How I can add extension with sequence value to CSR using openssl library?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I know how to add simple extension (oid + str), for example

```
nid = OBJ_create("1.2.3.4", "shortname", "long name");
ASN1_OCTET_STRING_set(os, "ext value", 9);
ex = X509_EXTENSION_create_by_NID( NULL, nid, 0, os );
sk_X509_EXTENSION_push(exts, ex);
```

I want to learn how I can add extension with the next specification

The specific identity objects shall be contained in the attribute's
SET. Any identity object included in the resulting CSR shall be added
as a PKCS#9 Extension Request

- macAddress (OID 1.3.6.1.1.1.1.22), encoded as an IA5STRING type
- imei (OID 1.3.6.1.4.1.40808.1.1.3), encoded as an IA5STRING type
- meid (OID 1.3.6.1.4.1.40808.1.1.4), encoded as a BITSTRING type
- DevId (OID 1.3.6.1.4.1.40808.1.1.5), encoded as a PRINTABLESTRING type


I assume Extension Request extension has oid = 1.2.840.113549.1.9.14

And this is probably openssl config for extension

```
asn1 = SEQUENCE:attrs

[attrs]
attr1 = SEQUENCE:extreq

[extreq]
oid = OID:extensionRequest
vals = SET:extreqvals

[extreqvals]

oid1 = OID:macAddress
oid2 = OID:imei
oid3 = OID:meid
oid4 = OID:DevId
```

How I can do it in C?



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux