Building a DER sequence
Ken Goldman
kgoldman at us.ibm.com
Wed Jul 10 17:40:25 UTC 2019
On 7/3/2019 4:30 PM, Viktor Dukhovni wrote:
> On Jul 3, 2019, at 2:41 PM, Ken Goldman <kgoldman at us.ibm.com> wrote:
>
>> That link points to the X509_dup page. It doesn't explain how to
>> build a DER sequence, does it?
>
> The documentation is incomplete, and much RTFS is required, but it
> and code pointers should get you started.
Here's what I have today.
I have a STACK_OF(ASN1_TYPE) to which I have added the issuer, validity,
and subject.
I can get the DER with i2d_ASN1_SEQUENCE_ANY.
I have a STACK_OF(X509_EXTENSION) to which I have added several extensions.
Questions:
1 - Is the an API sequence to add the extension STACK to the asn1_type
STACK?
2 - If not, is there an API sequence to get the DER for the extension
STACK. If so, I can append it and adjust the overall length.
3 - Is there a way to get the extension DER from a standard x509
certificate. If so, I can create it and pull out what I need.
4 - I'm trying to create DER that includes only issuer, validity,
subject, and extensions. It's not a standard X509 certificate. Is
there a better way?
More information about the openssl-users
mailing list