On Thu, Nov 06, 2008, BiGNoRm6969 wrote: > > Hi, here is my problem: > > I first created a private RSA key with the argument -passout pass:123456 > After that I create the certificate with this the argument -passin: 123456 > > In my code I do that: > > static char keyfile[] = "C:/MyKeyFile.pem"; > FILE* fp = fopen( keyfile, "r"); > pem_password_cb* pem_cb = (pem_password_cb*)123456; > EVP_PKEY* test_key = PEM_read_PrivateKey(fp, NULL, pem_cb, NULL); > SSL_CTX_use_certificatefile(SSL_context, MYDEFINEDCERTIFICATEFILE, > SSL_FILETYPE_PEM); > SSL_CTX_use_PrivateKey(SSL_context, test_key); > > The last function always returns the error 185073780 from ERR_get_error() > (certificate routines:X509_check_private_key:key values mismatch). > > I don't know how to fix my error. Previously I was using normal (not > encrypted) private key and certificate (without -passout and -passin in the > jey and certificate generation) and everything works well. Since I try to > use encrypted private key nothing works. > > Can someone help me ? >
I suspect test_key is NULL and I'm surprised that doesn't crash, because you are setting a garbage numeric value for the callback. To use a passphrase as a string you set pem_cb to 0 and include the string as the last argument: EVP_PKEY* test_key = PEM_read_PrivateKey(fp, NULL, 0, "123456"); Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
