load x509 certificate from base 64 string into X509 structure

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

load x509 certificate from base 64 string into X509 structure

Isaac B
Hi, I had to encode a X509 certificate into base 64 to be able to transfer it into an XML, now when I get the XML I need to put it back inside a X509 structure
 
the way I did it with a file was easy
 
BIO *cert = NULL;
X509 *x509 = NULL;
 
BIO_read_filename(cert, inFileC);
x509 = d2i_X509_bio(cert, null);
 
but now that I have the X509 certificate in PEM format inside a XML node I was wondering how could I load it into x509 withouth having to write a temp file.
 
Thanks in advance.
                          Isaac B


Yahoo! FareChase - Search multiple travel sites in one click.
Reply | Threaded
Open this post in threaded view
|

Re: load x509 certificate from base 64 string into X509 structure

Raj Singh-5

extern X509 *mem2x509_pem(char *cert)

    {
 X509 *x509= NULL;
 BIO *bio = NULL;
 int len = -1;

 bio = BIO_new(BIO_s_mem());
 if (!bio)
  goto end;
 len = BIO_write(bio, cert, strlen(cert));
 if (len == -1)
   goto end; 
 x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL);
 
 if(!x509)
    goto end;
end:
 if(bio) BIO_free(bio);
   
 return x509;
}


On 11/16/05, Isaac B <[hidden email]> wrote:
Hi, I had to encode a X509 certificate into base 64 to be able to transfer it into an XML, now when I get the XML I need to put it back inside a X509 structure
 
the way I did it with a file was easy
 
BIO *cert = NULL;
X509 *x509 = NULL;
 
BIO_read_filename(cert, inFileC);
x509 = d2i_X509_bio(cert, null);
 
but now that I have the X509 certificate in PEM format inside a XML node I was wondering how could I load it into x509 withouth having to write a temp file.
 
Thanks in advance.
                          Isaac B


<a onclick="return top.js.OpenExtLink(window,event,this)" href="http://us.lrd.yahoo.com/_ylc=X3oDMTFqODRtdXQ4BF9TAzMyOTc1MDIEX3MDOTY2ODgxNjkEcG9zAzEEc2VjA21haWwtZm9vdGVyBHNsawNmYw--/SIG=110oav78o/**http%3a//farechase.yahoo.com/" target="_blank"> Yahoo! FareChase - Search multiple travel sites in one click.


Reply | Threaded
Open this post in threaded view
|

Re: load x509 certificate from base 64 string into X509 structure

Dr. Stephen Henson
On Thu, Dec 01, 2005, Rajeshwar Singh Jenwar wrote:

> extern X509 *mem2x509_pem(char *cert)
>
>     {
>  X509 *x509= NULL;
>  BIO *bio = NULL;
>  int len = -1;
>  bio = BIO_new(BIO_s_mem());
>  if (!bio)
>   goto end;
>  len = BIO_write(bio, cert, strlen(cert));
>  if (len == -1)
>    goto end;
>  x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL);
>
>  if(!x509)
>     goto end;
> end:
>  if(bio) BIO_free(bio);
>
>  return x509;
> }
>

Its easier and more efficient to create the memory BIO with:

bio = BIO_new_mem_buf(cert, -1);

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: load x509 certificate from base 64 string into X509 structure

Frédéric Donnat-2
In reply to this post by Isaac B
Hi,

I think you could use the i2d_X509_bio and d2i_X509_bio function that help using BIO and X509 struture.

from openssl/x509.h

#define d2i_X509_bio(bp,x509) (X509 *)ASN1_d2i_bio((char *(*)())X509_new, \
                (char *(*)())d2i_X509, (bp),(unsigned char **)(x509))
#define i2d_X509_bio(bp,x509) ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509)

hope it could help

Fred

-----Original Message-----
From: Dr. Stephen Henson [mailto:[hidden email]]
Sent: Thu 12/1/2005 3:01 PM
To: [hidden email]
Cc:
Subject: Re: load x509 certificate from base 64 string into X509 structure
On Thu, Dec 01, 2005, Rajeshwar Singh Jenwar wrote:

> extern X509 *mem2x509_pem(char *cert)
>
>     {
>  X509 *x509= NULL;
>  BIO *bio = NULL;
>  int len = -1;
>  bio = BIO_new(BIO_s_mem());
>  if (!bio)
>   goto end;
>  len = BIO_write(bio, cert, strlen(cert));
>  if (len == -1)
>    goto end;
>  x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL);
>
>  if(!x509)
>     goto end;
> end:
>  if(bio) BIO_free(bio);
>
>  return x509;
> }
>

Its easier and more efficient to create the memory BIO with:

bio = BIO_new_mem_buf(cert, -1);

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]



______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: load x509 certificate from base 64 string into X509 structure

Raj Singh-5
Hi Fred,
 
These functions i2d_X509_bio and d2i_X509_bio are used for X509 cerificates in DER format.
But the requirement was to read X509 cert in PEM format from memory.
 
Hi Steve,
I got ur point bio = BIO_new_mem_buf(cert, -1);
will be more efficient becuase it avoid BIO_write by just assinging memory pointer to BIO.
 
Thanks,
RSJ
 
On 12/2/05, Frédéric Donnat <[hidden email]> wrote:
Hi,

I think you could use the i2d_X509_bio and d2i_X509_bio function that help using BIO and X509 struture.

from openssl/x509.h

#define d2i_X509_bio(bp,x509) (X509 *)ASN1_d2i_bio((char *(*)())X509_new, \
               (char *(*)())d2i_X509, (bp),(unsigned char **)(x509))
#define i2d_X509_bio(bp,x509) ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509)

hope it could help

Fred

-----Original Message-----
From:   Dr. Stephen Henson [mailto:[hidden email]]
Sent:   Thu 12/1/2005 3:01 PM
To:     [hidden email]
Cc:
Subject:        Re: load x509 certificate from base 64 string into X509 structure
On Thu, Dec 01, 2005, Rajeshwar Singh Jenwar wrote:

> extern X509 *mem2x509_pem(char *cert)
>
>     {
>  X509 *x509= NULL;
>  BIO *bio = NULL;
>  int len = -1;
>  bio = BIO_new(BIO_s_mem());
>  if (!bio)
>   goto end;
>  len = BIO_write(bio, cert, strlen(cert));
>  if (len == -1)
>    goto end;
>  x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL);
>
>  if(!x509)
>     goto end;
> end:
>  if(bio) BIO_free(bio);
>
>  return x509;
> }
>

Its easier and more efficient to create the memory BIO with:

bio = BIO_new_mem_buf(cert, -1);

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]



______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]