Re: How to convert base64 encoded char buffer to X509

[Dr. Stephen Henson]

On Thu, Apr 10, 2008, Mohd Saleem wrote:

> Hi ,
> 
> I have char buffer in base64 encoded format. The client should read the 
> buffer, decode it and get the result in X509 structure, i am facing issues 
> with this.
> I am getting an error, error:0D0680A8:asn1 encoding 
> routines:ASN1_CHECK_TLEN:wrong tag.
> Could you help me in resolving this.
> Any help will be great. I have attached code for reference.
> Thanks in advance.
> Saleem
> 
>  
> // This is my base64 encoded certificate
> char *gacacert = 
> "MIICLzCCAiswggGUoAMCAQICBgEYgSDT3DANBgkqhkiG9w0BAQUFADA0MRAwDgYD\n\
> VQQKEwdlbnRydXN0MQwwCgYDVQQLEwNlbmcxEjAQBgNVBAMTCWdhTG9jYWxDQTAe\n\
> Fw0wODAzMDUyMjQ3MzVaFw0yODAyMjkyMjQ3MzVaMDQxEDAOBgNVBAoTB2VudHJ1\n\
> c3QxDDAKBgNVBAsTA2VuZzESMBAGA1UEAxMJZ2FMb2NhbENBMIGfMA0GCSqGSIb3\n\
> DQEBAQUAA4GNADCBiQKBgQDW4ONrqPZ/Hc9Ft/vL1eD76XpbxhdmAezpjGK0aWa2\n\
> 2QCkDD6IpU3VxpW93+i8em2zgCV5fujbcJuNebk+Y24q3w8FVbba7BZGcaoatB99\n\
> vdZ0gp/t/DXq9KsdxdlE2W/mKBCvxkkMsEnm5kHeHZXByouqPvIXGBsJORCH2ahB\n\
> vwIDAQABo0gwRjASBgNVHRMBAf8ECDAGAQH/AgEAMBEGCWCGSAGG+EIBAQQEAwIA\n\
> JDAdBgNVHQ4EFgQUIZVCc+92iSwt3CD3P9TYIJB6pLQwDQYJKoZIhvcNAQEFBQAD\n\
> gYEAjZq3mZ/Q6F26BBd74Q5lJcABGTM4nB1mThaCJk//dLx6WhmWoXJoZD0//nYM\n\
> UDvISCc4KtMZoe5qkO/BKJs9IwsXQyZiPl5bAtcfN6OmSe+fmNPMUKD1ck8l7WLu\n\
> 7k6hlBwrIIi05KhiYLY5i4ZbVh0+DyjIkXbv2GJj+g0CrEE=";
> 
> int SClient::loadCert(char *v_cert)
> {
>    try
>    {
>   char errStr[512];
>   int ierr = 0;
>  
>   SSLeay_add_ssl_algorithms();
>   SSL_METHOD *pSSLMethod = SSLv3_client_method();
>   SSL_load_error_strings();
>   SSL_CTX *pSSL_Context = SSL_CTX_new (pSSLMethod);
>  
>   // Adding the header and footer
>   char *charsToPrepend = "-----BEGIN CERTIFICATE-----\n";
>   char *charsToAppend = "\n-----END CERTIFICATE-----";
>   char memBuffer[2000];
>   strcpy(memBuffer, charsToPrepend);
>   strcat(memBuffer, v_cert);
>   strcat(memBuffer, charsToAppend);
>  
>   BIO *membuf = BIO_new(BIO_s_mem());
>   BIO_puts(membuf, memBuffer);
>  
>   // **** This is returning null.
>   X509 *x509 = PEM_read_bio_X509(membuf, NULL, NULL, NULL);
>   if (x509 == NULL)
>   {
>    ierr = ERR_get_error();
>    ERR_error_string(ierr, errStr);
>    // The error here is....
>    // error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
>   }
>    }
>       catch( ...)
>    {
>   //("Unexpected exception");
>   return 0;
>    }
>  
>  return 1;
> }

Since you mentioned you can't convert the buffer to DER and use that
directly....

You need a "\n" on the end of charsToAppend. There are a couple of
alternatived. Instead of writing to a memory BIO you can create on
directly using BIO_new_mem_buf().

Also you can avoid the append/prepend stuff by prepending a base64 BIO and
call d2i_X509_bio() on the result.

Steve.
-- 
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]