I did that already and saw already that BIO_gets is called. I just left the question open since I don't understand the reason behind this. It forces me to use a buffer BIO that I only need for that one read. But I agree that this is a workaround that is doable
>> Is it possible that PEM_read_bio_RSA_PUBKEY uses BIO_gets internally > > Sometimes the best answer to that sort of question -- sadly, perhaps, but > true nonetheless -- is to look at the source code. Not so hard to read as > I > had at first supposed. > > Charles > > -----Original Message----- > From: owner-openssl-us...@openssl.org > [mailto:owner-openssl-us...@openssl.org] On Behalf Of Carolin Latze > Sent: Tuesday, September 04, 2012 5:03 AM > To: openssl-users@openssl.org > Subject: RE: PEM_read_bio_RSA_PUBKEY > > Hi, > > I went on reading about this error and figured out that the socket bio > does not support the BIO_gets method. Is it possible that > PEM_read_bio_RSA_PUBKEY uses BIO_gets internally and is therefore not > really compatible with a socket bio? > > In order to verify that I created a buffer BIO (BIO_f_buffer()) on top of > the socket bio for the read function. And this just works. Is this the > desired way to do this? I can live with it, but since it was not > documented (or maybe I just missed it), I did not expect it. > > best regards and thanks a lot again for the help > Carolin > >> Hi Dave >> >> thanks a lot for the explanation. That makes a lot clearer to me. I > added >> some code to read out possible errors and there is none on the write > method. However there is a strange one on read: >> >> error code pubkey: 537297017 in bio_lib.c line 297. >> error data: >> error string: error:20068079:BIO routines:BIO_gets:unsupported method > error code pubkey: 151441516 in pem_lib.c line 696. >> error data: >> error string: error:0906D06C:PEM routines:PEM_read_bio:no start line >> >> For me that sounds as if it does not fine the "----- BEGIN PUBKEY ----" > line. So I checked with wireshark and it is there. The PEM string is > distributed over 3 packets but it is continuous data (there is no other > data in those packets). So where does this error come from? Any ideas? I > cannot do anything about the method here, right? >> >> BTW I checked that this error is really triggered by the read function > and >> not by any BIO function before that function. >> >> best regards >> Carolin >> >>>> From: owner-openssl-us...@openssl.org On Behalf Of Carolin Latze Sent: >> Monday, 03 September, 2012 13:39 >>>> I try to send an RSA public from one entity to another using socket >> BIOs. I use PEM_write_bio_RSA_PUBKEY and PEM_read_bio_RSA_PUBKEY to do > that. I also tried with PEM_{write|read}_bio_RSAPublicKey. Both have the >>>> same behaviour in my case. The write function seems to work just fine. >> I >>>> am able to see the public key on the wire (using wireshark). However, >> the read function just crashes. It looks as if it reads an endless > amount of data and I have no idea why. Are those function >>>> actually meant >>>> to send data over a socket bio? >>> The PEM routines are meant to send or store over practically any >> channel. The DER routines are meant to send/store over any 8-bit clean > channel, which many socket protocols also do. (TCP/IP itself and a plain > socket does, but some protocols built on top of TCP/IP like SMTP and > HTTP don't, while some like FTP do.) >>> Either pair should work, but mixing them should not. The RSAPublicKey >> routines use the "raw" PKCS#1 format, and the RSA_PUBKEY routines use > the generic X.509 PublicKeyInfo format which *contains* the PKCS#1. > Although semantically equivalent, these are not the same thing. >>> But if you get this (or pretty much anything else) wrong, the read >> routine shouldn't crash. It should return null with error information > stored in the error queue; this is not the same as either crashing or > reading endlessly. In fact reading endlessly wouldn't crash either by my > definition so I can't guess what you mean actually happens. >>>> This is how I call them: >>>> on party A: >>>> RSA rsa; >>>> <init rsa, generate keys> >>>> PEM_write_bio_RSA_PUBKEY(sockbio,rsa); >>>> on party B: >>>> rsa = RSA_new(); >>>> PEM_read_bio_RSAPublicKey(sockbio,&rsa,0,0); >>>> Something wrong with the way I call the functions? >>> If you are mismatching RSA_PUBKEY to RSAPublicKey see above. >>> Even if not, you definitely should check for error on the read >>> routine and at least display something. The write routine is >>> much less likely to fail, but even so as general good practice >>> you should check it too. >>> Nit: personally in C I would write NULL rather than 0 >>> for a null pointer -- just so it's visible to humans, >>> although it makes no difference to the compiler. >>> Unfortunately C++ doesn't support this until recently. >>> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org >> >> >> >> >> ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org >> > > > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
