|
| From: | Mads Kiilerich |
| Subject: | Working around wrong algorithm specification in certificates |
| Date: | Tue, 20 Jul 2010 01:14:33 +0200 |
| User-agent: | Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.4) Gecko/20100624 Fedora/3.1-1.fc13 Thunderbird/3.1 |
HiI am trying to use GnuTLS in an application where I for interoperability need to read the public key of x509 certificates.
But gnutls_x509_crt_get_pk_rsa_raw fails - because gnutls_x509_crt_get_pk_algorithm returns GNUTLS_PK_UNKNOWN, because the public key oid is SIG_RSA_MD5_OID 1.2.840.113549.1.1.4 instead of the PK_PKIX1_RSA_OID 1.2.840.113549.1.1.1 it should have been.
Do you have any idea how I can workaround that? In NSS and openssl it is possible to patch the parsed cert, but it seems like that isn't possible with GnuTLS?
What would be the least ugly hack I can use? To somehow call asn1_write_value to set the right OID? Or _gnutls_x509_read_value and _gnutls_x509_read_rsa_params ?
/Mads
| [Prev in Thread] | Current Thread | [Next in Thread] |