On 02/14/2011 01:11 PM, Eisenacher, Patrick wrote:
I want to encode a private asn1 structure, say something like the following:
SEQUENCE
true_false BOOLEAN
certificate Certificate
I checked the asn1parse command and was able to specify my outer sequence and
the inner boolean in the genconf file, but failed to specify my certificate. I
had hoped to specify the certificate via DER: 01 02 03... like I would with a
private extension in openssl's conf file, but this didn't work.
I also tried decoding the certificate via asn1parse and then re-encoding the
output, but that didn't work neither.
Is there any way to achieve my goal without manually constructing the asn.1
coding?
Yes, you can/might
- transform the certificate into an octet string in hex,
- remove the initial tag and length, probably 4 octets,
- specify an universal 16 implicit octet string
and the content octets.
the asn1parse encoder detect that the universal 16 is actually
a sequence and will put automagically the constructed bit.
Thanks for your help,
Patrick Eisenacher
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
