Hi Chris, Thank you for your quick response. I love the intricacies of ASN.1 :)
My real goal here is to be able to enocode these SubjectAltName structures. Would you have any insight on the best way to create a structure like this? Anyways, the x509decode script can be found in the examples directory of your Convert-ASN1 unpack directory. Here's a pointer to the script on CPAN. It seems to work OK for parsing a certificate: http://search.cpan.org/src/GBARR/Convert-ASN1-0.17/examples/x509decode --- Chris Ridd <[EMAIL PROTECTED]> wrote: > On 30/9/03 8:01 pm, Paul Bearer <[EMAIL PROTECTED]> wrote: > > > Friends, > > > > I am trying to decode a sample subjectAltName extension provided to me in > > base64. > > Here it is: > > > > MDUwMwYDVR0RBCwwKoIMdGVzdDEuaHAuY29tggx0ZXN0Mi5ocC5jb22CDHRlc3QzLmhwLmNvbQ== > > > > Using the x509decode sample script that came with Convert::ASN1, I tried to > > build some > > code to parse this data, but I get the following error: > > > > Modification of a read-only value attempted at > > /opt/perl/lib/site_perl/5.6.1/Convert/ASN1/_decode.pm line 319. > > > > Here is a snippet of code that I am using, any thoughts would be greatly > > appreciated! > > > > -----BEGIN SAMPLE CODE----- > > use Data::Dumper; > > $Data::Dumper::Indent=1; > > $Data::Dumper::Quotekeys=1; > > $Data::Dumper::Useqq=1; > > use MIME::Base64; > > use Math::BigInt; > > > > use Convert::ASN1 qw(:io :debug); > > > > my > > $sanBase64="MDUwMwYDVR0RBCwwKoIMdGVzdDEuaHAuY29tggx0ZXN0Mi5ocC5jb22CDHRlc3QzL > > mhwLmNvbQ=="; > > > > my $asn_san = $asn->find('SubjectAltName'); > > $binSan = decode_base64($sanBase64); > > decodeSan($binSan); > > > > sub decodeSan() { > > my $der_san = shift; > > my $san = $asn_san->decode($der_san) or die $asn_san->error; > > print Dumper($san); > > } > > -----END SAMPLE CODE----- > > One problem might be that the X.509 module is using explicit tagging, and > Convert::ASN1 uses implicit tagging. You'll need to hack the ASN.1 > definitions you feed into Convert::ASN1 if this is the case. (I didn't know > about the x509decode script; it might do this already..) > > However, if I just try calling Convert::ASN1::asn_dump() on $binSan, which > should just do a dump of the ASN.1 structure, I get a runtime error from > perl: Argument "opTYPE" isn't numeric in array element at > /Library/Perl/Convert/ASN1/Debug.pm line 129. > > Passing the same data into dumpasn1 decodes OK, so this might be a bug in > Convert::ASN1. > > 0 53: SEQUENCE { > 2 51: SEQUENCE { > 4 3: OBJECT IDENTIFIER '2 5 29 17' > 9 44: OCTET STRING, encapsulates { > 11 42: SEQUENCE { > 13 12: [2] 'test1.hp.com' > 27 12: [2] 'test2.hp.com' > 41 12: [2] 'test3.hp.com' > : } > : } > : } > : } > > (I'm not sure that it really is an octet string encapsulating stuff, so > dumpasn1 could be broken too :-) > > Cheers, > > Chris > __________________________________ Do you Yahoo!? The New Yahoo! Shopping - with improved product search http://shopping.yahoo.com
