Hello:
I used the example 10-6 in book *Network Security with OpenSSL* to generate
x509 certificates.
However, my program (server) want to send newly generated certificates to
all other servers and clients via socket. After reading the book, I have
two options to copy them into std::string certificate, which is used as a
binary vector.
*Option 1, using memoryBio and copy out the buffer consents: BIO
*memoryBio = BIO_new (BIO_s_mem()); PEM_write_bio_X509 (memoryBio,
cert)); char *p (0); long length = BIO_get_mem_ptr (memoryBio,
&p); char **pp (0); length = BIO_get_mem_data (memoryBio, &pp);
certificate.reserve (length); certificate.assign (*p, length);*
*Option 2: Using temp file to write out and read:PEM_write_X509 (fp, cert)*
*Read in this temp file into certificate variable (std::string) and send
via the socket.*
At the receiver side, they need do the reversed steps to use it.
Which option is better? Or any other options? I don't like the option2 as
it generates a temp file and receiver side need to do the same steps.
Also, is option 1 doable? Never read any code to do that way. For CRLs, I
have the same question.
Thanks.
Steve.
