On Wed, Dec 03, 2025 at 01:40:16PM +0100, Claudio Jeker wrote:
> On Wed, Dec 03, 2025 at 11:39:13AM +0100, Theo Buehler wrote:
> > This removes all but two direct accesss into ASN1_STRING in ip.c.
> > To handle the abs->flags reads, we will need new libcrypto API and a
> > compat shim for portable.
> > 
> > This is in the works: https://github.com/openssl/openssl/issues/29184
> 
> Ah, the unused bits, one of the ASN1 things that just makes your day a lot
> more exciting.

Indeed. At least unused bits make sense in RFC 3779 address and prefix
encoding, whereas the BIT STRING in the manifest FileHash is just weird.
It was probably a mistake/confusion (signatures are BIT STRINGS for
historic reasons but there it is a digest).

RSC decided to diverge there and use OCTET STRING for its FileNameAndHash,
because it's what CMS uses for Digest. A saner choice but inconsistent.

It's all such a mess.

All that said:

> > -	/* Weird OpenSSL-ism to get unused bit count. */

I'll reinstate this comment. I intended to remove this only when I add
the proper API call and failed to notice when I split that diff.