Re: documentation/description of RSA PEM file format used by OpenSSL
Thanks all for your help - I've finally managed to read the keys (now I have to also write a code that will write keys in the same format, but that shouldn't be much of a problem). Documents which helped me were the PKCS#1 v2.1 specification (for the format of the key certificates) and the recommendation X.690 (for DER/ASN.1 encoding). Regards, Tomasz Kaźmierczak Kyle Hamilton pisze: For information on how they're encoded, please see ITU recommendation X.690 (DER). The full documentation on ASN.1 (the notation language) can be found in ITU recommendation X.680; you can also see http://www.oss.com/asn1/dubuisson.html (for a complete overview) and http://www.oss.com/asn1/larmouth.html (for a complete reference). Please note that trying to read the documents published by the ITU is like trying to wikipath through 40 links to get to the information you're looking for. I wholeheartedly recommend staying away from them unless you absolutely need them. -Kyle H On Tue, Feb 10, 2009 at 2:46 PM, Tomasz Kaźmierczak tome...@wp.eu wrote: I've managed to base64 decode a public key (at least I think so;). Now I'm trying to understand how to interpret the key data. I've found the definitions of RSAPublicKey and RSAPrivateKey structures (in the PKCS #1: RSA Cryptography Standard), but there is no information about what are the lengths of those structures' fields. The keys I'm dealing with are 1024 bit keys. The RSAPublicKey structure consists only of the modulus (n) and the public exponent (e), so I assume that first 128 bytes of the structure is the modulus and the rest 12 bytes is the exponent (the structure as a whole has 140 bytes). Is this assumption right? And what if I didn't know that the key is 1024 bits long, how would I know how many bytes represent the modulus and how many represent the exponent? The RSAPrivateKey is a bigger problem - the structure consists of more fields. How do I know what are their sizes in bytes (again, in my case, the modulus should be 140 bytes and exponents - 12 bytes each, but there are some more fields...)? In particular, what's the size of the version field? Dr. Stephen Henson pisze: On Fri, Feb 06, 2009, Tomasz Ka??mierczak wrote: Ok. And it is of course base64 encoded, right? And what about the public key (-BEGIN RSA PUBLIC KEY-)? It looks the same way as the private key file, but it is shorter. As I said in the other message thats an RSAPublicKey structure, see PKCS#1. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Re: documentation/description of RSA PEM file format used by OpenSSL
On Tue 10/02/09 10:53 PM , Michael Sierchio ku...@tenebras.com sent: Tomasz Kaźmierczak wrote: I've managed to base64 decode a public key (at least I think so;). Now I'm trying to understand how to interpret the key data. I've found the definitions of RSAPublicKey and RSAPrivateKey structures (in the PKCS #1: RSA Cryptography Standard), but there is no information about what are the lengths of those structures' fields. You should locate and follow one of the ASN.1 tutorials floating about on the web before proceeding any further. The syntax of the representation contains tags that identify to contents of components of an object, and their length in octets. And more, sometimes. ;-) I'm assuming Tomasz has access to the openssl binary!? Use the asn1parse option to decode the key data from PEM format. Use 'openssl asn1parse -inform PEM -in your-key-file-name' and this will dump a file. This is a certificate rather than a key file: OpenSSL asn1parse -inform PEM -in enc-root.pem -dump 0:d=0 hl=4 l= 495 cons: SEQUENCE 4:d=1 hl=4 l= 344 cons: SEQUENCE 8:d=2 hl=2 l= 3 cons: cont [ 0 ] 10:d=3 hl=2 l= 1 prim: INTEGER :02 13:d=2 hl=2 l= 17 prim: INTEGER :EC7F6C3FF7F74C7A856FB59A6941F2C 32:d=2 hl=2 l= 13 cons: SEQUENCE 34:d=3 hl=2 l= 9 prim: OBJECT:sha1WithRSAEncryption etc... Carl __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: documentation/description of RSA PEM file format used by OpenSSL
Thanks, I've managed to find a direct link to the X.690 documentation on Wikipedia (http://en.wikipedia.org/wiki/Basic_Encoding_Rules#External_links). Now things are clarifying quickly. Kyle Hamilton pisze: For information on how they're encoded, please see ITU recommendation X.690 (DER). The full documentation on ASN.1 (the notation language) can be found in ITU recommendation X.680; you can also see http://www.oss.com/asn1/dubuisson.html (for a complete overview) and http://www.oss.com/asn1/larmouth.html (for a complete reference). Please note that trying to read the documents published by the ITU is like trying to wikipath through 40 links to get to the information you're looking for. I wholeheartedly recommend staying away from them unless you absolutely need them. -Kyle H On Tue, Feb 10, 2009 at 2:46 PM, Tomasz Kaźmierczak tome...@wp.eu wrote: I've managed to base64 decode a public key (at least I think so;). Now I'm trying to understand how to interpret the key data. I've found the definitions of RSAPublicKey and RSAPrivateKey structures (in the PKCS #1: RSA Cryptography Standard), but there is no information about what are the lengths of those structures' fields. The keys I'm dealing with are 1024 bit keys. The RSAPublicKey structure consists only of the modulus (n) and the public exponent (e), so I assume that first 128 bytes of the structure is the modulus and the rest 12 bytes is the exponent (the structure as a whole has 140 bytes). Is this assumption right? And what if I didn't know that the key is 1024 bits long, how would I know how many bytes represent the modulus and how many represent the exponent? The RSAPrivateKey is a bigger problem - the structure consists of more fields. How do I know what are their sizes in bytes (again, in my case, the modulus should be 140 bytes and exponents - 12 bytes each, but there are some more fields...)? In particular, what's the size of the version field? Dr. Stephen Henson pisze: On Fri, Feb 06, 2009, Tomasz Ka??mierczak wrote: Ok. And it is of course base64 encoded, right? And what about the public key (-BEGIN RSA PUBLIC KEY-)? It looks the same way as the private key file, but it is shorter. As I said in the other message thats an RSAPublicKey structure, see PKCS#1. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: documentation/description of RSA PEM file format used by OpenSSL
I've managed to base64 decode a public key (at least I think so;). Now I'm trying to understand how to interpret the key data. I've found the definitions of RSAPublicKey and RSAPrivateKey structures (in the PKCS #1: RSA Cryptography Standard), but there is no information about what are the lengths of those structures' fields. The keys I'm dealing with are 1024 bit keys. The RSAPublicKey structure consists only of the modulus (n) and the public exponent (e), so I assume that first 128 bytes of the structure is the modulus and the rest 12 bytes is the exponent (the structure as a whole has 140 bytes). Is this assumption right? And what if I didn't know that the key is 1024 bits long, how would I know how many bytes represent the modulus and how many represent the exponent? The RSAPrivateKey is a bigger problem - the structure consists of more fields. How do I know what are their sizes in bytes (again, in my case, the modulus should be 140 bytes and exponents - 12 bytes each, but there are some more fields...)? In particular, what's the size of the version field? Dr. Stephen Henson pisze: On Fri, Feb 06, 2009, Tomasz Ka??mierczak wrote: Ok. And it is of course base64 encoded, right? And what about the public key (-BEGIN RSA PUBLIC KEY-)? It looks the same way as the private key file, but it is shorter. As I said in the other message thats an RSAPublicKey structure, see PKCS#1. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: documentation/description of RSA PEM file format used by OpenSSL
Tomasz Kaźmierczak wrote: I've managed to base64 decode a public key (at least I think so;). Now I'm trying to understand how to interpret the key data. I've found the definitions of RSAPublicKey and RSAPrivateKey structures (in the PKCS #1: RSA Cryptography Standard), but there is no information about what are the lengths of those structures' fields. You should locate and follow one of the ASN.1 tutorials floating about on the web before proceeding any further. The syntax of the representation contains tags that identify to contents of components of an object, and their length in octets. And more, sometimes. ;-) -- Michael Sierchio +1 510 962 5595 PO Box 9036ku...@tenebras.com Berkeley CA 94709 http://xijiaoshan.blogspot.com __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: documentation/description of RSA PEM file format used by OpenSSL
For information on how they're encoded, please see ITU recommendation X.690 (DER). The full documentation on ASN.1 (the notation language) can be found in ITU recommendation X.680; you can also see http://www.oss.com/asn1/dubuisson.html (for a complete overview) and http://www.oss.com/asn1/larmouth.html (for a complete reference). Please note that trying to read the documents published by the ITU is like trying to wikipath through 40 links to get to the information you're looking for. I wholeheartedly recommend staying away from them unless you absolutely need them. -Kyle H On Tue, Feb 10, 2009 at 2:46 PM, Tomasz Kaźmierczak tome...@wp.eu wrote: I've managed to base64 decode a public key (at least I think so;). Now I'm trying to understand how to interpret the key data. I've found the definitions of RSAPublicKey and RSAPrivateKey structures (in the PKCS #1: RSA Cryptography Standard), but there is no information about what are the lengths of those structures' fields. The keys I'm dealing with are 1024 bit keys. The RSAPublicKey structure consists only of the modulus (n) and the public exponent (e), so I assume that first 128 bytes of the structure is the modulus and the rest 12 bytes is the exponent (the structure as a whole has 140 bytes). Is this assumption right? And what if I didn't know that the key is 1024 bits long, how would I know how many bytes represent the modulus and how many represent the exponent? The RSAPrivateKey is a bigger problem - the structure consists of more fields. How do I know what are their sizes in bytes (again, in my case, the modulus should be 140 bytes and exponents - 12 bytes each, but there are some more fields...)? In particular, what's the size of the version field? Dr. Stephen Henson pisze: On Fri, Feb 06, 2009, Tomasz Ka??mierczak wrote: Ok. And it is of course base64 encoded, right? And what about the public key (-BEGIN RSA PUBLIC KEY-)? It looks the same way as the private key file, but it is shorter. As I said in the other message thats an RSAPublicKey structure, see PKCS#1. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: documentation/description of RSA PEM file format used by OpenSSL
Thanks for the link, but I've already seen that, and unfortunately it didn't help... When I open the PEM files with keys in a plain text editor, the contents are different than what's shown on the linked page. In stead of: -BEGIN RSA PRIVATE KEY- Proc-Type: 4,ENCRYPTED DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89 ...base64 encoded data... -END RSA PRIVATE KEY- there is just: -BEGIN RSA PRIVATE KEY- ...base64 encoded data... -END RSA PRIVATE KEY- After decoding the base64 encoded data, I get some binary data which I don't know what to do with... Dr. Stephen Henson pisze: On Thu, Feb 05, 2009, Tomasz Ka??mierczak wrote: Hello, In the OpenSSL API there are functions called PEM_write_RSAPrivateKey(), PEM_write_RSAPublicKey() and corresponding read functions: PEM_read_RSAPrivateKey(), PEM_read_RSAPublicKey(). What I need is to read/write RSA keys to/from a file in exactly the same format as these functions do, but I cannot use OpenSSL (due to licensing issues when using OpenSSL in GPL'd code). I've tried to find some GPL'd code that can handle files in such format, but haven't succeeded. What I've managed to find out is that it's a PKCS#1 certificate stored in a PEM file - is that right? Unfortunately, even with such knowledge, I haven't managed to find any specification that would be of any help. RSAPublicKey and RSAPrivateKey are the same structures mentioned in PKCS#1 base64 encoded with the approproiate headers. If you need the PEM encryption format then see: http://www.openssl.org/docs/crypto/pem.html#PEM_ENCRYPTION_FORMAT Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: documentation/description of RSA PEM file format used by OpenSSL
If it says -BEGIN RSA PRIVATE KEY-, then it is an unencrypted PKCS#1 RSA key structure which contains private exponent, public exponent, and modulus. -Kyle H On Fri, Feb 6, 2009 at 9:34 AM, Tomasz Kaźmierczak tome...@wp.eu wrote: Thanks for the link, but I've already seen that, and unfortunately it didn't help... When I open the PEM files with keys in a plain text editor, the contents are different than what's shown on the linked page. In stead of: -BEGIN RSA PRIVATE KEY- Proc-Type: 4,ENCRYPTED DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89 ...base64 encoded data... -END RSA PRIVATE KEY- there is just: -BEGIN RSA PRIVATE KEY- ...base64 encoded data... -END RSA PRIVATE KEY- After decoding the base64 encoded data, I get some binary data which I don't know what to do with... Dr. Stephen Henson pisze: On Thu, Feb 05, 2009, Tomasz Ka??mierczak wrote: Hello, In the OpenSSL API there are functions called PEM_write_RSAPrivateKey(), PEM_write_RSAPublicKey() and corresponding read functions: PEM_read_RSAPrivateKey(), PEM_read_RSAPublicKey(). What I need is to read/write RSA keys to/from a file in exactly the same format as these functions do, but I cannot use OpenSSL (due to licensing issues when using OpenSSL in GPL'd code). I've tried to find some GPL'd code that can handle files in such format, but haven't succeeded. What I've managed to find out is that it's a PKCS#1 certificate stored in a PEM file - is that right? Unfortunately, even with such knowledge, I haven't managed to find any specification that would be of any help. RSAPublicKey and RSAPrivateKey are the same structures mentioned in PKCS#1 base64 encoded with the approproiate headers. If you need the PEM encryption format then see: http://www.openssl.org/docs/crypto/pem.html#PEM_ENCRYPTION_FORMAT Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: documentation/description of RSA PEM file format used by OpenSSL
Ok. And it is of course base64 encoded, right? And what about the public key (-BEGIN RSA PUBLIC KEY-)? It looks the same way as the private key file, but it is shorter. Kyle Hamilton pisze: If it says -BEGIN RSA PRIVATE KEY-, then it is an unencrypted PKCS#1 RSA key structure which contains private exponent, public exponent, and modulus. -Kyle H On Fri, Feb 6, 2009 at 9:34 AM, Tomasz Kaźmierczak tome...@wp.eu wrote: Thanks for the link, but I've already seen that, and unfortunately it didn't help... When I open the PEM files with keys in a plain text editor, the contents are different than what's shown on the linked page. In stead of: -BEGIN RSA PRIVATE KEY- Proc-Type: 4,ENCRYPTED DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89 ...base64 encoded data... -END RSA PRIVATE KEY- there is just: -BEGIN RSA PRIVATE KEY- ...base64 encoded data... -END RSA PRIVATE KEY- After decoding the base64 encoded data, I get some binary data which I don't know what to do with... Dr. Stephen Henson pisze: On Thu, Feb 05, 2009, Tomasz Ka??mierczak wrote: Hello, In the OpenSSL API there are functions called PEM_write_RSAPrivateKey(), PEM_write_RSAPublicKey() and corresponding read functions: PEM_read_RSAPrivateKey(), PEM_read_RSAPublicKey(). What I need is to read/write RSA keys to/from a file in exactly the same format as these functions do, but I cannot use OpenSSL (due to licensing issues when using OpenSSL in GPL'd code). I've tried to find some GPL'd code that can handle files in such format, but haven't succeeded. What I've managed to find out is that it's a PKCS#1 certificate stored in a PEM file - is that right? Unfortunately, even with such knowledge, I haven't managed to find any specification that would be of any help. RSAPublicKey and RSAPrivateKey are the same structures mentioned in PKCS#1 base64 encoded with the approproiate headers. If you need the PEM encryption format then see: http://www.openssl.org/docs/crypto/pem.html#PEM_ENCRYPTION_FORMAT Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: documentation/description of RSA PEM file format used by OpenSSL
On Fri, Feb 06, 2009, Tomasz Ka??mierczak wrote: Ok. And it is of course base64 encoded, right? And what about the public key (-BEGIN RSA PUBLIC KEY-)? It looks the same way as the private key file, but it is shorter. As I said in the other message thats an RSAPublicKey structure, see PKCS#1. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: documentation/description of RSA PEM file format used by OpenSSL
Ok. Thanks for the answers. I'll try with this information. Regards, Tomasz Kaźmierczak Dr. Stephen Henson pisze: On Fri, Feb 06, 2009, Tomasz Kaźmierczak wrote: Ok. And it is of course base64 encoded, right? And what about the public key (-BEGIN RSA PUBLIC KEY-)? It looks the same way as the private key file, but it is shorter. As I said in the other message thats an RSAPublicKey structure, see PKCS#1. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
documentation/description of RSA PEM file format used by OpenSSL
Hello, In the OpenSSL API there are functions called PEM_write_RSAPrivateKey(), PEM_write_RSAPublicKey() and corresponding read functions: PEM_read_RSAPrivateKey(), PEM_read_RSAPublicKey(). What I need is to read/write RSA keys to/from a file in exactly the same format as these functions do, but I cannot use OpenSSL (due to licensing issues when using OpenSSL in GPL'd code). I've tried to find some GPL'd code that can handle files in such format, but haven't succeeded. What I've managed to find out is that it's a PKCS#1 certificate stored in a PEM file - is that right? Unfortunately, even with such knowledge, I haven't managed to find any specification that would be of any help. Is there any documentation or a detailed description of the format of the files created by the PEM_write_RSAPrivateKey() and PEM_write_RSAPublicKey()? As a hint, I can add that the RSA key pair is created this way: keys = RSA_generate_key(1024, RSA_F4, NULL, NULL); and the keys are stored to files this way: PEM_write_RSAPrivateKey(privKeyFile, keys, NULL, NULL, 0, NULL, NULL); PEM_write_RSAPublicKey(pubKeyFile, keys); They are read this way: pubKey = PEM_read_RSAPublicKey(pubKeyFile, NULL, NULL, NULL); privKey = PEM_read_RSAPrivateKey(privKeyFile, NULL, NULL, NULL); Tomasz Kaźmierczak __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: documentation/description of RSA PEM file format used by OpenSSL
On Thu, Feb 05, 2009, Tomasz Ka??mierczak wrote: Hello, In the OpenSSL API there are functions called PEM_write_RSAPrivateKey(), PEM_write_RSAPublicKey() and corresponding read functions: PEM_read_RSAPrivateKey(), PEM_read_RSAPublicKey(). What I need is to read/write RSA keys to/from a file in exactly the same format as these functions do, but I cannot use OpenSSL (due to licensing issues when using OpenSSL in GPL'd code). I've tried to find some GPL'd code that can handle files in such format, but haven't succeeded. What I've managed to find out is that it's a PKCS#1 certificate stored in a PEM file - is that right? Unfortunately, even with such knowledge, I haven't managed to find any specification that would be of any help. RSAPublicKey and RSAPrivateKey are the same structures mentioned in PKCS#1 base64 encoded with the approproiate headers. If you need the PEM encryption format then see: http://www.openssl.org/docs/crypto/pem.html#PEM_ENCRYPTION_FORMAT Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: documentation/description of RSA PEM file format used by OpenSSL
http://www.rsa.com/rsalabs/node.asp?id=2124 has links to the PKCS formats (Public-Key Cryptography Standards). http://www.rfc-editor.org/rfc/rfc4648.txt has the documentation on the base64 encoding that the PEM_ functions work with. (This is in addition to the links that Dr. Henson has provided.) -Kyle H On Thu, Feb 5, 2009 at 1:04 PM, Tomasz Kaźmierczak tome...@wp.eu wrote: Hello, In the OpenSSL API there are functions called PEM_write_RSAPrivateKey(), PEM_write_RSAPublicKey() and corresponding read functions: PEM_read_RSAPrivateKey(), PEM_read_RSAPublicKey(). What I need is to read/write RSA keys to/from a file in exactly the same format as these functions do, but I cannot use OpenSSL (due to licensing issues when using OpenSSL in GPL'd code). I've tried to find some GPL'd code that can handle files in such format, but haven't succeeded. What I've managed to find out is that it's a PKCS#1 certificate stored in a PEM file - is that right? Unfortunately, even with such knowledge, I haven't managed to find any specification that would be of any help. Is there any documentation or a detailed description of the format of the files created by the PEM_write_RSAPrivateKey() and PEM_write_RSAPublicKey()? As a hint, I can add that the RSA key pair is created this way: keys = RSA_generate_key(1024, RSA_F4, NULL, NULL); and the keys are stored to files this way: PEM_write_RSAPrivateKey(privKeyFile, keys, NULL, NULL, 0, NULL, NULL); PEM_write_RSAPublicKey(pubKeyFile, keys); They are read this way: pubKey = PEM_read_RSAPublicKey(pubKeyFile, NULL, NULL, NULL); privKey = PEM_read_RSAPrivateKey(privKeyFile, NULL, NULL, NULL); Tomasz Kaźmierczak __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org