I searched the forum and could not find a similar question.
I have a self signed V3 x.509 file (RSA 512 for simplicity)
X509 *x;
EVP_PKEY *pk;
if ((pk=EVP_PKEY_new()) == NULL){
fprintf(stderr,"err 1\n");
return(1);
}
rsa=RSA_generate_key(512,RSA_F4,NULL,NULL); //callback,NULL);
if (!EVP_PKEY_assign_RSA(pk,rsa)){
fprintf(stderr,"err 2\n");
return 1;
}
:
:
:
X509_set_pubkey(x,pk);
:
:
rc= X509_sign(x,pk,EVP_sha1());
I send it to someone who can extract extended attributes.
For best practices my question:
How can this individual verify the x.509? I certainly do not want the
receiving site to have private key; they are not the creator of such
documents
but simply the receiver for data. An excerpt of code would be most
beneficial.
--
View this message in context:
http://openssl.6102.n7.nabble.com/verify-self-signed-x-509-tp45026.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
