[gnutls-help] Setting Subject Key Identifier and Authority Key Identifier
Markus Karch
dietmakarch at gmail.com
Mon Jul 16 15:06:32 CEST 2018
Hello,
I am creating a self signed X.509 certificate and trying to set the SKI and
the AKI.
These values should be the SHA-1 of the public key.
But when I am settign these values I am only getting the SHA-1 hash value
of the private key.
What am I doing wrong? Here is a code snippet :
gnutls_x509_crt_t crt;
gnutls_x509_privkey_t privKey;
gnutls_x509_crt_init(&crt);
gnutls_x509_privkey_init(&privKey);
int gnuErr = gnutls_x509_privkey_generate(privKey, GNUTLS_PK_RSA, 2048, 0);
gnuErr = gnutls_x509_crt_set_dn (crt, "O=test,CN=test", NULL);
gnuErr = gnutls_x509_crt_set_key(crt, privKey);
gnutls_x509_crt_set_version(crt, 3);
int serialNumber = rand();
gnuErr = gnutls_x509_crt_set_serial(crt, &serialNumber, sizeof(int));
//Here is the problem
gnutls_pubkey_t pubKey;
gnuErr = gnutls_pubkey_init(&pubKey);
gnuErr = gnutls_pubkey_import_x509(pubKey, crt,0 );
unsigned char test[20]; // Normally 20 bytes (SHA1)
size_t size = sizeof(test);
//Here I am getting the hash of the private key
gnuErr = gnutls_pubkey_get_key_id(pubKey, 0, test, &size);
gnuErr = gnutls_x509_crt_set_subject_key_id(crt, test, size);
//....
Regards,
ckmk14
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-help/attachments/20180716/8269d869/attachment-0001.html>
More information about the Gnutls-help
mailing list