Hello,
I'm attempting to write an RSA private key in DER
format and then read it back. A sample program is
below.
An error occurs reading the DER file back in when no
password is used. If I use a password in the
read/write functions, the operations are successful.
I've tested this using 0.9.7b and 0.9.7e on Linux
kernel 2.4 and gcc 3.3.1.
The error stack after the failed
d2i_PKCS8PrivateKey_fp() call:
===BEGIN===
13362:error:0D0680A8:asn1 encoding
routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:946:
13362:error:0D07803A:asn1 encoding
routines:ASN1_ITEM_EX_D2I:nested asn1
error:tasn_dec.c:304:Type=X509_ALGOR
13362:error:0D08303A:asn1 encoding
routines:ASN1_TEMPLATE_D2I:nested asn1
error:tasn_dec.c:566:Field=algor, Type=X509_SIG
===END===
Have I misunderstood something?
TIA
Duke
===SAMPLE BEGIN===
#include <stdio.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#include <openssl/err.h>
#include <openssl/pem.h>
#include <openssl/rsa.h>
#include <openssl/rand.h>
#define PKEY_FN "pkey.der"
int main(void)
{
int rc = 0;
FILE *fp = NULL;
RSA *rsaKey = NULL;
EVP_PKEY *pkey = NULL;
char *pwd = NULL;
SSL_load_error_strings();
OpenSSL_add_all_algorithms();
rsaKey = RSA_generate_key(1024, RSA_3, NULL,
NULL);
if (rsaKey == NULL) {
fprintf(stderr, "RSA_generate_key failed\n");
ERR_print_errors_fp(stderr);
exit(1);
}
pkey = EVP_PKEY_new();
if (pkey == NULL) {
fprintf(stderr, "EVP_PKEY_new failed\n");
ERR_print_errors_fp(stderr);
exit(1);
}
if (!EVP_PKEY_assign_RSA(pkey, rsaKey)) {
fprintf(stderr, "EVP_PKEY_assign_RSA
failed\n");
ERR_print_errors_fp(stderr);
exit(1);
}
rsaKey = NULL;
if ((fp = fopen(PKEY_FN, "wb")) == NULL) {
perror("fopen");
exit(1);
}
if (!i2d_PKCS8PrivateKey_fp(fp, pkey, pwd ?
EVP_des_ede3_cbc() : NULL,
NULL, 0, NULL, pwd)) {
fprintf(stderr, "i2d_PKCS8PrivateKey_fp
failed\n");
ERR_print_errors_fp(stderr);
exit(1);
}
if (fclose(fp) != 0) {
perror("fclose");
exit(1);
}
fp = NULL;
EVP_PKEY_free(pkey);
pkey = NULL;
if ((fp = fopen(PKEY_FN, "rb")) == NULL) {
perror("fopen");
exit(1);
}
pkey = d2i_PKCS8PrivateKey_fp(fp, NULL, NULL,
pwd);
if (pkey == NULL) {
fprintf(stderr, "d2i_PKCS8PrivateKey_fp
failed\n");
ERR_print_errors_fp(stderr);
exit(1);
}
if (fclose(fp) != 0) {
perror("fclose");
exit(1);
}
fp = NULL;
printf("successful\n");
return 0;
}
===SAMPLE END===
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
