This is a multi-part message in MIME format.

------_=_NextPart_001_01C6C834.73471732
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable


Hi Team,
=0D
I am working on the CRL validation. I am seeing some issues in
extracting the=0D
- delta crl distribution point and=0D
- reason for revocation.
=0D
Could you please let me know your thoughts on how to access these two
above mentioned information?
=0D
Let me explain you my problem clearly:
1. I got the crl from X509_STORE *ctx.
2. After receiving the crl, I checked the certificate, wheather is
revoked.
3. I found that, the certificate is revoked(serial number is present)
4. After that, I would like to find the certificate revocation reason.
But I am not able to extract the information.
5. Since the delta crl is enabled, I need to get the cdp (crl
distribution point) for delta crl. I am not able to retrieve the
information.
=0D
Could any body help me in retrieving the
- Delta CRL distribution point and =0D
- CRL reason for revocation=0D
=0D
I am using the following data structues for CRL.
=0D
struct X509_crl_st
{
/* actual signature */
X509_CRL_INFO *crl;
X509_ALGOR *sig_alg;
ASN1_BIT_STRING *signature;
int references;
} X509_CRL ;
=0D
typedef struct X509_crl_info_st
{
ASN1_INTEGER *version;
X509_ALGOR *sig_alg;
X509_NAME *issuer;
ASN1_TIME *lastUpdate;
ASN1_TIME *nextUpdate;
STACK_OF(X509_REVOKED) *revoked; //It should give the revocation
reason.
STACK_OF(X509_EXTENSION) /* [0] */ *extensions; //It should give the
cdp for delta crl.
ASN1_ENCODING enc;
} X509_CRL_INFO;
=0D
=0D
Appreciate your help on the same.
=0D
With best regards,
-Surendra
=0D



The information contained in this electronic message and any attachments to=
this message are intended for the exclusive use of the addressee(s) and=
may contain proprietary, confidential or privileged information. If you=
are not the intended recipient, you should not disseminate, distribute or=
copy this e-mail. Please notify the sender immediately and destroy all=
copies of this message and any attachments.=0D

WARNING: Computer viruses can be transmitted via email. The recipient=
should check this email and any attachments for the presence of viruses.=
The company accepts no liability for any damage caused by any virus=
transmitted by this email.
=0D
www.wipro.com
------_=_NextPart_001_01C6C834.73471732
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable






Hi=0D
Team,

class=3D110174210-25082006> 

I am=
working on=0D
the CRL validation. I am seeing some issues in extracting the=0D

- delta=
crl=0D
distribution point and

-=
reason for=0D
revocation.

class=3D110174210-25082006> 

Could=
you please=0D
let me know your thoughts on how to access these two=0D
above mentioned 
=0D
class=3D110174210-25082006>information?

class=3D110174210-25082006> 

Let me=
explain you=0D
my problem clearly:

1.=
I got the=0D
crl from X509_STORE *ctx.

2.=
After receiving=0D
the crl, I checked the certificate, wheather is=
revoked.

3. I=
found that,=0D
the certificate is revoked(serial number is present)

4.=
After that, I=0D
would like to find the certificate revocation reason. But I am not able to=
=0D
extract the information.

5.=
Since the delta=0D
crl is enabled, I need to get the cdp (crl distribution point) for delta=
crl. I=0D
am not able to retrieve the information.

class=3D110174210-25082006> 

=3D110174210-25082006>Could any=0D
body help me in retrieving the

=3D110174210-25082006>- Delta=0D
CRL distribution point and  

=3D110174210-25082006>- CRL=0D
reason for revocation

class=3D110174210-25082006> 

I am=
using the=0D
following data structues for CRL.

class=3D110174210-25082006> 

struct=
=0D
X509_crl_st
 {
 /* actual signature=0D
*/
 X509_CRL_INFO *crl;
 X509_ALGOR=0D
*sig_alg;
 ASN1_BIT_STRING *signature;
 int=0D
references;
 } X509_CRL ;

class=3D110174210-25082006> 

typedef=
struct=0D
X509_crl_info_st
 {
 ASN1_INTEGER=
*version;
 X509_ALGOR=0D
*sig_alg;
 X509_NAME *issuer;
 ASN1_TIME=0D
*lastUpdate;
 ASN1_TIME=0D
*nextUpdate;
 STACK_OF(X509_REVOKED) *revoked; //It should=
give=0D
the revocation reason.

 STACK_OF(X509_EXTENSION) /* [0] */=
=0D
*extensions; //It should give the cdp for delta=0D
crl.

 ASN1_ENCODING enc;
 }=0D
X509_CRL_INFO;

class=3D110174210-25082006> 

class=3D110174210-25082006> 

=3D110174210-25082006>Appreciate your=0D
help on the same.

 

With best=
regards,

-Surendra

 




The information contained in this electronic message and any attachments to=
this message are intended for the exclusive use of the addressee(s) and=
may contain proprietary, confidential or privileged information. If you=
are not the intended recipient, you should not disseminate, distribute or=
copy this e-mail. Please notify the sender immediately and destroy all=
copies of this message and any attachments.



WARNING: Computer viruses can be transmitted via email. The recipient=
should check this email and any attachments for the presence of viruses.=
The company accepts no liability for any damage caused by any virus=
transmitted by this email.



www.wipro.com


------_=_NextPart_001_01C6C834.73471732--
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org