Re: pem/bio/evp help

Tue, 10 Apr 2001 00:13:11 -0700 

Hello,

BIO is an I/O abstraction.
To create a new BIO use the BIO_new() function.
You have to pass a method that is used to define the 
BIO type. In your case you have to create a Memory BIO to
read from your char*.

BIO *mybio=BIO_new(BIO_s_mem());

this method allows some specific function to set or
get the memory buffer. At this point you must set the buffer
to point to your key.


BUF_MEM *buff=BUF_MEM_new();
BUF_MEM_grow(buff,key_pointer,key_len);
BIO_set_mem_buf(mybio,buff,BIO_NOCLOSE);

Now you can parse the key
PEM_read_bio_DSAPrivateKey(mybio,...);

Finally remember to release memory

BIO_free(mybio);
BUF_MEM_free(buff);

For more info on BIO see OPENSSL-SOURCES/doc/ssleay.txt


Gila Monstre wrote:
> 
> Hi!
> 
> I've been pouring over the online documentation somewhat, but I'm afraid
> that I've been running in circles and I'm hoping that someone can give
> me a clue or point me in the right direction.
> 
> My ultimate goal is to get the openssh client to authenticate to a
> server using a private key (DSA format for now) stored on a smarcard,
> specifically the GPK8000 if anyone is interested, but this shouldn't
> change anything.
> 
> My problem is that to give the key to the openssh client, it has to be
> in evp format, or I have to use the DSA *PEM_read_bio_DSA_PUBKEY(BIO
> *bp, DSA **x, pem_password_cb *cb, void *u); function to read the key in
> (I retrieve it from the card in unsigned char format) and I'm having
> difficulty understanding what BIO *bp is, and how I can fabricate it.
> 
> Would DSA *PEM_read_bio_DSA_PUBKEY(NULL, (DSA *)unsigned char
> *mykeyfromcard, NULL, NULL); work? How do I turn my unsigned char into a
> DSA or evp_pkey format otherwise?
> 
> Please let me know if you can shed soem light onto any of this!
> Thank you,
> Gila.
> --=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--
> Gila Sheftel                          [EMAIL PROTECTED]
> Fearless Geek                                    (514)732-2459
> Advanced Projects Group                       Gemplus Software
> 
> You *can* go home again.  Just type "cd ~".
> 
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    [EMAIL PROTECTED]
> Automated List Manager                           [EMAIL PROTECTED]

--
FERDINANDO RICCHIUTI
Research & Development

CSP s.c. a r.l. 
____________________________________________
Villa Gualino
Viale Settimo Severo, 63 - 10133 Torino [IT]

e-mail           [EMAIL PROTECTED]
mob                       +39 (0)348 6023959
tel                       +39  (0)11 3165401
____________________________________________
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to