QcStatements with OpenSSL (C++)?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

QcStatements with OpenSSL (C++)?

Matthias Ballreich

 

Hi there,

 

can OpenSSL pasre QcStatement X509v3 Extension btw. Did OpenSSL Support these?

Any Piece of example Code of how can i parse the data?

 

Thanks

Matthias


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: QcStatements with OpenSSL (C++)?

lists-161
On 04/17/2017 06:40 PM, Matthias Ballreich wrote:

 

Hi there,

 

can OpenSSL pasre QcStatement X509v3 Extension btw. Did OpenSSL Support these?

Any Piece of example Code of how can i parse the data?

 


To my knowledge, there is direct support for the qcStatements, you must parse it yourself.
I asked for some help on the list more or less a month ago, I was trying to develop the required structures but apparently I got lost in the OpenSSL macro jungle, finally I had to quit working on it.
What you can do is search for specific statements of interest to you (there are quite a bit) by parsing the attribute.
Get the attribute NID of the object in the extension and see if it matches the NID of qcStatements:

oneObj = X509_EXTENSION_get_object(oneExt);
objnid = OBJ_obj2nid(theObj);
if (objnid == NID_qcStatements)
  { printf("DEBUG:ext:GOTCHA!:this is qcStatements!\n"); }

you then extract the data from the object and parse it.
For the moment I have this ugly quick way of doing it, for instance for a simple one:

#define UC_id_etsi_qcs_QcCompliance "0.4.0.1862.1.1"

  if (strstr(extdump, UC_id_etsi_qcs_QcCompliance) == NULL)
    { printf("INFO:QcCompliance:no:\n"); }
  else
    { printf("INFO:QcCompliance:yes:\n"); }



Thanks

Matthias



--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: QcStatements with OpenSSL (C++)?

Matthias Ballreich

thanks :)

But can you explain how i got the concrete data like QCStatement? Because there is no defined structure in OpenSSL like for example CRLDistributionPoints. So which structure and functions i have to use, to get the matching data?

QCStatement ::= SEQUENCE {

          statementId   QC-STATEMENT.&Id({SupportedStatements}),
          statementInfo QC-STATEMENT.&Type
          ({SupportedStatements}{@statementId}) OPTIONAL }
thanks again!


Von: openssl-users <[hidden email]> im Auftrag von lists <[hidden email]>
Gesendet: Mittwoch, 26. April 2017 17:06:58
An: [hidden email]
Betreff: Re: [openssl-users] QcStatements with OpenSSL (C++)?
 
On 04/17/2017 06:40 PM, Matthias Ballreich wrote:

 

Hi there,

 

can OpenSSL pasre QcStatement X509v3 Extension btw. Did OpenSSL Support these?

Any Piece of example Code of how can i parse the data?

 


To my knowledge, there is direct support for the qcStatements, you must parse it yourself.
I asked for some help on the list more or less a month ago, I was trying to develop the required structures but apparently I got lost in the OpenSSL macro jungle, finally I had to quit working on it.
What you can do is search for specific statements of interest to you (there are quite a bit) by parsing the attribute.
Get the attribute NID of the object in the extension and see if it matches the NID of qcStatements:

oneObj = X509_EXTENSION_get_object(oneExt);
objnid = OBJ_obj2nid(theObj);
if (objnid == NID_qcStatements)
  { printf("DEBUG:ext:GOTCHA!:this is qcStatements!\n"); }

you then extract the data from the object and parse it.
For the moment I have this ugly quick way of doing it, for instance for a simple one:

#define UC_id_etsi_qcs_QcCompliance "0.4.0.1862.1.1"

  if (strstr(extdump, UC_id_etsi_qcs_QcCompliance) == NULL)
    { printf("INFO:QcCompliance:no:\n"); }
  else
    { printf("INFO:QcCompliance:yes:\n"); }



Thanks

Matthias



--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Loading...