[openssl-dev] [openssl.org #4659] Enhancement: PEM_write_PrivateKey should return an error response if an invalid cipher is specified
Ian Spence via RT
rt at openssl.org
Thu Aug 25 17:47:56 UTC 2016
Hello
I just overcame an annoying problem where PEM_write_PrivateKey would return
a success response code, but the file would be blank. I ensured that I
closed the FILE pointer, so any cached data should've been flushed.
Eventually I found that I was specifying an incorrect cipher.
Here's what I was doing before:
FILE * f = fopen("PathToMyPrivateKey.pem", "wb");
const char * password = "Password";
int rv = PEM_write_PrivateKey(f,
pkey,
EVP_aes_256_cbc_hmac_sha1(),
(unsigned char *)password,
(int)strlen(password),
NULL,
NULL);
fclose(f);
return rv;
RV will be 1, indicating success, but the file will be 0 bytes.
I changed the cipher to use EVP_aes_256_cbc() instead, and then everything
worked as intended.
I propose an enhancement that if the cipher is not valid, an error response
is returned.
Thank you!
--
Ian Spence / Systems Administrator and Software Developer
+1 (778) 872-9254/ ian at ecnepsnai.com
PGP Key: keybase.io/ecnepsnai
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4659
Please log in as guest with password guest if prompted
More information about the openssl-dev
mailing list