X509_ATTRIBUTE_create_by_NID reversing sequence

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

X509_ATTRIBUTE_create_by_NID reversing sequence

Andrew Felsher
Hi,

I'm working on a CSR-generating API using OpenSSL 1.0.2m. My question is: does OpenSSL do any sort of reordering of the entries in an ASN1 sequence? Specifically, when encoding a postal address X509_ATTRIBUTE.

Background:
To create a postal address X509_ATTRIBUTE, I'm calling X509_ATTRIBUTE_create_by_NID(NULL, nid, atrtype, data, len). nid is 861 (0x35d) (postal address), atrtype is 16 (ASN1 sequence).

My data is the concatenated results of three i2d_ASN1_GENERALSTRING() calls for three strings, resulting in this data:
0000: 1B 11 32 32 31 42 20 42   61 6B 65 72 20 53 74 72  ..221B Baker Str
0010: 65 65 74 1B 06 4C 6F 6E   64 6F 6E 1B 02 55 4B --  eet..London..UK 

X509_ATTRIBUTE_create_by_NID seems to handle this fine, and various later X509_ATTRIBUTE*() calls work fine.

However, when I call i2d_X509_ATTRIBUTE() just after generating the attribute, the three strings seem to be reversed in the output:
0000: 30 26 06 03 55 04 10 31   1F 1B 02 55 4B 1B 06 4C  0&..U..1...UK..L
0010: 6F 6E 64 6F 6E 1B 11 32   32 31 42 20 42 61 6B 65  ondon..221B Bake
0020: 72 20 53 74 72 65 65 74   -- -- -- -- -- -- -- --  r Street        

Any idea what could be causing that?

Thanks,
Andrew Felsher

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users