Hi
Team,
I am working on
the CRL validation. I am seeing some issues in extracting the
- delta crl
distribution point and
- reason for
revocation.
Could you please
let me know your thoughts on how to access these two
above mentioned information?
Let me explain you
my problem clearly:
1. I got the
crl from X509_STORE *ctx.
2. After receiving
the crl, I checked the certificate, wheather is revoked.
3. I found that,
the certificate is revoked(serial number is present)
4. After that, I
would like to find the certificate revocation reason. But I am not able to
extract the information.
5. Since the delta
crl is enabled, I need to get the cdp (crl distribution point) for delta crl. I
am not able to retrieve the information.
Could any
body help me in retrieving the
- Delta
CRL distribution point and
- CRL
reason for revocation
I am using the
following data structues for CRL.
struct
X509_crl_st
{
/* actual signature */
X509_CRL_INFO *crl;
X509_ALGOR *sig_alg;
ASN1_BIT_STRING *signature;
int references;
} X509_CRL ;
{
/* actual signature */
X509_CRL_INFO *crl;
X509_ALGOR *sig_alg;
ASN1_BIT_STRING *signature;
int references;
} X509_CRL ;
typedef struct
X509_crl_info_st
{
ASN1_INTEGER *version;
X509_ALGOR *sig_alg;
X509_NAME *issuer;
ASN1_TIME *lastUpdate;
ASN1_TIME *nextUpdate;
STACK_OF(X509_REVOKED) *revoked; //It should give the revocation reason.
STACK_OF(X509_EXTENSION) /* [0] */ *extensions; //It should give the cdp for delta crl.
ASN1_ENCODING enc;
} X509_CRL_INFO;
{
ASN1_INTEGER *version;
X509_ALGOR *sig_alg;
X509_NAME *issuer;
ASN1_TIME *lastUpdate;
ASN1_TIME *nextUpdate;
STACK_OF(X509_REVOKED) *revoked; //It should give the revocation reason.
STACK_OF(X509_EXTENSION) /* [0] */ *extensions; //It should give the cdp for delta crl.
ASN1_ENCODING enc;
} X509_CRL_INFO;
Appreciate your
help on the same.
With best regards,
-Surendra
The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com |
