Hi All, I am reading thru the ca.c in the apps directory to understand how to issue a certificate using OpenSSL and I came across this fragment of code which I am struggling to understand.
Just before signing the certificate the code executes this fragment pktmp=X509_get_pubkey(ret); if (EVP_PKEY_missing_parameters(pktmp) && !EVP_PKEY_missing_parameters(pkey)) EVP_PKEY_copy_parameters(pktmp,pkey); EVP_PKEY_free(pktmp); I looked up the man pages and the notes section talk about The main purpose of the functions EVP_PKEY_missing_parameters() and EVP_PKEY_copy_parameters() is to handle public keys in certificates where the parameters are sometimes omitted from a public key if they are inherited from the CA that signed it. My Question : 1) What parameters are we talking about here ? We just read the Public Key from the CSR and we seem to copy some fields from the CA key ( in the code pkey) to pktmp key which is the key we read from the CSR. I tried looking up the sources, but they are pointers to functions in ASN1 code base, hence this question here before putting a debugger to the sources. This is just for my understanding of what is happening here. Thanks Anu
