RE: Private Key Type and PEM Length

Fri, 30 Jun 2006 07:46:59 -0700 

I am working on something similar. if I generated a private key with no 
password, can I pass NULL to PEM_read_bio_privateKey(bio,&pkey,NULL,NULL)?

Is there lib function that reads DER format?

Sonia

-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Marek Marcola
Sent: Thursday, June 29, 2006 6:52 AM
To: openssl-users@openssl.org
Subject: Re: Private Key Type and PEM Length


Hello,
> > Can anyone tell me how to get the Private Key Type(DSA /RSA ) and its
> > PEM Length  given the buffer containing the Private Key in PEM / DER
> > format.
> If you have buffer in PEM format, key tape can be read from
> first "line" (for example: -----BEGIN DSA PRIVATE KEY-----)
> 
> If you have buffer in DER format (ASN1 or other form) there
> is no such information and in general you must know what you have
> or what you expect to get.
> 
> Or you may do some sort of guessing depending on key source:
>  - RSA private key - ASN1 SEQUENCE of 9 INTEGERS (generic - file)
>  - DSA private key - ASN1 SEQUENCE of 6 INTEGERS (generic - file)
>  - RSA & DSA public key from certificate - RFC2459
>  - RSA public key in DNS - RFC3110
> So public key format (which is transfered from peer to peer)
> depends on application - guessing may be not good idea.
Or high level example of reading private key from PEM buffer
with OpenSSL API may look like:

        EVP_PKEY* pkey = NULL;
        BIO* bio = NULL;

        bio = BIO_new_mem_buf(buf, len);
        pkey = PEM_read_bio_PrivateKey(bio,...);

        if( pkey->type == EVP_PKEY_RSA ){
                // RSA
        else if ( pkey->type == EVP_PKEY_DSA ){
                // DSA
        }

        EVP_PKEY_free(pkey);
        BIO_free(bio);

Best regards,
-- 
Marek Marcola <[EMAIL PROTECTED]>

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to