Topic: DER to RSAKey
I am new to RSA so this may be a dumb question.
How do you convert a public key in DER format into an RSAKey
You are not logged in. Please login or register.
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
ReferenceswolfSSL - Embedded SSL Library → wolfCrypt → DER to RSAKey
I am new to RSA so this may be a dumb question.
How do you convert a public key in DER format into an RSAKey
Hi,
In <wolfssl/wolfcrypt/rsa.h>, you can use the following functions to import a DER-formatted public or private RSA key into an RsaKey structure:
int wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey*, word32);
int wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey*, word32);
Best Regards,
Chris
Thanks I tried that and so far so good but when I try to decode the Der I get ASN_PARSE_E = -140.
I did compare the contents of the file with my data structure and it matched so the right data is being sent to the function call wc_RsaPublicKeyDecode.
This is just a public key in Der format and not a cert.
Hi,
If you are importing an RSA key generated by OpenSSL, you will need to define RSA_DECODE_EXTRA when compiling wolfSSL and your application. Can you give that a try?
Can you also verify that you are compiling your application with the same preprocessor flags as you have with wolfSSL? If you compiled wolfSSL using the autoconf (./configure) system, you can simply include <wolfssl/options.h> in your application code.
Thanks,
Chris
Thanks Chris. I got it working. The issue was that the inx on the call to the decode was not set to zero. Everything works great now and I have to say I am impressed with WolfSSL.
Thank you again for all your help.
Great, glad to hear things are working!
I'm having an issue reading in Der files to an RSA key as well, though my issue is slightly different.
I'm saving the der to a file with the following code (error checks omitted):
int saveKeypair(char *sPubkeyFile, char *sPrivkeyFile, RsaKey *pRsaKey)
{
FILE *pubkeyFile = fopen(sPubkeyFile, "w");
uint8_t data[4096];
int dataSize = wc_RsaKeyToDer(pRsaKey, data, sizeof(data));
int retval = fwrite( data, dataSize, 1, pubkeyFile);
fclose(pubkeyFile);
return 0;
}
Everything seems to work fine, because I can successfully read everything back using
int tryOpenKeypair(char *sPubkeyFile)
{
FILE *pubkeyFile = fopen(sPubkeyFile, "r");
uint8_t data[4096];
int dataSize = fread(data, 1, sizeof(data), pubkeyFile);
fclose(pubkeyFile);
RsaKey *pTempRsaKey = malloc(sizeof(RsaKey));
wc_InitRng(&rng);
wc_InitRsaKey(pTempRsaKey, 0);
unsigned int idx = 0; // Start of the data...
int retval = wc_RsaPublicKeyDecode(data, &idx, pTempRsaKey, dataSize);
uint8_t new_e[3];
uint8_t new_n[384];
uint32_t new_e_size = 3;
uint32_t new_n_size = 384;
int ret = wc_RsaFlattenPublicKey(pTempRsaKey, new_e, &new_e_size, new_n, &new_n_size);
if (ret != 0)
{
printf("Error flattening public key: %d\n", ret);
printf("pubkey buffer size = %d\n", pubkey_buffer_size);
return -1;
}
else
{
printf("Successfully flattened key\n");
printf("New N %d ", new_n_size);
print_buffer(new_n, new_n_size);
printf("New E %d ", new_e_size);
print_buffer(new_e, new_e_size);
}
}
The results that I get are
Successfully flattened key
New N 0 Buffer:
New E 128 Buffer:
0xc8 0xc9 0xcb 0xed 0xcc 0xc0 0x3c 0xcf
0xc7 0x92 0x73 0x6f 0x76 0x38 0x1d 0x9a
0xf7 0x08 0x2f 0x43 0x80 0x00 0x00 0x00
...
The exponent buffer is clearly corrupting memory during the flatten operation. Before writing the key, I verify that my syntax is right:
int ret = wc_MakeRsaKey(pRsaKey, numBytes * 8, 65537, pRng);
// Try to get the key now
unsigned int new_e_size, new_n_size;
new_e_size = 3;
new_n_size = numBytes;
ret = wc_RsaFlattenPublicKey(pRsaKey, pPubkey_e, &new_e_size, pPubkey_n, &new_n_size);
if (ret != 0)
{
printf("Error flattening public key: %d\n", ret);
return -1;
}
else
{
printf("New E Buffer %d \n", new_e_size);
print_buffer(pPubkey_e, new_e_size);
printf("New N Buffer %d \n", new_n_size);
print_buffer(pPubkey_n, new_n_size);
*pPrivkey = (void *)pRsaKey;
}
saveKeypair(pPubFileName, pPrivFileName, pRsaKey);
return 0;
This leads to a successful print statement, that I would expect
Successfully created the RSA key
New E Buffer 3
Buffer:
0x01 0x00 0x01
New N Buffer 128
Buffer:
0xc3 0x55 0x51 0x0d 0x8d 0xa2 0x6a 0xad
0x61 0xb6 0xdb 0xe0 0x8e 0x02 0x6e 0xf7...
Is there maybe an issue with having multiple RsaKey's malloc'd at the same time? Perhaps there is an initialization that I need to perform before I can decode the key. I seem to have the same issue when running from an openssl generated keypair as well.
Lastly, there doesn't seem to be a way to encode a private key to a DER or PEM format. There seems to be a way to decode them. Is there a way that the private keys can be saved for future access as well?
Thanks for the help!
EDIT: This seems to work when N is 384 bytes, but not when N is 128 bytes. Also, it only seems to work when I have created a key using openssl and NOT when I write the key as above.
Successfully flattened key
New N 384 Buffer:
0xb2 0x3f 0x07 0x0c 0x20 0x24 0x00 0x39
0xe7 0x04 0xa8 0x95 0x3e 0x63 0x10 0xec
...
New E 3 Buffer:
0x01 0x00 0x01
Code to generate 384 byte key was taken from this website, substituting DER for PEM:
https://rietta.com/blog/2012/01/27/open … m-command/
Hi Colin,
Thanks for the report! Looking into this and will get back to you shortly.
Best Regards,
Chris
wolfSSL - Embedded SSL Library → wolfCrypt → DER to RSAKey
Powered by PunBB, supported by Informer Technologies, Inc.
Generated in 0.017 seconds (89% PHP - 11% DB) with 9 queries