Decoder of ASN.1 format to read RSA public key

lukin · ‎2023-11-14

Hello,

I am using the STM32 Cryptolib. I need to get the modulus and exponent of RSA public key from a .pub or .pem files. After decoded from base64 I need to decode the DER format (in ASN.1 format). Has anyone any suggestion of which libray may I use? Cryptolib only accept modulus and exponent has two parameters.

lukin · ‎2023-11-22

Hello everybody,

I solve by using wolfSSL library, which is available in STM32CubeIDE already. It allows to read pem public key and certificates. It allows to check certificate chain as well.

View solution in original post

STea · ‎2023-11-14

Hello @lukin ,

can you explain more what is the type of conversion you will need to do and how you generated the keys in the first place ?

meanwhile i suggest you do key formatting with a python script to give as an input for the cryptolib accepted format this is explained in this thread .

BR

In order to give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.

liaifat85 · ‎2023-11-14

Not sure but this thread may help you:

https://community.st.com/t5/stm32-mcus-security/stm32-cryptographic-library-rsa-pkcs-1-v1-5-encryption-unable-to/td-p/69453

lukin · ‎2023-11-14

Hi, I need to read PEM file, generated externally, which contain a RSA public key. I should extract the modulus and exponent in order to pass them to crypto library so to verify a signed file. I see openssl is a typical lib but size of the library is big. Any other way to retrieve this information?

Thank you

STea · ‎2023-11-15

Hello ,

do you need to do the extraction in the MCU or it can be done externally ? because if you can do this on your computer it can be done using python and then it can be feed to you code in C formatted table in hex representation .

BR

In order to give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.

lukin · ‎2023-11-15

Hello,

since pem or csr certificate would loaded externally on an SD card, it would be the best to decode the files. When using csr, I should also verify trust chain.

STea · ‎2023-11-20

Hello @lukin ,

in this case i recommend you use opensll library to decode the RSA key stored into you SD card .

This can be done by :

reading the key stored in the SD card using FatFS
decoding the buffer containing the RSA key with d2i_RSAPublicKey() function from openssl
use the RSA_get0_key() function to separate it to public and private exponents and the modulus

you will find in the attachment and example if this use-case hope this solves you problem.

BR

In order to give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.

lukin · ‎2023-11-22

Hello everybody,

I solve by using wolfSSL library, which is available in STM32CubeIDE already. It allows to read pem public key and certificates. It allows to check certificate chain as well.

lukin · ‎2023-11-22

Hi, thank you. I then preferred to use wolfSSL. It should be lighter than openssl. Isn't it?

STea · ‎2023-11-22

Hello @lukin

Indeed WolfSSL is lighter than OpenSSL and it's more suited for your application if you are concerned about memory usage . this is explained in the following link . OpenSSL has the edge when it comes to the robustness of the solution

because OpenSSL has a longer track record and a larger community of developers, which means it has been more extensively tested and audited.

The are basically the same in term of usage .

BR

In order to give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.