Hi all,
In crypto/x509/x509.h header i can see th following:
typedef struct x509_cert_aux_st
{
STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */
STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */
ASN1_UTF8STRING *alias; /* "friendly name" */
ASN1_OCTET_STRING *keyid; /* key id of private key */
STACK_OF(X509_ALGOR) *other; /* other unspecified info */
} X509_CERT_AUX;
and in crypto/pkcs12/p12_crt.c file i read:
in function PKCS12 *PKCS12_create ( .EVP_PKEY *pkey, X509 *cert...) {
...
if (pkey && cert)
{
if(!X509_check_private_key(cert, pkey))
return NULL;
X509_digest(cert, EVP_sha1(), keyid, &keyidlen);
}
if (cert)
{
bag = PKCS12_add_cert(&bags, cert);
if(name && !PKCS12_add_friendlyname(bag, name, -1))
goto err;
if(keyidlen && !PKCS12_add_localkeyid(bag, keyid, keyidlen))
goto err;
}
...
}
So i understand that the "key id" is a hash of the X.509 cert and it is not
something related to the private key (except that the cert includes the
exponent and the modulus of the private key).
If i did not make mistake, the X509_digest is just ASN1_digest of an ASN1
convertion of the X509 cert.
Is there a way to get (or compute) this value from my private key?
Maybe i missed something ... ;(
Is there another part of the code where a hash of the private key is put in the
key_id?
Could someone put some light on this??
thanks in advance
regards,
Fred
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
