[gnutls-devel] Speedup idea...

Nikos Mavrogiannopoulos n.mavrogiannopoulos at gmail.com
Fri Aug 5 16:46:50 CEST 2016


On Fri, Aug 5, 2016 at 4:23 PM, Tim Ruehsen <tim.ruehsen at gmx.de> wrote:
>> > Doing the same in GnuTLS certtool fails (but I am close:).
>> > The 'subject' in OpenSSL (same cert) has 95 bytes and looks slightly
>> > different than what GnuTLS gives me (97 bytes).
>>
>> Did you try using gnutls_x509_crt_get_raw_dn() or the issuer equivalent?
>
> P11-kit has the code, though I have no idea if p11-kit uses these hashes to
> find the CA certs from the servers certs received during handshake.

It uses it, to general the certificate dir the way openssl expects it.

> I am clueless, if anything else is needed. I guess, GnuTLS doesn't need an API
> for that... but how do I convert GnuTLS structures into p11-kit structures to
> use p11 API directly ?

Could you be more specific? What would you like to convert?

regards,
Nikos



More information about the Gnutls-devel mailing list