Certificate Chain Verification using LibTomCrypt - Is there a plan to introduce this functionality? #693
-
|
Hello all, I see that LibTomCrypt DOES NOT have an inherent implementation for x509_verify which is available in most modern crypto libraries such as OpenSSL, MbedTLS, WolfSSL etc., wherein we can easily pass an entity certificate as well as a root certificate and then verify if they belong to the same chain. I also see that there are no APIs to decode the certificate contents to extract the TBS data. For a similar functionality, I had to manually write functions to decode the different fields, subject, extension and then use the info to arrive at the TBS data which I hashed and verified using the root certificate's public key to validate the certificate chain. Is there any plans to provide this certificate chain verification feature in LibTomCrypt in the near future? |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 3 replies
-
Is this available somewhere?
Yes. |
Beta Was this translation helpful? Give feedback.
-
|
Beta Was this translation helpful? Give feedback.
-
Nope. It's done when it's done. If you want to have a timeline you're free to contact me privately and I can prepare you a commercial offer for the complete feature. |
Beta Was this translation helpful? Give feedback.
-
|
Hello @sjaeckel I would like to know the procedure to contribute my implementation for this functionality. Would that be ok? If yes, are there any particular procedures to be followed? Can you pls help with the information about it? |
Beta Was this translation helpful? Give feedback.
-
Absolutely!
https://github.com/libtom/libtomcrypt?tab=readme-ov-file#submitting-patches Feel free to get back to me if you have any questions. |
Beta Was this translation helpful? Give feedback.
Is this available somewhere?
Yes.