Next: Verifying X.509 certificate paths, Previous: X.509 extensions, Up: X.509 certificates [Contents][Index]
Each X.509 certificate contains a public key that corresponds to a private key. To
get a unique identifier of the public key the gnutls_x509_crt_get_key_id
function is provided. To export the public key or its parameters you may need
to convert the X.509 structure to a gnutls_pubkey_t. See
Abstract public keys for more information.
crt: Holds the certificate
flags: should be one of the flags from gnutls_keyid_flags_t
output_data: will contain the key ID
output_data_size: holds the size of output_data (and will be replaced by the actual size of parameters)
This function will return a unique ID that depends on the public key parameters. This ID can be used in checking whether a certificate corresponds to the given private key.
If the buffer provided is not long enough to hold the output, then *output_data_size is updated and GNUTLS_E_SHORT_MEMORY_BUFFER will be returned. The output will normally be a SHA-1 hash output, which is 20 bytes.
Returns: In case of failure a negative error code will be returned, and 0 on success.
The private key parameters may be directly accessed by using one of the following functions.
int gnutls_x509_privkey_get_pk_algorithm2 (gnutls_x509_privkey_t key, unsigned int * bits)int gnutls_x509_privkey_export_rsa_raw2 (gnutls_x509_privkey_t key, gnutls_datum_t * m, gnutls_datum_t * e, gnutls_datum_t * d, gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * u, gnutls_datum_t * e1, gnutls_datum_t * e2)int gnutls_x509_privkey_export_ecc_raw (gnutls_x509_privkey_t key, gnutls_ecc_curve_t * curve, gnutls_datum_t * x, gnutls_datum_t * y, gnutls_datum_t * k)int gnutls_x509_privkey_export_dsa_raw (gnutls_x509_privkey_t key, gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * g, gnutls_datum_t * y, gnutls_datum_t * x)int gnutls_x509_privkey_get_key_id (gnutls_x509_privkey_t key, unsigned int flags, unsigned char * output_data, size_t * output_data_size)Next: Verifying X.509 certificate paths, Previous: X.509 extensions, Up: X.509 certificates [Contents][Index]