From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Fri, 7 Nov 2014 15:05:10 +0000 (+0100)
Subject: added gnutls_pkcs12_bag_set_privkey()
X-Git-Tag: gnutls_3_4_0~649
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=bb96203af96d20d295f3b4e339b2024246c27ae9;p=thirdparty%2Fgnutls.git

added gnutls_pkcs12_bag_set_privkey()

Conflicts:
	lib/libgnutls.map
---

diff --git a/lib/includes/gnutls/pkcs12.h b/lib/includes/gnutls/pkcs12.h
index 0465423bb7..1442b33bd9 100644
--- a/lib/includes/gnutls/pkcs12.h
+++ b/lib/includes/gnutls/pkcs12.h
@@ -121,6 +121,11 @@ int gnutls_pkcs12_bag_set_crl(gnutls_pkcs12_bag_t bag,
 int gnutls_pkcs12_bag_set_crt(gnutls_pkcs12_bag_t bag,
 			      gnutls_x509_crt_t crt);
 
+int
+gnutls_pkcs12_bag_set_privkey(gnutls_pkcs12_bag_t bag,
+			      gnutls_x509_privkey_t privkey,
+			      const char *password, unsigned flags);
+
 int gnutls_pkcs12_bag_init(gnutls_pkcs12_bag_t * bag);
 void gnutls_pkcs12_bag_deinit(gnutls_pkcs12_bag_t bag);
 int gnutls_pkcs12_bag_get_count(gnutls_pkcs12_bag_t bag);
diff --git a/lib/libgnutls.map b/lib/libgnutls.map
index 26cae17b7f..0dd9de0246 100644
--- a/lib/libgnutls.map
+++ b/lib/libgnutls.map
@@ -1059,6 +1059,7 @@ GNUTLS_3_1_0 {
 	gnutls_aead_cipher_deinit;
 	gnutls_dh_params_import_raw2;
 	gnutls_memset;
+	gnutls_pkcs12_bag_set_privkey;
 } GNUTLS_3_0_0;
 
 GNUTLS_FIPS140 {
diff --git a/lib/x509/pkcs12_bag.c b/lib/x509/pkcs12_bag.c
index 6a0e27a0c8..c285ef5339 100644
--- a/lib/x509/pkcs12_bag.c
+++ b/lib/x509/pkcs12_bag.c
@@ -854,3 +854,53 @@ gnutls_pkcs12_bag_enc_info(gnutls_pkcs12_bag_t bag, unsigned int *schema, unsign
 
 	return 0;
 }
+
+/**
+ * gnutls_pkcs12_bag_set_privkey:
+ * @bag: The bag
+ * @privkey: the private key to be copied.
+ * @password: the password to protect the key with (may be %NULL)
+ * @flags: should be one of #gnutls_pkcs_encrypt_flags_t elements bitwise or'd
+ *
+ * This function will insert the given private key into the
+ * bag. This is just a wrapper over gnutls_pkcs12_bag_set_data().
+ *
+ * Returns: the index of the added bag on success, or a negative
+ * value on failure.
+ **/
+int
+gnutls_pkcs12_bag_set_privkey(gnutls_pkcs12_bag_t bag, gnutls_x509_privkey_t privkey,
+			      const char *password, unsigned flags)
+{
+	int ret;
+	gnutls_datum_t data = {NULL, 0};
+
+	if (bag == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	ret = gnutls_x509_privkey_export2_pkcs8(privkey, GNUTLS_X509_FMT_DER,
+						password, flags, &data);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
+	if (password == NULL) {
+		ret = gnutls_pkcs12_bag_set_data(bag, GNUTLS_BAG_PKCS8_KEY, &data);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	} else {
+		ret = gnutls_pkcs12_bag_set_data(bag, GNUTLS_BAG_PKCS8_ENCRYPTED_KEY, &data);
+		if (ret < 0) {
+			gnutls_assert();
+			goto cleanup;
+		}
+	}
+
+ cleanup:
+	_gnutls_free_datum(&data);
+
+	return ret;
+}