I think I recall that since GeneralName is a CHOICE that using it with IMPLICIT tags requires the implicit tag to be declared explicitly to avoid ambiguity. I'm not an ASN.1 expert but I've come across this problem before and had to work around it by reversing the implicit tag of GeneralName. I've never been 100% sure of this although I never found a case that disobeyed this rule. If you find anymore out I'd appreciate hearing about it.
Steven -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Fernando Moya Sent: Friday, 30 May 2003 2:20 AM To: [EMAIL PROTECTED] Subject: Problems with GENERAL_NAMES on IMPLICIT mode Hi, I am having problems with GENERAL_NAMES in the following sequence: : --------------------------------------------------------------------- DEFINITIONS IMPLICIT TAGS Seq1 ::= SEQUENCE { field1 INTEGER, field2 Seq2 } Seq2 ::= SEQUENCE { sub_field1 [0] Sub_seq_000 OPTIONAL, sub_field2 [1] GENERAL_NAMES OPTIONAL, sub_field3 [2] Sub_seq_200 OPTIONAL } --------------------------------------------------------------------- Implemented by: ASN1_SEQUENCE(Seq2) = { ASN1_IMP_OPT(Seq2, Sub_field1, Sub_seq_000,0), ASN1_IMP_OPT(Seq2, Sub_field2, GENERAL_NAMES,1), ASN1_IMP_OPT(Seq2, Sub_field3, Sub_seq_200,2), } ASN1_SEQUENCE_END(Seq2) IMPLEMENT_ASN1_FUNCTIONS(Seq2) ASN1_SEQUENCE(Seq1) = { ASN1_SIMPLE(Seq1, field1,INTEGER), ASN1_SIMPLE(Seq1, field2, Seq2) } ASN1_SEQUENCE_END(Seq1) IMPLEMENT_ASN1_FUNCTIONS(Seq1) Note: GENERAL_NAMES is defined at "crypto/x509v3/x509_v3.h" and "crypto/x509v3/v3_genn.c" The problem is when I call to "i2d_Seq1" with an example code, the DER output is: (output from "ASN.1 Dump Utility") SEQUENCE { INTEGER 1 SEQUENCE { [0] { SEQUENCE { ....... } } ===> { [2] 'DNS_GENERALNAMES' } [2] { SEQUENCE { ....... } } } (Attention to the arrow ) instead of: SEQUENCE { INTEGER 1 SEQUENCE { [0] { SEQUENCE { ....... } } ==> [1]{ [2] 'DNS_GENERALNAMES' } [2] { SEQUENCE { ....... } } } The point is, I can't obtain [1] tag in GENERAL_NAMES. I have tried to put GENERAL_NAMES in other situations (always in IMPLICIT mode) and it never puts tags. En cambio, I have tried in EXPLICIT mode and it works fine, but I need IMPLICIT tags. How can I obtain this IMPLICIT tag in DER output? Thanks in advance. Fernando Moya Bernal. University of Malaga. Spain. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
