Hello!
I'm seeing the structure generated by OpenSSL in a OCSPRequest. However, from
my point of view it doesn't accomplish with the standar because there is not
any number of the version. Is it correct?
Here I attach the result of the structure genereated:
0 SEQUENCE[C] = 2 elements
0 0 SEQUENCE[C] = 1 elements
0 0 0 SEQUENCE[C] = 1 elements
0 0 0 0 SEQUENCE[C] = 4 elements
0 0 0 0 0 SEQUENCE[C] = 2 elements
0 0 0 0 0 0 OBJECT ID = SHA
0 0 0 0 0 1 NULL = null
0 0 0 0 1 OCTET STRING = 20 bytes: DB:57:F4:F8:D2...
0 0 0 0 2 OCTET STRING = 20 bytes: D4:0B:E4:59:AC...
0 0 0 0 3 INTEGER = 16
0 1 CONTEXTSPECIFIC[C] = [2] EXPLICIT
0 1 0 SEQUENCE[C] = 1 elements
0 1 0 0 SEQUENCE[C] = 2 elements
0 1 0 0 0 OBJECT ID = 1.3.6.1.5.5.7.48.1.2 = OID del OCSP nonce
0 1 0 0 1 OCTET STRING = 18 bytes: 04:10:8B:91:A2...
In the RFC tells
OCSPRequest ::= SEQUENCE
{
tbsRequest TBSRequest,
optionalSignature [0] EXPLICIT Signature OPTIONAL
}
TBSRequest ::= SEQUENCE
{
version[0] EXPLICIT INTEGER { v1(0) } DEFAULT v1,
requestorName [1] EXPLICIT GeneralName OPTIONAL,
requestListSEQUENCE OF Request,
requestExtensions [2] EXPLICIT Extensions OPTIONAL
}
However, the structure of the TBSRequest generated by Openssl do not carry
any number of version.
Could someone explain me the reason, please?
Is there another different RFC about OCSP?
Regards,
Antonio.
--
Antonio Ruiz Martínez
e-mail: [EMAIL PROTECTED] or arm [at] dif [dot] um [dot] es
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
