Hi, > Hex encoding surely ought to increase the size by a factor of exactly 2? > (Plus a few bytes for the tag and length.) > 2 is correct without the colon but the OpenSSL function I use adds them. Of course you are right, it would be possible with 2 :) > An extension has an OID, a criticality flag, and a value. The value is > an OCTET STRING containing the DER encoding of some ASN.1 type (defined > by the extension). For a private extension you can stick any type in > there you choose. An obvious choice for a binary blob is OCTET STRING. > > (It's probably not safe to stick any binary blob directly in the > extnValue OCTET STRING, since processors (like OpenSSL) probably assume > they can decode the value as DER even if they can't do much with it.) >
Ok, so what I am currently doing is something like asndata = ASN1_OCTET_STRING_new(); ASN1_OCTET_STRING_set(asndata, myData, myLength); and then I add asndata to an extension I create: ex = X509_EXTENSION_create_by_NID( NULL, nid, 0, asndata ); In the one case, myData was the hex encoded data, in the other case it was my raw binary data. Is the DER encoding included here and if not, how can I add it for the raw data? Thank you very much, Chris
smime.p7s
Description: S/MIME Cryptographic Signature