[openssl-users] rsaOAEP OID in X509 certificate
kgoldman at us.ibm.com
Wed Aug 8 17:20:50 UTC 2018
1 - If you are trying to extract the public key, X509_get_pubkey() won't
work. I have sample code to do it. Let me know if you want the
2 - If you are trying to verify a certificate chain, it does not work
with openssl 1.1. You have to stay at 1.0 until someone (perhaps me)
submits a fix.
BTW, the only time I ever saw rsaAOEP was for TPM 1.2 EK certificates.
If you're working with the TPM, I can supply a lot of sample code.
On 8/8/2018 12:01 PM, Stephane van Hardeveld wrote:
> Hello all,
> By default, if I create an X 509 certificate with a public key in it, the
> object identifier is rsaEncyption (1.2.840.113518.104.22.168). Is it possible to
> specify a different object identifier, e.g. rsaOAEP (1.2.840.113522.214.171.124)?
> I looked into the various EVP_PKEY and EVP_PKEY_CTX functions, and other
> places in code, but the only place this object ID is specified is in
> obj_dat.h, and not used anywhere else (as far as I can see...)
> Stephane van Hardeveld
More information about the openssl-users