Hi,
I'm new to NSS and struggle with finding the correct way to perform the 
following basic task:

Create a public/private key pair, export the public key to a raw string and 
import the public key again, given the raw key string (or byte array), eg: 
""30819F3...01".

I almost get the impression that you are not supposed to do it like this; i.e. 
using a raw string to communicate the public key.
(Below I've omitted code to avoid cluttering because the question is about 
usage rather than debugging my code.)
The key generation and export works fine:

PK11_GenerateKeyPair(slot, CKM_RSA_PKCS_KEY_PAIR_GEN, &rsaParams, &pubKey, 
PR_TRUE, PR_TRUE, 0);

As well as the export:

SECKEY_EncodeDERSubjectPublicKeyInfo(pubKey);

Question 1: Is this the supposed way to do it or is there a more accurate 
function to use? The "Encode" in the function name suggests that it is doing a 
bit more than just exporting.

When trying to import, this fails:

SECKEY_ImportDERPublicKey(&pubKeyData2, CKK_RSA);

Tracked the failure to " /* a required component is missing. abort */ in 
quickder.c.

Question 2:  Is this the function to use? I've also seem old (2008) discussions 
about using  a function called ATOB_ConvertAsciiToItem.


Also, the API documentation is broken (most functions link to a broken page):

https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Reference/NSS_functions

Question 3:  Is there any better site?


Best Regards,

Peter LUNDBERG




This email and any attachments are intended solely for the use of the 
individual or entity to whom it is addressed and may be confidential and/or 
privileged.

If you are not one of the named recipients or have received this email in error,

(i) you should not read, disclose, or copy it,

(ii) please notify sender of your receipt by reply email and delete this email 
and all attachments,

(iii) Dassault Systemes does not accept or assume any liability or 
responsibility for any use of or reliance on this email.

For other languages, go to http://www.3ds.com/terms/email-disclaimer
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Reply via email to