[gnutls-devel] [PATCH] add pubkey export from private key in pkcs11 subsystem
Nikos Mavrogiannopoulos
nmav at gnutls.org
Wed Aug 6 15:59:18 CEST 2014
>>>> gnutls_pkcs11_privkey_get_pubkey (const char* url, gnutls_pk_algorithm_t pk,
>>>> gnutls_x509_crt_fmt_t fmt,
>>>> gnutls_datum_t * pubkey,
>>>> unsigned int flags)
>>> The pk parameter looks a bit awkward. Wouldn't it be straightforward
>>> to omit it, and use gnutls_pkcs11_privkey_get_pk_algorithm() to obtain
>>> it on demand?
>> I changed it accordingly. Furthermore, I added the functionality to
>> p11tool. See the attached patches.
After some consideration I modified the prototype to accept a
gnutls_pkcs11_privkey_t instead of directly the URL. That would ease
usage when a private key is already imported, at a small inconvenience
otherwise. The new prototype being (renamed to export for
consistency):
int
gnutls_pkcs11_privkey_export_pubkey (gnutls_pkcs11_privkey_t pkey,
gnutls_x509_crt_fmt_t fmt,
gnutls_datum_t * pubkey,
unsigned int flags);
regards,
Nikos
More information about the Gnutls-devel
mailing list