gnutls_certificate_set_rawpk_key_mem - Linux
Overview
gnutls_certificate_set_rawpk_key_mem sets a raw public key with the given certificate. It is designed to be used in scenarios where the certificate requires an unencrypted public key for authentication purposes.
Syntax
gnutls_certificate_set_rawpk_key_mem(cert, type, curve, key, size)
Options/Flags
- cert: The certificate to modify.
- type: The type of public key to set. Possible values include:
GNUTLS_PK_RSA: RSA public keyGNUTLS_PK_EC: Elliptic curve public key
- curve: For elliptic curve keys, specifies the curve to use. Possible values include:
GNUTLS_PK_CURVE_SECP256R1GNUTLS_PK_CURVE_SECP384R1GNUTLS_PK_CURVE_SECP521R1
- key: The actual public key data in memory.
- size: The size of the public key in bytes.
Examples
Setting an RSA public key:
#include <gnutls/gnutls.h>
int main() {
gnutls_certificate_t cert;
gnutls_certificate_init(&cert);
const unsigned char key[] = {0x30, ...}; // Actual RSA public key data
gnutls_certificate_set_rawpk_key_mem(cert, GNUTLS_PK_RSA, 0, key, sizeof(key));
// Use the certificate for TLS/SSL communication
gnutls_certificate_deinit(cert);
return 0;
}
Setting an elliptic curve public key:
#include <gnutls/gnutls.h>
int main() {
gnutls_certificate_t cert;
gnutls_certificate_init(&cert);
const unsigned char key[] = {0x30, ...}; // Actual EC public key data
gnutls_certificate_set_rawpk_key_mem(cert, GNUTLS_PK_EC, GNUTLS_PK_CURVE_SECP256R1, key, sizeof(key));
// Use the certificate for TLS/SSL communication
gnutls_certificate_deinit(cert);
return 0;
}
Common Issues
Make sure the public key data is correct and in the correct format. Improperly formatted or invalid keys will cause errors.
Integration
gnutls_certificate_set_rawpk_key_mem is often used in conjunction with other GnuTLS functions for establishing encrypted connections. It can be combined with gnutls_certificate_set_issuer_raw to create a self-signed certificate.
Related Commands
gnutls_certificate_set_rawpk_key_file: Sets a raw public key from a file.gnutls_certificate_set_issuer_raw: Sets the raw data for the certificate issuer.gnutls_session_set_certificate: Sets the certificate to use for a GnuTLS session.