On 03/17/2011 11:33 AM, Superpacko wrote: > On 17 mar, 15:20, Robert Relyea <rrel...@redhat.com> wrote: >> On 03/16/2011 01:54 PM, Superpacko wrote:> Hi, im working on a software that >> uses GPG as a Key Manager but leaves >>> the encryption operations to NSS. I'm having a hard time trying to >>> figure out how to import GPG's public and private keys in NSS. >>> GPG stores the keys in "PKT_public_key" and "PKT_private_key" >>> structures, both have a "MPI pkey[PUBKEY_MAX_NPKEY];" which is what i >>> need to import in NSS if im not wrong. >> What does the full struct look like, and what is the length of >> PUBKEY_MAX_NPKEY. > #define PUBKEY_MAX_NPKEY 4 > > MPI pkey[PUBKEY_MAX_NPKEY]; > } PKT_public_key; > > This is the struct. GPG stores the data in the MPI structures that are > used in Lybcrypt. did you really mean 'lybcrypt' or did you mean 'libcrypt' or 'libgcrypt'? What you need is documentation for how the key is really stored in this object. > I found out that NSS has these functions: > > SECKEYPublicKey* SECKEY_ImportDERPublicKey(SECItem *derKey, > CK_KEY_TYPE type); //with CKK_RSA > > SECStatus PK11_ImportDERPrivateKeyInfo(PK11SlotInfo *slot, SECItem > *derPKI, SECItem *nickname, SECItem *publicValue, PRBool isPerm, > PRBool isPrivate, unsigned int usage, void *wincx); > > SECStatus PK11_ImportDERPrivateKeyInfoAndReturnKey(PK11SlotInfo *slot, > SECItem *derPKI, SECItem *nickname, SECItem *publicValue, PRBool > isPerm, PRBool isPrivate, > unsigned int usage, SECKEYPrivateKey** privk, void *wincx); These functions are taking DER encoded data. DER encoded data are not strings. You will need a pointer and a length. I would be surprised if the data in MPI is DER encoded without anything else. Getting DER from the MPI structure is probably your best bet if you can find the appropriate call in your crypto library.
> Im assuming that i can pass this MPIs data as char* and store it in a > SECItem like: > SECItem derKey; > derKey.type = siBuffer; > derKey.data = (unsigned char*)key; > > and then pass it to the import function. What do u think about this? You are missing derKey.len bob
-- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto