On 03/06/2019 16:40, Daniel Pedraza wrote: > Hi guys! > > I'm trying to upgrade an old C project from OpenSSL 1.0.2 to the newest 1.1.1 > version. Everything's going smoothly, except for one little detail: > > There's a part of the code where we're doing a sha256 hash of the public key of > our certificate. On the older OpenSSL, we were able to get the public key by > doing cert->cert_info->key->public_key->data. On the newer version, we no longer > have access to the cert_info struct. > > I tried doing: > > EVP_PKEY * public_key = X509_get0_pubkey(cert); > > this gives me an EVP_PKEY value, which I tried to convert to a char** by doing this: > > unsigned char *buf, *p; > int len = i2d_PublicKey(public_key, NULL); > buf = OPENSSL_malloc(len); > p = buf; > i2d_PublicKey(public_key, &p); > > This gives me a buffer with the correct length, but it seems like it has > different data from what the public_key->data used to give me. > > Granted, I am not very savvy with OpenSSL, or with ssl in general, so maybe I'm > doing something wrong/dumb? I've spent a fair bit of time on the > documentation/wiki but I can´t seem to find the answer. Seems to me like this > should be something very straightforward? > > Any help would be v much appreciated Probably what you want is the X509_get0_pubkey_bitstr() function. This gives you the data as an ASN1_BIT_STRING structure (i.e. what used to be accessible as cert->cert_info->key->public_key). Matt
