ASN1 <-> DER encoding with application tag

Max Larsson max.larsson at
Thu Nov 4 14:18:08 UTC 2021

Hi Russ,

do you mean that the DER data

0x60 0x7e 0x06 0x06 0x2b 0x06 0x01 0x05 0x05 0x02 0xa0 0x74

is wrong?

If so, that DER data have I captured with wireshark from an smb2 session setup request.
and that’s even I try to decode with help of openssl. If the case is that that data is wrongly,
is there a way to get decode with openssl anyway?


From: Russ Housley <housley at>
Date: Thursday, 4. November 2021 at 15:08
To: Max Larsson <max.larsson at>
Cc: openssl-users at <openssl-users at>
Subject: Re: ASN1 <-> DER encoding with application tag
RFC 2743 shows this structure:

      MechType ::= OBJECT IDENTIFIER

      -- data structure definitions

      -- callers must be able to distinguish among

      -- InitialContextToken, SubsequentContextToken,

      -- PerMsgToken, and SealedMessage data elements

      -- based on the usage in which they occur

      InitialContextToken ::=

      -- option indication (delegation, etc.) indicated within

      -- mechanism-specific token


              thisMech MechType,

              innerContextToken ANY DEFINED BY thisMech

                 -- contents mechanism-specific

                 -- ASN.1 structure not required

The encoded data that you provided dies begin with the [APPLICATION 0] tag, then it if followed by by the { 1 3 6 1 5 5 2 } object identifier.


On Nov 4, 2021, at 9:58 AM, Max Larsson <max.larsson at<mailto:max.larsson at>> wrote:

Hi everyone,

I’m trying to decode and encode Der structure. In my case that are DER encoded GSSAPI structure.

My DER encoded data looks like this (stripped the pending bytes):

0x60 0x7e 0x06 0x06 0x2b 0x06 0x01 0x05 0x05 0x02 0xa0 0x74

My ANS1 definition in my source look like this:

typedef struct ContextToken_st {
    ASN1_OBJECT *mech;
    ASN1_OCTET_STRING *innerContextToken;




Parsing the above DER data fails, so I decided to encode a own Der structure, to see where the difference is with my setup:

    . . .
    negToken = GSSAPI_CONTEXTTOKEN_new();
    if( negToken != NULL ) {
        negToken->mech = OBJ_txt2obj( "",0 );
        negToken->innerContextToken = ASN1_OCTET_STRING_new();

        const unsigned char mechToken[] = "\xa0\x74\x30 // … stripped for readability

        const size_t mechTokenSize = sizeof( mechToken ) - 1;
        printf( "Size of inner token: %zu\n",mechTokenSize );
        ASN1_OCTET_STRING_set( negToken->innerContextToken,mechToken,mechTokenSize );

        buffer = NULL;
        size_t bufferSize = i2d_GSSAPI_CONTEXTTOKEN( negToken,NULL );

        printf( "Required buffer size for DER encoding of ASN1 structure: %zu\n",bufferSize );

        unsigned char *buffer = malloc( bufferSize );
        unsigned char *p = buffer;
        i2d_GSSAPI_CONTEXTTOKEN( negToken,&p );

        for( int len = 0;len < bufferSize;len++ ) {
            if( ( len % 8 ) == 0 )
                printf( "  " );
            if( ( len % 16 ) == 0 )
                printf( "\n\t\t" );
            printf( " 0x%02x",(short)buffer[ len ] );
        printf( "\n" );
    . . .

The code above output the following DER encoded structure (the difference marled in bold):

0x30 0x81 0x80 0x06 0x06 0x2b 0x06 0x01 0x05 0x05 0x02 0x04 0x76 0xa0 0x74

The google result, which I found seems to point into the direction to use application tags to encode.

But I haven’t found any example or how to how to achieve this with openssl, can anyone give me sone hints?

Best regards

Max Larsson
Mit freundlichen Grüßen
Best regards
Dipl.-Inform. Max Larsson
phone: +49(0)6151/62908-75
email: max.larsson at<mailto:max.larsson at>
Bad Nauheimer Str. 4
64289 Darmstadt
Sitz der Gesellschaft: Darmstadt
Registergericht: Amtsgericht Darmstadt, HRB 86193
Geschäftsführer: Dipl.-Inform Max Lars Robert Larsson

Diese E-Mail enthält unter Umständen vertrauliche und/oder rechtlich geschützte Informationen, die allein für den Adressaten bestimmt sind. Wenn Sie nicht der zutreffende Adressat sind oder diese E-Mail irrtümlich erhalten haben, ist jede Verwendung, Verbreitung, Kopie oder Bezugnahme auf den Inhalt dieser E-Mail verboten. Bitte informieren Sie uns über einen eventuellen Irrtum per Telefon, per Telefax oder E-Mail.

This e-mail may contain confidential and/or privileged information. If you are not the intended recipient, any disclosure, copying, distribution or reference on the contents of this e-mail is strictly prohibited. If you have received this e-mail in error please notify us by e-mail, facsimile or phone call.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the openssl-users mailing list