[Help-gnutls] X.509 certificates around JUST A PUBLIC key... can it be done?

Nikos Mavrogiannopoulos nmav at gnutls.org
Sat Aug 2 11:06:11 CEST 2008

Zach C. wrote:
> So here's the dilemma.
> I'm fully aware that I can currently generate the Root and Host certificates
> without a problem in GnuTLS. The problem I'm having, though, is that I
> *need* to be able to generate a certificate around the public key sent by
> the iPhone and then sign that certificate with the root private key. I'm
> wondering if that's possible in GnuTLS... I was considering doing a
> gnutls_x509_privkey_import_rsa_raw and *only* setting the modulus and public
> exponent (however I would get them), but I'm not sure if that would work or
> if GnuTLS would throw an error out about it. And if it did it properly,
> whether setting the new "private key" struct on a new certificate would do
> what I'm describing here.

Actually I sketched a function like that. I'd appreciate if you could
try if it fits your needs.

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: patch.txt
URL: </pipermail/attachments/20080802/ad63381a/attachment.txt>

More information about the Gnutls-help mailing list