[gnutls-devel] system-keys API
Nikos Mavrogiannopoulos
n.mavrogiannopoulos at gmail.com
Fri Nov 28 16:07:17 CET 2014
On Fri, Nov 28, 2014 at 3:50 PM, Martin Paljak <martin at martinpaljak.net> wrote:
> OSX Keychain ?
Do you know if that can be used by a C library?
> Does this retrieve the actual plaintext DER? What if smart cards are
> behind the system API?
The iterator function
gnutls_system_key_iter_get_info(gnutls_system_key_iter_t *iter,
char **cert_url,
char **key_url,
char **label,
gnutls_datum_t *der,
unsigned int flags);
returns URLs of the certificate and the key, something like:
"system:win:xxxxxxxxxx;type=cert" and "system:win:xxxxxxxxxx;type=privkey"
The @der parameter is to get the certificate. The API assumes that private keys
are not available. Reportedly, using this API openconnect-gui [0]
works with smart
cards on windows.
regards,
Nikos
[0]. https://github.com/openconnect/openconnect-gui/wiki
More information about the Gnutls-devel
mailing list