ah, okay. thank you!
now i know what's the number for! :)
Steven Reddie schrieb:
That's the [2] in:
TBSRequest ::= SEQUENCE {
version [0] EXPLICIT Version DEFAULT v1,
requestorName [1] EXPLICIT GeneralName OPTIONAL,
requestList SEQUENCE OF Request,
requestExtensions [2] EXPLICIT Extensions OPTIONAL }
2 being the explicit context-specific tag for requestExtensions.
Regards,
Steven
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Sascha Kiefer
Sent: Wednesday, 7 September 2005 11:37 PM
To: openssl-users@openssl.org
Subject: Re: OCSP, Nonce and the requestExtensions
well, i do not see the CONTEXT SPECIFIC part in the spec!!!
Sascha.
Dr. Stephen Henson schrieb:
On Wed, Sep 07, 2005, Sascha Kiefer wrote:
no, that's misunderstanding (well, my english is not that great); here
is the complete ocsp request generated by openssl (i'm not sure about
the version; i'm at work and tried it at home):
Offset| Len |LenByte|
======+======+=======+====================================================
==========
0| 102| 1| SEQUENCE :
2| 100| 1| SEQUENCE :
4| 77| 1| SEQUENCE :
6| 75| 1| SEQUENCE :
8| 73| 1| SEQUENCE :
10| 9| 1| SEQUENCE :
12| 5| 1| OBJECT IDENTIFIER : sha1
[1.3.14.3.2.26]
19| 0| 1| NULL :
21| 20| 1| OCTET STRING :
| | |
C0FE0278FC99188891B3F212E9C7E1B21AB7BFC0
43| 20| 1| OCTET STRING :
| | |
0DFC1DF0A9E0F01CE7F2B213177E6F8D157CD4F6
65| 16| 1| INTEGER :
| | | 4302AB26321D1C8AA2B54FEE5F8335A5
83| 19| 1| CONTEXT SPECIFIC (2) :
85| 17| 1| SEQUENCE :
87| 15| 1| SEQUENCE :
89| 9| 1| OBJECT IDENTIFIER :
[1.3.6.1.5.5.7.48.1.2]
100| 2| 1| OCTET STRING :
102| 16| 1| OCTET STRING :
| | |
7F6B115E2A42DCE810F762B1E389A610
Here the RFC2560:
OCSPRequest ::= SEQUENCE {
tbsRequest TBSRequest,
optionalSignature [0] EXPLICIT Signature OPTIONAL }
TBSRequest ::= SEQUENCE {
version [0] EXPLICIT Version DEFAULT v1,
requestorName [1] EXPLICIT GeneralName OPTIONAL,
requestList SEQUENCE OF Request,
requestExtensions [2] EXPLICIT Extensions OPTIONAL }
So, as you can see: the CONTEXT SPECIFIC part is actually the
requestExtensions part But why is it context specifiy and not just the
sequences?
I'm not sure what you are asking here.
From an ASN1 point of view several of those tags are unnecessary and
it could
have been written without them, but as its in the spec we have to do it.
Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL
project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
