[openssl-users] Error code 554184855 on PKCS7_sign_add_signer?

2016-12-18 Thread Anibal F. Martinez Cortina 
Hello everyone, I've been reading smime.c and trying to work my way up from
a command that does work.
However, I've reached this stage, and I get an error code I don-t know how
to diagnose.
The source is this(BEWARE: very little error handling, this is just a first
informed attempt at the problem):

X509 * certificado = NULL;

FILE * archivoCertificado = NULL;

archivoCertificado = fopen("cert.crt","rb");

if (!archivoCertificado) {

qDebug() << "Fallo abrir el archivo del certificado";

return;

}

PEM_read_X509(archivoCertificado,,NULL,NULL);

if (!certificado) {

qDebug() << "Fallo al generar la estructura X509";

return;

}

FILE* archivoLlave = NULL;

archivoLlave = fopen("key.key","rb");

EVP_PKEY * llave;

PEM_read_PrivateKey(archivoLlave,,NULL,NULL);

if (!llave) {

qDebug() << "Fallo la lectura de la llave";

return;

}

BIO * datos = NULL;

FILE * fDatos = NULL;

fDatos = fopen("Prueba.xml","rb");

if (!fDatos) {

qDebug() << "Fallo la apertura del archivo de prueba.";

return;

}

datos = BIO_new_fp(fDatos,NULL);

if (!datos) {

qDebug() << "Error al leer el archivo de prueba.xml";

return;

}

PKCS7 *estructura = NULL;

if (!PKCS7_sign_add_signer(estructura,certificado,llave,NULL,0)) {

qDebug() << "PKCS7_sign_add_signer fallo:" << ERR_get_error();

return;

}

estructura = PKCS7_sign(certificado,llave,NULL,datos,PKCS7_TEXT);

if (!estructura) {

qDebug() << "Fallo la creacion de la estructura.";

return;

}


Failure comes at PKCS7_sign_add_signer..
Sorry for the main language used in the code, let me know if its of best
practices to keep it to english or if it wouldn't be a real issue for the
time being.

Kind regards,
Anibal.-
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Signing an XML file

2016-12-14 Thread Anibal F. Martinez Cortina 
2016-12-14 11:17 GMT-03:00 Thomas J. Hruska 
:

> On 12/14/2016 3:28 AM, Dr. Stephen Henson wrote:
>
>> On Wed, Dec 14, 2016, Salz, Rich wrote:
>>
>> Is there some equivalent to PHP's openssl_sign_pkcs7 function for C/C++
 users?

>>>
>>> Look at the apps/pkcs7.c file as a starting point.  Get the command line
>>> doing what you want, and then work through the code to pull out only the
>>> bits you need.
>>>
>>>
>> Actually smime.c is the utility you want for PKCS#7. Alternatively cms.c
>> if
>> you want CMS (the successor to PKCS#7).
>>
>> Those though are general purpose utilities which do all sorts of things
>> which
>> most appications don't care about. There are some demos in demos/smime and
>> demos/cms which are much simpler.
>>
>
> PHP is open source software written in C.
>
> A quick lookup in PHP's git repository (it's source code) turns up:
>
> http://git.php.net/?p=php-src.git;a=blob;f=ext/openssl/opens
> sl.c;h=a4b302bd303579d8f3eb62abdd9f312d3fba264d;hb=HEAD#l5148
>
> Now the OP has a model to follow for writing a similar wrapper function
> for their project.
>
>
> I've found that when people mention a specific language (in this case,
> PHP), they are infatuated with the language but have never bothered to
> crack open that language's source code to dig into how the language
> actually works.  To some extent, they view the language as magical.  And to
> some other extent, they irrationally fear looking at the source code of the
> language.  Now is the perfect opportunity for the OP to start learning how
> one of their favorite languages operates behind the scenes with the goal of
> porting a single function that they are interested in. This approach solves
> multiple core developer problems at the same time.
>
> --
> Thomas Hruska
> Shining Light Productions
>
> Home of BMP2AVI and Win32 OpenSSL.
> http://www.slproweb.com/
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>

As a matter of facts, you're indeed right. I was daunted by the idea of
going through PHP's source myself..
Thanks for the pointers, guys.
I'll report back as soon as I get some progress.

Kind regards,
Anibal.-
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Signing an XML file

2016-12-13 Thread Anibal F. Martinez Cortina 
2016-12-13 22:54 GMT-03:00 Salz, Rich :

> > Is there some equivalent to PHP's openssl_sign_pkcs7 function for C/C++
> users?
>
> Look at the apps/pkcs7.c file as a starting point.  Get the command line
> doing what you want, and then work through the code to pull out only the
> bits you need.
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>

Got it, after some more reading, I've managed to pull:
A Valid X509 structure with the PEM file.
A Valid EVP_PKEY structure with the KEY file.
Created a BIO with BIO_new(BIO_s_mem()) and used BIO_read_filename with it.

Now I get to the part where I need to call PKCS7_sign() right?
If so, I'm missing something, because:
PKCS7_sign(cert,key,NULL,fileBIO,NULL) produces NULL as a result.

Any hints?
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] Signing an XML file

2016-12-13 Thread Anibal F. Martinez Cortina 
Hello everyone, I'm trying to sign an XML file, need to do so with pkcs#7.
Is there some equivalent to PHP's openssl_sign_pkcs7 function for C/C++
users?
In particular, I'm using Qt as framework, but have also got OpenSSL libs
and headers installed.
The target platform is Microsoft Windows (x32)

Kind regards,
Anibal.-
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users