I'm trying to read a RSA public key generated with openssl like this:
Private Key:
openssl genrsa -out mykey.pem 1024
Public Key afterwards:
openssl rsa -in mykey.pem -pubout > somewhere.pub
Then I try to read:
FILE *keyfile = fopen("somewhere.pub", "r");
RSA *rsa_pub = PEM_read_RSAPublicKey(keyfile, NULL, NULL, NULL);
//rsa_pub == NULL!
When I'm reading the private key it works
FILE *keyfile = fopen("mykey.pem", "r");
RSA *rsa_pri = PEM_read_RSAPrivateKey(keyfile, NULL, NULL, NULL);
//all good
Any ideas?
I've read that openssl generate a X509 key of the RSA public key. But I could not manage to load even a X509 pub key.
Thanks
You might try PEM_read_RSA_PUBKEY()
instead of PEM_read_RSAPublicKey()
.
This is all about formats.
The default public key file format generated by openssl is the PEM format.
PEM_read_RSA_PUBKEY()
reads the PEM format. PEM_read_RSAPublicKey()
reads the PKCS#1 format.
So if you want to stick to PEM_read_RSAPublicKey()
you could generate the public key file using the PKCS#1 format by specifying the -outform DER
option when generating the public key.
it seems there are two format of rsa public key, with different encoding.
RSA* rsaPubKey = PEM_read_bio_RSA_PUBKEY( bio, NULL, 0, pass ) ;
read PUBKEY
with this format
-----BEGIN PUBLIC KEY-----
...
-----END PUBLIC KEY-----
generated by
$ openssl rsa -in key.pri -pubout -out key.pub1
RSA* rsaPubKey = PEM_read_bio_RSAPublicKey( bio, NULL, 0, pass ) ;
read PublicKey
with this format
-----BEGIN RSA PUBLIC KEY-----
...
-----END RSA PUBLIC KEY-----
generated by
$ openssl rsa -in key.pri -RSAPublicKey_out -out key.pub2
A to B format
$ openssl rsa -in key.pub1 -pubin -RSAPublicKey_out -out key.pub2_
B to A format
$ openssl rsa -in key.pub2 -RSAPublicKey_in -pubout -out key.pub1_
The openssl rsa utility saves the public key using the function PEM_write_bio_RSA_PUBKEY and not PEM_write_bio_RSAPubicKey. So, if you want your program to be compatible with its output, then you should use PEM_write_bio_RSA_PUBKEY and PEM_read_bio_RSA_PUBKEY for saving/loading public key files.
http://openssl.6102.n7.nabble.com/RSA-public-private-keys-only-work-when-created-programatically-td12532.html
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With