curl / Mailing Lists / curl-library / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Re: Getting pubkey fingerprint in libcurl

From: Ray Satiro via curl-library <>
Date: Tue, 2 Mar 2021 01:02:24 -0500

On 2/26/2021 4:10 PM, Morten Minde Neergaard via curl-library wrote:
> I'm making an app that's using public key pinning, and it would be very
> helpful to have programmatic access to the pubkey fingerprint. The app
> currently has a huge and horrible mountain of platform- and
> backend-specific code that extracts the public key fingerprint from the
> TLS backend before calculating the exact same fingerprint as curl does
> in Curl_pin_peer_pubkey.
> It would be a lot more elegant if there were an option to get the pubkey
> fingerprint directly, using the same pattern as CURLOPT_CERTINFO /
> CURLINFO_CERTINFO. Suggesting this addition to the curl APIs:
> After refactoring all the TLS backends to extract the code that
> calculates the pubkey fingerprint, this implementation should be fairly
> trivial.
> Comments? Patches accepted?

Is this not provided by certinfo already? If not I think it would be
easier to add it there in a separate line, pubkey:asdf

Received on 2021-03-02