In message <[EMAIL PROTECTED]> on Mon, 22 Dec 2003 16:36:30 -0500, Rich Salz <[EMAIL PROTECTED]> said:
rsalz> > RFC1421 says: rsalz> > ... rsalz> > Two encapsulation boundaries (EB's) are defined for delimiting rsalz> > encapsulated PEM messages and for distinguishing encapsulated PEM rsalz> rsalz> You can't read that alone; read the previous paragraph which references rsalz> RFC 934; the boundaries are line-based. rsalz> rsalz> As for \r\n vs \n, OpenSSL follows the ANSI/ISO C standard which makes rsalz> \n be the line-ending character. Under Windows/DOS, etc., make sure to rsalz> open your files in text (not binary) mode. Actually, under Windows, it seems like OpenSSL assumes binary mode if nothing is said. If you look at load_cert() and friends in apps/apps.c, you can see that the file is opened with a combination of BIO_new(BIO_s_file()) an BIO_read_filename(). Now, BIO_read_filename() is just a macro that uses the BIO_C_SET_FILENAME control, and if you look at how it's handled in crypto/bio/bss_file.c, you'll see that for MSDOS, Windows, OS/2 and NetWare, binary mode is forced unless a specific option is set (it's NOT set by BIO_read_filename()). So it seems that OpenSSL wants to read files in binary mode, and that it expects line ends to be done the Unixly way, which seemed completely weird to me, as I always viewed PEM files as text files. At this point, I'm beginning to understand why the choice to use binary mode in MSDOS and friends was used, and also how that may have been mistreated... Yet another thing to find time for... ----- Please consider sponsoring my work on free software. See http://www.free.lp.se/sponsoring.html for details. You don't have to be rich, a $10 donation is appreciated! -- Richard Levitte \ Tunnlandsv�gen 3 \ [EMAIL PROTECTED] [EMAIL PROTECTED] \ S-168 36 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Unsolicited commercial email is subject to an archival fee of $400. See <http://www.stacken.kth.se/~levitte/mail/> for more info. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
