Ted Zlatanov tzz@lifelogs.com writes:
If I generate a public RSA key into a PEM file and then base64-decode the contents (this is in Emacs):
(string-to-unibyte (base64-decode-string "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreGA/Qky9W3izQV0kzba
[...]
EwIDAQAB"))
rsa_keypair_from_der (&key, NULL, 0, SCHARS (public_key), SDATA (public_key))
It keeps failing. From the docs and example it seems like that should work. Can you see what I'm doing wrong?
The data corresponds to (according to dumpasn1):
0 290: SEQUENCE { 4 13: SEQUENCE { 6 9: OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1) 17 0: NULL : } 19 271: BIT STRING : 30 82 01 0A 02 82 01 01 00 AD E1 80 FD 09 32 F5 : 6D E2 CD 05 74 93 36 DA EF 02 A5 FF 0C F0 C6 46 : DB 43 1B DC 52 A5 13 D6 4A E0 01 B3 BF 9F 5B 58 : 16 35 DD 25 9A 16 C1 B3 0E FE AB FB 35 1A 0C 0D : 8E 32 3D 61 A9 B1 07 D8 F8 F4 88 92 70 21 4D 95 : 5B 83 05 EB 9B FC 1B DF BF A1 29 12 9A C7 65 19 : F4 0F D1 C7 8B C9 65 16 25 92 9B D9 F4 B6 C1 CE : 2B 1E 14 D3 7B 48 C5 96 AA 48 C1 3B F3 5E 4F CF : [ Another 142 bytes skipped ] : }
Which looks ok to me. But Nettle's rsa_keypair_from_der wants the contents of that BIT STRING only, not the complete object. Hava a look at tools/pkcs1-conv.c, which I think is the only example code using these functions.
BTW, you might want to have a look at the unfinished openpgp code in Nettle (pgp.h, pgp-encode.c and rsa2openpgp.c). But it's not very useful in the current state.
Regards, /Niels