I will run a debugger, but this is how I freed:
ASN1_OCTET_STRING_free(os1);
ASN1_PRINTABLESTRING_free(tmp_os);
ASN1_INTEGER_free(int1);
X509_REQ_add_extensions(x, st_exts);
--
View this message in context:
http://openssl.6102.n7.nabble.com/Adding-a-custom-ext
I used this , and it seems to work great (parsed it with ASN1):
st_exts= sk_X509_EXTENSION_new_null();
X509_REQ *x;
/*add INTEGER EXT*/
int1 = ASN1_INTEGER_new();
ASN1_INTEGER_set(int1, 1);
os1 = M_ASN1_OCTET_STRING_ne
"Almost. If the actual value is not OCTET STRING, change the type created
in the first two (or whatever) lines, and i2d'ed in the fourth line.
And OPENSSL_free the pointer allocated here (d) after you're
done with that memory. "
I need to add an INTEGER extensions and PRINTABLESTRING extension.
I rather not use the openssl config file, and stick with aPI's.
>is it really an octet string containing one ASCII character "5"?
no, it was just a simple example, the real values is are PRINTABLESTRING and
INTEGER.
Is that ehat you meant:
ASN1_OCTET_STRING *os = ASN1_OCTET_STRING_new();
ASN1_
I am not using the openssl commandline, I have to use the API's (the
openssl.cng is not used/parsed when using API's, right?)
Regarding "the value in an extension is an OCTET STRING containing
the DER of the value, not the value itself", so basicly do I need to convert
the string to DER encoded?
Hi all,
Im trying to add a custom Extension to a CSR using openssl API's:
struct stack_st_X509_EXTENSION *exts = NULL;
X509_EXTENSION *ex;
exts = sk_X509_EXTENSION_new_null();
ASN1_OCTET_STRING *os = ASN1_OCTET_STRING_new();
nid = OBJ_create("1.3.6.1.4.1.12345", "End Entry Type", "My En
