On Wed, Oct 19, 2005, Cesc wrote: > I hit the wall some time ago trying the same ... adding my custom data to > the certs. > Certainly this email back then would have come in handy. > Anyway, just a remark ... the pain in the ass, when you generate the > certificate and add your V3 extension (ass explained in one of the links), > is having to manually encode the value as DER ... it is easy for a small > number ... even for a short string ... but beyond that, it is just too much. > Does anybody know of some software that does that automatically? i mean ... > provide a string/int/bool ... return the hex DER encoded version.
OpenSSL 0.9.8. There is a mini-ASN1 compiler in 0.9.8 which is integrated into various parts of the library. The asn1parse utility has a -genstr option for simple structures and a -genconf one for more complex cases. The Fine Manual has details of the syntax used. However that isn't really needed because as well as the DER option for non standard extensions there is also an ASN1 option which uses the same syntax and adds it to extensions directly. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
