Menu
▾
▴
Re: [Opensc-devel] Key format of pkcs11-tool --read-object --type pubkey
|
From: Douglas E E. <dee...@gm...> - 2016-03-24 18:04:47
|
What version of OpenSC are you using?
0.13.0 will output an RSA pubkey, i.e. sequence of modules and exponent. Not very useful.
openssl asn1parse -i -inform DER -in publickey.key
0:d=0 hl=4 l= 266 cons: SEQUENCE
4:d=1 hl=4 l= 257 prim: INTEGER
:D1C5D7F38C9134A4116D040DFE1066AF8B44A3BE6609C686A24F23E447906E33421BFEDC9DB16C2312306E63BA348B57A81D1CC241FE9813C0A02E343903D60315BC788289D44BFA2EC16B19D1CD8FB673CD90471F8301CFCCEE92E8A5119E6FEA76F9E4BC9C5F0120C606B6D1EC003D4606F49989D4D93DDE6C6AC6F079449219DA9063D319E93ACB5DBCB6AD9FD780BF6C94CBCC0AE542263E1772F283C0A2A8BDAFE0A6653004CA4D5CB3DF349FD87F10666F131B3FDE3C7D433D7C42374695E9B9FB73B655CA83F59838A1778504C11B82B94EBF5F247EA3D95F8E50A7C028C695ED16200F3B1C90C73FF25992458F0100222B5F6B6A12D5269AEA61DCC1
265:d=1 hl=2 l= 3 prim: INTEGER :010001
later versions, including 0.16.0 will output a SPKI, what OpenSSL can use as a pubkey:
pkcs11-tool --read-object --type pubkey --id 01 -o publickey.der
openssl asn1parse -i -inform DER -in publickey.der -dump
0:d=0 hl=4 l= 290 cons: SEQUENCE
4:d=1 hl=2 l= 13 cons: SEQUENCE
6:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption
17:d=2 hl=2 l= 0 prim: NULL
19:d=1 hl=4 l= 271 prim: BIT STRING
0000 - 00 30 82 01 0a 02 82 01-01 00 d1 c5 d7 f3 8c 91 .0..............
0010 - 34 a4 11 6d 04 0d fe 10-66 af 8b 44 a3 be 66 09 4..m....f..D..f.
0020 - c6 86 a2 4f 23 e4 47 90-6e 33 42 1b fe dc 9d b1 ...O#.G.n3B.....
0030 - 6c 23 12 30 6e 63 ba 34-8b 57 a8 1d 1c c2 41 fe l#.0nc.4.W....A.
0040 - 98 13 c0 a0 2e 34 39 03-d6 03 15 bc 78 82 89 d4 .....49.....x...
0050 - 4b fa 2e c1 6b 19 d1 cd-8f b6 73 cd 90 47 1f 83 K...k.....s..G..
0060 - 01 cf cc ee 92 e8 a5 11-9e 6f ea 76 f9 e4 bc 9c .........o.v....
0070 - 5f 01 20 c6 06 b6 d1 ec-00 3d 46 06 f4 99 89 d4 _. ......=F.....
0080 - d9 3d de 6c 6a c6 f0 79-44 92 19 da 90 63 d3 19 .=.lj..yD....c..
0090 - e9 3a cb 5d bc b6 ad 9f-d7 80 bf 6c 94 cb cc 0a .:.].......l....
00a0 - e5 42 26 3e 17 72 f2 83-c0 a2 a8 bd af e0 a6 65 .B&>.r.........e
00b0 - 30 04 ca 4d 5c b3 df 34-9f d8 7f 10 66 6f 13 1b 0..M\..4....fo..
00c0 - 3f de 3c 7d 43 3d 7c 42-37 46 95 e9 b9 fb 73 b6 ?.<}C=|B7F....s.
00d0 - 55 ca 83 f5 98 38 a1 77-85 04 c1 1b 82 b9 4e bf U....8.w......N.
00e0 - 5f 24 7e a3 d9 5f 8e 50-a7 c0 28 c6 95 ed 16 20 _$~.._.P..(....
00f0 - 0f 3b 1c 90 c7 3f f2 59-92 45 8f 01 00 22 2b 5f .;...?.Y.E..."+_
0100 - 6b 6a 12 d5 26 9a ea 61-dc c1 02 03 01 00 01 kj..&..a.......
On 3/24/2016 10:57 AM, Johannes Rath wrote:
> Hi all,
>
> I want to extract the public key and use it for encryption with OpenSSL. It works fine like this:
>
> /pkcs15-tool --read-public-key keyid -o publickey.pem/
>
> /openssl rsautl -inkey publickey.pem -pubin -encrypt -pkcs -in plaintext.txt -out ciphertext.txt/
>
> //
>
> But when I use pkcs11-tool the exported key is kind of weird. I am using:
>
> /pkcs11-tool --read-object --type pubkey --id keyid -o publickey.key/
>
> //
>
> I am trying to use publickey.key as the inkey for openssl rsautil -encrypt, but I always get an error from OpenSSL.
>
> Any ideas?
>
> Thanks in advance
>
> Johannes
>
>
>
> ------------------------------------------------------------------------------
> Transform Data into Opportunity.
> Accelerate data analysis in your applications with
> Intel Data Analytics Acceleration Library.
> Click to learn more.
> http://pubads.g.doubleclick.net/gampad/clk?id=278785351&iu=/4140
>
>
>
> _______________________________________________
> Opensc-devel mailing list
> Ope...@li...
> https://lists.sourceforge.net/lists/listinfo/opensc-devel
>
--
Douglas E. Engert <DEE...@gm...>
|
