d p chang wrote: > > Checking the user archives I haven't seen anyone address this sort of > problem (v0.9.6b).
Well it has been addressed before... > I've generated the various keys w/ something liek > this (from teh man page) > > openssl genrsa -out priv.pem 1024 > openssl rsa -in priv.pem -pubout -out pub.pem > > However, when trying to read in the public key w/ > pem_read_rsapublickey I get a pem_read_bio:'no start line' error. The > public key file only has (-----BEGIN PUBLIC KEY-----) while the > private key file has (-----BEGIN RSA PRIVATE KEY-----). Checking the > source, the 'workaround' seems obvious... > The actual header lines, in many (but not all) cases give an indication of the type of data enclosed inside. So just changing them without changing the enclosed data wont necessarily work. > However, when I hand edit the public key file by adding the type (RSA) > i get a new error: > > lib(13 : asn1 encoding routines) > func(280 : d2i_ASN1_UINTEGER) > reason(113 : expecting an integer) > > which is less clear how to 'fix' since I haven't dug around the > internals too much. > This error is due to the incompatibility in the enclosed data. Once is an encoded PublicKeyInfo, the other an RSAPublicKey structure. > Anyway, my questions are: > > 1 - is this the right way to be going about this? > 2 - is there some other incantation that I'm missing when > generating the keys? > All you're missing is that your reading in the public key using the wrong function. You should use PEM_read_RSA_PUBKEY instead. Steve. -- Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/ Personal Email: [EMAIL PROTECTED] Senior crypto engineer, Celo Communications: http://www.celocom.com/ Core developer of the OpenSSL project: http://www.openssl.org/ Business Email: [EMAIL PROTECTED] PGP key: via homepage. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
