<div dir="ltr"><div>Ugh. So simple! I don't know how I missed that. I found get0 & get1 accessors for many other structures but I didn't see that one.</div><div><br></div><div><br></div><div>Thanks,</div><div>Tom.III</div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, May 5, 2020 at 9:50 PM Dr Paul Dale <<a href="mailto:paul.dale@oracle.com">paul.dale@oracle.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div style="overflow-wrap: break-word;">Might I suggest reading the documentation?<div><br></div><div>RSA_get0_n() is the function you are wanting.</div><div><br></div><div><br></div><div>Pauli<br><div>
<div dir="auto" style="overflow-wrap: break-word;"><div style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none">-- <br>Dr Paul Dale | Distinguished Architect | Cryptographic Foundations <br>Phone +61 7 3031 7217<br>Oracle Australia</div><div style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none"><br></div><br></div><br>
</div>
<div><br><blockquote type="cite"><div>On 6 May 2020, at 2:20 pm, Thomas Dwyer III <<a href="mailto:tomiii@tomiii.com" target="_blank">tomiii@tomiii.com</a>> wrote:</div><br><div><div dir="ltr"><div>I'm porting some old legacy code from OpenSSL 1.0.2 to OpenSSL 3.0.0. A portion of this code reads X509 certificates, extracts the public key, and passes it to firmware that I cannot modify. Unfortunately, this legacy firmware API was very poorly designed such that the public key is passed in a way similar to:</div><div><br></div><div><span style="font-family:monospace"> RSA *rsa = get_pubkey_from_cert(...)</span></div><div><span style="font-family:monospace"> BIGNUM *bn = rsa->n;</span></div><div><span style="font-family:monospace"> int len = BN_num_bytes(bn);</span></div><div><span style="font-family:monospace"> unsigned char *buf = malloc(len);<br></span></div><div><span style="font-family:monospace"> BN_bn2bin(bn, buf);</span></div><div><span style="font-family:monospace"> pubkey_to_firmware(buf, len);</span></div><div><br></div><div>Yuck. Ignoring the fact that this firmware appears to assume a constant exponent 'e', I cannot find a way to extract the modulus 'n' from the RSA key. I understand this is intentional. The only solution I could find is to print the key to a buffer via EVP_PKEY_print_public(), parse the result to extract the modulus into a giant hex string, and then BN_hex2bn() that back into a BIGNUM. Is there a better way?</div><div><br></div><div><br></div><div>Thanks,</div><div>Tom.III</div><div><br></div></div>
</div></blockquote></div><br></div></div></blockquote></div>