[Help-gnutls] Re: CRQ signing error
Simon Josefsson
simon at josefsson.org
Tue Apr 15 06:30:20 CEST 2008
"John Brooks" <aspecialj at gmail.com> writes:
> After lots of tinkering, i've solved the problem. It seems to fail if
> gnutls_x509_crq_set_version isn't called - although the error is rather
> cryptic.
Right. I've improved the documentation for the function:
http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commitdiff;h=4622926ab3685c76e83a22e6ac1f887ebabc985f
Possibly the code could have done this for you, the version field is
always 0 in practice anyway... yes, I installed this:
http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commitdiff;h=fe8027decd0a46952c81bb9b5e1a16ad3e8da616
Thanks,
Simon
> Thanks anyway :P
>
> On Mon, Apr 14, 2008 at 7:08 PM, John Brooks <aspecialj at gmail.com> wrote:
>
>> I'm attempting to generate a certificate request with just a common name,
>> and it seems that gnutls_x509_crq_sign2 is giving me
>> GNUTLS_E_ASN1_VALUE_NOT_FOUND; i'm not sure what to do about that. As far as
>> I can see, my code is consistent with the docs and examples. Any pointers on
>> where this is incorrect?
>>
>> if ((re = gnutls_x509_crq_init(&req)) != 0)
>> {
>> gnutls_x509_privkey_deinit(key);
>> return re;
>> }
>>
>> if ((re = gnutls_x509_crq_set_dn_by_oid(req,
>> GNUTLS_OID_X520_COMMON_NAME, 0, dn, strlen(dn))) != 0)
>> {
>> gnutls_x509_crq_deinit(req);
>> gnutls_x509_privkey_deinit(key);
>> return re;
>> }
>>
>> if ((re = gnutls_x509_crq_set_key(req, key)) != 0)
>> {
>> gnutls_x509_crq_deinit(req);
>> gnutls_x509_privkey_deinit(key);
>> return re;
>> }
>>
>> // This is where the error occurs
>> if ((re = gnutls_x509_crq_sign2(req, key, GNUTLS_DIG_SHA1, 0)) !=
>> 0)
>> {
>> gnutls_x509_crq_deinit(req);
>> gnutls_x509_privkey_deinit(key);
>> return re;
>> }
>>
>> if ((re = gnutls_x509_crq_export(req, GNUTLS_X509_FMT_PEM, buf,
>> bufsz)) != 0)
>> {
>> gnutls_x509_crq_deinit(req);
>> gnutls_x509_privkey_deinit(key);
>> return re;
>> }
>>
>> Thanks ;)
>> --
>> - John
>
>
>
>
> --
> - John
> _______________________________________________
> Help-gnutls mailing list
> Help-gnutls at gnu.org
> http://lists.gnu.org/mailman/listinfo/help-gnutls
More information about the Gnutls-help
mailing list