[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: "known in advance" public key authentication?
From: |
Ilari Liusvaara |
Subject: |
Re: "known in advance" public key authentication? |
Date: |
Wed, 7 Nov 2012 17:35:00 +0200 |
User-agent: |
Mutt/1.5.21 (2010-09-15) |
On Wed, Nov 07, 2012 at 09:33:23PM +0700, Ivan Shmakov wrote:
> Hence, the question is: is there a way to specify the local key
> pair and the remote public key to GnuTLS “directly”, just prior
> to connecting the remote?
I implemented about half of that (client that ever connects to one
server, so it hardcodes its public key instead of messing with certs).
The outgoing key and certificate are set the same way self-signed
or not.
I don't know a way to specify expected public key. Instead,
in the code I wrote, I extract the certificate and then check the
key:
- gnutls_certificate_get_peers
- gnutls_x509_crt_import (index 0)
- gnutls_x509_crt_get_pk_algorithm
- gnutls_x509_crt_get_pk_rsa_raw / gnutls_x509_crt_get_pk_dsa_raw
The same thing should work on the server end.
-Ilari
- Re: "known in advance" public key authentication?, (continued)
- Re: "known in advance" public key authentication?, Daniel Kahn Gillmor, 2012/11/07
- Re: "known in advance" public key authentication?, Ivan Shmakov, 2012/11/07
- Re: "known in advance" public key authentication?, Daniel Kahn Gillmor, 2012/11/07
- Re: "known in advance" public key authentication?, Nikos Mavrogiannopoulos, 2012/11/07
- Re: "known in advance" public key authentication?, Ivan Shmakov, 2012/11/11
- Re: "known in advance" public key authentication?, Nikos Mavrogiannopoulos, 2012/11/13
- Re: "known in advance" public key authentication?, Ivan Shmakov, 2012/11/13
- Re: "known in advance" public key authentication?, Nikos Mavrogiannopoulos, 2012/11/14
- Re: "known in advance" public key authentication?, Ivan Shmakov, 2012/11/19
Re: "known in advance" public key authentication?, Ivan Shmakov, 2012/11/07
Re: "known in advance" public key authentication?,
Ilari Liusvaara <=
Re: "known in advance" public key authentication?, Florian Weimer, 2012/11/07
Re: "known in advance" public key authentication?, Ivan Shmakov, 2012/11/07