From 0968f903fe66f9bb8957b8d01e35f3743c74404b Mon Sep 17 00:00:00 2001
From: Stef Walter <stefw@redhat.com>
Date: Tue, 4 Nov 2014 11:31:31 +0100
Subject: Brought old blog over

---
 content/technical/introspecting-certificates.md | 53 +++++++++++++++++++++++++
 1 file changed, 53 insertions(+)
 create mode 100644 content/technical/introspecting-certificates.md

(limited to 'content/technical/introspecting-certificates.md')

diff --git a/content/technical/introspecting-certificates.md b/content/technical/introspecting-certificates.md
new file mode 100644
index 0000000..501a40f
--- /dev/null
+++ b/content/technical/introspecting-certificates.md
@@ -0,0 +1,53 @@
+Title: Introspecting Certificates
+Date: 2011-09-29
+Tags: technical, security, gnome
+Slug: introspecting-certificates
+
+Today I merged in a contribution from Evan Nemerson for GObject
+introspection support into the Gcr and Gck libraries. I ended up
+tweaking thousands of lines of comments and code,
+[filed][] [some][] [bugs][] and so forth.  
+  
+But the end result is you use PKCS\#11 and stuff like the [Gcr
+certificate widgets][], from languages like python and javascript
+(although not your browser). For example this:  
+  
+
+    :::javascript
+    const Gck = imports.gi.Gck;
+    const Gcr = imports.gi.Gcr;
+    const Gtk = imports.gi.Gtk;
+
+    /* TODO: From pkcs11.h */
+    const CKA_CLASS = 0;
+    const CKO_CERTIFICATE = 1;
+    const CKA_VALUE = 17;
+    const URI = "pkcs11:object-type=cert";
+
+    Gtk.init(null, null);
+    var dialog = new Gtk.Dialog();
+
+    var viewer = new Gcr.ViewerWidget();
+    dialog.get_content_area().pack_start(viewer, true, true, 0);
+
+    var modules = Gck.modules_initialize_registered(null);
+    var objects = Gck.modules_objects_for_uri(modules, URI, Gck.SessionOptions.READ_ONLY);
+
+    objects.forEach(function(object) {
+        viewer.load_data(null, object.get_data(CKA_VALUE, null));
+    });
+
+    viewer.show();
+    dialog.run();
+
+  
+... will pop up a window show up with every certificate on every smart
+card and key storage [you have configured][]. All of this goodness is in
+[gnome-keyring git master][].
+
+  [filed]: https://bugzilla.gnome.org/show_bug.cgi?id=660436
+  [some]: https://bugzilla.gnome.org/show_bug.cgi?id=581525
+  [bugs]: https://bugzilla.gnome.org/show_bug.cgi?id=660352
+  [Gcr certificate widgets]: http://developer.gnome.org/gcr/unstable/gcr-GcrCertificateWidget.html
+  [you have configured]: http://p11-glue.freedesktop.org/doc/p11-kit/config-example.html
+  [gnome-keyring git master]: http://git.gnome.org/browse/gnome-keyring/?h=master
-- 
cgit v1.2.3