get data from X509_EXTENSION in openSSL 1.1.1.

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

get data from X509_EXTENSION in openSSL 1.1.1.

prudvi raj
Hi All,

we are upgrading our codebase to 1.1.1 from 1.0.2k.Here's a code snippet causing error :

 ext = X509_get_ext(X509, n);
 data = ext->value->data;

How do i get the data value from X509_EXTENSION object.
since forward declarations are not allowed (compiler error) & i couldn't find a suitable 'getter' function.
Can someone please help me out in resolving this issue.??

Thanks,
Prudvi.

 



Reply | Threaded
Open this post in threaded view
|

Re: get data from X509_EXTENSION in openSSL 1.1.1.

Ken Goldman-2

> From: prudvi raj <[hidden email]>
> To: [hidden email]
> Date: 07/10/2020 07:55 AM
> Subject: [EXTERNAL] get data from X509_EXTENSION in openSSL 1.1.1.
> Sent by: "openssl-users" <[hidden email]>
>
> Hi All,

>
> we are upgrading our codebase to 1.1.1 from 1.0.2k.Here's a code
> snippet causing error :

>
>  ext = X509_get_ext(X509, n);

>  data = ext->value->data;
>
> How do i get the data value from X509_EXTENSION object.

> since forward declarations are not allowed (compiler error) & i
> couldn't find a suitable 'getter' function.

> Can someone please help me out in resolving this issue.??

This may work:

ASN1_BIT_STRING *keyUsage =
X509_get_ext_d2i(X509Certificate, NID_key_usage,
   NULL, NULL);
uint8_t bitmap = bitmap = keyUsage->data[0];
keyEncipherment = bitmap & (1<<5); /* bit 2 little endian */

Reply | Threaded
Open this post in threaded view
|

Re: get data from X509_EXTENSION in openSSL 1.1.1.

Viktor Dukhovni
In reply to this post by prudvi raj
On Fri, Jul 10, 2020 at 05:25:03PM +0530, prudvi raj wrote:

> we are upgrading our codebase to 1.1.1 from 1.0.2k.Here's a code snippet
> causing error :
>
>  ext = X509_get_ext(X509, n);
>  data = ext->value->data;

Given:

    X509_EXTENSION *ext;

you can obtain

    /* ext->object */
    ASN1_OBJECT *oid = X509_EXTENSION_get_object(X509_EXTENSION *ext);

    /* ext->value, formally ASN1_OCTET_STRING, same as ASN1_STRING */
    ASN1_OCTET_STRING *value = X509_EXTENSION_get_data(X509_EXTENSION *ext);

from which you get:

    /* ASN1 type, e.g. V_ASN1_UTF8STRING */
    int type = ASN1_STRING_type(value);

    /* Data length */
    int length = ASN1_STRING_length(value);

    /* Data content, generally not a NUL-terminated C string */
    const unsigned char *data = ASN1_STRING_get0_data(value);

--
    Viktor.