[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Help-gnutls] Parsing certificate extensions and issuer alt names
From: |
Brad Hards |
Subject: |
[Help-gnutls] Parsing certificate extensions and issuer alt names |
Date: |
Tue, 7 Jul 2009 19:49:51 +1000 |
User-agent: |
KMail/1.11.4 (Linux/2.6.29.5-191.fc11.x86_64; KDE/4.2.4; x86_64; ; ) |
Hi,
I'm trying to provide a GnuTLS backend for the Qt Cryptographic Architecture.
It is going OK (not really "going well", but I'm still making progress).
I have a question about how to parse out something that doesn't really have
support in GnuTLS. My need at the moment is to handle OID 2.5.29.32
(Certificate Policies) and OID 2.5.29.18 (Issuer Alternative Name).
Issuer Alt Name is very similar to Subject Alt Name.
So far, I think I need to use gnutls_x509_crt_get_extension_by_oid() to get
the ASN.1, and then I need to decode it. Its the decoding bit that I'm
uncertain about.
I considered copying some of the get_subject_alt_name() code (from
lib/x509/x509.c) but it seemed like quite a lot of code, and the duplication
seemed undesirable.
I had no idea about how to start the Certificate Policies.
Any suggestions or hints?
Brad
- [Help-gnutls] Parsing certificate extensions and issuer alt names,
Brad Hards <=