[gnutls-devel] GnuTLS | RFC7250 Raw public keys (!650)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Thu Nov 29 10:28:40 CET 2018
Nikos Mavrogiannopoulos commented on a discussion on lib/cert-cred-rawpk.c:
> + * to prove the authenticity of this key. The keypair can be used during
> + * a TLS handshake but its authenticity should be established via a
> + * different mechanism (e.g. TOFU or known fingerprint).
> + *
> + * The supported formats are basic unencrypted key, PKCS8, PKCS12,
> + * and the openssl format and will be autodetected.
> + *
> + * If the raw public-key and the private key are given in PEM encoding
> + * then the strings that hold their values must be null terminated.
> + *
> + * Key usage (as defined by X.509 extension (2.5.29.15)) can be explicitly
> + * set because there is no certificate structure around the key to define
> + * this value. See for more info gnutls_x509_crt_get_key_usage().
> + *
> + * Note that, this function by default returns zero on success and a
> + * negative value on error. Since 3.5.6, when the flag %GNUTLS_CERTIFICATE_API_V2
Ok, let's leave it supporting the same options with the other APIs.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/650#note_121003872
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20181129/f39204fa/attachment-0001.html>
More information about the Gnutls-devel
mailing list