> From: owner-openssl-us...@openssl.org On Behalf Of praveenpvs > Sent: Tuesday, 21 February, 2012 10:24
> When I extracted the public key and saved to file, the Public > key file looks like [---END--- line incomplete] <snip code> > I am not able to figure out what is problem. > Any suggestions/thoughts?? > There's no fclose() in the code you posted. Without that or at least fflush(), depending on what happens later in the same process the file MIGHT not get written properly. Also, ExtractSerialNumber is storing to gszSerialNumber, presumably a global buffer, without checking for overflow. Any buffer overflow in C can be Very Bad News. "serial" values in X.509 certs nowadays are usually randomized and 10 or 20 or more bytes (though not by openssl 'ca'). And, if fopen() fails it is usually more helpful to show strerror(errno), or call perror() which does that for you, rather than just saying "some problem". Similarly, if any OpenSSL routine (with a few exceptions) returns an error indication (like NULL from PEM_read_* or <0 from SSL_connect) it is almost always helpful to show OpenSSL's error queue. The easy and standard way is to call ERR_print_errors[_fp] usually on stderr, having done SSL_load_error_strings (or similar) at initialization. If you want to format differently see man ERR_get_error . Note http://www.openssl.org/support/faq.html#PROG6 http://www.openssl.org/support/faq.html#PROG7 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
