Setter methods for X509_REQ signature attributes
Viktor Dukhovni
openssl-users at dukhovni.org
Fri Apr 5 04:55:02 UTC 2019
On Thu, Apr 04, 2019 at 01:26:01PM +0200, Enrico Scholz via openssl-users wrote:
> What is the recommended way to create an X509 REQ with OpenSSL 1.1 when
> all the crypto has been done in the outside and I need only the ASN.1
> structure?
See also the related:
https://github.com/openssl/openssl/issues/8553
https://github.com/openssl/openssl/issues/8514
http://openssl.6102.n7.nabble.com/i2d-X509-REQ-gt-d2i-X509-REQ-asn1-encoding-routines-c2i-ASN1-OBJECT-invalid-object-encoding-a-object7-td76251.html
> Would it be possible to add setter methods for 'sig_alg' and 'signature'?
New setter methods are probably needed. For now all you can do is
obtain the DER encoding of the X509_REQ_INFO, and creat from it the
DER encoding of the enclosing X509_REQ, by prepending a sequence
tag and length, and appending the signature OID, any parameters and
signature. You can then, if desired, recover an X509_REQ object
via d2i_X509_REQ.
--
Viktor.
More information about the openssl-users
mailing list