I see. Thank you very much for your prompt reply.
- thomas
On Wed, Feb 7, 2024 at 12:13 PM Matt Caswell <matt@xxxxxxxxxxx> wrote:
On 07/02/2024 10:43, Thomas Bailleux wrote:
> Hello OpenSSL,
>
> I'm working on a program that generates pairs of keys and then writes
> the**ASN.1 encoded SubjectPublicKeyInfo (RFC 5280[1]) to a file.
>
> I turned to API `X509_PUBKEY`, and especially `X509_PUBKEY_set`[2],
> which seems to do the trick by taking an `EVP_PKEY` object that contains
> the public key:
>
> The X509_PUBKEY structure represents the ASN.1 SubjectPublicKeyInfo
> structure defined in RFC5280 and used in certificates and
> certificate requests.
>
>
> However, I'm kind of lost when it comes to encoding it to an ASN.1 document.
> The documentation states the following:
>
> i2d_PUBKEY() encodes an *EVP_PKEY* structure using
> *SubjectPublicKeyInfo* format.
>
>
> So it seems that I can use `i2d_PUBKEY` with an `EVP_PKEY` directly
> without having to deal with an intermediate `X509_PUBKEY` object.
> However, `i2d_X509_PUBKEY` also exists but it doesn't have a dedicated
> manpage (only the generic manpage[3] about encoding/decoding from/to ASN.1).
>
> My question is: which one should I use?
Either should be fine - but i2d_PUBKEY() is usually more convenient
because it does not require you to go through the intermediate
X509_PUBKEY structure.
Matt
