Re: Problems with GENERAL_NAMES on IMPLICIT mode

Fri, 30 May 2003 09:19:11 -0700 

On Thu, May 29, 2003, Fernando Moya wrote:

> Hi, I am having problems with GENERAL_NAMES in the following sequence: :
> 
> ---------------------------------------------------------------------
> 
> DEFINITIONS IMPLICIT TAGS
> 
> Seq1 ::= SEQUENCE
>  {
>  field1 INTEGER,
>  field2 Seq2
>  }
> 
> Seq2 ::= SEQUENCE
>  {
>  sub_field1 [0] Sub_seq_000 OPTIONAL,
>  sub_field2 [1] GENERAL_NAMES OPTIONAL,
>  sub_field3 [2] Sub_seq_200 OPTIONAL
>  }
> 
> ---------------------------------------------------------------------
> 
> Implemented by:
> 
> ASN1_SEQUENCE(Seq2) = {
>     ASN1_IMP_OPT(Seq2, Sub_field1, Sub_seq_000,0),
>     ASN1_IMP_OPT(Seq2, Sub_field2, GENERAL_NAMES,1),
>     ASN1_IMP_OPT(Seq2, Sub_field3, Sub_seq_200,2),
>     } ASN1_SEQUENCE_END(Seq2)
> 
> IMPLEMENT_ASN1_FUNCTIONS(Seq2)
> 
> ASN1_SEQUENCE(Seq1) = {
>     ASN1_SIMPLE(Seq1, field1,INTEGER),
>     ASN1_SIMPLE(Seq1, field2, Seq2)
>     } ASN1_SEQUENCE_END(Seq1)
> 
> IMPLEMENT_ASN1_FUNCTIONS(Seq1)
> 
> Note: GENERAL_NAMES is defined at "crypto/x509v3/x509_v3.h" and
> "crypto/x509v3/v3_genn.c"
> 
> 
> The point is, I can't obtain [1] tag in GENERAL_NAMES. I have tried to put
> GENERAL_NAMES in other situations (always in IMPLICIT mode) and it never
> puts tags. En cambio, I have tried in EXPLICIT mode and it works fine, but I
> need IMPLICIT tags.
> 
> How can I obtain this IMPLICIT tag in DER output?
> 

This is a limitation in the ASN1 code in 0.9.7X. If you have an ASN1 "ITEM
template" which is something like an IMPLICIT and/or SEQUENCE/SET OF as an
ASN1_ITEM then additional modifiers don't get passed down.

GENERAL_NAMES is a SEQUENCE OF GeneralName which makes it an item template so
an IMPLICIT tag on it wont be processed.

This will be supported directly in 0.9.8 and later.

However in 0.9.7 its easy to work around this by instead using the base type,
with combined modifiers, in this case GENERAL_NAME using SEQUENCE OF and
IMPLICIT together. So instead of doing:

     ASN1_IMP_OPT(Seq2, Sub_field2, GENERAL_NAMES,1),

do:

     ASN1_IMP_SEQUENCE_OF_OPT(Seq2, Sub_field2, GENERAL_NAME,1),

Steve.
--
Dr Stephen N. Henson.
Core developer of the   OpenSSL project: http://www.openssl.org/
Freelance consultant see: http://www.drh-consultancy.demon.co.uk/
Email: [EMAIL PROTECTED], PGP key: via homepage.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to