> On Wed, Jul 03, 2002, Michael Voucko wrote:
>
>> The following implementation of the presented ASN1 definition has two gotchas
>> which trouble me:
>>
>> 1) the 'DEFAULT 0' part for 'Minimum' of GENERAL_SUBTREE is not reflected,
>> is there any way to do so?
>>
>
> This is normally part of the code that interprets the structure: if the
> field is NULL it has the default value, if setting to the default value
> set it to NULL.
>
>> 2) the encoding of the NameConstraint is lacking the IMPLICIT tag
>> for Permitted/ExcludedSubtrees. For Minimum and Maximum of GENERAL_SUBTREE
>> it's added as expected. Any clues?
>>
>
> This is due to the issue I mentioned of some flags not being
> passed to the ASN1_ITEM_TEMPLATE structure.
>
> The solution is to use the base type and combine the options
> in the relevant struture:
>
> ASN1_SEQUENCE(NAME_CONSTRAINTS) = {
> ASN1_SEQUENCE_OF_IMP_OPT(NAME_CONSTRAINTS, PermittedSubtrees, GENERAL_SUBTREE,
>0),
> ASN1_SEQUENCE_OF_IMP_OPT(NAME_CONSTRAINTS, ExcludedSubtrees, GENERAL_SUBTREE,
>1)
> } ASN1_SEQUENCE_END(NAME_CONSTRAINTS)
>
Thanks, it works fine for me with
#define ASN1_SEQUENCE_OF_OPT_IMP(stname, field, type, tag) \
ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL|ASN1_TFLG_IMPLICIT, \
tag,
stname, field, type)
Is this what you had in mind or is there a problem with it?
Michael
--
Fillmore Labs GmbH
Michael Voucko
Triforum C2
Frankfurter Str. 233
63263 Neu-Isenburg
Germany
Phone: +49 (0)6102 884 786 0
mailto:[EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
