Results 1 to 7 of 7

Thread: Need help with openssl programming..

  1. #1

    Default Need help with openssl programming..

    Hello guys...I am writing a test application to verify a certificate using openssl functions..In that,I need a module to successfully read a "pem" encoded certificate.I'm using PEM_read function for that..I wrote 2 kinds of modules(with & without using BIO)..
    Here they go...

    Note that I'm giving a ".pem" as an input from command line("argv[1]")

    HTML Code:
    #include<stdio.h> 
    #include <string.h> 
    #include <openssl/crypto.h> 
    #include <openssl/err.h> 
    #include <openssl/bio.h> 
    #include <openssl/evp.h> 
    #include <openssl/objects.h> 
    #include <openssl/x509.h> 
    #include <openssl/pem.h> 
    int main( int argc,char *argv[]) 
    { 
        FILE *fp; 
        X509 *x=X509_new(); 
    if(x==NULL) 
    printf("error\n"); 
    
    fp=fopen(argv[1],"r"); 
    PEM_read_X509(fp,&x,NULL,NULL); 
    if(PEM_read_X509(fp,&x,NULL,NULL)==NULL) 
    printf("error reading \n"); 
    else 
    printf("reading success\n"); 
    fclose(fp); 
    X509_free(x); 
    return(0); 
    } 
    The problem is PEM_read_X509 is always returnng NULL..SO reading fails..

    Here is the second one..

    HTML Code:
    do 
       { 
           X509 *x509Cert    /*=X509_new();  result is same even if this statement is X509 *x509Cert = X509_new(); */ 
           BIO *cert; 
           if ((cert=BIO_new(BIO_s_file())) == NULL) 
            { 
                printf("Error Initializing BIO pointer"); 
                break; 
            } 
    
           if (BIO_read_filename(cert,argv[1]) <= 0) 
           { 
                printf("Error opening file\n"); 
                break; 
           } 
    
            if (PEM_read_bio_X509(cert,&x509Cert,NULL,NULL)!=NULL) 
            { 
                     printf("\nReading from file success!\n"); 
            } 
    
        }while(0);
    Reading fails in this too Please help me in this issue..Thanks in advance..

  2. #2
    Join Date
    Jun 2008
    Location
    UTC+10
    Posts
    9,683
    Blog Entries
    4

    Default Re: Need help with openssl programming..

    What is the prototype for PEM_read_X509()? Because you have these lines:

    Code:
    X509 *x=X509_new(); 
    
    PEM_read_X509(fp,&x,NULL,NULL);
    Now, I'm guessing that the second argument to PEM_read_X509 is supposed to be an *X509. But you pass the address of x so you are passing a **X509. You can only be sure by looking at the specification for this function.

    If you compile with -Wall, you can get warnings about type mismatches. Don't ignore type mismatch warnings, they could be the problem.

  3. #3

    Default Re: Need help with openssl programming..

    Hi..Thanks for the reply..I've checked the documentation online..As you said, the second argument i passed is **X509(this should be passed as per documentation).And the return type of PEM_read is *X509..where the problem lies..it returns NULL..I tried very hard to figure it out but, couldn't ;(...

  4. #4
    Join Date
    Jun 2008
    Location
    UTC+10
    Posts
    9,683
    Blog Entries
    4

    Default Re: Need help with openssl programming..

    According to the documentation:

    The PEM read functions all take an argument TYPE **x and return a TYPE * pointer. Where TYPE is whatever structure the function uses. If x is NULL then the parameter is ignored. If x is not NULL but *x is NULL then the structure returned will be written to *x. If neither x nor *x is NULL then an attempt is made to reuse the structure at *x (but see BUGS and EXAMPLES sections). Irrespective of the value of x a pointer to the structure is always returned (or NULL if an error occurred).
    This suggests that you can simply pass in 0 for that argument and it will allocate a structure, read the cert into it, and return a pointer to it. As it is, you are asking it to reuse the cert in the space allocated by X509_new and this contains garbage.

    There are quite a few hits on PEM_read_X509 by people who encountered the same problem. Might be worth reading through them.

  5. #5

    Smile Re: Need help with openssl programming..

    Thank you so much for helping me out As you expected problem is because of initializing with garbage X509_new() ..when I initialized *X509 with NULL, and PEM_read(fp,NULL,NULL,NULL) is returning successful *X509..thanks again..

  6. #6
    Join Date
    Jun 2008
    Location
    UTC+10
    Posts
    9,683
    Blog Entries
    4

    Default Re: Need help with openssl programming..

    I suspect it's a little bit more complicated than that. I noticed that you called PEM_read_X509 twice, but you totally ignored the result of the first call. That first call probably succeeded and initialised the memory area which ruined it for the second call, where it tried to reuse the memory area. Only you can explain why you thought you need to call the function twice.

  7. #7

    Default Re: Need help with openssl programming..

    Yes i forgot to mention it in my earlier post that I've modified that part...I ve got a *X509 and used it to compare it with null..I am not calling the function again..so that part goes as
    if(x==NULL)
    //error


    thank you..

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •