RE: Extract of Public key and Serial number from Certificate

Wed, 22 Feb 2012 11:21:17 -0800 

Thanks Dave..
With fclose() it is working fine :)
Thank you very much for your inputs...I shall follow them



Dave Thompson-5 wrote:
> 
>> From: owner-openssl-us...@openssl.org On Behalf Of praveenpvs
>> Sent: Tuesday, 21 February, 2012 10:24
> 
>> When I extracted the public key and saved to file, the Public 
>> key file looks like [---END--- line incomplete]
> <snip code>
>> I am not able to figure out what is problem.
>> Any suggestions/thoughts??
>> 
> There's no fclose() in the code you posted. Without that or 
> at least fflush(), depending on what happens later in the 
> same process the file MIGHT not get written properly.
> 
> Also, ExtractSerialNumber is storing to gszSerialNumber, 
> presumably a global buffer, without checking for overflow.
> Any buffer overflow in C can be Very Bad News. "serial" 
> values in X.509 certs nowadays are usually randomized 
> and 10 or 20 or more bytes (though not by openssl 'ca').
> 
> And, if fopen() fails it is usually more helpful to show 
> strerror(errno), or call perror() which does that for you, 
> rather than just saying "some problem". Similarly, if any 
> OpenSSL routine (with a few exceptions) returns an error 
> indication (like NULL from PEM_read_* or <0 from SSL_connect) 
> it is almost always helpful to show OpenSSL's error queue. 
> The easy and standard way is to call ERR_print_errors[_fp] 
> usually on stderr, having done SSL_load_error_strings 
> (or similar) at initialization. If you want to format 
> differently see man ERR_get_error . Note
> http://www.openssl.org/support/faq.html#PROG6
> http://www.openssl.org/support/faq.html#PROG7
> 
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    openssl-users@openssl.org
> Automated List Manager                           majord...@openssl.org
> 
> 

-- 
View this message in context: 
http://old.nabble.com/Extract-of-Public-key-and-Serial-number-from-Certificate-tp33354749p33368555.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to