On Thu, Nov 06, 2008, BiGNoRm6969 wrote:

> Hi, here is my problem:
> I first created a private RSA key with the argument -passout pass:123456
> After that I create the certificate with this the argument -passin: 123456
> In my code I do that:
> static char keyfile[] = "C:/MyKeyFile.pem";
> FILE* fp = fopen( keyfile, "r");
> pem_password_cb* pem_cb = (pem_password_cb*)123456;
> EVP_PKEY* test_key = PEM_read_PrivateKey(fp, NULL, pem_cb, NULL);
> SSL_CTX_use_certificatefile(SSL_context, MYDEFINEDCERTIFICATEFILE,
> SSL_CTX_use_PrivateKey(SSL_context, test_key);
> The last function always returns the error 185073780 from ERR_get_error()
> (certificate routines:X509_check_private_key:key values mismatch).
> I don't know how to fix my error. Previously I was using normal (not
> encrypted) private key and certificate (without -passout and -passin in the
> jey and certificate generation) and everything works well. Since I try to
> use encrypted private key nothing works.
> Can someone help me ?

I suspect test_key is NULL and I'm surprised that doesn't crash, because you
are setting a garbage numeric value for the callback.

To use a passphrase as a string you set pem_cb to 0 and include the string as
the last argument:

EVP_PKEY* test_key = PEM_read_PrivateKey(fp, NULL, 0, "123456");

Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Homepage: http://www.drh-consultancy.demon.co.uk
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org