Hello, I'm experiencing with some problems with the DER encoding of a BIT
STRING.
Indeed when you have to produce an BIT STRING with all the bit set to zero
if you use the ASN1_BIT_STRING_set passing to it such a string what you
obtain is that
the final encoding of the bit string is 03 02 00 CD that it's wrong. If
I have understood correctly the code the problem is in the i2c_ASN1_BIT_STRING
because the last one cannot handle the case in which the length of the string
is set to one but the string is empty.
Taking into account that sometimes is necessary to have a bit string with
all bit set to zero (e.g., the TSP protocol introduces:
PKIFailureInfo ::= BIT STRING {
badAlg (0),
-- unrecognized or unsupported Algorithm Identifier
...) what is the correct behaviour:
1) just avoid to call the ASN1_BIT_STRING_set, in this case you obtain the
encoding 03 01 00 (my concern is that, according to the specification, the
first contect octet must be used to encode the number of "unused bits" so
I'm not sure if this encoding is correct or not)
2) is the alternative encoding 03 02 00 00 correct ? (i.e., do we have to
be able to correctly handle it ? I found a way to produce also that one).
Thanks in advance for any hints/explanations,
best regards
MD
__________________________________________________________________
Abbonati a Tiscali!
Con VoceViva puoi anche ascoltare ed inviare email al telefono.
Chiama VoceViva all' 892 800 http://voceviva.tiscali.it
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
