On Wed, Jul 21, 2004, [EMAIL PROTECTED] wrote:
>
> I have tried to the following code..it crashes in
> ASN1_OCTET_STRING_cmp()..
> Any inputs??
>
>
> ------------------------------------------------------------------------
> --
>
> BOOL SSL_validate_AID_SID(X509 *dev_cert, UCHAR *manu_buffer) {
> X509 *issuer_cert = NULL;
> AUTHORITY_KEYID *akid = NULL;
> ASN1_OCTET_STRING *skid = NULL;
>
> issuer_cert = d2i_X509(NULL,&manu_buffer,(long) (2048));
>
> akid = X509_get_ext_d2i(dev_cert,
> NID_authority_key_identifier,NULL, NULL);
> if (!akid) {
> printf("Error: AUTORITY key IDENTIFIER is Not present");
> return 0;
> }
>
> skid =X509_get_ext_d2i(issuer_cert,
> NID_subject_key_identifier, NULL, NULL);
> /* Check key ids (if present) */
>
> ASN1_OCTET_STRING_cmp(akid->keyid, skid);
>
>
>
> AUTHORITY_KEYID_free(akid);
>
>
> return 0;
> }
You need to check skid is not NULL and that akid->keyid is not NULL before
that call.
Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
