diff options
Diffstat (limited to 'doc/reference/html/gnutls-pkcs11.html')
| -rw-r--r-- | doc/reference/html/gnutls-pkcs11.html | 4178 |
1 files changed, 4178 insertions, 0 deletions
diff --git a/doc/reference/html/gnutls-pkcs11.html b/doc/reference/html/gnutls-pkcs11.html new file mode 100644 index 0000000..19bb391 --- /dev/null +++ b/doc/reference/html/gnutls-pkcs11.html @@ -0,0 +1,4178 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> +<html> +<head> +<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> +<title>pkcs11: GnuTLS API Reference Manual</title> +<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot"> +<link rel="home" href="index.html" title="GnuTLS API Reference Manual"> +<link rel="up" href="intro.html" title="GnuTLS API Reference Manual"> +<link rel="prev" href="gnutls-crypto.html" title="crypto"> +<link rel="next" href="gnutls-pkcs12.html" title="pkcs12"> +<meta name="generator" content="GTK-Doc V1.33.1 (XML mode)"> +<link rel="stylesheet" href="style.css" type="text/css"> +</head> +<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> +<table class="navigation" id="top" width="100%" summary="Navigation header" cellpadding="2" cellspacing="5"><tr valign="middle"> +<td width="100%" align="left" class="shortcuts"> +<a href="#" class="shortcut">Top</a><span id="nav_description"> <span class="dim">|</span> + <a href="#gnutls-pkcs11.description" class="shortcut">Description</a></span> +</td> +<td><a accesskey="h" href="index.html"><img src="home.png" width="16" height="16" border="0" alt="Home"></a></td> +<td><a accesskey="u" href="intro.html"><img src="up.png" width="16" height="16" border="0" alt="Up"></a></td> +<td><a accesskey="p" href="gnutls-crypto.html"><img src="left.png" width="16" height="16" border="0" alt="Prev"></a></td> +<td><a accesskey="n" href="gnutls-pkcs12.html"><img src="right.png" width="16" height="16" border="0" alt="Next"></a></td> +</tr></table> +<div class="refentry"> +<a name="gnutls-pkcs11"></a><div class="titlepage"></div> +<div class="refnamediv"><table width="100%"><tr> +<td valign="top"> +<h2><span class="refentrytitle"><a name="gnutls-pkcs11.top_of_page"></a>pkcs11</span></h2> +<p>pkcs11</p> +</td> +<td class="gallery_image" valign="top" align="right"></td> +</tr></table></div> +<div class="refsect1"> +<a name="gnutls-pkcs11.functions"></a><h2>Functions</h2> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="functions_proto_type"> +<col class="functions_proto_name"> +</colgroup> +<tbody> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<span class="c_punctuation">(</span><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-token-callback-t" title="gnutls_pkcs11_token_callback_t ()">*gnutls_pkcs11_token_callback_t</a><span class="c_punctuation">)</span> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-init" title="gnutls_pkcs11_init ()">gnutls_pkcs11_init</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-reinit" title="gnutls_pkcs11_reinit ()">gnutls_pkcs11_reinit</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-deinit" title="gnutls_pkcs11_deinit ()">gnutls_pkcs11_deinit</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-set-token-function" title="gnutls_pkcs11_set_token_function ()">gnutls_pkcs11_set_token_function</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-set-pin-function" title="gnutls_pkcs11_set_pin_function ()">gnutls_pkcs11_set_pin_function</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<a class="link" href="gnutls-gnutls.html#gnutls-pin-callback-t" title="gnutls_pin_callback_t ()"><span class="returnvalue">gnutls_pin_callback_t</span></a> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-get-pin-function" title="gnutls_pkcs11_get_pin_function ()">gnutls_pkcs11_get_pin_function</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-add-provider" title="gnutls_pkcs11_add_provider ()">gnutls_pkcs11_add_provider</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-init" title="gnutls_pkcs11_obj_init ()">gnutls_pkcs11_obj_init</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-set-pin-function" title="gnutls_pkcs11_obj_set_pin_function ()">gnutls_pkcs11_obj_set_pin_function</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-import-url" title="gnutls_pkcs11_obj_import_url ()">gnutls_pkcs11_obj_import_url</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-export-url" title="gnutls_pkcs11_obj_export_url ()">gnutls_pkcs11_obj_export_url</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-deinit" title="gnutls_pkcs11_obj_deinit ()">gnutls_pkcs11_obj_deinit</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-export" title="gnutls_pkcs11_obj_export ()">gnutls_pkcs11_obj_export</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-export2" title="gnutls_pkcs11_obj_export2 ()">gnutls_pkcs11_obj_export2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-export3" title="gnutls_pkcs11_obj_export3 ()">gnutls_pkcs11_obj_export3</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-get-raw-issuer" title="gnutls_pkcs11_get_raw_issuer ()">gnutls_pkcs11_get_raw_issuer</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-get-raw-issuer-by-dn" title="gnutls_pkcs11_get_raw_issuer_by_dn ()">gnutls_pkcs11_get_raw_issuer_by_dn</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-get-raw-issuer-by-subject-key-id" title="gnutls_pkcs11_get_raw_issuer_by_subject_key_id ()">gnutls_pkcs11_get_raw_issuer_by_subject_key_id</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">unsigned</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-crt-is-known" title="gnutls_pkcs11_crt_is_known ()">gnutls_pkcs11_crt_is_known</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-copy-x509-crt" title="gnutls_pkcs11_copy_x509_crt ()">gnutls_pkcs11_copy_x509_crt</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-copy-x509-privkey" title="gnutls_pkcs11_copy_x509_privkey ()">gnutls_pkcs11_copy_x509_privkey</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-privkey-generate2" title="gnutls_pkcs11_privkey_generate2 ()">gnutls_pkcs11_privkey_generate2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-privkey-generate" title="gnutls_pkcs11_privkey_generate ()">gnutls_pkcs11_privkey_generate</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-copy-pubkey" title="gnutls_pkcs11_copy_pubkey ()">gnutls_pkcs11_copy_pubkey</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-copy-x509-crt2" title="gnutls_pkcs11_copy_x509_crt2 ()">gnutls_pkcs11_copy_x509_crt2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-copy-x509-privkey2" title="gnutls_pkcs11_copy_x509_privkey2 ()">gnutls_pkcs11_copy_x509_privkey2</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-delete-url" title="gnutls_pkcs11_delete_url ()">gnutls_pkcs11_delete_url</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-copy-secret-key" title="gnutls_pkcs11_copy_secret_key ()">gnutls_pkcs11_copy_secret_key</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-get-ptr" title="gnutls_pkcs11_obj_get_ptr ()">gnutls_pkcs11_obj_get_ptr</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-get-info" title="gnutls_pkcs11_obj_get_info ()">gnutls_pkcs11_obj_get_info</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-set-info" title="gnutls_pkcs11_obj_set_info ()">gnutls_pkcs11_obj_set_info</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-token-init" title="gnutls_pkcs11_token_init ()">gnutls_pkcs11_token_init</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-token-get-ptr" title="gnutls_pkcs11_token_get_ptr ()">gnutls_pkcs11_token_get_ptr</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-token-get-mechanism" title="gnutls_pkcs11_token_get_mechanism ()">gnutls_pkcs11_token_get_mechanism</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">unsigned</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-token-check-mechanism" title="gnutls_pkcs11_token_check_mechanism ()">gnutls_pkcs11_token_check_mechanism</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-token-set-pin" title="gnutls_pkcs11_token_set_pin ()">gnutls_pkcs11_token_set_pin</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-token-get-url" title="gnutls_pkcs11_token_get_url ()">gnutls_pkcs11_token_get_url</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-token-get-info" title="gnutls_pkcs11_token_get_info ()">gnutls_pkcs11_token_get_info</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-token-get-flags" title="gnutls_pkcs11_token_get_flags ()">gnutls_pkcs11_token_get_flags</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-list-import-url" title="gnutls_pkcs11_obj_list_import_url()">gnutls_pkcs11_obj_list_import_url</a><span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-list-import-url2" title="gnutls_pkcs11_obj_list_import_url2()">gnutls_pkcs11_obj_list_import_url2</a><span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-list-import-url3" title="gnutls_pkcs11_obj_list_import_url3 ()">gnutls_pkcs11_obj_list_import_url3</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-list-import-url4" title="gnutls_pkcs11_obj_list_import_url4 ()">gnutls_pkcs11_obj_list_import_url4</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-x509-crt-import-pkcs11" title="gnutls_x509_crt_import_pkcs11 ()">gnutls_x509_crt_import_pkcs11</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type">const <span class="returnvalue">char</span> * +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-type-get-name" title="gnutls_pkcs11_type_get_name ()">gnutls_pkcs11_type_get_name</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-get-exts" title="gnutls_pkcs11_obj_get_exts ()">gnutls_pkcs11_obj_get_exts</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-get-flags" title="gnutls_pkcs11_obj_get_flags ()">gnutls_pkcs11_obj_get_flags</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">char</span> * +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-flags-get-str" title="gnutls_pkcs11_obj_flags_get_str ()">gnutls_pkcs11_obj_flags_get_str</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-x509-crt-list-import-pkcs11" title="gnutls_x509_crt_list_import_pkcs11 ()">gnutls_x509_crt_list_import_pkcs11</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-privkey-init" title="gnutls_pkcs11_privkey_init ()">gnutls_pkcs11_privkey_init</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-privkey-cpy" title="gnutls_pkcs11_privkey_cpy ()">gnutls_pkcs11_privkey_cpy</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-privkey-set-pin-function" title="gnutls_pkcs11_privkey_set_pin_function ()">gnutls_pkcs11_privkey_set_pin_function</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">void</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-privkey-deinit" title="gnutls_pkcs11_privkey_deinit ()">gnutls_pkcs11_privkey_deinit</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-privkey-get-pk-algorithm" title="gnutls_pkcs11_privkey_get_pk_algorithm ()">gnutls_pkcs11_privkey_get_pk_algorithm</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-privkey-get-info" title="gnutls_pkcs11_privkey_get_info ()">gnutls_pkcs11_privkey_get_info</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-privkey-import-url" title="gnutls_pkcs11_privkey_import_url ()">gnutls_pkcs11_privkey_import_url</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-privkey-export-url" title="gnutls_pkcs11_privkey_export_url ()">gnutls_pkcs11_privkey_export_url</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">unsigned</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-privkey-status" title="gnutls_pkcs11_privkey_status ()">gnutls_pkcs11_privkey_status</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-privkey-generate3" title="gnutls_pkcs11_privkey_generate3 ()">gnutls_pkcs11_privkey_generate3</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-privkey-export-pubkey" title="gnutls_pkcs11_privkey_export_pubkey ()">gnutls_pkcs11_privkey_export_pubkey</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-token-get-random" title="gnutls_pkcs11_token_get_random ()">gnutls_pkcs11_token_get_random</a> <span class="c_punctuation">()</span> +</td> +</tr> +<tr> +<td class="function_type"> +<span class="returnvalue">int</span> +</td> +<td class="function_name"> +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-copy-attached-extension" title="gnutls_pkcs11_copy_attached_extension ()">gnutls_pkcs11_copy_attached_extension</a> <span class="c_punctuation">()</span> +</td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect1"> +<a name="gnutls-pkcs11.other"></a><h2>Types and Values</h2> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="other_proto_type"> +<col class="other_proto_name"> +</colgroup> +<tbody> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-MAX-PIN-LEN:CAPS" title="GNUTLS_PKCS11_MAX_PIN_LEN">GNUTLS_PKCS11_MAX_PIN_LEN</a></td> +</tr> +<tr> +<td class="typedef_keyword">typedef</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t">gnutls_pkcs11_obj_t</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-FLAG-MANUAL:CAPS" title="GNUTLS_PKCS11_FLAG_MANUAL">GNUTLS_PKCS11_FLAG_MANUAL</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-FLAG-AUTO:CAPS" title="GNUTLS_PKCS11_FLAG_AUTO">GNUTLS_PKCS11_FLAG_AUTO</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-FLAG-AUTO-TRUSTED:CAPS" title="GNUTLS_PKCS11_FLAG_AUTO_TRUSTED">GNUTLS_PKCS11_FLAG_AUTO_TRUSTED</a></td> +</tr> +<tr> +<td class="datatype_keyword">enum</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-flags" title="enum gnutls_pkcs11_obj_flags">gnutls_pkcs11_obj_flags</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-attr-t" title="gnutls_pkcs11_obj_attr_t">gnutls_pkcs11_obj_attr_t</a></td> +</tr> +<tr> +<td class="datatype_keyword">enum</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-url-type-t" title="enum gnutls_pkcs11_url_type_t">gnutls_pkcs11_url_type_t</a></td> +</tr> +<tr> +<td class="datatype_keyword">enum</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-info-t" title="enum gnutls_pkcs11_obj_info_t">gnutls_pkcs11_obj_info_t</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-ATTR-CRT-ALL:CAPS" title="GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL">GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-ATTR-MATCH:CAPS" title="GNUTLS_PKCS11_OBJ_ATTR_MATCH">GNUTLS_PKCS11_OBJ_ATTR_MATCH</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-ATTR-ALL:CAPS" title="GNUTLS_PKCS11_OBJ_ATTR_ALL">GNUTLS_PKCS11_OBJ_ATTR_ALL</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-ATTR-CRT-TRUSTED:CAPS" title="GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED">GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-ATTR-CRT-WITH-PRIVKEY:CAPS" title="GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY">GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-ATTR-CRT-TRUSTED-CA:CAPS" title="GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED_CA">GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED_CA</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-ATTR-PUBKEY:CAPS" title="GNUTLS_PKCS11_OBJ_ATTR_PUBKEY">GNUTLS_PKCS11_OBJ_ATTR_PUBKEY</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-ATTR-PRIVKEY:CAPS" title="GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY">GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY</a></td> +</tr> +<tr> +<td class="datatype_keyword">enum</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-token-info-t" title="enum gnutls_pkcs11_token_info_t">gnutls_pkcs11_token_info_t</a></td> +</tr> +<tr> +<td class="datatype_keyword">enum</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-type-t" title="enum gnutls_pkcs11_obj_type_t">gnutls_pkcs11_obj_type_t</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-TOKEN-HW:CAPS" title="GNUTLS_PKCS11_TOKEN_HW">GNUTLS_PKCS11_TOKEN_HW</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-TOKEN-TRUSTED:CAPS" title="GNUTLS_PKCS11_TOKEN_TRUSTED">GNUTLS_PKCS11_TOKEN_TRUSTED</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-TOKEN-RNG:CAPS" title="GNUTLS_PKCS11_TOKEN_RNG">GNUTLS_PKCS11_TOKEN_RNG</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-TOKEN-LOGIN-REQUIRED:CAPS" title="GNUTLS_PKCS11_TOKEN_LOGIN_REQUIRED">GNUTLS_PKCS11_TOKEN_LOGIN_REQUIRED</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-TOKEN-PROTECTED-AUTHENTICATION-PATH:CAPS" title="GNUTLS_PKCS11_TOKEN_PROTECTED_AUTHENTICATION_PATH">GNUTLS_PKCS11_TOKEN_PROTECTED_AUTHENTICATION_PATH</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-TOKEN-INITIALIZED:CAPS" title="GNUTLS_PKCS11_TOKEN_INITIALIZED">GNUTLS_PKCS11_TOKEN_INITIALIZED</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-TOKEN-USER-PIN-COUNT-LOW:CAPS" title="GNUTLS_PKCS11_TOKEN_USER_PIN_COUNT_LOW">GNUTLS_PKCS11_TOKEN_USER_PIN_COUNT_LOW</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-TOKEN-USER-PIN-FINAL-TRY:CAPS" title="GNUTLS_PKCS11_TOKEN_USER_PIN_FINAL_TRY">GNUTLS_PKCS11_TOKEN_USER_PIN_FINAL_TRY</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-TOKEN-USER-PIN-LOCKED:CAPS" title="GNUTLS_PKCS11_TOKEN_USER_PIN_LOCKED">GNUTLS_PKCS11_TOKEN_USER_PIN_LOCKED</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-TOKEN-SO-PIN-COUNT-LOW:CAPS" title="GNUTLS_PKCS11_TOKEN_SO_PIN_COUNT_LOW">GNUTLS_PKCS11_TOKEN_SO_PIN_COUNT_LOW</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-TOKEN-SO-PIN-FINAL-TRY:CAPS" title="GNUTLS_PKCS11_TOKEN_SO_PIN_FINAL_TRY">GNUTLS_PKCS11_TOKEN_SO_PIN_FINAL_TRY</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-TOKEN-SO-PIN-LOCKED:CAPS" title="GNUTLS_PKCS11_TOKEN_SO_PIN_LOCKED">GNUTLS_PKCS11_TOKEN_SO_PIN_LOCKED</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-TOKEN-USER-PIN-INITIALIZED:CAPS" title="GNUTLS_PKCS11_TOKEN_USER_PIN_INITIALIZED">GNUTLS_PKCS11_TOKEN_USER_PIN_INITIALIZED</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-TOKEN-ERROR-STATE:CAPS" title="GNUTLS_PKCS11_TOKEN_ERROR_STATE">GNUTLS_PKCS11_TOKEN_ERROR_STATE</a></td> +</tr> +<tr> +<td class="define_keyword">#define</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#gnutls-x509-crt-import-pkcs11-url" title="gnutls_x509_crt_import_pkcs11_url">gnutls_x509_crt_import_pkcs11_url</a></td> +</tr> +<tr> +<td class="datatype_keyword">struct</td> +<td class="function_name"><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-st" title="struct gnutls_pkcs11_obj_st">gnutls_pkcs11_obj_st</a></td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect1"> +<a name="gnutls-pkcs11.description"></a><h2>Description</h2> +</div> +<div class="refsect1"> +<a name="gnutls-pkcs11.functions_details"></a><h2>Functions</h2> +<div class="refsect2"> +<a name="gnutls-pkcs11-token-callback-t"></a><h3>gnutls_pkcs11_token_callback_t ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +<span class="c_punctuation">(</span>*gnutls_pkcs11_token_callback_t<span class="c_punctuation">)</span> (<em class="parameter"><code><span class="type">void</span> *const userdata</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *const label</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> retry</code></em>);</pre> +<p>Token callback function. The callback will be used to ask the user +to re-insert the token with given (null terminated) label. The +callback should return zero if token has been inserted by user and +a negative error code otherwise. It might be called multiple times +if the token is not detected and the retry counter will be +increased.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-token-callback-t.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>userdata</p></td> +<td class="parameter_description"><p>user-controlled data from <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-set-token-function" title="gnutls_pkcs11_set_token_function ()"><code class="function">gnutls_pkcs11_set_token_function()</code></a>.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>label</p></td> +<td class="parameter_description"><p>token label.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>retry</p></td> +<td class="parameter_description"><p>retry counter, initially 0.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-token-callback-t.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) on success or a negative error code +on error.</p> +</div> +<p class="since">Since: 2.12.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-init"></a><h3>gnutls_pkcs11_init ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_init (<em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *deprecated_config_file</code></em>);</pre> +<p>This function will initialize the PKCS 11 subsystem in gnutls. It will +read configuration files if <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-FLAG-AUTO:CAPS" title="GNUTLS_PKCS11_FLAG_AUTO"><code class="literal">GNUTLS_PKCS11_FLAG_AUTO</code></a> is used or allow +you to independently load PKCS 11 modules using <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-add-provider" title="gnutls_pkcs11_add_provider ()"><code class="function">gnutls_pkcs11_add_provider()</code></a> +if <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-FLAG-MANUAL:CAPS" title="GNUTLS_PKCS11_FLAG_MANUAL"><code class="literal">GNUTLS_PKCS11_FLAG_MANUAL</code></a> is specified.</p> +<p>You don't need to call this function since GnuTLS 3.3.0 because it is being called +during the first request PKCS 11 operation. That call will assume the <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-FLAG-AUTO:CAPS" title="GNUTLS_PKCS11_FLAG_AUTO"><code class="literal">GNUTLS_PKCS11_FLAG_AUTO</code></a> +flag. If another flags are required then it must be called independently +prior to any PKCS 11 operation.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-init.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>An ORed sequence of <code class="literal">GNUTLS_PKCS11_FLAG_</code>*</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>deprecated_config_file</p></td> +<td class="parameter_description"><p>either NULL or the location of a deprecated +configuration file</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-init.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 2.12.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-reinit"></a><h3>gnutls_pkcs11_reinit ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_reinit (<em class="parameter"><code><span class="type">void</span></code></em>);</pre> +<p>This function will reinitialize the PKCS 11 subsystem in gnutls. +This is required by PKCS 11 when an application uses <code class="function">fork()</code>. The +reinitialization function must be called on the child.</p> +<p>Note that since GnuTLS 3.3.0, the reinitialization of the PKCS <span class="type">11</span> +subsystem occurs automatically after fork.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-reinit.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-deinit"></a><h3>gnutls_pkcs11_deinit ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> +gnutls_pkcs11_deinit (<em class="parameter"><code><span class="type">void</span></code></em>);</pre> +<p>This function will deinitialize the PKCS 11 subsystem in gnutls. +This function is only needed if you need to deinitialize the +subsystem without calling <a class="link" href="gnutls-gnutls.html#gnutls-global-deinit" title="gnutls_global_deinit ()"><code class="function">gnutls_global_deinit()</code></a>.</p> +<p class="since">Since: 2.12.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-set-token-function"></a><h3>gnutls_pkcs11_set_token_function ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> +gnutls_pkcs11_set_token_function (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-token-callback-t" title="gnutls_pkcs11_token_callback_t ()"><span class="type">gnutls_pkcs11_token_callback_t</span></a> fn</code></em>, + <em class="parameter"><code><span class="type">void</span> *userdata</code></em>);</pre> +<p>This function will set a callback function to be used when a token +needs to be inserted to continue PKCS 11 operations.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-set-token-function.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>fn</p></td> +<td class="parameter_description"><p>The token callback</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>userdata</p></td> +<td class="parameter_description"><p>data to be supplied to callback</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<p class="since">Since: 2.12.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-set-pin-function"></a><h3>gnutls_pkcs11_set_pin_function ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> +gnutls_pkcs11_set_pin_function (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pin-callback-t" title="gnutls_pin_callback_t ()"><span class="type">gnutls_pin_callback_t</span></a> fn</code></em>, + <em class="parameter"><code><span class="type">void</span> *userdata</code></em>);</pre> +<p>This function will set a callback function to be used when a PIN is +required for PKCS 11 operations. See +<a class="link" href="gnutls-gnutls.html#gnutls-pin-callback-t" title="gnutls_pin_callback_t ()"><code class="function">gnutls_pin_callback_t()</code></a> on how the callback should behave.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-set-pin-function.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>fn</p></td> +<td class="parameter_description"><p>The PIN callback, a <a class="link" href="gnutls-gnutls.html#gnutls-pin-callback-t" title="gnutls_pin_callback_t ()"><code class="function">gnutls_pin_callback_t()</code></a> function.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>userdata</p></td> +<td class="parameter_description"><p>data to be supplied to callback</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<p class="since">Since: 2.12.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-get-pin-function"></a><h3>gnutls_pkcs11_get_pin_function ()</h3> +<pre class="programlisting"><a class="link" href="gnutls-gnutls.html#gnutls-pin-callback-t" title="gnutls_pin_callback_t ()"><span class="returnvalue">gnutls_pin_callback_t</span></a> +gnutls_pkcs11_get_pin_function (<em class="parameter"><code><span class="type">void</span> **userdata</code></em>);</pre> +<p>This function will return the callback function set using +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-set-pin-function" title="gnutls_pkcs11_set_pin_function ()"><code class="function">gnutls_pkcs11_set_pin_function()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-get-pin-function.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>userdata</p></td> +<td class="parameter_description"><p>data to be supplied to callback</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-get-pin-function.returns"></a><h4>Returns</h4> +<p> The function set or NULL otherwise.</p> +</div> +<p class="since">Since: 3.1.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-add-provider"></a><h3>gnutls_pkcs11_add_provider ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_add_provider (<em class="parameter"><code>const <span class="type">char</span> *name</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *params</code></em>);</pre> +<p>This function will load and add a PKCS 11 module to the module +list used in gnutls. After this function is called the module will +be used for PKCS 11 operations.</p> +<p>When loading a module to be used for certificate verification, +use the string 'trusted' as <em class="parameter"><code>params</code></em> +.</p> +<p>Note that this function is not thread safe.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-add-provider.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>name</p></td> +<td class="parameter_description"><p>The filename of the module</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>params</p></td> +<td class="parameter_description"><p>should be NULL or a known string (see description)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-add-provider.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 2.12.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-obj-init"></a><h3>gnutls_pkcs11_obj_init ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_obj_init (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> *obj</code></em>);</pre> +<p>This function will initialize a pkcs11 certificate structure.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-init.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>obj</p></td> +<td class="parameter_description"><p>A pointer to the type to be initialized</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-init.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 2.12.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-obj-set-pin-function"></a><h3>gnutls_pkcs11_obj_set_pin_function ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> +gnutls_pkcs11_obj_set_pin_function (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> obj</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pin-callback-t" title="gnutls_pin_callback_t ()"><span class="type">gnutls_pin_callback_t</span></a> fn</code></em>, + <em class="parameter"><code><span class="type">void</span> *userdata</code></em>);</pre> +<p>This function will set a callback function to be used when +required to access the object. This function overrides the global +set using <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-set-pin-function" title="gnutls_pkcs11_set_pin_function ()"><code class="function">gnutls_pkcs11_set_pin_function()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-set-pin-function.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>obj</p></td> +<td class="parameter_description"><p>The object structure</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>fn</p></td> +<td class="parameter_description"><p>the callback</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>userdata</p></td> +<td class="parameter_description"><p>data associated with the callback</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<p class="since">Since: 3.1.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-obj-import-url"></a><h3>gnutls_pkcs11_obj_import_url ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_obj_import_url (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> obj</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *url</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will "import" a PKCS 11 URL identifying an object (e.g. certificate) +to the <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> type. This does not involve any +parsing (such as X.509 or OpenPGP) since the <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> is +format agnostic. Only data are transferred.</p> +<p>If the flag <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-OVERWRITE-TRUSTMOD-EXT:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT</code></a> is specified +any certificate read, will have its extensions overwritten by any +stapled extensions in the trust module.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-import-url.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>obj</p></td> +<td class="parameter_description"><p>The structure to store the object</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>url</p></td> +<td class="parameter_description"><p>a PKCS 11 url identifying the key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>Or sequence of GNUTLS_PKCS11_OBJ_* flags</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-import-url.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 2.12.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-obj-export-url"></a><h3>gnutls_pkcs11_obj_export_url ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_obj_export_url (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> obj</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-url-type-t" title="enum gnutls_pkcs11_url_type_t"><span class="type">gnutls_pkcs11_url_type_t</span></a> detailed</code></em>, + <em class="parameter"><code><span class="type">char</span> **url</code></em>);</pre> +<p>This function will export a URL identifying the given object.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-export-url.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>obj</p></td> +<td class="parameter_description"><p>Holds the PKCS 11 certificate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>detailed</p></td> +<td class="parameter_description"><p>non zero if a detailed URL is required</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>url</p></td> +<td class="parameter_description"><p>will contain an allocated url</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-export-url.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 2.12.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-obj-deinit"></a><h3>gnutls_pkcs11_obj_deinit ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> +gnutls_pkcs11_obj_deinit (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> obj</code></em>);</pre> +<p>This function will deinitialize a certificate structure.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-deinit.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>obj</p></td> +<td class="parameter_description"><p>The type to be deinitialized</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<p class="since">Since: 2.12.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-obj-export"></a><h3>gnutls_pkcs11_obj_export ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_obj_export (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> obj</code></em>, + <em class="parameter"><code><span class="type">void</span> *output_data</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *output_data_size</code></em>);</pre> +<p>This function will export the PKCS11 object data. It is normal for +data to be inaccessible and in that case <a class="link" href="gnutls-gnutls.html#GNUTLS-E-INVALID-REQUEST:CAPS" title="GNUTLS_E_INVALID_REQUEST"><code class="literal">GNUTLS_E_INVALID_REQUEST</code></a> +will be returned.</p> +<p>If the buffer provided is not long enough to hold the output, then +*output_data_size is updated and GNUTLS_E_SHORT_MEMORY_BUFFER will +be returned.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-export.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>obj</p></td> +<td class="parameter_description"><p>Holds the object</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>output_data</p></td> +<td class="parameter_description"><p>will contain the object data</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>output_data_size</p></td> +<td class="parameter_description"><p>holds the size of output_data (and will be +replaced by the actual size of parameters)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-export.returns"></a><h4>Returns</h4> +<p> In case of failure a negative error code will be +returned, and <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) on success.</p> +</div> +<p class="since">Since: 2.12.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-obj-export2"></a><h3>gnutls_pkcs11_obj_export2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_obj_export2 (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> obj</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *out</code></em>);</pre> +<p>This function will export the PKCS11 object data. It is normal for +data to be inaccessible and in that case <a class="link" href="gnutls-gnutls.html#GNUTLS-E-INVALID-REQUEST:CAPS" title="GNUTLS_E_INVALID_REQUEST"><code class="literal">GNUTLS_E_INVALID_REQUEST</code></a> +will be returned.</p> +<p>The output buffer is allocated using <code class="function">gnutls_malloc()</code>.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-export2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>obj</p></td> +<td class="parameter_description"><p>Holds the object</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>out</p></td> +<td class="parameter_description"><p>will contain the object data</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-export2.returns"></a><h4>Returns</h4> +<p> In case of failure a negative error code will be +returned, and <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) on success.</p> +</div> +<p class="since">Since: 3.1.3</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-obj-export3"></a><h3>gnutls_pkcs11_obj_export3 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_obj_export3 (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> obj</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> fmt</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *out</code></em>);</pre> +<p>This function will export the PKCS11 object data. It is normal for +data to be inaccessible and in that case <a class="link" href="gnutls-gnutls.html#GNUTLS-E-INVALID-REQUEST:CAPS" title="GNUTLS_E_INVALID_REQUEST"><code class="literal">GNUTLS_E_INVALID_REQUEST</code></a> +will be returned.</p> +<p>The output buffer is allocated using <code class="function">gnutls_malloc()</code>.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-export3.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>obj</p></td> +<td class="parameter_description"><p>Holds the object</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>out</p></td> +<td class="parameter_description"><p>will contain the object data</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>fmt</p></td> +<td class="parameter_description"><p>The format of the exported data</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-export3.returns"></a><h4>Returns</h4> +<p> In case of failure a negative error code will be +returned, and <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) on success.</p> +</div> +<p class="since">Since: 3.2.7</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-get-raw-issuer"></a><h3>gnutls_pkcs11_get_raw_issuer ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_get_raw_issuer (<em class="parameter"><code>const <span class="type">char</span> *url</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *issuer</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> fmt</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will return the issuer of a given certificate, if it +is stored in the token. By default only marked as trusted issuers +are returned. If any issuer should be returned specify +<a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-RETRIEVE-ANY:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_ANY</code></a> in <em class="parameter"><code>flags</code></em> +.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-get-raw-issuer.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>url</p></td> +<td class="parameter_description"><p>A PKCS 11 url identifying a token</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>is the certificate to find issuer for</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>issuer</p></td> +<td class="parameter_description"><p>Will hold the issuer if any in an allocated buffer.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>fmt</p></td> +<td class="parameter_description"><p>The format of the exported issuer.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>Use zero or flags from <code class="literal">GNUTLS_PKCS11_OBJ_FLAG</code>.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-get-raw-issuer.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.2.7</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-get-raw-issuer-by-dn"></a><h3>gnutls_pkcs11_get_raw_issuer_by_dn ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_get_raw_issuer_by_dn (<em class="parameter"><code>const <span class="type">char</span> *url</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *dn</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *issuer</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> fmt</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will return the certificate with the given DN, if it +is stored in the token. By default only marked as trusted issuers +are returned. If any issuer should be returned specify +<a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-RETRIEVE-ANY:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_ANY</code></a> in <em class="parameter"><code>flags</code></em> +.</p> +<p>The name of the function includes issuer because it can +be used to discover issuers of certificates.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-get-raw-issuer-by-dn.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>url</p></td> +<td class="parameter_description"><p>A PKCS 11 url identifying a token</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>dn</p></td> +<td class="parameter_description"><p>is the DN to search for</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>issuer</p></td> +<td class="parameter_description"><p>Will hold the issuer if any in an allocated buffer.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>fmt</p></td> +<td class="parameter_description"><p>The format of the exported issuer.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>Use zero or flags from <code class="literal">GNUTLS_PKCS11_OBJ_FLAG</code>.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-get-raw-issuer-by-dn.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.4.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-get-raw-issuer-by-subject-key-id"></a><h3>gnutls_pkcs11_get_raw_issuer_by_subject_key_id ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_get_raw_issuer_by_subject_key_id + (<em class="parameter"><code>const <span class="type">char</span> *url</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *dn</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *spki</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *issuer</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> fmt</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will return the certificate with the given DN and <em class="parameter"><code>spki</code></em> +, if it +is stored in the token. By default only marked as trusted issuers +are returned. If any issuer should be returned specify +<a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-RETRIEVE-ANY:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_ANY</code></a> in <em class="parameter"><code>flags</code></em> +.</p> +<p>The name of the function includes issuer because it can +be used to discover issuers of certificates.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-get-raw-issuer-by-subject-key-id.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>url</p></td> +<td class="parameter_description"><p>A PKCS 11 url identifying a token</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>dn</p></td> +<td class="parameter_description"><p>is the DN to search for (may be <code class="literal">NULL</code>)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>spki</p></td> +<td class="parameter_description"><p>is the subject key ID to search for</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>issuer</p></td> +<td class="parameter_description"><p>Will hold the issuer if any in an allocated buffer.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>fmt</p></td> +<td class="parameter_description"><p>The format of the exported issuer.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>Use zero or flags from <code class="literal">GNUTLS_PKCS11_OBJ_FLAG</code>.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-get-raw-issuer-by-subject-key-id.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.4.2</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-crt-is-known"></a><h3>gnutls_pkcs11_crt_is_known ()</h3> +<pre class="programlisting"><span class="returnvalue">unsigned</span> +gnutls_pkcs11_crt_is_known (<em class="parameter"><code>const <span class="type">char</span> *url</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> cert</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will check whether the provided certificate is stored +in the specified token. This is useful in combination with +<a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-RETRIEVE-TRUSTED:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED</code></a> or +<a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-RETRIEVE-DISTRUSTED:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED</code></a>, +to check whether a CA is present or a certificate is blacklisted in +a trust PKCS <span class="type">11</span> module.</p> +<p>This function can be used with a <em class="parameter"><code>url</code></em> + of "pkcs11:", and in that case all modules +will be searched. To restrict the modules to the marked as trusted in p11-kit +use the <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-PRESENT-IN-TRUSTED-MODULE:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE</code></a> flag.</p> +<p>Note that the flag <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-RETRIEVE-DISTRUSTED:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED</code></a> is +specific to p11-kit trust modules.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-crt-is-known.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>url</p></td> +<td class="parameter_description"><p>A PKCS 11 url identifying a token</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>cert</p></td> +<td class="parameter_description"><p>is the certificate to find issuer for</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>Use zero or flags from <code class="literal">GNUTLS_PKCS11_OBJ_FLAG</code>.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-crt-is-known.returns"></a><h4>Returns</h4> +<p> If the certificate exists non-zero is returned, otherwise zero.</p> +</div> +<p class="since">Since: 3.3.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-copy-x509-crt"></a><h3>gnutls_pkcs11_copy_x509_crt ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_copy_x509_crt (<em class="parameter"><code>const <span class="type">char</span> *token_url</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *label</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will copy a certificate into a PKCS <span class="type">11</span> token specified by +a URL. The certificate can be marked as trusted or not.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-copy-x509-crt.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>token_url</p></td> +<td class="parameter_description"><p>A PKCS <span class="type">11</span> URL specifying a token</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>A certificate</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>label</p></td> +<td class="parameter_description"><p>A name to be used for the stored data</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>One of GNUTLS_PKCS11_OBJ_FLAG_*</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-copy-x509-crt.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 2.12.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-copy-x509-privkey"></a><h3>gnutls_pkcs11_copy_x509_privkey ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_copy_x509_privkey (<em class="parameter"><code>const <span class="type">char</span> *token_url</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *label</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> key_usage</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will copy a private key into a PKCS <span class="type">11</span> token specified by +a URL.</p> +<p>Since 3.6.3 the objects are marked as sensitive by default unless +<a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-MARK-NOT-SENSITIVE:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_SENSITIVE</code></a> is specified.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-copy-x509-privkey.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>token_url</p></td> +<td class="parameter_description"><p>A PKCS <span class="type">11</span> URL specifying a token</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>A private key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>label</p></td> +<td class="parameter_description"><p>A name to be used for the stored data</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>key_usage</p></td> +<td class="parameter_description"><p>One of GNUTLS_KEY_*</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>One of GNUTLS_PKCS11_OBJ_* flags</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-copy-x509-privkey.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 2.12.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-privkey-generate2"></a><h3>gnutls_pkcs11_privkey_generate2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_privkey_generate2 (<em class="parameter"><code>const <span class="type">char</span> *url</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pk-algorithm-t" title="enum gnutls_pk_algorithm_t"><span class="type">gnutls_pk_algorithm_t</span></a> pk</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> bits</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *label</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> fmt</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *pubkey</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will generate a private key in the specified +by the <em class="parameter"><code>url</code></em> + token. The private key will be generate within +the token and will not be exportable. This function will +store the DER-encoded public key in the SubjectPublicKeyInfo format +in <em class="parameter"><code>pubkey</code></em> +. The <em class="parameter"><code>pubkey</code></em> + should be deinitialized using <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free()"><code class="function">gnutls_free()</code></a>.</p> +<p>Note that when generating an elliptic curve key, the curve +can be substituted in the place of the bits parameter using the +<a class="link" href="gnutls-gnutls.html#GNUTLS-CURVE-TO-BITS:CAPS" title="GNUTLS_CURVE_TO_BITS()"><code class="function">GNUTLS_CURVE_TO_BITS()</code></a> macro.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-privkey-generate2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>url</p></td> +<td class="parameter_description"><p>a token URL</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>pk</p></td> +<td class="parameter_description"><p>the public key algorithm</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>bits</p></td> +<td class="parameter_description"><p>the security bits</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>label</p></td> +<td class="parameter_description"><p>a label</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>fmt</p></td> +<td class="parameter_description"><p>the format of output params. PEM or DER</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>pubkey</p></td> +<td class="parameter_description"><p>will hold the public key (may be <code class="literal">NULL</code>)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>zero or an OR'ed sequence of <code class="literal">GNUTLS_PKCS11_OBJ_FLAGs</code></p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-privkey-generate2.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.1.5</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-privkey-generate"></a><h3>gnutls_pkcs11_privkey_generate ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_privkey_generate (<em class="parameter"><code>const <span class="type">char</span> *url</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pk-algorithm-t" title="enum gnutls_pk_algorithm_t"><span class="type">gnutls_pk_algorithm_t</span></a> pk</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> bits</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *label</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will generate a private key in the specified +by the <em class="parameter"><code>url</code></em> + token. The private key will be generate within +the token and will not be exportable.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-privkey-generate.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>url</p></td> +<td class="parameter_description"><p>a token URL</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>pk</p></td> +<td class="parameter_description"><p>the public key algorithm</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>bits</p></td> +<td class="parameter_description"><p>the security bits</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>label</p></td> +<td class="parameter_description"><p>a label</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>should be zero</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-privkey-generate.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-copy-pubkey"></a><h3>gnutls_pkcs11_copy_pubkey ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_copy_pubkey (<em class="parameter"><code>const <span class="type">char</span> *token_url</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pubkey-t" title="gnutls_pubkey_t"><span class="type">gnutls_pubkey_t</span></a> crt</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *label</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *cid</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> key_usage</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will copy a public key object into a PKCS <span class="type">11</span> token specified by +a URL. Valid flags to mark the key: <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-MARK-TRUSTED:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED</code></a>, +<a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-MARK-PRIVATE:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE</code></a>, <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-MARK-CA:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_MARK_CA</code></a>, +<a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-MARK-ALWAYS-AUTH:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_MARK_ALWAYS_AUTH</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-copy-pubkey.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>token_url</p></td> +<td class="parameter_description"><p>A PKCS <span class="type">11</span> URL specifying a token</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>pubkey</p></td> +<td class="parameter_description"><p>The public key to copy</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>label</p></td> +<td class="parameter_description"><p>The name to be used for the stored data</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>cid</p></td> +<td class="parameter_description"><p>The CKA_ID to set for the object -if NULL, the ID will be derived from the public key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>key_usage</p></td> +<td class="parameter_description"><p>One of GNUTLS_KEY_*</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>One of GNUTLS_PKCS11_OBJ_FLAG_*</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-copy-pubkey.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.4.6</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-copy-x509-crt2"></a><h3>gnutls_pkcs11_copy_x509_crt2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_copy_x509_crt2 (<em class="parameter"><code>const <span class="type">char</span> *token_url</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *label</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *id</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will copy a certificate into a PKCS <span class="type">11</span> token specified by +a URL. Valid flags to mark the certificate: <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-MARK-TRUSTED:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED</code></a>, +<a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-MARK-PRIVATE:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE</code></a>, <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-MARK-CA:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_MARK_CA</code></a>, +<a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-MARK-ALWAYS-AUTH:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_MARK_ALWAYS_AUTH</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-copy-x509-crt2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>token_url</p></td> +<td class="parameter_description"><p>A PKCS <span class="type">11</span> URL specifying a token</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>The certificate to copy</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>label</p></td> +<td class="parameter_description"><p>The name to be used for the stored data</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>cid</p></td> +<td class="parameter_description"><p>The CKA_ID to set for the object -if NULL, the ID will be derived from the public key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>One of GNUTLS_PKCS11_OBJ_FLAG_*</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-copy-x509-crt2.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.4.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-copy-x509-privkey2"></a><h3>gnutls_pkcs11_copy_x509_privkey2 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_copy_x509_privkey2 (<em class="parameter"><code>const <span class="type">char</span> *token_url</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *label</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *cid</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> key_usage</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will copy a private key into a PKCS <span class="type">11</span> token specified by +a URL.</p> +<p>Since 3.6.3 the objects are marked as sensitive by default unless +<a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-MARK-NOT-SENSITIVE:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_SENSITIVE</code></a> is specified.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-copy-x509-privkey2.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>token_url</p></td> +<td class="parameter_description"><p>A PKCS <span class="type">11</span> URL specifying a token</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>A private key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>label</p></td> +<td class="parameter_description"><p>A name to be used for the stored data</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>cid</p></td> +<td class="parameter_description"><p>The CKA_ID to set for the object -if NULL, the ID will be derived from the public key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>key_usage</p></td> +<td class="parameter_description"><p>One of GNUTLS_KEY_*</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>One of GNUTLS_PKCS11_OBJ_* flags</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-copy-x509-privkey2.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.4.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-delete-url"></a><h3>gnutls_pkcs11_delete_url ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_delete_url (<em class="parameter"><code>const <span class="type">char</span> *object_url</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will delete objects matching the given URL. +Note that not all tokens support the delete operation.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-delete-url.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>object_url</p></td> +<td class="parameter_description"><p>The URL of the object to delete.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>One of GNUTLS_PKCS11_OBJ_* flags</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-delete-url.returns"></a><h4>Returns</h4> +<p> On success, the number of objects deleted is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 2.12.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-copy-secret-key"></a><h3>gnutls_pkcs11_copy_secret_key ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_copy_secret_key (<em class="parameter"><code>const <span class="type">char</span> *token_url</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *key</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *label</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> key_usage</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will copy a raw secret (symmetric) key into a PKCS <span class="type">11</span> +token specified by a URL. The key can be marked as sensitive or not.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-copy-secret-key.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>token_url</p></td> +<td class="parameter_description"><p>A PKCS <span class="type">11</span> URL specifying a token</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>The raw key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>label</p></td> +<td class="parameter_description"><p>A name to be used for the stored data</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>key_usage</p></td> +<td class="parameter_description"><p>One of GNUTLS_KEY_*</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>One of GNUTLS_PKCS11_OBJ_FLAG_*</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-copy-secret-key.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 2.12.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-obj-get-ptr"></a><h3>gnutls_pkcs11_obj_get_ptr ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_obj_get_ptr (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> obj</code></em>, + <em class="parameter"><code><span class="type">void</span> **ptr</code></em>, + <em class="parameter"><code><span class="type">void</span> **session</code></em>, + <em class="parameter"><code><span class="type">void</span> **ohandle</code></em>, + <em class="parameter"><code>unsigned <span class="type">long</span> *slot_id</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>Obtains the PKCS<span class="type">11</span> session handles of an object. <em class="parameter"><code>session</code></em> + and <em class="parameter"><code>ohandle</code></em> + +must be deinitialized by the caller. The returned pointers are +independent of the <em class="parameter"><code>obj</code></em> + lifetime.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-get-ptr.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>obj</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ptr</p></td> +<td class="parameter_description"><p>will contain the CK_FUNCTION_LIST_PTR pointer (may be <code class="literal">NULL</code>)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>session</p></td> +<td class="parameter_description"><p>will contain the CK_SESSION_HANDLE of the object</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ohandle</p></td> +<td class="parameter_description"><p>will contain the CK_OBJECT_HANDLE of the object</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>slot_id</p></td> +<td class="parameter_description"><p>the identifier of the slot (may be <code class="literal">NULL</code>)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>Or sequence of GNUTLS_PKCS11_OBJ_* flags</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-get-ptr.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) on success or a negative error code +on error.</p> +</div> +<p class="since">Since: 3.6.3</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-obj-get-info"></a><h3>gnutls_pkcs11_obj_get_info ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_obj_get_info (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> obj</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-info-t" title="enum gnutls_pkcs11_obj_info_t"><span class="type">gnutls_pkcs11_obj_info_t</span></a> itype</code></em>, + <em class="parameter"><code><span class="type">void</span> *output</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *output_size</code></em>);</pre> +<p>This function will return information about the PKCS11 certificate +such as the label, id as well as token information where the key is +stored.</p> +<p>When output is text, a null terminated string is written to <em class="parameter"><code>output</code></em> + and its +string length is written to <em class="parameter"><code>output_size</code></em> + (without null terminator). If the +buffer is too small, <em class="parameter"><code>output_size</code></em> + will contain the expected buffer size +(with null terminator for text) and return <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a>.</p> +<p>In versions previously to 3.6.0 this function included the null terminator +to <em class="parameter"><code>output_size</code></em> +. After 3.6.0 the output size doesn't include the terminator character.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-get-info.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>obj</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>itype</p></td> +<td class="parameter_description"><p>Denotes the type of information requested</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>output</p></td> +<td class="parameter_description"><p>where output will be stored</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>output_size</p></td> +<td class="parameter_description"><p>contains the maximum size of the output buffer and will be +overwritten with the actual size.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-get-info.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) on success or a negative error code on error.</p> +</div> +<p class="since">Since: 2.12.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-obj-set-info"></a><h3>gnutls_pkcs11_obj_set_info ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_obj_set_info (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> obj</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-info-t" title="enum gnutls_pkcs11_obj_info_t"><span class="type">gnutls_pkcs11_obj_info_t</span></a> itype</code></em>, + <em class="parameter"><code>const <span class="type">void</span> *data</code></em>, + <em class="parameter"><code><span class="type">size_t</span> data_size</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> flags</code></em>);</pre> +<p>This function will set attributes on the provided object. +Available options for <em class="parameter"><code>itype</code></em> + are <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-LABEL:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_LABEL</code></a>, +<a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-ID-HEX:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_ID_HEX</code></a>, and <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-ID:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_ID</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-set-info.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>obj</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>itype</p></td> +<td class="parameter_description"><p>Denotes the type of information to be set</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>the data to set</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data_size</p></td> +<td class="parameter_description"><p>the size of data</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>Or sequence of GNUTLS_PKCS11_OBJ_* flags</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-set-info.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) on success or a negative error code on error.</p> +</div> +<p class="since">Since: 3.4.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-token-init"></a><h3>gnutls_pkcs11_token_init ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_token_init (<em class="parameter"><code>const <span class="type">char</span> *token_url</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *so_pin</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *label</code></em>);</pre> +<p>This function will initialize (format) a token. If the token is +at a factory defaults state the security officer's PIN given will be +set to be the default. Otherwise it should match the officer's PIN.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-token-init.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>token_url</p></td> +<td class="parameter_description"><p>A PKCS <span class="type">11</span> URL specifying a token</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>so_pin</p></td> +<td class="parameter_description"><p>Security Officer's PIN</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>label</p></td> +<td class="parameter_description"><p>A name to be used for the token</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-token-init.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-token-get-ptr"></a><h3>gnutls_pkcs11_token_get_ptr ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_token_get_ptr (<em class="parameter"><code>const <span class="type">char</span> *url</code></em>, + <em class="parameter"><code><span class="type">void</span> **ptr</code></em>, + <em class="parameter"><code>unsigned <span class="type">long</span> *slot_id</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will return the function pointer of the specified +token by the URL. The returned pointers are valid until +gnutls is deinitialized, c.f. <code class="function">_global_deinit()</code>.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-token-get-ptr.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>url</p></td> +<td class="parameter_description"><p>should contain a PKCS<span class="type">11</span> URL identifying a token</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ptr</p></td> +<td class="parameter_description"><p>will contain the CK_FUNCTION_LIST_PTR pointer</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>slot_id</p></td> +<td class="parameter_description"><p>will contain the slot_id (may be <code class="literal">NULL</code>)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>should be zero</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-token-get-ptr.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) on success or a negative error code +on error.</p> +</div> +<p class="since">Since: 3.6.3</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-token-get-mechanism"></a><h3>gnutls_pkcs11_token_get_mechanism ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_token_get_mechanism (<em class="parameter"><code>const <span class="type">char</span> *url</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> idx</code></em>, + <em class="parameter"><code>unsigned <span class="type">long</span> *mechanism</code></em>);</pre> +<p>This function will return the names of the supported mechanisms +by the token. It should be called with an increasing index until +it return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-token-get-mechanism.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>url</p></td> +<td class="parameter_description"><p>should contain a PKCS 11 URL</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>idx</p></td> +<td class="parameter_description"><p>The index of the mechanism</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>mechanism</p></td> +<td class="parameter_description"><p>The PKCS <span class="type">11</span> mechanism ID</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-token-get-mechanism.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) on success or a negative error code on error.</p> +</div> +<p class="since">Since: 2.12.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-token-check-mechanism"></a><h3>gnutls_pkcs11_token_check_mechanism ()</h3> +<pre class="programlisting"><span class="returnvalue">unsigned</span> +gnutls_pkcs11_token_check_mechanism (<em class="parameter"><code>const <span class="type">char</span> *url</code></em>, + <em class="parameter"><code><span class="type">unsigned long </span> mechanism</code></em>, + <em class="parameter"><code><span class="type">void</span> *ptr</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> psize</code></em>, + <em class="parameter"><code><span class="type">unsigned </span> flags</code></em>);</pre> +<p>This function will return whether a mechanism is supported +by the given token. If the mechanism is supported and +<em class="parameter"><code>ptr</code></em> + is set, it will be updated with the token information.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-token-check-mechanism.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>url</p></td> +<td class="parameter_description"><p>should contain a PKCS 11 URL</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>mechanism</p></td> +<td class="parameter_description"><p>The PKCS <span class="type">11</span> mechanism ID</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ptr</p></td> +<td class="parameter_description"><p>if set it should point to a CK_MECHANISM_INFO struct</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>psize</p></td> +<td class="parameter_description"><p>the size of CK_MECHANISM_INFO struct (for safety)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>must be zero</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-token-check-mechanism.returns"></a><h4>Returns</h4> +<p> Non-zero if the mechanism is supported or zero otherwise.</p> +</div> +<p class="since">Since: 3.6.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-token-set-pin"></a><h3>gnutls_pkcs11_token_set_pin ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_token_set_pin (<em class="parameter"><code>const <span class="type">char</span> *token_url</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *oldpin</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *newpin</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will modify or set a user or administrator's PIN for +the given token. If it is called to set a PIN for first time +the oldpin must be <code class="literal">NULL</code>. When setting the admin's PIN with the +<a class="link" href="gnutls-gnutls.html#GNUTLS-PIN-SO:CAPS"><code class="literal">GNUTLS_PIN_SO</code></a> flag, the <em class="parameter"><code>oldpin</code></em> + value must be provided (this requirement +is relaxed after GnuTLS 3.6.5 since which the PIN will be requested if missing).</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-token-set-pin.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>token_url</p></td> +<td class="parameter_description"><p>A PKCS <span class="type">11</span> URL specifying a token</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oldpin</p></td> +<td class="parameter_description"><p>old user's PIN</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>newpin</p></td> +<td class="parameter_description"><p>new user's PIN</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>one of <a class="link" href="gnutls-gnutls.html#gnutls-pin-flag-t" title="enum gnutls_pin_flag_t"><span class="type">gnutls_pin_flag_t</span></a>.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-token-set-pin.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-token-get-url"></a><h3>gnutls_pkcs11_token_get_url ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_token_get_url (<em class="parameter"><code>unsigned <span class="type">int</span> seq</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-url-type-t" title="enum gnutls_pkcs11_url_type_t"><span class="type">gnutls_pkcs11_url_type_t</span></a> detailed</code></em>, + <em class="parameter"><code><span class="type">char</span> **url</code></em>);</pre> +<p>This function will return the URL for each token available +in system. The url has to be released using <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free()"><code class="function">gnutls_free()</code></a></p> +<div class="refsect3"> +<a name="gnutls-pkcs11-token-get-url.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>seq</p></td> +<td class="parameter_description"><p>sequence number starting from 0</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>detailed</p></td> +<td class="parameter_description"><p>non zero if a detailed URL is required</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>url</p></td> +<td class="parameter_description"><p>will contain an allocated url</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-token-get-url.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, +<a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a> if the sequence number +exceeds the available tokens, otherwise a negative error value.</p> +</div> +<p class="since">Since: 2.12.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-token-get-info"></a><h3>gnutls_pkcs11_token_get_info ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_token_get_info (<em class="parameter"><code>const <span class="type">char</span> *url</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-token-info-t" title="enum gnutls_pkcs11_token_info_t"><span class="type">gnutls_pkcs11_token_info_t</span></a> ttype</code></em>, + <em class="parameter"><code><span class="type">void</span> *output</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *output_size</code></em>);</pre> +<p>This function will return information about the PKCS 11 token such +as the label, id, etc.</p> +<p>When output is text, a null terminated string is written to <em class="parameter"><code>output</code></em> + and its +string length is written to <em class="parameter"><code>output_size</code></em> + (without null terminator). If the +buffer is too small, <em class="parameter"><code>output_size</code></em> + will contain the expected buffer size +(with null terminator for text) and return <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SHORT-MEMORY-BUFFER:CAPS" title="GNUTLS_E_SHORT_MEMORY_BUFFER"><code class="literal">GNUTLS_E_SHORT_MEMORY_BUFFER</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-token-get-info.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>url</p></td> +<td class="parameter_description"><p>should contain a PKCS 11 URL</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>ttype</p></td> +<td class="parameter_description"><p>Denotes the type of information requested</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>output</p></td> +<td class="parameter_description"><p>where output will be stored</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>output_size</p></td> +<td class="parameter_description"><p>contains the maximum size of the output buffer and will be +overwritten with the actual size.</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-token-get-info.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) on success or a negative error code +on error.</p> +</div> +<p class="since">Since: 2.12.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-token-get-flags"></a><h3>gnutls_pkcs11_token_get_flags ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_token_get_flags (<em class="parameter"><code>const <span class="type">char</span> *url</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *flags</code></em>);</pre> +<p>This function will return information about the PKCS 11 token flags.</p> +<p>The supported flags are: <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-TOKEN-HW:CAPS" title="GNUTLS_PKCS11_TOKEN_HW"><code class="literal">GNUTLS_PKCS11_TOKEN_HW</code></a> and <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-TOKEN-TRUSTED:CAPS" title="GNUTLS_PKCS11_TOKEN_TRUSTED"><code class="literal">GNUTLS_PKCS11_TOKEN_TRUSTED</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-token-get-flags.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>url</p></td> +<td class="parameter_description"><p>should contain a PKCS 11 URL</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>The output flags (GNUTLS_PKCS11_TOKEN_*)</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-token-get-flags.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) on success or a negative error code on error.</p> +</div> +<p class="since">Since: 2.12.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-obj-list-import-url"></a><h3>gnutls_pkcs11_obj_list_import_url()</h3> +<pre class="programlisting">#define gnutls_pkcs11_obj_list_import_url(p_list, n_list, url, attrs, flags) gnutls_pkcs11_obj_list_import_url3(p_list, n_list, url, attrs|flags) +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-obj-list-import-url2"></a><h3>gnutls_pkcs11_obj_list_import_url2()</h3> +<pre class="programlisting">#define gnutls_pkcs11_obj_list_import_url2(p_list, n_list, url, attrs, flags) gnutls_pkcs11_obj_list_import_url4(p_list, n_list, url, attrs|flags) +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-obj-list-import-url3"></a><h3>gnutls_pkcs11_obj_list_import_url3 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_obj_list_import_url3 (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> *p_list</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *const n_list</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *url</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will initialize and set values to an object list +by using all objects identified by a PKCS 11 URL.</p> +<p>This function will enumerate all the objects specified by the PKCS<span class="type">11</span> URL +provided. It expects an already allocated <em class="parameter"><code>p_list</code></em> + which has *<em class="parameter"><code>n_list</code></em> + elements, +and that value will be updated to the actual number of present objects. The +<em class="parameter"><code>p_list</code></em> + objects will be initialized and set by this function. +To obtain a list of all available objects use a <em class="parameter"><code>url</code></em> + of 'pkcs11:'.</p> +<p>All returned objects must be deinitialized using <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-deinit" title="gnutls_pkcs11_obj_deinit ()"><code class="function">gnutls_pkcs11_obj_deinit()</code></a>.</p> +<p>The supported in this function <em class="parameter"><code>flags</code></em> + are <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-LOGIN:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_LOGIN</code></a>, +<a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-LOGIN-SO:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO</code></a>, <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-PRESENT-IN-TRUSTED-MODULE:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE</code></a>, +<a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-CRT:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_CRT</code></a>, <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-PUBKEY:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_PUBKEY</code></a>, <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-PRIVKEY:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_PRIVKEY</code></a>, +<a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-WITH-PRIVKEY:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_WITH_PRIVKEY</code></a>, <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-MARK-CA:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_MARK_CA</code></a>, +<a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-MARK-TRUSTED:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED</code></a>, and since 3.5.1 the <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-OVERWRITE-TRUSTMOD-EXT:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT</code></a>.</p> +<p>On versions of GnuTLS prior to 3.4.0 the equivalent function was +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-list-import-url" title="gnutls_pkcs11_obj_list_import_url()"><code class="function">gnutls_pkcs11_obj_list_import_url()</code></a>. That is also available on this version +as a macro which maps to this function.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-list-import-url3.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>p_list</p></td> +<td class="parameter_description"><p>An uninitialized object list (may be <code class="literal">NULL</code>)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>n_list</p></td> +<td class="parameter_description"><p>Initially should hold the maximum size of the list. Will contain the actual size.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>url</p></td> +<td class="parameter_description"><p>A PKCS 11 url identifying a set of objects</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>Or sequence of GNUTLS_PKCS11_OBJ_* flags</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-list-import-url3.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.4.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-obj-list-import-url4"></a><h3>gnutls_pkcs11_obj_list_import_url4 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_obj_list_import_url4 (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> **p_list</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *n_list</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *url</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will enumerate all the objects specified by the PKCS<span class="type">11</span> URL +provided. It will initialize and set values to the object pointer list (<em class="parameter"><code>p_list</code></em> +) +provided. To obtain a list of all available objects use a <em class="parameter"><code>url</code></em> + of 'pkcs11:'.</p> +<p>All returned objects must be deinitialized using <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-deinit" title="gnutls_pkcs11_obj_deinit ()"><code class="function">gnutls_pkcs11_obj_deinit()</code></a>, +and <em class="parameter"><code>p_list</code></em> + must be deinitialized using <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free()"><code class="function">gnutls_free()</code></a>.</p> +<p>The supported in this function <em class="parameter"><code>flags</code></em> + are <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-LOGIN:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_LOGIN</code></a>, +<a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-LOGIN-SO:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO</code></a>, <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-PRESENT-IN-TRUSTED-MODULE:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE</code></a>, +<a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-CRT:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_CRT</code></a>, <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-PUBKEY:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_PUBKEY</code></a>, <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-PRIVKEY:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_PRIVKEY</code></a>, +<a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-WITH-PRIVKEY:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_WITH_PRIVKEY</code></a>, <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-MARK-CA:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_MARK_CA</code></a>, +<a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-MARK-TRUSTED:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED</code></a>, and since 3.5.1 the <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-OVERWRITE-TRUSTMOD-EXT:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT</code></a>.</p> +<p>On versions of GnuTLS prior to 3.4.0 the equivalent function was +<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-list-import-url2" title="gnutls_pkcs11_obj_list_import_url2()"><code class="function">gnutls_pkcs11_obj_list_import_url2()</code></a>. That is also available on this version +as a macro which maps to this function.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-list-import-url4.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>p_list</p></td> +<td class="parameter_description"><p>An uninitialized object list (may be NULL)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>n_list</p></td> +<td class="parameter_description"><p>It will contain the size of the list.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>url</p></td> +<td class="parameter_description"><p>A PKCS 11 url identifying a set of objects</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>Or sequence of GNUTLS_PKCS11_OBJ_* flags</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-list-import-url4.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.4.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-import-pkcs11"></a><h3>gnutls_x509_crt_import_pkcs11 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_import_pkcs11 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> pkcs11_crt</code></em>);</pre> +<p>This function will import a PKCS 11 certificate to a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> +structure.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-import-pkcs11.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>A certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>pkcs11_crt</p></td> +<td class="parameter_description"><p>A PKCS 11 object that contains a certificate</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-import-pkcs11.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 2.12.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-type-get-name"></a><h3>gnutls_pkcs11_type_get_name ()</h3> +<pre class="programlisting">const <span class="returnvalue">char</span> * +gnutls_pkcs11_type_get_name (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-type-t" title="enum gnutls_pkcs11_obj_type_t"><span class="type">gnutls_pkcs11_obj_type_t</span></a> type</code></em>);</pre> +<p>This function will return a human readable description of the +PKCS11 object type <em class="parameter"><code>obj</code></em> +. It will return "Unknown" for unknown +types.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-type-get-name.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>type</p></td> +<td class="parameter_description"><p>Holds the PKCS 11 object type, a <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-type-t" title="enum gnutls_pkcs11_obj_type_t"><span class="type">gnutls_pkcs11_obj_type_t</span></a>.</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-type-get-name.returns"></a><h4>Returns</h4> +<p> human readable string labeling the PKCS11 object type +<em class="parameter"><code>type</code></em> +.</p> +</div> +<p class="since">Since: 2.12.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-obj-get-exts"></a><h3>gnutls_pkcs11_obj_get_exts ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_obj_get_exts (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> obj</code></em>, + <em class="parameter"><code><span class="type">struct gnutls_x509_ext_st</span> **exts</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *exts_size</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will return information about attached extensions +that associate to the provided object (which should be a certificate). +The extensions are the attached p11-kit trust module extensions.</p> +<p>Each element of <em class="parameter"><code>exts</code></em> + must be deinitialized using <a class="link" href="gnutls-x509.html#gnutls-x509-ext-deinit" title="gnutls_x509_ext_deinit ()"><code class="function">gnutls_x509_ext_deinit()</code></a> +while <em class="parameter"><code>exts</code></em> + should be deallocated using <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free()"><code class="function">gnutls_free()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-get-exts.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>obj</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>exts</p></td> +<td class="parameter_description"><p>a pointer to a <a class="link" href="gnutls-x509.html#gnutls-x509-ext-st" title="gnutls_x509_ext_st"><code class="literal">gnutls_x509_ext_st</code></a> pointer</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>exts_size</p></td> +<td class="parameter_description"><p>will be updated with the number of <em class="parameter"><code>exts</code></em> +</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>Or sequence of <code class="literal">GNUTLS_PKCS11_OBJ_</code>* flags </p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-get-exts.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) on success or a negative error code on error.</p> +</div> +<p class="since">Since: 3.3.8</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-obj-get-flags"></a><h3>gnutls_pkcs11_obj_get_flags ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_obj_get_flags (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> obj</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *oflags</code></em>);</pre> +<p>This function will return the flags of the object. +The <em class="parameter"><code>oflags</code></em> + will be flags from <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-flags" title="enum gnutls_pkcs11_obj_flags"><code class="literal">gnutls_pkcs11_obj_flags</code></a>. That is, +the <code class="literal">GNUTLS_PKCS11_OBJ_FLAG_MARK_</code>* flags.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-get-flags.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>obj</p></td> +<td class="parameter_description"><p>The pkcs11 object</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>oflags</p></td> +<td class="parameter_description"><p>Will hold the output flags</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-get-flags.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.3.7</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-obj-flags-get-str"></a><h3>gnutls_pkcs11_obj_flags_get_str ()</h3> +<pre class="programlisting"><span class="returnvalue">char</span> * +gnutls_pkcs11_obj_flags_get_str (<em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function given an or-sequence of <code class="literal">GNUTLS_PKCS11_OBJ_FLAG_MARK</code>, +will return an allocated string with its description. The string +needs to be deallocated using <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free()"><code class="function">gnutls_free()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-flags-get-str.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>holds the flags</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-flags-get-str.returns"></a><h4>Returns</h4> +<p> If flags is zero <code class="literal">NULL</code> is returned, otherwise an allocated string.</p> +</div> +<p class="since">Since: 3.3.7</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-list-import-pkcs11"></a><h3>gnutls_x509_crt_list_import_pkcs11 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_x509_crt_list_import_pkcs11 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> *certs</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> cert_max</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> * const objs</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will import a PKCS 11 certificate list to a list of +<a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> type. These must not be initialized.</p> +<div class="refsect3"> +<a name="gnutls-x509-crt-list-import-pkcs11.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>certs</p></td> +<td class="parameter_description"><p>A list of certificates of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a></p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>cert_max</p></td> +<td class="parameter_description"><p>The maximum size of the list</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>objs</p></td> +<td class="parameter_description"><p>A list of PKCS 11 objects</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>0 for now</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-x509-crt-list-import-pkcs11.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 2.12.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-privkey-init"></a><h3>gnutls_pkcs11_privkey_init ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_privkey_init (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pkcs11-privkey-t" title="gnutls_pkcs11_privkey_t"><span class="type">gnutls_pkcs11_privkey_t</span></a> *key</code></em>);</pre> +<p>This function will initialize an private key structure. This +structure can be used for accessing an underlying PKCS<span class="type">11</span> object.</p> +<p>In versions of GnuTLS later than 3.5.11 the object is protected +using locks and a single <a class="link" href="gnutls-gnutls.html#gnutls-pkcs11-privkey-t" title="gnutls_pkcs11_privkey_t"><code class="literal">gnutls_pkcs11_privkey_t</code></a> can be re-used +by many threads. However, for performance it is recommended to utilize +one object per key per thread.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-privkey-init.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>A pointer to the type to be initialized</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-privkey-init.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-privkey-cpy"></a><h3>gnutls_pkcs11_privkey_cpy ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_privkey_cpy (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pkcs11-privkey-t" title="gnutls_pkcs11_privkey_t"><span class="type">gnutls_pkcs11_privkey_t</span></a> dst</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pkcs11-privkey-t" title="gnutls_pkcs11_privkey_t"><span class="type">gnutls_pkcs11_privkey_t</span></a> src</code></em>);</pre> +<p>This function will copy a private key from source to destination +key. Destination has to be initialized.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-privkey-cpy.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>dst</p></td> +<td class="parameter_description"><p>The destination key, which should be initialized.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>src</p></td> +<td class="parameter_description"><p>The source key</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-privkey-cpy.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.4.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-privkey-set-pin-function"></a><h3>gnutls_pkcs11_privkey_set_pin_function ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> +gnutls_pkcs11_privkey_set_pin_function + (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pkcs11-privkey-t" title="gnutls_pkcs11_privkey_t"><span class="type">gnutls_pkcs11_privkey_t</span></a> key</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pin-callback-t" title="gnutls_pin_callback_t ()"><span class="type">gnutls_pin_callback_t</span></a> fn</code></em>, + <em class="parameter"><code><span class="type">void</span> *userdata</code></em>);</pre> +<p>This function will set a callback function to be used when +required to access the object. This function overrides the global +set using <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-set-pin-function" title="gnutls_pkcs11_set_pin_function ()"><code class="function">gnutls_pkcs11_set_pin_function()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-privkey-set-pin-function.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>The private key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>fn</p></td> +<td class="parameter_description"><p>the callback</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>userdata</p></td> +<td class="parameter_description"><p>data associated with the callback</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<p class="since">Since: 3.1.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-privkey-deinit"></a><h3>gnutls_pkcs11_privkey_deinit ()</h3> +<pre class="programlisting"><span class="returnvalue">void</span> +gnutls_pkcs11_privkey_deinit (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pkcs11-privkey-t" title="gnutls_pkcs11_privkey_t"><span class="type">gnutls_pkcs11_privkey_t</span></a> key</code></em>);</pre> +<p>This function will deinitialize a private key structure.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-privkey-deinit.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>the key to be deinitialized</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-privkey-get-pk-algorithm"></a><h3>gnutls_pkcs11_privkey_get_pk_algorithm ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_privkey_get_pk_algorithm + (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pkcs11-privkey-t" title="gnutls_pkcs11_privkey_t"><span class="type">gnutls_pkcs11_privkey_t</span></a> key</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> *bits</code></em>);</pre> +<p>This function will return the public key algorithm of a private +key.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-privkey-get-pk-algorithm.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-pkcs11-privkey-t" title="gnutls_pkcs11_privkey_t"><span class="type">gnutls_pkcs11_privkey_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>bits</p></td> +<td class="parameter_description"><p>if bits is non null it will hold the size of the parameters' in bits</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-privkey-get-pk-algorithm.returns"></a><h4>Returns</h4> +<p> a member of the <a class="link" href="gnutls-gnutls.html#gnutls-pk-algorithm-t" title="enum gnutls_pk_algorithm_t"><span class="type">gnutls_pk_algorithm_t</span></a> enumeration on +success, or a negative error code on error.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-privkey-get-info"></a><h3>gnutls_pkcs11_privkey_get_info ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_privkey_get_info (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pkcs11-privkey-t" title="gnutls_pkcs11_privkey_t"><span class="type">gnutls_pkcs11_privkey_t</span></a> pkey</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-info-t" title="enum gnutls_pkcs11_obj_info_t"><span class="type">gnutls_pkcs11_obj_info_t</span></a> itype</code></em>, + <em class="parameter"><code><span class="type">void</span> *output</code></em>, + <em class="parameter"><code><span class="type">size_t</span> *output_size</code></em>);</pre> +<p>This function will return information about the PKCS 11 private key such +as the label, id as well as token information where the key is stored. When +output is text it returns null terminated string although <span class="type">output_size</span> contains +the size of the actual data only.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-privkey-get-info.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>pkey</p></td> +<td class="parameter_description"><p>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-pkcs11-privkey-t" title="gnutls_pkcs11_privkey_t"><span class="type">gnutls_pkcs11_privkey_t</span></a> type</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>itype</p></td> +<td class="parameter_description"><p>Denotes the type of information requested</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>output</p></td> +<td class="parameter_description"><p>where output will be stored</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>output_size</p></td> +<td class="parameter_description"><p>contains the maximum size of the output and will be overwritten with actual</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-privkey-get-info.returns"></a><h4>Returns</h4> +<p> <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) on success or a negative error code on error.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-privkey-import-url"></a><h3>gnutls_pkcs11_privkey_import_url ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_privkey_import_url (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pkcs11-privkey-t" title="gnutls_pkcs11_privkey_t"><span class="type">gnutls_pkcs11_privkey_t</span></a> pkey</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *url</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will "import" a PKCS 11 URL identifying a private +key to the <a class="link" href="gnutls-gnutls.html#gnutls-pkcs11-privkey-t" title="gnutls_pkcs11_privkey_t"><span class="type">gnutls_pkcs11_privkey_t</span></a> type. In reality since +in most cases keys cannot be exported, the private key structure +is being associated with the available operations on the token.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-privkey-import-url.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>pkey</p></td> +<td class="parameter_description"><p>The private key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>url</p></td> +<td class="parameter_description"><p>a PKCS 11 url identifying the key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>Or sequence of GNUTLS_PKCS11_OBJ_* flags</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-privkey-import-url.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-privkey-export-url"></a><h3>gnutls_pkcs11_privkey_export_url ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_privkey_export_url (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pkcs11-privkey-t" title="gnutls_pkcs11_privkey_t"><span class="type">gnutls_pkcs11_privkey_t</span></a> key</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-url-type-t" title="enum gnutls_pkcs11_url_type_t"><span class="type">gnutls_pkcs11_url_type_t</span></a> detailed</code></em>, + <em class="parameter"><code><span class="type">char</span> **url</code></em>);</pre> +<p>This function will export a URL identifying the given key.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-privkey-export-url.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>Holds the PKCS 11 key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>detailed</p></td> +<td class="parameter_description"><p>non zero if a detailed URL is required</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>url</p></td> +<td class="parameter_description"><p>will contain an allocated url</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-privkey-export-url.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-privkey-status"></a><h3>gnutls_pkcs11_privkey_status ()</h3> +<pre class="programlisting"><span class="returnvalue">unsigned</span> +gnutls_pkcs11_privkey_status (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pkcs11-privkey-t" title="gnutls_pkcs11_privkey_t"><span class="type">gnutls_pkcs11_privkey_t</span></a> key</code></em>);</pre> +<p>Checks the status of the private key token.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-privkey-status.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody><tr> +<td class="parameter_name"><p>key</p></td> +<td class="parameter_description"><p>Holds the key</p></td> +<td class="parameter_annotations"> </td> +</tr></tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-privkey-status.returns"></a><h4>Returns</h4> +<p> this function will return non-zero if the token +holding the private key is still available (inserted), and zero otherwise.</p> +</div> +<p class="since">Since: 3.1.9</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-privkey-generate3"></a><h3>gnutls_pkcs11_privkey_generate3 ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_privkey_generate3 (<em class="parameter"><code>const <span class="type">char</span> *url</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pk-algorithm-t" title="enum gnutls_pk_algorithm_t"><span class="type">gnutls_pk_algorithm_t</span></a> pk</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> bits</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *label</code></em>, + <em class="parameter"><code>const <a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *cid</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> fmt</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *pubkey</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> key_usage</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will generate a private key in the specified +by the <em class="parameter"><code>url</code></em> + token. The private key will be generate within +the token and will not be exportable. This function will +store the DER-encoded public key in the SubjectPublicKeyInfo format +in <em class="parameter"><code>pubkey</code></em> +. The <em class="parameter"><code>pubkey</code></em> + should be deinitialized using <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free()"><code class="function">gnutls_free()</code></a>.</p> +<p>Note that when generating an elliptic curve key, the curve +can be substituted in the place of the bits parameter using the +<a class="link" href="gnutls-gnutls.html#GNUTLS-CURVE-TO-BITS:CAPS" title="GNUTLS_CURVE_TO_BITS()"><code class="function">GNUTLS_CURVE_TO_BITS()</code></a> macro.</p> +<p>Since 3.6.3 the objects are marked as sensitive by default unless +<a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-MARK-NOT-SENSITIVE:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_SENSITIVE</code></a> is specified.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-privkey-generate3.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>url</p></td> +<td class="parameter_description"><p>a token URL</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>pk</p></td> +<td class="parameter_description"><p>the public key algorithm</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>bits</p></td> +<td class="parameter_description"><p>the security bits</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>label</p></td> +<td class="parameter_description"><p>a label</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>cid</p></td> +<td class="parameter_description"><p>The CKA_ID to use for the new object</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>fmt</p></td> +<td class="parameter_description"><p>the format of output params. PEM or DER</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>pubkey</p></td> +<td class="parameter_description"><p>will hold the public key (may be <code class="literal">NULL</code>)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>key_usage</p></td> +<td class="parameter_description"><p>One of GNUTLS_KEY_*</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>zero or an OR'ed sequence of <code class="literal">GNUTLS_PKCS11_OBJ_FLAGs</code></p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-privkey-generate3.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.4.0</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-privkey-export-pubkey"></a><h3>gnutls_pkcs11_privkey_export_pubkey ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_privkey_export_pubkey (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pkcs11-privkey-t" title="gnutls_pkcs11_privkey_t"><span class="type">gnutls_pkcs11_privkey_t</span></a> pkey</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-fmt-t" title="enum gnutls_x509_crt_fmt_t"><span class="type">gnutls_x509_crt_fmt_t</span></a> fmt</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *pubkey</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will extract the public key (modulus and public +exponent) from the private key specified by the <em class="parameter"><code>url</code></em> + private key. +This public key will be stored in <em class="parameter"><code>pubkey</code></em> + in the format specified +by <em class="parameter"><code>fmt</code></em> +. <em class="parameter"><code>pubkey</code></em> + should be deinitialized using <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free()"><code class="function">gnutls_free()</code></a>.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-privkey-export-pubkey.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>pkey</p></td> +<td class="parameter_description"><p>The private key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>fmt</p></td> +<td class="parameter_description"><p>the format of output params. PEM or DER.</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>will hold the public key</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>should be zero</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-privkey-export-pubkey.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.3.7</p> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-token-get-random"></a><h3>gnutls_pkcs11_token_get_random ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_token_get_random (<em class="parameter"><code>const <span class="type">char</span> *token_url</code></em>, + <em class="parameter"><code><span class="type">void</span> *data</code></em>, + <em class="parameter"><code><span class="type">size_t</span> len</code></em>);</pre> +<p>This function will get random data from the given token. +It will store rnddata and fill the memory pointed to by rnddata with +len random bytes from the token.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-token-get-random.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>token_url</p></td> +<td class="parameter_description"><p>A PKCS <span class="type">11</span> URL specifying a token</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>len</p></td> +<td class="parameter_description"><p>The number of bytes of randomness to request</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>rnddata</p></td> +<td class="parameter_description"><p>A pointer to the memory area to be filled with random data</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-token-get-random.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-copy-attached-extension"></a><h3>gnutls_pkcs11_copy_attached_extension ()</h3> +<pre class="programlisting"><span class="returnvalue">int</span> +gnutls_pkcs11_copy_attached_extension (<em class="parameter"><code>const <span class="type">char</span> *token_url</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>, + <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-datum-t" title="gnutls_datum_t"><span class="type">gnutls_datum_t</span></a> *data</code></em>, + <em class="parameter"><code>const <span class="type">char</span> *label</code></em>, + <em class="parameter"><code>unsigned <span class="type">int</span> flags</code></em>);</pre> +<p>This function will copy an the attached extension in <em class="parameter"><code>data</code></em> + for +the certificate provided in <em class="parameter"><code>crt</code></em> + in the PKCS <span class="type">11</span> token specified +by the URL (typically a trust module). The extension must be in +RFC5280 Extension format.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-copy-attached-extension.parameters"></a><h4>Parameters</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="150px" class="parameters_name"> +<col class="parameters_description"> +<col width="200px" class="parameters_annotations"> +</colgroup> +<tbody> +<tr> +<td class="parameter_name"><p>token_url</p></td> +<td class="parameter_description"><p>A PKCS <span class="type">11</span> URL specifying a token</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>crt</p></td> +<td class="parameter_description"><p>An X.509 certificate object</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>data</p></td> +<td class="parameter_description"><p>the attached extension</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>label</p></td> +<td class="parameter_description"><p>A name to be used for the attached extension (may be <code class="literal">NULL</code>)</p></td> +<td class="parameter_annotations"> </td> +</tr> +<tr> +<td class="parameter_name"><p>flags</p></td> +<td class="parameter_description"><p>One of GNUTLS_PKCS11_OBJ_FLAG_*</p></td> +<td class="parameter_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +<div class="refsect3"> +<a name="gnutls-pkcs11-copy-attached-extension.returns"></a><h4>Returns</h4> +<p> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise a +negative error value.</p> +</div> +<p class="since">Since: 3.3.8</p> +</div> +</div> +<div class="refsect1"> +<a name="gnutls-pkcs11.other_details"></a><h2>Types and Values</h2> +<div class="refsect2"> +<a name="GNUTLS-PKCS11-MAX-PIN-LEN:CAPS"></a><h3>GNUTLS_PKCS11_MAX_PIN_LEN</h3> +<pre class="programlisting">#define GNUTLS_PKCS11_MAX_PIN_LEN 256 +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-obj-t"></a><h3>gnutls_pkcs11_obj_t</h3> +<pre class="programlisting">typedef struct gnutls_pkcs11_obj_st *gnutls_pkcs11_obj_t; +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS11-FLAG-MANUAL:CAPS"></a><h3>GNUTLS_PKCS11_FLAG_MANUAL</h3> +<pre class="programlisting">#define GNUTLS_PKCS11_FLAG_MANUAL 0 /* Manual loading of libraries */ +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS11-FLAG-AUTO:CAPS"></a><h3>GNUTLS_PKCS11_FLAG_AUTO</h3> +<pre class="programlisting">#define GNUTLS_PKCS11_FLAG_AUTO 1 /* Automatically load libraries by reading /etc/gnutls/pkcs11.conf */ +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS11-FLAG-AUTO-TRUSTED:CAPS"></a><h3>GNUTLS_PKCS11_FLAG_AUTO_TRUSTED</h3> +<pre class="programlisting">#define GNUTLS_PKCS11_FLAG_AUTO_TRUSTED (1<<1) /* Automatically load trusted libraries by reading /etc/gnutls/pkcs11.conf */ +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-obj-flags"></a><h3>enum gnutls_pkcs11_obj_flags</h3> +<p>Enumeration of different PKCS <span class="type">11</span> object flags. Some flags are used +to mark objects when storing, while others are also used while seeking +or retrieving objects.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-flags.members"></a><h4>Members</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="300px" class="enum_members_name"> +<col class="enum_members_description"> +<col width="200px" class="enum_members_annotations"> +</colgroup> +<tbody> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-FLAG-LOGIN:CAPS"></a>GNUTLS_PKCS11_OBJ_FLAG_LOGIN</p></td> +<td class="enum_member_description"> +<p>Force login in the token for the operation (seek+store). </p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-FLAG-MARK-TRUSTED:CAPS"></a>GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED</p></td> +<td class="enum_member_description"> +<p>object marked as trusted (seek+store).</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-FLAG-MARK-SENSITIVE:CAPS"></a>GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE</p></td> +<td class="enum_member_description"> +<p>object is explicitly marked as sensitive -unexportable (store).</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-FLAG-LOGIN-SO:CAPS"></a>GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO</p></td> +<td class="enum_member_description"> +<p>force login as a security officer in the token for the operation (seek+store).</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-FLAG-MARK-PRIVATE:CAPS"></a>GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE</p></td> +<td class="enum_member_description"> +<p>marked as private -requires PIN to access (store).</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-FLAG-MARK-NOT-PRIVATE:CAPS"></a>GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE</p></td> +<td class="enum_member_description"> +<p>marked as not private (store).</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-FLAG-RETRIEVE-ANY:CAPS"></a>GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_ANY</p></td> +<td class="enum_member_description"> +<p>When retrieving an object, do not set any requirements (store).</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-FLAG-RETRIEVE-TRUSTED:CAPS"></a>GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_TRUSTED</p></td> +<td class="enum_member_description"> +<p>When retrieving an object, only retrieve the marked as trusted (alias to <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-MARK-TRUSTED:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED</code></a>). +In <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-crt-is-known" title="gnutls_pkcs11_crt_is_known ()"><code class="function">gnutls_pkcs11_crt_is_known()</code></a> it implies <code class="literal">GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_COMPARE</code> if <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-COMPARE-KEY:CAPS"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_COMPARE_KEY</code></a> is not given.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-FLAG-MARK-DISTRUSTED:CAPS"></a>GNUTLS_PKCS11_OBJ_FLAG_MARK_DISTRUSTED</p></td> +<td class="enum_member_description"> +<p>When writing an object, mark it as distrusted (store).</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-FLAG-RETRIEVE-DISTRUSTED:CAPS"></a>GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED</p></td> +<td class="enum_member_description"> +<p>When retrieving an object, only retrieve the marked as distrusted (seek).</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-FLAG-COMPARE:CAPS"></a>GNUTLS_PKCS11_OBJ_FLAG_COMPARE</p></td> +<td class="enum_member_description"> +<p>When checking an object's presence, fully compare it before returning any result (seek).</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-FLAG-PRESENT-IN-TRUSTED-MODULE:CAPS"></a>GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE</p></td> +<td class="enum_member_description"> +<p>The object must be present in a marked as trusted module (seek).</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-FLAG-MARK-CA:CAPS"></a>GNUTLS_PKCS11_OBJ_FLAG_MARK_CA</p></td> +<td class="enum_member_description"> +<p>Mark the object as a CA (seek+store).</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-FLAG-MARK-KEY-WRAP:CAPS"></a>GNUTLS_PKCS11_OBJ_FLAG_MARK_KEY_WRAP</p></td> +<td class="enum_member_description"> +<p>Mark the generated key pair as wrapping and unwrapping keys (store).</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-FLAG-COMPARE-KEY:CAPS"></a>GNUTLS_PKCS11_OBJ_FLAG_COMPARE_KEY</p></td> +<td class="enum_member_description"> +<p>When checking an object's presence, compare the key before returning any result (seek).</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-FLAG-OVERWRITE-TRUSTMOD-EXT:CAPS"></a>GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT</p></td> +<td class="enum_member_description"> +<p>When an issuer is requested, override its extensions with the ones present in the trust module (seek).</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-FLAG-MARK-ALWAYS-AUTH:CAPS"></a>GNUTLS_PKCS11_OBJ_FLAG_MARK_ALWAYS_AUTH</p></td> +<td class="enum_member_description"> +<p>Mark the key pair as requiring authentication (pin entry) before every operation (seek+store).</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-FLAG-MARK-EXTRACTABLE:CAPS"></a>GNUTLS_PKCS11_OBJ_FLAG_MARK_EXTRACTABLE</p></td> +<td class="enum_member_description"> +<p>Mark the key pair as being extractable (store).</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-FLAG-NEVER-EXTRACTABLE:CAPS"></a>GNUTLS_PKCS11_OBJ_FLAG_NEVER_EXTRACTABLE</p></td> +<td class="enum_member_description"> +<p>If set, the object was never marked as extractable (store).</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-FLAG-CRT:CAPS"></a>GNUTLS_PKCS11_OBJ_FLAG_CRT</p></td> +<td class="enum_member_description"> +<p>When searching, restrict to certificates only (seek).</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-FLAG-WITH-PRIVKEY:CAPS"></a>GNUTLS_PKCS11_OBJ_FLAG_WITH_PRIVKEY</p></td> +<td> </td> +<td> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-FLAG-PUBKEY:CAPS"></a>GNUTLS_PKCS11_OBJ_FLAG_PUBKEY</p></td> +<td class="enum_member_description"> +<p>When searching, restrict to public key objects only (seek).</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-FLAG-NO-STORE-PUBKEY:CAPS"></a>GNUTLS_PKCS11_OBJ_FLAG_NO_STORE_PUBKEY</p></td> +<td class="enum_member_description"> +<p>When generating a keypair don't store the public key (store).</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-FLAG-PRIVKEY:CAPS"></a>GNUTLS_PKCS11_OBJ_FLAG_PRIVKEY</p></td> +<td class="enum_member_description"> +<p>When searching, restrict to private key objects only (seek).</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-FLAG-MARK-NOT-SENSITIVE:CAPS"></a>GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_SENSITIVE</p></td> +<td class="enum_member_description"> +<p>object marked as not sensitive -exportable (store).</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-obj-attr-t"></a><h3>gnutls_pkcs11_obj_attr_t</h3> +<pre class="programlisting">#define gnutls_pkcs11_obj_attr_t gnutls_pkcs11_obj_flags +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-url-type-t"></a><h3>enum gnutls_pkcs11_url_type_t</h3> +<p>Enumeration of different URL extraction flags.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-url-type-t.members"></a><h4>Members</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="300px" class="enum_members_name"> +<col class="enum_members_description"> +<col width="200px" class="enum_members_annotations"> +</colgroup> +<tbody> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-URL-GENERIC:CAPS"></a>GNUTLS_PKCS11_URL_GENERIC</p></td> +<td class="enum_member_description"> +<p>A generic-purpose URL.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-URL-LIB:CAPS"></a>GNUTLS_PKCS11_URL_LIB</p></td> +<td class="enum_member_description"> +<p>A URL that specifies the library used as well.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-URL-LIB-VERSION:CAPS"></a>GNUTLS_PKCS11_URL_LIB_VERSION</p></td> +<td class="enum_member_description"> +<p>A URL that specifies the library and its version.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-obj-info-t"></a><h3>enum gnutls_pkcs11_obj_info_t</h3> +<p>Enumeration of several object information types.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-info-t.members"></a><h4>Members</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="300px" class="enum_members_name"> +<col class="enum_members_description"> +<col width="200px" class="enum_members_annotations"> +</colgroup> +<tbody> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-ID-HEX:CAPS"></a>GNUTLS_PKCS11_OBJ_ID_HEX</p></td> +<td class="enum_member_description"> +<p>The object ID in hex. Null-terminated text.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-LABEL:CAPS"></a>GNUTLS_PKCS11_OBJ_LABEL</p></td> +<td class="enum_member_description"> +<p>The object label. Null-terminated text.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-TOKEN-LABEL:CAPS"></a>GNUTLS_PKCS11_OBJ_TOKEN_LABEL</p></td> +<td class="enum_member_description"> +<p>The token's label. Null-terminated text.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-TOKEN-SERIAL:CAPS"></a>GNUTLS_PKCS11_OBJ_TOKEN_SERIAL</p></td> +<td class="enum_member_description"> +<p>The token's serial number. Null-terminated text.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-TOKEN-MANUFACTURER:CAPS"></a>GNUTLS_PKCS11_OBJ_TOKEN_MANUFACTURER</p></td> +<td class="enum_member_description"> +<p>The token's manufacturer. Null-terminated text.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-TOKEN-MODEL:CAPS"></a>GNUTLS_PKCS11_OBJ_TOKEN_MODEL</p></td> +<td class="enum_member_description"> +<p>The token's model. Null-terminated text.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-ID:CAPS"></a>GNUTLS_PKCS11_OBJ_ID</p></td> +<td class="enum_member_description"> +<p>The object ID. Raw bytes.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-LIBRARY-VERSION:CAPS"></a>GNUTLS_PKCS11_OBJ_LIBRARY_VERSION</p></td> +<td class="enum_member_description"> +<p>The library's version. Null-terminated text.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-LIBRARY-DESCRIPTION:CAPS"></a>GNUTLS_PKCS11_OBJ_LIBRARY_DESCRIPTION</p></td> +<td class="enum_member_description"> +<p>The library's description. Null-terminated text.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-LIBRARY-MANUFACTURER:CAPS"></a>GNUTLS_PKCS11_OBJ_LIBRARY_MANUFACTURER</p></td> +<td class="enum_member_description"> +<p>The library's manufacturer name. Null-terminated text.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS11-OBJ-ATTR-CRT-ALL:CAPS"></a><h3>GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL</h3> +<pre class="programlisting">#define GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL GNUTLS_PKCS11_OBJ_FLAG_CRT +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS11-OBJ-ATTR-MATCH:CAPS"></a><h3>GNUTLS_PKCS11_OBJ_ATTR_MATCH</h3> +<pre class="programlisting">#define GNUTLS_PKCS11_OBJ_ATTR_MATCH 0 /* always match the given URL */ +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS11-OBJ-ATTR-ALL:CAPS"></a><h3>GNUTLS_PKCS11_OBJ_ATTR_ALL</h3> +<pre class="programlisting">#define GNUTLS_PKCS11_OBJ_ATTR_ALL 0 /* match everything! */ +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS11-OBJ-ATTR-CRT-TRUSTED:CAPS"></a><h3>GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED</h3> +<pre class="programlisting">#define GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED (GNUTLS_PKCS11_OBJ_FLAG_CRT|GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED) +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS11-OBJ-ATTR-CRT-WITH-PRIVKEY:CAPS"></a><h3>GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY</h3> +<pre class="programlisting">#define GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY (GNUTLS_PKCS11_OBJ_FLAG_CRT|GNUTLS_PKCS11_OBJ_FLAG_WITH_PRIVKEY) +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS11-OBJ-ATTR-CRT-TRUSTED-CA:CAPS"></a><h3>GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED_CA</h3> +<pre class="programlisting">#define GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED_CA (GNUTLS_PKCS11_OBJ_FLAG_CRT|GNUTLS_PKCS11_OBJ_FLAG_MARK_CA|GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED) +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS11-OBJ-ATTR-PUBKEY:CAPS"></a><h3>GNUTLS_PKCS11_OBJ_ATTR_PUBKEY</h3> +<pre class="programlisting">#define GNUTLS_PKCS11_OBJ_ATTR_PUBKEY GNUTLS_PKCS11_OBJ_FLAG_PUBKEY +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS11-OBJ-ATTR-PRIVKEY:CAPS"></a><h3>GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY</h3> +<pre class="programlisting">#define GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY GNUTLS_PKCS11_OBJ_FLAG_PRIVKEY +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-token-info-t"></a><h3>enum gnutls_pkcs11_token_info_t</h3> +<p>Enumeration of types for retrieving token information.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-token-info-t.members"></a><h4>Members</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="300px" class="enum_members_name"> +<col class="enum_members_description"> +<col width="200px" class="enum_members_annotations"> +</colgroup> +<tbody> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-TOKEN-LABEL:CAPS"></a>GNUTLS_PKCS11_TOKEN_LABEL</p></td> +<td class="enum_member_description"> +<p>The token's label (string)</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-TOKEN-SERIAL:CAPS"></a>GNUTLS_PKCS11_TOKEN_SERIAL</p></td> +<td class="enum_member_description"> +<p>The token's serial number (string)</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-TOKEN-MANUFACTURER:CAPS"></a>GNUTLS_PKCS11_TOKEN_MANUFACTURER</p></td> +<td class="enum_member_description"> +<p>The token's manufacturer (string)</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-TOKEN-MODEL:CAPS"></a>GNUTLS_PKCS11_TOKEN_MODEL</p></td> +<td class="enum_member_description"> +<p>The token's model (string)</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-TOKEN-MODNAME:CAPS"></a>GNUTLS_PKCS11_TOKEN_MODNAME</p></td> +<td class="enum_member_description"> +<p>The token's module name (string - since 3.4.3). This value is +unavailable for providers which were manually loaded.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-obj-type-t"></a><h3>enum gnutls_pkcs11_obj_type_t</h3> +<p>Enumeration of object types.</p> +<div class="refsect3"> +<a name="gnutls-pkcs11-obj-type-t.members"></a><h4>Members</h4> +<div class="informaltable"><table class="informaltable" width="100%" border="0"> +<colgroup> +<col width="300px" class="enum_members_name"> +<col class="enum_members_description"> +<col width="200px" class="enum_members_annotations"> +</colgroup> +<tbody> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-UNKNOWN:CAPS"></a>GNUTLS_PKCS11_OBJ_UNKNOWN</p></td> +<td class="enum_member_description"> +<p>Unknown PKCS11 object.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-X509-CRT:CAPS"></a>GNUTLS_PKCS11_OBJ_X509_CRT</p></td> +<td class="enum_member_description"> +<p>X.509 certificate.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-PUBKEY:CAPS"></a>GNUTLS_PKCS11_OBJ_PUBKEY</p></td> +<td class="enum_member_description"> +<p>Public key.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-PRIVKEY:CAPS"></a>GNUTLS_PKCS11_OBJ_PRIVKEY</p></td> +<td class="enum_member_description"> +<p>Private key.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-SECRET-KEY:CAPS"></a>GNUTLS_PKCS11_OBJ_SECRET_KEY</p></td> +<td class="enum_member_description"> +<p>Secret key.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-DATA:CAPS"></a>GNUTLS_PKCS11_OBJ_DATA</p></td> +<td class="enum_member_description"> +<p>Data object.</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +<tr> +<td class="enum_member_name"><p><a name="GNUTLS-PKCS11-OBJ-X509-CRT-EXTENSION:CAPS"></a>GNUTLS_PKCS11_OBJ_X509_CRT_EXTENSION</p></td> +<td class="enum_member_description"> +<p>X.509 certificate extension (supported by p11-kit trust module only).</p> +</td> +<td class="enum_member_annotations"> </td> +</tr> +</tbody> +</table></div> +</div> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS11-TOKEN-HW:CAPS"></a><h3>GNUTLS_PKCS11_TOKEN_HW</h3> +<pre class="programlisting">#define GNUTLS_PKCS11_TOKEN_HW 1 +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS11-TOKEN-TRUSTED:CAPS"></a><h3>GNUTLS_PKCS11_TOKEN_TRUSTED</h3> +<pre class="programlisting">#define GNUTLS_PKCS11_TOKEN_TRUSTED (1<<1) /* p11-kit trusted */ +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS11-TOKEN-RNG:CAPS"></a><h3>GNUTLS_PKCS11_TOKEN_RNG</h3> +<pre class="programlisting">#define GNUTLS_PKCS11_TOKEN_RNG (1<<2) /* CKF_RNG */ +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS11-TOKEN-LOGIN-REQUIRED:CAPS"></a><h3>GNUTLS_PKCS11_TOKEN_LOGIN_REQUIRED</h3> +<pre class="programlisting">#define GNUTLS_PKCS11_TOKEN_LOGIN_REQUIRED (1<<3) /* CKF_LOGIN_REQUIRED */ +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS11-TOKEN-PROTECTED-AUTHENTICATION-PATH:CAPS"></a><h3>GNUTLS_PKCS11_TOKEN_PROTECTED_AUTHENTICATION_PATH</h3> +<pre class="programlisting">#define GNUTLS_PKCS11_TOKEN_PROTECTED_AUTHENTICATION_PATH (1<<4) /* CKF_PROTECTED_AUTHENTICATION_PATH */ +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS11-TOKEN-INITIALIZED:CAPS"></a><h3>GNUTLS_PKCS11_TOKEN_INITIALIZED</h3> +<pre class="programlisting">#define GNUTLS_PKCS11_TOKEN_INITIALIZED (1<<5) /* CKF_TOKEN_INITIALIZED */ +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS11-TOKEN-USER-PIN-COUNT-LOW:CAPS"></a><h3>GNUTLS_PKCS11_TOKEN_USER_PIN_COUNT_LOW</h3> +<pre class="programlisting">#define GNUTLS_PKCS11_TOKEN_USER_PIN_COUNT_LOW (1<<6) /* CKF_USER_PIN_COUNT_LOW */ +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS11-TOKEN-USER-PIN-FINAL-TRY:CAPS"></a><h3>GNUTLS_PKCS11_TOKEN_USER_PIN_FINAL_TRY</h3> +<pre class="programlisting">#define GNUTLS_PKCS11_TOKEN_USER_PIN_FINAL_TRY (1<<7) /* CKF_USER_PIN_FINAL_TRY */ +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS11-TOKEN-USER-PIN-LOCKED:CAPS"></a><h3>GNUTLS_PKCS11_TOKEN_USER_PIN_LOCKED</h3> +<pre class="programlisting">#define GNUTLS_PKCS11_TOKEN_USER_PIN_LOCKED (1<<8) /* CKF_USER_PIN_LOCKED */ +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS11-TOKEN-SO-PIN-COUNT-LOW:CAPS"></a><h3>GNUTLS_PKCS11_TOKEN_SO_PIN_COUNT_LOW</h3> +<pre class="programlisting">#define GNUTLS_PKCS11_TOKEN_SO_PIN_COUNT_LOW (1<<9) /* CKF_SO_PIN_COUNT_LOW */ +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS11-TOKEN-SO-PIN-FINAL-TRY:CAPS"></a><h3>GNUTLS_PKCS11_TOKEN_SO_PIN_FINAL_TRY</h3> +<pre class="programlisting">#define GNUTLS_PKCS11_TOKEN_SO_PIN_FINAL_TRY (1<<10) /* CKF_SO_PIN_FINAL_TRY */ +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS11-TOKEN-SO-PIN-LOCKED:CAPS"></a><h3>GNUTLS_PKCS11_TOKEN_SO_PIN_LOCKED</h3> +<pre class="programlisting">#define GNUTLS_PKCS11_TOKEN_SO_PIN_LOCKED (1<<11) /* CKF_SO_PIN_LOCKED */ +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS11-TOKEN-USER-PIN-INITIALIZED:CAPS"></a><h3>GNUTLS_PKCS11_TOKEN_USER_PIN_INITIALIZED</h3> +<pre class="programlisting">#define GNUTLS_PKCS11_TOKEN_USER_PIN_INITIALIZED (1<<12) /* CKF_USER_PIN_INITIALIZED */ +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="GNUTLS-PKCS11-TOKEN-ERROR-STATE:CAPS"></a><h3>GNUTLS_PKCS11_TOKEN_ERROR_STATE</h3> +<pre class="programlisting">#define GNUTLS_PKCS11_TOKEN_ERROR_STATE (1<<13) /* CKF_ERROR_STATE */ +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-x509-crt-import-pkcs11-url"></a><h3>gnutls_x509_crt_import_pkcs11_url</h3> +<pre class="programlisting">#define gnutls_x509_crt_import_pkcs11_url gnutls_x509_crt_import_url +</pre> +</div> +<hr> +<div class="refsect2"> +<a name="gnutls-pkcs11-obj-st"></a><h3>struct gnutls_pkcs11_obj_st</h3> +<pre class="programlisting">struct gnutls_pkcs11_obj_st { + gnutls_datum_t raw; + gnutls_pkcs11_obj_type_t type; + ck_object_class_t class; + + unsigned int flags; + struct p11_kit_uri *info; + + /* only when pubkey */ + gnutls_datum_t pubkey[MAX_PUBLIC_PARAMS_SIZE]; + unsigned pubkey_size; + gnutls_pk_algorithm_t pk_algorithm; + unsigned int key_usage; + + struct pin_info_st pin; +}; +</pre> +</div> +</div> +</div> +<div class="footer"> +<hr>Generated by GTK-Doc V1.33.1</div> +</body> +</html>
\ No newline at end of file |