how to decrypt with pubkey without pkcs1 padding things
hi all: I want to use private key to encrypt a message, and decrypt with public key. i know there is PK11_PubDecryptRaw, PK11_PubEncrptRaw, but all these don't do padding things(PKCS1) for me. and SGN_*(), VFY_*(), PK11_Verify*() give me the digest message, not plaint message i want. i find PK11_PubEncryptPKCS1() in mailing list discussion, which seems to do the padding. But i want to use private key to encrypt, not public key. And what's more, there are not any doc or example codes to show PK11_PubEncryptPKCS1() usage can anyone give me some examples or hints? thanks in advance ___ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: how to decrypt with pubkey without pkcs1 padding things
NZzi wrote: hi all: I want to use private key to encrypt a message, and decrypt with public key. i know there is PK11_PubDecryptRaw, PK11_PubEncrptRaw, but all these don't do padding things(PKCS1) for me. and SGN_*(), VFY_*(), PK11_Verify*() give me the digest message, not plaint message i want. i find PK11_PubEncryptPKCS1() in mailing list discussion, which seems to do the padding. But i want to use private key to encrypt, not public key. And what's more, there are not any doc or example codes to show PK11_PubEncryptPKCS1() usage because i use PK11_PubEncryptPKCS1() in my code guessing howto use, but i got 8192 error(PR_GetError()), i lookup the error code: An I/O error occurred during authentication; or an error occurred during crypto operation (other than signature verification). all the description is senseless for me can anyone give me some examples or hints? thanks in advance ___ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: how to decrypt with pubkey without pkcs1 padding things
NZzi wrote: NZzi wrote: hi all: I want to use private key to encrypt a message, and decrypt with public key. i know there is PK11_PubDecryptRaw, PK11_PubEncrptRaw, but all these don't do padding things(PKCS1) for me. and SGN_*(), VFY_*(), PK11_Verify*() give me the digest message, not plaint message i want. i find PK11_PubEncryptPKCS1() in mailing list discussion, which seems to do the padding. But i want to use private key to encrypt, not public key. And what's more, there are not any doc or example codes to show PK11_PubEncryptPKCS1() usage because i use PK11_PubEncryptPKCS1() in my code guessing howto use, but i got 8192 error(PR_GetError()), i lookup the error code: An I/O error occurred during authentication; or an error occurred during crypto operation (other than signature verification). all the description is senseless for me following is my code: modulus_len = modulus_len = SECKEY_PublicKeyStrength(lf_sec-pubkey); char *data_buf = calloc(...modulus_len); char *enbuf = calloc(...,modulus_len); PK11_PubEncryptPKCS1(lf_sec-pubkey,enbuf,tmpbuf,modulus_len,NULL); ... use the same parameters for PK11_PubEncryptRaw() will work well can anyone give me some examples or hints? thanks in advance ___ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: how to decrypt with pubkey without pkcs1 padding things
NZzi wrote: hi all: I want to use private key to encrypt a message, and decrypt with public key. Are you encrypting data or a symmetric Key? Most of the nss code that does these operations does so on actual symetric keys (which are then used to do additional encryption/decryption/macing). In that case they are using the PK11_PubWrapSymKey() and PK11_PubUnwrapSymKey(). bob i find PK11_PubEncryptPKCS1() in mailing list discussion, which seems to do the padding. But i want to use private key to encrypt, not public key. And what's more, there are not any doc or example codes to show PK11_PubEncryptPKCS1() usage OK, so here's a question, what is it you are trying to do? Encrypting with the private key is really called 'Signing'. The equivalent function is PK11_Sign. If you are doing key distribution, or you are trying to pass secret data to someone else you want to encrypt with the public key, so only the person with the private key can decrypt it. Encrypting with the private key, in this case, will allow anyone to read the result by 'decrypting' with the public key. In the sign case, you don't care about secrecy, you want to 'prove' you hold the private key. In that case you 'encrypt' data with that private key. I know you have the private key because I get the correct data back when I 'decrypt' with the public key. This recovery process is a verification, so it's called PK11_Verify, except you are looking for the actual data to recover, not to verify that the data matches. This operation is *VERY* RSA specific. No other signing/verification method uses it. In that case you need to call the special function PK11_VerifyRecover. These names match their PKCS #11 equivalents in the PKCS #11 spec. An important note about this. NSS allows this. There are cases where you do need to use PK11_VerifyRecover rather than PK11_Verify, or more specificially, the high level SGN_ and VFY_ functions. HOWEVER, there should be warning signs in your head if you have to resort to these cases. First, you will likely be generating signatures that no one else will be able to validate (All toolkits know how to deal with an RSA signature with PKCS #1 padding *AND* properly ASN1 wrapped digests - even better wrapped as an ASN1 signing wrapper). Second, you are tying your application strongly to RSA. The world of crypto is littered with the dead bodies of once strong algorithms which have fallen to the increasingly sophisticated attacks of the cryptanalyst. RSA is still strong today (albeit weaker than when I first started working in crypto), but that may not stay forever. Tying yourself to a specific algorithm is not a good idea. All that being said the mapping of high level/crypto operation names to low level RSA operations is as follows: Encrypt with public Key (PKCS #1 padding): PK11_PubEncryptPKCS1() Decrypt with private Key (PKCS #1 padding): PK11_PrivDecryptPKCS1() Encrypt with private Key (PKCS #1 padding): PK11_Sign() (use mechanism CKM_RSA_PKCS1) Decrypt with public Key (PKCS #1 padding): PK11_VerifyRecover() (use mechanism CKM_RSA_PKCS1) Note: for PKCS #1 specifies different padding rules for Sign/Verify versus Encrypt/Decrypt. For the former the padding character is a constant (I think ff, but I'd have to check to be sure), while the latter pads with random non-zero data. Also Note: A full PKCS #1 RSA signature is not only PKCS #1 padded, but also wraps the digest which it is signing with a DER wrapper which includes the OID value of the hash used to generate the digest. PK11_Sign does not add this wrapping on it's own, and PK11_VerifyRecover does not strip it. bob can anyone give me some examples or hints? thanks in advance ___ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto smime.p7s Description: S/MIME Cryptographic Signature ___ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: MITM in the wild
On 11/12/2008 05:21 PM, Ian G: No it's not. You just need the person, not their identity. LOL, you are funny...and how exactly do you get the person if you don't know who it is that you need? This is what the (verified real) identity details in certificates are here for... If you need to get someone in court, they either come willingly, in which case nothing is needed, or you need to find the person. You still need to know who it is that you want to get to court... courts will these days accept an email address if the circumstances are appropriate (e.g., that's how he closest you got when doing business). Most likely not. I can be [EMAIL PROTECTED] any time I want. Because if you claim that it is needed to resolve disputes, then this may be deceptive. (At the least, you should figure out why it is needed and use that reason.) What's new here? According to my preference I may freely decide in order to give somebody access to certain resources which are truly under my control, I may require a verified identity too. It's about the risk assessment of each of us, being it private or corporate. OK, I buy that. Would you sign to that as a principle? I think so, yes. It's applied already today in some forms. It can be done better... -- Regards Signer: Eddy Nigg, StartCom Ltd. Jabber: [EMAIL PROTECTED] Blog: https://blog.startcom.org ___ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: how to decrypt with pubkey without pkcs1 padding things
Robert Relyea wrote: NZzi wrote: hi all: I want to use private key to encrypt a message, and decrypt with public key. Are you encrypting data or a symmetric Key? Most of the nss code that does these operations does so on actual symetric keys (which are then used to do additional encryption/decryption/macing). In that case they are using the PK11_PubWrapSymKey() and PK11_PubUnwrapSymKey(). bob i find PK11_PubEncryptPKCS1() in mailing list discussion, which seems to do the padding. But i want to use private key to encrypt, not public key. And what's more, there are not any doc or example codes to show PK11_PubEncryptPKCS1() usage OK, so here's a question, what is it you are trying to do? Encrypting with the private key is really called 'Signing'. The equivalent function is PK11_Sign. If you are doing key distribution, or you are trying to pass secret data to someone else you want to encrypt with the public key, so only the person with the private key can decrypt it. Encrypting with the private key, in this case, will allow anyone to read the result by 'decrypting' with the public key. In the sign case, you don't care about secrecy, you want to 'prove' you hold the private key. In that case you 'encrypt' data with that private key. I know you have the private key because I get the correct data back when I 'decrypt' with the public key. This recovery process is a verification, so it's called PK11_Verify, except you are looking for the actual data to recover, not to verify that the data matches. This operation is *VERY* RSA specific. No other signing/verification method uses it. In that case you need to call the special function PK11_VerifyRecover. These names match their PKCS #11 equivalents in the PKCS #11 spec. An important note about this. NSS allows this. There are cases where you do need to use PK11_VerifyRecover rather than PK11_Verify, or more specificially, the high level SGN_ and VFY_ functions. HOWEVER, there should be warning signs in your head if you have to resort to these cases. First, you will likely be generating signatures that no one else will be able to validate (All toolkits know how to deal with an RSA signature with PKCS #1 padding *AND* properly ASN1 wrapped digests - even better wrapped as an ASN1 signing wrapper). Second, you are tying your application strongly to RSA. The world of crypto is littered with the dead bodies of once strong algorithms which have fallen to the increasingly sophisticated attacks of the cryptanalyst. RSA is still strong today (albeit weaker than when I first started working in crypto), but that may not stay forever. Tying yourself to a specific algorithm is not a good idea. All that being said the mapping of high level/crypto operation names to low level RSA operations is as follows: Encrypt with public Key (PKCS #1 padding): PK11_PubEncryptPKCS1() Decrypt with private Key (PKCS #1 padding): PK11_PrivDecryptPKCS1() Encrypt with private Key (PKCS #1 padding): PK11_Sign() (use mechanism CKM_RSA_PKCS1) Decrypt with public Key (PKCS #1 padding): PK11_VerifyRecover() (use mechanism CKM_RSA_PKCS1) I'm sorry for my nonsense words, i'm mad about using nss in my code last night. I just want to use private key to encrypt a message(key modulus len), and recover/decrypt the message using public key, without caring about anything about padding PKCS#1/PKCS#11. I only know little about cryptography. following is my test code: #define BASE64_ENCODED_SUBJECTPUBLICKEYINFO MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL3F6TIc3JEYsugo+a2fPU3W+Epv/FeIX21DC86WYnpFtW4srFtz2oNUzyLUzDHZdb+k//8dcT3IAOzUUi3R2eMCAwEAAQ== #define BASE64_ENCODED_PRIVATEKEYINFO MIIBVQIBADANBgkqhkiG9w0BAQEFAASCAT8wggE7AgEAAkEAvcXpMhzckRiy6Cj5rZ89Tdb4Sm/8V4hfbUMLzpZiekW1biysW3Pag1TPItTMMdl1v6T//x1xPcgA7NRSLdHZ4wIDAQABAkEAjh8+4qncwcmGivnM6ytbpQT+k/jEOeXG2bQhjojvnXN3FazGCEFXvpuIBcJVfaIJS9YBCMOzzrAtO0+k2hWnOQIhAOC4NVbo8FQhZS4yXM1M86kMl47FA9ui//OUfbhlAdw1AiEA2DBmIXnsboKB+OHver69p0gNeWlvcJc9bjDVfdLVsLcCIQCPtV3vGYJv2vdwxqZQaHC+YB4gIGAqOqBCbmjD3lyFLQIgA+VTYdUNoqwtZWvE4gRf7IzK2V5CCNhg3gR5RGwxN58CIGCcafoRrUKsM66ISg0ITI04G9V/w+wMx91wjEEB+QBz rv = NSS_NoDB_Init(.); slot = PK11_GetInternalKeySlot(); ATOB_ConvertAsciiToItem(der, pubkstr) spki = SECKEY_DecodeDERSubjectPublicKeyInfo(der); SECITEM_FreeItem(der, PR_FALSE); pubkey = SECKEY_ExtractPublicKey(spki); char *pvtkstr = BASE64_ENCODED_PRIVATEKEYINFO; SECItem nickname, pvt_der; nickname.type = siBuffer; nickname.data = pvtkeynickname; nickname.len = strlen(pvtkeynickname); ATOB_ConvertAsciiToItem(pvt_der, pvtkstr) PK11_ImportDERPrivateKeyInfoAndReturnKey(slot, pvt_der, NULL, NULL, PR_FALSE, PR_TRUE, KU_ALL, pvtkey, NULL); SECItem encdata; encdata.len = PK11_SignatureLen(pvtkey); encdata.data = (char *)calloc(encdata.len, sizeof(char)); SECItem plain_data; char testdata[1024]; int i; for(i=0;iTESTLEN;i++) testdata[i] = 'a'; plain_data.len = TESTLEN; plain_data.data = testdata;
Re: how to decrypt with pubkey without pkcs1 padding things
On Thu, Nov 13, 2008 at 7:41 PM, NZzi [EMAIL PROTECTED] wrote: now the test code failed in PK11_Sign() with 8192 error, and as i have said error code description about this errno is senseless. The -8192 error (SEC_ERROR_IO) is the default error code that NSS currently uses for many crypto function failures. The error code name SEC_ERROR_IO is confusing in this context because it is a crypto operation, not I/O, that failed, and it doesn't tell you why a crypto operation failed. This will be fixed in the upcoming NSS 3.12.3 release. I have some patches for NSS 3.12.2 to fix the SEC_ERROR_IO problem in https://bugzilla.mozilla.org/show_bug.cgi?id=453364. If you build NSS from source code, and are comfortable with apply patches to a source tree, you can try applying the patches in that bug and see if it helps PK11_Sign() report a better error code. Wan-Teh ___ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: how to decrypt with pubkey without pkcs1 padding things
NZzi wrote: Robert Relyea wrote: NZzi wrote: hi all: I want to use private key to encrypt a message, and decrypt with public key. Are you encrypting data or a symmetric Key? Most of the nss code that does these operations does so on actual symetric keys (which are then used to do additional encryption/decryption/macing). In that case they are using the PK11_PubWrapSymKey() and PK11_PubUnwrapSymKey(). bob i find PK11_PubEncryptPKCS1() in mailing list discussion, which seems to do the padding. But i want to use private key to encrypt, not public key. And what's more, there are not any doc or example codes to show PK11_PubEncryptPKCS1() usage OK, so here's a question, what is it you are trying to do? Encrypting with the private key is really called 'Signing'. The equivalent function is PK11_Sign. If you are doing key distribution, or you are trying to pass secret data to someone else you want to encrypt with the public key, so only the person with the private key can decrypt it. Encrypting with the private key, in this case, will allow anyone to read the result by 'decrypting' with the public key. In the sign case, you don't care about secrecy, you want to 'prove' you hold the private key. In that case you 'encrypt' data with that private key. I know you have the private key because I get the correct data back when I 'decrypt' with the public key. This recovery process is a verification, so it's called PK11_Verify, except you are looking for the actual data to recover, not to verify that the data matches. This operation is *VERY* RSA specific. No other signing/verification method uses it. In that case you need to call the special function PK11_VerifyRecover. These names match their PKCS #11 equivalents in the PKCS #11 spec. An important note about this. NSS allows this. There are cases where you do need to use PK11_VerifyRecover rather than PK11_Verify, or more specificially, the high level SGN_ and VFY_ functions. HOWEVER, there should be warning signs in your head if you have to resort to these cases. First, you will likely be generating signatures that no one else will be able to validate (All toolkits know how to deal with an RSA signature with PKCS #1 padding *AND* properly ASN1 wrapped digests - even better wrapped as an ASN1 signing wrapper). Second, you are tying your application strongly to RSA. The world of crypto is littered with the dead bodies of once strong algorithms which have fallen to the increasingly sophisticated attacks of the cryptanalyst. RSA is still strong today (albeit weaker than when I first started working in crypto), but that may not stay forever. Tying yourself to a specific algorithm is not a good idea. All that being said the mapping of high level/crypto operation names to low level RSA operations is as follows: Encrypt with public Key (PKCS #1 padding): PK11_PubEncryptPKCS1() Decrypt with private Key (PKCS #1 padding): PK11_PrivDecryptPKCS1() Encrypt with private Key (PKCS #1 padding): PK11_Sign() (use mechanism CKM_RSA_PKCS1) Decrypt with public Key (PKCS #1 padding): PK11_VerifyRecover() (use mechanism CKM_RSA_PKCS1) I'm sorry for my nonsense words, i'm mad about using nss in my code last night. I just want to use private key to encrypt a message(key modulus len), and recover/decrypt the message using public key, without caring about anything about padding PKCS#1/PKCS#11. I only know little about cryptography. following is my test code: #define BASE64_ENCODED_SUBJECTPUBLICKEYINFO MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL3F6TIc3JEYsugo+a2fPU3W+Epv/FeIX21DC86WYnpFtW4srFtz2oNUzyLUzDHZdb+k//8dcT3IAOzUUi3R2eMCAwEAAQ== #define BASE64_ENCODED_PRIVATEKEYINFO MIIBVQIBADANBgkqhkiG9w0BAQEFAASCAT8wggE7AgEAAkEAvcXpMhzckRiy6Cj5rZ89Tdb4Sm/8V4hfbUMLzpZiekW1biysW3Pag1TPItTMMdl1v6T//x1xPcgA7NRSLdHZ4wIDAQABAkEAjh8+4qncwcmGivnM6ytbpQT+k/jEOeXG2bQhjojvnXN3FazGCEFXvpuIBcJVfaIJS9YBCMOzzrAtO0+k2hWnOQIhAOC4NVbo8FQhZS4yXM1M86kMl47FA9ui//OUfbhlAdw1AiEA2DBmIXnsboKB+OHver69p0gNeWlvcJc9bjDVfdLVsLcCIQCPtV3vGYJv2vdwxqZQaHC+YB4gIGAqOqBCbmjD3lyFLQIgA+VTYdUNoqwtZWvE4gRf7IzK2V5CCNhg3gR5RGwxN58CIGCcafoRrUKsM66ISg0ITI04G9V/w+wMx91wjEEB+QBz rv = NSS_NoDB_Init(.); slot = PK11_GetInternalKeySlot(); ATOB_ConvertAsciiToItem(der, pubkstr) spki = SECKEY_DecodeDERSubjectPublicKeyInfo(der); SECITEM_FreeItem(der, PR_FALSE); pubkey = SECKEY_ExtractPublicKey(spki); char *pvtkstr = BASE64_ENCODED_PRIVATEKEYINFO; SECItem nickname, pvt_der; nickname.type = siBuffer; nickname.data = pvtkeynickname; nickname.len = strlen(pvtkeynickname); ATOB_ConvertAsciiToItem(pvt_der, pvtkstr) PK11_ImportDERPrivateKeyInfoAndReturnKey(slot, pvt_der, NULL, NULL, PR_FALSE, PR_TRUE, KU_ALL, pvtkey, NULL); SECItem encdata; encdata.len = PK11_SignatureLen(pvtkey); encdata.data = (char *)calloc(encdata.len, sizeof(char)); SECItem plain_data; char testdata[1024]; int i; for(i=0;iTESTLEN;i++) testdata[i] = 'a'; plain_data.len = TESTLEN; plain_data.data = testdata;
Re: how to decrypt with pubkey without pkcs1 padding things
NZzi wrote: NZzi wrote: Robert Relyea wrote: NZzi wrote: hi all: I want to use private key to encrypt a message, and decrypt with public key. Are you encrypting data or a symmetric Key? Most of the nss code that does these operations does so on actual symetric keys (which are then used to do additional encryption/decryption/macing). In that case they are using the PK11_PubWrapSymKey() and PK11_PubUnwrapSymKey(). bob i find PK11_PubEncryptPKCS1() in mailing list discussion, which seems to do the padding. But i want to use private key to encrypt, not public key. And what's more, there are not any doc or example codes to show PK11_PubEncryptPKCS1() usage OK, so here's a question, what is it you are trying to do? Encrypting with the private key is really called 'Signing'. The equivalent function is PK11_Sign. If you are doing key distribution, or you are trying to pass secret data to someone else you want to encrypt with the public key, so only the person with the private key can decrypt it. Encrypting with the private key, in this case, will allow anyone to read the result by 'decrypting' with the public key. In the sign case, you don't care about secrecy, you want to 'prove' you hold the private key. In that case you 'encrypt' data with that private key. I know you have the private key because I get the correct data back when I 'decrypt' with the public key. This recovery process is a verification, so it's called PK11_Verify, except you are looking for the actual data to recover, not to verify that the data matches. This operation is *VERY* RSA specific. No other signing/verification method uses it. In that case you need to call the special function PK11_VerifyRecover. These names match their PKCS #11 equivalents in the PKCS #11 spec. An important note about this. NSS allows this. There are cases where you do need to use PK11_VerifyRecover rather than PK11_Verify, or more specificially, the high level SGN_ and VFY_ functions. HOWEVER, there should be warning signs in your head if you have to resort to these cases. First, you will likely be generating signatures that no one else will be able to validate (All toolkits know how to deal with an RSA signature with PKCS #1 padding *AND* properly ASN1 wrapped digests - even better wrapped as an ASN1 signing wrapper). Second, you are tying your application strongly to RSA. The world of crypto is littered with the dead bodies of once strong algorithms which have fallen to the increasingly sophisticated attacks of the cryptanalyst. RSA is still strong today (albeit weaker than when I first started working in crypto), but that may not stay forever. Tying yourself to a specific algorithm is not a good idea. All that being said the mapping of high level/crypto operation names to low level RSA operations is as follows: Encrypt with public Key (PKCS #1 padding): PK11_PubEncryptPKCS1() Decrypt with private Key (PKCS #1 padding): PK11_PrivDecryptPKCS1() Encrypt with private Key (PKCS #1 padding): PK11_Sign() (use mechanism CKM_RSA_PKCS1) Decrypt with public Key (PKCS #1 padding): PK11_VerifyRecover() (use mechanism CKM_RSA_PKCS1) I'm sorry for my nonsense words, i'm mad about using nss in my code last night. I just want to use private key to encrypt a message(key modulus len), and recover/decrypt the message using public key, without caring about anything about padding PKCS#1/PKCS#11. I only know little about cryptography. following is my test code: #define BASE64_ENCODED_SUBJECTPUBLICKEYINFO MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL3F6TIc3JEYsugo+a2fPU3W+Epv/FeIX21DC86WYnpFtW4srFtz2oNUzyLUzDHZdb+k//8dcT3IAOzUUi3R2eMCAwEAAQ== #define BASE64_ENCODED_PRIVATEKEYINFO MIIBVQIBADANBgkqhkiG9w0BAQEFAASCAT8wggE7AgEAAkEAvcXpMhzckRiy6Cj5rZ89Tdb4Sm/8V4hfbUMLzpZiekW1biysW3Pag1TPItTMMdl1v6T//x1xPcgA7NRSLdHZ4wIDAQABAkEAjh8+4qncwcmGivnM6ytbpQT+k/jEOeXG2bQhjojvnXN3FazGCEFXvpuIBcJVfaIJS9YBCMOzzrAtO0+k2hWnOQIhAOC4NVbo8FQhZS4yXM1M86kMl47FA9ui//OUfbhlAdw1AiEA2DBmIXnsboKB+OHver69p0gNeWlvcJc9bjDVfdLVsLcCIQCPtV3vGYJv2vdwxqZQaHC+YB4gIGAqOqBCbmjD3lyFLQIgA+VTYdUNoqwtZWvE4gRf7IzK2V5CCNhg3gR5RGwxN58CIGCcafoRrUKsM66ISg0ITI04G9V/w+wMx91wjEEB+QBz rv = NSS_NoDB_Init(.); slot = PK11_GetInternalKeySlot(); ATOB_ConvertAsciiToItem(der, pubkstr) spki = SECKEY_DecodeDERSubjectPublicKeyInfo(der); SECITEM_FreeItem(der, PR_FALSE); pubkey = SECKEY_ExtractPublicKey(spki); char *pvtkstr = BASE64_ENCODED_PRIVATEKEYINFO; SECItem nickname, pvt_der; nickname.type = siBuffer; nickname.data = pvtkeynickname; nickname.len = strlen(pvtkeynickname); ATOB_ConvertAsciiToItem(pvt_der, pvtkstr) PK11_ImportDERPrivateKeyInfoAndReturnKey(slot, pvt_der, NULL, NULL, PR_FALSE, PR_TRUE, KU_ALL, pvtkey, NULL); SECItem encdata; encdata.len = PK11_SignatureLen(pvtkey); encdata.data = (char *)calloc(encdata.len, sizeof(char)); SECItem plain_data; char testdata[1024]; int i; for(i=0;iTESTLEN;i++) testdata[i] = 'a'; plain_data.len = TESTLEN; plain_data.data =