RE: sending RSA public and private keys to calling function

Fri, 10 Sep 2010 14:00:40 -0700 

>       From: owner-openssl-us...@openssl.org On Behalf Of krishnamurthy
santhanam
>       Sent: Friday, 10 September, 2010 05:51

>       I really thanks for all your inputs and suggestions, I 
> have not pasted fully last time all the output...below is the output
         
>       >       rsa = RSA_generate_key(2048, 3, NULL, NULL);
>       <snip: get size, alloc keybuf, iend=keybuf>

(The code you posted before, and I quoted, was 1024 not 2048.
Either is valid, but it confuses things to mix them.)
        
>       >       size = i2d_RSAPublicKey(rsa, &iend);
>       >       /* size returns the size of public key in bytes */
>       >       printf("\n");
>       >       printf("key :");
>       >       for(i=0;i<size;++i) {
>       >       printf("\n%02X", keybuf[i]);
         
>       size 270n
<snip 6*80+33 hex (lowercase) chars>

That output wasn't from the code above, and isn't valid hex 
for any DER or even any bytes. Probably same bug as below.
         
>       The below one is private key,
         
>       rsa = RSA_generate_key(1024, 3, NULL, NULL);
>       size_t size;
>       unsigned char *iend, keybuf[3000];
>       char keybuf1[3000];
>       int i,j,n;
>       size = i2d_RSAPrivateKey(rsa, NULL);
>       printf("size %d\n",size);
>       iend = keybuf;
>       size = i2d_RSAPrivateKey(rsa, &iend);
>       /* size returns the size of public key in bytes */

If you use a static-size buffer like this keybuf[] 
(and it's large enough) you don't need to do the 
size=i2d_(,NULL) call first. That is useful if you 
want to malloc() the exact space as the code you 
posted earlier did, or check overflow before storing.

>               for(i=0;i<size;i++) {
>               printf("%x", keybuf[i]);}
>
>       size 609
<snip 14*80+45=1165 hex chars> beginning:
>
308225d210281810ef1ed52b301ac82bf74553aa4e6d3f8ad967147224cc8dce22ef158d9907
b7c7

That is different from the code you posted earlier, 
and is wrong. %x prints only one hex digit for values 
0-15, so you get only 1165 of the 1218 chars needed 
to represent 609 bytes in undelimited hex. 609 bytes 
is a good size for a RSA 1024bit privatekey, but its 
first bytes must be 30 82 02 5D 02 01 00 02 81 81 00 . 
Just look at your output and you can see there's no 
way for a receiver to recover those bytes.

Another possibility would be to use %x but with a 
nondigit like comma or space separating each byte.



______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to