On 03/02/2015 06:26, Gayathri Manoj wrote:
Hi Steve, Viktor,
I have tried with len also, But this also causing seg fault.
my requiremnt is to store max 2048 bit keys. Hence I used length as
512 +1.
currently i ma getting len value = 28514.
X509_SIG sig;
X509_ALGOR algor;
ASN1_OCTET_STRING digest;
ASN1_TYPE parameter;
ASN1_item_digest() // to get digest details
sig.algor = &algor;
sig.algor->algorithm=OBJ_nid2obj(NID_md5);
There is the problem! FIPS does not allow use of MD5,
probably never has. Have you checked if thisreturned
NULL to indicate an error finding the MD5 OID?
parameter.type=V_ASN1_NULL;
parameter.value.ptr=NULL;
sig.algor->parameter = ¶meter;
sig.digest = &digest;
sig.digest->data=(unsigned char*)msg;
sig.digest->length=datalen;
len = i2d_X509_SIG(&sig,NULL);
Have you checked if this returns a negative value to
indicate an error?
On Mon, Feb 2, 2015 at 9:31 PM, Viktor Dukhovni
<openssl-us...@dukhovni.org <mailto:openssl-us...@dukhovni.org>> wrote:
On Mon, Feb 02, 2015 at 07:15:12PM +0530, Gayathri Manoj wrote:
> unsigned char *ptr, *tmp=NULL;
> X509_SIG sig;
> ....
How is "sig" initialized?
> len=i2d_X509_SIG(sig,NULL);
> tmp = (unsigned char*) malloc(513);
Why 513 and not len? What is the value of len?
> ptr=tmp;
> i2d_X509_SIG(&sig, &ptr); // here causing problem.
Note to OpenSSL documentation team: The documentation for
the OpenSSL X509_SIG data type is circular at best, and
refers to PKCS#1 only by name, not by its currently
available location (one or more RFCs). Also there are
apparently no documented functions using X509_SIG other
than to read/write/encode/decode the structure, the closest
I could find were some undocumented functions in pkcs12.h .
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
_______________________________________________
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users