On Thu, Jul 31, 2003, Samuel Meder wrote:
> On Thu, 2003-07-31 at 15:25, Dr. Stephen Henson wrote:
>
> ProxyCertInfoExtension ::= SEQUENCE {
> pCPathLenConstraint ProxyCertPathLengthConstraint
> OPTIONAL,
> proxyPolicy ProxyPolicy }
>
> ProxyCertPathLengthConstraint ::= INTEGER
>
> ProxyPolicy ::= SEQUENCE {
> policyLanguage OBJECT IDENTIFIER,
> policy OCTET STRING OPTIONAL }
>
>
> > 0.9.6 ASN1 code should work with 0.9.7 but that hasn't been extensively
> > tested. The old ASN1 did some horrible things which was one reason why it was
> > replaced.
> >
> > The X509V3_EXT structure has a new ASN1_ITEM field in it. Make sure that is
> > set to NULL.
>
> Ahh, that fixed it. Many thanks.
>
> > You might try converting the ASN1 module to 0.9.7 standard, that should be
> > fairly painless (see the examples all over the new code).
>
> I will eventually. Just wanted to get things to work quickly.
>
It should be very easy to implement that once you get the hang of the new
code. For example:
ASN1_SEQUENCE(ProxyPolicy) = {
ASN1_SIMPLE(ProxyPolicy, policyLanguage, ASN1_OBJECT),
ASN1_OPT(ProxyPolicy, policy, ASN1_OCTET_STRING)
} ASN1_SEQUENCE_END(ProxyPolicy)
ASN1_SEQUENCE(ProxyCertInfoExtension) = {
ASN1_OPT(ProxyCertInfoExtension, pCPathlenContraint, ASN1_INTEGER),
ASN1_SIMPLE(ProxyCertInfoExtension, proxyPolicy, ProxyPolicy)
} ASN1_SEQUENCE_END(ProxyCertInfoExtension)
Then in the header:
DECLARE_ASN1_ITEM(ProxyCertInfoExtension)
Totally untested but that's not far from what should work.
Steve.
--
Dr Stephen N. Henson.
Core developer of the OpenSSL project: http://www.openssl.org/
Freelance consultant see: http://www.drh-consultancy.demon.co.uk/
Email: [EMAIL PROTECTED], PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
