[openssl-users] X509_ATTRIBUTE_create_by_NID reversing sequence
Andrew Felsher
ncsuandrew12 at gmail.com
Mon Nov 20 20:03:32 UTC 2017
Hi,
I'm working on a CSR-generating API using OpenSSL 1.0.2m. My question is:
does OpenSSL do any sort of reordering of the entries in an ASN1 sequence?
Specifically, when encoding a postal address X509_ATTRIBUTE.
Background:
To create a postal address X509_ATTRIBUTE, I'm calling
X509_ATTRIBUTE_create_by_NID(NULL, nid, atrtype, data, len). nid is 861
(0x35d) (postal address), atrtype is 16 (ASN1 sequence).
My data is the concatenated results of three i2d_ASN1_GENERALSTRING() calls
for three strings, resulting in this data:
0000: 1B 11 32 32 31 42 20 42 61 6B 65 72 20 53 74 72 ..221B Baker Str
0010: 65 65 74 1B 06 4C 6F 6E 64 6F 6E 1B 02 55 4B -- eet..London..UK
X509_ATTRIBUTE_create_by_NID seems to handle this fine, and various later
X509_ATTRIBUTE*() calls work fine.
However, when I call i2d_X509_ATTRIBUTE() just after generating the
attribute, the three strings seem to be reversed in the output:
0000: 30 26 06 03 55 04 10 31 1F 1B 02 55 4B 1B 06 4C 0&..U..1...UK..L
0010: 6F 6E 64 6F 6E 1B 11 32 32 31 42 20 42 61 6B 65 ondon..221B Bake
0020: 72 20 53 74 72 65 65 74 -- -- -- -- -- -- -- -- r Street
Any idea what could be causing that?
Thanks,
Andrew Felsher
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20171120/94a17283/attachment-0001.html>
More information about the openssl-users
mailing list