Hi,
There are two bugs in your code: First, you only need calls to BIO_read
not BIO_write, and in order to avoid the crash you have to pass a
pointer equal to &inbuf instead of &inbuf directly because d2i_PKCS7
increment the pointer internally.
So, a more correct version of the code will be :
BIO *bio, *b64;
char inbuf[4096];
int inlen = strlen(a);
char* ptr = &inbuf[0];
b64 = BIO_new(BIO_f_base64());
BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
bio=BIO_new_mem_buf(a, -1);
bio = BIO_push(b64, bio);
inlen=BIO_read(bio, inbuf, 4096);
p7 = d2i_PKCS7(NULL, &ptr, inlen);
I hope this will help.
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
On 4/3/2010 3:06 AM, sean wang wrote:
Hello,
I have a pkcs7 encoded cert which i want to load. the following code block
works fine: ( I am doing a base64 decoding first, will explain the reason in
the second half):
BIO *bio, *b64;
PKCS7 * p7;
b64 = BIO_new(BIO_f_base64());
BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
bio=BIO_new_mem_buf(a, -1);
bio_out= BIO_new_fp(stderr, BIO_NOCLOSE);
bio = BIO_push(b64, bio);
p7 = d2i_PKCS7_bio(bio, NULL);
However, for some interface reasons, I need to pass pass in a base64 decoded
blob to a legacy function, so i tried the following code:
BIO *bio, *b64, *bio_out;
char inbuf[4096];
int inlen = strlen(a);
b64 = BIO_new(BIO_f_base64());
BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
bio=BIO_new_mem_buf(a, -1);
bio_out= BIO_new_fp(stderr, BIO_NOCLOSE);
bio = BIO_push(b64, bio);
while((inlen=BIO_read(bio, inbuf, 4096))>0)
BIO_write(bio_out, inbuf, inlen);
p7 = d2i_PKCS7(NULL,&inbuf, inlen);
now this code fails with a segment fault.
So my question is, if i really need to get the based64 decoded blob of a pkcs 7
cert, what is the right way?
(because the first code worked, I assume the base64 decoding worked fine, but I
can't pull the data out of 'bio' variable, appears there the data is still
base64 encoded. how can i get the correct decoded blob?)
test cert I used:
char cert[] =
"MIIDCgYJKoZIhvcNAQcCoIIC+zCCAvcCAQExADALBgkqhkiG9w0BBwGgggLdMIIC\
2TCCAkKgAwIBAgIJAILcTFTXHeLsMA0GCSqGSIb3DQEBBQUAMGcxCzAJBgNVBAYT\
AlVTMQswCQYDVQQIEwJXQTELMAkGA1UEChMCT00xCzAJBgNVBAsTAk9NMQ0wCwYD\
VQQDEwRzZWFuMSIwIAYJKoZIhvcNAQkBFhNzd2FuZzU0QGhvdG1haWwuY29tMB4X\
DTEwMDMyMjIxMTkzN1oXDTExMDMyMjIxMTkzN1oweTELMAkGA1UEBhMCVVMxCzAJ\
BgNVBAgTAldBMRAwDgYDVQQHEwdyZWRtb25kMQswCQYDVQQKEwJPTTELMAkGA1UE\
CxMCT00xDTALBgNVBAMTBHNlYW4xIjAgBgkqhkiG9w0BCQEWE3N3YW5nNTRAaG90\
bWFpbC5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALKS/aKF9VjvokJZ\
dW4xkuqYFaRnNSYHNnmi4pIvbvf26QMnj9SerMw/c53LJTre1uQ/t1iAARY1LX4D\
wUCAijg/RN6zuW5NBcnJpgIYL6ZHciaL2qiDWIb6aoKy5hh0fb7psPI2n4/VO7pq\
9fhjsiCosJvEUehezhEOWkCDEyw7AgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZI\
AYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQW\
BBScenB4QwEq0x5n/oSRa8CuW+TifzAfBgNVHSMEGDAWgBSEddm7LRw5ylO1uAkY\
ZPvI6WnNqjANBgkqhkiG9w0BAQUFAAOBgQCmxtc5DV9wA8U3GW8ZVy5wO9Kzmhpz\
aRMLsKXjmgR5T0x9AQnf3W4Y5JmHtpXeOpvYEUiKiLOb/aNya+Km3S/7LJv8ufjn\
kHIiE6bsus/3NgAkLLmdodfJXFve/1viBzibwDZm4FyTHFjEnsFL57eAH+w0ZGna\
OUP4KRvWhjC/AKEAMQA=";
_________________________________________________________________
The New Busy think 9 to 5 is a cute idea. Combine multiple calendars with
Hotmail.
http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
