On Apr 2, 2009, at 2:22 PM, Dr. Stephen Henson wrote:
On Thu, Apr 02, 2009, Randy Turner wrote:Hello list,Are the ASN.1 functions in OpenSSL "generic" enough to be used for otherpurposes besides reading/writing certificates?Yes.I was curious if the ASN.1 code could encode/decode both BER and DER, generically, even if the source of the data is NOT associated withcertificates. For instance, can these routines be used to encode/ decode a CMS container. Since CMS is pretty close to PKCS#7, my assumption would be "yes". But taken to another extreme, could I use the ASN.1 library in OpenSSL to encode/decode Kerberos traffic, or SNMP traffic (BER), or otherprotocols encoded in BER/DER?Just curious how "reusable" the OpenSSL ASN.1 was, and if it's not "quite" as reusable as I am thinking about, is there a generic library available? I've tried using "asn1c", but this code seems to break when I feed it validBER...OpenSSL supports CMS already. It should always decode BER correctly. DER is output in most cases. The one exception is streaming encode currently used forCMS and PKCS#7 in 1.0.0-beta and later only.
The way that I interpret the above paragraph, I can use the OpenSSL ASN.1 code to
decode BER and output DER. Can I "encode" BER and "decode" DER? Thanks! Randy
Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
smime.p7s
Description: S/MIME cryptographic signature
