On Thu, Jun 12, 2014 at 08:37:12PM +0100, Jeremy Harris wrote: > Viktor commented in the mailinglist that we shouldn't parse the output of > X509_print_ex() and should return an OID rather than something human-readable.
Mostly because the "human-readable" descriptions are a rather unstable interface. I believe that for some exotic signature schemes they return a multi-line description of the algorithm and parameters! The C code to get the signature description inside OpenSSL itself is as you point out rather complex, and dives deep into library internals. I think you should ask for guidance on openssl-users, I don't know the answer to this, beyond the observation that it is easy if you 'settle' for an OID. > Does anyone else wish to comment? Sorry, I am not someone else, I hope all the real someone elses are not detered by my hogging the thread... -- Viktor. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##