Re: problem with d2i_X509() ??

Sun, 04 Sep 2005 22:52:13 -0700

Hi Nils,
U r write.
That was the reason.

 
On 9/5/05, Nils Larsch <[EMAIL PROTECTED]> wrote:
Rajeshwar Singh Jenwar wrote:
> Hi All,
>
> I have to read x509 certificate(in .pem format) from memory.
> I have written two functions.
>
> Fn.1
>
> /* get X509 structure from memory. */
> extern X509 *mem2x509(vchar_t *cert)
> {
>    X509 *x509;
>
>  unsigned char *bp;
>
>  bp = (unsigned char *) cert->v;
>
>  x509 = d2i_X509(NULL, &bp, cert->l);
>
>  if(x509 == NULL)
>   {
>   Printf("ERROR :  %s : %d : %s\n ", __FILE__, __LINE__, "failed in
> d2ix509()");
>
>  }
> return x509;
> }
>
> Fn.2
>
> extern X509 *mem2x509_bio(vchar_t *cert)
>  {
>  X509 *x509= NULL;
>  BIO *bio = NULL;
>  int len = -1;
>
>  bio = BIO_new(BIO_s_mem());
>  if (bio == NULL)
>   {
>    Printf("ERROR :  %s : %d : %s\n ", __FILE__, __LINE__, "failed in
> BIO_new()");
>    return NULL;
>   }
>  len = BIO_write(bio, cert->v, cert->l);
>  if (len == -1)
>   {
>    Printf("ERROR :  %s : %d : %s\n ", __FILE__, __LINE__, "failed in
> BIO_write()");
>    return NULL;
>   }
>  x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL);
>
>  if(x509 == NULL)
>   {
>    Printf("ERROR :  %s : %d : %s\n ", __FILE__, __LINE__, "failed in
> PEM_read_bio_X509()");
>   }
>  BIO_free(bio);
>
>  return x509;
> }
>
> Now certificate data is stored in char array.
>
>        vchar_t *cacert = NULL;
>        cacert = vmalloc(strlen(CERT.CACert));
>        memcpy(cacert->v, CERT.CACert, strlen(CERT.CACert));
>
>
> Now i m extracting with above two functions.
>
> Fn1 is failling .I m getting "failed in d2i_x509" message.
>
> F2. is passed.
>
> Can some explain the reason ?

if you have a pem encoded certificate d2i_X509 of course fails as
it expects a der encoded binary input.

Nils
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to