From: Anshuman Gupta <anshuman.gupta@intel.com>
To: linux-crypto@vger.kernel.org
Subject: [Query] crypto_akcipher_set_pub_key API usages.
Date: Thu, 25 Jun 2020 18:50:18 +0530 [thread overview]
Message-ID: <20200625132017.GA15183@intel.com> (raw)
Hi,
I am trying to import a public key extracted along with signature(RSA-SHA384) from my header.
When i tried to import the public key buffer to algo crypto_akcipher_set_pub_key(), it fails
with -EBADMASG "ASN1: Unexpected tag" error msg.
My public in hex format and only contains modulus and exponent
(public key size is 3072 its).
As per DOCUMENTATION it should "BER encoded public key", as DER is just a stricter subset of BER encoding.
I had converted the my public key PEM file to DER format, and imported the key to crypto_akcipher_set_pub_key()
it still fails with EBADMSG.
After a lot of hidden trial i came to know it is the offset 24, which contian the data in which we are interested.
-------------------------------------------------
openssl asn1parse -in pub_pem.key -offset 24
0:d=0 hl=4 l= 394 cons: SEQUENCE
4:d=1 hl=4 l= 385 prim: INTEGER :C94B36C902FCAFFE985CB39429CECADF51C56ED5B188870CEC5CC30D68BC19CE492D96EA7043F88C43336699CC0D96A71797B87FFE1B5FAE899995F676EADCC69E2DB6B4990E76C6F6AA7144420287FD086D67D2F29B85D06F52D8404CC108627D7E8CC9DC9F3ED1A402116AC879DAF540EEBCAF9C2109C2BE43FE0179876D23280C4E37EE3BFFA1F175BB28683823D4E408865E9A680EE23D70F0B45169E9F21BC6F435D751B81C9BE53C8F864166F439168E00900858C77946B1669CA9E1C7887A04DB866C99B35301DF6935A190780082BF0605B21319C9FBBD8DC44226FB2E3C33EC1FD439B0459E0D798A14167167799113A2790FD456B79AC017CE3635519713967EF1FA16B40744188AF9C9608597D161F1D2119FBB0821A5A4C687EEC9470B7C8C2350379285E2BB8CFE38CDD633377198099057E71F371FF0AB8BF59F0D897B91D60F89A9F7B8D27D6F2C6C0C3364E29328AC1F6A6D0298706FCDECF9B3C0A7059A5F65DB701EEB2C0F882F55E801218EA517EDFAB65CD47644B3BF
393:d=1 hl=2 l= 3 prim: INTEGER :010001
-----------------------------------------------------
when i passed the DER formatted public key after offset 24,
crypto_akcipher_set_pub_key() has passed successfully.
I want to understand, why crypto_akcipher_set_pub_key() is expecting the
public key from a specific offset in DER formatted buffer.
Is this offset is generic, can we caluclate this offset generically?
What is the meaning of "cons: SEQUENCE" of 394 bytes in above asn1 parse output?
I could see something similar "/* sequence of 265 bytes */" in a linux Kerenl crypto test vector,
https://elixir.bootlin.com/linux/latest/source/crypto/testmgr.h#325
Please provide help and pointers to understand this.
Thanks,
Anshuman Gupta.
reply other threads:[~2020-06-25 13:32 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200625132017.GA15183@intel.com \
--to=anshuman.gupta@intel.com \
--cc=linux-crypto@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).