EVP_PKEY from char buffer in x509 (PKCS7)

Posted by sid on Stack Overflow See other posts from Stack Overflow or by sid
Published on 2010-05-27T06:22:01Z Indexed on 2010/06/01 6:23 UTC
Read the original article Hit count: 382

Filed under:

openssl

Hi All, I have a DER certificate from which I am retrieving the Public key in unsigned char buffer as following, is it the right way of getting?

pStoredPublicKey = X509_get_pubkey(x509);
if(pStoredPublicKey == NULL)
{
        printf(": publicKey is NULL\n");
}
if(pStoredPublicKey->type == EVP_PKEY_RSA) {
        RSA *x = pStoredPublicKey->pkey.rsa;
        bn = x->n;
}
else if(pStoredPublicKey->type == EVP_PKEY_DSA) {

}
else if(pStoredPublicKey->type == EVP_PKEY_EC) {
}
else {
        printf(" : Unkown publicKey\n");
}
//extracts the bytes from public key & convert into unsigned char buffer
buf_len = (size_t) BN_num_bytes (bn);
key = (unsigned char *)malloc (buf_len);
n = BN_bn2bin (bn, (unsigned char *) key);
for (i = 0; i < n; i++)
{
        printf("%02x\n", (unsigned char) key[i]);
}
keyLen = EVP_PKEY_size(pStoredPublicKey);
EVP_PKEY_free(pStoredPublicKey);

And, With this unsigned char buffer, How do I get back the EVP_PKEY for RSA? OR Can I use following ???,

EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, unsigned char **pp, long length);
int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp);

Related posts about openssl

Redhat | Openssl installation error

as seen on Server Fault - Search for 'Server Fault'
make -f objs/Makefile make[1]: Entering directory `/root/fuse-ssh/nginx-0.7.65' cd /usr/bin/openssl \ && make clean \ && ./config --prefix=/usr/bin/openssl/.openssl no-shared no-threads \ && make \ && make install /bin/sh: line 0: cd:… >>> More
Redhat | Openssl installation error

as seen on Stack Overflow - Search for 'Stack Overflow'
make -f objs/Makefile make[1]: Entering directory `/root/fuse-ssh/nginx-0.7.65' cd /usr/bin/openssl \ && make clean \ && ./config --prefix=/usr/bin/openssl/.openssl no-shared no-threads \ && make \ && make install /bin/sh: line 0: cd:… >>> More
Upgrade OpenSSL 0.9.8k to OpenSSL 1.0.1c on Ubuntu 10.04

as seen on Server Fault - Search for 'Server Fault'
We're currently using Ubuntu 10.04 and based on the PCI Compliance results, we're told to upgrade our OpenSSL. I attempted to do this using this reference: http://sandilands.info/sgordon/upgrade-latest-version-openssl-on-ubuntu and http://www.lunarforums.com/dedicated_web_hosting_at_lunarpages/upgrading_openssl-t35015… >>> More
Installing OpenSSL that supports SNI along with previous version of OpenSSL

as seen on Server Fault - Search for 'Server Fault'
So I learned that to host multiple HTTPS websites on the same IP address you need an OpenSSL version that supports SNI (0.9.8f and higher). My RHEL5 box currently has 0.9.8e and Apache version httpd-2.2.26-2.el5. According to a same question here it's not a good idea to replace the original version… >>> More
Solaris X86 AESNI OpenSSL Engine

as seen on Oracle Blogs - Search for 'Oracle Blogs'
Solaris X86 AESNI OpenSSL Engine Cryptography is a major component of secure e-commerce. Since cryptography is compute intensive and adds a significant load to applications, such as SSL web servers (https), crypto performance is an important factor. Providing accelerated crypto hardware greatly… >>> More

Developer IT

EVP_PKEY from char buffer in x509 (PKCS7) - Developer IT

EVP_PKEY from char buffer in x509 (PKCS7)

openssl

Related posts about openssl

Redhat | Openssl installation error

Redhat | Openssl installation error

Upgrade OpenSSL 0.9.8k to OpenSSL 1.0.1c on Ubuntu 10.04

Installing OpenSSL that supports SNI along with previous version of OpenSSL

Solaris X86 AESNI OpenSSL Engine

Categories cloud