1 - If you are trying to extract the public key, X509_get_pubkey() won't
work. I have sample code to do it. Let me know if you want the
complete function.
Basically:
X509_get_X509_PUBKEY
X509_PUBKEY_get0_param
d2i_RSAPublicKey
2 - If you are trying to verify a certificate chain, it does not work
with openssl 1.1. You have to stay at 1.0 until someone (perhaps me)
submits a fix.
~~~~~~~~~~~~~
BTW, the only time I ever saw rsaAOEP was for TPM 1.2 EK certificates.
If you're working with the TPM, I can supply a lot of sample code.
On 8/8/2018 12:01 PM, Stephane van Hardeveld wrote:
Hello all,
By default, if I create an X 509 certificate with a public key in it, the
object identifier is rsaEncyption (1.2.840.113549.1.1.1). Is it possible to
specify a different object identifier, e.g. rsaOAEP (1.2.840.113549.1.1.7)?
I looked into the various EVP_PKEY and EVP_PKEY_CTX functions, and other
places in code, but the only place this object ID is specified is in
obj_dat.h, and not used anywhere else (as far as I can see...)
Regards,
Stephane van Hardeveld
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
