The base64 decode looks strange indeed!
How do you transform the cert to DER format?
Can you send me a copy of the cert?
Cheers,
BerinGRU Samuel wrote:
Hi,
To complete my first message, i generate my key and my certificate with OpenSSL (0.9.7c) with default options.
generation of key : openssl genrsa -out privkey.pem 2048
generation of certificate : openssl req -outform DER -new -x509 -key privkey.pem -out certificate.pem -days 1095
Is it Ok ?
GRU Samuel a écrit :
Hi,
The certificate is well formed because i can open it in windows 2000.
I have this code : * string cert="certificate.der";
** OpenSSLCryptoX509* x509 = NULL; if (!cert.empty()) { x509 = new OpenSSLCryptoX509(); ifstream s(cert.c_str()); string buf; char ch; while ((ch=s.get())!=EOF) buf+=ch; x509->loadX509Base64Bin(buf.data(),buf.length());
} * I have a problem when i call the *loadX509Base64Bin *method. I have the exception *XSECCryptoException.* I doesn't work. I don't understand every thing in this method ! Can someone explain me, please ?
* EVP_ENCODE_CTX m_dctx; EVP_DecodeInit(&m_dctx);
* ----> buf contains data and len = 460
* int rc = EVP_DecodeUpdate(&m_dctx, outBuf, &bufLen, (unsigned char *) buf, len); * ----> rc = 0 but bufLen = 0 and outBuf is empty . Is it normal ?
* if (rc < 0) {
throw XSECCryptoException(XSECCryptoException::Base64Error,
"OpenSSL:Base64 - Error during Base64 Decode of X509 Certificate");
}
*
* int finalLen;
rc = EVP_DecodeFinal(&m_dctx, &outBuf[bufLen], &finalLen);
bufLen += finalLen;
*----> finalLen = 0 so bufLen = 0 . It isn't normal ? ----> so after, we have the exception !!! * if (bufLen > 0) { mp_X509= d2i_X509(NULL, &outBuf, bufLen); } * * // Check to see if we have a certificate.... if (mp_X509 == NULL) {
throw XSECCryptoException(XSECCryptoException::X509Error,
"OpenSSL:X509 - Error transating Base64 DER encoding into OpenSSL X509 structure");
}*
Thank you.
Samuel
*
*
