Re: read X509 certificate from DER format file using d2i_X509

Wed, 22 Aug 2001 00:12:43 -0700 

Ok,

I modified that,and added the OpenSSL_add_all_algorithms(), but to no avail. 
Any other hints ?

Thanks & kind regards,
dirk L.

int
validate_ssl (int ok, char *ip, char *protocol, char *subject,char *issuer, unsigned 
char *cert, int length, int depth,char **message)
{
    char *cp;
    char *Fname = "validate_ssl";
    int i;
    int len;
    char *mp;
    int rc;
    char *status;
    X509 *pem_cert;
    char* name;
    char* errmsg = NULL;
    int ldap_err;
    int version;
    char* dirname;
    unsigned char *p;

    OpenSSL_add_all_algorithms();

    rc = ok && SSLok;

    /*pem_cert = X509_new();*/

    if (!cert)
      fprintf(stderr, "validate_ssl: DER certificate not available\n");

    /*the ASN1-parsing functions increment the pointer, so to avoid problems use a 
temporary pointer */
    /*http://www.openssl.org/support/faq.html#PROG3                                    
             */
    p = cert;
    pem_cert = d2i_X509(NULL, &p, length);
    version = X509_get_version(pem_cert);                  
    fprintf(stderr, "version %d\n",version);


22/08/2001 1:36:15, Dr S N Henson <[EMAIL PROTECTED]> wrote:

>dirk laurijssen wrote:
>> 
>> Hi,
>> Altough mentioned in the faq http://www.openssl.org/support/faq.html#PROG3 , I 
>can't seem to get the DER-certificate loaded appropriately into the X509-
struct.
>> 
>[stuff deleted]
>> 
>> int
>> validate_ssl (int ok, char *ip, char *protocol, char *subject,
>>     char *issuer, unsigned char *cert, int length, int depth,
>>     char **message)
>> {
>>     ....
>> 
>>    X509 *new_cert = d2i_X509(NULL, &cert, sizeof(cert));
>>    version = X509_get_version(new_cert);
>> 
>> }
>
>sizeof(cert) since "cert" is of type (char *) will just give you the
>size of a pointer (typically 4) what you want is the size of the buffer
>pointed to by "cert" which might be 'length' from the prototype...
>
>Steve.
>-- 
>Dr Stephen N. Henson.   http://www.drh-consultancy.demon.co.uk/
>Personal Email: [EMAIL PROTECTED] 
>Senior crypto engineer, Celo Communications: http://www.celocom.com/
>Core developer of the   OpenSSL project: http://www.openssl.org/
>Business Email: [EMAIL PROTECTED] PGP key: via homepage.
>
>______________________________________________________________________
>OpenSSL Project                                 http://www.openssl.org
>User Support Mailing List                    [EMAIL PROTECTED]
>Automated List Manager                           [EMAIL PROTECTED]
>

*****************
Dirk Laurijssen
Syntegra, creating winners in the digital economy.
+32 2 247 92 20 - Check us out at www.syntegra.be
*****************


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to