On Thu, Apr 04, 2019 at 01:26:01PM +0200, Enrico Scholz via openssl-users wrote: > What is the recommended way to create an X509 REQ with OpenSSL 1.1 when > all the crypto has been done in the outside and I need only the ASN.1 > structure? See also the related: https://github.com/openssl/openssl/issues/8553 https://github.com/openssl/openssl/issues/8514 http://openssl.6102.n7.nabble.com/i2d-X509-REQ-gt-d2i-X509-REQ-asn1-encoding-routines-c2i-ASN1-OBJECT-invalid-object-encoding-a-object7-td76251.html > Would it be possible to add setter methods for 'sig_alg' and 'signature'? New setter methods are probably needed. For now all you can do is obtain the DER encoding of the X509_REQ_INFO, and creat from it the DER encoding of the enclosing X509_REQ, by prepending a sequence tag and length, and appending the signature OID, any parameters and signature. You can then, if desired, recover an X509_REQ object via d2i_X509_REQ. -- Viktor.
