I'm sorry, I was not precise here. Actually I think (have to verify it again though) the encoding is preserved if I parse the EncapContentInfo and reencode it later on without changing the content.
My problem was more the other way round: When creating an EncapContentInfo from scratch, can I force to use indefinite length instead of the DER definite length bytes? Regards, Martin 2010/11/5 Martin Boßlet <martin.boss...@googlemail.com>: > OK, great, one thing less to worry about! > > But I still face a problem with the explicit [0] tagged content of > EncapContentInfo. In this particular case it has an indefinite length > tag. When I i2d it again , the element is DER-encoded using definite > length and content. Can I force the use of the existing encoding here? > > Thanks, > Martin > > > > 2010/11/5 Dr. Stephen Henson <st...@openssl.org> >> >> On Fri, Nov 05, 2010, Martin Bolet wrote: >> >> > >> > A more general problem is that many signatures pretend to be DER-encoded >> > but >> > they actually apply the wrong order in DER sets. Thus, computing the >> > message >> > digest also fails because the set elements are put out in a different order >> > than the original one, although the set elements themselves are >> > DER-encoded... >> > >> >> OpenSSL should handle this properly by default. It does this by computing the >> signature as though it were a SEQUENCE OF (with SET tag) which retains the >> original order. >> >> When it generates signatures itself it is encoded as a SET OF. >> >> Steve. >> -- >> Dr Stephen N. Henson. OpenSSL project core developer. >> Commercial tech support now available see: http://www.openssl.org >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List openssl-us...@openssl.org >> Automated List Manager majord...@openssl.org > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
