On Wed, Sep 15, 2004, Antonio Ruiz Mart�nez wrote: > Hello! > > Thanks for your answer, it has been very useful when I use an octect > string but not when but I have got a problem when I'm using a sequence. > I think I am not doing something properly because I don't get the > desired result. > I've tried the following options: > > 1) > ASN1_OCTET_STRING *oct=NULL; > oct=ASN1_STRING_new(); > ASN1_STRING_set(oct,p7_2,lenp7_2) > where p7_2 -> coding in DER of a signed PKCS#7 > PKCS7_add_attribute(si, NID_pkcs7_signed, V_ASN1_SEQUENCE,(void *)oct); > i2d_PKC7 ..... > > This way when I try to decode the result of the coding I get an error, > It seems the structure is not correct. > However, if I try with PKCS7_add_attribute(si, NID_pkcs7_signed, > V_ASN1_OCTET_STRING,(void *)oct) it works but I've an attribute which is > an octet string that contains a DER coded PKCS7 but I would like that > the attribute was directly the PKCS7 > > 2) > p7_2=d2i_PKCS7(NULL,&tsp,lenTSP); > PKCS7_add_attribute(si, NID_pkcs7_signed, V_ASN1_SEQUENCE,(void *)p7_2); > i2d_PKC7 ..... > > This way I can decode the encoded PKCS7 but the PKCS7 is not inserted > properly as an attribute. > > How can I solve the problem? > Could you help me another time, please?
My guess is that there's a problem with the generation of the encoding of the attribute: what code did you use for that? You can put totally unstructured garbage data in an OCTET_STRING and the result will still parse until you try to decode the contents. If however you try that with the V_ASN1_SEQUENCE it will choke the parser when you try d2i_PKCS7() on the outer structure. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
