OpenSSL with unicode paths
https://stackoverflow.com/questions/2401059
-
18-09-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I have an implementation of SSL handshake from the client side, by using these functions: SSL_CTX_load_verify_locations SSL_CTX_use_certificate_chain_file SSL_CTX_use_PrivateKey_file
All functions get char* type for the filename parameter. How can I change it to support also unicode file locations?
Thanks!
Solution
On which platform? OpenSSL under Posix supports UTF-8 paths, but not on other platforms. Chances are, you will have to manually load the certificate files yourself using standard OS file I/O functions that support Unicode paths, and then parse the raw data and load it into OpenSSL, such as via PEM_read_bio_X509 with sk_X509_NAME_push, PEM_read_bio_PrivateKey/d2i_PrivateKey_bio with SSL_CTX_use_PrivateKey, d2i_X509_bio/PEM_read_bio_X509 with SSL_CTX_use_certificate, etc.
OTHER TIPS
I want to reply to the above post instead of creating a new answer, however I was not able to reply it, so I create a new answer. Based on my testing for SSL_CTX_load_verify_locations and looking at openssl code, actually the openssl would use utf-8 for file path as well on Windows. At the function BIO_new_file to open a file, it would choose utf-8 for file path if both _WIN32 and CP_UTF8 are defined. Those are defined at windows. However openssl also has code to fall back to ANSI path if path is not a valid utf-8 characters. So with that, actually openssl will work with both utf-8 and ANSI path on Windows.
