如何在c程序中将Keyusage值设置为新的openssl X509证书？

无法在openssl中将密钥使用（如密钥加密、数字签名、CRL_签名、不可否认性e.t.c）设置为新的X509证书

帮我解决这个问题

By Adding the below functionality we can get the key usages, basic constraints to our created certificate....

int add_ext ( X509 *cert, int nid, char *value );


// Local variable definition
INT nid = 0;

// add algorithms to internal table

OpenSSL_add_all_algorithms( );

OpenSSL_add_all_ciphers ( );

OpenSSL_add_all_digests ( );


// A CA certificate must include the basicConstraints value with the
// CA field set to TRUE.

add_ext ( xcert, NID_basic_constraints, "critical,CA:TRUE" );

// Key usage is a multi valued extension consisting of a list of names
// of the permitted key usages.

add_ext ( xcert, NID_key_usage, "digitalSignature, nonRepudiation" );

// This Extensions consists of a list of usages indicating purposes for
// which the certificate public key can be used for..

add_ext ( xcert, NID_ext_key_usage, "critical,codeSigning,1.2.3.4" );

// Adds a new object to the internal table. oid is the numerical form
// of the object, sn the short name and ln the long name.

nid = OBJ_create ( "1.2.3.4", "SAMP_OID", "Test_OID" );
X509V3_EXT_add_alias ( nid, NID_netscape_comment );

add_ext ( xcert, nid, "MQ Comment Section" );


User defined function
---------------------

// Add extension using V3 code: we can set the config file as NULL because we
// wont reference any other sections.

int add_ext ( X509 *cert, int nid, char *value )
{
    //
    // Local Variable Definitions
    //
    X509_EXTENSION *ex = NULL;


    X509V3_CTX ctx;


    // Setting context of Extension

    X509V3_set_ctx_nodb ( &ctx );


    // Issuer and subject certs: both the target since it is self signed, no
    // request and no CRL

    X509V3_set_ctx( &ctx, cert, cert, NULL, NULL, NULL );


    ex = X509V3_EXT_conf_nid (NULL, &ctx, nid, value );


    if( !ex )
    {
        printf( "tError: In X509V3_EXT_conf_nidn" );
        hResult= GetLastError( );
    }

        return 0;

    }