[openssl-dev] Retrieving DSA public key (Y) in ASN.1 format
Philip Prindeville
philipp_subx at redfish-solutions.com
Wed Dec 17 19:08:21 UTC 2014
On Dec 16, 2014, at 3:34 PM, Dave Thompson <dthompson at prinpay.com> wrote:
>
>>> So, a few questions:
>>>
>>> (1) what's the quick way to, given a DSA *, compute a hash (given an
>> EVP_MD *) over dsa->pub_key as an ASN.1 primitive? I tried:
>>>
>>> ASN1_item_digest(ASN1_ITEM_ref(BIGNUM), mdtype, dsa->pub_key, md,
>> mdlen);
>>>
>>> but it's giving me highly dubious results.
>>>
> I wouldn't poke around in internals like that, I would just i2d to a buffer
> and hash the buffer. 32 bytes of memory costs about $.000001 .
> I'm not sure even bitcoin divides small enough to make that detectable.
>
> (Alternatively one could get a cert for the key from a CA that uses SKId
> which is conventionally the hash of the "raw" pubkey. <G><G><G>)
Well, I was hoping to upstream it into library so that if it uses the internals it shouldn’t be a bad thing.
I was likewise hoping to avoid any unnecessary copies, since I can think of at least one scenario where a large database of keys is loaded up at startup and then indexed by hash, so I don’t want to take longer than necessary generating those hashes.
-Philip
More information about the openssl-dev
mailing list