Thank you for such a clear answer. The only point that is still not very clear in my mind is the PEM / DER conversion. The OpenSSL doc says about certificates conversion "The DER format is the DER encoding of the certificate and PEM is the base64 encoding of the DER encoding with header and footer lines added", which is what I thought I could do with keys. Does it mean it is true for entire certificate files but not for simple keys ?
Regards, Cedric -----Message d'origine----- De: Shawn Masters [mailto:[EMAIL PROTECTED] Date: vendredi 1 ao�t 2003 14:17 �: [EMAIL PROTECTED] Objet: Re: Key file and certificates Yes, you are wrong. :-) This seems to be the biggest hurdle for people to actually use PK. The keys are in general a collection of Integers. Some of these are extremely large and can only be handled easily in binary form. Now the way that these encoded depends heavily on some choices made (Endianess, length encoding, etc.). I believe all of the formats you have listed use ASN.1 coding. This is often referred to as the binary version of XML by the younger crowd, but it is much more powerful IMHO (also much older). It defines unambiguous ways of encoding things like Integers, and forming collections of them for things like keys. You can find everything you need to understand this at the RSA lab site where they have documents on the different formats and a starter guide on ASN.1. Then Wei has given you a very powerful/versatile set of tools to work with these formats. Some of them already have code for handling, but the rest shouldn't be very hard to conjure up. In general, once you understand the basic format and how crypto++ offers fundamental tools you should be able to read most of those formats in just a handful of lines of code. If you want something that already has most of the higher level functions done for you, look at OpenSSL. 73, Shawn [EMAIL PROTECTED] wrote: > Hi, me again > > I would to know which key file and certificates formats are supported by > CryptoPP, amoung PKCS12, PKCS7, PEM, CER, and all their little friends. > Searching through the ML archive did not really answer me. > > Two particular questions : > 1. Am I wrong if I consider I can create a PEM file just by Base64-encoding > a key generated by RSAES_OAEP_SHA_Decryptor::DEREncode, and then adding > correct header and footer ? > > 2. I am particularly interested in using PKCS12 (.PFX) files ; in case it is > not supported, are there available implementations that could be used with > CryptoPP ? > > Regards, > >
