On Tue, Apr 07, 2020 at 10:00:05AM -0700, Jason Proctor wrote:
> Turns out, d2i_PUBKEY() does exactly the thing.
> The advantage over picking BIGNUMs out of the SPKI bundle is that the
> code doesn't need to know the key size.
It is also algorithm independent. Works not only with RSA, but also
w
On Mon, Apr 6, 2020 at 10:03 PM William Roberts
wrote:
>
>
>
> I don't think I would consider it a hack necessarily. I work on the TPM stack
> and have to convert TPM structures to RSA public key structures for ooenssl
> to utilize, and we use this routine along the way. I would imagine theirs a
On Mon, Apr 6, 2020 at 11:03 PM Viktor Dukhovni
wrote:
>
> > Question -- is there a supported way of importing SPKI encoded public
> > keys into the OpenSSL world?
>
> Yes. That'd be d2i_PUBKEY(3):
>
> https://www.openssl.org/docs/man1.1.1/man3/d2i_PUBKEY.html
>
Perfect! Thanks so much.
On Mon, Apr 06, 2020 at 07:16:23PM -0700, Jason Proctor wrote:
> However, the d2i_NETSCAPE_SPKI() function errors out trying to deal
> with them.
That's not the droid you're looking for.
> Question -- is there a supported way of importing SPKI encoded public
> keys into the OpenSSL world?
Yes.
On Mon, Apr 6, 2020, 11:59 PM Jason Proctor wrote:
> On Mon, Apr 6, 2020 at 9:44 PM William Roberts
> wrote:
> >
> >
> > There's setter functions now. See:
> > https://www.openssl.org/docs/man1.1.0/man3/RSA_set0_key.html
>
> Thanks, yes it does look like that replaces direct access to "n" and
>
On Mon, Apr 6, 2020 at 9:44 PM William Roberts wrote:
>
>
> There's setter functions now. See:
> https://www.openssl.org/docs/man1.1.0/man3/RSA_set0_key.html
Thanks, yes it does look like that replaces direct access to "n" and
"e". It's a hack, but it might work for the moment.
Ideally though I
On Mon, Apr 6, 2020, 9:16 PM Jason Proctor wrote:
> Distinguished crypto community,
>
> I have the requirement to import RSA keypairs generated by the Amazon
> Key Management System into my environment. These keypairs arrive in
> the de facto standard of SPKI for the public component and PKCS8 fo
Distinguished crypto community,
I have the requirement to import RSA keypairs generated by the Amazon
Key Management System into my environment. These keypairs arrive in
the de facto standard of SPKI for the public component and PKCS8 for
the private component.
I have no problem with the PKCS8 en
