Re: problem loading public key

Fri, 09 Jan 2004 17:29:02 -0800 

On Fri, Jan 09, 2004, Jesse Hammons wrote:

> 
> I generated this public key:
> -----BEGIN PUBLIC KEY-----
> MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALRdnQqWEqNhxfi7JcWIBBiNPTewfnj+
> cI+R918Kg6+Q38gWTIwdUm/6+8CincyF8BRne8HpBYV0kRBFdI4wIaECAwEAAQ==
> -----END PUBLIC KEY-----
> 
> with this command
> openssl rsa -in rsa.private -pubout
> 
> Using the "openssl rsautl" command I am able to use this rsa public key
> to verify a file that was signed with with my private key.  Which is to
> say, openssl reads in my public key with no programs.
> 
> Unfortunately the following program is unable to read the public key:
> 
> #include <openssl/evp.h>
> #include <openssl/err.h>
> int main(int argc, char **argv)
> {
>         RSA *rsa = (RSA*)PEM_read_RSAPublicKey(stdin,NULL, NULL, NULL);
>         if (!rsa) {
>                 ERR_print_errors_fp(stderr);
>         }
>         printf("rsa is %x\n", rsa);
> }
> 
> % cc key.c -o key /sw/lib/libcrypto.a && ./key < rsa.public
> 1015:error:0906D06C:lib(9):func(109):reason(108):pem_lib.c:666:Expecting:
> RSA PUBLIC KEY
> rsa is 0
> %
> 
> However the same code works if I use this other public key, which I
> found by searching the web for RSA PUBLIC KEY:
> 
> -----BEGIN RSA PUBLIC KEY-----
> MIGJAoGBANSRRY5E9hNWz+gQh01fgLklMfpwzPB/x+k7DeSymecmImXNGqYk0wvf
> XMo5i87c9SRVBlDlkfY7drX9BxnbggEDgRSoMWW4uKCh4rHt0T53N1ZWJb+5WsS5
> F3UB8N3rqLw7Aa7ZWnMPnNk7f92ZbewJDrS47ikzsKbo7p/1BELDAgMBAAE=
> -----END RSA PUBLIC KEY-----
> 
> % cc key.c -o key /sw/lib/libcrypto.a &&  ./key < rsatest.public
> rsa is b0b80
> 
> What am I doing wrong?  Did I generate the public key incorrectly, or
> is my code wrong?  I've tried BIO and other methods for reading my
> public key, all of which failed.  Somehow the openssl command is able
> to read my public key, but my code above does not work.
> 
> 

There are two incompatible public key formats. One is a PKCS#1 RSAPublicKey
which is what PEM_read_RSAPublicKey() uses.

The other format is a SubjectPublicKeyInfo structure as used in certificates.
This is used by PEM_read_RSA_PUBKEY() *and* the 'rsa' utility, so you need to
use that instead.

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to