bebe3e891b
TLS uses the 'identity' which previously wasn't read. The private key password should also only be used for PKCS#12 files, becuase they aren't decrypted when read into the setting. Private keys also need to be handled differently; PKCS#12 keys are written out unchanged (ie, still encrypted) with their corresponding private key. DER keys are stored in the setting unencrypted, so they are re-encrypted before being written out to disk. But because the private key password isn't known for DER keys, a random password must be used to re-encrypt the key.
35 lines
1.1 KiB
C
35 lines
1.1 KiB
C
/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
|
|
/* NetworkManager system settings service - keyfile plugin
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License along
|
|
* with this program; if not, write to the Free Software Foundation, Inc.,
|
|
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
*
|
|
* Copyright (C) 2009 Red Hat, Inc.
|
|
*/
|
|
|
|
#ifndef _CRYPTO_H_
|
|
#define _CRYPTO_H_
|
|
|
|
#include <glib.h>
|
|
|
|
GByteArray *
|
|
crypto_key_to_pem (const GByteArray *data,
|
|
const char *password,
|
|
GError **error);
|
|
|
|
GByteArray *crypto_random (gsize len, GError **error);
|
|
|
|
#endif /* _CRYPTO_H_ */
|
|
|