Documentation

TlsCertificate.newFromPkcs11Uris

gio tls_certificate TlsCertificate

Creates a #GTlsCertificate from a PKCS \#11 URI.

An example pkcs11_uri would be pkcs11:model=Model;manufacturer=Manufacture;serial=1;token=My20Client`20Certificate;id=01`

Where the token’s layout is:

Object 0:
  URL: pkcs11:model=Model;manufacturer=Manufacture;serial=1;token=My%20Client%20Certificate;id=%01;object=private%20key;type=private
  Type: Private key (RSA-2048)
  ID: 01

Object 1:
  URL: pkcs11:model=Model;manufacturer=Manufacture;serial=1;token=My%20Client%20Certificate;id=%01;object=Certificate%20for%20Authentication;type=cert
  Type: X.509 Certificate (RSA-2048)
  ID: 01

In this case the certificate and private key would both be detected and used as expected. pkcs_uri may also just reference an X.509 certificate object and then optionally private_key_pkcs11_uri allows using a private key exposed under a different URI.

Note that the private key is not accessed until usage and may fail or require a PIN later.

class TlsCertificate
static
gio.tls_certificate.TlsCertificate
newFromPkcs11Uris
(
string pkcs11Uri
,
string privateKeyPkcs11Uri = null
)

Parameters

pkcs11Uri string

A PKCS \#11 URI

privateKeyPkcs11Uri string

A PKCS \#11 URI

Return Value

Type: gio.tls_certificate.TlsCertificate

the new certificate, or null on error

gio tls_certificate TlsCertificate functionsstatic functions
Page generated by adrdox