1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
/*
* OpenConnect (SSL + DTLS) VPN client
*
* Copyright © 2022 David Woodhouse <dwmw2@infradead.org>
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public License
* version 2.1, as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*/
#include <stdlib.h>
#include <stdio.h>
#include <gnutls/system-keys.h>
int main(void)
{
gnutls_system_key_iter_t iter = NULL;
char *cert, *key, *label;
gnutls_datum_t der = { };
int err;
while ((err = gnutls_system_key_iter_get_info(&iter, GNUTLS_CRT_X509,
&cert, &key, &label, &der, 0)) >= 0) {
/* Skip anything without a key */
if (cert && key) {
printf("Label: %s\nCert URI: %s\nKey URI: %s\n", label, cert, key);
gnutls_x509_crt_t crt = NULL;
gnutls_datum_t buf = { };
if (!gnutls_x509_crt_init(&crt) &&
!gnutls_x509_crt_import(crt, &der, GNUTLS_X509_FMT_DER) &&
!gnutls_x509_crt_print(crt, GNUTLS_CRT_PRINT_ONELINE, &buf))
printf("Cert info: %s\n", buf.data);
gnutls_free(buf.data);
gnutls_x509_crt_deinit(crt);
printf("\n");
}
gnutls_free(der.data);
der.data = NULL;
gnutls_free(label);
gnutls_free(key);
gnutls_free(cert);
}
if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
err = 0;
else if (err == GNUTLS_E_UNIMPLEMENTED_FEATURE)
fprintf(stderr, "GnuTLS does not support a concept of system keys on this platform.\n");
else if (err < 0)
fprintf(stderr, "Error listing keys: %s\n", gnutls_strerror(err));
gnutls_system_key_iter_deinit(iter);
return !!err;
}
|
