[xmlsec] XMLsec: Crash on WinNT in Keysmngr.c [Virus checked]
Aleksey Sanin
aleksey@aleksey.com
Fri, 17 May 2002 08:56:46 -0700
Well, this looks as a bug in the OpenSSL. Which version do you use?
There is also a know problem with mixing different C runtime libraries
on Windows
(debug/multithread-debug/opt/multithread-opt/opt-dll/multithread-opt-dll).
You MUST have everything compiled using the same mode.
Do you have problems with xmlsec.exe application compiled using
makefiles from win32/ folder?
Thanks,
Aleksey.
Hans-Juergen.Heinrich@de.gi-de.com wrote:
>Dear author,
>
>Here's a problem occurring in XMLsec on WinNT, but there is also
>a solution :-)
>When calling the procedure PEM_read_PrivateKey in Keysmngr.c, the
>program will crash.
>Anyway, this problem is already well-known in the OpenSSL mailing list,
>where a solution was provided (I did not yet try it, however!). See the
>attachment containing this mail.
>
>I just wanted to report it so that you can update the XMLsec software.
>
>Best regards,
>Hans-Jürgen Heinrich
>
>----------------------------------
>Dr. Hans-Jürgen Heinrich
>System engineer, 4TE3
>Giesecke & Devrient GmbH, Truderinger Straße 15, D-81607 München
>Phone: +49 89 4119-2625, FAX: +49 89 4119-1629
>mailto:hans-juergen.heinrich@de.gi-de.com
>http://www.gieseckedevrient.com
>
>(See attached file: crash_solution.txt)
>It works fines:
>
> EVP_PKEY *key;
> BIO *bio;
> char *file;
> //Init file with the appropriate path to the private key file.
> char *password;
> //Init the password.
>
> bio = BIO_new( BIO_s_file() );
> BIO_read_filename( bio, file );
> key = PEM_read_bio_PrivateKey( bio, NULL, NULL, password );
>
>Note that I am not providing a password callback and that I am using the
>bio
>version of the PEM_read_PrivateKey.
>I hope it helps.
>
>Marc-Andre
>
>-----Original Message-----
>From: Roberto Rodrigues - McLean [mailto:Roberto.Rodrigues@Spacenet.com]
>Sent: Friday, April 26, 2002 4:55 PM
>To: 'openssl-users@openssl.org'
>Subject: PEM_read_PrivateKey() wont work on Windows (visual)
>
>
>hi,
>
>I basically copied the code from sign.c, I call it like this:
>PEM_read_PrivateKey(fp, NULL, pass_cb, password);
>
>it crashes complaining about memory access.
>
>Has anyone make it work on Windows ? Is there any other way of loading a
>Private Key from a file (into a EVP obj) ?
>
>Thank you,
>roberto.KEY *key;
> BIO *bio;
> char *file;
> //Init file with the appropriate path to the private key file.
> char *password;
> //Init the password.
>
> bio = BIO_new( BIO_s_file() );
> BIO_read_filename( bio, file );
> key = PEM_read_bio_PrivateKey( bio, NULL, NULL, password );
>
>Note that I am not providing a password callback and that I am using the
>bio
>version of the PEM_read_PrivateKey.
>I hope it helps.
>
>Marc-Andre
>
>-----Original Message-----
>From: Roberto Rodrigues - McLean [mailto:Roberto.Rodrigues@Spacenet.com]
>Sent: Friday, April 26, 2002 4:55 PM
>To: 'openssl-users@openssl.org'
>Subject: PEM_read_PrivateKey() wont work on Windows (visual)
>
>
>hi,
>
>I basically copied the code from sign.c, I call it like this:
>PEM_read_PrivateKey(fp, NULL, pass_cb, password);
>
>it crashes complaining about memory access.
>
>Has anyone make it work on Windows ? Is there any other way of loading a
>Private Key from a file (into a EVP obj) ?
>
>Thank you,
>roberto.
>