[gnutls-devel] Moving away from the RSA-export API

Ludovic Courtès ludo at gnu.org
Wed Mar 5 14:06:51 CET 2014


Nikos Mavrogiannopoulos <nmav at gnutls.org> skribis:

> On Wed, Mar 5, 2014 at 12:26 AM, Ludovic Courtès <ludo at gnu.org> wrote:
>> Hello,
>> The inadvertent removal of the --disable-rsa-export configure option led
>> to test failures in the Guile bindings [0], which made me realize that
>> this is actually a deprecated API.
>> However, the Guile bindings use (e.g., tests/x509-auth.scm), export, and
>> document (e.g., the OpenPGP example in the manual) this API.
>> What would be the recommended way to upgrade?
>
> Deprecate it as well? Binary compatibility will remain, but these
> functions are defunc anyway.

And replace it with gnutls_x509_privkey, right?

The equivalence between rsa_params and x509_privkey alluded to in NEWS
doesn’t seem natural at first sight, because RSA parameters and X.509
private keys are different things.

Or am I missing something?

>> [0] https://lists.gnu.org/archive/html/guix-devel/2014-03/msg00027.html
>
> Does gnutls 3.2.12.1 fix that issue?

I think so, though I had just fixed it differently in the meantime:

  http://git.savannah.gnu.org/cgit/guix.git/commit/?id=9b521a678b6a9bb1e27d7379f70e467ececbe6d1

Thanks,
Ludo’.



More information about the Gnutls-devel mailing list