1 Reply by bluscape

(5 replies, posted in wolfSSL)

Ok. I managed to resolve the key conversion as well. Instead of using:

openssl rsa -inform pem -in PrivateKey.pem -outform der -out PrivateKey.der

I'm now using:

openssl pkey -inform pem -in PrivateKey.pem -outform der -out PrivateKey.der

This produces the same results as your example key.der files

Now to convert it to an array and test!

Go to forum: wolfSSL

2 Reply by bluscape

(5 replies, posted in wolfSSL)

Ok. So I removed the header section from you example pem file and converted it to a der file and it produced the same result as when it had the header. So it seems like the header is not used.

I've converted your example certificate file and got the same results using:

openssl x509 -inform pem -in Certificate.pem -outform der -out Certificate.der

But when I convert your example key file I do not get the same results. I'm using:

openssl rsa -inform pem -in PrivateKey.pem -outform der -out PrivateKey.der

Are there any other parameters that I'm missing to produce the same result for the key file?

Here are the results for converting your example key.pem file:

The pem.key file:

-----BEGIN RSA PRIVATE KEY-----
MIICXgIBAAKBgQDNrN1H7L63JMNjG1SYeeHHMRZZ1p13nY3ii+0EF7LG6+Sbkb4x
UGKXWLV/Kd6zcSQLv5cJfybcLeyoLrJkK3orNRktooDLmf2UcRsjjVTbLmKNgQgt
9CRyJ2z5yY7bTHW6mwH4Pxj05n/7V5SSzIjEtADCqtTliBizES9zwNYpCQIDAQAB
AoGAUjU9ASmklSlxm2RqLMPStb5uE5yPtibYdmu9YbxjLdVNu8zGO4nIznubl+dR
Z2HaqYN7yET1cF4+0H5RuW4TVwhc4WdPYV6lCewR3eS4tPTgYzRM2jIgH4VBXbzb
JMWvvgJfIvF8zAVWpqY3muv/Ui2/MEuaHe6rnCziwbidyTECQQDpiRbNrC7yTWYX
vXgSEo2OhCTeLVBBhYw0Cfr7bYdRTBMo8GARhj3CpM9exW9bETIKtSjQgkdEJpLi
eFm0CLP9AkEA4XW0arWMEfvMQgLF2kjOKUMUAZoss6TLc+uhNVettRYXgANfMje+
om/5MYS/AG6NAw4wHNAvN/B+wmS/7kvo/QJBAOGZiyvYn+l2l59rayiaP6FjSnJO
9+6z4kMLOSfWIRiKEyBDRaroMZVsvN7if7ZLoDnz05/JmqrdUJvyg0WF+skCQQCv
sMd8+ChEw1Dyh7KiXWW6JblrXjdDbkHU/WNMbBzDJon9iaMfQO1fK56mhelJbtyX
6vB3I4wILXK6DUS7b5AJAkEAkeQuyowKaS9i4mI7pY1aLFY+f2dCkhKSX/OX3eGp
f60uLfRKV7N6EL3X5OxqCCHp8kZJ0mlHiiBL8rFSg6tvEA==
-----END RSA PRIVATE KEY-----

My conversion result (key.der):

0‚x 0
    *†H†÷
 ‚b0‚^  ͬÝGì¾·$ÃcT˜yáÇ1Y֝wâ‹í²Æë䛑¾1Pb—Xµ)Þ³q$¿—    &Ü-ì¨.²d+z+5-¢€Ë™ý”q#TÛ.b-ô$r'lùÉŽÛLuº›ø?ôæûW”’̈Ĵ ªÔ刳/sÀÖ)     €R5=)¤•)q›dj,ÃÒµ¾nœ¶&Øvk½a¼c-ÕM»ÌÆ;‰ÈÎ{›—çQgaÚ©ƒ{ÈDõp^>Ð~Q¹nW\ágOa^¥    ìÝ临ôàc4LÚ2 …A]¼Û$ů¾_"ñ|ÌV¦¦7šëÿR-¿0Kšî«œ,âÁ¸É1A é‰ͬ.òMf½xŽ„$Þ-PA…Œ4    úûm‡QL(ð`†=¤Ï^Åo[2
µ(ЂGD&’âxY´³ýA áu´jµŒûÌBÅÚHÎ)Cš,³¤Ësë¡5Wµ€_27¾¢où1„¿ n0Ð/7ð~Âd¿îKèýA ᙋ+ØŸév—Ÿkk(š?¡cJrN÷î³âC9'Ö!Š CEªè1•l¼Þâ¶K 9óÓŸÉšªÝP›òƒE…úÉA ¯°Ç|ø(DÃPò‡²¢]eº%¹k^7CnAÔýcLlÃ&‰ý‰£@í_+ž¦…éInÜ—êðw#Œ-rº
D»o    A ‘ä.ÊŒ
i/bâb;¥Z,V>gB’’_ó—Ýá©.-ôJW³z½×äìj!éòFIÒiGŠ Kò±Rƒ«o

Your example key.der:

0‚^  ͬÝGì¾·$ÃcT˜yáÇ1Y֝wâ‹í²Æë䛑¾1Pb—Xµ)Þ³q$¿—    &Ü-ì¨.²d+z+5-¢€Ë™ý”q#TÛ.b-ô$r'lùÉŽÛLuº›ø?ôæûW”’̈Ĵ ªÔ刳/sÀÖ)     €R5=)¤•)q›dj,ÃÒµ¾nœ¶&Øvk½a¼c-ÕM»ÌÆ;‰ÈÎ{›—çQgaÚ©ƒ{ÈDõp^>Ð~Q¹nW\ágOa^¥    ìÝ临ôàc4LÚ2 …A]¼Û$ů¾_"ñ|ÌV¦¦7šëÿR-¿0Kšî«œ,âÁ¸É1A é‰ͬ.òMf½xŽ„$Þ-PA…Œ4    úûm‡QL(ð`†=¤Ï^Åo[2
µ(ЂGD&’âxY´³ýA áu´jµŒûÌBÅÚHÎ)Cš,³¤Ësë¡5Wµ€_27¾¢où1„¿ n0Ð/7ð~Âd¿îKèýA ᙋ+ØŸév—Ÿkk(š?¡cJrN÷î³âC9'Ö!Š CEªè1•l¼Þâ¶K 9óÓŸÉšªÝP›òƒE…úÉA ¯°Ç|ø(DÃPò‡²¢]eº%¹k^7CnAÔýcLlÃ&‰ý‰£@í_+ž¦…éInÜ—êðw#Œ-rº
D»o    A ‘ä.ÊŒ
i/bâb;¥Z,V>gB’’_ó—Ýá©.-ôJW³z½×äìj!éòFIÒiGŠ Kò±Rƒ«o

Go to forum: wolfSSL

3 Reply by bluscape

(5 replies, posted in wolfSSL)

Thanks for the reply. Like I mentioned, my files are still in crt and key format.

It seems like I first need to convert my crt and key files to pem files.
And then convert the pem files to der files.

I've converted my crt and key files to pem files using:

openssl x509 -in cert.crt -out cert.pem

But when comparing my files to your example pem files, your pem files have some additional information which mine does not have.

My pem files only contains the certificate whereas yours has a large header with other info:

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:75:3b:39:ad:1f:53:d1:85:3b:05:3b:11:62:4f:dc:7b:11:72:11
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting_1024, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
        Validity
            Not Before: Dec 16 21:17:49 2022 GMT
            Not After : Sep 11 21:17:49 2025 GMT
        Subject: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting_1024, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (1024 bit)
                Modulus:
                    00:cd:ac:dd:47:ec:be:b7:24:c3:63:1b:54:98:79:
                    e1:c7:31:16:59:d6:9d:77:9d:8d:e2:8b:ed:04:17:
                    b2:c6:eb:e4:9b:91:be:31:50:62:97:58:b5:7f:29:
                    de:b3:71:24:0b:bf:97:09:7f:26:dc:2d:ec:a8:2e:
                    b2:64:2b:7a:2b:35:19:2d:a2:80:cb:99:fd:94:71:
                    1b:23:8d:54:db:2e:62:8d:81:08:2d:f4:24:72:27:
                    6c:f9:c9:8e:db:4c:75:ba:9b:01:f8:3f:18:f4:e6:
                    7f:fb:57:94:92:cc:88:c4:b4:00:c2:aa:d4:e5:88:
                    18:b3:11:2f:73:c0:d6:29:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                D3:22:8F:28:2C:E0:05:EE:D3:ED:C3:71:3D:C9:B2:36:3A:1D:BF:A8
            X509v3 Authority Key Identifier: 
                keyid:D3:22:8F:28:2C:E0:05:EE:D3:ED:C3:71:3D:C9:B2:36:3A:1D:BF:A8
                DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting_1024/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
                serial:0E:75:3B:39:AD:1F:53:D1:85:3B:05:3B:11:62:4F:DC:7B:11:72:11

            X509v3 Basic Constraints: 
                CA:TRUE
            X509v3 Subject Alternative Name: 
                DNS:example.com, IP Address:127.0.0.1
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
    Signature Algorithm: sha256WithRSAEncryption
         b8:80:bf:b2:f5:83:95:51:81:6a:7e:41:87:29:d7:c3:c9:c6:
         9b:60:e4:65:a1:04:97:1d:1b:3b:e9:27:fa:43:d6:89:6a:3c:
         9e:bf:28:d1:75:37:21:f3:0d:64:17:b2:a3:2d:83:52:ff:57:
         f0:42:a9:48:aa:d8:84:ea:0d:80:05:71:0a:aa:23:b4:6c:c6:
         d6:7f:13:4a:f4:82:b9:e2:81:ae:46:8c:59:fb:c3:8c:6d:5b:
         f3:32:ec:86:f0:6e:da:2a:78:ab:f2:36:fb:48:fa:74:09:0e:
         19:c2:bf:eb:cc:fb:a9:05:c1:c9:e1:ab:8b:79:f6:f1:ad:4a:
         9f:aa

How do I get this additional info into my pem files?
Or is this additional info not necesarry?

Go to forum: wolfSSL

4 Topic by bluscape

(5 replies, posted in wolfSSL)

I have crt and key files that I would like to place in an array in cert.h such that the can be loaded into a buffer.
I guess I can write some software to do this, but:

1.) Is there a method (OpenSSL) or a tool that can already do this (Im on a windows machine)?
2.) If so, how do I do it?

I'm using two way SLL authentication and have the following certificates and keys: ca.crt, client.crt and client. Key

3.) How do I load and use all 3 files for two way authentication?

Go to forum: wolfSSL