[strongSwan] PKCS#12 and leftid
Jacques Monin
jacques.monin01 at gmail.com
Wed May 27 09:52:56 CEST 2015
It works !!
For people who have the same issue, here what I did :
openssl asn1parse -i -inform DER -in DERfile -strparse offset -length lgth
-noout -out out.raw
cat out.raw | od --address-radix=n --format=x1 | tr -d ' \n'
Do you know which library am I supposed to use if I want to do the same in
a C++ program ?
Thanks
2015-05-26 21:06 GMT+02:00 Volker Rümelin <vr_strongswan at t-online.de>:
> If you have any reference (website, paper) talking about this, I would
>> be glad to read them.
>>
>> The english wikipedia article about ASN.1 should get you started. Don't
> miss the link to that 'A Layman's Guide to a Subset of ASN.1, BER, and DER'
> article there. RFC 5280 defines x509 certificates.
>
> So I successed in creating a DER format file but I don't know wich part
>> of the "openssl asn1dn ..." I'm supposed to specify in
>> leftid="asn1dn:#xxxxxx". I dont know what is supposed to replace xxxxx.
>>
>>
>> You have to use quotes.
>>
>> leftid="asn1dn:#306c310b3009060355040613024445...
>>
>> And you have to specify the DN in DER encoded format.
>>
>> openssl asn1parse decodes my DN example to
>> 0:d=0 hl=2 l= 108 cons: SEQUENCE
>> 2:d=1 hl=2 l= 11 cons: SET
>> 4:d=2 hl=2 l= 9 cons: SEQUENCE
>> 6:d=3 hl=2 l= 3 prim: OBJECT :countryName
>> 11:d=3 hl=2 l= 2 prim: PRINTABLESTRING :DE
>> 15:...
>>
>> You can extract the RDN from your DER encoded certificate or certificate
> request. openssl asn1parse will tell you the offset and number of bytes to
> copy. In my example the offset is 0 and length is hl+l=110 bytes. Just find
> a sequence similar to my example in your openssl asn1parse output.
>
> Regards,
> Volker
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20150527/79274dea/attachment.html>
More information about the Users
mailing list