search

indutny / asn1.js

ASN.1 Decoder/Encoder/DSL
MIT License
184 stars 64 forks source link

implicit choices #39

Closed bmeck closed 9 years ago

bmeck commented 9 years ago 
  370:d=5  hl=2 l=   3 prim: OBJECT            :X509v3 CRL Distribution Points
  375:d=5  hl=2 l=  48 prim: OCTET STRING      [HEX DUMP]:302E302CA02AA028862668747470733A2F2F6C6F63616C686F73743A383838382F726F6F742D63612F63726C2E70656D

Pulled off a cert.

I can't find a good way to parse the octet string above, it should look like :

CRLDistributionPoints ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint

DistributionPoint ::= SEQUENCE {
     distributionPoint       [0]     DistributionPointName OPTIONAL,
     reasons                 [1]     ReasonFlags OPTIONAL,
     cRLIssuer               [2]     GeneralNames OPTIONAL }

DistributionPointName ::= CHOICE {
     fullName                [0]     GeneralNames,
     nameRelativeToCRLIssuer [1]     RelativeDistinguishedName }

ReasonFlags ::= BIT STRING {
     unused                  (0),
     keyCompromise           (1),
     cACompromise            (2),
     affiliationChanged      (3),
     superseded              (4),
     cessationOfOperation    (5),
     certificateHold         (6),
     privilegeWithdrawn      (7),
     aACompromise            (8) }

But notice that in the hex dump there is no explicit tag for CHOICE. Been fiddling but unable to find a workaround easily.

indutny commented 9 years ago

Please give a try to this: https://gist.github.com/indutny/c6ea74f891a037a01589

bmeck commented 9 years ago

rfc misleading on explicit / implicit, seems to work fine once I saw the DistributionPoint