From minfrin at sharp.fm Sun Dec 24 12:31:26 2023 From: minfrin at sharp.fm (Graham Leggett) Date: Sun, 24 Dec 2023 11:31:26 +0000 Subject: [gnutls-help] GnuTLS equivalent of OpenSSL's OSSL_STORE Message-ID: Hi all, I am currently patching OpenLDAP to support OpenSSL's OSSL_STORE, which can be summarised as ?enumerate a store represented by an URL?, and I need to emulate the same behaviour with GnuTLS. I?ve found gnutls_url_is_supported(), which will tell me if GnuTLS understands a URL. Is there a function that can enumerate an URL? The closest two I have found are gnutls_pkcs11_obj_list_import_url4() and gnutls_tpm_get_registered(), but these force the calling code to know about the implementations of pkcs11 and TPM. The gnutls_privkey_import_url() function will import a private key, but that assumes outside knowledge that the URL points at a key, and not say a certificate. In the OpenSSL case an URL is opened, and whatever found there is read and enumerated, and OpenSSL tells you what it found. Is the same possible in GnuTLS? Regards, Graham ?