Hi *,
i am programming a networkapplication that uses X509 Certs. On each peer
there is a directory, that contains the CA and all peer certs. I also
used c_rehash on that directory.
The application should now be able to retrieve a X509 from that
directory, with a given commonName. I tried the following, but the code
is not able to retrieve a cert (only segfaults). Am i totally wrong or
is there a chance to get this running?
(Error checking etc. removed...)
struct entry
{
char *key;
char *value;
};
struct entry entries[ENTRY_COUNT] =
{
{"countryName", "DE" },
{"stateOrProvinceName", "Germany" },
{"localityName","MyTown"},
{"organizationName","MyCompany"},
{"commonName","server-common-name-string"},
};
X509_NAME * get_X509_Name(const char *cn)
{
X509_NAME *subj;
int nid;
X509_NAME_ENTRY *ent;
int i;
subj = X509_NAME_new();
for(i=0;i< ENTRY_COUNT;i++)
{
int nid;
X509_NAME_ENTRY *ent;
nid = OBJ_txt2nid(entries[i].key)) == NID_undef
ent =
X509_NAME_ENTRY_create_by_NID(NULL,nid,MBSTRING_ASC,entries[i].value,-1);
X509_NAME_add_entry(subj, ent, -1,0) != 1);
}
return subj;
}
X509 * get_CERT_by_cn(const char *cn)
{
X509_OBJECT *obj;
X509_NAME *subj;
subj = get_X509_Name(cn);
X509_LOOKUP *lookup;
lookup = X509_LOOKUP_new(X509_LOOKUP_hash_dir());
X509_LOOKUP_init(lookup);
X509_LOOKUP_add_dir(lookup,CADIRNAME,X509_FILETYPE_PEM);
int i = X509_LOOKUP_by_subject(lookup,X509_LU_X509,subj,obj);
/*X509_LOOKUP_by_subject returns segfaults...*/
return obj->data.x509;
}
Volker
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
