diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-11-07 18:55:25 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-11-07 18:55:25 +0100 |
| commit | 9c167df34a227c6f87a8e138b80c87b12095bd89 (patch) | |
| tree | 280893d0e985f3d5dc7950635256cd82f968c0f1 | |
| parent | ba1005c5e613297c24191e36c4300a96f91c0082 (diff) | |
| download | gnutls-9c167df34a227c6f87a8e138b80c87b12095bd89.tar.gz | |
doc update
| -rw-r--r-- | doc/cha-cert-auth.texi | 16 | ||||
| -rw-r--r-- | doc/cha-tokens.texi | 6 |
2 files changed, 20 insertions, 2 deletions
diff --git a/doc/cha-cert-auth.texi b/doc/cha-cert-auth.texi index e379e69a7f..168b10639a 100644 --- a/doc/cha-cert-auth.texi +++ b/doc/cha-cert-auth.texi @@ -87,6 +87,7 @@ acceptable. The framework is illustrated on @ref{fig:x509}. * X.509 certificate structure:: * Importing an X.509 certificate:: * X.509 distinguished names:: +* X.509 public and private keys:: * Verifying X.509 certificate paths:: * Verifying a certificate in the context of TLS session:: @end menu @@ -240,6 +241,21 @@ of the issuer of the certificate. @showfuncD{gnutls_x509_crt_get_issuer_dn,gnutls_x509_crt_get_issuer_dn_by_oid,gnutls_x509_crt_get_issuer_dn_oid,gnutls_x509_crt_get_issuer} +@node X.509 public and private keys +@subsection Accessing public and private keys + +Each X.509 certificate contains a public key that corresponds to a private key. To +get a unique identifier of the public key the @funcref{gnutls_x509_crt_get_key_id} +function is provided. To export the public key or its parameters you may need +to convert the X.509 structure to a @code{gnutls_pubkey_t}. See +@ref{Abstract public keys} for more information. + +@showfuncdesc{gnutls_x509_crt_get_key_id} + +The private key parameters may be directly accessed by using one of the following functions. + +@showfuncE{gnutls_x509_privkey_get_pk_algorithm2,gnutls_x509_privkey_export_rsa_raw2,gnutls_x509_privkey_export_ecc_raw,gnutls_x509_privkey_export_dsa_raw,gnutls_x509_privkey_get_key_id} + @node Verifying X.509 certificate paths @subsection Verifying @acronym{X.509} certificate paths @cindex verifying certificate paths diff --git a/doc/cha-tokens.texi b/doc/cha-tokens.texi index ad61b152b9..e6d3fe4c62 100644 --- a/doc/cha-tokens.texi +++ b/doc/cha-tokens.texi @@ -69,9 +69,9 @@ sequence. @showfuncC{gnutls_pubkey_import_x509,gnutls_pubkey_import_openpgp,gnutls_pubkey_import_pkcs11} -@showfuncC{gnutls_pubkey_import_url,gnutls_pubkey_import_privkey,gnutls_pubkey_import} +@showfuncD{gnutls_pubkey_import_url,gnutls_pubkey_import_privkey,gnutls_pubkey_import,gnutls_pubkey_export} -@showfuncB{gnutls_pubkey_export,gnutls_pubkey_export2} +@showfuncdesc{gnutls_pubkey_export2} Other helper functions that allow directly importing from raw X.509 or OpenPGP structures are shown below. @@ -90,7 +90,9 @@ key fingerprint would provide a memorable sketch. @showfuncD{gnutls_pubkey_get_pk_algorithm,gnutls_pubkey_get_preferred_hash_algorithm,gnutls_pubkey_get_key_id,gnutls_random_art} +To export the key-specific parameters, or obtain a unique key ID the following functions are provided. +@showfuncD{gnutls_pubkey_get_pk_rsa_raw,gnutls_pubkey_get_pk_dsa_raw,gnutls_pubkey_get_pk_ecc_raw,gnutls_pubkey_get_pk_ecc_x962} @node Abstract private keys @subsection Private keys |