[openssl-users] Forthcoming OpenSSL releases
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Forthcoming OpenSSL releases The OpenSSL project team would like to announce the forthcoming release of OpenSSL versions 1.0.2b, 1.0.1n, 1.0.0s and 0.9.8zg. These releases will be made available on Thursday 11th June. They will fix a number of security defects. The highest severity defect fixed by these releases is classified as moderate severity (see https://www.openssl.org/about/secpolicy.html). Yours The OpenSSL Project Team -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAEBAgAGBQJVde3fAAoJENnE0m0OYESRIokH+QFLMvyyCxztRQGRm54oxOGA WugDkHsonM6meJp8TPqjnSrvk5xmKT1FFL+9lZ/7V/Y/ImhjSkxAp1j3mbA3Drw0 UoDEO59hA2ZuKtLMIIgSRH+BTUIO0wHuVDURiVRBkj0A1shlI21uoRcJFNoAuGMQ 9wymbc5lIkN3OEUYKh5QW/izmdTFEYeNBDSndTO0kg5koymRTf68gCEtQ5sh3zFB Hnmx3rEsEr8NbWxrvHly2rPLcy8TluIe/uiIG3FBF/acyW/4KWFqvf994eCQYenw JG57Hv64TZa7dTmmjBNZgkrN8wM89SEW3pLCRmqkbBfQ12IByJC8dYNR8ieOp9g= =eGiv -END PGP SIGNATURE- ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Is there openssl API to verify certificate content is DER or PEM format ?
Hi, I need to verify if the certifiate I have received is having its content in PEM/DER format. Is there any API which if given file pointer like (fp) will tell me whether it has valid format of certificate and if yes then whether it is PEM/DER format ? If no API, then what is the other way to verify this ? Thanks Regards, Nayna Jain___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Is there openssl API to verify certificate content is DER or PEM format ?
[ Please DO NOT post user questions to openssl-dev, that's rude. ] On Tue, Jun 09, 2015 at 09:51:52AM +0530, Nayna Jain wrote: I need to verify if the certifiate I have received is having its content in PEM/DER format. Is there any API which if given file pointer like (fp) will tell me whether it has valid format of certificate and if yes then whether it is PEM/DER format ? If no API, then what is the other way to verify this ? If the first character of the file is 0x30 (ASN.1 sequence) it is likely in DER form. With stdio you can peek at that character and use ungetc() to put it back. The only false positives for DER will be files in which the PEM '-BEGIN ...-' line is preceded by comment text that happens to start with a '0'. If your PEM files contain no comments, the test is always accurate. A more robust test is to try PEM_read_X509() or PEM_read_bio_X509() and if that fails, rewind the file, and try d2i_X509_fp() or d2i_X509_bio(). The latter need not be tried if the first character of the file is not 0x30. -- Viktor. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users