Topic: Get public key from a cert in PEM format.

I have a cert in memory in PEM format.
Can I get the public key out of the WOLFSSL_CTX structure after I do a load verify buffer?
or
Can I pass the PEM data to InitDecodedCert and get the cert and then get the public key out of that?
or
Can I convert the PEM in memory to a DER then use InitDecodedCert to get the cert?
If not I will just put the DER in the system in place of the PEM but I would rather use the PEM as is.
BTW I do not have a file system so the convert PEM file to DER is not an option.

Share

Re: Get public key from a cert in PEM format.

Hi lwatcdr,

Have you read our documentation in the manual on certificate usage? https://wolfssl.com/wolfSSL/Docs-wolfss … cates.html
Have you seen our examples on github https://github.com/wolfSSL/wolfssl-exam … rtmanager?
Have you looked at the usage example in wolfcrypt/test/test.c?

All of these may be extremely useful in assisting you with your project!

Can I get the public key out of the WOLFSSL_CTX structure after I do a load verify buffer?

It is possible.
The WOLFSSL_CTX Structure contains a WOLFSSL_CERT_MANAGER* cm;

ctx->cm

The CERT_MANAGER contains a Signer* caTable[CA_TABLE_SIZE]

ctx->cm->caTable

and whichever Signer contains the byte* public key you desire to extract.

ctx->cm->caTable[<whichever signer>]->publicKey

Can I pass the PEM data to InitDecodedCert and get the cert and then get the public key out of that?

No. As the API suggests this is "Initializing" a decoded certificate. So it is setting every value of the certificate structure to 0, or some default value. It is not actually decoding anything yet. It is just initializing the structure so it is not NULL.

Can I convert the PEM in memory to a DER then use InitDecodedCert to get the cert?

Again no. InitDecodedCert does not convert or decode anything. I believe you are looking for the function: "ParseCert"


Regards,

- Kaleb