RSA sign/verify and hash generation functions

Nikos Mavrogiannopoulos nmav at
Wed Dec 1 11:20:28 CET 2010

On Tue, Nov 30, 2010 at 7:01 PM, Murray S. Kucherawy
>> What key format? X.509 is a format for certificates. gnutls does support
>> various key formats and most probably the one you might mean.
> Sorry, you're right.  I meant to say PEM format, i.e. the default output of openssl's "genrsa" function.  For the signing operation in the application I'm looking to port, the key will either be in PEM or DER form.  For verifying, it will be in PEM form with the "BEGIN" and "END" tags removed.

If you remove the BEGIN and END tags then it is not PEM format any
more. It is just a base64 of the DER data. With gnutls you can decode
PEM or DER encoded keys, check the manual for more information. To
handle your case you will have to base64 decode the key(gnutls has
some helper functions for that) and then parse it as a DER key.


More information about the Gnutls-help mailing list