Openssl 1.1.0 中的 c2i_ASN1_INTEGER 函数

本文介绍了Openssl 1.1.0 中的 c2i_ASN1_INTEGER 函数的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我最近在 linux 系统中将 openssl 从 1.0.2n 更新到了 1.1.0g.

I recently updated openssl from 1.0.2n to 1.1.0g in linux system.

我之前使用过

ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp, long len) 函数.由于此功能已在 openssl 1.1.0 中删除，现在我将其替换为

ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp, long len) function. As this function is removed in openssl 1.1.0, now i replaced this with

ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp, long length).

现在当我运行我的应用程序时，我收到警告

Now when i run my application then i get warning as

Warning:0:-- SSL 错误队列报告--警告:0:- asn1 编码例程|d2i_ASN1_UINTEGER|期望一个整数:218718323

这个问题的解决方案是什么?

What is the solution for this problem?

推荐答案

INTEGER(如 BER 或 DER)的 ASN.1 编码由 1 个或多个标识符"八位字节(通常为 1 个)组成，后跟 1 个或多个"length"八位字节，然后是content"八位字节(其长度由前面的length"八位字节决定).

ASN.1 encoding of an INTEGER (as BER or DER) consists of 1 or more "identifier" octets (usually 1), followed by 1 or more "length" octets, followed by "content" octets (the length of which is determined by the previous "length" octets).

函数 c2i_ASN1_INTEGER 假定您已经解析了标识符"和长度"八位字节并将内容"字节转换为整数.这已从 OpenSSL 1.1.0 中删除，因为这被认为是应用程序不应直接调用的非常低级的解析操作.

The function c2i_ASN1_INTEGER assumes you have already parsed the "identifier" and "length" octets and coverts the "content" bytes into an integer. This was removed from OpenSSL 1.1.0 because this is considered a very low level parsing operation that applications should not be calling directly.

函数d2i_ASN1_UINTEGER 不是c2i_ASN1_INTEGER 的直接替代品.它解析整个整数(包括标识符"和长度"八位字节).如果您只传递内容八位字节，那么它会将第一个字节解释为标识符"八位字节.这可能是一个整数的错误值，因此这可能就是您看到期望一个整数"错误的原因.

The function d2i_ASN1_UINTEGER is not a direct drop in replacement for c2i_ASN1_INTEGER. It parses the whole integer (including the "identifier" and "length" octets). If you pass it just the content octets then it will interpret the first byte as an "identifier" octet. This will likely have the wrong value for an integer and so this is probably why you are seeing the "expecting an integer" error.

您需要重写代码以将整个整数传递给 d2i_ASN1_UINTEGER.

You will need to rewrite your code to pass the whole integer to d2i_ASN1_UINTEGER.

这篇关于Openssl 1.1.0 中的 c2i_ASN1_INTEGER 函数的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！