On Thu, 30 Jun 2022 at 17:07, Robert Relyea <rrel...@redhat.com> wrote:
> > in nss/lib/softoken/pkcs11c.c:sftk_unwrapPrivateKey()
>
>
> I little bit more context would have help, but I finally found it.
> It looks like it's happening for PSS keys where it's trying to create
> CKA_PUBLIC_KEY_INFO. I don't see anything in NSS proper which references
> CKA_PUBLIC_KEY_INFO, so it quite likely could be wrong and we haven't
> notices.
Ah. Unfortunately I had no real context to give.
I came across this code while searching for an example of how to use
the ASN.1 parser to encode an RSA public key. It was essentially what
I wanted except my output was off when fed into any ASN.1 parser.
(this answers my question about PEM encoded public keys)
> > In my version of this code I'm finding that I need to convert the
> > returned subjectPublicKey's length to bits, something like:
> >
> > spki.subjectPublicKey *= 8;
> >
> > before making the second SEC_ASN1EncodeItem() call. I believe this is
> > because that field is encoded using:
> >
> > { SEC_ASN1_BIT_STRING,
> > offsetof(NSSLOWKEYSubjectPublicKeyInfo, subjectPublicKey) },
> >
> > and SEC_ASN1_BIT_STRING expects the SECItem.len to be in bits not bytes.
> >
> > could the above have the same problem?
>
> I think you are right, it could have the same problem.
Thanks.
> bob
>
> >
> > Andrew
--
You received this message because you are subscribed to the Google Groups
"dev-tech-crypto@mozilla.org" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to dev-tech-crypto+unsubscr...@mozilla.org.
To view this discussion on the web visit
https://groups.google.com/a/mozilla.org/d/msgid/dev-tech-crypto/CAJeAr6snQT-i5keSwr6QOxv%2B0K_uMF2pZ134XOHXtkCRA0Zdqg%40mail.gmail.com.
