Patch updated: New function gnutls_x509_crq_get_key_id

Simon Josefsson simon at josefsson.org
Thu Dec 11 08:37:14 CET 2008


"David Marín Carreño" <davefx at gmail.com> writes:

> +  if (pk == GNUTLS_PK_RSA || pk == GNUTLS_PK_DSA)
> +    {
> +      /* This is for compatibility with what GnuTLS has printed for
> +         RSA/DSA before the code below was added.  The code below is
> +         applicable to all types, and it would probably be a better
> +         idea to use it for RSA/DSA too, but doing so would break
> +         backwards compatibility.  */
> +      return rsadsa_crq_get_key_id (crq, pk, output_data, output_data_size);
> +    }

Is there a particular reason you need this?  The function you copied
this code from needed it for backwards compatibility reasons, but there
are no such considerations for a new function.

I would consider removing the code quoted above, and the entire
rsadsa_crq_get_key_id function.  What do you think?

Thanks,
/Simon






More information about the Gnutls-devel mailing list