Creating a CSR using OpenSSL v1.1.1

[Joe Eremita]

Hello all,

    I am developing a library that uses an HSM, and I need to create a CSR
to send to the CA. I have some examples using the X509_REQ to set the
public key and attributes. I 've also seen examples of signing the CSR,
which finds the req_info that is needed to sign the CSR:

  EVP_PKEY_assign_RSA( pkey , rsa );
  X509_REQ_set_pubkey(req, pkey);

  subj=X509_REQ_get_subject_name(req);
  X509_NAME_add_entry_by_txt(subj,"C",
                          MBSTRING_ASC, (unsigned char *)"SK", -1, -1, 0);
  X509_NAME_add_entry_by_txt(subj,"CN",
                          MBSTRING_ASC, (unsigned char *)"Test", -1, -1, 0);

  int datasig_len;
  unsigned char *tobesigned;

* datasig_len = i2d_X509_REQ_INFO( req->req_info, NULL );*



When I compile the last line, I get the error: error: 'invalid use of
incomplete type ‘X509_REQ {aka struct X509_req_st}'

I have discovered that the header x509.h obfuscates the type 'req_info',
and upon further research, I also found that this type was eliminated since
v1.1.0 of OpenSSL.

Does anyone know of an alternative to accessing the 'req_info' element, or
another way I can access the info I need to sign?

Thanks for your help.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20210429/d89187a2/attachment.html>