BIO_get_mem_ptr does not behave correct on AIX

2001-10-03 Thread dirk laurijssen 

Hi,

I'm decrypting a string (test12345678) found in an input-file. 
When I decrypt using two file-BIO's (in the following code-extract this means 
replacing out=BIO_new(BIO_s_mem) by out=BIO_new(BIO_s_file) and a 
BIO_write_filename(out,outf) ), then the outputfile contains the full decrypted string 
"test12345678".

When I do the same using a mem-BIO (see code below), the decrypted string returned is 
always 8 characters, and if the encrypted string is smaller then 8 characters 
nothing happens ! I must be overlooking something MEM_BUF-related, but I just don't 
see it.

Any ideas/hints on how to resolve this ?
Thanks ! & kind regards,
dirk L.

example code:
#include 
#include 
#include 
#include 
#include 
#include 
#include  

#define ATTRMAX 50
#define BUFFERSIZE 256
#define BSIZE   (8*1024)

main(argc, argv)
int  argc;
char *argv[];
{
char inf[19] = "test_encrypted.pas";
char *pw=NULL;
int ret;

ret = get_passphrase(inf,&pw);
if(ret == 0){
  fprintf(stdout,"the password is %s\n",pw);
}else{
  fprintf(stdout,"Unable to retrieve the password from file %s\n",inf);
}
}

int get_passphrase(char *inf,char **pass){
int done = 0,inl;
int bsize=BSIZE;
charcipher_name[5]="des3";
const   EVP_CIPHER *cipher=NULL;
charstr[5]  ="test";
unsigned char *buff=NULL;
BUF_MEM *bptr;
BIO *in=NULL,*benc=NULL,*out=NULL;
unsigned char key[24],iv[MD5_DIGEST_LENGTH];
   
fprintf(stdout,"Begin decrypt\n");
OpenSSL_add_all_ciphers();
cipher=EVP_get_cipherbyname(cipher_name);
if (cipher == NULL){
   fprintf(stdout,"%s is an unknown cipher\n",cipher_name);
   return 1;
}   

/*read input-filename*/
if(inf==NULL){
  fprintf(stdout,"input-filename not specified\n"); 
  return 1;
}else{
  in=BIO_new(BIO_s_file());
  if(in==NULL){
fprintf(stdout,"unable to open input-filename %s\n",inf); 
return 1;
  }else{
if (BIO_read_filename(in,inf) <= 0){
  fprintf(stdout,"1)unable to read from input-filename %s\n",inf); 
  return 1;
}else{
  out=BIO_new(BIO_s_mem());
  if(out==NULL){
fprintf(stdout,"unable to create mem-BIO\n"); 
return 1;
  }
  if((cipher!=NULL)&&(str!=NULL)){
EVP_BytesToKey(cipher,EVP_md5(),NULL, (unsigned char *)str, 
strlen(str),1,key,iv); 
/*zero the variable str*/
memset(str,0,strlen(str));

/*create the encrypt/decrypt BIO*/
if ((benc=BIO_new(BIO_f_cipher())) == NULL){
  fprintf(stdout,"unable to create decrypt-BIO \n"); 
  return 1;
}else{
  BIO_set_cipher(benc,cipher,key,iv,0); 
  
  /* decrypt on the go */
  if (benc != NULL)
out=BIO_push(benc,out);

  buff=(unsigned char *)OPENSSL_malloc(EVP_ENCODE_LENGTH(bsize));
  if (buff == NULL){
fprintf(stdout,"unable to assign buffer\n"); 
return 1;
  } 

  for (;;) {
inl=BIO_read(in,(char *)buff,bsize);
if (inl <= 0) break;
if (BIO_write(out,(char *)buff,inl) != inl){
   fprintf(stdout,"error writing output file\n");
   goto end;
}
  }
  BIO_get_mem_ptr(out, &bptr);

  fprintf(stdout,"read from out %s, length %d\n",bptr->data,bptr->length);
  *pass=strdup(bptr->data);

  if (!BIO_flush(out)) {
fprintf(stdout,"bad decrypt\n");
goto end;
  }

  end:   
  fprintf(stdout,"passphrase successfully decrypted\n");
}
  }else{
fprintf(stdout,"2)unable to read from input-filename %s\n",inf); 
return 1;
  }
}
  }
}
EVP_cleanup();

if (buff != NULL) OPENSSL_free(buff);
if (in != NULL) BIO_free(in);
if (out != NULL) BIO_free_all(out);

fprintf(stdout,"End decrypt\n");
return 0;
}

*
Dirk Laurijssen
Syntegra, creating winners in the digital economy.
+32 2 247 92 20 - Check us out at www.syntegra.be
*


__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: read X509 certificate from DER format file using d2i_X509

2001-08-22 Thread dirk laurijssen 

Ok,

I modified that,and added the OpenSSL_add_all_algorithms(), but to no avail. 
Any other hints ?

Thanks & kind regards,
dirk L.

int
validate_ssl (int ok, char *ip, char *protocol, char *subject,char *issuer, unsigned 
char *cert, int length, int depth,char **message)
{
char *cp;
char *Fname = "validate_ssl";
int i;
int len;
char *mp;
int rc;
char *status;
X509 *pem_cert;
char* name;
char* errmsg = NULL;
int ldap_err;
int version;
char* dirname;
unsigned char *p;

OpenSSL_add_all_algorithms();

rc = ok && SSLok;

/*pem_cert = X509_new();*/

if (!cert)
  fprintf(stderr, "validate_ssl: DER certificate not available\n");

/*the ASN1-parsing functions increment the pointer, so to avoid problems use a 
temporary pointer */
/*http://www.openssl.org/support/faq.html#PROG3
 */
p = cert;
pem_cert = d2i_X509(NULL, &p, length);
version = X509_get_version(pem_cert);  
fprintf(stderr, "version %d\n",version);


22/08/2001 1:36:15, Dr S N Henson <[EMAIL PROTECTED]> wrote:

>dirk laurijssen wrote:
>> 
>> Hi,
>> Altough mentioned in the faq http://www.openssl.org/support/faq.html#PROG3 , I 
>can't seem to get the DER-certificate loaded appropriately into the X509-
struct.
>> 
>[stuff deleted]
>> 
>> int
>> validate_ssl (int ok, char *ip, char *protocol, char *subject,
>> char *issuer, unsigned char *cert, int length, int depth,
>> char **message)
>> {
>> 
>> 
>>X509 *new_cert = d2i_X509(NULL, &cert, sizeof(cert));
>>version = X509_get_version(new_cert);
>> 
>> }
>
>sizeof(cert) since "cert" is of type (char *) will just give you the
>size of a pointer (typically 4) what you want is the size of the buffer
>pointed to by "cert" which might be 'length' from the prototype...
>
>Steve.
>-- 
>Dr Stephen N. Henson.   http://www.drh-consultancy.demon.co.uk/
>Personal Email: [EMAIL PROTECTED] 
>Senior crypto engineer, Celo Communications: http://www.celocom.com/
>Core developer of the   OpenSSL project: http://www.openssl.org/
>Business Email: [EMAIL PROTECTED] PGP key: via homepage.
>
>______
>OpenSSL Project http://www.openssl.org
>User Support Mailing List[EMAIL PROTECTED]
>Automated List Manager   [EMAIL PROTECTED]
>

*
Dirk Laurijssen
Syntegra, creating winners in the digital economy.
+32 2 247 92 20 - Check us out at www.syntegra.be
*


__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: NT installation

2001-07-12 Thread dirk laurijssen 

Timothy,
your compiler is visual C. and your current environment-variables don't
contain all the necessary paths.
Somewhere on your system is a script called vcvars32.bat, run it and
then recompile.

Kind regards,
dirk L.

"Timothy H. Schilbach" wrote:

> I have just tried to insall OPENSSL on my Wind2k server. We are
> running the latest version of Active PERL from Activestate. I am using
> a C++ compiler called NMAKE to compile the code as needed. Here are
> the steps I have taken and the error I get in the last step of the
> procedure: 1.  navigate to the Dir c:\temp\openssl2. perl configure
> vc-win323. ms\do_masm  - everything is okay here all has succeeded
> successfully4. nmake -f ms\ntdll.mak  - here is where things go wrong,
> below is the error I get: ERROR: nul
> .\apps\testrsa.h
> 1 file(s) copied.
> cl /Fotmp32\cryptlib.obj  -Iinc32 -Itmp32 /MD /W3 /WX /G5 /Ox
> /O2 /Ob2 /
> Gs0 /GF /Gy /nologo -DWIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN
> -DDSO_WIN32 -DWINNT
>  /Fdout32  -c .\crypto\cryptlib.c
> 'cl' is not recognized as an internal or external command,
> operable program or batch file.
> NMAKE : fatal error U1077: 'C:\WINNT\system32\cmd.exe' : return code
> '0x1'
> Stop.Anyone know why I may be getting this? I am using the latest
> distro of openssl-9.6b Any help would be greatly appreciated. Timothy
> H. Schilbach
> Alpha Omega Design Inc.
> [EMAIL PROTECTED]
> Visit our website at www.aodinc.com

--
*
Dirk Laurijssen
Syntegra, creating winners in the digital economy.
+32 2 247 92 20 - [EMAIL PROTECTED]
*


__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]