I have the following problem in determining the key usage of a certificate: after reading a certificate from DER file and converting it to X509 type (by means of d2i_X509), I try to read the ex_kusage and the ex_xkusage. But these fields always contain the value: 3452816845 (or CDCDCDCD in hex, or 11001101repeated 4 times in binary), no matter which certificate I load, even if the certificate has no key usge attributes at all. That value maps, if I understood correctly, onto the following key usages: X509v3_KU_DIGITAL_SIGNATURE 0x0080 yes X509v3_KU_NON_REPUDIATION 0x0040 yes X509v3_KU_KEY_ENCIPHERMENT 0x0020 no X509v3_KU_DATA_ENCIPHERMENT 0x0010 no X509v3_KU_KEY_AGREEMENT 0x0008 yes X509v3_KU_KEY_CERT_SIGN 0x0004 yes X509v3_KU_CRL_SIGN 0x0002 no X509v3_KU_ENCIPHER_ONLY 0x0001 yes what's wrong? Why do I get always the same value? Are these ex_kusage and ex_xkusage operative or should I extract the key usage extension in other ways (working on cert_info->extensions field, for example) ? Thanks in advance -------------------------------------------------------------------------- Marco Donati Context Security - Software P.zza Liberazione, 25 - 20013 Magenta (MI) Phone: ++39-02-97291291, Fax: ++39-02-97298225 E-Mail: [EMAIL PROTECTED], Web site:http://www.csg.it -------------------------------------------------------------------------- ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
