Nate Nielsen <[EMAIL PROTECTED]> writes: > There are several functions in x509.h to decompose or retrieve parts of > the subject and issuer of a certificate. > > I need to be able to retrieve the full DER encoded subject from a > gnutls_x509_crt_t (for use in a PKCS#11 module). Any idea how I would go > about it? I'm sure that there's a painfully obvious solution that I've > missed...
There is _gnutls_x509_crt_get_raw_dn, but it is not part of the official API. I suspect it isn't possible to easily do what you want right now. Unless someone can think of a better approach, I think we should make that function an official API function. Does that sounds OK? <rant>Btw, I think we should move the gnutls-x509 stuff into a separate library, and make things more modular... I'm not sure it makes sense for GnuTLS to implement all of X.509 internally. The first step to replacing the X.509 functions in GnuTLS with an external X.509 library would be to make it more modular. This is a lot of work, though... /Simon _______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
