In message <[EMAIL PROTECTED]> on Mon, 12 Feb 2007 13:24:25 +0100, "Michael
Leuchtner" <[EMAIL PROTECTED]> said:
mleuchtner> 362:d=6 hl=2 l= 51 cons: SEQUENCE
mleuchtner> 364:d=7 hl=2 l= 9 prim: OBJECT :1.3.6.1.4.1.311.20.2
mleuchtner> 375:d=7 hl=2 l= 38 prim: OCTET STRING
[...]
mleuchtner> OpenSSL> asn1parse -in testcert.txt -strparse 375
mleuchtner> 0:d=0 hl=2 l= 36 prim: BMPSTRING
mleuchtner> OpenSSL>
mleuchtner>
mleuchtner> So it seems that I have to add a BMPSTRING as a subfield
mleuchtner> of the OCTET STRING. But how can I do that?!
It's more embedding a BMPSTRING in the OCTET STRING than anything
else.
You create and populate an OCTET_STRING like so:
ASN1_OCTET_STRING *aos = ASN1_OCTET_STRING_new();
ASN1_OCTET_STRING_set(aos, YourBMPString,
YourBMPStringLength);
Then you create the extension itself (assuming you alread have a NID
for that OID):
X509_EXTENSION *xext = X509_EXTENSION_create_by_nid(NULL,
YourNID, 0, aos);
Finally, add it to the certificate you create like so:
X509_add_ext(x509, xext, int loc);
TOTALLY UNTESTED! I leave the rest to you.
Cheers,
Richard
-----
Please consider sponsoring my work on free software.
See http://www.free.lp.se/sponsoring.html for details.
--
Richard Levitte [EMAIL PROTECTED]
http://richard.levitte.org/
"When I became a man I put away childish things, including
the fear of childishness and the desire to be very grown up."
-- C.S. Lewis
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
