X-Git-Url: https://git.openssl.org/gitweb/?a=blobdiff_plain;f=FAQ;h=a381d1d862d7c522cb84f6f46a2fdb033e6fd935;hb=51012a0969eb46b02078228d13eb7dc4783fb6ae;hp=4497b1c7f438126fc0aea76b162a69bc8c91b2b8;hpb=84b65340e1cf5b0c427d87e89f42382bff2a5b63;p=openssl.git diff --git a/FAQ b/FAQ index 4497b1c7f4..a381d1d862 100644 --- a/FAQ +++ b/FAQ @@ -10,6 +10,7 @@ OpenSSL - Frequently Asked Questions * Why does the linker complain about undefined symbols? * Where can I get a compiled version of OpenSSL? * I've compiled a program under Windows and it crashes: why? +* How do I read or write a DER encoded buffer using the ASN1 functions? * I've tried using and I get errors why? * I've called and it fails, why? * I just get a load of numbers for the error output, what do they mean? @@ -182,6 +183,43 @@ otherwise the conflict will cause a program to crash: typically on the first BIO related read or write operation. +* How do I read or write a DER encoded buffer using the ASN1 functions? + +You have two options. You can either use a memory BIO in conjunction +with the i2d_XXX_bio() or d2i_XXX_bio() functions or you can use the +i2d_XXX(), d2i_XXX() functions directly. Since these are often the +cause of grief here are some code fragments using PKCS7 as an example: + +unsigned char *buf, *p; +int len; + +len = i2d_PKCS7(p7, NULL); +buf = OPENSSL_Malloc(len); /* or Malloc, error checking omitted */ +p = buf; +i2d_PKCS7(p7, &p); + +At this point buf contains the len bytes of the DER encoding of +p7. + +The opposite assumes we already have len bytes in buf: + +unsigned char *p; +p = buf; +p7 = d2i_PKCS7(NULL, &p, len); + +At this point p7 contains a valid PKCS7 structure of NULL if an error +occurred. If an error occurred ERR_print_errors(bio) should give more +information. + +The reason for the temporary variable 'p' is that the ASN1 functions +increment the passed pointer so it is ready to read or write the next +structure. This is often a cause of problems: without the temporary +variable the buffer pointer is changed to point just after the data +that has been read or written. This may well be uninitialized data +and attempts to free the buffer will have unpredictable results +because it no longer points to the same address. + + * I've tried using and I get errors why? This usually happens when you try compiling something using the PKCS#12