Hello Sascha, wouldn't this invalidate the digest and therefor the entire certificate? If changing the arbitrary data does not invalidate the certificate, it must not be part of the digest, but then everybody would be able to change it.
And just adding the arbitrary data to the PKCS12 file would not make those data more trustworthy either. If this is possible at all. With kind regards Gerd > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Sascha Kiefer > Sent: Friday, August 04, 2006 2:11 PM > To: [email protected] > Subject: RE: extending a PKCS12 certificate > > As far as i know, PKCS12 is just a combination of your private key and > the public certificate. So, it should be possible to extract the > certificate, make > the changes and pack it together with the private key again. > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Theodore Olen > Sent: Freitag, 4. August 2006 15:31 > To: [email protected] > Subject: extending a PKCS12 certificate > > Hello all, > > I would like to ask a question about PKCS12 certificates. > > Is it possible to extend a PKCS12 certificate with arbitral > data? I would > like to extend a given certificate with user data (such as login and > password) in such a way that the output certificate is still a valid > certificate. > > If so, can this be done with OpenSSL? How do I extract the extensions? > > Thanks in advance. Kind regards, > > Theodore > > _________________________________________________________________ > Meer ruimte nodig? Maak nu je eigen Space http://spaces.msn.nl/ > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [email protected] > Automated List Manager [EMAIL PROTECTED] > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [email protected] > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
