<div dir="ltr">Hello,<div><br></div><div>I am creating a self signed X.509 certificate and trying to set the SKI and the AKI. </div><div>These values should be the SHA-1 of the public key.</div><div>But when I am settign these values I am only getting the SHA-1 hash value of the private key.</div><div>What am I doing wrong? Here is a code snippet :</div><div><br></div><div> <pre style="background-color:rgb(255,255,255);color:rgb(0,0,0);font-family:"DejaVu Sans Mono""><span style="color:rgb(55,31,128)">gnutls_x509_crt_t </span>crt;<br><span style="color:rgb(55,31,128)">gnutls_x509_privkey_t </span>privKey;<br><br>gnutls_x509_crt_init(&crt);<br>gnutls_x509_privkey_init(&privKey);<br><br><span style="color:rgb(0,0,128);font-weight:bold">int </span>gnuErr = gnutls_x509_privkey_generate(privKey, <span style="color:rgb(102,14,122);font-weight:bold;font-style:italic">GNUTLS_PK_RSA</span>, <span style="color:rgb(0,0,255)">2048</span>, <span style="color:rgb(0,0,255)">0</span>);<br>gnuErr = gnutls_x509_crt_set_dn (crt, <span style="color:rgb(0,128,0);font-weight:bold">"O=test,CN=test"</span>, <span style="color:rgb(31,84,46);font-weight:bold">NULL</span>);<br>gnuErr = gnutls_x509_crt_set_key(crt, privKey);<br>gnutls_x509_crt_set_version(crt, <span style="color:rgb(0,0,255)">3</span>);<br><span style="color:rgb(0,0,128);font-weight:bold">int </span>serialNumber = rand();<br>gnuErr = gnutls_x509_crt_set_serial(crt, &serialNumber, <span style="color:rgb(0,0,128);font-weight:bold">sizeof</span>(<span style="color:rgb(0,0,128);font-weight:bold">int</span>));<br><br><span style="color:rgb(128,128,128);font-style:italic">//Here is the problem<br></span><span style="color:rgb(55,31,128)">gnutls_pubkey_t </span>pubKey;<br>gnuErr = gnutls_pubkey_init(&pubKey);<br>gnuErr = gnutls_pubkey_import_x509(pubKey, crt,<span style="color:rgb(0,0,255)">0 </span>);<br><span style="color:rgb(0,0,128);font-weight:bold">unsigned char </span>test[<span style="color:rgb(0,0,255)">20</span>]; <span style="color:rgb(128,128,128);font-style:italic">// Normally 20 bytes (SHA1)<br></span><span style="color:rgb(55,31,128)">size_t </span>size = <span style="color:rgb(0,0,128);font-weight:bold">sizeof</span>(test);<br><span style="color:rgb(128,128,128);font-style:italic">//Here I am getting the hash of the private key <br></span>gnuErr = gnutls_pubkey_get_key_id(pubKey, <span style="color:rgb(0,0,255)">0</span>, test, &size);<br>gnuErr = gnutls_x509_crt_set_subject_key_id(crt, test, size);</pre><pre style="background-color:rgb(255,255,255);color:rgb(0,0,0);font-family:"DejaVu Sans Mono"">//....</pre><pre style="background-color:rgb(255,255,255);color:rgb(0,0,0);font-family:"DejaVu Sans Mono"">Regards,
ckmk14</pre></div></div>