I am using
mbedtls_x509write_csr_set_subject_name API from mbedtls to set the subject name.
I wanted to set the arbitrary old value in my certificate for e.g.
ffeBgt9jDHhBwPDANgtT7R/1.3.6.1.4.1.37244.2.1=FFF2/1.3.6.1.4.1.37244.2.2=8001
In this case ffeBgt9jDHhBwPDANgtT7R is the CN
And 1.3.6.1.4.1.37244.2.1 is an arbitrary OID which has a value of FFF2 similar to the second arbitrary OID.
I am able to do this through openssl commands, but while doing it through mbedtls, when I pass it as a string then mbedtls considers the whole string as
CN which Is not my intention.
Please fine the asn1 parsing of the CSR as below
CSR generated through mbedtls:
18:d=5 hl=2 l= 3 prim: OBJECT :commonName
23:d=5 hl=2 l= 76 prim: UTF8STRING :ffeBgt9jDHhBwPDANgtT7R/1.3.7.1.4.1.37466.2.1=FFF2+1.3.7.1.4.1.37466.2.2=8001
101:d=3 hl=2 l= 11 cons: SET
103:d=4 hl=2 l= 9 cons: SEQUENCE
Target CSR ( done thorough openssl):
14:d=4 hl=2 l= 29 cons: SEQUENCE
16:d=5 hl=2 l= 3 prim: OBJECT :commonName
21:d=5 hl=2 l= 22 prim: UTF8STRING :ffeBgt9jDHhBwPDANgtT7R
45:d=3 hl=2 l= 20 cons: SET
47:d=4 hl=2 l= 18 cons: SEQUENCE
49:d=5 hl=2 l= 10 prim: OBJECT :1.3.7.1.4.1.37466.2.1
61:d=5 hl=2 l= 4 prim: UTF8STRING :FFF2
67:d=3 hl=2 l= 20 cons: SET
69:d=4 hl=2 l= 18 cons: SEQUENCE
71:d=5 hl=2 l= 10 prim: OBJECT :1.3.7.1.4.1.37466.2.2
83:d=5 hl=2 l= 4 prim: UTF8STRING :8001
89:d=2 hl=2 l= 89 cons: SEQUENCE
91:d=3 hl=2 l= 19 cons: SEQUENCE
93:d=4 hl=2 l= 7 prim: OBJECT :id-ecPublicKey
102:d=4 hl=2 l= 8 prim: OBJECT :prime256v1
Am I missing something here? Do I need to provide the CN in a different way to get the intended result?
Any help would be appreciated.
Thanks and Regards,
Aditya