Folks,
Struggling with x509v3 extensions from a programmatic interface. Found that
simply stuffing ascii strings into an extension works fine:
int nid2 = OBJ_create("1.3.6.1.4.1.2692.99.2", "geoLon",
"Longitude(WGS84) of device calculating CSR");
ASN1_OBJECT* obj2 = OBJ_nid2obj(nid2);
ASN1_OCTET_STRING* data2 = ASN1_OCTET_STRING_new();
ASN1_OCTET_STRING_set(data2, "-122.023828", -1);
sk_X509_EXTENSION_push(exts, X509_EXTENSION_create_by_OBJ(NULL, obj2,
0, data2));
And gives me nicely:
368:d=6 hl=2 l= 24 cons: SEQUENCE
370:d=7 hl=2 l= 9 prim: OBJECT
:1.3.6.1.4.1.2692.99.2
381:d=7 hl=2 l= 11 prim: OCTET STRING :-122.023828
The sort of output I'd expect. And easily process this in a CSR, get it signed
and all that.
But when I do the very same thing - but try to make that instead of an STRING
something like an INTEGER or a binary sequence (e.g. an Image); I am
not seeing that picked up.
E.g:
int nid1 = OBJ_create("1.3.6.1.4.1.2692.99.1", "geoLat",
"Latitude(WGS84) of device calculating CSR");
ASN1_OBJECT* obj1 = OBJ_nid2obj(nid1);
ASN1_INTEGER * data1 = ASN1_INTEGER_new();
ASN1_INTEGER_set(data1, 100);
sk_X509_EXTENSION_push(exts, X509_EXTENSION_create_by_OBJ(NULL, obj1,
0, data1));
I see this return also an OCTED STRING:
352:d=6 hl=2 l= 14 cons: SEQUENCE
354:d=7 hl=2 l= 9 prim: OBJECT
:1.3.6.1.4.1.2692.99.1
365:d=7 hl=2 l= 1 prim: OCTET STRING :d
Where am I going wrong ? Specifically I'd like to embed a very small image
(containing a hard to forge noise pattern) and a few arbitrary IEEE floating
point number in the CSR (i.e. in the part that gets signed by the pub-key of
the CSR requester).
Dw.______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
