Creating a CSR using OpenSSL v1.1.1
Joe Eremita
joe at cryptosecuregroup.com
Thu Apr 29 14:04:23 UTC 2021
Hello all,
I am developing a library that uses an HSM, and I need to create a CSR
to send to the CA. I have some examples using the X509_REQ to set the
public key and attributes. I 've also seen examples of signing the CSR,
which finds the req_info that is needed to sign the CSR:
EVP_PKEY_assign_RSA( pkey , rsa );
X509_REQ_set_pubkey(req, pkey);
subj=X509_REQ_get_subject_name(req);
X509_NAME_add_entry_by_txt(subj,"C",
MBSTRING_ASC, (unsigned char *)"SK", -1, -1, 0);
X509_NAME_add_entry_by_txt(subj,"CN",
MBSTRING_ASC, (unsigned char *)"Test", -1, -1, 0);
int datasig_len;
unsigned char *tobesigned;
* datasig_len = i2d_X509_REQ_INFO( req->req_info, NULL );*
When I compile the last line, I get the error: error: 'invalid use of
incomplete type ‘X509_REQ {aka struct X509_req_st}'
I have discovered that the header x509.h obfuscates the type 'req_info',
and upon further research, I also found that this type was eliminated since
v1.1.0 of OpenSSL.
Does anyone know of an alternative to accessing the 'req_info' element, or
another way I can access the info I need to sign?
Thanks for your help.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20210429/d89187a2/attachment.html>
More information about the openssl-users
mailing list