On Thu, Apr 02, 2009, Randy Turner wrote: > > Hello list, > > Are the ASN.1 functions in OpenSSL "generic" enough to be used for other > purposes besides reading/writing certificates? >
Yes. > I was curious if the ASN.1 code could encode/decode both BER and DER, > generically, even if the source of the data is NOT associated with > certificates. For instance, can these routines be used to encode/decode a > CMS container. Since CMS is pretty close to PKCS#7, my assumption would be > "yes". But taken to another extreme, could I use the ASN.1 library in > OpenSSL to encode/decode Kerberos traffic, or SNMP traffic (BER), or other > protocols encoded in BER/DER? > > Just curious how "reusable" the OpenSSL ASN.1 was, and if it's not "quite" > as reusable as I am thinking about, is there a generic library available? > I've tried using "asn1c", but this code seems to break when I feed it valid > BER... > OpenSSL supports CMS already. It should always decode BER correctly. DER is output in most cases. The one exception is streaming encode currently used for CMS and PKCS#7 in 1.0.0-beta and later only. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
