On Thu, Jan 23, 2014, Rogrio Saulo wrote: > Hi all, > > Sorry if it as a stupid question but... > > I'm trying to add an custom policy qualifier attribute with another NID > different from NID_id_qt_cps to an PKCS7 envelope. > > If I use the NID_id_qt_cps all works fine, BUT if I change the NID to another > created by OBJ_create the program crashes at thei2d_POLICYINFO function. > > I cannot use the POLICYQUALINFO object with another NID different from > NID_id_qt_cps?? > > There is my working code : > > ASN1_OBJECT *polID; > POLICYINFO *pInfo = POLICYINFO_new(); > polID = OBJ_txt2obj("2.16.76.1.7.1.2.2.1", 0); > pInfo->policyid = polID; > POLICYQUALINFO *pQInfo; > pQInfo = POLICYQUALINFO_new(); > pInfo->qualifiers = sk_POLICYQUALINFO_new_null(); > pQInfo = POLICYQUALINFO_new(); > sk_POLICYQUALINFO_push(pInfo->qualifiers, pQInfo); > pQInfo->pqualid = OBJ_nid2obj(NID_id_qt_cps); > pQInfo->d.cpsuri = M_ASN1_IA5STRING_new(); > char *urlPolitica = "http://politicas.icpbrasil.gov.br/PA_AD_RT_v2_1.der"; > ASN1_STRING_set(pQInfo->d.cpsuri, urlPolitica, strlen(urlPolitica)); > POLICY_add_attrib(si, pInfo); // WORKS FINE > > If I change the line : > > pQInfo->pqualid = OBJ_nid2obj(NID_id_qt_cps); > > With : > > int NID_id_spq_ets_uri = OBJ_create("1.2.840.113549.1.9.16.5.1", > "id_spq_ets_uri", "id_spq_ets_uri"); > pQInfo->pqualid = OBJ_nid2obj(NID_id_spq_ets_uri); > > The program crashes at function POLICY_add_attrib in THIS LINE : > > int len = i2d_POLICYINFO(pInfo, NULL); > > What I'm doing wrong??? >
The problem is that the structure in question is the "any defined by OID" type. There are two standard OIDs NID_id_qt_cps and NID_id_qt_unotice. If you have any other OID the code has no idea how to handle it and so falls back to using ASN1_TYPE. The crash is because it's expecting ASN1_TYPE in the union but gets a different structure. So you need to populate the d.other field in that case. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org