Thanks to Eric I found the problem. It was a simple programming error.
While I had malloced correctly to include a exta byte, I was storing
the null character in the string array incorrectly. I was doing
cert_data[bio_store_bytes +1] = '\0';
instead of cert_data[bio_store_bytes] = '\0';
Thanks for the help :-)
--Smith
On Wed, 08 Sep 2004 13:29:36 -0700, Eric Meyer <[EMAIL PROTECTED]> wrote:
> I thought I'd address you directly, instead of the alias...
>
> I am working on an application which does a similar operation. I tried
> to duplicate your problem, but was unable. The only real difference is
> that I find the length via: bio_store_bytes = BIO_get_mem_date (... )
> instead of BIO_pending, but a quick test proved that these two
> functions are returning the same number. While testing this, I compared
> the character count (via wc) of the returned data to the PEM returned,
> to see if they were equal. Have you verified that the count in
> bio_store_bytes is equal to the amount of data to the end of -----END
> CERTIFICATE-----? Does the count include garbage characters which you
> are seeing?
>
> Eric
>
>
>
> On Sep 7, 2004, at 4:02 PM, Smith Baylor wrote:
>
> > This is the progam snippet:
> >
> > BIO *mbio;
> > int bio_store_bytes;
> > unsigned char *cert_data, *cert_data_ptr;
> > unsigned char *cert_data_tmp;
> >
> > //create a read/write BIO
> > mbio = BIO_new(BIO_s_mem());
> >
> > //Assume x is of X509 type and is a result of X509_sign
> > PEM_write_bio_X509(mbio, x);
> > BIO_flush(mbio);
> >
> > bio_store_bytes = BIO_pending(mbio);
> > BIO_get_mem_data(mbio, (unsigned char *)&cert_data_tmp);
> > cert_data_ptr =
> > (unsigned char *) OPENSSL_malloc(bio_store_bytes + 1); /* for \0 */
> > if (cert_data_ptr != NULL) {
> > cert_data = cert_data_ptr;
> > strncpy(cert_data, cert_data_tmp, bio_store_bytes);
> > for (i = (bio_store_bytes);
> > i == strlen(cert_data_tmp);
> > i++) {
> > cert_data[i] = '\0';
> > }
> > }
> > BIO_free_all(mbio);
> >
> > I still see the garbage characters:
> > ukOjszaLTZuAFA==
> > -----END CERTIFICATE-----
> > [EMAIL PROTECTED]
> >
> > --Smith
> >
> >
> > On Tue, 07 Sep 2004 14:39:19 -0700, Eric Meyer <[EMAIL PROTECTED]>
> > wrote:
> >> The PEM format is already Base64.
> >>
> >> Also, your sample includes characters that are invalid for a Base64
> >> encoded data, which is explicitly 7 bit safe, so would not include an
> >> accented character. It looks like your null byte is in the wrong
> >> place.
> >> It probably should have come after the "=" sign.
> >>
> >> Eric
> >>
> >> On Sep 7, 2004, at 1:12 PM, Smith Baylor wrote:
> >>
> >>> Hi,
> >>>
> >>> I am using C as the programming language and MySQL as the db.
> >>>
> >>> unsigned char *cert_data;
> >>>
> >>> Instead of storing in PEM format directly, I am storing it in base64
> >>> format - I believe this is more safer - feel free to prove me
> >>> otherwise.
> >>>
> >>> Once I store the cert_data value, I also pad this with '\0' - string
> >>> terminator.
> >>>
> >>> I get something like this at the end of the encoding:
> >>> TGZ3am0wTDNjeTN3PT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
> >>> ÃÂÃÂ�7HZmÂ
> >>>
> >>> which the db insert or update commands don't like.
> >>>
> >>> /Shivaram
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>> ----- Original Message -----
> >>> From: Carlos Roberto Zainos H <[EMAIL PROTECTED]>
> >>> Date: Tue, 7 Sep 2004 12:36:44 -0500 (CDT)
> >>> Subject: Re: storing PEM encoded certs in database
> >>> To: [EMAIL PROTECTED]
> >>>
> >>>
> >>> Hi
> >>> I'm not an expert, but I think that could be some different depending
> >>> on the DBMS and the driver connection being used.
> >>>
> >>> For example, I'm using Oracle DB 10g with ODBC based client
> >>> connection
> >>> to the DB.
> >>>
> >>> I'm storing PEM certificates making a copy of it to a buffer and then
> >>> storing it into the DB via INSERT with the apropiate convertions:
> >>>
> >>> unsigned char cert[2*1024];
> >>> BIO *buf;
> >>>
> >>>
> >>> buf = BIO_new (BIO_s_mem());
> >>> res = PEM_write_bio_X509(buf, xreq);//xreq is the X509 cert
> >>>
> >>> longitud = sizeof(cert);
> >>> res = BIO_read(buf, cert, (int)longitud);
> >>> cert[res]='\0';
> >>> //executing the INSERT via exec_sql_comm(sentence) function, where
> >>> sentence = "insert into certificados
> >>> (estadocer,fechacaducidad,numserie,certificado) values
> >>> ('V',to_date('%s','YYYY-MM-DD HH24:MI:SS'),'%i','%s')",fecha_cad,
> >>> num_serie, cert)"
> >>> Holpe this helps.
> >>> Zainos
> >>>
> >>> Smith Baylor <[EMAIL PROTECTED]> wrote:
> >>>
> >>>
> >>>
> >>> ________________________________
> >>> Do You Yahoo!?
> >>> Yahoo! Net: La mejor conexiân a internet y 25MB extra a tu correo
> >>> por
> >>> $100 al mes.
> >>
> >>
> >>> _____________________________________________________________________
> >>> _
> >>> OpenSSL Project
> >>> http://www.openssl.org
> >>> User Support Mailing List
> >>> [EMAIL PROTECTED]
> >>> Automated List Manager
> >>> [EMAIL PROTECTED]
> >>>
> >>
> >> ______________________________________________________________________
> >> OpenSSL Project http://www.openssl.org
> >> User Support Mailing List [EMAIL PROTECTED]
> >> Automated List Manager [EMAIL PROTECTED]
> >>
> > ______________________________________________________________________
> > OpenSSL Project http://www.openssl.org
> > User Support Mailing List [EMAIL PROTECTED]
> > Automated List Manager [EMAIL PROTECTED]
> >
>
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
