Hi Usman,
I did. Unfortunately it didn't work for me when I use a string buffer to create a new BIO* [BIO_new(); BIO_pits()]. But the same method works fine if I create a BIO* using a file [BIO_new_file()]. Please read the thread carefully. If u need another clarification of my problem, I'm little bit concerned over the line breaks in the string buffer. The base64 decode function [EVP_decode] produces two different outputs depending on the presence of line breaks.
Thanks for the reply anyway.
Cheers,
Kau

Usman Riaz wrote:

Strange, you posted a question instead of just copying, pasting "BEGIN...END" doing a recompile & rerun :D.

Hope this helps,

Regards,

Usman.

    ------------------------------------------------------------------------
    From:  /Kaushalye Kapuruge <[EMAIL PROTECTED]>/
    Reply-To:  /[email protected]/
    To:  /[email protected]/
    Subject:  /Re: Problem with EVP_Decode and line breaks in a X509
    certificate/
    Date:  /Thu, 15 Mar 2007 11:51:12 +0530/
    MIME-Version:  /1.0/
    X-Sender:  /Kaushalye Kapuruge <[EMAIL PROTECTED]>/
    Received:  /from mmx1.engelschall.com ([195.30.6.154]) by
    bay0-mc11-f1.bay0.hotmail.com with Microsoft
    SMTPSVC(6.0.3790.2668); Wed, 14 Mar 2007 23:21:35 -0700/
    Received:  /by mmx1.engelschall.com (Postfix)id 363D356425; Thu,
    15 Mar 2007 07:20:21 +0100 (CET)/
    Received:  /from master.openssl.org (master.openssl.org
    [195.30.6.166])by mmx1.engelschall.com (Postfix) with ESMTP id
    1AFE85641Ffor <[EMAIL PROTECTED]>; Thu, 15 Mar
    2007 07:20:21 +0100 (CET)/
    Received:  /by master.openssl.org (Postfix)id 957B11AC6205; Thu,
    15 Mar 2007 07:20:20 +0100 (CET)/
    Received:  /by master.openssl.org (Postfix, from userid 29101)id
    8D6451AC6204; Thu, 15 Mar 2007 07:20:20 +0100 (CET)/
    Received:  /from relay03.pair.com (relay03.pair.com
    [209.68.5.17])by master.openssl.org (Postfix) with SMTP id
    9ECA81AC61C3for <[email protected]>; Thu, 15 Mar 2007
    07:20:08 +0100 (CET)/
    Received:  /(qmail 33387 invoked from network); 15 Mar 2007
    06:19:32 -0000/
    Received:  /from 124.43.228.16 (HELO ?10.100.1.163?)
    (124.43.228.16) by relay03.pair.com with SMTP; 15 Mar 2007
    06:19:32 -0000/
    >Hi Patrick,
    >Thanks for the reply.
    >Yes I took that approach but it didn't work. That's why I dig a bit
    >further down and tried locate where exactly the error is. I figured
    >that new lines in the base64 encoded string buffer are necessary to
    >cast a certificate out of it. May be my observation is wrong.
    >
    >When I try to create a BIO* using the follwoing way the
    >PEM_red_bio_X509() didn't work.
    >
    >char[] buf = "MIICzjCCAjegAwIBAgI...";/*Contents in between ---BEGIN
    >  CERT--- and --END CERT--- */
    >bp = BIO_new(BIO_s_mem());
    >BIO_puts(bp, buf);
    >
    >But if I tried to create BIO* from a .pem file as follows it worked.
    >bp=BIO_new_file("cert.pem","r");
    >
    >Could you please clarify me how should the string buffer be?
    >Should it be with --BEGIN-- and --END---?
    >Should it preserve line breaks?
    >
    >Cheers,
    >Kau
    >
    >
    >
    >
    >
    >Patrick Patterson wrote:
    >>On Wednesday 14 March 2007 04:05:45 you wrote:
    >>
    >>>Hi list,
    >>>
    >>>I need to get an X509 *cert using string buffer, which is a base64
    >>>encoded representation of it. In other words, if I have the
    >>>contents of
    >>>a ---BEGIN CERTIFICATE--- and  --END CERTIFICATE--- of a .pem
    >>>file, I
    >>>need to retrieve the certificate.
    >>>
    >>>
    >>THis is really easy - either use PEM_read_X509() to directly read
    >>the file... or, if the PEM encoded certificate is already in a
    >>string buffer, you can do something like:
    >>
    >>char certstr[] = "---BEGIN---" ... "---END CERT---";
    >>BIO *membuf = BIO_new(BIO_s_mem());
    >>BIO_puts(membuf, certstr[]);
    >>X509 *cert = PEM_read_bio_X509(membuf, NULL, NULL, NULL);
    >>
    >>
    >>Which is MUCH, MUCH easier than what you are trying to do below....
    >>
    >>Don't re-invent the wheel :)
    >>
    >>Patrick.
    >>
    >>
    >>>I used d2i_X509_bio() function for this. There I first decode the
    >>>base64
    >>>encoded string and then created a BIO* using function
    >>>BIO_new_mem_buf().
    >>>
    >>>In summary the process is...
    >>>b64_string --[EVP_Decode]-->binary--[d2i_X509_bio()]--->X509*
    >>>certificate
    >>>
    >>>But I found that the binaries are different if the line breaks(\n)
    >>>are
    >>>available . And the function gives the certificate only if line
    >>>breaks(\n) are there. If I'm correct, the base64 decode function
    >>>should
    >>>handle line breaks. EVP_DecodeInit/Update/Final functions gives
    >>>different outputs depending on line breaks and thus the
    >>>d2i_X509_bio()
    >>>function fails if line breaks are not available.
    >>>Can somebody point me what I have to do overcome this?
    >>>Herewith I'll attach my program.
    >>>Cheers,
    >>>Kau
    >>>
    >>>int main(int argc , char **argv)
    >>>{
    >>>     FILE *fp;
    >>>     char buff[1000];
    >>>     char b64[2000];
    >>>     int ilen = 0;
    >>>     BIO *mem;
    >>>     X509 *cert;
    >>>     EVP_ENCODE_CTX ctx;
    >>>     int len, ret;
    >>>
    >>>
    >>>     if (!(fp = fopen("cert.pem", "rb")))
    >>>     {
    >>>         printf("Error opening file\n" );
    >>>         exit(1);
    >>>     }
    >>>
    >>>     ilen = fread(b64,1,2000,fp);
    >>>     b64[ilen]=0;
    >>>
    >>>     EVP_DecodeInit(&ctx);
    >>>     EVP_DecodeUpdate(&ctx, (unsigned char*)buff,&len,
    >>>                    (unsigned char*)b64, ilen);
    >>>     EVP_DecodeFinal(&ctx, (unsigned char*)buff, &ret);
    >>>     ret += len;
    >>>
    >>>
    >>>     if ((mem = BIO_new_mem_buf(buff, ilen)) == NULL)
    >>>     {
    >>>         printf("Error\n");
    >>>         exit(1);
    >>>     }
    >>>     cert = d2i_X509_bio(mem, NULL);
    >>>     BIO_free(mem);
    >>>
    >>>     if (cert == NULL)
    >>>     {
    >>>         printf("Error in certificate\n");
    >>>         exit(1);
    >>>     }
    >>>}
    >>>
    >>>______________________________________________________________________
>>>OpenSSL Project >>>http://www.openssl.org >>>User Support Mailing List >>>[email protected] >>>Automated List Manager >>>[EMAIL PROTECTED]
    >>>
    >>
    >>
    >>______________________________________________________________________
>>OpenSSL Project >>http://www.openssl.org >>User Support Mailing List >>[email protected] >>Automated List Manager >>[EMAIL PROTECTED]
    >>
    >>
    >
    >______________________________________________________________________
>OpenSSL Project >http://www.openssl.org >User Support Mailing List >[email protected] >Automated List Manager >[EMAIL PROTECTED]


------------------------------------------------------------------------
Express yourself instantly with MSN Messenger! MSN Messenger <http://g.msn.com/8HMBEN/2734??PS=47575> Download today it's FREE!______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [email protected]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to