[openssl-users] QcStatements with OpenSSL (C++)?
Matthias Ballreich
Matthias.Ballreich at outlook.de
Thu May 4 08:41:15 UTC 2017
thanks :)
But can you explain how i got the concrete data like QCStatement? Because there is no defined structure in OpenSSL like for example CRLDistributionPoints. So which structure and functions i have to use, to get the matching data?
QCStatement ::= SEQUENCE {
statementId QC-STATEMENT.&Id({SupportedStatements}),
statementInfo QC-STATEMENT.&Type
({SupportedStatements}{@statementId}) OPTIONAL }
thanks again!
________________________________
Von: openssl-users <openssl-users-bounces at openssl.org> im Auftrag von lists <lists at rustichelli.net>
Gesendet: Mittwoch, 26. April 2017 17:06:58
An: openssl-users at openssl.org
Betreff: Re: [openssl-users] QcStatements with OpenSSL (C++)?
On 04/17/2017 06:40 PM, Matthias Ballreich wrote:
Hi there,
can OpenSSL pasre QcStatement X509v3 Extension btw. Did OpenSSL Support these?
Any Piece of example Code of how can i parse the data?
To my knowledge, there is direct support for the qcStatements, you must parse it yourself.
I asked for some help on the list more or less a month ago, I was trying to develop the required structures but apparently I got lost in the OpenSSL macro jungle, finally I had to quit working on it.
What you can do is search for specific statements of interest to you (there are quite a bit) by parsing the attribute.
Get the attribute NID of the object in the extension and see if it matches the NID of qcStatements:
oneObj = X509_EXTENSION_get_object(oneExt);
objnid = OBJ_obj2nid(theObj);
if (objnid == NID_qcStatements)
{ printf("DEBUG:ext:GOTCHA!:this is qcStatements!\n"); }
you then extract the data from the object and parse it.
For the moment I have this ugly quick way of doing it, for instance for a simple one:
#define UC_id_etsi_qcs_QcCompliance "0.4.0.1862.1.1"
if (strstr(extdump, UC_id_etsi_qcs_QcCompliance) == NULL)
{ printf("INFO:QcCompliance:no:\n"); }
else
{ printf("INFO:QcCompliance:yes:\n"); }
Thanks
Matthias
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170504/4d17ddf6/attachment-0001.html>
More information about the openssl-users
mailing list