Hi John: On March 11, 2009 03:10:47 pm Larson, John wrote: > Hi all, > > > > As the subject says I'm grabbing a public key from a PEMK encoded X509 > cert and I compute the SHA-1 hash over this to create a signer id. This > is done by using PEM_read_X509 to read the PEM cert into an x509 struct, > using X509_get_pubkey to obtain the public key as an EVP_PKEY from the > x509 struct and finally using i2d_PUBKEY to take the EVP_PKEY and > convert it to DER format. > Just out of curiousity, why not use the SKI and/or AKI values that are supposed to be in any RFC3280/RFC5280 compliant certificate?
Sounds to me that that would give you a simpler way to accomplish what you are trying to do. Have fun. -- Patrick Patterson President and Chief PKI Architect, Carillon Information Security Inc. http://www.carillon.ca ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
