[openssl-users] How to parse DER encoded x509 attributes?
Dave Coombs
dcoombs at carillon.ca
Wed Nov 15 14:31:29 UTC 2017
Hello,
You can do something like the following.
First make a type corresponding to a stack of x509 attributes:
typedef STACK_OF(X509_ATTRIBUTE) SEQ_X509_ATTRIBUTE;
DECLARE_ASN1_FUNCTIONS(SEQ_X509_ATTRIBUTE);
Then make an asn1 template that specifies how the stack should be encoded. (You can use ASN1_TFLG_SET_OF instead of ..SEQUENCE_OF here, depending on the DER you're trying to interpret, I don't know.)
ASN1_ITEM_TEMPLATE(SEQ_X509_ATTRIBUTE) =
ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, x509attribute, X509_ATTRIBUTE)
ASN1_ITEM_TEMPLATE_END(SEQ_X509_ATTRIBUTE)
IMPLEMENT_ASN1_FUNCTIONS(SEQ_X509_ATTRIBUTE)
Now your type has its own d2i and i2d functions, and you can use them:
STACK_OF(X509_ATTRIBUTE) *attrs = d2i_SEQ_X509_ATTRIBUTE(NULL, &data, length);
Cheers,
-Dave
> On Nov 15, 2017, at 07:26, Libor Chocholaty <ossl at mts.cz> wrote:
>
> Hello,
>
> I would like to parse DER encoded x509 attributes and have no clue how to use d2i_ASN1_SET_OF_X509_ATTRIBUTE. There are params that cannot find what to pass like free_func.
>
> I am trying to uderstand by collecting pieces of known code, looking into openssl sources but...
>
> PKCS7_SIGNER_INFO *p7si = PKCS7_SIGNER_INFO_new();
> d2i_ASN1_SET_OF_X509_ATTRIBUTE(&p7si->auth_attr, &der_data, der_data_length, d2i_X509_ATTRIBUTE, free_func, V_ASN1_SET, V_ASN1_UNIVERSAL);
>
> Could somebody help how to do it or give a link to some useful documentation?
> Search internet looks completely not useful in this topic... or do not know how to ask...
>
> Regards,
> Libor
>
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20171115/17eb20dc/attachment.html>
More information about the openssl-users
mailing list