Extracting the public modulus from an RSA public key?
Thomas Dwyer III
tomiii at tomiii.com
Wed May 6 05:29:04 UTC 2020
Ugh. So simple! I don't know how I missed that. I found get0 & get1
accessors for many other structures but I didn't see that one.
Thanks,
Tom.III
On Tue, May 5, 2020 at 9:50 PM Dr Paul Dale <paul.dale at oracle.com> wrote:
> Might I suggest reading the documentation?
>
> RSA_get0_n() is the function you are wanting.
>
>
> Pauli
> --
> Dr Paul Dale | Distinguished Architect | Cryptographic Foundations
> Phone +61 7 3031 7217
> Oracle Australia
>
>
>
>
> On 6 May 2020, at 2:20 pm, Thomas Dwyer III <tomiii at tomiii.com> wrote:
>
> I'm porting some old legacy code from OpenSSL 1.0.2 to OpenSSL 3.0.0. A
> portion of this code reads X509 certificates, extracts the public key, and
> passes it to firmware that I cannot modify. Unfortunately, this legacy
> firmware API was very poorly designed such that the public key is passed in
> a way similar to:
>
> RSA *rsa = get_pubkey_from_cert(...)
> BIGNUM *bn = rsa->n;
> int len = BN_num_bytes(bn);
> unsigned char *buf = malloc(len);
> BN_bn2bin(bn, buf);
> pubkey_to_firmware(buf, len);
>
> Yuck. Ignoring the fact that this firmware appears to assume a constant
> exponent 'e', I cannot find a way to extract the modulus 'n' from the RSA
> key. I understand this is intentional. The only solution I could find is to
> print the key to a buffer via EVP_PKEY_print_public(), parse the result to
> extract the modulus into a giant hex string, and then BN_hex2bn() that back
> into a BIGNUM. Is there a better way?
>
>
> Thanks,
> Tom.III
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20200505/b100c125/attachment-0001.html>
More information about the openssl-users
mailing list