Packing an X.509v3 Certificate into a PDU for transmission

Thu, 06 Dec 2001 23:40:05 -0800 

Hi,

As part of a UDP protocol exchange (for peer-to-peer
authentication using digital signatures) I'm writing a
C program to assemble and send a single PDU (protocol
data unit) packet.

This PDU packet consists of:
(1)  A short text message, 128 bytes.
(2)  My 1024-bit RSA signature on the above message,
ie. 128 bytes.
And
(3)  My X.509v3 certificate, maximum size 2048 bytes.
(I'm not using any v3-specific extensions).

Because the PDU is small enough, it's guaranteed to
travel on the network as a single packet, without any
segmentation-and-reassembly.

Creating the PDU with just (1) and (2) above is easy. 
But adding (3) above, ie. the Certificate, is
horrendously difficult.

The "X509" certificate structure in openssl/x509.h,
"x509_st", contains (nested) pointers, so my code has
to pack (serialize) it into a contiguous array-block
before transmission.

And of course, at the receiving end, my code must
unpack (deserialize) it back to an "X509" structure. 

Does OpenSSL already have a function to pack an
X.509v3 structure into a contiguous array-block?  And
to unpack it back afterwards?  If so, could you please
point me to those functions?  And to any sample code
that uses them?

I've been looking carefully through the ASN.1 and
X.509 code and associated pods, but nothing's jumped
out at me yet.

Or do I have no choice but to pack it the long-winded
way, for each sub-field in turn, eg.:

/* cert_info subfield 2: ASN1_INTEGER *serialNumber:
*/
    memcpy(rawpdu+sizeuint,
&((ptr_structuredpdu->MYCERT).cert_info.serialNumber.length),
sizeof(int));
    sizeuint += sizeof(int);

    memcpy(rawpdu+sizeuint,
&((ptr_structuredpdu->MYCERT).cert_info.serialNumber.type),
sizeof(int));
    sizeuint += sizeof(int);

    memcpy(rawpdu+sizeuint,
&((ptr_structuredpdu->MYCERT).cert_info.serialNumber->data),
sizeof(unsigned char));
    sizeuint += sizeof(unsigned char);

    memcpy(rawpdu+sizeuint,
&((ptr_structuredpdu->MYCERT).cert_info.serialNumber.flags),
sizeof(long));
    sizeuint += sizeof(long);


Many thanks for your help, in advance.

Amodhini U

[EMAIL PROTECTED]

__________________________________________________
Do You Yahoo!?
Send your FREE holiday greetings online!
http://greetings.yahoo.com
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to