Re: ASN1_OBJECT myth in X509_NAME_add_entry_xxx
Thanks, Dr. Henson. I know those functions work because they perform search against those "standard" objects based on length and data fields, i.e., they don't care about sn or ln. I guess I am trying to find out, that during the creation of X509_NAME_ENTRY, when ASN1_OBJECT is attached, why the sn, ln and nid are NOT assigned values. I can see theoretically, it is because it avoids duplicate those redundant entries. I am just curious where the missing links lie.. If you can point me out, I'd appreciate it since I've been sifting through the code but couldn't identify it by myself.. --- "Dr. Stephen Henson" <[EMAIL PROTECTED]> wrote: > On Tue, Aug 30, 2005, Lincoln wrote: > > > Hi, > > Would any guru please take a look at this > following > > question? Thanks! > > Don't try to access the ASN1_OBJECT structures > directly. Use functions such as > OBJ_obj2nid() etc instead. > > Steve. > -- > Dr Stephen N. Henson. Email, S/MIME and PGP keys: > see homepage > OpenSSL project core developer and freelance > consultant. > Funding needed! Details on homepage. > Homepage: http://www.drh-consultancy.demon.co.uk > __ > OpenSSL Project > http://www.openssl.org > User Support Mailing List > openssl-users@openssl.org > Automated List Manager > [EMAIL PROTECTED] > Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: ASN1_OBJECT myth in X509_NAME_add_entry_xxx
On Tue, Aug 30, 2005, Lincoln wrote: > Hi, > Would any guru please take a look at this following > question? Thanks! Don't try to access the ASN1_OBJECT structures directly. Use functions such as OBJ_obj2nid() etc instead. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
ASN1_OBJECT myth in X509_NAME_add_entry_xxx
Hi,
Would any guru please take a look at this following
question? Thanks!
Dr. Lincoln
X509_NAME_add_entry_by_NID() adds a ASN1_NAME_ENTRY
which contains a pointer to ASN1_OBJECT, among other
things.
Does any expert know why the ASN1_OBJECT referenced in
ASN1_NAME_ENTRY has NULL for sn, ln, nid?
The calling sequence is
X509_NAME_add_entry_by_NID
=> lookup ASN1_OBJECT, X509_NAME_ENTRY_create_by_OBJ
=> X509_NAME_ENTRY_set_object +
X509_NAME_ENTRY_set_data
Where X509_NAME_ENTRY_set_object calls
ne->object = OBJ_dup(obj).
I see ASN1_OBJECT being duplicated above.
Looking at the ASN1_dup() does not reveal those NULL
assignments...
I'd appreciate your help if you can enlighten me on
this myth...
Test code is shown below
-
int main(){
char buf[1024], *field, *value;
X509_NAME *name = NULL;
int i, n, j;
X509_NAME_ENTRY *ne = NULL;
ASN1_OBJECT *obj = NULL;
ASN1_STRING *astr = NULL;
/* it prints
* sn=O; ln=organizationName; nid=17 ;legth=3;
flags=0
* 55,04,0a ==> which is ASN1 encoding of 2.5.4.10 for
"O"
*/
obj = OBJ_txt2obj("O", 0);
printf("sn=%s; ln=%s; nid=%d ;legth=%d; flags=%d\n",
obj->sn, obj->ln, obj->nid, obj->length, obj->flags);
for (j=0; jlength; j++){
printf("%02x,", obj->data[j]);
}
name = X509_NAME_new();
field = "O";
value = "VeriSign Japan K.K.";
if (!X509_NAME_add_entry_by_NID(name, 17,
MBSTRING_ASC, value, -1, -1, 0)){
printf("adding entry %s error\n", field);
}
/*
* I would expect the ASN1_OBJECT prints out
the same stuff
* However, it prints
* entry#0:
* sn=(null); ln=(null); nid=0 ;legth=3; obj_data=U;
flags=9
* 55,04,0a, ==> which is ASN1 encoding of 2.5.4.10
for "O"
*/
n = sk_X509_NAME_ENTRY_num(name->entries);
for (i=0; ientries, i);
obj = ne->object;
printf("sn=%s; ln=%s; nid=%d ;legth=%d; obj_data=%s;
flags=%d\n", obj->sn, obj->ln, obj->nid, obj->length,
obj->data, obj->flags);
for (j=0; jlength; j++){
printf("%02x,", obj->data[j]);
}
}
Start your day with Yahoo! - make it your home page
http://www.yahoo.com/r/hs
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
