Subrata Mazumdar wrote:
Hi,is there any way I can find the certificate associated with a public key usingthe SubjectPublicKeyInfo (CERTSubjectPublicKeyInfo)?I am looking for public API and not too low level.I looked in the .../nss/certdb/cert.h and .../nss/pk11wrap/pk11pub.h files - couldn't find anything appropriate.Also, is there anyway I can find the private key using info in SubjectPublicKeyInfo if the related private key exists in the key DB? If I can find the private key then I can use PK11_GetCertFromPrivateKey() method to find the related cert.
Sigh, Certificates are indexed by public key (which is what's in a SPKI structure), at least not directly.
Private Keys have a potential index (the CKA_ID value is often a hash of a unique compenent of the public key), but that's not guarrenteed.
Probably the best what is to use PK11_TraverseSlotCerts and compare the cert's SPKI with your SPKI. Not really the best way if you need to do this a lot.
You could also use PK11_ListCerts, looking for just the user certs, which should give you a smaller list than PK11_TraverseSlotCerts.
bob
Thanks. -- Subrata _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
