> From: owner-openssl-us...@openssl.org On Behalf Of Bjoern Schiessle > Sent: Friday, 24 August, 2012 12:14
> <snip> Now I'm trying the implement the function > which does exactly the opposite: Take the public and private key in > the PEM format from the server and import it in a RSA structure: > Note OpenSSL's RSA privatekey *includes* publickey. RSA publickey is n,e and naive privatekey is n,d, but OpenSSL privatekey is CRT form with n,d,e,p,q + more. There is no need to transmit the publickey separately, (Not for DH or ECDH, though.) > void Encryption::pem2key(QString publickey, QString > privatekey, QString password) > { > BIO *pubBio = > BIO_new_mem_buf(publickey.toLocal8Bit().data(), > strlen(publickey.toLocal8Bit().data())); > BIO *privBio = > BIO_new_mem_buf(privatekey.toLocal8Bit().data(), > strlen(privatekey.toLocal8Bit().data())); Tiny aside: BIO_new_mem_buf will do the strlen() for you if you pass -1 for length. Just a convenience. > RSA *rsa = RSA_new(); > > PEM_read_bio_RSAPublicKey(pubBio, &rsa, 0, NULL); > PEM_read_bio_RSAPrivateKey(privBio, &rsa, 0, > password.toLocal8Bit().data()); > > Keymanager::Instance()->setRSAkey(rsa); > > BIO_free_all(pubBio); > BIO_free_all(privBio); > } > > > The program compiles and run without a problem. But if I call the > key2pem() function with the newly imported RSA key. I get two quite > short keys back (only half a line of data). So something seems to go > wrong during import of the PEM encoded keys. > > Any idea what I'm doing wrong in the pem2key() function? > If PEM_read_* returns null (or nearly any other OpenSSL routine returns a failure indication), look at the error queue. http://www.openssl.org/support/faq.html#PROG6 and #PROG7 also if you don't get readable error. If they didn't, look very carefully at your PEM data. Commandline can do this: openssl asn1parse -in myprivkey.pem and/or: openssal rsa -in myprivkey.pem -text ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org