1.\" Automatically generated by Pod::Man 2.22 (Pod::Simple 3.07) |
2.\" 3.\" Standard preamble: 4.\" ======================================================================== |
5.de Sp \" Vertical space (when we can't use .PP) 6.if t .sp .5v 7.if n .sp 8.. 9.de Vb \" Begin verbatim text 10.ft CW 11.nf 12.ne \\$1 13.. 14.de Ve \" End verbatim text 15.ft R 16.fi 17.. 18.\" Set up some character translations and predefined strings. \*(-- will 19.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left |
20.\" double quote, and \*(R" will give a right double quote. \*(C+ will 21.\" give a nicer C++. Capital omega is used to do unbreakable dashes and 22.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, 23.\" nothing in troff, for use with C<>. 24.tr \(*W- |
25.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' 26.ie n \{\ 27. ds -- \(*W- 28. ds PI pi 29. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch 30. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch 31. ds L" "" 32. ds R" "" 33. ds C` "" 34. ds C' "" 35'br\} 36.el\{\ 37. ds -- \|\(em\| 38. ds PI \(*p 39. ds L" `` 40. ds R" '' 41'br\} 42.\" |
43.\" Escape single quotes in literal strings from groff's Unicode transform. 44.ie \n(.g .ds Aq \(aq 45.el .ds Aq ' 46.\" |
47.\" If the F register is turned on, we'll generate index entries on stderr for |
48.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index |
49.\" entries marked with X<> in POD. Of course, you'll have to process the 50.\" output yourself in some meaningful fashion. |
51.ie \nF \{\ |
52. de IX 53. tm Index:\\$1\t\\n%\t"\\$2" 54.. 55. nr % 0 56. rr F 57.\} |
58.el \{\ 59. de IX 60.. 61.\} |
62.\" |
63.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). 64.\" Fear. Run. Save yourself. No user-serviceable parts. 65. \" fudge factors for nroff and troff 66.if n \{\ 67. ds #H 0 68. ds #V .8m 69. ds #F .3m 70. ds #[ \f1 --- 48 unchanged lines hidden (view full) --- 119. ds Th \o'LP' 120. ds ae ae 121. ds Ae AE 122.\} 123.rm #[ #] #H #V #F C 124.\" ======================================================================== 125.\" 126.IX Title "ASN1_generate_nconf 3" |
127.TH ASN1_generate_nconf 3 "2010-11-16" "0.9.8p" "OpenSSL" 128.\" For nroff, turn off justification. Always turn off hyphenation; it makes 129.\" way too many mistakes in technical documents. 130.if n .ad l 131.nh |
132.SH "NAME" 133ASN1_generate_nconf, ASN1_generate_v3 \- ASN1 generation functions 134.SH "SYNOPSIS" 135.IX Header "SYNOPSIS" |
136.Vb 1 137\& #include <openssl/asn1.h> 138\& |
139\& ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf); 140\& ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf); 141.Ve 142.SH "DESCRIPTION" 143.IX Header "DESCRIPTION" 144These functions generate the \s-1ASN1\s0 encoding of a string 145in an \fB\s-1ASN1_TYPE\s0\fR structure. 146.PP --- 10 unchanged lines hidden (view full) --- 157the configuration information. The general format of the string 158is: 159.IP "\fB[modifier,]type[:value]\fR" 2 160.IX Item "[modifier,]type[:value]" 161.PP 162That is zero or more comma separated modifiers followed by a type 163followed by an optional colon and a value. The formats of \fBtype\fR, 164\&\fBvalue\fR and \fBmodifier\fR are explained below. |
165.SS "\s-1SUPPORTED\s0 \s-1TYPES\s0" |
166.IX Subsection "SUPPORTED TYPES" 167The supported types are listed below. Unless otherwise specified 168only the \fB\s-1ASCII\s0\fR format is permissible. 169.IP "\fB\s-1BOOLEAN\s0\fR, \fB\s-1BOOL\s0\fR" 2 170.IX Item "BOOLEAN, BOOL" 171This encodes a boolean type. The \fBvalue\fR string is mandatory and 172should be \fB\s-1TRUE\s0\fR or \fB\s-1FALSE\s0\fR. Additionally \fB\s-1TRUE\s0\fR, \fBtrue\fR, \fBY\fR, 173\&\fBy\fR, \fB\s-1YES\s0\fR, \fByes\fR, \fB\s-1FALSE\s0\fR, \fBfalse\fR, \fBN\fR, \fBn\fR, \fB\s-1NO\s0\fR and \fBno\fR |
174are acceptable. |
175.IP "\fB\s-1NULL\s0\fR" 2 176.IX Item "NULL" 177Encode the \fB\s-1NULL\s0\fR type, the \fBvalue\fR string must not be present. 178.IP "\fB\s-1INTEGER\s0\fR, \fB\s-1INT\s0\fR" 2 179.IX Item "INTEGER, INT" 180Encodes an \s-1ASN1\s0 \fB\s-1INTEGER\s0\fR type. The \fBvalue\fR string represents 181the value of the integer, it can be preceeded by a minus sign and 182is normally interpreted as a decimal value unless the prefix \fB0x\fR --- 4 unchanged lines hidden (view full) --- 187\&\fB\s-1INTEGER\s0\fR. 188.IP "\fB\s-1OBJECT\s0\fR, \fB\s-1OID\s0\fR" 2 189.IX Item "OBJECT, OID" 190Encodes an \s-1ASN1\s0 \fB\s-1OBJECT\s0 \s-1IDENTIFIER\s0\fR, the \fBvalue\fR string can be 191a short name, a long name or numerical format. 192.IP "\fB\s-1UTCTIME\s0\fR, \fB\s-1UTC\s0\fR" 2 193.IX Item "UTCTIME, UTC" 194Encodes an \s-1ASN1\s0 \fBUTCTime\fR structure, the value should be in |
195the format \fB\s-1YYMMDDHHMMSSZ\s0\fR. |
196.IP "\fB\s-1GENERALIZEDTIME\s0\fR, \fB\s-1GENTIME\s0\fR" 2 197.IX Item "GENERALIZEDTIME, GENTIME" 198Encodes an \s-1ASN1\s0 \fBGeneralizedTime\fR structure, the value should be in |
199the format \fB\s-1YYYYMMDDHHMMSSZ\s0\fR. |
200.IP "\fB\s-1OCTETSTRING\s0\fR, \fB\s-1OCT\s0\fR" 2 201.IX Item "OCTETSTRING, OCT" 202Encodes an \s-1ASN1\s0 \fB\s-1OCTET\s0 \s-1STRING\s0\fR. \fBvalue\fR represents the contents 203of this structure, the format strings \fB\s-1ASCII\s0\fR and \fB\s-1HEX\s0\fR can be 204used to specify the format of \fBvalue\fR. 205.IP "\fB\s-1BITSTRING\s0\fR, \fB\s-1BITSTR\s0\fR" 2 206.IX Item "BITSTRING, BITSTR" 207Encodes an \s-1ASN1\s0 \fB\s-1BIT\s0 \s-1STRING\s0\fR. \fBvalue\fR represents the contents --- 8 unchanged lines hidden (view full) --- 216contents of this structure. The format can be \fB\s-1ASCII\s0\fR or \fB\s-1UTF8\s0\fR. 217.IP "\fB\s-1SEQUENCE\s0\fR, \fB\s-1SEQ\s0\fR, \fB\s-1SET\s0\fR" 2 218.IX Item "SEQUENCE, SEQ, SET" 219Formats the result as an \s-1ASN1\s0 \fB\s-1SEQUENCE\s0\fR or \fB\s-1SET\s0\fR type. \fBvalue\fR 220should be a section name which will contain the contents. The 221field names in the section are ignored and the values are in the 222generated string format. If \fBvalue\fR is absent then an empty \s-1SEQUENCE\s0 223will be encoded. |
224.SS "\s-1MODIFIERS\s0" |
225.IX Subsection "MODIFIERS" 226Modifiers affect the following structure, they can be used to 227add \s-1EXPLICIT\s0 or \s-1IMPLICIT\s0 tagging, add wrappers or to change 228the string format of the final type and value. The supported 229formats are documented below. 230.IP "\fB\s-1EXPLICIT\s0\fR, \fB\s-1EXP\s0\fR" 2 231.IX Item "EXPLICIT, EXP" 232Add an explicit tag to the following structure. This string --- 48 unchanged lines hidden (view full) --- 281\& FORMAT:BITLIST,BITSTRING:1,5 282.Ve 283.PP 284A more complex example using a config file to produce a 285\&\s-1SEQUENCE\s0 consiting of a \s-1BOOL\s0 an \s-1OID\s0 and a UTF8String: 286.PP 287.Vb 1 288\& asn1 = SEQUENCE:seq_section |
289\& |
290\& [seq_section] |
291\& |
292\& field1 = BOOLEAN:TRUE 293\& field2 = OID:commonName 294\& field3 = UTF8:Third field 295.Ve 296.PP 297This example produces an RSAPrivateKey structure, this is the 298key contained in the file client.pem in all OpenSSL distributions 299(note: the field names such as 'coeff' are ignored and are present just 300for clarity): 301.PP 302.Vb 3 303\& asn1=SEQUENCE:private_key 304\& [private_key] 305\& version=INTEGER:0 |
306\& |
307\& n=INTEGER:0xBB6FE79432CC6EA2D8F970675A5A87BFBE1AFF0BE63E879F2AFFB93644\e 308\& D4D2C6D000430DEC66ABF47829E74B8C5108623A1C0EE8BE217B3AD8D36D5EB4FCA1D9 |
309\& |
310\& e=INTEGER:0x010001 |
311\& |
312\& d=INTEGER:0x6F05EAD2F27FFAEC84BEC360C4B928FD5F3A9865D0FCAAD291E2A52F4A\e 313\& F810DC6373278C006A0ABBA27DC8C63BF97F7E666E27C5284D7D3B1FFFE16B7A87B51D |
314\& |
315\& p=INTEGER:0xF3929B9435608F8A22C208D86795271D54EBDFB09DDEF539AB083DA912\e 316\& D4BD57 |
317\& |
318\& q=INTEGER:0xC50016F89DFF2561347ED1186A46E150E28BF2D0F539A1594BBD7FE467\e 319\& 46EC4F |
320\& |
321\& exp1=INTEGER:0x9E7D4326C924AFC1DEA40B45650134966D6F9DFA3A7F9D698CD4ABEA\e 322\& 9C0A39B9 |
323\& |
324\& exp2=INTEGER:0xBA84003BB95355AFB7C50DF140C60513D0BA51D637272E355E397779\e 325\& E7B2458F |
326\& |
327\& coeff=INTEGER:0x30B9E4F2AFA5AC679F920FC83F1F2DF1BAF1779CF989447FABC2F5\e 328\& 628657053A 329.Ve 330.PP 331This example is the corresponding public key in a SubjectPublicKeyInfo 332structure: 333.PP 334.Vb 2 335\& # Start with a SEQUENCE 336\& asn1=SEQUENCE:pubkeyinfo |
337\& |
338\& # pubkeyinfo contains an algorithm identifier and the public key wrapped 339\& # in a BIT STRING 340\& [pubkeyinfo] 341\& algorithm=SEQUENCE:rsa_alg 342\& pubkey=BITWRAP,SEQUENCE:rsapubkey |
343\& |
344\& # algorithm ID for RSA is just an OID and a NULL 345\& [rsa_alg] 346\& algorithm=OID:rsaEncryption 347\& parameter=NULL |
348\& |
349\& # Actual public key: modulus and exponent 350\& [rsapubkey] 351\& n=INTEGER:0xBB6FE79432CC6EA2D8F970675A5A87BFBE1AFF0BE63E879F2AFFB93644\e 352\& D4D2C6D000430DEC66ABF47829E74B8C5108623A1C0EE8BE217B3AD8D36D5EB4FCA1D9 |
353\& |
354\& e=INTEGER:0x010001 355.Ve 356.SH "RETURN VALUES" 357.IX Header "RETURN VALUES" 358\&\fIASN1_generate_nconf()\fR and \fIASN1_generate_v3()\fR return the encoded 359data as an \fB\s-1ASN1_TYPE\s0\fR structure or \fB\s-1NULL\s0\fR if an error occurred. 360.PP 361The error codes that can be obtained by \fIERR_get_error\fR\|(3). 362.SH "SEE ALSO" 363.IX Header "SEE ALSO" 364\&\fIERR_get_error\fR\|(3) 365.SH "HISTORY" 366.IX Header "HISTORY" 367\&\fIASN1_generate_nconf()\fR and \fIASN1_generate_v3()\fR were added to OpenSSL 0.9.8 |