i2d_X509_REQ() -> d2i_X509_REQ() = asn1 encoding routines:c2i_ASN1_OBJECT:invalid object encoding:a_object.c:287
minfrin at sharp.fm
Tue Mar 19 00:22:00 UTC 2019
On 18 Mar 2019, at 22:02, Dave Coombs <dcoombs at carillon.ca> wrote:
>> This makes sense - however there don’t appear to be any APIs in openssl that allow you to manipulate a X509_REQ_INFO structure. I can create it, and encode/decode it, but there is no X509_REQ_INFO_get_subject_name() (or friends) to populate the structure. X509_REQ_INFO itself is opaque.
> I believe you said you're using 1.0.2, right? The structures aren't opaque there. You can make your X509_REQ and populate its name etc as you already are, and then i2d_X509_REQ_INFO its req_info member.
> (Even in the 1.1 API, where they are opaque, i2d_re_X509_REQ_tbs will encode a given X509_REQ's X509_REQ_INFO for you.)
How would I decode the X509_REQ_INFO structure on the other side, turning it back into X509_REQ?
While I can see a d2i_X509_REQ_INFO() function, I can’t find a corresponding function in openssl 1.1.0+ that assigns this to a X509_REQ, unless I am missing it?
By way of concrete example, having crossed the module boundary we need to pull out details from the X509_REQ_INFO, which can only be done if this structure has been assigned to a X509_REQ first:
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3260 bytes
Desc: not available
More information about the openssl-users