On 03/02/2015 06:26, Gayathri Manoj wrote:
Hi Steve, Viktor,

I have tried with len also, But this also causing seg fault.
my requiremnt is to store max 2048 bit keys. Hence I used length as 512 +1.
currently i ma getting len value = 28514.

X509_SIG sig;
X509_ALGOR algor;
ASN1_OCTET_STRING digest;
ASN1_TYPE parameter;
   ASN1_item_digest() // to get digest details
   sig.algor = &algor;
    sig.algor->algorithm=OBJ_nid2obj(NID_md5);
There is the problem!  FIPS does not allow use of MD5,
probably never has.  Have you checked if thisreturned
NULL to indicate an error finding the MD5 OID?
    parameter.type=V_ASN1_NULL;
    parameter.value.ptr=NULL;
    sig.algor->parameter = &parameter;
    sig.digest = &digest;
    sig.digest->data=(unsigned char*)msg;
    sig.digest->length=datalen;
    len = i2d_X509_SIG(&sig,NULL);
Have you checked if this returns a negative value to
indicate an error?

On Mon, Feb 2, 2015 at 9:31 PM, Viktor Dukhovni <openssl-us...@dukhovni.org <mailto:openssl-us...@dukhovni.org>> wrote:

    On Mon, Feb 02, 2015 at 07:15:12PM +0530, Gayathri Manoj wrote:

    > unsigned char *ptr, *tmp=NULL;
    > X509_SIG sig;
    > ....

    How is "sig" initialized?

    > len=i2d_X509_SIG(sig,NULL);
    > tmp = (unsigned char*) malloc(513);

    Why 513 and not len?  What is the value of len?

    > ptr=tmp;
    > i2d_X509_SIG(&sig, &ptr);  // here causing problem.

Note to OpenSSL documentation team: The documentation for
the OpenSSL X509_SIG data type is circular at best, and
refers to PKCS#1 only by name, not by its currently
available location (one or more RFCs).   Also there are
apparently no documented functions using X509_SIG other
than to read/write/encode/decode the structure, the closest
I could find were some undocumented functions in pkcs12.h .


Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  http://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

_______________________________________________
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Reply via email to