Hi everyone, I’m trying to decode and encode Der structure. In my case that are DER encoded GSSAPI structure.
My DER encoded data looks like this (stripped the pending bytes): 0x60 0x7e 0x06 0x06 0x2b 0x06 0x01 0x05 0x05 0x02 0xa0 0x74 My ANS1 definition in my source look like this: typedef struct ContextToken_st { ASN1_OBJECT *mech; ASN1_OCTET_STRING *innerContextToken; } GSSAPI_CONTEXTTOKEN; DECLARE_ASN1_FUNCTIONS( GSSAPI_CONTEXTTOKEN ) ASN1_SEQUENCE( GSSAPI_CONTEXTTOKEN ) = { ASN1_SIMPLE( GSSAPI_CONTEXTTOKEN, mech, ASN1_OBJECT ), ASN1_SIMPLE( GSSAPI_CONTEXTTOKEN, innerContextToken, ASN1_OCTET_STRING ) } ASN1_SEQUENCE_END( GSSAPI_CONTEXTTOKEN ) IMPLEMENT_ASN1_FUNCTIONS( GSSAPI_CONTEXTTOKEN ) Parsing the above DER data fails, so I decided to encode a own Der structure, to see where the difference is with my setup: . . . negToken = GSSAPI_CONTEXTTOKEN_new(); if( negToken != NULL ) { negToken->mech = OBJ_txt2obj( "1.3.6.1.5.5.2",0 ); negToken->innerContextToken = ASN1_OCTET_STRING_new(); const unsigned char mechToken[] = "\xa0\x74\x30 // … stripped for readability const size_t mechTokenSize = sizeof( mechToken ) - 1; printf( "Size of inner token: %zu\n",mechTokenSize ); ASN1_OCTET_STRING_set( negToken->innerContextToken,mechToken,mechTokenSize ); buffer = NULL; size_t bufferSize = i2d_GSSAPI_CONTEXTTOKEN( negToken,NULL ); printf( "Required buffer size for DER encoding of ASN1 structure: %zu\n",bufferSize ); unsigned char *buffer = malloc( bufferSize ); unsigned char *p = buffer; i2d_GSSAPI_CONTEXTTOKEN( negToken,&p ); for( int len = 0;len < bufferSize;len++ ) { if( ( len % 8 ) == 0 ) printf( " " ); if( ( len % 16 ) == 0 ) printf( "\n\t\t" ); printf( " 0x%02x",(short)buffer[ len ] ); } printf( "\n" ); . . . The code above output the following DER encoded structure (the difference marled in bold): 0x30 0x81 0x80 0x06 0x06 0x2b 0x06 0x01 0x05 0x05 0x02 0x04 0x76 0xa0 0x74 The google result, which I found seems to point into the direction to use application tags to encode. But I haven’t found any example or how to how to achieve this with openssl, can anyone give me sone hints? Best regards Max Larsson Mit freundlichen Grüßen Best regards Dipl.-Inform. Max Larsson Geschäftsleitung ________________________________ phone: +49(0)6151/62908-75 fax: email: max.lars...@facilityboss.biz<mailto:max.lars...@facilityboss.biz> web: http://facilityboss.biz [facilityboss]<http://facilityboss.biz> Bad Nauheimer Str. 4 64289 Darmstadt Germany Sitz der Gesellschaft: Darmstadt Registergericht: Amtsgericht Darmstadt, HRB 86193 Geschäftsführer: Dipl.-Inform Max Lars Robert Larsson ________________________________ Diese E-Mail enthält unter Umständen vertrauliche und/oder rechtlich geschützte Informationen, die allein für den Adressaten bestimmt sind. Wenn Sie nicht der zutreffende Adressat sind oder diese E-Mail irrtümlich erhalten haben, ist jede Verwendung, Verbreitung, Kopie oder Bezugnahme auf den Inhalt dieser E-Mail verboten. Bitte informieren Sie uns über einen eventuellen Irrtum per Telefon, per Telefax oder E-Mail. This e-mail may contain confidential and/or privileged information. If you are not the intended recipient, any disclosure, copying, distribution or reference on the contents of this e-mail is strictly prohibited. If you have received this e-mail in error please notify us by e-mail, facsimile or phone call.