c - Any possibility of using KeyBlob (stored in byte format) for crypto operations -
created key blob using openssl. need use keyblob crypto operations(like- encrypt, decrypt, signing , verifying) using openssl. code platform independent.
// assume "private_key" having private key // keyblob byte array of size 2048 // e,n,p,q,dmp1,dmq1,iqmp,d of type bignum* , initialized null rsa* rsa = new rsa( ); rsa = evp_pkey_get1_rsa ( private_key ); if ( null == rsa ) { hresult = errno; printf("\n\terror:evp_pkey_get1_rsa failed\n\n"); break; } // if else { //printf("\n\trsa private key generated successfully\n\n"); } // else e = rsa->e; n = rsa->n; p = rsa->p; q = rsa->q; dmp1 = rsa->dmp1; dmq1 = rsa->dmq1; iqmp = rsa->iqmp; d = rsa->d; version = rsa->version; // convert bignum binary. // modulus (n) modulus = (unsigned char*)calloc(rsa_size(rsa), sizeof(unsigned char)); iresult = bn_bn2bin(n, modulus); if( !iresult ) { hresult = errno; printf("\n\terror:bn_bn2bin failed\n\n"); break; } // if // exponent1 (dmp1) exponent1 = (unsigned char*)calloc(rsa_size(rsa), sizeof(unsigned char)); iresult = bn_bn2bin(dmp1, exponent1); if( !iresult ) { hresult = errno; printf("\n\terror:bn_bn2bin failed\n\n"); break; } // if // exponent2 (dmq1) exponent2 = (unsigned char*)calloc(rsa_size(rsa), sizeof(unsigned char)); iresult = bn_bn2bin(dmq1, exponent2); if( !iresult ) { hresult = errno; printf("\n\terror:bn_bn2bin failed\n\n"); break; } // if // prime1 (p) prime1 = (unsigned char*)calloc(rsa_size(rsa), sizeof(unsigned char)); iresult = bn_bn2bin(p, prime1); if( !iresult ) { hresult = errno; printf("\n\terror:bn_bn2bin failed\n\n"); break; } // if // prime2 (q) prime2 = (unsigned char*)calloc(rsa_size(rsa), sizeof(unsigned char)); iresult = bn_bn2bin(q, prime2); if( !iresult ) { hresult = errno; printf("\n\terror:bn_bn2bin failed\n\n"); break; } // if // public exponent (e) public_exponent = (unsigned char*)calloc(rsa_size(rsa), sizeof(unsigned char)); iresult = bn_bn2bin(e, public_exponent); if( !iresult ) { hresult = errno; printf("\n\terror:bn_bn2bin failed\n\n"); break; } // if // private exponent (d) private_exponent = (unsigned char*)calloc(rsa_size(rsa), sizeof(unsigned char)); iresult = bn_bn2bin(d, private_exponent); if( !iresult ) { hresult = errno; printf("\n\terror:bn_bn2bin failed\n\n"); break; } // if // coefficient (iqmp) coefficient = (unsigned char*)calloc(rsa_size(rsa), sizeof(unsigned char)); iresult = bn_bn2bin(iqmp, coefficient); if( !iresult ) { hresult = errno; printf("\n\terror:bn_bn2bin failed\n\n"); break; } // if rsapubkey* rsapubkey = (rsapubkey*)(keyblob + sizeof(blobheader)); rsapubkey->bitlen = max_cert_len; rsapubkey->magic = 0x32415352; // 0x0032a400 rsapubkey->pubexp = *public_exponent; int m1 = rsapubkey->bitlen / 8 + 20; unsigned int = 0; // convert components big endian little endian for( = 0; < (rsapubkey->bitlen / 8); i++) { keyblob[m1 - 1 - i] = modulus[i]; } // int p1 = rsapubkey->bitlen / 16 + m1; ( = 0; < ( rsapubkey->bitlen / 16 ); i++ ) { keyblob[p1 - 1 - i] = prime1[i]; } // int p2 = rsapubkey->bitlen / 16 + p1; for( = 0; < (rsapubkey->bitlen / 16); i++) { keyblob[p2- 1 - i] = prime2[i]; } // int e1 = rsapubkey->bitlen / 16 + p2; for( = 0; < (rsapubkey->bitlen / 16); i++) { keyblob[e1 - 1 - i] = exponent1[i]; } // int e2 = rsapubkey->bitlen / 16 + e1; ( = 0; < ( rsapubkey->bitlen / 16 ); i++) { keyblob[e2 - 1 - i] = exponent2[i]; } // int c1 = rsapubkey->bitlen / 16 + e2; ( = 0; < (rsapubkey->bitlen / 16); i++ ) { keyblob[c1 - 1 - i] = coefficient[i]; } // int d1 = rsapubkey->bitlen / 8 + c1; ( = 0; < (rsapubkey->bitlen / 8); i++ ) { keyblob[d1 - 1 - i] = private_exponent[i]; } // /* fyi struct _rsapubkey { dword magic; // has rsa1 dword bitlen; // # of bits in modulus dword pubexp; // public exponent // modulus data follows } rsapubkey , struct _publickeystruc { byte btype; byte bversion; word reserved; alg_id aikeyalg; } blobheader, publickeystruc; */ these structures in wincrypt.h(in windows), linux need add manually.. here keyblob stored in "keyblob". here working fine. in function how use keyblob crypto operations(using rsa api). lets using rsa_public_encrypt encryption
i believe expected way covert these ...
rsa* rsa = new rsa( ); ... e = rsa->e; n = rsa->n; p = rsa->p; q = rsa->q; dmp1 = rsa->dmp1; dmq1 = rsa->dmq1; iqmp = rsa->iqmp; ... byte arrays use bn_num_bytes , bn_bn2bin:
int len, res; len = bn_num_bytes(n); unsigned char* n_arr = openssl_malloc(len); assert(n_arr != null); res = bn_bn2bin(n, n_arr); assert(res == len); len = bn_num_bytes(e); unsigned char* e_arr = openssl_malloc(len); assert(e_arr != null); res = bn_bn2bin(e, e_arr); assert(res == len); ... openssl_free(n_arr); openssl_free(e_arr); note byte arrays big endian.
you need free evp_pkey* , rsa*. 1 in evp_pkey_get1_rsa means reference count on rsa* bumped, needs call rsa_free. 0 means count not incremented, no *_free required.
lets using
rsa_public_encryptencryption...
use rsa* directly.
rsapubkey* rsapubkey = (rsapubkey*)(keyblob + sizeof(blobheader));
if ms-capi, need reverse byte arrays. not clear me ms-capi.
i'm guessing problem way bn extracted , converted. guess because not clear me trying other "use it".
Comments
Post a Comment