Thanks for your answer.
I allready tried with the ASN1_ANY, but it's failed too. Actually, i
inspected the implentation of the PKCS12_item_pack_safebag function and
found that it can't support any secret bag. The solution which works is the
following code:
PKCS12_BAGS *bag;
PKCS12_SAFEBAG *safebag;
ASN1_OCTET_STRING *os;
ASN1_TYPE *at;
char pData[]="secret data";
int dataLen=sizeof(pData);
int mySecretNid;
os=ASN1_OCTET_STRING_new();
ASN1_OCTET_STRING_set(os, pData, dataLen); at=ASN1_TYPE_new();
ASN1_TYPE_set(at,os->type,(char *)os);
mySecretNid=OBJ_create("1.2.3.4","OID_MY_SECRET_DATA","My secret data OID");
bag = PKCS12_BAGS_new();
bag->type = OBJ_nid2obj(mySecretNid);
bag->value.other=at;
safebag = PKCS12_SAFEBAG_new();
safebag->value.bag = bag;
safebag->type = OBJ_nid2obj(NID_secretBag);
Regards
Claude CONVERT,
> -----Message d'origine-----
> De : Dr. Stephen Henson [mailto:[EMAIL PROTECTED]
> Envoyé : mardi 24 juin 2003 23:26
> À : [EMAIL PROTECTED]
> Objet : Re: pkcs#12 creation with secret bags
>
>
> On Mon, Jun 23, 2003, Claude CONVERT wrote:
>
> > Hi all
> > I try to create a pkcs#12 with several secret bags.
> > I haven't found any sample which indicates how to do this and
> > especially how to create a secret bag. I try the following
> code, but
> > it doesn't work :
> >
> > PKCS12_SAFEBAG *safebag;
> > ASN1_OCTET_STRING *os;
> > ASN1_TYPE *at;
> > char pData[]="secret data";
> > int dataLen=sizeof(pData);
> > int mySecretNid;
> >
> > os=ASN1_OCTET_STRING_new();
> > ASN1_OCTET_STRING_set(os, pData, dataLen); at=ASN1_TYPE_new();
> > ASN1_TYPE_set(at,os->type,(char *)os);
> > mySecretNid=OBJ_create("1.2.3.4","OID_MY_SECRET_DATA","My
> secret data
> > OID");
> > safebag=PKCS12_item_pack_safebag(at,
> ASN1_ITEM_rptr(ASN1_OCTET_STRING),
> > mySecretNid, NID_secretBag);
> >
> >
> > I think that the problem is due to the
> > ASN1_ITEM_rptr(ASN1_OCTET_STRING) parameter, but i don't
> know what to
> > pass else ?
> > ASN1_ITEM_rptr(ASN1_TYPE) is not implemented.
> >
>
> Well I've never actually seen anyone use a secretBag or any
> kind of published standard for it. The PKCS#12 spec just
> leaves this type open with no OID definitions at all.
>
> With the caveat that this is totally untested... I'd say what
> you are doing is largely correct apart from the ASN1_TYPE
> stuff you mention. The itemt for ASN1_TYPE isn't names
> ASN1_TYPE but ASN1_ANY because its effectively the ASN1 "ANY"
> type. I suggest you try that.
>
> Steve.
> --
> Dr Stephen N. Henson.
> Core developer of the OpenSSL project: http://www.openssl.org/
> Freelance consultant see: http://www.drh-consultancy.demon.co.uk/
> Email: [EMAIL PROTECTED], PGP key: via
> homepage.
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> Development Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
