Hi all, I am trying to load the name and value of an X509 extension programmatically via the API (in other words, the openssl.cnf file isn't being used), and I am struggling with openssl telling me that the tag doesn't exist.
The extension I want to load has the name "keyUsage" and value "nonRepudiation,digitalSignature,keyEncipherment", and the error I get looks like this: 139684350600856:error:0D0B10C2:asn1 encoding routines:ASN1_CB:unknown tag:asn1_gen.c:303:tag=nonRepudiation,digitalSignature,keyEncipherment The code that is trying to load in the extension looks like this: /* find the name of the extension */ if (!(obj = OBJ_txt2obj(name, 0))) { // error handler, this works fine when name has value "keyUsage" } type = ASN1_generate_v3((char *)val, NULL); if (type == NULL) { // we bomb out here with val as "nonRepudiation,digitalSignature,keyEncipherment" When I initialise openssl, I run the following two functions: OpenSSL_add_all_algorithms(); ERR_load_crypto_strings(); Can anyone shed some light on what I might be doing wrong? The code above was obtained by reverse engineering openssl itself, what is throwing me is that I can't see how openssl understands the words "nonRepudiation,digitalSignature,keyEncipherment" when my code doesn't. Regards, Graham -- ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org