Creating a CSR using OpenSSL v1.1.1
Joe Eremita
joe at cryptosecuregroup.com
Thu Apr 29 21:00:21 UTC 2021
Hi Matt,
Thanks so much for your response. Now I see what the 'tbs' acronym
is for!
I do have another question: this regards setting the signature in
the signature element of the request. I figured out how to make an
ECDSA_SIG object using the r and s components of the ECDSA signature,
however I do not see any way to for converting it to an ANSI_BIT_STRING
type. Is there a method or process for performing this?
Thanks Again,
Joe
On Thu, Apr 29, 2021 at 10:15 AM Matt Caswell <matt at openssl.org> wrote:
>
>
> On 29/04/2021 15:04, Joe Eremita wrote:
> > datasig_len = i2d_X509_REQ_INFO( req->req_info, NULL );
>
> You can achieve this by instead doing:
>
> datasig_len = i2d_re_X509_REQ_tbs(req, NULL);
>
> See:
>
> https://www.openssl.org/docs/man1.1.1/man3/i2d_re_X509_REQ_tbs.html
>
> Matt
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20210429/3784989f/attachment.html>
More information about the openssl-users
mailing list