]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
Add getter functions for openpgp keys and certificates
authorArmin Burgmeier <armin@arbur.net>
Thu, 18 Sep 2014 14:13:55 +0000 (10:13 -0400)
committerNikos Mavrogiannopoulos <nmav@gnutls.org>
Wed, 24 Sep 2014 08:07:39 +0000 (10:07 +0200)
Signed-off-by: Armin Burgmeier <armin@arbur.net>
lib/includes/gnutls/openpgp.h
lib/libgnutls.map
lib/openpgp/gnutls_openpgp.c

index 11958b3764e4b9ebdea21f51402d4aaa1885743a..b7b64ad78864383e14bdaa7bee953d9a6824d4bd 100644 (file)
@@ -332,6 +332,16 @@ int gnutls_certificate_set_openpgp_key
     (gnutls_certificate_credentials_t res,
      gnutls_openpgp_crt_t crt, gnutls_openpgp_privkey_t pkey);
 
+int
+gnutls_certificate_get_openpgp_key(gnutls_certificate_credentials_t res,
+                                   int index,
+                                   gnutls_openpgp_privkey_t *key);
+int
+gnutls_certificate_get_openpgp_crt(gnutls_certificate_credentials_t res,
+                                   int index,
+                                   gnutls_openpgp_crt_t **crt_list,
+                                   int *crt_list_size);
+
 int
  gnutls_certificate_set_openpgp_key_file
     (gnutls_certificate_credentials_t res, const char *certfile,
index 062a55bd466f4baaa02574863fd6b2fc39986793..dffd364582e177e68cd2ae9105cfba8a8be9aefb 100644 (file)
@@ -1016,6 +1016,8 @@ GNUTLS_3_1_0 {
        gnutls_certificate_get_verify_flags;
        gnutls_certificate_get_x509_key;
        gnutls_certificate_get_x509_crt;
+       gnutls_certificate_get_openpgp_key;
+       gnutls_certificate_get_openpgp_crt;
        gnutls_credentials_get;
        gnutls_x509_crl_iter_crt_serial;
        gnutls_x509_crl_iter_deinit;
index 7c05e1fbfc5f50a614f374133566bc6e0c203ee0..bbb101ec8ad9b29bcc5022fa283f537db540686e 100644 (file)
@@ -166,6 +166,104 @@ gnutls_certificate_set_openpgp_key(gnutls_certificate_credentials_t res,
        return ret;
 }
 
+/**
+ * gnutls_certificate_get_openpgp_key:
+ * @res: is a #gnutls_certificate_credentials_t structure.
+ * @index: The index of the key to obtain.
+ * @key: Location to store the key.
+ *
+ * Obtains a OpenPGP private key that has been stored in @res with one of
+ * gnutls_certificate_set_openpgp_key(),
+ * gnutls_certificate_set_openpgp_key_file(),
+ * gnutls_certificate_set_openpgp_key_file2(),
+ * gnutls_certificate_set_openpgp_key_mem(), or
+ * gnutls_certificate_set_openpgp_key_mem2().
+ * The returned key must be deallocated with gnutls_openpgp_privkey_deinit()
+ * when no longer needed.
+ *
+ * If there is no key with the given index,
+ * %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE is returned. If the key with the
+ * given index is not a X.509 key, %GNUTLS_E_INVALID_REQUEST is returned.
+ *
+ * Returns: %GNUTLS_E_SUCCESS (0) on success, or a negative error code.
+ *
+ * Since: 3.4.0
+ */
+int
+gnutls_certificate_get_openpgp_key(gnutls_certificate_credentials_t res,
+                                   int index,
+                                   gnutls_openpgp_privkey_t *key)
+{
+       if (index >= res->ncerts) {
+               gnutls_assert();
+               return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+       }
+
+       return gnutls_privkey_export_openpgp(res->pkey[index], key);
+}
+
+/**
+ * gnutls_certificate_get_openpgp_crt:
+ * @res: is a #gnutls_certificate_credentials_t structure.
+ * @index: The index of the certificate list to obtain.
+ * @crt_list: Where to store the certificate list.
+ * @key: Will hold the number of certificates.
+ *
+ * Obtains a X.509 certificate list that has been stored in @res with one of
+ * gnutls_certificate_set_openpgp_key(),
+ * gnutls_certificate_set_openpgp_key_file(),
+ * gnutls_certificate_set_openpgp_key_file2(),
+ * gnutls_certificate_set_openpgp_key_mem(), or
+ * gnutls_certificate_set_openpgp_key_mem2().  Each certificate in the
+ * returned certificate list must be deallocated with
+ * gnutls_openpgp_crt_deinit(), and the list itself must be freed with
+ * gnutls_free().
+ *
+ * If there is no certificate with the given index,
+ * %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE is returned. If the certificate
+ * with the given index is not a X.509 certificate, %GNUTLS_E_INVALID_REQUEST
+ * is returned.
+ *
+ * Returns: %GNUTLS_E_SUCCESS (0) on success, or a negative error code.
+ *
+ * Since: 3.4.0
+ */
+int
+gnutls_certificate_get_openpgp_crt(gnutls_certificate_credentials_t res,
+                                   int index,
+                                   gnutls_openpgp_crt_t **crt_list,
+                                   int *crt_list_size)
+{
+       int ret, i;
+
+       if (index >= res->ncerts) {
+               gnutls_assert();
+               return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+       }
+
+       *crt_list_size = res->certs[index].cert_list_length;
+       *crt_list = gnutls_malloc(
+               res->certs[index].cert_list_length * sizeof (gnutls_openpgp_crt_t));
+       if (*crt_list == NULL) {
+               gnutls_assert();
+               return GNUTLS_E_MEMORY_ERROR;
+       }
+
+       for (i = 0; i < res->certs[index].cert_list_length; ++i) {
+               ret = gnutls_pcert_export_openpgp(&res->certs[index].cert_list[i], crt_list[i]);
+               if (ret < 0) {
+                       while (i--)
+                               gnutls_openpgp_crt_deinit(*crt_list[i]);
+                       gnutls_free(*crt_list);
+                       *crt_list = NULL;
+
+                       return gnutls_assert_val(ret);
+               }
+       }
+
+       return 0;
+}
+
 /*-
  * gnutls_openpgp_get_key:
  * @key: the destination context to save the key.