Hi All,
I have the following piece of code, that I use for reading the contents of
X.509 extensions:
X509 *cert = NULL;
X509_EXTENSION *extension;
ASN1_OCTET_STRING *extdata;
char *extname;
for (i = 0; i < X509_get_ext_count(cert); i++)
{
extension = X509_get_ext(cert, i);
extdata = X509_EXTENSION_get_data(extension);
extname = (char
*)OBJ_nid2sn(OBJ_obj2nid(X509_EXTENSION_get_object(extension)));
...
}
In the above example, the ASN1_OCTET_STRING *extdata is used for storing the
extension data. The structure for extdata is the same as for ASN1_STRING
(OpenSSL uses the same structure for all ASN.1 strings I believe) so I can
access the X.509 extension data through the extdata->data (knowing the data
size from extdata->length and the type of the data from extdata->type).
In each parsed extension (generally), in extdata->data I get an encoded string
of type (extdata->type) 4, which is V_ASN1_OCTET_STRING. For the purpose of
string manipulation, comparison or print-out, this is really useless in its
encoded form and needs to be further decoded to a human readable format string
(for example) so that I can pass the string to another application or print it
out properly.
I looked for BER decoding functions in OpenSSL but really I was able to find
only the encoding ones. Even the OpenSSL asn1parse, when I run it, gives only a
hexadecimal dump of the OCTET STRING content of each extension.
Is there a way in OpenSSL so that I can decode (unpack) the ASN1_OCTET_STRING
string and present it in plain text?
Perhaps there are some other libraries, that you are aware of, that could be
used for this purpose.
Thanks in advance for your help.
edkulus
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
