From f1c65db80bc587f173fed46923ea4ff8abb9d071 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Wed, 23 Jan 2008 19:25:41 +0000 Subject: [PATCH] Update from HEAD. --- FAQ | 10 +++++----- doc/crypto/ASN1_generate_nconf.pod | 13 +++++++++---- 2 files changed, 14 insertions(+), 9 deletions(-) diff --git a/FAQ b/FAQ index 96d39f5cc7..98b86b877a 100644 --- a/FAQ +++ b/FAQ @@ -823,11 +823,11 @@ code itself (the hex digits after the second colon). * Why do I get errors about unknown algorithms? -This can happen under several circumstances such as reading in an -encrypted private key or attempting to decrypt a PKCS#12 file. The cause -is forgetting to load OpenSSL's table of algorithms with -OpenSSL_add_all_algorithms(). See the manual page for more information. - +The cause is forgetting to load OpenSSL's table of algorithms with +OpenSSL_add_all_algorithms(). See the manual page for more information. This +can cause several problems such as being unable to read in an encrypted +PEM file, unable to decrypt a PKCS#12 file or signature failure when +verifying certificates. * Why can't the OpenSSH configure script detect OpenSSL? diff --git a/doc/crypto/ASN1_generate_nconf.pod b/doc/crypto/ASN1_generate_nconf.pod index 60867d951a..1157cff510 100644 --- a/doc/crypto/ASN1_generate_nconf.pod +++ b/doc/crypto/ASN1_generate_nconf.pod @@ -151,10 +151,11 @@ bits is set to zero. This specifies the format of the ultimate value. It should be followed by a colon and one of the strings B, B, B or B. -If no format specifier is included then B is used. If B is specified -then the value string must be a valid B string. For B the output must -be a set of hex digits. B (which is only valid for a BIT STRING) is a -comma separated list of set bits. +If no format specifier is included then B is used. If B is +specified then the value string must be a valid B string. For B the +output must be a set of hex digits. B (which is only valid for a BIT +STRING) is a comma separated list of the indices of the set bits, all other +bits are zero. =back @@ -172,6 +173,10 @@ An IA5String explicitly tagged using APPLICATION tagging: EXPLICIT:0A,IA5STRING:Hello World +A BITSTRING with bits 1 and 5 set and all others zero: + + FORMAT=BITLIST,BITSTRING:1,5 + A more complex example using a config file to produce a SEQUENCE consiting of a BOOL an OID and a UTF8String: