Reading Private and Public Key Pair DER files into EVP_PKEY

Mon, 03 Oct 2011 12:35:38 -0700 

Hi All,

I would like to confirm whether my approach is correct in initializing
EVP_PKEY from public key DER file and private key DER file.
My question is:

This is the scenario, I have two files; private key files and public key
files. These files are in DER. I would like to initialize the EVP_PKEY with
these two keys for later usage.
I includes a portion of my code that reads initialize the EVP_PKEY.
Currently, I do not read the DER encoded public key into EVP_PKEY if I
already read the DER encoded Private Key (see my ocde snippet).
It seems that the EVP_PKEY public key portion is automatically populated
when the private key is known.  Is my understanding correct?

Code snippet:

           if((privKeyDER != NULL) && (privKeyDERLen > 0))  // Check whether
DER encoded private key is not NULL or length is not 0
            {
                /* DER encoded private key is found */
                BIO* tempBio = BIO_new_mem_buf(privKeyDER, privKeyDERLen);
                if(tempBio == NULL)
                {
                    printf("Error instantiating temp memory BIO for DER
encoded private key\n");
                }
                else
                {
                    /*
                     * When private key is known, EVP_PKEY contains both
                     * Private and Public key.
                     */
                    retEVP_PKEY = d2i_PrivateKey_bio(tempBio, &retEVP_PKEY);
                    if(retEVP_PKEY == NULL) printf("Error converting DER
encoded private and deriving public key into EVP_PKEY\n");
                }
                if(tempBio != NULL) BIO_free_all(tempBio);
            }
            else
            {
                printf("Null pointer: privKeyDER || privKeyDERLen\n");
                printf("only contains public key\n");
            }

            /* Check if EVP_PKEY has private key */
            if(retEVP_PKEY == NULL)
            {
                /* EVP_PKEY does not have private key */
                /* Check if DER encoded public key is there */
                /*
                 * The DER public key is encoded as a SubjectPublicKeyInfo,
so
                 * d2i_PublicKey can not be used.  d2i_PublicKey only
handles RSA public keys encoded
                 * in the PKCS#1 format. Therefore, use function
d2i_PUBKEY_bio to read the DER key
                 */
                if((pubKeyDER != NULL) && (pubKeyDERLen > 0))
                {
                    /* DER encoded public key is found */
                    BIO* tempBio = BIO_new_mem_buf(pubKeyDER, pubKeyDERLen);
                    if(tempBio == NULL)
                    {
                        printf("Error instantiating temp memory BIO for DER
encoded public key\n");
                    }
                    else
                    {
                        retEVP_PKEY = d2i_PUBKEY_bio(tempBio, &retEVP_PKEY);
                        if(retEVP_PKEY == NULL) printf("Error converting DER
encoded public key into EVP_PKEY\n");
                    }
                    if(tempBio != NULL) BIO_free_all(tempBio);
                }
                else
                {
                    printf("Null pointer: pubKeyDER || pubKeyDERLen\n");
                }
            }

            /* Check whether EVP_PKEY has either (private and public key) or
(public key) */
            if(retEVP_PKEY == NULL)
            {
                printf("Error converting myKeypair->pubKeyDER into
EVP_PKEY\n");
            }
        }

Thanks,
Erwin

Reply via email to