On Sat, Feb 06, 2010, Jim Welch wrote: > Hello, > > We started working on a project several months ago that has a need for > signature verification of an xml file. We had completed our tests and > everything was woking. The provider of the file then sent us a new Public > Key and said that it is what we will get for the live data. The file will > not read into our programs (one in C++ and one in Java). > > The C code that was working is as follows: > > pkey = PEM_read_PUBKEY(fp, NULL, NULL, NULL); > fclose (fp); > > if (pkey == NULL) > { > error stuff > } > > sigDatEnc = g_base64_decode( (gchar *) sigDat, &sigDatLen); > EVP_VerifyInit(&md_ctx, EVP_sha512()); > EVP_VerifyUpdate(&md_ctx, xmlDat, strlen((char *) xmlDat)); > err = EVP_VerifyFinal (&md_ctx, sigDatEnc, sigDatLen, pkey); > free(sigDatEnc); > EVP_PKEY_free (pkey); > > It fails on the PEM_read_PUBKEY by returning a NULL when it tries to read in > the file. The only help we can get from the provider is the following code > (Perl) which woks for them: >
The FAQ tells you how to get more information however... > -----BEGIN RSA PUBLIC KEY----- > MIICCgKCAgEAvW90MggAl07zMvyQdUk18/iOySyY8P/1vqC5XGNvC5aXIvC8UDpU > 2v8EK40SUc0FEqP8g893HgW+yDJa7SF2VyW2IEcnum2yot2ifGHjCDUnea2W5wBO > aFlY9Co9VXDLhRJNQyXyfKCXL/xiM2O2Py1x0+SIXkc1ml2M0x4Fb4QsMO5E2Y6o > 2mRVlPlooDPkj4BijvVX/EiPWpfbQAoidk8urHif5OTdIyqunce6b1Fqz7NH118n > DVQp/Txk6hGtGkHxYCC0biG20+u6XlD9qkYWn2KYqxBxJZvV12YO3pC1kzYAR9Xy > VlCfyHK8pGdcHO8LHZsWR5PeryNBWU14xlOVQsziFE4oMyEiSt00cUQhF+yCLQpr > T7+xvKTGA9YTXfI59LprKMXN5RPCBF5WuQZoxlREQMjhYV+b1rQx1jkkrflA0liF > oTgkrGw5mxk9jlQbFNeY4eVAudF3w2OdVD/N5UNoR+L7Jj1gAJjEV6what uYQrJ9f58h > 7UzsktkHPgROncZGGZLDM/acRbzar3Iv4CK8hnsHrAan8qd7jh9kU8DEXQ1Is2qf > w1/BMX4DPfijY1zboqUbrFwAmq7twoiTJPK+++aYBU7fu5tvRIPIXdziGOkWmrc6 > gjsIQA8GoM4am19VlD6P1inHMa1P4s8Md6AvbeAPkWXGmsYdsHvRDo8CAwEAAQ== > -----END RSA PUBLIC KEY----- That is an RSAPublicKey structure for which you call PEM_read_RSAPublicKey(). That returns an RSA structure which you need to convert to an EVP_PKEY structure using EVP_PKEY_new() and EVP_PKEY_assign_RSA() Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org