Hi Cool SSL people.

I am trying to extract the public key of a self signed cert…Here is how I am 
doing, and what the problem is:

I set a verify call back function, in which I do:

  X509 *cert = X509_STORE_CTX_get_current_cert(x509_ctx);
  int depth = X509_STORE_CTX_get_error_depth(x509_ctx);
  int err = X509_STORE_CTX_get_error(x509_ctx);

I check cert pointer, non NULL;
I check depth, which is ZERO;
I check err, which is 18 (X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT)
All good.

  EVP_PKEY *pubKey = X509_get_pubkey(cert);

I check pubKey, which is non NULL;
As I dereference pubKey as pubKey->pkey.rsa, the pointer turns out to be NULL .

Am I doing something wrong? When there is an error, does OPENSSL still expose 
the cert public key?
How would I retrieve a public key of the certificate the peer is presenting to 
me?

Thanks for any hints…
Dirceu

Reply via email to