subject:"Re\: \[openssl\-users\] How to parse DER encoded x509 attributes\?"

Re: [openssl-users] How to parse DER encoded x509 attributes?

2017-11-20 Thread Dave Coombs

Hello,

As I said, you could experiment with ASN1_TFLG_SET_OF instead of 
ASN1_TFLG_SEQUENCE_OF.

Also, to free the memory, you should be able to use just one call:
sk_X509_ATTRIBUTE_pop_free(attrs, X509_ATTRIBUTE_free);

This frees each element in the stack, and also frees the stack.

All the best,
  -Dave


> On Nov 20, 2017, at 09:03, Libor Chocholaty  wrote:
> Hello,
> 
> thanks a lot. Works nice. Just it is interesting that I get X509_ATTRIBUTEs 
> what should be a SEQUENCE but need to parse as SET.
> 
> And to free the memory:
> 
> X509_ATTRIBUTE *attr;
> while ((attr = sk_X509_ATTRIBUTE_pop(attrs)) != NULL) {
> X509_ATTRIBUTE_free(attr);
> }
> sk_X509_ATTRIBUTE_free(attrs);
> 
> Looks working.
> 
> Regards,
> Libor
> 
>  
> On 2017-11-15 15:31, Dave Coombs wrote:
> 
>> Hello,
>>  
>> You can do something like the following.
>>  
>> First make a type corresponding to a stack of x509 attributes:
>>  
>>  typedef STACK_OF(X509_ATTRIBUTE) SEQ_X509_ATTRIBUTE;
>>  DECLARE_ASN1_FUNCTIONS(SEQ_X509_ATTRIBUTE);
>>  
>> Then make an asn1 template that specifies how the stack should be encoded.  
>> (You can use ASN1_TFLG_SET_OF instead of ..SEQUENCE_OF here, depending on 
>> the DER you're trying to interpret, I don't know.)
>>  
>>  ASN1_ITEM_TEMPLATE(SEQ_X509_ATTRIBUTE) =
>>  ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, x509attribute, 
>> X509_ATTRIBUTE)
>>  ASN1_ITEM_TEMPLATE_END(SEQ_X509_ATTRIBUTE)
>>  IMPLEMENT_ASN1_FUNCTIONS(SEQ_X509_ATTRIBUTE)
>>  
>> Now your type has its own d2i and i2d functions, and you can use them:
>>  
>>  STACK_OF(X509_ATTRIBUTE) *attrs = d2i_SEQ_X509_ATTRIBUTE(NULL, , 
>> length);
>>  
>> Cheers,
>>   -Dave
>>  
>> 
>>> On Nov 15, 2017, at 07:26, Libor Chocholaty >> > wrote:
>>> Hello,
>>> 
>>> I would like to parse DER encoded x509 attributes and have no clue how to 
>>> use d2i_ASN1_SET_OF_X509_ATTRIBUTE. There are params that cannot find what 
>>> to pass like free_func.
>>> 
>>> I am trying to uderstand by collecting pieces of known code, looking into 
>>> openssl sources but...
>>> 
>>> PKCS7_SIGNER_INFO *p7si = PKCS7_SIGNER_INFO_new();
>>> d2i_ASN1_SET_OF_X509_ATTRIBUTE(>auth_attr, _data, 
>>> der_data_length, d2i_X509_ATTRIBUTE, free_func, V_ASN1_SET, 
>>> V_ASN1_UNIVERSAL);
>>> 
>>> Could somebody help how to do it or give a link to some useful 
>>> documentation?
>>> Search internet looks completely not useful in this topic... or do not know 
>>> how to ask...
>>> 
>>> Regards,
>>> Libor
>>> 
>>>  
>>> -- 
>>> openssl-users mailing list
>>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users 
>>> 
>>  
>  
>  
> -- 
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] How to parse DER encoded x509 attributes?

2017-11-20 Thread Libor Chocholaty

Hello, 

thanks a lot. Works nice. Just it is interesting that I get
X509_ATTRIBUTEs what should be a SEQUENCE but need to parse as SET. 

And to free the memory: 

X509_ATTRIBUTE *attr;
while ((attr = sk_X509_ATTRIBUTE_pop(attrs)) != NULL) {
X509_ATTRIBUTE_free(attr);
}
sk_X509_ATTRIBUTE_free(attrs); 

Looks working. 

Regards,
Libor 

On 2017-11-15 15:31, Dave Coombs wrote:

> Hello, 
> 
> You can do something like the following. 
> 
> First make a type corresponding to a stack of x509 attributes: 
> 
> typedef STACK_OF(X509_ATTRIBUTE) SEQ_X509_ATTRIBUTE; 
> DECLARE_ASN1_FUNCTIONS(SEQ_X509_ATTRIBUTE); 
> 
> Then make an asn1 template that specifies how the stack should be encoded.  
> (You can use ASN1_TFLG_SET_OF instead of ..SEQUENCE_OF here, depending on the 
> DER you're trying to interpret, I don't know.) 
> 
> ASN1_ITEM_TEMPLATE(SEQ_X509_ATTRIBUTE) = 
> ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, x509attribute, 
> X509_ATTRIBUTE) 
> ASN1_ITEM_TEMPLATE_END(SEQ_X509_ATTRIBUTE) 
> IMPLEMENT_ASN1_FUNCTIONS(SEQ_X509_ATTRIBUTE) 
> 
> Now your type has its own d2i and i2d functions, and you can use them: 
> 
> STACK_OF(X509_ATTRIBUTE) *attrs = d2i_SEQ_X509_ATTRIBUTE(NULL, , 
> length); 
> 
> Cheers, 
> -Dave 
> 
>> On Nov 15, 2017, at 07:26, Libor Chocholaty  wrote: 
>> 
>> Hello, 
>> 
>> I would like to parse DER encoded x509 attributes and have no clue how to 
>> use d2i_ASN1_SET_OF_X509_ATTRIBUTE. There are params that cannot find what 
>> to pass like free_func. 
>> 
>> I am trying to uderstand by collecting pieces of known code, looking into 
>> openssl sources but... 
>> 
>> PKCS7_SIGNER_INFO *p7si = PKCS7_SIGNER_INFO_new();
>> d2i_ASN1_SET_OF_X509_ATTRIBUTE(>auth_attr, _data, der_data_length, 
>> d2i_X509_ATTRIBUTE, free_func, V_ASN1_SET, V_ASN1_UNIVERSAL); 
>> 
>> Could somebody help how to do it or give a link to some useful documentation?
>> Search internet looks completely not useful in this topic... or do not know 
>> how to ask... 
>> 
>> Regards,
>> Libor
>> 
>> -- 
>> openssl-users mailing list
>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] How to parse DER encoded x509 attributes?

2017-11-15 Thread Dave Coombs

Hello,

You can do something like the following.

First make a type corresponding to a stack of x509 attributes:

typedef STACK_OF(X509_ATTRIBUTE) SEQ_X509_ATTRIBUTE;
DECLARE_ASN1_FUNCTIONS(SEQ_X509_ATTRIBUTE);

Then make an asn1 template that specifies how the stack should be encoded.  
(You can use ASN1_TFLG_SET_OF instead of ..SEQUENCE_OF here, depending on the 
DER you're trying to interpret, I don't know.)

ASN1_ITEM_TEMPLATE(SEQ_X509_ATTRIBUTE) =
ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, x509attribute, 
X509_ATTRIBUTE)
ASN1_ITEM_TEMPLATE_END(SEQ_X509_ATTRIBUTE)
IMPLEMENT_ASN1_FUNCTIONS(SEQ_X509_ATTRIBUTE)

Now your type has its own d2i and i2d functions, and you can use them:

STACK_OF(X509_ATTRIBUTE) *attrs = d2i_SEQ_X509_ATTRIBUTE(NULL, , 
length);

Cheers,
  -Dave


> On Nov 15, 2017, at 07:26, Libor Chocholaty  wrote:
> 
> Hello,
> 
> I would like to parse DER encoded x509 attributes and have no clue how to use 
> d2i_ASN1_SET_OF_X509_ATTRIBUTE. There are params that cannot find what to 
> pass like free_func.
> 
> I am trying to uderstand by collecting pieces of known code, looking into 
> openssl sources but...
> 
> PKCS7_SIGNER_INFO *p7si = PKCS7_SIGNER_INFO_new();
> d2i_ASN1_SET_OF_X509_ATTRIBUTE(>auth_attr, _data, der_data_length, 
> d2i_X509_ATTRIBUTE, free_func, V_ASN1_SET, V_ASN1_UNIVERSAL);
> 
> Could somebody help how to do it or give a link to some useful documentation?
> Search internet looks completely not useful in this topic... or do not know 
> how to ask...
> 
> Regards,
> Libor
> 
>  
> -- 
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] How to parse DER encoded x509 attributes?

Re: [openssl-users] How to parse DER encoded x509 attributes?

Re: [openssl-users] How to parse DER encoded x509 attributes?

3 matches

Site Navigation

Mail list logo

Footer information