« Disneyland | Main | The beauty of Open Source »
October 3, 2004
Fighting with OpenSSL
Is it just me or does the documentation for OpenSSL just suck? You would think that something as important as this would mean there would be really good documentation, with concrete examples and lots of explanation as to what things are and what they do and why things are they way they are. This isn't the first time I have been playing with OpenSSL, it's not like I haven't ever used it. It's just that every time I get seriously into it, something bites me in the ass and the documentation is woefully unhelpful.
A case in point:
- (NSData *)decryptMessageWithPublicKey:(NSData *)msg
{
NSData *message = nil;
BIO *bio;
NSData *decoded = [SSCrypto decodeBase64Data:msg];
unsigned long err = 0;
NSLog(@"decoded: %@", decoded);
if (bio = BIO_new_mem_buf((void *)[publicKey bytes],
[publicKey length]))
{
RSA *rsa_key = 0;
if (PEM_read_bio_RSA_PUBKEY(bio, &rsa_key, NULL, NULL)) {
NSLog(@"RSA_size: %d", RSA_size(rsa_key));
NSLog(@"decoded length: %d", [decoded length]);
NSAssert([decoded length] + 11 == RSA_size(rsa_key),
@"decoded length + 11 == RSA size");
unsigned char dst[[decoded length]];
int len = RSA_public_decrypt([decoded length],
[decoded bytes],
dst, rsa_key,
RSA_PKCS1_PADDING);
while (err = ERR_get_error()) {
NSLog(@"error: %s", ERR_reason_error_string(err));
}
message = [NSData dataWithBytes:dst length:len];
RSA_free(rsa_key);
}
BIO_free(bio);
} else {
NSLog(@"failed to get BIO mem buffer!");
return nil;
}
return message;
}
Now, lets assume that there aren't any problems with the base64 decoding (since there aren't), and that the RSA key is being loaded correctly (I'm reasonably sure this is true). Why is it that I cannot get past the assertion? I have been messing with this for a few hours and it's ticking me off. I must be missing something, but I just can't see it. I'll have to set this aside for a bit and come back fresh.
Posted by ed at October 3, 2004 6:30 PM