Thanks for the detailed answer, but here still some questions.....
ASN1_INTEGER *serial;
....
serial = X509_get_serialNumber(x);
What function should be called for using 'serial->data' as DER-encoded string?
Use the normal i2d_ASN1_INTEGER() function, i.e. (without error checking): int len; unsigned char *buf, *p;len = i2d_ASN1_INTEGER(serial, 0); buf = OPENSSL_malloc(len); p = buf; i2d_ASN1_INTEGER(serial, &p); after that buf points to the DER encoded ASN1 integer (see FAQ: "How do I read or write a DER encoded ...").
I have made the following:
...
ASN1_INTEGER *serial;
int len;
unsigned char *buf, *p;
...
serial = X509_get_serialNumber(x); /* serial->length = 4 */
len = i2d_ASN1_INTEGER(serial, 0); /* len = 6 */
buf = OPENSSL_malloc(len);
p = buf;
i2d_ASN1_INTEGER(serial, &p);
Now 'buf' points to the '02 04 3C D1 12 2B', but serial number is '3C D1 12 2B'. How correctly to get serial number?
I looked OpenSSL's sources and comment to i2d_ASN1_INTEGER says: 'Output ASN1 INTEGER including tag+length'.
If I suppose correctly, '02 04' is a tag, if so what means this tag and how it to truncate?
Thanks,
Dmitry
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
