[Help-gnutls] Parsing certificate extensions and issuer alt names
bradh at frogmouth.net
Tue Jul 7 11:49:51 CEST 2009
I'm trying to provide a GnuTLS backend for the Qt Cryptographic Architecture.
It is going OK (not really "going well", but I'm still making progress).
I have a question about how to parse out something that doesn't really have
support in GnuTLS. My need at the moment is to handle OID 184.108.40.206
(Certificate Policies) and OID 220.127.116.11 (Issuer Alternative Name).
Issuer Alt Name is very similar to Subject Alt Name.
So far, I think I need to use gnutls_x509_crt_get_extension_by_oid() to get
the ASN.1, and then I need to decode it. Its the decoding bit that I'm
I considered copying some of the get_subject_alt_name() code (from
lib/x509/x509.c) but it seemed like quite a lot of code, and the duplication
I had no idea about how to start the Certificate Policies.
Any suggestions or hints?
More information about the Gnutls-help