[openssl-users] Generating unsigned RSA Public Key with openssl
Jan Bilek
ian.bilek at gmail.com
Sun Mar 25 00:32:22 UTC 2018
Hi,
Following code is simplified to demonstrate plain RSA public key with the
OpenSSL library:
RSA_ptr rsa(RSA_new(), ::RSA_free);
BN_ptr bn(BN_new(), ::BN_free);
BN_set_word(bn.get(), RSA_F4); //65535
RSA_generate_key_ex(rsa.get(), 320, bn.get(), NULL);
BIO * keybio = BIO_new(BIO_s_mem());
i2d_RSAPublicKey_bio(keybio, rsa.get());
char buffer2 [2048];
size_t pubKeyBufferSize = BIO_read (keybio, buffer2, 320);
std::cout << Convert::BinToHexString(buffer2, pubKeyBufferSize);
//using here our internal routine to print binary data
Output from this will come up with binary data in DER ANS.1 format like
this:
30 ;SEQUENCE
30 02 29 ;SEQUENCE + size
00 ;leading zero of INTEGER
CCEE6526AE9D4380B670A23F55B840F8C5D8CC784E06E123C126753525FD
FE1949...
02 03 ;SEQUENCE + size
010001
Now, the "leading zero of INTEGER" part is present to indicate that
following value is positive value integer. However I need to get rid of it
due to some legacy reasons.
I was going through openssl source and found that through the DER
construction its presence is decided based on ASN1_VALUE->type &
V_ASN1_NEG, but I am unable to track down where to set generated PublicKey
as V_ASN1_NEG (or influence it to be generated as negative).
Other way to handle this is to write my own TLV-DER parser and re-pack
these few bytes to comply with what I need, but I would rather enforce API
to do that for me, if it makes sense.
Would you have any advice on this?
Thank you,
Jan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180325/de53da4b/attachment.html>
More information about the openssl-users
mailing list