I used this , and it seems to work great (parsed it with ASN1):
st_exts = sk_X509_EXTENSION_new_null();
X509_REQ *x;
/*add INTEGER EXT*/
int1 = ASN1_INTEGER_new();
ASN1_INTEGER_set(int1, 1);
os1 = M_ASN1_OCTET_STRING_new();
os1->data = NULL;
n = i2d_ASN1_INTEGER(int1,&os1->data);
os1->length = n;
sk_X509_EXTENSION_push(st_exts, X509_EXTENSION_create_by_OBJ(NULL,
obj1, 0,os1));
/*add PRINTABLESTRING EXT*/
tmp_os = M_ASN1_PRINTABLESTRING_new();
tmp_os->type = V_ASN1_PRINTABLESTRING;
ASN1_STRING_set(tmp_os, (const unsigned char *)"TEST", 4 );
os2 = M_ASN1_OCTET_STRING_new();
os->data = NULL;
n = i2d_ASN1_PRINTABLESTRING( tmp_os, &os2->data );
os2->length = n;
/* add to the extension stack.*/
sk_X509_EXTENSION_push(st_exts, X509_EXTENSION_create_by_OBJ(NULL,
obj2, 0, os2));
/* Now we've created the extensions we add them to the request */
X509_REQ_add_extensions(x, st_exts);
I freed all the ASN1 structs at the end...
Did I add the extension the way you meant? Do I need to free anything else?
--
View this message in context:
http://openssl.6102.n7.nabble.com/Adding-a-custom-extension-to-a-CSR-tp47446p47560.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
