This is to follow up on a previous posting where:
"I wrote a program much like pk11sdr.c: it does encrypt/decrypt with some
slight modifications. However I just ran the program on my Win2K machine
using the latest NSS 3.3.2 libs (that I built from scratch) and I get an
error when doing a SEC_ASN1EncodeItem(0, result, &sdrResult, template); the
error has something to do with the template used
SECOID_AlgorithmIDTemplate..."
Nelson Bolyard responded saying that instead of doing:
static SEC_ASN1Template template[] = {
{ SEC_ASN1_SEQUENCE, 0, NULL, sizeof (SDRResult) },
{ SEC_ASN1_OCTET_STRING, offsetof(SDRResult, keyid) },
{ SEC_ASN1_INLINE, offsetof(SDRResult, alg), SECOID_AlgorithmIDTemplate },
{ SEC_ASN1_OCTET_STRING, offsetof(SDRResult, data) },
{ 0 }
};
I should do:
SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
static SEC_ASN1Template template[] = {
{ SEC_ASN1_SEQUENCE, 0, NULL, sizeof (SDRResult) },
{ SEC_ASN1_OCTET_STRING, offsetof(SDRResult, keyid) },
{ SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(SDRResult, alg),
SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
//{ SEC_ASN1_INLINE, offsetof(SDRResult, alg),
SECOID_AlgorithmIDTemplate },
{ SEC_ASN1_OCTET_STRING, offsetof(SDRResult, data) },
{ 0 }
};
Well I still had problems after the change...Anyway, my new question now is:
why doesn't the pk11wrap/pk11sdr.c code itself not use the second method? It
looks like it refers to the SECOID_AlgorithmIDTemplate directly...
-- POC
