On 1/10/03 6:58 pm, Graham Barr <[EMAIL PROTECTED]> wrote:
> On 1 Oct 2003, at 18:10, Chris Ridd wrote:
>>> extnValue [UNIVERSAL 4] EXPLICIT ANY DEFINED BY extnID
>>>
>>> But that causes a parse error as it is expecting the tag to have the
>>> constructor bit set :(
>>>
>>> Maybe I could add an extension so we can write
>>>
>>> extnValue [UNIVERSAL 4] CONTAINING ANY DEFINED BY extnID
>>>
>>> Which is identical to explicit, but does not set the constructor bit
>>
>> 'ANY DEFINED BY' just encodes the actual value in place of the 'ANY',
>> as far
>> as I know. This X.509 stuff is different - it encodes the value and
>> then
>> encodes a real OCTET STRING containing the encoded value.
>
> I know, and that is basically what EXPLICIT does. C::ASN1 already
Yes, assuming UNIVERSAL 4 is OCTET STRING (which I'd overlooked in your
mail)...
What X.509 is doing is not formally describable (read "is indescribable") in
ASN.1, and X.509(2000) resorts to this:
Extension ::= SEQUENCE {
extnId EXTENSION.&id ({ExtensionSet}),
critical BOOLEAN DEFAULT FALSE,
extnValue OCTET STRING
-- contains a DER encoding of a value of type &ExtnType
-- for the extension object identified by extnId -- }
> accepts the syntax above, but it sets the constructor bit. CONTAINING
> would be a way around it.
Yup. Not especially clean, but a useful extension nonetheless. If there were
a way of embedding the inner value inside a BIT STRING as well, that would
also be useful. (So you can't just stick a tag at the front, you'd have to
add the extra leading octet in the value describing the unused bits.)
Cheers,
Chris
