Hello,
I am currently developing an application that stores custom data in the X509 client certificate. Some of this data is binary and I managed to store it in a custom extension. Initially, I encoded this data using i2s_ASN1_OCTET_STRING() to obtain a hex encoded version. When viewing the certificate, everything is fine. Later on I found out, that it is even possible to include the binary data directly without hex encoding (and the openssl x509 command line tool simply prints non-printable characters as '.'). Now the problem is that I am almost hitting the maximum size of the certificate (the practical limit seems to be around 15-16 kb) and I'd like to know if hex encoding is really necessary or if I can simply include the data directly without violating any standards (as the hex encoding bloats the data by a factor of ~3). Thanks in advance and best regards, Chris
smime.p7s
Description: S/MIME Cryptographic Signature
