X509_set_issuer_name() problem

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

X509_set_issuer_name() problem

Tom Reader
Hello,

I am trying to write some code to sign a request, and save the resulting
certificate.  I am having a number of problems, but have "distilled" this
down to the sample code shown below.

I have tried loading an existing request (as in the code below), as well as
creating a request in memory - in both cases, I have the same problem,
which is that it "segmentation faults" during the X509_set_issuer_name()
function.

This code is deliberately trivial, with many debugging statements, to try
and show the problem I'm having in its simplest form.

I know the openssl command line 'req' option can perform this task, and
I've been looking at the code in req.c to try to see what I'm doing
wrong.  No doubt it's something trivial, or I've completely misunderstood
what I should be doing!

Can anyone help, please?  To reiterate, the program segmentation faults
during X509_set_issuer_name() :

#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/rand.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#include <openssl/objects.h>
#include <openssl/pem.h>

int main(void) {
     BIO *reqfile;
     X509 *x509ss;
     X509_REQ *req;
     X509_NAME *subject;

     SSL_library_init();
     SSL_load_error_strings();

     printf("Initialising and loading request.\n");
     reqfile = BIO_new(BIO_s_file());

     if (!BIO_read_filename(reqfile, "test.csr")) {
         printf("Failed to open test.csr.\n");
         return(-1);
         }

     req = PEM_read_bio_X509_REQ(reqfile, NULL, NULL, NULL);
     if (req == NULL) {
         printf("Failed to load req.\n");
         return(-1);
         }

     printf("Getting subject from request.\n");
     subject = X509_REQ_get_subject_name(req);
     if (subject == NULL) {
         printf("Failed to get subject from req.\n");
         return(-1);
         }

     printf("Setting up new X509 object.\n");
     x509ss = X509_new();

     if (x509ss == NULL) {
         printf("Failed to create new X509.\n");
         return(-1);
         }

     if (!X509_set_version(x509ss, 2)) {
         printf("Failed to set X509 obj to V3.\n");
         return(-1);
         }

     printf("Setting up issuer name.\n");
     if (!X509_set_issuer_name(x509ss,
                               subject)) {
         printf("Failed to set issuer name.\n");
         return(-1);
         }

     printf("Issuer name set.\n");

     // Further code to set X509 details, and write the certificate
     // goes here, when the above works!

     return(0);
     }


Thanks in advance.
Tom

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]