>From: [email protected] On Behalf Of Senthil Balachandran
>Sent: Sunday, 20 May, 2012 10:57
> Here is the simple program i am trying to do but unfortunately i got
> errors on decrypting side and the error is as shown below, so can anyone
> please fix the issue. Thanks in advance.
>Compilation Warnings
>.c:123:22: warning: pointer targets in initialization differ in signedness
>.c:131:1: warning: implicit declaration of function
'SSL_load_error_strings'
>:136:20: warning: pointer targets in assignment differ in signedness
1. you should #include <ssl.h> if you call SSL_load_error_strings.
But since you're not using any SSL_* APIs, hence any SSL_* error codes,
you don't need this at all; ERR_load_crypto_strings is sufficient.
2. a string literal like "hello" and argv[*] in C are pointers to
(array of) 'plain' char. 'plain' char in C (and C++) can actually
be either unsigned or signed depending on the implementation, but
is formally not compatible with either and needs a cast. (This is
unlike other integer types, where e.g. 'short' is always signed,
and 'short*' and 'signed short*' are the same type always.)
3. using static variables for the two BIGNUM's in an RSA pubkey,
which are actually pointing to the same data as the ones in the
privatekay, so you have to null out when free'ing, is just ugly.
It's not safe to make copies of an OpenSSL BIGNUM value, because
there's no way to track responsibility for the data they point to.
Generally you should only declare (and copy) >pointer to< BIGNUM,
and leave BN_* to do all the memory management.
Either just use the RSA privatekey as the publickey (in OpenSSL
this works, although not necessarily in other crypt software),
or make it entirely separate, for example by i2d_RSAPublicKey
then d2i_RSAPublicKey (which copies only the publickey parts).
4. (raw) ciphertext is not a C string and not printable,
so printing it with printf %s is unsafe and useless.
5. the call to RSA_private_decrypt on line 118 uses cipher_len
the global variable on line 12, which is 0 which is totally wrong.
You may have intended the value passed as the first parameter,
which is 128 and correct, but you spelled that cipher_1en .
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
