1 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
4 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
6 <meta name="generator" content="DocBook XSL Stylesheets V1.76.1">
7 <link rel="home" href="index.html" title="GnuTLS API Reference Manual">
8 <link rel="up" href="intro.html" title="GnuTLS API Reference Manual">
9 <link rel="prev" href="gnutls-x509.html" title="x509">
10 <link rel="next" href="gnutls-pkcs12.html" title="pkcs12">
11 <meta name="generator" content="GTK-Doc V1.18 (XML mode)">
12 <link rel="stylesheet" href="style.css" type="text/css">
14 <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
15 <table class="navigation" id="top" width="100%" summary="Navigation header" cellpadding="2" cellspacing="2">
17 <td><a accesskey="p" href="gnutls-x509.html"><img src="left.png" width="24" height="24" border="0" alt="Prev"></a></td>
18 <td><a accesskey="u" href="intro.html"><img src="up.png" width="24" height="24" border="0" alt="Up"></a></td>
19 <td><a accesskey="h" href="index.html"><img src="home.png" width="24" height="24" border="0" alt="Home"></a></td>
20 <th width="100%" align="center">GnuTLS API Reference Manual</th>
21 <td><a accesskey="n" href="gnutls-pkcs12.html"><img src="right.png" width="24" height="24" border="0" alt="Next"></a></td>
23 <tr><td colspan="5" class="shortcuts">
24 <a href="#gnutls-pkcs11.synopsis" class="shortcut">Top</a>
26 <a href="#gnutls-pkcs11.description" class="shortcut">Description</a>
29 <div class="refentry">
30 <a name="gnutls-pkcs11"></a><div class="titlepage"></div>
31 <div class="refnamediv"><table width="100%"><tr>
33 <h2><span class="refentrytitle"><a name="gnutls-pkcs11.top_of_page"></a>pkcs11</span></h2>
36 <td valign="top" align="right"></td>
38 <div class="refsynopsisdiv">
39 <a name="gnutls-pkcs11.synopsis"></a><h2>Synopsis</h2>
40 <pre class="synopsis">#define <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-MAX-PIN-LEN:CAPS" title="GNUTLS_PKCS11_MAX_PIN_LEN">GNUTLS_PKCS11_MAX_PIN_LEN</a>
41 <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> (<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-token-callback-t" title="gnutls_pkcs11_token_callback_t ()">*gnutls_pkcs11_token_callback_t</a>) (<em class="parameter"><code><span class="type">void</span> *const global_data</code></em>,
42 <em class="parameter"><code>const <span class="type">char</span> *const label</code></em>,
43 <em class="parameter"><code>const unsigned <span class="type">retry</span> Param3</code></em>);
44 enum <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-pin-flag-t" title="enum gnutls_pkcs11_pin_flag_t">gnutls_pkcs11_pin_flag_t</a>;
45 <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> (<a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-pin-callback-t" title="gnutls_pkcs11_pin_callback_t ()">*gnutls_pkcs11_pin_callback_t</a>) (<em class="parameter"><code><span class="type">void</span> *userdata</code></em>,
46 <em class="parameter"><code><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> attempt</code></em>,
47 <em class="parameter"><code>const <span class="type">char</span> *token_url</code></em>,
48 <em class="parameter"><code>const <span class="type">char</span> *token_label</code></em>,
49 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> flags</code></em>);
50 struct <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-st" title="struct gnutls_pkcs11_obj_st">gnutls_pkcs11_obj_st</a>;
51 typedef <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t">gnutls_pkcs11_obj_t</a>;
52 #define <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-FLAG-MANUAL:CAPS" title="GNUTLS_PKCS11_FLAG_MANUAL">GNUTLS_PKCS11_FLAG_MANUAL</a>
53 #define <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-FLAG-AUTO:CAPS" title="GNUTLS_PKCS11_FLAG_AUTO">GNUTLS_PKCS11_FLAG_AUTO</a>
54 <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-init" title="gnutls_pkcs11_init ()">gnutls_pkcs11_init</a> (<em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> flags</code></em>,
55 <em class="parameter"><code>const <span class="type">char</span> *deprecated_config_file</code></em>);
56 <span class="returnvalue">void</span> <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-deinit" title="gnutls_pkcs11_deinit ()">gnutls_pkcs11_deinit</a> (<em class="parameter"><code><span class="type">void</span></code></em>);
57 <span class="returnvalue">void</span> <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-set-token-function" title="gnutls_pkcs11_set_token_function ()">gnutls_pkcs11_set_token_function</a> (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-token-callback-t" title="gnutls_pkcs11_token_callback_t ()"><span class="type">gnutls_pkcs11_token_callback_t</span></a> fn</code></em>,
58 <em class="parameter"><code><span class="type">void</span> *userdata</code></em>);
59 <span class="returnvalue">void</span> <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-set-pin-function" title="gnutls_pkcs11_set_pin_function ()">gnutls_pkcs11_set_pin_function</a> (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-pin-callback-t" title="gnutls_pkcs11_pin_callback_t ()"><span class="type">gnutls_pkcs11_pin_callback_t</span></a> fn</code></em>,
60 <em class="parameter"><code><span class="type">void</span> *userdata</code></em>);
61 <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-add-provider" title="gnutls_pkcs11_add_provider ()">gnutls_pkcs11_add_provider</a> (<em class="parameter"><code>const <span class="type">char</span> *name</code></em>,
62 <em class="parameter"><code>const <span class="type">char</span> *params</code></em>);
63 <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-init" title="gnutls_pkcs11_obj_init ()">gnutls_pkcs11_obj_init</a> (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> *obj</code></em>);
64 #define <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-LOGIN:CAPS" title="GNUTLS_PKCS11_OBJ_FLAG_LOGIN">GNUTLS_PKCS11_OBJ_FLAG_LOGIN</a>
65 #define <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-MARK-TRUSTED:CAPS" title="GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED">GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED</a>
66 #define <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-MARK-SENSITIVE:CAPS" title="GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE">GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE</a>
67 enum <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-url-type-t" title="enum gnutls_pkcs11_url_type_t">gnutls_pkcs11_url_type_t</a>;
68 <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-import-url" title="gnutls_pkcs11_obj_import_url ()">gnutls_pkcs11_obj_import_url</a> (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> Param1</code></em>,
69 <em class="parameter"><code>const <span class="type">char</span> *url</code></em>,
70 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> flags</code></em>);
71 <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-export-url" title="gnutls_pkcs11_obj_export_url ()">gnutls_pkcs11_obj_export_url</a> (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> obj</code></em>,
72 <em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-url-type-t" title="enum gnutls_pkcs11_url_type_t"><span class="type">gnutls_pkcs11_url_type_t</span></a> detailed</code></em>,
73 <em class="parameter"><code><span class="type">char</span> **url</code></em>);
74 <span class="returnvalue">void</span> <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-deinit" title="gnutls_pkcs11_obj_deinit ()">gnutls_pkcs11_obj_deinit</a> (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> obj</code></em>);
75 <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-export" title="gnutls_pkcs11_obj_export ()">gnutls_pkcs11_obj_export</a> (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> obj</code></em>,
76 <em class="parameter"><code><span class="type">void</span> *output_data</code></em>,
77 <em class="parameter"><code><span class="type">size_t</span> *output_data_size</code></em>);
78 <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-copy-x509-crt" title="gnutls_pkcs11_copy_x509_crt ()">gnutls_pkcs11_copy_x509_crt</a> (<em class="parameter"><code>const <span class="type">char</span> *token_url</code></em>,
79 <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>,
80 <em class="parameter"><code>const <span class="type">char</span> *label</code></em>,
81 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> flags</code></em>);
82 <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-copy-x509-privkey" title="gnutls_pkcs11_copy_x509_privkey ()">gnutls_pkcs11_copy_x509_privkey</a> (<em class="parameter"><code>const <span class="type">char</span> *token_url</code></em>,
83 <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>,
84 <em class="parameter"><code>const <span class="type">char</span> *label</code></em>,
85 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> key_usage</code></em>,
86 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> flags</code></em>);
87 <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-delete-url" title="gnutls_pkcs11_delete_url ()">gnutls_pkcs11_delete_url</a> (<em class="parameter"><code>const <span class="type">char</span> *object_url</code></em>,
88 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> flags</code></em>);
89 <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-copy-secret-key" title="gnutls_pkcs11_copy_secret_key ()">gnutls_pkcs11_copy_secret_key</a> (<em class="parameter"><code>const <span class="type">char</span> *token_url</code></em>,
90 <em class="parameter"><code><span class="type">gnutls_datum_t</span> *key</code></em>,
91 <em class="parameter"><code>const <span class="type">char</span> *label</code></em>,
92 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> key_usage</code></em>,
93 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> flags</code></em>);
94 enum <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-info-t" title="enum gnutls_pkcs11_obj_info_t">gnutls_pkcs11_obj_info_t</a>;
95 <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-get-info" title="gnutls_pkcs11_obj_get_info ()">gnutls_pkcs11_obj_get_info</a> (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> crt</code></em>,
96 <em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-info-t" title="enum gnutls_pkcs11_obj_info_t"><span class="type">gnutls_pkcs11_obj_info_t</span></a> itype</code></em>,
97 <em class="parameter"><code><span class="type">void</span> *output</code></em>,
98 <em class="parameter"><code><span class="type">size_t</span> *output_size</code></em>);
99 enum <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-attr-t" title="enum gnutls_pkcs11_obj_attr_t">gnutls_pkcs11_obj_attr_t</a>;
100 enum <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-token-info-t" title="enum gnutls_pkcs11_token_info_t">gnutls_pkcs11_token_info_t</a>;
101 enum <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-type-t" title="enum gnutls_pkcs11_obj_type_t">gnutls_pkcs11_obj_type_t</a>;
102 <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-token-init" title="gnutls_pkcs11_token_init ()">gnutls_pkcs11_token_init</a> (<em class="parameter"><code>const <span class="type">char</span> *token_url</code></em>,
103 <em class="parameter"><code>const <span class="type">char</span> *so_pin</code></em>,
104 <em class="parameter"><code>const <span class="type">char</span> *label</code></em>);
105 <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-token-get-mechanism" title="gnutls_pkcs11_token_get_mechanism ()">gnutls_pkcs11_token_get_mechanism</a> (<em class="parameter"><code>const <span class="type">char</span> *url</code></em>,
106 <em class="parameter"><code><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> idx</code></em>,
107 <em class="parameter"><code>unsigned <span class="type">long</span> *mechanism</code></em>);
108 <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-token-set-pin" title="gnutls_pkcs11_token_set_pin ()">gnutls_pkcs11_token_set_pin</a> (<em class="parameter"><code>const <span class="type">char</span> *token_url</code></em>,
109 <em class="parameter"><code>const <span class="type">char</span> *oldpin</code></em>,
110 <em class="parameter"><code>const <span class="type">char</span> *newpin</code></em>,
111 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> flags</code></em>);
112 <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-token-get-url" title="gnutls_pkcs11_token_get_url ()">gnutls_pkcs11_token_get_url</a> (<em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> seq</code></em>,
113 <em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-url-type-t" title="enum gnutls_pkcs11_url_type_t"><span class="type">gnutls_pkcs11_url_type_t</span></a> detailed</code></em>,
114 <em class="parameter"><code><span class="type">char</span> **url</code></em>);
115 <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-token-get-info" title="gnutls_pkcs11_token_get_info ()">gnutls_pkcs11_token_get_info</a> (<em class="parameter"><code>const <span class="type">char</span> *url</code></em>,
116 <em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-token-info-t" title="enum gnutls_pkcs11_token_info_t"><span class="type">gnutls_pkcs11_token_info_t</span></a> ttype</code></em>,
117 <em class="parameter"><code><span class="type">void</span> *output</code></em>,
118 <em class="parameter"><code><span class="type">size_t</span> *output_size</code></em>);
119 #define <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-TOKEN-HW:CAPS" title="GNUTLS_PKCS11_TOKEN_HW">GNUTLS_PKCS11_TOKEN_HW</a>
120 <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-token-get-flags" title="gnutls_pkcs11_token_get_flags ()">gnutls_pkcs11_token_get_flags</a> (<em class="parameter"><code>const <span class="type">char</span> *url</code></em>,
121 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> *flags</code></em>);
122 <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-list-import-url" title="gnutls_pkcs11_obj_list_import_url ()">gnutls_pkcs11_obj_list_import_url</a> (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> *p_list</code></em>,
123 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> *const n_list</code></em>,
124 <em class="parameter"><code>const <span class="type">char</span> *url</code></em>,
125 <em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-attr-t" title="enum gnutls_pkcs11_obj_attr_t"><span class="type">gnutls_pkcs11_obj_attr_t</span></a> attrs</code></em>,
126 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> flags</code></em>);
127 <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-pkcs11.html#gnutls-x509-crt-import-pkcs11" title="gnutls_x509_crt_import_pkcs11 ()">gnutls_x509_crt_import_pkcs11</a> (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>,
128 <em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> pkcs11_crt</code></em>);
129 <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-pkcs11.html#gnutls-x509-crt-import-pkcs11-url" title="gnutls_x509_crt_import_pkcs11_url ()">gnutls_x509_crt_import_pkcs11_url</a> (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>,
130 <em class="parameter"><code>const <span class="type">char</span> *url</code></em>,
131 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> flags</code></em>);
132 <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-type-t" title="enum gnutls_pkcs11_obj_type_t"><span class="returnvalue">gnutls_pkcs11_obj_type_t</span></a> <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-get-type" title="gnutls_pkcs11_obj_get_type ()">gnutls_pkcs11_obj_get_type</a> (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> certificate</code></em>);
133 const <span class="returnvalue">char</span> * <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-type-get-name" title="gnutls_pkcs11_type_get_name ()">gnutls_pkcs11_type_get_name</a> (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-type-t" title="enum gnutls_pkcs11_obj_type_t"><span class="type">gnutls_pkcs11_obj_type_t</span></a> Param1</code></em>);
134 <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-pkcs11.html#gnutls-x509-crt-list-import-pkcs11" title="gnutls_x509_crt_list_import_pkcs11 ()">gnutls_x509_crt_list_import_pkcs11</a> (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> *certs</code></em>,
135 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> cert_max</code></em>,
136 <em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> * const objs</code></em>,
137 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> flags</code></em>);
138 <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-privkey-init" title="gnutls_pkcs11_privkey_init ()">gnutls_pkcs11_privkey_init</a> (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pkcs11-privkey-t" title="gnutls_pkcs11_privkey_t"><span class="type">gnutls_pkcs11_privkey_t</span></a> *key</code></em>);
139 <span class="returnvalue">void</span> <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-privkey-deinit" title="gnutls_pkcs11_privkey_deinit ()">gnutls_pkcs11_privkey_deinit</a> (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pkcs11-privkey-t" title="gnutls_pkcs11_privkey_t"><span class="type">gnutls_pkcs11_privkey_t</span></a> key</code></em>);
140 <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-privkey-get-pk-algorithm" title="gnutls_pkcs11_privkey_get_pk_algorithm ()">gnutls_pkcs11_privkey_get_pk_algorithm</a>
141 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pkcs11-privkey-t" title="gnutls_pkcs11_privkey_t"><span class="type">gnutls_pkcs11_privkey_t</span></a> key</code></em>,
142 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> *bits</code></em>);
143 <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-privkey-get-info" title="gnutls_pkcs11_privkey_get_info ()">gnutls_pkcs11_privkey_get_info</a> (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pkcs11-privkey-t" title="gnutls_pkcs11_privkey_t"><span class="type">gnutls_pkcs11_privkey_t</span></a> pkey</code></em>,
144 <em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-info-t" title="enum gnutls_pkcs11_obj_info_t"><span class="type">gnutls_pkcs11_obj_info_t</span></a> itype</code></em>,
145 <em class="parameter"><code><span class="type">void</span> *output</code></em>,
146 <em class="parameter"><code><span class="type">size_t</span> *output_size</code></em>);
147 <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-privkey-import-url" title="gnutls_pkcs11_privkey_import_url ()">gnutls_pkcs11_privkey_import_url</a> (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pkcs11-privkey-t" title="gnutls_pkcs11_privkey_t"><span class="type">gnutls_pkcs11_privkey_t</span></a> pkey</code></em>,
148 <em class="parameter"><code>const <span class="type">char</span> *url</code></em>,
149 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> flags</code></em>);
150 <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-privkey-export-url" title="gnutls_pkcs11_privkey_export_url ()">gnutls_pkcs11_privkey_export_url</a> (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pkcs11-privkey-t" title="gnutls_pkcs11_privkey_t"><span class="type">gnutls_pkcs11_privkey_t</span></a> key</code></em>,
151 <em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-url-type-t" title="enum gnutls_pkcs11_url_type_t"><span class="type">gnutls_pkcs11_url_type_t</span></a> detailed</code></em>,
152 <em class="parameter"><code><span class="type">char</span> **url</code></em>);
155 <div class="refsect1">
156 <a name="gnutls-pkcs11.description"></a><h2>Description</h2>
160 <div class="refsect1">
161 <a name="gnutls-pkcs11.details"></a><h2>Details</h2>
162 <div class="refsect2">
163 <a name="GNUTLS-PKCS11-MAX-PIN-LEN:CAPS"></a><h3>GNUTLS_PKCS11_MAX_PIN_LEN</h3>
164 <pre class="programlisting">#define GNUTLS_PKCS11_MAX_PIN_LEN 32
170 <div class="refsect2">
171 <a name="gnutls-pkcs11-token-callback-t"></a><h3>gnutls_pkcs11_token_callback_t ()</h3>
172 <pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> (*gnutls_pkcs11_token_callback_t) (<em class="parameter"><code><span class="type">void</span> *const global_data</code></em>,
173 <em class="parameter"><code>const <span class="type">char</span> *const label</code></em>,
174 <em class="parameter"><code>const unsigned <span class="type">retry</span> Param3</code></em>);</pre>
179 <div class="refsect2">
180 <a name="gnutls-pkcs11-pin-flag-t"></a><h3>enum gnutls_pkcs11_pin_flag_t</h3>
181 <pre class="programlisting">typedef enum {
182 GNUTLS_PKCS11_PIN_USER = (1 << 0),
183 GNUTLS_PKCS11_PIN_SO = (1 << 1),
184 GNUTLS_PKCS11_PIN_FINAL_TRY = (1 << 2),
185 GNUTLS_PKCS11_PIN_COUNT_LOW = (1 << 3),
186 GNUTLS_PKCS11_PIN_CONTEXT_SPECIFIC = (1 << 4),
187 GNUTLS_PKCS11_PIN_WRONG = (1 << 5),
188 } gnutls_pkcs11_pin_flag_t;
191 Enumeration of different PIN flags.
193 <div class="variablelist"><table border="0">
194 <col align="left" valign="top">
197 <td><p><a name="GNUTLS-PKCS11-PIN-USER:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_PIN_USER</code></span></p></td>
198 <td>The PIN for the user.
202 <td><p><a name="GNUTLS-PKCS11-PIN-SO:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_PIN_SO</code></span></p></td>
203 <td>The PIN for the security officer.
207 <td><p><a name="GNUTLS-PKCS11-PIN-FINAL-TRY:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_PIN_FINAL_TRY</code></span></p></td>
208 <td>This is the final try before blocking.
212 <td><p><a name="GNUTLS-PKCS11-PIN-COUNT-LOW:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_PIN_COUNT_LOW</code></span></p></td>
213 <td>Few tries remain before token blocks.
217 <td><p><a name="GNUTLS-PKCS11-PIN-CONTEXT-SPECIFIC:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_PIN_CONTEXT_SPECIFIC</code></span></p></td>
218 <td>The PIN is for a specific action and key like signing.
222 <td><p><a name="GNUTLS-PKCS11-PIN-WRONG:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_PIN_WRONG</code></span></p></td>
223 <td>Last given PIN was not correct.
230 <div class="refsect2">
231 <a name="gnutls-pkcs11-pin-callback-t"></a><h3>gnutls_pkcs11_pin_callback_t ()</h3>
232 <pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> (*gnutls_pkcs11_pin_callback_t) (<em class="parameter"><code><span class="type">void</span> *userdata</code></em>,
233 <em class="parameter"><code><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> attempt</code></em>,
234 <em class="parameter"><code>const <span class="type">char</span> *token_url</code></em>,
235 <em class="parameter"><code>const <span class="type">char</span> *token_label</code></em>,
236 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> flags</code></em>);</pre>
238 Callback function type for PKCS<span class="type">11</span> PIN entry. It is set by
239 <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-set-pin-function" title="gnutls_pkcs11_set_pin_function ()"><code class="function">gnutls_pkcs11_set_pin_function()</code></a>.
242 The callback should provides the PIN code to unlock the token with
243 label <em class="parameter"><code>token_label</code></em>, specified by the URL <em class="parameter"><code>token_url</code></em>.
246 The PIN code, as a NUL-terminated ASCII string, should be copied
247 into the <em class="parameter"><code>pin</code></em> buffer (of maximum size <em class="parameter"><code>pin_max</code></em>), and return 0 to
248 indicate success. Alternatively, the callback may return a
249 negative gnutls error code to indicate failure and cancel PIN entry
250 (in which case, the contents of the <em class="parameter"><code>pin</code></em> parameter are ignored).
253 When a PIN is required, the callback will be invoked repeatedly
254 (and indefinitely) until either the returned PIN code is correct,
255 the callback returns failure, or the token refuses login (e.g. when
256 the token is locked due to too many incorrect PINs!). For the
257 first such invocation, the <em class="parameter"><code>attempt</code></em> counter will have value zero;
258 it will increase by one for each subsequent attempt.
260 <div class="variablelist"><table border="0">
261 <col align="left" valign="top">
264 <td><p><span class="term"><em class="parameter"><code>userdata</code></em> :</span></p></td>
265 <td>user-controlled data from <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-set-pin-function" title="gnutls_pkcs11_set_pin_function ()"><code class="function">gnutls_pkcs11_set_pin_function()</code></a>.</td>
268 <td><p><span class="term"><em class="parameter"><code>attempt</code></em> :</span></p></td>
269 <td>pin-attempt counter, initially 0.</td>
272 <td><p><span class="term"><em class="parameter"><code>token_url</code></em> :</span></p></td>
276 <td><p><span class="term"><em class="parameter"><code>token_label</code></em> :</span></p></td>
277 <td>label of PKCS11 token.</td>
280 <td><p><span class="term"><em class="parameter"><code>flags</code></em> :</span></p></td>
281 <td>a <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-pin-flag-t" title="enum gnutls_pkcs11_pin_flag_t"><span class="type">gnutls_pkcs11_pin_flag_t</span></a> flag.</td>
284 <td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
286 <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) on success or a negative error code on error.</td>
290 <p class="since">Since 2.12.0</p>
293 <div class="refsect2">
294 <a name="gnutls-pkcs11-obj-st"></a><h3>struct gnutls_pkcs11_obj_st</h3>
295 <pre class="programlisting">struct gnutls_pkcs11_obj_st;</pre>
300 <div class="refsect2">
301 <a name="gnutls-pkcs11-obj-t"></a><h3>gnutls_pkcs11_obj_t</h3>
302 <pre class="programlisting">typedef struct gnutls_pkcs11_obj_st *gnutls_pkcs11_obj_t;
308 <div class="refsect2">
309 <a name="GNUTLS-PKCS11-FLAG-MANUAL:CAPS"></a><h3>GNUTLS_PKCS11_FLAG_MANUAL</h3>
310 <pre class="programlisting">#define GNUTLS_PKCS11_FLAG_MANUAL 0 /* Manual loading of libraries */
316 <div class="refsect2">
317 <a name="GNUTLS-PKCS11-FLAG-AUTO:CAPS"></a><h3>GNUTLS_PKCS11_FLAG_AUTO</h3>
318 <pre class="programlisting">#define GNUTLS_PKCS11_FLAG_AUTO 1 /* Automatically load libraries by reading /etc/gnutls/pkcs11.conf */
324 <div class="refsect2">
325 <a name="gnutls-pkcs11-init"></a><h3>gnutls_pkcs11_init ()</h3>
326 <pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_pkcs11_init (<em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> flags</code></em>,
327 <em class="parameter"><code>const <span class="type">char</span> *deprecated_config_file</code></em>);</pre>
329 This function will initialize the PKCS 11 subsystem in gnutls. It will
330 read configuration files if <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-FLAG-AUTO:CAPS" title="GNUTLS_PKCS11_FLAG_AUTO"><code class="literal">GNUTLS_PKCS11_FLAG_AUTO</code></a> is used or allow
331 you to independently load PKCS 11 modules using <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-add-provider" title="gnutls_pkcs11_add_provider ()"><code class="function">gnutls_pkcs11_add_provider()</code></a>
332 if <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-FLAG-MANUAL:CAPS" title="GNUTLS_PKCS11_FLAG_MANUAL"><code class="literal">GNUTLS_PKCS11_FLAG_MANUAL</code></a> is specified.
335 Using a custom configfile is deprecated and will not be supported in future
339 Normally you don't need to call this function since it is being called
340 by <a class="link" href="gnutls-gnutls.html#gnutls-global-init" title="gnutls_global_init ()"><code class="function">gnutls_global_init()</code></a> using the <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-FLAG-AUTO:CAPS" title="GNUTLS_PKCS11_FLAG_AUTO"><code class="literal">GNUTLS_PKCS11_FLAG_AUTO</code></a>. If you need to
341 call this function, you must call it before <a class="link" href="gnutls-gnutls.html#gnutls-global-init" title="gnutls_global_init ()"><code class="function">gnutls_global_init()</code></a>.
343 <div class="variablelist"><table border="0">
344 <col align="left" valign="top">
347 <td><p><span class="term"><em class="parameter"><code>flags</code></em> :</span></p></td>
349 <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-FLAG-MANUAL:CAPS" title="GNUTLS_PKCS11_FLAG_MANUAL"><code class="literal">GNUTLS_PKCS11_FLAG_MANUAL</code></a> or <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-FLAG-AUTO:CAPS" title="GNUTLS_PKCS11_FLAG_AUTO"><code class="literal">GNUTLS_PKCS11_FLAG_AUTO</code></a>
353 <td><p><span class="term"><em class="parameter"><code>deprecated_config_file</code></em> :</span></p></td>
354 <td>either NULL or the location of a deprecated
355 configuration file</td>
358 <td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
359 <td>On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> is returned, otherwise a
360 negative error value.</td>
366 <div class="refsect2">
367 <a name="gnutls-pkcs11-deinit"></a><h3>gnutls_pkcs11_deinit ()</h3>
368 <pre class="programlisting"><span class="returnvalue">void</span> gnutls_pkcs11_deinit (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
370 This function will deinitialize the PKCS 11 subsystem in gnutls.
374 <div class="refsect2">
375 <a name="gnutls-pkcs11-set-token-function"></a><h3>gnutls_pkcs11_set_token_function ()</h3>
376 <pre class="programlisting"><span class="returnvalue">void</span> gnutls_pkcs11_set_token_function (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-token-callback-t" title="gnutls_pkcs11_token_callback_t ()"><span class="type">gnutls_pkcs11_token_callback_t</span></a> fn</code></em>,
377 <em class="parameter"><code><span class="type">void</span> *userdata</code></em>);</pre>
379 This function will set a callback function to be used when a token
380 needs to be inserted to continue PKCS 11 operations.
382 <div class="variablelist"><table border="0">
383 <col align="left" valign="top">
386 <td><p><span class="term"><em class="parameter"><code>fn</code></em> :</span></p></td>
387 <td>The token callback</td>
390 <td><p><span class="term"><em class="parameter"><code>userdata</code></em> :</span></p></td>
391 <td>data to be supplied to callback</td>
397 <div class="refsect2">
398 <a name="gnutls-pkcs11-set-pin-function"></a><h3>gnutls_pkcs11_set_pin_function ()</h3>
399 <pre class="programlisting"><span class="returnvalue">void</span> gnutls_pkcs11_set_pin_function (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-pin-callback-t" title="gnutls_pkcs11_pin_callback_t ()"><span class="type">gnutls_pkcs11_pin_callback_t</span></a> fn</code></em>,
400 <em class="parameter"><code><span class="type">void</span> *userdata</code></em>);</pre>
402 This function will set a callback function to be used when a PIN
403 is required for PKCS 11 operations.
406 Callback for PKCS<span class="type">11</span> PIN entry. The callback provides the PIN code
407 to unlock the token with label 'token_label', specified by the URL
411 The PIN code, as a NUL-terminated ASCII string, should be copied
412 into the 'pin' buffer (of maximum size pin_max), and
413 return 0 to indicate success. Alternatively, the callback may
414 return a negative gnutls error code to indicate failure and cancel
415 PIN entry (in which case, the contents of the 'pin' parameter are ignored).
418 When a PIN is required, the callback will be invoked repeatedly
419 (and indefinitely) until either the returned PIN code is correct,
420 the callback returns failure, or the token refuses login (e.g. when
421 the token is locked due to too many incorrect PINs!). For the
422 first such invocation, the 'attempt' counter will have value zero;
423 it will increase by one for each subsequent attempt.
425 <div class="variablelist"><table border="0">
426 <col align="left" valign="top">
429 <td><p><span class="term"><em class="parameter"><code>fn</code></em> :</span></p></td>
430 <td>The PIN callback</td>
433 <td><p><span class="term"><em class="parameter"><code>userdata</code></em> :</span></p></td>
434 <td>data to be supplied to callback</td>
440 <div class="refsect2">
441 <a name="gnutls-pkcs11-add-provider"></a><h3>gnutls_pkcs11_add_provider ()</h3>
442 <pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_pkcs11_add_provider (<em class="parameter"><code>const <span class="type">char</span> *name</code></em>,
443 <em class="parameter"><code>const <span class="type">char</span> *params</code></em>);</pre>
445 This function will load and add a PKCS 11 module to the module
446 list used in gnutls. After this function is called the module will
447 be used for PKCS 11 operations.
449 <div class="variablelist"><table border="0">
450 <col align="left" valign="top">
453 <td><p><span class="term"><em class="parameter"><code>name</code></em> :</span></p></td>
454 <td>The filename of the module</td>
457 <td><p><span class="term"><em class="parameter"><code>params</code></em> :</span></p></td>
458 <td>should be NULL</td>
461 <td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
462 <td>On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> is returned, otherwise a
463 negative error value.</td>
469 <div class="refsect2">
470 <a name="gnutls-pkcs11-obj-init"></a><h3>gnutls_pkcs11_obj_init ()</h3>
471 <pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_pkcs11_obj_init (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> *obj</code></em>);</pre>
473 This function will initialize a pkcs11 certificate structure.
475 <div class="variablelist"><table border="0">
476 <col align="left" valign="top">
479 <td><p><span class="term"><em class="parameter"><code>obj</code></em> :</span></p></td>
480 <td>The structure to be initialized</td>
483 <td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
484 <td>On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> is returned, otherwise a
485 negative error value.</td>
491 <div class="refsect2">
492 <a name="GNUTLS-PKCS11-OBJ-FLAG-LOGIN:CAPS"></a><h3>GNUTLS_PKCS11_OBJ_FLAG_LOGIN</h3>
493 <pre class="programlisting">#define GNUTLS_PKCS11_OBJ_FLAG_LOGIN (1<<0) /* force login in the token for the operation */
499 <div class="refsect2">
500 <a name="GNUTLS-PKCS11-OBJ-FLAG-MARK-TRUSTED:CAPS"></a><h3>GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED</h3>
501 <pre class="programlisting">#define GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED (1<<1) /* object marked as trusted */
507 <div class="refsect2">
508 <a name="GNUTLS-PKCS11-OBJ-FLAG-MARK-SENSITIVE:CAPS"></a><h3>GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE</h3>
509 <pre class="programlisting">#define GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE (1<<2) /* object marked as sensitive (unexportable) */
515 <div class="refsect2">
516 <a name="gnutls-pkcs11-url-type-t"></a><h3>enum gnutls_pkcs11_url_type_t</h3>
517 <pre class="programlisting">typedef enum {
518 GNUTLS_PKCS11_URL_GENERIC, /* URL specifies the object on token level */
519 GNUTLS_PKCS11_URL_LIB, /* URL specifies the object on module level */
520 GNUTLS_PKCS11_URL_LIB_VERSION /* URL specifies the object on module and version level */
521 } gnutls_pkcs11_url_type_t;
524 Enumeration of different URL extraction flags.
526 <div class="variablelist"><table border="0">
527 <col align="left" valign="top">
530 <td><p><a name="GNUTLS-PKCS11-URL-GENERIC:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_URL_GENERIC</code></span></p></td>
531 <td>A generic-purpose URL.
535 <td><p><a name="GNUTLS-PKCS11-URL-LIB:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_URL_LIB</code></span></p></td>
536 <td>A URL that specifies the library used as well.
540 <td><p><a name="GNUTLS-PKCS11-URL-LIB-VERSION:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_URL_LIB_VERSION</code></span></p></td>
541 <td>A URL that specifies the library and its version.
548 <div class="refsect2">
549 <a name="gnutls-pkcs11-obj-import-url"></a><h3>gnutls_pkcs11_obj_import_url ()</h3>
550 <pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_pkcs11_obj_import_url (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> Param1</code></em>,
551 <em class="parameter"><code>const <span class="type">char</span> *url</code></em>,
552 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> flags</code></em>);</pre>
557 <div class="refsect2">
558 <a name="gnutls-pkcs11-obj-export-url"></a><h3>gnutls_pkcs11_obj_export_url ()</h3>
559 <pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_pkcs11_obj_export_url (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> obj</code></em>,
560 <em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-url-type-t" title="enum gnutls_pkcs11_url_type_t"><span class="type">gnutls_pkcs11_url_type_t</span></a> detailed</code></em>,
561 <em class="parameter"><code><span class="type">char</span> **url</code></em>);</pre>
563 This function will export a URL identifying the given certificate.
565 <div class="variablelist"><table border="0">
566 <col align="left" valign="top">
569 <td><p><span class="term"><em class="parameter"><code>obj</code></em> :</span></p></td>
570 <td>Holds the PKCS 11 certificate</td>
573 <td><p><span class="term"><em class="parameter"><code>detailed</code></em> :</span></p></td>
574 <td>non zero if a detailed URL is required</td>
577 <td><p><span class="term"><em class="parameter"><code>url</code></em> :</span></p></td>
578 <td>will contain an allocated url</td>
581 <td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
582 <td>On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> is returned, otherwise a
583 negative error value.</td>
589 <div class="refsect2">
590 <a name="gnutls-pkcs11-obj-deinit"></a><h3>gnutls_pkcs11_obj_deinit ()</h3>
591 <pre class="programlisting"><span class="returnvalue">void</span> gnutls_pkcs11_obj_deinit (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> obj</code></em>);</pre>
593 This function will deinitialize a certificate structure.
595 <div class="variablelist"><table border="0">
596 <col align="left" valign="top">
598 <td><p><span class="term"><em class="parameter"><code>obj</code></em> :</span></p></td>
599 <td>The structure to be initialized</td>
604 <div class="refsect2">
605 <a name="gnutls-pkcs11-obj-export"></a><h3>gnutls_pkcs11_obj_export ()</h3>
606 <pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_pkcs11_obj_export (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> obj</code></em>,
607 <em class="parameter"><code><span class="type">void</span> *output_data</code></em>,
608 <em class="parameter"><code><span class="type">size_t</span> *output_data_size</code></em>);</pre>
610 This function will export the pkcs11 object data. It is normal
611 for PKCS <span class="type">11</span> data to be inaccesible and in that case <a class="link" href="gnutls-gnutls.html#GNUTLS-E-INVALID-REQUEST:CAPS" title="GNUTLS_E_INVALID_REQUEST"><code class="literal">GNUTLS_E_INVALID_REQUEST</code></a>
615 If the buffer provided is not long enough to hold the output, then
616 *output_data_size is updated and GNUTLS_E_SHORT_MEMORY_BUFFER will
620 If the structure is PEM encoded, it will have a header
621 of "BEGIN CERTIFICATE".
623 <div class="variablelist"><table border="0">
624 <col align="left" valign="top">
627 <td><p><span class="term"><em class="parameter"><code>obj</code></em> :</span></p></td>
628 <td>Holds the object</td>
631 <td><p><span class="term"><em class="parameter"><code>output_data</code></em> :</span></p></td>
632 <td>will contain a certificate PEM or DER encoded</td>
635 <td><p><span class="term"><em class="parameter"><code>output_data_size</code></em> :</span></p></td>
636 <td>holds the size of output_data (and will be
637 replaced by the actual size of parameters)</td>
640 <td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
641 <td>In case of failure a negative value will be
642 returned, and 0 on success.</td>
648 <div class="refsect2">
649 <a name="gnutls-pkcs11-copy-x509-crt"></a><h3>gnutls_pkcs11_copy_x509_crt ()</h3>
650 <pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_pkcs11_copy_x509_crt (<em class="parameter"><code>const <span class="type">char</span> *token_url</code></em>,
651 <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>,
652 <em class="parameter"><code>const <span class="type">char</span> *label</code></em>,
653 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> flags</code></em>);</pre>
655 This function will copy a certificate into a PKCS <span class="type">11</span> token specified by
656 a URL. The certificate can be marked as trusted or not.
658 <div class="variablelist"><table border="0">
659 <col align="left" valign="top">
662 <td><p><span class="term"><em class="parameter"><code>token_url</code></em> :</span></p></td>
663 <td>A PKCS <span class="type">11</span> URL specifying a token</td>
666 <td><p><span class="term"><em class="parameter"><code>crt</code></em> :</span></p></td>
667 <td>A certificate</td>
670 <td><p><span class="term"><em class="parameter"><code>label</code></em> :</span></p></td>
671 <td>A name to be used for the stored data</td>
674 <td><p><span class="term"><em class="parameter"><code>flags</code></em> :</span></p></td>
675 <td>One of GNUTLS_PKCS11_OBJ_FLAG_*</td>
678 <td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
679 <td>On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> is returned, otherwise a
680 negative error value.</td>
686 <div class="refsect2">
687 <a name="gnutls-pkcs11-copy-x509-privkey"></a><h3>gnutls_pkcs11_copy_x509_privkey ()</h3>
688 <pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_pkcs11_copy_x509_privkey (<em class="parameter"><code>const <span class="type">char</span> *token_url</code></em>,
689 <em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-privkey-t" title="gnutls_x509_privkey_t"><span class="type">gnutls_x509_privkey_t</span></a> key</code></em>,
690 <em class="parameter"><code>const <span class="type">char</span> *label</code></em>,
691 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> key_usage</code></em>,
692 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> flags</code></em>);</pre>
694 This function will copy a private key into a PKCS <span class="type">11</span> token specified by
695 a URL. It is highly recommended flags to contain <a class="link" href="gnutls-pkcs11.html#GNUTLS-PKCS11-OBJ-FLAG-MARK-SENSITIVE:CAPS" title="GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE"><code class="literal">GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE</code></a>
696 unless there is a strong reason not to.
698 <div class="variablelist"><table border="0">
699 <col align="left" valign="top">
702 <td><p><span class="term"><em class="parameter"><code>token_url</code></em> :</span></p></td>
703 <td>A PKCS <span class="type">11</span> URL specifying a token</td>
706 <td><p><span class="term"><em class="parameter"><code>key</code></em> :</span></p></td>
707 <td>A private key</td>
710 <td><p><span class="term"><em class="parameter"><code>label</code></em> :</span></p></td>
711 <td>A name to be used for the stored data</td>
714 <td><p><span class="term"><em class="parameter"><code>key_usage</code></em> :</span></p></td>
715 <td>One of GNUTLS_KEY_*</td>
718 <td><p><span class="term"><em class="parameter"><code>flags</code></em> :</span></p></td>
719 <td>One of GNUTLS_PKCS11_OBJ_* flags</td>
722 <td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
723 <td>On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> is returned, otherwise a
724 negative error value.</td>
730 <div class="refsect2">
731 <a name="gnutls-pkcs11-delete-url"></a><h3>gnutls_pkcs11_delete_url ()</h3>
732 <pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_pkcs11_delete_url (<em class="parameter"><code>const <span class="type">char</span> *object_url</code></em>,
733 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> flags</code></em>);</pre>
735 This function will delete objects matching the given URL.
737 <div class="variablelist"><table border="0">
738 <col align="left" valign="top">
741 <td><p><span class="term"><em class="parameter"><code>object_url</code></em> :</span></p></td>
742 <td>The URL of the object to delete.</td>
745 <td><p><span class="term"><em class="parameter"><code>flags</code></em> :</span></p></td>
746 <td>One of GNUTLS_PKCS11_OBJ_* flags</td>
749 <td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
750 <td>On success, the number of objects deleted is returned, otherwise a
751 negative error value.</td>
757 <div class="refsect2">
758 <a name="gnutls-pkcs11-copy-secret-key"></a><h3>gnutls_pkcs11_copy_secret_key ()</h3>
759 <pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_pkcs11_copy_secret_key (<em class="parameter"><code>const <span class="type">char</span> *token_url</code></em>,
760 <em class="parameter"><code><span class="type">gnutls_datum_t</span> *key</code></em>,
761 <em class="parameter"><code>const <span class="type">char</span> *label</code></em>,
762 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> key_usage</code></em>,
763 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> flags</code></em>);</pre>
765 This function will copy a raw secret (symmetric) key into a PKCS <span class="type">11</span>
766 token specified by a URL. The key can be marked as sensitive or not.
768 <div class="variablelist"><table border="0">
769 <col align="left" valign="top">
772 <td><p><span class="term"><em class="parameter"><code>token_url</code></em> :</span></p></td>
773 <td>A PKCS <span class="type">11</span> URL specifying a token</td>
776 <td><p><span class="term"><em class="parameter"><code>key</code></em> :</span></p></td>
780 <td><p><span class="term"><em class="parameter"><code>label</code></em> :</span></p></td>
781 <td>A name to be used for the stored data</td>
784 <td><p><span class="term"><em class="parameter"><code>key_usage</code></em> :</span></p></td>
785 <td>One of GNUTLS_KEY_*</td>
788 <td><p><span class="term"><em class="parameter"><code>flags</code></em> :</span></p></td>
789 <td>One of GNUTLS_PKCS11_OBJ_FLAG_*</td>
792 <td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
793 <td>On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> is returned, otherwise a
794 negative error value.</td>
800 <div class="refsect2">
801 <a name="gnutls-pkcs11-obj-info-t"></a><h3>enum gnutls_pkcs11_obj_info_t</h3>
802 <pre class="programlisting">typedef enum {
803 GNUTLS_PKCS11_OBJ_ID_HEX = 1,
804 GNUTLS_PKCS11_OBJ_LABEL,
805 GNUTLS_PKCS11_OBJ_TOKEN_LABEL,
806 GNUTLS_PKCS11_OBJ_TOKEN_SERIAL,
807 GNUTLS_PKCS11_OBJ_TOKEN_MANUFACTURER,
808 GNUTLS_PKCS11_OBJ_TOKEN_MODEL,
809 GNUTLS_PKCS11_OBJ_ID,
810 /* the pkcs11 provider library info */
811 GNUTLS_PKCS11_OBJ_LIBRARY_VERSION,
812 GNUTLS_PKCS11_OBJ_LIBRARY_DESCRIPTION,
813 GNUTLS_PKCS11_OBJ_LIBRARY_MANUFACTURER
814 } gnutls_pkcs11_obj_info_t;
817 Enumeration of several object information types.
819 <div class="variablelist"><table border="0">
820 <col align="left" valign="top">
823 <td><p><a name="GNUTLS-PKCS11-OBJ-ID-HEX:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_OBJ_ID_HEX</code></span></p></td>
824 <td>The object ID in hex.
828 <td><p><a name="GNUTLS-PKCS11-OBJ-LABEL:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_OBJ_LABEL</code></span></p></td>
829 <td>The object label.
833 <td><p><a name="GNUTLS-PKCS11-OBJ-TOKEN-LABEL:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_OBJ_TOKEN_LABEL</code></span></p></td>
834 <td>The token's label.
838 <td><p><a name="GNUTLS-PKCS11-OBJ-TOKEN-SERIAL:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_OBJ_TOKEN_SERIAL</code></span></p></td>
839 <td>The token's serial number.
843 <td><p><a name="GNUTLS-PKCS11-OBJ-TOKEN-MANUFACTURER:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_OBJ_TOKEN_MANUFACTURER</code></span></p></td>
844 <td>The token's manufacturer.
848 <td><p><a name="GNUTLS-PKCS11-OBJ-TOKEN-MODEL:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_OBJ_TOKEN_MODEL</code></span></p></td>
849 <td>The token's model.
853 <td><p><a name="GNUTLS-PKCS11-OBJ-ID:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_OBJ_ID</code></span></p></td>
858 <td><p><a name="GNUTLS-PKCS11-OBJ-LIBRARY-VERSION:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_OBJ_LIBRARY_VERSION</code></span></p></td>
859 <td>The library's used to access the object version.
863 <td><p><a name="GNUTLS-PKCS11-OBJ-LIBRARY-DESCRIPTION:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_OBJ_LIBRARY_DESCRIPTION</code></span></p></td>
864 <td>The library's used to access the object description (name).
868 <td><p><a name="GNUTLS-PKCS11-OBJ-LIBRARY-MANUFACTURER:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_OBJ_LIBRARY_MANUFACTURER</code></span></p></td>
869 <td>The library's used to access the object manufacturer name.
876 <div class="refsect2">
877 <a name="gnutls-pkcs11-obj-get-info"></a><h3>gnutls_pkcs11_obj_get_info ()</h3>
878 <pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_pkcs11_obj_get_info (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> crt</code></em>,
879 <em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-info-t" title="enum gnutls_pkcs11_obj_info_t"><span class="type">gnutls_pkcs11_obj_info_t</span></a> itype</code></em>,
880 <em class="parameter"><code><span class="type">void</span> *output</code></em>,
881 <em class="parameter"><code><span class="type">size_t</span> *output_size</code></em>);</pre>
883 This function will return information about the PKCS 11 certificatesuch
884 as the label, id as well as token information where the key is stored. When
885 output is text it returns null terminated string although <code class="literal">output_size</code> contains
886 the size of the actual data only.
888 <div class="variablelist"><table border="0">
889 <col align="left" valign="top">
892 <td><p><span class="term"><em class="parameter"><code>crt</code></em> :</span></p></td>
893 <td>should contain a <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> structure</td>
896 <td><p><span class="term"><em class="parameter"><code>itype</code></em> :</span></p></td>
897 <td>Denotes the type of information requested</td>
900 <td><p><span class="term"><em class="parameter"><code>output</code></em> :</span></p></td>
901 <td>where output will be stored</td>
904 <td><p><span class="term"><em class="parameter"><code>output_size</code></em> :</span></p></td>
905 <td>contains the maximum size of the output and will be overwritten with actual</td>
908 <td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
909 <td>zero on success or a negative value on error.</td>
915 <div class="refsect2">
916 <a name="gnutls-pkcs11-obj-attr-t"></a><h3>enum gnutls_pkcs11_obj_attr_t</h3>
917 <pre class="programlisting">typedef enum {
918 GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL = 1, /* all certificates */
919 GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED, /* certificates marked as trusted */
920 GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY, /* certificates with corresponding private key */
921 GNUTLS_PKCS11_OBJ_ATTR_PUBKEY, /* public keys */
922 GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY, /* private keys */
923 GNUTLS_PKCS11_OBJ_ATTR_ALL /* everything! */
924 } gnutls_pkcs11_obj_attr_t;
927 Enumeration of several attributes for object enumeration.
929 <div class="variablelist"><table border="0">
930 <col align="left" valign="top">
933 <td><p><a name="GNUTLS-PKCS11-OBJ-ATTR-CRT-ALL:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_OBJ_ATTR_CRT_ALL</code></span></p></td>
934 <td>Specify all certificates.
938 <td><p><a name="GNUTLS-PKCS11-OBJ-ATTR-CRT-TRUSTED:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED</code></span></p></td>
939 <td>Specify all certificates marked as trusted.
943 <td><p><a name="GNUTLS-PKCS11-OBJ-ATTR-CRT-WITH-PRIVKEY:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY</code></span></p></td>
944 <td>Specify all certificates with a corresponding private key.
948 <td><p><a name="GNUTLS-PKCS11-OBJ-ATTR-PUBKEY:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_OBJ_ATTR_PUBKEY</code></span></p></td>
949 <td>Specify all public keys.
953 <td><p><a name="GNUTLS-PKCS11-OBJ-ATTR-PRIVKEY:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY</code></span></p></td>
954 <td>Specify all private keys.
958 <td><p><a name="GNUTLS-PKCS11-OBJ-ATTR-ALL:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_OBJ_ATTR_ALL</code></span></p></td>
959 <td>Specify all objects.
966 <div class="refsect2">
967 <a name="gnutls-pkcs11-token-info-t"></a><h3>enum gnutls_pkcs11_token_info_t</h3>
968 <pre class="programlisting">typedef enum {
969 GNUTLS_PKCS11_TOKEN_LABEL,
970 GNUTLS_PKCS11_TOKEN_SERIAL,
971 GNUTLS_PKCS11_TOKEN_MANUFACTURER,
972 GNUTLS_PKCS11_TOKEN_MODEL
973 } gnutls_pkcs11_token_info_t;
976 Enumeration of types for retrieving token information.
978 <div class="variablelist"><table border="0">
979 <col align="left" valign="top">
982 <td><p><a name="GNUTLS-PKCS11-TOKEN-LABEL:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_TOKEN_LABEL</code></span></p></td>
983 <td>The token's label
987 <td><p><a name="GNUTLS-PKCS11-TOKEN-SERIAL:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_TOKEN_SERIAL</code></span></p></td>
988 <td>The token's serial number
992 <td><p><a name="GNUTLS-PKCS11-TOKEN-MANUFACTURER:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_TOKEN_MANUFACTURER</code></span></p></td>
993 <td>The token's manufacturer
997 <td><p><a name="GNUTLS-PKCS11-TOKEN-MODEL:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_TOKEN_MODEL</code></span></p></td>
998 <td>The token's model
1005 <div class="refsect2">
1006 <a name="gnutls-pkcs11-obj-type-t"></a><h3>enum gnutls_pkcs11_obj_type_t</h3>
1007 <pre class="programlisting">typedef enum {
1008 GNUTLS_PKCS11_OBJ_UNKNOWN,
1009 GNUTLS_PKCS11_OBJ_X509_CRT,
1010 GNUTLS_PKCS11_OBJ_PUBKEY,
1011 GNUTLS_PKCS11_OBJ_PRIVKEY,
1012 GNUTLS_PKCS11_OBJ_SECRET_KEY,
1013 GNUTLS_PKCS11_OBJ_DATA
1014 } gnutls_pkcs11_obj_type_t;
1017 Enumeration of object types.
1019 <div class="variablelist"><table border="0">
1020 <col align="left" valign="top">
1023 <td><p><a name="GNUTLS-PKCS11-OBJ-UNKNOWN:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_OBJ_UNKNOWN</code></span></p></td>
1024 <td>Unknown PKCS11 object.
1028 <td><p><a name="GNUTLS-PKCS11-OBJ-X509-CRT:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_OBJ_X509_CRT</code></span></p></td>
1029 <td>X.509 certificate.
1033 <td><p><a name="GNUTLS-PKCS11-OBJ-PUBKEY:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_OBJ_PUBKEY</code></span></p></td>
1038 <td><p><a name="GNUTLS-PKCS11-OBJ-PRIVKEY:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_OBJ_PRIVKEY</code></span></p></td>
1043 <td><p><a name="GNUTLS-PKCS11-OBJ-SECRET-KEY:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_OBJ_SECRET_KEY</code></span></p></td>
1048 <td><p><a name="GNUTLS-PKCS11-OBJ-DATA:CAPS"></a><span class="term"><code class="literal">GNUTLS_PKCS11_OBJ_DATA</code></span></p></td>
1056 <div class="refsect2">
1057 <a name="gnutls-pkcs11-token-init"></a><h3>gnutls_pkcs11_token_init ()</h3>
1058 <pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_pkcs11_token_init (<em class="parameter"><code>const <span class="type">char</span> *token_url</code></em>,
1059 <em class="parameter"><code>const <span class="type">char</span> *so_pin</code></em>,
1060 <em class="parameter"><code>const <span class="type">char</span> *label</code></em>);</pre>
1062 This function will initialize (format) a token. If the token is
1063 at a factory defaults state the security officer's PIN given will be
1064 set to be the default. Otherwise it should match the officer's PIN.
1066 <div class="variablelist"><table border="0">
1067 <col align="left" valign="top">
1070 <td><p><span class="term"><em class="parameter"><code>token_url</code></em> :</span></p></td>
1071 <td>A PKCS <span class="type">11</span> URL specifying a token</td>
1074 <td><p><span class="term"><em class="parameter"><code>so_pin</code></em> :</span></p></td>
1075 <td>Security Officer's PIN</td>
1078 <td><p><span class="term"><em class="parameter"><code>label</code></em> :</span></p></td>
1079 <td>A name to be used for the token</td>
1082 <td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1083 <td>On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> is returned, otherwise a
1084 negative error value.</td>
1090 <div class="refsect2">
1091 <a name="gnutls-pkcs11-token-get-mechanism"></a><h3>gnutls_pkcs11_token_get_mechanism ()</h3>
1092 <pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_pkcs11_token_get_mechanism (<em class="parameter"><code>const <span class="type">char</span> *url</code></em>,
1093 <em class="parameter"><code><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> idx</code></em>,
1094 <em class="parameter"><code>unsigned <span class="type">long</span> *mechanism</code></em>);</pre>
1096 This function will return the names of the supported mechanisms
1097 by the token. It should be called with an increasing index until
1098 it return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE.
1100 <div class="variablelist"><table border="0">
1101 <col align="left" valign="top">
1104 <td><p><span class="term"><em class="parameter"><code>url</code></em> :</span></p></td>
1105 <td>should contain a PKCS 11 URL</td>
1108 <td><p><span class="term"><em class="parameter"><code>idx</code></em> :</span></p></td>
1109 <td>The index of the mechanism</td>
1112 <td><p><span class="term"><em class="parameter"><code>mechanism</code></em> :</span></p></td>
1113 <td>The PKCS <span class="type">11</span> mechanism ID</td>
1116 <td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1117 <td>zero on success or a negative value on error.</td>
1123 <div class="refsect2">
1124 <a name="gnutls-pkcs11-token-set-pin"></a><h3>gnutls_pkcs11_token_set_pin ()</h3>
1125 <pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_pkcs11_token_set_pin (<em class="parameter"><code>const <span class="type">char</span> *token_url</code></em>,
1126 <em class="parameter"><code>const <span class="type">char</span> *oldpin</code></em>,
1127 <em class="parameter"><code>const <span class="type">char</span> *newpin</code></em>,
1128 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> flags</code></em>);</pre>
1130 This function will modify or set a user's PIN for the given token.
1131 If it is called to set a user pin for first time the oldpin must
1134 <div class="variablelist"><table border="0">
1135 <col align="left" valign="top">
1138 <td><p><span class="term"><em class="parameter"><code>token_url</code></em> :</span></p></td>
1139 <td>A PKCS <span class="type">11</span> URL specifying a token</td>
1142 <td><p><span class="term"><em class="parameter"><code>oldpin</code></em> :</span></p></td>
1143 <td>old user's PIN</td>
1146 <td><p><span class="term"><em class="parameter"><code>newpin</code></em> :</span></p></td>
1147 <td>new user's PIN</td>
1150 <td><p><span class="term"><em class="parameter"><code>flags</code></em> :</span></p></td>
1151 <td>one of gnutls_pkcs11_pin_flag_t</td>
1154 <td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1155 <td>On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> is returned, otherwise a
1156 negative error value.</td>
1162 <div class="refsect2">
1163 <a name="gnutls-pkcs11-token-get-url"></a><h3>gnutls_pkcs11_token_get_url ()</h3>
1164 <pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_pkcs11_token_get_url (<em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> seq</code></em>,
1165 <em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-url-type-t" title="enum gnutls_pkcs11_url_type_t"><span class="type">gnutls_pkcs11_url_type_t</span></a> detailed</code></em>,
1166 <em class="parameter"><code><span class="type">char</span> **url</code></em>);</pre>
1168 This function will return the URL for each token available
1169 in system. The url has to be released using <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free"><code class="function">gnutls_free()</code></a>
1171 <div class="variablelist"><table border="0">
1172 <col align="left" valign="top">
1175 <td><p><span class="term"><em class="parameter"><code>seq</code></em> :</span></p></td>
1176 <td>sequence number starting from 0</td>
1179 <td><p><span class="term"><em class="parameter"><code>detailed</code></em> :</span></p></td>
1180 <td>non zero if a detailed URL is required</td>
1183 <td><p><span class="term"><em class="parameter"><code>url</code></em> :</span></p></td>
1184 <td>will contain an allocated url</td>
1187 <td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1188 <td>On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> is returned, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-REQUESTED-DATA-NOT-AVAILABLE:CAPS" title="GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE"><code class="literal">GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE</code></a>
1189 if the sequence number exceeds the available tokens, otherwise a negative error value.</td>
1195 <div class="refsect2">
1196 <a name="gnutls-pkcs11-token-get-info"></a><h3>gnutls_pkcs11_token_get_info ()</h3>
1197 <pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_pkcs11_token_get_info (<em class="parameter"><code>const <span class="type">char</span> *url</code></em>,
1198 <em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-token-info-t" title="enum gnutls_pkcs11_token_info_t"><span class="type">gnutls_pkcs11_token_info_t</span></a> ttype</code></em>,
1199 <em class="parameter"><code><span class="type">void</span> *output</code></em>,
1200 <em class="parameter"><code><span class="type">size_t</span> *output_size</code></em>);</pre>
1202 This function will return information about the PKCS 11 token such
1203 as the label, id as well as token information where the key is stored.
1205 <div class="variablelist"><table border="0">
1206 <col align="left" valign="top">
1209 <td><p><span class="term"><em class="parameter"><code>url</code></em> :</span></p></td>
1210 <td>should contain a PKCS 11 URL</td>
1213 <td><p><span class="term"><em class="parameter"><code>ttype</code></em> :</span></p></td>
1214 <td>Denotes the type of information requested</td>
1217 <td><p><span class="term"><em class="parameter"><code>output</code></em> :</span></p></td>
1218 <td>where output will be stored</td>
1221 <td><p><span class="term"><em class="parameter"><code>output_size</code></em> :</span></p></td>
1222 <td>contains the maximum size of the output and will be overwritten with actual</td>
1225 <td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1226 <td>zero on success or a negative value on error.</td>
1232 <div class="refsect2">
1233 <a name="GNUTLS-PKCS11-TOKEN-HW:CAPS"></a><h3>GNUTLS_PKCS11_TOKEN_HW</h3>
1234 <pre class="programlisting">#define GNUTLS_PKCS11_TOKEN_HW 1
1240 <div class="refsect2">
1241 <a name="gnutls-pkcs11-token-get-flags"></a><h3>gnutls_pkcs11_token_get_flags ()</h3>
1242 <pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_pkcs11_token_get_flags (<em class="parameter"><code>const <span class="type">char</span> *url</code></em>,
1243 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> *flags</code></em>);</pre>
1245 This function will return information about the PKCS 11 token flags.
1247 <div class="variablelist"><table border="0">
1248 <col align="left" valign="top">
1251 <td><p><span class="term"><em class="parameter"><code>url</code></em> :</span></p></td>
1252 <td>should contain a PKCS 11 URL</td>
1255 <td><p><span class="term"><em class="parameter"><code>flags</code></em> :</span></p></td>
1256 <td>The output flags (GNUTLS_PKCS11_TOKEN_*)</td>
1259 <td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1260 <td>zero on success or a negative value on error.</td>
1266 <div class="refsect2">
1267 <a name="gnutls-pkcs11-obj-list-import-url"></a><h3>gnutls_pkcs11_obj_list_import_url ()</h3>
1268 <pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_pkcs11_obj_list_import_url (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> *p_list</code></em>,
1269 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> *const n_list</code></em>,
1270 <em class="parameter"><code>const <span class="type">char</span> *url</code></em>,
1271 <em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-attr-t" title="enum gnutls_pkcs11_obj_attr_t"><span class="type">gnutls_pkcs11_obj_attr_t</span></a> attrs</code></em>,
1272 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> flags</code></em>);</pre>
1274 This function will initialize and set values to an object list
1275 by using all objects identified by a PKCS 11 URL.
1277 <div class="variablelist"><table border="0">
1278 <col align="left" valign="top">
1281 <td><p><span class="term"><em class="parameter"><code>p_list</code></em> :</span></p></td>
1282 <td>An uninitialized object list (may be NULL)</td>
1285 <td><p><span class="term"><em class="parameter"><code>n_list</code></em> :</span></p></td>
1286 <td>initially should hold the maximum size of the list. Will contain the actual size.</td>
1289 <td><p><span class="term"><em class="parameter"><code>url</code></em> :</span></p></td>
1290 <td>A PKCS 11 url identifying a set of objects</td>
1293 <td><p><span class="term"><em class="parameter"><code>attrs</code></em> :</span></p></td>
1294 <td>Attributes of type <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-attr-t" title="enum gnutls_pkcs11_obj_attr_t"><span class="type">gnutls_pkcs11_obj_attr_t</span></a> that can be used to limit output</td>
1297 <td><p><span class="term"><em class="parameter"><code>flags</code></em> :</span></p></td>
1298 <td>One of GNUTLS_PKCS11_OBJ_* flags</td>
1301 <td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1302 <td>On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> is returned, otherwise a
1303 negative error value.</td>
1309 <div class="refsect2">
1310 <a name="gnutls-x509-crt-import-pkcs11"></a><h3>gnutls_x509_crt_import_pkcs11 ()</h3>
1311 <pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_x509_crt_import_pkcs11 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>,
1312 <em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> pkcs11_crt</code></em>);</pre>
1314 This function will import a PKCS 11 certificate to a <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a>
1317 <div class="variablelist"><table border="0">
1318 <col align="left" valign="top">
1321 <td><p><span class="term"><em class="parameter"><code>crt</code></em> :</span></p></td>
1322 <td>A certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a>
1326 <td><p><span class="term"><em class="parameter"><code>pkcs11_crt</code></em> :</span></p></td>
1327 <td>A PKCS 11 object that contains a certificate</td>
1330 <td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1331 <td>On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> is returned, otherwise a
1332 negative error value.</td>
1338 <div class="refsect2">
1339 <a name="gnutls-x509-crt-import-pkcs11-url"></a><h3>gnutls_x509_crt_import_pkcs11_url ()</h3>
1340 <pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_x509_crt_import_pkcs11_url (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> crt</code></em>,
1341 <em class="parameter"><code>const <span class="type">char</span> *url</code></em>,
1342 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> flags</code></em>);</pre>
1344 This function will import a PKCS 11 certificate directly from a token
1345 without involving the <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> structure. This function will
1346 fail if the certificate stored is not of X.509 type.
1348 <div class="variablelist"><table border="0">
1349 <col align="left" valign="top">
1352 <td><p><span class="term"><em class="parameter"><code>crt</code></em> :</span></p></td>
1353 <td>A certificate of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a>
1357 <td><p><span class="term"><em class="parameter"><code>url</code></em> :</span></p></td>
1358 <td>A PKCS 11 url</td>
1361 <td><p><span class="term"><em class="parameter"><code>flags</code></em> :</span></p></td>
1362 <td>One of GNUTLS_PKCS11_OBJ_* flags</td>
1365 <td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1366 <td>On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> is returned, otherwise a
1367 negative error value.</td>
1373 <div class="refsect2">
1374 <a name="gnutls-pkcs11-obj-get-type"></a><h3>gnutls_pkcs11_obj_get_type ()</h3>
1375 <pre class="programlisting"><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-type-t" title="enum gnutls_pkcs11_obj_type_t"><span class="returnvalue">gnutls_pkcs11_obj_type_t</span></a> gnutls_pkcs11_obj_get_type (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> certificate</code></em>);</pre>
1377 This function will return the type of the certificate being
1378 stored in the structure.
1380 <div class="variablelist"><table border="0">
1381 <col align="left" valign="top">
1384 <td><p><span class="term"><em class="parameter"><code>certificate</code></em> :</span></p></td>
1385 <td>Holds the PKCS 11 certificate</td>
1388 <td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1389 <td>The type of the certificate.</td>
1395 <div class="refsect2">
1396 <a name="gnutls-pkcs11-type-get-name"></a><h3>gnutls_pkcs11_type_get_name ()</h3>
1397 <pre class="programlisting">const <span class="returnvalue">char</span> * gnutls_pkcs11_type_get_name (<em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-type-t" title="enum gnutls_pkcs11_obj_type_t"><span class="type">gnutls_pkcs11_obj_type_t</span></a> Param1</code></em>);</pre>
1402 <div class="refsect2">
1403 <a name="gnutls-x509-crt-list-import-pkcs11"></a><h3>gnutls_x509_crt_list_import_pkcs11 ()</h3>
1404 <pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_x509_crt_list_import_pkcs11 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> *certs</code></em>,
1405 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> cert_max</code></em>,
1406 <em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> * const objs</code></em>,
1407 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> flags</code></em>);</pre>
1409 This function will import a PKCS 11 certificate list to a list of
1410 <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a> structure. These must not be initialized.
1412 <div class="variablelist"><table border="0">
1413 <col align="left" valign="top">
1416 <td><p><span class="term"><em class="parameter"><code>certs</code></em> :</span></p></td>
1417 <td>A list of certificates of type <a class="link" href="gnutls-gnutls.html#gnutls-x509-crt-t" title="gnutls_x509_crt_t"><span class="type">gnutls_x509_crt_t</span></a>
1421 <td><p><span class="term"><em class="parameter"><code>cert_max</code></em> :</span></p></td>
1422 <td>The maximum size of the list</td>
1425 <td><p><span class="term"><em class="parameter"><code>objs</code></em> :</span></p></td>
1426 <td>A list of PKCS 11 objects</td>
1429 <td><p><span class="term"><em class="parameter"><code>flags</code></em> :</span></p></td>
1433 <td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1434 <td>On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> is returned, otherwise a
1435 negative error value.</td>
1441 <div class="refsect2">
1442 <a name="gnutls-pkcs11-privkey-init"></a><h3>gnutls_pkcs11_privkey_init ()</h3>
1443 <pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_pkcs11_privkey_init (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pkcs11-privkey-t" title="gnutls_pkcs11_privkey_t"><span class="type">gnutls_pkcs11_privkey_t</span></a> *key</code></em>);</pre>
1445 This function will initialize an private key structure.
1447 <div class="variablelist"><table border="0">
1448 <col align="left" valign="top">
1451 <td><p><span class="term"><em class="parameter"><code>key</code></em> :</span></p></td>
1452 <td>The structure to be initialized</td>
1455 <td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1456 <td>On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> is returned, otherwise a
1457 negative error value.</td>
1463 <div class="refsect2">
1464 <a name="gnutls-pkcs11-privkey-deinit"></a><h3>gnutls_pkcs11_privkey_deinit ()</h3>
1465 <pre class="programlisting"><span class="returnvalue">void</span> gnutls_pkcs11_privkey_deinit (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pkcs11-privkey-t" title="gnutls_pkcs11_privkey_t"><span class="type">gnutls_pkcs11_privkey_t</span></a> key</code></em>);</pre>
1467 This function will deinitialize a private key structure.
1469 <div class="variablelist"><table border="0">
1470 <col align="left" valign="top">
1472 <td><p><span class="term"><em class="parameter"><code>key</code></em> :</span></p></td>
1473 <td>The structure to be initialized</td>
1478 <div class="refsect2">
1479 <a name="gnutls-pkcs11-privkey-get-pk-algorithm"></a><h3>gnutls_pkcs11_privkey_get_pk_algorithm ()</h3>
1480 <pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_pkcs11_privkey_get_pk_algorithm
1481 (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pkcs11-privkey-t" title="gnutls_pkcs11_privkey_t"><span class="type">gnutls_pkcs11_privkey_t</span></a> key</code></em>,
1482 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> *bits</code></em>);</pre>
1484 This function will return the public key algorithm of a private
1487 <div class="variablelist"><table border="0">
1488 <col align="left" valign="top">
1491 <td><p><span class="term"><em class="parameter"><code>key</code></em> :</span></p></td>
1492 <td>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-pkcs11-privkey-t" title="gnutls_pkcs11_privkey_t"><span class="type">gnutls_pkcs11_privkey_t</span></a> structure</td>
1495 <td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1496 <td>a member of the <a class="link" href="gnutls-gnutls.html#gnutls-pk-algorithm-t" title="enum gnutls_pk_algorithm_t"><span class="type">gnutls_pk_algorithm_t</span></a> enumeration on
1497 success, or a negative value on error.</td>
1503 <div class="refsect2">
1504 <a name="gnutls-pkcs11-privkey-get-info"></a><h3>gnutls_pkcs11_privkey_get_info ()</h3>
1505 <pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_pkcs11_privkey_get_info (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pkcs11-privkey-t" title="gnutls_pkcs11_privkey_t"><span class="type">gnutls_pkcs11_privkey_t</span></a> pkey</code></em>,
1506 <em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-info-t" title="enum gnutls_pkcs11_obj_info_t"><span class="type">gnutls_pkcs11_obj_info_t</span></a> itype</code></em>,
1507 <em class="parameter"><code><span class="type">void</span> *output</code></em>,
1508 <em class="parameter"><code><span class="type">size_t</span> *output_size</code></em>);</pre>
1510 This function will return information about the PKCS 11 private key such
1511 as the label, id as well as token information where the key is stored. When
1512 output is text it returns null terminated string although <span class="type">output_size</span> contains
1513 the size of the actual data only.
1515 <div class="variablelist"><table border="0">
1516 <col align="left" valign="top">
1519 <td><p><span class="term"><em class="parameter"><code>pkey</code></em> :</span></p></td>
1520 <td>should contain a <a class="link" href="gnutls-gnutls.html#gnutls-pkcs11-privkey-t" title="gnutls_pkcs11_privkey_t"><span class="type">gnutls_pkcs11_privkey_t</span></a> structure</td>
1523 <td><p><span class="term"><em class="parameter"><code>itype</code></em> :</span></p></td>
1524 <td>Denotes the type of information requested</td>
1527 <td><p><span class="term"><em class="parameter"><code>output</code></em> :</span></p></td>
1528 <td>where output will be stored</td>
1531 <td><p><span class="term"><em class="parameter"><code>output_size</code></em> :</span></p></td>
1532 <td>contains the maximum size of the output and will be overwritten with actual</td>
1535 <td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1536 <td>zero on success or a negative value on error.</td>
1542 <div class="refsect2">
1543 <a name="gnutls-pkcs11-privkey-import-url"></a><h3>gnutls_pkcs11_privkey_import_url ()</h3>
1544 <pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_pkcs11_privkey_import_url (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pkcs11-privkey-t" title="gnutls_pkcs11_privkey_t"><span class="type">gnutls_pkcs11_privkey_t</span></a> pkey</code></em>,
1545 <em class="parameter"><code>const <span class="type">char</span> *url</code></em>,
1546 <em class="parameter"><code>unsigned <a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> flags</code></em>);</pre>
1548 This function will "import" a PKCS 11 URL identifying a certificate
1549 key to the <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> structure. This does not involve any
1550 parsing (such as X.509 or OpenPGP) since the <a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-obj-t" title="gnutls_pkcs11_obj_t"><span class="type">gnutls_pkcs11_obj_t</span></a> is
1551 format agnostic. Only data are transferred.
1553 <div class="variablelist"><table border="0">
1554 <col align="left" valign="top">
1557 <td><p><span class="term"><em class="parameter"><code>url</code></em> :</span></p></td>
1558 <td>a PKCS 11 url identifying the key</td>
1561 <td><p><span class="term"><em class="parameter"><code>flags</code></em> :</span></p></td>
1562 <td>One of GNUTLS_PKCS11_OBJ_* flags</td>
1565 <td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1566 <td>On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> is returned, otherwise a
1567 negative error value.</td>
1573 <div class="refsect2">
1574 <a name="gnutls-pkcs11-privkey-export-url"></a><h3>gnutls_pkcs11_privkey_export_url ()</h3>
1575 <pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_pkcs11_privkey_export_url (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-pkcs11-privkey-t" title="gnutls_pkcs11_privkey_t"><span class="type">gnutls_pkcs11_privkey_t</span></a> key</code></em>,
1576 <em class="parameter"><code><a class="link" href="gnutls-pkcs11.html#gnutls-pkcs11-url-type-t" title="enum gnutls_pkcs11_url_type_t"><span class="type">gnutls_pkcs11_url_type_t</span></a> detailed</code></em>,
1577 <em class="parameter"><code><span class="type">char</span> **url</code></em>);</pre>
1579 This function will export a URL identifying the given key.
1581 <div class="variablelist"><table border="0">
1582 <col align="left" valign="top">
1585 <td><p><span class="term"><em class="parameter"><code>key</code></em> :</span></p></td>
1586 <td>Holds the PKCS 11 key</td>
1589 <td><p><span class="term"><em class="parameter"><code>detailed</code></em> :</span></p></td>
1590 <td>non zero if a detailed URL is required</td>
1593 <td><p><span class="term"><em class="parameter"><code>url</code></em> :</span></p></td>
1594 <td>will contain an allocated url</td>
1597 <td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
1598 <td>On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> is returned, otherwise a
1599 negative error value.</td>
1606 <div class="footer">
1608 Generated by GTK-Doc V1.18</div>
projects / external / libgnutls26.git / blob