OpenSSL C API - getting keylength of public key in DER encoding - c

I would like to determine the key length of a public key encoded in DER format while using the OpenSSL API in C.
It is quite straight-forward to do this with a key encoded in PEM format:
FILE *fp = fopen(argv[1], "rb");
RSA *rsa_key = PEM_read_RSA_PUBKEY(fp, NULL, NULL, NULL);
int keylength = RSA_size(rsa_key);
(assuming that the key to be loaded has been passed as an argument)
Unfortunately there is no equivalent DER_read_RSA_PUBKEY function.
I have been trying it with i2d_RSA_PUBKEY_fp and d2i_RSA_PUBKEY_fp but to no avail - only segmentation faults.
The difference between _RSA_PUBKEY and _RSAPublicKey seems to be that the former uses a SubjectPublicKeyInfo (certificate public key) structure and the latter uses a PKCS#1 RSAPublicKey structure.

The d2i_* function family is available for converting DER to openssl internal datastructures.
So, you should be able to use:
FILE *fp = fopen(argv[1], "rb");
RSA *rsa_key = d2i_RSAPublicKey_fp(fp, NULL);
int keylength = RSA_size(rsa_key);
to achieve what you want.

Related

How to extract public key from private key using openssl in C

I know in command line that given a pem file of private key, you can extract the public key from it.
Wondering how the similar function can be achieved using openssl's C library?
First, read the key:
EVP_PKEY *key;
FILE *fpkey;
OpenSSL_add_all_algorithms();
key = EVP_PKEY_new();
fpkey = fopen ("key.pem", "r");
PEM_read_PrivateKey(fpkey, &key, NULL, NULL);
fclose(fpkey);
Now that you have the EVP_PKEY structure, you can save the public key:
FILE* fppubkey = fopen("pubkey.pem", "wb");
PEM_write_PUBKEY(fppubkey, key);
fclose(fppubkey);
Make sure to add error checking.

Extracting the public certificate from a certificate

I would like to programmatically generate a certificate that contain only the public key using openssl.
So I basically need to do the following but using code.
openssl x509 -in certificate.crt -pubkey
Digging a bit it seem that I need to create a new certificate and copy all the information except the private key in it.
X509 * pNewKey = X509_new();
... Copy all the needed information ...
PEM_write_bio_X509(bioKey, &pNewKey, NULL, NULL);
Does someone have a better method?
I would like to programmatically generate a certificate that contain only the public key
To set the public key, take your public key in EVP_PKEY format and call X509_set_pubkey. Building upon your example code:
X509* x509 = X509_new();
EVP_PKEY* pkey = /***/;
int rc = X509_set_pubkey(x509, pkey);
ASSERT(rc == 1);
BIO* bio = BIO_new_file("filename.txt", "w");
ASSERT(bio != NULL);
rc = PEM_write_bio_X509(bio, x509, NULL, NULL);
ASSERT(rc == 1);
...
BIO_free(bio);
EVP_PKEY_free(pkey);
X509_free(x509);
For completeness, OpenSSL will save a certificate with no attributes, no version, no public key, and no signature.
So I basically need to do the following but using code.
openssl x509 -in certificate.crt -pubkey
OK, this is a different question. The above command will print the public key.
Use x509_get_pubkey:
EVP_PKEY* pkey = X509_get_pubkey(X509* x509);
Once you have the EVP_PKEY, you can get the type. You need to supply this function because OpenSSL does not provide it:
int EVP_PKEY_get_type(EVP_PKEY *pkey)
{
AC_ASSERT(pkey);
if (!pkey)
return NID_undef;
return EVP_PKEY_type(pkey->type);
}
Then, depending on the type, you can print the key:
if(type == EVP_PKEY_RSA || type == EVP_PKEY_RSA2)
{
RSA* rsa = EVP_PKEY_get1_RSA(pkey);
RSA_print_fp(stdout, rsa, 0);
RSA_free(rsa);
}
...
You have to break out the keys by type and then call the respective XXX_print_fp because OpenSSL does not provide an EVP_PKEY_print_fp.
The get1 in EVP_PKEY_get1_RSA means the reference count on the key is bumped. So you have to call a *_free on it. A get0 does not bump the reference count, and does not need a call to *_free.

How to read/write the public key in an RSA structure

Using C, I can generate and write an RSA public key to a PEM file using PEM_write_RSAPublicKey(),
But I want to write multiple public keys to a single file (like known_hosts or authorized_hosts), rather than have a separate PEM file for each.
I know how to encode/decode base64,
But how do I get the public key from the RSA structure (which I can base64 encode) and later read the same key from file and put it back into the RSA structure for encrypting/decrypting?
PEM_write_RSAPublicKey() will append to the file if opened with "a+" but there is no indication of which keys are for which client. I don't want PEM formatting, only to write each public key to a single line in the file.
I found that the public key is in DER format, which I can get from the RSA struct using:
len = i2d_RSAPublicKey(rsap, 0);
buf1 = buf2 = (unsigned char *)malloc(len + 1);
rc = i2d_RSAPublicKey(rsap, (unsigned char **)&buf2);
Then I base64-encode buf1 and write it to my file.
After reading it from file, putting it back into the RSA struct is just the reverse:
rsap = d2i_RSAPublicKey(NULL, (const unsigned char **)&buf1, (long)len);

openSSL: how to initialize keys for public key encryption?

For using openSSL API for public key encryption, how is the key (public & private) initialized in a C program, given private key in *.key file format, and public key in *.pem file format:
EVP_PKEY *key;
/* How is key initialized ?
*/
ctx = EVP_PKEY_CTX_new(key);
Thanks.
try this:
EVP_PKEY *pkey;
FILE *f = fopen("<path for your PEM or DER encoded key>", "rb");
if (f == NULL){
// error handling...
}
//if your key is PEM encoded use this
pkey = PEM_read_PUBKEY(f, NULL, NULL, NULL); // pkey now contains the pubKey.
//We are passing NULL to the others parameters because we dont need password to read a public key
//if your key is DER encoded use this
pkey = d2i_PUBKEY_fp(f, NULL);
if (pkey == NULL){
// error handling...
}
I didnt test but should work.

How do I decrypt a private key file and sign some text using openssl calls in C?

I have 2 separate programs (spliced together below). The first generates the key pair and saves to files (works fine). The second opens the private key, decrypting with a pass phrase and then I need it to sign a string of text. The code below fails on the PEM_read_PrivateKey() (last) call (can't see why). Can anyone point me at what I am doing wrong and then what openssl calls I should make to use the private key to sign some text?
int main (int argc, char *argv[])
{
char *priv_pem = "priv.pem";
char *pub_pem = "pub.pem";
char *pass = "Password";
FILE *fp;
int bits = 4096;
unsigned long exp = RSA_F4;
RSA *rsa;
EVP_PKEY *pkey;
// GENERATE KEY
rsa=RSA_generate_key(bits,exp,NULL,NULL);
if (RSA_check_key(rsa)!=1)
Exit(1,"Error whilst checking key","");
pkey = EVP_PKEY_new();
EVP_PKEY_assign_RSA(pkey, rsa);
// WRITE ENCRYPTED PRIVATE KEY
if (!(fp = fopen(priv_pem, "w")))
Exit(2,"Error opening PEM file",priv_pem);
if (!PEM_write_PrivateKey(fp,pkey,EVP_aes_256_cbc(),NULL,0,NULL,pass))
Exit(3,"Error writing PEM file",priv_pem);
fclose(fp);
// WRITE PUBLIC KEY
if (!(fp = fopen(pub_pem, "w")))
Exit(4,"Error opening PEM file",pub_pem);
if (!PEM_write_PUBKEY(fp, pkey))
Exit(5,"Error writing PEM file",pub_pem);
fclose(fp);
// ------- End of key generation program -------
// ------- Start of text signing program -------
// READ IN ENCRYPTED PRIVATE KEY
if (!(fp = fopen(priv_pem, "r")))
Exit(6,"Error reading encrypted private key file",priv_pem);
if (!PEM_read_PrivateKey(fp,&pkey,NULL,pass))
Exit(7,"Error decrypting private key file",priv_pem);
fclose(fp);
// Sign some text using the private key....
// FREE
RSA_free(rsa);
return 0;
}
Have you initialised pkey to NULL before you pass &pkey to PEM_read_PrivateKey()? If not, it will attempt to re-use the EVP_PKEY structure that pkey points to - and if pkey is uninitialised, it will be looking at a random spot in memory.
You can use ERR_print_errors_fp(stderr); to dump the OpenSSL error stack to stderr when an error occurs - this is often helpful in finding the problem.
Thanks #caf for your help.
By trial and error I fixed PEM_read_PrivateKey() error by adding the following to the start:
if (EVP_get_cipherbyname("aes-256-cbc") == NULL)
OpenSSL_add_all_algorithms();
However, I'm still looking for the best (practice) way of generating the keys and then using the private key for signing. From my limited understanding, I am looking for openssl methods that adhere to RSA's "PKCS #1 v2.0: RSA Cryptography Standard"

Resources