Ah, yes, I realized later that there wasn't any communication info in
there. I only use it for encryption.
Good luck!
On Sun, May 22, 2011 at 5:10 PM, Harshvir Sidhu wrote:
>Can someone point me to some example code for this in which BIO is used
> to encrypt and decrypt data and then using normal sockets for send/receive?
> I am not able to find anything in openssl source exmple or on google.
>
>
Here's some
>Or is that an attacker wouldn't be able to figure out how to format the
parameters?
Bingo. Nor will he know valid values for those parameters.
If someone goes to the trouble to run the app in an environment where he can
scrutinize memory contents, then he can figure all this out. But that's
bey
>
> I'm probably being obtuse here, but I don't see how encrypting your
> request with a public key would help you with your original problem.
>
> What stops a rogue app from doing the same encryption?
>
They can't see what the parameters are. So what are they going to encrypt?
Thanks a lot for that thorough answer, Dave.
Today I discovered EVP_Seal and related functions (actually I discovered
their counterparts in PHP and then searched for the C side). It looks like
this is exactly what I'm looking for; maybe people just assume that everyone
knows about these "envelope
Re-sending. Forgot to finish the subject...
Hi all.
I have an iPhone app that retrieves database info by issuing HTTP GETs to
PHP pages on a server. All I want to do is encrypt the parameters sent in
the URL, to prevent people from spoofing our app and abusing our database
(most likely with spa
Hi all.
I have an iPhone app that retrieves database info by issuing HTTP GETs to
PHP pages on a server. All I want to do is encrypt the parameters sent in
the URL, to prevent people from spoofing our app and abusing our database
(most likely with spam). I've seen people ask this question in for
>
> Now I'm trying to replace the filepath with char[] which has all characters
> of the file.
>
>
I just did this today. Do something like this, where privateKeyString is
your unsigned char array with your PEM file contents in it:
BIO* bp = BIO_new_mem_buf(privateKeyString, -1);/
Thanks to those who answered. It was a simple goof using std::string's
substr() method; I was treating the second parameter as the end position
rather than the character count, thus lopping off some essential characters
and causing the failure. It works now.
A follow-up: After seeing an example, I tried printing the result of
ERR_reason_error_string(ERR_get_error()). It's null.
OK, this is perplexing. I have a PEM-format RSA key in a character string
called _publicKey, with newlines between the header, key data, and trailer.
Like this:
-BEGIN PUBLIC KEY
MCwwHRTJKoZIhvcNAQEBBQADGwAwGAIRALPMoZzXMLIKhidteVfdR28CAwEAAQ==
-END PUBLIC KEY-
But PEM_read_bio_RS
Ah, I see the g3 option generates extra debugging info. I'll give it a
shot. I have a bug open with Apple about this anyway. It has proven to be
very hard to pin down. Restarting Xcode will usually eliminate the problem
and let you step through code... ONCE. If you want to do it again, you hav
On Mon, May 16, 2011 at 6:53 AM, John Hascall wrote:
>
> > (sadly I have to use
> > Xcode, which refuses to show any local variables and GDB claims they
> don't
> > exist).
>
>This is probably the optimizer, try compiling with -O0 -g3
>
Thanks, John, I am building Debug. I verified that -O0
Duh, thanks to the people who pointed out that the pointer returned by
PEM_read_bio_RSA_PUBKEY might be null, and indeed it is (sadly I have to use
Xcode, which refuses to show any local variables and GDB claims they don't
exist).
The question now is why it's null, since I know the string itself i
Hi all.
I'm trying to use the OpenSSL crypto lib. I've generated a public/private
RSA key pair. Then I wrote some code to try to encrypt an eight-byte random
string. But it crashes in RSA_size(). Here's the code:
BIO* bp = BIO_new_mem_buf(_publicKey, -1);//
Create
15 matches
Mail list logo
