On Wed, 2003-04-02 at 04:05, Michael Bell wrote:
> Ok, I integrated it into OpenCA::OpenSSL and commited it to the CVS. So
> it is available via the HEAD of OpenCA's CVS
> (openca-0.9/src/modules/openca-openssl/). You can use make test. The
> tests are in t/*.t. These files show the usage. It's quite simple.
Today I will try it...
> Do you use OpenSSL 0.9.7? The code works on my machine and is directly
> from OpenSSL 0.9.7a crypto/asn1/t_req.c. The definition of the structure
> in x509.h is the follwoing one:
ii libssl-dev 0.9.7a-1 SSL development libraries, header
yup
> typedef struct x509_attributes_st
> {
> ASN1_OBJECT *object;
> int single; /* 0 for a set, 1 for a single item (which is wrong) */
> union {
> char *ptr;
> /* 0 */ STACK_OF(ASN1_TYPE) *set;
> /* 1 */ ASN1_TYPE *single;
> } value;
> } X509_ATTRIBUTE;
>
> If you use the headerfiles from 0.9.6 then single is called set. There
> was a renaming of a structure member.
The same as mine, but now that I looked it again, I see that there
exists values.single AND single :-).. I will try again to compile....
> > the problem is: a. private keys do not belong to X509 nor to requests,
> > they could be in the same file, but aren't part of the structures (nor
> > desirable to be there!); b. by storing keys as pem-encoded data, you can
> > not have opaque processing of them, to retrieve information as key size,
> > fingerprint, etc.; and c. it is not nice :-)
>
> So it is a good idea if you program such a module ... :)
OK, I will think about it..
-------------------------------------------------------
This SF.net email is sponsored by: ValueWeb:
Dedicated Hosting for just $79/mo with 500 GB of bandwidth!
No other company gives more support or power for your dedicated server
http://click.atdmt.com/AFF/go/sdnxxaff00300020aff/direct/01/
_______________________________________________
OpenCA-Devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-devel
