[gnutls-devel] Moving away from the RSA-export API

Ludovic Courtès ludo at gnu.org
Wed Mar 5 14:06:51 CET 2014

Nikos Mavrogiannopoulos <nmav at gnutls.org> skribis:

> On Wed, Mar 5, 2014 at 12:26 AM, Ludovic Courtès <ludo at gnu.org> wrote:
>> Hello,
>> The inadvertent removal of the --disable-rsa-export configure option led
>> to test failures in the Guile bindings [0], which made me realize that
>> this is actually a deprecated API.
>> However, the Guile bindings use (e.g., tests/x509-auth.scm), export, and
>> document (e.g., the OpenPGP example in the manual) this API.
>> What would be the recommended way to upgrade?
> Deprecate it as well? Binary compatibility will remain, but these
> functions are defunc anyway.

And replace it with gnutls_x509_privkey, right?

The equivalence between rsa_params and x509_privkey alluded to in NEWS
doesn’t seem natural at first sight, because RSA parameters and X.509
private keys are different things.

Or am I missing something?

>> [0] https://lists.gnu.org/archive/html/guix-devel/2014-03/msg00027.html
> Does gnutls fix that issue?

I think so, though I had just fixed it differently in the meantime:



More information about the Gnutls-devel mailing list