On Tue, Jun 08, 2010, Bruce Stephens wrote: > decoder <deco...@own-hero.net> writes: > > [...] > > > Ok, so what I am currently doing is something like > > > > asndata = ASN1_OCTET_STRING_new(); > > ASN1_OCTET_STRING_set(asndata, myData, myLength); > > > > and then I add asndata to an extension I create: > > > > ex = X509_EXTENSION_create_by_NID( NULL, nid, 0, asndata ); > > > > > > In the one case, myData was the hex encoded data, in the other case it > > was my raw binary data. > > > > Is the DER encoding included here and if not, how can I add it for the > > raw data? > > I think it's not. OpenSSL seems fine with the result, though, so > perhaps you'll be OK. >
OpenSSL is fine with including raw data in an extension but it is technically illegal so added an encoded OCTET STRING in there is advisable. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org