For the second case it is returning 255. There was a problem in the certificate.. Thanks for your help.
Sakthi S G >-----Original Message----- >From: [EMAIL PROTECTED] >[mailto:[EMAIL PROTECTED] On Behalf Of Dr. >Stephen Henson >Sent: Tuesday, July 20, 2004 9:47 PM >To: [EMAIL PROTECTED] >Subject: Re: Checking the critical flags and Key usage >extension x509v3 certs. > > >On Tue, Jul 20, 2004, [EMAIL PROTECTED] wrote: > >> >> Hi., >> In both the certificates I am getting critical flag as zero. I have >> single stepped the code X509_get_ext_d2i(). In function >> X509_EXTENSION_get_critical()the structure the value of >"ex->critical" >> field is -1 for certificate 1. It is zero for certificate 2. >> > >Could you post the two certificates or send them to me >privately? It sounds like either OpenSSL is messing something >up or the critical flag is incorrectly encoded. > >Your results imply that #1 has an absent criticality flag >(which is interpreted as FALSE) and that #2 is present but set >to FALSE which violates DER, but is treated as FALSE. It >should be present and TRUE. > >Steve. >-- >Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage >OpenSSL project core developer and freelance consultant. >Funding needed! Details on homepage. >Homepage: http://www.drh-consultancy.demon.co.uk >______________________________________________________________________ >OpenSSL Project http://www.openssl.org >User Support Mailing List [EMAIL PROTECTED] >Automated List Manager [EMAIL PROTECTED] > Confidentiality Notice The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain confidential or privileged information. If you are not the intended recipient, please notify the sender at Wipro or [EMAIL PROTECTED] immediately and destroy all copies of this message and any attachments. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
