Index: asn1-x509.c ================================================================== --- asn1-x509.c +++ asn1-x509.c @@ -201,10 +201,24 @@ *outbuf = x509.serial_number.asn1rep; } return(x509.serial_number.asn1rep_len); } + +static ssize_t x509_to_pubkey(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf) { + struct asn1_object null, pubkey, modulus, exponent; + struct x509_object x509; + int read_ret; + + read_ret = asn1_x509_read_object(x509_der_buf, x509_der_buf_len, &x509); + if (read_ret != 0) { + return(-1); + } + + *outbuf = x509.pubkey.contents; + return(x509.pubkey.size); +} static ssize_t x509_to_modulus(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf) { struct asn1_object null, pubkey, modulus, exponent; struct x509_object x509; int read_ret; Index: asn1-x509.h ================================================================== --- asn1-x509.h +++ asn1-x509.h @@ -13,10 +13,12 @@ static ssize_t x509_to_subject(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf); static ssize_t x509_to_issuer(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf); static ssize_t x509_to_serial(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf); + +static ssize_t x509_to_pubkey(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf); static ssize_t x509_to_modulus(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf); static ssize_t x509_to_exponent(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf); Index: cackey.c ================================================================== --- cackey.c +++ cackey.c @@ -2824,11 +2824,18 @@ case CKO_NETSCAPE_TRUST: CACKEY_DEBUG_PRINTF(" ... but not getting it because we are a Netscape trust object"); break; case CKO_PUBLIC_KEY: - /* XXX: TODO */ + if (certificate_len >= 0) { + x509_read_ret = x509_to_pubkey(certificate, certificate_len, &pValue); + if (x509_read_ret < 0) { + pValue = NULL; + } else { + ulValueLen = x509_read_ret; + } + } break; case CKO_CERTIFICATE: pValue = certificate; ulValueLen = certificate_len;