How to pass the public key in .pem file to the polarssl rsa_context

Question

I have a rsa 2048 bit public key in .pem file and I used this command 'openssl rsa -inform PEM -in rsa_public_key.pem -pubin -text' to get the module and the exponent. However I don't know how to pass it to the polarssl function with rsa_context format.

const char RSA_E[] = {0x01, 0x00, 0x01};
const char RSA_N[256] =
    {
0xa9, 0x71, 0x0b, 0x68, 0x16, 0xb1, 0x1c, 0x26, 0x62, 0x02, 0xee, 0xc6, 0x7b, 0x00,
0x1e, 0x1e, 0x79, 0x22, 0x86, 0x12, 0x9b, 0x90, 0x96, 0x8c, 0x90, 0x71, 0x90, 0x29, 0xb8,
0x6c, 0x72, 0x69, 0x2e, 0x9b, 0xb1, 0xb5, 0x28, 0x65, 0x16, 0x26, 0xae, 0xcb, 0x62, 0xc9,
0x67, 0xe1, 0x52, 0x88, 0xae, 0x75, 0x52, 0x16, 0x1b, 0xe1, 0xc7, 0xe5, 0x05, 0x69, 0xc9,
0xa2, 0x9b, 0x98, 0x9b, 0xb5, 0x10, 0x1b, 0xc5, 0xba, 0xc6, 0x15, 0x61, 0x69, 0xaa, 0x12,
0x26, 0x1e, 0xc7, 0x62, 0x6c, 0x66, 0x60, 0x0b, 0x18, 0x2c, 0x2e, 0x91, 0x22, 0x20, 0x67,
0x07, 0x96, 0x8e, 0x86, 0x79, 0xb2, 0xa9, 0x61, 0x75, 0x2a, 0x62, 0x96, 0x8b, 0x8b, 0x56,
0x2b, 0x06, 0x7e, 0xbb, 0x2e, 0xb9, 0xb8, 0x82, 0xe9, 0xbe, 0x6c, 0x81, 0x26, 0x59, 0x12,
0x99, 0x75, 0x1b, 0xc5, 0x60, 0x2c, 0x2e, 0x91, 0xb9, 0x59, 0x29, 0x6a, 0x6c, 0x61, 0xaa,
0x29, 0x6b, 0xcb, 0xa8, 0x06, 0x98, 0x51, 0x29, 0x86, 0xc9, 0x78, 0x61, 0xbc, 0x12, 0x61,
0x66, 0xbc, 0x6a, 0x89, 0x80, 0x18, 0x62, 0xc1, 0xc7, 0xaa, 0x09, 0x59, 0x26, 0x72, 0xe1,
0x2a, 0x76, 0x57, 0x9b, 0x8b, 0x28, 0x16, 0x62, 0x22, 0x6a, 0x89, 0x61, 0xc7, 0x11, 0x82,
0x19, 0x81, 0x61, 0x91, 0x88, 0xc1, 0x05, 0xb1, 0x26, 0xa2, 0x10, 0x9c, 0x51, 0x09, 0x98,
0x29, 0x95, 0x0c, 0x25, 0x7c, 0x81, 0x5a, 0x07, 0x99, 0x7a, 0x2e, 0x58, 0x16, 0xea, 0x99,
0x28, 0x70, 0x22, 0x6e, 0xb1, 0x9c, 0xa6, 0x1e, 0x97, 0x25, 0xa9, 0x18, 0x29, 0x6a, 0xe8,
0xc2, 0x19, 0xa2, 0xac, 0x71, 0x97, 0x12, 0x96, 0xbe, 0x29, 0xaa, 0xcb, 0x22, 0x52, 0x81,
0xb9, 0x71, 0xb1, 0x8e, 0x92, 0x8b, 0x8e, 0x72, 0x26, 0x56, 0x52, 0x99, 0x8e, 0x15, 0xe6,
0x6e, 0xb1
    };



static char* _get_rsa_pub_key(void) {
int i, length;
char* xor_content;
length = sizeof(RSA_E);
xor_content = (char*) malloc(length + 1);
for (i = 0; i < length; i++) {
    xor_content[i] = (RSA_E[i]) ^ MASK;
}
xor_content[i] = '\0';
return xor_content;
}

static int _check_key(const unsigned char * rsa_encrypted, unsigned char *      rsa_decrypted, int* out_len) {
int rst;
size_t len;
rsa_context rsa;
char* rsa_pub_key = NULL;

rsa_pub_key = _get_rsa_pub_key();
rsa_init(&rsa, RSA_PKCS_V15, 0);
rsa.len = KEY_LEN;
mpi_read_string(&rsa.N, 16, RSA_N);
mpi_read_string(&rsa.E, 16, rsa_pub_key);
rst = rsa_pkcs1_decrypt(&rsa, NULL, NULL, RSA_PUBLIC, &len, rsa_encrypted, rsa_decrypted, *out_len);
if (0 != rst)
    rst = -1;
rsa_free(&rsa);
*out_len = len;
free(rsa_pub_key);
return rst;

}

it always returns nothing. I think the problem is the format of rsa public key, but I don't know how to solve it.

Answer 1

You should probably consider using a newer version of PolarSSL (now called mbed TLS) instead.

Why don't you use the mbedtls_pk_parse_public_keyfile() , which is meant for this specific purpose (loading a public keyfile into a context)?