I will run a debugger, but this is how I freed:
ASN1_OCTET_STRING_free(os1);
ASN1_PRINTABLESTRING_free(tmp_os);
ASN1_INTEGER_free(int1);
X509_REQ_add_extensions(x, st_exts);
--
View this message in context:
http://openssl.6102.n7.nabble.com/Adding-a-custom-ext
> From: owner-openssl-users On Behalf Of Danyk
> Sent: Wednesday, December 04, 2013 12:26
> I used this , and it seems to work great (parsed it with ASN1):
>
> st_exts= sk_X509_EXTENSION_new_null();
> X509_REQ *x;
>
> /*add INTEGER EXT*/
> int1 = ASN1_
I used this , and it seems to work great (parsed it with ASN1):
st_exts= sk_X509_EXTENSION_new_null();
X509_REQ *x;
/*add INTEGER EXT*/
int1 = ASN1_INTEGER_new();
ASN1_INTEGER_set(int1, 1);
os1 = M_ASN1_OCTET_STRING_ne
> From: owner-openssl-users On Behalf Of Danyk
> Sent: Tuesday, December 03, 2013 12:35
> "Almost. If the actual value is not OCTET STRING, change the type created
> in the first two (or whatever) lines, and i2d'ed in the fourth line.
> And OPENSSL_free the pointer allocated here (d) after you're
"Almost. If the actual value is not OCTET STRING, change the type created
in the first two (or whatever) lines, and i2d'ed in the fourth line.
And OPENSSL_free the pointer allocated here (d) after you're
done with that memory. "
I need to add an INTEGER extensions and PRINTABLESTRING extension.
> From: owner-openssl-users On Behalf Of redpath
> Sent: Friday, November 29, 2013 09:42
> To: openssl-users@openssl.org
> Subject: *** Spam *** RE: Adding a custom extension to a CSR
>
>Sample abstract code, you should see this extension in your x509 when
you
> use the o
> From: owner-openssl-users On Behalf Of Danyk
> Sent: Thursday, November 28, 2013 09:28
> I rather not use the openssl config file, and stick with aPI's.
>
> >is it really an octet string containing one ASCII character "5"?
> no, it was just a simple example, the real values is are PRINTABLESTRI
Sample abstract code, you should see this extension in your x509 when you
use the openssl x509 -in mycsr -text
You have to register an OID, I just picked one at random.
os =ASN1_OCTET_STRING_new();
nid = OBJ_create("1.3.18.0.2.10.8", "myalias", "myaliasname");
ASN1_OCTET_STRI
I rather not use the openssl config file, and stick with aPI's.
>is it really an octet string containing one ASCII character "5"?
no, it was just a simple example, the real values is are PRINTABLESTRING and
INTEGER.
Is that ehat you meant:
ASN1_OCTET_STRING *os = ASN1_OCTET_STRING_new();
ASN1_
> From: owner-openssl-users On Behalf Of Danyk
> Sent: Tuesday, November 26, 2013 06:07
> I am not using the openssl commandline, I have to use the API's (the
> openssl.cng is not used/parsed when using API's, right?)
>
Mostly up to you. If you call the simple wrapper OPENSSL_config(),
or the mo
I am not using the openssl commandline, I have to use the API's (the
openssl.cng is not used/parsed when using API's, right?)
Regarding "the value in an extension is an OCTET STRING containing
the DER of the value, not the value itself", so basicly do I need to convert
the string to DER encoded?
> From: owner-openssl-users On Behalf Of Danyk
> Sent: Monday, November 25, 2013 07:26
> Im trying to add a custom Extension to a CSR using openssl API's:
>
I assume you know 'req' can be configured to create custom extensions
(if a bit clumsily) but you have reasons for coding it yourself inste
12 matches
Mail list logo
