It's actually even worse. It's not just specific parts of the SignedData such as the encapsulated content info that are BER-encoded, it seems as if any set or sequence is encoded using "constructed" and infinite length. Thanks for the information, I'll try using the CMS functions and see how far I get!
2010/11/6 Dr. Stephen Henson <st...@openssl.org>: > On Sat, Nov 06, 2010, Martin Bolet wrote: > >> I just tested, whether the BER-encoding is preserved if I do not alter >> any of the contents. Unfortunately, it seems as if the encoding is not >> preserved. I did the following: >> >> d2i_PKCS7_bio(file, &p7); >> >> and then directly >> >> i2d_PKCS7_bio(file2, p7); >> >> again. "file" was BER-encoded using e.g. an Octet String in >> constructed form with inifinite length, which was DER-encoded in >> primitive form using definite length in the output. >> Is there a way how I can circumvent the reencoding? >> >> Best regards, >> Martin >> >> (BTW: I'm using 0.9.8o, maybe it's different in 1.0.0?) >> > > Is this a PKCS#7 structure with the encapsulated content not being of type > data? Will the CMS routines work instead? Perhaps not because that's one area > of incompatibility between the two formats. > > If you can use CMS then that uses an OCTET STRING to store the encoding of the > encapsulated content and makes no attempt to decode it. > > Steve. > -- > Dr Stephen N. Henson. OpenSSL project core developer. > Commercial tech support now available see: http://www.openssl.org > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-us...@openssl.org > Automated List Manager majord...@openssl.org > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
