Re: RSA read and write to and from file

Thu, 30 Nov 2000 05:53:08 -0800 



[EMAIL PROTECTED] wrote:
> 
> Hi,
> 
> I am having a problem with the RSA functions of the openssl package.
> I want to generate an RSA key pair. Write them to disk and use them later
> (this all in linux/AIX)
> I managed to generate a keypair. But then the problem starts. I cant find
> any functions to write the whole key (not just private of public) to disk.
> When i write them seperately I cant read the public key in an rsa
> structure. The function PEM_read_bio_PUBKEY() comes with the error
> "EXPECTING PUBLIC KEY" But the file is a public key ?!
> 
> Ive tried to strip the rsa.c and the genrsa.c but that didnt work for me.
> I also looked at the examples but also these didnt provide me with the
> right information.
> 
> Can anybody supply me with an example of how to write an RSA key (encrypted
> or not) to disk and read them in again to use it with RSA_public_encrypt().
> 

An RSA private key contains both the public and private components. You
can use an RSA private key in an RSA structure for private and public
operations. The private key is the "whole key".

As such if you have the private key there's little point in writing the
public key out to the same file, you're just duplicating information.

If you have a private key in an RSA structure and just want to write out
the public components then you can use PEM_write_RSAPublicKey() and read
it in with PEM_read_RSAPublicKey(). The key read back will then just
contain the RSA public key components and naturally can't be used for
private key operations.

The "EXPECTING PUBLIC KEY" message is telling you what the PEM routine
is expecting to see in the BEGIN and END lines of the PEM file. If your
file doesn't have BEGIN PUBLIC KEY (as it wont) then you'll get the
error.

Steve.
-- 
Dr Stephen N. Henson.   http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED] 
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the   OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to