[gnutls-devel] GnuTLS | WIP: RFC7250 Raw public keys (!650)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Sun Sep 16 18:36:06 CEST 2018

Tom commented on a discussion on lib/includes/gnutls/gnutls.h.in:

>  			        unsigned idx,
>  			        gnutls_datum_t * response);
> +/* RAW public key functions (RFC7250) */
> +#ifdef ENABLE_RAWPK
> +int gnutls_certificate_set_rawpk_keypair(gnutls_certificate_credentials_t cred,

`gnutls_certificate_set_key` has different arguments. First of all, when using raw pk we don't need to set any names so we can skip those args completely. Secondly, `gnutls_certificate_set_key` accepts a pointer to a pcert struct (i.e. a list of pcerts) and a privkey_t whereas `gnutls_certificate_set_rawpk_keypair` accepts a pubkey_t and a privkey_t. When using raw pk you never have a pcert list because there is no cert chain. You always set exactly one key pair. So I think these functions are different enough to have them both. What do you think?

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/650#note_101686730
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20180916/470c0383/attachment.html>

More information about the Gnutls-devel mailing list