[gnutls-devel] GnuTLS | RFC7250 Raw public keys (!650)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Tue Nov 27 14:13:15 CET 2018
Nikos Mavrogiannopoulos started a new discussion on lib/cert-cred-rawpk.c:
> + * @cred: is a #gnutls_certificate_credentials_t type.
> + * @subject_public_key_info: contains a raw public key in
> + * PKIX.SubjectPublicKeyInfo format.
> + * @pkey: contains a raw private key.
> + * @format: encoding of the keys. DER or PEM.
> + * @pass: an optional password to unlock the private key pkey.
> + * @key_usage: An ORed sequence of %GNUTLS_KEY_* flags.
> + * @names: is an array of DNS names belonging to the public-key (NULL if none).
> + * @names_length: holds the length of the names list.
> + * @flags: an ORed sequence of #gnutls_pkcs_encrypt_flags_t.
> + * These apply to the private key pkey.
> + *
> + * This function sets a public/private keypair in the
> + * #gnutls_certificate_credentials_t type to be used for authentication
> + * and/or encryption. @subject_public_key_info and @privkey should match
> + * otherwise set signatures cannot be validated. This function should
The text about matching is incorrect. If they key/pubkey pair don't match this function will fail with a specific error code. If we are to mention about this, it should be below, when we document the error codes returned.
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/650#note_120406752
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnutls-devel