I have a CERT_CONTEXT structure that I extracted from a smart card in Windows through CryptoAPI. I need to convert this structure to an array of DER encoded bytes, which is consistent with OpenSSL. The closest match I have received so far is CryptEncodeObject using X509_ASN_ENCODING and the X509_CERT_TO_BE_SIGNED modifier, which accepts CERT_INFO as input.
The problem is that it does not match the result created by the OpenSSL i2d_X509 function. Using a 2048 x509 bit certificate as input, OpenSSL produces 1789 bytes of encoded output, while Windows CryptoAPI generates 1638 bytes of encoded output.
The only opportunity I see is to create an X509 certificate on the fly using the values ββfrom CERT_CONTEXT , and encode the resulting object directly using the i2d_X509 function. The only problem is that I cannot extract the private key from the smart card, so this may cause problems with the procedures for creating x509 certificates.
If anyone can give any ideas / advice / advice on these issues, I would be very obliged.
source share