[gnutls-devel] [PATCH] add pubkey export from private key in pkcs11 subsystem
Nikos Mavrogiannopoulos
nmav at gnutls.org
Tue Aug 5 13:52:49 CEST 2014
On Mon, Aug 4, 2014 at 3:25 PM, Wolfgang Meyer zu Bergsten
<w.bergsten at sirrix.com> wrote:
> Hello,
> there are cases where we need to export the public key of private
> key at a later time. Previously, the public key was only available
> immediately after creation of a key pair. This patch allows to
> retrieve the public key of a private key at any time after
> creation.
Hello,
That's a nice functionality and it would allow
_gnutls_privkey_get_mpis() work for pkcs11 private keys as well.
> int
> gnutls_pkcs11_privkey_get_pubkey (const char* url, gnutls_pk_algorithm_t pk,
> gnutls_x509_crt_fmt_t fmt,
> gnutls_datum_t * pubkey,
> unsigned int flags)
The pk parameter looks a bit awkward. Wouldn't it be straightforward
to omit it, and use gnutls_pkcs11_privkey_get_pk_algorithm() to obtain
it on demand?
regards,
Nikos
More information about the Gnutls-devel
mailing list