Re: Using libcrypto's RSA code

[Jakob Bohm]

On 02-04-2013 00:30, Zach wrote:
I've been reading through the OpenSSL documentation, but I must be
missing something...
I have a public key (base64 encoded) which looks something like this:
MIICIjANBgkqhkiG9w0BAQEFA......U8CAwEAAQ==
This is in a char buffer.  I've tried this with/without the wrapping
text of -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY-----.
Did you remember to put "\n" after the two marker strings and before the 
end string?

"-----BEGIN PUBLIC KEY-----\n" and "\n-----END PUBLIC KEY-----\n"

I then do the following 2 lines of code:
BIO* bio = BIO_new_mem_buf((void*)pubkey, -1);
RSA* x = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL);

As I understand it, this should:
1) create a BIO wrapper around the char* pubkey source, and
2) read from this BIO pointer an RSA key.

However, the RSA pointer is null, and when I check the errors coming out
of the library it says:
error:0906D06C:PEM routines:PEM_read_bio:no start line

I assume that I've formed the BIO instance incorrectly...what should I
do differently?

-Zach

On 03/31/2013 02:49 AM, Dave Thompson wrote:
From: owner-openssl-us...@openssl.org On Behalf Of Felipe Blauth
Sent: Friday, 29 March, 2013 16:36
To read the key from your header file you might want to use
a memory BIO in conjunction with the PEM_read_bio_PUBKEY function
or PEM_read_bio_RSAPublicKey ( I don't remember which one you should
use, but this was answered in this list before). I don't have a test
The default from commandline is PUBKEY (*private* keys changed
from per-algorithm to PKCS8 in 1.0.0).

enviroment right now, but you should do something like this:
char key[] = "Your pem key goes here";
Including newlines represented as \n, which is easy to miss.

BIO *mem = BIO_new(BIO_s_mem());
BIO_puts(mem, key);
Or just BIO_new_mem_buf(key,len_or_neg1);

EVP_PKEY* pkey=PEM_read_bio_PUBKEY(mem,NULL,NULL,NULL);
Or PEM_read_bio_RSA_PUBKEY to "downcast" to RSA*, which you can
also do separately, but EVP is generally preferable.

<snip>


Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com
Transformervej 29, 2730 Herlev, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org