How to convert internal ASN1_INTEGER into little endian content octets

Andrzej Posiadala

unread,

Feb 11, 2004, 7:59:25 AM2/11/04

to

Hi ,

i'm trying to convert ASN1_INTEGER (specifically certificate serial
number) into its DER representation.
I'm using i2c_ASN1_INTEGER - and if it's the right function - then I don't
understand why it moves a pointer passed to it as second parameter behind
reserved memory.
Here is what I'm doing:

int size;
ASN1_INTEGER * serial;
unsigned char * serialNumberDER;

size = i2c_ASN1_INTEGER(serial, NULL);
serialNumberDER = new unsigned char[*size];
size = i2c_ASN1_INTEGER(serial, & serialNumberDER);

The function has this code at the end:

*pp+=ret;

where pp is a pointer to serialNumberDER, so in effect it moves
serialNumberDER behind created array of unsigned char.

Please, explain it to me.
Thanks in advance.

______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openss...@openssl.org
Automated List Manager majo...@openssl.org

Andrzej Posiadala

unread,

Feb 11, 2004, 11:34:01 AM2/11/04

to

Thanks a lot !
My VS7 cheated me :-) It doesn't display i2d_ASN1_INTEGER() in it's "Code
Insight" . But compilation is ok.
Now I'm able to use CryptEncodeObject to convert from DER encoded integer
to CRYPT_INTEGER_BLOB which is used internally in Win Crypto API. Crypto
API keeps internally multi byte integers in little-endian order and Open
SSL in big-endian, am I right ?

However, still I don't see any reason why this function increments its
second argument ? And why to the first byte after the DER-encoded INTEGER
(it's out of preallocated memory) ? If you please enlightened me I would
be grateful for.

Best regards
Andrzej

"Frank Balluffi" <frank.b...@db.com>
2004-02-11 14:41

To: aposi...@computerland.pl
cc: openss...@openssl.org
Subject: Re: How to convert internal ASN1_INTEGER into little endian content octets

Andrzej,

Call i2d_ASN1_INTEGER to DER-encode an ASN.1 INTEGER. Pass 0 or NULL as
the second argument to i2d_ASN1_INTEGER to determine the length of the
DER-encoded INTEGER. If you pass a non-zero value as the second argument
to i2d_ASN1_INTEGER, the function will DER-encode the INTEGER and
increment the second argument to the first byte after the DER-encoded
INTEGER. Looks like (I did not compile this code):

ASN1_INTEGER * integer; /* points to an ASN1_INTEGER */
unsigned char * der = NULL;
unsigned char * derNext = NULL;
int length = 0;

length = i2d_ASN1_INTEGER(integer, 0);

if (length <= 0)
goto error;

der = OPENSSL_malloc(length);

if (!der)
goto error;

/*
Because i2d functions modify their second argument, use the variable
derNext.
*/

derNext = der;
length = i2d_ASN1_INTEGER(integer, &derNext);

if (length <= 0)
goto error;

Frank

"Andrzej Posiadala" <aposi...@computerland.pl>
Sent by: owner-ope...@openssl.org
02/11/2004 07:57 AM
Please respond to openssl-users

To: openss...@openssl.org
cc:
Subject: How to convert internal ASN1_INTEGER into little
endian content octets

Frank Balluffi

unread,

Feb 11, 2004, 2:25:05 PM2/11/04

to

This is a multipart message in MIME format.
--=_alternative 004B333985256E37_=
Content-Type: text/plain; charset="us-ascii"

Andrzej,

length = i2d_ASN1_INTEGER(integer, 0);

der = OPENSSL_malloc(length);

if (!der)
goto error;

Frank

Hi ,

*pp+=ret;

--=_alternative 004B333985256E37_=
Content-Type: text/html; charset="us-ascii"

<tt>Andrzej,</tt>
 
 <tt>Call i2d_ASN1_INTEGER to DER-encode an ASN.1 INTEGER. Pass 0 or NULL as the second argument to i2d_ASN1_INTEGER to determine the length of the DER-encoded INTEGER. If you pass a non-zero value as the second argument to i2d_ASN1_INTEGER, the function will DER-encode the INTEGER and increment the second argument to the first byte after the DER-encoded INTEGER. Looks like (I did not compile this code):</tt>
 
 <tt>    ASN1_INTEGER *  integer; /* points to an ASN1_INTEGER */</tt>
 <tt>    unsigned char * der     = NULL;</tt>
 <tt>    unsigned char * derNext = NULL;</tt>
 <tt>    int             length  = 0;</tt>
 
 <tt>    length = i2d_ASN1_INTEGER(integer, 0);</tt>
 
 <tt>    if (length <= 0)</tt>
 <tt>        goto error;</tt>
 
 <tt>    der = OPENSSL_malloc(length);</tt>
 
 <tt>    if (!der)</tt>
 <tt>        goto error;</tt>
 
 <tt>   /*</tt>
 <tt>    Because i2d functions modify their second argument, use the variable</tt>
 <tt>    derNext.</tt>
 <tt>    */</tt>
 
 <tt>    derNext = der;</tt>
 <tt>    length = i2d_ASN1_INTEGER(integer, &derNext);</tt>
 
 <tt>    if (length <= 0)</tt>
 <tt>        goto error;</tt>
 
 <tt>Frank</tt>
 
 
 
 
<table width=100%>
<tr valign=top>
<td>
<td>"Andrzej Posiadala" <aposi...@computerland.pl>
 Sent by: owner-ope...@openssl.org
02/11/2004 07:57 AM
 Please respond to openssl-users
 
<td>        
         To:        openss...@openssl.org
         cc:        
         Subject:        How to convert internal ASN1_INTEGER into little endian content octets</table>
 
 
 Hi , 
 
i'm trying to convert ASN1_INTEGER (specifically certificate serial 
number) into its DER representation. 
I'm using i2c_ASN1_INTEGER - and if it's the right function - then I don't 
understand why it moves a pointer passed to it as second parameter behind 
reserved memory. 
Here is what I'm doing: 
 
int size; 
ASN1_INTEGER * serial; 
unsigned char * serialNumberDER; 
 
size = i2c_ASN1_INTEGER(serial, NULL); 
serialNumberDER = new unsigned char[*size]; 
size = i2c_ASN1_INTEGER(serial, & serialNumberDER); 
 
The function has this code at the end: 
 
*pp+=ret; 
 
where pp is a pointer to serialNumberDER, so in effect it moves 
serialNumberDER behind created array of unsigned char. 
 
Please, explain it to me. 
Thanks in advance. 
 
______________________________________________________________________ 
OpenSSL Project                                 http://www.openssl.org 
User Support Mailing List                    openss...@openssl.org 
Automated List Manager                           majo...@openssl.org 

 
 
--=_alternative 004B333985256E37_=--

francesco...@innovery.it

unread,

Feb 11, 2004, 5:08:36 PM2/11/04

to

You must save original pointer because i2c and i2d function move pointer in
order to prepare it for subsequent calls.

ASN1_INTEGER * serial;
unsigned char * serialNumberDER,*temp;

size = i2c_ASN1_INTEGER(serial, NULL);
temp=serialNumberDER = new unsigned char[*size];
size = i2c_ASN1_INTEGER(serial, &temp);

serialNumberDER contains required value

francesco petruzzi

Andrzej Posiadala

unread,

Feb 12, 2004, 12:51:48 PM2/12/04

to

Right, neither I know about adding references to ANSI C standard. But=20
actually I'm trying to wrap some OpenSSL functions into C++ classes.
I've sent a question about linking BIO and C++ stream eariler but no one=20
answered. Maybe I'll try again.
Thank all of you for your help. You're great !=20
Regards
Andrzej Posiada=B3a

>....
>The only real negative is remembering to put in the ampersand,
>(I guess "references" removes even this, but am I correct in
>remembering that "references" are really C++ and one should
>not count on them being in plain vanilla C? Or did references
>get added to C in the ANSI standardization process???)

--=20
Charles B (Ben) Cranston
mailto: zb...@umd.edu
http://www.wam.umd.edu/~zben

=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=
=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=
=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F

Frank Balluffi

unread,

Feb 12, 2004, 3:27:37 PM2/12/04

to

This is a multipart message in MIME format.

--=_alternative 005F86B885256E37_=
Content-Type: text/plain; charset="us-ascii"

Andrzej,

It is common practice for ASN.1/DER libraries to increment the pointer to
the next DER element when encoding and decoding in order to support
streams of ASN.1-defined elements. For example, this technique is used to
encode and decode constructed ASN.1 types like public keys:

SubjectPublicKeyInfo ::= SEQUENCE {
algorithm AlgorithmIdentifier,
subjectPublicKey BIT STRING }

Frank

"Andrzej Posiadala" <aposi...@computerland.pl>
Sent by: owner-ope...@openssl.org

02/11/2004 11:25 AM
Please respond to openssl-users

To: Frank Balluffi/NewYork/DBNA/DeuBa@DBNA
cc: openss...@openssl.org
Subject: Re: How to convert internal ASN1_INTEGER into little endian content octets

Thanks a lot !
My VS7 cheated me :-) It doesn't display i2d_ASN1_INTEGER() in it's "Code
Insight" . But compilation is ok.
Now I'm able to use CryptEncodeObject to convert from DER encoded integer
to CRYPT_INTEGER_BLOB which is used internally in Win Crypto API. Crypto
API keeps internally multi byte integers in little-endian order and Open
SSL in big-endian, am I right ?

However, still I don't see any reason why this function increments its
second argument ? And why to the first byte after the DER-encoded INTEGER
(it's out of preallocated memory) ? If you please enlightened me I would
be grateful for.

Best regards
Andrzej

"Frank Balluffi" <frank.b...@db.com>
2004-02-11 14:41

To: aposi...@computerland.pl
cc: openss...@openssl.org
Subject: Re: How to convert internal ASN1_INTEGER into
little endian content octets

Andrzej,

length = i2d_ASN1_INTEGER(integer, 0);

der = OPENSSL_malloc(length);

if (!der)
goto error;

Frank

Subject: How to convert internal ASN1_INTEGER into little
endian content octets

Hi ,

i'm trying to convert ASN1_INTEGER (specifically certificate serial
number) into its DER representation.
I'm using i2c_ASN1_INTEGER - and if it's the right function - then I don't

understand why it moves a pointer passed to it as second parameter behind
reserved memory.
Here is what I'm doing:

int size;
ASN1_INTEGER * serial;
unsigned char * serialNumberDER;

size = i2c_ASN1_INTEGER(serial, NULL);
serialNumberDER = new unsigned char[*size];
size = i2c_ASN1_INTEGER(serial, & serialNumberDER);

The function has this code at the end:

*pp+=ret;

where pp is a pointer to serialNumberDER, so in effect it moves
serialNumberDER behind created array of unsigned char.

Please, explain it to me.
Thanks in advance.

______________________________________________________________________

OpenSSL Project http://www.openssl.org
User Support Mailing List openss...@openssl.org
Automated List Manager majo...@openssl.org

______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openss...@openssl.org
Automated List Manager majo...@openssl.org

--=_alternative 005F86B885256E37_=
Content-Type: text/html; charset="us-ascii"

<tt>Andrzej,</tt>

<tt>It is common practice for ASN.1/DER libraries to increment the pointer to the next DER element when encoding and decoding in order to support streams of ASN.1-defined elements. For example, this technique is used to encode and decode constructed ASN.1 types like public keys:</tt>
 
 <tt>   SubjectPublicKeyInfo  ::=  SEQUENCE  {</tt>
 <tt>        algorithm            AlgorithmIdentifier,</tt>
 <tt>        subjectPublicKey     BIT STRING  }</tt>

<tt>Frank</tt>
 
 
 
 
<table width=100%>
<tr valign=top>
<td>
<td>"Andrzej Posiadala" <aposi...@computerland.pl>
 Sent by: owner-ope...@openssl.org

02/11/2004 11:25 AM

Please respond to openssl-users
 
<td>

To:        Frank Balluffi/NewYork/DBNA/DeuBa@DBNA
         cc:        openss...@openssl.org
         Subject:        Re: How to convert internal ASN1_INTEGER into little endian content octets</table>
 
 
 Thanks a lot ! 
My VS7 cheated me :-) It doesn't display i2d_ASN1_INTEGER() in it's "Code 
Insight" . But compilation is ok. 
Now I'm able to use CryptEncodeObject to convert from DER encoded integer 
to CRYPT_INTEGER_BLOB which is used internally in Win Crypto API. Crypto 
API keeps internally multi byte integers in little-endian order and Open 
SSL in big-endian, am I right ? 
 
However, still I don't see any reason why this function increments its 
second argument ? And why to the first byte after the DER-encoded INTEGER 
(it's out of preallocated memory) ? If you please enlightened me I would 
be grateful for. 
 
Best regards 
Andrzej 
 
 
 
 
 
"Frank Balluffi" <frank.b...@db.com> 
2004-02-11 14:41 
 
 
       To:     aposi...@computerland.pl 
       cc:     openss...@openssl.org 
       Subject:        Re: How to convert internal ASN1_INTEGER into little endian content octets 
 
 
 
Andrzej, 
 
Call i2d_ASN1_INTEGER to DER-encode an ASN.1 INTEGER. Pass 0 or NULL as 
the second argument to i2d_ASN1_INTEGER to determine the length of the 
DER-encoded INTEGER. If you pass a non-zero value as the second argument 
to i2d_ASN1_INTEGER, the function will DER-encode the INTEGER and 
increment the second argument to the first byte after the DER-encoded 
INTEGER. Looks like (I did not compile this code): 
 
   ASN1_INTEGER *  integer; /* points to an ASN1_INTEGER */ 
   unsigned char * der     = NULL; 
   unsigned char * derNext = NULL; 
   int             length  = 0; 
 
   length = i2d_ASN1_INTEGER(integer, 0); 
 
   if (length <= 0) 
       goto error; 
 
   der = OPENSSL_malloc(length); 
 
   if (!der) 
       goto error; 
 
  /* 
   Because i2d functions modify their second argument, use the variable 
   derNext. 
   */ 
 
   derNext = der; 
   length = i2d_ASN1_INTEGER(integer, &derNext); 
 
   if (length <= 0) 
       goto error; 
 
Frank 
 
 
 
 
"Andrzej Posiadala" <aposi...@computerland.pl> 
Sent by: owner-ope...@openssl.org 
 02/11/2004 07:57 AM 
Please respond to openssl-users 
        
       To:        openss...@openssl.org 
       cc:         
       Subject:        How to convert internal ASN1_INTEGER into little 
endian content octets 
 
 
 
Hi , 
 
i'm trying to convert ASN1_INTEGER (specifically certificate serial 
number) into its DER representation. 
I'm using i2c_ASN1_INTEGER - and if it's the right function - then I don't

______________________________________________________________________ 
OpenSSL Project                                 http://www.openssl.org 
User Support Mailing List                    openss...@openssl.org 
Automated List Manager                           majo...@openssl.org

--=_alternative 005F86B885256E37_=--