Re: Problem with SSL_CTX_use_certificate_ASN1

geragray Fri, 11 Apr 2008 00:45:48 -0700


Victor Duchovni wrote:
> 
> The success of "SSL_CTX_use_certificate" seems to point to it being
> a certificate. Which is it? Did the OP misreport what worked? Which
> was it:
>


Sorry, i misstyped the 2nd function. Once again: 
* i have binary private key 610 bytes long
  fp = fopen("../keys/prkey.der", "r");
  len = fread(in_buf, sizeof(char), 1000, fp);
* i try to load it to ctx with:
  if (!SSL_CTX_use_PrivateKey_ASN1(SSL_FILETYPE_ASN1, ctx, (unsigned
char*)in_buf, len))
     ERR_print_errors_fp(stdout);
  and getting error 
9329:error:0D09A0A3:asn1 encoding routines:d2i_PrivateKey:unknown public key
type:d2i_pr.c:125:
9329:error:140AF00D:SSL routines:SSL_CTX_use_PrivateKey_ASN1:ASN1
lib:ssl_rsa.c:690:
*then i convert binary key to .pem format with 
  openssl asn1parse -in prkey.der -inform der -out pkey.pem -outform pem
*read it (810 bytes)
  fp = fopen("../keys/prkey.pem", "r");
  len = fread(in_buf, sizeof(char), 1000, fp);
* and load it with
  SSL_CTX_use_PrivateKey_file(ctx, in_buf, SSL_FILETYPE_PEM)
*it works perfectly

It seems that SSL_FILETYPE_ASN1 is not correct type, since respond is
"unknown public key type". But it is also interesting why OpenSSL thinks it
is a pub key, when i use SSL_CTX_use_PrivateKey_ASN1 function. Maybe it is a
bug?

The output of openssl asn1parse -in prkey.der -inform der is:
    0:d=0  hl=4 l= 606 cons: SEQUENCE          
    4:d=1  hl=2 l=   1 prim: INTEGER           :00
    7:d=1  hl=3 l= 129 prim: INTEGER          
:DD2E6F1862C4FF07C45EC56EC2D8460AC887FAD49524D4B5B9774D2DD275E2073CF7AE72B47626E615D9870506E4B00480F15A0A4738E8C1C101B233C202BB7D000449E080A507B0714476620FBA43A5D076BDA82D30ED392E4345F542533D152D892E02A6F3C976CE4FE1530958786E7FAC0B42DB3FA5B899039DA414FAF69B
  139:d=1  hl=2 l=   3 prim: INTEGER           :010001
  144:d=1  hl=3 l= 129 prim: INTEGER          
:CF5B95F9B5B75C24EAFBB27AE99E9AE3C7267C88CA1E5270E024B1AD90CEC58DE5A18AE1ACBFCC2E0F33F53A484123A7C53F001BFCB3A4BAE8F86F19C8FC88C9A3D3F6E4CB943BFCF9BECB5164B28699FAAB88ABCEE444C4B7DDECD76EFCEECC9D6CCF8E76CFA6C25811EAA2595EACFC398C23EB7283900BC0C88293E33054D9
  276:d=1  hl=2 l=  65 prim: INTEGER          
:FBD2B89E9ECED114FEC8431A8C90F6275CE5E2F5C68497D9742839E50249F1E8FC4F32A3271A499073C5BA1EAECBFE93A0DE10EA32075EC11C261E8B5C67D78F
  343:d=1  hl=2 l=  65 prim: INTEGER          
:E0D99A743BCA12DA4E3DA9DF59FAA091D5542A95F8531C821C7C1591F613E0B05180DC2A00BF3D4480BAC86255050181E0BD9495421AD45BE52994CB68144A35
  410:d=1  hl=2 l=  65 prim: INTEGER          
:AF4AFBE0CEC3409FD0CB2E8AE8967002EE93C7ED36074E7CBC72D3FA2A21B7176BAAE5A0D4B363C9FE0D0186223F363325A3EF3A5720F240928BA66F741F84D9
  477:d=1  hl=2 l=  64 prim: INTEGER          
:6C3249D084B4C83DA448A7E58236C7ED64EA0B53FF1A7F2D5CE798B993E01CCEBB697687FFB40697601A813250170892A6C2932CFF92497DAED843715DB3E5C1
  543:d=1  hl=2 l=  65 prim: INTEGER          
:F63374004B31D79C5B13BBADB1E4F18784ACE883A74DEDE041E0926838A4D7C2A92D96FAD5A4E4024EF47D562A3614F23E46158036302A5FC00631A80EA468F8

and if i do openssl asn1parse -in prkey.pem -inform pem for the converted
pem key, the result is the same:

    0:d=0  hl=4 l= 606 cons: SEQUENCE          
    4:d=1  hl=2 l=   1 prim: INTEGER           :00
    7:d=1  hl=3 l= 129 prim: INTEGER          
:DD2E6F1862C4FF07C45EC56EC2D8460AC887FAD49524D4B5B9774D2DD275E2073CF7AE72B47626E615D9870506E4B00480F15A0A4738E8C1C101B233C202BB7D000449E080A507B0714476620FBA43A5D076BDA82D30ED392E4345F542533D152D892E02A6F3C976CE4FE1530958786E7FAC0B42DB3FA5B899039DA414FAF69B
  139:d=1  hl=2 l=   3 prim: INTEGER           :010001
  144:d=1  hl=3 l= 129 prim: INTEGER          
:CF5B95F9B5B75C24EAFBB27AE99E9AE3C7267C88CA1E5270E024B1AD90CEC58DE5A18AE1ACBFCC2E0F33F53A484123A7C53F001BFCB3A4BAE8F86F19C8FC88C9A3D3F6E4CB943BFCF9BECB5164B28699FAAB88ABCEE444C4B7DDECD76EFCEECC9D6CCF8E76CFA6C25811EAA2595EACFC398C23EB7283900BC0C88293E33054D9
  276:d=1  hl=2 l=  65 prim: INTEGER          
:FBD2B89E9ECED114FEC8431A8C90F6275CE5E2F5C68497D9742839E50249F1E8FC4F32A3271A499073C5BA1EAECBFE93A0DE10EA32075EC11C261E8B5C67D78F
  343:d=1  hl=2 l=  65 prim: INTEGER          
:E0D99A743BCA12DA4E3DA9DF59FAA091D5542A95F8531C821C7C1591F613E0B05180DC2A00BF3D4480BAC86255050181E0BD9495421AD45BE52994CB68144A35
  410:d=1  hl=2 l=  65 prim: INTEGER          
:AF4AFBE0CEC3409FD0CB2E8AE8967002EE93C7ED36074E7CBC72D3FA2A21B7176BAAE5A0D4B363C9FE0D0186223F363325A3EF3A5720F240928BA66F741F84D9
  477:d=1  hl=2 l=  64 prim: INTEGER          
:6C3249D084B4C83DA448A7E58236C7ED64EA0B53FF1A7F2D5CE798B993E01CCEBB697687FFB40697601A813250170892A6C2932CFF92497DAED843715DB3E5C1
  543:d=1  hl=2 l=  65 prim: INTEGER          
:F63374004B31D79C5B13BBADB1E4F18784ACE883A74DEDE041E0926838A4D7C2A92D96FAD5A4E4024EF47D562A3614F23E46158036302A5FC00631A80EA468F8





-- 
View this message in context: 
http://www.nabble.com/Problem-with-SSL_CTX_use_certificate_ASN1-tp16609096p16626771.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]

Re: Problem with SSL_CTX_use_certificate_ASN1

Reply via email to