Dr S N Henson wrote:
>
> > size = i2d_PublicKey(pub, NULL);
> > pu = (unsigned char*)malloc((size+1) * sizeof(unsigned char));
> > i2d_PublicKey(pub, &pu);
>
> This is one problem: your use of i2d_PublicKey() is wrong. After this
> call 'pu' will actually point to garbage. Check the FAQ for the correct
> way to do this.
[....]
Thanks for you answer ,
I thought I had fixed my error thanks to the tip above given,
but less changed.
In the source code below I try to make 3 times the same operation.
3 different values are given as the result of the SHA1.
I'm usign openssl 0.9.5.a under linux.
Other results(different) are obtained if the code is compiled with c++
compiler.
I hope you can help me.
#include <openssl/pkcs12.h>
#include <openssl/evp.h>
#include <openssl/asn1.h>
#include <stdio.h>
#include <stdlib.h>
int main(int argc,char **argv)
{
X509 *cert;
X509 *cert1;
X509 *cert2;
EVP_PKEY *pub;
EVP_PKEY *pub1;
EVP_PKEY *pub2;
EVP_PKEY *pri;
EVP_PKEY *pri1;
EVP_PKEY *pri2;
EVP_MD_CTX mdctx;
EVP_MD_CTX mdctx1;
EVP_MD_CTX mdctx2;
unsigned char *pu,*p;
unsigned char *pu1,*p1;
unsigned char *pu2,*p2;
unsigned char dg[EVP_MAX_MD_SIZE];
unsigned char dg1[EVP_MAX_MD_SIZE];
unsigned char dg2[EVP_MAX_MD_SIZE];
const EVP_MD *md;
const EVP_MD *md1;
const EVP_MD *md2;
unsigned int mdLen,mdLen1,mdLen2;
int size,size1,size2;
char pass[50];
int l;
FILE *f;
FILE *fp;
FILE *Fp;
PKCS12 *p12,*pk12,*pkc12;
if (argc != 2)
{
printf("Usage test <filename.p12>\n");
exit(-1);
}
OpenSSL_add_all_algorithms();
OpenSSL_add_all_digests();
if ((f = fopen(argv[1], "r")) == NULL ){
perror ("Errore apertura file");
exit(-1);
}
if ((fp = fopen(argv[1], "r")) == NULL ){
perror ("Errore apertura file");
exit(-1);
}
if ((Fp = fopen(argv[1], "r")) == NULL ){
perror ("Errore apertura file");
exit(-1);
}
p12 = d2i_PKCS12_fp(f, NULL);
pk12 = d2i_PKCS12_fp(fp, NULL);
pkc12 = d2i_PKCS12_fp(Fp,NULL);
fclose(f);
fclose(fp);
fclose(Fp);
EVP_read_pw_string(pass, 50, "Password to import certificate: ",
0);
if (!PKCS12_parse(p12,pass , &pri, &cert,NULL)){
perror("Erorre");
exit(-1);
}
if (!PKCS12_parse(pk12, pass, &pri1, &cert1, NULL)){
perror("Errore");
exit(-1);
}
if(!PKCS12_parse(pkc12,pass,&pri2,&cert2,NULL)){
perror("Errore");
exit(-1);
}
PKCS12_free(p12);
PKCS12_free(pk12);
PKCS12_free(pkc12);
pub = X509_get_pubkey(cert);
pub1 = X509_get_pubkey(cert1);
pub2 = X509_get_pubkey(cert2);
size = i2d_PublicKey(pub, NULL);
p = (unsigned char*)malloc((size+1) * sizeof(unsigned char));
pu = p;
i2d_PublicKey(pub, &pu);
md = EVP_sha1();
size1 = i2d_PublicKey(pub1, NULL);
p1 =(unsigned char*)malloc((size1+1) * sizeof(unsigned char));
pu1 = p1;
i2d_PublicKey(pub1, &pu1);
md1 = EVP_sha1();
size2 = i2d_PublicKey(pub2,NULL);
p2 = (unsigned char*)malloc((size2+1)* sizeof(unsigned char));
pu2 = p2;
i2d_PublicKey(pub, &pu2);
md2 = EVP_sha1();
EVP_DigestInit(&mdctx, md);
EVP_DigestUpdate(&mdctx, pu, size);
EVP_DigestFinal(&mdctx, dg, &mdLen);
printf("DIGEST 1 :");
for (l = 0; l < mdLen; l++)
printf("%02X", dg[l]);
printf("\n");
EVP_DigestInit(&mdctx1, md1);
EVP_DigestUpdate(&mdctx1, pu1, size1);
EVP_DigestFinal(&mdctx1, dg1, &mdLen1);
printf("DIGEST 2 :");
for (l = 0; l < mdLen1; l++)
printf("%02X", dg1[l]);
printf("\n");
EVP_DigestInit(&mdctx2, md2);
EVP_DigestUpdate(&mdctx2, pu2, size2);
EVP_DigestFinal(&mdctx2, dg2, &mdLen2);
printf("DIGEST 3 :");
for (l = 0; l < mdLen2; l++)
printf("%02X", dg2[l]);
printf("\n");
}
