[Help-gnutls] Re: Really I can not understand nothing of SSL...
Simon Josefsson
jas at extundo.com
Tue Aug 9 13:13:19 CEST 2005
Fran <e_agf at yahoo.es> writes:
> What need a stupid programmer like me here?
> It's easy:
> - Extract the visible parameters, like serial, CN, Issuer, etc... (real
> world)
> Why?
> Common name and serial identify a certificate ->> Identify an user.
>
> Which is the problem?, if I make a struct to store visible parameters, I
> do not known sizeof(serial). Could be store in hexadecimal number, but
> hexadecimal number is very difficult to manage. (The limit is in the
> sky)
There are many options, but the most flexible is probably to use a
real bignum library. There is one in libgcrypt, which GnuTLS uses.
>> gnutls_x509_crt_get_serial (cert, serial, &serial_size) >= 0)
>
> Isn't hexadecimal, decimal.
>
> 1,844674407 E19 /* puuufff */
> X509_useful.serial = strtoll (raw_to_string (serial, serial_size), NULL,
> 10); /* bug, bug,bug, if expected size > 2^64 */
Right, strtoll will only work for small integers.
>>If this is important for you, please propose a patch for
>> inclusion.
>
> Time ago I sent you some ideas, about other things >> trash.
If I don't have time to implement ideas, I try to write them down into
TODO. Are your ideas in there? Code, on the other hand, doesn't
write itself...
Cheers,
Simon
More information about the Gnutls-help
mailing list