(openssl-dev readers ignore, crosspost...)
Hey all,
Im tearing my hair out here with what is probably a stupid problem.
I'm new to openssl , rsa, etc... , so bear with me please:)
Im doing the server-side things of an authorization system.
So, i need to sign user-submited challenge files with a private key.
Im trying to do this with PHP (on apache, with openssl).
The private key was generated with 'cryptopp' . It is hex-encoded and in DER
format.
Heres the bit of code that generates the key using cryptopp:
RSAES_OAEP_SHA_Decryptor priv(randPool, keylen);
HexEncoder privFile(new StringSink(privStr));
priv.DEREncode(privFile);
privFile.MessageEnd();
the private key looks *something* like this, just much longer (no need to
delete, this is not a real key here):
064DA77A8E7CFA65EDCE641
just one long string of hex values.
Ok then, i know the key needs to be in PEM format, for PHP / openssl... but, i
can't get it recognized at all by openssl.
When i try :
openssl rsa -in keyfile.key -inform DER -noout -text
i get:
14620:error:0D094068:asn1 encoding routines:d2i_ASN1_SET:bad tag:a_set.c:179:
14620:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong
tag:tasn_dec.c:947:
14620:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1
error:tasn_dec.c:304:Type=RSA
14620:error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib:d2i_pr.c:96:
Ok, so i guess i do somehow have to convert that hex data into binary, right?
i tried to do this with xxd, but i cant seem to find the option i need. i
pasted the output of -help for xxd below. I tried:
xxd -r infile outfile
but had to learn that a hexdump is not quite what my key is ..
i can do a binary digit dumb, and then -r that, but that doesnt make sense,
does it? :S
too many trees to see the forest for me here atm.
thanks alot for any hints + pointers,
Alois
xxd [options] [infile [outfile]]
or
xxd -r [-s [-]offset] [-c cols] [-ps] [infile [outfile]]
Options:
-a toggle autoskip: A single '*' replaces nul-lines. Default off.
-b binary digit dump (incompatible with -p,-i,-r). Default hex.
-c cols format <cols> octets per line. Default 16 (-i: 12, -ps: 30).
-E show characters in EBCDIC. Default ASCII.
-g number of octets per group in normal output. Default 2.
-h print this summary.
-i output in C include file style.
-l len stop after <len> octets.
-ps output in postscript plain hexdump style.
-r reverse operation: convert (or patch) hexdump into binary.
-r -s off revert with <off> added to file positions found in hexdump.
-s [+][-]seek start at <seek> bytes abs. (or +: rel.) infile offset.
-u use upper case hex letters.
--
"Feel free" - 10 GB Mailbox, 100 FreeSMS/Monat ...
Jetzt GMX TopMail testen: http://www.gmx.net/de/go/topmail
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
