Working around wrong algorithm specification in certificates
Mads Kiilerich
mads at kiilerich.com
Tue Jul 20 01:14:33 CEST 2010
Hi
I am trying to use GnuTLS in an application where I for interoperability
need to read the public key of x509 certificates.
But gnutls_x509_crt_get_pk_rsa_raw fails - because
gnutls_x509_crt_get_pk_algorithm returns GNUTLS_PK_UNKNOWN, because the
public key oid is SIG_RSA_MD5_OID 1.2.840.113549.1.1.4 instead of the
PK_PKIX1_RSA_OID 1.2.840.113549.1.1.1 it should have been.
Do you have any idea how I can workaround that? In NSS and openssl it is
possible to patch the parsed cert, but it seems like that isn't possible
with GnuTLS?
What would be the least ugly hack I can use? To somehow call
asn1_write_value to set the right OID? Or _gnutls_x509_read_value and
_gnutls_x509_read_rsa_params ?
/Mads
More information about the Gnutls-help
mailing list