> From: owner-openssl-us...@openssl.org On Behalf Of Carolin Latze > Sent: Monday, 03 September, 2012 10:48
> I guess I just got it if the only way is to use the PEM API? > > > Hi all, > > > > is there an API call that allows to extract an RSA public key (out of an > > RSA structure) or should I just access rsa->n and rsa->e directly? I > > cannot find an API call RSA_* that gives me the public key, but the > > documentation (http://www.openssl.org/docs/crypto/rsa.html) says one > > should not access the RSA members directly. > > Where do you want to extract to? If you want a DER or PEM encoding of the key e.g. to store or send (as your other post suggests) just use i2d_RSAPublicKey* or i2d_RSA_PUBKEY* or PEM_write*_RSAPublicKey or PEM_write*_RSA_PUBKEY; those omit the private parts of the key if they are in the RSA struct. If you want to create another RSA struct, the semiofficial way is to i2d and then d2i back, or PEM_write and then PEM_read back; of these, the former is more efficient. That page actually says "... In some cases (eg. an ENGINE ... these [fields may be different] For this reason, applications should generally avoid using RSA structure elements directly and instead use API functions to query or modify keys." which is not as strong a statement as yours. In general using the API is better, but the RSA module of OpenSSL is one of its the oldest ones, dating back before the practice of giving a comprehensive API and hiding the implementation became popular, so it doesn't have as clean an API and probably has a good bit of app code relying on the internals, so it's rather less likely to be changed. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
