"Hellan,Kim KHE" wrote:
>
> OpenSSL sees the X509v3 Certificate Policies extension as a "raw"
extension,
> but how do I extract "field" values (like PolicyIdentifier or UserNotice)
> from such an extension?
You do this the same as any other extension. Use X509_get_ext_d2i(), see
the docs in doc/openssl.txt and the definitions of the relevant
structures in crypto/x509v3/x509v3.h
Thanks!
But this function doesn't seem to return the correct pointer.
I have the following code:
int iCrit;
POLICYINFO* pinfo;
pinfo = (POLICYINFO*) X509_get_ext_d2i(pCert, NID_certificate_policies,
&iCrit, NULL);
BIO* bioID = BIO_new( BIO_s_mem() );
int iSize = i2a_ASN1_OBJECT(bioID, pinfo->policyid);
pinfo does contain a valid pointer and iCrit is set to 0, but when
i2a_ASN1_OBJECT() is called, my application crashes with an Access
Violation.
When debugging I can see, that whatever pinfo is pointing at, doesn't seem
to be a POLICYINFO structure.
I have tried another approach like:
<snip>
else if(method->i2r) // Raw extensions
{
if( !method->i2r(method, ext_str, bio_tmp, indent) )
return;
STACK_OF(POLICYINFO)* pol = (STACK_OF(POLICYINFO)*) ext_str;
int i;
POLICYINFO *pinfo;
for(i = 0; i < sk_POLICYINFO_num(pol); i++)
{
pinfo = sk_POLICYINFO_value(pol, i);
BIO* bioID = BIO_new( BIO_s_mem() );
int iSize = i2a_ASN1_OBJECT(bioID, pinfo->policyid);
<snip>
.....and this works just fine.
Any ideas why X509_get_ext_d2i() doesn't work?
I'm using WinNT4 Service Pack 6 with VC++ 6.0 Service Pack 4.
TIA
Kim Hellan
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
