Which datatype for passphrase? - Openssl

This is a discussion on Which datatype for passphrase? - Openssl ; Hello, we are confused: The "PEM_write_bio_RSAPrivateKey" function among other WRTING functions take "kstr" argument of type "unsigned char*" and a "klen" argument containing the length of "kstr". On the other hand the "PEM_read_bio_PrivateKey" only takes an argument "u" of type ...

+ Reply to Thread
Results 1 to 6 of 6

Thread: Which datatype for passphrase?

  1. Which datatype for passphrase?

    Hello,

    we are confused:

    The "PEM_write_bio_RSAPrivateKey" function among other WRTING functions
    take "kstr" argument of type "unsigned char*" and a "klen" argument
    containing the length of "kstr".

    On the other hand the "PEM_read_bio_PrivateKey" only takes an argument
    "u" of type "void*" which is interpreted as a terminated string.

    To sum it up: We have two datatypes for passphrase:

    1. "unsigned char *" used with "kstr"
    2. "void*" used with "u"

    In Addition to that, the "PEM_write_bio_RSAPrivateKey" also takes a "u"
    argument.

    We want to know which datatype to use for passphrases. Can we always use
    "u" and always use "char*" pointers, 'cause that's how "u" is interpreted?

    Here's my main source of information on this topic:
    http://www.openssl.org/docs/crypto/pem.html

    Thanks in advance
    Konrad
    __________________________________________________ ____________________
    OpenSSL Project http://www.openssl.org
    User Support Mailing List openssl-users@openssl.org
    Automated List Manager majordomo@openssl.org


  2. Re: Which datatype for passphrase?

    To make this thread a little more interesting... Why are there more than
    6200 "gotos" in the OpenSSL source code? Provokating question, I know.

    Konrad Kleine schrieb:
    > Hello,
    >
    > we are confused:
    >
    > The "PEM_write_bio_RSAPrivateKey" function among other WRTING functions
    > take "kstr" argument of type "unsigned char*" and a "klen" argument
    > containing the length of "kstr".
    >
    > On the other hand the "PEM_read_bio_PrivateKey" only takes an argument
    > "u" of type "void*" which is interpreted as a terminated string.
    >
    > To sum it up: We have two datatypes for passphrase:
    >
    > 1. "unsigned char *" used with "kstr"
    > 2. "void*" used with "u"
    >
    > In Addition to that, the "PEM_write_bio_RSAPrivateKey" also takes a "u"
    > argument.
    >
    > We want to know which datatype to use for passphrases. Can we always use
    > "u" and always use "char*" pointers, 'cause that's how "u" is interpreted?
    >
    > Here's my main source of information on this topic:
    > http://www.openssl.org/docs/crypto/pem.html
    >
    > Thanks in advance
    > Konrad
    > __________________________________________________ ____________________
    > OpenSSL Project http://www.openssl.org
    > User Support Mailing List openssl-users@openssl.org
    > Automated List Manager majordomo@openssl.org
    >

    __________________________________________________ ____________________
    OpenSSL Project http://www.openssl.org
    User Support Mailing List openssl-users@openssl.org
    Automated List Manager majordomo@openssl.org


  3. Re: [openssl-users] Re: Which datatype for passphrase?

    One of our principles is to have only one exit point in functions, so in
    this point we would agree with you. On the other hand, it is also
    possible to do it without "goto"s.

    Erwann ABALEA schrieb:
    > Hodie Id. Iun. MMVIII est, Konrad Kleine scripsit:
    >> To make this thread a little more interesting... Why are there more than
    >> 6200 "gotos" in the OpenSSL source code? Provokating question, I know.

    >
    > Because C is not BASIC?
    > Honestly, I also disliked gotos in the past, with bad reasons; I
    > changed my mind, it allows me to write functions with only one exit
    > point, and group deallocations together. There's no "spaghetti"
    > symptom, in C, as a goto must span in the same function.
    >

    __________________________________________________ ____________________
    OpenSSL Project http://www.openssl.org
    User Support Mailing List openssl-users@openssl.org
    Automated List Manager majordomo@openssl.org


  4. Re: [openssl-users] Re: Which datatype for passphrase?

    On Fri, Jun 13, 2008 at 05:32:36PM +0200, Konrad Kleine wrote:

    > One of our principles is to have only one exit point in functions, so in
    > this point we would agree with you. On the other hand, it is also
    > possible to do it without "goto"s.


    I think this is the OpenSSL users list. And this is significantly off
    topic. Perhaps this thread can be moved to a suitable Usenet group
    dealing with C-programming style.

    --
    Viktor.
    __________________________________________________ ____________________
    OpenSSL Project http://www.openssl.org
    User Support Mailing List openssl-users@openssl.org
    Automated List Manager majordomo@openssl.org


  5. Re: [openssl-users] Re: Which datatype for passphrase?

    * Konrad Kleine wrote on Fri, Jun 13, 2008 at 17:32 +0200:
    > One of our principles is to have only one exit point in
    > functions, so in this point we would agree with you. On the
    > other hand, it is also possible to do it without "goto"s.


    Yes, it is possible to `goto' without `gotos', sometimes there is
    some code like

    allocate_stuff();
    do {
    if (!action1()) break;
    if (!action2()) break;
    if (!action3()) break;
    } while(0);
    free_stuff();

    which may be considered a `hidden goto', maybe done because some
    keyword-based metric forbids using the keyword `goto', but I think
    logically it is the same.

    Since it is hidden personally I dislike this.
    Better clearly writing goto than emulating goto!

    Using a pattern like

    allocate_stuff();
    if (!err) err = action1();
    if (!err) err = action2();
    if (!err) err = action3();
    free_stuff();

    in certain circumstances may also not be suited.

    Having some `func_exit:' label IMHO can improve readability of
    code (which is important to ease code reviews, for instance).

    So in short I think goto should not be demonized unconditionally;
    it depends on how it is used. just needed to say that :-)

    BTW, for passphrases to be entered by humans (without binary zeros
    inside) I think C-strings could be suited, the data type for some
    entry function could be `char *const passphrase' and for some
    function that uses it maybe `const char *const passphrase'. Is
    that right?

    oki,

    Steffen

    --

    About Ingenico Throughout the world businesses rely on Ingenico for secure and expedient electronic transaction acceptance. Ingenico products leverage proven technology, established standards and unparalleled ergonomics to provide optimal reliability, versatility and usability. This comprehensive range of products is complemented by a global array of services and partnerships, enabling businesses in a number of vertical sectors to accept transactions anywhere their business takes them.
    www.ingenico.com This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation.
    __________________________________________________ ____________________
    OpenSSL Project http://www.openssl.org
    User Support Mailing List openssl-users@openssl.org
    Automated List Manager majordomo@openssl.org


  6. Re: [openssl-users] Re: Which datatype for passphrase?

    Steffen DETTMER wrote:
    > (...)
    > BTW, for passphrases to be entered by humans (without binary zeros
    > inside) I think C-strings could be suited, the data type for some
    > entry function could be `char *const passphrase' and for some
    > function that uses it maybe `const char *const passphrase'. Is
    > that right?
    >

    The interest I have in this thread is about encoding.
    Does this char * contains US-ASCII or LATIN1 or ANSI or UTF-8 or whatever ?
    In other words are passphrases in the scope of I18N concern ?
    If yes, how ?
    If no, why ?
    > oki,
    >
    > Steffen
    >
    > --
    >
    > About Ingenico Throughout the world businesses rely on Ingenico for secure and expedient electronic transaction acceptance. Ingenico products leverage proven technology, established standards and unparalleled ergonomics to provide optimal reliability, versatility and usability. This comprehensive range of products is complemented by a global array of services and partnerships, enabling businesses in a number of vertical sectors to accept transactions anywhere their business takes them.
    > www.ingenico.com This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation.
    > __________________________________________________ ____________________
    > OpenSSL Project http://www.openssl.org
    > User Support Mailing List openssl-users@openssl.org
    > Automated List Manager majordomo@openssl.org
    >
    >

    --
    alea+
    Luc

    __________________________________________________ ____________________
    OpenSSL Project http://www.openssl.org
    User Support Mailing List openssl-users@openssl.org
    Automated List Manager majordomo@openssl.org


+ Reply to Thread