ASN.1 Encode an Object Identifier (OID) with OpenSSL
OID(Object Identifier) denotes an object.
Examples:
------------------------------------------------------------------
OID object
------------------------------------------------------------------
1.3.14.3.2.26 SHA-1
2.16.840.1.101.3.4.2.1 SHA-256
1.2.840.113549.1.7.2 PKCS-7 signedData
------------------------------------------------------------------
In OpenSSL no functions are directly provided to compute the OID ASN.1 encode. At lease two methods can be taken into account.
1. Create a temporary object by invoking function OBJ_create(), then encode it by invoking function i2d_ASN1_OBJECT().
Implementation (Not recommended)
/**************************************************
* Author: HAN Wei
* Author's blog: http://blog.csdn.net/henter/
* Date: Oct 11th, 2014
* Description: implement the OID ASN.1 encode function
**************************************************/ #include <stdio.h>
#include <openssl/objects.h>
#include <openssl/asn1.h> int Asn1EncodeOid(char *oid,
unsigned char *encode,
int *encode_len)
{
int new_nid, byte_len;
ASN1_OBJECT *obj;
unsigned char *tmp_pointer; new_nid = OBJ_create(oid, "oid example", "Object Identifier Example");
obj = OBJ_nid2obj(new_nid); if (!encode)
{
byte_len = i2d_ASN1_OBJECT(obj, NULL);
if (byte_len <= 0)
{
#ifdef _DEBUG
printf("get ASN.1 encode byte length failed at %s, line %d!\n", __FILE__, __LINE__);
#endif
OBJ_cleanup();
return (-1);
}
else
{
*encode_len = byte_len;
OBJ_cleanup();
return 0;
}
}
else
{
tmp_pointer = encode;
byte_len = i2d_ASN1_OBJECT(obj, &tmp_pointer);
if (byte_len <= 0)
{
#ifdef _DEBUG
printf("ASN.1 encode OID failed at %s, line %d!\n", __FILE__, __LINE__);
#endif
OBJ_cleanup();
return (-1);
}
else
{
*encode_len = byte_len;
OBJ_cleanup();
return 0;
}
}
}
This is not a good implementation. OBJ_cleanup() will free all dynamically created object, so this function must be used carefully. Especially when multiple threads are running, the fact that one thread invokes OBJ_cleanup() may run the risk of cleaning object
created by other threads. The consequence is unpredictable.
2. Compute OID payload part ASN.1 encode by invoking function a2d_ASN1_OBJECT() firstly, compute the OID encode by invoking function i2d_ASN1_OBJECT() next.
A complete Implementation (recommended)
Header file:
/**************************************************
* File name: oid_encode.h
* Author: HAN Wei
* Author's blog: http://blog.csdn.net/henter/
* Date: Oct 11th, 2014
* Description: declare the OID ASN.1 encode function
**************************************************/ #ifndef HEADER_OID_ASN1_ENCODE_H
#define HEADER_OID_ASN1_ENCODE_H #ifdef __cplusplus
extern "C" {
#endif /**************************************************
* Name: Asn1EncodeOid
* Function: compute ASN.1 encode for a specific OID
* Parameters:
oid [in] OID string terminated with '\0'
encode [in] buffer used to store OID ASN.1 encode
encode_len [out] byte length of OID ASN.1 encode
* Return value:
succeed -- 0
fail -- -1
* Notes:
1. If the NULL pointer is assigned to parameter 'encode',
this function does not perform ASN.1 encode. The OID ASN.1
encode length is assigned to parameter 'encode_len' and
the function returns.
2. If the value assigned to parameter 'encode' is not NULL,
the OID ASN.1 encode is written into the buffer pointed by
parameter 'encode', and encode length is assigned to
parameter 'encode_len'. In this case the buffer length is
NOT checked before the encode is written into the buffer.
MAKE SURE that the buffer length is big enough to accomodate
the ASN.1 encode!
**************************************************/
int Asn1EncodeOid(char *oid, unsigned char *encode, int *encode_len); #ifdef __cplusplus
}
#endif #endif /* end of HEADER_OID_ASN1_ENCODE_H */
Function implementation file:
/**************************************************
* File name: oid_encode.c
* Author: HAN Wei
* Author's blog: http://blog.csdn.net/henter/
* Date: Oct 11th, 2014
* Description: implement the OID ASN.1 encode function
**************************************************/ #include <stdio.h>
#include <openssl/objects.h>
#include <openssl/asn1.h> int Asn1EncodeOid(char *oid,
unsigned char *encode,
int *encode_len)
{
int payload_len, total_len;
ASN1_OBJECT obj;
unsigned char *tmp_pointer, *payload_encode; // get payload ASN.1 encode
payload_len = a2d_ASN1_OBJECT(NULL, 0, oid, -1);
if (payload_len <= 0)
{
#ifdef _DEBUG
printf("get ASN.1 encode byte length failed at %s, line %d!\n", __FILE__, __LINE__);
#endif
return (-1);
}
if ( !(payload_encode=(unsigned char *)malloc(payload_len)) )
{
#ifdef _DEBUG
printf("invoke malloc() function failed at %s, line %d!\n", __FILE__, __LINE__);
#endif
return (-1);
}
payload_len = a2d_ASN1_OBJECT(payload_encode, payload_len, oid, -1);
if (payload_len <= 0)
{
#ifdef _DEBUG
printf("ASN.1 encode payload failed at %s, line %d!\n", __FILE__, __LINE__);
#endif
free(payload_encode);
return (-1);
} // get the whole OID ASN.1 encode
obj.data = payload_encode;
obj.length = payload_len;
if (!encode)
{
total_len = i2d_ASN1_OBJECT(&obj, NULL);
if (total_len <= 0)
{
#ifdef _DEBUG
printf("get ASN.1 encode byte length failed at %s, line %d!\n", __FILE__, __LINE__);
#endif
free(payload_encode);
return (-1);
}
else
{
*encode_len = total_len;
free(payload_encode);
return 0;
}
}
else
{
tmp_pointer = encode;
total_len = i2d_ASN1_OBJECT(&obj, &tmp_pointer);
if (total_len <= 0)
{
#ifdef _DEBUG
printf("ASN.1 encode OID failed at %s, line %d!\n", __FILE__, __LINE__);
#endif
free(payload_encode);
return (-1);
}
else
{
*encode_len = total_len;
free(payload_encode);
return 0;
}
}
}
A demo program file:
/**************************************************
* File name: test.c
* Author: HAN Wei
* Author's blog: http://blog.csdn.net/henter/
* Date: Oct 11th, 2014
* Description: this program demonstrates how to invoke
the OID ASN.1 encode function
**************************************************/ #include "oid_encode.h"
#include <stdio.h>
#include <stdlib.h>
int main(void)
{
char oid[128]="2.16.840.1.101.3.4.2.1"; /* SHA-256 OID*/
unsigned char *buffer;
int buffer_len, i; if ( Asn1EncodeOid(oid, NULL, &buffer_len) )
{
printf("error detected!\n");
#if defined(_WIN32) || defined(_WIN64)
system("pause");
#endif
return (-1);
}
printf("OID ASN.1 encode length is %d bytes.\n", buffer_len); if ( !(buffer = (unsigned char *)malloc(buffer_len)) )
{
printf("invoke malloc() function failed!\n");
#if defined(_WIN32) || defined(_WIN64)
system("pause");
#endif
return (-1);
} if ( Asn1EncodeOid(oid, buffer, &buffer_len) )
{
printf("error detected!\n");
free(buffer);
#if defined(_WIN32) || defined(_WIN64)
system("pause");
#endif
return (-1);
}
printf("OID ASN.1 encode:\n");
for (i=0; i<buffer_len; i++)
printf("0x%x ", buffer[i]);
printf("\n"); free(buffer);
#if defined(_WIN32) || defined(_WIN64)
system("pause");
#endif
return 0;
}
ASN.1 encode of SHA-256 is obtained from the demo: 0x6 0x9 0x60 0x86 0x48 0x1 0x65 0x3 0x4 0x2 0x1
This is a better implementation.
版权声明:本文博客原创文章,博客,未经同意,不得转载。
ASN.1 Encode an Object Identifier (OID) with OpenSSL的更多相关文章
- PostgreSQL中的Object Identifier(oid)数据类型
PostgreSQL在内部使用对象标识符(OID)作为各种系统表的主键.OID不会添加到用户创建的表中,除非在创建表时指定了WITH OIDS,或者启用了default_with_oids配置变量.类 ...
- Get RSA public key ASN.1 encode from a certificate in DER format
RSA public key ASN.1 encode is defined in PKCS#1 as follows: RSAPublicKey :: = SEQUENCE { modul ...
- oracle impdp ORA-02304 invalid object identifier literal
reference: https://webgeest.blogspot.com/2015/07/ora-39083-ora-02304-on-impdp-datapump.html 解决方法 ...
- OID的编解码(即在报文中的体现)
先上干货: 我们常见到OID的地方是SNMP和MIB,实际上理论上所有对象都可以有自己的ID.已存在的ID可以在http://www.oid-info.com/查到.这些ID在报文里并非字符串或直接的 ...
- SNMP History and OID/MIB Tour
https://www.pei.com/snmp-history-oid-mib/ Description: This document describes a bit of history and ...
- ECC公钥格式详解
本文首先介绍公钥格式相关的若干概念/技术,随后以示例的方式剖析DER格式的ECC公钥,最后介绍如何使用Java生成.解析和使用ECC公钥. ASN.1 Abstract Syntax Notation ...
- Java & PHP & Javascript 通用 RSA 加密 解密 (长字符串)
系统与系统的数据交互中,有些敏感数据是不能直接明文传输的,所以在发送数据之前要进行加密,在接收到数据时进行解密处理:然而由于系统与系统之间的开发语言不同. 本次需求是生成二维码是通过java生成,由p ...
- c# .NET RSA结合AES加密服务端和客户端请求数据
这几天空闲时间就想研究一下加密,环境是web程序,通过js请求后台返回数据,我想做的事js在发送请求前将数据加密,服务端收到后解密,待服务端处理完请求后,将处理结果加密返回给客户端,客户端在解密,于是 ...
- COM Error Code(HRESULT)部分摘录
Return value/code Description 0x00030200 STG_S_CONVERTED The underlying file was converted to compou ...
随机推荐
- sublime text 2安装及使用
1.首先下载Sublime Text:http://www.sublimetext.com/ 2.基本设置.參考此文:http://blog.jobbole.com/40660/ { "au ...
- Java的Log系统介绍和切换(转)
Java的log系统比较繁杂.在这里梳理一下.本文只涉及log系统介绍和处理log系统之间的切换.不涉及如何配置和使用. 具体的log系统 Log4j:准确的说是log4j 1.x版.是之前使用最广泛 ...
- python战斗2:看到一个页面编码
编程环境:虚拟linux (windows 下 cygwin) 识别网页编码. usage: python coding http://www.***.com 測试结果: watermark/2/te ...
- 漂亮的表格样式(使用CSS样式表控制表格样式)
根据WEB2.0风格,设计了几个表格样式,我希望你喜欢. WEB2.0推广使用div开放式布局.但并不是完全放弃使用形式,在数据表现形式而言是一个不错的选择. 本节将介绍如何使用现在CSS样式表来控制 ...
- 【Nginx】epoll事件驱动模块
Linux 2.4之前的内核版本号,Nginx事件驱动的方法是使用poll.select功能.过程必须等待一个事件发生在连接上(接收数据)时间,部连接都告诉内核,由内核找出哪些连接上有事件发生.因为须 ...
- Test SRM Level Two: CountExpressions, Brute Force
题目来源:http://community.topcoder.com/stat?c=problem_statement&pm=8157 这道题目跟扑克牌算24的题目比较像,但要简单一些.点击查 ...
- CentOS6.5 Nginx优化编译配置[续]
继续上文CentOS6.5 Nginx优化编译配置本文记录有关Nginx系统环境的一些细节设置,有关Nginx性能调整除了配置文件吻合服务器硬件之前就是关闭不必要的服务.磁盘操作.文件描述符.内核调整 ...
- Embedding Lua, in Scala, using Java(转)
LuaJ I was reading over the list of features that CurioDB lacks compared to Redis , that I’d previou ...
- linux kernel 结构体赋值方法{转载}
原文地址: http://www.chineselinuxuniversity.net/articles/48226.shtml 这几天看Linux的内核源码,突然看到init_pid_ns这个结构体 ...
- oracle 12c 三学习 pdb 可插拔测试
DECLARE l_result BOOLEAN; BEGIN l_result := DBMS_PDB.check_plug_compatibility( pdb_descr_file => ...