[openssl-users] how to import external rsa public key in openssl.
Viktor Dukhovni
openssl-users at dukhovni.org
Fri Jun 8 13:57:49 UTC 2018
> On Jun 8, 2018, at 3:02 AM, Sangsub <i_chacha at naver.com> wrote:
>
> pem_base64:"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirjFSROMxZ9gW1AmX2nsO4zjs+mvXhdNJs/iQmUBBL6gUQEYlnbHopLMa1rnGeEZ46wp6dOtna3NpJby9xhfnAxIcqLbEk8BmSsjjoP9WC2KKQ8pc/nPdE8eU/iqU6IlwSKZscw2WPtgfLWrpXmDLWwmh/cTAKTfPfHBQH4X0ipcGcgw7QxYJAcjCaYSuz5PsznyW7vP4pmfQ0IRBkmrrF9L/qKlnNOMFzl5pnmv3Iuqy06H61Cs+AbPt0B1BL2sEQz7y5nAQicDHhRrnzuDd8hwNWkDCfrphy4se5PoN1/M3rxPmL4dV0JpxROkNZT2uIYfdGSDKumeus6uD8w6xQIDAQAB
It is not PEM until it has a PEM header and trailer indicating the data
type. That's just the base64 form of the DER encoding. To get actual
PEM data:
$ b64="MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirjFSROMxZ9gW1AmX2nsO4zjs+mvXhdNJs/iQmUBBL6gUQEYlnbHopLMa1rnGeEZ46wp6dOtna3NpJby9xhfnAxIcqLbEk8BmSsjjoP9WC2KKQ8pc/nPdE8eU/iqU6IlwSKZscw2WPtgfLWrpXmDLWwmh/cTAKTfPfHBQH4X0ipcGcgw7QxYJAcjCaYSuz5PsznyW7vP4pmfQ0IRBkmrrF9L/qKlnNOMFzl5pnmv3Iuqy06H61Cs+AbPt0B1BL2sEQz7y5nAQicDHhRrnzuDd8hwNWkDCfrphy4se5PoN1/M3rxPmL4dV0JpxROkNZT2uIYfdGSDKumeus6uD8w6xQIDAQAB"
$ echo; echo "$b64" |
openssl base64 -A -d |
openssl pkey -inform DER -pubin -text
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirjFSROMxZ9gW1AmX2ns
O4zjs+mvXhdNJs/iQmUBBL6gUQEYlnbHopLMa1rnGeEZ46wp6dOtna3NpJby9xhf
nAxIcqLbEk8BmSsjjoP9WC2KKQ8pc/nPdE8eU/iqU6IlwSKZscw2WPtgfLWrpXmD
LWwmh/cTAKTfPfHBQH4X0ipcGcgw7QxYJAcjCaYSuz5PsznyW7vP4pmfQ0IRBkmr
rF9L/qKlnNOMFzl5pnmv3Iuqy06H61Cs+AbPt0B1BL2sEQz7y5nAQicDHhRrnzuD
d8hwNWkDCfrphy4se5PoN1/M3rxPmL4dV0JpxROkNZT2uIYfdGSDKumeus6uD8w6
xQIDAQAB
-----END PUBLIC KEY-----
Public-Key: (2048 bit)
Modulus:
00:8a:b8:c5:49:13:8c:c5:9f:60:5b:50:26:5f:69:
ec:3b:8c:e3:b3:e9:af:5e:17:4d:26:cf:e2:42:65:
01:04:be:a0:51:01:18:96:76:c7:a2:92:cc:6b:5a:
e7:19:e1:19:e3:ac:29:e9:d3:ad:9d:ad:cd:a4:96:
f2:f7:18:5f:9c:0c:48:72:a2:db:12:4f:01:99:2b:
23:8e:83:fd:58:2d:8a:29:0f:29:73:f9:cf:74:4f:
1e:53:f8:aa:53:a2:25:c1:22:99:b1:cc:36:58:fb:
60:7c:b5:ab:a5:79:83:2d:6c:26:87:f7:13:00:a4:
df:3d:f1:c1:40:7e:17:d2:2a:5c:19:c8:30:ed:0c:
58:24:07:23:09:a6:12:bb:3e:4f:b3:39:f2:5b:bb:
cf:e2:99:9f:43:42:11:06:49:ab:ac:5f:4b:fe:a2:
a5:9c:d3:8c:17:39:79:a6:79:af:dc:8b:aa:cb:4e:
87:eb:50:ac:f8:06:cf:b7:40:75:04:bd:ac:11:0c:
fb:cb:99:c0:42:27:03:1e:14:6b:9f:3b:83:77:c8:
70:35:69:03:09:fa:e9:87:2e:2c:7b:93:e8:37:5f:
cc:de:bc:4f:98:be:1d:57:42:69:c5:13:a4:35:94:
f6:b8:86:1f:74:64:83:2a:e9:9e:ba:ce:ae:0f:cc:
3a:c5
Exponent: 65537 (0x10001)
With the above in a file or memory BIO, you can
use a suitable PEM_*_PUBKEY() routine, to get
an abstract EVP_PKEY or an RSA key. If you
want to do signature verification, you should
not write any RSA-specific code. An EVP_PKEY
can be used with X509_verify() with any supported
key type: RSA, DSA, ECDSA, Ed25519, ...
--
Viktor.
More information about the openssl-users
mailing list