On Tue, Jun 21, 2005, Richard Levitte - VMS Whacker wrote: > In message <[EMAIL PROTECTED]> on Mon, 20 Jun 2005 18:53:39 +0200, "Dr. > Stephen Henson" <[EMAIL PROTECTED]> said: > > steve> On Mon, Jun 20, 2005, Richard Levitte - VMS Whacker wrote: > steve> > steve> > In message <[EMAIL PROTECTED]> on Mon, 20 Jun 2005 12:11:30 +0200, > Beat Jucker <[EMAIL PROTECTED]> said: > steve> > > steve> > bj> Given attached BASE64 encoded file openssl will write only 5280 > steve> > bj> decoded bytes instead of the original 5305 bytes as other tools > steve> > bj> like mimencode, base64, Asn1Editor, web online base64 decoder, > ... > steve> > bj> > steve> > bj> openssl base64 -d -in text.pem -out text.der > steve> > bj> --> 5280 instead of 5305 bytes!? > steve> > > steve> > I've played with previous incarnations, and noticed that with the > steve> > latest update for 0.9.7-stable, I get 5305 bytes, while I get 5280 > steve> > bytes with 0.9.8-stable. I compared crypto/evp/bio_b64.c from both > steve> > branches, and there is virtually no difference, so the problem is > steve> > somewhere else. > steve> > > steve> > I noticed something unusual about your file: the lines are 76 > steve> > characters, when a PEM file usually (or at least by default when > steve> > output by OpenSSL) has 64 character lines... I have no clue how > steve> > important that fact is, but I'm going to conduct some tests. > steve> > > steve> > steve> The only significant change is: > steve> > steve> http://cvs.openssl.org/chngview?cn=12988 > steve> > steve> whether this is the problem or it has just triggered a problem > steve> elsewhere I don't know. > > This specific case seems to be because of the 76 character lines. The > attached patch seems to fix it, though. >
Yes that should work. Its the '=' in separate records that seems to be the root cause IMHO which the 76 line input would also cause. > Really, the base64 decoder is quite the pile of crap. Why on earth > does it have dependence on where a NL will appear? There's absolutely > no reason unless you're a PEM fetishist... It should really be > rewritten... > It is bloody horrible, has been about since the dawn of time (well SSLeay anyway) and has been patched up a couple of times where it can't handle boundary cases. I agree a readable robust complete rewrite would be a good idea. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
