| [ << ] | [ < ] | [ Up ] | [ > ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
5.1 Abstract key types
Since there are many forms of a public or private keys supported by GnuTLS such as
X.509, OpenPGP, PKCS #11 or TPM it is desirable to allow common operations
on them. For these reasons the abstract gnutls_privkey_t and gnutls_pubkey_t were
introduced in gnutls/abstract.h header. Those types are initialized using a specific type of
key and then can be used to perform operations in an abstract way. For example in order
to sign an X.509 certificate with a key that resides in a token the following steps must be
used.
#inlude <gnutls/abstract.h>
void sign_cert( gnutls_x509_crt_t to_be_signed)
{
gnutls_x509_crt_t ca_cert;
gnutls_privkey_t abs_key;
/* initialize the abstract key */
gnutls_privkey_init(&abs_key);
/* keys stored in tokens are identified by URLs */
gnutls_privkey_import_url(abs_key, key_url);
gnutls_x509_crt_init(&ca_cert);
gnutls_x509_crt_import_pkcs11_url(&ca_cert, cert_url);
/* sign the certificate to be signed */
gnutls_x509_crt_privkey_sign(to_be_signed, ca_cert, abs_key,
GNUTLS_DIG_SHA256, 0);
}
| 5.1.1 Public keys | ||
| 5.1.2 Private keys | ||
| 5.1.3 Operations |
This document was generated on May 31, 2014 using texi2html 5.0.