Hi all, In crypto/x509/x509.h header i can see th following:
typedef struct x509_cert_aux_st { STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */ STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */ ASN1_UTF8STRING *alias; /* "friendly name" */ ASN1_OCTET_STRING *keyid; /* key id of private key */ STACK_OF(X509_ALGOR) *other; /* other unspecified info */ } X509_CERT_AUX; and in crypto/pkcs12/p12_crt.c file i read: in function PKCS12 *PKCS12_create ( .EVP_PKEY *pkey, X509 *cert...) { ... if (pkey && cert) { if(!X509_check_private_key(cert, pkey)) return NULL; X509_digest(cert, EVP_sha1(), keyid, &keyidlen); } if (cert) { bag = PKCS12_add_cert(&bags, cert); if(name && !PKCS12_add_friendlyname(bag, name, -1)) goto err; if(keyidlen && !PKCS12_add_localkeyid(bag, keyid, keyidlen)) goto err; } ... } So i understand that the "key id" is a hash of the X.509 cert and it is not something related to the private key (except that the cert includes the exponent and the modulus of the private key). If i did not make mistake, the X509_digest is just ASN1_digest of an ASN1 convertion of the X509 cert. Is there a way to get (or compute) this value from my private key? Maybe i missed something ... ;( Is there another part of the code where a hash of the private key is put in the key_id? Could someone put some light on this?? thanks in advance regards, Fred ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]