cert to key is even more interesting than key to cert.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2407 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
16a89ae2ef
commit
f21115d6e8
|
@ -140,6 +140,9 @@ typedef struct pkcs11_cert_private {
|
|||
size_t id_len;
|
||||
} PKCS11_CERT_private;
|
||||
#define PRIVCERT(cert) ((PKCS11_CERT_private *) cert->_private)
|
||||
#define CERT2SLOT(cert) TOKEN2SLOT(CERT2TOKEN(cert))
|
||||
#define CERT2TOKEN(cert) (PRIVCERT(cert)->parent)
|
||||
#define CERT2CTX(cert) TOKEN2CTX(CERT2TOKEN(cert))
|
||||
|
||||
/*
|
||||
* Mapping Cryptoki error codes to those used internally
|
||||
|
|
|
@ -166,6 +166,9 @@ extern EVP_PKEY *PKCS11_get_public_key(PKCS11_KEY *);
|
|||
/* Find the corresponding certificate (if any) */
|
||||
extern PKCS11_CERT *PKCS11_find_certificate(PKCS11_KEY *);
|
||||
|
||||
/* Find the corresponding key (if any) */
|
||||
extern PKCS11_KEY *PKCS11_find_key(PKCS11_CERT *);
|
||||
|
||||
/* Get a list of all certificates associated with this token */
|
||||
extern int PKCS11_enumerate_certs(PKCS11_TOKEN *, PKCS11_CERT **, unsigned int *);
|
||||
|
||||
|
|
|
@ -103,6 +103,28 @@ PKCS11_enumerate_keys(PKCS11_TOKEN * token, PKCS11_KEY ** keyp, unsigned int *co
|
|||
return 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* Find key matching a certificate
|
||||
*/
|
||||
PKCS11_KEY *PKCS11_find_key(PKCS11_CERT *cert)
|
||||
{
|
||||
PKCS11_CERT_private *cpriv;
|
||||
PKCS11_KEY_private *kpriv;
|
||||
PKCS11_KEY *key;
|
||||
unsigned int n, count;
|
||||
|
||||
cpriv = PRIVCERT(cert);
|
||||
if (PKCS11_enumerate_keys(CERT2TOKEN(cert), &key, &count))
|
||||
return NULL;
|
||||
for (n = 0; n < count; n++, key++) {
|
||||
kpriv = PRIVKEY(key);
|
||||
if (cpriv->id_len == kpriv->id_len
|
||||
&& !memcmp(cpriv->id, kpriv->id, cpriv->id_len))
|
||||
return key;
|
||||
}
|
||||
return NULL;
|
||||
}
|
||||
|
||||
/*
|
||||
* Store a private key on the token
|
||||
*/
|
||||
|
|
Loading…
Reference in New Issue