mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-01-26 21:22:19 +01:00
f2e6f49721
As per https://datatracker.ietf.org/doc/html/rfc7250#section-3 Figure 1, the RPK is a single ASN.1_subjectPublicKeyInfo, whereas X509 certificates etc. are transmitted as a certificate list (even if there is only 1). This is for (D)TLS1.2 transfers, and this PR fixes this. As per https://datatracker.ietf.org/doc/html/rfc8446#section-4.4.2 all certificates (both RPK and Z509) are transferred using a certificate list. Update examples client to support RPK certificates. For testing:- Server: $ gnutls-serv --http --x509fmtder --priority NORMAL:+CTYPE-CLI-RAWPK:+CTYPE-SRV-RAWPK --rawpkfile certs/server-keyPub.der --rawpkkeyfile certs/server-key.der Client: $ examples/client/client -g -p 5556 -c certs/client-keyPub.der -k certs/client-key.der --rpk --files-are-der