj_export_url(crt_list[i], detailed,
@@ -161,6 +162,19 @@ pkcs11_list(FILE * outfile, const char *url, int type, unsigned int flags,
 		}
 		fprintf(outfile, "\tLabel: %s\n", buf);
 
+		oflags = 0;
+		ret = gnutls_pkcs11_obj_get_flags(crt_list[i], &oflags);
+		if (ret < 0) {
+			fprintf(stderr, "Error in %s:%d: %s\n", __func__,
+				__LINE__, gnutls_strerror(ret));
+			exit(1);
+		}
+		str = gnutls_pkcs11_flags_get_str(oflags);
+		if (str != NULL) {
+			fprintf(outfile, "\tFlags: %s\n", str);
+			gnutls_free(str);
+		}
+
 		size = sizeof(buf);
 		ret =
 		    gnutls_pkcs11_obj_get_info(crt_list[i],