Sven,
In 1, if i2d_ASN1_OBJECT's second argument is 0 (or NULL), ASN1_object_size
returns the complete length of the object identifier including:
identifier octets
length octets
content octets
This is good.
If i2d_ASN1_OBJECT's second argument is not 0, only the length of the
content octets is returned. This is bad. In most cases the difference will
be two, but not necessarily.
Unfortunately, I do not have a fix, yet.
Frank
> -----Original Message-----
> From: Sven Heiberg [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, August 22, 2000 6:10 AM
> To: [EMAIL PROTECTED]
> Subject: Several issues concerning ASN1 in OpenSSL
>
>
>
> Hi!
>
> I'm not sure whether all topics touched describe bugs or not. At least
> these are things which seem unnatural to me. Thank you in
> advance for your
> attention and patience.
>
> Sven Heiberg
>
> -------------------------------------------------------------
>
> 1. Problem with i2d_ASN1_OBJECT
>
> My code:
>
> ASN1_OBJECT *obj = OBJ_nid2obj(NID_sha1);
> unsigned char *asn = 0;
> int length_before = i2d_ASN1_OBJECT(obj, 0);
> asn = new unsigned char[length_before];
> unsigned char *res = asn;
> int length_after = i2d_ASN1_OBJECT(obj, &asn);
>
> Problem is that length_before and length_after differ by 2.
> This does not
> seem to be normal behaviour and causes trouble when i'm using
> length_after
> to save DER encoded ASN1_OBJECT.
>
> --------------------------------------------------------------
>
> 2. Problem with ASN1_INTEGER_to_BN
>
> In OpenSSL there is following code:
>
> BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai, BIGNUM *bn)
> {
> BIGNUM *ret;
>
> if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL)
> ASN1err(ASN1_F_ASN1_INTEGER_TO_BN,ASN1_R_BN_LIB);
> if(ai->type == V_ASN1_NEG_INTEGER) bn->neg = 1;
> return(ret);
> }
>
> I wonder what will happen if I write my code like this:
>
> BIGNUM *mybig = NULL;
>
> mybig = ASN1_INTEGER_to_BN(some_previously_defined_int, mybig);
>
> In my opinion everything will be fine up to the point where BN_bin2bn
> fails. Now if (BN_bin2bn returns NULL) AND
> (some_previously_defined_int
> happens to be negative) then SIGSEGV is on the fly. Am I right?
>
> Also note that ASN1_INTEGER_to_BN and BN_to_ASN1_INTEGER do not check
> whether their first argument is NULL or not. Is this intended
> behaviour?
>
> --------------------------------------------------------------
>
> 3. Problem with i2d_PKCS and d2i_PKCS
>
> If i read rfc2630 and rfc2315 then i notice that one can define other
> contentTypes for CMS data instead of data, signed-data,
> enveloped-data ...
> which are defined in rfc2630. Now i defined my own OID and
> tried to use it
> with PKCS. It doesn't work 'cause if PKCS doesn't recognize
> the OID used
> the attatched data will not be saved. Why is it not possible to do
> following:
>
> if OpenSSL recognizes the data type encapsulated in PKCS then the data
> will be interpreted. If OpenSSL doesn't recognize the data type it is
> handled so as if it was arbitrary der-encoded byte array there? (This
> means it's also saved and loaded during i2d and d2i functions).
>
> ---------------------------------------------------------------
>
> My testlog:
>
> OpenSSL self-test report:
>
> OpenSSL version: 0.9.5a
> Last change: Make sure _lrotl and _lrotr are only used
> with MSVC....
> OS (uname): Linux ondatra.tartu-labor 2.2.14-6.1.1 #2 T
> apr 25 19:06:55 EET 2000 i686 unknown
> OS (config): i686-whatever-linux2
> Target (default): linux-elf
> Target: linux-elf
> Compiler: gcc version 2.95.3 19991030 (prerelease)
>
> Test passed.
>
>
> Sven Heiberg
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> Development Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
