Re: bug in PKCS7_free ?
On Thu, Jul 28, 2005, Nils Larsch wrote: > Tan Eng Ten wrote: > >This is another example of the problem I highlighted a few days ago. You > >need to be very careful with which getter methods return a new instance > >(or inc the ref count), and which ones do not. > > > >Definitely not a bug but a matter of consistency. > > it's certainly a bug but it might be caused by a not so > optimal docu and naming scheme. A better name for this > function would be PKCS7_get0_cert_from_signer_info ... > Or instead of using undocumented internal structures and functions use the documented PKCS7_get0_signers(). Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: bug in PKCS7_free ?
Tan Eng Ten wrote: This is another example of the problem I highlighted a few days ago. You need to be very careful with which getter methods return a new instance (or inc the ref count), and which ones do not. Definitely not a bug but a matter of consistency. it's certainly a bug but it might be caused by a not so optimal docu and naming scheme. A better name for this function would be PKCS7_get0_cert_from_signer_info ... Nils __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: bug in PKCS7_free ?
This is another example of the problem I highlighted a few days ago. You
need to be very careful with which getter methods return a new instance
(or inc the ref count), and which ones do not.
Definitely not a bug but a matter of consistency.
Nils Larsch wrote:
Alexandre Belloni wrote:
Hi,
I'm trying to build a PKCS7 envelopped data (encrypted) but when I'm
done withe the PKCS7 structure and I try to free it (calling
PKCS7_free) I keep getting an "access violation accessing 0xfeeefef6".
I'm using openssl 0.9.8 under windows XP (win32).
Code is attached.
...
cert = PKCS7_cert_from_signer_info(p7, si);
if (cert == NULL)
{
ret = -1;
goto err;
}
...
if (cert != NULL)
X509_free(cert);
if (p7 != NULL)
PKCS7_free(p7);
this doesn't work as PKCS7_cert_from_signer_info doesn't
increase the reference counter and hence you free the cert
twice ...
Nils
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
Re: bug in PKCS7_free ?
Alexandre Belloni wrote:
Hi,
I'm trying to build a PKCS7 envelopped data (encrypted) but when I'm
done withe the PKCS7 structure and I try to free it (calling PKCS7_free)
I keep getting an "access violation accessing 0xfeeefef6".
I'm using openssl 0.9.8 under windows XP (win32).
Code is attached.
...
cert = PKCS7_cert_from_signer_info(p7, si);
if (cert == NULL)
{
ret = -1;
goto err;
}
...
if (cert != NULL)
X509_free(cert);
if (p7 != NULL)
PKCS7_free(p7);
this doesn't work as PKCS7_cert_from_signer_info doesn't
increase the reference counter and hence you free the cert
twice ...
Nils
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
Re: bug in PKCS7_free ?
Dr. Stephen Henson wrote: Any reason you can't use PKCS7_encrypt() instead? Unfortunately, I got the same result using PKCS7_encrypt(). -- Alexandre Belloni __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: bug in PKCS7_free ?
On Wed, Jul 27, 2005, Alexandre Belloni wrote: > Hi, > > I'm trying to build a PKCS7 envelopped data (encrypted) but when I'm > done withe the PKCS7 structure and I try to free it (calling PKCS7_free) > I keep getting an "access violation accessing 0xfeeefef6". > > I'm using openssl 0.9.8 under windows XP (win32). > > Code is attached. > Any reason you can't use PKCS7_encrypt() instead? Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
bug in PKCS7_free ?
Hi,
I'm trying to build a PKCS7 envelopped data (encrypted) but when I'm
done withe the PKCS7 structure and I try to free it (calling PKCS7_free)
I keep getting an "access violation accessing 0xfeeefef6".
I'm using openssl 0.9.8 under windows XP (win32).
Code is attached.
--
Alexandre Belloni
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
int main(void)
{
PKCS7 *p7 = NULL;
PKCS7_SIGNER_INFO *si = NULL;
X509*cert = NULL;
PKCS7 *p7c= NULL;
BIO *p7bio = NULL;
BIO *in = NULL;
BIO *out= NULL;
int ret;
int len = 0;
unsigned char *p7_der = NULL;
char data[] = "123456789";
STACK_OF(PKCS7_SIGNER_INFO) *sk;
in = BIO_new(BIO_s_file());
if (in == NULL)
{
ret = -1;
goto err;
}
if (BIO_read_filename(in,"p7pem") <= 0)
{
ret = -1;
goto err;
}
p7 = PEM_read_bio_PKCS7(in,NULL,NULL,NULL);
if (p7 == NULL)
{
ret = -1;
goto err;
}
sk = PKCS7_get_signer_info(p7);
if (sk == NULL)
{
ret = -1;
goto err;
}
si = sk_PKCS7_SIGNER_INFO_value(sk, 0);
if (si == NULL)
{
ret = -1;
goto err;
}
cert = PKCS7_cert_from_signer_info(p7, si);
if (cert == NULL)
{
ret = -1;
goto err;
}
p7c = PKCS7_new();
if(p7c == NULL) {
ret = -1;
goto err;
}
PKCS7_set_type(p7c, NID_pkcs7_enveloped);
if(!PKCS7_set_cipher(p7c, EVP_des_ede3_cbc())) {
ret = -1;
goto err;
}
if(!PKCS7_add_recipient(p7c, cert)) {
ret = -1;
goto err;
}
p7bio = PKCS7_dataInit(p7c, NULL);
if(p7bio == NULL) {
ret = -1;
goto err;
}
BIO_write(p7bio, data, sizeof(data));
BIO_flush(p7bio);
if (!PKCS7_dataFinal(p7c, p7bio)) {
ret = -1;
goto err;
}
out = BIO_new(BIO_s_file());
if (out == NULL)
{
ret = -1;
goto err;
}
if (BIO_write_filename(out, "p7enc") <= 0)
{
ret = -1;
goto err;
}
PEM_write_bio_PKCS7(out,p7c);
ret = 0;
err:
if (in != NULL)
BIO_free_all(in);
if (out != NULL)
BIO_free_all(out);
if (p7bio != NULL)
BIO_free_all(p7bio);
if (cert != NULL)
X509_free(cert);
if (p7 != NULL)
PKCS7_free(p7);
if (p7c != NULL)
PKCS7_free(p7c);
return ret;
}
