[gnutls-devel] GnuTLS | Support for raw public keys for gnutls-cli and gnutls-serv (!1059)

[Development of GNU's TLS library]

Merge request https://gitlab.com/gnutls/gnutls/merge_requests/1059 was reviewed by Nikos Mavrogiannopoulos

--
  
Nikos Mavrogiannopoulos started a new discussion on src/cli-args.def: https://gitlab.com/gnutls/gnutls/merge_requests/1059#note_212271623

> +    descrip   = "PKCS #8 or PKCS #12 key file to use";
> +    doc       = "";
> +    max       = 1;

You don't use the stack-args, so the max seems unnecessary here.

--
  
Nikos Mavrogiannopoulos started a new discussion on src/cli.c: https://gitlab.com/gnutls/gnutls/merge_requests/1059#note_212271626

> +/* Load the raw public key and corresponding private key.
> + */
> +static void load_rawpk_keys(void)

This is overly similar to `load_keys`. Could you abstract out the common functionality so that there is not so much of copied code? For example the private key loading seems like a simple copy paste from the original function.

--
  
Nikos Mavrogiannopoulos started a new discussion on src/cli-args.def: https://gitlab.com/gnutls/gnutls/merge_requests/1059#note_212271627

>  
> +flag = {
> +    name      = rawpkkeyfile;

Is that option necessary at all? Why not make it an alias over x509keyfile?

--
  
Nikos Mavrogiannopoulos started a new discussion on src/cli.c: https://gitlab.com/gnutls/gnutls/merge_requests/1059#note_212271628

>  
> -	load_keys();
> +	load_x509_keys();

The split seems no very intuitive to me after seen the commonalities shared. The only new option is the `rawpkfile`. Why not handle it in the original function?


-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/1059
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190904/d3dbdfc7/attachment.html>