=0D
Hi Team,


I am working on the CRL validation. I am seeing some issues in
extracting the
- delta crl distribution point and
- reason for revocation from the certifiacte. Which structure members in
the CRL to be used to retrieve the information?



Could you please let me know your thoughts on how to access these two
above mentioned information?


Let me explain you my problem clearly:
1. I got the crl from X509_STORE *ctx.
2. After receiving the crl, I checked the certificate, wheather it is
revoked in crl.
3. I found that, the certificate is revoked(serial number is present) 4.
After that, I would like to find the certificate revocation reason. But
I am not able to extract the information.
5. Since the delta crl is enabled, I need to get the cdp (certificate
distribution point) for delta crl. I am not able to retrieve the
information.


Could any body help me in retrieving the
- Delta CRL distribution point and
- CRL reason for revocation



I am using the following data structues for CRL.


struct X509_crl_st
{
/* actual signature */
X509_CRL_INFO *crl;
X509_ALGOR *sig_alg;
ASN1_BIT_STRING *signature;
int references;
} X509_CRL ;


typedef struct X509_crl_info_st
{
ASN1_INTEGER *version;
X509_ALGOR *sig_alg;
X509_NAME *issuer;
ASN1_TIME *lastUpdate;
ASN1_TIME *nextUpdate;
STACK_OF(X509_REVOKED) *revoked; //It should give the revocation
reason.
STACK_OF(X509_EXTENSION) /* [0] */ *extensions; //It should give the
cdp for delta crl.
ASN1_ENCODING enc;
} X509_CRL_INFO;




Appreciate your help on the same.


With best regards,
-Surendra

=0D



The information contained in this electronic message and any attachments
to this message are intended for the exclusive use of the addressee(s)
and may contain proprietary, confidential or privileged information. If
you are not the intended recipient, you should not disseminate,
distribute or copy this e-mail. Please notify the sender immediately and
destroy all copies of this message and any attachments.


WARNING: Computer viruses can be transmitted via email. The recipient
should check this email and any attachments for the presence of viruses.
The company accepts no liability for any damage caused by any virus
transmitted by this email.


www.wipro.com
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org


The information contained in this electronic message and any attachments to=
this message are intended for the exclusive use of the addressee(s) and=
may contain proprietary, confidential or privileged information. If you=
are not the intended recipient, you should not disseminate, distribute or=
copy this e-mail. Please notify the sender immediately and destroy all=
copies of this message and any attachments.=0D

WARNING: Computer viruses can be transmitted via email. The recipient=
should check this email and any attachments for the presence of viruses.=
The company accepts no liability for any damage caused by any virus=
transmitted by this email.
=0D
www.wipro.com
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org