[gnutls-devel] [PATCH 0/9] Getter functions for gnutls_credentials_t

Nikos Mavrogiannopoulos nmav at gnutls.org
Sun Sep 21 00:55:52 CEST 2014


On Thu, 2014-09-18 at 13:12 -0400, Armin Burgmeier wrote:
> Hi,
> 
> this is a series of patches that adds additional API to obtain
> certificates, private keys and trusted CAs from a
> gnutls_certificate_credentials_t structure. This could for example be
> used to load the system CAs and then show those certificates in a user
> interface. This was originally requested here:
> https://savannah.gnu.org/support/index.php?108634
> 
> Most functions return copies of keys or certificates, so that the
> implementation remains flexible with respect to future changes.

>   Fix a documentation typo
>   Memory leak fix on certificate copy failure
>   Add API to retrieve a X.509 or OpenPGP certificate from a
>     gnutls_pcert_t
>   Add a function to obtain the trust list of a
>     gnutls_certificate_credentials_t
>  Add gnutls_certificate_get_verify_flags

Thank you. I've checked and applied these so far. 

>   Add functions to export X.509 and OpenPGP private keys from the
>     abstract type
>   Add functions to obtain X.509 keys and certificates from certificate
>     credentials
>   Add getter functions for openpgp keys and certificates
>   Add an interface to iterate the trusted CA certificates in a trust
>     list

Would it be possible to modify some test programs, or a add new ones to
test these functions? That would ensure that the functionality offered
will not break on any internal change.

I'll try to add the missing part for the pkcs11 private key copy.

regards,
Nikos





More information about the Gnutls-devel mailing list