I have generated an 256 bytes RSA keypair and I am now trying to write the public key into a PEM file. I am using this code:
// Put the public key inside a pem file
ofstream file("temppubkey.pem");
file.close();
FILE * pemFile = fopen("temppubkey.pem", "w");
PEM_write_PUBKEY(pemFile, servTempPubKey);
fclose(pemFile);
// Retreive key from pem file as a test
FILE * pem = fopen("temppubkey.pem", "r");
EVP_PKEY * key = EVP_PKEY_new();
PEM_read_PUBKEY(pem, &key, NULL, NULL);
fclose(pem);
// TEST
cout << "Pub key:\n";
BIO_dump_fp(stdout, (const char *) servTempPubKey, tempKeySize);
cout << "test key:\n";
BIO_dump_fp(stdout, (const char *) key, tempKeySize);
The result I get is usually good for 16 to 32 bytes but I always end up with a different key that I had to start with. Does anyone has any hints on what I am doing wrong here ?
EDIT
Here is the file written
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHKT/jXk5CwCVheWcWE2 DrIHml4EsO/IQ5/sDdbrzakryB4YLmu z90ShE5sYKixHq2oDrjnDbrTL2RYJSrC xQmUOztztFXqvh6yWaKlA0la/ehsCQSW8o2OONu84d9Pr3ZgQz4gTdjIeKqF96qm hhyLTrVA5qQD0aUgJRTxSbnESQBBvipdNFzGLT/I0kMK3lCbDfANDuhNL8iX8jp8 KNd6KqrOf3FfzYOII0uIvwVO0OCSm4rXCtIK2euskmCOEVYQZEbWgnzVf/Uos/9J bIEDKFks9pcia7uAhlPA/2CZjClQjHde/PcCFq7hRKwn4okoiM5zB9wl688uL/iX LQIDAQAB -----END PUBLIC KEY-----
It seems relatively correct from my experience pem files usually look like this.
CodePudding user response:
BIO_dump_fp
dumps raw binary bytes from a structure into the file.
Doing this kind of comparison, this way, only works if EVP_PKEY
points to a trivial type, with no padding.
OpenSSL's documentation makes no guarantees, whatsoever, what EVP_PKEY
's underlying object is. In fact, the definition of its contents is completely hidden from OpenSSL's public header files. Here's the verbatim definition of EVP_PKEY
taken from OpenSSL's types.h
header file:
typedef struct evp_pkey_st EVP_PKEY;
The End. No definition of what evp_pkey_st
is, anywhere. It'll remain an unsolveable mystery, forever.
It's considered to be private information, not even accessible from the public header files. You cannot make any assumption, whatsoever, what it's pointing to. It is an opaque handle, a pointer to some object whose allocation and deallocation is managed by OpenSSL, and you have no direct access to it, whatsoever.
It is unclear where the shown code obtains tempKeySize
from, or what it means, but it is unlikely to be the correct size of the underlying structure, of what the pointer is pointing to. OpenSSL does not make this information available, either.
In short, dumping some arbitrary number of bytes from wherever a particular EVP_PKEY
points to will not accomplish anything useful, and is likely to be undefined behavior, anyway.