Hi,
I went on reading about this error and figured out that the socket bio
does not support the BIO_gets method. Is it possible that
PEM_read_bio_RSA_PUBKEY uses BIO_gets internally and is therefore not
really compatible with a socket bio?
In order to verify that I created a buffer BIO (BIO_f_buffer()) on top of
the socket bio for the read function. And this just works. Is this the
desired way to do this? I can live with it, but since it was not
documented (or maybe I just missed it), I did not expect it.
best regards and thanks a lot again for the help
Carolin
> Hi Dave
>
> thanks a lot for the explanation. That makes a lot clearer to me. I
added
> some code to read out possible errors and there is none on the write
method. However there is a strange one on read:
>
> error code pubkey: 537297017 in bio_lib.c line 297.
> error data:
> error string: error:20068079:BIO routines:BIO_gets:unsupported method
error code pubkey: 151441516 in pem_lib.c line 696.
> error data:
> error string: error:0906D06C:PEM routines:PEM_read_bio:no start line
>
> For me that sounds as if it does not fine the "----- BEGIN PUBKEY ----"
line. So I checked with wireshark and it is there. The PEM string is
distributed over 3 packets but it is continuous data (there is no other
data in those packets). So where does this error come from? Any ideas? I
cannot do anything about the method here, right?
>
> BTW I checked that this error is really triggered by the read function
and
> not by any BIO function before that function.
>
> best regards
> Carolin
>
>>> From: owner-openssl-us...@openssl.org On Behalf Of Carolin Latze Sent:
> Monday, 03 September, 2012 13:39
>>> I try to send an RSA public from one entity to another using socket
> BIOs. I use PEM_write_bio_RSA_PUBKEY and PEM_read_bio_RSA_PUBKEY to do
that. I also tried with PEM_{write|read}_bio_RSAPublicKey. Both have the
>>> same behaviour in my case. The write function seems to work just fine.
> I
>>> am able to see the public key on the wire (using wireshark). However,
> the read function just crashes. It looks as if it reads an endless
amount of data and I have no idea why. Are those function
>>> actually meant
>>> to send data over a socket bio?
>> The PEM routines are meant to send or store over practically any
> channel. The DER routines are meant to send/store over any 8-bit clean
channel, which many socket protocols also do. (TCP/IP itself and a plain
socket does, but some protocols built on top of TCP/IP like SMTP and
HTTP don't, while some like FTP do.)
>> Either pair should work, but mixing them should not. The RSAPublicKey
> routines use the "raw" PKCS#1 format, and the RSA_PUBKEY routines use
the generic X.509 PublicKeyInfo format which *contains* the PKCS#1.
Although semantically equivalent, these are not the same thing.
>> But if you get this (or pretty much anything else) wrong, the read
> routine shouldn't crash. It should return null with error information
stored in the error queue; this is not the same as either crashing or
reading endlessly. In fact reading endlessly wouldn't crash either by my
definition so I can't guess what you mean actually happens.
>>> This is how I call them:
>>> on party A:
>>> RSA rsa;
>>> <init rsa, generate keys>
>>> PEM_write_bio_RSA_PUBKEY(sockbio,rsa);
>>> on party B:
>>> rsa = RSA_new();
>>> PEM_read_bio_RSAPublicKey(sockbio,&rsa,0,0);
>>> Something wrong with the way I call the functions?
>> If you are mismatching RSA_PUBKEY to RSAPublicKey see above.
>> Even if not, you definitely should check for error on the read
>> routine and at least display something. The write routine is
>> much less likely to fail, but even so as general good practice
>> you should check it too.
>> Nit: personally in C I would write NULL rather than 0
>> for a null pointer -- just so it's visible to humans,
>> although it makes no difference to the compiler.
>> Unfortunately C++ doesn't support this until recently.
>> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
>
>
>
>
> ______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
