RE: Convert symmetrically encrypted content to base64

Fri, 24 Aug 2012 12:57:26 -0700 

> From: [email protected] On Behalf Of Bjoern Schiessle
> Sent: Friday, 24 August, 2012 12:14

> <snip> Now I'm trying the implement the function
> which does exactly the opposite: Take the public and private key in
> the PEM format from the server and import it in a RSA structure:
> 
Note OpenSSL's RSA privatekey *includes* publickey.
RSA publickey is n,e and naive privatekey is n,d, 
but OpenSSL privatekey is CRT form with n,d,e,p,q + more.
There is no need to transmit the publickey separately, 

(Not for DH or ECDH, though.)

> void Encryption::pem2key(QString publickey, QString 
> privatekey, QString password)
> {
>     BIO *pubBio = 
> BIO_new_mem_buf(publickey.toLocal8Bit().data(), 
> strlen(publickey.toLocal8Bit().data()));
>     BIO *privBio =  
> BIO_new_mem_buf(privatekey.toLocal8Bit().data(), 
> strlen(privatekey.toLocal8Bit().data()));

Tiny aside: BIO_new_mem_buf will do the strlen() for you 
if you pass -1 for length. Just a convenience.

>     RSA *rsa = RSA_new();
> 
>     PEM_read_bio_RSAPublicKey(pubBio, &rsa, 0, NULL);
>     PEM_read_bio_RSAPrivateKey(privBio, &rsa, 0, 
> password.toLocal8Bit().data());
> 
>     Keymanager::Instance()->setRSAkey(rsa);
> 
>     BIO_free_all(pubBio);
>     BIO_free_all(privBio);
> }
> 
> 
> The program compiles and run without a problem. But if I call the
> key2pem() function with the newly imported RSA key. I get two quite
> short keys back (only half a line of data). So something seems to go
> wrong during import of the PEM encoded keys.
> 
> Any idea what I'm doing wrong in the pem2key() function?
> 
If PEM_read_* returns null (or nearly any other OpenSSL 
routine returns a failure indication), look at the error queue.
http://www.openssl.org/support/faq.html#PROG6
and #PROG7 also if you don't get readable error.

If they didn't, look very carefully at your PEM data. 
Commandline can do this: openssl asn1parse -in myprivkey.pem 
and/or: openssal rsa -in myprivkey.pem -text


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [email protected]
Automated List Manager                           [email protected]

Reply via email to