Hi, Thanks a lot for clarification. But still I am NOT able to retrieve it.
I followed below mentioned logic to retrive the delta crl as per your suggestion. But it not NOT extracting the cdp of delta crl. Could you please throw some light on this? I am using the nid in X509_get_ext_d2i() function. Is it correct? @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ int nid; DIST_POINT *pnt, *pnt1; nid = OBJ_create("2.5.29.46", "DCRLDP", "Dela CRL Distribution Point"); X509V3_EXT_add_alias(nid, NID_crl_distribution_points); pnt = X509_get_ext_d2i(x, nid, NULL, NULL); I followed this logic to extract the cdp for base crl. But for Delta crl, It is NOT going in to this for loop. sk_DIST_POINT_num(pnt) is returning -1. for (i = 0; i < sk_DIST_POINT_num(pnt); i++) { pnt1 = sk_DIST_POINT_value(pnt, i); if(pnt1->distpoint) { if(pnt1->distpoint->type == 0) { int j=0; GENERAL_NAMES *gen; GENERAL_NAME *gen1; printf(" DELTA_CRL\n"); gen = pnt1->distpoint->name.fullname; for(j = 0; j<sk_GENERAL_NAME_num(gen);j++) { gen1 = sk_GENERAL_NAME_value(gen, j); printf("type is %d\n",gen1->type); switch (gen1->type) { case GEN_DNS: printf("DNS"); break; case GEN_URI: printf("Here is the DELTA CDP\n"); printf("%s\n",gen1->d.ia5->data); break; } } } } }//for. Could you please let me know, if I am missing something? -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dr. Stephen Henson Sent: Friday, September 01, 2006 6:27 PM To: openssl-users@openssl.org Subject: Re: How to retrive the delta CRL location and revocation reason? On Thu, Aug 31, 2006, [EMAIL PROTECTED] wrote: > > Hi, > I am working on CRL validation. I am using openssl 0.9.8b. > > QUESTION: How to retrive the CDP for Delta CRL? > > Procedure: > Delta CRLDP is a bit messy because it isn't yet supported by OpenSSL > directly. > However you can add the OID manually using OBJ_create() and alias the > extension to CRLDP and retrieve it that way. > > Could you please elaborate the same? > Well something like this... First you need to create an OID for Delta CRLDP: int nid; nid = OBJ_create("2.5.29.46", "DCRLDP", "Dela CRL Distribution Point"); X509V3_EXT_add_alias(nid, NID_crl_distribution_points); After that you can use the X509_CRL_get_ext_d2i() using "nid" and it should be parsed OK. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]