"known in advance" public key authentication?
ilari.liusvaara at elisanet.fi
Wed Nov 7 16:35:00 CET 2012
On Wed, Nov 07, 2012 at 09:33:23PM +0700, Ivan Shmakov wrote:
> Hence, the question is: is there a way to specify the local key
> pair and the remote public key to GnuTLS “directly”, just prior
> to connecting the remote?
I implemented about half of that (client that ever connects to one
server, so it hardcodes its public key instead of messing with certs).
The outgoing key and certificate are set the same way self-signed
I don't know a way to specify expected public key. Instead,
in the code I wrote, I extract the certificate and then check the
- gnutls_x509_crt_import (index 0)
- gnutls_x509_crt_get_pk_rsa_raw / gnutls_x509_crt_get_pk_dsa_raw
The same thing should work on the server end.
More information about the Gnutls-help