[ Repost from an off-list discussion, since this may be of more general interest. /Niels ]

Jeffrey Walton noloader@gmail.com writes:

I did not see rsa_public_key_save, rsa_public_key_load, rsa_private_key_save, and rsa_private_key_load. How does one save and or load a public or private key?

That depends on which keyformat you want. The most general (and most primitive) way is to access the bignums in the public and private key structs directly, using functions like mpz_set_str/mpz_get_str or mpz_import/mpz_export. Don't forget to call rsa_public_key_prepare and rsa_private_key_prepare after setting these fields.

There are some helper functions, rsa_keypair_to_sexp and rsa_keypair_from_sexp for conversion to and from spki/sexp format. And there's rsa_keypair_from_der for reading keys in pkcs#1 format (but appearantly none for the other direction).

These functions are unfortunately all undocumented, which is due in part to lazyness, in part to the fact that I'm not sure the interfaces are right (although for these particular functions, I see nothing obviously wrong, except perhaps the names). There are at least some examples, examples/rsa-keygen.c calls rsa_keypair_to_sexp, examples/read_rsa_key.c calls rsa_keypair_from_sexp, and tools/pkcs1-conv.c calls rsa_keypair_from_der.

Regards, /Niels