Re: bug in PKCS7_free ?
On Thu, Jul 28, 2005, Nils Larsch wrote: > Tan Eng Ten wrote: > >This is another example of the problem I highlighted a few days ago. You > >need to be very careful with which getter methods return a new instance > >(or inc the ref count), and which ones do not. > > > >Definitely not a bug but a matter of consistency. > > it's certainly a bug but it might be caused by a not so > optimal docu and naming scheme. A better name for this > function would be PKCS7_get0_cert_from_signer_info ... > Or instead of using undocumented internal structures and functions use the documented PKCS7_get0_signers(). Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: bug in PKCS7_free ?
Tan Eng Ten wrote: This is another example of the problem I highlighted a few days ago. You need to be very careful with which getter methods return a new instance (or inc the ref count), and which ones do not. Definitely not a bug but a matter of consistency. it's certainly a bug but it might be caused by a not so optimal docu and naming scheme. A better name for this function would be PKCS7_get0_cert_from_signer_info ... Nils __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: bug in PKCS7_free ?
This is another example of the problem I highlighted a few days ago. You need to be very careful with which getter methods return a new instance (or inc the ref count), and which ones do not. Definitely not a bug but a matter of consistency. Nils Larsch wrote: Alexandre Belloni wrote: Hi, I'm trying to build a PKCS7 envelopped data (encrypted) but when I'm done withe the PKCS7 structure and I try to free it (calling PKCS7_free) I keep getting an "access violation accessing 0xfeeefef6". I'm using openssl 0.9.8 under windows XP (win32). Code is attached. ... cert = PKCS7_cert_from_signer_info(p7, si); if (cert == NULL) { ret = -1; goto err; } ... if (cert != NULL) X509_free(cert); if (p7 != NULL) PKCS7_free(p7); this doesn't work as PKCS7_cert_from_signer_info doesn't increase the reference counter and hence you free the cert twice ... Nils __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: bug in PKCS7_free ?
Alexandre Belloni wrote: Hi, I'm trying to build a PKCS7 envelopped data (encrypted) but when I'm done withe the PKCS7 structure and I try to free it (calling PKCS7_free) I keep getting an "access violation accessing 0xfeeefef6". I'm using openssl 0.9.8 under windows XP (win32). Code is attached. ... cert = PKCS7_cert_from_signer_info(p7, si); if (cert == NULL) { ret = -1; goto err; } ... if (cert != NULL) X509_free(cert); if (p7 != NULL) PKCS7_free(p7); this doesn't work as PKCS7_cert_from_signer_info doesn't increase the reference counter and hence you free the cert twice ... Nils __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: bug in PKCS7_free ?
Dr. Stephen Henson wrote: Any reason you can't use PKCS7_encrypt() instead? Unfortunately, I got the same result using PKCS7_encrypt(). -- Alexandre Belloni __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: bug in PKCS7_free ?
On Wed, Jul 27, 2005, Alexandre Belloni wrote: > Hi, > > I'm trying to build a PKCS7 envelopped data (encrypted) but when I'm > done withe the PKCS7 structure and I try to free it (calling PKCS7_free) > I keep getting an "access violation accessing 0xfeeefef6". > > I'm using openssl 0.9.8 under windows XP (win32). > > Code is attached. > Any reason you can't use PKCS7_encrypt() instead? Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
bug in PKCS7_free ?
Hi, I'm trying to build a PKCS7 envelopped data (encrypted) but when I'm done withe the PKCS7 structure and I try to free it (calling PKCS7_free) I keep getting an "access violation accessing 0xfeeefef6". I'm using openssl 0.9.8 under windows XP (win32). Code is attached. -- Alexandre Belloni #include #include #include #include #include #include #include #include #include #include int main(void) { PKCS7 *p7 = NULL; PKCS7_SIGNER_INFO *si = NULL; X509*cert = NULL; PKCS7 *p7c= NULL; BIO *p7bio = NULL; BIO *in = NULL; BIO *out= NULL; int ret; int len = 0; unsigned char *p7_der = NULL; char data[] = "123456789"; STACK_OF(PKCS7_SIGNER_INFO) *sk; in = BIO_new(BIO_s_file()); if (in == NULL) { ret = -1; goto err; } if (BIO_read_filename(in,"p7pem") <= 0) { ret = -1; goto err; } p7 = PEM_read_bio_PKCS7(in,NULL,NULL,NULL); if (p7 == NULL) { ret = -1; goto err; } sk = PKCS7_get_signer_info(p7); if (sk == NULL) { ret = -1; goto err; } si = sk_PKCS7_SIGNER_INFO_value(sk, 0); if (si == NULL) { ret = -1; goto err; } cert = PKCS7_cert_from_signer_info(p7, si); if (cert == NULL) { ret = -1; goto err; } p7c = PKCS7_new(); if(p7c == NULL) { ret = -1; goto err; } PKCS7_set_type(p7c, NID_pkcs7_enveloped); if(!PKCS7_set_cipher(p7c, EVP_des_ede3_cbc())) { ret = -1; goto err; } if(!PKCS7_add_recipient(p7c, cert)) { ret = -1; goto err; } p7bio = PKCS7_dataInit(p7c, NULL); if(p7bio == NULL) { ret = -1; goto err; } BIO_write(p7bio, data, sizeof(data)); BIO_flush(p7bio); if (!PKCS7_dataFinal(p7c, p7bio)) { ret = -1; goto err; } out = BIO_new(BIO_s_file()); if (out == NULL) { ret = -1; goto err; } if (BIO_write_filename(out, "p7enc") <= 0) { ret = -1; goto err; } PEM_write_bio_PKCS7(out,p7c); ret = 0; err: if (in != NULL) BIO_free_all(in); if (out != NULL) BIO_free_all(out); if (p7bio != NULL) BIO_free_all(p7bio); if (cert != NULL) X509_free(cert); if (p7 != NULL) PKCS7_free(p7); if (p7c != NULL) PKCS7_free(p7c); return ret; }