www.digitalmars.com         C & C++   DMDScript  

digitalmars.D.learn - Reading .pem files for secured

reply Dukc <ajieskola gmail.com> writes:
I need to manually sign and verify stuff with asymmetric crypto 
keys. I ended up using rsa from secured.

The key pair needs to be persistant between, so I made a 4096-bit 
private key with OpenSSL, stored in .pem file. Then I constructed 
a public key from the private one, again with OpenSSL. It seemed 
strange to me that I could generate a public key afterwards with 
the private key, instead of having to do both at the same time. I 
just thought that perhaps crypto is somehow cryptic enough to do 
that.

But then came a problem that I need to feed the key from .pem to 
initialize RSA class at 
https://github.com/LightBender/SecureD/blob/master/source/secured/rsa.d.
Someone at the internet claimed that .pem files are Base64-encoding. "Great,
there's a base64 handler in Phobos", was my reaction. It was easy to write a
parser, but I think something must have went wrong.

The reason is that if I understand the logic of Base64, it's that 
each character stores 6 bits. My private key .pem has 49 lines of 
64 characters worth of Base64, though the sat line isn't full. 
Anyway, this is data worth of over 18000 bits. The RSA key is 
supposed to be 4096 bits, so this can't be correct.

What am I missing?
May 31 2019
next sibling parent reply KnightMare <black80 bk.ru> writes:
 The reason is that if I understand the logic of Base64, it's 
 that each character stores 6 bits. My private key .pem has 49 
 lines of 64 characters worth of Base64, though the sat line 
 isn't full. Anyway, this is data worth of over 18000 bits. The 
 RSA key is supposed to be 4096 bits, so this can't be correct.

 What am I missing?
PEM is a X.509 certificate (whose structure is defined using ASN.1), encoded using the ASN.1 DER (distinguished encoding rules), then run through Base64 encoding and stuck between plain-text anchor lines (BEGIN CERTIFICATE and END CERTIFICATE).
May 31 2019
next sibling parent Dukc <ajieskola gmail.com> writes:
On Friday, 31 May 2019 at 11:09:07 UTC, KnightMare wrote:
 The reason is that if I understand the logic of Base64, it's 
 that each character stores 6 bits. My private key .pem has 49 
 lines of 64 characters worth of Base64, though the sat line 
 isn't full. Anyway, this is data worth of over 18000 bits. The 
 RSA key is supposed to be 4096 bits, so this can't be correct.

 What am I missing?
PEM is a X.509 certificate (whose structure is defined using ASN.1), encoded using the ASN.1 DER (distinguished encoding rules), then run through Base64 encoding and stuck between plain-text anchor lines (BEGIN CERTIFICATE and END CERTIFICATE).
Ouch. I quess I have to translate the file into something that doesn't contain any certification cruft I don't use. Back to reading OpenSSL manual... Thanks for the info.
May 31 2019
prev sibling parent KnightMare <black80 bk.ru> writes:
https://lapo.it/asn1js
but dont insert ur certificate there, generate new one for tests
May 31 2019
prev sibling next sibling parent reply Sebastiaan Koppe <mail skoppe.eu> writes:
On Friday, 31 May 2019 at 10:35:46 UTC, Dukc wrote:
 The key pair needs to be persistant between, so I made a 
 4096-bit private key with OpenSSL, stored in .pem file. Then I 
 constructed a public key from the private one, again with 
 OpenSSL. It seemed strange to me that I could generate a public 
 key afterwards with the private key, instead of having to do 
 both at the same time. I just thought that perhaps crypto is 
 somehow cryptic enough to do that.
The public key can always be constructed from the private key.
 But then came a problem that I need to feed the key from .pem 
 to initialize RSA class.
Just base64 decode the PEM data (without the ====) and feed it to RSA.this(ubyte[] publicKey). Ought to be that simple. Disclaimer: I have only used openssl directly. No experience with SecureD.
May 31 2019
next sibling parent Dukc <ajieskola gmail.com> writes:
On Friday, 31 May 2019 at 12:17:14 UTC, Sebastiaan Koppe wrote:
 Just base64 decode the PEM data (without the ====) and feed it 
 to RSA.this(ubyte[] publicKey). Ought to be that simple.
That's logic of SSL? Okay, I'll try that first.
Jun 02 2019
prev sibling next sibling parent Dukc <ajieskola gmail.com> writes:
On Friday, 31 May 2019 at 12:17:14 UTC, Sebastiaan Koppe wrote:
 Just base64 decode the PEM data (without the ====) and feed it 
 to RSA.this(ubyte[] publicKey). Ought to be that simple.
I assume the same should apply with private key and private key constructor (along with a random password of course)?
Jun 02 2019
prev sibling parent reply Dukc <ajieskola gmail.com> writes:
On Friday, 31 May 2019 at 12:17:14 UTC, Sebastiaan Koppe wrote:
 On Friday, 31 May 2019 at 10:35:46 UTC, Dukc wrote:
 But then came a problem that I need to feed the key from .pem 
 to initialize RSA class.
Just base64 decode the PEM data (without the ====) and feed it to RSA.this(ubyte[] publicKey). Ought to be that simple.
We were both wrong :-). It turned out that the correct way to initialize a SecureD RSA private key is to feed contents of .pem in without ANY processing.
Jun 06 2019
parent Sebastiaan Koppe <mail skoppe.eu> writes:
On Thursday, 6 June 2019 at 11:08:18 UTC, Dukc wrote:
 We were both wrong :-). It turned out that the correct way to 
 initialize a SecureD RSA private key is to feed contents of 
 .pem in without ANY processing.
Ah, they made it even easier :)
Jun 06 2019
prev sibling parent Dukc <ajieskola gmail.com> writes:
On Friday, 31 May 2019 at 10:35:46 UTC, Dukc wrote:
 if I understand the logic of Base64, it's that each character 
 stores 6 bits. My private key .pem has 49 lines of 64 
 characters worth of Base64, though the sat line isn't full. 
 Anyway, this is data worth of over 18000 bits. The RSA key is 
 supposed to be 4096 bits, so this can't be correct.

 What am I missing?
I think that what I missed was that .pem key files do not only contain the key, they also contain the public exponent (even though it's always the same 0x10001), and in case of private key, the root parameters used to generate the key pair (not sure if it contains the public key also). That explains why the private key file is so much larger than the key bit count would dictate. And by looking at members of RSA class at SecureD, I think it also keeps those extra components, implying that everything in .pem should go in (after decoding), not just the public or private key. Like Koppe said.
Jun 03 2019