Topic: Manually populate the RsaKey structure for a private key?

Is there a way to manually populate the parameters of an RSA private key? I had come up with this, but get linker errors of "undefined reference to mp_init and mp_read_unsigned_bin"

int parseMPIntFromBuffer(mp_int* mpi, const uint8_t *pIn, int length)
{
    if (mp_init(mpi) != MP_OKAY)
    {
        printf("Error initializing MP integer\n");
        return -1;
    }

    if (mp_read_unsigned_bin(mpi, pIn, length) < 0)
    {
        printf("Error reading bignum\n");
        return -1;
    }
    return 0;
}

...

    // Parse the key values
    if (
               (parseMPIntFromBuffer(&(pKey->p),  &(pIn[0 * 64]), 64) != 0)
            || (parseMPIntFromBuffer(&(pKey->q),  &(pIn[1 * 64]), 64) != 0)
            || (parseMPIntFromBuffer(&(pKey->dP), &(pIn[2 * 64]), 64) != 0)
            || (parseMPIntFromBuffer(&(pKey->dQ), &(pIn[3 * 64]), 64) != 0)
            || (parseMPIntFromBuffer(&(pKey->u),  &(pIn[4 * 64]), 64) != 0)
       )
    {
        printf("Error parsing the private key\n");
        return -1;
    }

If there isn't a way to expose those functions to the linker, is it guaranteed across architectures that the buffer will be entirely little-endian? If so, I should be able to populate the "used, alloc, sign" elements of mp_int and simply reverse the buffers to get the private key - though that seems like it would be reinventing the wheel.

Thanks in advance.

Share

Re: Manually populate the RsaKey structure for a private key?

As a follow up, I got everything working by manually parsing the parameters into p, q, dP, dQ, u, n, and e. Private key decryption works as expected. The code posted above would have been nice to be able to use, but I didn't want to try to fight the linker.

Share

Re: Manually populate the RsaKey structure for a private key?

Hello colin.foster,

Recently there was an addition to expose mp_init and mp_read_unsigned_bin by using the macro WOLFSSL_PUBLIC_MP (it is in the most recent release v3.12.0). An example of compiling wolfSSL with that feature is "./configure C_EXTRA_FLAGS=-DWOLFSSL_PUBLIC_MP".

Can you tell us some about the project and the reason for not using the functions wc_RsaKeyToDer and wc_RsaPrivateKeyDecode for working with loading and exporting an RSA key?

Regards,
Jacob

Share

Re: Manually populate the RsaKey structure for a private key?

Hi Jacob,

Thanks for the reply. I'm back on the project again - sorry that I didn't respond sooner.

I have to parse keys that are stored in a particular format, over which I likely have no control. For my initial proof-of-concept that's what I was able to do.

I'll definitely look into the WOLFSSL_PUBLIC_MP define, which might end up cleaning my interface up a bit. Thanks!

Share