> From: owner-openssl-us...@openssl.org On Behalf Of David Schwartz > Sent: Wednesday, 13 April, 2011 18:55
> On 4/13/2011 2:35 AM, pattabi raman wrote: > > > *1. If I can't use sprintf then how can I copy the enrypted > message to a > > character buffer. Bcoz so far I am sending the request to > middleware in > > Char Buffer using TCP /IP socket. How can I able to achieve now.* > > ** > > If you don't know how to copy bytes of data, you don't know > how to code > in C. You can copy it yourself, using a 'for' loop. You can > use 'memcpy'. > Plus, usually you don't want to send just the encrypted bits. Depending on what the recipient expects, you may need to do encoding or formatting. Usually just C, but different C. > > *2. Actually I am using 2048 bit public key. So what is the > right size I > > can use. I tried to use RSA_size(rsa) , which gives core > dump error. * > > So any idea on the above points will help me a lot. Thanks. > > I'd have to see the code to be sure, but likely your core dump comes > from misusing the result of this call. For example, there is no > guarantee that you can *en*crypt a value just because it is > RSA_size or > fewer bytes. > OP's code posted earlier implies the data is a "CardPin", which in the normal meaning will be only a few characters, okay for PKCS1 on any sensible RSA keysize including 2048. And if this were the problem, it would cause an error return which his code DID check for; and even without that it would leave the output buffer wrong but wouldn't coredump. coredump sounds more like not malloc'ing correctly at all. Or allocating the wrong size and (then) corrupting the heap, but RSA_size() is pretty durn simple to get right. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
