On Wednesday 14 March 2007 04:05:45 you wrote:
> Hi list,
>
> I need to get an X509 *cert using string buffer, which is a base64
> encoded representation of it. In other words, if I have the contents of
> a ---BEGIN CERTIFICATE--- and --END CERTIFICATE--- of a .pem file, I
> need to retrieve the certificate.
>
THis is really easy - either use PEM_read_X509() to directly read the file...
or, if the PEM encoded certificate is already in a string buffer, you can do
something like:
char certstr[] = "---BEGIN---" ... "---END CERT---";
BIO *membuf = BIO_new(BIO_s_mem());
BIO_puts(membuf, certstr[]);
X509 *cert = PEM_read_bio_X509(membuf, NULL, NULL, NULL);
Which is MUCH, MUCH easier than what you are trying to do below....
Don't re-invent the wheel :)
Patrick.
> I used d2i_X509_bio() function for this. There I first decode the base64
> encoded string and then created a BIO* using function BIO_new_mem_buf().
>
> In summary the process is...
> b64_string --[EVP_Decode]-->binary--[d2i_X509_bio()]--->X509* certificate
>
> But I found that the binaries are different if the line breaks(\n) are
> available . And the function gives the certificate only if line
> breaks(\n) are there. If I'm correct, the base64 decode function should
> handle line breaks. EVP_DecodeInit/Update/Final functions gives
> different outputs depending on line breaks and thus the d2i_X509_bio()
> function fails if line breaks are not available.
> Can somebody point me what I have to do overcome this?
> Herewith I'll attach my program.
> Cheers,
> Kau
>
> int main(int argc , char **argv)
> {
> FILE *fp;
> char buff[1000];
> char b64[2000];
> int ilen = 0;
> BIO *mem;
> X509 *cert;
> EVP_ENCODE_CTX ctx;
> int len, ret;
>
>
> if (!(fp = fopen("cert.pem", "rb")))
> {
> printf("Error opening file\n" );
> exit(1);
> }
>
> ilen = fread(b64,1,2000,fp);
> b64[ilen]=0;
>
> EVP_DecodeInit(&ctx);
> EVP_DecodeUpdate(&ctx, (unsigned char*)buff,&len,
> (unsigned char*)b64, ilen);
> EVP_DecodeFinal(&ctx, (unsigned char*)buff, &ret);
> ret += len;
>
>
> if ((mem = BIO_new_mem_buf(buff, ilen)) == NULL)
> {
> printf("Error\n");
> exit(1);
> }
> cert = d2i_X509_bio(mem, NULL);
> BIO_free(mem);
>
> if (cert == NULL)
> {
> printf("Error in certificate\n");
> exit(1);
> }
> }
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [email protected]
> Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]