Re: Converting BIO* to PKCS7*

Tue, 18 Sep 2012 03:52:56 -0700 

Thanks for the response. The encryption is also done by me. I have generated 
the cipher text as below:

    in = BIO_new_mem_buf(pchContent, iPriKeyLen);
>    if (!in) {
>        return 0;
>    }
>
>
>    /* encrypt content */
>    p7 = PKCS7_encrypt(recips, in, EVP_des_ede3_cbc(), flags);
>    if (!p7) {
>        return 0;
>    }
>
>
>    char* chEnc = new char[1000];
>    BIO* memorybio = BIO_new(BIO_s_mem());
>    BIO* base64bio = BIO_new(BIO_f_base64());
>    BIO* outbio = BIO_push(base64bio, memorybio);
>
>
>    long ll = i2d_PKCS7_bio(outbio, p7);
>    BIO_flush(outbio);
>    BIO_set_flags(memorybio, BIO_FLAGS_MEM_RDONLY);
>    int iLength = BIO_get_mem_data(memorybio, &chEnc);

The encrypted value is generated like this:

MIGkBgkqhkiG9w0BBwOggZYwgZMCAQAxfDB6AgEAMGQwVzELMAkGA1UEBhMCVUsx
>EjAQBgNVBAcTCVRlc3QgQ2l0eTEWMBQGA1UEChMNT3BlblNTTCBHcm91cDEcMBoG
>A1UEAxMTVGVzdCBTL01JTUUgUm9vdCBDQQIJAJ+rfmEoLQRhMA0GCSqGSIb3DQEB
>AQUABAAwEAYJKoZIhvcNAQcBMAMGAQA=

And I feed chEnc to the decryption procedure to be decrypted. Is it correct? 
Any idea if the encoding is incorrect.

Thanks


________________________________
 From: Dave Thompson <dthomp...@prinpay.com>
To: openssl-users@openssl.org 
Sent: Monday, September 17, 2012 8:45 PM
Subject: RE: Converting BIO* to PKCS7*
 
>From: owner-openssl-us...@openssl.org On Behalf Of Mohammad Khodaei
>Sent: Monday, 17 September, 2012 05:01

>I've got a problem regarding BIO* to PKCS7* conversion. I want to 
>call PKCS7_decrypt() function to decrypt a cipher text. Before that, 
>I have this section of code:

>in = BIO_new_mem_buf(chEnc, iLength);
>if (!in) { <snip>
>p7 = d2i_PKCS7_bio(in, NULL);
>if (!p7) { <snip>
>140172957116064:error:0D0680A8:asn1 encoding routines:
ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1319: 
>140172957116064:error:0D07803A:asn1 encoding routines:
ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:381:Type=PKCS7

>Any idea how to fix it? Is it the problem due to encoding? 
>or is it a conversion problem?

Yes, it is encoding. The data you supplied isn't correct DER -- 
perhaps not DER at all, that's an easy way to get this wrong.
Check your data is DER and is exactly, octet for octet, that 
produced by a correct sender (encoder).


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                          majord...@openssl.org

Reply via email to