The OpenNET Project / Index page

[ новости /+++ | форум | теги | ]

Интерактивная система просмотра системных руководств (man-ов)

 ТемаНаборКатегория 
 
 [Cписок руководств | Печать]

ASN1_generate_nconf (3)
  • >> ASN1_generate_nconf (3) ( Разные man: Библиотечные вызовы )
    •  

    NAME

    ASN1_generate_nconf, ASN1_generate_v3 - ASN1 generation functions
 

    SYNOPSIS

     ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf);
 ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf);
     

    DESCRIPTION

    These functions generate the ASN1 encoding of a string in an ASN1_TYPE structure.

    str contains the string to encode nconf or cnf contains the optional configuration information where additional strings will be read from. nconf will typically come from a config file wherease cnf is obtained from an X509V3_CTX structure which will typically be used by X509 v3 certificate extension functions. cnf or nconf can be set to NULL if no additional configuration will be used.  

    GENERATION STRING FORMAT

    The actual data encoded is determined by the string str and the configuration information. The general format of the string is: 

     B<[modifier,]type[:value]>

    That is zero or more comma separated modifiers followed by a type followed by an optional colon and a value. The formats of type, value and modifier are explained below.  

    SUPPORTED TYPES

    The supported types are listed below. Unless otherwise specified only the ASCII format is permissible.
    BOOLEAN, BOOL
    This encodes a boolean type. The value string is mandatory and should be TRUE or FALSE. Additionally TRUE, true, Y, y, YES, yes, FALSE, false, N, n, NO and no are acceptable.
    NULL
    Encode the NULL type, the value string must not be present.
    INTEGER, INT
    Encodes an ASN1 INTEGER type. The value string represents the value of the integer, it can be preceeded by a minus sign and is normally interpreted as a decimal value unless the prefix 0x is included.
    ENUMERATED, ENUM
    Encodes the ASN1 ENUMERATED type, it is otherwise identical to INTEGER.
    OBJECT, OID
    Encodes an ASN1 OBJECT IDENTIFIER, the value string can be a short name, a long name or numerical format.
    UTCTIME, UTC
    Encodes an ASN1 UTCTime structure, the value should be in the format YYMMDDHHMMSSZ.
    GENERALIZEDTIME, GENTIME
    Encodes an ASN1 GeneralizedTime structure, the value should be in the format YYYYMMDDHHMMSSZ.
    OCTETSTRING, OCT
    Emcodes an ASN1 OCTET STRING. value represents the contents of this structure, the format strings ASCII and HEX can be used to specify the format of value.
    BITSRING, BITSTR
    Emcodes an ASN1 BIT STRING. value represents the contents of this structure, the format strings ASCII, HEX and BITLIST can be used to specify the format of value.

    If the format is anything other than BITLIST the number of unused bits is set to zero.

    UNIVERSALSTRING, UNIV, IA5, IA5STRING, UTF8, UTF8String, BMP, BMPSTRING, VISIBLESTRING, VISIBLE, PRINTABLESTRING, PRINTABLE, T61, T61STRING, TELETEXSTRING, GeneralString
    These encode the corresponding string types. value represents the contents of this structure. The format can be ASCII or UTF8.
    SEQUENCE, SEQ, SET
    Formats the result as an ASN1 SEQUENCE or SET type. value should be a section name which will contain the contents. The field names in the section are ignored and the values are in the generated string format. If value is absent then an empty SEQUENCE will be encoded.
     

    MODIFIERS

    Modifiers affect the following structure, they can be used to add EXPLICIT or IMPLICIT tagging, add wrappers or to change the string format of the final type and value. The supported formats are documented below.
    EXPLICIT, EXP
    Add an explicit tag to the following structure. This string should be followed by a colon and the tag value to use as a decimal value.

    By following the number with U, A, P or C UNIVERSAL, APPLICATION, PRIVATE or CONTEXT SPECIFIC tagging can be used, the default is CONTEXT SPECIFIC.

    IMPLICIT, IMP
    This is the same as EXPLICIT except IMPLICIT tagging is used instead.
    OCTWRAP, SEQWRAP, SETWRAP, BITWRAP
    The following structure is surrounded by an OCTET STRING, a SEQUENCE, a SET or a BIT STRING respectively. For a BIT STRING the number of unused bits is set to zero.
    FORMAT
    This specifies the format of the ultimate value. It should be followed by a colon and one of the strings ASCII, UTF8, HEX or BITLIST.

    If no format specifier is included then ASCII is used. If UTF8 is specified then the value string must be a valid UTF8 string. For HEX the output must be a set of hex digits. BITLIST (which is only valid for a BIT STRING) is a comma separated list of set bits.

     

    EXAMPLES

    A simple IA5String: 

     IA5STRING:Hello World

    An IA5String explicitly tagged: 

     EXPLICIT:0,IA5STRING:Hello World

    An IA5String explicitly tagged using APPLICATION tagging: 

     EXPLICIT:0A,IA5STRING:Hello World

    A more complex example using a config file to produce a SEQUENCE consiting of a BOOL an OID and a UTF8String:

    asn1 = SEQUENCE:seq_section

    [seq_section]

    field1 = BOOLEAN:TRUE field2 = OID:commonName field3 = UTF8:Third field

    This example produces an RSAPrivateKey structure, this is the key contained in the file client.pem in all OpenSSL distributions (note: the field names such as 'coeff' are ignored and are present just for clarity): 

     asn1=SEQUENCE:private_key
 [private_key]
 version=INTEGER:0



     n=INTEGER:0xBB6FE79432CC6EA2D8F970675A5A87BFBE1AFF0BE63E879F2AFFB93644\
 D4D2C6D000430DEC66ABF47829E74B8C5108623A1C0EE8BE217B3AD8D36D5EB4FCA1D9



     e=INTEGER:0x010001



     d=INTEGER:0x6F05EAD2F27FFAEC84BEC360C4B928FD5F3A9865D0FCAAD291E2A52F4A\
 F810DC6373278C006A0ABBA27DC8C63BF97F7E666E27C5284D7D3B1FFFE16B7A87B51D



     p=INTEGER:0xF3929B9435608F8A22C208D86795271D54EBDFB09DDEF539AB083DA912\
 D4BD57



     q=INTEGER:0xC50016F89DFF2561347ED1186A46E150E28BF2D0F539A1594BBD7FE467\
 46EC4F



     exp1=INTEGER:0x9E7D4326C924AFC1DEA40B45650134966D6F9DFA3A7F9D698CD4ABEA\
 9C0A39B9



     exp2=INTEGER:0xBA84003BB95355AFB7C50DF140C60513D0BA51D637272E355E397779\
 E7B2458F



     coeff=INTEGER:0x30B9E4F2AFA5AC679F920FC83F1F2DF1BAF1779CF989447FABC2F5\
 628657053A

    This example is the corresponding public key in a SubjectPublicKeyInfo structure: 

     # Start with a SEQUENCE
 asn1=SEQUENCE:pubkeyinfo



     # pubkeyinfo contains an algorithm identifier and the public key wrapped
 # in a BIT STRING
 [pubkeyinfo]
 algorithm=SEQUENCE:rsa_alg
 pubkey=BITWRAP,SEQUENCE:rsapubkey



     # algorithm ID for RSA is just an OID and a NULL
 [rsa_alg]
 algorithm=OID:rsaEncryption
 parameter=NULL



     # Actual public key: modulus and exponent
 [rsapubkey]
 n=INTEGER:0xBB6FE79432CC6EA2D8F970675A5A87BFBE1AFF0BE63E879F2AFFB93644\
 D4D2C6D000430DEC66ABF47829E74B8C5108623A1C0EE8BE217B3AD8D36D5EB4FCA1D9



     e=INTEGER:0x010001
     

    RETURN VALUES

    ASN1_generate_nconf() and ASN1_generate_v3() return the encoded data as an ASN1_TYPE structure or NULL if an error occurred.

    The error codes that can be obtained by ERR_get_error(3).  

    SEE ALSO

    ERR_get_error(3)  

    HISTORY

    ASN1_generate_nconf() and ASN1_generate_v3() were added to OpenSSL 0.9.8

     

    Index

    NAME
    SYNOPSIS
    DESCRIPTION
    GENERATION STRING FORMAT
    SUPPORTED TYPES
    MODIFIERS
    EXAMPLES
    RETURN VALUES
    SEE ALSO
    HISTORY

    Поиск по тексту MAN-ов: 




    Партнёры:
    PostgresPro
    Inferno Solutions
    Hosting by Hoster.ru
    Хостинг:

    Закладки на сайте
    Проследить за страницей     		Created 1996-2024 by Maxim Chirkov
    Добавить, Поддержать, Вебмастеру