This is a more of a why question. When I add an extension of data to a V3 x.509 certificate the BEGIN CERTIFICATE area grows significantly in proportion to the size of the data I added. So if I enclosed a PNG icon this area grows allot.
I thought this area was just a signature which is more or less 64bytes or 128bytes for the PNG if I had signed it myself? So maybe someone can enlighten me on this growth. A sample abstraction of a cert is shown below Certificate: Data: Version: 3 (0x2) Serial Number: 512 (0x200) Signature Algorithm: sha1WithRSAEncryption Issuer: C=US, ST=NC, L=RTP, O=IBM, OU=IBM Emerging Technology Validity Not Before: Apr 26 16:18:58 2013 GMT Not After : Apr 26 16:18:58 2014 GMT Subject: OU=IBM Emerging Technology Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (512 bit) Modulus (512 bit): 00:c9:51:32:f0:6a:b8:23:93:c3:0f:49:46:78:84: 45:fb:6c:3c:1b:cc:d6:41:df:d2:c3:0e:43:c1:d4: a8:13:08:49:27:23:82:67:d4:1a:4f:37:53:cb:55: 28:72:dc:1b:34:fd:98:4a:cc:62:69:53:a9:bd:36: e3:d2:e3:d6:1f Exponent: 65537 (0x10001) X509v3 extensions: custom: * my data* Signature Algorithm: sha1WithRSAEncryption b3:8e:e0:a9:03:b4:3c:ed:47:14:48:99:20:d7:07:2c:f9:4f: 5b:79:22:69:cf:f9:c4:ba:a9:06:0f:6c:e0:11:4c:a0:4f:18: 91:32:d2:78:ed:6b:d0:88:48:e5:fb:24:f5:29:5a:2c:3f:72: c4:22:12:60:86:5a:b1:60:8b:95 -----BEGIN CERTIFICATE----- * grows allot* -----END CERTIFICATE----- Thank you in advance for answer. -- View this message in context: http://openssl.6102.n7.nabble.com/extended-x509-custom-Attributes-and-BEGIN-Certificate-size-tp44938.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org