Hi, I'm trying to parse a PKCS#7 file using both openssl and IAIK libraries. The problem comes out when the Issuer DN in the SignerInfo structure of the p7 is compared with the DN of the certificate in the pkcs7. Openssl claims they are different while IAIK claims they are equal. An ASN1 dump of the p7 shows that the one entry of the 2 DNs is encoded differently (PRINTABLESTRING vs T61STRING) but the value is the same. If I understand correctly, in my p7 the same DN has been encoded in two different ways .. What is the correct behaviour?
Any hint? Here is the asn1dump utility output 0:d=0 hl=4 l=1949 cons: SEQUENCE 4:d=1 hl=2 l= 9 prim: OBJECT :pkcs7-signedData 15:d=1 hl=4 l=1934 cons: cont [ 0 ] 19:d=2 hl=4 l=1930 cons: SEQUENCE 23:d=3 hl=2 l= 1 prim: INTEGER :01 26:d=3 hl=2 l= 11 cons: SET 28:d=4 hl=2 l= 9 cons: SEQUENCE 30:d=5 hl=2 l= 5 prim: OBJECT :sha1 37:d=5 hl=2 l= 0 prim: NULL 39:d=3 hl=4 l= 259 cons: SEQUENCE 43:d=4 hl=2 l= 11 prim: OBJECT :id-smime-ct-TSTInfo 56:d=4 hl=3 l= 243 cons: cont [ 0 ] 59:d=5 hl=3 l= 240 prim: OCTET STRING 302:d=3 hl=4 l=1044 cons: cont [ 0 ] 306:d=4 hl=4 l=1040 cons: SEQUENCE 310:d=5 hl=4 l= 760 cons: SEQUENCE 314:d=6 hl=2 l= 3 cons: cont [ 0 ] 316:d=7 hl=2 l= 1 prim: INTEGER :02 319:d=6 hl=2 l= 4 prim: INTEGER :41064558 325:d=6 hl=2 l= 13 cons: SEQUENCE 327:d=7 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption 338:d=7 hl=2 l= 0 prim: NULL 340:d=6 hl=3 l= 146 cons: SEQUENCE 343:d=7 hl=2 l= 11 cons: SET 345:d=8 hl=2 l= 9 cons: SEQUENCE 347:d=9 hl=2 l= 3 prim: OBJECT :countryName 352:d=9 hl=2 l= 2 prim: PRINTABLESTRING :IT 356:d=7 hl=2 l= 52 cons: SET 358:d=8 hl=2 l= 50 cons: SEQUENCE 360:d=9 hl=2 l= 3 prim: OBJECT :organizationName 365:d=9 hl=2 l= 43 prim: PRINTABLESTRING :Centro Nazionale per l'Informatica nella PA 410:d=7 hl=2 l= 46 cons: SET 412:d=8 hl=2 l= 44 cons: SEQUENCE 414:d=9 hl=2 l= 3 prim: OBJECT :organizationalUnitName 419:d=9 hl=2 l= 37 prim: PRINTABLESTRING :Servizi di Sicurezza e Certificazione 458:d=7 hl=2 l= 29 cons: SET 460:d=8 hl=2 l= 27 cons: SEQUENCE 462:d=9 hl=2 l= 3 prim: OBJECT :commonName 467:d=9 hl=2 l= 20 prim: PRINTABLESTRING :CNIPA TimeStamper CA 489:d=6 hl=2 l= 30 cons: SEQUENCE 491:d=7 hl=2 l= 13 prim: UTCTIME :040727120648Z 506:d=7 hl=2 l= 13 prim: UTCTIME :151207120648Z 521:d=6 hl=3 l= 151 cons: SEQUENCE 524:d=7 hl=2 l= 11 cons: SET 526:d=8 hl=2 l= 9 cons: SEQUENCE 528:d=9 hl=2 l= 3 prim: OBJECT :countryName 533:d=9 hl=2 l= 2 prim: PRINTABLESTRING :IT 537:d=7 hl=2 l= 52 cons: SET 539:d=8 hl=2 l= 50 cons: SEQUENCE 541:d=9 hl=2 l= 3 prim: OBJECT :organizationName 546:d=9 hl=2 l= 43 prim: PRINTABLESTRING :Centro Nazionale per l'Informatica nella PA 591:d=7 hl=2 l= 46 cons: SET 593:d=8 hl=2 l= 44 cons: SEQUENCE 595:d=9 hl=2 l= 3 prim: OBJECT :organizationalUnitName 600:d=9 hl=2 l= 37 prim: PRINTABLESTRING :Servizi di Sicurezza e Certificazione 639:d=7 hl=2 l= 34 cons: SET 641:d=8 hl=2 l= 32 cons: SEQUENCE 643:d=9 hl=2 l= 3 prim: OBJECT :commonName 648:d=9 hl=2 l= 25 prim: PRINTABLESTRING :CNIPA TimeStamper2 200410 675:d=6 hl=3 l= 159 cons: SEQUENCE 678:d=7 hl=2 l= 13 cons: SEQUENCE 680:d=8 hl=2 l= 9 prim: OBJECT :rsaEncryption 691:d=8 hl=2 l= 0 prim: NULL 693:d=7 hl=3 l= 141 prim: BIT STRING 837:d=6 hl=3 l= 234 cons: cont [ 3 ] 840:d=7 hl=3 l= 231 cons: SEQUENCE 843:d=8 hl=2 l= 14 cons: SEQUENCE 845:d=9 hl=2 l= 3 prim: OBJECT :X509v3 Key Usage 850:d=9 hl=2 l= 1 prim: BOOLEAN :255 853:d=9 hl=2 l= 4 prim: OCTET STRING 859:d=8 hl=2 l= 19 cons: SEQUENCE 861:d=9 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key Usage 866:d=9 hl=2 l= 12 prim: OCTET STRING 880:d=8 hl=2 l= 48 cons: SEQUENCE 882:d=9 hl=2 l= 3 prim: OBJECT :X509v3 CRL Distribution Points 887:d=9 hl=2 l= 41 prim: OCTET STRING 930:d=8 hl=2 l= 90 cons: SEQUENCE 932:d=9 hl=2 l= 3 prim: OBJECT :X509v3 Certificate Policies 937:d=9 hl=2 l= 83 prim: OCTET STRING 1022:d=8 hl=2 l= 31 cons: SEQUENCE 1024:d=9 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key Identifier 1029:d=9 hl=2 l= 24 prim: OCTET STRING 1055:d=8 hl=2 l= 17 cons: SEQUENCE 1057:d=9 hl=2 l= 3 prim: OBJECT :X509v3 Subject Key Identifier 1062:d=9 hl=2 l= 10 prim: OCTET STRING 1074:d=5 hl=2 l= 13 cons: SEQUENCE 1076:d=6 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption 1087:d=6 hl=2 l= 0 prim: NULL 1089:d=5 hl=4 l= 257 prim: BIT STRING 1350:d=3 hl=4 l= 599 cons: SET 1354:d=4 hl=4 l= 595 cons: SEQUENCE 1358:d=5 hl=2 l= 1 prim: INTEGER :03 1361:d=5 hl=3 l= 155 cons: SEQUENCE 1364:d=6 hl=3 l= 146 cons: SEQUENCE 1367:d=7 hl=2 l= 11 cons: SET 1369:d=8 hl=2 l= 9 cons: SEQUENCE 1371:d=9 hl=2 l= 3 prim: OBJECT :countryName 1376:d=9 hl=2 l= 2 prim: PRINTABLESTRING :IT 1380:d=7 hl=2 l= 52 cons: SET 1382:d=8 hl=2 l= 50 cons: SEQUENCE 1384:d=9 hl=2 l= 3 prim: OBJECT :organizationName 1389:d=9 hl=2 l= 43 prim: T61STRING :Centro Nazionale per l'Informatica nella PA 1434:d=7 hl=2 l= 46 cons: SET 1436:d=8 hl=2 l= 44 cons: SEQUENCE 1438:d=9 hl=2 l= 3 prim: OBJECT :organizationalUnitName 1443:d=9 hl=2 l= 37 prim: PRINTABLESTRING :Servizi di Sicurezza e Certificazione 1482:d=7 hl=2 l= 29 cons: SET 1484:d=8 hl=2 l= 27 cons: SEQUENCE 1486:d=9 hl=2 l= 3 prim: OBJECT :commonName 1491:d=9 hl=2 l= 20 prim: PRINTABLESTRING :CNIPA TimeStamper CA 1513:d=6 hl=2 l= 4 prim: INTEGER :41064558 1519:d=5 hl=2 l= 9 cons: SEQUENCE 1521:d=6 hl=2 l= 5 prim: OBJECT :sha1 1528:d=6 hl=2 l= 0 prim: NULL 1530:d=5 hl=4 l= 273 cons: cont [ 0 ] 1534:d=6 hl=2 l= 26 cons: SEQUENCE 1536:d=7 hl=2 l= 9 prim: OBJECT :contentType 1547:d=7 hl=2 l= 13 cons: SET 1549:d=8 hl=2 l= 11 prim: OBJECT :id-smime-ct-TSTInfo 1562:d=6 hl=2 l= 35 cons: SEQUENCE 1564:d=7 hl=2 l= 9 prim: OBJECT :messageDigest 1575:d=7 hl=2 l= 22 cons: SET 1577:d=8 hl=2 l= 20 prim: OCTET STRING 1599:d=6 hl=3 l= 205 cons: SEQUENCE 1602:d=7 hl=2 l= 11 prim: OBJECT :id-smime-aa-signingCertificate 1615:d=7 hl=3 l= 189 cons: SET 1618:d=8 hl=3 l= 186 cons: SEQUENCE 1621:d=9 hl=3 l= 183 cons: SEQUENCE 1624:d=10 hl=3 l= 180 cons: SEQUENCE 1627:d=11 hl=2 l= 20 prim: OCTET STRING 1649:d=11 hl=3 l= 155 cons: SEQUENCE 1652:d=12 hl=3 l= 146 cons: SEQUENCE 1655:d=13 hl=2 l= 11 cons: SET 1657:d=14 hl=2 l= 9 cons: SEQUENCE 1659:d=15 hl=2 l= 3 prim: OBJECT :countryName 1664:d=15 hl=2 l= 2 prim: PRINTABLESTRING :IT 1668:d=13 hl=2 l= 52 cons: SET 1670:d=14 hl=2 l= 50 cons: SEQUENCE 1672:d=15 hl=2 l= 3 prim: OBJECT :organizationName 1677:d=15 hl=2 l= 43 prim: T61STRING :Centro Nazionale per l'Informatica nella PA 1722:d=13 hl=2 l= 46 cons: SET 1724:d=14 hl=2 l= 44 cons: SEQUENCE 1726:d=15 hl=2 l= 3 prim: OBJECT :organizationalUnitName 1731:d=15 hl=2 l= 37 prim: PRINTABLESTRING :Servizi di Sicurezza e Certificazione 1770:d=13 hl=2 l= 29 cons: SET 1772:d=14 hl=2 l= 27 cons: SEQUENCE 1774:d=15 hl=2 l= 3 prim: OBJECT :commonName 1779:d=15 hl=2 l= 20 prim: PRINTABLESTRING :CNIPA TimeStamper CA 1801:d=12 hl=2 l= 4 prim: INTEGER :41064558 1807:d=5 hl=2 l= 13 cons: SEQUENCE 1809:d=6 hl=2 l= 9 prim: OBJECT :rsaEncryption 1820:d=6 hl=2 l= 0 prim: NULL 1822:d=5 hl=3 l= 128 prim: OCTET STRING -- Email.it, the professional e-mail, gratis per te: http://www.email.it/f Sponsor: Viaggi e vacanze, last minute e crociere, week end e brevi soggiorni, clicca e scopri tutte le opportunitą per single e famiglie Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=2838&d=20041006 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]