On 03/24/2017 06:46 PM, Dr. Stephen Henson wrote:
On Tue, Mar 21, 2017, lists wrote:
> On Tue, Mar 21, 2017, lists wrote:
>
>> [...]
>> I am exploring my options with OpenSSL and specifically I am trying
to manage the stacks for some custom objects.
>> [...]
>> What am I doing wrong here?
>
> [...]
>
> For OpenSSL versions before 1.1.0 it's a bit messier. The type specific
> STACK_OF functions are actually macros which are generated by the
mkstack.pl
> script and appear in the safestack.h header file. If you want to
create your
> own one way is to extract a type specific section from safestack.h,
copy it
> to your own header file and do a search/replace for the new type.
>
> So for example extract the sk_OPENSSL_BLOCK macros and replace
OPENSSL_BLOCK
> with FOO.
>
> Steve.
> --
> Dr Stephen N. Henson. OpenSSL project core developer.
> Commercial tech support now available see: http://www.openssl.org
Sorry but it seems I still got something wrong, now that I am more
practically addressing qcStatements (as in RFC 3039, for the moment, not
yet RFC 3739). I put here almost all of the code because it may be
useful to some other who want to cover this attribute.
Question number one: is there a document/tutorial about ASN.1 to OpenSSL
macros mapping?
Question number two: why does the code that I add in the end of the
message miserably fails when I execute
const unsigned char *tmpMovingPt = oneExt->value->data;
// d2i_UC_qcStatements returns NULL here! It cannot parse it?
// Is X509_EXTENSION *oneExt->value->data the right thing to pass here?
qcstt = d2i_UC_qcStatements(NULL, &tmpMovingPt, oneExt->value->length);
and I know for sure that X509_EXTENSION *oneExt is qcStatements?
Specifically, the qcStatements should be RFC 3039-compliant because all
of the entries only have statementId and statementInfo.
Here the rest of the code for OpenSSL 1.0, something must be wrong or
maybe I have to implement something more:
(.h)
// -- QCStatement
// I use this odd name to avoid confusion with qcStatements (with the
"s"), for the moment
typedef struct UC_QcsAtom_st
{
// statementId OBJECT IDENTIFIER
ASN1_OBJECT *statementId;
// statementInfo ANY DEFINED BY statementId OPTIONAL
ASN1_TYPE *statementInfo;
}
UC_QcsAtom;
DECLARE_STACK_OF(UC_QcsAtom)
DECLARE_ASN1_ITEM(UC_QcsAtom)
DECLARE_ASN1_FUNCTIONS(UC_QcsAtom)
#define sk_UC_QcsAtom_new(cmp) SKM_sk_new(UC_QcsAtom, (cmp))
#define sk_UC_QcsAtom_new_null() SKM_sk_new_null(UC_QcsAtom)
#define sk_UC_QcsAtom_free(st) SKM_sk_free(UC_QcsAtom, (st))
#define sk_UC_QcsAtom_num(st) SKM_sk_num(UC_QcsAtom, (st))
#define sk_UC_QcsAtom_value(st, i) SKM_sk_value(UC_QcsAtom, (st), (i))
#define sk_UC_QcsAtom_set(st, i, val) SKM_sk_set(UC_QcsAtom, (st), (i),
(val))
[...many more...]
// -- QCStatements
typedef struct UC_qcStatements_st
{
// SEQUENCE OF QCStatement
STACK_OF(UC_QcsAtom) *statements_sk;
}
UC_qcStatements;
DECLARE_ASN1_FUNCTIONS(UC_qcStatements)
(.c)
// -- QCStatament aka UC_QcsAtom
ASN1_SEQUENCE(UC_QcsAtom) = {
ASN1_SIMPLE(UC_QcsAtom, statementId, ASN1_OBJECT),
ASN1_OPT(UC_QcsAtom, statementInfo, ASN1_ANY)
} ASN1_SEQUENCE_END(UC_QcsAtom)
IMPLEMENT_ASN1_FUNCTIONS(UC_QcsAtom)
IMPLEMENT_ASN1_DUP_FUNCTION(UC_QcsAtom)
IMPLEMENT_STACK_OF(UC_QcsAtom)
// -- qcStataments aka QCStatements aka UC_qcStatements
ASN1_SEQUENCE(UC_qcStatements) = {
ASN1_SEQUENCE_OF(UC_qcStatements, statements_sk, UC_QcsAtom)
} ASN1_SEQUENCE_END(UC_qcStatements)
IMPLEMENT_ASN1_FUNCTIONS(UC_qcStatements)
IMPLEMENT_ASN1_DUP_FUNCTION(UC_qcStatements)
/* ...is it required to implement something like this?...:
UC_QcsAtom *d2i_UC_QcsAtom_bio(BIO *bp, UC_QcsAtom **a)
{
return ASN1_d2i_bio_of(UC_QcsAtom, UC_QcsAtom_new,
d2i_UC_QcsAtom, bp, a);
}
etc.?
*/
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
