To extract the Delta crl's location (cdp of delta crl) from certificate.

Fri, 25 Aug 2006 05:21:17 -0700 

Hi Team,

I am working on the CRL validation stuff. In that process, I need to
extract the cdp(crl distribution point).
I am a bit hazy about extracting the crl distribution point (cdp) from
the certificate.

I am following the below mentioned procedure to extract the cdp. I am
succeeded in getting the basecrl's cdp.Please have a look at the code
mentioned below.

MY DOUBT: How to extract the delta crl's cdp? Can I use the
"NID_delta_crl" in the following API to extract the delta crl location
information?

pnt = X509_get_ext_d2i(x, NID_delta_crl, NULL, NULL);
Appreciate your thoughts on the same. THANKS A LOT IN ADVANCE.


*********CODE STARTS ******************
   //Obtain CDP from the current certificate
        X509 *curr_cert = NULL;
        DIST_POINT *pnt, *pnt1;

    pnt = X509_get_ext_d2i(x, NID_crl_distribution_points, NULL, NULL);

    for (i = 0; i < sk_DIST_POINT_num(pnt); i++)
    {
        pnt1 = sk_DIST_POINT_value(pnt, i);
        if(pnt1->distpoint)
        {
            if(pnt1->distpoint->type == 0)
            {
                int j=0;
                GENERAL_NAMES *gen;
                GENERAL_NAME *gen1;
                printf("In here: DELTA_CRL\n");
                gen = pnt1->distpoint->name.fullname;

                for(j = 0; j<sk_GENERAL_NAME_num(gen);j++)
                {
                    gen1 = sk_GENERAL_NAME_value(gen, j);
                    printf("type is %d\n",gen1->type);

                    switch (gen1->type)
                    {
                        case GEN_DNS:
                        printf("DNS");
                        break;

                        case GEN_URI:
                        //ASN1_IA5STRING *nm = gen1->d.ia5;
                        printf("Here is the DELTA CDP\n");
                        printf("%s\n",gen1->d.ia5->data);

                        strcpy(delta_cdp, (char*)gen1->d.ia5->data);
                        break;

                    }
                }
            }
        }
    }
*********CODE ENDS ******************

With best regards,
-Surendra


The information contained in this electronic message and any attachments to 
this message are intended for the exclusive use of the addressee(s) and may 
contain proprietary, confidential or privileged information. If you are not the 
intended recipient, you should not disseminate, distribute or copy this e-mail. 
Please notify the sender immediately and destroy all copies of this message and 
any attachments.

WARNING: Computer viruses can be transmitted via email. The recipient should 
check this email and any attachments for the presence of viruses. The company 
accepts no liability for any damage caused by any virus transmitted by this 
email.

www.wipro.com
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [email protected]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to