>Have you looked at SNACC? It can be found a little her and there on
>the net, but it seems like the latest version is 1.3, which is
>available at ftp://ftp.fokus.gmd.de/pub/freeware/snacc/.
Skip this one - Unless you really understand ASN.1 you'll play hell
modifying it or DER encodes/decodes.
>There's
>another 1.3 (called 1.3VDA, I think), which is part of a S/MIME
>utility, found as
>http://www.armadillo.huntsville.al.us/software/smime/snacc1_6VDA.zip
>There's a snacc.pdf in the same directory. However, it seems to be
>slightly crippled, 'cause I couldn't get it to compile cleanly on
>Linux, but then again, I'm not sure if the fault was mine or not.
yea - you have to muddle round with this for compiles on anything but
Solaris, BSD, or Win32 and I'm starting my stuff on Linux.
I've been working ( as several people know) with the modified Snacc
compiler (gpl'd) from the oscar project at
http://oscar.dstc.qut.edu.au/ replacing the entire ASN.1
implementation within OpenSSL into a much more modularized
implementation encompassing the full PKCS and PKIX profiles.
You can write your own i2d and d2i functions to do what you want for
CMP - but yes that one will be a pain in the rear.
Easiest way I can put it is that hacking in more higher level ASN1
dependent routines is like adding a basement to an outhouse. ;-) I've
been doing attribute certificate implementations with pretty much
every successive release of OpenSSL for several years now and I can
tell you that it's not really that easy - hence after a long talk with
Eric Young who gave me some pointers on what I might think about I
decded to go ahead and start redoing the entire ASN1 infrastructure
for OpenSSL. I expect to have a preliminary snapshot in 2-3 weeks as
I'm only able to spend about 20 hrs/week on this.
Andrew
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
