ASN1 » History » Version 1
Felix Tiede, 02/20/2014 06:33 AM
| 1 | 1 | Felix Tiede | h1. ASN.1 |
|---|---|---|---|
| 2 | |||
| 3 | {{>toc}} |
||
| 4 | |||
| 5 | OpenSSL functions are - unfortunately - unable to decode constructed custom extensions correctly. Unlike well-known extensions, custom extensions, if not a string, are not decoded correctly. Integers are a sequence of periods, only strings are shown as such. |
||
| 6 | |||
| 7 | The initial purpose is to supply an integer to be displayed in @openssl x509 -text@ output, yet since openssl can't do that it is questionable if any more efforts put into decoding of such constructed custom extensions make any sense. |
||
| 8 | |||
| 9 | Anyway, here is what I found out by investigating requested custom extension in a certificate signing request. Decoding details are curtesy of "A Layman's Guide to a subset of ASN.1":http://luca.ntop.org/Teaching/Appunti/asn1.html. |
||
| 10 | |||
| 11 | |_. Value type |_. Hex dump of value |_\3. Description of octets | |
||
| 12 | |/3. INTEGER |/3>. 0202041a |>. 02 | value type dentifier | INTEGER | |
||
| 13 | |>. 02 | value length | 2 octets | |
||
| 14 | |>. 041a | value | 1050 | |
||
| 15 | |/3. IA5STRING |/3>. 16054775657374 |>. 16 | value type identifier | IA5STRING | |
||
| 16 | |>. 05 | value length | 5 octets | |
||
| 17 | |>. 4775657374 | value | @Guest@ | |
||
| 18 | |/3. Untagged SEQUENCE |/3>. 300b0202041a16054775657374 |>. 30 | value type identifier | SEQUENCE | |
||
| 19 | |>. 0b | content length | 11 octets | |
||
| 20 | |>. 0202041a16054775657374 | content | Concatenated content of sequence as above | |
||
| 21 | |/3. Tagged SEQUENCE |/3>. e00d300b0202041a16054775657374 |>. e0 | value type identifier | @Constructed@, @Private@, no type | |
||
| 22 | |>. 0d | content length | 13 octets | |
||
| 23 | |>. 300b0202041a16054775657374 | content | SEQUENCE identifier with concatenated content as above | |