Actions
ASN.1¶
- Table of contents
- ASN.1
OpenSSL functions are - unfortunately - unable to decode constructed custom extensions correctly. Unlike well-known extensions, custom extensions, if not a string, are not decoded correctly. Integers are a sequence of periods, only strings are shown as such.
The initial purpose is to supply an integer to be displayed in openssl x509 -text output, yet since openssl can't do that it is questionable if any more efforts put into decoding of such constructed custom extensions make any sense.
Anyway, here is what I found out by investigating requested custom extension in a certificate signing request. Decoding details are curtesy of A Layman's Guide to a subset of ASN.1.
| Value type | Hex dump of value | Description of octets | ||
|---|---|---|---|---|
| INTEGER | 0202041a | 02 | value type dentifier | INTEGER |
| 02 | value length | 2 octets | ||
| 041a | value | 1050 | ||
| IA5STRING | 16054775657374 | 16 | value type identifier | IA5STRING |
| 05 | value length | 5 octets | ||
| 4775657374 | value | Guest |
||
| Untagged SEQUENCE | 300b0202041a16054775657374 | 30 | value type identifier | SEQUENCE |
| 0b | content length | 11 octets | ||
| 0202041a16054775657374 | content | Concatenated content of sequence as above | ||
| Tagged SEQUENCE | e00d300b0202041a16054775657374 | e0 | value type identifier | Constructed, Private, no type |
| 0d | content length | 13 octets | ||
| 300b0202041a16054775657374 | content | SEQUENCE identifier with concatenated content as above | ||
Updated by Felix Tiede over 11 years ago ยท 1 revisions