Re: SECKeyPublicKey

Thu, 12 May 2005 14:00:36 -0700

Petar Popara wrote: 

Using this code:

PK11SlotInfo * slot = PK11_GetBestSlot(CKM_RSA_PKCS, NULL);
if(slot == NULL) {
    //error
}

PRArenaPool * arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
if(arena == NULL) {
    //error
}

m_pubkey = (SECKEYPublicKey*)PORT_ArenaZAlloc(arena, sizeof(SECKEYPublicKey));
if(m_pubkey == NULL ) {
//error
}

m_pubkey->arena = arena;
m_pubkey->keyType = rsaKey;

SECStatus s = SECITEM_CopyItem(NULL, &(m_pubkey->u.rsa.modulus), m_modulus);
if (s != SECSuccess)
{
  //error
}

s = SECITEM_CopyItem(NULL, &(m_pubkey->u.rsa.publicExponent), m_exponent);
if (s != SECSuccess)
{
  //error
}

Where m_modulus and m_exponent are SECItem structures.

Works fine now. 

Although SECKEYPublicKey's structure definition is exported,
SECKEYPublicKey is meant to be used as an opaque structure.

There is no NSS function that constructs a SECKEYPublicKey
structure from a modulus and public exponent.  This is a hole
in our API.  However, you can encode the public key in DER and
then call SECKEY_ImportDERPublicKey with type=CKK_RSA to import
it into NSS.

An RSA public key is a SEQUENCE of INTEGER modulus and
INTEGER publicExponent.  From PKCS #1:

   An RSA public key shall have ASN.1 type RSAPublicKey:

   RSAPublicKey ::= SEQUENCE {
     modulus INTEGER, -- n
     publicExponent INTEGER -- e }

You can try the following (untested) code, which uses only
public NSS functions (error handling code omitted for brevity).

struct MyRSAPublicKey {
    SECItem m_modulus;
    SECItem m_exponent;
} inPubKey;

SECItem derPubKey;

SECKEYPublicKey *pubKey;

const SEC_ASN1Template MyRSAPublicKeyTemplate[] = {
    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(MyRSAPublicKey) },
    { SEC_ASN1_INTEGER, offsetof(MyRSAPublicKey,m_modulus), },
    { SEC_ASN1_INTEGER, offsetof(MyRSAPublicKey,m_exponent), },
    { 0, }
};

PRArenaPool *arena;

/*
 * Point inPubKey.m_modulus and m_exponent at the data, and
 * then set their types to unsigned integers.
 */
inPubKey.m_modulus.type = siUnsignedInteger;
inPubKey.m_exponent.type = siUnsignedInteger;

arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
SEC_ASN1EncodeItem(arena, &derPubKey, &inPubKey,
                   MyRSAPublicKeyTemplate);
pubKey = SECKEY_ImportDERPublicKey(&derPubKey, CKK_RSA);
PORT_FreeArena(arena, PR_FALSE);

Wan-Teh


_______________________________________________
mozilla-crypto mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-crypto

Reply via email to