[gnutls-devel] [PATCH] add pubkey export from private key in pkcs11 subsystem

Nikos Mavrogiannopoulos nmav at gnutls.org
Wed Aug 6 15:18:51 CEST 2014


Thank you. Applied.

On Wed, Aug 6, 2014 at 2:34 PM, Wolfgang Meyer zu Bergsten
<w.bergsten at sirrix.com> wrote:
> Hello
>
> Am 05.08.2014 13:52, schrieb Nikos Mavrogiannopoulos:
>> On Mon, Aug 4, 2014 at 3:25 PM, Wolfgang Meyer zu Bergsten
>> <w.bergsten at sirrix.com> wrote:
>>> Hello,
>>> there are cases where we need to export the public key of private
>>> key at a later time. Previously, the public key was only available
>>> immediately after creation of a key pair. This patch allows to
>>> retrieve the public key of a private key at any time after
>>> creation.
>>
>> Hello,
>>  That's a nice functionality and it would allow
>> _gnutls_privkey_get_mpis() work for pkcs11 private keys as well.
>>
>>> int
>>> gnutls_pkcs11_privkey_get_pubkey (const char* url, gnutls_pk_algorithm_t pk,
>>>                                  gnutls_x509_crt_fmt_t fmt,
>>>                                  gnutls_datum_t * pubkey,
>>>                                  unsigned int flags)
>>
>> The pk parameter looks a bit awkward. Wouldn't it be straightforward
>> to omit it, and use gnutls_pkcs11_privkey_get_pk_algorithm() to obtain
>> it on demand?
>
> I changed it accordingly. Furthermore, I added the functionality to
> p11tool. See the attached patches.
>
> regards
> Wolfgang



More information about the Gnutls-devel mailing list