From: Nikos Mavrogiannopoulos Date: Sun, 19 Jun 2011 07:46:56 +0000 (+0200) Subject: indented code. X-Git-Tag: gnutls_2_99_4~32 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=720abdba139609e14059cfc32c10613d563290d5;p=thirdparty%2Fgnutls.git indented code. Corrected PKCS #11 example. --- diff --git a/doc/cha-cert-auth.texi b/doc/cha-cert-auth.texi index a18b63f110..b51a3edacc 100644 --- a/doc/cha-cert-auth.texi +++ b/doc/cha-cert-auth.texi @@ -496,56 +496,25 @@ char* url; gnutls_global_init(); -for (i=0;;i++) { - ret = gnutls_pkcs11_token_get_url(i, &url); - if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) - break; - - if (ret < 0) - exit(1); +for (i=0;;i++) + { + ret = gnutls_pkcs11_token_get_url(i, &url); + if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) + break; + + if (ret < 0) + exit(1); - fprintf(stdout, "Token[%d]: URL: %s\n", i, url); - gnutls_free(url); -} + fprintf(stdout, "Token[%d]: URL: %s\n", i, url); + gnutls_free(url); + } gnutls_global_deinit(); @end verbatim The next one will list all certificates in a token, that have a corresponding private key: -@verbatim -gnutls_pkcs11_obj_t *obj_list; -unsigned int obj_list_size = 0; -gnutls_datum_t cinfo; -int i; - -obj_list_size = 0; -ret = gnutls_pkcs11_obj_list_import_url( obj_list, NULL, url, \ - GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY); -if (ret < 0 && ret != GNUTLS_E_SHORT_MEMORY_BUFFER) - exit(1); - -/* no error checking from now on */ -obj_list = malloc(sizeof(*obj_list)*obj_list_size); - -gnutls_pkcs11_obj_list_import_url( obj_list, &obj_list_size, url, flags); - -/* now all certificates are in obj_list */ -for (i=0;i +#include +#include +#include + +#define URL "pkcs11:URL" + +int +main () +{ + gnutls_pkcs11_obj_t *obj_list; + gnutls_x509_crt_t xcrt; + unsigned int obj_list_size = 0; + gnutls_datum_t cinfo; + int i, ret; + + obj_list_size = 0; + ret = gnutls_pkcs11_obj_list_import_url (NULL, &obj_list_size, URL, + GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY, + 0); + if (ret < 0 && ret != GNUTLS_E_SHORT_MEMORY_BUFFER) + return -1; + +/* no error checking from now on */ + obj_list = malloc (sizeof (*obj_list) * obj_list_size); + + gnutls_pkcs11_obj_list_import_url (obj_list, &obj_list_size, URL, + GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY, + 0); + +/* now all certificates are in obj_list */ + for (i = 0; i < obj_list_size; i++) + { + + gnutls_x509_crt_init (&xcrt); + + gnutls_x509_crt_import_pkcs11 (xcrt, obj_list[i]); + + gnutls_x509_crt_print (xcrt, GNUTLS_CRT_PRINT_FULL, &cinfo); + + fprintf (stdout, "cert[%d]:\n %s\n\n", i, cinfo.data); + + gnutls_free (cinfo.data); + gnutls_x509_crt_deinit (xcrt); + } + + return 0; +} diff --git a/doc/examples/ex-session-info.c b/doc/examples/ex-session-info.c index 19fe5f91ad..e5f0b545e7 100644 --- a/doc/examples/ex-session-info.c +++ b/doc/examples/ex-session-info.c @@ -68,7 +68,7 @@ print_info (gnutls_session_t session) case GNUTLS_CRD_ANON: /* anonymous authentication */ - printf("- Anonymous authentication.\n"); + printf ("- Anonymous authentication.\n"); if (kx == GNUTLS_KX_ANON_ECDH) ecdh = 1; else if (kx == GNUTLS_KX_ANON_DH) @@ -92,8 +92,8 @@ print_info (gnutls_session_t session) } /* switch */ if (ecdh != 0) - printf("- Ephemeral ECDH using curve %s\n", - gnutls_ecc_curve_get_name(gnutls_ecc_curve_get(session))); + printf ("- Ephemeral ECDH using curve %s\n", + gnutls_ecc_curve_get_name (gnutls_ecc_curve_get (session))); else if (dhe != 0) printf ("- Ephemeral DH using prime of %d bits\n", gnutls_dh_get_prime_bits (session)); diff --git a/doc/examples/ex-verify.c b/doc/examples/ex-verify.c index 5d349216d7..0d52429e3a 100644 --- a/doc/examples/ex-verify.c +++ b/doc/examples/ex-verify.c @@ -22,9 +22,10 @@ int crl_list_size; gnutls_x509_crt_t *ca_list; int ca_list_size; -static int print_details_func(gnutls_x509_crt_t cert, - gnutls_x509_crt_t issuer, gnutls_x509_crl_t crl, - unsigned int verification_output); +static int print_details_func (gnutls_x509_crt_t cert, + gnutls_x509_crt_t issuer, + gnutls_x509_crl_t crl, + unsigned int verification_output); /* This function will try to verify the peer's certificate chain, and * also check if the hostname matches. @@ -37,18 +38,18 @@ verify_certificate_chain (const char *hostname, int i; gnutls_x509_trust_list_t tlist; gnutls_x509_crt_t *cert; - + unsigned int output; /* Initialize the trusted certificate list. This should be done * once on initialization. gnutls_x509_crt_list_import2() and * gnutls_x509_crl_list_import2() can be used to load them. */ - gnutls_x509_trust_list_init(&tlist, 0); + gnutls_x509_trust_list_init (&tlist, 0); - gnutls_x509_trust_list_add_cas(tlist, ca_list, ca_list_size, 0); - gnutls_x509_trust_list_add_crls(tlist, crl_list, crl_list_size, - GNUTLS_TL_VERIFY_CRL, 0); + gnutls_x509_trust_list_add_cas (tlist, ca_list, ca_list_size, 0); + gnutls_x509_trust_list_add_crls (tlist, crl_list, crl_list_size, + GNUTLS_TL_VERIFY_CRL, 0); cert = malloc (sizeof (*cert) * cert_chain_length); @@ -61,15 +62,17 @@ verify_certificate_chain (const char *hostname, gnutls_x509_crt_import (cert[i], &cert_chain[i], GNUTLS_X509_FMT_DER); } - gnutls_x509_trust_list_verify_named_crt(tlist, cert[0], hostname, strlen(hostname), - GNUTLS_VERIFY_DISABLE_CRL_CHECKS, &output, print_details_func); + gnutls_x509_trust_list_verify_named_crt (tlist, cert[0], hostname, + strlen (hostname), + GNUTLS_VERIFY_DISABLE_CRL_CHECKS, + &output, print_details_func); /* if this certificate is not explicitly trusted verify against CAs */ if (output != 0) { - gnutls_x509_trust_list_verify_crt(tlist, cert, cert_chain_length, 0, - &output, print_details_func); + gnutls_x509_trust_list_verify_crt (tlist, cert, cert_chain_length, 0, + &output, print_details_func); } if (output & GNUTLS_CERT_INVALID) @@ -98,14 +101,15 @@ verify_certificate_chain (const char *hostname, hostname); } - gnutls_x509_trust_list_deinit(tlist, 1); + gnutls_x509_trust_list_deinit (tlist, 1); return; } -static int print_details_func(gnutls_x509_crt_t cert, - gnutls_x509_crt_t issuer, gnutls_x509_crl_t crl, - unsigned int verification_output) +static int +print_details_func (gnutls_x509_crt_t cert, + gnutls_x509_crt_t issuer, gnutls_x509_crl_t crl, + unsigned int verification_output) { char name[512]; char issuer_name[512];