Hi,
Thanks a lot for clarification. But still I am NOT able to retrieve it.
I followed below mentioned logic to retrive the delta crl as per your
suggestion.
But it not NOT extracting the cdp of delta crl. Could you please throw
some light on this?
I am using the nid in X509_get_ext_d2i() function. Is it correct?
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
int nid;
DIST_POINT *pnt, *pnt1;
nid = OBJ_create("2.5.29.46", "DCRLDP", "Dela CRL Distribution Point");
X509V3_EXT_add_alias(nid, NID_crl_distribution_points);
pnt = X509_get_ext_d2i(x, nid, NULL, NULL);
I followed this logic to extract the cdp for base crl. But for Delta
crl, It is NOT going in to this for loop.
sk_DIST_POINT_num(pnt) is returning -1.
for (i = 0; i < sk_DIST_POINT_num(pnt); i++)
{
pnt1 = sk_DIST_POINT_value(pnt, i);
if(pnt1->distpoint)
{
if(pnt1->distpoint->type == 0)
{
int j=0;
GENERAL_NAMES *gen;
GENERAL_NAME *gen1;
printf(" DELTA_CRL\n");
gen = pnt1->distpoint->name.fullname;
for(j = 0; j<sk_GENERAL_NAME_num(gen);j++)
{
gen1 = sk_GENERAL_NAME_value(gen, j);
printf("type is %d\n",gen1->type);
switch (gen1->type)
{
case GEN_DNS:
printf("DNS");
break;
case GEN_URI:
printf("Here is the DELTA CDP\n");
printf("%s\n",gen1->d.ia5->data);
break;
}
}
}
}
}//for.
Could you please let me know, if I am missing something?
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Dr. Stephen Henson
Sent: Friday, September 01, 2006 6:27 PM
To: openssl-users@openssl.org
Subject: Re: How to retrive the delta CRL location and revocation
reason?
On Thu, Aug 31, 2006, [EMAIL PROTECTED] wrote:
>
> Hi,
> I am working on CRL validation. I am using openssl 0.9.8b.
>
> QUESTION: How to retrive the CDP for Delta CRL?
>
> Procedure:
> Delta CRLDP is a bit messy because it isn't yet supported by OpenSSL
> directly.
> However you can add the OID manually using OBJ_create() and alias the
> extension to CRLDP and retrieve it that way.
>
> Could you please elaborate the same?
>
Well something like this...
First you need to create an OID for Delta CRLDP:
int nid;
nid = OBJ_create("2.5.29.46", "DCRLDP", "Dela CRL Distribution Point");
X509V3_EXT_add_alias(nid, NID_crl_distribution_points);
After that you can use the X509_CRL_get_ext_d2i() using "nid" and it
should be parsed OK.
Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL
project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
The information contained in this electronic message and any attachments to
this message are intended for the exclusive use of the addressee(s) and may
contain proprietary, confidential or privileged information. If you are not the
intended recipient, you should not disseminate, distribute or copy this e-mail.
Please notify the sender immediately and destroy all copies of this message and
any attachments.
WARNING: Computer viruses can be transmitted via email. The recipient should
check this email and any attachments for the presence of viruses. The company
accepts no liability for any damage caused by any virus transmitted by this
email.
www.wipro.com
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
