On 28 mar, 15:28, Robert Relyea <rrel...@redhat.com> wrote:
> On 03/28/2011 05:32 AM, Superpacko wrote:
>
>
>
>
>
>
>
> > On 23 mar, 14:40, Robert Relyea <rrel...@redhat.com> wrote:
> >> On 03/23/2011 06:24 AM, Superpacko wrote:> Well, so i 've been told that i
> >> shuld be able to extract the MPI as
> >>> bytes and pass it to NSS since GPG original key format is PEM, i
> >>> should be able to use MPIs data as raw bytes.
> >> If it's really PEM (which should be a printable string), then you should
> >> be able to pull out the Base 64 portion and pass it to the NSS atob
> >> routine:
>
> >> ATOB_ConvertAsciiToItem()
>
> >> It will return a secItem which has a date and a length. This secitem is
> >> DER data.
>
> >> bob
>
> >> PEM is an ascii file in which all the data outside specific wrappers:
> >> ( ------------------------- BEGIN xxxxx
> >> ---------------------------------),
> >> (---------------------- END xxx ------------------------)
> >> are ignored. Inside the wrappers is base 64 encoded binary. Base 64
> >> takes the 27 letters of the alphabet, both upper and lower case, with
> >> the 10 digits, plus and / and assigns each a value between 0 and 64. The
> >> binary blob is then considered a long binary integer. That integer is
> >> converted to base 64 using those printable digits. The encoding used 4
> >> base 64 digits to encode 3 binary bytes (base 64 is 6 bits per value)
>
> >> The PEM base64 pem data is DER data, so the nss der functions should
> >> work for them, once you've decoded the base 64.
>
> >> bob
>
> >>> The thing is that the only function i found that takes unsigned char*
> >>> as argument is PK11_MakeKEAPubKey, and when i try to encrypt using
> >>> that key, i get error 8178 (BAD KEY)
> >>> So is there a way to import a public and private key with raw bytes?
> >>> so far i've seen that most functions need SECKEYPrivateKeyInfo and
> >>> stuff like that.
> > Thanks for the help, im going to try to extract this information from
> > the key stored in the MPIs.
> > Is there a way to import an RSA key from external source that is not
> > DER encoded nor KEA?
>
> Do you mean an RSA public key or an RSA private key?
>
> bob
>
>
>
>
>
>
>
> > otherwise im gonna have to build a custom PK11_MakeRSAPubKey to create
> > a SECKEYPublicKey from raw bytes, filling the
> > modulusItem.data = modulusData;
> > modulusItem.len = modulusLen;
> > exponentItem.data = exponentData;
> > exponentItem.len = exponentLen;
>
> > with the info from the raw bytes.
>
> > thanks again!
So, i was able to import the public keys frmo GPG to NSS. Im going to
post the whole solution once its finished.
Right know what i need is to import the private key into NSS, and im
wondering how to initialize the structure: SECKEYPrivateKeyInfo
since im using this function, and im not sure about the parameters:
SECStatus
PK11_ImportPrivateKeyInfoAndReturnKey(PK11SlotInfo *slot, //
this is the slot ill create
SECKEYPrivateKeyInfo *pki, //this is the structure i need to
initialize
SECItem *nickname, // do i need this? or it can be NULL?
SECItem *publicValue, // what is this? the public modulus?
PRBool isPerm, // false?
PRBool isPrivate, // true?
unsigned int keyUsage, // whats this?
SECKEYPrivateKey **privk, // where the resulting key is stored
void *wincx) // NULL
with the SECKEYPrivateKeyInfo struct
how do i initialize the members:
PLArenaPool *arena; //this one i got it
SECItem version;// ??
SECAlgorithmID algorithm;// i found that in the switch it ask for
SEC_OID_PKCS1_RSA_ENCRYPTION; but i cant jsut assing this to the
variable
SECItem privateKey;// here ill set the unsigned char* buffer that
holds the exponent, and the length
SECKEYAttribute **attributes;// ??
Thanks for the help!
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
