summaryrefslogtreecommitdiff
path: root/doc/examples/ex-pkcs12.c
diff options
context:
space:
mode:
Diffstat (limited to 'doc/examples/ex-pkcs12.c')
-rw-r--r--doc/examples/ex-pkcs12.c218
1 files changed, 108 insertions, 110 deletions
diff --git a/doc/examples/ex-pkcs12.c b/doc/examples/ex-pkcs12.c
index 69e7987618..7890518f94 100644
--- a/doc/examples/ex-pkcs12.c
+++ b/doc/examples/ex-pkcs12.c
@@ -20,115 +20,113 @@
* password: is the password used to encrypt the PKCS #12 packet.
*/
int
-write_pkcs12 (const gnutls_datum_t * cert,
- const gnutls_datum_t * pkcs8_key, const char *password)
+write_pkcs12(const gnutls_datum_t * cert,
+ const gnutls_datum_t * pkcs8_key, const char *password)
{
- gnutls_pkcs12_t pkcs12;
- int ret, bag_index;
- gnutls_pkcs12_bag_t bag, key_bag;
- char pkcs12_struct[10 * 1024];
- size_t pkcs12_struct_size;
- FILE *fd;
-
- /* A good idea might be to use gnutls_x509_privkey_get_key_id()
- * to obtain a unique ID.
- */
- gnutls_datum_t key_id = { (void *) "\x00\x00\x07", 3 };
-
- gnutls_global_init ();
-
- /* Firstly we create two helper bags, which hold the certificate,
- * and the (encrypted) key.
- */
-
- gnutls_pkcs12_bag_init (&bag);
- gnutls_pkcs12_bag_init (&key_bag);
-
- ret = gnutls_pkcs12_bag_set_data (bag, GNUTLS_BAG_CERTIFICATE, cert);
- if (ret < 0)
- {
- fprintf (stderr, "ret: %s\n", gnutls_strerror (ret));
- return 1;
- }
-
- /* ret now holds the bag's index.
- */
- bag_index = ret;
-
- /* Associate a friendly name with the given certificate. Used
- * by browsers.
- */
- gnutls_pkcs12_bag_set_friendly_name (bag, bag_index, "My name");
-
- /* Associate the certificate with the key using a unique key
- * ID.
- */
- gnutls_pkcs12_bag_set_key_id (bag, bag_index, &key_id);
-
- /* use weak encryption for the certificate.
- */
- gnutls_pkcs12_bag_encrypt (bag, password, GNUTLS_PKCS_USE_PKCS12_RC2_40);
-
- /* Now the key.
- */
-
- ret = gnutls_pkcs12_bag_set_data (key_bag,
- GNUTLS_BAG_PKCS8_ENCRYPTED_KEY,
- pkcs8_key);
- if (ret < 0)
- {
- fprintf (stderr, "ret: %s\n", gnutls_strerror (ret));
- return 1;
- }
-
- /* Note that since the PKCS #8 key is already encrypted we don't
- * bother encrypting that bag.
- */
- bag_index = ret;
-
- gnutls_pkcs12_bag_set_friendly_name (key_bag, bag_index, "My name");
-
- gnutls_pkcs12_bag_set_key_id (key_bag, bag_index, &key_id);
-
-
- /* The bags were filled. Now create the PKCS #12 structure.
- */
- gnutls_pkcs12_init (&pkcs12);
-
- /* Insert the two bags in the PKCS #12 structure.
- */
-
- gnutls_pkcs12_set_bag (pkcs12, bag);
- gnutls_pkcs12_set_bag (pkcs12, key_bag);
-
-
- /* Generate a message authentication code for the PKCS #12
- * structure.
- */
- gnutls_pkcs12_generate_mac (pkcs12, password);
-
- pkcs12_struct_size = sizeof (pkcs12_struct);
- ret =
- gnutls_pkcs12_export (pkcs12, GNUTLS_X509_FMT_DER, pkcs12_struct,
- &pkcs12_struct_size);
- if (ret < 0)
- {
- fprintf (stderr, "ret: %s\n", gnutls_strerror (ret));
- return 1;
- }
-
- fd = fopen (OUTFILE, "w");
- if (fd == NULL)
- {
- fprintf (stderr, "cannot open file\n");
- return 1;
- }
- fwrite (pkcs12_struct, 1, pkcs12_struct_size, fd);
- fclose (fd);
-
- gnutls_pkcs12_bag_deinit (bag);
- gnutls_pkcs12_bag_deinit (key_bag);
- gnutls_pkcs12_deinit (pkcs12);
-
- return 0;
+ gnutls_pkcs12_t pkcs12;
+ int ret, bag_index;
+ gnutls_pkcs12_bag_t bag, key_bag;
+ char pkcs12_struct[10 * 1024];
+ size_t pkcs12_struct_size;
+ FILE *fd;
+
+ /* A good idea might be to use gnutls_x509_privkey_get_key_id()
+ * to obtain a unique ID.
+ */
+ gnutls_datum_t key_id = { (void *) "\x00\x00\x07", 3 };
+
+ gnutls_global_init();
+
+ /* Firstly we create two helper bags, which hold the certificate,
+ * and the (encrypted) key.
+ */
+
+ gnutls_pkcs12_bag_init(&bag);
+ gnutls_pkcs12_bag_init(&key_bag);
+
+ ret =
+ gnutls_pkcs12_bag_set_data(bag, GNUTLS_BAG_CERTIFICATE, cert);
+ if (ret < 0) {
+ fprintf(stderr, "ret: %s\n", gnutls_strerror(ret));
+ return 1;
+ }
+
+ /* ret now holds the bag's index.
+ */
+ bag_index = ret;
+
+ /* Associate a friendly name with the given certificate. Used
+ * by browsers.
+ */
+ gnutls_pkcs12_bag_set_friendly_name(bag, bag_index, "My name");
+
+ /* Associate the certificate with the key using a unique key
+ * ID.
+ */
+ gnutls_pkcs12_bag_set_key_id(bag, bag_index, &key_id);
+
+ /* use weak encryption for the certificate.
+ */
+ gnutls_pkcs12_bag_encrypt(bag, password,
+ GNUTLS_PKCS_USE_PKCS12_RC2_40);
+
+ /* Now the key.
+ */
+
+ ret = gnutls_pkcs12_bag_set_data(key_bag,
+ GNUTLS_BAG_PKCS8_ENCRYPTED_KEY,
+ pkcs8_key);
+ if (ret < 0) {
+ fprintf(stderr, "ret: %s\n", gnutls_strerror(ret));
+ return 1;
+ }
+
+ /* Note that since the PKCS #8 key is already encrypted we don't
+ * bother encrypting that bag.
+ */
+ bag_index = ret;
+
+ gnutls_pkcs12_bag_set_friendly_name(key_bag, bag_index, "My name");
+
+ gnutls_pkcs12_bag_set_key_id(key_bag, bag_index, &key_id);
+
+
+ /* The bags were filled. Now create the PKCS #12 structure.
+ */
+ gnutls_pkcs12_init(&pkcs12);
+
+ /* Insert the two bags in the PKCS #12 structure.
+ */
+
+ gnutls_pkcs12_set_bag(pkcs12, bag);
+ gnutls_pkcs12_set_bag(pkcs12, key_bag);
+
+
+ /* Generate a message authentication code for the PKCS #12
+ * structure.
+ */
+ gnutls_pkcs12_generate_mac(pkcs12, password);
+
+ pkcs12_struct_size = sizeof(pkcs12_struct);
+ ret =
+ gnutls_pkcs12_export(pkcs12, GNUTLS_X509_FMT_DER,
+ pkcs12_struct, &pkcs12_struct_size);
+ if (ret < 0) {
+ fprintf(stderr, "ret: %s\n", gnutls_strerror(ret));
+ return 1;
+ }
+
+ fd = fopen(OUTFILE, "w");
+ if (fd == NULL) {
+ fprintf(stderr, "cannot open file\n");
+ return 1;
+ }
+ fwrite(pkcs12_struct, 1, pkcs12_struct_size, fd);
+ fclose(fd);
+
+ gnutls_pkcs12_bag_deinit(bag);
+ gnutls_pkcs12_bag_deinit(key_bag);
+ gnutls_pkcs12_deinit(pkcs12);
+
+ return 0;
}
View Lorry Controller Status