[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openssl-dev
Subject:    [openssl-dev] [openssl.org #4659] Enhancement: PEM_write_PrivateKey should return an error response 
From:       Ian Spence via RT <rt () openssl ! org>
Date:       2016-08-25 17:47:56
Message-ID: rt-4.0.19-14303-1472147276-300.4659-21-0 () openssl ! org
[Download RAW message or body]

Hello

I just overcame an annoying problem where PEM_write_PrivateKey would return
a success response code, but the file would be blank. I ensured that I
closed the FILE pointer, so any cached data should've been flushed.
Eventually I found that I was specifying an incorrect cipher.

Here's what I was doing before:

    FILE * f = fopen("PathToMyPrivateKey.pem", "wb");
    const char * password = "Password";
    int rv = PEM_write_PrivateKey(f,
                                  pkey,
                                  EVP_aes_256_cbc_hmac_sha1(),
                                  (unsigned char *)password,
                                  (int)strlen(password),
                                  NULL,
                                  NULL);
    fclose(f);
    return rv;

RV will be 1, indicating success, but the file will be 0 bytes.

I changed the cipher to use EVP_aes_256_cbc() instead, and then everything
worked as intended.

I propose an enhancement that if the cipher is not valid, an error response
is returned.

Thank you!

-- 

Ian Spence / Systems Administrator and Software Developer
+1 (778) 872-9254/ ian@ecnepsnai.com
PGP Key: keybase.io/ecnepsnai

-- 
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4659
Please log in as guest with password guest if prompted

-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[prev in list] [next in list] [prev in thread] [next in thread]