You are not logged in. Please login or register.
Active topics Unanswered topics
Welcome to the wolfSSL Forums!
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
References
Stable Releases - download stable product releases.
Development Branch - latest development branch on GitHub.
wolfSSL Manual - wolfSSL (formerly CyaSSL) product manual and API reference.
Search options
Hi Chris,
Here is the key in pem format:
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCUf6y8OkKiaL2YTMSfmKhlMGaVvi5hx4noFcGpYCVipW6OAIbV
pI0bgBOsrgNwV7EZkM3iagnkfY0uDb/lz6AmWeV+3bLvpZ0mi186Lt10We1fx4oQ
Nmth3Rh5Lym2hJRhmLtef2eKsuCSdwHhk3X3XAKnpCW4DeSA+RWpphzIhQIDAQAB
AoGAMyixJ7+iiTUwbDG2Y41CJmpATUJR1FncBtrH90QqXQvFRKKl0SB5hInhPVJN
2Pw9BSO/6krB0bf3VXBjNhcLguEGUMJLHgCKILeiJdYS4Dpe58LDUccznXO2dSbi
cspCICd78uAbcNK+qTk/qzb6JEx8SClSdGyEv8zVKvBOx4ECQQD09AGSO14qX+K0
ND896dBUWBs5e7MOzJLoHWJ4cuDkMIy1WCPNGpU2TDD3orw8f+tNTYarIp3I58Zu
7J5K9OuxAkEAmzIZNuxUGUvPMWmNS7JfgClqLgHLcxLLJ6RijYmTMp+JCc0aldZk
sTf5ANL/Qf4D0ZBctVCAfHEUmDWE7uBjFQJBAIL8PB7bOkaEkbD1Q2AzOKDxoFVD
zYM7Z89Rb0ejfpjnUUbjw/k4ntOzOHgjgG8FpGjo7Pt0flVhg13rj9XbVHECQGLL
DoAHCzYbKycCUT7pqp+UPZJR9Cgpw4dVvqLo+/oS0pKZrR3LH8gsoGck6fchc17Z
LhsBxvjwpzKJhzjlQE0CQCNO1YrekqJBOc2OtLMO+I5jXGgGnZUuxn+G8jZwQzD/
JfAuobFefFGLShZEV84TL0Sitec8AQGN78DngXdriTY=
-----END RSA PRIVATE KEY-----
Do you want the der format keyfile?
Hi Chris,
Thanks a lot for the answer, it works perfectly.
I got another problem when loading my DER filetype private key.
I try to read the file with openssl using "openssl pkcs8" command and it works without problem but when I try to load the private key in wolfSSL embedded SSL I got a parsing error (-143).
I don't understand why it fail...
Here is the code:
idx = 0;
byte privateKeyBuffer[1024];
file = fopen("aipk.der", "rb");
if (!file)
cout << "ERROR reading private key..." << endl;
int szPrivateKey = fread(privateKeyBuffer, 1, sizeof(privateKeyBuffer), file);
cout << szPrivateKey << endl;
fclose(file);
ret = RsaPrivateKeyDecode(privateKeyBuffer, &idx, &rsaPrivateKey, szPrivateKey);
if (ret != 0)
cout << "ERROR priv key decode: " << ret <<endl;
The key is generate by java's bouncy castle library.
Thanks in advance,
Eric
Hi Chris,
Thanks for the response.
I check that and everything is ok. But I still got the problem... I think that I miss something but I don't know what...
Here are more informations about the certificates:
CA certificate (Self-Signed):
-----BEGIN CERTIFICATE-----
MIIBkTCB+6ADAgECAgEBMA0GCSqGSIb3DQEBBQUAMA8xDTALBgNVBAMMBFRlc3Qw
HhcNMTMwMTAxMTAyOTI5WhcNMTcwMTAxMTAyOTI5WjAPMQ0wCwYDVQQDDARUZXN0
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCPFNyv0i29DbGDRkGPjXBub6q2
ZNdMQoT6YWxsmfBuzgIuF3F8Dd80NUTXfOfCxRnndCUmjgfhOekRI1AlEOXWw6vD
yrcUNu/spJxILVeiq+bCw3VwVhs1Xiztc9Cvvk9CTxLT+NhQpvS17djwhLMrMDnZ
nZMwKsOpzIlW0LG4PQIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAG7wI8WlzynLTl7U
1fS9ty/4WjRrpuMmawbt6owy92NdWmC0j+u8sEWB/q318AqhxgQRNSfmBcVobff8
CYYsLcfBCiNmn12d3osu12O6FF9yZEOBQ5pmwzBe+Xzu/8c+4uDuduBLIvq1PcKP
L8EuNu0JuMRSe2Tk+LvqcZkm5t2I
-----END CERTIFICATE-----
Certificate that I want to verify:
-----BEGIN CERTIFICATE-----
MIIBkTCB+6ADAgECAgEBMA0GCSqGSIb3DQEBBQUAMA8xDTALBgNVBAMMBFRlc3Qw
HhcNMTMwMTAxMTAyOTI5WhcNMTcwMTAxMTAyOTI5WjAPMQ0wCwYDVQQDDARUZXN0
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCPFNyv0i29DbGDRkGPjXBub6q2
ZNdMQoT6YWxsmfBuzgIuF3F8Dd80NUTXfOfCxRnndCUmjgfhOekRI1AlEOXWw6vD
yrcUNu/spJxILVeiq+bCw3VwVhs1Xiztc9Cvvk9CTxLT+NhQpvS17djwhLMrMDnZ
nZMwKsOpzIlW0LG4PQIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAG7wI8WlzynLTl7U
1fS9ty/4WjRrpuMmawbt6owy92NdWmC0j+u8sEWB/q318AqhxgQRNSfmBcVobff8
CYYsLcfBCiNmn12d3osu12O6FF9yZEOBQ5pmwzBe+Xzu/8c+4uDuduBLIvq1PcKP
L8EuNu0JuMRSe2Tk+LvqcZkm5t2I
-----END CERTIFICATE-----
And the CRL (PEM filetype):
-----BEGIN X509 CRL-----
MIIBOTCBowIBATANBgkqhkiG9w0BAQUFADAPMQ0wCwYDVQQDDARUZXN0Fw0xNDAy
MjExMDI5MjlaFw0xNzAxMDExMDI5MjlaMBQwEgIBAhcNMTQwMjIxMTAyOTI5WqBK
MEgwOgYDVR0jAQH/BDAwLoAUqOWqy6shef9NnNyVchZVhrDteQmhE6QRMA8xDTAL
BgNVBAMMBFRlc3SCAQEwCgYDVR0UBAMCAQEwDQYJKoZIhvcNAQEFBQADgYEAIdw7
xiP/xlPi9uCbmF7V2dBAmRH+UICTTf6pwAZwdeNgbdASZr5Uco4pt9fSLACBmEGU
1yThSHwSpnBYyOYjsu82aZ2kkBlGXXBOCJ+lWVTW79+QvsAv6j61c8e7LOPjTnXt
hS6hONmAa0dQvGXYhH4QIhUhVCY8i0HqQpKxokY=
-----END X509 CRL-----
I just test crl under windows and it don't work too, so the problem seems to come from the crl certificate generation... I'll try to find the problem.
Thanks,
Eric
EDIT: I solve the problem, I made some mistakes when generating CRL. Now everything works fine
Hi everyone,
Here is my problem, I use the wolfSSL embedded SSL certificate manager API to verify some certificate. It works perfectly when CRL option is disable.
Once I turn it on it fails...
I load CRL (DER format) without any error code but then, when I try to verify a certificate, I got an -262 error code (which says "CRL Not Loaded")... I don't understand where is the problem...
Here is my code:
certManager = CyaSSL_CertManagerNew();
if (certManager == NULL) {
cout << "Failure cm new!" << endl;
} else cout << "Success cm new!" << endl;
ret = CyaSSL_CertManagerLoadCA(certManager, "CACert.pem", 0);
if (ret != SSL_SUCCESS) {
cout << "Failure Loading CA certificate!" << endl;
} else cout << "Success Loading CA certificate!" << endl;
ret = CyaSSL_CertManagerEnableCRL(certManager, 0);
if (ret != SSL_SUCCESS) {
cout << "Failure Enable CRL!" << endl << endl;
} else cout << "Success Enable CRL!" << endl << endl;
ret = CyaSSL_CertManagerLoadCRL(certManager, "CRL/", SSL_FILETYPE_ASN1, 0);
if (ret != SSL_SUCCESS) {
cout << "Failure Loading CRL!" << endl << endl;
} else cout << "Success Loading CRL!" << endl << endl;
cout << "Validation of a certificate...." << endl;
ret = CyaSSL_CertManagerVerify(certManager, "certificate.der", SSL_FILETYPE_ASN1);
cout << ret << endl; //Here I get -262 error code - MISSING_CRL
if (ret != SSL_SUCCESS) {
cout << "Failure verify certificate!" << endl << endl;
} else cout << "Success verify certificate!" << endl << endl;
Any idea?
Thanks in advance,
Eric
Hi everyone,
I'm currently developed an application using wolfssl library and got some problem.
I want to encrypt some data with RSA. For this purpose I will use rsa function from ctaocrypt library.
My problem is how to get the public key from the certificate which is stored on the hard disk?
I try the following solution:
byte publicKeyBuffer[1024];
WOLFSSL_X509* x509cert = wolfSSL_X509_load_certificate_file("certAI.der", SSL_FILETYPE_ASN1);
publicKeyBuffer = wolfSSL_X509_get_pubkey(x509cert);
But wolfSSL_X509_get_pubkey(x509cert) return a WOLFSSL_EVP_PKEY* type which is not compatible with RsaPrivateKeyDecode function.
Any idea for a solution?
I have also some other problem but I will create new posts.
Thanks in advance,
Eric
Posts found: 5
Generated in 0.016 seconds (95% PHP - 5% DB) with 4 queries