Scott Taggart wrote:
>
> Hi,
>
> I am using "req -new..." to generate a privkey.pem file. I see how I can
> get an encoded version of the private key file using the "rsa -in
> privkey.pem" command. What I need, however, is a "binary" form (better yet
> a "C" format). I don't see an option in the rsa command to generate a "C"
> file like there is in the x509 command for generating a C file
> version. The RSA sslc command has added an option ("-C") to just
> this. When I looked through the source for "rsa", I don't see an easy way
> to do it - by the time the private key is in binary form, it's at such a
> low-level that I can't easily get access to it. Can someone suggest a mod
> to the rsa.c file to do this or the few calls to do this? I am presently
> resorting to taking the encoded output from rsa and unencoding it and then
> writing it out that way. Since this involves a separate mini-application
> and hacking for header and trailer removal, I would like to move away from
> this.
>
> I'm a newbie to openssl, so please forgive my ignorance...
>
You can read in the DER version of an ASN1 structure (including RSA
private keys) using the d2i_XXX functions: see FAQ for details. To get
the DER binary file into an array there's a Unix utility called xxd
which can be used.
That will only work with unencrypted private keys. To use encrypted
private keys you are best going via PKCS#8 format.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
