[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, new, updated. gnutls_2_9_10-40-g9c21137
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, new, updated. gnutls_2_9_10-40-g9c21137 |
|
Date: |
Sun, 16 May 2010 10:06:42 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=9c21137aed2910de498832f598ae49238f40a27b
The branch, new has been updated
via 9c21137aed2910de498832f598ae49238f40a27b (commit)
from a9da7d371dc9270dbb55d61a42ac130a7d4365df (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 9c21137aed2910de498832f598ae49238f40a27b
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun May 16 12:06:33 2010 +0200
Added initial example.
-----------------------------------------------------------------------
Summary of changes:
doc/examples/Makefile.am | 2 +-
.../{ex-cert-select.c => ex-cert-select-pkcs11.c} | 67 +++-----------------
doc/gnutls.texi | 8 +++
3 files changed, 18 insertions(+), 59 deletions(-)
copy doc/examples/{ex-cert-select.c => ex-cert-select-pkcs11.c} (79%)
diff --git a/doc/examples/Makefile.am b/doc/examples/Makefile.am
index a8206ac..a48dbdb 100644
--- a/doc/examples/Makefile.am
+++ b/doc/examples/Makefile.am
@@ -78,4 +78,4 @@ noinst_LTLIBRARIES = libexamples.la
libexamples_la_SOURCES = examples.h ex-alert.c ex-pkcs12.c \
ex-rfc2818.c ex-session-info.c ex-x509-info.c ex-verify.c \
- tcp.c
+ tcp.c ex-cert-select-pkcs11.c
diff --git a/doc/examples/ex-cert-select.c
b/doc/examples/ex-cert-select-pkcs11.c
similarity index 79%
copy from doc/examples/ex-cert-select.c
copy to doc/examples/ex-cert-select-pkcs11.c
index 316ca77..64875a9 100644
--- a/doc/examples/ex-cert-select.c
+++ b/doc/examples/ex-cert-select-pkcs11.c
@@ -13,6 +13,7 @@
#include <unistd.h>
#include <gnutls/gnutls.h>
#include <gnutls/x509.h>
+#include <gnutls/pkcs11.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
@@ -23,9 +24,9 @@
#define MAX_BUF 1024
#define MSG "GET / HTTP/1.0\r\n\r\n"
-#define CERT_FILE "cert.pem"
-#define KEY_FILE "key.pem"
#define CAFILE "ca.pem"
+#define CERT_URL
"pkcs11:manufacturer=EnterSafe;object=Certificate;id=db:5b:3e:b5:72:33:92:99:18:ed:bb:eb:74:68:31:bd:b2:23:67:26"
+#define KEY_URL
"pkcs11:manufacturer=EnterSafe;object=Certificate;id=db:5b:3e:b5:72:33:92:99:18:ed:bb:eb:74:68:31:bd:b2:23:67:26"
extern int tcp_connect (void);
extern void tcp_close (int sd);
@@ -36,39 +37,7 @@ static int cert_callback (gnutls_session_t session,
int sign_algos_length, gnutls_retr2_st * st);
gnutls_x509_crt_t crt;
-gnutls_x509_privkey_t key;
-
-/* Helper functions to load a certificate and key
- * files into memory.
- */
-static gnutls_datum_t
-load_file (const char *file)
-{
- FILE *f;
- gnutls_datum_t loaded_file = { NULL, 0 };
- long filelen;
- void *ptr;
-
- if (!(f = fopen (file, "r"))
- || fseek (f, 0, SEEK_END) != 0
- || (filelen = ftell (f)) < 0
- || fseek (f, 0, SEEK_SET) != 0
- || !(ptr = malloc ((size_t) filelen))
- || fread (ptr, 1, (size_t) filelen, f) < (size_t) filelen)
- {
- return loaded_file;
- }
-
- loaded_file.data = ptr;
- loaded_file.size = (unsigned int) filelen;
- return loaded_file;
-}
-
-static void
-unload_file (gnutls_datum_t data)
-{
- free (data.data);
-}
+gnutls_pkcs11_privkey_t key;
/* Load the certificate and the private key.
*/
@@ -76,17 +45,10 @@ static void
load_keys (void)
{
int ret;
- gnutls_datum_t data;
- data = load_file (CERT_FILE);
- if (data.data == NULL)
- {
- fprintf (stderr, "*** Error loading cert file.\n");
- exit (1);
- }
gnutls_x509_crt_init (&crt);
- ret = gnutls_x509_crt_import (crt, &data, GNUTLS_X509_FMT_PEM);
+ ret = gnutls_x509_crt_import_pkcs11_url (crt, CERT_URL);
if (ret < 0)
{
fprintf (stderr, "*** Error loading key file: %s\n",
@@ -94,18 +56,9 @@ load_keys (void)
exit (1);
}
- unload_file (data);
-
- data = load_file (KEY_FILE);
- if (data.data == NULL)
- {
- fprintf (stderr, "*** Error loading key file.\n");
- exit (1);
- }
-
- gnutls_x509_privkey_init (&key);
+ gnutls_pkcs11_privkey_init (&key);
- ret = gnutls_x509_privkey_import (key, &data, GNUTLS_X509_FMT_PEM);
+ ret = gnutls_pkcs11_privkey_import_url (key, KEY_URL);
if (ret < 0)
{
fprintf (stderr, "*** Error loading key file: %s\n",
@@ -113,8 +66,6 @@ load_keys (void)
exit (1);
}
- unload_file (data);
-
}
int
@@ -304,8 +255,8 @@ cert_callback (gnutls_session_t session,
st->ncerts = 1;
st->cert.x509 = &crt;
- st->key.x509 = key;
- st->key_type = GNUTLS_PRIVKEY_X509;
+ st->key.pkcs11 = key;
+ st->key_type = GNUTLS_PRIVKEY_PKCS11;
st->deinit_all = 0;
}
diff --git a/doc/gnutls.texi b/doc/gnutls.texi
index 1748306..d3eb348 100644
--- a/doc/gnutls.texi
+++ b/doc/gnutls.texi
@@ -2599,6 +2599,14 @@ certificate selection callback.
@verbatiminclude examples/ex-cert-select.c
address@hidden Using a Callback to Select a @acronym{PKCS} #11 Certificate
+
+This example will demonstrate how to load keys and certificates
+from a @acronym{PKCS} #11 module, which is typically used
+for keys and certificates stored in smart cards.
+
address@hidden examples/ex-cert-select-pkcs11.c
+
@node Client with Resume capability example
@subsection Client with Resume Capability Example
@anchor{ex:resume-client}
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, new, updated. gnutls_2_9_10-40-g9c21137,
Nikos Mavrogiannopoulos <=