Hello, I'm implementing CMP protocol (2510bis-08) and I have some questions of ASN.1
I have been using the ASN1 lib in OpenSSL and I love it, thanks! The macros help a lot! I don't have so much experience with ASN1. But my problem is following: Somehow I can't create correct ASN1 structure of CRMF, I have used ssh-cmpclient (in SSH Tectia Server package, http:/www.ssh.com) to enroll from RSA:s Keon CA-server, and it works, so I have used its structure as an reference that how my structure should look alike (captured the packets using ethereal). Following works (opened with asn1parse): I have only taken here the 'CertTemplate's (X509_CINF) SubjecPublicKeyInfo (X509_PUBKEY). In both executions I have used the same keymaterial. --- SNIP --- 287:d=6 hl=3 l= 159 cons: cont [ 6 ] 290:d=7 hl=2 l= 13 cons: SEQUENCE 292:d=8 hl=2 l= 9 prim: OBJECT :rsaEncryption 303:d=8 hl=2 l= 0 prim: NULL 305:d=7 hl=3 l= 141 prim: BIT STRING --- SNIP --- But in my implementation I can't get the following ASN1 stuff, mine looks like: --- SNIP --- 316:d=6 hl=3 l= 162 cons: cont [ 6 ] 319:d=7 hl=3 l= 159 cons: SEQUENCE 322:d=8 hl=2 l= 13 cons: SEQUENCE 324:d=9 hl=2 l= 9 prim: OBJECT :rsaEncryption 335:d=9 hl=2 l= 0 prim: NULL 337:d=8 hl=3 l= 141 prim: BIT STRING --- SNIP --- I have used all my brain power to come up with the solution. The RSA Keon CA responds with error 'Bad public key or no public key: only RSA keys supported'. That's why I'm thinking the problem is here. Can anyone tell me how to get the upper structure with OpenSSL ASN1 lib? Because I have now SEQUENCE OF SEQUENCE, one SEQUENCE too much. Thanks in advance, Mikael ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
