Re: Runtime error with SSL_CTX_use_PrivateKey_file function

2007-02-27 Thread Victor Duchovni 
On Tue, Feb 27, 2007 at 01:49:13AM -0800, Anita Kumar wrote:

> static int password_callback(char *buf, int size, int rwflag, void *userdata)
> {
>   printf("*** Callback function called\n");
>   strcpy(buf, "ibmdw");
>   return 1;
> }
> 
> SSL_CTX_set_default_passwd_cb(ctx, &password_callback);

>From the manpage for SSL_CTX_set_default_passwd_cb:

   The pem_passwd_cb(), which must be provided by the application, hands
   back the password to be used during decryption. On invocation a pointer
   to userdata is provided. The pem_passwd_cb must write the password into
   the provided buffer buf which is of size size. The actual length of the
   password must be returned to the calling function. rwflag indicates
   whether the callback is used for reading/decryption (rwflag=0) or writ-
   ing/encryption (rwflag=1).

Read the second-last sentence carefully.

-- 
Viktor.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]

Runtime error with SSL_CTX_use_PrivateKey_file function

2007-02-27 Thread Anita Kumar 
Hi,
   
  I'm trying to use the encrypted private key for my test SSL server. 
   
  I generated an encrypted private key cert_27.key using genrsa tool and I gave 
a paswd to it. I wrote a call back function as follows, which just stores my 
passwd into buf character buffer.
static int password_callback(char *buf, int size, int rwflag, void 
*userdata)
  {
/* For the purposes of this demonstration, the password is "ibmdw" */
  printf("*** Callback function called\n");
  strcpy(buf, "ibmdw");
  return 1;
  }

  Now, I tried to load the private key in my server application as follows
   
int main()
  {
SSL_CTX *ctx;
  SSL *ssl, *ssl1;
  BIO *bio, *abio, *out;
  int p;
  char r[1024];
  CRYPTO_malloc_init(); 
  SSL_library_init();
  SSL_load_error_strings();
  ERR_load_BIO_strings();
  ERR_load_SSL_strings();
  OpenSSL_add_all_algorithms();
  printf("Attempting to create SSL context... ");
  ctx = SSL_CTX_new(SSLv23_server_method());
  if(ctx == NULL)
  {
printf("Failed. Aborting.\n");
  return 0;
  }
  printf("\nLoading certificates...\n");
  SSL_CTX_set_default_passwd_cb(ctx, &password_callback);
  if(!SSL_CTX_use_certificate_file(ctx, "signedcert_27.pem", SSL_FILETYPE_PEM))
  {
ERR_print_errors_fp(stdout);
  SSL_CTX_free(ctx);
  return 0;
  }
  printf("\nLoading Private key...\n");
  if(!SSL_CTX_use_PrivateKey_file(ctx, "cert_27.key", SSL_FILETYPE_PEM))
  {
ERR_print_errors_fp(stdout);
  SSL_CTX_free(ctx);
  return 0;
  }
  }
   
  when executing this application, i get the following runtime error in the 
function, SSL_CTX_use_PrivateKey_file
   
  OPENSSL_Uplink(100EB010,07): no OPENSSL_Applink.
   
  When I comment the SSL_CTX_set_default_passwd_cb() line. The executable is 
running, it asks for pem passphrase. When I enter the password, everything is 
fine. But, I did not want this behaviour as I need to enter the passwd from 
screen.
  I would appriciate if I get nay comments on this.
  Thanks and Regards,
  Renuga.


 
-
Access over 1 million songs - Yahoo! Music Unlimited.