> I've got to the point where I can happily generate keys and sign
> data. Hurrah! Now all I need to do is find a way to store keys.
look at the d2i and i2d functions declared in rsa.h
In general, for any complicated structure you need to serialize (also
known as flattening or marshalling or pickling) to a byte stream so you
can write it to stable storage. You also need the inverse operation to
reconstitute.
OpenSSL naturally uses DER as its serialization mechanism. The i and d
stand for internal and DER, respectively. They generally follow this
convention:
int length = i2d_foo(object_pointer, NULL)
char* start = malloc(length);
char* temp = start;
int check = i2d_foo(object_pointer, &temp)
assert(check == length && temp - start == length);
You now write out length bytes starting at start.
To get it back:
char* temp = start;
TYPE* object_pointer = d2i_foo(NULL, &temp, length);
There are various other memory management tricks available for cascading
the objects (think about the second half of the assert :) but that
should get you started.
/r$
>
> Looking in the rsa.h file you can see the structure is as follows:
>
> struct rsa_st
> {
> /* The first parameter is used to pickup errors where
> * this is passed instead of aEVP_PKEY, it is set to 0 */
> int pad;
> int version;
> RSA_METHOD *meth;
> BIGNUM *n;
> BIGNUM *e;
> BIGNUM *d;
> BIGNUM *p;
> BIGNUM *q;
> BIGNUM *dmp1;
> BIGNUM *dmq1;
> BIGNUM *iqmp;
> /* be careful using this if the RSA structure is shared */
> CRYPTO_EX_DATA ex_data;
> int references;
> int flags;
>
> /* Used to cache montgomery values */
> BN_MONT_CTX *_method_mod_n;
> BN_MONT_CTX *_method_mod_p;
> BN_MONT_CTX *_method_mod_q;
>
> /* all BIGNUM values are actually in the following data, if it is
> not
> * NULL */
> char *bignum_data;
> BN_BLINDING *blinding;
> };
>
> Is there a function that takes the output from RSA_print_fp and recreates
> this structure? If not, which of these variables do I need to record if
> I'm going to create the structure and make it work.
>
> I've already got as far as functions that write out all the big nums and
> can read them back in (from files) - but the resultant structure will
> cause a core dump if I try to use it in a RSA_sign or encrypt.
>
> I'm going to try to record all of the data and see what happens, but
> any further info would be most gratefully receieved.
>
> On a side note - if anyone is intersted in the code I've written to do this
> stuff so far - let me know and I'll document it properly and release it
> when I'm all done.
>
> Cheers, Jim.
> IT Manager, Blitz The Net Ltd.
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
