[gnutls-devel] GnuTLS | WIP: RFC7250 Raw public keys (!650)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Sun Sep 16 18:36:06 CEST 2018
Tom commented on a discussion on lib/includes/gnutls/gnutls.h.in:
> unsigned idx,
> gnutls_datum_t * response);
> +/* RAW public key functions (RFC7250) */
> +#ifdef ENABLE_RAWPK
> +int gnutls_certificate_set_rawpk_keypair(gnutls_certificate_credentials_t cred,
`gnutls_certificate_set_key` has different arguments. First of all, when using raw pk we don't need to set any names so we can skip those args completely. Secondly, `gnutls_certificate_set_key` accepts a pointer to a pcert struct (i.e. a list of pcerts) and a privkey_t whereas `gnutls_certificate_set_rawpk_keypair` accepts a pubkey_t and a privkey_t. When using raw pk you never have a pcert list because there is no cert chain. You always set exactly one key pair. So I think these functions are different enough to have them both. What do you think?
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/650#note_101686730
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnutls-devel