Re: Question regarding `X509_PUBKEY` and ASN.1 SubjectPublicKeyInfo.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I see. Thank you very much for your prompt reply.

- thomas

On Wed, Feb 7, 2024 at 12:13 PM Matt Caswell <matt@xxxxxxxxxxx> wrote:


On 07/02/2024 10:43, Thomas Bailleux wrote:
> Hello OpenSSL,
>
> I'm working on a program that generates pairs of keys and then writes
> the**ASN.1 encoded SubjectPublicKeyInfo (RFC 5280[1]) to a file.
>
> I turned to API `X509_PUBKEY`, and especially `X509_PUBKEY_set`[2],
> which seems to do the trick by taking an `EVP_PKEY` object that contains
> the public key:
>
>     The X509_PUBKEY structure represents the ASN.1 SubjectPublicKeyInfo
>     structure defined in RFC5280 and used in certificates and
>     certificate requests.
>
>
> However, I'm kind of lost when it comes to encoding it to an ASN.1 document.
> The documentation states the following:
>
>     i2d_PUBKEY() encodes an *EVP_PKEY* structure using
>     *SubjectPublicKeyInfo* format.
>
>
> So it seems that I can use `i2d_PUBKEY` with an `EVP_PKEY` directly
> without having to deal with an intermediate `X509_PUBKEY` object.
> However, `i2d_X509_PUBKEY` also exists but it doesn't have a dedicated
> manpage (only the generic manpage[3] about encoding/decoding from/to ASN.1).
>
> My question is: which one should I use?

Either should be fine - but i2d_PUBKEY() is usually more convenient
because it does not require you to go through the intermediate
X509_PUBKEY structure.

Matt


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux