On 18 Jan 2014, at 2:25 PM, "Dr. Stephen Henson" wrote:
> Have a look at demos/x509/mkcert.c
I eventually found it was as simple as this:
*extension = X509V3_EXT_conf(NULL, NULL, (char *)name, (char *)val);
What threw me was whether it was ok to pass NULL or not (it is).
Regards,
Graham
-
On Fri, Jan 17, 2014, Ermat Kiyomov wrote:
> I've faced the problem of reissuing X509 DER certificate with newer versions
> of OpenSSL.
> I'm parsing X509 DER (signed using my Custom Digest Algorithm (CDA) and
> Custom Signature Algorithm (CSA)) with d2i_X509 function,
> ...const byte *p = pbOrigi
On Sat, Jan 18, 2014, Graham Leggett wrote:
>
> Some more digging and I still can't find how openssl parses extensions.
>
> Reverse engineering the code, it appears that ASN1_generate_v3() expects to
> be passed a parameter string that is a name value pair separated with a
> colon, which the str
On 18 Jan 2014, at 4:09 AM, Graham Leggett wrote:
> I am trying to load the name and value of an X509 extension programmatically
> via the API (in other words, the openssl.cnf file isn't being used), and I am
> struggling with openssl telling me that the tag doesn't exist.
>
> The extension I
I've faced the problem of reissuing X509 DER certificate with newer versions
of OpenSSL.
I'm parsing X509 DER (signed using my Custom Digest Algorithm (CDA) and
Custom Signature Algorithm (CSA)) with d2i_X509 function,
...const byte *p = pbOriginalCert; /* Original DER buffer */X509 *x =
d2i_X509(N
