Re: [c++] load X509 certificate

[GRU Samuel]

First, i have found my error ! To load the certificate, I replace the code by :         BIO *bio=BIO_new(BIO_s_file());         BIO_read_filename(bio,cert.c_str());         X509* x50=PEM_read_bio_X509(bio,NULL,0,NULL);         certX509 = new OpenSSLCryptoX509(x50); But after , i had an Exception : "OpenSSL:RSA::verify() - Error decrypting signature" I found that  in the DSIGSignature::sign method, the buffer char b64Buf[256] is too small,  my "signature" contains 310 characters, so i change it with b64Buf[512] With this code, i can sign and verify my XML document ! Samuel Gru. Berin Lautenbach a écrit : Samuel, The base64 decode looks strange indeed! How do you transform the cert to DER format? Can you send me a copy of the cert? Cheers,     Berin GRU Samuel wrote: Hi, To complete my first message, i generate my key and my certificate with OpenSSL (0.9.7c) with default options.  generation of key :  openssl genrsa -out privkey.pem 2048  generation of certificate :  openssl req -outform DER -new -x509 -key privkey.pem -out certificate.pem -days 1095 Is it Ok ? GRU Samuel a icrit : Hi, The certificate is well formed  because i can open it in windows 2000. I have this code : *    string cert="certificate.der"; **    OpenSSLCryptoX509* x509 = NULL;     if (!cert.empty())     {         x509 = new OpenSSLCryptoX509();         ifstream s(cert.c_str());         string buf;         char ch;         while ((ch=s.get())!=EOF)             buf+=ch;         x509->loadX509Base64Bin(buf.data(),buf.length());     } * I have a problem when i call the *loadX509Base64Bin *method. I have the exception *XSECCryptoException.* I doesn't work. I don't understand every thing in this method ! Can someone explain me, please ? *    EVP_ENCODE_CTX m_dctx;     EVP_DecodeInit(&m_dctx); * ----> buf contains data and len = 460 *    int rc = EVP_DecodeUpdate(&m_dctx,                           outBuf,                           &bufLen,                           (unsigned char *) buf,                           len); *  ---->  rc = 0 but  bufLen = 0 and outBuf is empty .   Is it normal ? *    if (rc < 0) {         throw XSECCryptoException(XSECCryptoException::Base64Error,             "OpenSSL:Base64 - Error during Base64 Decode of X509 Certificate");     } *  *   int finalLen;     rc = EVP_DecodeFinal(&m_dctx, &outBuf[bufLen], &finalLen);     bufLen += finalLen; *---->  finalLen = 0 so bufLen = 0 .   It isn't normal ? ----> so after, we have the exception !!! *     if (bufLen > 0) {         mp_X509=  d2i_X509(NULL, &outBuf, bufLen);     } * *    // Check to see if we have a certificate....     if (mp_X509 == NULL) {         throw XSECCryptoException(XSECCryptoException::X509Error,         "OpenSSL:X509 - Error transating Base64 DER encoding into OpenSSL X509 structure");     }* Thank you. Samuel * *