How I can add extension with sequence value to CSR using openssl library?
work vlpl
thework.vlpl at gmail.com
Tue Mar 19 07:26:44 UTC 2019
I know how to add simple extension (oid + str), for example
```
nid = OBJ_create("1.2.3.4", "shortname", "long name");
ASN1_OCTET_STRING_set(os, "ext value", 9);
ex = X509_EXTENSION_create_by_NID( NULL, nid, 0, os );
sk_X509_EXTENSION_push(exts, ex);
```
I want to learn how I can add extension with the next specification
The specific identity objects shall be contained in the attribute's
SET. Any identity object included in the resulting CSR shall be added
as a PKCS#9 Extension Request
- macAddress (OID 1.3.6.1.1.1.1.22), encoded as an IA5STRING type
- imei (OID 1.3.6.1.4.1.40808.1.1.3), encoded as an IA5STRING type
- meid (OID 1.3.6.1.4.1.40808.1.1.4), encoded as a BITSTRING type
- DevId (OID 1.3.6.1.4.1.40808.1.1.5), encoded as a PRINTABLESTRING type
I assume Extension Request extension has oid = 1.2.840.113549.1.9.14
And this is probably openssl config for extension
```
asn1 = SEQUENCE:attrs
[attrs]
attr1 = SEQUENCE:extreq
[extreq]
oid = OID:extensionRequest
vals = SET:extreqvals
[extreqvals]
oid1 = OID:macAddress
oid2 = OID:imei
oid3 = OID:meid
oid4 = OID:DevId
```
How I can do it in C?
More information about the openssl-users
mailing list