[gnutls-devel] [PATCH 1/2] enable --inder for certtool --dh-info

Daniel Kahn Gillmor dkg at fifthhorseman.net
Fri Nov 8 00:20:39 CET 2013


certtool --dh-info is unable to read DER-encoded DH parameters without
this patch.
---
 src/certtool-args.def | 2 +-
 src/certtool-common.c | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/certtool-args.def b/src/certtool-args.def
index 767bd14..30cfb7d 100644
--- a/src/certtool-args.def
+++ b/src/certtool-args.def
@@ -309,7 +309,7 @@ flag = {
 
 flag = {
     name      = inder;
-    descrip   = "Use DER format for input certificates and private keys";
+    descrip   = "Use DER format for input certificates, private keys, and DH parameters ";
     disabled;
     disable   = "no";
     doc       = "The input files will be assumed to be in DER or RAW format. 
diff --git a/src/certtool-common.c b/src/certtool-common.c
index 1799250..e51a6c8 100644
--- a/src/certtool-common.c
+++ b/src/certtool-common.c
@@ -897,7 +897,7 @@ void dh_info (FILE* infile, FILE* outfile, common_info_st * ci)
   params.size = size;
 
   ret =
-    gnutls_dh_params_import_pkcs3 (dh_params, &params, GNUTLS_X509_FMT_PEM);
+    gnutls_dh_params_import_pkcs3 (dh_params, &params, ci->incert_format);
   if (ret < 0)
     {
       fprintf (stderr, "Error parsing dh params: %s\n", gnutls_strerror (ret));
-- 
1.8.4.rc3




More information about the Gnutls-devel mailing list