Hi Christian,
I am getting public modulus as NULL and public exponent a
huge number when X509_get_pubkey() and EVP_PKEY_get1_RSA() is used
to fetch public exponent and modulus fields. On printing the same
certificate using OpenSSL command the public exponent and public
modulus values are 65537 and 2048 bit respectively. The
code snippet is as follows:
modulus_and_exponent(X509 *cert) {
EVP_PKEY *pkey = X509_get_pubkey(cert);
RSA *rsa_public_key = NULL;
rsa_public_key = EVP_PKEY_get1_RSA(pkey);
printf("PublicExponet->%s\n",BN_bn2dec(rsa_public_key->e));
printf("Public
modulus------>%s\n",BN_bn2dec(rsa_public_key->n)); /* Code
crashes here as rsa_public_key->n is NULL */
}
Output:
PublicExponent->279964342706543159665257626509989783222311151451322332440661199787945070689635058717755565780056915051263769453969105572897430499929
3745386264339644558683338200791056152198580705931322779689387202606383243164440904522925490656610122331992075987530306432028706884548314192719199948802768
2013935531243223237786019153197327666386125162585064239799789437289544526672152158051987971265743490012610974637622069525558253839966730499510722847180895
2344257684815792657502151663029681418529094171517923191010946320493177361393065606680894807596115830450328067935952849240287649292898772435573305764291222
90932390276617063126287
PublicModulus cannot be printed as Code crashes here as
rsa_public_key->n is NULL
Thanks & Best Regards,
Vinay
Christian Hohnstaedt wrote:
Hi,
Try:
EVP_PKEY *pkey = X509_get_pubkey(cert);
rsa_public_key = EVP_PKEY_get1_RSA(pkey);
Cheers
Christian
On Mon, May 23, 2011 at 06:41:34PM +0530, Vinay Kumar wrote:
Hi All,
I am trying to print *public modulus* and *public exponent* from a *X509
certificate*. The code snippet is as follows:
modulus_and_exponent(X509 *cert) {
RSA *rsa_public_key = NULL;
if(cert->cert_info->key->pkey) {
rsa_public_key = EVP_PKEY_get1_RSA
(cert->cert_info->key->pkey);
printf("Public
exponent------>%s\n",BN_bn2dec(rsa_public_key->e));
printf("Public
modulus------>%s\n",BN_bn2dec(rsa_public_key->n));
}
else {
printf("PKEY NOT FOUND\n");
}
}
Output: *PKEY NOT FOUND*
The key structure contains other valid fields but pkey field is NULL
when checked through gdb:
*(gdb) p *(cert->cert_info) *
$1 = {version = 0x8f2ecb8, serialNumber = 0x8f2fa38, signature =
0x8f2fa50,
issuer = 0x8f2fa60, validity = 0x8f25fb8, subject = 0x8f25ff8, key
= 0x8f26050,
issuerUID = 0x0, subjectUID = 0x0, extensions = 0x8f2ef58}
*(gdb) p *(cert->cert_info->key) *
$2 = {algor = 0x8f26060, public_key = 0x8f26070, *pkey = 0x0*}
(gdb)
The same certificate when printed using OpenSSL command *displays
exponent and modulus* as follows*:*
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 389 (0x185)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=IN, O=CL, OU=XYZ, CN=PC CA
Validity
Not Before: Nov 25 12:40:41 2010 GMT
Not After : Feb 28 12:40:41 2031 GMT
Subject: C=IN, O=Global, OU=XYZ, CN=Global CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (2048 bit)
* Modulus (2048 bit): *
00:dd:c6:44:3b:c0:39:0d:e8:75:21:89:fa:41:f2:
ca:b1:46:d1:a2:b8:ea:78:f2:6e:27:84:03:d1:0a:
4d:85:4f:f9:5a:56:25:85:7b:1b:01:b2:de:31:df:
1a:3d:32:9d:0f:c9:a6:b8:c6:89:7c:87:f3:f9:6d:
a9:fd:79:df:0e:b3:ad:90:5e:05:fc:26:d5:11:e5:
03:73:e5:9b:9e:8f:40:af:a5:a0:09:e1:50:4f:22:
06:e5:80:03:77:26:af:d8:62:28:00:c5:bc:a3:fe:
c2:e7:68:a7:9a:81:6a:07:35:ee:43:0f:eb:04:d6:
ed:53:92:a8:b2:87:6a:02:5c:43:dd:61:cf:da:64:
ba:15:13:22:3b:79:b1:83:04:69:0d:25:82:73:f9:
d2:78:f6:cd:30:20:3e:eb:f2:7d:8e:56:e3:0f:38:
06:a2:21:b8:c8:a9:50:a8:4a:7f:3c:a8:d3:85:76:
ec:53:38:a7:b6:4a:9c:a7:88:a5:b9:06:e0:a5:53:
b3:fa:ae:97:bb:ab:e5:35:8a:ad:92:9c:55:b1:ac:
a1:11:3b:d0:b6:4f:f8:da:bc:01:74:67:99:c7:7a:
d1:d5:14:91:84:76:15:a8:41:34:99:fb:c9:00:92:
cf:45:d4:db:66:2c:d7:5c:38:49:c9:a9:4b:0f:80:
55:0f
*Exponent: 65537 (0x10001) *
X509v3 extensions:
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Subject Key Identifier:
25:05:14:41:88:7F:0A:54:A4:04:92:05:9F:7B:F5:B1:63:D5:34:13
X509v3 Authority Key Identifier:
keyid:22:31:20:B5:A8:DD:AC:DB:52:28:24:E6:F6:C6:A3:13:F2:94:A0:32
X509v3 Basic Constraints: critical
CA:TRUE, pathlen:0
Signature Algorithm: sha1WithRSAEncryption
45:39:8c:c9:91:9a:2c:b1:2b:78:18:2e:66:51:1c:29:9a:be:
c0:37:d5:a8:57:a1:0f:f1:ea:83:3e:fc:5b:bf:2f:b4:b2:eb:
5e:7b:ec:7a:15:da:8d:74:15:1e:96:c1:9c:d5:0b:53:ef:0e:
2d:5c:55:17:65:60:38:0f:6c:f4:30:2b:f0:cd:fc:01:e8:9c:
da:40:c5:31:f5:a9:3d:ab:20:69:de:4f:01:70:92:a6:e6:a6:
98:5d:ca:1b:d2:14:3d:58:cf:e3:9c:02:c3:82:98:6f:65:3b:
5c:20:f5:3e:47:9c:1c:4e:5c:a1:50:ff:a5:f4:45:c3:96:ce:
af:9d:c8:dd:55:33:a6:d0:e5:5d:fc:c6:8a:07:c4:0d:22:45:
c6:47:db:90:09:28:06:58:5d:83:1e:0a:35:5d:1a:72:50:d6:
37:ae:f3:84:1c:af:8e:f2:55:5a:68:38:dd:c3:2d:63:cc:03:
c9:04:a8:59:c6:dc:ea:2f:23:0f:86:27:95:e3:f0:ba:9f:44:
75:21:80:ad:1b:76:55:fb:70:aa:a1:5b:a0:da:7d:65:61:99:
05:ca:ec:b1:2e:99:91:d5:c4:e8:ad:f5:30:e8:9b:39:e9:ae:
47:fa:a0:d9:d0:e6:36:ea:9b:8b:02:f1:09:ac:08:08:cb:59:
bf:3d:bc:57
-----BEGIN CERTIFICATE-----
MIID0jCCArqgAwIBAgICAYUwDQYJKoZIhvcNAQEFBQAwbzELMAkGA1UEBhMCVVMx
EjAQBgNVBAoTCUNhYmxlTGFiczEUMBIGA1UECxMLUGFja2V0Q2FibGUxNjA0BgNV
BAMTLVBhY2tldENhYmxlIFJvb3QgRGV2aWNlIENlcnRpZmljYXRlIEF1dGhvcml0
eTAeFw0xMDExMjUxMjQwNDFaFw0zMTAyMjgxMjQwNDFaMIGAMQswCQYDVQQGEwJJ
TjElMCMGA1UEChMcR2xvYmFsIEVkZ2UgU29mdHdhcmUgTGltaXRlZDEUMBIGA1UE
CxMLUGFja2V0Q2FibGUxNDAyBgNVBAMTK0dsb2JhbCBFZGdlIFNvZnR3YXJlIExp
bWl0ZWQgUGFja2V0Q2FibGUgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDdxkQ7wDkN6HUhifpB8sqxRtGiuOp48m4nhAPRCk2FT/laViWFexsBst4x
3xo9Mp0Pyaa4xol8h/P5ban9ed8Os62QXgX8JtUR5QNz5Zuej0CvpaAJ4VBPIgbl
gAN3Jq/YYigAxbyj/sLnaKeagWoHNe5DD+sE1u1Tkqiyh2oCXEPdYc/aZLoVEyI7
ebGDBGkNJYJz+dJ49s0wID7r8n2OVuMPOAaiIbjIqVCoSn88qNOFduxTOKe2Spyn
iKW5BuClU7P6rpe7q+U1iq2SnFWxrKERO9C2T/javAF0Z5nHetHVFJGEdhWoQTSZ
+8kAks9F1NtmLNdcOEnJqUsPgFUPAgMBAAGjZjBkMA4GA1UdDwEB/wQEAwIBBjAd
BgNVHQ4EFgQUJQUUQYh/ClSkBJIFn3v1sWPVNBMwHwYDVR0jBBgwFoAUIjEgtajd
rNtSKCTm9sajE/KUoDIwEgYDVR0TAQH/BAgwBgEB/wIBADANBgkqhkiG9w0BAQUF
AAOCAQEARTmMyZGaLLEreBguZlEcKZq+wDfVqFehD/Hqgz78W78vtLLrXnvsehXa
jXQVHpbBnNULU+8OLVxVF2VgOA9s9DAr8M38Aeic2kDFMfWpPasgad5PAXCSpuam
mF3KG9IUPVjP45wCw4KYb2U7XCD1PkecHE5coVD/pfRFw5bOr53I3VUzptDlXfzG
igfEDSJFxkfbkAkoBlhdgx4KNV0aclDWN67zhByvjvJVWmg43cMtY8wDyQSoWcbc
6i8jD4YnlePwup9EdSGArRt2VftwqqFboNp9ZWGZBcrssS6ZkdXE6K31MOibOemu
R/qg2dDmNuqbiwLxCawICMtZvz28Vw==
-----END CERTIFICATE-----
Please let me know the reason for getting *pkey as NULL* parameter and
changes required to *print public modulus and public exponent.*
Thanks & Best Regards,
Vinay
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
--
 |
