G'day,
> Consider the following ASN.1:
>
> Record ::= SEQUENCE {
> name [0] Name OPTIONAL,
> oid [1] OBJECT IDENTIFER
> }
This reminds me -- in order to get a UPN from an extension in a Certificate, I had to change the definition of GeneralName in rfc2459.asn1 from:
OtherName ::= SEQUENCE {
type-id OBJECT IDENTIFIER,
value [0] EXPLICIT heim_any
}
GeneralName ::= CHOICE {
otherName [0] OtherName,
...
}
to:
GeneralName ::= CHOICE {
otherName [0] SEQUENCE {
type-id OBJECT IDENTIFIER,
value [0] EXPLICIT heim_any
}
...
}
The problem is that implicitly tagged named types are not handled correctly in Heimdal's ASN.1 code.
When attempting to decode an otherName field of GeneralName, the decoder attempts to decode the tag [0], then calls the decode function for Othername, which attempts to decode the tag for SEQUENCE. Of course, just the tag for [0] is required for the 'otherName' field as OtherName is implicitly tagged.
-- Geoff