Building a DER sequence
Ken Goldman
kgoldman at us.ibm.com
Mon Jul 1 20:27:30 UTC 2019
On 6/26/2019 11:34 AM, Salz, Rich via openssl-users wrote:
> Do I construct a sequence and add items to it - top down?
>
> No, because then you have to go back and patch the sequence length and perhaps slide everything up or down a copule of bytes.
>
> I would look at an existing simple sequence and start writing your own based on that; look for ASN1_SEQUENCE macros in crypto/x509/x*.c files. Another set of macros will declare the i2d/d2i and PEM functions if needed.
I see those macros, but ... is there any documentation?
What partially worked was
create an X509 item
use i2d to serialize it
ASN1_STRING_SET using the DER
built an ASN1_TYPE from the ASN1_STRING with ASN1_TYPE_set
sk_ASN1_TYPE_push
and then i2d_ASN1_SEQUENCE_ANY to get the DER result.
The items are _X509_NAME and X509_VAL. Is there a shorter way?
More information about the openssl-users
mailing list