On Mon, Feb 12, 2007, Michael Leuchtner wrote: > Ok, I think I know the structure of the value. When I look at a "microsoft > style" request samle with the openssl command line tool, I get the following > output: > > ... > 362:d=6 hl=2 l= 51 cons: SEQUENCE > 364:d=7 hl=2 l= 9 prim: OBJECT :1.3.6.1.4.1.311.20.2 > 375:d=7 hl=2 l= 38 prim: OCTET STRING > 415:d=3 hl=3 l= 241 cons: SEQUENCE > 418:d=4 hl=2 l= 10 prim: OBJECT :1.3.6.1.4.1.311.13.2.2 > 430:d=4 hl=3 l= 226 cons: SET > 433:d=5 hl=3 l= 223 cons: SEQUENCE > 436:d=6 hl=2 l= 1 prim: INTEGER :02 > 439:d=6 hl=2 l= 78 prim: BMPSTRING > 519:d=6 hl=3 l= 137 prim: BIT STRING > 659:d=1 hl=2 l= 13 cons: SEQUENCE > 661:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption > 672:d=2 hl=2 l= 0 prim: NULL > 674:d=1 hl=3 l= 129 prim: BIT STRING > OpenSSL> asn1parse -in testcert.txt -strparse 375 > 0:d=0 hl=2 l= 36 prim: BMPSTRING > OpenSSL> > > So it seems that I have to add a BMPSTRING as a subfield of the OCTET STRING. > But how can I do that?! >
Create a BMPSTRING, generate its encoding with i2d_BMPSTRING and make that the content of the OCTET STRING. If you are using the file based extension functions in OpenSSL you can make use of its mini-ASN1 compiler to achieve the same result. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
