On 04/27/18 04:50, Matt Caswell wrote:
On 26/04/18 23:48, Ken Goldman wrote:
On 04/26/18 16:37, Matt Caswell wrote:
On 26/04/18 21:17, Ken Goldman wrote:
I have to get the raw public modulus, but I cannot X509_get_pubkey()
because of a non-standard object identifier.
I can use X509_get_X509_PUBKEY() to get part way there. I see the DER
wrapped key in the public_key.data element, but I don't know an API to
get to that element.
How about X509_PUBKEY_get0_param():
https://www.openssl.org/docs/man1.1.0/crypto/X509_PUBKEY_get0_param.html
Thanks! That got me halfway there.
That gives me a DER steam that is a SEQUENCE of two INTEGERs. The first
is the public modulus and the second one is the exponent.
How do I go from that SEQUENCE to the components, and then from the
components to their byte streams and lengths?
I assume it's some raw DER function like d2i_something.
How about create a mem-bio backed by the buffer containing the raw data
and then call d2i_RSAPublicKey_bio()?
That was it! What threw me off is that the documentation says:
TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length);
but RSAPublicKey isn't a type. So the pattern of TYPE being a structure
name didn't hold.
(There is a d2i_RSAPublicKey() function, so I didn't need the BIO.)
For the record. here's the resulting set of calls:
X509 * = d2i_X509()
X509_PUBKEY * = X509_get_X509_PUBKEY()
X509_PUBKEY_get0_param()
RSA * = d2i_RSAPublicKey()
~~~~
RSA_get0_key()
BN_bn2bin()
For a more standard certificate, the first 4 calls can be replaced by:
X509 * = d2i_X509()
EVP_PKEY * = X509_get_pubkey();
RSA * = EVP_PKEY_get1_RSA()
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
