[gnutls-devel] GnuTLS | Support for raw public keys for gnutls-cli and gnutls-serv (!1059)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Mon Sep 9 15:57:44 CEST 2019




Tom commented on a discussion on src/serv-args.def: https://gitlab.com/gnutls/gnutls/merge_requests/1059#note_214218832

>  };
>  
> +flag = {
> +    name      = rawpkkeyfile;
> +    arg-type  = string;
> +    descrip   = "PKCS #8 or PKCS #12 key file to use";
> +    doc       = "";
> +    max       = 1;
> +};
> +
> +flag = {
> +    name      = rawpkfile;
> +    arg-type  = string;
> +    descrip   = "Raw public-key file to use";
> +    doc       = "";
> +    max       = 1;

After investigating I think we can indeed select a raw pk based on the algorithm type. So I will update the application such that we use stack-args.

I just realized however that we might need to be able to specify key usage flags because this info is not contained in the certificate (because there is none). Currently I set the key usage flags to 0 (i.e. an all is fine wildcard) when I import the public key. What do you think is good to do here? Should I add an extra parameter for the key usage flags?

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/1059#note_214218832
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190909/7b94cb99/attachment.html>


More information about the Gnutls-devel mailing list