On Thu, Jan 16, 2003, Massimiliano Pala wrote:
> Hi all,
>
> I have one question for you. I want to check extensions added to a CRL
> entry but I do not know how to access informations. Actually I use the
> code:
>
> rev = X509_CRL_get_REVOKED(crl);
>
> for(i = 0; i < sk_X509_REVOKED_num(rev); i++) {
>
> r = sk_X509_REVOKED_value(rev, i);
>
> for (i=0; i<sk_X509_EXTENSION_num(r->extensions); i++)
> {
> ASN1_OBJECT *obj;
> ASN1_OBJECT *obj_tmp;
> X509_EXTENSION *ex;
>
> ex=sk_X509_EXTENSION_value(r->extensions, i);
> obj=X509_EXTENSION_get_object(ex);
>
> [ Missing Code ]
>
> }
>
> I would like in the [ Missing Code ] to check the object (that is of
> the NID_crl_reason type) for its value, for example if it is a
> certificateHold or RemoveFromCRL, etc...
>
> What's the correct way to do it ?
>
> Thanks to all of you...
>
Check out doc/openssl.txt what you want here is X509_REVOKED_get_ext_d2i()
on 'r' not that loop.
As a general pointer if you have code which acceses structure elements
directly it means that you've either missed a high level function that does
the job itself or we haven't got round to adding one yet :-)
The structure you get back from the function is an ASN1_ENUMERATED structure
which is treated in a similar way to ASN1_INTEGER.
You can for example then call ASN1_ENUMERATED_get() on it to get the result in
a long.
Steve.
--
Dr. Stephen Henson [EMAIL PROTECTED]
OpenSSL Project http://www.openssl.org/~steve/
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
