Slightly confused about change to x400Address in GENERAL_NAME

Bruce Stephens bruce.r.stephens at gmail.com
Wed Feb 8 14:43:06 UTC 2023


If gn is a GENERAL_NAME* and if gn->type == GEN_X400 then
gn->d.x400Address is now an ASN1_STRING*

But what's its value intended to be? It appears to actually be the DER
encoding of the GeneralName (so of a CHOICE).

For example (using dumpasn1):
  0  24: [3] {
  2  22:   SEQUENCE {
  4   4:     [APPLICATION 1] {
  6   2:       PrintableString 'GB'
       :       }
 10   7:     [APPLICATION 2] {
 12   5:       PrintableString 'Hello'
       :       }
 19   5:     [5] {
 21   3:       [0] 'Bar'
       :       }
       :     }
       :   }

I was expecting it to be the encoding of just the SEQUENCE. Is the
current behaviour intended?


More information about the openssl-users mailing list