On Tue, Jul 20, 2010 at 1:14 AM, Mads Kiilerich<address@hidden> wrote:
Hi
I am trying to use GnuTLS in an application where I for interoperability
need to read the public key of x509 certificates.
But gnutls_x509_crt_get_pk_rsa_raw fails - because
gnutls_x509_crt_get_pk_algorithm returns GNUTLS_PK_UNKNOWN, because the
public key oid is SIG_RSA_MD5_OID 1.2.840.113549.1.1.4 instead of the
PK_PKIX1_RSA_OID 1.2.840.113549.1.1.1 it should have been.
Do you have any idea how I can workaround that? In NSS and openssl it is
possible to patch the parsed cert, but it seems like that isn't possible
with GnuTLS?
Do you want to fix the certificate or just read it? If you want to
read it open gnutls_algorithms.c and add an extra entry to
pk_algorithms structure for RSA with the OID you describe. Then you
should be able to read the key. If you want to "fix" it I think this
is as easy as regenerating it.