Setter methods for X509_REQ signature attributes

Viktor Dukhovni openssl-users at
Fri Apr 5 04:55:02 UTC 2019

On Thu, Apr 04, 2019 at 01:26:01PM +0200, Enrico Scholz via openssl-users wrote:

> What is the recommended way to create an X509 REQ with OpenSSL 1.1 when
> all the crypto has been done in the outside and I need only the ASN.1
> structure?

See also the related:

> Would it be possible to add setter methods for 'sig_alg' and 'signature'?

New setter methods are probably needed.  For now all you can do is
obtain the DER encoding of the X509_REQ_INFO, and creat from it the
DER encoding of the enclosing X509_REQ, by prepending a sequence
tag and length, and appending the signature OID, any parameters and
signature.  You can then, if desired, recover an X509_REQ object
via d2i_X509_REQ.


More information about the openssl-users mailing list