Re: PKCS12_parse

Tue, 15 Nov 2011 14:05:32 -0800 

Sorry, but this is just getting more interesting: it seems that the call
fails when I type the right password (within the app, not in my sample).
It is when I typed the wrong password that the call succeeded, but
returned the empty key...
Will keep investigating...
   Dirce

> I made some progress. The call to PKCS12_parse succeeded, but the pkey
> returned was NULL. Please see below where I indicated how I created this
> .p12 file. I wonder why the  PKCS12_parse command can't read its private
> key. I keep suspecting on permissions, but they seem ok - this app is
> running as cgi.
> Any suggestions are appreciated.
>   Dirce
>
>
>
>> Hello,
>>
>> I am maintaining a piece of code that calls PKCS12_parse. It worked with
>> an older version of openssl (0.9.8m), but it is not working with version
>> 1.0.0
>> Here are some clips:
>>
>> X509               *cert = NULL;
>> BIO                *in = NULL;
>> STACK_OF(X509)     *ca_certs = NULL;
>> PKCS12             *p12 = NULL;
>> EVP_PKEY           *pkey = NULL;
>> char                pass[PEM_BUFSIZE];
>>
>> strcpy(pass, exportpw.c_str()); // I verified that the password is
>> correct
>>
>> p12 = d2i_PKCS12_bio(in, NULL);
>>
>> if (!(PKCS12_parse(p12, pass, &pkey, &cert, &ca_certs)))
>>
>> I created the pkcs12 file with:
>> openssl req -new -x509 -days 365 -keyout new.pem -out new.pem
>> openssl pkcs12 -export -in new.pem -out new.p12 -name "My certificate"
>>
>> I read in two places in the net that this code was fixed for version 1
>> and
>> above. Does anyone have any information on this?
>>
>> Thank you,
>>    Dirce
>>
>>
>> ______________________________________________________________________
>> OpenSSL Project                                 http://www.openssl.org
>> User Support Mailing List                    openssl-users@openssl.org
>> Automated List Manager                           majord...@openssl.org
>>
>
>
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    openssl-users@openssl.org
> Automated List Manager                           majord...@openssl.org
>


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to